Security and privacy in society

Solving the surveillance conundrum

Where: Royal Society, 6-9 Carlton House Terrace, London, SW1Y 5AG

When : 9 June 2014

Main organiser: Prof. Mark Ryan

Co-organiser: Gurchetan Grewal

Programme, Slides and Attendee list

The world learned that the US and other Western nations are amassing data about the minutiae of our daily lives on an unprecedented scale, when the former intelligence worker Edward Snowden began an ongoing series of revelations in June 2013. The data includes all forms of electronic communications between people, as well as web accesses, and financial and transport data, and the physical movements of people collected through mobile phone location tracking.

Although unsettling, the purpose of this mass surveillance is well-motivated, namely, to detect and prevent serious crimes such as terrorism, and to protect national security and the economic well-being of the UK. Protecting citizens from harm is indeed the first duty of government, and in a civilised society individuals have to be accountable to society as a whole. Privacy is therefore not an absolute right, but has to be reconciled with (and sometimes balanced against) other requirements, such as national security. But the revelations raise major questions for society about how “big data” – the masses of data about us recorded by computers every day – can be used.

As well as being useful to intelligence agencies, the data generated by our online lives is potentially hugely valuable to commercial organisations, including companies like Facebook and Google that directly collect it. Here again, there is a tension between an individual's need for privacy and the wish for functionality afforded by always-on mobile phones which are useful precisely because they can record our movements, communications, and our habits and associations.

The workshop focusses on how to resolve the tension between privacy and security in the future. As we live our lives increasingly online, more and more data about us is recorded by computers. In the future, our every action and thought will be potentially available to commercial organisations and intelligence agencies. The workshop explores legal, ethical and technological issues and future directions.

Themes and questions

1. Future need for surveillance and techniques

  • How much surveillance is necessary to combat terrorism and other serious crime?
  • At what point does bulk collection become mass surveillance? How can we establish appropriate limitations on the data-mining algorithms that can be used on the collected data?
  • To what extent does revealing the surveillance capability jeopardise its effectiveness? How can we introduce transparency of surveillance without compromising its effectiveness? Can what society doesn't know in fact hurt it?
  • How should we control the acquisition and exploitation of data by big companies (Examples include: Google, Apple, Vodafone, Tesco, Virgin, Facebook.) In what ways can the data interests of commerce be addressed without at the same time allowing companies unfettered access to the data generated by their customers?

2. Ethical and social issues

  • What limits should there be to the intrusions that nation states are allowed to make on their citizens communications? Should surveillance agencies in the future have access to our thoughts via the brain-computer interface?Alternatively, should there be an explicit new right to an inviolable private sphere, as technology increasingly augments our cognition?
  • How can we achieve a society in which people feel free, if governments and industry can obtain retrospective analysis on everything? (Examples include: people's thoughts, movements, actions, conversations and plans.)
  • What principles should underlie policy about what data is gathered and how it should be used? When should the requirement of security override that of privacy, and when not? How should individual privacy and societal security be reconciled (or balanced) in future societies?
  • Is surveillance of communications data (whether by industry or by government) fundamentally less privacy-intrusive than surveillance of content data? Do modern datamining methods actually make it more intrusive, when carried out on a large scale across many individuals?

3. Democratic control and accountability

  • How can surveillance be made accountable to citizens? Should the surveillance practised by the state be decided democratically?
  • Does parliamentary oversight of security agencies provide sufficient accountability? How can we be sure that surveillance agencies and data-intensive companies are obeying the law? How can we prevent data custodians (whether NSA, GCHQ, Google, or Facebook) circumventing country-specific legal restrictions by sharing data with each other?
  • In what ways can technology contribute to finding ways of reconciling or balancing opposing requirements? What kind of technology could be useful to make surveillance systems accountable?
  • Can we develop computing technology that better resists being subverted by powerful attackers such as nation states?
Programme, Slides and Attendee list

Contact information

Please email Professor Mark Ryan for enquiries.