Data, Security and Me

Nicola Biggerstaff

Information leakage has come a long way since the Cold War. From physical breaking and entering, now anyone who wishes to unleash international chaos can do so with just a few correct clicks and keystrokes, or even taps on a phone. The latest incident in the United States, which saw a 21-year-old airman charged with leaking a cache of intelligence on their foreign operations, has once again divided opinion. While some argue that the motives were personal, suggesting that he was simply looking for the approval of online acquaintances, rather than releasing them out of concern for the national interest, what does this say about the future of national security procedures? What lessons can we take away from this over here to improve our own security infrastructure without compromising transparency in governance?

Earlier this month, images of secret files belonging to US intelligence appeared on Discord, the social media messaging app. They contained key details on US foreign policy, including intel on movements of special forces in Ukraine, and covert surveillance around the world. According to the BBC, the files claim that, in Ukraine, the UK, US, Latvia, France and the Netherlands all have contingencies fighting on the frontlines. It also details the US government’s concerns over weapons supplies, and detailed correspondence of the UN Chief Antonio Guterres on the Russia-Ukraine grain deal, as well as South Korean plans to deliver weapons to Ukraine.  Elsewhere, the files claim that Jordanian officials have discussed the exclusion of Chinese-based tech giant Huawei from their 5G rollout plans for the country. They also include details of Chinese weapons testing.

The circumstances surrounding the leak have been the subject od heated discussion online. Discord has been used previously to organise far-right rallies in the US, including the Charlottesville ‘Unite the Right’ rally which led to the death of one person. The specific website server on which the files first appeared was initially used by a group of friends to discuss the video game Minecraft, before the accused began to post images of the files.

The damage done to American operations is claimed to be an extreme threat to national security as well as the safety of military personnel in Ukraine. However, the lack of surprise at the revelations among the general public reaction speaks volumes to the decreasing levels of trust in Western governments. Only weeks after TikTok came under fire for potential data breaches, disguised as concern over foreign surveillance, the US is now scrambling to spin their latest domestic breach as the agenda of a disgruntled young man desperate for attention on the internet. The variety of files leaked would suggest this, since the lack of theme among them suggests there was no national interest motive behind the leak as there has been previously. But whether or not this theory holds weight is irrelevant. Regardless of intent, it has happened. We can question how on earth a part-time serviceman ended up with these documents and debate the efficacy of security clearances until the end of time. But, with the fallout in such early stages, and with the investigation and judicial process still underway, we simply do not know.

Now we have to, as citizens of a democracy, ensure that the information that has been released into the public domain is used in an appropriate manner, and that the appropriate people are held to account. Why are we not shocked at the complete disregard for privacy once again displayed by the US federal government? Who else do they have intel on? Is this just the tip of the iceberg?

In the age of mass surveillance, and mass polarised panic, it is important that we plan our infrastructure for a future independent state which protects the data of its government and citizens from foreign interference. One which favours open source software and encryption, and one in which Scotland has the potential to become world leading in transparent governance. In other words, all is not lost.

Common Weal’s policy on data security is also laid out in Sorted, and would ensure that government transparency with user data becomes standard practice. From the start, Scotland would adopt a Person-Centred Data Strategy, where the individual can control which services are permitted to access their own personal data. Improved IT infrastructure would then ensure that data storage works for everyone: that our information remains safe, secure, and free from foreign interference.

Personal Data Stores would allow a person constant access to their own information, control what companies or government entities can access this information, and grant or withdraw these permissions at any time. This way, a person could finally use their data to their advantage, control their own access to public services, finances, and public records. One portal that meets all our data needs and cannot be accessed by outside or private interests.

Moving forward, we also need to examine our own relations with global powers. The United States government has once again gone been caught red-handed engaged in covert surveillance and, despite the unconventional way in which this information reached the public domain, we should highly encourage that this latest betrayal of public trust be fully investigated, and that the findings should be made available to the public.