Widening state surveillance of the web and stories about corporate phone hacking have made journalists increasingly concerned about the security of their communications. In this context Eveline Lubbers‘ book on corporate and police surveillance, Secret Manoeuvres in the Dark, is particularly timely.
The book focuses on a number of well-researched cases from the past two decades involving subterfuge by private companies and police – sometimes in collaboration with each other.
Each case provides key insights into the methods used to gather information on campaigners, activists and researchers, and to use that in strategies against them – but it also details strategies to mislead journalists and influence publishers.
It is in these latter cases that the book proves particularly valuable to journalists wishing to know the right questions to ask to avoid being ‘spun’.
The case studies of infiltration include Nestle and Shell‘s ‘divide and conquer’ strategy to break boycotts; the skewing impact of McDonald’s use of several infiltrators on a small campaign group; how British Aerospace used intelligence to undermine the Campaign Against Arms Trade; and how a freelance spy working for both state and corporate clients posed as a documentary maker in order to gain access and information – including intelligence on Greenpeace which was used to identify the best legal devices to paralyse their operations.
All include useful pointers for journalists who might find themselves reporting on campaigns or legal cases.
Fake online personas
It is chapter 5, however, which provides the truly essential reading: covering cybersurveillance and strategy it profiles three agencies: Infonic, who advised on counterstrategies to prevent regulations which would make electronics manufacturers responsible for their own toxic waste; eWatch, who “offered to ‘neutralize news’ and to identify and ‘eliminate’ online activists” and the Bivings Group.
Bivings’s is the key case study here: a lesson in how the credibility of research might be undermined by attempts to smear scientists using fake online personas:
“To minimize the impact of the paper in Nature, Monsanto and Bivings tried to influence its discussion amongst scientists. Together they created fake identities purposefully for a covert counterstrategy to discredit the authors of the paper.”
This strategy included challenging the impartiality of one author; implying that she was paid by activists, was an activist herself, or had colluded with activists; and falsely claiming that the research had not been peer-reviewed.
“Together [the fake identities] posted around 60 messages, which stimulated hundreds of others, some of which repeated the accusations they had made. Several biotechnologists called for [one author] to be sacked from Berkeley … Nature eventually gave in to the pressure and retracted the article – an unprecedented decision … Just a few days before crucial negotiations at the UN Convention on Biological Diversity”
The forum hosting the discussion also had links to Bivings.
A second case study in the chapter describes how flight attendants were sacked based on their contributions to an industry forum. Crucially:
“The company obtained a court order requiring 43 named defendants to turn over their office and home computer equipment. Instead of going to the authorities, the machines were handed to the accounting company Ernst & Young. They copied information and communications before returning the computers … [Harvard law scholars] queried whether an employee who expresses support for a sickout or strike on a publicly accessible website should properly become the target of further investigation … [also] such searches mark a departure from normal evidence-gathering procedures. Usually, parties that have to produce evidence in a civil law case are permitted to do their own review and then turn over relevant material.”
Clearly this has implications for source confidentiality. By way of an aside Lubbers mentions research by Gartner which found that:
“The market for systems used to mine emails for keywords and security breaches grew by 50 per cent in 2008. The fastest-growing area is network forensic software, recording exactly what happens on employees’ computer screens.”
More research, more regulation needed
As you might expect from a researcher-investigator, the book sets these case studies in an academic framework, a rigorous approach which makes for a sometimes dense read but also makes an exceptionally strong case for further research.
As Lubbers explains in her introduction and conclusion:
“Corporate spying and infiltration should not be considered as just another set of counterstrategies, grouped alongside greenwash or lobbying. Corporate spying and infiltration can be used as such, but there is more to it. Spying also involves the gathering of intelligence that precedes the development of corporate counterstrategy. Or – vice versa – a corporation does not spy on its critics just to know what is going on: it does so to be prepared and to defend itself.
“A corporate choice for covert action implies a refusal to discuss the damaging effects of production or trade in a public debate … The efforts to undermine the work of corporate critics qualify sometimes as efforts to keep issues off the public agenda, sometimes as attempts to diminish their effect once they are already in the public domain. As a result, decision-makers may make policies based on distorted information, or without awareness of alternatives … people might not even know that there is a problem.”
In her conclusion Lubbers calls for a new field of study to be established to explore the issues raised by these practices, and also emphasises the need for a legal framework to regulate and possibly license private intelligence:
“A system of accountability and transparency would have to include terms for access to information, and thus opportunities for discovery. Of no less importance would be provisions for the targets of surveillance, infiltration and corporate strategy to take legal action. What is required is a framework that acknowledges and warrants the rights of those people and groups who are or have been the objects of covert operations. Of course, this is easier said than done … The protection of constitutional rights such as the freedom of association and freedom of expression … may require a more active role for an ombudsman or a privacy commissioner.”
- For more on the same areas, James Bridle‘s longform article Ring of Steel provides a first class insight into the widespread use of automated numberplate recognition (ANPR) for surveillance and profiling by both police and the private sector.
- The book Undercover by The Guardian’s Paul Lewis and Rob Evans explores how undercover police officers were used to infiltrate movements, engaging in sexual relationships and fathering children as part of their ‘cover’.
- This Machine Kills Secrets deals with the history of leaks but includes many details about surveillance and security. We reviewed it here.
Pingback: Web security for journalists – review | Online Journalism Blog