Skip to main content

PRISM, identity and control through data

Date

I recently wrote an article which will be published in the journal Thesis Eleven in October, in this paper I presented an argument about the ways in which certain aspects of digital culture are affecting identity and trust among other issues. One particular aspect which I focused on was some of the changes in the way surveillance is conducted through the accumulation, extraction and analysis of data on individuals and groups. One of my central claims was that surveillance for the purposes of national security and criminal justice is conducted in similar ways to the monitoring of consumers. The collation of “metadata” derived from online searches, connections on social networks or through mobile phone networks and websites. The time span of academic publishing is such that it is rarely possible to be completely up-to-date but the recent revelations of the practices of GCHQ and NSA in conjunction with internet companies such as Microsoft, Yahoo, Google and Facebook mean that my article already looks out of date for not addressing these events. The controversy does, however, provide a good opportunity to elaborate on some of the analytical points I made in the article and explore them in some more detail.

In the article I discussed how the USA enjoyed a certain kind of 'super jurisdiction' over cloud-based internet services. As the majority of the largest cloud-based services are run by companies such as Google, Amazon, Facebook and Microsoft which are US companies, they are subject to US law. This means the American government can press them for data requests. Requests we now know they have been complying with. In much of the discussion from columnists and politicians since Edward Snowden's leaking of the details of PRISM there have been statements in the UK media about the necessity of intelligence gathering to prevent "another 7/7" and that all intelligence gathering takes place "within the rule of law". The former co-coordinator of British intelligence attempted to reassure us that British authorities "behave in a perfectly law-abiding fashion". All of these points are largely irrelevant to the NSA/PRISM case as the US is, of course, not subject to UK law and is using their influence over US cloud computing services to look after their own interests.

Some UK commentators have been quick to compare the surveillance conducted via PRISM with the undercover operations of the UK investigating environmentalist movements and the family of Stephen Lawrence. This is a dangerous and misleading conflation as it misdirects us from the radical nature of the kind of electronic surveillance which is occurring. This new kind of surveillance shows little interest in the activities of specific individuals or the content of particular communications. The surveillance conducted using PRISM is comparable to that used for the identification of targets for drone strikes; decentred and networked. Targets for such strikes are identified on the basis of their geographical movements and position within networks of actors. Data on individuals is compared against pre-determined terrorist profiles; the specific identities of the individuals are often not known and not deemed to be of significance. This approach to identification and targets is legally justified by the US through an approach to counting civilian casualties which classifies all military-age males in a strike zone as combatants unless subsequently proven otherwise. Prior to Snowden’s leaks The Guardian ran a story about a piece of software which was being touted to the US government produced by a company called Raytheon. This software was called Rapid Information Overlay Technology (RIOT) which through 'extreme-scale analytics' is able to track online activity of where people are, when they were there and who they interact with in order to build a picture of them and decide whether they are a terrorist threat. The targets are deemed to represent a generalized threat due to their behaviour and interactions with others. It is their position within a network of actors and their movement through particular spaces which identifies them as a target. Similar profiling is taking place in the commercial sphere; a US company, Tapad, has developed a product they call a 'Device Graph'. This software uses '2 billion data points' to track and profile potential customers across devices they use to access the net allowing marketing tactics to be even more individually tailored. As with the techniques used by the US military and the CIA the Tapad software is making an educated guess that that the same individual is using the various devices and that their activities and connections can be used to infer future behaviour.  This is a kind of subjectivity which is not concerned with the specific identities of individuals but a networked, future-oriented subjectivity based on the collation of vast quantities of data to enable the manipulation, or negation, of future behavior. In the nineteenth century governments started to use new methods of data gathered on the level of the state to produce ‘statistics’ which they felt gave them the ability to predict, and intervene on, the development of populations. This is now being conducted on the level of the individual.

The US retitled their list of targets for drone strikes and other assassinations from the "kill list" to the "disposition matrix". This change of name is of course part of a long tradition in politics which seeks to drain questionable activities of their moral content through reclassification ("collateral damage" is perhaps the best example of this). It is called the "disposition matrix" because it brings the targets to a ‘final settlement’ but strangely it also works with a different meaning.  Many of the targets are included not because they have been proven guilty of any crime or because they individually pose any specific threat, rather, they are deemed to represent "dispositions" towards potential future actions. Commentators have suggested it is a particularly Orwellian title; (Philip K) Dickian is probably more appropriate.

The media has, wittingly or not, individualized the NSA/PRISM story by focusing on the ridiculous question of whether the whistle blower is a hero or traitor and conducting a farcical "Great Snowden Hunt". These are a distraction not only from the levels of surveillance being conducted but also from the ways in which governments and corporations are attempting to exercise control. This control is based on increasingly vast quantities of ever more detailed data on our actions and interactions. With this data governments and corporations attempt to predict and shape our future behaviour. This may or may not be concerning, helpful or simply banal. The consequences of such logics are nevertheless potentially transformative.

@chrishtill