Internet giants have more personal information than any intelligence agency has ever had or should have, according to a former director of GCHQ.

Sir David Omand said profiting from information that people freely gave to companies such as Google and Facebook was “truly dangerous and a major threat to democracy”. In contrast to “extraordinarily strictly regulated” British intelligence agencies, the power of the internet companies was uncontrolled.

“Nobody has worked out how to control the private use of our information,” he told The Times and The Sunday Times Cheltenham Literature Festival yesterday. “It’s a fact that the internet companies know more about me, you, everyone in the hall than any intelligence agency ever could or should know.”

Sir David, who was in charge at the signals intelligence organisation based in Cheltenham in the 1990s, likened the rise of the internet to the story about the blues guitarist Robert Johnson, who was said to have sold his soul to the devil at a crossroads in exchange for becoming the best musician in the world.

“Then he had to pay for his success and the internet is like that,” he said. “It was all wonderful to start with, all open, the bad guys weren’t there. Now the downside of the internet is very serious. It is very dangerous, dangerous for children, dangerous for anyone trying to do financial business.”

Sir David accepted that the Investigatory Powers Act 2016, which, for example, compelled a senior judge to countersign any surveillance warrant, had left Britain’s agencies like “going on a football pitch with eight players and a goalkeeper with his hands tied”.

He said that while there had been qualms within the intelligence community “in a democracy you are entitled to know what kinds of methods are being used to keep us safe”.

“The big revelation over the last couple of years has not been about government intelligence agencies,” he added. “It has been about the private sector.”

The Cambridge Analytica scandal — in which the company used the personal data of Facebook users for political advertising, for which Facebook was fined — showed how information was becoming the “feedstock for political campaigning”.

He said that people “freely give our personal data in return for having an internet free at the point of use so we can do our searches and so on. And that information is monetised and that is the feedstock for political campaigning, where a political party can send different messages to different groups of people because they already knew what individuals likely political preferences are. This is truly dangerous. I think it is a major threat to democracy and it is uncontrolled.”

Sir David, who was talking to Richard Aldrich, who has written a history of GCHQ, said that Britain was vulnerable to a cyberattack, adding: “It is difficult to give any assurance that the attackers will not get through and cause damage, perhaps damage which they were not even intending”.

Aldrich said that the challenge over the next decade for GCHQ was to tackle the threats posed by everyday items that were internet-enabled. “They have to worry about everything we buy in the shop that costs under £10 that connects to the internet,” he said. “Because the degree of cybersecurity is very weak.”

He said the person at the centre of this “alarming landscape of malware is the director of GCHQ”. He envisaged a scenario in which ten internet- enabled fridges across Los Angeles could be “simultaneously set on fire by hackers”.

He added: “Who needs an air force when you have the internet of things? This is very, very alarming and difficult territory.”

More girls applying to GCHQ summer school

An increase in girls applying for places at GCHQ summer school has been welcomed by spy chiefs (writes Lucy Fisher.) Applications from girls aged 11-17 for the CyberFirst programme rose almost 50 per cent on last year. Overall applications rose by 30 per cent.

The courses are run by the National Cyber Security Centre (NCSC), which is responsible for defending the digital homeland. They aim to encourage children to explore how everyday technology works and include lectures, practical work and guest speakers.

This year 930 girls applied for places, compared with 630 in 2018. GCHQ is also offering yearly bursaries of £4,000 to study cybersecurity at university.

Chris Ensor, NCSC deputy director for growth, said: “It’s never been more important to increase and diversify the cybersecurity workforce and we’re committed to nurturing the next generation of skilled experts and addressing the gender imbalance.”

 

Source: thetimes.co.uk