Some UK politicians are trying once again to pass mass surveillance laws after the Paris attacks. It's a misguided approach, says a computing researcher

Contributing to vast amounts of imperfect intelligence data? (Image: Amer Ghazzal /Demotix/Press Association Images)

In response to the terrorist attacks in Paris, the UK government is redoubling its efforts to engage in mass surveillance.

Prime minister David Cameron wants to reintroduce the so-called snoopers’ charter – properly, the Communications Data Bill – which would compel telecoms companies to keep records of all internet, email and cellphone activity. He also wants to ban encrypted communications services.

Cameron seems to believe terrorist attacks can be prevented if only mass surveillance, by the UK’s intelligence-gathering centre GCHQ and the US National Security Agency, reaches the degree of perfection portrayed in his favourite TV dramas, where computers magically pinpoint the bad guys. Computers don’t work this way in real life and neither does mass surveillance.


Brothers Said and Cherif Kouachi and Amedy Coulibaly, who murdered 17 people, were known to the French security services and considered a serious threat. France has blanket electronic surveillance. It didn’t avert what happened.

Imperfect information

Police, intelligence and security systems are imperfect. They process vast amounts of imperfect intelligence data and do not have the resources to monitor all known suspects 24/7. The French authorities lost track of these extremists long enough for them to carry out their murderous acts. You cannot fix any of this by treating the entire population as suspects and then engaging in suspicionless, blanket collection and processing of personal data.

Mass data collectors can dig deeply into anyone’s digital persona but don’t have the resources to do so with everyone. Surveillance of the entire population, the vast majority of whom are innocent, leads to the diversion of limited intelligence resources in pursuit of huge numbers of false leads. Terrorists are comparatively rare, so finding one is a needle in a haystack problem. You don’t make it easier by throwing more needleless hay on the stack.

It is statistically impossible for total population surveillance to be an effective tool for catching terrorists.

Even if your magic terrorist-catching machine has a false positive rate of 1 in 1000 – and no security technology comes anywhere near this – every time you asked it for suspects in the UK it would flag 60,000 innocent people.

Law enforcement and security services need to be able to move with the times, use modern digital technologies intelligently and through targeted data preservation – not a mass surveillance regime – to engage in court-supervised technological surveillance of individuals whom they have reasonable cause to suspect. That is not, however, the same as building an infrastructure of mass surveillance.

Mass surveillance makes the job of the security services more difficult and the rest of us less secure.