IN THIS TWO-part series, we go inside the murky world of surveillance in Ireland, and expose the alarming gap between what agents of the state can do to you, and what you are allowed to know, and do, about it.

In Part One, we examined the extraordinary powers given to Gardaí, the Defence Forces, and Revenue, and what we know about how they use those powers.

In the second part, we look at what the Irish government is refusing to reveal about surveillance, the disastrous consequences when state monitoring goes unchecked, and ask – how do we compare to other countries?

What do we NOT know?

Source: Garry Knight via lick

Obtaining even basic information about the exercise of these extensive surveillance powers has been extremely difficult.

TheJournal.ie sent Freedom of Information requests seeking basic statistical information about surveillance and wiretapping to the Departments of the Taoiseach, Justice and Communications, as well as the Defence Forces, the Courts Service, and Revenue.

In all cases we were told either the records do not exist, or cannot be released.

An Garda Síochána has been given an extra six months, until October 2015, to be compliant with the 2014 FOI Act, but TheJournal.ie asked them for statistics anyway.

That request was also rejected.

In its refusal to disclose records about the 1993 Act, the Department of Justice invoked parts of the FOI Act which provide for non-disclosure “to prevent the impairment of law enforcement and public safety and to prevent adversely affecting the security and defence of the State.”

It is the decision maker’s opinion that to reveal information in respect of interception authorisations, including the number sought and granted, would be prejudicial to the public interest (Emphasis added).

Independent TD Mick Wallace has repeatedly raised the issue in the Dáil with the Taoiseach and former Justice Minister Alan Shatter, and sees a complete lack of transparency surrounding state surveillance.

Mick Wallace and then Justice Minister Alan Shatter debating the Garda penalty points scandal. Source: RTÉ via YouTube

“With their own so-called oversight, they have a judge that comes in once a year, and is under no obligation to actually look at figures or statistics,” he told TheJournal.ie.

Some reports have contained approximations (“under 100,” “a small double figure number”) but no judge has ever included actual figures or statistics in his annual review.

In 2013, [Justice Iarfhlaith O'Neill] was able to look at the details in McKee Barracks [the Defence Forces], the Department of Justice, Revenue and Garda Headquarters in the Phoenix Park, all in one day, which is great going.

And he said he was very happy with everything he saw.

In an exchange with Alan Shatter last year, at the height of the scandal surrounding alleged Garda bugging of GSOC and recording of legally privileged phone conversations, Wallace said Gardaí were “a law unto themselves.”

The request for statistics does not threaten in any way or reveal any Garda methods or operations as they are general figures and do not relate to specific operations.

The Minister cannot prove this system is functioning unless he gives us the statistics.

In response to a query from TheJournal.ie, a spokesperson for Justice Minister Frances Fitzgerald reaffirmed the long-standing refusal to publish statistics:

This is for sound reasons of public policy related to national security and the investigation of serious crimes which may be hindered by the publication of such information.

Particular considerations arise in Ireland given the small size of the jurisdiction and the specific terrorist threat posed by paramilitary groups.

‘Catastrophic’ errors?

File photo of UK police confiscating computer equipment. Source: PA

We don’t know when Gardaí and others make mistakes in their monitoring and surveillance.

In Britain – where statistics and other details are published – there have been cases where technical errors lead to “catastrophic” consequences.

One official report gave this harrowing example:

Police took swift action when information from a reliable source suggested that a number of very young children were at immediate risk of falling into the hands of a paedophile ring.

Subscriber information relating to an Internet Protocol (IP) Address was obtained in order to locate an address for the children, but unfortunately it would appear this was not correct.

The police entered the address and arrested a person who was completely innocent…

What was the error? Confusion between an Internet Service Provider (ISP) and law enforcement, over the time zone of a particular IP address.

The UK experience also shows that, more often than not, it’s public bodies – not telecommunications companies – who make such mistakes.

An analysis of official figures by British lawyer Graham Smith, shows that over the last decade, 72% of “data errors” – incorrectly entered IP addresses, confusion involving Daylight saving time – were the fault of state agencies.

The incident described above, according to the report, led to reforms designed to improve the process.

In Ireland, we simply don’t know how many mistakes – catastrophic or otherwise – are being made.

Without the scrutiny that comes with comprehensive, published reports, Gardaí and others lack that particular incentive to improve their systems.

Digital Rights Ireland chairman TJ McIntyre explains:

It’s not that the telecommunications companies or police here make fewer mistakes – we just don’t have anybody actually picking up on it.

‘Off the books’ operations?

We also don’t know the extent to which Irish state agencies depend on companies to monitor internet and phone activity, as governed by the 2011 Communications (Retention of Data) Act, or whether they do it themselves.

TJ McIntyre says:

If this is something that’s being handled purely at the telecommunications company’s end, there will be some system in place that generates a paper trail.

But if it’s something that’s being done internally, either by the Gardaí or the Defence Forces, and they have the technology to do it independently, then there’s no guarantee of a paper trail, and you could have something being done ‘off the books.’

Last year, Vodafone asked the government for guidance on publishing the number of requests they had received for user data, in putting together their Transparency Report.

The Department of Justice controversially instructed Vodafone they were prohibited by law from doing so.

Is this situation normal?

NSA whistleblower Edward Snowden Source: AP/Press Association Images

When it comes to international standards, McIntyre says Ireland ranks “very, very low indeed.”

The UK model is not particularly advanced, by any means, but it’s still much better than here.

Despite major controversies surrounding mass surveillance by Britain’s Government Communications Headquarters (GCHQ), there is at least a system of record-keeping when it comes to surveillance and monitoring of the public there.

The Interception of Communications Commissioner’s Office keeps track of how often and why state agencies request user data from telecommunications companies.

In his 104-page report for 2014, the Commissioner provides extensive statistics, detailed breakdowns of the purpose of interception requests, and even figures and a breakdown of unlawful or mistaken interceptions.

The Office of Surveillance Commissioners provides similarly extensive and detailed annual reports, including statistics and breakdowns on “property interference,” “intrusive surveillance,” and also “irregularities” – unlawful or mistaken surveillance.

GCHQ, near Cheltenham. Source: Barry Batchelor/PA

A series of revelations about National Security Agency (NSA) wiretapping and data collection has battered the global reputation of the United States.

But even there, transparency and oversight of surveillance is superior to our own.

#Open journalism No news is bad news Support The Journal Your contributions will help us continue to deliver the stories that are important to you Support us now

A 1968 law requires US courts to submit annual reports to Congress on the number of authorisations for phone-tapping and email interception, including a breakdown of the purpose of requests, and even their average cost to the tax-payer.

In Ireland, the law requires the exact opposite.

Both Revenue and the Gardaí, in refusing TheJournal.ie’s requests for statistics on surveillance, invoked Section 13 of the 2009 Act, which forbids disclosing “any information in connection with the operation of this Act in relation to surveillance…”

The maximum punishment for sharing “any information” about state surveillance? A five-year prison sentence and €50,000 fine.

New regime?

Source: Mark Stedman/Photocall Ireland

On replacing Alan Shatter as Justice Minister last May, Frances Fitzgerald promised a “new era” of reform, accountability and transparency in the Gardaí and the administration of justice.

But Wexford TD Mick Wallace says “we haven’t seen 5% of that.”

I’d like to be able to say that things were improving for the better under the new Commissioner and the new Minister for Justice, but sadly, everything has stayed the same.

When it comes to surveillance, Fitzgerald has made one change that Wallace had previously called for - giving GSOC new powers to bug, wiretap and track Gardaí.

But she has also sidestepped questions on surveillance programmes.

Last September, for example, Independent TD Clare Daly asked for the number of court orders to “tap-monitor text and call data” in the last five years.

Fitzgerald (rightly) corrected Daly, pointing out that she herself, the Justice Minister, was responsible for 1993 Act authorisations, and not the courts.

But she didn’t say how often she and her predecessors had actually done it.

Which was the point of the question.

Documents

1993 Interception of Postal Packets and Telecommunications (Messages) Act

2009 Criminal Justice (Surveillance) Act

2011 Communications (Retention of Data) Act

Designated judges’ reports on the 1993 Act:

1994-2004

2006-2014

Designated judges’ reports on the 2009 Act, 2010-2014