Monday, July 10, 2017

Quis custodiet ipsos custodes? Malcolm Turnbull, Alastair MacGibbon and the latest proposed internet controls

The Latin phrase "quis custodiet ipsos custodes?",   "who will guard the guards themselves?", first appears in the Roman poet Juvenal's Satires (Satire VI, lines 347–348). According to Wikipedia, the original context deals with the problem of ensuring marital fidelity, though it is now commonly used more generally to refer to the problem of controlling the actions of persons in positions of power.

I was reminded of this phrase listening to an interview with Australian Prime Minister Turnbull's National Cybersecurity Adviser Alastair MacGibbon on the need to crack down on encrypted technology in the fight against terrorism. In response to civil liberty questions. Mr MacGibbon used phrases such as "lawful access to information" and "the reality is" to assure us that action was necessary for our own security and that Government would not misuse the powers, that safeguards exist to prevent that misuse.

Two questions arise. First, can we trust the Australian Government not to misuse added powers? Secondly, even if we can, can we assume that our existing system of Government will survive, that a future Australian government might not take a different approach?

Many years ago, I was acting branch head in the Commonwealth Treasury's Foreign Investment Division. We were dealing with a foreign takeover application. The Australian Taxation Office (ATO) asked us to place a freeze on the takeover, but could not explain for confidentiality reasons beyond a broad statement that Australian taxation evasion might be involved. It was a slightly murky case involving possible loans and transfer payments. When I modelled it, I realised that the only way in which evasion might be relevant is if the Australian company and foreign company were in fact owned by the same Australian residents. The problem then was that if that was the case, a blocking order under the Foreign Takeovers Act would be invalid since the Act did not apply to takeovers by Australian owned entities. We therefore had to ignore the taxation issue and recommended that a blocking order not be issued.

Two points to note about this case. The first is the clear separation between Government functions and powers. We would not misuse one power to support another. The second is protection of taxpayer information, the consequent inability to provide taxpayer information to another agency. There were good practical reasons for this. ATO data was sacrosanct not just because ATO was bound by its Act but because this maximised revenue. In very simple terms, if you made money illegally, you were still expected to pay tax on it. The question of legality or otherwise of the activity was a matter for other agencies. If you broke this principle, then people would become even more reluctant to provide taxation information - and cash.

Both principles, separation and confidentiality, have been eroded in the years since. It is just too attractive for Government not to use one power to reinforce another or to seek the immediate benefits offered by big data consolidation and matching to achieve policy objectives. This provides an immediate sugar hit, a short term benefit, but has also resulted in growing mistrust within the community. I think most Australians would now believe that if they provide (or Government is able to access) information to government for one purpose, they will ultimately use it for another regardless of promises at the time.

That said, while more wary, most Australians still trust Australian governments in a general sense. There are protections built into our system, including the rule of law. That brings me to my second question, .can we assume that our existing system of Government will survive, that a future Australian government might not take a different approach?

The short answer has to be no. I don't think many Germans in the Weimar Republic foresaw the rise of Hitler nor the form the Nazi regime would take, none would have foreseen East Germany and the Stasi. Think how those regimes could have used big data and data matching. Could Oscar Schindler have survived if there was someone in Berlin monitoring his KPIs and every movement using modern computer technology?

In similar vein, the question of what determines a terrorist is really only decided after the event and by the winners. This really takes me down a different track. For the moment, I would just note to Alastair MacGibbon that the question of lawful access to information depends on the laws, on legal systems, that can be changed; that there is growing distrust of Government even in Australia: that we cannot assume that information and processes will not be misused; and that short term fixes often create long-term problems,

To use one of his phrases,  the reality is that quis custodiet ipsos custodes continues to apply and continues to be a problem. I think that we need a a lot more information on possible changes that will be used equally by the governments of Malcolm Turnbull and Vladimir Putin.  

No comments: