The marshmallow, or the poker?

Well, now we have seen two parliamentary committees in action. We can now compare the Home Affairs Select Committee’s questioning of Alan Rusbridger (editor of The Guardian) with the Intelligence and Security Committee’s grilling [sic] of the heads of the intelligence services. I have previously described the latter as not so much a “grilling” (the BBC’s term) as a “soft pelting with marshmallows”. The ISC’s questions were pre-vetted, and a time-lag was introduced in the broadcasting of the session, just in case anyone suddenly read out GHCQ’s private RSA key by accident. All in all, I’ve had salads that were grilled more ruthlessly than the three intelligence heads.

Mr Rusbridger got a moderately friendly reception from some MPs, but there were definitely those who would cheerfully stick a poker up him and toast him over an open fire. This, despite a number of pre-publication checks the Guardian editor was able to list, with both US and British government departments (including GCHQ).

Conversely, I don’t believe Mr Rusbridger got an answer to the question of what kind of oversight [sic] is being applied, when a contractor like Snowden is just one of 850,000 people to whom top secret GCHQ files were potentially accessible.

Those of you who have heard me speak on privacy, or have been reading this blog for a while, will know that I often refer to the paradox of privacy versus secrecy. Privacy is not, it turns out, about keeping all your data secret; to describe a person as secretive is quite different from describing them as private.

As Vint Cerf has (albeit unintentionally) recently reminded us, privacy is a function of normal social interaction. Arguably, by the same token, secretiveness is about minimising social interaction – or, at least, minimising the extent to which it reveals data about oneself. So, give this a moment’s thought: which of two people develops better privacy skills… someone who engages in social interaction, or someone who is habitually secretive?

The secretive person need not worry much about the subtleties of privacy, because their instinct is to give nothing away in the first place. Someone who engages in normal social interaction, with an eye to privacy, is also sensitive to factors like context, appropriateness, discretion and personal trust. We all soon learn who among our friends is a gossip, and who can be trusted to keep a confidence.

And, in a way, this mirrors what we have seen as the Snowden revelations have unfurled; an organisation that is supposedly expert in secrecy has shown itself to lack selectiveness in what information it reveals to which of its employees, and to have poor disciplines of contextual disclosure. Which is strange, when you consider that the phrase “need to know” originated in the field of intelligence, with its need for strict compartmentalisation of information.

Conversely, the media companies that received the material have disclosed it selectively, with purpose, and – as far as the average citizen can judge – responsibly. In fact, that is also the judgement of the UN Special Rapporteur on counter-terrorism, Ben Emmerson, QC, who says that the public interest test in this instance is “a no-brainer”.

The organisations who publish information for a living turn out to be better at judging which information should go out and which should not, and at managing the process of separating the two.

Spare a thought, though, for the friends and families of NSA staff, while we’re on the subject of which things to publish and which to keep to oneself. Apparently concerned at the possibility of negative publicity over the US Thanksgiving holiday, the NSA thoughtfully provided its employees with a page of “Talking Points” for use with friends and family, for which I hope friends and family were duly thankful.

If there was much more irony in this, it would rust.