• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Home
  • About
    • Editorial Staff
      • Bryan Strawser, Editor in Chief, Strife
      • Dr Anna B. Plunkett, Founder, Women in Writing
      • Strife Journal Editors
      • Strife Blog Editors
      • Strife Communications Team
      • Senior Editors
      • Series Editors
      • Copy Editors
      • Strife Writing Fellows
      • Commissioning Editors
      • War Studies @ 60 Project Team
      • Web Team
    • Publication Ethics
    • Open Access Statement
  • Archive
  • Series
  • Strife Journal
  • Strife Policy Papers
    • Strife Policy Papers: Submission Guidelines
    • Vol 1, Issue 1 (June 2022): Perils in Plain Sight
  • Contact us
  • Submit to Strife!

Strife

The Academic Blog of the Department of War Studies, King's College London

  • Announcements
  • Articles
  • Book Reviews
  • Call for Papers
  • Features
  • Interviews
  • Strife Policy Papers
    • Strife Policy Papers: Submission Guidelines
    • Vol 1, Issue 1 (June 2022): Perils in Plain Sight
You are here: Home / Book Review / Review: "Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World" by Bruce Schneier

Review: "Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World" by Bruce Schneier

June 6, 2015 by Strife Staff

By: Christy Quinn:

Data and Goliath

Bruce Schneier, Data and Goliath: The Hidden Battles to Capture Your Data and Control Your World. 
New York, NY: W.W. Norton., 2015. Pp. 400. £ 17.99, ISBN: 978-0-393-24481-6.

If you’re not familiar with the Information Security community in the IT industry, it’s worth knowing that Bruce Schneier has earned the reputation of a prophet, sage and action hero combined. As a renowned cryptologist and technologist, Schneier has been a leading critic of the US government’s attempts to limit the global spread of encryption and recently of the NSA’s ‘bulk collection’ program of communication records of US citizens, following the disclosures by Edward Snowden in 2013. Data and Goliath, his latest book, addresses the challenge posed to privacy and individual liberty posed by both government “mass surveillance” and the exponential amounts of personal information collected by the private sector for profit.

One of the strongest insights to come from Data and Goliath is the symbiotic relationship between the commercial data gathering on users from private businesses and the arms of government security. Some of the more hysterical attacks on government surveillance perpetrated by crypto-anarchist campaigners like Julian Assange and Jacob Appelbaum have suggested that the Snowden revelations are evidence of the US government as an all-powerful police state with no physical or legal restrictions on its capability to reach into the lives of every person utilising digital communications around the world. Schneier suggests that many governments actually depend on private companies for data on their customers they gather for their own benefit in any case, and then either pay them for the privilege of collecting it or require it in return for market access. For example, telecommunications provider Vodafone provides approximately 29 countries direct access to internet traffic passing through their borders. In return, private companies are paying for more access to government records on citizens, such as drivers license data or anonymised health records, to enhance their own services. One of the results of the digital communication era has been the commodification of personal data, both as a means of national security and for private profit.

The crucial point of contention is whether the collection of customer data, often referred to as ‘metadata’, constitutes “mass surveillance”. One of the problems of establishing the nature of surveillance is the many different forms of metadata, which can vary considerably in the amount they tell you about the life of the individual. Schneier gives the example of telephony metadata, better known as call records. These do not give the collector the content of the call but instead the number dialed, the date of the call and the length of the call. A Stanford University study quoted by Schneier was able to establish considerable detail about the private lives of the anonymous participants from their call records alone, such as whether they were planning an abortion or growing marijuana in their own home. CIA director Michael Hayden, who is quoted in the book, is unequivocal about its value to US security; “we kill people based on metadata.”

However, this definition of metadata varies from jurisdiction to jurisdiction; while in the US, the terms used in Google searches are treated by the NSA as metadata, in the UK they are treated under surveillance laws as ‘content’ which requires a warrant from the Home Secretary to access. The changing nature of many online services also masks them from government bulk collection. For example, if the UK government was monitoring your Facebook activity on a passive bulk collection basis, rather than actively spying on you, in theory they would only be able to see that your IP address logged on to Facebook’s online website. Without a warrant, they would not be able to see your friend’s list, any messages you made within your Facebook network or which group pages you visited. Facebook, on the other hand, would have full access to your personal data, which they can utilise to sell advertising to you and would be obliged to hand over were they issued with a warrant. Messages from users outside the UK to users in the UK could qualify for bulk collection, but only if they were deemed ’necessary and proportionate’ under surveillance laws. Other jurisdictions such as Russia and China make no such nice distinctions and seek the ‘full take’ of a user’s internet activity, legalistic niceties be damned.

This results in a confusing picture, particularly as the proportion of metadata collected and analysed by governments remains to be national secrets. The recent backlash against bulk collection of telephony metadata in the US has resulted in the fall of the Patriot Act, of one of the pillars of the post 9/11 national security state. Bruce Schneier’s book is an excellent contribution to the debate over internet surveillance and is an ideal education as to how the processes of personal data collection work. However, it is clear that this debate is far from over and that ultimately users will have to come to terms with how much of their personal lives they are willing to disclose to others.


Christy Quinn studied International History at the London School of Economics & Political Science and is currently reading for an MA in Intelligence & International Security at Kings College London. His research interests are cyber security, national security strategy and the Asia-Pacific region. He is a Guest Editor at Strife. Follow him @ChristyQuinn

Filed Under: Book Review Tagged With: Cybersecurity, intelligence, security

Follow us on Twitter

Get updates on our articles, series, book reviews, and more!

 
Follow @strifeblog

Footer

Contact

The Strife Blog & Journal

King’s College London
Department of War Studies
Strand Campus
London
WC2R 2LS
United Kingdom

blog@strifeblog.org

 

Recent Posts

  • The Struggle for National Memory in Contemporary Nigeria
  • How UN Support for Insider Mediation Could Be a Breakthrough in the Kivu Conflict
  • Strife Series: Modern Conflict & Atrocity Prevention in Africa – Introduction
  • Strife Policy Papers: Volume 1, Issue 1 (June 2022) – Perils in Plain Sight
  • Strife announces Strife Policy Papers (SPP)

Tags

Afghanistan Africa Brexit China Climate Change conflict counterterrorism COVID-19 Cybersecurity Cyber Security Diplomacy Donald Trump drones Elections EU feature France India intelligence Iran Iraq ISIL ISIS Israel ma Myanmar NATO North Korea nuclear Pakistan Politics Russia security strategy Strife series Syria terrorism Turkey UK Ukraine United States us USA women Yemen

Licensed under Creative Commons (Attribution, Non-Commercial, No Derivatives) | Proudly powered by Wordpress & the Genesis Framework