Nuestro Mundo no esta en Venta: Digitalisation and the security state

To begin with, it is worth outlining what is meant here by the terms “digitalisation” and “security state”. We consider digitalisation to be a process by which activities and information that were not previously recorded in any durable way, or which were stored on analog storage media (paper, tapes, microfilm, etc.), come to be recorded on digital media. Digitalisation is, in short, the process by which digital data and/or information is produced. Examples include the recording of individuals’ music preferences and listening habits by online streaming platforms; the generation of long-term records of whom an individual has conversations with and when those conversations take place, via apps such as Whatsapp and Signal; or logs of an individuals’ location and everyday habits through the logging of Global Position Satellite (GPS) data created by smartphone users.

What this means is well summed-up by a paper produced by the Portuguese Presidency of the Council of the EU some 15 years ago:

“Every object the individual uses, every transaction they make and almost everywhere they go will create a detailed digital record. This will generate a wealth of information for public security organisations, and create huge opportunities for more effective and productive public security efforts.”¹

As for the security state, it serves here as convenient shorthand for those agencies, institutions, bodies – whether public or private – that have a role in facilitating or implementing laws and policies of repression or control. The security state is not necessarily a fixed entity or set of entities (for example, the companies contracted by the state to power a particular function may change over time), but rather an amalgamation or ‘assemblage’ of entities used to carry out functions concerned with surveillance and control of the population (or, at least, those elements of the population deemed troublesome, subversive, or disorderly). In this regard, it encompasses institutions such as the police or border agencies but can also include schools, doctors, landlords and employers, as exemplified by the UK’s “Prevent” counter-terrorism scheme² and “hostile environment” for undocumented migrants.³

In the context of digitalisation, it is vital to consider the security state as encompassing both public and private entities. As a declassified report by the Senior Advisory Group to the US Office of the Director of National Intelligence noted:

“The government would never have been permitted to compel billions of people to carry location tracking devices on their persons at all times, to log and track most of their social interactions, or to keep flawless records of all their reading habits. Yet smartphones, connected cars, web tracking technologies, the Internet of Things, and other innovations have had this effect without government participation. While the IC [intelligence community] cannot willingly blind itself to this information, it must appreciate how unfettered access to CAI [commercially-available information] increases its power in ways that may exceed our constitutional traditions or other societal expectations.”⁴

Ultimately, what digitalisation means for the security state is a vast increase in the potential for surveillance and data collection, and thus a vast increase in the potential control that can be exercised over the population. It is vital to note, however, that it is by no means certain that this potential will be realised: governments may choose not to pursue certain possibilities, they may not have the resources to do so, or they may face fierce enough opposition to surveillance powers that they are forced not to exercise them. Before turning to look at how the digitalisation of the security state can affect the rights of individuals and groups, we will consider some of the basic principles underpinning state surveillance and data collection powers.