The Manchester terrorist attack and why intelligence agencies collect information

Intelligence agencies are generally poorly understood in our societies.  The agencies themselves are partly to blame since they shroud themselves in secrecy, albeit for good reasons.  In addition, public perception is at fault, partly due to the assumption by many that spies are nefarious creatures at heart and partly due to the often highly inaccurate Hollywood portrayal of these agencies.  Suffice to say that CSIS, the CIA and others are not usually seen in a positive light.

The public’s mistrust of intelligence services is exacerbated over the issue of information gathering and retention. Many are convinced that spies collect data on far too many people and hold onto that information for far too long.  There appears to be a fear that government databases are brimming with personal data and that our spies have evil intent thereon.  Hence the calls for these agencies to scrub their holdings quickly and frequently: we saw that in Canada with the controversy over CSIS’ ODAC unit.

From my perspective, these fears are misguided (as I hope to show), the demands to throw away data are ill-founded and unreasonable limits placed on how our intelligence agencies operate makes us collectively less safe.  And I think that the recent terrorist attack in Manchester proves me right.

If you recall that horrific event of a few weeks ago, Salman Abedi, a UK citizen of Libyan origin, targeted kids outside an Ariana Grande concert with a suicide device, killing 22 and injuring upwards of 250 people.  The attack was seen as particularly heinous as it struck teen and pre-teen girls out for an evening with a pop star.  Most terrorist acts are despicable but this one was over the top (or under the bar of humanity – take your pick).

We learned subsequently that the UK Security Service, MI5, had been aware of Mr. Abedi but  had not seen him as a priority target.  With 23,000 people identified as having Islamist extremist views MI5 and its partners have to make daily decisions on whom to ignore and whom to follow.  An ‘intelligence failure’ this was not.

Nevertheless, the investigation ramped up very quickly and the British spies were able to piece together a lot of the story in rapid fashion. How?  Because of their data holdings.  Data is the lifeblood of intelligence and forcing intelligence agencies to regularly delete information not directly linked to ongoing files would be a serious blow to their ability to do the job we demand of them.

Security services hold a lot of data and that concerns people as the debate in this country has shown.  I find the naysayers’ arguments wanting for two primary reasons:

a) no one seems to care that Google, FaceBook and Twitter have a hell of a lot more data on you than CSIS ever will

b) no one has ever, to my knowledge, demonstrated that data held by CSIS and others has been used for nefarious purposes or for reasons outside of legitimate national security concerns (no, the Maher case is NOT an example: authorities purport to have had a legitimate interest in him and the controversy is not whether they held information but rather the decision to share it with the US which sent him back to Syria).

The data stored by CSIS is collected under bonafide national security investigations.  By definition, investigations cast a wide net to see how big a particular threat is.  Just because a single data point is not relevant to a single investigation does not imply it should not be kept in the event it can help with future investigations.  Besides, data in a database is not necessarily acted upon on at any given time.  Forcing agencies to scrub databases on a constant basis renders them less effective.

I realise that there are a tonne of people who will disagree – vehemently – with me on this point, in part because they say they cannot trust CSIS or the RCMP with their data.  I think that Canadians can, but concede that there is a lot more PR required to explain why CSIS needs to do this.

For those that raise the objection that security services can go rogue and abuse information I agree that anything is possible.  CSIS, however, is not the former ex East German Stasi, which apparently had files on every citizen, and if there are signs that it is going that way I will be at the forefront of protests.  I just don’t see that happening in Canada.

Let us ensure that data collection and retention are subject to the law of the land and strict handling procedures.  But let us not handcuff our protectors and place obstacles in their mandates.


By Phil Gurski

Phil Gurski is the President and CEO of Borealis Threat and Risk Consulting Ltd. Phil is a 32-year veteran of CSE and CSIS and the author of six books on terrorism.

Leave a Reply