What Does Brexit Mean For Britain's Spies?

Uploaded on 2018-02-12 in NEWS-News Analysis, INTELLIGENCE--Europe, FREE TO VIEW

As the UK negotiates its future relationship with the EU, two former intelligence chiefs have warned that Britain's security expertise should not become a "bargaining chip".

When terror attacks hit Paris in late 2015, British intelligence scrambled to find out what it could about the attackers, at the UK's spy agency, GCHQ, a team worked on tracing their communications while MI5 looked for connections to the UK.

It was all a sign that modern threats, whether terrorism, cyber-attacks or Russian subversion, rarely respect borders.

The Paris attacks showed that those responsible crossed borders with greater ease than information which might stop them. That led some to argue for closer co-operation, while others cited it as evidence of the need instead for stronger national border controls.

"Europe is going to be our security backyard forever," Sir John Sawers, a former head of MI6, told the BBC.
"And we need to be able to work very closely with our European partners in order to maximise our own security.

"And their security benefits our security. The more secure France is, the fewer dangerous people are likely to cross from Calais to Dover."

On one level, Brexit does little to threaten these key intelligence and security relationships. This is because in almost all cases the intelligence flows bilaterally, country to country, rather than through Brussels.

Former GCHQ head Robert Hannigan said: "As an institution, the EU's role is extremely limited. "It doesn't really get involved in any sharing of operational intelligence. The real co-operation on operations, counter-terrorism or cyber or hostile states, goes on bilaterally and always has." GCHQ, for instance, would have a liaison in Paris who could ensure information relevant to the protection of France would be shared quickly.

'Need our help'
Officials in Europe and the UK are also aware that intelligence and security is a relative British strength and other countries will not want to be cut off from Britain's contribution.  "The thing that is driving the quality of those relationships currently is the darkness of the threat and the common concern about it," Andrew Parker, the current head of MI5, told the Intelligence and Security Committee last year, with his comments included in its annual report.

"Half of Europe is scared of terrorism and the other half is scared of Russia and both halves want us to help them… That will not change with Brexit," he said. 

The only significant EU intelligence sharing body is INTCEN, which shares analysis of the threats with policymakers.
Some European intelligence officers say that even though Britain is an intelligence powerhouse, there are areas, such as North Africa, where other European services may have better insights.

Because Britain is a net giver rather than receiver of intelligence, particularly in MI5's counter-terrorism experience and GCHQ's extensive collection of communications and cyber activity, there was discussion in government early last year about using what some called the "security surplus" as a bargaining chip in negotiations.

'Bargaining Chip'
But the former intelligence officers caution against playing the security card. "The Brexit negotiation is not a zero-sum game," argues Sir John, who was chief of MI6 until 2014. "Security co-operation can help create an atmosphere in which the EU-27 and the UK can see that it is in everyone's interests to maintain a climate of co-operation.

"If either side try to use it as a bargaining chip or a point of leverage it's likely to be negative on both sides," he says.

Theresa May's letter to Donald Tusk, president of the European Council, setting out her stall on Britain's position surprised some within the intelligence community with its language, and the three serving British intelligence chiefs together expressed concerns, according to one official.

Mr Hannigan, who left GCHQ before the letter, also cautions against playing the security card in upcoming trade negotiations. "I've never thought this was realistic or indeed ethically sound," he told the BBC.

"I mean how could you possibly think of withholding material that might stop a terrorist attack in exchange for fish quotas or something. It's absurd."

The Data Question
But there is one issue that does worry British spies about Brexit, and that is data. The ability to move data across borders is vital, such as information on suspects moving from one country to another. This is even more of an issue for policing and border forces, but their work overlaps with the counter-terrorist work of security services who also increasingly share data on cyber threats. Any impediment to this flow would be a real issue, former and current officials say.

"It would be a very serious problem," says Sir John, adding: "The intelligence these days is based very heavily on having access to data."

Sharing and retaining data requires meeting EU safeguards on privacy. "We have been an active player in that within Europe and now European rules will be made without us and we will be outside the immediate legal framework. "But that is something that the British government is going to have to address very early on - how we continue to retain data."

ECJ 'Burden'
The EU rules have also been shaped by legal challenges at the European Court of Justice (ECJ). Mr Hannigan, who had to deal with the legal challenges as head of GCHQ, said it would not be as simple as being freed from the burden of the court.
He said it was a "bit naive" to think being free from the ECJ would "solve all our problems".

"It will solve our problems if we only wanted data to flow within the UK and never to leave its borders," he says, adding: "But that would mean cutting ourselves off from the modern world.

"That means what the EU regards as adequate regulation of privacy [and] protection of privacy is incredibly important to us and it does effectively give the ECJ a say in what we do."

The US has had to negotiate a deal with the EU and this has proved a difficult and lengthy process. But a UK deal will be vital not just for national security but the economy as a whole. "The UK equivalent - which we will now need to negotiate - will be very difficult," says Mr Hannigan. "And we will have to take some time to do it. But it's vital to the economy broadly."

BBC

You Might Also Read:

What Does Brexit Mean For British Data Privacy?:

UK Deal With EU On Post-Brexit Data Sharing:

MI5 In The Clear Over Terror Attacks:

 

« Hackers Strike Winter Olympics
Nation State Hacking Is On Trend In 2018 »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Security Affairs

Security Affairs

Security Affairs is a blog covering all aspects of cyber security.

BetterCloud

BetterCloud

BetterCloud puts IT in control of the modern workplace through user lifecycle management, data discovery, and IT and security automation purpose-built for SaaS.

Data Resolve Technologies

Data Resolve Technologies

Data Resolve offer a mechanism through which customers can detect and tackle various kinds of sensitive activities pertaining to data loss and data theft.

Platin Bilişim

Platin Bilişim

Platin Bilisim is an IT Security company providing consultancy, solutions and operational support services.

Kobil Systems

Kobil Systems

Kobil is a pioneer in the fields of smart card, one-time password, authentication and cryptography.

CyberGRX

CyberGRX

The CyberGRX Exchange and our risk assessments-as-a-service help Enterprises and Third Parties cost-effectively identify, prioritize and mitigate risk.

AppOmni

AppOmni

AppOmni is the only SaaS CSPM solution that gives teams all the tools they need to be successful – from security posture management to monitoring and detection to continuous compliance.

PQShield

PQShield

PQShield are specialists in Post-Quantum Cryptography. We provide quantum-secure cryptographic solutions for software, software/hardware co-design and data in transit.

SecureStack

SecureStack

SecureStack helps software developers find security & scalability gaps in their web applications and offers ways to fix those gaps without forcing those developers to become security experts.

WebSec B.V.

WebSec B.V.

WebSec is a Dutch Cybersecurity firm mainly focused on offensive security services such as pentesting, red teaming and security awareness and phishing campaigns.

Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)

Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)

ICS-ISAC is a non-profit, public/private Knowledge Sharing Center established to help facilities develop situational awareness in support of local, national and international security.

Data Privacy Office (DPO)

Data Privacy Office (DPO)

Data Privacy Office is a company that specializes in privacy and personal data protection, following the highest standards in its sector.

Zemana

Zemana

Zemana provides innovative cyber-security solutions to deal with complex malicious software and other cyber threats.

X Technologies

X Technologies

X Technologies provide world-class engineering, information technology, information security, program management and repair services to Federal, State and commercial customers.

Grindstone Ventures

Grindstone Ventures

Grindstone Ventures is a post-seed fund that supports post-seed equity and quasi-equity investments in early-stage innovation-driven and/or technology companies.

ClearShark

ClearShark

Since 2001, ClearShark has been a go-to adviser in the U.S. Public Sector for creating customized and integrated solutions for the most secure of networks.