What Does Brexit Mean For Britain's Spies?

As the UK negotiates its future relationship with the EU, two former intelligence chiefs have warned that Britain's security expertise should not become a "bargaining chip".

When terror attacks hit Paris in late 2015, British intelligence scrambled to find out what it could about the attackers, at the UK's spy agency, GCHQ, a team worked on tracing their communications while MI5 looked for connections to the UK.

It was all a sign that modern threats, whether terrorism, cyber-attacks or Russian subversion, rarely respect borders.

The Paris attacks showed that those responsible crossed borders with greater ease than information which might stop them. That led some to argue for closer co-operation, while others cited it as evidence of the need instead for stronger national border controls.

"Europe is going to be our security backyard forever," Sir John Sawers, a former head of MI6, told the BBC.
"And we need to be able to work very closely with our European partners in order to maximise our own security.

"And their security benefits our security. The more secure France is, the fewer dangerous people are likely to cross from Calais to Dover."

On one level, Brexit does little to threaten these key intelligence and security relationships. This is because in almost all cases the intelligence flows bilaterally, country to country, rather than through Brussels.

Former GCHQ head Robert Hannigan said: "As an institution, the EU's role is extremely limited. "It doesn't really get involved in any sharing of operational intelligence. The real co-operation on operations, counter-terrorism or cyber or hostile states, goes on bilaterally and always has." GCHQ, for instance, would have a liaison in Paris who could ensure information relevant to the protection of France would be shared quickly.

'Need our help'
Officials in Europe and the UK are also aware that intelligence and security is a relative British strength and other countries will not want to be cut off from Britain's contribution.  "The thing that is driving the quality of those relationships currently is the darkness of the threat and the common concern about it," Andrew Parker, the current head of MI5, told the Intelligence and Security Committee last year, with his comments included in its annual report.

"Half of Europe is scared of terrorism and the other half is scared of Russia and both halves want us to help them… That will not change with Brexit," he said. 

The only significant EU intelligence sharing body is INTCEN, which shares analysis of the threats with policymakers.
Some European intelligence officers say that even though Britain is an intelligence powerhouse, there are areas, such as North Africa, where other European services may have better insights.

Because Britain is a net giver rather than receiver of intelligence, particularly in MI5's counter-terrorism experience and GCHQ's extensive collection of communications and cyber activity, there was discussion in government early last year about using what some called the "security surplus" as a bargaining chip in negotiations.

'Bargaining Chip'
But the former intelligence officers caution against playing the security card. "The Brexit negotiation is not a zero-sum game," argues Sir John, who was chief of MI6 until 2014. "Security co-operation can help create an atmosphere in which the EU-27 and the UK can see that it is in everyone's interests to maintain a climate of co-operation.

"If either side try to use it as a bargaining chip or a point of leverage it's likely to be negative on both sides," he says.

Theresa May's letter to Donald Tusk, president of the European Council, setting out her stall on Britain's position surprised some within the intelligence community with its language, and the three serving British intelligence chiefs together expressed concerns, according to one official.

Mr Hannigan, who left GCHQ before the letter, also cautions against playing the security card in upcoming trade negotiations. "I've never thought this was realistic or indeed ethically sound," he told the BBC.

"I mean how could you possibly think of withholding material that might stop a terrorist attack in exchange for fish quotas or something. It's absurd."

The Data Question
But there is one issue that does worry British spies about Brexit, and that is data. The ability to move data across borders is vital, such as information on suspects moving from one country to another. This is even more of an issue for policing and border forces, but their work overlaps with the counter-terrorist work of security services who also increasingly share data on cyber threats. Any impediment to this flow would be a real issue, former and current officials say.

"It would be a very serious problem," says Sir John, adding: "The intelligence these days is based very heavily on having access to data."

Sharing and retaining data requires meeting EU safeguards on privacy. "We have been an active player in that within Europe and now European rules will be made without us and we will be outside the immediate legal framework. "But that is something that the British government is going to have to address very early on - how we continue to retain data."

ECJ 'Burden'
The EU rules have also been shaped by legal challenges at the European Court of Justice (ECJ). Mr Hannigan, who had to deal with the legal challenges as head of GCHQ, said it would not be as simple as being freed from the burden of the court.
He said it was a "bit naive" to think being free from the ECJ would "solve all our problems".

"It will solve our problems if we only wanted data to flow within the UK and never to leave its borders," he says, adding: "But that would mean cutting ourselves off from the modern world.

"That means what the EU regards as adequate regulation of privacy [and] protection of privacy is incredibly important to us and it does effectively give the ECJ a say in what we do."

The US has had to negotiate a deal with the EU and this has proved a difficult and lengthy process. But a UK deal will be vital not just for national security but the economy as a whole. "The UK equivalent - which we will now need to negotiate - will be very difficult," says Mr Hannigan. "And we will have to take some time to do it. But it's vital to the economy broadly."

BBC

You Might Also Read:

What Does Brexit Mean For British Data Privacy?:

UK Deal With EU On Post-Brexit Data Sharing:

MI5 In The Clear Over Terror Attacks:

 

« Hackers Strike Winter Olympics
Nation State Hacking Is On Trend In 2018 »

Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

eBook: Practical Guide to Security in the AWS Cloud

eBook: Practical Guide to Security in the AWS Cloud

AWS Marketplace would like to present you with a digital copy of the new book, Practical Guide to Security in the AWS Cloud, by the SANS Institute.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Cylance Smart Antivirus

Cylance Smart Antivirus

An antivirus that works smarter, not harder, from BlackBerry. Lightweight, non-intrusive protection powered by artificial intelligence. BUY NOW - LIMITED DISCOUNT OFFER.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Qualitest Group

Qualitest Group

Qualitest is the world’s largest pure play Quality Assurance and software testing company.

AET Europe

AET Europe

AET Europe is specialised in creating technological solutions for user identification and authentication.

CYBERSEC Forum

CYBERSEC Forum

CYBERSEC Forum is an annual European Public Policy Conference dedicated to strategic aspects of cybersecurity.

IOTA Foundation

IOTA Foundation

The IOTA Foundation is a non-profit R&D organisation focused on developing the next generation of protocols for the connected world.

ACPL Systems

ACPL Systems

We offer leading-edge technology solutions, expert professional and managed services and proven methodologies to ensure your data is protected and business risks are reduced.

Axcient

Axcient

Axcient offers MSPs the most secure backup and disaster recovery technology stack with a proven Business Availability suite.

Phosphorous Cybersecurity

Phosphorous Cybersecurity

Phosphorus has fully automated remediation of the two biggest IoT vulnerabilities, out of date firmware and default credentials.

Bradley-Morris

Bradley-Morris

Bradley-Morris is a leading recruiting firm specializing in transitioning military and veteran talent into civilian careers including Cybersecurity.