What Does Brexit Mean For Britain's Spies?

Uploaded on 2018-02-12 in NEWS-Cybersecurity News, INTELLIGENCE--Europe, FREE TO VIEW

As the UK negotiates its future relationship with the EU, two former intelligence chiefs have warned that Britain's security expertise should not become a "bargaining chip".

When terror attacks hit Paris in late 2015, British intelligence scrambled to find out what it could about the attackers, at the UK's spy agency, GCHQ, a team worked on tracing their communications while MI5 looked for connections to the UK.

It was all a sign that modern threats, whether terrorism, cyber-attacks or Russian subversion, rarely respect borders.

The Paris attacks showed that those responsible crossed borders with greater ease than information which might stop them. That led some to argue for closer co-operation, while others cited it as evidence of the need instead for stronger national border controls.

"Europe is going to be our security backyard forever," Sir John Sawers, a former head of MI6, told the BBC.
"And we need to be able to work very closely with our European partners in order to maximise our own security.

"And their security benefits our security. The more secure France is, the fewer dangerous people are likely to cross from Calais to Dover."

On one level, Brexit does little to threaten these key intelligence and security relationships. This is because in almost all cases the intelligence flows bilaterally, country to country, rather than through Brussels.

Former GCHQ head Robert Hannigan said: "As an institution, the EU's role is extremely limited. "It doesn't really get involved in any sharing of operational intelligence. The real co-operation on operations, counter-terrorism or cyber or hostile states, goes on bilaterally and always has." GCHQ, for instance, would have a liaison in Paris who could ensure information relevant to the protection of France would be shared quickly.

'Need our help'
Officials in Europe and the UK are also aware that intelligence and security is a relative British strength and other countries will not want to be cut off from Britain's contribution.  "The thing that is driving the quality of those relationships currently is the darkness of the threat and the common concern about it," Andrew Parker, the current head of MI5, told the Intelligence and Security Committee last year, with his comments included in its annual report.

"Half of Europe is scared of terrorism and the other half is scared of Russia and both halves want us to help them… That will not change with Brexit," he said. 

The only significant EU intelligence sharing body is INTCEN, which shares analysis of the threats with policymakers.
Some European intelligence officers say that even though Britain is an intelligence powerhouse, there are areas, such as North Africa, where other European services may have better insights.

Because Britain is a net giver rather than receiver of intelligence, particularly in MI5's counter-terrorism experience and GCHQ's extensive collection of communications and cyber activity, there was discussion in government early last year about using what some called the "security surplus" as a bargaining chip in negotiations.

'Bargaining Chip'
But the former intelligence officers caution against playing the security card. "The Brexit negotiation is not a zero-sum game," argues Sir John, who was chief of MI6 until 2014. "Security co-operation can help create an atmosphere in which the EU-27 and the UK can see that it is in everyone's interests to maintain a climate of co-operation.

"If either side try to use it as a bargaining chip or a point of leverage it's likely to be negative on both sides," he says.

Theresa May's letter to Donald Tusk, president of the European Council, setting out her stall on Britain's position surprised some within the intelligence community with its language, and the three serving British intelligence chiefs together expressed concerns, according to one official.

Mr Hannigan, who left GCHQ before the letter, also cautions against playing the security card in upcoming trade negotiations. "I've never thought this was realistic or indeed ethically sound," he told the BBC.

"I mean how could you possibly think of withholding material that might stop a terrorist attack in exchange for fish quotas or something. It's absurd."

The Data Question
But there is one issue that does worry British spies about Brexit, and that is data. The ability to move data across borders is vital, such as information on suspects moving from one country to another. This is even more of an issue for policing and border forces, but their work overlaps with the counter-terrorist work of security services who also increasingly share data on cyber threats. Any impediment to this flow would be a real issue, former and current officials say.

"It would be a very serious problem," says Sir John, adding: "The intelligence these days is based very heavily on having access to data."

Sharing and retaining data requires meeting EU safeguards on privacy. "We have been an active player in that within Europe and now European rules will be made without us and we will be outside the immediate legal framework. "But that is something that the British government is going to have to address very early on - how we continue to retain data."

ECJ 'Burden'
The EU rules have also been shaped by legal challenges at the European Court of Justice (ECJ). Mr Hannigan, who had to deal with the legal challenges as head of GCHQ, said it would not be as simple as being freed from the burden of the court.
He said it was a "bit naive" to think being free from the ECJ would "solve all our problems".

"It will solve our problems if we only wanted data to flow within the UK and never to leave its borders," he says, adding: "But that would mean cutting ourselves off from the modern world.

"That means what the EU regards as adequate regulation of privacy [and] protection of privacy is incredibly important to us and it does effectively give the ECJ a say in what we do."

The US has had to negotiate a deal with the EU and this has proved a difficult and lengthy process. But a UK deal will be vital not just for national security but the economy as a whole. "The UK equivalent - which we will now need to negotiate - will be very difficult," says Mr Hannigan. "And we will have to take some time to do it. But it's vital to the economy broadly."

BBC

You Might Also Read:

What Does Brexit Mean For British Data Privacy?:

UK Deal With EU On Post-Brexit Data Sharing:

MI5 In The Clear Over Terror Attacks:

 

« Hackers Strike Winter Olympics
Nation State Hacking Is On Trend In 2018 »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Renaissance

Renaissance

Renaissance is Ireland's premier value added distributor of IT security solutions and a leading independent provider of business continuity consultancy.

Stratogent

Stratogent

Stratogent does IT and Cybersecurity operations. We specialize in high-touch and high-change IT environments, especially in the biotech and pharma industry verticals.

Marsh

Marsh

Marsh is a global leader in insurance broking and risk management and has been a leader in combatting cyber threats since their emergence.

Towergate Insurance

Towergate Insurance

Towergate Insurance is a leading UK specialist insurance broker. Business products include Cyber Liability Insurance.

Cobalt Labs

Cobalt Labs

Pen Testing as a Service for Modern SaaS Businesses. Cobalt is redefining the modern pen test for companies who want serious hacker-like testing built into their development cycle.

Nullcon

Nullcon

Nullcon provides an integrated platform for exchanging information on the latest attack vectors, zero-day vulnerabilities and unknown threats.

Gradiant

Gradiant

Gradiant’s mission is to contribute to the growth and competitive improvement of Galician businesses through technology development and innovation using ICT.

Cryptshare

Cryptshare

Cryptshare is a communication solution that enables you to share e-mails and files of any size securely.

Bugraptors

Bugraptors

BugRaptors is a certified software testing company with extensive experience as a third-party testing vendor, effectively proven as a leader in software testing & QA Services.

Siege Technologies

Siege Technologies

Siege Technologies is a pioneer of multi-purpose cybersecurity products and services that enable customers to leverage both offensive and defensive technologies.

TheGreenBow

TheGreenBow

TheGreenBow is a trusted VPN software company. We help organizations and individuals become cyber-responsible. For this, we design and develop reliable and easy-to-use solutions.

Tech Vedika

Tech Vedika

Tech Vedika has access to technical guidance, training and resources from AWS to successfully undertake solution architecture, application development, application migration, and managed services.

Sify Technologies

Sify Technologies

Sify is the largest ICT service provider, systems integrator, and all-in-one network solutions company on the Indian subcontinent.

Proximus Ada

Proximus Ada

Proximus Ada is the first Belgian center of excellence combining artificial intelligence and cybersecurity.

ERCOM

ERCOM

Ercom, a subsidiary of the Thales Group, is a French company known for its mobility security solutions.

Internet Initiative Japan (IIJ)

Internet Initiative Japan (IIJ)

IIJ is one of Japan's leading Internet-access and comprehensive network solutions providers.