Last month, Egypt’s Public Prosecutor
refused to hand over phone records requested by the Italian prosecutors for the
ongoing investigation into the murder of Italian doctorate student Giulio
Regeni in Cairo in January. The Assistant Public Prosecutor, Mostafa Suleiman,
claimed that handing over the phone records would be “unconstitutional.”
Along with the phone records, Italy’s
request to obtain footage from surveillance cameras in the metro station where
Regeni disappeared was denied. Suleiman explained that such footage is
automatically deleted.
I examine here the
two key points addressed by the Egyptian Public Prosecutor in refusing to hand
over the phone records and footage in an attempt to address the question of
security and investigative practices, as well as the concept of privacy in
Egypt.
In order to reinforce that Italy’s request is in fact reasonable, we need to
understand the role of video recordings in security internationally and how it
has evolved over the years. In the early days, security surveillance was based
on Closed Circuit Television (CCTV), where a security guard monitored few
screens, watching for suspicious activity. Some systems employed a switcher
that rotated the images from various cameras on one or more screens and most
security systems employed a limited number of cameras, as cameras were
expensive to acquire and install. Few systems used time-lapse video recorders.
VHS tapes would last up to 72 hours and were typically stored for up to a year
to be used to review any suspicious activity in retrospect to help investigate
problems.
The inventions of
the chip or solid-state camera and the introduction of IP cameras made cameras
cheaper, smaller and easier to deploy. Security designers became reliant on
video as a critical element of electronic security rather than just ancillary
to security. Systems that typically employed five cameras 20 years ago now
employ 50 or more. While this many cameras can be overwhelming for human
operators in a live monitoring situation, the huge number of video images
present security designers with an unprecedented wealth of data.
The challenge is to
derive useful information from this huge body of data.
Analytical software
systems allow for the detection of suspicious activity automatically. In train
stations, for example, someone falling to the floor, dropping an object,
jumping over a turnstile or loitering could be amongst the patterns of behavior
that would constitute a possible threat and trigger alerts to direct guards to
monitor certain cameras or to respond. Such systems remain relatively expensive
and are not consistently effective, which leads us to the widest use of video
surveillance: Recording.
VHS recorders have
been replaced with DVRs (Digital Video Recorders), storing terabytes of data.
NVRs (Network Video Recorders) allow for even more efficient video storage.
Most systems are designed to store 90 days of data.
The questions that must be asked of the
Cairo Metro are: What are all the cameras for? How secure is the metro if the
critical component of security storage is defective or being mishandled? How
can recordings be erased in such a short period of time? If video recordings
are being erased every few days, it would call into question the worth of the
systems. The request made by the Italians is logical; the Egyptian position is
difficult to understand and smacks of obfuscation.
As we move to the mobile phone logs, Italian authorities had
requested records of over one million phone calls made in the area
where Regeni disappeared. It appears that they are aiming to identify mobile
phones that were in the vicinity of Regeni that operated in unusual patterns,
for example repeatedly or sequentially calling certain numbers. This is not “looking for a needle in a
haystack”; it is, rather, looking for the relevant haystack. The
investigators would typically be seeking to narrow down their sample from the
alleged one million. They might request additional call details for numbers
that seemed to behave out of statistical norms or patterns and could eventually
ask for information regarding the owners of a very small set of numbers.
It is hard to
understand how such a request would violate the privacy of Egyptian citizens,
as the Egyptian authorities claimed. Surely numerical analysis of mobile phone
numbers that have not been associated with individual users does not violate
the privacy of anyone. Indeed, it is not unlikely that this sort of
investigation is carried out as a matter of routine in Egypt, particularly in
sensitive areas with the ongoing threat of terrorism.
The watching out for unusual patterns on roads, airspace,
waterways or cyber space protects the public, rather than violating its
privacy. The US intelligence community often refers to unusual “chatter” on
mobile phones or Internet communication. Such “chatter” might be indicative of
or follow acts of terror. Nations increasingly monitor their Internet traffic to protect from
cyber attacks. Monitoring of patterns and scripts that have not been associated
with individuals doesn’t violate privacy.
Privacy comes into
play only when associating Internet data, IP addresses or mobile numbers with
actual names and people and when looking into the content (beyond just
patterns). In the USA, the infamous NSA program faced legal challenges over the
retention of the records for lengthy periods of time and where no cause
existed. In the Regeni case, there is a crime and the Italian request is for an
analysis for those records surrounding the area of the crime and not an
indefinite retention of the data.
Italian privacy
standards are amongst the highest in the world. I would suspect the lawyers of
the Office of Privacy of the Italian Ministry of Interior could become the best
allies for Egyptian prosecutors if they understood and believed their privacy
argument. In Cairo, cars are routinely stopped, for no cause, at various
checkpoints; passengers are asked to explain where they are going, who they are
with and how they are related. In the recent protests on Sinai Liberation Day,
stories of police inspecting mobile phones of young people have been widely
circulated!
The hypersensitivity
to privacy displayed by the Egyptian side in response to Italy’s request is
certainly odd. Most neutral security and privacy experts would be troubled by
the positions articulated by the Egyptian prosecutors.