Last month, Egypt’s Public Prosecutor refused to hand over phone records requested by the Italian prosecution for the ongoing investigation into the murder of Italian doctorate student Giulio Regeni in Cairo in January. The Assistant Public Prosecutor, Mostafa Suleiman, claimed that handing over the phone records would be “unconstitutional.”
Along with the phone records, Italy’s request to obtain footage from surveillance cameras in the metro station where Regeni disappeared was denied. Suleiman explained that such footage is automatically deleted.
I examine here the two key points addressed by the Egyptian Public Prosecutor in refusing to hand over the phone records and footage in an attempt to address the question of security and investigative practices, as well as the concept of privacy in Egypt.
In order to reinforce that Italy’s request is in fact reasonable, we need to understand the role of video recordings in security internationally and how it has evolved over the years. In the early days, security surveillance was based on Closed Circuit Television (CCTV), where a security guard monitored few screens, watching for suspicious activity. Some systems employed a switcher that rotated the images from various cameras on one or more screens and most security systems employed a limited number of cameras, as cameras were expensive to acquire and install. Few systems used time-lapse video recorders. VHS tapes would last up to 72 hours and were typically stored for up to a year to be used to review any suspicious activity in retrospect to help investigate problems.
The inventions of the chip or solid-state camera and the introduction of IP cameras made cameras cheaper, smaller and easier to deploy. Security designers became reliant on video as a critical element of electronic security rather than just ancillary to security. Systems that typically employed five cameras 20 years ago now employ 50 or more. While this many cameras can be overwhelming for human operators in a live monitoring situation, the huge number of video images present security designers with an unprecedented wealth of data.
The challenge is to derive useful information from this huge body of data.
Analytical software systems allow for the detection of suspicious activity automatically. In train stations, for example, someone falling to the floor, dropping an object, jumping over a turnstile or loitering could be amongst the patterns of behavior that would constitute a possible threat and trigger alerts to direct guards to monitor certain cameras or to respond. Such systems remain relatively expensive and are not consistently effective, which leads us to the widest use of video surveillance: Recording.
VHS recorders have been replaced with DVRs (Digital Video Recorders), storing terabytes of data. NVRs (Network Video Recorders) allow for even more efficient video storage. Most systems are designed to store 90 days of data.
The questions that must be asked of the Cairo Metro are: What are all the cameras for? How secure is the metro if the critical component of security storage is defective or being mishandled? How can recordings be erased in such a short period of time? If video recordings are being erased every few days, it would call into question the worth of the systems. The request made by the Italians is logical; the Egyptian position is difficult to understand and smacks of obfuscation.
As we move to the mobile phone logs, Italian authorities had requested records of over one million phone calls made in the area where Regeni disappeared. It appears that they are aiming to identify mobile phones that were in the vicinity of Regeni that operated in unusual patterns, for example repeatedly or sequentially calling certain numbers. This is not “looking for a needle in a haystack”; it is, rather, looking for the relevant haystack. The investigators would typically be seeking to narrow down their sample from the alleged one million. They might request additional call details for numbers that seemed to behave out of statistical norms or patterns and could eventually ask for information regarding the owners of a very small set of numbers.
It is hard to understand how such a request would violate the privacy of Egyptian citizens, as the Egyptian authorities claimed. Surely numerical analysis of mobile phone numbers that have not been associated with individual users does not violate the privacy of anyone. Indeed, it is not unlikely that this sort of investigation is carried out as a matter of routine in Egypt, particularly in sensitive areas with the ongoing threat of terrorism.
The watching out for unusual patterns on roads, airspace, waterways or cyber space protects the public, rather than violating its privacy. The US intelligence community often refers to unusual “chatter” on mobile phones or Internet communication. Such “chatter” might be indicative of or follow acts of terror. Nations increasingly monitor their Internet traffic to protect from cyber attacks. Monitoring of patterns and scripts that have not been associated with individuals doesn’t violate privacy.
Privacy comes into play only when associating Internet data, IP addresses or mobile numbers with actual names and people and when looking into the content (beyond just patterns). In the USA, the infamous NSA program faced legal challenges over the retention of the records for lengthy periods of time and where no cause existed. In the Regeni case, there is a crime and the Italian request is for an analysis for those records surrounding the area of the crime and not an indefinite retention of the data.
Italian privacy standards are amongst the highest in the world. I would suspect the lawyers of the Office of Privacy of the Italian Ministry of Interior could become the best allies for Egyptian prosecutors if they understood and believed their privacy argument. In Cairo, cars are routinely stopped, for no cause, at various checkpoints; passengers are asked to explain where they are going, who they are with and how they are related. In the recent protests on Sinai Liberation Day, stories of police inspecting mobile phones of young people have been widely circulated!
The hypersensitivity to privacy displayed by the Egyptian side in response to Italy’s request is certainly odd. Most neutral security and privacy experts would be troubled by the positions articulated by the Egyptian prosecutors.