British Intelligence: In an unprecedented interview, Sir Iain Lobban, the departing director of GCHQ, talks to Charles Moore about Edward Snowden’s leaks, the ‘nausea’ of 7/7 – and shows him the secret world of its acclaimed intelligence operation
On the outskirts of Cheltenham stands a huge circular building known as The Doughnut. This is the Government Communications Headquarters (GCHQ), the heir of the war-winning codebreakers in those little huts in Bletchley Park. The 5,500 employees monitor the communications of the world – in the interests, says the relevant Act, of national security, “economic well-being’’ and combating serious crime – but they do not communicate with us.
I pass through multiple security, traverse “the Street’’ that circles inside the edifice, and sit down to wait. I am the first print journalist ever to interview GCHQ’s director, Sir Iain Lobban. He is about to leave after six years in the top job and 31 in the organisation.
He is bursting to speak. Young Iain, a Southport boy fresh with a languages degree from Leeds University, began here in 1983. At that time, GCHQ was the dingy provincial sister of the big boys in Whitehall – MI5 (the Security Service) and MI6 (the Secret Intelligence Service). Today, thanks to the march of technology, it dominates. Foreign heads of government come on pilgrimages here. The director has a seat on the National Security Council (NSC). GCHQ is our most important global intelligence asset.
Yet just as everything got good for the boys in Cheltenham – this being the techie world, most still are boys – it also got bad. Last year, The Guardian published the information Edward Snowden had purloined from the US National Security Agency (NSA). Some of what he revealed compromised GCHQ: “He made my job a thousand times more difficult,’’ one man charged with cracking terrorists’ internet games tells me. At a time when Isil, also known as Islamic State, is a clear and present threat, the imperative is greater than ever. In the eyes of GCHQ’s critics, Snowden also revealed unacceptable levels of intrusion into the personal data of British citizens.
Sir Iain Lobban, left, shows Charles Moore around GCHQ
“When I heard the news,’’ says Iain Lobban, “I lay awake saying to myself: ‘I hope this isn’t a Brit.’” He asked colleagues if they suspected anyone in their departments (“Anyone on a protracted holiday?’’), but he doubted it because “We would have noticed something a lot earlier – red tags on the security file.”
Snowden was a contracted systems administrator without personal commitment to the NSA. Lobban believes that GCHQ “treats our contractors as if they are people. We wouldn’t ‘body-shop’ them,’’ so such profound disaffection is unlikely here. But if the leak had been British, he admits, “That would have been the end of me.’’ As it was, senior NSA officials came to Cheltenham and apologised to staff: “This happened on our watch.’’
So the man in charge is boiling with a mixture of pride in his troops and frustration at what has happened. I have never met a top bureaucrat so unlike Sir Humphrey – colloquial, boyishly showing off, passionate. He bounces into the room as if there are springs in his black suede shoes.
“Let’s get going,’’ he says, before the door has swung shut. We have four hours together, but he never stops. “It’s the awards first,’’ he says, and we join a party for staff members celebrating 30 years’ service. Lobban likes to hand out their medals in person, firing off jokey quiz questions about 1984, their year of joining (“Which Swedish group won the Eurovision Song Contest? No, it was not Abba. It was the Herreys with Diggi-loo, Diggi-ley”). Exact dates feature. They are a nerdy obsession of Iain Lobban. “I worked in America,” he tells me, “for three years, two months and 13 days.”
The atmosphere is merry. Sir Iain is “Iain” to all – though also, I notice, “Boss”. He has no director’s parking space and no office, only an open-plan desk “within shouting distance of the lawyers”. This is modern management style. But it also reflects a view dating back to 1914, when Winston Churchill, First Lord of the Admiralty, issued a charter to “Room 40”, GCHQ’s signals intelligence (SIGINT) ancestor. SIGINT’s unique importance, Churchill wrote, lay in getting inside the mind of the enemy: only then can you predict his actions, and secure your own communications against him. To achieve this, says Lobban, you must mirror what you are dealing with. In the Cold War, GCHQ mirrored the Soviet security structures. In the age of the internet, they must swim as freely as possible in its democratic soup.
The heart of The Doughnut is a courtyard big enough to contain the Royal Albert Hall, with huts for smoking (“lots of the best ideas are thought up there”) and a monument to colleagues who died on active service – five in Afghanistan. On 7/7, the day in July 2005 when British Islamists blew themselves and others to pieces on a London bus and Tube, some staff were playing frisbee on this grass. As the news came through, people rushed out and told them to stop. This was the shocking day – “I remember the nausea,” says Lobban. It was also the moment GCHQ had to seize: “It was about the internet. We started to identify the DNA of the networks the terrorists used.”
One lesson of 7/7 was speed. Lobban leads me to the “24/7/365” area, in which small 12-hour shifts monitor GCHQ systems and news bulletins. Through something called Action On, they can act so quickly and freely that “they don’t have to wake me up”. If British special forces want to make a sudden assault on terrorists, GCHQ can help tell them what is happening on the ground. “We listen, so they can act.”
Iain Lobban: ‘After 13 years, maybe it’s time for someone else to have a go at this amazing job’
Elsewhere in the sweeping circle of The Doughnut is a room known as INOC (Internet Ops Centre). Here Simon, an amused, wiry man in a wheelchair, is “the Mr Fixit for any problem”. He assembles a solutions team to match the best technical capabilities with the most urgent operational requirements. Today, Simon is working on the highest-priority national security target, pulling together multiple feeds of data to work out how they communicate and with whom. But it has got harder: before Snowden helped the enemy, he says, it took him a fortnight to “deliver the magic”. Now it takes six weeks.
Much as Lobban loves to introduce his resident geniuses, he is tapping his fingers to show me as much as possible. On we scurry to a subterranean room too secret to be publicly named, “where operators and techies collide”. Here they study laptops and phones seized, their encryptions and the patterns of behaviour they reveal. They gather forensic materials which, unlike interceptions, are admissible in court evidence. They also supply kit “in theatre”: plastic cases of air-portable equipment are stacked in corners. At other desks sit operators who track and analyse the spread of images of child exploitation and Islamist beheadings across internet networks, swimming alongside the people they seek.
Deep below lies the data centre, the massive processing power of GCHQ’s own cloud – great halls filled with the latest water-cooled super-computers, using as much electricity as the entire neighbouring town of Bishop’s Cleeve.
Iain Lobban and I stop to wash our hands. He stares at himself in the mirror, fingering his chin, all energy suddenly drained. “God, I’m completely wiped out,” he says. “It’s always like this by Friday afternoon.” He has spent part of the week “somewhere hot and sandy”.
We sit for a final chat. A cup of tea revives him. I want him to answer the obvious questions. What about the problem of mass surveillance? His analogy is with a “huge hayfield’’. GCHQ needs as much of the hayfield as possible, but only to extract the few needles it seeks. “I could walk you through the whole legal process of interception. You have to specify very precisely. You can’t just write ‘suspected terrorist’ to get the access you want.”
What about all the “meta data”, the external information about how many emails were sent, to whom etc? “Look,” he challenges. “Who has the info on you? It’s the commercial companies, not us, who know everything – a massive sharing of data. The other day I bought a watch for my wife. Soon there were lots of pop-up watches advertising themselves on our computer, and she complained. ‘It’s that bloody internet,’ I tell her.”
Even as he is about to retire, Lobban remains amazingly excited by what he does. “GCHQ has always been extraordinary, but we weren’t as extraordinary in the past. The scale of the ask has mushroomed, and so has our impact,” making Britain’s work far more important to the United States and the rest of the world. Nowadays, with his strong encouragement, the sharing of intelligence goes well beyond the traditional “Five Eyes” – the US, Australia, Canada, New Zealand and Great Britain. Counter-terrorism, cyber-security and counter-proliferation have seen to that. “It’s nonsense not to share with the French,” he says, or with some eastern European countries, Gulf states and Asian and Far Eastern ones. “This is not Blitz Britain. We sure as hell can’t lick terrorism on our own.”
He wants more recognition given to his staff, who “just give without being asked” but must remain anonymous. “I’m a bit bored with sniffer dogs getting credit for drug-busts, not GCHQ.” And he wants to emphasise the
agency’s engagement. Look at cyber-attack: “We moved from steepling our fingers and giving arcane technical advice to telling businesses, ‘You’re being robbed blind,’ and showing them how to protect themselves.”
What particularly thrills him is that GCHQ can be in the thick of it. He thinks the NSC is “one of the best things this government has done” because it “takes the sentiment in the room and translates it into tasking for each organisation”. Take the current issue of British hostages held overseas. The NSC galvanises everything to help: “It’s Civis Britannicus sum. Brilliant.”
This month, Iain Lobban leaves, still only 54 years old. “After 13 years on the GCHQ board, maybe it’s time for someone else to have a go at this amazing job.” He will have three months’ rest, walk the Cotswold Way, “learn Spanish properly” and spend more time with his six-year-old daughter. “It will be nice to see something on the news without that Ghostbusters feeling that I’m supposed to be doing something about it.” But he will deeply miss his colleagues and the work he loves: “It will feel like an amputation.”
LONDON (Reuters) – Britain’s spy agency GCHQ intercepted millions of people’s webcam chats and stored still images of them, including sexually explicit ones, the Guardian newspaper reported on Thursday.
GCHQ files dating between 2008 and 2010 provided to the newspaper by the former U.S. National Security Agency (NSA) contractor Edward Snowden, revealed that the surveillance program, codenamed Optic Nerve, saved one image every five minutes from randomly selected Yahoo Inc webcam chats and stored them on agency databases.
Optic Nerve, which began as a prototype in 2008 and was still active in 2012, was intended to test automated facial recognition, monitor GCHQ’s targets and uncover new ones, the Guardian said. It said that under British law, there are no restrictions preventing images of U.S. citizens being accessed by British intelligence.
GCHQ collected images from the webcam chats of more than 1.8 million users globally in a six-month period in 2008 alone, the newspaper reported.
“It is a long-standing policy that we do not comment on intelligence matters,” a GCHQ representative said on Thursday.
In another sign of the widespread information-sharing between U.S. and British spy agencies which has riled public and politicians on both sides of the Atlantic, the webcam information was fed into the NSA’s search tool and all of the policy documents were available to NSA analysts, the paper said.
It was not clear, however, whether the NSA had access to the actual database of Yahoo webcam images, the Guardian reported.
Yahoo said it had no knowledge the interceptions.
“We were not aware of nor would we condone this reported activity. This (Guardian) report, if true, represents a whole new level of violation of our users’ privacy that is completely unacceptable,” company spokeswoman Suzanne Philion said in an emailed statement.
Snowden, now in Russia after fleeing the United States, made world headlines last summer when he provided details of NSA surveillance programs to the Guardian and the Washington Post.
For decades, the NSA and GCHQ have shared intelligence under an arrangement known as the UKUSA agreement. They also collaborate with eavesdropping agencies in Canada, Australia and New Zealand in what is known as the “Five Eyes” alliance.
Under Optic Nerve, GCHQ tried to limit its staff’s ability to see the webcam images, but they could still see the images of people with similar usernames to intelligence targets, the Guardian said.
GCHQ also implemented restrictions on the collection of sexually explicit images, but its software was not always able to distinguish between these and other images.
“Discussing efforts to make the interface “safer to use”, it (GCHQ) noted that current “naïve” pornography detectors assessed the amount of flesh in any given shot, and so attracted lots of false positives by incorrectly tagging shots of people’s faces as pornography,” the newspaper said.
The spy agency eventually excluded images in which the software had not detected any faces from search results to prevent staff from accessing explicit images, it added.
(Reporting by Julia Fioretti; Editing by Catherine Evans and Grant McCool)
British spies employed ‘dirty tricks’ including ‘honey traps’ to trap nations, hackers, terror groups, suspected criminals and arms dealers, according to leaked documents.
The bombshell revelations have been made public through the release of documents taken from the National Security Agency by whistle-blower Edward Snowden.
The Powerpoint slides outline techniques apparently used by the Joint Threat Research and Intelligence Group (JTRIG), a British spy unit whose goal is to ‘destroy, deny, degrade [and] disrupt’ enemies.
British spies employed ‘dirty tricks’ including honey traps’ in a bid to trap nations, hackers, terror groups, suspected criminals and arms dealers
The slides from 2010 and 2012, published by NBC News show that the JTRIG completed their mission by ‘discrediting’ adversaries through misinformation and hacking their communications.
Two main methods of attack detailed in the ‘Effects’ campaigns are cyber operations and propaganda campaigns.
The bombshell revelations have been made public through the release of documents taken from the National Security Agency by whistleblower Edward Snowden
JTRIG, which is part of the NSA’s British counterpart, the cyber spy agency known as GCHQ, used Twitter, Flickr, Facebook and YouTube for deception, mass messaging and ‘pushing stories’.
Another strategy is ‘false flag’ operations – this is when British agents carry out online actions that are designed to look like they were performed by one of Britain’s adversaries.
The main cyber attack is the ‘distributed denial of service’ (DDoS) attack.
This is when computers are taken over by hackers and they bombard a website’s host computers with requests for information causing it to crash – this is a method successfully used by Wikileaks hackers.
Earlier this week it was revealed that JTRIG agents issued their DDoS on Anonymous chat rooms, preventing its users from communicating with one another.
In one case, reported the BBC, agents are said to have tricked a hacker nicknamed P0ke who claimed to have stolen data from the US government. They did this by sending him a link to a BBC article entitled: ‘Who loves the hacktivists?’
Eric King, an attorney who currently teaches IT law at the London School of Economics, told NBC it is ‘remarkable’ that the GCHQ has become so adept at launching DDoS attacks without ‘clear lawful authority,’ particularly because the British government has criticised similar strategies used by other governments.
‘GCHQ has no clear authority to send a virus or conduct cyber-attacks,’ he said. ‘Hacking is one of the most invasive methods of surveillance.’
According to notes on the 2012 documents, a computer virus called Ambassadors Reception was ‘used in a variety of different areas’ and was ‘very effective.’
When sent to adversaries, says the presentation, the virus will ‘encrypt itself, delete all emails, encrypt all files, make [the] screen shake’ and block the computer user from logging on.
One of the ways to block a target communicating reads: ‘Bombard their phone with text messages, bombard their phone with calls, delete their online presence, block up their fax machine.’
The slide details examples of how this was used in Afghanistan including significantly disrupting the Taliban, sending targets a text message ‘every 10 seconds or so’ and ‘calling targets on a regular basis’.
The British cyber spies also used blog posts and information spread via blogs in an operation against Iran.
One of the ways to stop a target communicating reads: ‘Bombard their phone with text messages, bombard their phone with calls, delete their online presence, block up their fax machine’
The same 2012 presentation describes the ‘honey trap’ method of discrediting a target commenting it is ‘very successful’ when it works.
The individual is lured ‘to go somewhere on the internet, or a physical location’ where they are then ‘met by a friendly face.’
It does not give any examples of when the honey trap has been used by British agents, but the same slide also details how ‘paranoia’ can be heightened by changing a target’s photo on a social networking website – the slide reads ‘You have been warned JTRIG is about!’
A programme called ‘Royal Concierge’ took advantage of hotel reservation systems to track the location of foreign diplomats and the slides encourage agents to monitor targets through ‘close access technical operations’.
It also suggests they question ‘Can we influence hotel choice? Can we cancel their visits?’
According to reports in Der Spiegel last year, British intelligence tapped the reservations systems of over 350 top hotels around the world for the past three years to set up the programme.
Using the GCHQ’s SIGINT (signal-intelligence) program it was used to spy on trade delegations, foreign diplomats, and other targets with a taste for the high life.
NBC news reported GCHQ would not comment on the newly published documents or on JTRIG’s operations.
In a statement it told them: ‘All of GCHQ’s work is carried out in accordance with a strict legal and policy framework,’ said the statement, ‘which ensure[s] that our activities are authorized, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee. All of our operational processes rigorously support this position.’
US and UK spy agencies piggyback on commercial data
Details can include age, location and sexual orientation
Documents also reveal targeted tools against individual phones
By James Ball
GCHQ documents use Angry Birds – reportedly downloaded more than 1.7bn times – as a case study for app data collection.
The National Security Agency and its UK counterpart GCHQ have been developing capabilities to take advantage of “leaky” smartphone apps, such as the wildly popular Angry Birds game, that transmit users’ private information across the internet, according to top secret documents.
The data pouring onto communication networks from the new generation of iPhone and Android apps ranges from phone model and screen size to personal details such as age, gender and location. Some apps, the documents state, can share users’ most sensitive information such as sexual orientation – and one app recorded in the material even sends specific sexual preferences such as whether or not the user may be a swinger.
Many smartphone owners will be unaware of the full extent this information is being shared across the internet, and even the most sophisticated would be unlikely to realise that all of it is available for the spy agencies to collect.
Dozens of classified documents, provided to the Guardian by whistleblower Edward Snowden and reported in partnership with the New York Times and ProPublica, detail the NSA and GCHQ efforts to piggyback on this commercial data collection for their own purposes.
Scooping up information the apps are sending about their users allows the agencies to collect large quantities of mobile phone data from their existing mass surveillance tools – such as cable taps, or from international mobile networks – rather than solely from hacking into individual mobile handsets.
Exploiting phone information and location is a high-priority effort for the intelligence agencies, as terrorists and other intelligence targets make substantial use of phones in planning and carrying out their activities, for example by using phones as triggering devices in conflict zones. The NSA has cumulatively spent more than $1bn in its phone targeting efforts.
The disclosures also reveal how much the shift towards smartphone browsing could benefit spy agencies’ collection efforts.
One slide from a May 2010 NSA presentation on getting data from smartphones – breathlessly titled “Golden Nugget!” – sets out the agency’s “perfect scenario”: “Target uploading photo to a social media site taken with a mobile device. What can we get?”
The question is answered in the notes to the slide: from that event alone, the agency said it could obtain a “possible image”, email selector, phone, buddy lists, and “a host of other social working data as well as location”.
In practice, most major social media sites, such as Facebook and Twitter, strip photos of identifying location metadata (known as EXIF data) before publication. However, depending on when this is done during upload, such data may still, briefly, be available for collection by the agencies as it travels across the networks.
Depending on what profile information a user had supplied, the documents suggested, the agency would be able to collect almost every key detail of a user’s life: including home country, current location (through geolocation), age, gender, zip code, martial status – options included “single”, “married”, “divorced”, “swinger” and more – income, ethnicity, sexual orientation, education level, and number of children.
The agencies also made use of their mobile interception capabilities to collect location information in bulk, from Google and other mapping apps. One basic effort by GCHQ and the NSA was to build a database geolocating every mobile phone mast in the world – meaning that just by taking tower ID from a handset, location information could be gleaned.
A more sophisticated effort, though, relied on intercepting Google Maps queries made on smartphones, and using them to collect large volumes of location information.
So successful was this effort that one 2008 document noted that “[i]t effectively means that anyone using Google Maps on a smartphone is working in support of a GCHQ system.”
The information generated by each app is chosen by its developers, or by the company that delivers an app’s adverts. The documents do not detail whether the agencies actually collect the potentially sensitive details some apps are capable of storing or transmitting, but any such information would likely qualify as content, rather than metadata.
Data collected from smartphone apps is subject to the same laws and minimisation procedures as all other NSA activity – procedures that the US president, Barack Obama, suggested may be subject to reform in a speech 10 days ago. But the president focused largely on the NSA’s collection of the metadata from US phone calls and made no mention in his address of the large amounts of data the agency collects from smartphone apps.
The latest disclosures could also add to mounting public concern about how the technology sector collects and uses information, especially for those outside the US, who enjoy fewer privacy protections than Americans. A January poll for the Washington Post showed 69% of US adults were already concerned about how tech companies such as Google used and stored their information.
The documents do not make it clear how much of the information that can be taken from apps is routinely collected, stored or searched, nor how many users may be affected. The NSA says it does not target Americans and its capabilities are deployed only against “valid foreign intelligence targets”.
The documents do set out in great detail exactly how much information can be collected from widely popular apps. One document held on GCHQ’s internal Wikipedia-style guide for staff details what can be collected from different apps. Though it uses Android apps for most of its examples, it suggests much of the same data could be taken from equivalent apps on iPhone or other platforms.
The GCHQ documents set out examples of what information can be extracted from different ad platforms, using perhaps the most popular mobile phone game of all time, Angry Birds – which has reportedly been downloaded more than 1.7bn times – as a case study.
From some app platforms, relatively limited, but identifying, information such as exact handset model, the unique ID of the handset, software version, and similar details are all that are transmitted.
Other apps choose to transmit much more data, meaning the agency could potentially net far more. One mobile ad platform, Millennial Media, appeared to offer particularly rich information. Millennial Media’s website states it has partnered with Rovio on a special edition of Angry Birds; with Farmville maker Zynga; with Call of Duty developer Activision, and many other major franchises.
Rovio, the maker of Angry Birds, said it had no knowledge of any NSA or GCHQ programs looking to extract data from its apps users.
“Rovio doesn’t have any previous knowledge of this matter, and have not been aware of such activity in 3rd party advertising networks,” said Saara Bergström, Rovio’s VP of marketing and communications. “Nor do we have any involvement with the organizations you mentioned [NSA and GCHQ].”
Millennial Media did not respond to a request for comment.
In December, the Washington Post reported on how the NSA could make use of advertising tracking files generated through normal internet browsing – known as cookies – from Google and others to get information on potential targets.
However, the richer personal data available to many apps, coupled with real-time geolocation, and the uniquely identifying handset information many apps transmit give the agencies a far richer data source than conventional web-tracking cookies.
“They are gathered in bulk, and are currently our single largest type of events,” the document stated.
The ability to obtain targeted intelligence by hacking individual handsets has been well documented, both through several years of hacker conferences and previous NSA disclosures in Der Spiegel, and both the NSA and GCHQ have extensive tools ready to deploy against iPhone, Android and other phone platforms.
GCHQ’s targeted tools against individual smartphones are named after characters in the TV series The Smurfs. An ability to make the phone’s microphone ‘hot’, to listen in to conversations, is named “Nosey Smurf”. High-precision geolocation is called “Tracker Smurf”, power management – an ability to stealthily activate an a phone that is apparently turned off – is “Dreamy Smurf”, while the spyware’s self-hiding capabilities are codenamed “Paranoid Smurf”.
Those capability names are set out in a much broader 2010 presentation that sheds light on spy agencies’ aspirations for mobile phone interception, and that less-documented mass-collection abilities.
The cover sheet of the document sets out the team’s aspirations:
Another slide details weak spots in where data flows from mobile phone network providers to the wider internet, where the agency attempts to intercept communications. These are locations either within a particular network, or international roaming exchanges (known as GRXs), where data from travellers roaming outside their home country is routed.
These are particularly useful to the agency as data is often only weakly encrypted on such networks, and includes extra information such as handset ID or mobile number – much stronger target identifiers than usual IP addresses or similar information left behind when PCs and laptops browse the internet.
The NSA said its phone interception techniques are only used against valid targets, and are subject to stringent legal safeguards.
“The communications of people who are not valid foreign intelligence targets are not of interest to the National Security Agency,” said a spokeswoman in a statement.
“Any implication that NSA’s foreign intelligence collection is focused on the smartphone or social media communications of everyday Americans is not true. Moreover, NSA does not profile everyday Americans as it carries out its foreign intelligence mission. We collect only those communications that we are authorized by law to collect for valid foreign intelligence and counterintelligence purposes – regardless of the technical means used by the targets.
“Because some data of US persons may at times be incidentally collected in NSA’s lawful foreign intelligence mission, privacy protections for US persons exist across the entire process concerning the use, handling, retention, and dissemination of data. In addition, NSA actively works to remove extraneous data, to include that of innocent foreign citizens, as early as possible in the process.
“Continuous and selective publication of specific techniques and tools lawfully used by NSA to pursue legitimate foreign intelligence targets is detrimental to the security of the United States and our allies – and places at risk those we are sworn to protect.”
The NSA declined to respond to a series of queries on how routinely capabilities against apps were deployed, or on the specific minimisation procedures used to prevent US citizens’ information being stored through such measures.
GCHQ declined to comment on any of its specific programs, but stressed all of its activities were proportional and complied with UK law.
“It is a longstanding policy that we do not comment on intelligence matters,” said a spokesman.
“Furthermore, all of GCHQ’s work is carried out in accordance with a strict legal and policy framework that ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee. All our operational processes rigorously support this position.”
• A separate disclosure on Wednesday, published by Glenn Greenwald and NBC News, gave examples of how GCHQ was making use of its cable-tapping capabilities to monitor YouTube and social media traffic in real-time.
GCHQ’s cable-tapping and internet buffering capabilities , codenamed Tempora, were disclosed by the Guardian in June, but the new documents published by NBC from a GCHQ presentation titled “Psychology: A New Kind of SIGDEV” set out a program codenamed Squeaky Dolphin which gave the British spies “broad real-time monitoring” of “YouTube Video Views”, “URLs ‘Liked’ on Facebook” and “Blogspot/Blogger Visits”.
A further slide noted that “passive” – a term for large-scale surveillance through cable intercepts – give the agency “scalability”.
The means of interception mean GCHQ and NSA could obtain data without any knowledge or co-operation from the technology companies. Spokespeople for the NSA and GCHQ told NBC all programs were carried out in accordance with US and UK law.
When a smartphone user opens Angry Birds, the popular game application, and starts slinging birds at chortling green pigs, spies may be lurking in the background to snatch data revealing the player’s location, age, sex and other personal information, according to secret British intelligence documents.
In their globe-spanning surveillance for terrorism suspects and other targets, the National Security Agency and its British counterpart have been trying to exploit a basic byproduct of modern telecommunications: With each new generation of mobile phone technology, ever greater amounts of personal data pour onto networks where spies can pick it up.
According to dozens of previously undisclosed classified documents, among the most valuable of those unintended intelligence tools are so-called leaky apps that spew everything from users’ smartphone identification codes to where they have been that day.
The N.S.A. and Britain’s Government Communications Headquarters were working together on how to collect and store data from dozens of smartphone apps by 2007, according to the documents, provided by Edward J. Snowden, the former N.S.A. contractor. Since then, the agencies have traded recipes for grabbing location and planning data when a target uses Google Maps, and for vacuuming up address books, buddy lists, phone logs and the geographic data embedded in photos when someone sends a post to the mobile versions of Facebook, Flickr, LinkedIn, Twitter and other services.
The eavesdroppers’ pursuit of mobile networks has been outlined in earlier reports, but the secret documents, shared by The New York Times, The Guardian and ProPublica, offer far more details of their ambitions for smartphones and the apps that run on them. The efforts were part of an initiative called “the mobile surge,” according to a 2011 British document, an analogy to the troop surges in Iraq and Afghanistan. One N.S.A. analyst’s enthusiasm was evident in the breathless title — “Golden Nugget!” — given to one slide for a top-secret 2010 talk describing iPhones and Android phones as rich resources, one document notes.
The scale and the specifics of the data haul are not clear. The documents show that the N.S.A. and the British agency routinely obtain information from certain apps, particularly some of those introduced earliest to cellphones. With some newer apps, including Angry Birds, the agencies have a similar capability, the documents show, but they do not make explicit whether the spies have put that into practice. Some personal data, developed in profiles by advertising companies, could be particularly sensitive: A secret 2012 British intelligence document says that spies can scrub smartphone apps that contain details like a user’s “political alignment” and sexual orientation.
President Obama announced new restrictions this month to better protect the privacy of ordinary Americans and foreigners from government surveillance, including limits on how the N.S.A. can view “metadata” of Americans’ phone calls — the routing information, time stamps and other data associated with calls. But he did not address the avalanche of information that the intelligence agencies get from leaky apps and other smartphone functions.
And while he expressed concern about advertising companies that collect information on people to send tailored ads to their mobile phones, he offered no hint that American spies routinely seize that data. Nothing in the secret reports indicates that the companies cooperate with the spy agencies to share the information; the topic is not addressed.
The agencies have long been intercepting earlier generations of cellphone traffic like text messages and metadata from nearly every segment of the mobile network — and, more recently, computer traffic running on Internet pipelines. Because those same networks carry the rush of data from leaky apps, the agencies have a ready-made way to collect and store this new resource. The documents do not address how many users might be affected, whether they include Americans, or how often, with so much information collected automatically, analysts would see personal data.
“N.S.A. does not profile everyday Americans as it carries out its foreign intelligence mission,” the agency said in a written response to questions about the program. “Because some data of U.S. persons may at times be incidentally collected in N.S.A.’s lawful foreign intelligence mission, privacy protections for U.S. persons exist across the entire process.” Similar protections, the agency said, are in place for “innocent foreign citizens.”
The British spy agency declined to comment on any specific program, but said all its activities complied with British law.
Two top-secret flow charts produced by the British agency in 2012 show incoming streams of information skimmed from smartphone traffic by the Americans and the British. The streams are divided into “traditional telephony” — metadata — and others marked “social apps,” “geo apps,” “http linking,” webmail, MMS and traffic associated with mobile ads, among others. (MMS refers to the mobile system for sending pictures and other multimedia, and http is the protocol for linking to websites.)
In charts showing how information flows from smartphones into the agency’s computers, analysts included questions to be answered by the data, including “Where was my target when they did this?” and “Where is my target going?”
As the program accelerated, the N.S.A. nearly quadrupled its budget in a single year, to $767 million in 2007 from $204 million, according to a top-secret Canadian analysis written around the same time.
Even sophisticated users are often unaware of how smartphones offer a unique opportunity for one-stop shopping for information about them. “By having these devices in our pockets and using them more and more,” said Philippe Langlois, who has studied the vulnerabilities of mobile phone networks and is the founder of the Paris-based company Priority One Security, “you’re somehow becoming a sensor for the world intelligence community.”
Smartphones almost seem to make things too easy. Functioning as phones — making calls and sending texts — and as computers — surfing the web and sending emails — they generate and also rely on data. One secret report shows that just by updating Android software, a user sent more than 500 lines of data about the phone’s history and use onto the network.
Such information helps mobile ad companies, for example, create detailed profiles of people based on how they use their mobile device, where they travel, what apps and websites they open, and other factors. Advertising firms might triangulate web shopping data and browsing history to guess whether someone is wealthy or has children, for example.
The N.S.A. and the British agency busily scoop up this data, mining it for new information and comparing it with their lists of intelligence targets.
One secret 2010 British document suggests that the agencies collect such a huge volume of “cookies” — the digital traces left on a mobile device or a computer when a target visits a website — that classified computers were having trouble storing it all.
“They are gathered in bulk, and are currently our single largest type of events,” the document says.
The two agencies displayed a particular interest in Google Maps, which is accurate to within a few yards or better in some locations. Intelligence agencies collect so much data from the app that “you’ll be able to clone Google’s database” of global searches for directions, according to a top-secret N.S.A. report from 2007.
“It effectively means that anyone using Google Maps on a smartphone is working in support of a G.C.H.Q. system,” a secret 2008 report by the British agency says.
(In December, The Washington Post, citing the Snowden documents, reported that the N.S.A. was using metadata to track cellphone locations outside the United States and was using ad cookies to connect Internet addresses with physical locations.)
In another example, a secret 20-page British report dated 2012 includes the computer code needed for plucking the profiles generated when Android users play Angry Birds. The app was created by Rovio Entertainment, of Finland, and has been downloaded more than a billion times, the company has said.
Rovio drew public criticism in 2012 when researchers claimed that the app was tracking users’ locations and gathering other data and passing it to mobile ad companies. In a statement on its website, Rovio says that it may collect its users’ personal data, but that it abides by some restrictions. For example, the statement says, “Rovio does not knowingly collect personal information from children under 13 years of age.”
The secret report noted that the profiles vary depending on which of the ad companies — which include Burstly and Google’s ad services, two of the largest online advertising businesses — compiles them. Most profiles contain a string of characters that identifies the phone, along with basic data on the user like age, sex and location. One profile notes whether the user is currently listening to music or making a call, and another has an entry for household income.
Google declined to comment for this article, and Burstly did not respond to multiple requests for comment. Saara Bergstrom, a Rovio spokeswoman, said that the company had no knowledge of the intelligence programs. “Nor do we have any involvement with the organizations you mentioned,” Ms. Bergstrom said, referring to the N.S.A. and the British spy agency.
Another ad company creates far more intrusive profiles that the agencies can retrieve, the report says. The apps that generate those profiles are not identified, but the company is named as Millennial Media, which has its headquarters in Baltimore.
In securities filings, Millennial documented how it began working with Rovio in 2011 to embed ad services in Angry Birds apps running on iPhones, Android phones and other devices.
According to the report, the Millennial profiles contain much of the same information as the others, but several categories listed as “optional,” including ethnicity, marital status and sexual orientation, suggest that much wider sweeps of personal data may take place.
Millennial Media declined to comment for this article.
Possible categories for marital status, the secret report says, include single, married, divorced, engaged and “swinger”; those for sexual orientation are straight, gay, bisexual and “not sure.” It is unclear whether the “not sure” category exists because so many phone apps are used by children, or because insufficient data may be available.
There is no explanation of precisely how the ad company defined the categories, whether users volunteered the information, or whether the company inferred it by other means. Nor is there any discussion of why all that information would be useful for marketing — or intelligence.
The agencies have had occasional success — at least by their own reckoning — when they start with something closer to a traditional investigative tip or lead. The spies say that tracking smartphone traffic helped break up a bomb plot by Al Qaeda in Germany in 2007, and the N.S.A. bragged that to crack the plot, it wove together mobile data with emails, log-ins and web traffic. Similarly, mining smartphone data helped lead to arrests of members of a drug cartel hit squad for the 2010 murder of an employee of an American Consulate in Mexico.
But the data, whose volume is soaring as mobile devices have begun to dominate the technological landscape, is a crushing amount of information for the spies to sift through. As smartphone data builds up in N.S.A. and British databases, the agencies sometimes seem a bit at a loss on what to do with it all, the documents show. A few isolated experiments provide hints as to how unwieldy it can be.
In 2009, the American and British spy agencies each undertook a brute-force analysis of a tiny sliver of their cellphone databases. Crunching just one month of N.S.A. cellphone data, a secret report said, required 120 computers and turned up 8,615,650 “actors” — apparently callers of interest. A similar run using three months of British data came up with 24,760,289 actors.
“Not necessarily straightforward,” the report said of the analysis. The agencies’ extensive computer operations had trouble sorting through the slice of data. Analysts were “dealing with immaturity,” the report said, encountering computer memory and processing problems. The report made no mention of anything suspicious in the enormous lumps of data.
The NSA has made extensive use of its text message database to extract information on people under no suspicion of illegal activity. Photograph: Dave Thompson/PA
The National Security Agency has collected almost 200 million text messages a day from across the globe, using them to extract data including location, contact networks and credit card details, according to top-secret documents.
The untargeted collection and storage of SMS messages – including their contacts – is revealed in a joint investigation between the Guardian and the UK’s Channel 4 News based on material provided by NSA whistleblower Edward Snowden.
The documents also reveal the UK spy agency GCHQ has made use of the NSA database to search the metadata of “untargeted and unwarranted” communications belonging to people in the UK.
The NSA program, codenamed Dishfire, collects “pretty much everything it can”, according to GCHQ documents, rather than merely storing the communications of existing surveillance targets.
The NSA has made extensive use of its vast text message database to extract information on people’s travel plans, contact books, financial transactions and more – including of individuals under no suspicion of illegal activity.
An agency presentation from 2011 – subtitled “SMS Text Messages: A Goldmine to Exploit” – reveals the program collected an average of 194 million text messages a day in April of that year. In addition to storing the messages themselves, a further program known as “Prefer” conducted automated analysis on the untargeted communications.
The Prefer program uses automated text messages such as missed call alerts or texts sent with international roaming charges to extract information, which the agency describes as “content derived metadata”, and explains that “such gems are not in current metadata stores and would enhance current analytics”.
On average, each day the NSA was able to extract:
• More than 5 million missed-call alerts, for use in contact-chaining analysis (working out someone’s social network from who they contact and when)
• Details of 1.6 million border crossings a day, from network roaming alerts
• More than 110,000 names, from electronic business cards, which also included the ability to extract and save images.
• Over 800,000 financial transactions, either through text-to-text payments or linking credit cards to phone users
The agency was also able to extract geolocation data from more than 76,000 text messages a day, including from “requests by people for route info” and “setting up meetings”. Other travel information was obtained from itinerary texts sent by travel companies, even including cancellations and delays to travel plans.
Communications from US phone numbers, the documents suggest, were removed (or “minimized”) from the database – but those of other countries, including the UK, were retained.
The revelation the NSA is collecting and extracting personal information from hundreds of millions of global text messages a day is likely to intensify international pressure on US president Barack Obama, who on Friday is set to give his response to the report of his NSA review panel.
While US attention has focused on whether the NSA’s controversial phone metadata program will be discontinued, the panel also suggested US spy agencies should pay more consideration to the privacy rights of foreigners, and reconsider spying efforts against allied heads of state and diplomats.
In a statement to the Guardian, a spokeswoman for the NSA said any implication that the agency’s collection was “arbitrary and unconstrained is false”. The agency’s capabilities were directed only against “valid foreign intelligence targets” and were subject to stringent legal safeguards, she said.
The ways in which the UK spy agency GCHQ has made use of the NSA Dishfire database also seems likely to raise questions on the scope of its powers.
While GCHQ is not allowed to search through the content of messages without a warrant – though the contents are stored rather than deleted or “minimized” from the database – the agency’s lawyers decided analysts were able to see who UK phone numbers had been texting, and search for them in the database.
The GCHQ memo sets out in clear terms what the agency’s access to Dishfire allows it to do, before handling how UK communications should be treated. The unique property of Dishfire, it states, is how much untargeted or unselected information it stores.
“In contrast to [most] GCHQ equivalents, DISHFIRE contains a large volume of unselected SMS traffic,” it states (emphasis original). “This makes it particularly useful for the development of new targets, since it is possible to examine the content of messages sent months or even years before the target was known to be of interest.”
It later explains in plain terms how useful this capability can be. Comparing Dishfire favourably to a GCHQ counterpart which only collects against phone numbers that have specifically been targeted, it states “Dishfire collects pretty much everything it can, so you can see SMS from a selector which is not targeted”.
The document also states the database allows for broad, bulk searches of keywords which could result in a high number of hits, rather than just narrow searches against particular phone numbers: “It is also possible to search against the content in bulk (e.g. for a name or home telephone number) if the target’s mobile phone number is not known.”
Analysts are warned to be careful when searching content for terms relating to UK citizens or people currently resident in the UK, as these searches could be successful but would not be legal without a warrant or similar targeting authority.
However, a note from GCHQ’s operational legalities team, dated May 2008, states agents can search Dishfire for “events” data relating to UK numbers – who is contacting who, and when.
“You may run a search of UK numbers in DISHFIRE in order to retrieve only events data,” the note states, before setting out how an analyst can prevent himself seeing the content of messages when he searches – by toggling a single setting on the search tool.
Once this is done, the document continues, “this will now enable you to run a search without displaying the content of the SMS, especially useful for untargeted and unwarranted UK numbers.”
A separate document gives a sense of how large-scale each Dishfire search can be, asking analysts to restrain their searches to no more than 1,800 phone numbers at a time.
The note warns analysts they must be careful to make sure they use the form’s toggle before searching, as otherwise the database will return the content of the UK messages – which would, without a warrant, cause the analyst to “unlawfully be seeing the content of the SMS”.
The note also adds that the NSA automatically removes all “US-related SMS” from the database, so it is not available for searching.
A GCHQ spokesman refused to comment on any particular matters, but said all its intelligence activities were in compliance with UK law and oversight.
But Vodafone, one of the world’s largest mobile phone companies with operations in 25 countries including Britain, greeted the latest revelations with shock.
“It’s the first we’ve heard about it and naturally we’re shocked and surprised,” the group’s privacy officer and head of legal for privacy, security and content standards told Channel 4 News.
“What you’re describing sounds concerning to us because the regime that we are required to comply with is very clear and we will only disclose information to governments where we are legally compelled to do so, won’t go beyond the law and comply with due process.
“But what you’re describing is something that sounds as if that’s been circumvented. And for us as a business this is anathema because our whole business is founded on protecting privacy as a fundamental imperative.
He said the company would be challenging the UK government over this. “From our perspective, the law is there to protect our customers and it doesn’t sound as if that is what is necessarily happening.”
The NSA’s access to, and storage of, the content of communications of UK citizens may also be contentious in the light of earlier Guardian revelations that the agency was drafting policies to facilitate spying on the citizens of its allies, including the UK and Australia, which would – if enacted – enable the agency to search its databases for UK citizens without informing GCHQ or UK politicians.
The documents seen by the Guardian were from an internal Wikipedia-style guide to the NSA program provided for GCHQ analysts, and noted the Dishfire program was “operational” at the time the site was accessed, in 2012.
The documents do not, however, state whether any rules were subsequently changed, or give estimates of how many UK text messages are collected or stored in the Dishfire system, or from where they are being intercepted.
In the statement, the NSA spokeswoman said: “As we have previously stated, the implication that NSA’s collection is arbitrary and unconstrained is false,” she said. “NSA’s activities are focused and specifically deployed against – and only against – valid foreign intelligence targets in response to intelligence requirements.
“Dishfire is a system that processes and stores lawfully collected SMS data. Because some SMS data of US persons may at times be incidentally collected in NSA’s lawful foreign intelligence mission, privacy protections for US persons exist across the entire process concerning the use, handling, retention, and dissemination of SMS data in Dishfire.
“In addition, NSA actively works to remove extraneous data, to include that of innocent foreign citizens, as early as possible in the process.”
The agency draws a distinction between the bulk collection of communications and the use of that data to monitor or find specific targets.
A spokesman for GCHQ refused to respond to any specific queries regarding Dishfire, but said the agency complied with UK law and regulators.
“It is a longstanding policy that we do not comment on intelligence matters,” he said. “Furthermore, all of GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee.”
GCHQ also directed the Guardian towards a statement made to the House of Commons in June 2013 by foreign secretary William Hague, in response to revelations of the agency’s use of the Prism program.
“Any data obtained by us from the US involving UK nationals is subject to proper UK statutory controls and safeguards, including the relevant sections of the Intelligence Services Act, the Human Rights Act and the Regulation of Investigatory Powers Act,” Hague told MPs.
US President Barack Obama during his his year-end news conference in the White House briefing room in Washington
by Matthew Rusling
WASHINGTON, Dec. 26 (Xinhua) — While the United States has always touted itself as a “beacon of democracy,” critics this year have blasted Washington for its massive domestic and global spying program, accusing President Barack Obama’s administration of hypocrisy.
The story began earlier this year, when it was revealed that the U.S. Justice Department was snooping on the Associated Press (AP), obtaining months worth of phone records for 20 separate phone lines in what AP CEO Gary Pruitt called “unconstitutional.”
Soon after, more news was uncovered, including reports that the government collected phone records of Fox News reporter James Rosen and seized his personal emails.
Then came the biggest story of all, when Edward Snowden revealed a massive National Security Agency (NSA) program that allows analysts to sift through databases that contain emails from millions of Americans, according to documents made public by Snowden. Snowden also uncovered a secret program whereby the government has collected millions of phone records of Verizon customers.
The news grabbed headlines worldwide, and was followed by reports of the U.S. spying on its allies, including accusations of tapping the private cell phone of German Chancellor Angela Merkel, which the White House denied.
Later it was discovered the United States was spying on countries including Indonesia and Israel, and that Australia allowed the NSA to operate from its embassies in Thailand, China, East Timor and Vietnam.
Japanese media reported in October that the NSA in 2011 asked Tokyo to assist in gaining access to fiber optic cables that relayed communications from China.
LOSS OF U.S. CREDIBILITY
“The National Security Agency’s profligate spying has certainly hurt U.S. credibility, in a number of ways,” Jim Harper, director of Information Policy Studies at the Cato Institute, told Xinhua.
While spying has always occurred between nations, the United States has been berated for spying on some of its closest allies.
“Spying on the personal communications of allied leaders…conveys a suspicious attitude toward world leaders who the U.S. publicly treats as friends. While its leaders have touted threats to cyber security from abroad, the NSA has been one of the most active attackers of computer systems around the world,” Harper said.
He added that the NSA’s domestic spying programs have undermined U.S. claims of respect for individual rights.
“If it is to be a beacon of freedom, the United States government should actually conduct itself as a country that respects rights and that obeys its own laws,” he said.
Harper said the NSA’s spying operations have undermined trust in U.S. technology companies. That will cost U.S. businesses billions of U.S. dollars and shrink global trade in high-tech services that would have benefited people worldwide, he said.
The Information Technology & Innovation Foundation estimated that U.S. companies could lose up to 35 billion dollars due to U.S. spying activities, on doubts that companies can protect the security of information on their systems, reported Bloomberg.
Still, others said it remains unknown whether there will be any real consequences. While many countries have upbraided Washington for its spying activities, the fact is that most countries want to do business with the world’s largest economy and want access to its markets. Countries also still want and need to cooperate on security issues with the U.S. military, some experts said.
“I think it’s damaged the U.S. in terms of world opinion, but I don’t know that it’s damaged it with respect to doing business and defense (cooperation) with other nations,” Republican Strategist Ford O’ Connell told Xinhua.
Meanwhile, the United States continues to deal with the political fallout from its global spy program.
Israeli officials Sunday called for an end to U.S. spying on Israel, Washington’s closest Middle East ally, after it was revealed that the NSA gained access to emails from Israeli leadership.
The demands came on the heels of the release of documents that Snowden leaked and published last week by the media, which revealed that British intelligence worked alongside the NSA between 2008 and 2011 to gain access to email addresses of the offices of former Israeli Defense Minister Ehud Barak and former Prime Minister Ehud Olmert.
As for whether Obama knew U.S. intelligence agencies were monitoring U.S. allies, the NSA denied that the president had any knowledge.
However, Foreign Policy magazine argued in a recent article that it would be impossible for Obama not to know about the NSA’s snooping on allies, although he might not have been aware of the details.
President Barack Obama turned heads just days before Christmas when he announced that he is “seriously” considering following the recommendations set forth by an advisory panel, which he appointed, that suggested a major overhaul to the NSA’s wholesale collection of telephone metadata.
The Obama administration has been under intense scrutiny over revelations, contained in documents leaked by NSA whistleblower Edward Snowden, regarding the depth and breadth of the agency’s collection of telephone and other data. In a move to quell the uproar, Obama appointed a committee to review the matter. Among other things, it issued a host of recommendations that include major revisions to the phone-snooping program.
But a WIRED examination of a key suggestion from the “President’s Review Group on Intelligence and Communications Technologies” finds those revisions will do little to improve the protection of American’s calling history. In fact, it may well make the data more vulnerable to government inspection by potentially mandating that Americans’ phone call records be stored for longer periods of time than many telecoms currently archive them. And there likely would be few, if any, legal barriers to law enforcement officials, from the FBI to your local police department, to clear before obtaining that data.
As it stands, the telecommunication companies have, since at least 2006, funneled all phone call metadata to the NSA under secret orders from the Foreign Intelligence Surveillance Court. (Metadata includes an account holder’s records of calls received and made, any calling card numbers used in a call, the time and duration of the call and other information.) This hoovering does not require probable cause warrants that outline how and why authorities believe anyone associated with the data has committed a crime. No laws govern how the NSA may access the data — believed to hold some 1 trillion records — though the spy agency maintains it has settled on a so-called standard of “reasonable articulable suspicion” in hopes of finding the terrorist needle in a haystack.
While the NSA argues collecting and reviewing this data is vital to national security, Obama concedes more must be done to ensure some measure of privacy.
“The question we’re going to have to ask, can we accomplish the same goals this program is intended to accomplish in ways that give the public more confidence that the NSA is doing what it is supposed to be doing?” Obama said Dec. 20 before heading to Hawaii for a 17-day vacation.
Under the presidential panel’s recommendation, the telcos or an unnamed third party would store the metadata instead of the government having direct access to it. The proposal allows the government to continue querying the data, which the NSA currently holds for five years. A newly proposed legal standard would require “reasonable grounds” to believe the information sought is relevant to an investigation intended to protect “against international terrorism or clandestine intelligence activities.” The FISA court would have to approve every request.
According to the panel, which includes former U.S. counter-terrorism czar Richard A. Clarke:
In our view, the current storage by the government of bulk metadata creates potential risks to public trust, personal privacy, and civil liberty. We recognize that the government might need access to such metadata, which should be held instead either by private providers or by a private third party. This approach would allow the government access to the relevant information when such access is justified, and thus protect national security without unnecessarily threatening privacy and liberty. (.pdf)
In reality, however, “privacy and liberty” remain threatened.
Notwithstanding that the FISA Court is for all intents an NSA rubberstamp that has allowed the metadata program to run in secret for seven years, the review group’s proposal could grant law enforcement at any level a far larger trove of phone metadata to access. What’s more, they would not need probable cause warrants to target anyone’s phone metadata.
Right now, the phone companies store phone metadata for varying times. Verizon and U.S Cellular store it for about a year; Sprint for 18 months. At the other end of the spectrum, T-Mobile maintains it for seven to 10 years, and AT&T for five, according to a congressional inquiry. While Obama’s review group’s recommendation was short on details, everybody familiar with the plan agrees it would require telcos to store metadata for some minimum amount of time, presumably for longer than many of them already do. That means the authorities would have access to this data for far longer than they otherwise might.
According to the congressional inquiry led by Sen. Edward Markey (D-Massachusetts), eight carriers reported receiving more than 1 million requests for personal mobile phone data by law enforcement in 2013, and they and racked up millions of dollars in processing fees along the way. Not all of those requests were for phone metadata, however. There were requests for cell-site location data, web browsing habits, text message content, and voicemail, among other things. The telecoms did not break down the number of requests they received for each category.
To be sure, phone companies regularly provide law enforcement with customer calling history, usually under a subpoena. Such documentation, signed by a law enforcement agent, promises the data is relevant to an ongoing investigation. That standard is based on a 1979 Supreme Court precedent, which upheld the conviction of a Baltimore purse snatcher who unsuccessfully challenged the local phone company’s decision to release his call records to the police even though the authorities did not have a probable-cause warrant. The records showed that the defendant, Michael Smith, had been calling his victim after he mugged her. (A more detailed look at that precedent can be found here.)
To give Americans a modicum of privacy, Congress must quarantine away from law enforcement officials the data the telcos would be compelled to store and only grant access to the NSA upon approval of the Foreign Intelligence Surveillance Court’s approval. The NSA said it queried its vast database just 300 times last year.
“If there is this retention, you would need to make sure there are no loopholes that would undermine the entire purpose of the change,” said Brett Kaufman, a National Security Project fellow with the American Civil Liberties Union.
Iran claims to have captured a British “spy” in a move that has threatened to cause a diplomatic crisis.
Officials in the country said a businessman in his fifties had been detained on suspicion of gathering intelligence “in all spheres” for the British security services.
They claimed he had confessed to meeting MI6 agents inside and outside Iran on 11 occasions.
Iran’s decision to publicise the arrest comes at a critical stage of diplomacy between the two countries, which broke off all official contact after the attack on the British embassy in Tehran two years ago.
Experts have said that the arrest and its announcement may have been driven by hardliners who oppose a deal to prevent Iran gaining nuclear weapons.
IRNA, Iran’s state news agency, reported that security forces had arrested an alleged spy working for the British Government in Kerman, a south-eastern province. The nationality of the arrested man, who is alleged to have “confessed” to espionage, has not been disclosed. There was no suggestion he is a British national. Spying in Iran carries the death penalty.
A Foreign Office spokesman said she would not comment on intelligence matters. Government sources said that the tactic of arresting local people on false charges of being British spies was something that happened “every few months” but that they were usually not publicised by the regime.
It was feared that the arrest could signal a determination among Iranian hardliners to unseat negotiations with the West, including last month’s agreement on the country’s nuclear programme. The “spying” charge could compromise diplomatic achievements, although Whitehall is understood to be treating the development with caution.
The nuclear deal led to the first formal contact between the United States and Tehran since they severed diplomatic ties over the 1979 hostage crisis, and was viewed as a crucial step towards avoiding a crisis in the Middle East.
Tehran is known to have used trumped-up spying allegations in the past to resolve internal disagreements. Dadkhoda Salari, the head of Kerman revolutionary court, said the alleged spy was a man with “business activities” who established a link with the British embassy in Tehran before its closure.
“The accused has had 11 face-to-face meetings with British intelligence officers, both inside and outside the country, and in every single meeting has passed to his MI6 contacts the specific information that they had asked him to collect,” said Mr Salari.
An Iranian news agency used this picture to illustrate the capture of the spy
“At the same time he has received certain instructions that would have enabled him to act against the interests of the Islamic Republic of Iran.
“He had been in touch with four intelligence officers and after receiving their instructions and training he has transferred their specific requested information to the country of their origin.
“This spy has been captured after many months of complicated intelligence operations and with the help of the almighty God.”
Mr Salari added that the man’s trial was already taking place and that he had “confessed” to all charges. The judicial spokesman said the accused had academic qualifications and spoke fluent English, and claimed he had collected intelligence “in all spheres” for Britain.
Tasnim news, an Iranian news website, claimed one of the man’s alleged meetings with British intelligence took place in London.
The announcement came a day after Hassan Habibollah-Zadeh, Iran’s new envoy to Britain, made his first visit to London. Mr Habibollah-Zadeh said that negotiations were under way to “resolve the existing issues”, so full ties could be restored. It is unclear what effect, if any, the arrest of the alleged spy would have in those negotiations.
Prof Ali Ansari, the director of the Institute for Iranian Studies at the University of St Andrews and a senior associate fellow of the Royal United Services Institute, said: “This probably has more to do with some of the more hawkish and hardline elements within the revolutionary establishment trying to put a spanner in the works of the rapprochement negotiations.
“The Iranian regime has done a fantastic PR job over the last couple of months selling the country as being ‘open for business’. But this news sours that, and suggests the old Iran is alive and well.”
He added: “Kerman is in the middle of nowhere, there’s no nuclear facilities there and all they do is grow pistachios. So what this man could be accused of doing there is a little strange.”
Britain shut its Tehran embassy after it was damaged in November 2011 by students protesting against Western sanctions.
In another high-profile incident, in 2007, Iran seized 15 personnel from HMS Cornwall who were on anti-drug smuggling operations in the Gulf, and held them for 13 days. Their detention gave Mahmoud Ahmadinejad, the then Iranian president, a public relations coup.
Ultimately, Iranian distrust of Britain stems from MI6’s involvement in the overthrow of the country’s first democratically-elected prime minister in 1953
Sir Robert John Sawers, chief of Britain’s Secret Intelligence Service (MI6) Photo: EPA
Ever since British adventurers – be they soldiers, diplomats, travellers or spies – became a regular fixture at the heart of the Persian court in the early 19th century, it would be something of an understatement to say that the two countries have regarded each other with a healthy dose of mutual suspicion.
We will probably never know the precise details of what transpired between the businessman who has been arrested and charged with spying for Britain and the intelligence officers he is said to have had regular meetings in Iran and London. Our Secret Intelligence Service, or MI6, takes great pride in never disclosing the names of its agents, nor the murkier side of its duplicitous operations. To this day we still do not know the full facts about MI6’s ignominious involvement in the WMD scandal that has overshadowed Britain’s involvement in overthrowing Saddam Hussein in Iraq 10 years ago.
These days it is the activities taking place on the other side of the Shatt al-Arab river in Iran that is the main preoccupation of our spymasters, particularly as Sir John Sawers, the current ‘C’ as the head of MI6 is known, is an Iran specialist who, in a previous job as the political director at the Foreign Office, led the negotiations on Iran’s controversial nuclear programme.
Whether or not Iran is actively working on developing an atom bomb is one of the biggest intelligence challenges of the modern age. And while the ayatollahs have consistently denied being up to no good, MI6 agents have provided vital material to the contrary, with the revelation that Iran had built a secret underground uranium enrichment facility under an impregnable mountain in the city of Qom constituting one the Service’smore spectacular intelligence coups of recent years.
Analysing how many centrifuges Iran is operating to enrich uranium, and to what level, is a far cry from Britain’s early espionage activities in the 1820s when, like so much of our effort during the Great Game, Britain’s involvement was aimed at ensuring that Persia, as it has been known since ancient times, did not pose a threat to Britain’s interest in India, nor allowed itself to become allied to those countries – most notably Russia – that frequently cast jealous glances at the jewel in Britain’s imperial crown.
Thus Brtain’s first direct involvement in Iranian affairs during the modern era can be traced back to 1813 and the Treaty of Gulistan, under which Persia was forced to concede territory to Russia. The treaty was put together by British diplomat Sir Gore Ouseley and is regarded in Iran as a humiliation.
It was by this treaty that the myth – or reality – of the devious British was established.
Britain was also instrumental in setting Iran’s borders with India in the 1860s.
Then in the 1920s, British forces in Iran under General Edmund Ironside (later British land forces commander in the Second World War after Dunkirk) helped put Reza Shah on the Peacock throne. His son was Mohammed Reza Pahlavi, the Shah overthrown in the Islamic revolution of 1979.
But the event that ultimately decided the fractious nature of Anglo-Iranian relations, which has lasted until the modern day, was the direct involvement of British intelligence in the overthrow of Mohammed Mossadeq, the country’s first democratically-elected prime minister, in 1953. As in the early 19th century, the primary motivation for Britain’s supposedly clandestine intervention in Iran’s internal affairs was to prevent Tehran from falling under Russian influence, especially as this was the height of the Cold War and the restless Soviets were forever looking for new territories to dominate.
Though the operation achieved its goal, it laid the foundations for decades of Iranian mistrust, particularly as British intelligence officers continued to maintain close links with SAVAK, the brutal intelligence service operated by the Shah, whose survival in office owed much to the backing of his British and American backers.
The fact that scores of former SAVAK officers found their way into the new Iranian intelligence service created by the ayatollahs following the 1979 Iranian revolution, meant that the new regime founded by Ayatollah Ruhollah Khomeini was left in no doubt about the perfidious activities of the British.
Hence, while the ayatollahs have demonised the US as the Great Satan for its refusal to accept the uncompromising tenets of the Iranian revolution, Britain – along with Israel – is regarded as Little Satan because of its slavish support for American policy, as well as its long history of meddling in Iranian affairs.
Not surprisingly this has often resulted in a tense stand-off between London and Tehran, with the spacious compound at the British Embassy – where Churchill famously convened with Roosevelt and Stalin to carve out the post-war division of Europe – being the constant target of pro-regime protests, and a succession of British ambassadors being subjected to attack – including, during the 1980s, the actual use of physical violence.
Suspicions about the motives of British citizens working both in Iran and the wider region have never been far from the consciousness of Iranian intelligence chiefs, who work closely with Iran’s Revolutionary Guards, the defenders of Iran’s Islamic revolutionary principles. In recent decades several British businessmen have been arrested on trumped up spying charges, while one of the main reasons why Lebanon’s Iranian-backed Hizbollah militia kidnapped Terry Waite, the Archbishop of Canterbury’s special envoy, was the suspicion that he was working on behalf of the Reagan administration.
With the Revolutionary Guards now voicing their displeasure with the recent deal negotiated by Hassan Rouhani, the country’s recently-elected president, it was perhaps inevitable that Iran’s intelligence chiefs, who are paranoid at the best of times, should embark on a fresh witch-hunt to root out any potential American and British spies.
The only problem for those unfortunate to get caught up in the latest round of anti-Western xenophobia is that, given the Revolutionary Guards’s current mood of hostility, they can expect to be shown little mercy.
* Con Coughlin’s new book Churchill’s First War is published by Macmillan
Intelligence: The leaks of thousands of GCHQ files by CIA spy Edward Snowden have caused “enormous damage” and handed terrorists the “gift” to attack the UK “at will”, a “guidebook for terrorists” — the new head of MI5 has warned.
Andrew Parker, the director general of MI5 Photo: MI5/PA
Leaks from Snowden are known to contain at least 58,000 GCHQ files and it is feared there could be many more.
It also unclear whether foreign states have had access to the documents and it is understood the Guardian continued to expose the information despite pleas from the Government not to reveal intelligence techniques.
It is believed to be the worst leak of British intelligence files and to have caused the greatest damage.
In his first speech since becoming head of MI5 in April, Mr Parker did not specifically name Snowden or the Guardian.
But he said: “It causes enormous damage to make public the reach and limits of GCHQ techniques.
“Such information hands the advantage to the terrorists. It is the gift they need to evade us and strike at will.
“Unfashionable as it might seem, that is why we must keep secrets secret, and why not doing so causes such harm.”
He said the details of what capabilities the spy agencies have is their “margin of advantage” over the fanatics.
“That margin gives us the prospect of being able to detect their plots and stop them. But that margin is under attack,” he said.
He said reports from GCHQ were “vital to the safety of this country and its citizens”, adding: “We are facing an international threat and GCHQ provides many of the intelligence leads upon which we rely.”
Mr Parker said the UK is already facing its most complicated and unpredictable terror threat and that it was “getting harder” for his agents to protect against the diverse dangers.
With the spread of an al-Qaeda threat to more and more countries, the continue danger of Irish terrorism, the emergence of the lone wolf fanatic and advances in technology and cyber warfare, MI5 is now “tackling threats on more fronts than ever before”, he said.
In the speech to the Royal United Services Institute in London, Mr Parker said: “Our task is getting harder. The threats are more diverse and diffuse.
“And we face increasing challenges caused by the speed of technological change.”
And he warned: “It remains the case that there are several thousand Islamist extremists here who see the British people as a legitimate target.”
Among those are Britons, numbering in the low hundreds sources say, who have travelled to Syria, which is now a hotbed of extremism and terror groups, and since returned home.
The spy chief said: “For the future, there is good reason to be concerned about Syria.
“A growing proportion of our casework now has some link to Syria, mostly concerning individuals from the UK who have travelled to fight there or who aspire to do so.”
While the threat of a large scale terror outrage may have diminished it has not been removed, he said, while there is a growing risk of smaller attacks or individuals acting on their own.
Since 2011, a total of 330 people have been convicted of terrorism-related offences in Britain.
There is also the threat to Britons around the world, such as the attack on the In Amenas gas facility in Algeria and the recent Westgate shopping centre outrage in Nairobi, Kenya.
“Overall, I do not believe the terrorist threat is worse now than before. But it is
more diffuse. More complicated. More unpredictable,” he said.
There have been one or two major terror plots in the UK every year since 2000 and that pattern is “unlikely to change”.
And it was impossible to protect the public 100 per cent, he said, adding “life is not the movies”.
He said, because of its nature and terrible consequences, there was an expectation that there should be “zero” attacks but no crime can have such a target.
In a clear defence of any potential intelligence failings by MI5, Mr Parker also stressed there was a difference between “knowing of someone and knowing everything about them”.
“The idea that we either can or would want to operate intensive scrutiny of
thousands is fanciful,” he said,
“This is not East Germany, or North Korea. And thank goodness it’s not.”
He also made a defence for extended powers to monitor modern communications, the subject of recent controversy, saying “we cannot work without tools”.
He said the idea that the agencies would use such powers to monitor everyone’s private lives was “utter nonsense”.
Explaining why he made a public speech, he said it was important for spies to occasionally step out of the shadows to explain to the public the threats they face.
Henry Porter, a columnist at the Observer, the Guardian’s sister newspaper, said Sir Andrew was “wrong” to suggest leaks have put lives at risk.
He said that he has lost confidence in the Intelligence and Security Committee, the body of MPs and peers which oversees the security services.
Mr Porter said: “He’s wrong [to say The Guardian put security at risk]. The people who released and let go of these documents were the NSA in America. That’s where these leaks took place.
“What we have done is shown how much surveillance we are under.We don’t have sufficient oversight. I don’t have that confidence because of the behaviour of the intelligence and security committee over the last few months, which has steadily come out in favour of the intelligence services.”
Snowden, 30, was a CIA analyst based in the US National Security Agency, who provoked one of the biggest intelligence leaks in American history.
He used his position to access and steal thousands of classified documents on US and related British spy programmes.
The leaks were revealed in a series of articles in the Guardian newspaper in June.
He fled the US and is currently being sheltered in Russia.
The spy chief: MI5 director-general Andrew Parker has blasted the Guardian’s publication of Britain’s espionage capabilities
A massive cache of stolen top-secret documents published in The Guardian has handed a ‘gift’ to terrorists, the head of MI5 warned last night.
In a blistering attack, Andrew Parker said the publication of confidential files leaked by US fugitive Edward Snowden had caused huge ‘harm’ to the capability of Britain’s intelligence services.
Security officials say the exposé amounts to a ‘guide book’, advising terrorists on the best way to avoid detection when plotting an atrocity.
In Whitehall, it is considered to have caused the greatest damage to the Western security apparatus in history. In his first public speech since taking the job earlier this year, Mr Parker said the leaks handed the ‘advantage’ to terrorists and were a ‘gift they need to evade us and strike at will’.
He said there were several thousand Islamist extremists living in the UK who ‘see the British people as a legitimate target’.
The security services were working round the clock to stop the fanatics, but MI5 was now ‘tackling threats on more fronts than ever before’.
Snowden, a former contractor for the National Security Agency, fled the US in May with thousands of classified documents about the NSA and GCHQ, which he gave to The Guardian.
The newspaper has since published tens of thousands of words on the secret techniques used by GCHQ to monitor emails, phone records and communications on the internet.
The first Guardian revelations came in early June, when it detailed how the NSA – which supplies intelligence to GCHQ, the organisation which gathers intelligence for MI5 and MI6 – had ‘direct access’ to the computer systems of AOL, Apple, Facebook, Google, Microsoft, Paltalk, Skype, Yahoo and YouTube.
The newspaper also revealed how GCHQ has access to a network of cables carrying international phone calls and internet traffic and is processing vast amounts of ‘personal information’.
By the time his identity as the source of the leaks emerged, Snowden had fled his home in Hawaii for Hong Kong. After a week in hiding, he travelled to Moscow, where he remains out of the reach of US authorities.
The editor and the leaker: The Guardian’s Alan Rusbridger and former NSA employee Edward Snowden
In August, police detained David Miranda, the partner of Guardian journalist Glenn Greenwald, for nine hours at Heathrow airport. Mr Miranda had been carrying intelligence files leaked by Snowden.
At the time it emerged David Cameron had authorised the destruction of computers at The Guardian offices. Security concerns were so acute that Mr Cameron sent Cabinet Secretary Sir Jeremy Heywood to demand that Guardian editor Alan Rusbridger destroy the files after warning they could fall into the hands of terrorists.
Members of GCHQ supervised the smashing of laptops and hard drives at the newspaper’s offices.
Mr Parker said: ‘What we know about the terrorists, and the detail of the capabilities we use against them, together represent our margin of advantage. That margin gives us the prospect of being able to detect their plots and stop them.
.GCHQ Headquarters. Thousands of classified documents about the NSA and GCHQ were published by The Guardian
.MI5 Headquarters in London. The leak was described as the greatest damage to Western security apparatus in history
‘But that margin is under attack. Reporting from GCHQ is vital to the safety of this country and its citizens.
‘GCHQ intelligence has played a vital role in stopping many of the terrorist plots that MI5 and the police have tackled in the past decade.
‘It causes enormous damage to make public the reach and limits of GCHQ techniques. Such information hands the advantage to the terrorists.
‘It is the gift they need to evade us and strike at will. Unfashionable as it might seem, that is why we must keep secrets secret, and why not doing so causes such harm.’
In a wide-ranging speech to the Royal United Services Institute think-tank, Mr Parker said the task of MI5 was ‘getting harder’. He pointed to the danger posed by British nationals returning from fighting in Syria.
.In August, police detained David Miranda, the partner of Guardian journalist Glenn Greenwald, for nine hours at Heathrow airport. Mr Miranda had been carrying intelligence files leaked by Snowden
.The spy chief said there is a ‘growing proportion of groups and individuals taking it upon themselves to commit acts of terrorism’. Pictured is the 7/7 London bombings, which killed 52 civilians
Mr Parker said: ‘The ability of Al Qaeda to launch the centrally directed large-scale attacks of the last decade has been degraded, though not removed.
‘We have seen the threat shift more to increasing numbers of smaller-scale attacks and a growing proportion of groups and individuals taking it upon themselves to commit acts of terrorism.
‘It remains the case that there are several thousand Islamist extremists here who see the British people as a legitimate target. Overall, I do not believe the terrorist threat is worse now than before. But it is more diffuse. More complicated. More unpredictable.’
Mr Parker also warned that, in some quarters, there could be an ‘alarming degree of complacency’ that MI5 and the police could foil all attacks.
He said: ‘Terrorism, because of its nature and consequences, is the one area of crime where the expectation sometimes seems to be that the stats should be zero. Zero. Imagine applying the same target to murder in general, or major drugs trafficking. That is the stuff of “pre-crime” in the Tom Cruise movie, Minority Report.’
MI5 has attracted criticism for failing to stop individuals – including two of the July 7 bombers – who were on its radar.
But Mr Parker, who replaced Jonathan Evans as director-general of the Security Service earlier this year, said: ‘With greater resources since 7/7 we have worked very hard to identify as many as possible of the people in the country who are active in some way in support of terrorism.
‘The idea that we either can or would want to operate intensive scrutiny of thousands is fanciful. This is not East Germany, or North Korea. Knowing of an individual does not equate to knowing everything about them.’
He also made the case for more powers to monitor emails and the internet. Mr Parker said: ‘Shifts in technology can erode our capabilities.
There are choices to be made, including, for example, about how and whether communications data is retained. It is not, however, an option to disregard such shifts with an unspoken assumption that somehow security will anyway be sustained. It will not. We cannot work without tools.’
A Guardian News & Media spokesman said: ‘A huge number of people – from President Obama to the US Director of National Intelligence, James Clapper have now conceded that the Snowden revelations have prompted a debate which was both necessary and overdue.
‘The President has even set up a review panel and there have been vigorous discussions in the US Congress and throughout Europe. Such a debate is only worthwhile if it is informed. That is what journalism should do.’
Laid bare, how spies fight to protect Britain from attack
Edward Snowden became one of the world’s most wanted men in early June when he broke cover as the agent who leaked top-secret documents from the US National Security Agency.
His initial revelations detailed how the NSA harvested private information from the computer systems of companies including Apple, Facebook, Google, Microsoft, Skype and YouTube using a secret US surveillance programme called Prism.
The Guardian then claimed the NSA supplied intelligence to GCHQ – accusing agents at the UK’s listening post of attempting to bypass UK law.
The British spy agency compiled 197 intelligence dossiers from the system in a single year, sidestepping the need to obtain a court order.
On June 18, the newspaper claimed UK intelligence agents hacked into the communications of politicians and senior officials from Turkey, South Africa and Russia during the G20 summit in London in 2009 – prompting a furious backlash ahead of the G8 meeting in Moscow.
Snowden also revealed how GCHQ was able to hoover up vast amounts of personal information, including websites visited, emails sent and received, text messages, calls and passwords, using a state-of-the-art programme called Tempora.
The surveillance operation centres on using probes to access a network of fibre-optic cables coming into and out of the country. Telecoms firms allegedly involved in Tempora include BT, Verizon and Vodafone Cable.
The Guardian then revealed that the NSA was providing millions of pounds of funding each year to GCHQ to allow it to trawl for personal data. One document leaked by Snowden and dating from 2010 suggested GCHQ must ‘pull its weight’ to meet the NSA’s ‘minimum expectations’.
Snowden also made the highly damaging revelation that the US government had hacked computers in mainland China and Hong Kong for years – threatening to consign relations between the super-powers to the deep freeze.
US intelligence chiefs responded to the leaks with fury. NSA director Keith Alexander told the US Senate the top-secret surveillance programmes had disrupted at least 50 terror plots.
The Washington Post reported the NSA had acted illegally on ‘thousands’ of occasions over the harvesting of personal data, and Foreign Secretary William Hague was forced to the Commons to insist any suggestion the British intelligence agencies had colluded with the NSA to act outside the law was ‘fantastical’.