ITsecurity
twitter facebook rss

Yes, GCHQ really does collect the content of British communications

Posted by on June 17, 2014.

You have to wonder why Cameron tried to force through the Communications Data Bill (you may remember, that was the one called the ‘Snoopers’ Charter’) when the Snowden files revealed that GCHQ was already doing pretty much everything the new law would allow them – that is, snooping on everyone in the UK (that’s you and me, bro).

In reality, we Brits tended not to believe Snowden (who had actually claimed that GCHQ is worse than the NSA). We didn’t believe his files because our politicians, one and all, continuously and continually asserted that GCHQ operates strictly within UK law. And we would prefer to believe that our politicians are not bald-faced liars. Since the Communications Data Bill never became law, doing what the Communications Data Bill would have allowed (ie, continuous snooping on all Brits) couldn’t possibly be lawful – and since we are told that GCHQ only operates within the law, they couldn’t possibly be doing what the Snowden files assert.

Think again. It turns out that British spy masters are every much as good as the NSA spy masters in redefining reality in their own image to allow black to be called white without lying.

We now know the real truth thanks to a legal challenge brought by Privacy International, Liberty, Amnesty International, the American Civil Liberties Union, Pakistani organisation Bytes for All, and five other national civil liberties organisations. It comes from the Witness Statement of Charles Blandford Farr who is the Director of the Office for Security and Counter-Terrorism (OSCT) at the UK’s Home Office. He is the continuous thread from John Reid’s New Labour Home Office to Theresa May’s caring Conservative Home Office, the probable chief architect of the Communications Data Bill, and the reason that there is no discernible difference between Blair, Brown and Cameron.

[OSCT, if not downright secretive, is certainly publicity shy. There used to be a page on the Home Office site, but it seems to have disappeared — not before, however, it was captured by the Way Back Machine and can now be found at: https://web.archive.org/web/ 20071022054409/ http://security.homeoffice. gov.uk/ about-us/ about-the-directorate/?version=1.]

Farr’s witness statement spends almost 50 pages attempting to say nothing. He explains why government policy is to neither confirm nor deny anything. Thus he accepts the existence of Prism and US ‘upstream collection’ because the NSA has admitted them; and he accepts that David Miranda was carrying many thousands of Snowden files because it is a matter of record; but will neither confirm nor deny the veracity of any Snowden files concerning GCHQ.

This is the fascinating and worrying aspect of his statement: he confirms nothing but implies much. In fact, in paragraph 139 (reproduced below) he pretty much describes the Snowden files’ Tempora programme without ever admitting it exists:

Paragraph 139 of Charles Farr's Witness Statement

Paragraph 139 of Charles Farr’s Witness Statement

Note how communicating with Google, Twitter, Facebook et al are defined as ‘external communications’ (even if the actual communication involves no foreign person) simply because the servers are located abroad.

Privacy International explains:

The distinction between ‘internal’ and ‘external’ communications is crucial. Under the Regulation of Investigatory Powers Act (‘RIPA’), which regulates the surveillance powers of public bodies, ‘internal’ communications may only be intercepted under a warrant which relates to a specific individual or address. These warrants should only be granted where there is some suspicion of unlawful activity. However, an individual’s ‘external communications’ may be intercepted indiscriminately, even where there are no grounds to suspect any wrongdoing.

Farr also points out that the law accepts that a certain amount of non-interceptable material (ie, UK to UK communications) might get caught up in this now enlarged mass of legally interceptable communications — collateral damage you might say. By this time he has already described a close and data sharing relationship with the NSA — so it is perfectly clear that this is mass surveillance of UK communications shared with the NSA. That is, this is Tempora almost exactly as the Snowden files describe it.

Farr goes on to justify this mass collection (and remember, because it is ‘external’ communications, it includes content as well as metadata):

Farr using the needle in the haystack argument to justify Tempora

Farr using the needle in the haystack argument to justify Tempora

In other words, collect everything, give it to the NSA to store because the NSA has the larger budget, and examine it later looking for subjects of interest. The reality of Farr’s description of GCHQ interceptions is well summarised by Privacy International:

  • GCHQ is intercepting all communications – emails, text messages, as well as communications sent via “platforms” such as Facebook and Google – before determining whether they fall into the “internal” or “external” categories
  • The Government considers almost all Facebook and other social media communications, and Google searches will always fall within the “external” category, even when such communications are between two people in the UK
  • Classifying communications as “external” allows the Government to search through, read, listen to and look at each of them. The only restriction on what they do with communications that they classify as “external” is that they cannot search through such communications using keywords or terms that mention a specific British person or residence.
  • Even though the Government is conducting mass surveillance – intercepting and scanning through all communications in order to work out whether they are internal or external – they consider that such interception “has less importance” than whether a person actually reads the communication, which is where the Government believes “the substantive interference with privacy arises”.
  • The Government believes that, even when privacy violations happen, it is not an “active intrusion” because the analyst reading or listening to an individual’s communication will inevitably forget about it anyway.

So what we have is a spy agency, operating with full collusion of the Home Office, that interprets the law in the manner best suited to its own purposes while allowing our politicians to swear blind that black is white; that is, that GCHQ operates within the UK law.


Share This:
Facebooktwittergoogle_plusredditpinterestlinkedinmail

Leave a Reply

Your email address will not be published. Required fields are marked *

Submitted in: News, News_politics, News_privacy, News_surveillance | Tags: , , , , ,