United Kingdom: World champion of surveillance
Government Commmunications Headquarters (GCHQ)
“They are worse than the U.S.” – Edward Snowden
The widespread surveillance practices of the
British and U.S. governments, unveiled by Edward Snowden in June last
year, put Britain’s Government Communications Headquarters (GCHQ) and
its U.S. equivalent, the National Security Agency (NSA), at the centre
of a worldwide scandal. As part of its project “Mastering the
Internet”, GCHQ has developed the world’s biggest data monitoring
system. Supported by the NSA and with the prospect of sharing data, the
British agency brushed aside all legal obstacles and embarked on mass
surveillance of nearly a quarter of the world’s communications.
The UK lies in a geographically advantageous position to
access the hardware “backbone” of the Internet. This consists of 263
submarine cables that criss-cross the world and are owned by the big
names of the World Wide Web, such as Verizon, Orange and Alcatel-Lucent.
Most of the world’s telecommunications are carried on this network.
Some of these cables – 49 to be precise – run under British beaches. Thus the United Kingdom is an unparalleled transit point for telecommunications between Europe and North America.
There are a number of landing stations for these submarine
cables around the British coast. The best-known is at Bude in Cornwall,
which host seven cables including Apollo North which links the UK and
the United States, and more particularly TAT-14, which connects the
United States and Europe. The latter showed up in one of the U.S. diplomatic cables disclosed by WikiLeaks in a list of “essential resources”. Bude is no ordinary small coastal town. It hosts a satellite monitoring station built in the 1960s, known as GCHQ Bude.
The NSA has been particularly interested in it, since the
proximity of a monitoring facility and a submarine cable landing station
provides a unique opportunity to monitor vast quantities of data. It
even provided a budget of £15.5m for its technical redevelopment.
According to The Guardian,
the Tempora program was launched in 2011. The Bude monitoring station
became a pilot scheme for the mass interception of data carried by the
submarine cables. Seven terabytes of data per day transit via Bude, 10
percent of global Internet traffic.
The Guardian understands that 300 analysts sift through the
data. However, the success of the Tempora project is mainly thanks to
assistance from the telecoms companies that manage the cables. Among
them are British Telecom, Global Crossing, Interoute, Level 3, Verizon,
Viatel and Vodafone Cable, all of which are known to have links with the British intelligence service.
Submarine cables landing in the UK. Source: TeleGeography
Some of these companies have made their infrastructure
available to GCHQ, allowing it to place hundreds of wiretaps in
submarine cable landing stations.
GCHQ thus gathers an unprecedented quantity of information
including data on British and foreign citizens whose exchanges have
transited, for example, via servers based in the United States.
Millions of emails, telephone calls, browsing histories and
all types of digital content have thus been intercepted by GCHQ and
shared with the NSA. Documents disclosed by Snowden explain that the
British agency keeps the content, including the contents of emails and
telephone conversations, for three days and the metadata, such as login
times, telephone numbers, originators and addressees and email subjects,
are kept for 30 days, a boon for both GCHQ and the NSA.
There are several methods of encrypting Internet traffic.
The simplest is to use the protocol https, which works by using digital
certificates supplied by companies known as certification authorities.
The certificates guarantee the confidentiality of online exchanges.
Documents published by Edward Snowden showed that GCHQ has a program, known as EdgeHill, designed to break the encryption provided by the three main certification authorities.
The use of a Virtual Private Network (VPN) is another
method of encrypting Internet data. EdgeHill’s other objective is to
target the encryption keys of some 30 VPN providers.
As part of the same program, GCHQ targeted the encryption
installed to protect information hosted by Hotmail, Google, Yahoo and
Facebook in 2012.It expects to crack the encryption of 15 certification
authorities and 300 VPN providers by 2015.
According to the security expert Bruce Schneier,
confidence in the Internet is based on cryptography. Uncertainty about
the confidentiality of Internet communications can lead to
self-censorship, and ultimately lead to an end to the use of the network
for communications. By targeting the means of ensuring the
confidentiality of online information exchanges, GCHQ has undermined the
very basis of users’ confidence in the Internet.
Snowden’s disclosures exposed the activities of the U.S.
and the UK. The possession by The Guardian of files provided by Snowden,
some of which proved that GCHQ carried out widespread surveillance of
ordinary citizens, incurred the wrath of Prime Minister David Cameron’s
government. The paper’s editor Alan Rusbridger spoke of the pressure from Whitehall to suppress
the scandal of the GCHQ wiretaps. Rusbridger was contacted by Sir
Jeremy Heywood, the cabinet secretary, who gave him an ultimatum: hand
over the files or face legal action.
Faced with these threats, issued in June last year just
after the first stories in the “NSA files” series appeared, Rusbridger
agreed to destroy the data, having previously sent copies to two
publications based in the United States under the protection of the
First Amendment to the U.S. constitution. A surreal scene unworthy of British democracy
then took place in the basement of The Guardian’s offices, where GCHQ
officials supervised the destruction of computer hard disks containing
the files.
The British government did not stop there. On 18 August
last year, David Miranda, the partner of former Guardian blogger Glenn
Greenwald, was detained at Heathrow Airport on his way home to Rio de
Janeiro from a business trip to Berlin. He was held for nine hours under the UK’s Terrorism Act and all his equipment was seized.
The wrongful arrest of Miranda, although clearly linked to
his and Greenwald’s activities and unrelated to any alleged terrorist
activities, was not ruled unlawful when he challenged it in the High
Court. However, Frank La Rue, the UN special rapporteur on freedom of
expression, expressed concern about the abuse of anti-terrorism powers in the UK:
“The protection of national security secrets must never be used as an
excuse to intimidate the press into silence and backing off from its
crucial work in the clarification of human rights violations.”
Earlier this month, leaked documents published by Greenwald showed how GCHQ and the NSA persecuted WikiLeaks and the “human network” that supports it.
A presentation used by GCHQ to explain the capabilities of
its unit the Joint Intelligence Threat Research Group shows screenshots
of a program codenamed “Anticrisis Girl”, allowing the analysis of data
gathered as part of Tempora.
WikiLeaks features prominently among the “targets” exposed
by these screenshots. Those who use and visit WikiLeaks, whose only
“wrongdoing” was gathering and publishing information in the public
interest, have thus been victims of active surveillance. Similarly,
users of the file-sharing website Pirate Bay have also been monitored.
The interception of telecommunications is enshrined in British law through the Regulation of Investigatory Powers Act 2000.
This specifies that authorised surveillance must be proportionate to
what is sought to be achieved by carrying it out, and that authorisation
for legal telecommunications interceptions must be granted with the
assurance that they are:
-
in the interests of national security
-
for the purpose of preventing or detecting serious crime
-
in the interests of the economic well-being of the United Kingdom
The large-scale wiretapping carried out by GCHQ under the
Tempora program clearly contravenes these principles since they are
carried on a large scale and systematically, and are thus
disproportionate. In order to comply with the law, GCHQ uses a loophole
in the 2000 RIP Act which exempts the monitoring of foreign
telecommunications.
Privacy International lodged a complaint against the British government in July last year,
alleging data collection under the Tempora program was
disproportionate. In January, a report by the European Parliament said
GCHQ’s surveillance activities appeared to be illegal. A member of the British Parliament, David Heath, has called for new legislation to ensure Britain’s intelligence agencies can never intercept phone calls or email data without a specific warrant.
In a report on Internet surveillance published in June last
year, the UN’s Frank La Rue said the legal framework for surveillance
must adhere to the principles of necessity and proportionality. Extreme
surveillance measures should be used only as a last resort and when all
other means have been exhausted.
More relevant articles and information available at the home page here