NSA-Spähprogramm in Deutschland; Dame, König, As, Spion

Europa und Deutschland sind Hauptziele der Überwachung durch den US-Geheimdienst NSA. Millionen von Daten werden hierzulande von Obamas Spionen gesammelt. Doch Angela Merkels Regierung wirkt erstaunlich passiv. Warum?

Berlin – Als Sabine Leutheusser-Schnarrenberger kürzlich am Brandenburger Tor der Rede von Barack Obama lauschte, sah man sie in bester Stimmung. Sie winkte mit einem US-Fähnchen, die Worte des Präsidenten zu Freiheit und Gerechtigkeit gefielen der Liberalen sehr.

Knapp zwei Wochen später ist von der guten Stimmung der Ministerin nichts mehr übrig. Selten hat man sie so verärgert vernommen wie an diesem Sonntag. “Es sprengt jede Vorstellung, dass unsere Freunde in den USA die Europäer als Feinde ansehen”, sagt sie. Sie fühle sich “an das Vorgehen unter Feinden während des Kalten Krieges” erinnert.

Anlass des Aufschreis der Justizministerin ist ein SPIEGEL-Bericht, der unter Berufung auf Dokumente des Whistleblowers Edward Snowden neue Details der Spähprogramme des US-Geheimdiensts NSA offenlegt. Ob Wanzen in EU-Vertretungen, Lauschangriffe auf Brüsseler Behörden oder das flächendeckende Abschöpfen deutscher Telekommunikationsdaten – der Geheimdienst scheint vor nichts zurückzuschrecken.

Unter Parlamentariern macht sich Entsetzen über das Ausmaß der Spähattacken aus Übersee breit. Als “Riesenskandal” bezeichnet der Präsident des Europaparlaments, Martin Schulz (SPD), die Vorwürfe. Von einer “unvorstellbar umfassenden Spionageaktion” spricht Grünen-Fraktionschefin Renate Künast, von einer “ernsthaften Erschütterung des Vertrauensverhältnisses” der FDP-Innenexperte Jimmy Schulz.

Innenminister Friedrich im Wartemodus

Kritik gibt es aber nicht nur an der Regierung in Washington. Auch das Agieren der Kanzlerin rückt plötzlich in den Fokus. Angela Merkel müsse “den Sachverhalt schnellstens klären”, fordert ihr Herausforderer Peer Steinbrück. Wenn die Kanzlerin nun noch immer behaupte, das Thema gehöre in bilaterale und geheime Gespräche, “dann gibt sie sich der Lächerlichkeit preis”, sagt Künast.

Es ist Wahlkampf, klar. Aber über die Kritik kann sich die Bundesregierung kaum beschweren. Mit Ausnahme der Justizministerin macht Merkels Mannschaft nicht den Eindruck, als habe das Thema oberste Priorität.

Vom CSU-Bundesinnenminister ist seit dem Auffliegen des ersten Spähprogramms vor einigen Wochen kaum etwas zu hören. Hans-Peter Friedrich hat kürzlich ein paar Fragen über den Atlantik geschickt und befindet sich seitdem im Wartemodus. Die Kanzlerin besprach das Thema mit dem US-Präsidenten bei dessen Besuch in Berlin. Aber viel mehr als ein paar mahnende Worte, bei modernen Überwachungstechniken stets die Verhältnismäßigkeit im Blick zu haben, sprang dabei nicht heraus.

Es ist – gerade in der Sicherheitspolitik – nicht ganz einfach, auf Konfrontation mit den USA zu gehen, deutsche Behörden haben zuletzt immer wieder von den Informationen ihrer amerikanischen Partner profitiert. Aber angesichts der neuen Enthüllungen stellt sich die Frage, wie viel Zurückhaltung sich die Bundesregierung eigentlich leisten kann.

Wie Verwanzungen und flächendeckende Lauschangriffe in Partnerländern noch mit Terrorabwehr rechtfertigt werden sollen, erscheint fraglich. Wenn von einem ausländischen Nachrichtendienst derart systematisch die Privatsphäre der Bürger unterlaufen wird, sind ein paar offene Worte sicher nicht zu viel erwartet. Manche sind man da weiter. Frankreichs Außenminister Laurent Fabius drängte die USA am Sonntag zu einer Stellungnahme, die Brüsseler Kommission ebenso, auch der Generalbundesanwalt schaltete sich in die Spähaffäre ein.

Wie lässt sich Druck auf die USA ausüben?

Fragen gibt es genug. Kann es wirklich sein, dass deutsche Dienste von der großflächigen Vorratsdatenspeicherung nichts wussten, wo doch gerade im Sicherheitsbereich zwischen Berlin und Washington ein reger Austausch herrscht? Werden deutsche Bürger aktuell überwacht, und welche Bereiche der Kommunikation sind betroffen? Und was tut die Bundesregierung eigentlich konkret, um das Recht auf informationelle Selbstbestimmung der Bürger hierzulande gegen Angriffe von außen zu schützen?

Die Zurückhaltung von Merkel und Co. macht inzwischen auch die eigenen Reihen ungeduldig. Als die Bundesregierung im Parlamentarischen Kontrollgremium kürzlich über die Details der US-Überwachung in Deutschland Bericht erstatten sollte, konnten dem Vernehmen nach dazu weder Friedrichs Staatssekretär etwas sagen noch Merkels Geheimdienstkoordinator. Man warte noch auf Antworten aus Washington, hieß es. Auch unter Abgeordneten von Union und FDP machte sich daraufhin Ärger breit. Bis Mitte August soll die Bundesregierung jetzt ihre Hausaufgaben nachholen. Dann tagt das geheime Gremium erneut.

Schon jetzt wünscht sich mancher aber, dass die Koalition mehr Druck auf die Amerikaner ausübt. Besonders im EU-Parlament gibt es dazu einen Strauß an Überlegungen. Die einen denken darüber nach, Whistleblower Snowden einen Preis zu verleihen. Die anderen wollen die Abkommen zur Übermittlung von Bank- und Fluggastdaten aufkündigen. Und dann ist da noch die Idee, die seit einiger Zeit laufenden Verhandlungen für eine gemeinsame Freihandelszone zwischen Brüssel und Washington zu überdenken.

Auch in der Union gibt es dafür Sympathien – wohlwissend, dass es sich dabei um ein Lieblingsprojekt der Kanzlerin handelt. “Wie soll man”, fragt Elmar Brok, Chef des Auswärtigen Ausschusses für Auswärtige Angelegenheiten des Europaparlaments, “noch verhandeln, wenn man Angst haben muss, dass die eigene Verhandlungsposition vorab abgehört wird?”

30. Juni 2013, 18:53 Uhr
Von Veit Medick

Find this story at 30 June 2013

© SPIEGEL ONLINE 2013

Berlin accuses Washington of cold war tactics over snooping

Reports of NSA snooping on Europe go well beyond previous revelations of electronic spying

Sabine Leutheusser-Schnarrenberger: ‘If the media reports are true, it is reminiscent of the actions of enemies during the cold war’. Photograph: Ole Spata/Corbis

Transatlantic relations plunged at the weekend as Berlin, Brussels and Paris all demanded that Washington account promptly and fully for new disclosures on the scale of the US National Security Agency’s spying on its European allies.

As further details emerged of the huge reach of US electronic snooping on Europe, Berlin accused Washington of treating it like the Soviet Union, “like a cold war enemy”.

The European commission called on the US to clarify allegations that the NSA, operating from Nato headquarters a few miles away in Brussels, had infiltrated secure telephone and computer networks at the venue for EU summits in the Belgian capital. The fresh revelations in the Guardian and allegations in the German publication Der Spiegel triggered outrage in Germany and in the European parliament and threatened to overshadow negotiations on an ambitious transatlantic free-trade pact worth hundreds of billions due to open next week.

The reports of NSA snooping on Europe – and on Germany in particular – went well beyond previous revelations of electronic spying said to be focused on identifying suspected terrorists, extremists and organised criminals.

Der Spiegel reported that it had seen documents and slides from the NSA whistleblower Edward Snowden indicating that US agencies bugged the offices of the EU in Washington and at the UN in New York. They are also accused of directing an operation from Nato headquarters in Brussels to infiltrate the telephone and email networks at the EU’s Justus Lipsius building in the Belgian capital, the venue for EU summits and home of the European council.

Citing documents it said it had “partly seen”, the magazine reported that more than five years ago security officers at the EU had noticed several missed calls apparently targeting the remote maintenance system in the building that were traced to NSA offices within the Nato compound in Brussels.

Less than three months before a German general election, the impact of the fresh disclosures is likely to be strongest in Germany which, it emerged, is by far the biggest target in Europe for the NSA’s Prism programme scanning phone and internet traffic and capturing and storing the metadata.

The documents reviewed by Der Spiegel showed that Germany was treated in the same US spying category as China, Iraq or Saudi Arabia, while the UK, Canada, Australia, and New Zealand were deemed to be allies not subject to remotely the same level of surveillance.

Germany’s justice minister, Sabine Leutheusser-Schnarrenberger, called for an explanation from the US authorities. “If the media reports are true, it is reminiscent of the actions of enemies during the cold war,” she was quoted as saying in the German newspaper Bild. “It is beyond imagination that our friends in the US view Europeans as the enemy.”

France later also asked the US for an explanation. The foreign minister, Laurent Fabius, said: “These acts, if confirmed, would be completely unacceptable.

“We expect the American authorities to answer the legitimate concerns raised by these press revelations as quickly as possible.”

Washington and Brussels are scheduled to open ambitious free-trade talks next week after years of arduous preparation. Senior officials in Brussels are worried that the talks will be setback by the NSA scandal. “Obviously we will need to see what is the impact on the trade talks,” said a senior official in Brussels.

A second senior official said the allegations would cause a furore in the European parliament and could then hamper relations with the US.

However, Robert Madelin, one of Britain’s most senior officials in the European commission, tweeted that EU trade negotiators always operated on the assumption that their communications were listened to.

A spokesman for the European commission said: “We have immediately been in contact with the US authorities in Washington and in Brussels and have confronted them with the press reports. They have told us they are checking on the accuracy of the information released yesterday and will come back to us.”

There were calls from MEPs for Herman Van Rompuy, president of the European council – who has his office in the building allegedly targeted by the US – and José Manuel Barroso, president of the European commission, to urgently appear before the chamber to explain what steps they were taking in response to the growing body of evidence of US and British electronic surveillance of Europe through the Prism and Tempora operations.

Guy Verhofstadt, the former Belgian prime minister and leader of the liberals in the European parliament, said: “This is absolutely unacceptable and must be stopped immediately. The American data-collection mania has achieved another quality by spying on EU officials and their meetings. Our trust is at stake.”

Luxembourg’s foreign minister, Jean Asselborn, told Der Spiegel: “If these reports are true, it’s disgusting.” Asselborn called for guarantees from the highest level of the US government that the snooping and spying be halted immediately.

Martin Schulz, the head of the European parliament, said: “I am deeply worried and shocked about the allegations of US authorities spying on EU offices. If the allegations prove to be true, it would be an extremely serious matter which will have a severe impact on EU-US relations.

“On behalf of the European parliament, I demand full clarification and require further information speedily from the US authorities with regard to these allegations.”

There were also calls for John Kerry, the US secretary of state on his way back from the Middle East, to make a detour to Brussels to explain US activities.

“We need to get clarifications and transparency at the highest level,” said Marietje Schaake, a Dutch liberal MEP. “Kerry should come to Brussels on his way back from the Middle East. This is essential for the transatlantic alliance.”

The documents suggesting the clandestine bugging operations were from September 2010, Der Spiegel said.

Der Spiegel quoted the Snowden documents as revealing that the US taps half a billion phone calls, emails and text messages in Germany a month. “We can attack the signals of most foreign third-class partners, and we do,” Der Spiegel quoted a passage in the NSA document as saying.

It quoted the document from 2010 as stating that “the European Union is an attack target”.

On an average day, the NSA monitored about 15m German phone connections and 10m internet datasets, rising to 60m phone connections on busy days, the report said.

Officials in Brussels said this reflected Germany’s weight in the EU and probably also entailed elements of industrial and trade espionage. “The Americans are more interested in what governments think than the European commission. And they make take the view that Germany determines European policy,” said one of the senior officials.

Jan Philipp Albrecht, a German Green party MEP and a specialist in data protection, told the Guardian the revelations were outrageous. “It’s not about political answers now, but rule of law, fundamental constitutional principles and rights of European citizens,” he said.

“We now need a debate on surveillance measures as a whole looking at underlying technical agreements. I think what we can do as European politicians now is to protect the rights of citizens and their rights to control their own personal data.”

Germany has some of the toughest data privacy laws in Europe, with the issue highly sensitive not least because of the comprehensive surveillance by the Stasi in former communist east Germany as well as the wartime experience with the Gestapo under the Nazis.

Der Spiegel noted that so far in the NSA debacle, the chancellor, Angela Merkel, had asked only “polite” questions of the Americans but that the new disclosures on the sweeping scale of the surveillance of Germany could complicate her bid for a third term in September.

Ian Traynor in Brussels
The Guardian, Sunday 30 June 2013 21.55 BST

Find this story at 30 June 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Anglo-Saxon Spies; German National Security Is at Stake

Overzealous data collectors in the US and Great Britain have no right to investigate German citizens. The German government must protect people from unauthorized access by foreign intelligence agencies, and it must act now. This is a matter of national security.

“Germany’s security is also being defended in the Hindu Kush, too,” Peter Struck, who was Germany’s defense minister at the time, said in 2002. If that’s true, then the government should also be expected to defend the security of its people at their own doorstep. Because the massive sniffing out and saving of data of all kinds — that of citizens and businesses, newspapers, political parties, government agencies — is in the end just that: a question of security. It is about the principles of the rule of law. And it is a matter of national security.

We live in changing times. At the beginning of last week, we thought after the announcement of the American Prism program, that US President Barack Obama was the sole boss of the largest and most extensive control system in human history. That was an error.

Since Friday, we have known that the British intelligence agency GCHQ is “worse than the United States.” Those are the words of Edward Snowden, the IT expert who uncovered the most serious surveillance scandal of all time. American and British intelligence agencies are monitoring all communication data. And what does our chancellor do? She says: “The Internet is uncharted territory for us all.”

That’s not enough. In the coming weeks, the German government needs to show that it is bound to its citizens and not to an intelligence-industrial complex that abuses our entire lives as some kind of data mine. Justice Minister Sabine Leutheusser-Schnarrenberger hit the right note when she said she was shocked by this “Hollywood-style nightmare.”

An Uncanny Alliance

We have Edward Snowden to thank for this insight into the interaction of an uncanny club, the Alliance of Five Eyes. Since World War II, the five Anglo-Saxon countries of Great Britain, the United States, Australia, New Zealand and Canada have maintained close intelligence cooperation, which apparently has gotten completely out of control.

It may be up to the Americans and the British to decide how they handle questions of freedom and the protection of their citizens from government intrusion. But they have no right to subject the citizens of other countries to their control. The shoulder-shrugging explanation by Washington and London that they have operated within the law is absurd. They are not our laws. We didn’t make them. We shouldn’t be subject to them.

The totalitarianism of the security mindset protects itself with a sentence: If you have nothing to hide, you have nothing to fear. But firstly, that contains a presumption: We have not asked the NSA and GCHQ to “protect” us. And secondly, the sentence is a stupid one: Because we all have something to hide, whether it pertains to our private lives or to our business secrets.

No Agency Should Collect So Much Data

Thus the data scandal doesn’t pertain just to our legal principles, but to our security as well. We were lucky that Edward Snowden, who revealed the spying to the entire world, is not a criminal, but an idealist. He wanted to warn the world, not blackmail it. But he could have used his information for criminal purposes, as well. His case proves that no agency in the world can guarantee the security of the data it collects — which is why no agency should collect data in such abundance in the first place.

That is the well-known paradox of totalitarian security policy. Our security is jeopardized by the very actions that are supposed to protect it.

So what should happen now? European institutions must take control of the data infrastructure and ensure its protection. The freedom of data traffic is just as important as the European freedom of exchange in goods, services and money. But above all, the practices of the Americans and British must come to an end. Immediately.

It is the responsibility of the German government to see to it that the programs of the NSA and GCHQ no longer process the data of German citizens and companies without giving them the opportunity for legal defense. A government that cannot make that assurance is failing in one of its fundamental obligations: to protect its own citizens from the grasp of foreign powers.

Germans should closely observe how Angela Merkel now behaves. And if the opposition Social Democrats and Green Party are still looking for a campaign issue, they need look no further.

06/24/2013 05:07 PM

A Commentary by Jakob Augstein

Find this story at 24 June 2013

© SPIEGEL ONLINE 2013

Schnüffelprogramm Tempora; Justizministerin schickt Brandbriefe an britische Regierung

Berlin drängt auf Antworten aus London: Justizministerin Leutheusser-Schnarrenberger hat zwei britische Kabinettsmitglieder per Brief aufgefordert, mehr Details über das Spähprogramm Tempora zu veröffentlichen. In den Schreiben übt die FDP-Politikerin indirekt Kritik an der Cameron-Regierung.

Berlin – Jetzt schaltet sich die Bundesjustizministerin ein: Sabine Leutheusser-Schnarrenberger (FDP) hat den britischen Justizminister Christopher Grayling und die britische Innenministerin Theresa May aufgefordert, mehr Informationen über das Geheimdienstprogramm Tempora offenzulegen. Am Dienstag wandte sich Leutheusser-Schnarrenberger schriftlich an die beiden Kabinettsmitglieder von Großbritanniens Premier David Cameron. Die Briefe liegen SPIEGEL ONLINE vor.

In den beiden Schreiben identischen Inhalts, die am Vormittag parallel an die Minister verschickt wurden, äußerte sich die Ministerin sehr besorgt über die jüngsten Berichte über das gigantische Spähprogramm. Der Verdacht, durch digitale Überwachungsmethoden “riesige Mengen an Daten, E-Mails, Facebook-Nachrichten und Anrufe zu sammeln, zu speichern und zu verarbeiten”, hätte in Deutschland erhebliche Bedenken ausgelöst, heißt es in den Briefen.

Leutheusser-Schnarrenberger forderte Aufklärung in folgenden Punkten:

Auf welcher Rechtsgrundlage das Spähprogramm ausgeführt worden sei,
ob auf konkreten Verdacht ausgespäht oder die Daten allgemein ohne Anlass gesammelt worden seien,
ob die Überwachungsmaßnahmen von Richtern hätten abgesegnet werden müssen,
wie die Abhöraktionen konkret funktioniert hätten, welche Daten genau gespeichert und ob deutsche Bürger betroffen seien.

Auch übte sie indirekt Kritik an der Informationspolitik der Cameron-Regierung. “Die Kontrollfunktion von Parlament und Justiz zeichnet einen freien und demokratischen Staat aus. Sie kann aber nicht ihre Wirkung entfalten, wenn Regierungen bestimmte Maßnahmen in Schweigen hüllen”, hieß es weiter.

Leutheusser-Schnarrenberger appellierte an Grayling und May, die Grundsätze der Bürgerrechte nicht aus den Augen zu verlieren und mahnte Aufklärung an. “In unserer modernen Welt bieten die neuen Medien den Rahmen für einen freien Austausch von Meinungen und Informationen. Ein transparentes Regierungshandeln ist eine der wichtigsten Voraussetzungen für das Funktionieren eines demokratischen Staates und bedingt die Rechtsstaatlichkeit”, so die Ministerin.

Die FDP-Politikerin hatte sich bereits im Zusammenhang mit dem amerikanischen Spähprogramm Prism schriftlich an ihren US-Kollegen gewandt. Sie regte zudem an, im schwarz-gelben Kabinett eine Internet-Task-Force aus den beteiligten Ministerien zu bilden.

Die Ministerin beendete ihre Schreiben mit der Forderung nach strengeren Datenschutzstandards in der EU. Das Thema müsse beim nächsten Treffen der EU-Justizminister im Juli auf die Tagesordnung, so Leutheusser-Schnarrenberger.

Am Montag hat die Bundesregierung von Großbritannien offiziell Auskunft über das massenhafte Anzapfen von Telefon- und Internetverbindungen verlangt. Dazu sandte das Innenministerium eine Reihe von Fragen an den britischen Botschafter. Zur europäischen Chefsache will Kanzlerin Angela Merkel den Fall Tempora allerdings vorerst nicht machen. Beim EU-Gipfel Ende der Woche wolle Merkel keine Debatte über das britische Spionageprogramm forcieren, hieß es zu Beginn der Woche.

25. Juni 2013, 11:40 Uhr

Find this story at 25 June 2013

© SPIEGEL ONLINE 2013

So schöpfen die Spione Ihrer Majestät deutsche Daten ab

An einem einzigen Tag soll der britische Geheimdienst GCHQ Zugriff auf 21.600 Terabyte gehabt haben – wozu, weiß nicht einmal der BND. Sicher ist nur: Die Überwacher bekommen Hilfe von großen Telekommunikationskonzernen.

Das amerikanische Außenministerium hat vor Jahren einen kleinen Flecken in Ostfriesland auf eine Liste der weltweit schützenswürdigen Einrichtungen gesetzt. Ein Angriff auf das Städtchen Norden könnte angeblich die nationale Sicherheit der USA bedrohen. Sogar der Chef des US-Geheimdienstes NSA, General Keith B. Alexander, hat vor terroristischen Attacken gewarnt.

Norden ist ein heimliches Zentrum der neuen virtuellen Welt. Das TAT-14 (Trans Atlantic Telephone Cable No 14) ist am Hilgenrieder Siel bei Norden verbuddelt. Die meisten Internetverbindungen zwischen Deutschland und Amerika laufen dort durch mehrere Glasfaserleitungen; auch Frankreich, die Niederlande, Dänemark und Großbritannien sind durch TAT-14 miteinander verbunden. Etwa 50 internationale Telekommunikationsfirmen, darunter die Deutsche Telekom, betreiben ein eigenes Konsortium für dieses Kabel.

Manchmal fließen pro Sekunde Hunderte Gigabyte an Daten durch die Leitungen. Es ist ein gigantischer Datenrausch: Millionen Telefonate und E-Mails schießen durch das Netz. Auch deshalb hat der deutsche Verfassungsschutz stets nachgeschaut, ob in Norden alles in Ordnung ist. Keine Sabotage. Keine Terroristen. Kein Problem?

Für die über die “Seekabelendstelle” Norden, wie die offizielle Bezeichnung der Einrichtung lautet, vermittelten Daten hat sich offenbar der britische Geheimdienst Government Communications Headquarters (GCHQ) brennend interessiert. Aus Unterlagen des Whistleblowers Edward Snowden jedenfalls soll hervorgehen, dass die Briten im Rahmen der Operation “Tempora” die Daten abgegriffen haben. Es soll sich um unzählige Daten handeln, die aus Deutschland kamen oder nach Deutschland geschickt wurden.

Das ist nicht der Cyberkrieg, vor dem die amerikanische NSA immer gewarnt hat, sondern ein heimlicher umfassender Big-Data-Angriff auf die Bevölkerung eines befreundeten Landes. Die alte Formel: “Freund hört mit” umfasst das Problem nicht mal ungefähr. Großbritanniens Geheimdienst hat einen Lauschangriff auf Deutschland gestartet.

Die Menge der abgefangenen Daten ist noch Spekulation, und unklar ist auch, wo der Angriff genau erfolgt sein soll. Sicher nicht in Norden, das früher durch sein Seeheilbad bekannt wurde. Das würde sich kein Nachrichtendienstler trauen. Schon gar nicht in freundlicher Absicht.

Wahrscheinlich erfolgte der Angriff in dem kleinen Küstenstädtchen Bude im Südwesten Englands, das 858 Kilometer Luftlinie von Norden entfernt liegt. Dort macht das Kabel Zwischenstation – das Ende der Strecke ist New Jersey.

Dass ein britischer Geheimdienst auf diese Weise und so umfassend E-Mails deutscher Bürger abfängt oder Telefonate abhört, war vor Snowdens Enthüllungen für undenkbar gehalten worden. Der Bundesnachrichtendienst erklärt seit Tagen, dass er von den Aktivitäten der Amerikaner oder der Briten nichts wusste und selbst nur Zeitungswissen habe. Das klingt glaubhaft. Die beiden befreundeten Nationen, heißt es in Berlin, hätten offenbar ihr eigenes nationales Sicherheitsprogramm gefahren.

So viel Sicherheit war sicherlich nur mithilfe von Kommunikationsgesellschaften möglich. Angeblich sollen die beiden britischen Unternehmen Vodafone und British Telecommunications (BT) den Geheimen behilflich gewesen sein.

Jeder Eingriff, das erklärt eine Telekom-Sprecherin, müsste von dem internationalen Konsortium genehmigt werden, aber eine solche Genehmigung liegt nicht vor. Ein Sprecher der britischen Vodafone erklärte auf Anfrage, dass sich das Unternehmen an die Gesetze in den jeweiligen Ländern halte und Angelegenheiten, die mit der nationalen Sicherheit zusammenhingen, nicht kommentiere. Diese Formel klingt in diesen Tagen sehr vertraut.

Rechtsgrundlage für die Aktion “Tempora” ist ein sehr weit gefasstes Gesetz aus dem Jahr 2000. Danach kann die Kommunikation mit dem Ausland abgefangen und gespeichert werden. Die privaten Betreiber der Datenkabel, die beim Abhören mitmachen, sind zum Stillschweigen verpflichtet.

Nordengate macht klar, wie unterschiedlich Gesetze und Regeln in dieser Welt angewandt werden, es symbolisiert aber auch den Wandel der Geheimdienstarbeit. Ganz früher haben Nachrichtendienste Telefonate über relativ simple Horchposten abgehört. Glasfaserleitungen stellten die Dienste vor neue Herausforderungen. Telefonate werden seitdem in optische Signale umgewandelt. Da die Leitungen vor allem am Meeresboden verlaufen, gerieten Nachrichtendienste für kurze Zeit an ihre Grenzen.

Bereits um die Jahrtausendwende berichteten amerikanische Blätter, dass die NSA mithilfe von U-Booten an die Daten gelangen wollte. So wurde das Atom-U-Boot Jimmy Carter umgerüstet, um Glasfaserkabel aufzuschlitzen und dann abzuhören. Vorher hatten die Dienste auf anderem Weg regelmäßig Seekabel angezapft. Bei früheren Kupferkabeln reichte ein Induktions-Mikrofon, um die Gespräche abzugreifen. Glasfaserkabel hingegen müssen gebogen werden, um die optisch vermittelten Signale auslesen zu können. Am verwundbarsten sind die Kabel freilich an Land.

Was die Briten mit den vielen deutschen Daten machen und gemacht haben, erschließt sich selbst dem BND nicht so ganz. An einem einzigen Tag soll der britische Geheimdienst insgesamt Zugriff auf 21.600 Terabyte gehabt haben. Dank Snowden ist bekannt, dass die abgefangenen Inhalte drei Tage vorgehalten wurden und Benutzerdaten 30 Tage. In der Zwischenzeit wurden die Daten mit speziellen Programmen gefiltert. Selbst dem Briten George Orwell wäre ein solches Überwachungsprogramm im Leben nicht eingefallen.

25. Juni 2013 05:10 Großbritanniens Abhördienst GCHQ
Von John Goetz, Hans Leyendecker und Frederik Obermaier

Find this story at 25 June 2013

Copyright: Süddeutsche Zeitung Digitale Medien GmbH / Süddeutsche Zeitung GmbH

The legal loopholes that allow GCHQ to spy on the world

William Hague has hailed GCHQ’s ‘democratic accountability’, but legislation drafted before a huge expansion of internet traffic appears to offer flexibility

GCHQ – the government’s communications headquarters. Does it have the strongest checks and balances in the world? Photograph: Reuters

William Hague was adamant when he addressed MPs on Monday last week. In an emergency statement (video) forced by the Guardian’s disclosures about GCHQ involvement with the Prism programme, the foreign secretary insisted the agency operated within a “strong framework of democratic accountability and oversight”.

The laws governing the intelligence agencies provide “the strongest systems of checks and balances for secret intelligence anywhere in the world”, he said.

Leaked documents seen by the Guardian give the impression some high-ranking officials at GCHQ have a different view.

In confidential briefings, one of Cheltenham’s senior legal advisers, whom the Guardian will not name, made a note to tell his guests: “We have a light oversight regime compared with the US”.

The parliamentary intelligence and security committee, which scrutinises the work of the agencies, was sympathetic to the agencies’ difficulties, he suggested.

“They have always been exceptionally good at understanding the need to keep our work secret,” the legal adviser said.

Complaints against the agencies, undertaken by the interception commissioner, are conducted under “the veil of secrecy”. And the investigatory powers tribunal, which assesses complaints against the agencies, has “so far always found in our favour”.

The briefings offer important glimpses into the GCHQ’s view of itself, the legal framework in which it works, and, it would seem, the necessity for reassuring the UK’s most important intelligence partner, the United States, that sensitive information can be shared without raising anxiety in Washington.

None of the documents advocates law-breaking – quite the opposite. But critics will say they highlight the limitations of the three pieces of legislation that underpin the activities of GCHQ, MI5 and MI6 – which were repeatedly mentioned by Hague as pillars of the regulatory and oversight regime during his statement to the Commons.

The foreign secretary said GCHQ “complied fully” with the Regulation of Investigatory Powers Act (Ripa), the Human Rights Act (HRA) and the Intelligence Services Act (Isa).

Privacy campaigners argue the laws have one important thing in common: they were drafted in the last century, and nobody involved in writing them, or passing them, could possibly have envisaged the exponential growth of traffic from telecoms and internet service providers over the past decade.

Nor could they have imagined that GCHQ could have found a way of storing and analysing so much of that information as part of its overarching Mastering the Internet project.

The Tempora programme appears to have given Britain’s spymasters that resource, with documents seen by the Guardian showing Britain can retain for up to 30 days an astronomical amount of unfiltered data garnered from cables carrying internet traffic.

This raises a number of questions about the way GCHQ officials and ministers have legitimised the programme.

The briefings, which are entitled UK Operational Legalities, stress that GCHQ “is an organisation with a highly responsible approach to compliance with the law”.

GCHQ also has a well staffed legal team, known as OPP-LEG, to help staff navigate their way through the complexities of the law.

But there appears to be some nervousness about Tempora. In a paper written for National Security Agency (NSA) analysts entitled A Guide to Using Internet Buffers at GCHQ, the author notes: “[Tempora] represents an exciting opportunity to get direct access to enormous amounts of GCHQ’s special source data.

“As large-scale buffering of metadata and content represent a new concept for GCHQ’s exploitation of the internet, GCHQ’s legal and policy officers are understandably taking a careful approach to their access and use.”

So how did GCHQ secure the legal authority for setting up Tempora, and what safeguards are in place for sharing the intelligence with the Americans? According to the documents, the British government used Ripa to get taps on to the fibre-optic cables.

These cables carry internet traffic in and out of the country and contain details of millions of emails and web searches. The information from these cables went straight into the Tempora storage programme.

In one presentation, which appeared to be for US analysts from the NSA, GCHQ explained: “Direct access to large volumes of unselected SSE data [is] collected under a Ripa warrant.”

The precise arrangement between the firms is unclear, as are the legal justifications put before ministers. Isa gives GCHQ some powers for the “passive collection” of data, including from computer networks.

But it appears GCHQ has relied on paragraph four of section 8 of Ripa to gain “external warrants” for its programmes.

They allow the agency to intercept external communications where, for instance, one of the people being targeted is outside Britain.

In most Ripa cases, a minister has to be told the name of an individual or company being targeted before a warrant is granted.

But section 8 permits GCHQ to perform more sweeping and indiscriminate trawls of external data if a minister issues a “certificate” along with the warrant.

According to the documents, the certificate authorises GCHQ to search for material under a number of themes, including: intelligence on the political intentions of foreign governments; military postures of foreign countries; terrorism, international drug trafficking and fraud.

The briefing document says such sweeping certificates, which have to be signed off by a minister, “cover the entire range of GCHQ’s intelligence production”.

“The certificate is issued with the warrant and signed by the secretary of state and sets out [the] class of work we can do under it … cannot list numbers or individuals as this would be an infinite list which we couldn’t manage.”

Lawyers at GCHQ speak of having 10 basic certificates, including a “global” one that covers the agency’s support station at Bude in Cornwall, Menwith Hill in North Yorkshire, and Cyprus.

Other certificates have been used for “special source accesses” – a reference, perhaps, to the cables carrying web traffic. All certificates have to be renewed by the foreign secretary every six months.

A source with knowledge of intelligence confirmed: “Overall exercise of collection and analysis [is] done under a broad, overall legal authority which has to be renewed at intervals, and is signed off at a senior political level.”

The source said the interception commissioner was able to “conclude that [the process] was not appropriate”, and that the companies involved were not giving up the information voluntarily.

“We have overriding authority to compel [them] to do this,” the source said. “There’s an overarching condition of the licensing of the companies that they have to co-operate in this.

“Should they decline, we can compel them to do so. They have no choice. They can’t talk about the warrant, they can’t reveal the existence of it.”

GCHQ says it can also seek a sensitive targeting authority (STA), which allows it snoop on any Briton “anywhere in the world” or any foreign national located in the UK.

It is unclear how the STA system works, and who has authority over it.

The intelligence agencies also have to take note of the HRA, which demands any interception is “necessary and proportionate”.

But the documents show GCHQ believes these terms are open to interpretation – which “creates flexibility”. When Tempora became fully functional in around 2011, GCHQ gave the NSA access to the programme on a three-month trial – and the NSA was keen to impress.

The US agency sent a briefing to some of its analysts urging them to show they could behave responsibly with the data. Under a heading – “The need to be successful!” – the author wrote: “As the first NSA users to receive operational access [to Tempora], we’re depending on you to provide the business case required to justify expanded access. Most importantly we need to prove that NSA users can utilise the internet buffers in ways that are consistent with GCHQ’s legal and policy rules.

“In addition, we need to prove that NSA’s access … is necessary to prosecute our mission and will greatly enhance the production of the intelligence … success of this three-month trial will determine expanded NSA access to internet buffers in the future.”

The NSA appears to have made a successful case. In May last year, an internal GCHQ memo said it had 300 analysts working on intelligence from Tempora, and the NSA had 250. The teams were supporting “the target discovery mission”.

But the safeguards for the sharing of this information are unclear.

Though GCHQ says it only keeps the content of messages for three working days, and the metadata for up to 30 days, privacy campaigners here and in the US will want to know if the NSA is adhering to the same self-imposed rules. One concern for privacy campaigners is that GCHQ and the NSA could conduct intercepts for each other, and then offer to share the information – a manoeuvre that could bypass the domestic rules they have to abide by.

This was raised by MPs during last week’s statement, with the former Labour home secretary David Blunkett calling for clarification on this potential loophole.

Last week, the Guardian sent a series of questions to the Foreign Office about this issue, but the department said it would not be drawn on it.

“It is a longstanding policy not to comment on intelligence matters; this includes our intelligence co-operation with the United States.

“The intelligence and security committee is looking into this, which is the proper channel for such matters.”

Ewen MacAskill, Julian Borger, Nick Hopkins, Nick Davies and James Ball
The Guardian, Friday 21 June 2013 17.23 BST

Find this story at 21 June 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

GCHQ taps fibre-optic cables for secret access to world’s communications

Exclusive: British spy agency collects and stores vast quantities of global email messages, Facebook posts, internet histories and calls, and shares them with NSA, latest documents from Edward Snowden reveal

Secret document detailing GCHQ’s ambition to ‘master the internet’

Britain’s spy agency GCHQ has secretly gained access to the network of cables which carry the world’s phone calls and internet traffic and has started to process vast streams of sensitive personal information which it is sharing with its American partner, the National Security Agency (NSA).

The sheer scale of the agency’s ambition is reflected in the titles of its two principal components: Mastering the Internet and Global Telecoms Exploitation, aimed at scooping up as much online and telephone traffic as possible. This is all being carried out without any form of public acknowledgement or debate.

One key innovation has been GCHQ’s ability to tap into and store huge volumes of data drawn from fibre-optic cables for up to 30 days so that it can be sifted and analysed. That operation, codenamed Tempora, has been running for some 18 months.

GCHQ and the NSA are consequently able to access and process vast quantities of communications between entirely innocent people, as well as targeted suspects.

This includes recordings of phone calls, the content of email messages, entries on Facebook and the history of any internet user’s access to websites – all of which is deemed legal, even though the warrant system was supposed to limit interception to a specified range of targets.

The existence of the programme has been disclosed in documents shown to the Guardian by the NSA whistleblower Edward Snowden as part of his attempt to expose what he has called “the largest programme of suspicionless surveillance in human history”.

“It’s not just a US problem. The UK has a huge dog in this fight,” Snowden told the Guardian. “They [GCHQ] are worse than the US.”

However, on Friday a source with knowledge of intelligence argued that the data was collected legally under a system of safeguards, and had provided material that had led to significant breakthroughs in detecting and preventing serious crime.

Britain’s technical capacity to tap into the cables that carry the world’s communications – referred to in the documents as special source exploitation – has made GCHQ an intelligence superpower.

By 2010, two years after the project was first trialled, it was able to boast it had the “biggest internet access” of any member of the Five Eyes electronic eavesdropping alliance, comprising the US, UK, Canada, Australia and New Zealand.

UK officials could also claim GCHQ “produces larger amounts of metadata than NSA”. (Metadata describes basic information on who has been contacting whom, without detailing the content.)

By May last year 300 analysts from GCHQ, and 250 from the NSA, had been assigned to sift through the flood of data.

The Americans were given guidelines for its use, but were told in legal briefings by GCHQ lawyers: “We have a light oversight regime compared with the US”.

When it came to judging the necessity and proportionality of what they were allowed to look for, would-be American users were told it was “your call”.

The Guardian understands that a total of 850,000 NSA employees and US private contractors with top secret clearance had access to GCHQ databases.

The documents reveal that by last year GCHQ was handling 600m “telephone events” each day, had tapped more than 200 fibre-optic cables and was able to process data from at least 46 of them at a time.
Document quoting Lt Gen Keith Alexander, head of the NSA, during a visit to Britain

Each of the cables carries data at a rate of 10 gigabits per second, so the tapped cables had the capacity, in theory, to deliver more than 21 petabytes a day – equivalent to sending all the information in all the books in the British Library 192 times every 24 hours.

And the scale of the programme is constantly increasing as more cables are tapped and GCHQ data storage facilities in the UK and abroad are expanded with the aim of processing terabits (thousands of gigabits) of data at a time.

For the 2 billion users of the world wide web, Tempora represents a window on to their everyday lives, sucking up every form of communication from the fibre-optic cables that ring the world.

The NSA has meanwhile opened a second window, in the form of the Prism operation, revealed earlier this month by the Guardian, from which it secured access to the internal systems of global companies that service the internet.

The GCHQ mass tapping operation has been built up over five years by attaching intercept probes to transatlantic fibre-optic cables where they land on British shores carrying data to western Europe from telephone exchanges and internet servers in north America.

This was done under secret agreements with commercial companies, described in one document as “intercept partners”.

The papers seen by the Guardian suggest some companies have been paid for the cost of their co-operation and GCHQ went to great lengths to keep their names secret. They were assigned “sensitive relationship teams” and staff were urged in one internal guidance paper to disguise the origin of “special source” material in their reports for fear that the role of the companies as intercept partners would cause “high-level political fallout”.

The source with knowledge of intelligence said on Friday the companies were obliged to co-operate in this operation. They are forbidden from revealing the existence of warrants compelling them to allow GCHQ access to the cables.

“There’s an overarching condition of the licensing of the companies that they have to co-operate in this. Should they decline, we can compel them to do so. They have no choice.”

The source said that although GCHQ was collecting a “vast haystack of data” what they were looking for was “needles”.

“Essentially, we have a process that allows us to select a small number of needles in a haystack. We are not looking at every piece of straw. There are certain triggers that allow you to discard or not examine a lot of data so you are just looking at needles. If you had the impression we are reading millions of emails, we are not. There is no intention in this whole programme to use it for looking at UK domestic traffic – British people talking to each other,” the source said.

He explained that when such “needles” were found a log was made and the interception commissioner could see that log.

“The criteria are security, terror, organised crime. And economic well-being. There’s an auditing process to go back through the logs and see if it was justified or not. The vast majority of the data is discarded without being looked at … we simply don’t have the resources.”

However, the legitimacy of the operation is in doubt. According to GCHQ’s legal advice, it was given the go-ahead by applying old law to new technology. The 2000 Regulation of Investigatory Powers Act (Ripa) requires the tapping of defined targets to be authorised by a warrant signed by the home secretary or foreign secretary.

However, an obscure clause allows the foreign secretary to sign a certificate for the interception of broad categories of material, as long as one end of the monitored communications is abroad. But the nature of modern fibre-optic communications means that a proportion of internal UK traffic is relayed abroad and then returns through the cables.

Parliament passed the Ripa law to allow GCHQ to trawl for information, but it did so 13 years ago with no inkling of the scale on which GCHQ would attempt to exploit the certificates, enabling it to gather and process data regardless of whether it belongs to identified targets.

The categories of material have included fraud, drug trafficking and terrorism, but the criteria at any one time are secret and are not subject to any public debate. GCHQ’s compliance with the certificates is audited by the agency itself, but the results of those audits are also secret.

An indication of how broad the dragnet can be was laid bare in advice from GCHQ’s lawyers, who said it would be impossible to list the total number of people targeted because “this would be an infinite list which we couldn’t manage”.

There is an investigatory powers tribunal to look into complaints that the data gathered by GCHQ has been improperly used, but the agency reassured NSA analysts in the early days of the programme, in 2009: “So far they have always found in our favour”.

Historically, the spy agencies have intercepted international communications by focusing on microwave towers and satellites. The NSA’s intercept station at Menwith Hill in North Yorkshire played a leading role in this. One internal document quotes the head of the NSA, Lieutenant General Keith Alexander, on a visit to Menwith Hill in June 2008, asking: “Why can’t we collect all the signals all the time? Sounds like a good summer project for Menwith.”

By then, however, satellite interception accounted for only a small part of the network traffic. Most of it now travels on fibre-optic cables, and the UK’s position on the western edge of Europe gave it natural access to cables emerging from the Atlantic.

The data collected provides a powerful tool in the hands of the security agencies, enabling them to sift for evidence of serious crime. According to the source, it has allowed them to discover new techniques used by terrorists to avoid security checks and to identify terrorists planning atrocities. It has also been used against child exploitation networks and in the field of cyberdefence.

It was claimed on Friday that it directly led to the arrest and imprisonment of a cell in the Midlands who were planning co-ordinated attacks; to the arrest of five Luton-based individuals preparing acts of terror, and to the arrest of three London-based people planning attacks prior to the Olympics.

As the probes began to generate data, GCHQ set up a three-year trial at the GCHQ station in Bude, Cornwall. By the summer of 2011, GCHQ had probes attached to more than 200 internet links, each carrying data at 10 gigabits a second. “This is a massive amount of data!” as one internal slideshow put it. That summer, it brought NSA analysts into the Bude trials. In the autumn of 2011, it launched Tempora as a mainstream programme, shared with the Americans.

The intercept probes on the transatlantic cables gave GCHQ access to its special source exploitation. Tempora allowed the agency to set up internet buffers so it could not simply watch the data live but also store it – for three days in the case of content and 30 days for metadata.

“Internet buffers represent an exciting opportunity to get direct access to enormous amounts of GCHQ’s special source data,” one document explained.

The processing centres apply a series of sophisticated computer programmes in order to filter the material through what is known as MVR – massive volume reduction. The first filter immediately rejects high-volume, low-value traffic, such as peer-to-peer downloads, which reduces the volume by about 30%. Others pull out packets of information relating to “selectors” – search terms including subjects, phone numbers and email addresses of interest. Some 40,000 of these were chosen by GCHQ and 31,000 by the NSA. Most of the information extracted is “content”, such as recordings of phone calls or the substance of email messages. The rest is metadata.

The GCHQ documents that the Guardian has seen illustrate a constant effort to build up storage capacity at the stations at Cheltenham, Bude and at one overseas location, as well a search for ways to maintain the agency’s comparative advantage as the world’s leading communications companies increasingly route their cables through Asia to cut costs. Meanwhile, technical work is ongoing to expand GCHQ’s capacity to ingest data from new super cables carrying data at 100 gigabits a second. As one training slide told new users: “You are in an enviable position – have fun and make the most of it.”

Ewen MacAskill, Julian Borger, Nick Hopkins, Nick Davies and James Ball
The Guardian, Friday 21 June 2013 17.23 BST

Find this story at 21 June 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Spy agencies win millions more to fight terror threat

Britain’s intelligence agencies will emerge as the biggest winners from the Government’s review of public spending, The Telegraph can disclose.
MI6, MI5 and Government Communications Headquarters will see an increase in their combined £1.9 billion budget

MI6, MI5 and Government Communications Headquarters (GCHQ) will see an inflation-busting increase in their combined £1.9 billion budget, underlining the Government’s concern over the growing terrorist threat following the Woolwich attack.

Police spending on counter-terrorism will also be protected and will rise in line with inflation.

The percentage increase in the budgets of the intelligence agencies – at more than three per cent in addition to inflation – will be the largest of any item of government spending including the NHS, schools and international development.

It will lead to the agencies receiving about another £100 million in funding annually from 2015.

Local councils are also expected to emerge as winners with increased funding for elderly social care. Money from the ring-fenced NHS budget is expected to be diverted to help fund care homes and home visits for frail pensioners.
Related Articles
George Osborne: I’d rather not have tax rises but can’t rule it out 27 Jun 2013
Sketch: Dr Osborne needles Labour 26 Jun 2013
Tax rises likely after spending review cuts, says IFS 26 Jun 2013
Are the two Eds Attlee and Cripps – or Tory clones? 25 Jun 2013
Nick Clegg: even more cuts are coming 25 Jun 2013
Married couples to be offered tax breaks 24 Jun 2013

George Osborne will on Wednesday unveil the Government’s spending plans for the 2015-16 financial year following months of Whitehall wrangling.

The Spending Review, which will cut a further £11.5 billion in public expenditure, is regarded as especially sensitive as the cuts will be implemented just weeks before the next general election.

The biggest losers will include the Business department, the Culture department, the Home Office and the Justice department, which are expected to each lose about eight per cent from their budgets.

The Ministry of Defence will see its budget cut by about £1 billion, although this will not involve further reductions in front-line troops.

Mr Osborne is also expected to set out plans for long-term caps on welfare spending and other areas of government expenditure which are not tightly controlled.

The Chancellor will detail proposals to divert the money saved from Whitehall spending to fund long-term infrastructure projects such as widening major roads.

He is expected to say: “Britain is moving from rescue to recovery. But while the British economy is leaving intensive care, now we need to secure that recovery.

“We’re saving money on welfare and waste to invest in the roads and railways, schooling and science our economy needs to succeed in the future.”

The intelligence agencies have recently faced criticism that they are struggling to deal with emerging threats, amid suggestions that MI5 and MI6 could have done more to prevent the murder of Drummer Lee Rigby in Woolwich. One of the suspects had attempted to travel to Somalia and both were known to the intelligence services.

GCHQ’s activities have also come under scrutiny following accusations that it may be abusing its power in secretive projects with the United States to monitor internet traffic.

The Chancellor is understood to have contacted the heads of the three agencies last Friday to inform them of their spending increases. MI5, MI6 and GCHQ have seen their budgets fall in real terms by more than 10 per cent since 2010 and there were fears that they would face a further round of cuts.

A Whitehall source said: “This has been one of George’s personal priorities. It is vitally important we look after these budgets and they were settled last week with agreement at the very highest level.”

Mr Osborne and the Prime Minister are understood to believe the agencies need more resources to tackle the growing terrorist threat from sub-Saharan Africa and Syria, and the rising problem posed by cyber terrorism.

In the wake of the GCHQ snooping row, William Hague, the Foreign Secretary, praised the agencies’ work and cooperation with US counterparts.

Speaking in America, he said “we should have nothing but pride” in the “intelligence-sharing relationship between Britain and the United States”. He added that both countries’ intelligence work operated “under the rule of law” and “only exists to protect” people’s freedoms.

Mr Osborne confirmed on Tuesday that the NHS and schools budgets would continue to rise.

Money is also expected to be diverted from the health budget to local authorities to fund social care. Norman Lamb, a health minister, recently warned of an impending crisis in social care as councils struggled to fund enough places for ailing pensioners.

Last week, council leaders warned Mr Osborne that street lights may have to be switched off and libraries closed unless NHS funding was diverted to help pay for elderly care.

They said the amount of money spent on social care has been cut by a fifth in less than three years and they were preparing to reduce budgets further.

Mr Osborne agreed for £2 billion to be transferred from the NHS to the social care sector in his previous Spending Review, but councils said much of the money has gone on propping up the system because of the ageing population.

Ministers are also expected to set out the entitlement criteria for state help. The Government has pledged to cap the maximum bill that anyone faces for social care at £72,000 from 2016, and the details of how this will work are to be announced this week.

Earl Howe, a health minister, was asked about the growing problem in social care, with hospitals often forced not to discharge elderly patients who are infirm but not ill because they have nowhere to go. He said there would be “more news” about increased funding for social care on Wednesday and sources confirmed that the social care budget would rise after several years of cuts.

Danny Alexander, the Chief Secretary to the Treasury, also hinted that the Government may speed up the introduction of its community budgets programme, which is designed to make public sector services share operations.

He urged MPs to “listen carefully” to the Chancellor’s statement for more news after being asked about the programme’s national implementation.

By Robert Winnett, Political Editor
10:00PM BST 25 Jun 2013

Find this story at 25 June 2013

© Copyright of Telegraph Media Group Limited 2013

Operation Tempora: GCHQ in fresh snooping row as it eavesdrops on phones and the internet

Data includes recordings of telephone calls, contents of emails, details of messages on social media and the history of internet use

Britain’s electronic eavesdropping centre, GCHQ, has started collecting data from the network of fibre-optic cables carrying the world’s telephone calls and internet traffic, it was reported tonight.

The massive programme of surveillance allows the agency to store vast volumes of information for up to 30 days which it can then study for evidence of terrorist and criminal activity.

The claims, in The Guardian, will provoke a fresh civil liberties storm following recent allegations that thousands of Britons could have been spied on by GCHQ through a covert link with the US National Security Agency (NSA).

According to the paper, the agency has been running Operation Tempora for 18 months under which it gains access to transatlantic cables carrying data about phone calls and internet use. It is said to share information gleaned from it with the NSA.

The data includes recordings of telephone calls, contents of emails, details of messages on social media and the history of internet use.

Documents seen by the paper suggest that by last year GCHQ was handling 600m “telephone events” each day, had tapped more than 200 fibre-optic cables and was able to process data from at least 46 at a time.

A source told The Guardian that the eavesdropping allowed the security services to arrest three people planning attacks on last year’s London Olympics, as well as terrorist cells in the Midlands and Luton. It has also been used against child exploitation networks and to boost cyberdefence.

A GCHQ spokesman said: “It is longstanding practice that we do not comment on intelligence matters.”

He added: “GCHQ takes its obligations under the law very seriously. Our work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Intelligence and Security Committee.”

* Edward Snowden has been charged in his absence by US prosecutors with spying and theft of government property. The charges are included in sealed documents filed by prosecutors.

Nigel Morris
Saturday, 22 June 2013

Find this story at 22 June 2013

© independent.co.uk

MI5 feared GCHQ went ’too far’ over phone and internet monitoring

Amid leaks from NSA whistleblower Edward Snowden, senior intelligence source reveals worries were voiced in 2008

GCHQ taps can intercept UK and US phone and internet traffic. Photograph: EPA

Senior figures inside British intelligence have been alarmed by GCHQ’s secret decision to tap into transatlantic cables in order to engage in the bulk interception of phone calls and internet traffic.

According to one source who has been directly involved in GCHQ operations, concerns were expressed when the project was being discussed internally in 2008: “We felt we were starting to overstep the mark with some of it. People from MI5 were complaining that they were going too far from a civil liberties perspective … We all had reservations about it, because we all thought: ‘If this was used against us, we wouldn’t stand a chance’.”

The Guardian revealed on Friday that GCHQ has placed more than 200 probes on transatlantic cables and is processing 600m “telephone events” a day as well as up to 39m gigabytes of internet traffic. Using a programme codenamed Tempora, it can store and analyse voice recordings, the content of emails, entries on Facebook, the use of websites as well as the “metadata” which records who has contacted who. The programme is shared with GCHQ’s American partner, the National Security Agency.

Interviews with the UK source and the NSA whistleblower Edward Snowden raise questions about whether the programme:

■ Exploits existing law which was passed by parliament without any anticipation that it would be used for this purpose.

■ For the first time allows GCHQ to process bulk internal UK traffic which is routed overseas via these cables.

■ Allows the NSA to engage in bulk intercepts of internal US traffic which would be forbidden in its own territory.

■ Functions with no effective oversight.

The key law is the Regulation of Investigatory Powers Act 2000, Ripa, which requires the home secretary or foreign secretary to sign warrants for the interception of the communications of defined targets. But the law also allows the foreign secretary to sign certificates that authorise GCHQ to trawl for broad categories of information on condition that one end of the communication is outside the UK.

According to the UK source: “Not so long ago, this was all about attaching crocodile clips to copper wires. And it was all about voice. Now, it’s about the internet – massive scale – but still using the same law that was devised for crocodile clips. Ripa was primarily designed for voice, not for this level of interception. They are going round Ripa. The legislation doesn’t exist for this. They are using old legislation and adapting it.”

The source claimed that even the conventional warrant system has been distorted – whereas police used to ask for a warrant before intercepting a target’s communications, they will now ask GCHQ to intercept the target’s communications and then use that information to seek a warrant.

There is a particular concern that the programme allows GCHQ to break the boundary which stopped it engaging in the bulk interception of internal UK communications. The Ripa requirement that one end of a communication must be outside the UK was a significant restriction when it was applied to phone calls using satellites, but it is no longer effective in the world of fibre-optic cables. “The point is that this is an island,” the source said. “Everything comes and goes – nearly everything – down fibre-optic cables. You make a mobile phone call, it goes to a mast and then down into a fibre-optic cable, under the ground and away. And even if the call is UK to UK, it’s very likely – because of the way the system is structured – to go out of the UK and come back in through these fibre-optic channels.”

Internet traffic is also liable to be routed internationally even if the message is exchanged between two people within the UK. “At one point, I was told that we were getting 85% of all UK domestic traffic – voice, internet, all of it – via these international cables.”

Last year, the government was mired in difficulty when it tried to pass a communications bill that became known as the “snoopers’ charter”, and would have allowed the bulk interception and storage of UK voice calls and internet traffic. The source says this debate was treated with some scepticism inside the intelligence community – “We’re sitting there, watching them debate the snoopers’ charter, thinking: ‘Well, GCHQ have been doing this for years’.”

There are similar concerns about the role of the NSA. It could have chosen to attach probes to the North American end of the cables and documents shown to the Guardian by Edward Snowden suggest that key elements of the Tempora filtering process were designed by the NSA. Instead, the NSA agency has exported its computer programs and 250 of its analysts to operate the system from the UK.

Initial inquiries by the Guardian have failed to explain why this has happened, but US legislators are likely to want to check whether the NSA has sought to bypass legal or policy requirements which restrict its activity in the US. This will be particularly sensitive if it is confirmed that Tempora is also analysing internal US traffic.

The UK source challenges the official justification for the programme; that it is necessary for the fight against terrorism and serious crime: “This is not scoring very high against those targets, because they are wise to the monitoring of their communications. If the terrorists are wise to it, why are we increasing the capability?

“The answer is that you can’t stop it. It is a self-fulfilling prophecy. The more we develop communications technology, the more they develop technology to intercept it. There was MS Chat – easy. Then Yahoo chat – did that, too. Then Facebook. Then Skype. Then Twitter. They keep catching up. It is good for us, but it is bad for us.”

It is clear from internal paperwork that GCHQ has created systems to restrain the use of this powerful tool and to ensure that its use complies not only with Ripa but also with the 1998 Human Rights Act, which requires essentially that the use of the data must be proportional to the crime or threat investigated. Defenders insist that the mass of data is heavily filtered by the programme so that only that relating to legitimate targets is analysed.

However, there are doubts about the effectiveness of this. First, according to the UK source, “written definitions for targeting and filtering are very elastic. They are wide open to interpretation.” The target areas defined by the Ripa certificates are secret.

Second, there is further room for interpretation when human analysts become involved in using the filtered intelligence to produce what are known as “contact chains”. “Here is target A. But who is A talking to? Now we’re into B and C and D.” If analysts believe it is proportional, they can look at all the traffic – content and metadata – relating to all of the target’s contact.” GCHQ audits a sample of its analysts’ work – believed to be 5% every six months – but even the statistical results of these audits are also secret.

Beyond the detail of the operation of the programme, there is a larger, long-term anxiety, clearly expressed by the UK source: “If there was the wrong political change, it could be very dangerous. All you need is to have the wrong government in place. It is capable of abuse because there is no independent scrutiny.”

Nick Davies
The Observer, Saturday 22 June 2013 20.18 BST

Find this story at 22 June 2013
© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

G20 summit: NSA targeted Russian president Medvedev in London

Leaked documents reveal Russian president was spied on during visit, as questions are raised over use of US base in Britain

US spies intercepted communications of the then Russian president, Dmitry Medvedev, during a G20 summit in London. Photograph: Alexander Zemlianichenko/AP

American spies based in the UK intercepted the top-secret communications of the then Russian president, Dmitry Medvedev, during his visit to Britain for the G20 summit in London, leaked documents reveal.

The details of the intercept were set out in a briefing prepared by the National Security Agency (NSA), America’s biggest surveillance and eavesdropping organisation, and shared with high-ranking officials from Britain, Australia, Canada and New Zealand.

The document, leaked by the NSA whistleblower Edward Snowden and seen by the Guardian, shows the agency believed it might have discovered “a change in the way Russian leadership signals have been normally transmitted”.

The disclosure underlines the importance of the US spy hub at RAF Menwith Hill in Harrogate, North Yorkshire, where hundreds of NSA analysts are based, working alongside liaison officers from GCHQ.

The document was drafted in August 2009, four months after the visit by Medvedev, who joined other world leaders in London, including the US president, Barack Obama, for the event hosted by the British prime minister, Gordon Brown.

Medvedev arrived in London on Wednesday 1 April and the NSA intercepted communications from his delegation the same day, according to the NSA paper, entitled: “Russian Leadership Communications in support of President Dmitry Medvedev at the G20 summit in London – Intercept at Menwith Hill station.”

The document starts with two pictures of Medvedev smiling for the world’s media alongside Brown and Obama in bilateral discussions before the main summit.
RAF Menwith Hill in North Yorkshire. Photograph: Nigel Roddis/Reuters

The report says: “This is an analysis of signal activity in support of President Dmitry Medvedev’s visit to London. The report details a change in the way Russian leadership signals have been normally transmitted. The signal activity was found to be emanating from the Russian embassy in London and the communications are believed to be in support of the Russian president.”

The NSA interception of the Russian leadership at G20 came hours after Obama and Medvedev had met for the first time. Relations between the two leaders had been smoothed in the runup to the summit with a series of phone calls and letters, with both men wanting to establish a trusting relationship to discuss the ongoing banking crisis and nuclear disarmament.

In the aftermath of their discussions on 1 April, the two men issued a joint communique saying they intended to “move further along the path of reducing and limiting strategic offensive arms in accordance with the treaty on the non-proliferation of nuclear weapons”.

A White House official who briefed journalists described the meeting as “a very successful first meeting focused on real issues”. The official said it had been important for the men to be open about the issues on which they agreed and disagreed. Obama had stressed the need to be candid, the official noted.

While it has been widely known the two countries spy on each other, it is rare for either to be caught in the act; the latest disclosures will also be deeply embarrassing for the White House as Obama prepares to meet Vladimir Putin, who succeeded Medvedev as president, in the margins of the G8 summit this week.

The two countries have long complained about the extent of each other’s espionage activities, and tit-for-tat expulsions of diplomats are common. A year after Obama met Medvedev, the US claimed it had broken a highly sophisticated spy ring that carried out “deep cover” assignments in the US.

Ten alleged Russian spies living in America were arrested.

Putin was withering of the FBI-led operation: “I see that your police have let themselves go and put some people in jail, but I guess that is their job. I hope the positive trend that we have seen develop in our bilateral relations recently will not be harmed by these events.” Last month, the Russians arrested an American in Moscow who they alleged was a CIA agent.

The new revelations underline the significance of RAF Menwith Hill and raise questions about its relationship to the British intelligence agencies, and who is responsible for overseeing it. The 560-acre site was leased to the Americans in 1954 and the NSA has had a large presence there since 1966.

It has often been described as the biggest surveillance and interception facility in the world, and has 33 distinct white “radomes” that house satellite dishes. A US base in all but name, it has British intelligence analysts seconded to work alongside NSA colleagues, though it is unclear how the two agencies obtain and share intelligence – and under whose legal authority they are working under.

Ewen MacAskill, Nick Davies, Nick Hopkins, Julian Borger and James Ball
The Guardian, Monday 17 June 2013

Find this story at 17 June 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

GCHQ intercepted foreign politicians’ communications at G20 summits

Exclusive: phones were monitored and fake internet cafes set up to gather information from allies in London in 2009

Documents uncovered by the NSA whistleblower, Edward Snowden, reveal surveillance of G20 delegates’ emails and BlackBerrys. Photograph: Guardian

Foreign politicians and officials who took part in two G20 summit meetings in London in 2009 had their computers monitored and their phone calls intercepted on the instructions of their British government hosts, according to documents seen by the Guardian. Some delegates were tricked into using internet cafes which had been set up by British intelligence agencies to read their email traffic.

The revelation comes as Britain prepares to host another summit on Monday – for the G8 nations, all of whom attended the 2009 meetings which were the object of the systematic spying. It is likely to lead to some tension among visiting delegates who will want the prime minister to explain whether they were targets in 2009 and whether the exercise is to be repeated this week.

The disclosure raises new questions about the boundaries of surveillance by GCHQ and its American sister organisation, the National Security Agency, whose access to phone records and internet data has been defended as necessary in the fight against terrorism and serious crime. The G20 spying appears to have been organised for the more mundane purpose of securing an advantage in meetings. Named targets include long-standing allies such as South Africa and Turkey.

There have often been rumours of this kind of espionage at international conferences, but it is highly unusual for hard evidence to confirm it and spell out the detail. The evidence is contained in documents – classified as top secret – which were uncovered by the NSA whistleblower Edward Snowden and seen by the Guardian. They reveal that during G20 meetings in April and September 2009 GCHQ used what one document calls “ground-breaking intelligence capabilities” to intercept the communications of visiting delegations.

This included:

• Setting up internet cafes where they used an email interception programme and key-logging software to spy on delegates’ use of computers;

• Penetrating the security on delegates’ BlackBerrys to monitor their email messages and phone calls;

• Supplying 45 analysts with a live round-the-clock summary of who was phoning who at the summit;

• Targeting the Turkish finance minister and possibly 15 others in his party;

• Receiving reports from an NSA attempt to eavesdrop on the Russian leader, Dmitry Medvedev, as his phone calls passed through satellite links to Moscow.

The documents suggest that the operation was sanctioned in principle at a senior level in the government of the then prime minister, Gordon Brown, and that intelligence, including briefings for visiting delegates, was passed to British ministers.

A briefing paper dated 20 January 2009 records advice given by GCHQ officials to their director, Sir Iain Lobban, who was planning to meet the then foreign secretary, David Miliband. The officials summarised Brown’s aims for the meeting of G20 heads of state due to begin on 2 April, which was attempting to deal with the economic aftermath of the 2008 banking crisis. The briefing paper added: “The GCHQ intent is to ensure that intelligence relevant to HMG’s desired outcomes for its presidency of the G20 reaches customers at the right time and in a form which allows them to make full use of it.” Two documents explicitly refer to the intelligence product being passed to “ministers”.
One of the GCHQ documents. Photograph: Guardian

According to the material seen by the Guardian, GCHQ generated this product by attacking both the computers and the telephones of delegates.

One document refers to a tactic which was “used a lot in recent UK conference, eg G20”. The tactic, which is identified by an internal codeword which the Guardian is not revealing, is defined in an internal glossary as “active collection against an email account that acquires mail messages without removing them from the remote server”. A PowerPoint slide explains that this means “reading people’s email before/as they do”.

The same document also refers to GCHQ, MI6 and others setting up internet cafes which “were able to extract key logging info, providing creds for delegates, meaning we have sustained intelligence options against them even after conference has finished”. This appears to be a reference to acquiring delegates’ online login details.

Another document summarises a sustained campaign to penetrate South African computers, recording that they gained access to the network of their foreign ministry, “investigated phone lines used by High Commission in London” and “retrieved documents including briefings for South African delegates to G20 and G8 meetings”. (South Africa is a member of the G20 group and has observer status at G8 meetings.)
Another excerpt from the GCHQ documents. Photograph: Guardian

A detailed report records the efforts of the NSA’s intercept specialists at Menwith Hill in North Yorkshire to target and decode encrypted phone calls from London to Moscow which were made by the Russian president, Dmitry Medvedev, and other Russian delegates.

Other documents record apparently successful efforts to penetrate the security of BlackBerry smartphones: “New converged events capabilities against BlackBerry provided advance copies of G20 briefings to ministers … Diplomatic targets from all nations have an MO of using smartphones. Exploited this use at the G20 meetings last year.”

The operation appears to have run for at least six months. One document records that in March 2009 – the month before the heads of state meeting – GCHQ was working on an official requirement to “deliver a live dynamically updating graph of telephony call records for target G20 delegates … and continuing until G20 (2 April).”

Another document records that when G20 finance ministers met in London in September, GCHQ again took advantage of the occasion to spy on delegates, identifying the Turkish finance minister, Mehmet Simsek, as a target and listing 15 other junior ministers and officials in his delegation as “possible targets”. As with the other G20 spying, there is no suggestion that Simsek and his party were involved in any kind of criminal offence. The document explicitly records a political objective – “to establish Turkey’s position on agreements from the April London summit” and their “willingness (or not) to co-operate with the rest of the G20 nations”.

The September meeting of finance ministers was also the subject of a new technique to provide a live report on any telephone call made by delegates and to display all of the activity on a graphic which was projected on to the 15-sq-metre video wall of GCHQ’s operations centre as well as on to the screens of 45 specialist analysts who were monitoring the delegates.

“For the first time, analysts had a live picture of who was talking to who that updated constantly and automatically,” according to an internal review.

A second review implies that the analysts’ findings were being relayed rapidly to British representatives in the G20 meetings, a negotiating advantage of which their allies and opposite numbers may not have been aware: “In a live situation such as this, intelligence received may be used to influence events on the ground taking place just minutes or hours later. This means that it is not sufficient to mine call records afterwards – real-time tip-off is essential.”

In the week after the September meeting, a group of analysts sent an internal message to the GCHQ section which had organised this live monitoring: “Thank you very much for getting the application ready for the G20 finance meeting last weekend … The call records activity pilot was very successful and was well received as a current indicator of delegate activity …

“It proved useful to note which nation delegation was active during the moments before, during and after the summit. All in all, a very successful weekend with the delegation telephony plot.”

Ewen MacAskill, Nick Davies, Nick Hopkins, Julian Borger and James Ball
The Guardian, Monday 17 June 2013

Find this story at 17 June 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

G20 summit: Britain plunged into diplomatic row over claims GCHQ spied on foreign politicians

Intelligence services were even said to have set up internet cafés at the summit venues which they used to read emails

Britain was plunged into a diplomatic row last night following claims that foreign politicians and diplomats were repeatedly spied upon when they attended two G20 summit meetings in London.

The allegations provoked anger in Turkey, Russia and South Africa, whose dignitaries were reportedly targeted by the covert surveillance operations in 2009 while Gordon Brown was Prime Minister.

The intelligence services were even said to have set up internet cafés at the summit venues which they used to read emails sent by visiting officials.

David Cameron refused yesterday to comment on the allegations, which proved an embarrassing distraction for him as the leaders of G8 nations gathered for a two-day meeting at Lough Erne, Northern Ireland.

However, one British source said he was not surprised by the claims and said it was always assumed other delegations tried to listen in to other countries’ private discussions at international summits.

Turkey, up to 15 of whose officials could have been snooped on in London, spelt out its fury and contacted the UK’s ambassador to Ankara to demand an explanation. It described the report in the Guardian as “very worrying”, particularly as Turkey and Britain are both members of Nato.

“We want an official and satisfactory explanation,” said a spokesman for the Turkish foreign ministry. “If these allegations are true, this is going to be scandalous for the UK.

“At a time when international co-operation depends on mutual trust, respect and transparency, such behaviour by an allied country is unacceptable.”

Clayson Monyela, a spokesman for South Africa’s foreign ministry said in his twitter feed that the matter was “extremely disturbing” and was “receiving attention”.

He said Britain and South Africa had cordial relations and called on London to investigate the claims “with a view to take strong & visible action”.

Alexei Pushkov, the chief of foreign affairs committee in the lower house of Russian parliament, tweeted: “It’s a scandal! The U.S. and British special services tapped (then President Dmitry) Medvedev’s phone at the 2009 G-20 summit. The US denies it, but we can’t trust them.”

Sergei Devyatov, a spokesman for the Federal Protection Service, which provides security for Russian government officials, said in a statement: “The Federal Protective Service is taking every necessary measure to provide the appropriate level of confidentiality of information for top-ranking officials of the country.”

According to yesterday’s report, secret documents show that delegates to the two summits had their computers monitored and phones intercepted on the Government’s orders.

The Guardian said the leaked papers suggested the operation was sanctioned at a senior level in Mr Brown’s government. One briefing paper said the head of GCHQ was about to meet David Miliband, who was the Foreign Secretary at the time.

One former Brown aide told the Independent yesterday: “We always assumed that everyone else did it at such meetings. We were advised not to plug in our laptops, use photocopiers, wi-fi or our usual Blackberrys – we would be given a different one for the duration of a summit.

“Traditionally the French were always at it. Others joined in so as not to be at a disadvantage. It was about knowing the thinking in the other delegations. But usually it didn’t yield much that was very surprising. It was regarded as fair game because every government did the same. I don’t know if it ever extended from governments to civil society or the media, that would be different and much more sinister.”

Tackled about the reports, Mr Cameron said today: “We never comment on security or intelligence issues and I am not about to start now. I don’t make comments on security or intelligence issues – that would be breaking something that no government has previously done.”

David Miliband could not be contacted last night.

Nigel Morris, Andrew Grice
Tuesday, 18 June 2013

Find this story at 18 June 2013

© independent.co.uk

UK intelligence agencies planned to spy on Commonwealth summit delegates

Top-secret document, prepared by GCHQ, contained proposals to target Commonwealth allies at heads of government summit

The Queen and Commonwealth leaders at the heads of government summit in Trinidad. Photograph: Luis Acosta/AFP/Getty Images

UK intelligence agencies planned to spy on delegates to the Commonwealth heads of government meeting in 2009, including being asked to obtain information to give UK ministers an advantage in talks with their Commonwealth counterparts, according to a top-secret document seen by the Guardian.

The meeting, which takes place every two years, was held in Trinidad in 2009. The UK delegation was headed by the Queen, with Prince Philip also in attendance, along with Gordon Brown, the then prime minister, David Miliband, then foreign secretary, and Douglas Alexander, then international development secretary.

A page from an internal top-secret intranet of GCHQ, shared with the NSA, discovered by the 29-year-old whistleblower Edward Snowden and seen by the Guardian, shows a list of “key intelligence requirements” set out for the summit.

Alongside notes to check for threats against the security of the UK delegation during the visit, the document lists “Intelligence to inform UK senior’s [sic] Bi-lats”, “Initelligence [sic] on South Africa’s views on Zimbabwe prior to Brown/Zuma meeting” and “climate change reporting”.

The revelation that UK intelligence agencies made plans to target ministers and officials from Commonwealth countries, as well as the targeting of G20 officials disclosed elsewhere, is likely to raise tensions among the Commonwealth nations, who may seek clarity over whether their officials were bugged, and if so to what extent.

The note, which was prepared in advance of the meeting, also sets out a schedule for different UK agencies to set up their activities in Trinidad. MI6 were tasked to set up several days before the event, with GCHQ’s operation beginning with the arrival of delegates. The Guardian is not publishing the original document as it contains logistical details and some limited references to personnel.

The 2009 Commonwealth meeting, which was also attended by Nicolas Sarkozy, then president of France, appears to have been the first time MI6 – formally known as SIS, or the Secret Intelligence Service – had been asked to gather intelligence from a Commonwealth heads of government gathering.

“SIS have no past history of targeting this meeting,” the document notes in an explanation of why operations might be limited in their scope.

As it was prepared in advance of the Commonwealth meeting, the memo does not confirm to what extent surveillance was carried out, or even whether planned operations actually took place.

However, it does stress to agency staff that “we will be measured on our ability to deliver”.

The memo also shows that the agencies were preparing to brief senior ministers, and the prime minister, during the conference.

The memo noted that Lady Kinnock was available for briefings from 25 to 29 November, David Miliband could be briefed from 26 to 29 November, and Gordon Brown on 29 November only.

There is no indication as to whether the briefings actually took place, or whether the ministers were aware of the security services’ plans for the summit.

Ewen MacAskill, Nick Davies, Nick Hopkins, Julian Borger and James Ball
The Guardian, Sunday 16 June 2013 20.47 BST

Find this story at 16 June 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Prism scandal: Agency to reveal US links ‘shortly’ after claims that thousands of Britons may have been spied on by GCHQ

Disclosure triggers civil liberties storm as the information-sharing agreement had not been made known to Parliament or the public as accusations raise ethical and legal concerns over direct access to ‘millions’ of web users

A report by GCHQ to Parliament’s Intelligence and Security Committee on the listening agency’s links to a secret US spy programme is due shortly.

The Intelligence and Security Committee (ISC) will receive a report on claims that it received material through the secret Prism scheme “very shortly”, according to chairman Sir Malcolm Rifkind.

“The ISC is aware of the allegations surrounding data obtained by GCHQ via the US Prism programme,” Sir Malcolm said.

“The ISC will be receiving a full report from GCHQ very shortly and will decide what further action needs to be taken as soon as it receives that information.”

This development came after allegations that thousands of Britons could have been spied on by GCHQ under a “chilling” link to a secret American operation covertly collecting data from the world’s largest internet companies.

David Cameron and Theresa May, the Home Secretary, faces cross-party demands to spell out details of links between the electronic eavesdropping centre in Cheltenham and the previously-unknown Prism programme operated by the National Security Agency (NSA).

The disclosure triggered a civil liberties storm as the information-sharing agreement had not been made known to Parliament or the public.

Ms May, who is determined to revive her own “snoopers’ charter” plans to require telecoms companies to collect data about people’s internet habits, will be confronted by MPs over the claims in the Commons on Monday.

Under Prism, American agents were able to glean data, including the contents of emails and web-chats, direct from the servers of major providers including Facebook, Google and Yahoo.

It emerged that some of the information had been passed to GCHQ, raising fears that the agency had been sidestepping the usual legal process for requesting intelligence material about UK nationals. The agency insists it operates within a “strict legal and policy framework”.

According to documents, GCHQ received 197 intelligence reports through the Prism system in the 12 months to May 2012, a rise of 137 per cent on the previous year.

Keith Vaz, the chairman of the Commons home affairs select committee, said he was writing to Ms May to demand an explanation.

He said: “I am astonished by these revelations which could involve the data of thousands of Britons. The most chilling aspect is that ordinary American citizens and potentially British citizens too were apparently unaware that their phone and online interactions could be watched. This seems to be the snooper’s charter by the back door.”

The existence of the Prism programme was revealed by the Washington Post and the Guardian, which obtained a copy of a presentation to NSA agents on the extent of its reach.

Further classified documents released yesterday pointed to the British link, noting that “special programmes exist for GCHQ for focused Prism processing”, suggesting the agency may have been making requests for specific information.

A GCHQ spokesman said: “Our work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Intelligence and Security Committee.”

A Government spokesman said he would “neither confirm nor deny” the claims about GCHQ and refused to disclose whether the subject was being discussed with the US authorities.

However, the senior Conservative MP, David Davis, said it was difficult to reconcile GCHQ’s statement that it was subject to proper scrutiny with Parliament’s ignorance of the programme.

He said: “In the absence of parliamentary knowledge approval by a secretary of state is a process of authorisation, not a process of holding to account. Since nobody knew it was happening at all there is no possibility of complaint.”

The Liberal Democrat MP Julian Huppert said he would be tabling a series of parliamentary questions about the GCHQ revelations on Monday and would be calling for a Commons statement from Ms May.

He said: “We have to understand exactly what information they have had and what the safeguards are. It’s deeply, deeply alarming.”

The controversy has added to the pressure on Nick Clegg from Liberal Democrats not to allow Ms May to revive the “snooper’s charter” after the Woolwich terrorist attack. Gareth Epps, co-chair the Social Liberal Forum, said: “Instead of Theresa May forcing through expensive and intrusive legislation, there should be statement by the Government on the purpose and scope of data harvesting of British citizens under Prism.”

Concerns about the disclosures were also raised by the Information Commissioner’s Office. A spokesman said: “There are real issues about the extent to which US law enforcement agencies can access personal data of UK and other European citizens. Aspects of US law under which companies can be compelled to provide information to US agencies potentially conflict with European data protection law, including the UK’s own Data Protection Act.”

Nick Pickles of the civil liberties campaign group Big Brother Watch said questions needed to be asked at the “highest levels” to establish whether British citizens had had their privacy breached “without adherence to the proper legal process or any suspicion of wrongdoing”.

James Blessing, chief technology officer of ISP Keycom, and a council member of the Internet Service Providers’ Association, described the leaked document describing the NSA programme as “really quite scary”.

He said: “If, as this document claims, the NSA has direct access to those servers – unfettered, unbroken access – the NSA can see anything anyone in the UK is doing without any safeguards or controls. It’s been shown that if people have unfettered access they have a propensity to go and look, they can’t help themselves and they will go and find things.”

Whitehall sources said established channels had long been used by GCHQ to request information from the US. However, that the UK service had no direct access to Prism or any similar intelligence gathering systems of the NSA. There were no UK personnel present even as part of any exchange programme when the system may have been used, they claimed.

According to US sources what is called telephone “metadata” gathered from the mobile telephone records of customers of Verizon by the NSA was almost certainly been passed on to GCHQ, although what was released remained at the discretion of the Americans.

Nigel Morris, Kim Sengupta, Ian Burrell
Saturday, 8 June 2013

Find this story at 8 June 2013

© independent.co.uk

UK gathering secret intelligence via covert NSA operation

Exclusive: UK security agency GCHQ gaining information from world’s biggest internet firms through US-run Prism programme

Documents show GCHQ (above) has had access to the NSA’s Prism programme since at least June 2010. Photograph: David Goddard/Getty Images

The UK’s electronic eavesdropping and security agency, GCHQ, has been secretly gathering intelligence from the world’s biggest internet companies through a covertly run operation set up by America’s top spy agency, documents obtained by the Guardian reveal.

The documents show that GCHQ, based in Cheltenham, has had access to the system since at least June 2010, and generated 197 intelligence reports from it last year.

The US-run programme, called Prism, would appear to allow GCHQ to circumvent the formal legal process required to seek personal material such as emails, photos and videos from an internet company based outside the UK.

The use of Prism raises ethical and legal issues about such direct access to potentially millions of internet users, as well as questions about which British ministers knew of the programme.

In a statement to the Guardian, GCHQ, insisted it “takes its obligations under the law very seriously”.

The details of GCHQ’s use of Prism are set out in documents prepared for senior analysts working at America’s National Security Agency, the biggest eavesdropping organisation in the world.

Dated April this year, the papers describe the remarkable scope of a previously undisclosed “snooping” operation which gave the NSA and the FBI easy access to the systems of nine of the world’s biggest internet companies. The group includes Google, Facebook, Microsoft, Apple, Yahoo and Skype.

The documents, which appear in the form of a 41-page PowerPoint presentation, suggest the firms co-operated with the Prism programme. Technology companies denied knowledge of Prism, with Google insisting it “does not have a back door for the government to access private user data”. But the companies acknowledged that they complied with legal orders.

The existence of Prism, though, is not in doubt.

Thanks to changes to US surveillance law introduced under President George W Bush and renewed under Barack Obama in December 2012, Prism was established in December 2007 to provide in-depth surveillance on live communications and stored information about foreigners overseas.

The law allows for the targeting of any customers of participating firms who live outside the US, or those Americans whose communications include people outside the US.

The documents make clear the NSA has been able to obtain unilaterally both stored communications as well as real-time collection of raw data for the last six years, without the knowledge of users, who would assume their correspondence was private.

The NSA describes Prism as “one of the most valuable, unique and productive accesses” of intelligence, and boasts the service has been made available to spy organisations from other countries, including GCHQ.

It says the British agency generated 197 intelligence reports from Prism in the year to May 2012 – marking a 137% increase in the number of reports generated from the year before. Intelligence reports from GCHQ are normally passed to MI5 and MI6.

The documents underline that “special programmes for GCHQ exist for focused Prism processing”, suggesting the agency has been able to receive material from a bespoke part of the programme to suit British interests.

Unless GCHQ has stopped using Prism, the agency has accessed information from the programme for at least three years. It is not mentioned in the latest report from the Interception of Communications Commissioner Office, which scrutinises the way the UK’s three security agencies use the laws covering the interception and retention of data.

Asked to comment on its use of Prism, GCHQ said it “takes its obligations under the law very seriously. Our work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the secretary of state, the interception and intelligence services commissioners and the intelligence and security committee”.

The agency refused to be drawn on how long it had been using Prism, how many intelligence reports it had gleaned from it, or which ministers knew it was being used.

A GCHQ spokesperson added: “We do not comment on intelligence matters.”

The existence and use of Prism reflects concern within the intelligence community about access it has to material held by internet service providers.

Many of the web giants are based in the US and are beyond the jurisdiction of British laws. Very often, the UK agencies have to go through a formal legal process to request information from service providers.

Because the UK has a mutual legal assistance treaty with America, GCHQ can make an application through the US department of justice, which will make the approach on its behalf.

Though the process is used extensively – almost 3,000 requests were made to Google alone last year – it is time consuming. Prism would appear to give GCHQ a chance to bypass the procedure.

In its statement about Prism, Google said it “cares deeply about the security of our users’ data. We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government ‘back door’ into our systems, but Google does not have a back door for the government to access private user data”.

Several senior tech executives insisted they had no knowledge of Prism or of any similar scheme. They said they would never have been involved in such a programme.

“If they are doing this, they are doing it without our knowledge,” one said. An Apple spokesman said it had “never heard” of Prism.

In a statement confirming the existence of Prism, James Clapper, the director of national intelligence in the US, said: “Information collected under this programme is among the most important and valuable intelligence information we collect, and is used to protect our nation from a wide variety of threats.”

A senior US administration official said: “The programme is subject to oversight by the foreign intelligence surveillance court, the executive branch, and Congress. It involves extensive procedures, specifically approved by the court, to ensure that only non-US persons outside the US are targeted, and that minimise the acquisition, retention and dissemination of incidentally acquired information about US persons.”

Nick Hopkins
guardian.co.uk, Friday 7 June 2013 14.27 BST

Find this story at 7 June 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Intelligence chiefs and special forces plot Sahara mission

Action against al-Qa’ida in North Africa could last decades, PM warns

The West faces a decades-long battle to defeat al-Qa’ida in North Africa, David Cameron warned today, as he signalled a dramatic shift in the UK’s fight against terrorism.

The heads of MI5, MI6, GCHQ and the Chief of the Defence Staff will gather on Tuesday to begin planning Britain’s response to the burgeoning terror threat from Saharan Africa.

Britain will offer money, military co-operation and security training to African states to head off the advance of Islamist radicalism.

Special forces are understood to be preparing to hunt down the jihadist leader behind the siege and hostage killings in Algeria, Mokhtar Belmokhtar.

Britain will use its chairmanship of the G8 to focus militarily and diplomatically on the Sahara region, following the hostage crisis which claimed the lives of up to six Britons. One Middle East expert likened the long-term impact of the atrocity in Algeria to the 9/11 attacks.

Following the end of the four-day stand-off at the BP gas plant at In Amenas, Algerian forces discovered 25 more bodies and took five militants alive. The death toll had previously been put at 23 hostages and 32 captors.

Three Britons have been confirmed among the dead and another three are feared to have been killed during the siege, which ended with a shoot-out on Saturday. Tonight 46-year-old Paul Thomas Morgan was the first British victim to be named by the Foreign and Commonwealth Office.

Kenneth Whiteside, an engineer from Glenrothes in Fife, and Garry Barlow, a BP systems supervisor from Merseyside, are also understood to be among the dead. Another UK resident was also believed to have been killed.

Twenty-two other British nationals have arrived home, many with chilling stories of how they evaded capture by jihadists belonging to an al-Qa’ida splinter group styling themselves Those Who Sign In Blood.

Alan Wright, from Aberdeenshire, told of how he hid in an office for 24 hours before joining Algerian workers who cut their way through a perimeter fence and fled.

Mr Cameron will update MPs on the attack today and hold a meeting of Whitehall’s emergency Cobra committee to consider the implications of the attack.

French forces – with support from Britain – are attempting to oust insurgents from northern Mali, amid fears that neighbouring countries including Niger and Mauritania could fall under their influence.

As the French Defence Minister, Jean-Yves Le Drian, described the hostage-taking as an “act of war”, Belmokhtar was reported to be “ready to negotiate” in return for an end to the action in Mali.

Last night Mauritanian news website Sahara Media said Belmokhtar had claimed responsibility in the name of al Qa’ida for the hostage-taking in a video. He had said: “We in al Qa’ida announce this blessed operation. We are ready to negotiate with the West and the Algerian government provided they stop their bombing of Mali’s Muslims. We had around 40 jihadists, most of them from Muslim countries and some even from the West.”

A BP spokesman would not comment on reports in Algeria that Belmokhtar’s men had infiltrated the gas plant as drivers, cooks and guards working on short-term contracts.

Mr Cameron spelt out the scale of the challenge posed by al-Qa’ida-affiliated groups operating in the region. “It will require a response that is about years, even decades, rather than months,” he said. “And it requires a response that is painstaking, that is tough but also intelligent, but above all has an absolutely iron resolve. And that is what we will deliver over these coming years.

“What we face is an extremist, Islamist, al-Qa’ida-linked terrorist group. Just as we had to deal with that in Pakistan and in Afghanistan, so the world needs to come together to deal with this threat in North Africa… We need to work with others to defeat the terrorists and to close down the ungoverned spaces where they thrive with all the means that we have.”

The Government has not ruled out giving extra help to the French-led operation in Mali.

However, Whitehall sources said the terrorist threat in the region would ultimately be best tackled by diplomatic means. Britain is to beef up its presence in nations where the UK historically had a limited presence and to liaise more closely with Paris over the challenges faced by the traditionally Francophone area.

Abdelasiem el-Difraoui, an al-Qa’ida expert with the Berlin Institute for Media and Communications Studies, told a French newspaper that the hostage-taking would for France make as “a huge bang as strong as September 11”.

The French Government distanced itself from suggestions among other nations caught up in the hostage crisis that Algeria’s response was “heavy-handed”.

President François Hollande said: “When so many hostages have been taken and when the terrorists are ready to murder them in cold blood, I think the Algerian approach was the best one.”
Britons in the desert

Garry Barlow: Semtex was strapped to his chest

Garry Barlow, 49, was a systems supervisor for BP Exploration Algeria, Statoil and Sonatrach JV. He lived in the Mossley Hill area of Liverpool with his wife Lorraine, and sons Scott, 17, and Paul, 15.

He had been working in In Amenas since October 2011, and had worked previously for Addax Petroleum and Shell EP on the west coast of Central Africa.

He was captured with some of his colleagues including 29-year-old project services contracts administrator Mark Grant, who is believed to have survived the ordeal.

Initial reports suggested Mr Barlow was safe and well and was being repatriated by the Foreign Office, but he is now thought to have died as Algerian troops tried to regain control of the compound.

The last his wife heard from him was a message in which he said: “I’m sitting here at my desk with Semtex strapped to my chest. The local army have already tried and failed to storm the plant and they’ve said that if that happens again they are going to kill us all.”

Paul Morgan: Former soldier died fighting

The first British victim of the Algerian hostage crisis was described last night as a “true gentleman” who “loved life and lived it to the full”.

Paul Morgan, 46, from Liverpool, a former soldier with the French Foreign Legion, reportedly “went down fighting” when the bus he was travelling in was attacked by the kidnappers last Wednesday.

His mother Marianne and partner Emma Steele, 36, paid tribute to him: “Paul died doing the job he loved. We are so proud of him and so proud of what he achieved in his life. He will be truly missed.”

Kenneth Whiteside: Shot as army stormed compound

Kenneth Whiteside had been living in Johannesburg with his wife and two daughters but was originally from Glenrothes in Fife.

An Algerian colleague at the plant is said to have witnessed the BP project services manager “being shot” by his captors as commandos stormed the compound.

The 59-year-old was educated at Auchmuty High School and studied engineering at Glenrothes Technical College between 1970 and 1974.

Friends posted tribute messages on his Facebook account on Saturday. Steward Goodwin in South Africa wrote: “How will we understand this? My heartfelt condolences go to the family and friends who are trying to come to terms with this senseless murder.”

Billy Hunter wrote: “We’ll always remember him and his bagpipes.” “It’s hard to understand such senseless waste of life,” added Joe McMahon.

…

Nigel Morris, John Lichfield
Monday, 21 January 2013

Find this story at 21 January 2013

© independent.co.uk