European Parliament: LIBE Committee Inquiry on Electronic Mass Surveillance of EU Citizens
Final: Report on the US NSA surveillance programme, surveillance bodies in various Member States and their impact on EU citizens’ fundamental rights and on transatlantic cooperation in Justice and Home Affairs(pdf): Rapporteur: Claude Moraes MEP. And see: European Parliament: LIBE Committee Inquiry: Electronic Mass Surveillance of EU Citizens: Proceedings, Outcome and Background documents: (140 pages, pdf)
See: EPIC - NSA Telephone Records Surveillance (Electronic Privacy Information Centre, USA, link), ACLU: Surveillance & Privacy (link), International Principles on the Application of Human Rights to Communications Surveillance, Stopwatching us (USA, link), Privacy not Prism (link), UK: DON’T SPY ON US launch (link)
Sources: Guardian: NSA Files (link) and NSA documents - Guardian (link), BBC News: US spy leaks: How intelligence is gathered (link) Wikipedi: Special Collection Service (Link), Al Jazeera (Timeline, link), Fibre optic: Submarine Cable Map (link) and Chart: Worldwide SIGINT/Defense Cryptologic Platform (jpg)
December 2016
Portugal to extradite CIA agent over Milan imam abduction (The Local.it, link):
" Portugal plans to extradite to Italy a former CIA agent convicted over the 2003 abduction of a radical Egyptian imam, a case that highlighted the controversial US secret rendition programme. Sabrina de Sousa, arrested at Lisbon airport in October 2015 under a European warrant, said Friday that the extradition procedure was due to start "after January 3rd".
De Sousa and 23 others were convicted in absentia by an Italian court in 2009 over the kidnapping of Abu Omar from a Milan street in an operation allegedly led jointly by the CIA and the Italian intelligence services."
NSA-GCHQ: American and British Spy Agencies Targeted In-Flight Mobile Phone Use (The Intercept, link):
"the emergence of a new field of espionage that had not yet been explored: the interception of data from phone calls made on board civil aircraft. In a separate internal document from a year earlier, the NSA reported that 50,000 people had already used their mobile phones in flight as of December 2008, a figure that rose to 100,000 by February 2009. The NSA attributed the increase to “more planes equipped with in-flight GSM capability, less fear that a plane will crash due to making/receiving a call, not as expensive as people thought.” The sky seemed to belong to the agency."
See: Five Eyes: In-flight GSM (pdf)
October 2016
Private Eyes: The Little-Known Company That Enables Worldwide Mass Surveillance (The Intercept, link):
"It was a powerful piece of technology created for an important customer. The Medusa system, named after the mythical Greek monster with snakes instead of hair, had one main purpose: to vacuum up vast quantities of internet data at an astonishing speed.
The technology was designed by Endace, a little-known New Zealand company. And the important customer was the British electronic eavesdropping agency, Government Communications Headquarters, or GCHQ.
Dozens of internal documents and emails from Endace, obtained by The Intercept and reported in cooperation with Television New Zealand, reveal the firm’s key role helping governments across the world harvest vast amounts of information on people’s private emails, online chats, social media conversations, and internet browsing histories.
The leaked files, which were provided by a source through SecureDrop.."
Europe’s Top Human Rights Court Will Consider Legality of Surveillance Exposed by Edward Snowden (The Intercept, link):
"Human rights groups have launched a major new legal challenge over mass surveillance programs revealed by the National Security Agency whistleblower Edward Snowden.
Ten organizations – including Privacy International, the American Civil Liberties Union, and Amnesty International – are taking up the landmark case against the U.K. government in the European Court of Human Rights (pictured above). In a 115-page complaint released on Thursday, the groups allege that “blanket and indiscriminate” surveillance operations carried out by British spy agencies in collaboration with their U.S. counterparts violate privacy and freedom of expression rights."
See: Full-text of NGOs case to ECHR (pdf)
September 2016
USA-UK: Inside Menwith Hill: The NSA’s British Base at the Heart of U.S. Targeted Killing (The Intercept, link):
"For years, journalists and researchers have speculated about what really goes on inside Menwith Hill, while human rights groups and some politicians have campaigned for more transparency about its activities. Yet the British government has steadfastly refused to comment, citing a longstanding policy not to discuss matters related to national security.
Now, however, top-secret documents obtained by The Intercept offer an unprecedented glimpse behind Menwith Hill’s razor wire fence. The files reveal for the first time how the NSA has used the British base to aid “a significant number of capture-kill operations” across the Middle East and North Africa, fueled by powerful eavesdropping technology that can harvest data from more than 300 million emails and phone calls a day.....
The disclosures about Menwith Hill raise new questions about the extent of British complicity in U.S. drone strikes and other so-called targeted killing missions, which may in some cases have violated international laws or constituted war crimes. Successive U.K. governments have publicly stated that all activities at the base are carried out with the “full knowledge and consent” of British officials."
March 2016
EU-USA: EPIC Intervenes in Privacy Case before European Court of Human Rights (link)
Today EPIC filed a brief in a case before the European Court of Human Rights. The case involves a challenge brought by 10 human rights organizations arguing that surveillance by British and U.S. intelligence organizations violated their fundamental rights. In its brief, EPIC explained that the NSA's "technological capacities" enable "wide scale surveillance" and that U.S. statutes do not restrict surveillance of non-U.S. persons abroad. "The NSA collects personal data from around the world and transfer that data without adequate legal protections." EPIC routinely files amicus briefs in federal and state cases that raise novel privacy issues. This is EPIC's first brief for the Court of Human Rights in Strasbourg. [emphasis added]
EU-USA: While President Obama signs the Judicial Redress act, are the European Commission and the Parliament sharing the same Umbrella? (EASFJ, link):
"The European Commission is dealing with challenges on another EU-U.S. data sharing deal: the Parliament legal service and MEPs argued that the so-called Umbrella Agreement, which will be brought into being with the signature of the Judicial Redress Act, does not comply with EU law."
February 2016
EU-USA: DATA PROTECTION: Germany has no access to Privacy Shield documents - so presumably no EU Member State has either?: Council of the European Union: Renewed Framework for Transatlantic Transfers of Personal Data / EU-US Privacy Shield - Request by the German delegation for information from the Commission on the state of play (Doc no: 6031-16, pdf):
"In the view of the German delegation, the upcoming weeks should be used for a close dialogue between the Member States, the Commission, the Article 29 Working Party and the US Government in order to achieve a legal framework that meets the conditions set out by the European Court of Justice.
Therefore, Germany wishes to invite the Commission to report on the details of the agreement with the US side and to provide the relevant documents to the Council. This will enable the Member States to assess the outcomes of the agreement and to enter into a close dialogue with all parties involved".[emphasis added]
EU-USA Data protection: EPIC: 'Judicial Redress Act' Provides Little Redress
"The Judicial Redress Act of 2015, which amends the Privacy Act of 1974, has been passed by Congress and moved on to the President for signature. The Act fails to extend Privacy Act protections to non-US citizens, and as adopted coerces EU countries to transfer data to the US.."
How your innocent smartphone passes on almost your entire life to the secret service (Bits of Freedom, link):
"Intelligence services collect metadata on the communication of all citizens. Politicians would have us believe that this data doesn’t say all that much. A reader of De Correspondent put this to the test and demonstrated otherwise: metadata reveals a lot more about your life than you think."
UK: Investigatory Powers Tribunal Rules GCHQ Hacking Lawful (Privacy International, link): "The Investigatory Powers Tribunal (“IPT”) today held that GCHQ hacking of computers, mobile devices and networks is lawful, wherever it occurs around the world. We are disappointed that the IPT has not upheld our complaint and we will be challenging its findings.
Our complaint is the first UK legal challenge to state-sponsored hacking, an exceptionally intrusive form of surveillance. We contended that GCHQ hacking operations were incompatible with democratic principles and human rights standards. We further argued that GCHQ, which until these proceedings was hacking in secret, had no clear authority under UK law to deploy these capabilities."
See also: Tribunal rules computer hacking by GCHQ is not illegal (BBC News, link)
USA: Judicial Redress Act 2015 (link): "The Senate Feb. 9 passes an amended version of the Judicial Redress Act which is a prerequisite for an umbrella U.S.-EU law enforcement agreement. Next Step: The amended bill must be reconciled with the pre-amendment version approved by the House in October 2015."
January 2016
UK: Joint Select Committee: Draft Investigatory Powers Bill: Report (pdf):
"Investigatory Powers: on the right track but significant changes needed.
In its report, published today, the Committee supports the intention behind the draft Bill, which is to bring together the numerous provisions in statute governing intrusive powers which already exist into one clear piece of legislation. But the Committee finds that important clarity is lacking in a number of areas."
Oral evidence (link) and Written Evidence (link)
EU: Ombudsman's finding of maladminiration by European Commission in failing to release documents concerning GCHQ: Decision in case 2004/2013/PMC on the European Commission's handling of an access to documents request relating to the surveillance of the internet by UK intelligence services (link):
"The Ombudsman is not persuaded that the Commission has adequately justified its decision to refuse public access to the remaining undisclosed documents. As it has neither disclosed these documents nor provided adequate reasons for refusing public access to them, it is clear that the Commission has rejected the Ombudsman's recommendation in relation to these documents. Furthermore, the Ombudsman notes that the Commission appears not to have taken any action as regards its investigation since 2013. The Ombudsman finds, therefore, that the Commission's actions in this case amount to maladministration and, in fact, to serious maladministration given the importance of the particular issue for EU citizens."
GERMANY-NSA: Germany restarts joint intelligence surveillance with US (DW, link): "Germany's BND intelligence agency is once again working with its US counterpart on Middle East surveillance. Collaboration had been suspended after it was revealed the US was spying on European officials and firms."
EU-USA: Time to get serious about Europe’s sabotage of US terror intelligence programs (Washington Post, link): "The intelligence tools that protect us from terrorism are under attack, and from an unlikely quarter. Europe, which depends on America’s intelligence reach to fend off terrorists, has embarked on a path that will sabotage some of our most important intelligence capabilities. This crisis has been a long time brewing, and up to now, the US has responded with a patchwork of stopgap half-solutions."
GCHQ-NSA: NSA Helped British Spies Find Security Holes In Juniper Firewalls (The Intercep, link):
"A TOP-SECRET document dated February 2011 reveals that British spy agency GCHQ, with the knowledge and apparent cooperation of the NSA, acquired the capability to covertly exploit security vulnerabilities in 13 different models of firewalls made by Juniper Networks, a leading provider of networking and Internet security gear."
December 2015
The Secret Surveillance Catalogue (The Intercept, link):
"Concerned about the militarization of law enforcement, a source within the intelligence community has provided The Intercept with a secret, internal U.S. government catalogue of dozens of cellphone surveillance devices used by the military and by intelligence agencies. Some of the devices are already in use by federal law enforcement and local police forces domestically, and civil liberties advocates believe others will eventually find their way into use inside the U.S. This product catalogue provides rare insight into the current spy capabilities of local law enforcement and offers a preview of the future of mass surveillance of mobile communications."
SNOWDEN: USA: FBI extradition letter to Denmark, Norway,Sweden and Finland (June 2013, pdf)
November 2015
Germany: Governments and NGOs: Germany Spied on Friends and Vatican (Spiegel Online, link):
"Efforts to spy on friends and allies by Germany's foreign intelligence agency, the BND, were more extensive than previously reported. SPIEGEL has learned the agency monitored European and American government ministries and the Vatican....
Since October's revelations, it has emerged that the BND spied on the United States Department of the Interior and the interior ministries of EU member states including Poland, Austria, Denmark and Croatia. The search terms used by the BND in its espionage also included communications lines belonging to US diplomatic outposts in Brussels and the United Nations in New York. The list even included the US State Department's hotline for travel warnings.
The German intelligence service's interest wasn't restricted to state institutions either: It also spied on non-governmental organizations like Care International, Oxfam and the International Committee of the Red Cross in Geneva"
UK: Independent Reviewer of Terrorism Legisaltion: The big reveal 7.11.15, link to site):
As sharp-eyed commentators have noted, the launch of the Investigatory Powers Bill was accompanied by a significant avowal: the use by intelligence agencies (but not the police) of a bulk collection power (relating to communications data but not to content or internet connection records) under s94 of the Telecommunications Act 1984, the details of which had never been made public.
A number of people have asked whether I was made aware of this power during my Investigatory Powers Review.
The answer is that I was informed promptly and in some detail about the exercise of this power at the outset of my Review. Until this week, that knowledge was extremely restricted and neither I nor the Intelligence and Security Committee of Parliament (ISC), which also knew about it, was authorised to reveal it."
See: How and why MI5 kept phone data spy programme secret (BBC News, link)
EDWARD SNOWDEN: Interview: Five hours with Edward Snowden (pdf): "Suddenly he opens the door. DN’s Lena Sundström and Lotta Härdelin had a unique meeting with the whistleblower who has fans all over the world but risks lifetime imprisonment in the home country he once tried to save..."
UK: Reasons to be fearful about surveillance (Guardian, link): "The debate over the draft bill in the coming months will set the balance between security and privacy in this country. Here’s how"
UK: Only 'tiny handful' of ministers knew of mass surveillance, Clegg reveals (Guardian, link): "Former deputy PM says he was astonished to learn how few cabinet members were aware of scale of UK spies’ reach into lives of British citizens.... The government finally admitted on Wednesday that the mass surveillance of British citizens began in 2001 after 9/11 and was stepped up in 2005, using powers under national security directions largely hidden in the 1984 Telecommunications Act."
and: The surveillance bill is flawed but at last we have oversight (Guardian, link): "In government I was shocked by the scale of MI5’s secret database. Its powers are at least now in the open... That the existence of this previously top secret database was finally revealed in parliament by the home secretary on Wednesday, as part of a comprehensive new investigatory powers bill covering many other previously secret intelligence capabilities""
See Statement in the House of Commons by the Home Secretary on 4 November 2015 (pdf):
"The Bill will make explicit provision for all of the powers available to the security and intelligence agencies to acquire data in bulk. That will include not only bulk interception provided under the Regulation of Investigatory Powers Act 2000 and which is vital to the work of GCHQ, but the acquisition of bulk communications data, both relating to the UK and overseas.
That is not a new power. It will replace the power under Section 94 of the Telecommunications Act 1984, under which successive Governments have approved the security and intelligence agencies’ access to such communications data from communication service providers."
See: A Quick Overview of the Draft Investigatory Powers Bill (SCL, link)
UK government claims DIP Bill on data retention is outside scope of EU law Why they're wrong (by analogy): Does the UK’s new data retention bill violate the EU Charter of Fundamental Rights? (EU Law Analysis, link)
UK: MI5 'secretly collected phone data' for decade (BBC, link):
"the programme, which sources said was used to track terrorists and save lives, was "so secret that few even in MI5 knew about it, let alone the public".
The government's independent reviewer of terrorism legislation, David Anderson QC, told the BBC the legislation used to authorise the collection was "so vague that anything could be done under it". He added: "It wasn't illegal in the sense that it was outside the law, it was just that the law was so broad and the information was so slight that nobody knew it was happening".
The surveillance bill is as big a threat to state security as to individual liberty (Guardian, link) and UK unveils plan to spy on Internet use, raising privacy fears euractiv, link): ""What the British are attempting to do, and what the French have already done post Charlie Hebdo, would never have seen the light of day in the American political system," Michael Hayden, former director of the U.S. National Security Agency and Central Intelligence Agency, told Reuters." also: UK cyber-spy law takes Snowden's revelations of mass surveillance – and sets them in stone (The Register, link) And see: Interception, Authorisation and Redress in the Draft Investigatory Powers Bill (UK Human Rights Blog, link)
UK: NEW SURVEILLANCE BILL: Draft Investigatory Powers Bill (299 pages, pdf) and Home Secretary: Statement (link)
Interception of communications and equipment interference: draft codes of practice (link) including Equipment interference: draft code of practice - showing the limits to the protection of journalistic confidential information.
These documents (26) are related to the draft Investigatory Powers Bill (link) including Factsheet – Targeted Interception (pdf) "Only nine agencies can apply for an interception warrant. These include the Security and Intelligence Agencies, five Law Enforcement Agencies and the armed forces... ." and "the Bill will include a requirement for the Prime Minister to be consulted before the Secretary of State can decide to issue a warrant to intercept an MP’s communications"
and "Remote access": Factsheet – Targeted Equipment Interference (pdf): "Equipment interference (EI), sometimes referred to as computer network exploitation, is the power to obtain a variety of data from equipment. This includes traditional computers or computer-like devices such as tablets, smart phones, cables, wires and static storage devices. EI can be carried out either remotely or by physically interacting with equipment." snd "More sophisticated EI operations may involve remotely installing a piece of software on to a device. The software could be delivered in a number of ways and then be used to obtain the necessary intelligence."
HM government transparency report on the use of disruptive and investigatory powers (link)
Counter-Terrorism website with links to all documents (link)
And see: Report of the Investigatory Powers Review (pdf, June 2015, link) and Annexes (pdf link)
Also: Here Are The Spying Powers UK Authorities Will Have If Theresa May’s New Law Passes (Buzzfeeed, link): "Police, armed forces, and intelligence agencies now explicitly have powers to hack and modify computer systems, both individually and “in bulk”" and:Snowden surveillance revelations drive UK and US policy in opposite directions.(Guardian, link): "Draft bill would enhance British government’s surveillance powers as US works to limit NSA data collection following whistleblower’s call for debate"
October 2015
European Parliament: Follow-up to the European Parliament resolution of 12 March 2014 on the electronic mass surveillance of EU citizens (Text adopted, pdf) and Mass surveillance: EU citizens' rights still in danger, says Parliament (Press release, pdf):
"Too little has been done to safeguard citizens' fundamental rights following revelations of electronic mass surveillance, say MEPs in a resolution voted on Thursday. They urge the EU Commission to ensure that all data transfers to the US are subject to an "effective level of protection" and ask EU member states to grant protection to Edward Snowden, as a "human rights defender". Parliament also raises concerns about surveillance laws in several EU countries.
This resolution, approved by 342 votes to 274, with 29 abstention"
EU-NSA SURVEILLANCE: European Parliament: Follow-up to the European Parliament resolution of 12 March 2014 on the electronic mass surveillance of EU citizens (pdf)
and see: Europe Is Spying on You (nytimes.com, link): article on the threats of surveillance law just published by the Council of Europe Commissioner for Human Rights, Nils Muiznieks, in the New York Times: "When Edward Snowden disclosed details of America’s huge surveillance program two years ago, many in Europe thought that the response would be increased transparency and stronger oversight of security services. European countries, however, are moving in the opposite direction. Instead of more public scrutiny, we are getting more snooping."
EU-USA "UMBRELLA" AGREEMENT: Study: Fundamental Rights European Experts Group (FREE): prepared by Douwe Korff
- NOTE on the EU-US Umbrella Data Protection Agreement (pdf)
"We believe the following aspects of the Umbrella Agreement violate, or are likely to lead to violations of, the Treaties and the EU Charter of Fundamental Rights:
The Umbrella Agreement appears to allow the “sharing” of data sent by EU law enforcement agencies to US law enforcement agencies with US national security agencies (including the FBI and the US NSA) for use in the latter’s mass surveillance and data mining operations; as well as the “onward transfer” of such data to “third parties”, including national security agencies of yet other (“third”) countries, which the Agreement says may not be subjected to “generic data protection conditions
The Agreement should therefore, in our view, cannot be approved by the European Parliament in its present form”
- Data flow: Chart 1 (pdf) and Data flow Chart 2 (pdf)
- Letter from Commissioner: announcing "deal" (pdf)
- EU-USA Umbrella Agreement: Full-text (pdf)
EU: European Parliament: Mass surveillance: EU citizens' rights still in danger, MEPs say (pdf):
"Too little has been done to ensure that citizens' rights are protected following revelations of electronic mass surveillance, say civil liberties MEPs in a resolution passed on Tuesday. They urge the Commission to come up immediately with alternatives to Safe Harbour, following the ruling by the European Court of Justice. They are also concerned about the surveillance laws in several EU countries."
September 2015
A Death in Athens: Did a Rogue NSA Operation Cause the Death of a Greek Telecom Employee?: (Intercept, link)
"The day before his death, Costas’ boss at Vodafone had ordered that a newly discovered code — a powerful and sophisticated bug — be deactivated and removed from its systems. The wiretap, placed by persons unknown, targeted more than 100 top officials, including then Prime Minister Kostas Karamanlis and his wife, Natassa; the mayor of Athens; members of the Ministerial Cabinet; as well as journalists, capturing not only the country’s highest secrets, but also its most intimate conversations. The question was, who did it?
according to a highly classified NSA document provided by Snowden and previously published by The Intercept, covertly recruiting employees in foreign telecom companies has long been one of the NSA’s deepest secrets."
No “Facebook Bureau of Investigations” as Terror-Reporting Provision Dies in Senate (The Intercept, link): "A provision that would have forced tech companies like Twitter and Facebook to report every inkling of “terrorist activity” on their services to law enforcement was removed from the 2016 Intelligence Authorization Bill on Monday."
FAIRVIEW: Collecting foreign intelligence inside the US (Techdirt, link):"On August 15, The New York Times and Pro Publica published a story in which the big US telecommunications company AT&T was identified as a key partner of the NSA.Interesting details about this cooperation and the cable tapping were already in the 2008 book The Shadow Factory by James Bamford, but with the new story, also a number of clarifying documents from the Snowden-trove were disclosed.
Among them are some powerpoint presentations that contain the slides which had been shown on Brazilian televion two years ago. They were first discussed on this weblog in January 2014. Here we will combine these new and old documents to provide a detailed picture of this important collection program, that was previously misunderstood on various occasions."
August 2015
USA: Court: We Can’t Rule on NSA Bulk Data Collection Because We Don’t Know Whose Data Was Collected (The Intercept, link)
GERMANY-NSA: A Dubious Deal with the NSA (Zeit Online, link): "Internal documents show that Germany's domestic intelligence agency, the BfV, received the coveted software program XKeyscore from the NSA – and promised data from Germany in return." and XKeyscore - the document: Document pertaining to the agreement between the NSA and Germany’s domestic intelligence agency BfV (link)
NSA-JAPAN: Obama Expresses Regret to Japan's Abe for Spying Charges (New York Times, link): "Japanese officials faced questioning from the media and in parliament after WikiLeaks posted online what appeared to be five U.S. National Security Agency reports on Japanese positions on international trade and climate change. They date from 2007 to 2009. WikiLeaks also posted what it says was an NSA list of 35 Japanese targets for telephone intercepts."
See: "WikiLeaks published "Target Tokyo" 35 Top Secret NSA targets in Japan including the Japanese cabinet and Japanese companies such as Mitsubishi, together with intercepts relating to US-Japan relations, trade negotiations and sensitive climate change strategy"
USA: NSA Spying Relies on AT&T’s ‘Extreme Willingness to Help’ (.propublica.org, link): "The National Security Agency’s ability to capture Internet traffic on United States soil has been based on an extraordinary, decadeslong partnership with a single company: AT&T."
GCHQ and Me - My Life Unmasking British Eavesdroppers (Intercept, link)
July 2015
UK: SURVEILLANCE: High court rules data retention and surveillance legislation unlawful - Victory for Tory MP David Davis and Labour’s Tom Watson, who said there were insufficient privacy safeguards, as judges find Dripa inconsistent with EU law (Guardian, link):
"The high court has found that emergency surveillance legislation introduced by the coalition government last year is unlawful. A judicial challenge by the Labour MP Tom Watson and the Conservative MP David Davis has overturned the Data Retention and Investigatory Powers Act (Dripa) 2014. The judges ruled that data retention powers in the legislation were inconsistent with EU laws. The government has been ordered to pass new legislation that must come into effect by the end of next March..... they argued, were there adequate safeguards against communications data leaving the European Union." and: Davis and Watson DRIPA challenge: Government surveillance law is unlawful, High Court rules (Liberty, link)
See Judgments by HIGH COURT OF JUSTICE: DRIPA Davis (pdf) and DRIPA Davis-Watson Order (pdf)
Also: Statewatch: Analysis: Mass surveillance of communications in the EU: - CJEU judgment and DRIPA 2014/RIPA 2000 in the UK (pdf)
News: Letter to Guardian: Inquiry needed into GCHQ’s spying on us (link): "One measure of a free society is how it treats its NGOs and campaign organisations. The recent revelation (Rights groups targeted by GCHQ spies, 23 June) that Amnesty International has been snooped on by the UK security services is the death of the canary in the coalmine."
US govt now says 21.5 million people exposed by OPM hack – here's what you need to know - Security clearance dossiers on millions of citizens stolen (The Register, link)
NETHERLANDS: Na tip WikiLeaks: privacycommissie opent onderzoek naar Hacking Team (link) [After tip WikiLeaks: Privacy Commission opens investigation into Hacking Team - The Belgian privacy commission has opened an investigation into the Italian software company Hacking Team. That company would be in possession of devices that Belgian data interception.]
SURVEILLANCE: Interesting historical review: Editorial - Before and After Snowden (pdf):
"In retrospect, it seems somewhat premature to have issued a call on Surveillance and Security Intelligence after Snowden.
At the time of writing, despite his enforced exile in Russia, former National Security Agency (NSA) contractor and whistleblower, Edward Snowden, seems almost ubiquitous as a participant in debates on transnational surveillance, even appearing virtually on one occasion in a Canadian High School (Bradshaw 2015). And, as with all such impromptu historical periodizations, there is always also a case to be made to say that Snowden’s revelations didn’t change as much as we thought it might, or at least, rested on a legacy of former events or long-standing processes.
In the case of surveillance and security intelligence, the latter is certainly true. The former remains open as revelations and discussion resulting from both the documents taken by Snowden continue in the broader context of the changed climate of transparency resulting from his revelations and other major initiatives like Wikileaks."
And see: Surveillance & Society (link)
UK.gov spied on human rights warriors at Amnesty International - Snooping could cost lives, group claims (The Register, link):
"The British government has admitted that its spook agency GCHQ spied on Amnesty International, according to campaigners at the human rights group.
Amnesty said on Wednesday that it had received an email from the Investigatory Powers Tribunal (IPT) – the organization responsible for policing the UK's surveillance of its own citizens – revealing that the government intercepted, accessed and stored its communications for an unspecified period of time"
And see: UK was illegally spying on Amnesty International, 'mistakenly' forgot to tell human rights group (Independent, link): "The UK government was illegally spying on civil rights group Amnesty International — and neglected to tell it the surveillance was going on, after a mistake.".
GERMANY-NSA: WikiLeaks: US spied on Angela Merkel's ministers too, says German newspaper - The NSA did not just tap German chancellor Angela Merkel’s phone but also listened in on finance, economy, agriculture and other ministers (Guardian, link):
"The United States did not just tap chancellor Angela Merkel’s phone but also eavesdropped on several of her ministers, the German daily Sueddeutsche Zeitung has reported, citing documents from WikiLeaks."
and see: Wikileaks (link) and also: Wikileaks: 'Massive' NSA spying on top German officials (DW, link): "Wikileaks says its latest release of documents shows the wide reach of economic espionage conducted by the NSA in Germany. Documents released by the whistleblowers suggest an intense interest in the Greek debt crisis."
USA-NSA: XKEYSCORE: NSA’s Google for the World’s Private Communications (The Intercept, link): !The Intercept is publishing 48 top-secret and other classified documents about XKEYSCORE dated up to 2013, which shed new light on the breadth, depth and functionality of this critical spy system — one of the largest releases yet of documents provided by NSA whistleblower Edward Snowden."
FRANCE-NSA: WikiLeaks continues "Espionnage Élysée", our ongoing publication of a collection of TOP SECRET documents from United States surveillance operations against France (link):
"publication comprises seven top secret documents detailing how the US has had a decade- long policy of economic espionage against France, including the interception of all French corporate contracts and negotiations valued at more than $200 million. The documents demonstrate that the US National Security Agency, far from being a rogue organisation, is carrying out an economic espionage policy created by the US Director of National Intelligence. The documents detail the intelligence process, from the tasking of the NSA with collection of desired economic information to the production of developed intelligence reports, which are sent to "Supported Elements" of the US government, including the US Department of Commerce, the US Trade Represenative, the US Treasury and the Central Intelligence Agency."
June 2015
Reports: Russia, China have files leaked by Snowden (CNN video interveiw with the Sunday Times, link) Worth watching.
GCHQ-JTRIG: Spies Hacked Computers Thanks to Sweeping Secret Warrants, Aggressively Stretching U.K. Law (Intercept, link) and Controversial GCHQ Unit Engaged in Domestic Law Enforcement, Online Propaganda, Psychology Research (Intercept, link) also: Popular Security Software Came Under Relentless NSA and GCHQ Attacks (Intercept, link)
Key documents: TOP SECRET: Behavioural Science Support for JTRIG’s (Joint Threat Research and Intelligence Group’s) Effects and Online HUMINT Operations (42 pages, pdf) and Key section from document: interference by JTRIG/GCHQ) (1 page, pdf) including: "discredit", "delay", "disrupt", "promote distrust" and "deter" and "take over control of online websites (to deny, disrupt, discredit or delay)" and GCHQ Stakeholders (pdf)
UK: Court says GCHQ spied on human rights NGOs, acted unlawfully (PI, link):
"Monday, June 22, 2015: The Investigatory Powers Tribunal (IPT) today revealed that the UK Government Communications Headquarters (GCHQ) spied on two international human rights organisations, failed to follow ITS own secret procedures and acted unlawfully.
The targeted NGOs are the South African Legal Resources Centre (LRC) and the Egyptian Initiative for Personal Rights (EIPR). Both are leading civil liberties organisations and co-claimants alongside Privacy International in a legal challenge brought against GCHQ in the wake of the Edward Snowden revelations."
See: Full-text of IPT ruling (pdf)
Intelligence, security and privacy: A Note by the Director (Ditchley Park, link):
Also: Five Reasons the MI6 Story is a Lie (Craig Murray, link): "The Sunday Times has a story claiming that Snowden’s revelations have caused danger to MI6 and disrupted their operations. Here are five reasons it is a lie."
Timing of claims that British spies were withdrawn over Edward Snowden documents is 'extremely convenient', say campaigners (Independent, link) and The Sunday Times’ Snowden Story is Journalism at its Worst - and Filled with Falsehoods (The Intercept, link)
USA-NSA: Germany drops inquiry into claims NSA tapped Angela Merkel's phone - Prosecutors say they can find no actionable evidence to support claims German chancellor’s mobile phone was tapped by US National Security Agency (Guardian, link)
May 2015
UK-USA: America curbs state snooping, Britain gives the green light - As the US Congress passes a Freedom Act, the grip of the UK’s securocrats on ministers is clearer than ever (Guardian, link):
"The US Congress passed a Freedom Act this week, partially curbing its power to harvest bulk data on the lives of America’s citizens.... Meanwhile Britain’s government moves relentlessly in the opposite direction. It wants to revive the “snooper’s charter” bill, which failed in the last parliament. Among other things, this would give police and secret services more surveillance powers and, David Cameron hopes, ban server encryption that could impede surveillance."
EU: European Parliament: JOINT INTA/LIBE PUBLIC HEARING: Trade agreements and data flows: Safeguarding the EU data protection standards (pdf) and Agenda (pdf)
EU-USA: European Parliament Study: The US legal system on data protection in the field of law enforcement. Safeguards, rights and remedies
for EU citizens (pdf) Key findings include:
"With the exception of FISA electronic surveillance orders, the data protection guarantees afforded to non-US persons are minimal. The stated intent of PPD-28 [Presidential Policy Directive 28] is to provide for stronger personal data protection for non-US persons, but it is difficult to come to any conclusions at this point in time on what effect it will have...
As David Kris puts it, PPD-28 could either be a “new paradigm of transparency, privacy, and internationalism in US intelligence” or a “collection of fairly modest changes, largely cosmetic in nature, that were designed to placate critics in the United States and abroad.....
..... Another question raised by this overview is the lack of legal limits in US law on the sharing of personal data between intelligence and law enforcement officials..... the law confers broad authority to transfer personal data collected through intelligence methods to law enforcement agencies, regardless of the type of criminal offense that is suspected.... Unlike EU law, US law does not contain a general prohibition on transfers of personal data to jurisdictions without
adequate data protection guarantees....
there are at least two important mechanisms that can be used in the bilateral agreements under negotiation to improve the rights of EU citizens.... The first is carefully drafted purpose, use, and sharing provisions that limit personal data processing to certain types of crimes...The second type of guarantee is oversight and redress mechanisms for EU citizens that can operate in conjunction with those currently in place under US law....
Although internal oversight bodies like Inspectors General and agency privacy offices lack the independence of European DPAs, they are tasked with enforcing civil liberties and have the capacity to administer ombudsman-like complaints systems for those who allege that their privacy rights have been violated. Ensuring that such an ombudsman process exists in all significant law enforcement agencies, expressly acknowledging a right to participate for EU citizens, and allowing European DPAs to intervene on the behalf of EU citizens would improve significantly legal oversight of privacy rights." [emphasis added]
See also: Executive Summary (EASFJ, link)
USA-NSA: US Freedom Act passed but surveillance of "foreigners" continues:
"It leaves untouched formerly secret programs the NSA says are authorized under section 702 of the FISA Amendments Act, and that while ostensibly targeted at foreigners nonetheless collect vast amounts of American communications. It won’t in any way limit the agency’s mass surveillance of non-American communications." (The Intercept, link) [emphasis, added]
See also: Previous coverage: The Intercept, link): "Congress is doing nothing to limit NSA programs ostensibly targeted at foreigners that nonetheless collect vast amounts of American communications, nor to limit the agency’s mass surveillance of non-American communications. The limited reforms in the new bill affect only the one program explicitly aimed at Americans." [emphasis added]
See: US Freedom Act 2015 (pdf)
Congress passes NSA surveillance reform in vindication for Snowden - Bulk collection of Americans’ phone records to end as US Senate passes USA Freedom Act (Guardian, link): "The US Senate on Tuesday passed a bill to end the bulk collection of millions of Americans’ phone records, ushering in the country’s most significant surveillance reform since 1978 two years after NSA whistleblower Edward Snowden’s revelations... The American Civil Liberties Union praised the passage of the USA Freedom Act as “a milestone” but pointed out that there were many more “intrusive and overbroad” surveillance powers yet untouched."
Congress turns away from post-9/11 law, retooling U.S. surveillance powers (Washington Post, link): "Congress on Tuesday rejected some of the sweeping intelligence-gathering powers it granted national security officials after the 9/11 terrorist attacks, with the Senate voting to end the government’s bulk collection of private telephone records and to reform other surveillance policies. The bill, known as the USA Freedom Act, passed on a 67-to-32 vote, against the will of Senate Republican leaders who wished to preserve existing spy programs." and Questions and answers about newly approved USA Freedom Act (Washington Post, link)
UK-USA: Secret report urges treaty forcing US web firms' cooperation in data sharing - Exclusive: UK privacy campaigners say international treaty could provide legal alternative to government’s ‘snooper’s charter’ proposals (Guardian, link)
"A top secret report to the British prime minister has recommended that a new international treaty be negotiated to force the cooperation of the big US internet companies in sharing customers’ personal data, the Guardian has learned."
This is a recognition that new powers under Data Retention and Investigatory Powers Act (DRIPA 2014) to serve warrants (under Extra-territoriality in Part 1 of RIPA) on CSPs outside the UK is unworkable, especially in the USA.
LONDON: SNOWDEN MEETING: Stand Up for Truth: Whistleblowers speaking tour London: Monday, 1 June 2015 from 18:30 to 21:00 at Birkbeck (University of London) Main building, Room B35 (entrance on Torrington Square) London WC1E 7HX Speakers: Eileen Chubb, Daniel Ellsberg, Thomas Drake, Jesselyn Radack, Coleen Rowley, Norman Solomon & Justin Schlosberg
UK: Legal experts call for greater scrutiny of surveillance laws - Government must not repeat mistakes of previous administrations, but instead must have ‘an open and transparent assessment and critique of UK surveillance powers,’ academics say (Guardian, link): "An alliance of prominent academics have signed a letter to the government warning against any expansions of state surveillance without the full involvement of parliament and the public. The letter’s 38 signatories, led by LSE law professor Andrew Murray and University of East Anglia lecturer in IT law Paul Bernal, call on the new government “to ensure that any changes in the law, and especially any expansions of power, are fully and transparently vetted by parliament, and open to consultation from the public and all relevant stakeholders”."
and see: Open letter to UK MPs: Ensuring democratic scrutiny of UK surveillance law changes (EU Law Analysis, link)
GERMANY-NSA: Germany silent on report that leak has made US review spying cooperation - Bild reported intelligence director James Clapper had ordered review - Secret documents allegedly leaked to media from parliamentary committee (Observer, ink):
"The German government declined on Saturday to comment on a report that US intelligence agencies were reviewing their cooperation with German counterparts and had dropped joint projects due to concerns secret information was being leaked by lawmakers.
The Bild newspaper reported on Saturday that the US director of national intelligence, James Clapper, had ordered the review because secret documents related to the BND’s cooperation with the US were being leaked to media from a German parliamentary committee." and see:
German parliament inquiry 'more dangerous' than Snowden (DW, link): "There are reports US intelligence director James Clapper wants to put future cooperation with Germany's BND under review. The agency is facing scrutiny following revelations it helped the NSA spy on European targets."
"“We did not file an application for reauthorization,” an administration official confirmed to the Guardian on Saturday. The administration decision ensures that beginning at 5pm ET on 1 June, for the first time since October 2001 the NSA will no longer collect en masse Americans’ phone records....
A chaotic early morning on Saturday in the Senate ended with the procedural defeat of the USA Freedom Act, which would have banned the NSA bulk collection program while renewing an expiring Patriot Act provision allowing FBI access to business records and a vast amount of US communications metadata."
Apple and Google Just Attended a Confidential Spy Summit in a Remote English Mansion (The Intercept, link): "At an 18th-century mansion in England’s countryside last week, current and former spy chiefs from seven countries faced off with representatives from tech giants Apple and Google to discuss government surveillance in the aftermath of Edward Snowden’s leaks. The three-day conference, which took place behind closed doors and under strict rules about confidentiality, was aimed at debating the line between privacy and security." See: Ditchley Foundation: Conference Note (pdf)
"“We did not file an application for reauthorization,” an administration official confirmed to the Guardian on Saturday. The administration decision ensures that beginning at 5pm ET on 1 June, for the first time since October 2001 the NSA will no longer collect en masse Americans’ phone records....
A chaotic early morning on Saturday in the Senate ended with the procedural defeat of the USA Freedom Act, which would have banned the NSA bulk collection program while renewing an expiring Patriot Act provision allowing FBI access to business records and a vast amount of US communications metadata."
NSA Planned to Hijack Google App Store to Hack Smartphones (Intercept, link): "The National Security Agency and its closest allies planned to hijack data links to Google and Samsung app stores to infect smartphones with spyware, a top-secret document reveals.
The surveillance project was launched by a joint electronic eavesdropping unit called the Network Tradecraft Advancement Team, which includes spies from each of the countries in the “Five Eyes” alliance — the United States, Canada, the United Kingdom, New Zealand and Australia."
See: Document from Five Eyes (4MB, pdf)
Big Brother is watching EU - As the US moves towards privacy reform, Europe enacts sweeping new spying powers (Politico, link):
"A strange — and strangely unnoticed — trend is emerging in the evolving global response to massive 2013 leaks about US surveillance activities. While our European cousins talk privacy reform, the United States is actually moving ahead with it, albeit more slowly than many would like. As the American side of the Atlantic inches toward self-restraint, many European governments are seeking sweeping new spying powers. Europe is at risk of falling behind the US in privacy reform."
NSA: USA Freedom Act Passes House, Codifying Bulk Collection For First Time, Critics Say (The Intercept, link):
"After only one hour of floor debate, and no allowed amendments, the House of Representatives today passed legislation that seeks to address the NSA’s controversial surveillance of American communications. However, opponents believe it may give brand new authorization to the U.S. government to conduct domestic dragnets. The USA Freedom Act was approved in a 338-88 vote... The measure now goes to the Senate where its future is uncertain. Majority Leader Mitch McConnell has declined to schedule the bill for consideration, and is instead pushing for a clean reauthorization of expiring Patriot Act provisions that includes no surveillance reforms."
It does not limit the government’s authority to collect information overseas, including data on telephone and email records - in short NSA can carry on spying on the rest of the world.
German government denies deceit in NSA scandal (euractiv, link):
"Chancellor Merkel’s spokesman Steffen Seibert rejected accusations of a govenment cover-up in the mushrooming NSA scandal. Seibert said on Monday (11 May) that he reported on the issue that to the best of his judgement, appropriately presenting his level of knowledge at that time. His statement comes in response to accusations that Washington never offered Germany a No-Spy-Agreement, in contrast to government statements that suggested otherwise at the time. "
and see: BND spying affair divides German coalition (euractiv, link)
USA: NSA mass phone surveillance revealed by Edward Snowden ruled illegal (The Guardian, link): "The US court of appeals has ruled that the bulk collection of telephone metadata is unlawful, in a landmark decision that clears the way for a full legal challenge against the National Security Agency."
See the full judgment: ACLU v. Clapper (pdf)
GERMANY: NSA: BND spying affair divides German coalition (euractiv, link): "Angela Merkel defended cooperation between Germany’s intelligence service, the BND, and its US counterpart, the NSA, amid fresh accusations of illegal spying operations. EurActiv Germany reports. After sharp criticism from Social Democratic Party (SPD) leader Sigmar Gabriel, Germany’s ruling coalition parties are facing off in the spy debate."
See also: Austria files criminal complaint over alleged NSA snooping (Washington Post, link): "Austria is asking for a legal investigation of allegations that the German intelligence service helped the U.S. National Security Agency eavesdrop on the country’s political leaders. Interior Minister Johanna Mikl-Leitner said Tuesday her ministry has filed a criminal complaint against unnamed persons or entities on suspicion of “secret ntelligence activities to the detriment of Austria.” "
GERMANY-NSA: BND scandal: Bundestag committee issues ultimatum (euractiv, link):
"The Bundestag's NSA investigation committee has demanded lists of search terms Germany's intelligence service, the BND, allegedly spied on for Washington."
And see: Merkel defends BND amid NSA spy scandal (euronews, link): "intelligence agencies must be able to work in secret to ensure the public’s safety. The German government will do everything it can to ensure that intelligence agencies are able to carry out their duties. In the face of international terrorism threats, they can only do this in cooperation with other intelligence agencies — and that includes first and foremost the NSA.”
USA- NSA: The Computers are Listening - How the NSA Converts Spoken Words Into Searchable Text (The Intercept, link):
"Top-secret documents from the archive of former NSA contractor Edward Snowden show the National Security Agency can now automatically recognize the content within phone calls by creating rough transcripts and phonetic representations that can be easily searched and stored."
See documents: Media Mining - the future is now (pdf) and UK: Security Service and speech technology (STRAP 1, pdf)
April 2015
USA-NSA: SURVEILLANCE: Declassified Report Shows Doubts About Value of N.S.A.’s Warrantless Spying (New York Times, link):
"The secrecy surrounding the National Security Agency’s post-9/11 warrantless surveillance and bulk data collection program hampered its effectiveness, and many members of the intelligence community later struggled to identify any specific terrorist attacks it thwarted, a newly declassified document shows.
The document is a lengthy report on a once secret N.S.A. program code-named Stellarwind. The report was a joint project in 2009 by inspectors general for five intelligence and law enforcement agencies, and it was withheld from the public at the time, although a short, unclassified version was made public. The government released a redacted version of the full report to The New York Times on Friday evening in response to a Freedom of Information Act lawsuit."
See 751 page document (Cryptome, link)
A Bill’s Surveillance Limits (New York Times, link): "Bipartisan legislation passed by the House Judiciary Committee would reauthorize mass surveillance programs revealed by the former National Security Agency contractor Edward J. Snowden, but impose new limits on them. Although it does not limit the government’s authority to collect information overseas, including data on telephone and email records" [emphasis added] See: US Freedom Act 2015 (pdf)
Germany spied on France and the EU Commission: Report (euobserver, link):
"German Chancellor Angela Merkel’s government has been embarrassed by reports that the country's intelligence service was spying on France and the European Commission for the US National security agency (NSA).
According to the Sueddeutsche Zeitung newspaper on Thursday (30 April), the BND, the German intelligence service, listened in on officials from the French presidency and foreign affairs ministry, as well as the EU Commission.... "The core of the issue is the political espionage of our European neighbours and of the EU institutions," a German official is quoted as saying by the Sueddeutsche Zeitung."
"The ruling marks the first time in its 15-year history that the investigatory powers tribunal has upheld a specific complaint against the intelligence services, lawyers have said. It is also the first time the tribunal has ordered a security service to give up surveillance material.
The IPT says GCHQ must destroy two documents which are legally privileged communications belonging to a former opponent of the Gaddafi regime, Sami al-Saadi, who was sent back to Libya in 2004 in a joint MI6-CIA “rendition” operation with his wife and four children under 12."
USA: NSA allowed to continue spying on the rest of the world: Nearly Two Years After Snowden, Congress Poised to Do Something — Just Not Much (The Intercept, link):
"Congress is doing nothing to limit NSA programs ostensibly targeted at foreigners that nonetheless collect vast amounts of American communications, nor to limit the agency’s mass surveillance of non-American communications. The limited reforms in the new bill affect only the one program explicitly aimed at Americans." [emphasis added]
See: US Freedom Act 2015 (pdf) and see: GCHQ is authorised to spy on the world but the UK Interception of Communications Commissioner says this is OK as it is lawful (Statewatch Analysis)
Germany-NSA: Spying Close to Home: German Intelligence Under Fire for NSA Cooperation (Der Spiegel , link): "US intelligence spent years spying on European targets from a secretive base. Now, it seems that German intelligence was aware of the espionage -- and did nothing to stop it."
European Parliament to debate the German secret service (Bundesnachrichtendienst, or BND) on Wednesday.
GERMANY-NSA: NEW OUTCRY OVER SURVEILLANCE SCANDAL: For years, the German intelligence service (BND) shared its own collected data of telephone calls and internet traffic with the NSA, as Der Spiegel reports. However, not only data about criminal or terrorist activities was shared with the NSA headquarters in Fort Meade but also information on European companies and defense firms. German MPs speak of "very serious allegations" or even "treason"; the Chancellor's office names "technical and organizatorial deficits" at the German intelligence service. BND chair Gerhard Schindler is under fierce criticism. (Spiegel Online, link)
CoE: Parliamentary Assembly: Mass surveillance is counter-productive and ‘endangers human rights’ (link):
"Approving a draft resolution based on a report by Pieter Omtzigt (Netherlands, EPP/CD), the Assembly said: “Mass surveillance does not appear to have contributed to the prevention of terrorist attacks, contrary to earlier assertions made by senior intelligence officials. Instead, resources that might prevent attacks are diverted to mass surveillance, leaving potentially dangerous persons free to act.”
See: Resolution (pdf) Adopted Recommendations (pdf)
EU: ACCOUNTABILITY of SIGNAL INTELLIGENCE AGENCIES: CoE: Venice Commission: Update of the 2007 Report on the democratic oversight of the Security Services and Report on the democratic oversight of Signals Intelligence Agencies (pdf): Adopted by the Venice Commission at its 102nd Plenary Session (Venice, 20-21 March 2015).
And see Venice Commission: 2007 Report (pdf)
USA: DEA Global Surveillance Dragnet Exposed; Access to Data Likely Continues (The Intercept, link): "Secret mass surveillance conducted by the Drug Enforcement Administration is falling under renewed scrutiny after fresh revelations about the broad scope of the agency’s electronic spying... The DEA’s data dragnet was apparently shut down by attorney general Eric Holder in September 2013. But on Wednesday, following USA Today‘s report, Human Rights Watch launched a lawsuit against the DEA over its bulk collection of phone records and is seeking a retrospective declaration that the surveillance was unlawful.
And see: U.S. secretly tracked billions of calls for decades (USA Today, link)
USA: Exclusive: TSA ‘Behavior Detection’ Program Targeting Undocumented Immigrants, Not Terrorists (The Intercept, link):
"A controversial Transportation Security Administration program that uses “behavior indicators” to identify potential terrorists is instead primarily targeting undocumented immigrants, according to a document obtained by The Intercept and interviews with current and former government officials.
The $900 million program, Screening of Passengers by Observation Techniques, or SPOT, employs behavior detection officers trained to identify passengers who exhibit behaviors that TSA believes could be linked to would-be terrorists. But in one five-week period at a major international airport in the United States in 2007, the year the program started, only about 4 percent of the passengers who were referred to secondary screening or law enforcement by behavior detection officers were arrested, and nearly 90 percent of those arrests were for being in the country illegally, according to a TSA document obtained by The Intercept.
Nothing in the SPOT records suggests that any of those arrested were associated with terrorist activity."
See: Document (pdf) and Examples of SPOT targets (png)
Exclusive: TSA’s Secret Behavior Checklist to Spot Terrorists (The Intercept, link):
"Fidgeting, whistling, sweaty palms. Add one point each. Arrogance, a cold penetrating stare, and rigid posture, two points. These are just a few of the suspicious signs that the Transportation Security Administration directs its officers to look out for — and score — in airport travelers, according to a confidential TSA document obtained exclusively by The Intercept.
The checklist is part of TSA’s controversial program to identify potential terrorists based on behaviors that it thinks indicate stress or deception — known as the Screening of Passengers by Observation Techniques, or SPOT."
See TSA document (pdf)
Doctors of the World: how we discovered GCHQ was spying on us (Open DEmocracy, link)
March 2015
USA: REMOTE ACCESS TO COMPUTERS: Advisory Committee Approves Rules to Expand Police Hacking Authority (EPIC, link):
"a ccording to a news report, a committee of the Federal Judicial Conference voted on Monday to approve changes to Rule 41 of the Federal Rules of Criminal Procedure. Under the revised rule, judges could issue "remote access" warrants authorizing law enforcement to search computers remotely, even when the target is outside the jurisdiction of the court."
See also: FBI’s Plan to Expand Hacking Power Advances Despite Privacy Fears - Google had warned that the rule change represents a “monumental” constitutional concern. (National journal, link) and UK: Code of Practice: "Equipment Interference" to give the intelligence and security agencies direct access to computers to by-pass encryption and to use "remote access" to "obtain information.. in pursuit of intelligence requirements" or to "remove or modify software" (Statewatch)
AP Exclusive: NSA weighed ending phone program before leak (Washington Post, link):
"The National Security Agency considered abandoning its secret program to collect and store American calling records in the months before leaker Edward Snowden revealed the practice, current and former intelligence officials say, because some officials believed the costs outweighed the meager counterterrorism benefits.
After the leak and the collective surprise around the world, NSA leaders strongly defended the phone records program to Congress and the public, but without disclosing the internal debate."
Netanyahu’s Spying Denials Contradicted by Secret NSA Documents (The Intercept, link):
"Israeli Prime Minister Benjamin Netanyahu yesterday vehemently denied a Wall Street Journal report, leaked by the Obama White House, that Israel spied on U.S. negotiations with Iran and then fed the intelligence to Congressional Republicans. His office’s denial was categorical and absolute, extending beyond this specific story to U.S.-targeted spying generally, claiming: “The state of Israel does not conduct espionage against the United States or Israel’s other allies.”
Israel’s claim is not only incredible on its face. It is also squarely contradicted by top-secret NSA documents, which state that Israel targets the U.S. government for invasive electronic surveillance, and does so more aggressively and threateningly than almost any other country in the world. Indeed, so concerted and aggressive are Israeli efforts against the U.S."
See: Excerpt from 2008 NSA document “Which Foreign Intelligence Service Is the Biggest Threat to the US?" (link)
EU-USA: DATA PROTECTION "UMBRELLA" AGREEMENT: European Parliament Press release: Civil liberties MEPs make case for data protection during Washington visit (pdf):
"A delegation from the civil liberties committee visited Washington DC last week to find out the latest information on issues such as data protection and legislation on surveillance activities from their American counterparts. The MEPs also provided updates on the EU's data protection reform and on counter-terrorism initiatives, including the passenger name records (PNR) proposal"
See also:Close your Facebook account if you do not want to be spied on: EU-US data pact skewered in court hearing (euobserver, link) Extraordinary statement by Commission lawyer in Court of European Justice (CJEU):
"A lawyer for the European Commission told an EU judge on Tuesday (24 March) he should close his Facebook page if he wants to stop the US snooping on him, in what amounts to an admission that Safe Harbour, an EU-US data protection pact, doesn’t work.
“You might consider closing your Facebook account, if you have one,” European Commission attorney Bernhard Schima told attorney-general Yves Bot at the European Court of Justice in Luxembourg."
UK: National Union of Journalists (NUJ) and the Centre for Investigative Journalism (CIJ) have today submitted to the Home Office a damning critique of the proposed Code of Practice which would allow remote access to any computer anywhere in the world: Submission:: NUJ and CIJ joint response to the interception of communications and equipment interference: draft codes of practice (pdf)
"The NUJ and CIJ are concerned about the implications for press freedom if the UK intelligence and security agencies are permitted to access journalist's computers remotely and break encryption codes (both inside and outside the UK)..
The adoption of the new surveillance powers in the draft codes enables the authorities to access computers remotely. The NUJ and CIJ believe these powers should be the subject of primary legislation and should not be introduced via secondary legislation in a code of practice under the Regulation of Investigatory Powers Act 2000 (RIPA) which itself is not limited to terrorism and serious crime but covers all crimes....
Accessing computers or other devises allows the intelligence services to obtain vast amounts of information. It would mean the authorities would have control over targeted devices and access to any information stored including encrypted data and communications. This information could include documents, emails, diaries, contacts, photographs, internet messaging chat logs, and the location records on mobile equipment. It would also mean having powers to access anything typed into a device, including login details/passwords, internet browsing histories, other materials and communications. Draft documents and deleted files could also be accessed. In addition, the microphone, webcam and GPS-based locator technology could be turned on and items stored could be altered or deleted."
See proposed: Equipment Interference Code of Practice (pdf) and also: New Code of Practice: "Equipment Interference" to give the intelligence and security agencies direct access to computers to by-pass encryption and to use "remote access" to "obtain information.. in pursuit of intelligence requirements" or to "remove or modify software" Statewatch) and: GCHQ is authorised to “spy on the world” but the UK Interception of Communications Commissioner says this is OK as it is “lawful” (Statewatch Analysis, May 2014)
UK: SNOWDEN: Surveillance of Guardian journalists: UK Police Deem Snowden Leak Investigation a State Secret (The Intercept, link):
"British police claim a criminal investigation they launched into journalists who have reported on leaked documents from Edward Snowden has to be kept a secret due to a “possibility of increased threat of terrorist activity.....
the Met, says everything about the investigation’s existence is a secret and too dangerous to disclose. In response to a Freedom of Information Act request from this reporter, the force has repeatedly refused to release any information about the status of the investigation, how many officers are working on it, or how much taxpayer money has been spent on it. The Met wrote in its response:
"to confirm or deny whether we hold any information concerning any current or previous investigations into the alleged actions of Edward Snowden could potentially be misused proving detrimental to national security.""
See Full-text of the Met's refusal to respond to FOI request (pdf)
UK: GCHQ: UK government claims power for broad, suspicionless hacking of computers and phones (PI, link)
"The British Government has admitted its intelligence services have the broad power to hack into personal phones, computers, and communications networks, and claims they are legally justified to hack anyone, anywhere in the world, even if the target is not a threat to national security nor suspected of any crime....Buried deep within the document, Government lawyers claim that while the intelligence services require authorisation to hack into the computer and mobile phones of “intelligence targets”, GCHQ is equally permitted to break into computers anywhere in the world even if they are not connected to a crime or a threat to national security."
See:GCHQ Tribunal document: Investigatory Powers Tribunal - Government's Open Response: News Article - 18 Mar 2015 (link)
This evidence confirms: New Code of Practice: "Equipment Interference" to give the intelligence and security agencies direct access to computers to by-pass encryption and to use "remote access" to "obtain information.. in pursuit of intelligence requirements" or to "remove or modify software" Statewatch) and: GCHQ is authorised to “spy on the world” but the UK Interception of Communications Commissioner says this is OK as it is “lawful” (Statewatch Analysis, May 2014)
WHISTLEBLOWERS: Council of Europe: Parliamentary Assembly: Calls for Snowden to return home and be allowed a public interest defence:
"The Assembly calls on... the United States of America to allow Mr. Snowden to return without fear of criminal prosecution under conditions that would not allow him to raise the public interest defence.".
"Council of Europe member states and the EU should enact whistleblower protection laws also covering employees of national security or intelligence services and of private firms working in this field, the Parliamentary Assembly of the Council of Europe (PACE) Committee on Legal Affairs and Human Rights concluded today...
he Committee also stressed the need to grant asylum, if possible under national law, to whistleblowers threatened by retaliation in their home countries provided their disclosures qualify for protection under the principles advocated by the Assembly."
See Report adopted: Improving the Protection of Whistleblowers (pdf) and Call for protection of whistleblowers in national security-related fields (link):
And see: US Threatened Germany Over Snowden, Vice Chancellor Says (The Intercept, link): "German Vice Chancellor Sigmar Gabriel said this week in Homburg that the U.S. government threatened to cease sharing intelligence with Germany if Berlin offered asylum to NSA whistleblower Edward Snowden or otherwise arranged for him to travel to that country. “They told us they would stop notifying us of plots and other intelligence matters,” Gabriel said".
New Zealand Used NSA System to Target Officials, Anti-Corruption Campaigner (The intercept, link): "New Zealand’s eavesdropping agency used an Internet mass surveillance system to target government officials and an anti-corruption campaigner on a neighboring Pacific island, according to a top-secret document... the Internet spy system XKEYSCORE to intercept documents authored by the closest aides and confidants of the prime minister on the tiny Solomon Islands. The agency also entered keywords into the system so that it would intercept documents containing references to the Solomons’ leading anti-corruption activist, who is known for publishing government leaks on his website.... None of the individuals named on the list appear to have any association with terrorism."
And see: Revealed: The names NZ targeted using NSA's XKeyscore system (New Zealand Herald, link) and Document (pdf)
The Intelligence and Security Committee's long-awaited report on the surveillance powers of the security agencies has recommended a new law "governing the intelligence and security Agencies." Privacy International has responded to the report by pointing out: "no amount of technical and legal jargon can obscure the fact that this is a parliamentary committee, in a democratic country, telling its citizens that they are living in a surveillance state and that all is well."
See: Report: Intelligence and Security Committee of Parliament: Privacy and Security: A modern and transparent legal framework (pdf) and and see: ISC report acknowleges failings but paves way for snooper's charter(Guardian, link)
Also: Report of the Interception of Communications Commissioner: 2014 (pdf
GCHQ-NSA SURVEILLANCE: European Parliament: Civil Liberties MEPs restart discussions on surveillance programmes and go to Washington in March (Press release, pdf): ""The Chair of the Civil Liberties, Justice and Home Affairs Committee and rapporteur on the US NSA and EU member states' surveillance programmes, Claude Moraes (S&D, UK), presented his working document on the follow-up of the inquiry on electronic mass surveillance of EU citizens on Tuesday 24 February."
See: Working document on on the Follow-up of the LIBE Inquiry on Electronic Mass Surveillance of EU Citizens (pdf) and Final: Report on the US NSA surveillance programme, surveillance bodies in various Member States and their impact on EU citizens’ fundamental rights and on transatlantic cooperation in Justice and Home Affairs (pdf): Rapporteur: Claude Moraes MEP
February 2015
NSA-GCHQ: The Great SIM Heist - How Spies Stole the Keys to the Encryption Castle (The Intercept, link)
"AMERICAN AND BRITISH spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe, according to top-secret documents provided to The Intercept by National Security Agency whistleblower Edward Snowden.
"The hack was perpetrated by a joint unit consisting of operatives from the NSA and its British counterpart Government Communications Headquarters, or GCHQ. The breach, detailed in a secret 2010 GCHQ document, gave the surveillance agencies the potential to secretly monitor a large portion of the world’s cellular communications, including both voice and data."
The article notes that "the intelligence agencies accessed the email and Facebook accounts of engineers and other employees of major telecom corporations and SIM card manufacturers in an effort to secretly obtain information that could give them access to millions of encryption keys... In effect, GCHQ clandestinely cyberstalked Gemalto employees, scouring their emails in an effort to find people who may have had access to the company’s core networks and Ki-generating systems."
Documents (pdfs):
See also: Google opposes plan to let FBI hack any computer in the world (The Telegraph, link)
And: European Lawmakers Demand Answers on Phone Key Theft (The Intercept, link): "The European Parliament’s chief negotiator on the European Union’s data protection law, Jan Philipp Albrecht, said the hack was “obviously based on some illegal activities." “Member states like the U.K. are frankly not respecting the [law of the] Netherlands and partner states,” Albrecht told the Wall Street Journal."
UK-GCHQ:Thousands sign petition to discover if GCHQ spied on them - Privacy International campaign comes after tribunal rules that sharing between US and UK of intercepted communications was unlawful(Guardikan, link)
Sign up: Did GCHQ illegally spy on you? (link
GCHQ: UK-US surveillance regime was unlawful ‘for seven years’ - Regulations governing access to intercepted information obtained by NSA breached human rights laws, according to Investigatory Powers Tribunal (Guardian, link):
"The regime that governs the sharing between Britain and the US of electronic communications intercepted in bulk was unlawful until last year, a secretive UK tribunal has ruled.
The Investigatory Powers Tribunal (IPT) declared on Friday that regulations covering access by Britain’s GCHQ to emails and phone records intercepted by the US National Security Agency (NSA) breached human rights law.... The critical judgment marks the first time since the IPT was established in 2000 that it has upheld a complaint relating to any of the UK’s intelligence agencies. It said that the government’s regulations were illegal because the public were unaware of safeguards that were in place. Details of those safeguards were only revealed during the legal challenge at the IPT."
See: IPT Judgment (pdf) and IPT Order (pdf)
USA-NSA-FBI:SPYING ON THE REST OF THE WORLD: New rules on surveillance of "non-US persons": NSA: (U) USSID: Supplemental Procedures for the collection, processing, retention and dissemination of Signals Intelligence information and data containing personal information of Non-United States Persons (pdf) and the FBI (pdf) The NSA conducts surveillance and the CIA and FBI use the products.
Although the FBI does not conduct "signals intelligence activities" it does handle "signals intelligence information in.. finished intelligence products" and "The FBI will disseminate personal information of non-US persons collected pursuant to Section 702 of FISA" (Foreign Intelligence and Security Act). There are lots of very general caveats such as the information will only be used if: "the information is relevant to an intelligence requirement or an authorized law enforcement activity"
See also: White House New Data Spying Policy (Cryptome, link): "Statement by Assistant to the President for Homeland Security and Counterterrorism Lisa Monaco: Update on Implementation of Signals Intelligence Reform and Issuance of PPD-28."
Background: Statewatch analysis: GCHQ is authorised to “spy on the world” but the UK Interception of Communications Commissioner says this is OK as it is “lawful” (pdf)
January 2015
USA: Feds had a hand in PRISM, too (The Register, link) and see: Department of Justice report on FBI (2.5 MB, podf)
USA: Year After Reform Push, NSA Still Collects Bulk Domestic Data, Still Lacks Way to Assess Value (The Intercept, link): "The presidential advisory board on privacy that recommended a slew of domestic surveillance reforms in the wake of the Edward Snowden revelations reported today that many of its suggestions have been agreed to “in principle” by the Obama administration, but in practice, very little has changed. Most notably, the Privacy and Civil Liberties Oversight Board called attention to the obvious fact that one full year after it concluded that the government’s bulk collection of metadata on domestic telephone calls is illegal and unproductive, the program continues apace."
EU: Mass surveillance: Council of Europe: Parliamentary Assembly: Mass surveillance is counter-productive and ‘endangers human rights (Press release, link) and Report (pdf): It calls for
• "the collection of personal data without consent only following “a court order granted on the basis of reasonable suspicion”
• “credible, effective protection” for whistle-blowers exposing unlawful surveillance
• better judicial and parliamentary control of intelligence services
• an “intelligence codex” defining mutual obligations that secret services could opt into
• an inquiry into member states’ use of mass surveillance using powers under the European Convention on Human Rights"
See also: Mass surveillance is fundamental threat to human rights, says European report - Europe’s top rights body says scale of NSA spying is ‘stunning’ and suggests UK powers may be at odds with rights convention (Guardian, link)
USA: SURVEILLANCE: More Cowbells: new NSA leaks reveal extent of spying tactics (ROARMAG, link): "New leaks from the NSA archive, seen exclusively by ROAR, reveal that even the Internet’s most basic architecture - the DNS database - is compromised." and MoreCowBell Nouvelles révélations sur les pratiques de la NSAE (Le Monde fr, link)
And see: NSA documents (pdf)
Secret ‘BADASS’ Intelligence Program Spied on Smartphones (Intercept, link): "British and Canadian spy agencies accumulated sensitive data on smartphone users, including location, app preferences, and unique device identifiers, by piggybacking on ubiquitous software from advertising and analytics companies, according to a document obtained by NSA whistleblower Edward Snowden." See: BADASS Angry Birds document (link)
MALTA-USA: MEP questions Malta's use of US-supplied border security technology
"German MEP Cornelia Ernst has taken issue over Malta's use of the PISCES border control software, which was donated to the country by the American government in 2004, claiming that Malta's use of the software could constitute a security risk for other EU member states."
"TIP/PISCES is currently operational in the following countries: Afghanistan, Cambodia, Cote d'Ivoire, Djibouti, Ethiopia, Ghana, Iraq, Kenya, Kosovo, Macedonia, Malta, Nepal, Pakistan, Tanzania, Thailand, Yemen, and Zambia."
EU police agency Europol reportedly receives information from PISCES systems around the globe.
GCHQ intercepted emails of journalists from top international media (Guardian, link):
• Snowden files reveal emails of BBC, NY Times and more
• Agency includes investigative journalists on ‘threat’ list
• Editors call on Cameron to act against snooping on media
"GCHQ’s bulk surveillance of electronic communications has scooped up emails to and from journalists working for some of the US and UK’s largest media organisations, analysis of documents released by whistleblower Edward Snowden reveals.
Emails from the BBC, Reuters, the Guardian, the New York Times, Le Monde, the Sun, NBC and the Washington Post were saved by GCHQ and shared on the agency’s intranet as part of a test exercise by the signals intelligence agency."
PAGE Festival 2014: Surveillance,Snowden and the Emerging EU State (video link) Leeds Beckett University: Lecture by Tony Bunyan, Statewatch Director
FBI has its fingers deep in NSA surveillance pie, declassified report shows (The Register, link): "The FBI had, and most likely still has, a much closer involvement with the NSA’s mass surveillance programs than previously thought – with access to raw foreign intelligence and data on Americans gleaned from the PRISM program. The 231-page report, from the Department of Justice’s Inspector General, was obtained – albeit in a heavily redacted form – after a Freedom of Information request by The New York Times, a request made possible using key details leaked by whistleblower Edward Snowden."
See Document: FBI and Section 702 of FISA (284 pages, pdf))
December 2014
Schadcode auf Rechnern der EU-Kommission identifiziert -Spur in die USA und nach Großbritannien (De Speigel, link): "Malicious code on computers of the EU Commission identified -Track to the United States and Great Britain"
IRELAND: Surveillance by a Government-sponsored secret system (Irish Times, link): "Using the binding form of a statutory instrument, the Minister enacted the until-now-abandoned third part of the Criminal Justice (Mutual Assistance) Act 2008. This section governs the tapping by foreign governments of Irish phone calls and the interception of Irish emails. It also outlines how Ireland can request tapping in other countries for an Irish-based criminal investigation" and: State sanctions phone and email tapping - Companies that object to order could be brought before private ‘in camera’ court (IT, link): " Foreign law enforcement agencies will be allowed to tap Irish phone calls and intercept emails under a statutory instrument signed into law by Minister for Justice Frances Fitzgerald. Companies that object or refuse to comply with an intercept order could be brought before a private “in camera” court."
EU-USA-UK: Surveillance: Spying on all of us: UK-GCHQ, USA-NSA, 'Five Eyes' and the EU (link): Speech by Tony Bunyan, Statewatch Director, at the Annual Conference of the European Group on Deviancy and Social Control, September 2014:
This paper argues that data protection and privacy abuses by the USA-NSA and UK-GCHQ concerns the "gatherers" (the surveillance agencies) of personal data. What urgently needs to be investigated, studied and exposed are the "users" of mass data surveillance (CIA and FBI in the USA, MI5, MI6, Special Branch and law enforcement agencies (LEAs) and the "targets" of the "users" (who and why are people or groups targeted). Account also has to be taken of the "suppliers" to the "users" (multinational companies) - the "suppliers" are part of the security-industrial complex in the EU who develop and provide the technology for surveillance and enforcement.
It argues that our attention should be centred on what is happening in the EU, rather than on the USA - some reforms may happen there but there is as yet no impetus or attention to the ensure openness and accountability of national internal and external agencies and LEAs in EU Member States. What is required is a holistic approach which will take many years of diligent research by academics, journalists and civil society groups."
GCHQ-BELGIUM SURVEILLANCE: Operation Socialist: The Inside Story of How British Spies Hacked Belgium’s Largest Telco (The Intercept, link):
"The full story about GCHQ’s infiltration of Belgacom, however, has never been told. Key details about the attack have remained shrouded in mystery—and the scope of the attack unclear. Now, in partnership with Dutch and Belgian newspapers NRC Handelsblad and De Standaard, The Intercept has pieced together the first full reconstruction of events that took place before, during, and after the secret GCHQ hacking operation."
EU: THE LEGALITY of SURVEILLANCE by NATIONAL INTELLIGENCE & SECURITY AGENCIES: EU Article 29 Working Party on data protection: Working Document on surveillance of electronic communications for intelligence and national security purposes (52 pages, pdf):
"This Working Document contains the legal analysis behind the WP29 Opinion on surveillance of electronic communications for intelligence and national security purposes that was adopted on 10 April 2014. The focus of this Opinion lies with the follow up that is needed after the Snowden revelations. To this end, it contains several recommendations on how to restore respect for the fundamental rights of privacy and data protection by the intelligence and security services, and on how to improve supervision of these entities’ activities while maintaining national security....
none of these instruments contains a provision that would allow for massive, structural or unlimited data transfers. In as far as third country public authorities wish to obtain direct access to personal data under EU jurisdiction, they should make use of the formal means of cooperation, since no explicit possibilities are foreseen in the EU legislation to transfer personal data held by private sector data controllers to third country law enforcement authorities or security services."
UK: Surveillance law allows police to act in an unacceptable way, say MPs - Select committee chairman Keith Vaz says using Ripa to access journalist phone records must cease (Guardian, link):
"Britain’s surveillance laws, which have recently been used by the police to seize journalists’s phone records in the Plebgate and Huhne cases, are “not fit for purpose” and need urgent reform, a Commons inquiry has found. The Commons home affairs select committee says that the level of secrecy surrounding use of the Regulation of Investigatory Powers Act (Ripa) allows the police to “engage in acts which would be unacceptable in a democracy”.
The committee chairman, Keith Vaz, said the surveillance law was not fit for purpose: “Using Ripa to access telephone records of journalists is wrong and this practice must cease. The inevitable consequence is that this deters whistleblowers from coming forward.” In response Home Office ministers have said they will revise the Ripa rules on communications data requests involving sensitive professions such as journalists and lawyers, and they will launch a consultation on the move before Christmas.
The inquiry found the law enforcement agencies routinely fail to record the professions of those whose communications data records they access under Ripa."
See: Ful-text: Home Affairs Select Committee: Regulation of Investigatory Powers Act 2000 (pdf)
USA-UK:"FIVE EYES": SURVEILLANCE: ECHELON STUDY: European Parliament: The ECHELON Affair: The European Parliament and the Global Interception System (pdf):
"Fifteen years after the events, The Echelon Affair draws on the European Parliament’s archives to describe and analyse a worldwide scandal which had an impact on the history of Parliament and which today is echoed in the revelations of Edward Snowden and Julian Assange and in other cases of spying on a grand scale."
UK: GCHQ does not breach human rights, judges rule (BBC, News, link):
"The current system of UK intelligence collection does not currently breach the European Convention of Human Rights, a panel of judges has ruled. A case claiming various systems of interception by GCHQ constituted a breach had been brought by Amnesty, Privacy International and others.
It followed revelations by the former US intelligence analyst Edward Snowden about UK and US surveillance practices. But the judges said questions remained about GCHQ's previous activities. Some of the organisations who brought the case, including Amnesty UK and Privacy International, say they intend to appeal the decision to the European Court of Human Rights."
See Judgment: Full-text (pdf) and PI comments: Investigatory Powers Tribunal rules GCHQ mass surveillance programme TEMPORA is legal in principle (link)
USA-NSA: SURVEILLANCE: Operation Auroragold - How the NSA Hacks Cellphone Networks Worldwide (The Intercept, link):
"The documents also reveal how the NSA plans to secretly introduce new flaws into communication systems so that they can be tapped into—a controversial tactic that security experts say could be exposing the general population to criminal hackers. Codenamed AURORAGOLD, the covert operation has monitored the content of messages sent and received by more than 1,200 email accounts associated with major cellphone network operators, intercepting confidential company planning papers that help the NSA hack into phone networks.,,, The operation appears aimed at ensuring virtually every cellphone network in the world is NSA accessible."
See document: AURORAGOLD overview (pdf)
Edward Snowden wins Swedish human rights award for NSA revelations - Whistleblower receives several standing ovations in Swedish parliament as he wins Right Livelihood award (Guardian, link): "Whistleblower Edward Snowden received several standing ovations in the Swedish parliament after being given the Right Livelihood award for his revelations of the scale of state surveillance. Snowden, who is in exile in Russia, addressed the parliament by video from Moscow. In a symbolic gesture, his family and supporters said no one picked up the award on his behalf in the hope that one day he might be free to travel to Sweden to receive it in person."
November 2014
INCENSER, or how NSA and GCHQ are tapping internet cables (link): Recently disclosed documents show that the NSA's fourth-largest cable tapping program, codenamed INCENSER, pulls its data from just one single source: a submarine fiber optic cable linking Asia with Europe. Until now, it was only known that INCENSER was a sub-program of WINDSTOP and that it collected some 14 billion pieces of internet data a month. The latest revelations now say that these data were collected with the help of the British company Cable & Wireless (codenamed GERONTIC, now part of Vodafone) at a location in Cornwall in the UK, codenamed NIGELLA. For the first time, this gives us a view on the whole interception chain, from the parent program all the way down to the physical interception facility. Here we will piece together what is known about these different stages and programs from recent and earlier publications."
GCHQ's 'jihad on tech firms' can only fail (Guardian, link): "Bullying the US tech firms could disrupt constructive ways to track terrorism - and force companies to channel requests through lengthy international legal processes."
EU: NSA-GCHQ: SURVEILLANCE: Secret Malware in European Union Attack Linked to U.S. and British Intelligence (Intercept, link):
"Complex malware known as Regin is the suspected technology behind sophisticated cyberattacks conducted by U.S. and British intelligence agencies on the European Union and a Belgian telecommunications company, according to security industry sources and technical analysis conducted by The Intercept."
SURVEILLANCE: VODAFONE & GCHQ: Spy cable revealed: how telecoms firm worked with GCHQ (Channel 4 News, link):
"One of the UK's largest communications firms had a leading role in creating the surveillance system exposed by Edward Snowden, it can be revealed. Cable and Wireless even went as far as providing traffic from a rival foreign communications company, handing information sent by millions of internet users worldwide over to spies.
The firm, which was bought by Vodafone in July 2012, was part of a programme called Mastering the Internet, under which British spies used private companies to help them gather and store swathes of internet traffic; a quarter of which passes through the UK. Top secret documents leaked by the whistleblower Edward Snowden and seen by Channel 4 News show that GCHQ developed what it called "partnerships" with private companies under codenames. Cable and Wireless was called Gerontic."
See also: USA-Vodaphone: Vodafone-Firma soll für Spähauftrag kassiert haben (sueddeutsche.de/digital, link) [New Snowden documents show how Vodafone aided spying mission] and Vodafone – der lange Arm des britischen Geheimdienstes? (Vodafone - the long arm of British intelligence?) see video.
And: Snowden-Leaks: How Vodafone-Subsidiary Cable & Wireless Aided GCHQ’s Spying Efforts (SZ International, link)
USA: Court hears arguments on constitutionality of NSA collection of phone records (Washington Post, link):
"A federal appeals court in the District of Columbia heard oral arguments Tuesday over the constitutionality of the National Security Agency’s mass collection of data about millions of Americans’ phone calls.
The three-judge panel wrestled with key questions, including at what point a person’s privacy rights become relevant — when the government gathers records known as metadata or when an analyst reviews the material. They pressed attorneys on whether a 1979 Supreme Court case about privacy rights in phone-call data applies to the NSA program.
REMOTE ACCESS-ENCRYPTION SURVEILLANCE: Secret Manuals Show the Spyware Sold to Despots and Cops Worldwide (The Intercept, link):
"When Apple and Google unveiled new encryption schemes last month, law enforcement officials complained that they wouldn’t be able to unlock evidence on criminals’ digital devices. What they didn’t say is that there are already methods to bypass encryption, thanks to off-the-shelf digital implants readily available to the smallest national agencies and the largest city police forces — easy-to-use software that takes over and monitors digital devices in real time, according to documents obtained by The Intercept. We’re publishing in full, for the first time, manuals explaining the prominent commercial implant software “Remote Control System,” manufactured by the Italian company Hacking Team...
The manuals describe Hacking Team’s software for government technicians and analysts, showing how it can activate cameras, exfiltrate emails, record Skype calls, log typing, and collect passwords on targeted devices. They also catalog a range of pre-bottled techniques for infecting those devices using wifi networks, USB sticks, streaming video, and email attachments to deliver viral installers."
See: Document: The hacking suite for governmental interception (link)
UK: GCHQ chief accuses US tech giants of becoming terrorists' 'networks of choice' - New director of UK eavesdropping agency accuses US tech firms of becoming ‘networks of choice’ for terrorists (Guardian, link) and New GCHQ chief spouts fiery rhetoric but spying agenda is same as before - Robert Hannigan’s response to the terror threat is an all too familiar one: spies need ever greater access to information (link)
GERMANY: BND-Chef Schindler: Internationale Geheimdienstkooperation ausbauen (Heise Online, link): [The Director of the Federal Intelligence Service (BND), Gerhard Schindler, wants to expand international cooperation of intelligence]
In the framework of the NSA affair, critique were voiced in relation to German cooperation with the US agency. However, the German Intelligence Service wants to expand international cooperation and exchange of data between intelligence services around the world in order to combat current terrorist threats. "We need to work closer together", Schindler says in relation to current crisis and conflicts in the world.
"We need to protect German soldiers during missions abroad as well as to ensure domestic security", he adds. According to Schindler, the German Intelligence Service has currently contacts with 451 foreign intelligence services. The decision to seek cooperation with an intelligence service is based on the willingness of cooperation, reliability, efficiency and the expected value of cooperation. An expansiion in cooperation and exchange of data will certainly stir up further debates."
And see: German security law could lock out U.S. tech companies (The Hill, link): "U.S. tech companies are worried a German law under debate could bar them from doing business in that country if it is approved. The bill could require companies to turn over source code and proprietary data to the German government or to private critical infrastructure companies, The Wall Street Journal reported on Sunday. U.S. companies see the language as a way to exclude them from government contracts, given German fears over the National Surveillance Agency’s (NSA) ability to access U.S. companies’ data."
October 2014
UK: Edited spy policy papers released in Libyan rendition case - Lawyers representing two Libyan victims of rendition criticise edited way documents are to be released (Guardian, link):
"Edited versions of secret documents relating to the conditions under which lawyers’ or journalists’ phones and emails can be intercepted are to be released by the government in a case brought against the intelligence services by two Libyan victims of rendition.
The government’s previously trenchant refusal to reveal the policy papers has been a key issue in a claim brought on behalf of Abdel Hakim Belhaj and Sami al-Saadi who, along with members of their families, were kidnapped and sent to face punishment in Libya in 2004."
UK-GCHQ: Eyes Wide Shut: Secret policy reveals GCHQ can get warrantless access to bulk NSA data (PI, link):
"The “arrangements”, as they are called by Government, also suggest that intercept material received from foreign intelligence agencies is not subject to the already weak safeguards that are applied to communications that are intercepted by the UK's Tempora programme. On the face of the descriptions provided to the claimants, the British intelligence agencies can trawl through foreign intelligence material without meaningful restrictions and can keep such material, which includes both communications content and metadata, for up to two years.
Descriptions of the policies were disclosed to the parties after a secret hearing at the Investigatory Powers Tribunal, which is currently considering a challenge to GCHQ's surveillance practices that has been brought by human rights organisations including Privacy International, Liberty and Amnesty International. A public hearing of the case was held in July, but these “arrangements" were revealed to the Tribunal in a closed hearing that the claimants were barred from attending. Some details about the policies are now disclosed in order for the claimants to provide comment."
USA:SURVEILLANCE: Core Secrets: NSA Saboteurs in China and Germany (Intercept, link):
"The National Security Agency has had agents in China, Germany, and South Korea working on programs that use “physical subversion” to infiltrate and compromise networks and devices, according to documents obtained by The Intercept."
See: Sentry Eagle document (pdf)
USA: SURVEILLANCE: Sen. Wyden: NSA tech spying hurts economy (Washington Post, link)
USA: SURVEILLANCE: The NSA and Me By James Bamford (The Intercept, link): "The discovery that the NSA had been lying to the Church Committee shocked me. But it also gave me the idea to write the first book about the agency."
"I would be happy to lend my copy of the NSA’s criminal file to Attorney General Eric Holder, if he would like to see how to begin. Or he can read it here."
See Document referred to above by James Bamford (link)
September 2014
USA-NSA: New Documents Shed Light on One of the NSA's Most Powerful Tools (ACLU, link):
"Today, we're releasing several key documents about Executive Order 12333 that we obtained from the government in response to a Freedom of Information Act lawsuit that the ACLU filed (along with the Media Freedom and Information Access Clinic at Yale Law School) just before the first revelations of Edward Snowden. The documents are from the National Security Agency, the Defense Intelligence Agency, and others agencies. They confirm that the order, although not the focus of the public debate, actually governs most of the NSA's spying."
See: ACLU list of documents released 22 September 2104 (link) and Signals Defence Directive (pdf), Intelligence Oversight DIA (pdf) and Defence HUMINT Service: Handbook (link)
USA-NSA-UK-GCHQ: Dutch senators file motion requesting govt to abstain from legalizing cable SIGINT in a way that permits “unconditional, indiscriminate and large-scale” surveillance (Matthijs R. Koot's notebook, link)
EU-USA: US phone system to be run by EU company? Spy Agencies Urge Caution on Phone Deal (New York Times, link):
"with a European-based company now favored for the job, some current and former intelligence officials — who normally stay out of the business of awarding federal contracts — say they are concerned that the government’s ability to trace reams of phone data used in terrorism and law enforcement investigations could be hindered."
US threat to British online privacy Private information stored online by British computer users could be scrutinised by American law enforcement agencies under new 'right-to-snoop' rule (The Telegraph, link):
" Gus Hosein, of the campaign group Privacy International, said the case proved that the US Government had a "voracious appetite for other people's data". It could affect the whole range of information stored online – not just personal emails but financial information and even health records, he said.
"The US Government is saying that it has jurisdiction around the world and it can get access to your data wherever you are," said Mr Hosein. "That is why this court case is such a worrying development because the scope for spying on people's personal business is vast."
EU-USA DATA PROTECTION: Big brother’s little helper inside the European Commission (Access Blog, link) and email (relased in US). See also: US lobbying against the data protection reform intensifies (EDRI, link) referring to this Document (pdf)
In early 2011 it became apparent that the EU-US "umbrella" agreement was effectively dead in the water. The USA did not like the proposed Regulation and the EU, especially in parts of the Commission, and the European Parliament, wanted to adopt a new EU Regulation first. This e-mail is from early in the period from between January 2012 and the summer of 2013 when EU-USA formal negotiations took place.
USA-NSA: German opposition goes to court on Snowden hearing (Washington Post, link):
"Opposition lawmakers have asked Germany’s highest court to rule on whether former NSA contractor Edward Snowden can come to Berlin to testify about the agency’s activities. Members of the Greens and the Left Party said Friday that they want a parliamentary panel investigating the National Security Agency’s activities in Germany to hear Snowden in person."
Eric Holder was the worst Attorney General for the press in a generation. We deserve better. (Freedom of the Press Foundation, link)
USA-NSA: Israel’s N.S.A. Scandal (New York Times, link) by James Bamford: "the transfer of intercepts to Israel contained the communications - email as well as phone calls — of countless Arab- and Palestinian-Americans whose relatives in Israel and the Palestinian territories could become targets based on the communications. “I think that’s amazing,” he [Snowden] told me. “It’s one of the biggest abuses we’ve seen."
FINFISHER SURVEILLANCE: Today, 15 September 2014, WikiLeaks releases previously unseen copies of weaponised German surveillance malware :
"used by intelligence agencies around the world to spy on journalists, political dissidents and others. FinFisher (formerly part of the UK based Gamma Group International until late 2013) is a German company that produces and sells computer intrusion systems, software exploits and remote monitoring systems that are capable of intercepting communications and data from OS X, Windows and Linux computers as well as Android, iOS, BlackBerry, Symbian and Windows Mobile devices."
And see: Treasure Map: The NSA Breach of Telekom and Other German Firms (Spiegel Online, link): "According to top-secret documents from the NSA and the British agency GCHQ, the intelligence agencies are seeking to map the entire Internet, including end-user devices. In pursuing that goal, they have broken into networks belonging to Deutsche Telekom."
New Zealand Launched Mass Surveillance Project While Publicly Denying It (The Intercept, link):
"The New Zealand spy agency, the Government Communications Security Bureau (GCSB), worked in 2012 and 2013 to implement a mass metadata surveillance system even as top government officials publicly insisted no such program was being planned and would not be legally permitted.
Documents provided by NSA whistleblower Edward Snowden show that the government worked in secret to exploit a new internet surveillance law enacted in the wake of revelations of illegal domestic spying to initiate a new metadata collection program that appeared designed to collect information about the communications of New Zealanders."
See Agenda for a 2013 meeting between the director of New Zealand Intelligence Coordination Group and NSA Director Keith Alexander (link) and also: Snowden: New Zealand’s Prime Minister Isn’t Telling the Truth About Mass Surveillance (The Intercept, link) and New Zealand passes bill allowing domestic spying (link)
NSA targets the privacy-conscious (DasErste.de, link): "research contradicts the United States' promise to Germany that German citizens are not surveiled without suspicion. Using Tor in Germany does not justify targeting someone, the German attorney Thomas Stadler states: "Tor users do not breach any laws, it is absolutely legitimate to act anonymously on the internet. There are many good reasons to remain anonymous.""
Centre for Investigative Journalism: Information Security for Journalists (pdf) by Silkie Carlo and Arjen Kamphuis:
"This handbook is a very important practical tool for journalists and it is of particular importance to investigative reporters. For the first time journalists are now aware that virtually every electronic communication we make or receive is being recorded, stored and subject to analysis and action. As this surveillance is being conducted in secret, without scrutiny, transparency or any realistic form of accountability, our sources, our stories and our professional work itself is under threat. "
USA: SURVEILLANCE: The US Government’s Secret Plans to Spy for American Corporations (The Intercept, link):
"Director of National Intelligence James Clapper, for instance, responded.... “It is not a secret that the Intelligence Community collects information about economic and financial matters…. What we do not do, as we have said many times, is use our foreign intelligence capabilities to steal the trade secrets of foreign companies on behalf of - or give intelligence we collect to - U.S. companies to enhance their international competitiveness or increase their bottom line....
But a secret 2009 report issued by Clapper’s own office explicitly contemplates doing exactly that. The document, the 2009 Quadrennial Intelligence Community Review—provided by NSA whistleblower Edward Snowden—is a fascinating window into the mindset of America’s spies as they identify future threats to the U.S. and lay out the actions the U.S. intelligence community should take in response.”
See: Intelligence Community Review Final Report 2009 (pdf)
USA: NSA ALLIANCES: NSA's Foreign Partnerships (Top Level Telecommumications, link) Very useful summary when the "Two Eyes" became "Five Eyes" and other networks. And see: "Five Eyes" (pdf) and Canada and the Five Eyes Intelligence Community (pdf)
USA-NSA: A Two-Faced Friendship: Turkey Is 'Partner and Target' for the NSA (Der Spiegel, link): "Documents from the archive of whistleblower Edward Snowden reveal wide-scale spying against Turkey by America's NSA and Britain's GCHQ. They also show the US worked closely with Ankara to battle Kurdish separatists." See: Documents: NSA-Turkey (pdf)
And see: How the NSA Helped Turkey Kill Kurdish Rebels (The Intercept, link)
SURVEILLANCE: "LAWFUL" INTERCEPTION: Lawful interception market worth $1,342.4 million by 2019 (WhaTech, link)
August 2014
USA-NSA: SURVEILLENCE: The Surveillance Engine: How the NSA Built Its Own Secret Google (The Intercept, link):
"The National Security Agency is secretly providing data to nearly two dozen U.S. government agencies with a “Google-like” search engine built to share more than 850 billion records about phone calls, emails, cellphone locations, and internet chats, according to classified documents obtained by The Intercept.
The documents provide the first definitive evidence that the NSA has for years made massive amounts of surveillance data directly accessible to domestic law enforcement agencies. Planning documents for ICREACH, as the search engine is called, cite the Federal Bureau of Investigation and the Drug Enforcement Administration as key participants.
ICREACH contains information on the private communications of foreigners and, it appears, millions of records on American citizens who have not been accused of any wrongdoing. Details about its existence are contained in the archive of materials provided to The Intercept by NSA whistleblower Edward Snowden."
See: ICREACH documents - full-text (4.5MB, pdf)
See: Statewatch Observatory: EU-UK-GCHQ-USA-NSA: Data surveillance (June 2013 - ongoing)
GERMANY-USA: SURVEILLANCE: Targeting Turkey: How Germany Spies on Its Friends (Der Spiegel, link):
"For more than a year now, German officials have criticized the US for the NSA's mass spying on Europeans and even Chancellor Angela Merkel. Now, embarrassing revelations show that Germany has inadvertently spied on Hillary Clinton and John Kerry, and has also deliberately targeted Turkey."
And see: Yes, Berlin has its own spying scandals, but don’t expect Germany to forgive the NSA (Washington Post, link)
UK: NSA-GCHQ: The HACIENDA Program for Internet Colonization (heise online, link): "In a new set of top secret documents seen by Heise, it is revealed that in 2009, the British spy agency GCHQ made port scans a "standard tool" to be applied against entire nations" (emphasis added)
See: Original from GCHQ’s Joint Threat Research Intelligence Group (JTRIG): GCHQ: What is Hacienda? (pdf): All the results of country-wide scans are "stored in JTRIG's Internal database"
Australia government pushing to expand surveillance, hacking powers (PI, link)
USA: SURVEILLANCE: WikiLeaks: Decades Long Proof Of Government, Corporate Surveillance Of Native Americans Revealed (Mint Press News, link) and see: CAIR-MI to File Suit Challenging Placement of U.S. Muslims on Terror Watch Lists Without Due Process (CAIR, link)
USA: NSA: James Bamford interviews Edward Snowden (Wired, link): Long report including countering cyber attacks:
"When it detected an attack, MonsterMind would automatically block it from entering the country - a “kill” in cyber terminology.
Programs like this had existed for decades, but MonsterMind software would add a unique new capability: Instead of simply detecting and killing the malware at the point of entry, MonsterMind would automatically fire back, with no human involvement. That’s a problem, Snowden says, because the initial attacks are often routed through computers in innocent third countries. “These attacks can be spoofed,”"
and see: Press Release: Courage letters being delivered to governments call for the safe protection of Edward Snowden (Courage, link)
Also: GCHQ: OPA~TAS Covert Mobile Phones Policy (pdf)
NEW ZEALAND- "FIVE EYES": Anti-Bases Campaign: Call to close NZ spy base (pdf) and see: Who’s Running The Show? And In Whose Interests? (link)
July 2014
Statewatch Analysis: Mass surveillance of communications in the EU: CJEU judgment and DRIPA 2014/RIPA 2000 in the UK (pdf) by Tony Bunyan:
"The CJEU ruled that mass surveillance under the EU Data Retention Directive entails an interference with the fundamental rights of practically the entire European
population and is a clear breach of the EU Charter of Fundamental Rights.
Under DRIPA 2014 the UK is clearly ignoring the Court's ruling by maintaining the mass surveillance of communications and extending its reach, though permanent warrants, to service providers based in the EU, USA and elsewhere.
DRIPA 2014 amends RIPA 2000 but leaves untouched the power of the Foreign Secretary to sign limitless warrants for GCHQ to spy on the rest of the world under
Section 8.4 of RIPA 2000."
USA-NSA: Edward Snowden given permission to stay in Russia - video (Guardian, link): "dward Snowden has been granted permission to remain in Russia for the next three years, his lawyer says on Thursday. The NSA contractor turned whistleblower now has a three-year residence permit, with effect from 1 August 2014,.."
USA: WATCHLISTS: Barack Obama’s Secret Terrorist-Tracking System, by the Numbers - Nearly half of the people on the U.S. government’s widely shared database of terrorist suspects are not connected to any known terrorist group (The Intercept, link) and See: Watchlist document (pdf)
See also: More than 17,000 sign up to Austrian student's Facebook privacy class action - Max Schrems, 26, who accuses social network of data violations and supporting NSA spying, calls response to his appeal 'giant' (Guardian, link)
And: Bahrain Government Hacked Lawyers and Activists with UK Spyware (Bahrainwatch, link): "New evidence has emerged suggesting that the Bahraini government infected the computers of some of the country’s most prominent lawyers, activists and politicians with the malicious FinFisher spy software (also known as FinSpy). The infections would have enabled the government to steal passwords and files, and spy through an infected computer’s webcam and microphone. "
See also: Six things we know from the latest FinFisher documents (PI, link)
USA-ISRAEL: Wiretapped: Israel Eavesdropped on John Kerry in Mideast Talks (Spiegel Online, link): "New information indicates that Israeli intelligence eavesdropped on telephone conversations by US Secretary of State John Kerry. Sources told SPIEGEL the government then used the information obtained from the calls during negotiations in the Mideast conflict."
On the other hand see these documents: NSA Intelligence Relationship with Israel (pdf) and MOU between NSA and the Israeli Sigint National Unit (ISNU) (pdf)
USA: CIA SPYING: Inquiry by CIA Affirms It Spied on Senate Panel (New York Times, link):
"An internal investigation by the C.I.A. has found that its officers penetrated a computer network used by the Senate Intelligence Committee in preparing its damning report on the C.I.A.’s detention and interrogation program.
The report by the agency’s inspector general also found that C.I.A. officers read the emails of the Senate investigators and sent a criminal referral to the Justice Department based on false information, according to a summary of findings made public on Thursday. One official with knowledge of the report’s conclusions said the investigation also discovered that the officers created a false online identity to gain access on more than one occasion to computers used by the committee staff."
See document: Summary of report: Prepared at the request of the Congressional Intelligence Committees (pdf) and See: CIA admits to spying on Senate staffers (Guardian, link) also: Report: CIA officers read Senate emails (Washington Post, link)
USA-NSA-SAUDI ARABIA: The NSA’s New Partner in Spying: Saudi Arabia’s Brutal State Police (The Intercept, link):
"The National Security Agency last year significantly expanded its cooperative relationship with the Saudi Ministry of Interior, one of the world’s most repressive and abusive government agencies. An April 2013 top secret memo provided by NSA whistleblower Edward Snowden details the agency’s plans “to provide direct analytic and technical support” to the Saudis on “internal security” matters.
The Saudi Ministry of Interior - referred to in the document as MOI - has been condemned for years as one of the most brutal human rights violators in the world. In 2013, the U.S. State Department reported that “Ministry of Interior officials sometimes subjected prisoners and detainees to torture and other physical abuse,” specifically mentioning a 2011 episode in which MOI agents allegedly “poured an antiseptic cleaning liquid down [the] throat” of one human rights activist. The report also notes the MOI’s use of invasive surveillance targeted at political and religious dissidents."
See document: NSA-SAUDI ARABIA Cooperation (pdf)
And see: Privacy watchdog’s next target: the least-known but biggest aspect of NSA surveillance (Washington Post, link): "An independent privacy watchdog agency announced Wednesday that it will turn its focus to the largest and most complex of U.S. electronic surveillance regimes: signals intelligence collection under Executive Order 12333. That highly technical name masks a constellation of complex surveillance activities carried out for foreign intelligence purposes by the National Security Agency under executive authority. But unlike two other major NSA collection programs that have been in the news lately, EO 12333 surveillance is conducted without court oversight and with comparatively little Congressional review."
See document: SIGINT Decision Tree (.jpg)
EU: MANDATORY DATA PROTECTION: European Commission sits on the fence: saying it is up to each of the 28 EU states to decide whether to change their national laws in the light of the CJEU judgment declaring the EU Directive on mandatory data retention "unlawful": European Parliament question (link) and Answer (link)
And see: Scrapped EU surveillance law throws doubt on US data agreements (euobserver, link): " A decision by the EU court earlier this year to scrap a controversial data retention directive may have implications for existing international data agreements and EU proposals under review. “We will have a debate on the question of the compatibility of these international agreements with EU law here in the parliament,” German Green Jan Phillip Albrecht said"
See: Green/EFA study: Data Retention after the Judgement of the Court of Justice of the European Union (pdf)
USA-National Counterterrorism Center: Secret government rulebook for labelling you a terrorist (The Intercept, link): he Obama administration has quietly approved a substantial expansion of the terrorist watchlist system, authorizing a secret process that requires neither “concrete facts” nor “irrefutable evidence” to designate an American or foreigner as a terrorist, according to a key government document obtained by The Intercept." See: document: Rulebook (link)
See also: Hill surveillance reform: Time is not on its side (Politico, link)
UK: GCHQ SURVEILLANCE: Intelligence services 'creating vast databases' of intercepted emails - Government told internet surveillance tribunal that gathering material 'may be permissible', say human rights groups (Guardian, link):
"The intelligence services are constructing "vast databases" out of accumulated interceptions of emails, a tribunal investigating mass surveillance of the internet has been told. The claim emerged during a ground-breaking case against the monitoring agency GCHQ, MI5, MI6 and the government at the investigatory powers tribunal (IPT)."
See also: Merkel calls for 'sensible talks' over alleged US spying on Germany - German chancellor says talks on security and privacy needed to restore trust as US commentators defend surveillance of ally (Guardian, link)
UN HUMAN RIGHTS: Dangerous practice of digital mass surveillance must be subject to independent checks and balances - Pillay (link):
"UN High Commissioner for Human Rights Navi Pillay warned Wednesday that studies by her office and others have revealed a “disturbing” lack of transparency about governmental surveillance policies and practices, “including de facto coercion of private sector companies to provide sweeping access to information and data relating to private individuals without the latter’s knowledge or consent.”
See: Report: The right to privacy in the digital age: Report of the Office of the United Nations High Commissioner for Human Rights (pdf)
UK: SURVEILLANCE LAW RUSHED THROUGH PARLIAMENT: Open letter on the UK's Data Retention and Investigatory Powers Bill (EU Law Analysis, link):
"The legislation goes far beyond simply authorising data retention in the UK. In fact, DRIP attempts to extend the territorial reach of the British interception powers, expanding the UK’s ability to mandate the interception of communications content across the globe. It introduces powers that are not only completely novel in the United Kingdom, they are some of the first of their kind globally.
Moreover, since mass data retention by the UK falls within the scope of EU law, as it entails a derogation from the EU's e-privacy Directive (Article 15, Directive 2002/58), the proposed Bill arguably breaches EU law to the extent that it falls within the scope of EU law, since such mass surveillance would still fall foul of the criteria set out by the Court of Justice of the EU in the Digital Rights and Seitlinger judgment."
UK: GCHQ: SURVEILANCE-DISRUPTION: Hacking Online Polls and Other Ways British Spies Seek to Control the Internet (The Intercept, link)
"The secretive British spy agency GCHQ has developed covert tools to seed the internet with false information, including the ability to manipulate the results of online polls, artificially inflate pageview counts on web sites, “amplif[y]” sanctioned messages on YouTube, and censor video content judged to be “extremist” ...
The tools were created by GCHQ’s Joint Threat Research Intelligence Group (JTRIG), and constitute some of the most startling methods of propaganda and internet deception contained within the Snowden archive.... Here’s a list of how JTRIG describes its capabilities:
• “Change outcome of online polls” (UNDERPASS)
• “Mass delivery of email messaging to support an Information Operations campaign” (BADGER) and “mass delivery of SMS messages to support an Information Operations campaign” (WARPARTH)
• “Disruption of video-based websites hosting extremist content through concerted target discovery and content removal.” (SILVERLORD)
• “Active skype capability. Provision of real time call records (SkypeOut and SkypetoSkype) and bidirectional instant messaging. Also contact lists.” (MINIATURE HERO)
• “Find private photographs of targets on Facebook” (SPRING BISHOP)
• “A tool that will permanently disable a target’s account on their computer” (ANGRY PIRATE)
• “Ability to artificially increase traffic to a website” (GATEWAY) and “ability to inflate page views on websites” (SLIPSTREAM)
• “Amplification of a given message, normally video, on popular multimedia websites (Youtube)” (GESTATOR)
• “Targeted Denial Of Service against Web Servers” (PREDATORS FACE) and “Distributed denial of service using P2P. Built by ICTR, deployed by JTRIG” (ROLLING THUNDER)
• “A suite of tools for monitoring target use of the UK auction site eBay (www.ebay.co.uk)” (ELATE)
• “Ability to spoof any email address and send email under that identity” (CHANGELING)
• “For connecting two target phone together in a call” (IMPERIAL BARGE)"
See documents: GCHQ JTRIG Tools and Techniques (pdf) and: A new kind of SIGDEV (pdf) includes references to "Squeaky Dolphin" and GCHQ's JTRIG (Joint Threat Research Intelligence Group) and: GCHQ/JTRIG: Art of deception (pdf)
UK: Data Retention and Investigatory Powers Bill (DRIP): Unprecedented new powers in surveillance bill, campaigners warn - Prime minister insists fast-track legislation will do no more than confirm existing powers, but privacy groups say otherwise (Guardian, link) and Edward Snowden condemns Britain's emergency surveillance bill - Exclusive: NSA whistleblower says it 'defies belief' that bill must be rushed through after government ignored issue for a year (Guardian, link)
See also: Draft Statutory Instrument (pdf) and Impact Assessment (pdf). The latter states in Annex I on "consultation":
"The provisions contained within the proposed Bill have been consulted on across Government and with the intercepting agencies. They have also been shared with (a limited number of) Communications Service Providers). Given that this is fast-track legislation that has been brought forward to address a particular issue which seeks to continue the status quo, they have not been consulted upon more broadly."
UK: Data Retention and Investigatory Powers Bill (DRIP): The DRIP myth list (Open Rights Group, link): "Here are some of the arguments that the Government is using to justify passing emergency data retention legislation - and the reasons why the Data Retention and Investigatory Powers Bill (DRIP) should not be rushed through Parliament. We are urging our supporters to call the House of Commons on 0207 219 3000 and demand that they vote against this legislation." and see:
Tom Hickman on the DRIP Bill: Plugging Gaps in Surveillance Laws or Authorising the Unlawful? (UK Constitutional Law Association, link): "The DRIP Bill will be law by the end of the week. Its unveiling in draft form on Thursday came out of the blue. The use of emergency parliamentary procedure means that there is no time for any significant consultation or lobbying and parliamentary scrutiny will be minimal.... it does not bode well for the review of the legislation that the Government is so apparently unwilling to facilitate informed debate and understanding, even at a general level, of very intrusive powers that it asks society in general, and Parliament in particular, to grant it."
UK: SURVEILLANCE LAW RUSHED THROUGH PARLIAMENT: Legalising what the European court said was unlawful through mass retention of all communications: Top Tory's devastating attack on our loss of privacy: This data law has nothing to do with catching terrorists - and everything to do with a lust for power (Article by David Davies MP. Daily Mail, link):
"What this Government is chasing is not public security, it is protection from blame if anything goes wrong. Those are not the same thing. One person’s loss of freedom is everybody’s loss of freedom, one person’s loss of privacy is everybody’s loss of privacy. We must stand up for our rights and not succumb to the politics of fear. Otherwise we give those who hate our civilisation an easy victory, without a shot being fired."
GERMANY-USA: Berlin tells CIA station chief to leave in spy scandal (euractiv, link)
USA: NSA: The ultimate goal of the NSA is total population control - At least 80% of all audio calls, not just metadata, are recorded and stored in the US, says whistleblower William Binney – that's a 'totalitarian mentality' (Guardian, link)
And: They Have Seen the Future of the Internet, and It Is Dark (New York Times, link), Net Threats: Experts say liberty online is challenged by nation-state crackdowns, surveillance, and pressures of commercialization of the Internet (Pew Institute, link) and Full-report (pdf)
GERMANY-USA: Second German government worker suspected of spying for US - Accused reportedly works 'in military', as Berlin still reels after intelligence agent was accused of working for CIA last week (Guardian, link)
GERMANY-USA: CIA SPY: Official: CIA recruited German intel officer to spy for U.S. (CBS News, link):
"A German intelligence employee is accused of spying on his own country for the United States. The man was arrested last week. A U.S. official tells CBS News the CIA was involved in recruiting a German intelligence officer for the purpose of spying on the German government. This was not a rogue operation but an authorized effort to learn more about the inner workings of the German government."
see also: The NSA, the silent chancellor, and the double agent: how German ignorance left us vulnerable to the US spy game - To credibly demand change from the Americans, Merkel's government must come clean about its own mass surveillance (Guardian, link): "The Americans may be contemplating their own NSA reform, but only when Germany's ends it own mass surveillance practices – and escapes from the intense cooperation with the spy network of the Five Eyes nations...."
USA-NSA: National Insecurity Agency: How the NSA's Surveillance Programs Undermine Internet Security (New America Foundation, link), see video.
USA: SURVEILLANCE: Meet the Muslim-American Leaders the FBI and NSA Have Been Spying On (The Intercept, link): "The National Security Agency and FBI have covertly monitored the emails of prominent Muslim-Americans - including a political candidate and several civil rights activists, academics, and lawyers - under secretive procedures intended to target terrorists and foreign spies."
USA: SURVEILLANCE OF "FOREIGNERS": Under FISA Section 702 there was a single Order for gathering "foreign intelligence" which involved 89,138 "targets" As in the UK a "target" can be a single person or an organisation although data of this kind is never published in the UK:
"Within the Intelligence Community, the term “target” has multiple meanings. For example, “target” could be an individual person, a group, or an organization composed of multiple individuals or a foreign power that possesses or is likely to communicate foreign intelligence information that the U.S. government is authorized to acquire.....in the context of Section 702 the term “target” is generally used to refer to the act of intentionally directing intelligence collection at a particular person, a group, or organization."
See USA: IntelligenceTransparency report - full text (pdf) See also: U.S. releases data on sensitive surveillance programs for first time (Washington Post, link): "The U.S. government on Friday for the first time released data on the scope of some of its most sensitive foreign intelligence-gathering efforts, saying that it had targeted nearly 90,000 foreign persons or organizations for surveillance through U.S. companies last year."
GERMANY: NSA: German government to drop Verizon over NSA spying fears (Washington Post, link): ""There are indications that Verizon is legally required to provide certain things to the NSA, and that's one of the reasons the cooperation with Verizon won't continue," German Interior Ministry spokesman Tobias Plate told AP. Verizon has provided Internet service to a number of German government departments but not intelligence to agencies according to Plate."
EU-USA SURVEILLANCE: EU-U.S. Justice Ministerial in Athens: Vice-President Reding welcomes U.S. announcement on data protection umbrella agreement (pdf) and Fact sheet (pdf)
UK: SURVEILLANCE: Home secretary denies security services engaged in mass surveillance - May uses Mansion House speech to make case for reviving 'snooper's charter' legislation, calling it matter of 'life and death' (Guardian, link) and see: Theresa May says the UK is not a surveillance state, but her proposed law might create one (The Conversation, link)
EU lawyers tell Member States: Blanket communications data retention "no longer possible" (German Working Group on Data Retention: The Arbeitskreis Vorratsdatenspeicherung (AK Vorrat), link):
"Denmark, the UK, and many other EU governments have so far refused to follow April's landmark ruling by the EU Court of Justice annulling the Data Retention Directive, which required Telecommunications and Internet Service Providers to store detailed records about all of their customers' communications and Internet use. But civil liberties campaigners AK Vorrat have now obtained internal documents showing that at a recent closed meeting of EU Justice and Home Affairs ministers the Council's Legal Services stated that paragraph 59 of the European Court of Justice's ruling on the Data Retention Directive "suggests that general and blanket data retention is no longer possible". "
And see: NGO Letter (link)
USA-NSA: EU states let NSA tap data cables, Danish media say (link): "Classified files leaked to Danish media suggest some EU states are allowing US spies to install surveillance equipment on cables in order to intercept the emails, private phone calls, and Internet chats of their citizens." and see:
How Secret Partners Expand NSA’s Surveillance Dragnet (The Intercept, link): It has already been widely reported that the NSA works closely with eavesdropping agencies in the United Kingdom, Canada, New Zealand, and Australia as part of the so-called Five Eyes surveillance alliance. But the latest Snowden documents show that a number of other countries, described by the NSA as “third-party partners,” are playing an increasingly important role – by secretly allowing the NSA to install surveillance equipment on their fiber-optic cables."
See documents: Special Source Operations: The Cryptologic Provider of Intelligence from Global High-Capacity Telecommunications Systems (pdf), RAMPART: Project overview (pdf), Danish cooperation with NSA (pdf) and Foreign Partner access (pdf): Includes RAMPART-A and WINDSTOP: "RAMPART-A has access to over 3 Terabits per second..." and WINDSTOP, including second partners, covering e-mails, web, internet chat and VOIP:: "to develop a well-integrated, over-arching architecture to utilize unprecedented access to communications into and out of Europe and the Middle East."
Google must remove list of websites around the world, Canadian court rules (Gigaon, link): "A court in Canada just told Google it must delete search results from around the world. The ruling is the latest in a troubling series of cases ordering search engines to remove information."
In the USA: House of Representatives moves to ban NSA's 'backdoor search' provision (Guardian, link): "Members vote 293 to 121 to stop NSA performing warrantless searches of data collected under foreign surveillance program" and what will happen now? Congress wants NSA reform after all. Obama and the Senate need to pass it (Guardian, link): " the real hurdle remains in the Senate, where these strengthened provisions will still have to be adopted and passed on to Obama's desk if they have any chance of having an affect. That is still a long shot, but the pressure's not going away."
GERMANY-US: DATA SURVEILLANCE: New NSA Revelations: Inside Snowden's Germany File (Spiegel Online, link)
"An analysis of secret documents leaked by Edward Snowden demonstrates that the NSA is more active in Germany than anywhere else in Europe -- and that data collected here may have helped kill suspected terrorists."
The NSA in Germany: Snowden's Documents Available for Download (Spiegel Online, link)
"In Edward Snowden's archive on NSA spying activities around the world, there are numerous documents pertaining to the agency's operations in Germany and its cooperation with German agencies. SPIEGEL is publishing 53 of them, available as PDF files."
See: documents on Tempora and Fornsat collection operations (pdfs)
IRELAND-EU: High Court refers Facebook privacy case to Europe (Irish Times, link) Judgment (18 June, pdf)
"The High Court has referred questions raised by a case taken by an Austrian privacy activist over the alleged mass transfer of personal data to US intelligence services to the European Court of Justice. Privacy campaigner Max Schrems had argued that the Data Protection Commissioner, Billy Hawkes, wrongly refused to investigate whistleblower Edward Snowden’s claims that Dublin-based Facebook International had passed on its EU users’ data to the US National Security Agency as part of its Prism surveillance programme. While the judge did not find in Mr Schrems’s favour today, he adjourned the case pending a reference to the European court."
UK: Government's defence of surveillance unconvincing, says ex-watchdog (Guardian, link)
"The government's arguments for justifying the mass monitoring of the internet are "unconvincing" and based on exploiting "loopholes" in legislation, the former chief surveillance inspector has said. Sam Lincoln, who served for seven years as the head of the Office of Surveillance Commissioners, said the revelations by Edward Snowden had damaged public confidence, and security establishment arguments were not being accepted by sections of the public."
GREECE-GERMANY: Greece is 1 of 196 Countries Monitored by Germany (Greek Reporter, link)
"According to Greek news, Greece is among the 196 countries that are currently being monitored by the German Federal Intelligence Service (BND). Considering Germany’s strong opposition when Snowden revealed the U.S. spying activities, this came as a surprise."
EU-US: DATA SURVEILLANCE: Europe v Facebook: the beginning of the end for NSA spying on EU citizens? (EU Law Analysis blog, link)
"Today’s decision by the Irish High Court to send questions in the ‘Europe v Facebook’ case to the CJEU raises the possibility that the NSA’s access to EU citizens’ personal data might soon come to an end. But it’s not clear if the CJEU will address the most essential issues directly, because the case raises a number of complex legal issues that need to be examined in more detail."
UK: DATA SURVEILLANCE: UK intelligence forced to reveal secret policy for mass surveillance of residents’ Facebook and Google use (Privacy International, link)
"Britain’s top counter-terrorism official has been forced to reveal a secret Government policy justifying the mass surveillance of every Facebook, Twitter, Youtube and Google user in the UK. This disturbing policy was made public due to a legal challenge brought by Privacy International, Liberty, Amnesty International, the American Civil Liberties Union, Pakistani organisation Bytes for All, and five other national civil liberties organisations. The statement, from Charles Farr, the Director General of the Office for Security and Counter Terrorism, claims that the indiscriminate interception of UK residents’ Facebook and Google communications would be permitted under law because they are defined as ‘external communications’."
See: Social media mass surveillance is permitted by law, says top UK official (Guardian, link) Charles Farr witness statement (pdf)
For background: Statewatch analysis: GCHQ is authorised to “spy on the world” but the UK Interception of Communications Commissioner says this is OK as it is “lawful” (pdf)
UK-US: DATA SURVEILLANCE: How much is too much - did Edward Snowden expose the dark side of our 'surveillance society'? (The Courier, link) "Are our personal freedoms being eroded in the name of safety and national security? Helen Brown talked to Tony Bunyan of Statewatch, which monitors state activities and civil liberties in the EU."
US: BIG DATA: Report to the President from the President’s Council of Advisors on Science and Technology: Big data and privacy: a technological perspective (pdf)
"In light of the continuing proliferation of ways to collect and use information about people, PCAST recommends that policy focus primarily on whether specific uses of information about people affect privacy adversely. It also recommends that policy focus on outcomes, on the “what” rather than the “how,” to avoid becoming obsolete as technology advances. The policy framework should accelerate the development and commercialization of technologies that can help to contain adverse impacts on privacy, including research into new technological options. By using technology more effectively, the Nation can lead internationally in making the most of big data’s benefits while limiting the concerns it poses for privacy. Finally, PCAST calls for efforts to assure that there is enough talent available with the expertise needed to develop and use big data in a privacy-sensitive way."
Report from the Executive Office of the President: Big data: seizing opportunities, preserving values (pdf)
"Big data technologies will be transformative in every sphere of life. The knowledge discovery they make possible raises considerable questions about how our framework for privacy protec-tion applies in a big data ecosystem. Big data also raises other concerns. A significant finding of this report is that big data analytics have the potential to eclipse longstanding civil rights protec-tions in how personal information is used in housing, credit, employment, health, education, and the marketplace. Americans’ relationship with data should expand, not diminish, their opportuni-ties and potential."
See: NTIA Leads Privacy Bill of Rights Review in Light of `Big Data' Trend (Bloomberg BNA, link) "National Telecommunications and Information Administration unveils effort to review administration's 2012 consumer 'privacy bill of rights' in light of 'big data' developments."
UK-US: DATA SURVEILLANCE: Big Brother gone mad? Expert talks state surveillance (STV Dundee, link) Tony Bunyan, Director of Statewatch, will be speaking at a free event ‘Spying on us all: Snowden, UK-GCHQ and USA-NSA’, at Dundee University this weekend.
DATA SURVEILLANCE: Global security analysis reveals widespread government apathy following Snowden disclosures (The Privacy Surgeon, link) Full report: A Crisis of Accountability: A global analysis of the impact of the Snowden revelations (pdf)
"A global analysis published today reveals that the overwhelming majority of the world’s governments have failed to take any meaningful action in the wake of the disclosures by whistleblower Edward Snowden. The report, “A Crisis of Accountability”, has been published by the Privacy Surgeon and is based on collaboration with expert contributors from eighteen countries. The analysis determined that a large majority of governments have not responded in any “tangible, measurable way” to the disclosures that began in June 2013."
UK: Vodafone reveals direct government wiretaps (BBC, link)
"Vodafone has said that a small number of governments have direct access to communications flowing over its networks. Most countries Vodafone operates in need a warrant to intercept communications, the firm said. However, in some countries police have a direct link to customer's phone calls and web communications."
EU: Agency for Fundamental Rights: National intelligence authorities and surveillance in the EU: Fundamental rights safeguards and remedies (link)
See also: Four ways Edward Snowden changed the world – and why the fight's not over (Guardian, link)
"But along with the changes Snowden sparked, vital questions remain about how and if the National Security Agency and its global spy apparatus will truly be reformed. Many wheels are finally in motion, but will the US Congress and the courts actually respond in a meaningful way? In truth, the second year of Snowden may be more important than the first. It's when we'll see if global privacy rights get protected for the better – or if mass surveillance becomes more entrenched in our laws than ever before. For now, it's important to take stock in looking ahead to the next chapter."
Edward Snowden, a year on: reformers frustrated as NSA preserves its power (Guardian, link)
"For two weeks in May, it looked as though privacy advocates had scored a tenuous victory against the widespread surveillance practices exposed by Edward Snowden a year ago. Then came a resurgent intelligence community, armed with pens, and dry, legislative language."
GERMANY-US-NSA: Germany Begins Inquiry of U.S. in Surveillance Case (New York Times, link) Germany opens inquiry into claims NSA tapped Angela Merkel's phone (Guardian, link)
"Germany's federal prosecutor has defied public expectations by opening an investigation into the alleged tapping of Angela Merkel's mobile phone by the US's National Security Agency...Merkel had complained to Barack Obama in person about the alleged tapping of her phone last October, but the federal court's investigation, which will be against unnamed persons, would constitute the first formal response to the affair. The German government has reportedly announced its support for the investigation."
USA: DATA SURVEILLANCE: US military studied how to influence Twitter users in Darpa-funded research (Guardian, link)
• Defense Department spent millions to research social networks
• Studies focused on Occupy and Middle East protests
• Projects also analysed memes, celebrities and disinformation:
"Several of the DoD-funded studies went further than merely monitoring what users were communicating on their own, instead messaging unwitting participants in order to track and study how they responded....
The project list includes a study of how activists with the Occupy movement used Twitter as well as a range of research on tracking internet memes and some about understanding how influence behaviour (liking, following, retweeting) happens on a range of popular social media platforms like Pinterest, Twitter, Kickstarter, Digg and Reddit."
Dutch Joint Sigint Cyber Unit (JSCU) officially started (link)
USA: NSA SURVEILLANCE: In NSA-intercepted data, those not targeted far outnumber the foreigners who are - Files provided by Snowden show extent to which ordinary Web users are caught in the net (Washinton Post, link):
"Ordinary Internet users, American and non-American alike, far outnumber legally targeted foreigners in the communications intercepted by the National Security Agency from U.S. digital networks, according to a four-month investigation by The Washington Post.
Nine of 10 account holders found in a large cache of intercepted conversations, which former NSA contractor Edward Snowden provided in full to The Post, were not the intended surveillance targets but were caught in a net the agency had cast for somebody else.
Many ... files, described as useless by the analysts but nonetheless retained, have a startlingly intimate, even voyeuristic quality. They tell stories of love and heartbreak, illicit sexual liaisons, mental-health crises, political and religious conversions, financial anxieties and disappointed hopes. The daily lives of more than 10,000 account holders who were not targeted are catalogued and recorded nevertheless."
See also: Germans Demand U.S. Response to Spy Allegation (New York Times, link) and: German-US relations strained by new spy scandal (euobserver, link)
UKUSA: "FIVE-EYES" agreement: SMART TARGET: Non-targetable 2nd Party Countries, Territories & Individuals (pdf). Page 2 is the most interesting as this confirms what has been established in the UK and the USA, namely that they can both spy on the rest of the world. This document states that it is "Lawful without specific authorisation" to target "Foreign national(s) overseas" in all the Five-Eyes countries. In simple terms this means the UK can spy on people in Australia and the USA can spy on people in the UK "lawfully" and without authorisation. See:
- GCHQ evidence to Tribunal (pdf)
- UK intelligence forced to reveal secret policy for mass surveillance of residents’ Facebook and Google use (PI, link)
- Statewatch analysis: GCHQ is authorised to “spy on the world” but the UK Interception of Communications Commissioner says this is OK as it is “lawful” (pdf)
USA-GERMANY: German Man Arrested as Spy Implicates U.S.(New York Times, link):
"In the latest turn in the yearlong tensions with Germany over American spying, a German man was arrested this week on suspicion of passing secret documents to a foreign power, believed to be the United States. The American ambassador, John B. Emerson, was summoned to the Foreign Office here and urged to help with what German officials called a swift clarification of the case."
USA: WIRETAPS: Report on law enforcement agencies (LEAs) authorised electronic surveillance: Wiretap Report 2013 (link): Compared to the UK this is at least a start:
"Each Wiretap Report uses tables, text, and charts to report information provided by federal and state officials on orders authorizing or approving interceptions of wire, oral, or electronic communications for the calendar year ending December 31."
GERMANY: NSA: NSA 'totalitarian,' ex-staffer tells German parliament (DW, link): "A former NSA technical chief has told Germany's parliament that the US agency has become a "totalitarian" mass collector of data. German public broadcasters say the NSA targets individuals who use encryption services." and NSA Hacks TOR in Germany, Calls Users Extremists (Cryptome, link)
And see: A thumbs-up for NSA Internet spying on foreigners (Washngton Post, link) and see: Privacy and Civil Liber0es Oversight Board report (pdf)
USA: NSA-SURVEILLANCE: Court gave NSA broad leeway in surveillance, documents show (Washington Post, link): "Virtually no foreign government is off-limits for the National Security Agency, which has been authorized to intercept information “concerning” all but four countries, according to top-secret documents." and The N.S.A. Can Spy on These 193 Foreign Governments (New York Times, link): "That’s every single country except Britain, Canada, Australia and New Zealand" (ie: evey country except Five-Eyes partners)
See: Court authorisation (pdf) and 193 countries list (pdf)
USA: SURVEILLANCE OF "FOREIGNERS": Under FISA Section 702 there was a single Order for gathering "foreign intelligence" which involved 89,138 "targets" As in the UK a "target" can be a single person or an organisation although data of this kind is never published in the UK:
"Within the Intelligence Community, the term “target” has multiple meanings. For example, “target” could be an individual person, a group, or an organization composed of multiple individuals or a foreign power that possesses or is likely to communicate foreign intelligence information that the U.S. government is authorized to acquire.....in the context of Section 702 the term “target” is generally used to refer to the act of intentionally directing intelligence collection at a particular person, a group, or organization."
See USA: IntelligenceTransparency report - full text (pdf) See also: U.S. releases data on sensitive surveillance programs for first time (Washington Post, link): "The U.S. government on Friday for the first time released data on the scope of some of its most sensitive foreign intelligence-gathering efforts, saying that it had targeted nearly 90,000 foreign persons or organizations for surveillance through U.S. companies last year."
GERMANY: NSA: German government to drop Verizon over NSA spying fears (Washington Post, link): ""There are indications that Verizon is legally required to provide certain things to the NSA, and that's one of the reasons the cooperation with Verizon won't continue," German Interior Ministry spokesman Tobias Plate told AP. Verizon has provided Internet service to a number of German government departments but not intelligence to agencies according to Plate."
EU-USA SURVEILLANCE: EU-U.S. Justice Ministerial in Athens: Vice-President Reding welcomes U.S. announcement on data protection umbrella agreement (pdf) and Fact sheet (pdf)
UK: SURVEILLANCE: Home secretary denies security services engaged in mass surveillance - May uses Mansion House speech to make case for reviving 'snooper's charter' legislation, calling it matter of 'life and death' (Guardian, link) and see: Theresa May says the UK is not a surveillance state, but her proposed law might create one (The Conversation, link)
USA: NSA:DATA SURVEILLANCE: FISA Amendment Bill 2014 as it stands in May 2014 (pdf) amending Foreign Intelligence Security Act 2008 (pdf) amending FISA 1978 (pdf) See also: A Surveillance Bill That Falls Short (New York Times, link) and The NSA reform bill now shuts down a secret database. Will that fix anything? (Guardian, link)
And: What does GCHQ know about our devices that we don't? (PI, link)
USA: NSA: The Bahamas Government Responds to Spying (link) See: The Bahamas Wants to Know Why the NSA is Recording Its Phone Calls (The Intercept, link) and also: Fine Line Seen in U.S. Spying on Companies (New York Times, link)
EU: NSA SPYING & MANDATORY DATA RETENTION: Letters from Sophie in 't Veld MEP to: Commissioner Reding: USA spying on EU (pdf) and to: Commissoiner Malmstrom: Mandatory Data Retention (pdf)
USA-NSA: DATA SURVEILLANCE: Data Pirates of the Caribbean: The NSA Is Recording Every Cell Phone Call in the Bahamas (The Intercept, link):
"SOMALGET is part of a broader NSA program called MYSTIC, which The Intercept has learned is being used to secretly monitor the telecommunications systems of the Bahamas and several other countries, including Mexico, the Philippines, and Kenya. But while MYSTIC scrapes mobile networks for so-called “metadata” – information that reveals the time, source, and destination of calls – SOMALGET is a cutting-edge tool that enables the NSA to vacuum up and store the actual content of every conversation in an entire country."
And see: NSA to test legal limits on surveillance if USA Freedom Act becomes law (Guardian, link)
• Aides and lawyers contend over terms of surveillance bill
• Authors of first realistic reform seek to avoid loopholes
UK-USA: Washington spends £200m creating intelligence hub in Britain (Independent, link):
"Washington is to spend almost £200m to turn one of its British military bases – already implicated in mass surveillance and drone strikes – into one of its largest intelligence hubs outside the mainland United States. RAF Croughton, a US Air Force (USAF) base near Milton Keynes, which has a direct cable link to Government Communications Headquarters (GCHQ) at Cheltenham, is to be the site for an ultra-secure intelligence centre staffed by up to 1,250 personnel and covering operations in Africa, a current focus for US counterterrorism activities.....
Once complete in 2017, the facility will be comparable in number of personnel and operational importance to RAF Menwith Hill, the National Security Agency (NSA) listening station in North Yorkshire. Like Menwith Hill, it is likely to be co-staffed with representatives of British intelligence, including GCHQ."
USA-NSA: Data Pirates of the Caribbean: The NSA Is Recording Every Cell Phone Call in the Bahamas (The Intercept, link):
"OMALGET is part of a broader NSA program called MYSTIC, which The Intercept has learned is being used to secretly monitor the telecommunications systems of the Bahamas and several other countries, including Mexico, the Philippines, and Kenya. But while MYSTIC scrapes mobile networks for so-called “metadata” – information that reveals the time, source, and destination of calls – SOMALGET is a cutting-edge tool that enables the NSA to vacuum up and store the actual content of every conversation in an entire country.
All told, the NSA is using MYSTIC to gather personal data on mobile calls placed in countries with a combined population of more than 250 million people. "
EU: EU-USA: DATA SURVEILLANCE: European Parliament: LIBE Committee Inquiry: Electronic Mass Surveillance of EU Citizens: Proceedings, Outcome and Background documents: (140 pages, pdf) Full summary and documents of the Inquiry.
UK-USA: DATA SURVEILLANCE: The official US position on the NSA is still unlimited eavesdropping power - One year after Snowden, the government is defending – in not-so-plain sight – the 'paramount' power to spy on every call and email between you and your friends abroad (Guardian, link):
"That law [Fisa Amendments Act 2008] permits the government to monitor Americans' international communications without first obtaining individualized court orders or establishing any suspicion of wrongdoing.It's hardly surprising that the government believes the 2008 law is constitutional – government officials advocated for its passage six years ago, and they have been vigorously defending the law ever since. Documents made public over the last eleven-and-a-half months by the Guardian and others show that the NSA has been using the law aggressively.
What's surprising – even remarkable – is what the government says on the way to its conclusion. It says, in essence, that the Constitution is utterly indifferent to the NSA's large-scale surveillance of Americans' international telephone calls and emails:
The privacy rights of US persons in international communications are significantly diminished, if not completely eliminated, when those communications have been transmitted to or obtained from non-US persons located outside the United States. That phrase – "if not completely eliminated" – is unusually revealing. Think of it as the Justice Department's twin to the NSA's "collect it all".
See Court documents (pdf). And background: Statewatch analysis: GCHQ is authorised to “spy on the world” but the UK Interception of Communications Commissioner says this is OK as it is “lawful” (pdf)
UK-GCHQ: DATA SURVEILLANCE: GCHQ's spy malware operation faces legal challenge - Privacy International claims development of programs that remotely hijack computer cameras and microphones is illegal (Guardian, link). See: Privacy International challenges GCHQ's unlawful hacking of computers, mobile phones (PI link) and Full-text of complaint (link)
And: David Miranda allowed to appeal against ruling on Heathrow detention - Partner of former Guardian reporter to challenge high court ruling on legality of his detention under counter-terrorism powers (Guardian, link)
EU: DATA SURVEILLANCE: EU court backs 'right to be forgotten': Google must amend results on request (Guardian, link)
"A European court has backed the "right to be forgotten" and said Google must delete "inadequate, irrelevant or no longer relevant" data from its results when a member of the public requests it. The test case ruling by the European Union's court of justice against Google Spain was brought by a Spanish man, Mario Costeja González, after he failed to secure the deletion of an auction notice of his repossessed home dating from 1998 on the website of a mass circulation newspaper in Catalonia."
See: Full-text of Judgment (link)
And: The CJEU's Google Spain judgment: failing to balance privacy and freedom of expression (Steve Peers EU Law Analysis, link)
UK: MPs: Snowden files are 'embarrassing indictment' of British spying oversight (Guardian, link) MPs' verdict on spying oversight: a system fit for Smiley, not 21st century (Guardian, link)
"Edward Snowden's disclosures of the scale of mass surveillance are "an embarrassing indictment" of the weak nature of the oversight and legal accountability of Britain's security and intelligence agencies, MPs have concluded."
See: House of Commons Home Affairs Committee report on Counter-terrorism (9 May 2014, pdf)
And: Statewatch analysis: GCHQ is authorised to “spy on the world” but the UK Interception of Communications Commissioner says this is OK as it is “lawful” (pdf) by Tony Bunyan
US: Newly released documents shed light on CIA’s African rendition network (Reprieve press release, link)
"Documents released by Reprieve and New York University’s Global Justice Clinic have shed new light on the CIA’s African rendition network. The documents show how planes contracted by the US government for rendition missions used Djibouti as a hub."
UK: Statewatch analysis: GCHQ is authorised to “spy on the world” but the UK Interception of Communications Commissioner says this is OK as it is “lawful” (pdf) by Tony Bunyan
This analysis finds that UK “law” allows security and intelligence agencies to “lawfully spy on the world”, a problem compounded by the agencies’ use of new technologies to act outside of their legal powers. This analysis also questions whether the Interception Commissioner is capable of providing effective oversight of state surveillance activities.
See: New Statewatch Study Discloses GCHQ Spying Proxy (everythingpr, link)
UK-EU: EU ties 'vital' to UK's national security, say MPs (Guardian, link)
"Two British parliamentary reports were published this week. They received scant attention, though they deal with most important matters relating to Britain's role in the world, its national security, and how much money should be spent on defence and why."
See reports by:
House of Commons Defence Committee Intervention: Why, When and How? (pdf)
Joint Committee on the National Security Strategy The work of the Joint Committee on the National Security Strategy in 2013–14 (pdf)
USA: DATA SURVEILLANCE: Everyone is under surveillance now, says whistleblower Edward Snowden (Guardian, link)
"The US intelligence whistleblower Edward Snowden has warned that entire populations, rather than just individuals, now live under constant surveillance. 'It's no longer based on the traditional practice of targeted taps based on some individual suspicion of wrongdoing,' he said. 'It covers phone calls, emails, texts, search history, what you buy, who your friends are, where you go, who you love.'"
GERMANY-USA: DATA SURVEILLANCE: U.S. and Germany Fail to Reach a Deal on Spying (New York Times, link)
"The effort to remake the intelligence relationship between the United States and Germany after it was disclosed last year that the National Security Agency was tapping Chancellor Angela Merkel’s cellphone has collapsed, according to German officials, who say there will be no broad intelligence sharing or “no-spy” agreement between the two countries when Ms. Merkel visits the White House on Friday."
EU: CLOUD COMPUTING:
- Letter from Juan Fernando López Aguilar, Chairman of European Parliament LIBE Committee to Neelie Kroes on the FP7-funded CoCo (Confidential and Compliant) Cloud project (pdf)
- Response from Neelie Kroes, European Commissioner for Digital Agenda (pdf)
López Aguilar seeks more information on certain aspects of the CoCo Cloud project, funded by the EU under the 7th Framework Programme, fearing that the project may involve the transfer of EU citizens' personal data to the US. Kroes confirms in her response that only "synthetic fictional or fabricated data, which does not relate to real existing data subjects" will be used, and that "only servers located in the EU will be used" during the project.
However, there are wider questions about the EU's cloud computing strategy, particularly in relation to data transfers to the US, which are not raised in López Aguilar's letter and which are yet to be addressed by the Commission. See: sections 2.2.4 and 2.3 in European Parliament Briefing Note: The US National Security Agency (NSA) surveillance programmes (PRISM) and Foreign Intelligence Surveillance Act (FISA) activities and their impact on EU citizens' fundamental rights (pdf)
See also:
PRISM: The EU must take steps to protect cloud data from US snoopers (The Independent, link)
Coco Cloud website
Coco Cloud on CORDIS
US: BIG DATA: White House report: Big Data: Seizing Opportunities, Preserving Values (pdf) And: Fact sheet: Big Data and Privacy Working Group Review (link)
"In January, President Obama asked his Counselor John Podesta to lead a 90-day review of big data and privacy...Today, Podesta and the big data working group presented their findings and recommendations to the President... by evaluating the opportunities and challenges presented by big data, the working group was able to draw important conclusions and make concrete recommendations to the President for Administration attention and policy development."
SWITZERLAND: DATA SURVEILLANCE: Data retention in Switzerland - the monitored life of National Councillor Balthasar Glättli (link)
"Balthasar Glättli, member of the National Council for The Green Party, has provided OpenDataCity with parts of his retained data of six month for this visualization. As a result, these retained data reveal what secret services and law inforcement call "profile" - a comprehensive picture of the entire life of the monitored person."
UK-USA: DATA SURVEILLANCE: New 'revealed documents' from freesnowden.is on 2012 London Olympics:
PRISM Operations Highlight: Olympics Support – GCHQ Using PRISM Access (pdf) This slide from a presentation on PRISM describes access granted to GCHQ employees during the 2012 London Olympics.
Identifier Lead Triage with ECHOBASE (pdf) This SIGDEV presentation dated June 2012 describes techniques for filtering very large datasets through the cloud-based GHOSTMACHINE framework. Cooperation between NSA and GCHQ during the 2012 London Olympics – the “Olympic Option” – is used as a case study (as covered in The Intercept article below).
UK-USA: DATA SURVEILLANCE: British Spy Chiefs Secretly Begged to Play in NSA’s Data Pools (The Intercept, link)
"Britain’s electronic surveillance agency, Government Communications Headquarters, has long presented its collaboration with the National Security Agency’s massive electronic spying efforts as proportionate, carefully monitored, and well within the bounds of privacy laws. But according to a top-secret document in the archive of material provided to The Intercept by NSA whistleblower Edward Snowden, GCHQ secretly coveted the NSA’s vast troves of private communications and sought “unsupervised access” to its data as recently as last year – essentially begging to feast at the NSA’s table while insisting that it only nibbles on the occasional crumb."
USA-NSA: DATA SURVEILLANCE: Another secret FISA opinion disclosed, and a question for Stewart Baker (Washington Post, link)
"...Another secret opinion by a FISA court judge has been published, upholding the constitutionality of the NSA’s bulk data seizure program. The good news is that, apparently for the first time, a telecom company–reportedly Verizon–has challenged the legality of a seizure order, making this apparently the first adversarial proceeding in the FISA court on this program. The difference is highlighted by the FISA judge’s discussion of the standing of the telecom company that would create a case or controversy within the jurisdiction of an Article III court. The previously declassified opinion required no such discussion since the ruling was entirely ex parte."
U.S. judge rules search warrants extend to overseas email accounts (Reuters, link): "Internet service providers must turn over customer emails and other digital content sought by U.S. government search warrants even when the information is stored overseas, a federal judge ruled on Friday."
NORWAY: INTELLIGENCE GATHERING: NIS aquires supercomputer: It´s codenamed Steelwinter and is part of a 100 million dollar investment program. The supercomputer will crack heavy cryptology and analyze the vast amounts of data Norwegian Inteligence Service (NIS) collects (Dagbladet Nyheter, link):
"The Norwegian military intelligence service collects vast amounts of signal intelligence, known as «sigint». In Afghanistan alone NIS collected 33 million registrations from telecommunication during 30 days around Christmas 2012, according to their own revelations. Additionally they listen to satellites and radio communication in our own region. The listening post in Vardø, close to the Russian-Norwegian border at the top of Europe, is basically a giant ear eastward.
NIS sources states that the purpose of the acquisition is to analyze large amounts of data and find the needles they're looking for in the haystacks. They also want to do more of this work in Norway. As it is now, and has been in the past, large amounts of data is being sent to the NSA to be analyzed there."
See also: NSA Intelligence relationship with Norway (pdf)
USA-NSA: DATA SURVEILLANCE: Surveillance court rejected Verizon challenge to NSA calls program (Washington Post, link): "Verizon in January filed a legal challenge to the constitutionality of the National Security Agency’s program that collects billions of Americans’ call-detail records, but a surveillance court rejected it..."
See: Seven telcos named as providing fiber optic cable access to UK spies - New Snowden leaks show Verizon, Vodafone, and BT share direct data (Statewatch News Online, August 2013)
and also: (“Microsoft”) moves to quash a search warrant to the extent that it directs Microsoft to produce the contents of one of its customer’s e-mails where that information is stored on a server located in Dublin, Ireland: Microsoft contends that courts in the United States are not authorized to issue warrants for extraterritorial search and seizure, and that this is such a warrant. For the reasons that follow, Microsoft’s motion is denied.."(Judgment, pdf)
UK: GCHQ names Foreign Office official Robert Hannigan as new chief - Current director general of defence and intelligence to replace Sir Iain Lobban at Cheltenham-based agency in autumn (Guardian, link)
USA-NSA: DATA SURVEILLANCE: HEARTBLEED: NSA Said to Exploit Heartbleed Bug for Intelligence for Years (Bloomberg, link) and Heartbleed hacks hit Mumsnet and Canada's tax agency (BBC News, link) also:Parenting website Mumsnet hit by Heartbleed hacking bug - Mumsnet says data of all 1.5m members may be compromised as co-founder admits message was posted using her own password (Guardian, link) AndHeartbleed und die NSA: Ohne Hose im Netz (Spiegel Online, link)
USA-NSA-UK-GCHQ: Guardian and Washington Post win Pulitzer prize for NSA revelations - Pair awarded highest accolade in US journalism, winning Pulitzer prize for public service for stories on NSA surveillance (Guardian. link)
USA: Congressional Research Service:
• Reform of the Foreign Intelligence Surveillance Courts: A Brief Overview (pdf)
• Overview of Constitutional Challenges to NSA Collection Activities and Recent Developments (pdf)
GERMANY-USA: NSA: Angela Merkel denied access to her NSA file - Frustration with US government rises over failure to clear up questions about surveillance of German chancellor's phone (Guardian, link)
USA-NSA: Has the NSA Been Using the Heartbleed Bug as an Internet Peephole? (WIRED, link)
COE: USA-NSA-DATA SURVEILLANCE: Parliamentary Assembly: Podcast: Edward Snowden’s testimony to Parliamentary Assembly hearing on mass state surveillance (link) and Video (link)
And see: Edward Snowden: US government spied on human rights workers - Whistleblower tells Council of Europe NSA deliberately snooped on groups such as Human Rights Watch and Amnesty International (Guardian, link)
USA-NSA: DATA SURVEILLANCE: Historical document with some lessons for the present: The Complete, Unofficial TEMPEST Information Page (last updated in 2004, pdf):
"Across the darkened street, a windowless van is parked. Inside, an antenna is pointed out through a fiberglass panel. It's aimed at an office window on the third floor. As the CEO works on a word processing document, outlining his strategy for a hostile take-over of a competitor, he never knows what appears on his monitor is
being captured, displayed, and recorded in the van below." (The graphic on the right is the logo for the US Army Blacktail Canyon TEMPEST Test Facility.)
USA-NSA-CUBA-UK-GCHQ: DATA SURVEILLANCE: The “Cuban Twitter” Scam Is a Drop in the Internet Propaganda Bucket (The Intercept, link):
"This week, the Associated Press exposed a secret program run by the U.S. Agency for International Development to create “a Twitter-like Cuban communications network” run through “secret shell companies” in order to create the false appearance of being a privately owned operation. Unbeknownst to the service’s Cuban users was the fact that “American contractors were gathering their private data in the hope that it might be used for political purposes”–specifically, to manipulate those users in order to foment dissent in Cuba and subvert its government."
Documents: Sigdev Conference (pdf) and GCHQ: Full-Spectrum Cyber Effects (19 pages, pdf) also earlier: GCHQ: Psychology: A New Kind of SIGDEV (48 pages, pdf)
GERMANY: USA-NSA-UK-GCHQ: Germany opens hearings on U.S. spying (Washington Post, link):
"Revelations of large-scale U.S. spying on Germans, up to and including Chancellor Angela Merkel, prompted an initial wave of outrage here last year. But now, the lengthy committee investigations could keep the spotlight on leaks by the former National Security Agency contractor for a year or two to come.
The hearings also have the potential to provoke further anti­pathy. Indeed, a number of lawmakers here are demanding safe passage to Berlin for Snowden — who is living in self-imposed exile in Moscow — to testify before the eight-member committee. Any such move would likely outrage the United States, which is seeking to take Snowden into custody."
DATA SURVEILLANCE : Launch of CAUSE: Coalition Against the Unlawful Surveillance Exports (link): "Civil society groups (FIDH, Amnesty, Human Rights Watch, Privacy International, Reporters without Borders, Digitale Gesellschaft, Open Technology Institute) join together to launch CAUSE. The main goal of the coalition will be to ensure that transfers of commercial surveillance technology do not contribute to human rights abuses or internal repression."
EU-USA: German parliament confirms NSA inquiry, to start in April (DW, link): "Germany's four major parties have unanimously approved a parliamentary inquiry into surveillance by the NSA. A German newspaper reported that whistleblower Edward Snowden, currently in Russia, may testify via Skype."
GERMANY: UK-GCHQ-USA-NSA: 'A' for Angela Merkel: GCHQ and NSA Targeted Private German Companies (Der Spiegel, link):
"Documents show that Britain's GCHQ intelligence service infiltrated German Internet firms and America's NSA obtained a court order to spy on Germany and collected information about the chancellor in a special database. Is it time for the country to open a formal espionage investigation?" See: nsa-gchq document (pdf)
And also: Der Spiegel: NSA Put Merkel on List of 122 Targeted Leaders (Intercept, link)
UN: Human Rights Committee (Advanced uncorrected version): NSA surveillance (pdf)
"The Committee is concerned that the current system of oversight of the activities of the NSA fails to effectively protect the rights of those affected. While welcoming the recent Presidential Policy Directive (PPD-28) that will now extend some safeguards to non-US persons “to the maximum extent feasible consistent with the national security”, the Committee remains concerned that such persons enjoy only limited protection against excessive surveillance."
See: Dispatch from Geneva: EFF Responds to Concluding Observations from UN Human Rights Committee on NSA Pervasive Surveillance (link):
"the Committee criticized Obama’s policy directive (PPD-28) because it offers only limited protection against excessive surveillance for non-US persons. The Committee correctly pointed out that those affected have no access to adequate remedies in case of abuse."
USA-NSA: DATA SURVEILLANCE: USA-NSA: DATA SURVEILLANCE: Obama: US must 'win back the trust of ordinary citizens' over data collection - President confirms plans to end NSA bulk telephone collection as House committee says it is close to reform bill deal (Guardian, link): The US proposals concern US citizens where data collection is based on: "reasonable articulable suspicion" - it is silent on the rights of everyone else in the world, including the EU. The claim is that EU citizens will have the same protection as US citizens - but is this the same as EU citizens will have under EU law?
and: Obama is cancelling the NSA dragnet. So why did all three branches sign off? Well, at least the phone part of the dragnet. Here's hoping it's the end of laws of the spies, by the spies and for the spies (Guardian, link) by Jameel Jaffer. And see: The House's NSA bill could allow more spying than ever. You call this reform? Congress' serial fabricator has the audacity to call his new law the 'End Bulk Collection Act'. Obama's proposal isn't much better (link)
USA-NSA-CHINA: Shotgiant: Snowden Docs Show Real Worry With Huawei Tech Is NSA Backdoors Not China Spying (link)
FRANCE-CANADA: DATA SURVEILLANCE: French spy software targeted Canada: report (The Globe and Mail, link): "The document leaked to Le Monde is a slide presentation with the logo of Communications Security Establishment of Canada (CSEC), the secretive Ottawa-based agency that tracks foreign computer, radio and telephone communications. It is classified top secret." See also: Quand les Canadiens partent en chasse de "Babar"." (Le Monde, link)
See: Stormglobe document (pdf)
Updated: USA-NSA: NSA surveillance program reaches ‘into the past’ to retrieve, replay phone calls (Washington Post, link)
"The National Security Agency has built a surveillance system capable of recording “100 percent” of a foreign country’s telephone calls, enabling the agency to rewind and review conversations as long as a month after they take place, according to people with direct knowledge of the effort and documents supplied by former contractor Edward Snowden."
See documents: Mystic (2 pages, pdf) and Scalwag/Retro (pdf)
This follows the revelation last year (October 2013) about the NSA mass collection of e-mail addresses: See: NSA collects millions of e-mail address books globally (Washington Post, link)
UK-GCHQ: British intelligence watchdog is like Yes Prime Minister, says MP - Spy services' monitor has staff of just two and was bewildered by Snowden affair (Guardian, link)(pdf)
UK-GCHQ: If GCHQ wants to improve national security it must fix our technology - Our security is better served by protecting us against online threats than it is by giving cops and spies an easier time attacking ‘bad guys’ (Guardian, link) and Public apathy over GCHQ snooping is a recipe for disaster - The lack of public alarm at government internet surveillance is frightening, but perhaps it's because the problem is difficult to convey in everyday terms (The Observer, link)
USA-NSA: Compare the NSA’s Facebook Malware Denial to its Own Secret Documents (The Intercept, link)
USA-NSA: DATA SURVEILLANCE: How the NSA Plans to Infect ‘Millions’ of Computers with Malware (The Intercept. link):
"Top-secret documents reveal that the National Security Agency is dramatically expanding its ability to covertly hack into computers on a mass scale by using automated systems that reduce the level of human oversight in the process.
The classified files – provided previously by NSA whistleblower Edward Snowden – contain new details about groundbreaking surveillance technology the agency has developed to infect potentially millions of computers worldwide with malware “implants.” The clandestine initiative enables the NSA to break into targeted computers and to siphon out data from foreign Internet and phone networks."
"Top-secret documents show that the British base – referred to by the NSA as “MHS” for Menwith Hill Station – is an integral component of the TURBINE malware infrastructure and has been used to experiment with implant “exploitation” attacks against users of Yahoo and Hotmail."
"MENWITH HILL: GCHQ, the British agency, has taken on a particularly important role in helping to develop the malware tactics. The Menwith Hill satellite eavesdropping base that is part of the TURMOIL network, located in a rural part of Northern England, is operated by the NSA in close cooperation with GCHQ. Top-secret documents show that the British base – referred to by the NSA as “MHS” for Menwith Hill Station – is an integral component of the TURBINE malware infrastructure and has been used to experiment with implant “exploitation” attacks against users of Yahoo and Hotmail."
See: The NSA and GCHQ’s QUANTUMTHEORY Hacking Tactics (link), TURBINE and TURMOIL: (pdf) another Menwith Hill ("MHS") connection.
And see: Foreign Officials In the Dark About Their Own Spy Agencies’ Cooperation with NSA (The Intercept, link): "One of the more bizarre aspects of the last nine months of Snowden revelations is how top political officials in other nations have repeatedly demonstrated, or even explicitly claimed, wholesale ignorance about their nations’ cooperation with the National Security Agency, as well as their own spying activities. This has led to widespread speculation about the authenticity of these reactions: Were these top officials truly unaware, or were they pretending to be, in order to distance themselves from surveillance operations that became highly controversial once disclosed?" See: Third Party Relationships (pdf)
UK: DATA SURVEILLANCE: Phone call metadata does betray sensitive details about your life – study Identities of cannabis grower, woman seeking an abortion and MS sufferer inferred in study that confirms danger of widespread access to metadata (Guardian, link):
"Warnings that phone call “metadata” can betray detailed information about your life has been confirmed by research at Stanford University. Researchers there successfully identified a cannabis cultivator, multiple sclerosis sufferer and a visitor to an abortion clinic using nothing more than the timing and destination of their phone calls. Jonathan Mayer and Patrick Mutchler, the researchers behind the finding, used data gleaned from 546 volunteers to assess the extent to which information about who they had called and when revealed personally sensitive information.
EU-USA: DATA SURVEILLANCE: MEPs want to scrap US data agreements (euobserver, link): "MEPs want the EU to scrap data protection agreements with the US as they increase pressure on member states to start negotiations on reforming data protection rules in the EU."
European Parliament: US NSA: stop mass surveillance now or face consequences, MEPs say (pdf) : The resolution, in which MEPs set out their findings and recommendations to boost EU citizens' privacy, was backed by 544 votes to 78, with 60 abstentions:
"Parliament's consent to the EU-US trade deal "could be endangered" if blanket mass surveillance by the US National Security Agency (NSA) does not stop, MEPs said on Wednesday, in a resolution wrapping up their six-month inquiry into US mass surveillance schemes. The text also calls on the EU to suspend its bank data deal with the US and the “Safe Harbour agreement” on data privacy. The fight against terrorism can never justify secret and illegal mass surveillance, it adds"
"The Snowden revelations gave us a chance to react. I hope we will turn those reactions into something positive and lasting into the next mandate of this Parliament, a data protection bill of rights that we can all be proud of", said Civil Liberties inquiry rapporteur Claude Moraes (S&D,"
UK).
USA-NSA: DATA SURVEILLANCE: How a Court Secretly Evolved, Extending U.S. Spies’ Reach (New York Times, link):
"Previously, with narrow exceptions, an intelligence agency was permitted to disseminate information gathered from court-approved wiretaps only after deleting irrelevant private details and masking the names of innocent Americans who came into contact with a terrorism suspect. The Raw Take order significantly changed that system, documents show, allowing counterterrorism analysts at the N.S.A., the F.B.I. and the C.I.A. to share unfiltered personal information."
Background documents: • Stellarwind (pdf) • NSA-FISA: Classifications Guide (pdf) • NSA/CSS: Classification Guide (pdf)
Edward Snowden discusses NSA leaks at SXSW: 'I would do it again' (Guardian, link)
• Whistleblower patches in to Texas conference from Russia
• Snowden insists leaks have strengthened national security
EU-UK-GCHQ-USA-NSA: DATA SURVEILLANCE: Edward Snowden's testimony to the European Parliament inquiry and Q & A session transcript (pdf)
"I believe that suspicionless surveillance not only fails to make us safe, but it actually makes us less safe. By squandering precious, limited resources on "collecting it all," we end up with more analysts trying to make sense of harmless political dissent and fewer investigators running down real leads. I believe investing in mass surveillance at the expense of traditional, proven methods can cost lives, and history has shown my concerns are justified."
"“One of the foremost activities of the NSA's FAD, or Foreign Affairs Division, is to pressure or incentivize EU member states to change their laws to enable mass surveillance. Lawyers from the NSA, as well as the UK's GCHQ, work very hard to search for loopholes in laws and constitutional protections that they can use to justify indiscriminate, dragnet surveillance operations that were at best unwittingly authorized by lawmakers. These efforts to interpret new powers out of vague laws is an intentional strategy to avoid public opposition and lawmakers’ insistence that legal limits be respected, effects the GCHQ internally described in its own documents as "damaging public debate”
Snowden: NSA pressures EU members to change laws (New Europe, link) and Edward Snowden wants asylum in EU (euobserver, link)
The EP plenary session will discuss (Tuesday) and consider amendments (vote Wednesday): Report on the US NSA surveillance programme, surveillance bodies in various Member States and their impact on EU citizens’ fundamental rights and on transatlantic cooperation in Justice and Home Affairs (pdf): Rapporteur: Claude Moraes MEP
USA: The Inverse of Oversight: CIA Spies On Congress (The Intercept, link): "In the wake of an explosive new allegation that the CIA spied on Senate intelligence committee staffers". See: Senator's Press release (link) and Probe: Did the CIA spy on the U.S. Senate? (link):
"The CIA Inspector General’s Office has asked the Justice Department to investigate allegations of malfeasance at the spy agency in connection with a yet-to-be released Senate Intelligence Committee report into the CIA’s secret detention and interrogation program, McClatchy has learned. The criminal referral may be related to what several knowledgeable people said was CIA monitoring of computers used by Senate aides to prepare the study."
UK-GCHQ: Yahoo webcam images from millions of users intercepted by GCHQ (Guardian, link)
• Optic Nerve program collected Yahoo webcam images in bulk
• 1.8m users targeted by UK agency in six-month period alone
• Yahoo: 'A whole new level of violation of our users' privacy'
• Material included large quantity of sexually explicit images
See Full document (pdf)
and: GCHQ's cover for Optic Nerve provided by legislation introduced in 2000 - Section 8 of the Regulation of Investigatory Powers Act permits GCHQ to perform indiscriminate trawls of external data (Guardian, link) and se also: Statewatch coverage: Interception Commissioner fails to report on Section 8(4) certificates authorising GCHQ's mass data collection
UK-GCHQ: DATA SURVEILLANCE: How Covert Agents Infiltrate the Internet to Manipulate, Deceive, and Destroy Reputations (The Intercept, link): "One of the many pressing stories that remains to be told from the Snowden archive is how western intelligence agencies are attempting to manipulate and control online discourse with extreme tactics of deception and reputation-destruction".and
"These GCHQ documents are the first to prove that a major western government is using some of the most controversial techniques to disseminate deception online and harm the reputations of targets. Under the tactics they use, the state is deliberately spreading lies on the internet about whichever individuals it targets, including the use of what GCHQ itself calls “false flag operations” and emails to people’s families and friends. Who would possibly trust a government to exercise these powers at all, let alone do so in secret, with virtually no oversight, and outside of any cognizable legal framework?"
See document: GCHQ: The ART of DECEPTION: Training for a new generation of online covert operations (3MB, pdf)
UK-USA: DATA SURVEILLANCE: MIRANDA DETENTION: Here’s David Miranda’s application to the Court of Appeal – drafted by Matthew Ryder QC and Edward Craven of Matrix Chambers – for permission to appeal against today’s Administrative Court judgment. The court today dismissed his judicial review challenge to his questioning and detention last August under Schedule 7 of the Terrorism Act 2000.
UK Court: David Miranda Detention Legal Under Terrorism Law (The Intercept, link):
"A British lower court has ruled that London police acted lawfully in employing an anti-terror statute to detain and interrogate David Miranda for nearly nine hours at Heathrow Airport last summer, even while recognizing that the detention was “an indirect interference with press freedom.”
IMiranda said his suit will continue. “I will appeal this ruling, and keep appealing until the end, not because I care about what the British government calls me, but because the values of press freedom that are at stake are too important to do anything but fight until the end,” he said in a statement to The Intercept."
Full-text of court decision (pdf)
EU-USA: DATA PROTECTION: European Data Protection Supervisor (EDPS): EDPS: Enforcing EU data protection law essential for rebuilding trust between EU-US (Press release, pdf) and Opinion (pdf):
"Peter Hustinx, EDPS, said: "The rights of EU citizens to the protection of their privacy and personal information are enshrined in EU law. The mass surveillance of EU citizens by US and other intelligence agencies disregards these rights. As well as supporting a privacy act in the USA, Europe must insist on the strict enforcement of existing EU legislation, promote international privacy standards and swiftly adopt the reform of the EU data protection Regulation. A concerted effort to restore trust is required. " who also comments:
"It is... essential that progress is made quickly to thwart the attempts serving political and economic interests to restrict the fundamental rights to privacy and data protection."
EU-UK-USA: DATA SURVEILLANCE: European Parliament: Consolidated report after the vote in the LIBE Committee on 12 February 2014: Report on the US NSA surveillance programme, surveillance bodies in various Member States and their impact on EU citizens’ fundamental rights and on transatlantic cooperation in Justice and Home Affairs (pdf): Rapporteur: Claude Moraes MEP. The full Parliament will vote on the resolution on 12 March in Strasbourg.
UK-USA: DATA SURVEILLANCE: ‘Why Have You Gone to Russia Two Times in Three Months?’—Heathrow Customs Agent Interrogates Snowden Lawyer (The Dissenter, link)
GCHQ-NSA: DATA SURVEILLANCE: Snowden Documents Reveal Covert Surveillance and Pressure Tactics Aimed at WikiLeaks and Its Supporters (The Intercept, link)
"The system used by GCHQ to monitor the WikiLeaks website – codenamed ANTICRISIS GIRL – is described in a classified PowerPoint presentation prepared by the British agency and distributed at the 2012 “SIGDEV Conference.” At the annual gathering, each member of the “Five Eyes” alliance – the United States, United Kingdom, Canada, Australia and New Zealand – describes the prior year’s surveillance successes and challenges.
In a top-secret presentation at the conference, two GCHQ spies outlined how ANTICRISIS GIRL was used to enable “targeted website monitoring” of WikiLeaks (See slides 33 and 34). The agency logged data showing hundreds of users from around the world, including the United States, as they were visiting a WikiLeaks site –contradicting claims by American officials that a deal between the U.K. and the U.S. prevents each country from spying on the other’s citizens." : Document: A new kind of SIGDEV (pdf) includes references to "Squeaky Dolphin" and GCHQ's JTRIG (Joint Threat Research Intelligence Group) and:
"A third document, from July 2011, contains a summary of an internal discussion in which officials from two NSA offices – including the agency’s general counsel and an arm of its Threat Operations Center – considered designating WikiLeaks as “a ‘malicious foreign actor’ for the purpose of targeting.” Such a designation would have allowed the group to be targeted with extensive electronic surveillance – without the need to exclude U.S. persons from the surveillance searches.": Document: SIGINT targeting scenarios (pdf)
USA-NSA: Germany, France to discuss plan to avoid US spying (Press TV, link):
"Germany and France have planned to discuss building up a European communication network to avoid data passing through the United States... Merkel has been pushing for greater email and data protection following reports about Washington’s mass surveillance program....She also added, "Above all, we'll talk about European providers that offer security for our citizens, so that one shouldn't have to send emails and other information across the Atlantic. Rather, one could build up a communication network inside Europe."
See also: U.S. now bugging German ministers in place of Merkel - report (Reuers, 23-2-14, link)
USA: The NSA’s Secret Role in the U.S. Assassination Program (Intercept, link):
"The National Security Agency is using complex analysis of electronic surveillance, rather than human intelligence, as the primary method to locate targets for lethal drone strikes – an unreliable tactic that results in the deaths of innocent or unidentified people."
UK: DON’T SPY ON US launch (link)
"The UK's intelligence services can process 21 petabytes of data per day - that's 39 billion pieces of information that could be the private data of any citizen. This mass surveillance violates your privacy and chills free speech across the globe. The current law offers little protection. We are calling for reform of the legal framework so the intelligence agencies stop spying on us."
UPDATED: EU: DATA SURVEILLANCE: European Parliament: NSA inquiry: what experts revealed to MEPs (Press release, pdf): Report adopted by the Civil Liberties Committee (LIBE): "The text, passed by 33 votes to 7 with 17 abstentions, condemns the “vast, systemic, blanket collection of personal data of innocent people, often comprising intimate personal information”, adding that “the fight against terrorism can never be a justification for untargeted, secret or even illegal mass surveillance programmes”.
The following amendment was adopted: "Compromise Amendment No 16 '20a. Calls on all EU Member States and in particular, with regard to its Resolution of 04/07/2013 and Inquiry Hearings, the United Kingdom, France, Germany, Sweden, the Netherlands and Poland to ensure that their current or future legislative frameworks and oversight mechanisms governing the activities of intelligence agencies are in line of the standards of the European Convention on Human Rights and European Union data protection legislation; calls on these Member States to clarify these allegations of mass surveillance activities , including mass surveillance of cross border telecommunications, untargeted surveillance on cable-bound communications, potential agreements between intelligence services ans telecommunication companies as regards access and exchange of personal data and access to transatlantic cables, US intelligence personnel and equipment on EU territory without oversight on surveillance operations, and their compatibility with European Union legislation: invites these National Parliaments to intensify cooperation of their intelligence oversight bodies of their national parliaments at a European level.' .
and NSA snooping: MEPs table proposals to protect EU citizens' privacy (pdf) The report will go before the plenary session on 12 March 2014. See also: LIBE: No EU-US trade deal unless fundamental rights ensured (New Europe, link) and MEPs say No to Snowden asylum in Europe (euobserver, link)
UK-GCHQ: DATA SURVEILLANCE: Snowden Docs: British Spies Used Sex and 'Dirty Tricks' (NBC News) and See: Set of GCHQ slides - JTRIG (pdf) and GCHQ 4Ds (pdf) which suggest a wider list of targets and ways of disrupting their activities: The Joint Threat Research Intelligence Group (JTRIG) focused on cyber forensics, espionage and covert operations including: the 4D's: Deny/Disrupt/Degrade/Deceive. Techniques employed are: bombarding their phones with calls, deleting their online presence, email/text friends and colleagues, blogging pretending to be a victim, "stop someones computer from working.
NETHERLANDS: DATA SURVEILLANCE: The Netherlands, not USA, gathered info from 1.8 million phone calls (Dutch News.nl, link):
"The Dutch security service was responsible for collecting information from about 1.8 million telephone calls and text messages at the end of 2012 and in early 2013, ministers have told parliament. Home affairs minister Ronald Plasterk told MPs in October the Americans were behind the tapping, after the revelations were first published in German magazine Spiegel.
However, in a two paragraph briefing on Wednesday, Plasterk and defence minister Jeanine Hennis said the information had been gathered by the Netherlands itself....the information was gathered from satellite and radio-based phone calls, messages and emails"
UK-GCHQ: DATA SURVEILLANCE: War on Anonymous: British Spies Attacked Hackers, Snowden Docs Show (NBC News, link):
"secret British spy unit created to mount cyber attacks on Britain’s enemies has waged war on the hacktivists of Anonymous and LulzSec, according to documents taken from the National Security Agency by Edward Snowden and obtained by NBC News.
The blunt instrument the spy unit used to target hackers, however, also interrupted the web communications of political dissidents who did not engage in any illegal hacking. It may also have shut down websites with no connection to Anonymous."
And see: Document (pdf)
German authorities sued over illegal spying allegations (euractiv, link)
USA: DATA SURVEILLANCE: Microsoft, Facebook, Google and Yahoo release US surveillance requests (Guardian, link)
• Tech giants turn over data from tens of thousands of accounts
• Limited disclosure part of transparency deal made last month
And: Making Surveillance a Little Less Opaque (New York Times, link): "The new rules will now allow companies to disclose the FISA orders as well as the national security letters — but, again, only in broad ranges. They can also disclose how many users were affected but not the nature of the information they turned over to the government. Simply put, the new rules will not appreciably improve the public’s understanding of the surveillance system or its ability to push back. What is clear is that government officials have not budged from their belief that Americans should simply trust them to do the right thing."
UK-USA: DATA SURVEILLANCE: David Miranda's detention: a chilling attack on journalism - When the partner of journalist Glenn Greenwald was detained at Heathrow airport last August under the Terrorism Act, MI5 were pulling the strings and knew full well that he wasn't a terrorist (Guardian, link)
And: Hackers sue German government over NSA spying (Washington Post, link)
UPDATED: Canada's WiFi Surveillance and CSEC's Non-Denial Denials (notes jrgallagher, link)
USA-NSA-CANADA: DATA SURVEILLANCE: Exclusive: CSEC used airport Wi-Fi to track Canadian travellers: Edward Snowden documents - Electronic snooping was part of a trial run for U.S. NSA and other foreign services (CBC News, link):
" top secret document retrieved by U.S. whistleblower Edward Snowden and obtained by CBC News shows that Canada's electronic spy agency used information from the free internet service at a major Canadian airport to track the wireless devices of thousands of ordinary airline passengers for days after they left the terminal.
After reviewing the document, one of Canada's foremost authorities on cyber-security says the clandestine operation by the Communications Security Establishment Canada (CSEC) was almost certainly illegal."
See document: IP Profiling Analytics & Mission Impacts (pdf)
USA: NSA: Vice-admiral Michael Rogers to take command of embattled NSA (Guardian, link)
Rogers is currently commander of navy Fleet Cyber Command
Richard Ledgett will become the NSA's new deputy director
New leaders to face ongoing fallout from Snowden disclosures
UK: Cameron says he failed to make case for mass surveillance after Snowden leaks - Files from analyst showed need to update communication laws, says PM, also claiming civil liberties must be held 'in proportion' (Guardian, link) and Australia's relations with Indonesia at stake over secret East Timor papers - Canberra blocking release of 30-year-old documents on atrocities as it seeks to rebuild ties with Jakarta, AAT told (Guardian, link)
NSA said to have spied on leaders at Danish climate summit (euobersver, link)
UPDATED: UK-GCHQ: Huge swathe of GCHQ mass surveillance is illegal, says top lawyer - Legal advice given to MPs warns that British spy agency is 'using gaps in regulation to commit serious crime with impunity' (Guardian, link). See Full-text of legal opinion (pdf)
EU-USA: EU justice chief attacks European "hypocrisy" on spying (Reuters, link): ""If the EU wants to be credible in its efforts to rebuild trust, if it wants to act as an example for other continents, it also has to get its own house in order."
Angela Merkel says US and UK snooping sows distrust (BBC News, link): "She used her inaugural address to parliament after her re-election to warn that such surveillance ultimately undermined mutual security. She also accused the UK and US of using spy agencies to gain economic advantage rather than just for security."
CoE: Parliamentary Assembly: Committee to invite Edward Snowden to debate mass surveillance with US officials (CoE, link)
UK-GCHQ: Huge swath of GCHQ mass surveillance is illegal, says top lawyer - Legal advice given to MPs warns that British spy agency is 'using gaps in regulation to commit serious crime with impunity' (Guardian, link)
EU threatens suspension of data deal with US (euractiv, link)
EU-UK-GCHQ-USA-NSA: State of surveillance: the NSA files and the global fightback (pdf) by Ben Hayes
UK-GCHQ-USA-NSA: DATA SURVEILLANCE: NBC News: Snowden docs reveal British spies snooped on YouTube and Facebook (link) with 48 page slideshow constructed by GCHQ revealing a pilot programme called "Squeaky Dolphin":
See: GCHQ slides (48 slides, pdf) and another GCHQ document: The mobile challenge (pdf): "By 2015 up to 90% of internet traffic will be accessed on mobile devices...Predicted that in 2011 mobile broadband will overtake fixed-line internet connections in the UK"
and: Angry Birds and 'leaky' phone apps targeted by NSA and GCHQ for user data (Guardian, link using different documents): US and UK spy agencies piggyback on commercial data • Details can include age, location and sexual orientation • Documents also reveal targeted tools against individual phones: "GCHQ documents use Angry Birds – reportedly downloaded more than 1.7bn times – as a case study for app data collection."
See also: Spy Agencies Tap Data Streaming From Phone Apps (New York Times, link) and slides: Analysis of Smartphones Devices - "All in a day's work" (pdf)
Obama advisor: Pipeline deals could see US spy on EU leaders (euobserver, link)
After Snowden: How vulnerable is the internet? (BBC News, link)
USA: DATA SURVEILLANCE: Tech giants reach White House deal on NSA surveillance of customer data (Guardian, link)
• Deal ends months of wrangling before secret Fisa court
• Companies can disclose more information on data turned over
USA: DATA SURVEILLANCE: Big Data and the Future of Privacy (White House Blog, link), EU justice ministers seek data security reform (DW, link), Edward Snowden tells German TV that NSA is involved in industrial espionage - Public broadcaster ARD airs interview in which whistleblower says National Security Agency is involved in industrial espionage (Guardian, link) And see: NSAs' Upstream Collection (electrospaces.net, link)
EU-USA: DATA SURVEILLANCE: European Parliament question to the Commission on USA "spying" on EU citizens: Question and answer given by High-Representative/Vice-President Ashton on behalf of the Commission (pdf): The answer from the High-Representative/Vice-President Ashton on behalf of the Commission presents the permanent contradiction for the EU: the Lisbon Treaty guarantees the right of protection of personal data while at the same time it gives each Member State the sole responsibility for national security. So unless they all agree, and the UK for one will not, a "no spying on citizens" agreement is not possible - and the USA knows this.
"according to Article 16(1) of the Treaty on the functioning of the European Union, every European citizen has the right to the protection of personal data concerning them. However, pursuant to Article 4(2) of the Treaty on the European Union, national security remains the sole responsibility of each Member State. As a consequence, it seems difficult at the stake to find appropriate measures concerning the protection of personal data in a case concerning a third country like the United States. At the moment, the EU does not intend to undertake negotiations on a ‘no-spy’ agreement with the United States."
THE EU SECURITY & INTELLIGENCE AGENCIES COOPERATION MECHANISM: Under Article 73 of the Lisbon Treaty (included in the Treaty but not in the proposed Constitution) it states:
"It shall be open to Member States to organise between themselves and under their responsibility such forms of cooperation and coordination as they deem appropriate between the competent departments of their administrations responsible for safeguarding national security "
Are EU security and intelligence agencies using the Treaty cooperation and coordination provision and if so how? Have they jointly discussed the "problems" created by the Snowden revelations?
A rare hint at the linkage between the "gatherers" (NSA, GCHQ etc) and the "users" (the security, intelligence and .law enforcement agencies) was given in a Guardian article: GCHQ and European spy agencies worked together on mass surveillance Edward Snowden papers unmask close technical cooperation and loose alliance between British, German, French, Spanish and Swedish spy agencies: A document cited by the Guardian revealed that the UK's internal security agency MI5 (Security Service) and MI6 (SIS, Secret Intelligence Service) work with GCHQ not only to extend the technical capabilities of other EU state agencies but also to advise them on how to get round their national laws:
"We [GCHQ] have been assisting the BND (along with SIS [Secret Intelligence Service] and Security Service) in making the case for reform or reinterpretation of the very restrictive interception legislation in Germany,"
USA-NSA: DATA SURVEILLANCE: PRIVACY AND CIVIL LIBERTIES OVERSIGHT BOARD: Report on the Telephone Records Program Conducted under Section 215 of the USA PATRIOT Act and on the Operations of the Foreign Intelligence Surveillance Court (238 pages, pdf)
Watchdog Report Says N.S.A. Program Is Illegal and Should End (New York Times, link): "An independent federal privacy watchdog has concluded that the National Security Agency’s program to collect bulk phone call records has provided only “minimal” benefits in counterterrorism efforts, is illegal and should be shut down."
UK-GCHQ-ECHR: Justify GCHQ mass surveillance, European court tells ministers - Judges order government to provide submission about whether spying activities violated European convention on human rights (Guardian, link)
"Ministers have been ordered to justify GCHQ's mass surveillance programmes by judges at the European court of human rights who have fast-tracked a case brought by privacy and human rights campaigners. The court in Strasbourg has told the government to provide submissions by the beginning of May about whether GCHQ's spying activities could be a violation of the right to privacy under article 8 of the European convention. Marking the case a priority, campaigners are hopeful the court will bring a ruling before the end of the year."
USA-NSA: DATA SURVEILLANCE: Watchdog Report Says N.S.A. Program Is Illegal and Should End (New York Times, link):
"An independent federal privacy watchdog has concluded that the National Security Agency’s program to collect bulk phone call records has provided only “minimal” benefits in counterterrorism efforts, is illegal and should be shut down."
USA-EU-UK-NSA-GCHQ: DATA SURVEILLANCE: Swedish FM to head new inquiry into NSA revelations (euobserver, link): "An new commission to be headed by Swedish foreign minister Carl Bildt is set to investigate the implications of the US snooping affair for the future of the internet.....The Global Commission on Internet Governance - launched at the World Economic Forum in Davos, Swizterland, this week....The project is the brainchild of two think tanks: the Centre for International Governance Innovation (CIGI) in the US and the UK’s Royal Institute of International Affairs, better known as Chatham House."
Also: Mobile phone networks challenge government over text message trawling - EE, O2, Vodafone and Three demand answers on how spies can allegedly get around UK laws using NSA's Dishfire program (Guardian, link)
USA-NSA: DATA SURVEILLANCE: US withholding Fisa court orders on NSA bulk collection of Americans' data - Justice Department refuses to turn over 'certain other' documents in ACLU lawsuit meant to shed light on surveillance practices (Guardian) and See: Letter to ACLU (pdf) Also: Human Rights Watch calls for legislation against surveillance (DW, link)
EU-USA: DATA SURVEILLANCE: Top German Prosecutor Considers NSA Investigation (Der Spiegel, link) and see European Parliament press release: Moraes on NSA reform: Obama speech may not suffice to restore EU citizens’ trust (pdf)
USA-NSA-GCHQ: DATA SURVEILLANCE: "DISHFIRE" programme retains messages for future use: NSA collects millions of text messages daily in 'untargeted' global sweep (Guardian, link): NSA extracts location, contacts and financial transactions • 'Dishfire' program sweeps up 'pretty much everything it can' • GCHQ using database to search metadata from UK numbers:
"The documents also reveal the UK spy agency GCHQ has made use of the NSA database to search the metadata of "untargeted and unwarranted" communications belonging to people in the UK. The NSA program, codenamed Dishfire, collects "pretty much everything it can", according to GCHQ documents, rather than merely storing the communications of existing surveillance targets."
"The GCHQ memo sets out in clear terms what the agency's access to Dishfire allows it to do, before handling how UK communications should be treated. .."In contrast to [most] GCHQ equivalents, DISHFIRE contains a large volume of unselected SMS traffic," it states (emphasis original). "This makes it particularly useful for the development of new targets, since it is possible to examine the content of messages sent months or even years before the target was known to be of interest."" [emphasis added] See: DISHFIRE: SMS document (8 pages, pdf)
In a "separate document", not released, concerning GCHQ Channel 4 News added that:
"A separate document reveals the extent to which GCHQ staff used Dishfire to gain information which, under British law, they would need permission to request from telecoms companies within the UK. Under American law, the NSA must delete all US-related texts from the Dishfire database, but does not do the same for UK numberds.
This gives GCHQ a vital store of information, and the documents encourage staff to use it to scope out numbers to see if they might be of interest. "You can... run queries prior to targeting a number, as the content may give you an idea of how useful the number will be," states the document."
"It also offers GCHQ the chance to pull in mobile phone data from years ago - before the person ever became a suspect: "This makes it particularly useful for development of new targets, since it is possible to examine the content of messages sent months or even years before the target was known to be of interest," the document states." [emphasis added]
USA-NSA: DATA SURVEILLANCE: Obama Speech on NSA Reform (pdf) and see: 17 January 2014: PRESIDENTIAL POLICY DIRECTIVE/PPD-28 SUBJECT: Signals Intelligence Activities (pdf)
See also: Obama presents NSA reforms with plan to end government storage of call data (Guardian, link)
• President stops short of ending controversial bulk collection
• Obama assures allied foreign leaders on NSA surveillance
• Reforms also include added Fisa court safeguards
and: ACLU Comment on President’s NSA Speech (link) and Where Does the President Stand on NSA Reform? (Quick Guide, link)
Different perspectives on proposals: New York Times (link): "even as Mr. Obama spoke eloquently of the need to balance the nation’s security with personal privacy and civil liberties, many of his reforms were frustratingly short on specifics and vague on implementation." , Washington Post (link) and Guardian (link): "NSA surveillance: American debate, British denial - Barack Obama's speech on NSA reform has paved the way for a proper evaluation of security and privacy. The UK must do the same"; Obama NSA reform proposals receive mixed reaction in Berlin (DW, link): "Senior political leaders in Berlin have welcomed US President Barack Obama's NSA speech as an important first step. But many have expressed skepticism that Washington will follow through with broad surveillance reform." Obama's NSA speech as an important first step. But many have expressed skepticism that Washington will follow through with broad surveillance reform." (Guardian, link): "Europeans were largely underwhelmed by Barack Obama's speech on limited reform of US espionage practices, saying the measures did not go far enough to address concerns over American snooping on its European allies."
UK-GCHQ-USA-NSA: DATA SURVEILLANCE: UK rejects German 'no spy' pact, report says (euobserver, link): "The UK is reportedly opposed to a no-spy pact being crafted by EU states, despite months of German-led negotiations." And see: N.S.A. Devises Radio Pathway Into Computers (New York Times, link)
USA-NSA-UK-GCHQ: NSA and GCHQ activities appear illegal, says EU parliamentary inquiry - Civil liberties committee report demands end to indiscriminate collection of personal data by British and US agencies (Guardian, link)
Also: Snowden set for EU parliament video link (euobserver, link)
EU-UK-NSA: DATA SURVEILLANCE: European Parliament: DRAFT REPORT on the US NSA surveillance programme, surveillance bodies in various Member States and their impact on EU citizens’ fundamental rights and on transatlantic cooperation in Justice and Home Affairs Committee on Civil Liberties, Justice and Home Affairs Rapporteur: Claude Moraes MEP (pdf)
"Condemns in the strongest possible terms the vast, systemic, blanket collection of the personal data of innocent people, often comprising intimate personal information; emphasises that the systems of mass, indiscriminate surveillance by intelligence services constitute a serious interference with the fundamental rights of citizens; stresses that privacy is not a luxury right, but that it is the foundation stone of a free and democratic society; points out, furthermore, that mass surveillance has potentially severe effects on the freedom of the press, thought and speech, as well as a significant potential for abuse of the information gathered against political adversaries; emphasises that these mass surveillance activities appear also to entail illegal actions by intelligence services and raise questions regarding the extra-territoriality of national laws";
UK: Interception, Intelligence and Surveillance reports: Interception Commissioner fails to report on Section 8(4) certificates authorising GCHQ's mass data collection
Tony Bunyan, Statewatch Director, comments: "The government claims that GCHQ's interception of fibre-optic cable telecommunications traffic (and of satellite communications) is lawful under under RIPA 2000 Section 8(4) certificates issued by the Foreign Secretary. These certificates grant sweeping general powers which are meant to be overseen by the Interception Commissioner who is responsible reporting on Sections 1-11 of RIPA 2000. His Report is silent on this crucial issue - this is yet another reason for a wholesale review of the role and accountability of the security and intelligence agencies in a democratic society."
• Interception warrants and modifications at all-time high • Collection of communications data ("metadata") at all-time high • Surveillance Commissioner unable to monitor all undercover police as Home Office fails to provide details of exactly which units are to be overseen
USA: NSA-ACLU: ACLU will appeal ruling that NSA bulk phone record collection is legal (Guardian, link)
• Appeal is against verdict by New York federal judge
• Federal appeals courts drawn into controversy
And see: NSA statement does not deny 'spying' on members of Congress
• Agency responds to questions from Senator Bernie Sanders
• Statement cites 'same privacy protections as all US persons'
2013
USA-NSA: DATA SURVEILLANCE: Inside TAO: Documents Reveal Top NSA Hacking Unit (Der Spiegel, link):
"The NSA's TAO hacking unit is considered to be the intelligence agency's top secret weapon. It maintains its own covert network, infiltrates computers around the world and even intercepts shipping deliveries to plant back doors in electronics ordered by those it is targeting."
Cited document: COTTONMOUTH (pdf)
See also: Shopping for Spy Gear: Catalog Advertises NSA Toolbox (Der Spiegel, link) and: NSA reportedly intercepting laptops purchased online to install spy malware (The Verge, link): "The report indicates that the NSA, in collaboration with the CIA and FBI, routinely and secretly intercepts shipping deliveries for laptops or other computer accessories in order to implant bugs before they reach their destinations. According to Der Spiegel, the NSA's TAO group is able to divert shipping deliveries to its own "secret workshops" in a method called interdiction, where agents load malware onto the electronics or install malicious hardware that can give US intelligence agencies remote access."
And: NSA Spying on Europe/Asia SEA-ME-WE-4 Undersea Telecom Cables (including document, link)
USA: METADATA COLLECTION RULING: NSA mass collection of phone data is legal, federal judge rules (Guardian, link)
• Dragnet program deemed 'controversial but lawful'
• Lawsuit brought by ACLU dismissed
Full-text of ruling (pdf) See also: Judge on NSA Case Cites 9/11 Report, But It Doesn’t Actually Support His Ruling (Pro Publica, link)
See also: NSA phone surveillance program likely unconstitutional, federal judge rules (Guardian, link)
• Dragnet 'likely' in breach of fourth amendment
• Judge describes scope of program as 'Orwellian'
• Ruling relates to collection of Americans' metadata
Full-text of ruling (pdf)
Greenwald: US, British media are servants of security apparatus (Russia Today, link): "Journalist Glenn Greenwald condemned the mainstream media during an address at a German computer conference on Friday and accused his colleagues of failing to challenge erroneous remarks routinely made by government officials around the globe. Thousands of attendees at the thirtieth annual Chaos Communication Congress in Hamburg packed into a room to watch the 46-year-old lawyer-turned-columnist present a keynote address delivered less than seven months after he started working with former National Security Agency contractor Edward Snowden."
NSA-GCHQ: The NSA's three types of cable interception programs (Washington Post, link) See also: Special Source Operations (pdf)
NSA-GCHQ: BULLRUN: Briefing Sheet (pdf) What is BULLRUN? (Wikipedia, link)
USA-NSA: New documents show how the NSA infers relationships based on mobile location data (Washington Poost, link): "Everyone who carries a cellphone generates a trail of electronic breadcrumbs that records everywhere they go. Those breadcrumbs reveal a wealth of information about who we are, where we live, who our friends are and much more. And as we reported last week, the National Security Agency is collecting location information in bulk — 5 billion records per day worldwide — and using sophisticated algorithms to assist with U.S. intelligence-gathering operations." See: Cotraveler document (pdf)
And: "In the view of the NSA, signals intelligence, or electronic eavesdropping, was a matter of life and death, “without which America would cease to exist as we know it,” according to an internal presentation" (Washington Post):NSA/CSS Mission: Provide and Protect vital information for the nation (dated 24-2-08, pdf)
UK-USA: DATA SURVEILLANCE: Surveillance: complacency, secrecy –Britain's great vices: Democracy's real responses to state surveillance begin on the streets where we live, where we wake up, calculate the risks, and insist on having our say (Observer Editorial, link):
"the two worlds of DC and Cheltenham intersect at last. There is no absolute security, just as there are no definitive reforms. There is always desperate peril to secrecy. Horrible things happen when nobody knows. Exaggeration – about everything from terrorist threats to budget cuts – is endemic behind closed doors. Perhaps America, in the decade after 9/11, has feared and promised too much. But certainly Britain, drifting in a haze of conspiratorial chappishness, has changed far too little. The answer to both ailments is out there for us all to register. It is what we expect, what we understand and demand, that matters most. This secret world is our world, too. Democracy's real responses begin on the streets where we live, where we wake up, calculate the risks, and insist on having our say."
MULTINATIONAL SURVEILLANCE & DISRUPTION: 12 Corporate Espionage Tactics Used Against Leading Progressive Groups, Activists and Whistleblowers - Corporate spies for Dow, Kraft and others have tried to discredit, shame and infiltrate civic groups using an array of dirty tricks (link) and see: Report (pdf): "“Posing as volunteers. Stealing documents. Dumpster diving. Planting electronic bugs. Hacking computers. Tapping phones and voicemail. Planting false information. Trailing family members. Threatening reporters. Hiring cops, CIA officers and combat veterans to do all these dirty deeds—and counting on little pushback from law enforcement, mainstream media or Congress.”
USA: DATA SURVEILLANCE: Apple, Google, Microsoft and more demand sweeping changes to US surveillance laws - AOL, Twitter, Yahoo, Microsoft, Facebook, Google, Apple and LinkedIn to call for reforms to restore the public's trust in the internet (Guardian, link) Link to: Global Government Surveillance Reform
See also: Snowden to make video appearance at EU parliament (euobserver, link) and Amnesty to take legal action against UK security services Human rights group says it is 'highly likely' its emails and phone calls have been intercepted by British intelligence (Guardian, link)
ITALY-NSA: DATA SURVEILLANCE: Revealed: How the Nsa Targets Italy (L'Expresso, link):
"A special unit operating under cover and protected by diplomatic immunity, assigned to a very sensitive mission: to spy on the communication of the Italian leadership. That is what top secret documents leaked by Edward Snowden and published in Italy exclusively by l'Espresso in collaboration with "la Repubblica" reveal. A file mentions the "Special Collection Service " (SCS) sites in Rome and in Milan, the very same service which, according to the German weekly "Der Spiegel ", spied on the mobile phone of the German Chancellor, Angela Merkel....The Special Collection Service is likely one of the most sensitive units in U.S. intelligence. The service deploys teams under diplomatic cover, operating in US embassies around the world to control friendly and enemy governments." See: Close Access SIGADS - Italy (pdf) and SCS: Global Special Collection Centres (pdf)
And: The Guardian: Special supplement on Snowden-NSA-GCHQ (link)
USA-NSA: DATA SURVEILLANCE: NSA tracking cellphone locations worldwide, Snowden documents show (Washington Post, link):
"The National Security Agency is gathering nearly 5 billion records a day on the whereabouts of cellphones around the world, according to top-secret documents and interviews with U.S. intelligence officials, enabling the agency to track the movements of individuals — and map their relationships — in ways that would have been previously unimaginable."
See also: How the NSA is tracking people right now (pdf) And see: Example of current records (pdf): Note transfer to MARINA:.Marina is the primary storage and analysis tool for “metadata.”
EU-UK-USA: DATA SURVEILLANCE: European Parliament inquiry: Programme for inquiry meeting 5 December 2013 (pdf) and Working Document from AFET (pdf)
UK: GCHQ: Alan Rusbridger and the home affairs select committee: the key exchanges - Guardian's editor-in-chief tells MPs that the publication of NSA files leaked by Edward Snowden was in the public interest (Guardian, link)
and UK-GCHQ: MPs ask MI5 boss to justify claim that NSA leaks endangered national security - Keith Vaz, chairman of home affairs select committee, says spy chief Andrew Parker has been summoned to give evidence (Guardian, link)
AUSTRALIA:: Revealed: Australian spy agency offered to share data about ordinary citizens (Guardian, link)
• Secret 5-Eyes document shows surveillance partners discussing what information they can pool about their citizens
• DSD indicated it could provide material without some privacy restraints imposed by other countries such as Canada
• Medical, legal or religious information 'not automatically limited'
• Concern that intelligence agency could be 'operating outside its legal mandate'
UN: EU-UK-USA: DATA SURVEILLANCE: Edward Snowden revelations prompt UN investigation into surveillance - UN's senior counter-terrorism official says revelations 'are at the very apex of public interest concerns' (Guardian, link) and see:
It's outrageous to accuse the Guardian of aiding terrorism by publishing Snowden's revelations - Alan Rusbridger is being grilled by MPs – but he has published nothing that could be a threat to national security(Guardian link) article by Ben Emmerson.
USA-NSA-CANADA: NSA G8-G20 Summit SIGINT Directive (pdf) See also: Exclusive: New Snowden docs show U.S. spied during G20 in Toronto - Surveillance during 2010 summit 'closely co-ordinated with Canadian partner' CSEC (CBC News, link)
EU-UK-USA: DATA SURVEILLANCE: What now for the surveillance state? Even GCHQ and the NSA know their work may not be sustainable without a proper debate about their power (Guardian, link): Guardian Editor, Alan Rusbridger:
CANADA: DATA SURVEILLANCE: How CSEC became an electronic spying giant (Globe and Mail, Canada, link): "It is known as “Camelot,” and it is believed to be among the most expensive government buildings Canada has ever built. Next year, the analysts, hackers and linguists who form the heart of Communications Security Establishment Canada are expected to move from their crumbling old campus in Ottawa to a gleaming new, $1-billion headquarters." And: Read a CSEC document that was first acquired by Edward Snowden (link): "In early 2012, Communications Security Establishment Canada analyzed telecommunications flows surrounding Brazil’s Ministry of Mines and Energy. The ministry was described by CSEC as “a new target to develop.” Codenamed “Olympia,” the suite of analytic tools used by CSEC to parse the ministry’s telephone and Internet use was the subject of a presentation made to allied intelligence analysts inside the United States.
USA: DATA SURVEILLANCE: 32 Privacy Destroying Technologies That Are Systematically Transforming America Into A Giant Prison (The Truth, link):
"If you live in the United States, you live in a high tech surveillance grid that is becoming more oppressive with each passing day. In America today, the control freaks that run things are completely obsessed with watching, tracking, monitoring and recording virtually everything that we do. If we continue on the path that we are currently on, we will be heading into a future where there will be absolutely no privacy of any kind. In fact, many would argue that we are essentially there already."
EU-USA: DATA SURVEILLANCE: European Parliament inquiry: Programme 2 December 2013 (pdf) and see: NSA leaks: former DPP calls for more scrutiny of UK's security services - Lord Macdonald says that ISC 'needs more power, cash and opposition chair' (Guardian, link)
EU-USA: DATA SURVEILLANCE: EU-USA Working Group report published: Existence of PRISM confirmed by USA and also the blanket powers to place under surveillance non-US people including the "the political activities of individuals or groups" : Report on the findings by the EU Co-chairs of the ad hoc EU-US Working Group on Data Protection (released 28.11.13, pdf) among its findings are:
"Under US law, a number of legal bases allow large-scale collection and processing, for foreign intelligence purposes, including counter-terrorism, of personal data that has been transferred to the US or is processed by US companies. The US has confirmed the existence and the main elements of certain aspects of these programmes, under which data collection and processing is done with a basis in US law that lays down specific conditions and safeguards. Other elements remain unclear, including the number of EU citizens affected by these surveillance programmes and the geographical scope of surveillance programmes under Section 702."
Section 702 of the Foreign Intelligence Surveillance Act of 1978 (FISA) (as amended by the 2008 FISA Amendments Act, 50 U.S.C. § 1881a) allows the collection of personal data from non-US people.
"Under Section 702, information is obtained "from or with the assistance of an electronic communication service provider". This can encompass different forms of personal information (e.g. emails, photographs, audio and video calls and messages, documents and internet browsing history) and collection methods, including wiretaps and other forms of interception of electronically stored data and data in transmission.
The US confirmed that it is under Section 702 that the National Security Agency (NSA) maintains a database known as PRISM. This allows collection of electronically stored data, including content data, by means of directives addressed to the main US internet service providers and technology companies providing online services, including, according to classified documents disclosed in the press but not confirmed by the US, Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Apple, Skype and YouTube.
and:
The US also confirmed that Section 702 provides the legal basis for so-called "upstream collection"; this is understood to be the interception of Internet communications by the NSA as they transit through the US 1 (e.g. through cables, at transmission points).
Section 702 does not require the government to identify particular targets or give the Foreign Intelligence Surveillance Court (hereafter 'FISC') Court a rationale for individual targeting. Section 702 states that a specific warrant for each target is not necessary."
and
"Foreign intelligence could, on the face of the provision, include information concerning the political activities of individuals or groups, or activities of government agencies, where such activity could be of interest to the US for its foreign policy." [emphasis added]
EU commissioner under fire over response to US spy allegations (euobserver, link)
CANADA-USA: DATA SURVEILLANCE: Exclusive: New Snowden docs show U.S. spied during G20 in Toronto - Surveillance during 2010 summit 'closely co-ordinated with Canadian partner' CSEC (CBC News, link)
"Top secret documents retrieved by U.S. whistleblower Edward Snowden show that Prime Minister Stephen Harper's government allowed the largest American spy agency to conduct widespread surveillance in Canada during the 2010 G8 and G20 summits. The documents are being reported exclusively by CBC News.
The briefing notes, stamped "Top Secret," show the U.S. turned its Ottawa embassy into a security command post during a six-day spying operation by the National Security Agency while U.S. President Barack Obama and 25 other foreign heads of government were on Canadian soil in June of 2010.
The covert U.S. operation was no secret to Canadian authorities. An NSA briefing note describes the American agency's operational plans at the Toronto summit meeting and notes they were "closely co-ordinated with the Canadian partner."
USA-UK-GCHQ: DATA SURVEILLANCE: Five Eyes, 9-Eyes and many more (electrospaces.net, link) and
UN advances surveillance resolution reaffirming 'human right to privacy' (Guardian, link)
• Draft goes ahead despite US and UK concerns over language
• Inquiry possible into impact of excessive government spying
EU-USA: Reports and press releases on USA surveillance and rebuilding "trust":
- Commission Press release: EU-US agreements: Commission reports on TFTP and PNR (pdf)
- Commission Press release: European Commission calls on the U.S. to restore trust in EU-U.S. data flows (pdf)
- Commission Communication: Rebuilding Trust in EU-US Data Flows (COM 846-13, pdf)
- Press release: European Commission calls on the U.S. to restore trust in EU-U.S. data flows (pdf)
USA SURVEILLANCE: Top-Secret Document Reveals NSA Spied On Porn Habits As Part Of Plan To Discredit 'Radicalizers' (Huffington Post, link)
UK-USA: DATA SURVEILLANCE: Privacy International report: Eyes Wide Open (link):
For almost 70 years, a secret post-war alliance of five English-speaking countries has been building a global surveillance infrastructure to “master the internet” and spy on the worlds communications. This arrangement binds together the US, UK, Canada, Australia, and New Zealand to create what’s collectively known as the Five Eyes.
EU to review ‘safe harbour’ data privacy rule for US companies (Financial Times, link):
"The EU will review a key provision in its data protection rules that US technology companies have relied on to move data across borders without European oversight, in a sign of more fallout from the spying scandal sparked by US whistleblower Edward Snowden."
EU-USA: TRADE TALKS: Leaked document shows EU fear of inferiority in US trade talks (euractiv) and Issues paper Communicating on TTIP - Areas for cooperation between the Commission services and Member States (Notak, link) plus see: Issues paper Communicating on TTIP – Areas for cooperation between the Commission services and Member States (pdf)
EU: DATA SURVEILLANCE BY SECURITY & INTELLIGENCE AGENCIES: Article 10 of the Convention includes the right of access to data held by an intelligence agency (Media report, link):
"In its judgment of 25 June 2013 in the case of Youth Initiative for Human Rights v. Serbia the European Court of Human Rights has recognised more explicitly than ever before the right of access to documents held by public authorities, based on Article 10 of the Convention (right to freedom of expression and information). The judgment also recognises the importance of NGOs acting in the public interest. The judgment contains a particularly important statement by the Court unambiguously reaffirming that in Europe security services and intelligence agencies are to respect the European Convention of Human Rights. The Court ordered the information held by the Serbian Intelligence Agency to be made accessible for the applicant NGO."
See: Judgment: Full-text (pdf)
New NSA leak reveals invasion of the management consultants - Spookhaus documents infested with the very worst corporate-speak imaginable (The Register, link)
USA-NSA-UK: DATA SURVEILLANCE: Digital “Sleeper Cells”: NSA Infects More Than 50,000 Computer Networks Worldwide With Malware “Implants” (link) and see Chart: Worldwide SIGINT/Defense Cryptologic Platform (jpg) which sets out the global "Classes of Accesses" including 50,000 "implants", 16 of the 20 "Covert, Clandestine or Cooperative" world-wide accesses to high speed optical cables, 80+ SCS (Special Collections Service) embassy/mission-based spying centres, and FORNSAT (foreign satellite collection). The "double-bubble" over the UK indicates both interception of high speed optical cables and well as satellite collection by GCHQ Cheltenham and Bude and the US base in Menwith Hill, Yorkshire.
USA: NSA DATA SURVEILLANCE: NSA Report Outlined Goals for More Power (New York Times, link): "Officials at the National Security Agency, intent on maintaining its dominance in intelligence collection, pledged last year to push to expand its surveillance powers, according to a top-secret strategy document.
In a February 2012 paper laying out the four-year strategy for the N.S.A.’s signals intelligence operations, which include the agency’s eavesdropping and communications data collection around the world, agency officials set an objective to “aggressively pursue legal authorities and a policy framework mapped more fully to the information age.”
See SIGINT Strategy: 2012-2016, 23 February 2012 (pdf)
USA-NSA: DATA SURVEILLANCE: NSA infected 50,000 computer networks with malicious software (nrc.nl, link). See also: Britain's GCHQ Hacked Belgian Telecoms Firm (Die Spiegel, link) and U.S. spy network’s successes, failures and objectives detailed in ‘black budget’ summary (link) plus $52.6 billion budget (link)
Catching up: back stories
- NZ police affidavits show use of PRISM for surveillance (ItNews, NZ, link), See also Disclosure Affadavit (pdf) and 2nd version (psd)
- 'Project 6': CIA Spies Operating in the Heart of Germany (De Spiegel, link) "For years, intelligence services from the US and Germany conducted a secret project on German soil. Together, they developed a counter-terrorism database -- with even a journalist coming under suspicion."
- Revealed: How Australia spies on its neighbours (The Age, link)
- The NSA's intern inquiry about the Elysée hacking revealed (Le Monde, Technologies, link)
- NSA chief’s admission of misleading numbers adds to Obama administration blunders (Washington Times, link)
- Exclusive: U.S. directs agents to cover up program used to investigate Americans (Reuters, link)
- Sweden sits on pipeline of intelligence 'gold' (The Local, link)
USA: NSA DATA SURVEILLANCE: NSA Report Outlined Goals for More Power (New York Times, link): "Officials at the National Security Agency, intent on maintaining its dominance in intelligence collection, pledged last year to push to expand its surveillance powers, according to a top-secret strategy document.
In a February 2012 paper laying out the four-year strategy for the N.S.A.’s signals intelligence operations, which include the agency’s eavesdropping and communications data collection around the world, agency officials set an objective to “aggressively pursue legal authorities and a policy framework mapped more fully to the information age.”
See SIGINT Strategy: 2012-2016, 23 February 2012 (pdf)
USA-NSA: DATA SURVEILLANCE: NSA infected 50,000 computer networks with malicious software (nrc.nl, link). See also: Britain's GCHQ Hacked Belgian Telecoms Firm (Die Spiegel, link) and U.S. spy network’s successes, failures and objectives detailed in ‘black budget’ summary (link) plus $52.6 billion budget (link)
UK-USA: DATA SURVEILLANCE: US and UK struck secret deal to allow NSA to 'unmask' Britons' personal data: Guardian, link)
• 2007 deal allows NSA to store previously restricted material
• UK citizens not suspected of wrongdoing caught up in dragnet
• Separate draft memo proposes US spying on 'Five-Eyes' allies
Documents show Blair government let US spy on Britons (Channel 4 News, link) and: Watchdog demands GCHQ report on NSA's UK data storage Intelligence and security committee chair Sir Malcolm Rifkind seeks explanation of deal that allowed US to 'unmask' Britons (Guardian, link)
UKUSA-AGREEMENT: "Five-Eyes" agreement: UKUSA Agreement Release 1940-1956 (link) Contains a wealth of background
USA-NSA: ICELAND-GERMANY: DATA SURVEILLANCE: NSA surveillance hinders Iceland's attempts to be a haven for free speech - 'It is obvious that it doesn’t matter if we have the best source protection laws in the world,' says Icelandic MP (Guardian, link) plus German MPs complain about NSA silence on Angela Merkel hacking National Security Agency accused of showing 'reluctance to speak plainly' about allegations that chancellor's phone was hacked (Guardian, link)
and see: Corporations increasingly spying on nonprofits, group says (Los Angeles Times, link)
NORWAY-USA: DATA SURVEILLANCE: Norway denies NSA collaboration – but admits to snooping on phone calls - Military intelligence chief responds to claims that 33 million Norwegian phone calls had been monitored by the NSA (Guardian, link) and NSA targets Norway mobile calls (euobserver, link)
NSA: DATA SURVEILLANCE: Declassified Documents: NSA Wanted To Collect Geolocation Data (Der Spiegel, link) and: DNI Clapper Declassifies Additional Intelligence Community Documents Regarding Collection Under Section 501 of the Foreign Intelligence Surveillance Act (link) and "Exploring the Possibility of Acquiring Such Mobility Data' (pdf)
See also: Indonesia halts co-operation on people smuggling in phone tapping row Susilo Bambang Yudhoyono demands explanation – Tony Abbott says he will reply 'swiftly, fully and courteously' (Guardian, link)
AUSTRALIA-INDONESIA-NSA: DATA SURVEILLANCE: The NSA scandal has detonated in Australia - we can no longer look away - We grant intelligence agencies extraordinary powers to go after violent extremists. But since when did the president of Indonesia, or Germany's chancellor, join this company? (Guardian, link)
and: Australia: 3G surveilance in Asia (pdf), Australia's spy agencies targeted Indonesian president's mobile phone Secret documents revealed by Edward Snowden show Australia tried to monitor the mobile calls of Susilo Bambang Yudhoyono and his wife (Guardian. link)
Plus: NSA grapples with huge increase in records requests (USA Today, link): "Americans are inundating the NSA with open-records requests, leading to an 888% increase in such inquiries in the past fiscal year. Anyone asking is getting a standard pre-written letter saying the NSA can neither confirm nor deny that any information has been gathered." and Exclusive: Surveillance technology out of control, says Lord Ashdown - Former Lib Dem leader says it is time for high-level inquiry to address fundamental questions about privacy in 21st century (Guardian, link) and German MPs complain about NSA silence on Angela Merkel hacking National Security Agency accused of showing 'reluctance to speak plainly' about allegations that chancellor's phone was hacked (Guardian, link)
USA-NSA: DATA SURVEILLANCE: Court order that allowed NSA surveillance is revealed for first time Fisa court judge who authorised massive tapping of metadata was hesitant but felt she could not stand in the way (Guardian, link)
EU-USA: DATA SURVEILLANCE: Give Snowden Asylum in Germany (New York Times, link): by Malte Spitz a Green Party politician and a privacy activist. Hans-Christian Ströbele is a Green Party member of the Bundestag and serves on the intelligence committee:
"We demand an immediate change in the government’s policy. Edward Snowden should be given a safe residence in Germany or in another democratic European country and be allowed to stay permanently if he wants to." and:
"The spying goes on" (Security Times, link, Hans-Christian Ströbele is a Green Party member of the Bundestag, see page 6)
EU-USA: EU-USA Justice and Home Affairs Ministerial meeting: 18 November in Washington, DC (pdf): The meeting will discuss both "Umbrella" Data Protection Agreement, stalled since the spring of 2011, and the "ad hoc EU-US working group" on USA data surveillance of the EU:
"Vice-President Viviane Reding said ahead of the meeting: "There have been more than 15 negotiating rounds. But one fundamental issue has not yet been resolved: a meaningful agreement has to give European citizens concrete and enforceable rights, notably the right to judicial redress. Every U.S. citizen in the European Union already enjoys this right, irrespective of whether he or she is resident in the EU. But European citizens who are not resident in the U.S. do not enjoy this right. It is important that a European boarding a plane in Rome or searching the web from his home in Germany has a right of judicial redress in the U.S. whenever their personal data are being processed in the U.S."
UK-AUSTRALIA: DATA SURVEILLANCE: Threat from NSA leaks may have been overstated by UK, says Lord Falconer Ex-lord chancellor defends Guardian reporting of Snowden files and says he's sceptical of warnings from spy agency chiefs (Guardian, link) and Also: Belgian and Dutch data protection agencies to investigate Swift security (Finextra, link)
and: Australia: 3G surveilance in Asia (pdf), Australia's spy agencies targeted Indonesian president's mobile phone Secret documents revealed by Edward Snowden show Australia tried to monitor the mobile calls of Susilo Bambang Yudhoyono and his wife (Guardian. link)
Plus: Fibre optic cable networks from which metadata can be scooped up: Submarine Cable Map (link)
EP: DATA SURVEILLANCE INQUIRY: 18 November 2013: Strasbourg: The extent of national competence as regards internal security (pdf) by Professor Steve Peers and Poland: Adam Bodnar (pdf)
EU-USA: DATA SURVEILLANCE: Passively 'Sniffing' Data: How Mobile Network Spying Works (Der Spiegel, link): "British intelligence agency GCHQ has been targeting mobile phone company networks. Telecoms security expert Philippe Langlois explains what they can find this way, and how users can protect themselves from such snooping." and 'Royal Concierge': GCHQ Monitors Hotel Reservations to Track Diplomats (Der Spiegel, link). See also: New York Times backs the Guardian over Snowden leaks (Guardian, link) and Greenwald: “Many, Many, Many More Significant Documents About Canadian Surveillance and Partnership with NSA Will Be Reported” (link)
Plus: Media from Europe to US face new, sometimes uncomfortable tests revealing NSA spy documents (Washington Post. link) and European, US Media Face New Tests With NSA Spying (Huff Post, link)
UK: DATA SURVEILLANCE: Counter-terror chief renews fight for 'snooper's charter' - Charles Farr tells MPs that public's data was never collected by GCHQ and claims Snowden leaks damaged GCHQ's work (Guardian, link): "The Home Office's head of counter-terrorism has revived his fight to secure the return of the "snooper's charter" legislation, insisting that the government's spy listening centre GCHQ has never collected the communications data required by Britain's police and security services under the ditched bill." and
Oil Espionage: How NSA and GCHQ Spied on OPEC (Leaksource, link): "America's NSA and Britain's GCHQ are both spying on the OPEC oil cartel, documents from whistleblower Edward Snowden reveal. The security of the global energy supply is one of the most important issues for the intelligence agencies. Documents disclosed by whistleblower Edward Snowden reveal that both America's National Security Agency (NSA) and Britain's Government Communications Headquarters..."
EU-USA: DATA SURVEILLANCE: Jim Sensenbrenner takes NSA reform case to European parliament - Wisconsin congressman attends meeting of EU civil liberties committee and labels Feinstein reform proposals 'scary' (Guardian, link), The personal data protection from the US perspective (New Europe, link) and Tech giants plead innocence to MEPs on US snooping (euobserver, link) See also: John Kerry: world leaders have been understanding about NSA leaks US secretary of state says foreign governments understand that Barack Obama did not order all phone and internet surveillance (Guardian, link)
European Parliament Press Releases: NSA has no direct access to customers' data, IT firms tell MEPs (pdf) and NSA inquiry: EP should rethink data transfer
deals with the US, experts say (pdf)
Council of Europe: Speech by Nils Muižnieks, Council of Europe Commissioner for Human Rights: “Freedom of expression and democracy in the digital age - Opportunities, rights, responsibilities” (pdf):
"restrictions to media freedom on grounds of national security emerge as a particularly serious one, as we have seen following the recent disclosure of the US
and UK mass surveillance programmes. The US intelligence agency, NSA, and its British counterpart, GCHQ, target encryption techniques that are used by Internet
services such as Google, Facebook and Yahoo, making them vulnerable to surveillance. States, of course, have a duty to ensure security within their borders, and
in doing so they can undertake the secret surveillance of individuals who can pose a threat. But if they do not do this properly, they risk undermining or even destroying the same democracy they are purporting to defend. To stem this risk, states and private companies must develop surveillance policies that respect human rights. Spying on individuals on a massive scale, without strict legal rules and democratic oversight, can have adverse effects on freedom of expression by provoking a chilling effect on investigative journalists and activists who might fear exposing their sources."
UK: DATA SURVEILLANCE: Spy agency revelations: Tory peer urges 'defenders of liberty' to speak out - John Gummer, now Lord Deben, says left and right should worry about terrorism being used as an excuse to curtail freedom (Guardian, link):
"freedom means you have to be constantly on your guard against those who use terrorism and the need to defend against it as an excuse for actions which are manifestly unacceptable," he said."
See also: Quantum Spying: GCHQ Used Fake LinkedIn Pages to Target Engineers (Spiegel Online, link): "Elite GCHQ teams targeted employees of mobile communications companies and billing companies to gain access to their company networks. The spies used fake copies of LinkedIn profiles as one of their tools." and Part 2: GCHQ Wants To Make Mobile Web an All-Seeing Surveillance Machine (Spiegel Online, link)
See also: Facebook statement to the European Parliament inquiry into surveillance (pdf)
And: NSA leaks: Theresa May says editors 'should recognise their responsibilities' - Home secretary follows cabinet colleagues in criticising newspapers over stories based on Edward Snowden revelations (Guardian, link)
USA-NSA: DATA SURVEILLANCE: Why NSA's war on terror is more than just a 'neat' hacking game - Edward Snowden's revelations show how British and US spies have compromised e-commerce and civil liberties with a series of clever coding stunts (Observer, link)
UK-GCHQ-MI5-MI6: LIBERTY NEWS: A grilling that wouldn’t have scared a puppy (link): "As feared, yesterday’s “grilling” consisted of friendly and open-ended questions – resulting in few specific answers and barely anything not already on the public record. These public servants have presided over blanket surveillance of the entire population without public, parliamentary or democratic mandate. But Parliament’s response yesterday was woeful. There was also an odd, circular feel to proceedings with questions about accountability met by repeated statements about oversight by the Committee – despite the fact that little of substance was discussed."
and see: Guardian editor Alan Rusbridger to be questioned by MPs over NSA leaks Rusbridger to appear before home affairs select committee after claims that revelations were damaging national security (Guardian, link) and What is Tor? A beginner's guide to the privacy tool: The anonymity software has sparked controversy but who built it, what is it used for, what browser does it use – and why is the NSA so worried by it? (Guardian, link)
Council of Europe: UK-GCHQ-USA: DATA SURVEILLANCE: UK objects to attempt by Council of Europe to examine online spying - Foreign Office delays publication of declaration by 47-member human rights watchdog on gathering electronic data (Guardian, link):
"Britain is delaying the publication of a declaration on internet freedom by the 47 members of Europe's human rights watchdog after objecting to a probe into the gathering of "vast amounts of electronic data" by intelligence agencies.
In a sign of Britain's determination to protect the work of GCHQ and other intelligence agencies, the government is declining to endorse a political declaration by the Council of Europe that could limit the ability of "security agencies" to gather electronic data."
See: Council of Europe: Political Declarations and Resolutions, 8 November 2013 (pdf), para 10
EU: DATA SURVEILLANCE: Ex-MI5 and MI6 legal chief says UK should adopt French oversight model - David Bickford rejected wholesale law changes but says judges better placed than ministers to authorise intelligence operations (Guardian, link)
UK: DATA SURVEILLANCE: Two takes on UK spy chiefs presentation to parliament: UK intelligence work defends freedom, say spy chiefs (BBC News, link) and UK spy chiefs defend mass-snooping on Europeans (euobserver, link)
USA: DATA SURVEILLANCE: CIA Is Said to Pay AT&T for Call Data (New York Times, link): “The C.I.A. is paying AT&T more than $10 million a year to assist with overseas counterterrorism investigations by exploiting the company’s vast database of phone records, which includes Americans’ international calls, according to government officials… The C.I.A. supplies phone numbers of overseas terrorism suspects, and AT&T searches its database and provides records of calls that may help identify foreign associates, the officials said. The company has a huge archive of data on phone calls, both foreign and domestic, that were handled by its network equipment, not just those of its own customers.”
UK-USA: DATA SURVEILLANCE: The Miranda detention hearing: "ARTICLE 19, English PEN and the Media Legal Defence Initiative have submitted a brief to the UK High Court as an intervention in the case of David Miranda, media worker and partner of Glenn Greenwald, a prominent journalist. The brief argues that his detention and the seizure of information he was carrying, provided by whistleblower Edward Snowden, was unlawful under international law protecting freedom of expression." See joint submission:Joint Submission to hearing (pdf)
and see: David Miranda detention based on legitimate concerns, court told - Police wanted to know how encrypted files were arranged as they feared release of all Snowden material, lawyers argue (Guardian, link): "Justification for controversial port stops under schedule 7 of the Terrorism Act 2000 – under which around 60,000 passengers a year are questioned – emerged during David Miranda's legal challenge of his detention at Heathrow airport.... Mr Justice Ouseley, one of three judges considering the case, intervened to comment: "Just as well it was not in force during world war two, it might have applied to the French Resistance.""
UK-GCHQ: DATA SURVEILLANCE: Cyprus: the home of British/American Internet surveillance in the Middle East (link) by Nicky Hager and Stefania Maurizi:
"British and US Internet surveillance in the Middle East and surrounding regions occurs from a secret base on the island of Cyprus, as l'Espresso, the German daily “Sueddeutsche Zeitung”, the Greek daily “Ta Nea” and the Greek channel “AlphaTV” can reveal. The country only has a million citizens and is a small player in world affairs, but it is a key site for the mass surveillance systems revealed by US whistleblower Edward Snowden."
And: Exclusive: RAF Croughton base 'sent secrets from Merkel’s phone straight to the CIA' (Independent, link)
EU-UK-USA: DATA SURVEILLANCE: European Parliament: LIBE Committee Inquiry on Electronic Mass Surveillance of EU Citizens:
Meeting: 7 November 2013: Agenda (pdf)
- EU Intelligence Analysis Centre (EU INTCEN) (Wikipedia, link)
- Report on the democratic oversight of the security services: Adopted by the Venice Commission (pdf)
- Judicial Scrutiny of Intelligence Agencies (pdf) David Bickford, Former Legal Director of the Security and intelligence agencies MI5 and MI6
- Letter from BT declining invitation to attend Inquiry (pdf)
- Press release: Claude Moraes, Chair of the Inquiry: Moraes: EP is looking not only into NSA allegations but also at EU's own backyard (pdf)
UK-USA: DATA SURVEILLANCE: The interception of satellite communications: ECHELON (Wikipedia, link)
and see: Switzerland: Onyx (interception system) (Wikipedia, link): "The goal of the system is to monitor both civil and military communications, such as telephone, fax or Internet traffic, carried by satellite. Onyx uses lists of keywords to filter the intercepted content for information of interest, and the choice of keywords by the intelligence community must be approved by an independent commission. The system is not supposed to monitor internal communications; however, the monitoring of a communication between a person in Switzerland and someone in another country is allowed."
Statewatch: EU: Welcome to the new world of the interception of telecommunications (link to database) and EU agrees rules for remote computer access by police forces – but fails, as usual, to mention – the security and intelligence agencies (link to database). Article and Analysis by Tony Bunyan.
USA: DATA SURVEILLANCE: MIranda case: Police: the Security Service wanted to retrieve Miranda’s “espionage” material (Headoflegal, link): "The Metropolitan Police’s written grounds of defence in the Miranda judicial review case, published on this blog today, contain a number of significant claims about how they, in liaison with the Security Service, came to stop and question David Miranda at Heathrow airport in August this year."
Miranda case: The Queen v David Miranda: Defence case (pdf)
EU: DATA SURVEILLANCE: Cyprus: Isle of spies (Presseurop, link):
"which is home to one of the main listening posts maintained by the British signals intelligence agency, Government Communications Headquarters (GCHQ). It has now emerged that a UK military base on the island is the "foreign station" codenamed "Sounder" and see:
Background: Revealed: Britain's 'secret listening post in the heart of Berlin' - Claims that GCHQ has maintained spying operations even after US pulled out (Independent, link)
EU-USA Data surveillance A coincidence or part of a much wider trawl of communications across the EU?
- Did the intelligence agencies of France, Spain and Italy take part in a NATO coordinated "trawl" of communications over exactly the same period?
- And if they did, how is it that their governments did not seem to know what was going on?
Tony Bunyan, Statewatch Director, comments:
"EU governments are caught in a double-bind. They do not want to be spied upon by their "friend", the USA, but they spy too and on each other. Far more important is who is holding this mass of personal data in each EU state, who do they pass it on to and against whom and why is it used?
The pervasive pre-emptive logic of the security and intelligence agencies, in the EU and the USA, reverses the presumption of innocence - everyone is a potential suspect."
EU: DATA SURVEILLANCE: DO WE NEED ANOTHER UNACCOUNTABLE AGENCY? EU should create own spy agency, Reding says (euobserver, link): "EU justice commissioner Viviane Reding has said the Union should create its own intelligence service by 2020."
UK-GCHQ-EU-NSA: DATA SURVEILLANCE: Revealed: Britain's 'secret listening post in the heart of Berlin' - Claims that GCHQ has maintained spying operations even after US pulled out (Independent, link):
"Concerns were raised tonight that Britain operates a top-secret listening post from its Berlin embassy to eavesdrop on the seat of German power.
Documents leaked by the US National Security Agency whistleblower Edward Snowden show that GCHQ is, together with the US and other key partners, operating a network of electronic spy posts from diplomatic buildings around the world, which intercept data in host nations."
UK-GCHQ: DATA SURVEILLANCE: Privacy International files OECD complaints against telcos for role in UK mass surveillance program (link)
"Privacy International today has filed formal complaints with the Organisation for Economic Cooperation and Development (OECD) in the UK against some of the world’s leading telecommunication companies, for providing assistance to British spy agency GCHQ in the mass interception of internet and telephone traffic passing through undersea fibre optic cables.
According to recent reports, BT, Verizon Enterprise, Vodafone Cable, Viatel, Level 3, and Interoute granted access to their fibre optic networks for the United Kingdom’s Government Communications Headquarters (GCHQ) surveillance program, Tempora. As a result, Privacy International believes that there are grounds to investigate whether up to a dozen OECD guidelines, pertaining to companies' responsibilities to respect human rights, including the right to privacy and freedom of expression, were violated."
EU-USA: DATA SURVEILLANCE: European Parliament: Draft Working Document on Foreign Policy Aspects of the Inquiry on Electronic Mass Surveillance of EU Citizens for consideration in the AFET committee on 4 November 2013 (pdf):
"in light of the technologies available and the revelations about activities of US and some European intelligence services, many citizens consider the open, democratic character of our societies to be in danger. It is the task of public authorities, both in the EU and the US, to re-establish the balance between security and privacy. There is a danger of the development of a surveillance state, given growing data processing capacities of computers and availability of any kind of information on social networks. The individual risks being completely known and his behaviour predictable by the state....
However, the US debate is solely focussed on remedies needed to strengthen the rights of US citizens."
USA-UK-EU: DATA SURVEILLANCE: Human rights groups' open letter to David Cameron on surveillance - 'National security should never be used to justify preventing disclosures of illegalities or wrongdoing,' says coalition (Guardian, link): The UK government's actions and Cameron’s recent veiled threats prompted 70 of the world’s leading human rights organisations to write a joint letter to the prime minister:
"We have joined together as an international coalition of free speech, media freedom and human rights organisations because we believe that the United Kingdom government's response to the revelations of mass surveillance of digital communications is eroding fundamental human rights in the country. The government's response has been to condemn, rather than celebrate, investigative journalism, which plays a crucial role in a healthy democratic society."
USA-NSA: DATA SURVEILLANCE: Three documents from New York Times: Documents Show N.S.A. Efforts to Spy on Both Enemies and Allies (link) and Mission Plan: 2008-2013 (pdf) and 2007 Mission List (pdf) and
NETHERLANDS: SIGINT and wiretapping: the Dutch Intelligence and Security Act 2002 (link) and Denmark is one of the NSA's '9-Eyes' (Copenhagen Post, link)
UK-USA: DATA SURVEILLANCE: Metropolitan police detained David Miranda for promoting 'political' causes Justification for airport detention of partner of Guardian journalist Glenn Greenwald alarms human rights groups and Tory MP (The Observer, link)
"The detention of the partner of a former Guardian journalist has triggered fresh concerns after it emerged that a key reason cited by police for holding him under terrorism powers was the belief that he was promoting a "political or ideological cause".
The detention order under Schedule 7 said:
"We assess that Miranda is knowingly carrying material, the release of which would endanger people's lives. Additionally the disclosure or threat of disclosure is designed to influence a government, and is made for the purpose of promoting a political or ideological cause. This therefore falls within the definition of terrorism and as such we request that the subject is examined under schedule 7."
USA- NSA: DATA SURVEILLANCE: Portrait of the NSA: no detail too small in quest for total surveillance The NSA gathers intelligence to keep America safe. But leaked documents reveal the NSA's dark side – and show an agency intent on exploiting the digital revolution to the full (The Observer, link)
EU-UK-GCHQ: GCHQ and European spy agencies worked together on mass surveillance Edward Snowden papers unmask close technical cooperation and loose alliance between British, German, French, Spanish and Swedish spy agencies (Guardian, link):
"The German, French, Spanish and Swedish intelligence services have all developed methods of mass surveillance of internet and phone traffic over the past five years in close partnership with Britain's GCHQ eavesdropping agency.....In the intelligence world, far more than it managed in diplomacy, Britain has made itself an indispensable bridge between America and Europe's spies."
The documents used by the Guardian also reveal that the UK's internal security agency MI5 (Security Service) and MI6 (SIS, Secret Intelligence Service) work with GCHQ not only to extend the technical capabilities of other EU state agencies but also to advise them on how to get round their national laws, for example:
""We have been assisting the BND (along with SIS [Secret Intelligence Service] and Security Service) in making the case for reform or reinterpretation of the very restrictive interception legislation in Germany,"
See also: National Security Agency: Relationships and Authorities (pdf): including: "Leverage unique key corporate partnerships to gain access to high-capacity international fiber-optic cables, switches and/or routers throughout the world"
BELGACOM-GCHQ: Slide show - 3 pages (Der Spiegel, link)
AUSTRALIA-UK-USA: DATA SURVEILLANCE: Exposed: Australia's Asia spy network (Sydney Morning Herald, link): "Australian embassies are being secretly used to intercept phone calls and data across Asia as part of a US-led global spying network, according to whistleblower Edward Snowden and a former Australian intelligence officer."
See also: US spy leaks: How intelligence is gathered (BBC News, link)
EU-USA: DATA SURVEILLANCE: NSA/CIA "Special Collection Service" (SCS) based on 80 locations world-wide used by NSA for surveillance: Full document (pdf)
EU-SPAIN-USA: DATA SURVEILLANCE: El CNI facilitó el espionaje masivo de EEUU a España (Il Mundo, link):
"According to the document seen by El Mundo, the US classifies cooperation with various countries on four different levels. In the first group – "Comprehensive Cooperation" – are the UK, Australia, Canada and New Zealand. The second group – "Focused Cooperation" – of which Spain is a member, includes 19 countries, all of them European, apart from Japan and South Korea. The third group – "Limited cooperation" – consists of countries such as France, Israel, India and Pakistan; while the fourth – "Exceptional Cooperation" – is made up of countries that the US considers to be hostile to its interests." (Guardian take on story)
see also New NSA leak: High level of Danish and US intelligence sharing (Copenhagen Post, link)
NSA infiltrates links to Yahoo, Google data centers worldwide, Snowden documents say (Washington Post, link):
"The National Security Agency has secretly broken into the main communications links that connect Yahoo and Google data centers around the world, according to documents obtained from former NSA contractor Edward Snowden and interviews with knowledgeable officials. By tapping those links, the agency has positioned itself to collect at will from hundreds of millions of user accounts, many of them belonging to Americans. The NSA does not keep everything it collects, but it keeps a lot.
The NSA’s principal tool to exploit the data links is a project called MUSCULAR, operated jointly with the agency’s British counterpart, the Government Communications Headquarters . From undisclosed interception points, the NSA and the GCHQ are copying entire data flows across fiber-optic cables that carry information among the data centers of the Silicon Valley giants." and
Spying scandal: Will the 'five eyes' club open up? (BBC News, link)
EU-USA: DATA SURVEILLANCE: U.S. Says France, Spain Aided NSA Spying -- Update (Wall Street Journal, link): "Widespread electronic spying that ignited a political firestorm in France and Spain recently was carried out by their own intelligence services and not by the National Security Agency, U.S. officials say.....U.S. officials said the Snowden-provided documents had been misinterpreted and actually show phone records that were collected by French and Spanish intelligence agencies, and then shared with the NSA, according to officials briefed on those discussions." and
N.S.A. Head Says European Data Was Collected by Allies (New York Times, link): "The head of the National Security Agency on Tuesday vigorously challenged recent reports that the United States had been gathering the phone records of millions of Europeans, saying that the records had in fact been turned over by allied spy services. “This is not information we collected on European citizens,” said the agency’s director, Gen. Keith B. Alexander. “It represents information that we and our NATO allies have collected in defense of our countries and in support of military operations...... General Alexander and James R. Clapper Jr., director of national intelligence, broadly defended the N.S.A.'s practice of spying on foreign leaders. Such espionage, they said, was a basic pillar of American intelligence operations that had gone on for decades. ”
and see: Europeans spy just as much, US intelligence chiefs say (euobserver, link)
EU-USA: TRADE TALKS & DATA PROTECTION: Reding warns data protection could derail US trade talks (euractiv, link): "Justice Commissioner Viviane Reding yesterday (29 October) issued a stark warning that data protection should be kept off the agenda of the Transatlantic Trade and Investment Partnership (TTIP). But EurActiv understands that US pressure is mounting to keep the debate open on data issues.....“I warn against bringing data protection to the trade talks. Data protection is not red tape or a tariff. It is a fundamental right and as such it is not negotiable,” she added.."
ITALY-USA: DATA SURVEILLANCE: NSA, «spiate 46 milioni di telefonate in Italia» ["NSA: 46 million telephone calls in Italy were spied on"] (corriere della sera, link) and Is Italy next in line for NSA spying revelations? (ZD net, link)
Also: NSA faces sweeping review into extent of surveillance - Senate intelligence committee chair Dianne Feinstein, who has been a loyal defender of the NSA, demands a 'total' surveillance review (Guardian, link) andUS to 'review' spying activities amid European outrage (euobserver, link)
GERMANY-USA-DATA-PROTECTION: Appearances and Reality: Merkel Balks at EU Privacy Push (Spiegel Online, link): Chancellor Merkel ends up backing UK PM to delay the Regulation on Data Protection:
"Chancellor Merkel has put on a good show of being outraged by American spying. But, at the same time, she has impeded efforts to strengthen data security. Does she really want more privacy, or is she more interested in being accepted into the exclusive group of info-sharing countries known as the 'Five Eyes' club?
...American tech corporations could hardly believe their luck at having Merkel's support. Now they're hoping for more leeway to water down the data-protection law as soon as the furor over the latest spying scandal has subsided. One high-ranking American tech-company executive told the Financial Times: "When we saw the story about Merkel's phone being tapped … we thought we were going to lose." But, he added: "It looks like we won." "
GERMANY-USA: DATA SURVEILLANCE: Partner Merkel, Obama im Mai 2012 in Camp David (Die Spiegel, link, 7 MB, large pdf): CIA/NSA Special Collection Service - The Special Collection Service is a joint CIA-NSA surreptitious entry agency which breaks into targeted facilities to steal secret information. Based on documents addressed to: "USA, AUS,CAN, GBR,NZL" (the "Five-Eyes")
EU-USA: DATA SURVEILLANCE: How embassy eavesdropping works (Duncan Campbell.org, link): "Secret US espionage activity against Germany, from Germany and revealed this week by Der Spiegel has added new evidence to European concerns about the interception of the phones of the Germany's Chancellor Merkel and other world leaders. Duncan was a consultant to Der Spiegel for the enquiry and identified the listening "windows" shown"
and The embassy spy centre network (link): "Over 70 US embassies around the world hide joint NSA-CIA “Special Collection Service” (SCS) electronic monitoring centres. The images here show some of the more prominent sites in Europe and the Middle East. All feature rooftop sheds packed with surveillance antenna and equipment.
SPAIN-USA: DATA SURVEILLANCE: NSA 'monitored 60m Spanish calls in a month' (BBC News, link): "The US National Security Agency secretly monitored 60 million phone calls in Spain in one month, Spanish media say....They say the NSA collected the numbers and locations of the caller and the recipient, but not the calls' content." see: La NSA rastreó 60 millones de llamadas en España en un mes (El Pais, link)
UN: US DATA SURVEILLANCE: Draft Resolution on Privacy (pdf): Including:
"Affirms that the same rights that people have offline must also be protected online, in particular the right to privacy, including in the context of the surveillance of communications.. [and Calls on all States]
To take measures to put an end to violations of these rights and to create the conditions to prevent such violations, including by ensuring that relevant national legislation complies with their international human rights obligations and is effectively implemented"
GERMANY-USA: DATA SURVEILLANCE: NSA Surveillance: Merkel cell phone is since 2002 on U.S. eavesdropping list (Spiegel Online, translation, link) and US bugged Merkel's phone from 2002 until 2013, report claims (BBC News, link):
It appears that Merkel's telecommunications were placed under surveillance by the NSA's Special Collection Service (SCS) from 2002, two years after she was elected the CDU's party leader. Her party was then in opposition and this suggests that the net cast by the SCS operations in Berlin (and in other capitals) extended not just to governments but to potential future government parliamentarians too.
And see: Thousands gather in Washington for anti-NSA 'Stop Watching Us' rally - Statement from whistleblower Edward Snowden read to crowd featuring groups from left and right of political spectrum (Guardian, link)
UK-GCHQ: DATA SURVEILLANCE: Leaked memos reveal GCHQ efforts to keep mass surveillance secret - Exclusive: Edward Snowden papers show UK spy agency fears legal challenge if scale of surveillance is made public (Guardian, link):
"The UK intelligence agency GCHQ has repeatedly warned it fears a "damaging public debate" on the scale of its activities because it could lead to legal challenges against its mass-surveillance programmes, classified internal documents reveal."
EU: EUROPEAN COUNCIL: Statement of Heads of State or government: on USA data surveilance, 24-25 October 2013 (pdf):
"A lack of trust could prejudice the necessary cooperation in the field of intelligence gathering.
The Heads of State or Government took note of the intention of France and Germany to seek bilateral talks with the USA with the aim of finding before the end of the year an understanding on mutual relations in that field. They noted that other EU countries are welcome to join this initiative."
Tony Bunyan, Statewatch Director, comments:
"The European Council [Prime Ministers and Heads of State] is now the fourth formal EU institution, and some would argue the most powerful as it sets the agenda. Its statement only addresses the concerns of governments not those of the people or civil society groups who have been place under surveillance by unaccountable agencies in the USA and EU Member States.
This comes at the same time as it also agreed to put off the decision to adopt the new EU Regulation on data protection until 2015, when the expectation had been that it would be adopted before the European Parliament elections in May 2014. And comes just days after the European Parliament's Civil Liberties Committee adopted, by a large majority, a policy position to ensure that no personal data could be transferred outside the EU without the authorisation of the national data protection authority and that the individual concerned would have to be informed of the request.
It would appear that the priority of the European Council is to strongly oppose the USA spying on EU governments but not demanding that its own citizens are protected."
FRANCE-USA: DATA SURVEILLANCE: USA and French intelligence (pdf) Concerning cyber attacks on the French Presidential network.
USA: DATA SURVEILLANCE: NSA monitored calls of 35 world leaders after US official handed over contacts (Guardian, link)
• Agency given more than 200 numbers by government official
• NSA encourages departments to share their 'Rolodexes'
• Surveillance produced 'little intelligence', memo acknowledges
The NSA memo suggests that such surveillance was not isolated as the agency routinely monitors world leaders
EU: SURVEILLANCE: European Parliament study: National programmes for mass surveillance of personal data in EU Member States and their compatability with EU law (pdf): "It finds that four of the five EU member states selected for in-depth examination are engaging in some form of large-scale interception and surveillance of communication data, and identifies parallels and discrepancies between these programmes and the NSA-run operations."
USA: DATA SURVEILLANCE: Berlin Complains: Did US Tap Chancellor Merkel's Mobile Phone? (Spiegel Online, link): "Berlin is taking seriously indications that Chancellor Angela Merkel's mobile phone might have been tapped by US intelligence, according to SPIEGEL information. Merkel spoke with President Barack Obama on Wednesday about her concerns." and UK: Angela Merkel phone-bugging claims are result of Snowden leaks, MP claims - David Winnick says disclosure shows wisdom of decision to hold Commons debate on oversight of UK spying agencies (Guardian, link)
UK-EU: DATA SURVEILLANCE: FROM 1998: UK “spying” on EU partners (Statewatch Bulletin, January-February 1998)
The UK's overseas intelligence gathering service, MI6 (the Secret Intelligence Service, SIS), spies on other EU governments to strengthen their position in negotiations. As the Guardian put it: “The clearest confirmation from authoritative sources of a long-held suspicion comes in BBC 2's How to be Foreign Secretary..”. The programme broadcast on Sunday 8 January 1998 quotes a senior official, who could not be identified, as saying:
"Of course, we spied on them. It is as vital to know what our European partners are doing as any Soviet battle plan.” (Times, 2.1.98)
UK: DATA SURVEILLANCE: Security services need full review (Guardian, link) Letter from: John McDonnell MP and Jeremy Corbyn MP: and see: Early day motion (link):
"That this House considers that the revelations exposed in The Guardian that British security services have examined the internet activities of British citizens without the consent of Parliament demonstrate that the Intelligence and Security Committee is not fit for purpose; believes that the Committee should be chaired by an hon. Member who has not served in a Department with responsibility for intelligence and security services for the purpose of avoiding any potential allegations of conflict of interest; and calls for any independent review reporting to Parliament on the appropriate structure and arrangements to ensure effective Parliamentary democratic scrutiny of the intelligence and security services."
FRANCE-USA: DATA SURVEILLANCE: France in the NSA's crosshair : phone networks under surveillance (M Technologies, link), NSA Spying: Laurent Fabius convened "immediately" U.S. Ambassador (Le Monde, translation), Le Monde (link) and Le Monde PRISM slides (pdf)
Snowden leaks: France summons US envoy over spying claims (BBC News, link) and US spy agency 'monitored millions of French phones' (France 24, link)
UK-USA: DATA SURVEILLANCE: Documents reveal NSA’s extensive involvement in targeted killing program (Washington Post, link): "It was an innocuous e-mail, one of millions sent every day by spouses with updates on the situation at home. But this one was of particular interest to the National Security Agency and contained clues that put the sender’s husband in the crosshairs of a CIA drone." and:
Also: UK's top prosecutor defends journalists who break law in public interest - Keir Starmer says his guidelines are drafted to let journalists pursue difficult stories without fear of prosecution (Guardian, link): "Britain's most senior prosecutor has launched a robust defence of journalists who break the law pursuing investigations that have a genuine public interest. Legal guidelines had been drafted, he said, to protect reporters." See: Guidelines for prosecutors on assessing the public interest in cases affecting the media (CPS, link) and Annex A (pdf)
EU-USA: DATA SURVEILLANCE: Snowden Says He Took No Secret Files to Russia (New York Times, link): "Edward J. Snowden, the former National Security Agency contractor, said in an extensive interview this month that he did not take any secret N.S.A. documents with him to Russia when he fled there in June, assuring that Russian intelligence officials could not get access to them." And: UK: Extent of spy agencies' surveillance to be investigated by parliamentary body - Intelligence inquiry begun after Edward Snowden leaks and Guardian revelations on GCHQ and NSA personal data sharing (Guardian, link)
UK: DATA SURVEILLANCE: Extent of spies' mass surveillance to be investigated by parliamentary body - Intelligence inquiry begun after Edward Snowden leaks and Guardian revelations on GCHQ and NSA personal data sharing (Guardian, link)
USA-NSA DATA SURVEILLANCE: NSA collects millions of e-mail address books globally (Washington Post, link):
"The National Security Agency is harvesting hundreds of millions of contact lists from personal e-mail and instant messaging accounts around the world, many of them belonging to Americans, according to senior intelligence officials and top-secret documents provided by former NSA contractor Edward Snowden.
During a single day last year, the NSA’s Special Source Operations branch collected 444,743 e-mail address books from Yahoo, 105,068 from Hotmail, 82,857 from Facebook, 33,697 from Gmail and 22,881 from unspecified other providers, according to an internal NSA PowerPoint presentation. Those figures, described as a typical daily intake in the document, correspond to a rate of more than 250 million a year."
See documents: Content Acquisition Optimisation (pdf), SSO Collection Optimisation (pdf) and SSO Collection Optimization Overview (pdf)
GERMANY: DATA SURVEILLANCE: German NSA has deal to tap ISPs at major Internet Exchange (ars technica, link)"Spy agency BND stays mum on how it's distinguishing domestic vs. foreign traffic."
EU-USA: DATA SURVEILLANCE: Editors on the NSA files: 'What the Guardian is doing is important for democracy' - On Thursday the Daily Mail described the Guardian as 'The paper that helps Britain's enemies'. We showed that article to many of the world's leading editors. This is what they said (Guardian, link) and Surveillance, democracy, transparency – a global view (Guardian, link) and: Editorial: Spies and journalism: when worlds collide - The raging global discussion about the proper limits of surveillance of the past few months will become harder to ignore (link)
Also: Sir David Omand: Snowden leak is 'most catastrophic loss to British intelligence ever' (Daily Telegraph, link): "Sir David Omand, who was once Britain’s homeland security adviser to No 10, said Snowden’s actions eclipsed the exploits of the Cambridge spy ring, whose five members leaked information to the Soviet Union during the Second World War and Cold War."
UK: DATA SURVEILLANCE: MI5 chief's defence of GCHQ surveillance: extracts and analysis - Andrew Parker has given his first speech since becoming head of the UK's domestic intelligence agency (Guardian, link) and UK debate grows over 'Orwellian' NSA and GCHQ surveillance - MI5 director's speech gets backing of prime minister as Guardian editor warns over suppressing dissent (Guardian, link) See also: Full text of speech: Director of Security Service on MI5 and the Evolving Threat (link)
EU-USA: DATA SURVEILLANCE: Speech by European Data Protection Supervisor at Civil Liberties Committee hearing on mass surveillance (pdf):
"At this stage, there seems to be little doubt that we are facing an existential challenge to our fundamental rights and liberties. We must therefore be prepared to "draw a line in the sand"....Let me therefore be very clear, we must now make a stand, it is really "now or never"."
UK-CANADA-BRAZIL: DATA SURVEILLANCE: MI5 chief: GCHQ surveillance plays vital role in fight against terrorism: Sir Andrew Parker mounts strident defence of UK intelligence and denies MI5 seeks 'all-pervasive security apparatus' (Guardian, link) Full text of speech: Director of Security Service on MI5 and the Evolving Threat (link)
See also: Brazil accuses Canada of spying after NSA leaks: Canadian ambassador summoned to explain claims spy agency collected Brazilian energy ministry internet and phone data (Guardian, link) and Australian government withheld knowledge of Prism program - Freedom of information request confirms Attorney General's Department prepared a secret ministerial briefing in March (Guardian, link)
EU: DATA PROTECTION: Hundreds of US companies make false data protection claims (euobserver, link) and see: EU/US Safe Harbor – Effectiveness of the Framework in relation to National Security Surveillance(pdf) presentation by Chris Connolly (Galexia) to the LIBE Committee hearing on “Electronic mass surveillance of EU citizens”.
EU-UK-GCHQ: DATA SURVEILLANCE:: Belgacom downplays UK hacking allegations at EU hearing (euobserver, link):
"Belgian telecommunications firm Belgacom has played down revelations it was hacked by British intelligence..."
"Why would Belgacom internal systems be a target for a state? We’re talking about a massive, sophisticated attack," Dutch Liberal MEP Sophie in 't Veld, who chaired the hearing, said. Claude Moraes, a British centre-left MEP, noted: "You have allegations of the UK spying on Belgian telephone systems which were part of the infrastructure of the European Union … I think that's quite an unusual allegation and of course it can't just stand, it has to be investigated."
MEPs also criticised the UK for declining to send a speaker.."
See: European Parliament press release: Belgacom hacking case: MEPs regret UK intelligence service absence at EP hearing (pdf)
See full text: UK Permanent Representative in Brussels turning down invitation and leaving an empty chair at the hearing: Letter to LIBE Committee (pdf) :
"The activities of intelligence services are equally the sole responsibility of each Member State and fall outside the competences of the Union. For that reason, and with respect, the UK must decline your invitation for the Director of GCHQ to attend your Hearing. Further, it is my Government’s consistent policy not to comment on intelligence matters."
And see original report: : Belgacom Attack: Britain's GCHQ Hacked Belgian Telecoms Firm - A cyber attack on Belgacom raised considerable attention last week. Documents leaked by Edward Snowden and seen by SPIEGEL indicate that Britain's GCHQ intelligence agency was responsible for the attack. (Spiegel Online, link)
EU-USA DATA SURVEILLANCE: Letter from US Representation to the European Union declining to attend the European Parliament inquiry (pdf):
"In response to your invitation for US Government officials to participate in the LIBE Committee's hearings on alleged NSA programs, I regret that we cannot offer any encouragement for official US participation..."
The response says that the "appropriate" channel is the Ad Hoc Working Group set up by the USA, the EU Council, Commission and EU Member states whose meetings and documents are secret.
GERMANY-UK-USA: DATA SURVEILLANCE: German intelligence service is as bad as the NSA: There has been much criticism of the US agency in Germany, but surveillance laws in both countries fail to protect internet privacy (Guardian, link)
EU-USA: DATA SURVEILLANCE: The Snowden files: why the British public should be worried about GCHQ - When the Guardian offered John Lanchester access to the GCHQ files, the journalist and novelist was initially unconvinced. But what the papers told him was alarming: that Britain is sliding towards an entirely new kind of surveillance society (Guardian, link):
"“The documents make clear that GCHQ's eavesdropping abilities are on a scale unmatched anywhere in the free world, and they privately boast about the "more permissive legal environment" in the UK – and yet, nobody seems to care. It's tragicomic that the surveillance story which most gripped the public imagination concerned Poole borough council's use of the Regulation of Investigatory Powers Act 2000 (Ripa) to spy on a family suspected of cheating in regard to school catchment areas.”
EU-USA: DATA SURVEILLANCE: Newsnight Greenwald interview: Link (3-10-13, BBC)
UK-USA DATA SURVEILLANCE: NSA and GCHQ target Tor network that protects anonymity of web users (Guardian, link) and Attacking Tor: how the NSA targets users' online anonymity (Guardian, link)
EU-USA: DATA SURVEILLANCE: US denies entry to German NSA critic (New Europe, link)
EU-USA: DATA SURVEILLANCE: Snowden to EU: Whistleblowers need protection (euobserver, link): "Surveillance of whole populations is one of the greatest challenges facing human rights, former NSA agent Edward Snowden told the European Parliament’s civil liberties committee at a hearing on whistleblowers."
EU-USA: DATA SURVEILLANCE: How the NSA obtains and uses airline reservations (The Identity project, link) and see: How airline reservations are used to target illegal searches (link)
EU-USA: DATA SURVEILLANCE: A TIMELY REMINDER FROM HISTORY: A quote from Senator Frank Church, who headed a seminal inquiry in 1975 into the surveillance of the peace movement in the USA (the “Church Committee report”), seems pertinent today:
"If a dictator ever took charge in this country, the technological capacity that the intelligence community has given the government could enable it to impose total tyranny, and there would be no way to fight back because the most careful effort to combine together in resistance to the government, no matter how privately it was done, is within the reach of government to know. Such is the capacity of technology."
EU-USA: DATA SURVEILLANCE: NSA Gathers Data on Social Connections of U.S. Citizens (New York Times, link):
"Since 2010, the National Security Agency has been exploiting its huge collections of data to create sophisticated graphs of some Americans’ social connections that can identify their associates, their locations at certain times, their traveling companions and other personal information, according to newly disclosed documents and interviews with officials."
See also: Documents on N.S.A. Efforts to Diagram Social Networks of U.S. Citizens (link) which again emphasise that surveillance of anyone in the world is OK so long as they are careful when it comes to involving US citizens:
" The primary new responsibility is the requirement: to enter a foreign intelligence (FI) justification for making a query or starting a chain"
EU-USA: DATA SURVEILLANCE: Creeping Cloud (New York Times, Sunday Review, link):
" James Bamford, the chronicler of the untrammeled powers of the “Puzzle Palace,” as he calls the N.S.A., wrote in Wired that the Utah tower of Babel may be able to store a yottabyte. That is equal to a septillion bytes or about 500 quintillion (500,000,000,000,000,000,000) pages of text...."They saw 9/11 and all these other terrorist attacks on CNN. They didn’t have a clue. The more electronic hay they stack on their haystack, the more difficult it is to find the needle.” " (emphasis added)
USA: SURVEILLANCE: Another watershed moment: Leahy Delivers Keynote Address On Foreign Surveillance Oversight At Georgetown University Law Center (link):
"I entered the Senate in 1975. The very first vote I cast as a United States Senator was in favor of the Senate resolution that created the Select Committee to Study Government Operations with Respect to Intelligence Activities and the Rights of Americans – that is, the Church Committee. It was a watershed moment in history, and I remain proud of that first vote.
Through the work of the Church Committee, the American public learned of years of excesses and abuses that had occurred in the secretive and largely unchecked intelligence community. These revelations made clear that change was needed. They led to the enactment of the Foreign Intelligence Surveilance Act in 1978, as well as the establishment of the congressional Intelligence Committees to provide ongoing, comprehensive oversight of our intelligence agencies. Today, nearly 40 years later, we have arrived at another watershed moment. And once again, it is time for change."
INDIA-USA: DATA SURVEILLANCE: NSA planted bugs at Indian missions in D.C., U.N. (The Hindu, link)
"Two of the most important nerve-centres of Indian diplomacy outside the country — the Permanent Mission of India at the United Nations and the embassy in Washington, DC — were targets of such sophisticated bugs implanted by the U.S. National Security Agency (NSA) that entire computer hard disks might have been copied by the American agency. The U.N. Mission building in New York and the embassy premises, including its annex, in Washington were on a top-secret list of countries and missions — many of them European allies of the U.S. — chosen for intensive spying."
And see: NSA spied on Indian embassy and UN mission, Edward Snowden files reveal - Documents released by US whistleblower show extent and aggression of datamining exercises targeting its diplomatic ally (Guardian, link)
EU-USA: DATA SURVEILLANCE: Suspension of SWIFT Treaty? European Commissioner Malmstrom: Intervention by Cecilia Malmström on the EU-US TFTP Agreement in the European Parliament (pdf) See: EU wants answers on NSA bank spying allegations (euobserver, link)
EU-USA: DATA SURVEILLANCE: NSA surveillance goes beyond Orwell's imagination – Alan Rusbridger: Guardian editor says depth of NSA surveillance programs greatly exceed anything the 1984 author could have imagined (link): ""All sorts of people around the world are questioning what America is doing," said Rusbridger. "The president keeps saying: well we don't spy on our people. [But] that's not much comfort if you are German."
EU-USA: DATA SURVEILLANCE: European Parliament Briefing Note: The US National Security Agency (NSA) surveillance programmes (PRISM) and
Foreign Intelligence Surveillance Act (FISA) activities and their impact on EU citizens' fundamental rights (pdf):
"In light of the recent PRISM-related revelations, this briefing note analyzes the impact of US surveillance programmes on European citizens’ rights. The note explores the scope of surveillance that can be carried out under the US FISA Amendment Act 2008, and related practices of the US authorities which have very strong implications for EU data sovereignty and the protection of European citizens’ rights."
EU-USA: DATA SURVEILLANCE: Belgacom Attack: Britain's GCHQ Hacked Belgian Telecoms Firm - A cyber attack on Belgacom raised considerable attention last week. Documents leaked by Edward Snowden and seen by SPIEGEL indicate that Britain's GCHQ intelligence agency was responsible for the attack. (Spiegel Online, link):
" A "top secret" Government Communications Headquarters (GCHQ) presentation seen by SPIEGEL indicate that the goal of project, conducted under the codename "Operation Socialist," was "to enable better exploitation of Belgacom" and to improve understanding of the provider's infrastructure."
"GCHQ had been targeting the Belgian telecoms giant Belgacom, whose major customers include the European parliament, [European Council] and the European commission. The operation, codenamed "Socialist", had given GCHQ the ability to secretly hack into Belgacom for at least three years."
- Rifkind was responding to this article: Edward Snowden has started a global debate. So why the silence in Britain? We're subject to huge unwarranted surveillance – but Westminster's useful idiots are more likely to sanction than criticise it (Simon Jenkins, Guardian, link)
EU-USA: DATA SURVEILLANCE: EU and US to discuss snooping allegations - information from meetings may not be shared with the public. (european voice, link), Major Belgian telco targeted by a foreign state, Brussels says (ars technica, link), Britain’s intelligence service responsible for cyber-attack against Belgacom (New Europe, link) and Surveillance at the United Nations (EFF link)
EU: Barroso orders security sweep after allegations of US spying (european voice, link)
EU-USA: DATA SURVEILLANCE: 'Follow the Money': NSA Spies on International Payments (Der Spiegel, link)
The United States' NSA intelligence agency is interested in international payments processed by companies including Visa, SPIEGEL has learned. It has even set up its own financial database to track money flows through a "tailored access operations" division.
EU-USA: DATA SURVEILLANCE: European Parliament inquiry: Civil Liberties Committee holds second hearing on NSA snooping (pdf)
ISRAEL-USA: DATA SURVEILLANCE: NSA shares raw intelligence including Americans' data with Israel: (Guardian, link)
• Secret deal places no legal limits on use of data by Israelis
• Only official US government communications protected
• Agency insists it complies with rules governing privacy
Full-text of NSA and Israel's 'memorandum of understanding' (pdf)
The existence of this Israel-USA Agreement concerning the exchange of data on US citizens begs the question: Is there another Agreement covering access to data on non-US citizens?
Timeline of Edward Snowden's revelations (Aljazeera, link)
EU-USA: DATA SURVEILLANCE: MEPs call for suspension of EU-US Swift agreement following new NSA revelations (Parliament, link) and European Parliament Press release: European parliament has ‘obligation’ to safeguard citizens’ rights to privacy, says Claude Moraes (pdf) and see: José Bové: US demanded encrypted calls during EU-US trade talks (euractiv, link)
UPDATED: UK-USA: DATA SURVEILLANCE: Full-text: Secret Document Reveals NSA Campaign Against Encryption (pdf):
New York Times commented: "Documents show that the NSA has been waging war against encryption using a battery of methods that include working with industry to weaken encryption standards, making design changes to cryptographic software, and pushing international encryption standards it knows it can break." NYT version with comments (pdf)
See also: How to remain secure against NSA surveillance, Bruce Schneier, Guardian (link) and The US government has betrayed the internet. We need to take it back (link)
EU-USA: DATA SURVEILLANCE: NSA and GCHQ unlock privacy and security on the internet (Guardian, link)
• NSA and GCHQ unlock encryption used to protect emails, banking and medical records
• $250m-a-year US program works covertly with tech companies to insert weaknesses into products
• Security experts say programs 'undermine the fabric of the internet'
and: NSA and GCHQ unlock encryption programs that EVERYONE uses to email and make purchases on their phones and tablets (Daily Mail, link)
EU-USA: DATA SURVEILLANCE: Unreported NSA spy systems revealed (euobserver, link): "A speaker invited to a European Parliament hearing into the large surveillance programme by the US intelligence agency NSA has revealed two previously unreported systems used to spy on people."
UK-SPAIN: DATA SURVEILLANCE: London spies on Spanish communications as well (Spanish link to: Publico.es)
.
The British agency GCHQ has intercepted the underwater cable connecting Spain with the Middle East and Asia, to secretly control telephone and Internet connections. European intelligence sources confirmed this surveillance on a massive scale"
Se also from Statewatch: UK/Spain/Gibraltar: Early 20th century communications interception in Spain: a historical perspective
EU-USA:DATA SURVEILLANCE: UN: press should not be 'intimidated into silence' over state secrets - Representatives criticise UK government following detention of David Miranda, and call for public debate over NSA surveillance (Guardian, link): "Two senior UN representatives have warned the British government that the protection of state secrets must not be used as an excuse to "intimidate the press into silence" following the detention of David Miranda under the Terrorism Act."
EU-USA: DATA SURVEILLANCE: European Parliament LIBE Committee Inquiry: Electronic Mass Surveillance of EU citizens:
- Meeting of 24th July 2013 concerning feedback from the first meeting of the EU-US expert group on data protection (pdf)
- Letter: President of the EP to the Council (pdf)
- Letter: LIBE Chair to EP President (pdf)
- Letter: LIBE Chair to Commissioner Reding (pdf)
EU-USA: DATA SURVEILLANCE: USA Congressional Research Service:
- NSA Surveillance Leaks: Background and Issues for Congress (pdf)
- Reauthorization of the FISA Amendments Act (pdf)
EU-USA: DATA SURVEILLANCE: EDRI (European digital Rights) and FREEGroup: Statement: EDRi and FREE urge European Parliament to bring an end to lawless surveillance and Full submission (pdf). Statewatch is a member of both groups.
EU-USA: DATA SURVEILLANCE: NSA leaks: David Cameron's response is intimidation, says world press body - World Association of Newspapers and News Publishers tells the UK government its actions could threaten press freedom (Guardian, link) Letter to the UK PM: Protest Campaign - United Kingdom, 23 August 2013 (link)
EU-USA: DATA SURVEILLANCE: David Miranda's detention is a threat to press freedom, say European editors - Newspapers urge prime minister to restore Britain's reputation for free press after holding of Guardian journalist's partner (The Observer, link):
"In an open letter to David Cameron published in today's Observer, the editors of Denmark's Politiken, Sweden's Dagens Nyheter, Norway's Aftenposten and Finland's Helsingin Sanomat describe the detention of David Miranda, the partner of the Guardian's Glenn Greenwald, as harassment."
UK-USA: DATA SURVEILLANCE: David Miranda wins partial court victory over data seized by police Judges curtail using or sharing of material, but authorities can examine it for 'national security' (Guardian, link) and see: Letter to Home Secretary: Detention of David Miranda – Announcement of Independent Review (link)
UK-USA: DATA SURVEILLANCE: Exclusive: UK’s secret Mid-East internet surveillance base is revealed in Edward Snowden leaks - Data-gathering operation is part of a £1bn web project still being assembled by GCHQ (The Independent, link):
"Britain runs a secret internet-monitoring station in the Middle East to intercept and process vast quantities of emails, telephone calls and web traffic on behalf of Western intelligence agencies, The Independent has learnt. The station is able to tap into and extract data from the underwater fibre-optic cables passing through the region. The information is then processed for intelligence and passed to GCHQ in Cheltenham and shared with the National Security Agency (NSA) in the United States."
EU-USA: DATA SURVEILLANCE: David Cameron told Cabinet Secretary Sir Jeremy Heywood to 'warn' Guardian over Edward Snowden documents (Independent, link) and No 10 contacted Guardian over Edward Snowden secrets (BBC News, link)
EU-USA: DATA SURVEILLANCE: UK requests destruction of sensitive Snowden files, EU silent (euractiv, link): Guardian Editor, Alan Rushbridger, said: "“The state that is building such a formidable apparatus of surveillance will do its best to prevent journalists from reporting on it. Most journalists can see that. But I wonder how many have truly understood the absolute threat to journalism implicit in the idea of total surveillance, when or if it comes – and, increasingly, it looks like 'when'"
EU-USA: DATA SURVEILLANCE: So the innocent have nothing to fear? After David Miranda we now know where this leads - The destructive power of state snooping is on display for all to see. The press must not yield to this intimidation by Simon Jenkins (Guardian, link)
EU-USA: DATA SURVEILLANCE: SPIN & REALITY: Theresa May had advance notice of David Miranda detention at Heathrow (Guardian. link): "Home secretary confirms Met briefed her before but denies she directed actions, saying police had 'operational independence' "Downing Street confirmed that the prime minister was also informed. "We were kept abreast in the usual way," a No 10 source said. "We do not direct police investigations." "
The "spin", the official line, is that the Metropolitan Police decided to detain and question Miranda at Heathrow for 9 hours under Schedule 7 of the Terrorism Act 2000. The Metropolitan Police informed the Prime Minister and the Home Secretary of the decision taken by the police, who then gave the USA the "heads up" on what was going to happen.
Tony Bunyan, Statewatch News Editor, comments:
"In reality this is not the way things happen. The NSA and GCHQ/MI6, the "cousins" in intelligence lexicon, were tracking the movements of Greewald and Miranda and knew that Miranda had been in Germany and was going to change planes in London. They decided to intervene and sought clearance by informally telling their governments what was planned. Given the OK the Metropolitan Police, the "foot soldiers", formally detained Miranda to be questioned by intelligence officials."
EU-USA: DATA SURVEILLANCE: Snowden NSA files: US and UK at odds over security tactics as row escalates - White House says it would be 'difficult to imagine' US authorities adopting GCHQ tactic of demanding destruction of hard drives (Guardian, link) and David Miranda's lawyers threaten legal action over 'unlawful' detention - Partner of Guardian journalist Glenn Greenwald seeks return of equipment seized during nine-hour interrogation at Heathrow (Guardian, link) and Full-text of lawyers letter (pdf)
EU-USA: DATA SURVEILLANCE: NSA files: why the Guardian in London destroyed hard drives of leaked files - A threat of legal action by the government that could have stopped reporting on the files leaked by Edward Snowden led to a symbolic act at the Guardian's offices in London (Guardian, link) and Groklaw legal site shuts over fears of NSA email snooping Pamela Jones shuts award-winning site, saying concerns that messages could be read mean that 'there is now no shield from forced exposure' (Guardian, link)
EU-USA: DATA SURVEILLANCE: EU data watchdog to investigate Prism scandal (euobserver, link): "EU data regulators will carry out their own investigation into whether privacy rules have been breached by secret US surveillance programmes, according to the bloc's privacy experts. In a letter published on Monday (19 August) to EU Justice commissioner Viviane Reding, Jacob Kohnstamm, Chairman of the Article 29 working party, said that his group would assess the controversial PRISM programme as well as other platforms used by the US National Security Agency (NSA)."
See: Article 20 Working Party Letter to Commissioner Reding concerning XKeyscore and Prism (pdf)
EU-USA: DATA SURVEILLANCE: David Miranda, schedule 7 and the danger that all reporters now face - As the events in a Heathrow transit lounge – and the Guardian offices – have shown, the threat to journalism is real and growing (Guardian, link) Interesting article by Guardian Editor, Alan Rusbridger, which includes details of the pressure put on the newspaper:
"A little over two months ago I was contacted by a very senior government official claiming to represent the views of the prime minister. There followed two meetings in which he demanded the return or destruction of all the material we were working on. The tone was steely, if cordial, but there was an implicit threat that others within government and Whitehall favoured a far more draconian approach.
The mood toughened just over a month ago, when I received a phone call from the centre of government telling me: "You've had your fun. Now we want the stuff back." There followed further meetings with shadowy Whitehall figures. The demand was the same: hand the Snowden material back or destroy it. I explained that we could not research and report on this subject if we complied with this request. The man from Whitehall looked mystified. "You've had your debate. There's no need to write any more." and:
" one of the more bizarre moments in the Guardian's long history occurred – with two GCHQ security experts overseeing the destruction of hard drives in the Guardian's basement"
EU-USA: DATA SURVEILLANCE: White House was given 'heads-up' over David Miranda detention in UK - US says it did not sanction holding Glenn Greenwald's partner at Heathrow, but was told his name was on passenger list (Guardian, link), David Miranda detention prompts outcry over 'gross misuse' of terror laws - Journalists, human rights lawyers and civil liberties campaigners condemn Miranda's nine-hour detention at Heathrow (Guardian, link) and: Terrorism law watchdog calls for explanation of Miranda detention - David Anderson QC becomes latest figure to question treatment of Guardian journalist Glenn Greenwald's partner (Guardian, link)
See also: Schedule 7 of the Terrorism Act 2000: A police snooping tool to protect private profit (Corporate Watch, link), StopWatch: Briefing (pdf) and New law would allow indefinite retention of data seized at ports (Statewatch database)
EU-USA: DATA SURVEILLANCE: Glenn Greenwald's partner detained at Heathrow airport f
EU-USA: DATA SURVEILLANCE: Article 20 Working Party Letter to Commissioner Reding concerning XKeyscore and Prism (pdf): "Especially alarming are the latest revelations with regard to the so-called XKeyscore, which allegedly allows for the collection and analysis of the content of internet communication from around the world."
UK-NSA-GCHQ SURVEILLANCE: Historical article: The Eavesdroppers (pdf) by Duncan Campbell and Mark Hosenball in Time Out, 21 May 1976.
USA: DATA SURVEILLANCE: NSA broke privacy rules thousands of times per year, audit finds (Washington Post, link) and see: Edward Snowden documents show NSA broke privacy rules (BBC News, link)
EU-USA: DATA SURVEILLANCE: Ally and Target: US Intelligence Watches Germany Closely (Spiegel Online, link): "German intelligence services cooperate closely with the NSA, but the country is also a target of US surveillance, as a document seen by SPIEGEL makes clear. The spy software XKeyscore is operated from a facility in Hesse, with some of the results landing on President Obama's desk."
Council of Europe: Parliamentary Assembly: Resolution: Call for an Inquiry into: Massive Eavesdropping in Europe (pdf)
USA: DATA SURVEILLANCE: Administration: White Paper: Bulk collection of telephony metadata under Section 215 of the USA Patriot Act (9-8-13, (pdf)
EU-USA: DATA SURVEILLANCE: After PRISM : 181 NGOs ask for less surveillance and improved data protection standards..new global standards (EASFJ, link): International Principles on the Application of Human Rights to Communications Surveillance
EU-USA: DATA SURVEILLANCE: US National Security Agency 'is surveillance leviathan' (BBC News, link): "Papers that said a US spying programme "touches" 1.6% of internet traffic in fact reveal the vast scale of snooping, a senior security researcher has said. Officials played down the scale of the operation, comparing US data collection to a small coin on a basketball court. But Caspar Bowden told the BBC that the National Security Agency (NSA) was a "surveillance leviathan" with no protection for non-US residents."
EU-USA: DATA SURVEILLANCE: FBI Taps Hacker Tactics to Spy on Suspects - Law-Enforcement Officials Expand Use of Tools Such as Spyware as People Under Investigation 'Go Dark,' Evading Wiretaps (Wall Street Journal, link)
USA: DATA SURVEILLANCE: NSA loophole allows warrantless search for US citizens' emails and phone calls - Exclusive: Spy agency has secret backdoor permission to search databases for individual Americans' communications (Guardian, link)
EU: DATA SURVEILLANCE: Mandatory Data Retention: European Commission: DG Home: Evidence for necessity of data retention in the EU (March 2013) (pdf), Evaluation report on the Data Retention Directive (Directive 2006/24/EC) (18-4-11, pdf) and Commission's Experts' Group Electronic Data Retention (link). The Commission Briefing states that "there are over two million requests per year for retained data" in the EU (p7) - in 2012 the UK alone made 570,135 requests to service providers (Annual Report of Interception of Communication Commissioner). The communications data held by service providers for law enforcement agencies covers: fixed and mobile phones (and location), source data and IP addresses - this is better known as "metadata" and the recent revelations on EU-USA data surveillance has demonstrated how "metadata" can generate a highly detailed picture of a person's life and contacts.
The Briefing criticises "certain NGOs" (eg: vorratsdatenspeicherung) on the basis that criminal investigations are based on several sources of evidence of which mandatory data retention is only one. However, it should be the responsilbitity of each EU Member State to provide aggregate statistics showing 1) the total number of communications data requests 2) the number of people charged and 3) the number of people convicted where communications data has been used. See, for example: USA Wire-tap report (links)
EU-USA: DATA SURVEILLANCE: NSA Said to Search Content of Messages to and From U.S.(New York Times, link): " The National Security Agency is searching the contents of vast amounts of Americans’ e-mail and text communications into and out of the country, hunting for people who mention information about foreigners under surveillance, according to intelligence officials."
EU-USA: DATA SURVEILLANCE: Privacy International to challenge telecoms firms over GCHQ cooperation - Vodafone and BT are among the companies questioned about their compliance with intelligence gathering (Guardian, link).
EU-USA: DATA SURVEILLANCE: FBI pressures Internet providers to install surveillance software: CNET has learned the FBI has developed custom "port reader" software to intercept Internet metadata in real time. And, in some cases, it wants to force Internet providers to use the software (link)
US directs agents to cover up program used to investigate Americans (Reuters, link)
EU-USA: DATA SURVEILLANCE: EU needs 'German standards' on data privacy (euobserver, link)
EU-USA: DATA SURVEILLANCE: In wake of leaks, US intelligence pulls back the curtain on metadata collection - Highest US intel official declassifies three previously top-secret documents.(ars technica, link) and see: You may already be a winner in NSA’s “three-degrees” surveillance sweepstakes! NSA's probes could cover hundreds of millions of Americans (link)
EU-USA: DATA SURVEILLANCE: 'The NSA Benefits': Mass Data Transfers from Germany Aid US Surveillance (Spiegel Online, link): "German intelligence sends massive amounts of intercepted data to the NSA, according to documents from whistleblower Edward Snowden, which SPIEGEL has seen. The trans-Atlantic cooperation on technical matters is also much closer than first thought."
EU-USA: DATA SURVEILLANCE: Seven telcos named as providing fiber optic cable access to UK spies - New Snowden leaks show Verizon, Vodafone, and BT share direct data (ars technica, link) and see: Who's watching GCHQ? Proper oversight of Britain's secret listening agency is lacking – and that should worry us all (Guardian, link)
UK-GCHQ-USA: Exclusive: NSA pays £100m in secret funding for GCHQ (Guardian, link)
• Secret payments revealed in leaks by Edward Snowden
• GCHQ expected to 'pull its weight' for Americans
• Weaker regulation of British spies 'a selling point' for NSA
More detail in: GCHQ: inside the top secret world of Britain's biggest spy agency (Guardian, link)
Files leaked by Edward Snowden reveal how the NSA pays for and influences some of the UK's intelligence gathering programmes. The documents also give unique insights into the challenges faced by the agency and the concerns it has about how to tackle them.
EU-USA: DATA SURVEILLANCE: XKeyscore: NSA tool collects 'nearly everything a user does on the internet' (Guardian, link)
• XKeyscore gives 'widest-reaching' collection of online data
• NSA analysts require no prior authorization for searches
• Sweeps up emails, social media activity and browsing history
See: XKeyscore presentation (pdf) "Top Secret" and addressed to the 1946 UKUSA agreement which involves: USA, Canada, Australia, New Zealand and UK
and: NSA Chief Heckled At BlackHat As Agency Defends XKeyscore: Alexander fends off attacks from BlackHat audience member (Techweek Europe, link)
EU-USA: DATA SURVEILLANCE: Council Presidency: Presidency statement on outcome of discussions on EU–US working group (pdf)
EU-USA: DATA SURVEILLANCE: New Report Calls for Transparency from Governments and Telecommunications Companies (Global Network Initiative, link) The Report: Opening the lines: A Call for Transparency from Governments and Telecommunications Companies (link, pdf)
IRELAND: State agencies target Irish phone and internet records - Up to 10,000 requests for information made annually in Ireland – compared with just 326 for Austria (Irish Times, (link): "Irish authorities made 27 times as many requests for people’s stored phone and internet use data compared to law enforcement agencies in comparably sized Austria, according to submissions to the European Court of Justice (ECJ) in Luxembourg."
See also: Data retention might not be proportional to risks (Internet Policy Review, link) on this case.
USA: DATA SURVEILLANCE: NSA surveillance: narrow defeat for amendment to restrict data collection - First major challenge to NSA's bulk collection of phone records defeated by only 217 votes to 205 in House of Representatives (Guardian, link)
EU-USA: DATA SURVEILLANCE: Edward Snowden's fear of flying is justified - Snowden is a refugee, not a spy. But America has history when it comes to forcing down planes in defiance of international law (Guardian, link)
EU-USA: DATA SURVEILLANCE: EP Inquiry: Letter from Martin Schulz, MEP, President of the European Parliament to the Council Presidency (pdf): Asking how the European Parliament is going to be informed on the meetings taking place between the EU and the USA.
GERMANY-USA: DATA SURVEILLANCE: 'Key Partners': The Secret Link Between Germany and the NSA (Spiegel Online, link): "Chancellor Angela Merkel has repeatedly said she knew nothing about American surveillance activities in Germany. But documents seen by SPIEGEL show that German intelligence cooperates closely with the NSA and even uses spy software provided by the US"
EU-USA: EU questions decade-old US data agreement (euobserver, link): "The European Commission is casting doubts on a 13-year old data sharing agreement with the United States. EU justice commissioner Viviane Reding on Friday (19 July) told reporters in Lithuania’s capital Vilnius her services will be reviewing the so-called Safe Harbor Agreement."
EU-USA: DATA SURVEILLANCE: Extract from the Minutes of the 4 July 2013 meeting of COREPER II: EU-US High Level expert group on security and data protection (pdf): COREPER is the Council of the European Union's Committee of permanent Brussels-based representatives of the 28 EU Member States.
EU-USA: DATA SURVEILLANCE: Facebook, Skype challenged in EU over spy affair (euobserver, link): " A group of Austrians, led by law student Max Schrems, has challenged the EU-based subsidiaries of Apple, Facebook, Microsoft, Skype and Yahoo on data privacy following revelations that they allowed US intelligence services to search to Europeans' data."
UK-USA: DATA SURVEILLANCE: Statement from the Intelligence and Security Committee clears GCHQ on use of PRISM: Statement on GCHQ’s Alleged Interception of Communications under the US PRISM Programme (pdf): "It has been alleged that GCHQ circumvented UK law by using the NSA’s PRISM programme to access the content of private communications. From the evidence we have seen, we have concluded that this is unfounded." and: Inquiry into snooping laws as committee clears GCHQ: Intelligence and security committee also confirms GCHQ's use of NSA Prism surveillance material for first time (Guardian, link)
See also: Intelligence and Security Committee of Parliament: Annual Report 2012–2013 (pdf). As usual this is peppered with *** (censored sections). The report does draw attention to a little publicised fact that: "The Security Service continues to work closely with the police, and has a network of regional stations ***." In 2011 MI5 set up eight new regional stations - around a quarter of MI5's 4,000+ officers are based in the regions.
EU-USA: DATA SURVEILLANCE: The PRISM scandal gets bigger (EDRI, link)
EU-USA: DATA SURVEILLANCE: The Power of Britain's Data Vacuum (Spiegel Online, link)
EU-USA: DATA SURVEILLANCE: Merkel calls for EU data protection law after US spy affair (euobserver, link) and Prism case prompts Merkel to seek tougher EU data protection laws (euractiv, link) and see:
EU-USA: DATA SURVEILLANCE: IRELAND: High Court Refuses Provisional Arrest Warrant for Edward Snowden: What Next? (Human Rights in Ireland, link): The USA’s application for provisional arrest to Ireland is dated 5 July - three days after Morales' jet forced to land.
EU-USA: DATA SURVEILLANCE: Guardian report: Revealed: how Microsoft handed the NSA access to encrypted messages (link)
Microsoft has collaborated closely with US intelligence services to allow users' communications to be intercepted, including helping the National Security Agency to circumvent the company's own encryption, according to top-secret documents obtained by the Guardian...The documents show that:
• Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal;
• The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail;
• The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide;
• Microsoft also worked with the FBI's Data Intercept Unit to "understand" potential issues with a feature in Outlook.com that allows users to create email aliases;
• In July last year, nine months after Microsoft bought Skype, the NSA boasted that a new capability had tripled the amount of Skype video calls being collected through Prism;
• Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the program as a "team sport".
EU-USA: DATA SURVEILLANCE: European Parliament: Civil Liberties Committee MEPs agree on surveillance inquiry's next steps (link)
The European Parliament inquiry into alleged spying by the US and EU countries will hold hearings with their authorities, legal and IT experts, NGOs, data protection authorities, national parliaments following this issue and private firms involved in data transfers, the Civil Liberties Committee decided on Wednesday. The first hearing takes place on 5 September.
EU-USA: DATA SURVEILLANCE: Congressional Research Service report: NSA Surveillance Leaks: Background and Issues for Congress (2 July 2013, pdf)
Recent attention concerning National Security Agency (NSA) surveillance pertains to unauthorized disclosures of two different intelligence collection programs. Since these programs were publicly disclosed over the course of two days in June, there has been confusion about what information is being collected and what authorities the NSA is acting under. This report clarifies the differences between the two programs and identifies potential issues that may help Members of Congress assess legislative proposals pertaining to NSA surveillance authorities.
EU-USA: DATA SURVEILLANCE: Federal Judge Allows Electronic Frontier Foundation's NSA Mass Spying Case to Proceed (link) Why “we only spy on foreigners” doesn’t work any more for the NSA (Washington Post, link)
EU-USA: DATA SURVEILLANCE: EU-US counter-terrorism pacts at risk over snooping affair (euobserver, link) and Snowden Claims: NSA Ties Put German Intelligence in Tight Spot (Spiegel Online, link)
EU-USA: DATA SURVEILLANCE: US attempts to block Edward Snowden are 'bolstering' case for asylum - As Venezuela and Nicaragua offer help to whistleblower, experts say US actions are strengthening his case for safe haven (The Observer, link)
And see: The NSA/GCHQ metadata reassurances are breathtakingly cynical - The public is being told that the NSA and GCHQ have 'only' been collecting metadata, not content. That's nothing to be thankful for (The Observer, link), Me and my metadata - thoughts on online surveillance (link) and Betrayed by our own data: Mobile phones are tracking devices that reveal much about our lives. One look at our interactive map of data provided by the Green party politician Malte Spitz shows why (link)
EU-USA: DATA SURVEILLANCE: NSA leaks: UK blocks crucial espionage talks between US and Europe - First talks to soothe transatlantic tensions to be restricted to data privacy and Prism programme after Britain and Sweden's veto (Guardian, link)
"While Grybauskaite [Lithuanian Council Presidency] said on Thursday that the Europeans wanted to hold two separate sets of talks with the U.S., just a day later she said one was dropped, along with European Commission President Jose Manuel Barroso. “Intelligence matters and those of national security are not the competence of the EU,” Barroso said." (Activist Post, link)
Tony Bunyan, Statewatch Director, observes: "Instead of creating two EU-USA working groups as promised, the UK and Sweden veto means there will only be one working group on PRISM and data protection. The working group that has been vetoed would have covered intelligence and espionage collection and usage - the role of the USA's NSA and UK's GCHQ gathering all forms of communications not just between EU governments but also those of individuals and groups "of interest to the state" in Europe and the rest of the world.."
EU-USA: DATA SURVEILLANCE: Venezuela and Nicaragua make Snowden asylum offers (BBC News, link)
EU-USA: DATA SURVEILLANCE: European NGO statement: European Center for Constitutional and Human Rights, the Transnational Institute and the European Association of Lawyers for Democracy & World Human Rights: Grounding of Bolivian presidential jet in attempt to render whistleblower shames European Union (pdf):
"The refusal of entry into their airspace by European states for the Bolivian presidential jet on the basis of suspicions that Edward Snowden was on board was an astonishing manoeuvre that flies in the face of the EU’s commitment to democracy, human rights and international law.
The potential damage that this action does to both the reputation of the European Union and respect for international law within and beyond its borders cannot be understated. The forcing down and searching the Bolivian President’s jet was a clear breach of fundamental principles of diplomatic immunity and inviolability. Such principles are the bedrock of good international relations and customary international law."
EU-USA: DATA SURVEILLANCE: MEPs slam US snooping, amid revelations France does the same (euobserver, link)
- MEPs to set up US spy scandal inquiry (The Parliament, link)
- Kroes: Spy scandal could harm US Cloud firms (euobserver, link)
- Latin American leaders slam US, EU on Morales flight (euobserver, link)
- John Pilger: Forcing down Evo Morales's plane was an act of air piracy: Denying the Bolivian president air space was a metaphor for the gangsterism that now rules the world (Guardian, link)
- In English : Revelations on the French Big Brother (Société, link)
Updated: EU-USA: DATA SURVEILLANCE: European Parliament: Parliament to launch in-depth inquiry into US surveillance programmes (pdf) The resolution, approved by 483 votes to 98 with 65 abstentions. The Resolution (pdf)
European Parliament: Letter from the Chair of the Civil Liberties Committee (LIBE) requesting the setting up of an EP inquiry (pdf) and for plenary session vote on Thursday with amendments to be discussed: Joint Motion for a Resolution: on the US National Security Agency surveillance programme, surveillance bodies in various Member States and their impact on EU citizens’ privacy (pdf) And see: TAFTA: Illegitimate EU-US Agreement Will Begin Under Total US Surveillance (La Quadrature du net, link)
CoE: Parliamentary Assembly (PACE): European Parliamentarians OK Whistleblower Resolution (Freedominfo.org, link). See also: PACE committee calls for protection of ‘whistleblowers’ who reveal state wrongdoing (Press release, pdf) and National Security and Access to Information (pdf)
UK-ECUADOR: SURVEILLANCE: Snowden row intensifies as hidden bug found in Ecuador's embassy - Ecuadorean minister threatens to reveal perpetrators after device discovered during meeting over Assange (Guardian, link)
EU-USA: DATA SURVEILLANCE: Bolivian President: "“kidnapped by imperialism” in Europe"
"According to media reports, France, Spain, Italy and Portugal .. denied his plane the right to fly over their airspace." : EU states ground Bolivian leader's plane in Snowden affair (euobserver, link):
"Saavedrd said he considered the whole fiasco as a hostile act perpetrated by the United States which uses EU governments as proxies." [Bolivian Defence Minister] and "Bolivia's vice president, Alvaro Garcia, went further. He said Morales had been “kidnapped by imperialism” in Europe."
- Bolivians bitter as Snowden stand-off triggers 'hostile act' (CQ News, link): "Just days after the US President’s claim that he would not ‘‘be scrambling jets to get a 29-year-old hacker’’, the Obama administration was accused of doing precisely that."
EU-USA: DATA SURVEILLANCE European Parliament to launch enquiry into US eavesdropping (euractiv, link):
"The European Parliament on Thursday (4 July) plans to establish a special committee to investigate reports that an American spy agency monitored phone calls and e-mails of EU institutions and some member states."
EU-USA: DATA SURVEILLANCE: A blast from the past: ECHELON report and follow up: 1999 (pdf)
EU:-USA: DATA SURVEILLANCE: Barroso orders security sweep after allegations of US spying (European Voice, link) and EU data bill is likely target of NSA snoops (euobserver, link) also Statement by the spokespersons of the President of the European Council Herman Van Rompuy on the press reports of US surveillance of EU premises (link)
EU-USA: DATA SURVEILLANCE: The Washington Post publishes new documents on PRISM: NSA slides explain the PRISM data-collection program (link). And see: U.S., British intelligence mining data from nine U.S. Internet companies in broad secret program (Washington Post, link)
EU-USA: DATA SURVEILLANCE: New NSA leaks show how US is bugging its European allies - Exclusive: Edward Snowden papers reveal 38 targets including EU, France and Italy (Guardian, link) See also: Press release: Statement by EU High Representative Catherine Ashton on the alleged surveillance of EU premises (pdf), EU-US relations at risk after new bugging scandal (euobserver, link) and EU calls for US wiretapping to ‘stop immediately’ (euractiv, link)
This is not the first time this has happened, do you remember this from 2003: Telephone lines in EU Council building tapped (euobserver, link)
Consortium News.org: How to Thwart Internet Spying (link)
Attacks from America: NSA Spied on European Union Offices (Der Spiegel, link) and 'Out of Control': Europe Furious over NSA Spying on EU Facilities (link)
Documents obtained by the German magazine Der Spiegel from whistleblower Edward Snowden show that the USA's NSA has been spying on the diplomatic missions of the EU at the UN in New York and and its offices in Washington. This involved placing bugs in their offices and intercepting its computer networks. The NSA was able to listen in to discussion as well as getting access to emails and documents.
The documents also show that just over five years ago the NSA conducted an electronic eavesdropping operation in the Council of the European Union's Justis Lipsius headquarters in Rue de la Loi.
and Key US-EU trade pact under threat after more NSA spying allegations: Reports in Der Spiegel that US agencies bugged European council building 'reminiscent of cold war', says German minister (Guardian, link)
EU-USA: DATA SURVEILLANCE: For those that missed here are three three original leaks by Snowden: Top Secret: Exhibit A (pdf), Secret: Exhibit B (pdf) and Secret: Certification Order (pdf) and European Parliament: Schulz on alleged bugging of EU office by the US authorities (link)
UK: SPYING ON THE EU: Germany blasts Britain over GCHQ's secret cable trawl: Minister questions legality of mass tapping of calls and internet and demands to know extent to which Germans were targeted (Guardian, link)
EU-USA-UK: DATA SURVEILLANCE: GCHQ taps fibre-optic cables for secret access to world's communications: Exclusive: British spy agency collects and stores vast quantities of global email messages, Facebook posts, internet histories and calls, and shares them with NSA (Guardian, link) and:
EU-USA: DATA SURVEILLANCE: A WORD TO THE WISE: Why NSA surveillance is a threat to British doctors and lawyers: Professionals using cloud services will have to guard against the danger of patients and clients being snooped on (Guardian, link)
EU-USA: DATA SURVEILLANCE: MEPs reactions: Jan Albrecht - Sarah Ludford - Sylvie Guillaume
Justice Commissioner Reding has indicated to the European Parliament that she would not object if the parliament were to reinstate of Article 42 (which was removed from the draft Commission proposal by US lobbying) and would require authorisation in every instance where the communications of an EU citizen were requested by US agencies from service providers based in the USA: See: US spy scandal prompts redraft of EU data bill (euobserver, link). If the parliament were to adopt this position we would see a "battle royale" between it and the Council (EU governments) and other Commissioners and Directorate-Generals who are susceptible to USA pressure.
EU-USA: DATA SURVEILLANCE: US spy scandal prompts redraft of EU data bill (euobserver, link). See: Commission's draft proposal for the new Regulation on data protection (pdf) and overt lobbying by the US officials against Article 42 including the submission of an Informal Note on Draft EU General Data Protection Regulation (December 2011) (pdf) from the USA. And: final, adopted an published, version: Proposal for a Regulation on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) (25 January 2012, pdf)
EU-USA: DATA SURVEILLANCE: European Parliament: PRISM: EU citizens' data must be properly protected against US surveillance (Press release, link) and Sarah Ludford MEP press release: PRISM and data protection: Commissioner's answers inadequate (pdf)
EU-USA: DATA SURVEILLANCE: EU Parliament in push to limit U.S. data access (Reuters, link) and Britain's response to the NSA story? Back off and shut up - Snowden's revelations are causing outrage in the US. In the UK, Hague deploys a police-state defence and the media is silenced (Guardian, link)
The Spanish Police might use spying Trojans on individuals’ computers (EDRIgram, link)
US-UK: DATA SURVEILLANCE: MoD serves news outlets with D notice over surveillance leaks - BBC and other media groups issued with D notice to limit publication of information that could 'jeopardise national security' (Guardian, link)
"reading people's email before/as they do": GCHQ intercepted foreign politicians' communications at G20 summits: Exclusive: phones were monitored and fake internet cafes set up to gather information from allies in London in 2009 (Guardian, link)
"One document refers to a tactic which was "used a lot in recent UK conference, eg G20". The tactic, which is identified by an internal codeword which the Guardian is not revealing, is defined in an internal glossary as "active collection against an email account that acquires mail messages without removing them from the remote server". A PowerPoint slide explains that this means "reading people's email before/as they do".[emphasis added]
Tony Bunyan, Statewatch Director, comments: "These revelations come as no surprise to those who have tracked US-UK intelligence-gathering since the 1946 UKUSA agreement setting up global cooperation between the NSA and GCHQ. Intercepts by GCHQ are routinely forwarded to the Cabinet Office and then onto Ministries like the Foreign Office and have always given UK Ministers and officials the inside track in EU and international negotiations. Secondly, this confirms that a technological capacity of "reading people's email before/as they do" can be used not only to spy on other governments but also on organisations and individuals in civil society."
Background: UK-USA: National Archive publishes details of the 1946 UKUSA agreement for first time (Statewatch database)
US defends spy programme to sceptical EU (euobserver, link)
EU-USA: DATA SURVEILLANCE: How the USA changed the Commission's draft proposal for the new Regulation on EU data protection before it was formally adopted in January 2012 so as not to stand in the way of FISA/PRISM surveillance of the EU: The Financial Times reported on 12 June 2013, that due to US pressure and high-level lobbying, the Commission's draft proposal for the new Regulation on data protection (pdf), sent out for inter-service consultation in December 2011, was amended by deleting Article 42. Article 42 would have been effectively an "anti-FISA clause" (the USA's Foreign Intelligence Surveillance Act) and was deleted, after lobbying, by the full college of Commissioners as this would have led to major conflicts with the USA because most data servers of internet companies holding data on EU citizens are based in the USA. The Financial Times quotes a EU official as saying: "White House officials were making the rounds here and especially targeting Commissioners who have close relationships to the US to get them to remove Article 42" (in the draft proposal).
This volte-face by the Commission followed overt lobbying by the US officials including the submission of an Informal Note on Draft EU General Data Protection Regulation (December 2011) (pdf) from the USA and (put online at the time by Statewatch) which led to negative opinions being expressed by a number of Commission DGs.
The US Note says that Article 42 would impede and hinder law enforcement cooperation because "provision should be made to prohibit a controller or processor to directly dispose personal data to requesting third countries, unless authorised to do so by a supervisory authority [eg: a member state data protection authority... the draft regulation would effectively undermine international cooperation" - the "international cooperation" referred to is, of course, a one-way street whereby the USA reserves to itself to right to put under surveillance anyone in the EU or the world.
The final, adopted an published, version: Proposal for a Regulation on the protection of individuals with regard to the processing of personal data and on
the free movement of such data (General Data Protection Regulation) (25 January 2012, pdf)
EU-USA: DATA SURVEILLANCE: Spies Without Borders I: Using Domestic Networks to Spy on the World (EFFI, link) and International Customers: It's Time to Call on US Internet Companies to Demand Accountability and Transparency (EFFI, link)
EU-USA: DATA SURVEILLANCE: EU Commissioner Reding's letter to the US Attorney-General (full-text, pdf) See below for background. Poses seven questions and opens with:
"I have serious concerns about recent media reports that United States authorities are accessing and processing, on a large scale, the data of European Union citizens using major US online service providers. Programmes such as PRISM and the laws on the basis of which such programmes are authorised could have grave adverse consequences for the fundamental rights of EU citizens."
EU-USA: DATA SURVEILLANCE: Council of Europe statement: Declaration of the Committee of Ministers on Risks to Fundamental Rights stemming from Digital Tracking and other Surveillance Technologies (pdf) Opens with the following:
"Data processing in the information society which is carried out without the necessary safeguards and security can raise major human rights related concerns. Legislation allowing broad surveillance of citizens can be found contrary to the right to respect of private life. These capabilities and practices can have a chilling effect on citizen participation in social, cultural and political life and, in the longer term, could have damaging effects on democracy. They can also undermine the confidentiality rights associated to certain professions, such as the protection of journalists’ sources, and even threaten the safety of the persons concerned. More generally, they can endanger the exercise of freedom of expression and the right to receive and impart information protected under Article 10 of the European Convention on Human Rights"
and among its Recommendations it: "encourages member States to bear these risks in mind in their bilateral discussions with third countries, and, where necessary, consider the introduction of suitable export controls to prevent the misuse of technology to undermine those standards"
USA-EU: DATA SURVEILLANCE: Europe warns US: you must respect the privacy of our citizens: EU officials demand answers on what data snooping programmes entail and whether they breach human rights (Guardian, link), US spy scandal widens as MEPs and MPs seek answers (euobserver, link) and Parliament expresses anger over US data scandal (euractiv, link)
USA: DATA SURVEILLANCE: ACLU Files Lawsuit Challenging NSA's Patriot Act Phone Surveillance (ACLU, link): The ACLU are taking a court action against the PRISM surveillance system which is authorised under the Patriot Act Section 215 using a FISA Order (Foreign Intelligence Surveillance Act). PRISM collects personal information from users of Skype, Facebook, Google, Microsoft etc from inside and outside the USA (described as "customers" of US-based internet services).
See also: What's in the rest of the top-secret NSA PowerPoint deck? (Wired): refers to fact that only 5 of the 41 pages handed over to the press by Edward Snowden have so far been published. and Spy court urged to unmask legal basis for NSA dragnet phone surveillance (Wired)
EU-USA: DATA SURVEILLANCE: Edward Snowden: saving us from the United Stasi of America: Snowden's whistleblowing gives us a chance to roll back what is tantamount to an 'executive coup' against the US constitution (Guardian, link): Daniel Ellsberg:
"In my estimation, there has not been in American history a more important leak than Edward Snowden's release of NSA material – and that definitely includes the Pentagon Papers 40 years ago. Snowden's whistleblowing gives us the possibility to roll back a key part of what has amounted to an "executive coup" against the US constitution."
The European Parliament plenary session this morning (11 June) is discussing: "US Internet surveillance of EU citizens (NSA PRISM programme): Commission statement": EU to seek privacy guarantees from US after intel scandal (link)
- Spy scandal to impact talks on EU-US data treaty (euobserver, link)
- US data surveillance worries German expert (DW, link) article by Thilo Weichert
- Time for Europe to stop being complicit in NSA's crimes (New Europe, link)
- US data scandal deepens EU-US divide on privacy (euractiv, link)
- US scandal shows EU needs 'highest standards' on data privacy (Public Service Europe, link)
EU: Reactions to exposures on PRISM and Boundless Informant
CZECH REPUBLIC: Prague to protest if US monitoring of Internet is confirmed (Prague Daily Monitor)
EU: US data scandal deepens EU-US divide on privacy (EurActiv); PRISM makes trade deal a mission impossible (Presseurop)
GERMANY: Germany’s Merkel, concerned about US surveillance, will discuss with Obama (Epoch Times);
Germany most snooped country by US (euobserver)
NETHERLANDS: Dutch security service has received information via PRISM Telegraaf and Dutch privacy watchdog wants answers on US data mining (Dutch News) and Bits of Freedom: Dutch spooks must stop use of PRISM (link)
Belgium: Ook Staatsveiligheid krijgt informatie uit Prism (link)
A lesson from history for those who strive to bring intelligence agencies to account (The Privacy Surgeon)
Boundless Informant: the NSA's secret tool to track global surveillance data: Revealed: The NSA's powerful tool for cataloguing global surveillance data – including figures on US collection (Guardian, link). And see: Boundless Informant NSA data-mining tool – four key slides (link) and Boundless Informant: NSA explainer – full document text (link)
US spy chief Clapper defends Prism and phone surveillance (BBC News, link): "While admitting the government collected communications from internet firms, he said the policy only targets "non-US persons", So that's OK is it? comments Tony Bunyan, Statewatch Director. And: NSA taps in to systems of Google, Facebook, Apple and others, secret files reveal (Guardian, link)
See also: USA: NSA collecting phone records of millions daily, court order reveals Guardian (link) Exclusive: Top secret court order requiring Verizon to hand over all call data shows scale of domestic surveillance under Obama. And Verizon court order (link) and NSA spying revelations leaves Europe silent (New Europe, link)
USA: NSA collecting phone records of millions daily, court order reveals Guardian (link) Exclusive: Top secret court order requiring Verizon to hand over all call data shows scale of domestic surveillance under Obama. And Verizon court order (link)
Spotted an error? If you've spotted a problem with this page, just click once to let us know.
Statewatch does not have a corporate view, nor does it seek to create one, the views expressed are those of the author. Statewatch is not responsible for the content of external websites and inclusion of a link does not constitute an endorsement. Registered UK charity number: 1154784. Registered UK company number: 08480724. Registered company name: The Libertarian Research & Education Trust. Registered office: MayDay Rooms, 88 Fleet Street, London EC4Y 1DH. © Statewatch ISSN 1756-851X. Personal usage as private individuals "fair dealing" is allowed. We also welcome links to material on our site. Usage by those working for organisations is allowed only if the organisation holds an appropriate licence from the relevant reprographic rights organisation (eg: Copyright Licensing Agency in the UK) with such usage being subject to the terms and conditions of that licence and to local copyright law.