The Guardian has just reported new claims about GCHQ’s internet surveillance operations.
The article claims:
“One key innovation has been GCHQ’s ability to tap into and store huge volumes of data drawn from fibre-optic cables for up to 30 days so that it can be sifted and analysed. That operation, codenamed Tempora, has been running for some 18 months.
GCHQ and the NSA are consequently able to access and process vast quantities of communications between entirely innocent people, as well as targeted suspects.
This includes recordings of phone calls, the content of email messages, entries on Facebook and the history of any internet user’s access to websites – all of which is deemed legal, even though the warrant system was supposed to limit interception to a specified range of targets.”
Of course, GCHQ’s job is to spy on people, to listen to phone calls and protect us. However, as was discussed in Parliament last week, this operates under a strict regime and any interception is subject to a ministerial warrant. As the Foreign Secretary said:
“To intercept the content of any individual’s communications in the UK requires a warrant signed personally by me, the Home Secretary, or by another Secretary of State.
This is no casual process. Every decision is based on extensive legal and policy advice. Warrants are legally required to be necessary, proportionate and carefully targeted, and we judge them on that basis.”
If then, as the Guardian story claims, that large volumes of data – including content – are being scraped from fibre optic cables then this would have to be authorised by a Secretary of State’s warrant for every individual affected.
As this report notes, interception can be defined under the Regulation of Investigatory Powers Act as “an interception as carried out in the course of its transmission when (i) it is stored so that the recipient can access and collect it later31 and (ii) when the contents of the transmission are stored by the interceptor so as to make them available after the transmission (‘subsequently’).”
However, the Guardian has summarised potential legal loopholes that may significantly handicap the existing safeguards. The main point is that if a communication is “external” to the UK it can be collected under a RIPA certificate, rather than requiring an individual warrant. If two British people were to have a Facebook chat, for example, that chat is routed via Facebook outside the UK. The argument would then seem to be that GCHQ is intercepting it as it enters and leaves the UK, and as such is an “external” communication. We would take major issue with this legal interpretation, as whichever way you look at it the content of a message between two UK citizens is being intercepted without an explicit warrant from a Secretary of State. This is applying a law for landline telephones to the internet in a way that deliberately expands the amount of data that can be collected far beyond what was considered by Parliament.
Nick Pickles, director of Big Brother Watch, said: “This appears to be dangerously close to, if not exactly, the centralised database of all our internet communications, including some content, that successive Governments have ruled out and Parliament has never legislated for.
“Britain has a clear legal process in place to govern the interception of the content of communications and blanket interception is not a part of that system. If GCHQ have been intercepting huge numbers of innocent people’s communications as part of a massive sweeping exercise then I struggle to see how that squares with a process that requires a warrant for each individual intercept. This question must be urgently be addressed in Parliament.
“The fact GCHQ staff have been discussing how light the UK’s oversight regime is compared to the US highlights why we need a wholesale review of surveillance law, including the fact that there is absolutely no judicial process within the current system and the people making these decisions are able to hide in the shadows rather than face public scrutiny.”