Surveillance in the UK and the USA: commonalities and differences

In one of those fortuitous instances of synchronicity, there are two stories today that illustrate some of both the commonalities and the differences between state surveillance practices and regulation in the UK and the USA.

In the UK, The Guardian has revealed that the Surveillance Commissioner (a separate office to the Information Commissioner) has been very critical behind the scenes, as the Lords Committee was in public, of the uses to which the Regulation of Investigatory Powers Act (2000) (RIPA) has been put, not this time by local government, but by national ministries like the Department for Environment, Food and Rural Affairs (DEFRA) and agencies, including Ofcom (the broaadcast and communications regulator) and the Charities Commission. DEFRA came in for a particular telling-off over its spying on fishermen. The chief commissioner, Sir Christopher Rose found generalised lax practice, a lack of proper justification for and proportionality in the used of RIPA, and little training or accountability. In short, RIPA is being used because the powers exist not because there is any pressing justification to use surveillance in this manner – the used of surveillance has expanded because it is available.

It is very interesting that The Guardian had to discover all this through Freedom of Information Act (FOIA) requests, and that the Surveillance Commissioner had not put all of this in the public domain as a matter of course. It highlights for me, once again, the clear difference in attitude and regulatory practice between him and the open, accountable, and active Information Commissioner’s Office (ICO). It confirms my view that we would be much better off if the Surveillance Commissioner’s work was absorbed into the ICO.

In the USA, it is to lawyers that people immediately turn if some bad practice is suspected on behalf of the government. The Los Angeles Times reports that on Friday, the US government lost the case it had been bringing to try to stop an Islamic charity based in Oregon from suing them over what they claim were illegal wiretapping operations targeted at them. The case stems from the Bush administration’s attempts to bypass what were already very weak regulations governing the surveillance of American citizens which were introduced in the Foreign Intelligence Surveillance Act (1978) (FISA) and recently amended in the Protect America Act (2007). Requests are supposed to go to the Foreign Intelligence Surveillance Court (FISC) which meets in secret and does not have to publish its rulings and so far as we know, has never turned down a request – so it is somewhat mystifying except as a matter of speed and convenience that the Bush administration did bypass the court.

Now the Obama administration is (shamefully) defending the actions of his predecessor. This is not entirely surprising. Intelligence is one area of continuity between governments: it is what Peter Gill called the ‘secret state’, a core that remains constant regardless of changes of administration. Nixon and Bush were both stupid enough to get caught, but the NSA, CIA and FBI are continually looking for different ways to get around domestic regulations on surveillance. Political devices like the UKUSA agreement served this purpose for many years – whereby Canadian and British intelligence services would collect SIGINT on Americans and supply it to the NSA and vice-versa. But GCHQ and others just don’t have the capabilities to carry out the amount of monitoring that now goes on. It’s been the reality for many years now that the NSA in particular does spy on Americans. Again, they have the capabilities so those capabilities are used.

Of course, unlike in the UK, we are talking about the threat of terrorism not anglers catching one-too-many fish; that really does say something about the petty bureaucracy that characterises the UK! However RIPA was also justified originally with reference to terrorism and serious and organised crime. Anyway, the ruling in the Oregon case clearly states that state secrets privilege was not enough to justify warrantless surveillance of suspects, whatever they had allegedly done. It seems that at least is one point of hope that the USA and the UK have in common. Let’s see where these situations now lead in each country…

More details of illegal NSA wiretap program revealed

The Online Jounal has published a piece by ex-NSA operative and perennial thorn in the side of the organisation, Wayne Madsen, which gives far more detail of the system of illegal wiretapping of e-mails, in operation over recent years.

According to Madsen, two NSA programs for text interception are known to exist, one called PINWALE, which mainly targets Russian e-mails, and secondly the STELLAR WIND program, which “was initiated by the George W. Bush administration with the cooperation of major U.S. telecommunications carriers, including AT&T and Verizon.” and “was a major priority of the NSA program”.

Madesen gives details of how PINWALE and there’s little reason to suppose that STELLAR WIND is very different. Basically these programs search a range of ‘metadatabases’, repositories of captured text from millions of people around the world, outside and inside the USA. The search parameters include: “date-time, group, natural language, IP address, sender and recipients, operating system, and other information embedded in the header”.

Madesen claims that both STELLAR WIND and PINWALE “negated both USSID 18 and the Foreign Intelligence Surveillance Act of 1978 [which were introduced following the Church Committee report into illegal operations by the NSA in the 1960s and early 1970s] by permitting NSA analysts to read the e-mails, faxes, and text messages of U.S. persons”

The three metadatabases are called LION HEART, LION ROAR, and LION FUSION and were developed, as with many NSA systems in conjunction with an external contractor, in this case, Booz Allen Hamilton, which Madsen previously revealed was also responsible for FIRSTFRUITS, program used to track the articles, and communications of particular journalists.

There’s more detail in the article, and one other thing is certain. All these exotic codenames will now be history, as all intelligence agencies have a policy of changing them once they are revealed. Journalists still talk about ECHELON as if it exists as an active NSA operation, but that one hasn’t existed under that name for twenty years or more. There are a huge diversity of NSA programs for all kinds of communications interception and sorting. Each component will have its own terminology and many will be temporary parts of a greater whole, which may not even exist by the time they are revealed. At least former insiders like Madsen can keep some track of developments…

An aerial view of the NSA's station at Yakima in Washington State (Cryptome)
An aerial view of the NSA's station at Yakima in Washington State (Cryptome)

“Harpooning fish from an airplane”: NSA surveillance of US citizens

If the NSA can put this down to a period of bad leadership and bad policy, it might be allowed to get on with what it does relatively unhindered in the Obama era.

Boingboing has a link to a ten-miunte long MSNBC inerview with Russell Tice, an ex-National Security Agency (NSA) employee who is the latest in the long line of NSA whistleblowers after the likes of Wayne Madsen and Magaret Newsham. Tice’s revelations concern the NSA’s monitoring of internal communications in the USA after 9/11. According to Tice, the NSA both swept all US communications and also targeted specific groups, including journalists, for more comprehensive collection.

I have no idea how genuine Tice is and in many ways, despite the occasional choice phrase to describe SIGINT operations like the one with which I titled this post, he is a lot less interesting than Madsen or Newsham in that he’s not really telling us anything we didn’t know already. There is also a rather naive attitude from mainstream organisations like MSNBC that this is all down to the evil President Bush. This seems to suggest a lack of knowledge of history – do they really not remember the massive scandal over the very same use of watchlists by the NSA on behalf of the FBI in the 1960s? The huge inquiry led by Senator Frank Church in the 1970s? Can they continue to pretend that this is all totally new and that we can forget about ECHELON and the fact that this kind of surveillance is pervasive and systematic and becomes more so as technologies of collection, archiving and analysis improve? That is and always has been, what the NSA does in conjunction with its UKUSA network of largely subordinate allies and helpers (see this nice summary from Le Monde).

Of course this could be another explanation of Tice’s role, and the reason why he is being allowed to do the rounds of the newspapers and TV stations. Far from being simply a disaffected employee, he might be either a knowing or unknowing part of a media strategy by the NSA. If the NSA can put this down to a period of bad leadership and bad policy, it might be allowed to get on with what it does relatively unhindered in the Obama era. We shall see… or rather, we probably won’t!

NB: I wrote my PhD thesis on the networks of NSA-related bases around the world, including Menwith Hill, not far from where I live. It is worth checking out Cryptome’s Eyeball series of aerial views of NSA and other secret sites.

Fort George C. Meade, Maryland, Headquarters of the NSA
Fort George C. Meade, Maryland, Headquarters of the NSA