In brief, new laws and executive orders have given uintelligence agencies in the U.S. and U.K. unprecedented powers to gather a near-infinite harvest of the digital traces of our lives.
And in the U.S., gleanings once accessible only to a handful of political, military, and diplomatic elites will now be open to a host of law enforcement agencies.
From the New York Times:
In its final days, the Obama administration has expanded the power of the National Security Agency to share globally intercepted personal communications with the government’s 16 other intelligence agencies before applying privacy protections.
The new rules significantly relax longstanding limits on what the N.S.A. may do with the information gathered by its most powerful surveillance operations, which are largely unregulated by American wiretapping laws. These include collecting satellite transmissions, phone calls and emails that cross network switches abroad, and messages between people abroad that cross domestic network switches.
The change means that far more officials will be searching through raw data. Essentially, the government is reducing the risk that the N.S.A. will fail to recognize that a piece of information would be valuable to another agency, but increasing the risk that officials will see private information about innocent people.
Attorney General Loretta E. Lynch signed the new rules, permitting the N.S.A. to disseminate “raw signals intelligence information,” on Jan. 3, after the director of national intelligence, James R. Clapper Jr., signed them on Dec. 15, according to a 23-page, largely declassified copy of the procedures.
Previously, the N.S.A. filtered information before sharing intercepted communications with another agency, like the C.I.A. or the intelligence branches of the F.B.I. and the Drug Enforcement Administration. The N.S.A.’s analysts passed on only information they deemed pertinent, screening out the identities of innocent people and irrelevant personal information.
More from the Intercept:
The change was in the works long before there was any expectation that someone like Trump might become president. The last-minute adoption of the procedures is one of many examples of the Obama administration making new executive powers established by the Bush administration permanent, on the assumption that the executive branch could be trusted to police itself.
Executive Order 12333, often referred to as “twelve triple-three,” has attracted less debate than congressional wiretapping laws, but serves as authorization for the NSA’s most massive surveillance programs — far more than the NSA’s other programs combined. Under 12333, the NSA taps phone and internet backbones throughout the world, records the phone calls of entire countries, vacuums up traffic from Google and Yahoo’s data centers overseas, and more.
In 2014, The Intercept revealed that the NSA uses 12333 as a legal basis for an internal NSA search engine that spans more than 850 billion phone and internet records and contains the unfiltered private information of millions of Americans.
In 2014, a former state department official described NSA surveillance under 12333 as a “universe of collection and storage” beyond what Congress has authorized.
And a Snooper’s Charter takes effect in the U.K.
It’s called the Investigatory Powers Act 2016, more familiarly known as the Snooper’s Charter [full text here].
The Guardian reported on the measure’s passage on 19 November:
A bill giving the UK intelligence agencies and police the most sweeping surveillance powers in the western world has passed into law with barely a whimper, meeting only token resistance over the past 12 months from inside parliament and barely any from outside.
The Investigatory Powers Act, passed on Thursday, legalises a whole range of tools for snooping and hacking by the security services unmatched by any other country in western Europe or even the US.
The security agencies and police began the year braced for at least some opposition, rehearsing arguments for the debate. In the end, faced with public apathy and an opposition in disarray, the government did not have to make a single substantial concession to the privacy lobby.
US whistleblower Edward Snowden tweeted: “The UK has just legalised the most extreme surveillance in the history of western democracy. It goes further than many autocracies.”
One major organization, the National Council for Civil Liberties [counterpart of the American Civil Liberties Union in the U.S.], is on the legal offensive.
From their website:
Liberty is launching a landmark legal challenge to the extreme mass surveillance powers in the Government’s new Investigatory Powers Act – which lets the state monitor everybody’s web history and email, text and phone records, and hack computers, phones and tablets on an industrial scale.
Liberty is seeking a High Court judicial review of the core bulk powers in the so-called Snoopers’ Charter – and calling on the public to help it take on the challenge by donating via crowdfunding platform CrowdJustice.
Martha Spurrier, Director of Liberty, said: “Last year, this Government exploited fear and distraction to quietly create the most extreme surveillance regime of any democracy in history. Hundreds of thousands of people have since called for this Act’s repeal because they see it for what it is – an unprecedented, unjustified assault on our freedom.
“We hope anybody with an interest in defending our democracy, privacy, press freedom, fair trials, protest rights, free speech and the safety and cybersecurity of everyone in the UK will support this crowdfunded challenge, and make 2017 the year we reclaim our rights.”
The Investigatory Powers Act passed in an atmosphere of shambolic political opposition last year, despite the Government failing to provide any evidence that such indiscriminate powers were lawful or necessary to prevent or detect crime. A petition calling for its repeal
Liberty will seek to challenge the lawfulness of the following powers, which it believes breach the public’s rights:
- the Act lets police and agencies access, control and alter electronic devices like computers, phones and tablets on an industrial scale, regardless of whether their owners are suspected of involvement in crime – leaving them vulnerable to further attack by hackers.
- the Act allows the state to read texts, online messages and emails and listen in on calls en masse, without requiring suspicion of criminal activity.
Bulk acquisition of everybody’s communications data and internet history
- the Act forces communications companies and service providers to hand over records of everybody’s emails, phone calls and texts and entire web browsing history to state agencies to store, data-mine and profile at its will. This provides a goldmine of valuable personal information for criminal hackers and foreign spies.
- the Act lets agencies acquire and link vast databases held by the public or private sector. These contain details on religion, ethnic origin, sexuality, political leanings and health problems, potentially on the entire population – and are ripe for abuse and discrimination.
The secret agreements giving those new laws more power
From a review [open access] of the implications of revelations contained in the Snowden leaks in the International Journal of Law and Information Technology:
The US and UK’s signals intelligence agencies, National Security Agency (NSA) and Government Communications Headquarters (GCHQ), have gained access to very large volumes of Internet communications and data, for extremely broad ‘foreign intelligence’ purposes. A declassified 2011 US court order shows that NSA was already accessing more than 250 million ‘Internet communications’ each year. GCHQ is recording 3 days of international Internet traffic transiting the UK and 30 days of ‘metadata’ about these communications, and has gained access to ‘the majority’ of European Internet and telephone communications. NSA and GCHQ ‘collection’ of data is via intercepts of Internet traffic flowing through international fibre optic cables operated by telecommunications companies, and through automated searches carried out by Internet companies such as Microsoft, Apple, Google and Facebook on their internal systems, as well as the provision of complete records of all US telephone calls by AT&T, Verizon and others. NSA Director Keith Alexander asked his staff in 2008: ‘Why can’t we collect all the signals all the time?’—and they have set out to implement this vision.
The US and UK laws compel this cooperation by telecommunications and Internet companies (including ‘cloud computing’ providers that increasingly provide the infrastructure for Internet services).5 Other European governments cooperate with the USA–UK–Canada–Australia–New Zealand ‘Five Eyes’ intelligence alliance, notably an additional four countries in a ‘9-Eyes’ group (France, The Netherlands, Norway and Denmark) and a further five (Germany, Sweden, Spain, Belgium and Italy) in a ‘14-Eyes’ configuration.
NSA has further bugged EU offices and computer networks in Washington DC and New York, and gained access to UN internal videoconferencing systems. It has interception equipment and staff (jointly with the CIA) at 80 US embassies.
NSA has compromised at least 85,000 ‘strategically chosen’ machines in computer networks around the world; each device ‘in some cases … opens the door to hundreds or thousands of others.’ A new automated system is capable of managing ‘potentially millions’ of compromised machines for intelligence gathering and ‘active attack’. NSA conducted 231 ‘offensive operations’ in 2011, which represents ‘an evolution in policy, which in the past sought to preserve an international norm against acts of aggression in cyberspace, in part because U.S. economic and military power depend so heavily on computers’. NSA is spending $250 million each year to sabotage security standards and systems so that it can maintain access to encrypted data. GCHQ has developed methods to access encrypted data communications to Hotmail, Google, Facebook and Yahoo!
And if is those international agreements that magnify the impact of the increased panoptical powers in the United States and Great Britain.
And foremost among those pacts in the UKUSA Agreement, an accord granting London and Washington unparalleled access to each others intelligence gleanings.