Wired reports: GCHQ has direct access to “major internet cables” and has systems to monitor communications as they “traverse the internet” an official government report has revealed. The spy agency, which has been heavily criticised in the wake of the Snowden leaks, also admits that it has more data than it can handle. Despite these capabilities the government is being urged to massively expand its surveillance powers.
The details come from the Intelligence Security Committee’s inquiry (PDF) into the murder of the fusilier Lee Rigby by Michael Adebolajo and Michael Adebowale in Woolwich, London in 2013. While crucial details have been redacted for security reasons, the report still reveals the scale of the surveillance powers at GCHQ’s disposal.
Detailing GCHQ’s capabilities it notes that the spy agency has access to around “*** percent of global internet traffic and approximately *** percent of internet traffic entering or leaving the UK”. Despite the redactions the report does reveal that GCHQ is currently overwhelmed by the amount of data it has to process:
“The resources required to process the vast quantity of data involved mean that, at any one time, GCHQ can only process approximately *** of what they can access.”
The inquiry, which was set up to investigate what could have prevented Rigby’s murder, clears both M15 and M16 of any fault. It reveals that both Adebolajo and Adebowale were known to British security agencies, but that no action was taken. As both men were seen as low priority targets they were not subject to any specialist surveillance by GCHQ or any other agency.
The committee was far more damning in its assessment of an as-yet-unnamed US internet company. In December 2012 an exchange between Adebowale and an individual overseas revealed his intention to murder a soldier. The exchange was not seen by UK security services until after the attack. The report intimates that all overseas internet companies risk becoming a “safe haven for terrorists”.
“This company does not appear to regard itself as under any obligation to ensure that its systems identify such exchanges, or to take action or notify the authorities when its communications services appear to be used by terrorists.”
The Guardian identifies this company as Facebook.
The Wired report continues: “When the intelligence services are gathering data about everyone of us but failing to act on intelligence about individuals, they need to get back to basics, and look at the way they conduct targeted investigations,” said Jim Killock, executive director of online privacy advocates the Open Rights Group.
“The committee is particularly misleading when it implies that US companies do not cooperate, and it is quite extraordinary to demand that companies pro-actively monitor email content for suspicious material. Internet companies cannot and must not become an arm of the surveillance state.”