Tag Archives: UK

GCHQ and NSA intercepted Yahoo users’ private photographs

GCHQ and NSA intercepted Yahoo users private photographs GCHQ and NSA intercepted Yahoo users private photographs

British and American surveillance agencies teamed up to develop a system that collected millions of images from the webcams of unsuspecting and innocent internet users, new leaked documents reveal.
Continue reading «GCHQ and NSA intercepted Yahoo users’ private photographs»

This “Optic Nerve” program — administered by the UK’s GCHQ with the assistance of the National Security Agency — routinely intercepted and stored those webcam images in secret starting in 2008, according to documents disclosed by former intelligence contractor Edward Snowden and published by The Guardian on Thursday.

The program indiscriminately collected millions of images from people who used Yahoo’s webcam chat function, the Guardian’s Spencer Ackerman and James Ball reported, “including substantial quantities of sexually explicit communications.”

According to the journalists, the GCHQ relied on Optic Nerve to experiment with facial recognition programing to monitor existing targets and search for new persons of interest.

But the GCHQ didn’t stop at targeting solely suspected terrorists, the report continues, and instead collected intelligence by seemingly anyone unfortunate enough to log-in to Yahoo’s webcam chat feature, at least between 2008 and 2012.

“Yahoo webcam is known to be used by GCHQ targets,” reads a portion of the classified documentation published by the paper.

The GCHQ did not limit their surveillance to just those target, however. According to the leaked Snowden document, 1.8 million Yahoo users had their webcam images collected by the agency during just a six-month span shortly after Optic Nerve was first rolled out.

When reached for comment by the British paper, a representative for Yahoo said the GCHQ program as explained demonstrates a “whole new level of violation of our users’ privacy.”

Elsewhere in the leaked documentation, GCHQ agents admitted that a large portion of the imagery collected contained “undesirable nudity.”

“Unfortunately … it would appear that a surprising number of people use webcam conversations to show intimate parts of their body to the other person,” one internal document cited by The Guardian reads.“Also, the fact that the Yahoo software allows more than one person to view a webcam stream without necessarily sending a reciprocal stream means that it appears sometimes to be used for broadcasting pornography.”

And although the program was carried out by British spies, Ackerman and Ball acknowledged that millions of Americans may have had their own likeness — clothed or not — captured in the process.

“GCHQ does not have the technical means to make sure no images of UK or US citizens are collected and stored by the system, and there are no restrictions under UK law to prevent Americans’ images being accessed by British analysts without an individual warrant,” they wrote.

But Vanee Vines, a spokesperson for the NSA, told the Guardian that the US spy agency “does not ask its foreign partners to undertake any intelligence activity that the US government would be legally prohibited from undertaking itself.”

“A key part of the protections that apply to both US persons and citizens of other countries is the mandate that information be in support of a valid foreign intelligence requirement, and comply with US Attorney General-approved procedures to protect privacy rights. Those procedures govern the acquisition, use, and retention of information about US persons,” Vines said.

In an op-ed published in The Guardian also on Thursday, acclaimed security expert and cryptographer Bruce Schneier said even safeguards in place to prevent these images being viewed by any GCHQ staffer should be questioned.

“[I]s it really okay for a computer to monitor you online, and for that data collection and analysis only to count as a potential privacy invasion when a person sees it? I say it’s not, and the latest Snowden leaks only make more clear how important this distinction is,” he wrote.

Source: RT

GCHQ secret unit uses DDOS attack tactics against Anonymous – Snowden leak

Anon GCHQ secret unit uses DDOS attack tactics against Anonymous – Snowden leak

British intelligence has its own hacker subdivision that uses questionable practices for hunting down enemies of the state, reveals a new leak from Edward Snowden. GCHQ is fighting Anonymous and LulzSec hacktivists with DDoS attacks and malware.
Continue reading «GCHQ secret unit uses DDOS attack tactics against Anonymous – Snowden leak»

classified document obtained by NBC News reveals that the British secret service is brandishing a cyber-sword in the guise of the Joint Threat Research Intelligence Group (JTRIG), an intelligence unit not constrained by domestic or international laws.

The JTRIG unit is staging distributed denial of service (DDoS) cyber-attacks, implanting malware to disclose identities of hackers in order to prevent their communications. JTRIG is such a secret unit that its very name has never been mentioned anywhere before.

A PowerPoint presentation prepared for a 2012 NSA conference called SIGDEV, obviously from the collection of documents from the former NSA contractor, Edward Snowden, contains information about the Rolling Thunder operation against Anonymous hacktivists. JTRIG organized a DDoS attack on the internet relay chat (IRC) used by Anonymous, which reportedly resulted in 80 percent of the users quitting internet chat rooms.

The fact that the presentation was made at a conference of America’s National Security Agency is particularly interesting. It means that the NSA was informed about such governmental activities in the UK.

A DDoS attack is a criminal offence in most countries, the US and UK included. For example, in the UK a person found guilty of a cyber attack would be charged in accordance with the Computer Misuse Act, while in the US such illegal activities are prosecuted with the Computer Fraud and Abuse Act (CFAA).

Servers GCHQ secret unit uses DDOS attack tactics against Anonymous – Snowden leak

Besides that, according to cyber experts, a DDOS attack takes down an entire server, with all websites hosted on it, along with other severs operated by the same Internet Server Provider (ISP). This means that while attacking Anonymous chat rooms, JTRIG was actually disabling other web resources that had no connection to Anonymous whatsoever.

If the fact of a DDoS attack by a secret service gets some independent proof, it would mean that Britain will become the first state incriminated in staging a cyber-attack, internationally recognized as unlawful.

“Law enforcement and intelligence officials must be able to pursue individuals who are going far beyond speech and into the realm of breaking the law: defacing and stealing private property that happens to be online,” said the former head of the US National Counterterrorism Center and now an NBC News analyst Michael Leiter, noting that “there must, of course, be limitations”.

“No one should be targeted for speech or thoughts, but there is no reason law enforcement officials should unilaterally declare law breakers safe in the online environment,” said Leiter.

“Targeting Anonymous and hacktivists amounts to targeting citizens for expressing their political beliefs,”said NBC News’ Gabriella Coleman, an anthropology professor at McGill University.

In another NSA document in possession of NBC News, a JTRIG official maintains that the unit’s activities are definitely not limited to computer network protection. JTRIG is staging attacks itself, Such as “Active Covert Internet Operations” and “Covert Technical Operations”. The unit is vigorously using cyber tools to disrupt enemy communications, engaging in computer and phone jamming, breaching email accounts and conducting ‘false flag’ operations.

The Anonymous global hacker community emerged in 2011, and conducted the “Operation Payback” campaign, a series of attacks against government websites in Britain and the US in protest against the prosecution of Chelsea Manning, who handed over thousands of classified US military documents to WikiLeaks. They also attacked several financial organizations, such as credit card companies and the PayPal pay service for blocking donations support to WikiLeaks.

Source: RT

Video released: Guardian destroys Snowden files on GCHQ’s orders

guardian destroy snowden video Video released: Guardian destroys Snowden files on GCHQ’s orders
 
The Guardian has released a video of the newspaper’s editors destroying hard drives and memory cards with encrypted files leaked by Edward Snowden – under the watchful gaze of experts from GCHQ, the government’s surveillance agency.
Continue reading «Video released: Guardian destroys Snowden files on GCHQ’s orders»

It is the first time the footage has been published online since The Guardian’s hard drives were demolished on July 20, 2013, in the basement of the newspaper’s London offices.

Three Guardian staff members – deputy editor Paul Johnson, executive director Sheila Fitzsimons and computer expert David Blishen – are seen taking angle-grinders and drills to the internal components of computers to destroy information on them.

The journalists were watched by two Government Communications Headquarters (GCHQ) technical experts, named in Guardian’s recent report as “Ian” and “Chris.” They recorded the process on their iPhones.

It took three hours to smash up the computers. The journalists then fed the pieces into the GCHQ-provided degausser high-tech equipment, which destroys magnetic fields and erases data, The Guardian said.

Initially, GCHQ officials wanted to inspect the material before destruction, carry out the operation themselves and take the remnants away. But the Guardian refused to let them.

The classified information was stored on four computers, none of which was ever connected to the Internet or any other network.

0 Video released: Guardian destroys Snowden files on GCHQ’s orders

The UK government saw the destruction of the computers as a way to stop further publications of leaks from former NSA contractor Edward Snowden. It gave The Guardian an ultimatum to either hand the Snowden material back, destroy it, or face an injunction. UK Prime Minister David Cameron sent Cabinet Secretary Jeremy Heywood to convey the message.

“We can do this nicely or we can go to law,” Heywood told The Guardian’s editor Alan Rusbridger during one of their meetings in June and July.

“A lot of people in government think you should be closed down,” he added, The Guardian reported.

Initially reluctant to comply with the government’s demand, The Guardian eventually took the decision to demolish the hard drives with the information on them – as it was seen as the only way to protect the newspaper and its team.

The measure, however, did not stop the flow of NSA- and GCHQ- related revelations. Guardian editor Alan Rusbridger told government officials that several copies of the secret documents existed, but only one in the UK. It was known that The Guardian’s columnist Glenn Greenwald, who met Snowden in Hong Kong, had leaked material in Rio de Janeiro. There were further copies in the US, according to Rusbridger.

After the destruction of the hard drives, the paper continued to consult with the government before publishing national security stories.

“There were more than 100 interactions with No. 10 Downing Street, the White House and US and UK intelligence agencies,” The Guardian said in a recent report.

The release of the video comes a week before a new book by Guardian correspondent Luke Harding,“The Snowden Files: The Inside Story of the World’s Most Wanted Man,” is due to be published.

Source: RT

‘Our views are far apart’: German chancellor slams US, UK over spying

Germany slams US and UK for spying ‘Our views are far apart’: German chancellor slams US, UK over spying
 
Countries spying on their allies sow distrust that could result in less, rather than more security, German Chancellor Angela Merkel has warned. She particularly referred to the surveillance and spying activities by the US and the UK.
Continue reading «‘Our views are far apart’: German chancellor slams US, UK over spying»

“But does that make it right for our closest allies, like the United States or Britain, to access all imaginable data – arguing that it helps their own security and that of their partners?” Chancellor Angela Merkel told the Parliament in the first major policy speech of her third term.

Merkel, who herself was a target of US eavesdropping on her personal phone calls, warned that using “everything that is technically do-able” to obtain information leads to mistrust between allies, which would eventually undermine their mutual security.

The US, however, says its surveillance practices are focused on threats to national security, including terrorism. In its recent interview, US President Barack Obama assured Merkel that she does not need to worry about NSA surveillance, even though the Agency would continue surveillance on foreign governments.

“Can it be right that it’s not just about defending against terrorist threats but also to gain advantage over their allies, for example, in negotiations at G20 summits or UN sessions?”“Our answer can only be: ‘No, that cannot be right’.”

Merkel is set to meet with US Secretary of State John Kerry in Berlin on Friday to discuss “on the transatlantic partnership and global political issues”. The NSA and its surveillance practices are expected to be on the agenda.

“Our views are today far apart,” Merkel said.

In October, Merkel, who grew up in East Germany, where phone tapping was common practice, compared the NSA’s spying to that of the Stasi secret police in the former German Democratic Republic. Following the revelations, Merkel accused the US of a grave breach of trust.

The Chancellor has reiterated that Berlin was now driving efforts for “a European no spying”agreement and new rules to safeguard data privacy.

Since reports about spying emerged, Merkel’s government has been pressing for a “no spying” agreement with Washington. However, the US seems to be reluctant to sign such deal, the Süddeutsche Zeitung reported in mid-January, citing a Federal Intelligence Service (BND) employee as saying: “We’re getting nothing.”

Negotiations on an anti-spying agreement began in August last year, after whistleblower Edward Snowden started leaking classified data in June. In her Wednesday speech Angela Merkel still vowed to continue negotiations.

“Many say the attempts for such an agreement are doomed to failure from the outset, an unrealistic endeavour. That may be,” Merkel said. “Certainly the problem won’t be solved by just one visit.”

Top lawyer to MPs: GCHQ mass surveillance largely illegal

gchq surveillance illegal lawyer Top lawyer to MPs: GCHQ mass surveillance largely illegal
 
A substantial part of the GCHQ’s dragnet snooping program is most likely illegal and was approved by government ministers despite breaching human rights and surveillance laws, a legal analysis requested by British MPs has found, The Guardian reports.
Continue reading «Top lawyer to MPs: GCHQ mass surveillance largely illegal»

In a 32-page opinion, leading public law barrister Jemima Stratford QC warns that Britain’s primary surveillance law is vague to the point of allowing the British intelligence agency to ignore privacy safeguards laid out by the European Convention on Human Rights (ECHR).

The advice cited by The Guardian says that the murkiness of the law has created a situation where GCHQ staff are able to reply on “gaps in the current statutory framework to commit serious crime with impunity.”

The paper explicitly warns that GCHQ staff who passed on intelligence which was later used in the commission of a US drone strike against “non-combatants” could later face dire consequences.

“An individual involved in passing that information is likely to be an accessory to murder. It is well arguable, on a variety of different bases, that the government is obliged to take reasonable steps to investigate that possibility,” The Guardian cites the advice as saying.

The opinion suggested the UK should consider publishing a Memorandum of Understanding with any country it shares intelligence with that would clarify what the data is used for under British law. It would also outline how the data would be stored and destroyed.

All 46 members of the all-party parliamentary group on drones, chaired by Labour MP Tom Watson, were sent the legal advice.

nsa 1 Top lawyer to MPs: GCHQ mass surveillance largely illegal
 

Regulatory lapse

The cross-party parliamentary group reportedly sought the legal advice after receiving reports that the CIA relied on NSA surveillance to conduct the CIA’s clandestine drone program.

The advice, based on five hypothetical scenarios, found multiple areas in which the GCHQ had legally overstepped its bounds under the Regulation of Investigatory Powers Act 2000 (RIPA) which establishes the powers of public bodies to carry out surveillance and investigation.

- GCHQ is not allowed to intercept “internal” contents data between two British residents under RIPA, even if the data is routed via a transatlantic cable;

- GCHQ can intercept metadata and “external” contents data under RIPA, although this is considered a disproportionate interference with Article 8 of the ECHR;

- The executive has retained a largely unrestrained discretion to permit transfer of UK data to the NSA under RIPA;

- RIPA does not place any restriction on the uses to which intercept material might be put, other than its admissibility in court;
 
 
nsa 2 Top lawyer to MPs: GCHQ mass surveillance largely illegal

- The current framework for the retention, use and destruction of metadata is inadequate and potentially unlawful.

- The government has an obligation to investigate and prevent UK agents, visiting forces and visiting agents becoming “accidental” accessories to murder under domestic law, if data or facilities are knowingly given to the US, even though it will be used in a drone strike that is most likely unlawful under UK law;

It also noted that RIPA has been left behind as advances in technology have rendered virtually meaningless the difference between “contents” and “communications” data.

The advice says RIPA gives “too wide a discretion” to UK Foreign Secretary William Hague, and “provides almost no meaningful restraint on the exercise of executive discretion in respect of external communications.”

Such surveillance may also be a breach of the ECHR, it adds.

“We consider the mass interception of external contents and communications data is unlawful. The indiscriminate interception of data, solely by reference to the request of the executive, is a disproportionate interference with the private life of the individuals concerned.”

In June 2013, media reports using thousands of documents leaked by NSA whistleblower Edward Snowden extensively detailed the surveillance activities of GCHQ and its larger US counterpart, the NSA.

One of the key revelations focused on Operation Tempora, a GCHQ program that mines vast amounts of information by tapping into undersea cables that carry internet and phone traffic passing in and out of the UK. GCHQ and Hague, have repeatedly insisted the agency acts in accordance with the law.

gqqqqq 1 Top lawyer to MPs: GCHQ mass surveillance largely illegal

Last year, Hague told MPs: “It has been suggested GCHQ uses our partnership with the US to get around UK law, obtaining information that they cannot legally obtain in the UK. I wish to be absolutely clear that this accusation is baseless.”

GCHQ also maintains all its work is “carried out in accordance with a strict legal and policy framework which ensures that our activities are authorized, necessary and proportionate, and that there is rigorous oversight, including from the secretary of state, the interception and intelligence Services commissioners and the parliamentary intelligence and security committee.”

Last week, however, the ECHR ordered British ministers to provide submissions on mass GCHQ’s surveillance programs to determine whether they had violated the European convention on human rights.

Meanwhile, GCHQ chief Iain Lobban announced he will step down by year’s end, the Foreign Office said. Officials denied his departure was linked to public anger over the Snowden revelations.

Source: RT

NSA and GCHQ target ‘leaky’ phone apps like Angry Birds to scoop user data

 NSA and GCHQ target leaky phone apps like Angry Birds to scoop user data

The National Security Agency and its UK counterpart GCHQ have been developing capabilities to take advantage of “leaky” smartphone apps, such as the wildly popular Angry Birds game, that transmit users’ private information across the internet, according to top secret documents.
Continue reading «NSA and GCHQ target ‘leaky’ phone apps like Angry Birds to scoop user data»

The data pouring onto communication networks from the new generation of iPhone and Android apps ranges from phone model and screen size to personal details such as age, gender and location. Some apps, the documents state, can share users’ most sensitive information such as sexual orientation – and one app recorded in the material even sends specific sexual preferences such as whether or not the user may be a swinger.

Many smartphone owners will be unaware of the full extent this information is being shared across the internet, and even the most sophisticated would be unlikely to realise that all of it is available for the spy agencies to collect.

Dozens of classified documents, provided to the Guardian by whistleblower Edward Snowden and reported in partnership with the New York Times and ProPublica, detail the NSA and GCHQ efforts to piggyback on this commercial data collection for their own purposes.

Scooping up information the apps are sending about their users allows the agencies to collect large quantities of mobile phone data from their existing mass surveillance tools – such as cable taps, or from international mobile networks – rather than solely from hacking into individual mobile handsets.

Exploiting phone information and location is a high-priority effort for the intelligence agencies, as terrorists and other intelligence targets make substantial use of phones in planning and carrying out their activities, for example by using phones as triggering devices in conflict zones. The NSA has cumulatively spent more than $1bn in its phone targeting efforts.

The disclosures also reveal how much the shift towards smartphone browsing could benefit spy agencies’ collection efforts.

 NSA and GCHQ target leaky phone apps like Angry Birds to scoop user data

 

 

One slide from a May 2010 NSA presentation on getting data from smartphones – breathlessly titled “Golden Nugget!” – sets out the agency’s “perfect scenario”: “Target uploading photo to a social media site taken with a mobile device. What can we get?”

The question is answered in the notes to the slide: from that event alone, the agency said it could obtain a “possible image”, email selector, phone, buddy lists, and “a host of other social working data as well as location”.

In practice, most major social media sites, such as Facebook and Twitter, strip photos of identifying location metadata (known as EXIF data) before publication. However, depending on when this is done during upload, such data may still, briefly, be available for collection by the agencies as it travels across the networks.

Depending on what profile information a user had supplied, the documents suggested, the agency would be able to collect almost every key detail of a user’s life: including home country, current location (through geolocation), age, gender, zip code, martial status – options included “single”, “married”, “divorced”, “swinger” and more – income, ethnicity, sexual orientation, education level, and number of children.

The agencies also made use of their mobile interception capabilities to collect location information in bulk, from Google and other mapping apps. One basic effort by GCHQ and the NSA was to build a database geolocating every mobile phone mast in the world – meaning that just by taking tower ID from a handset, location information could be gleaned.

A more sophisticated effort, though, relied on intercepting Google Maps queries made on smartphones, and using them to collect large volumes of location information.

So successful was this effort that one 2008 document noted that “[i]t effectively means that anyone using Google Maps on a smartphone is working in support of a GCHQ system.”

The information generated by each app is chosen by its developers, or by the company that delivers an app’s adverts. The documents do not detail whether the agencies actually collect the potentially sensitive details some apps are capable of storing or transmitting, but any such information would likely qualify as content, rather than metadata.

Data collected from smartphone apps is subject to the same laws and minimisation procedures as all other NSA activity – procedures that the US president, Barack Obama, suggested may be subject to reform in a speech 10 days ago. But the president focused largely on the NSA’s collection of the metadata from US phone calls and made no mention in his address of the large amounts of data the agency collects from smartphone apps.

The latest disclosures could also add to mounting public concern about how the technology sector collects and uses information, especially for those outside the US, who enjoy fewer privacy protections than Americans. A January poll for the Washington Post showed 69% of US adults were already concerned about how tech companies such as Google used and stored their information.

The documents do not make it clear how much of the information that can be taken from apps is routinely collected, stored or searched, nor how many users may be affected. The NSA says it does not target Americans and its capabilities are deployed only against “valid foreign intelligence targets”.

The documents do set out in great detail exactly how much information can be collected from widely popular apps. One document held on GCHQ’s internal Wikipedia-style guide for staff details what can be collected from different apps. Though it uses Android apps for most of its examples, it suggests much of the same data could be taken from equivalent apps on iPhone or other platforms.

The GCHQ documents set out examples of what information can be extracted from different ad platforms, using perhaps the most popular mobile phone game of all time, Angry Birds – which has reportedly been downloaded more than 1.7bn times – as a case study.

From some app platforms, relatively limited, but identifying, information such as exact handset model, the unique ID of the handset, software version, and similar details are all that are transmitted.

Other apps choose to transmit much more data, meaning the agency could potentially net far more. One mobile ad platform, Millennial Media, appeared to offer particularly rich information. Millennial Media’s website states it has partnered with Rovio on a special edition of Angry Birds; with Farmville maker Zynga; with Call of Duty developer Activision, and many other major franchises.

Rovio, the maker of Angry Birds, said it had no knowledge of any NSA or GCHQ programs looking to extract data from its apps users.

“Rovio doesn’t have any previous knowledge of this matter, and have not been aware of such activity in 3rd party advertising networks,” said Saara Bergström, Rovio’s VP of marketing and communications. “Nor do we have any involvement with the organizations you mentioned [NSA and GCHQ].”

Millennial Media did not respond to a request for comment.

In December, the Washington Post reported on how the NSA could make use of advertising tracking files generated through normal internet browsing – known as cookies – from Google and others to get information on potential targets.

However, the richer personal data available to many apps, coupled with real-time geolocation, and the uniquely identifying handset information many apps transmit give the agencies a far richer data source than conventional web-tracking cookies.

Almost every major website uses cookies to serve targeted advertising and content, as well as streamline the experience for the user, for example by managing logins. One GCHQ document from 2010 notes that cookie data – which generally qualifies as metadata – has become just as important to the spies. In fact, the agencies were sweeping it up in such high volumes that their were struggling to store it.

“They are gathered in bulk, and are currently our single largest type of events,” the document stated.

The ability to obtain targeted intelligence by hacking individual handsets has been well documented, both through several years of hacker conferences and previous NSA disclosures in Der Spiegel, and both the NSA and GCHQ have extensive tools ready to deploy against iPhone, Android and other phone platforms.

GCHQ’s targeted tools against individual smartphones are named after characters in the TV series The Smurfs. An ability to make the phone’s microphone ‘hot’, to listen in to conversations, is named “Nosey Smurf”. High-precision geolocation is called “Tracker Smurf”, power management – an ability to stealthily activate an a phone that is apparently turned off – is “Dreamy Smurf”, while the spyware’s self-hiding capabilities are codenamed “Paranoid Smurf”.

Those capability names are set out in a much broader 2010 presentation that sheds light on spy agencies’ aspirations for mobile phone interception, and that less-documented mass-collection abilities.

The cover sheet of the document sets out the team’s aspirations:

 NSA and GCHQ target leaky phone apps like Angry Birds to scoop user data

 

Another slide details weak spots in where data flows from mobile phone network providers to the wider internet, where the agency attempts to intercept communications. These are locations either within a particular network, or international roaming exchanges (known as GRXs), where data from travellers roaming outside their home country is routed.

 NSA and GCHQ target leaky phone apps like Angry Birds to scoop user data

 NSA and GCHQ target leaky phone apps like Angry Birds to scoop user data

These are particularly useful to the agency as data is often only weakly encrypted on such networks, and includes extra information such as handset ID or mobile number – much stronger target identifiers than usual IP addresses or similar information left behind when PCs and laptops browse the internet.

The NSA said its phone interception techniques are only used against valid targets, and are subject to stringent legal safeguards.

“The communications of people who are not valid foreign intelligence targets are not of interest to the National Security Agency,” said a spokeswoman in a statement.

“Any implication that NSA’s foreign intelligence collection is focused on the smartphone or social media communications of everyday Americans is not true. Moreover, NSA does not profile everyday Americans as it carries out its foreign intelligence mission. We collect only those communications that we are authorized by law to collect for valid foreign intelligence and counterintelligence purposes – regardless of the technical means used by the targets.

“Because some data of US persons may at times be incidentally collected in NSA’s lawful foreign intelligence mission, privacy protections for US persons exist across the entire process concerning the use, handling, retention, and dissemination of data. In addition, NSA actively works to remove extraneous data, to include that of innocent foreign citizens, as early as possible in the process.

“Continuous and selective publication of specific techniques and tools lawfully used by NSA to pursue legitimate foreign intelligence targets is detrimental to the security of the United States and our allies – and places at risk those we are sworn to protect.”

The NSA declined to respond to a series of queries on how routinely capabilities against apps were deployed, or on the specific minimisation procedures used to prevent US citizens’ information being stored through such measures.

GCHQ declined to comment on any of its specific programs, but stressed all of its activities were proportional and complied with UK law.

“It is a longstanding policy that we do not comment on intelligence matters,” said a spokesman.

“Furthermore, all of GCHQ’s work is carried out in accordance with a strict legal and policy framework that ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee. All our operational processes rigorously support this position.”

 

 

• A separate disclosure on Wednesday, published by Glenn Greenwald and NBC News, gave examples of how GCHQ was making use of its cable-tapping capabilities to monitor YouTube and social media traffic in real-time.

GCHQ’s cable-tapping and internet buffering capabilities , codenamed Tempora, were disclosed by the Guardian in June, but the new documents published by NBC from a GCHQ presentation titled “Psychology: A New Kind of SIGDEV” set out a program codenamed Squeaky Dolphin which gave the British spies “broad real-time monitoring” of “YouTube Video Views”, “URLs ‘Liked’ on Facebook” and “Blogspot/Blogger Visits”.

A further slide noted that “passive” – a term for large-scale surveillance through cable intercepts – give the agency “scalability”.

The means of interception mean GCHQ and NSA could obtain data without any knowledge or co-operation from the technology companies. Spokespeople for the NSA and GCHQ told NBC all programs were carried out in accordance with US and UK law.

Source: http://www.theguardian.com/world/2014/jan/27/nsa-gchq-smartphone-app-angry-birds-personal-data