UK intelligence service GCHQ can legally snoop on British use of Google, Facebook and web-based email without specific warrants because the firms are based abroad, the government has said.
Classed as “external communications”, such activity can be covered by a broad warrant and intercepted without extra clearance, Spy boss Charles Farr said.
The policy was revealed as part of a legal battle with campaign group Privacy International (PI).
PI labelled the policy “patronising”.
It is the first time the UK has commented on how its legal framework allows the mass interception of communications, as outlined by US whistleblower Edward Snowden in his leaks about global government surveillance.
The former National Security Agency contractor revealed extensive details of internet and phone snooping and has since fled the US and sought temporary asylum in Russia.
Charles Farr, director general of the Office of Security and Counter-Terrorism told PI that Facebook, Twitter, YouTube and web searches on Google – as well as webmail services such as Hotmail and Yahoo – were classified as “external communications”, which meant they could be intercepted without the need for additional legal clearance.
Internal communications between citizens can only be intercepted when a targeted warrant is issued. Warrants must be signed by a minister and can only be issued when there is suspicion of illegal activity.
But when someone searches for something on Google or posts on Facebook they are sending information overseas – constituting an act of external communication which could be collected under a broader warrant which does not need to be signed by a minister, explained Mr Farr in a 48-page written statement.
However, he said data collected in this way “cannot be read, looked at or listened to” except in strictly limited circumstances.
Mr Farr said there was a “significant distinction” between intercepting material and a person actually reading, looking at or listening it.
Mr Farr did not reveal the extent to which GCHQ used its power to intercept external communications.
In a statement, GCHQ said all its work was “carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate”.
‘Byzantine’ laws
But civil liberty groups were outraged by the revelations.
James Welch, legal director of human rights group Liberty, said: “The security services consider that they’re entitled to read, listen and analyse all our communications on Facebook, Google and other US-based platforms.
“If there was any remaining doubt that our snooping laws need a radical overhaul there can be no longer.”
Meanwhile Eric King, deputy director of Privacy International said the revelation showed that spy agencies operated under their own laws.
“Intelligence agencies cannot be considered accountable to parliament and to the public they serve when their actions are obfuscated through secret interpretations of Byzantine laws.”
But some others did not find the revelations surprising.
Alan Woodward, a security expert who has undertaken consultancy work for GCHQ said: “I think what is happening is that people are just becoming familiar with legislation that has been in place for many years, probably because of all the civil liberty groups raising concerns. As you can see from the Act, it has never been a secret.
“The bit that people tend to forget is that RIPA [Regulation of Investigatory Powers] has protections as well. Something you won’t find in many other countries. The difference in the UK is that civil liberty organisations have the right to challenge these things, a right which they would not have in, say, Russia.”
The legal challenge, brought by PI, Amnesty, the American Civil Liberties Union and six other national civil liberties organisations, was a direct response to the revelations made by Edward Snowden about the UK’s global digital surveillance.
Source: BBC