Tag: Decryption

THE FIVE EYES

PRIVACY INTERNATIONAL, 11 June 2017

The Five Eyes alliance is a secretive, global surveillance arrangement of States comprised of the United States National Security Agency (NSA), the United Kingdom’s Government Communications Headquarters(GCHQ), Canada’s Communications Security Establishment Canada (CSEC), the Australian Signals Directorate (ASD), and New Zealand’s Government Communications Security Bureau (GCSB).

Beginning in 1946, an alliance of five English-speaking countries (the US, the  UK, Australia, Canada and New Zealand) developed a series of  bilateral agreements over more than a decade that became known as the UKUSA agreement, establishing the Five Eyes alliance for the purpose of sharing intelligence, primarily signals intelligence (SIGINT). For almost 70 years, this secret post-war alliance of five English-speaking countries has been building a global surveillance infrastructure to “master the internet” and spy on the world’s communications.

What does the Five Eyes agreement say?

Despite being nearly 70 years old, very little is known about the alliance and the agreements that bind them. While the existence of the agreement has been noted in history books and references are often made to it as part of reporting on the intelligence agencies, there is little knowledge or understanding outside the services themselves of exactly what the arrangement comprises.

Even within the governments of the respective countries, which the intelligence agencies are meant to serve, there has historically been little appreciation for the extent of the arrangement. In fact, it is so secretive that the Australian prime minister reportedly wasn’t informed of its existence until 1973 and no government officially acknowledged the arrangement by name until 1999. Few documents have been released detailing the Five Eyes surveillance arrangement. To read the documents available, click here for the National Archives and here for the NSA’s release of the UKUSA Agreement.

National Security Agency Headquarters (NSA), Maryland, USA.

Here’s what we do know: under the agreement interception, collection, acquisition, analysis, and decryption is conducted by each of the State parties in their respective parts of the globe, and all intelligence information is shared by default. The agreement is wide in scope and establishes jointly-run operations centres where operatives from multiple intelligence agencies of the Five Eyes States work alongside each other.

Further, tasks are divided between SIGINT agencies, ensuring that the Five Eyes alliance is far more than a set of principles of collaboration. The level of cooperation under the agreement is so complete that the national product is often indistinguishable.

What’s the extent of Five Eyes collaboration?

Together the Five Eyes collaborated and developed specific technical programmes of collection and analysis. One senior member of Britain’s intelligence community said “When you get a GCHQ pass it gives you access to the NSA too. You can walk into the NSA and find GCHQ staff holding senior management positions, and vice versa. When the NSA has a piece of intelligence, it will very often ask GCHQ for a second opinion. There have been ups and downs over the years, of course. But in general, the NSA and GCHQ are extremely close allies. They rely on each other.”

GCHQ Headquarters, Cheltenham, United Kingdom.

The close relationship between the five States is also evidenced by documents recently released by Edward Snowden. Almost all of the documents include the classification “TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL” or “TOP SECRET//COMINT//REL TO USA, FVEY.” These classification markings indicate the material is top-secret communications intelligence (aka SIGINT) material that can be released to the US, Australia, Canada, United Kingdom and New Zealand. The purpose of the REL TO is to identify classified information that a party has predetermined to be releasable (or has already been released) through established foreign disclosure procedures and channels, to a foreign country or international organisation.

The level of co-operation under the UKUSA agreement is so complete that “the national product is often indistinguishable.” Another former British spy has said that “[c]ooperation between the two countries, particularly, in SIGINT, is so close that it becomes very difficult to know who is doing what […] it’s just organizational mess.”

Despite rumours of a “no-spy pact”, there is no prohibition on intelligence-gathering by Five Eyes States on the citizens or residents of other Five Eyes States, although there is a general understanding that citizens will not be directly targeted and where communications are incidentally intercepted there will be an effort to minimize the use and analysis of such communications by the intercepting State.

Are there any other surveillance alliances?

In addition to the Five Eyes alliance, a number of other surveillance partnerships exist:

  • 9 Eyes: the Five Eyes, with the addition of Denmark, France, the Netherlands and Norway;
  • 14 Eyes: the 9 Eyes, with the addition of Germany, Belgium, Italy, Spain and Sweden;
  • 41 Eyes: all of the above, with the addition of the allied coalition in Afghanistan;
  • Tier B countries with which the Five Eyes have “focused cooperation” on computer network exploitation, including Austria, Belgium, Czech Republic, Denmark, Germany, Greece, Hungry, Iceland, Italy, Japan, Luxembourg, Netherland, Norway, Poland, Portugal, South Korea, Spain, Sweden, Switzerland and Turkey;
  • Club of Berne: 17 members including primarily European States; the US is not a member;
  • The Counterterrorist Group: a wider membership than the 17 European States that make up the Club of Berne, and includes the US;
  • NATO Special Committee: made up of the heads of the security services of NATO member countries.