New Snowden Leak Reveals GCHQ Collected Emails Of Journalists At NYT, WaPo, Guardian, BBC And Elsewhere

by Glyn Moody
Techdirt
Jan. 20, 2015

It's eighteen months since Edward Snowden revealed his trove of secret NSA and GCHQ documents, but it seems that there are still some big surprises lurking there. Here's a pretty shocking story from the Guardian:
GCHQ's bulk surveillance of electronic communications has scooped up emails to and from journalists working for some of the US and UK's largest media organisations, analysis of documents released by whistleblower Edward Snowden reveals.

Emails from the BBC, Reuters, the Guardian, the New York Times, Le Monde, the Sun, NBC and the Washington Post were saved by GCHQ and shared on the agency's intranet as part of a test exercise by the signals intelligence agency.
Apparently, some 70,000 emails were slurped up in less than 10 minutes using one of GCHQ's taps on the fiber-optic cables entering and leaving the UK. Among those emails was correspondence between reporters and editors discussing stories, all of which was made available to cleared personnel on the GCHQ intranet. Although this was classed as a "test exercise", what the Guardian story goes on to reveal about GCHQ's view of journalists does not give any confidence it was an isolated incident:
One restricted document intended for those in army intelligence warned that "journalists and reporters representing all types of news media represent a potential threat to security".

It continued: "Of specific concern are 'investigative journalists' who specialise in defence-related exposés either for profit or what they deem to be of the public interest.
Despite that view, GCHQ graciously concedes that journalists are marginally less dangerous as an information security risk than "terrorists":
GCHQ information security assessments, meanwhile, routinely list journalists between "terrorism" and "hackers" as "influencing threat sources", with one matrix scoring journalists as having a "capability" score of two out of five, and a "priority" of three out of five, scoring an overall "low" information security risk.

Terrorists, listed immediately above investigative journalists on the document, were given a much higher "capability" score of four out of five, but a lower "priority" of two. The matrix concluded terrorists were therefore a "moderate" information security risk.
Alongside this disturbing perspective on investigative journalists, the Guardian story also reveals what seems a serious abuse of surveillance powers:
The GCHQ document goes on to warn that the fact that billing records "kept under Ripa are not limited to warranted targets" must be kept as one of the agency's most tightly guarded secrets, at a classification known as "Top secret strap 2".

That is two levels higher than a normal top secret classification -- as it refers to "HMG [Her Majesty's government] relationships with industry that have areas of extreme sensitivity".
So claims that telephone billing records are only obtained in accordance with the Regulation of Investigatory Powers Act (RIPA) in a highly controlled fashion, and limited to "warranted targets", turn out to be untrue: they are collected for a much wider group of people. This is such a sensitive matter that the document containing this damaging admission was accorded a level of classification even higher than "top secret".

That's a reminder of why Snowden's leaks are so important: without them, it's unlikely we'd ever know about rules being bent or broken in this way. It's regrettable that many journalists at leading titles still underestimate the importance of Snowden revelations that spy agencies on both sides of the Atlantic are undermining without compunction key elements of liberty and democracy, subject only to minimal and ineffectual oversight. Let's hope the news that they too are being spied upon will help them revise their opinions.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+













All original InformationLiberation articles CC 4.0



About - Privacy Policy