Life in GCHQ: form-filling, bulk interception and internal emails

The Edward Snowden files provided a lot of material on GCHQ. Some of it, such as the existence of a chess club, a social media service called SpySpace and in 2011 a sports day at the Civil Service Sports Club in London, was fairly innocuous. Some of it was explosive, and the detonations continue to this day with the disclosure that parliamentarians are not exempt from bulk surveillance.

What the Snowden material couldn’t provide was any kind of overview of life in GCHQ; that isn’t what you get from a dump of documents. Neither could it provide information on whether a practice had stopped, given the UK government’s neither confirm nor deny policy.

On The Register today, I have pieced together material that comes from the recent reviews of government surveillance, primarily drawing on the report by the Independent Reviewer of Terrorism Legislation David Anderson QC (PDF). These got most attention for their recommendations, but they also provided quite a lot of insight into how GCHQ works.

GCHQ Foyer, with artfully blurred staff. Copyright GCHQ 2014
GCHQ foyer, with artfully blurred staff and nice use of local Cotswold stone. Copyright GCHQ 2014 – click on the photo for more official images, many featuring long exposures or deliberately wrong focal lengths

The material from these reports should be current given they have all been recently published. While we clearly don’t get a full picture given they have been cleared by the government for publication, what we’re hearing is likely to be balanced and correct (unless you believe that anyone let into the secret world, even to assess it, is tainted by it; I don’t, encouraged by Heather Brooke’s view of the process).

A few highlights:

– At the end of 2014, there were 20 warrants in place allowing GCHQ to carry out bulk interception of communications, which Anderson says can collect “very large amounts” of data.

– Bulk interception contributes to 55% of intelligence reports by GCHQ. The output is primarily searched by human analysts rather than software, as the former do a better job, carrying out several thousand searches a day.

– GCHQ reckons that the amount of the world’s internet traffic going through the UK is closer to 10% than 25%. It should know.

– What GCHQ does is constrained by the law, but also by its interception capabilities and its storage capacity; and, by the sounds of it, the ability of its staff to fill in a lot of forms.

– GCHQ can’t read a UK to UK email captured through bulk interception, even if it goes around the world to get from London to Birmingham; it uses the endpoints to decide what is an internal email. (This exemption also covers the Channel Islands and the Isle of Man, although worth noting that the agency has other legal routes to reading an ‘internal’ email.) The same rule applies to any type of communication between two people, including a person to person message in Facebook. However, if there isn’t a specific recipient and the server is overseas, this is fair game as the recipient is seen as being the foreign-based computer.

– David Anderson reckons there is a growing realisation in the secret agencies that they need to open up, and GCHQ told him it intends to be “more transparent, wherever possible, about its capabilities and operations”. To that end, GCHQ has published this guide to how its analysts work. (As well as these FAQs, which include an outline of the legal restrictions the agency works under.)

– GCHQ has an ethics code and counsellor, as well as a substantial legal department that staff can use.

The full article is here.