Edward Snowden files reveal GCHQ scooped up journalist e-mails
GCHQ’s bulk surveillance of electronic communications has scooped up emails to and from some of the largest media organizations including the BBC, Reuters, the Guardian, the New York Times, Le Monde, the Sun, NBC and the Washington Post. This was done as part of a test exercise by the signals intelligence agency.
Over 70,000 emails were harvested in the space of less than 10 minutes on one day in November 2008 by one of GCHQ’s numerous taps on the fibre-optic cables that make up the backbone of the internet.
The swath of these intercepted communications, were sometimes simple mass-PR emails sent to dozens of journalists but also included correspondence between reporters and editors discussing stories. These transmissions were retained by GCHQ and were available to all cleared staff on the agency intranet. It is not known if any journalists were intentionally targeted.
New evidence revealed by Snowden, from the UK intelligence documents, shows that a GCHQ information security assessment listed “investigative journalists” as a threat in a hierarchy alongside terrorists or hackers.
Senior editors and lawyers in the UK have called for the urgent introduction of a freedom of expression law amid growing concern over over reaching laws and concerns over the police use of surveillance powers linked to the Regulation of Investigatory Powers Act 2000 (Ripa).
Over 100 editors, have signed a letter, coordinated by the Society of Editors and Press Gazette, to the UK prime minister, David Cameron, protesting at snooping on journalists’ communications.
Since the terror attacks on the Charlie Hebdo offices and a Jewish grocer in Paris, Cameron has become emboldened to further bulk-surveillance powers.
Ripa has been used to access journalists’ communications without a warrant, including cases of police accessing the phone records of the Sun’s political editor, Tom Newton-Dunn, specifically over the Plebgate investigation.
GCHQ information security assessments, routinely list journalists between “terrorism” and “hackers” as “influencing threat sources”, with one matrix scoring journalists as having a “capability” score of two out of five, and a “priority” of three out of five, scoring an overall “low” information security risk.
Terrorists, listed immediately above investigative journalists on the document, were given a much higher “capability” score of four out of five, but a lower “priority” of two. The matrix concluded terrorists were therefore a “moderate” information security risk.
A spokesman for GCHQ said:
“It is longstanding policy that we do not comment on intelligence matters. Furthermore, all of GCHQ’s work is carried out in accordance with a strict legal and policy framework, which ensures that our activities are authorized, necessary and proportionate, and that there is rigorous oversight, including from the secretary of state, the interception and intelligence services commissioners and the parliamentary intelligence and security committee.
“All our operational processes rigorously support this position. In addition, the UK’s interception regime is entirely compatible with the European convention on human rights.”