Targeted surveillance (or targeted interception) is a form of surveillance, such as wiretapping, that is directed towards specific persons of interest, and is distinguishable from mass surveillance (or bulk interception). Both untargeted and targeted surveillance is routinely accused of treating innocent people as suspects in ways that are unfair, of violating human rights, international treaties and conventions as well as national laws, [1] and of failing to pursue security effectively. [2]
A 2014 report to the UN General Assembly by the United Nations' top official for counter-terrorism and human rights condemned mass electronic surveillance as a clear violation of core privacy rights guaranteed by multiple treaties and conventions. The report also makes a distinction between "targeted surveillance" - which "depend[s] upon the existence of prior suspicion of the targeted individual or organization" — and "mass surveillance", by which "states with high levels of Internet penetration can [...] gain access to the telephone and e-mail content of an effectively unlimited number of users and maintain an overview of Internet activity associated with particular websites". [3]
The United Kingdom's House of Lords also distinguishes between these two broad types of surveillance: [4]
- Mass surveillance is also known as “passive” or “undirected” surveillance. [...] It is not targeted on any particular individual but gathers images and information for possible future use. CCTV and databases are examples of mass surveillance.
- Targeted surveillance is surveillance directed at particular individuals and can involve the use of specific powers by authorised public agencies. Targeted surveillance can be carried out overtly or covertly, and can involve human agents. Under the Regulation of Investigatory Powers Act 2000 (RIPA), targeted covert surveillance is “directed” if it is carried out for a specific investigation or operation. By comparison, if it is carried out on designated premises or on a vehicle, it is “intrusive” surveillance. Targeting methods include the interception of communications, the use of communications “traffic” data, visual surveillance devices, and devices that sense movement, objects or persons.
Only targeted interception of traffic and location data in order to combat serious crime, including terrorism, is justified, according to a decision by the European Court of Justice. [5] [6] [7] [8]
The current approach of the NSA and its related organizations is attempting to collect all signals of everybody at all times without any prior selection. [9] [10] [11] So any current selection is only used for targets of special interest, human review or special resource allocation.
Such selectors include searching the web for the privacy-enhancing software tools such as Tor. [12] [13]
A leaked document revealed that for the XKeyscore program, using languages that are out of place for the region one is in, using encryption, and searching the web for 'suspicious stuff', were suggested as selectors. [14] [15] [16]
In Operation Eikonal, German BND agents received "Selector Lists" − search terms for their dragnet surveillance. They contain IP addresses, mobile phone numbers and email accounts with the BND surveillance system containing hundreds of thousands and possibly more than a million such targets. [17] These lists have been subject of controversy since in 2008 when it was revealed that they contained some terms targeting the European Aeronautic Defence and Space Company (EADS), the Eurocopter project [18] as well as French administration, [19] [17] which were first noticed by BND employees in 2005. [18] Other selectors were found to target the administration of Austria. [20] After the revelations made by whistle-blower Edward Snowden the BND decided to investigate the issue whose October 2013 conclusion was that at least 2,000 of these selectors were aimed at Western European or even German interests which has been a violation of the Memorandum of Agreement that the US and Germany signed in 2002 in the wake of the 9/11 terror attacks. [17] After reports emerged in 2014 that EADS and Eurocopter had been surveillance targets the Left Party and the Greens filed an official request to obtain evidence of the violations. [17] [21]
The BND's project group charged with supporting the NSA investigative committee in German parliament was set up in spring 2014. It reviewed the selectors and discovered 40,000 suspicious search parameters, including espionage targets in Western European governments and numerous companies. The group also confirmed suspicions that the NSA had systematically violated German interests and concluded that the Americans could have perpetrated economic espionage directly under the Germans' noses. [17] [22] The investigative parliamentary committee was not granted access to the NSA's selectors list as an appeal led by opposition politicians failed at Germany's top court. Instead, the ruling coalition appointed an administrative judge, Kurt Graulich, as a "person of trust" who was granted access to the list and briefed the investigative commission on its contents after analyzing the 40,000 parameters. [23] [24] In his almost 300-paged report, [25] Graulich concluded that European government agencies were targeted massively and that Americans hence broke contractual agreements. He also found that German targets which received special protection from surveillance of domestic intelligence agencies by Germany's Basic Law (Grundgesetz) − including numerous enterprises based in Germany − were featured in the NSA's wishlist in a surprising plenitude. [26] While the magnitude differs there have also been problematic BND-internal selectors which have been used until end of 2013 - around two thirds of 3300 targets were related to EU and NATO states. [27] [28] [29] Klaus Landefeld, member of the board at the Internet industry association Eco International, has met intelligence officials and legislators to present suggestions for improvement, like streamlining the selector system. [30]
Former NSA director and whistleblower William Binney testified that while targeted data collection operations could help prevent terror attacks, "overcollection" of mass data undermined security and had consistently cost lives because of "analysis paralysis". [31] He said the British government should "redirect" intelligence agencies and law enforcement to targeted surveillance with it being "based on probable cause and developing knowledge about the targets and make sure they qualify for things like warrants". He also states that "retroactively analysing people, anybody you want, any time you want, that's certainly possible with bulk acquisition of data but that's certainly not what democracies are built on". According to him "that's what totalitarian states are built on". [32]
In November 2016 whistleblower Edward Snowden stated:
What I protest most strongly is mass surveillance, indiscriminate surveillance where they are watching everyone. Targeted surveillance that's backed by a court...is the least intrusive means of achieving these investigative goals without destroying the rights of everyone else in a free society
— Edward J. Snowden, [33]
Snowden also noted that the men who committed recent terrorist attacks in France, Canada and Australia were under surveillance but they weren't singled out.
It wasn't the fact that we weren't watching people or not, it was the fact that we were watching people so much that we did not understand what we had. The problem is that when you collect it all, when you monitor everyone, you understand nothing.
— Edward J. Snowden, [34]
In May 2015 The Intercept revealed that it obtained documents that showed that officials inside the NSA have criticized the 'collect it all'-approach as well with the documents having titles such as "Data Is Not Intelligence", "The Fallacies Behind the Scenes", "Cognitive Overflow?", "Summit Fever", "In Praise of Not Knowing", "Dealing With a 'Tsunami' of Intercept", "Overcome by Overload?" and "Too Many Choices". [35]
The document's conclusions include:
- The SIGINT mission is far too vital to unnecessarily expand the haystacks while we search for the needles. Prioritization is key.
- We in the agency are at risk of a similar, collective paralysis in the face of a dizzying array of choices every single day
- 'Analysis paralysis' isn't only a cute rhyme. It's the term for what happens when you spend so much time analyzing a situation that you ultimately stymie any outcome [...] It's what happens in SIGINT when we have access to endless possibilities, but we struggle to prioritize, narrow, and exploit the best ones.
United Kingdom's Liberal Democrats have demanded that the Government end indiscriminate mass surveillance and introduce a more targeted and effective counter-terrorism policy that uses targeted surveillance of specific individuals who are suspected of wrongdoing. [36] Liberal Democrats home affairs spokesperson Alistair Carmichael asks that, "mass spying on the British people should be replaced with targeted surveillance of specific individuals suspected of wrongdoing". [37]
In the 2015 "Resolution 2045", the European Parliamentary Assembly "recognises the need for effective, targeted surveillance of suspected terrorists and other organised criminal groups" and states that "such targeted surveillance can be an effective tool for law enforcement and crime prevention", while at the same time "according to independent reviews carried out in the United States, mass surveillance does not appear to have contributed to the prevention of terrorist attacks, contrary to earlier assertions made by senior intelligence officials. Instead, resources that might prevent attacks are diverted to mass surveillance, leaving potentially dangerous persons free to act". [38]
Privacy campaigners argue that instead of "wasting resources gathering and sifting through the volume of data being accumulated through mass surveillance", resources would be better allocated in providing more personnel for targeted surveillance. [39]
In an analysis of 10 recent terror attacks, Ryan Gallagher of The Intercept concludes that, "if any lesson can be learned from studying the perpetrators of recent attacks, it is that there needs to be a greater investment in conducting targeted surveillance of known terror suspects and a move away from the constant knee-jerk expansion of dragnet surveillance, which has simply not proven itself to be effective, regardless of the debate about whether it is legal or ethical in the first place". [40]
After Privacy International launched a legal case against Britain's security services, Thomas de la Mare QC of the group states there is a danger that "de facto constant surveillance", such as the services' orders for bulk data from telecom companies on request, could become "the most potent instrument of repression", and argued during the hearing, that such non-targeted forms of surveillance have turned investigations on their head. The campaigners argue that whereas in the past, individual inquiries based on suspicion would throw up leads, it is now algorithmic processing of data providing those leads with that amounting to mass surveillance. [41] [42]
Civil rights group Liberty, which is challenging the legality of bulk collection in the European Court of Human Rights criticizes the "Report of the bulk powers review" by David Anderson QC for failing to answer whether information gathered via bulk powers was the "critical factor in preventing or detecting serious crime, and whether that information could have been obtained from smart, targeted surveillance instead". [43]
Lord Paddick comments the 2016 Investigatory Powers Act, saying "as with any legislation, there is a significant risk that authorities will use powers in a way that parliament never intended" and called for proper oversight to ensure any surveillance is targeted and proportionate. [5] Privacy campaigners say the bill clearly lays out the mass surveillance powers that would be at the disposal of the security services, and want it be amended so that the surveillance is targeted and based on suspicion. They argue that the powers are so sweeping, and the bill's language so general, that not just the security services but also government bodies will be able to analyze the records of millions of people even if they are not under suspicion. [41]
Troy Wolverton notes that the documents leaked by Snowden revealed widespread abuses, both at home and abroad. He says that "instead of targeted surveillance of particular threats, the NSA had a motto and mentality of 'collect it all' on everybody, the privacy of anyone involved be damned". [44]
Jo Glanville, editor of Index on Censorship and a member of the Ministry of Justice working party on libel reform, asserts that keeping the country safe does not entitle the government or the intelligence services to act without regards to our human rights and that "it is possible to conduct targeted surveillance with effective oversight while according respect to all our rights". [45]
Computer scientists at the University of Pennsylvania have developed an algorithmic framework for conducting targeted surveillance of individuals within social networks while protecting the privacy of "untargeted" digital bystanders that "outputs a list of confirmed targeted individuals discovered in the network, for whom any subsequent action (e.g., publication in a most-wanted list, further surveillance, or arrest in the case of terrorism; medical treatment or quarantine in the case of epidemics) will not compromise the privacy of the protected". [46] [47]
In January 2017 it was reported that German federal agencies are using a new program called "Radar", developed by the BKA and the University of Zürich, that aims to help evaluate the risk posed by persons. It includes a catalog of questions such as about the person's relationship to violence and access to weapons and takes into account data on past terrorists. [48] [49]
The crypto and security communities can make the Internet more secure by making population-wide surveillance technically or economically infeasible, understanding that modest amounts of targeted surveillance will always be technically and economically feasible. [50]
Edward Snowden notes that "we're thwarting mass surveillance when we use encryption. We're not stopping targeted surveillance. Because even, again, if you have the most well-encrypted device in the world, if the government spends a million dollars to pay a hacker to exploit your phone personally, they will very likely succeed". [51]
The Electronic Frontier Foundation claims that the NSA and its defenders are trying to pass off their mass surveillance as being authorized under Section 702 of the FISA Amendments Act as "targeted surveillance" even though it includes the collection of the content of hundreds of millions of communications annually and the real-time search of billions more which according to them fits the definition "mass surveillance" under Section 702. [52]
Furthermore, the organization asks how the US government justified the Yahoo email scanning under FISA, asking whether the Foreign Intelligence Surveillance Court has interpreted FISA – which authorizes targeted surveillance of certain foreigners' (such as spies or terrorists) communications – to mean that the government can conscript Yahoo into mass surveillance of all of its users' emails. [53]
According to documents obtained from Edward Snowden and published by Glenn Greenwald, the NSA and GCHQ have been automating targeted operations, allowing for "industrial scale exploitation" that can potentially infect "millions" of machines with malware. [54] [55]
Industrial espionage, also known as economic espionage, corporate spying, or corporate espionage, is a form of espionage conducted for commercial purposes instead of purely national security.
The National Security Agency (NSA) is an intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collection, and processing of information and data for foreign intelligence and counterintelligence purposes, specializing in a discipline known as signals intelligence (SIGINT). The NSA is also tasked with the protection of U.S. communications networks and information systems. The NSA relies on a variety of measures to accomplish its mission, the majority of which are clandestine. The NSA has roughly 32,000 employees.
Mass surveillance is the intricate surveillance of an entire or a substantial fraction of a population in order to monitor that group of citizens. The surveillance is often carried out by local and federal governments or governmental organizations, but it may also be carried out by corporations. Depending on each nation's laws and judicial systems, the legality of and the permission required to engage in mass surveillance varies. It is the single most indicative distinguishing trait of totalitarian regimes. It is often distinguished from targeted surveillance.
The United Kingdom – United States of America Agreement is a multilateral agreement for cooperation in signals intelligence between Australia, Canada, New Zealand, the United Kingdom, and the United States. The alliance of intelligence operations is also known as the Five Eyes. In classification markings this is abbreviated as FVEY, with the individual countries being abbreviated as AUS, CAN, NZL, GBR, and USA, respectively.
PRISM is a code name for a program under which the United States National Security Agency (NSA) collects internet communications from various U.S. internet companies. The program is also known by the SIGAD US-984XN. PRISM collects stored internet communications based on demands made to internet companies such as Google LLC and Apple under Section 702 of the FISA Amendments Act of 2008 to turn over any data that match court-approved search terms. Among other things, the NSA can use these PRISM requests to target communications that were encrypted when they traveled across the internet backbone, to focus on stored data that telecommunication filtering systems discarded earlier, and to get data that is easier to handle.
Edward Joseph Snowden, born June 21, 1983) is an American former NSA intelligence contractor and whistleblower who leaked classified documents revealing the existence of global surveillance programs. He became a naturalized Russian citizen in 2022.
Tempora is the codeword for a formerly-secret computer system that is used by the British Government Communications Headquarters (GCHQ). This system is used to buffer most Internet communications that are extracted from fibre-optic cables, so these can be processed and searched at a later time. It was tested from 2008 and became operational in late 2011.
XKeyscore is a secret computer system used by the United States National Security Agency (NSA) for searching and analyzing global Internet data, which it collects in real time. The NSA has shared XKeyscore with other intelligence agencies, including the Australian Signals Directorate, Canada's Communications Security Establishment, New Zealand's Government Communications Security Bureau, Britain's Government Communications Headquarters, Japan's Defense Intelligence Headquarters, and Germany's Bundesnachrichtendienst.
The practice of mass surveillance in the United States dates back to wartime monitoring and censorship of international communications from, to, or which passed through the United States. After the First and Second World Wars, mass surveillance continued throughout the Cold War period, via programs such as the Black Chamber and Project SHAMROCK. The formation and growth of federal law-enforcement and intelligence agencies such as the FBI, CIA, and NSA institutionalized surveillance used to also silence political dissent, as evidenced by COINTELPRO projects which targeted various organizations and individuals. During the Civil Rights Movement era, many individuals put under surveillance orders were first labelled as integrationists, then deemed subversive, and sometimes suspected to be supportive of the communist model of the United States' rival at the time, the Soviet Union. Other targeted individuals and groups included Native American activists, African American and Chicano liberation movement activists, and anti-war protesters.
During the 2010s, international media reports revealed new operational details about the Anglophone cryptographic agencies' global surveillance of both foreign and domestic nationals. The reports mostly relate to top secret documents leaked by ex-NSA contractor Edward Snowden. The documents consist of intelligence files relating to the U.S. and other Five Eyes countries. In June 2013, the first of Snowden's documents were published, with further selected documents released to various news outlets through the year.
The global surveillance disclosure released to media by Edward Snowden has caused tension in the bilateral relations of the United States with several of its allies and economic partners as well as in its relationship with the European Union. In August 2013, U.S. President Barack Obama announced the creation of "a review group on intelligence and communications technologies" that would brief and later report to him. In December, the task force issued 46 recommendations that, if adopted, would subject the National Security Agency (NSA) to additional scrutiny by the courts, Congress, and the president, and would strip the NSA of the authority to infiltrate American computer systems using "backdoors" in hardware or software. Geoffrey R. Stone, a White House panel member, said there was no evidence that the bulk collection of phone data had stopped any terror attacks.
This is a category of disclosures related to global surveillance.
Global mass surveillance can be defined as the mass surveillance of entire populations across national borders.
The Fourth Amendment Protection Acts, are a collection of state legislation aimed at withdrawing state support for bulk data (metadata) collection and ban the use of warrant-less data in state courts. They are proposed nullification laws that, if enacted as law, would prohibit the state governments from co-operating with the National Security Agency, whose mass surveillance efforts are seen as unconstitutional by the proposals' proponents. Specific examples include the Kansas Fourth Amendment Preservation and Protection Act and the Arizona Fourth Amendment Protection Act. The original proposals were made in 2013 and 2014 by legislators in the American states of Utah, Washington, Arizona, Kansas, Missouri, Oklahoma and California. Some of the bills would require a warrant before information could be released, whereas others would forbid state universities from doing NSA research or hosting NSA recruiters, or prevent the provision of services such as water to NSA facilities.
Former U.S. President Barack Obama favored some levels of mass surveillance. He has received some widespread criticism from detractors as a result. Due to his support of certain government surveillance, some critics have said his support violated acceptable privacy rights, while others dispute or attempt to provide justification for the expansion of surveillance initiatives under his administration.
This timeline of global surveillance disclosures from 2013 to the present day is a chronological list of the global surveillance disclosures that began in 2013. The disclosures have been largely instigated by revelations from the former American National Security Agency contractor Edward Snowden.
The United States is widely considered to have one of the most extensive and sophisticated intelligence network of any nation in the world, with organizations including the Central Intelligence Agency and the National Security Agency, amongst others. It has conducted numerous espionage operations against foreign countries, including both allies and rivals. Its operations have included the use of industrial espionage, cyber espionage. and mass surveillance.
The German Parliamentary Committee investigation of the NSA spying scandal was started on March 20, 2014, by the German Parliament in order to investigate the extent and background of foreign secret services spying in Germany in the light of the Global surveillance disclosures (2013–present). The Committee is also in search of strategies on how to protect telecommunication with technical means.
Operation Eikonal is a collaboration between the National Security Agency (NSA) and Bundesnachrichtendienst (BND) for the sharing of telephony and Internet data captured in Germany. It is based on an agreement that dates to 2002, and is part of the NSA operation "RAMPART-A". Surveillance started in 2003, telephony data was collected from 2004 onwards, and all Internet traffic from the Deutsche Telekom (DT) switching center in Frankfurt was captured starting in 2005.
The Consolidated Intelligence Center in Wiesbaden, Germany, is a controversial US intelligence facility under construction by the US Army Europe, located on the grounds of the Lucius D. Clay Barracks in Wiesbaden-Erbenheim, formerly Wiesbaden Army Airfield, about eight kilometres southeast of downtown Wiesbaden. The purpose of the facility, according to the US Army, is to support US forces with tactical theatre-of-war support and strategic intelligence functions. As such, it is implied that data fusion would also take place at this location.