UK Spies Say They're Dropping Bulk Data Collection For Bulk Equipment Interference
from the I-mean,-they'll-still-use-both... dept
UK spies are changing their minds. Rapidly. Sure, bulk data collection is cool. But you know what's really cool? Mass interference with electronic devices.
At the time the Investigatory Powers Bill was passing through Parliament – it was signed into law in 2016 – EI [Electronic Interference] hadn't been used, but it was already seen an alternative to bulk interception.
However, it was expected to be authorised through targeted or targeted thematic warrants; as then-independent reviewer of terrorism David Anderson wrote at the time, "bulk EI is likely to be only sparingly used".
[...]
During the passage of the Investigatory Powers legislation, he said, the government anticipated bulk EI warrants would be "the exception", and "be limited to overseas 'discovery' based EI operations".
But with encryption increasingly commonplace, the spies want the exception to edge towards becoming the rule.
"Used sparingly" is now "used by default." Why? The good old baddie, encryption. A letter [PDF] written by security minister Ben Wallace says encryption is making bulk data collections less useful.
Following a review of current operational and technical realities, GCHQ have revisited the previous position and determined that it will be necessary to conduct a higher proportion of ongoing overseas focused operational activity using the bulk EI regime than was originally envisaged.
The lawfulness depends on the "double lock" process. The government alone can't give GCHQ permission to engage in bulk EI. There's a judge involved now, making this more of a warrant process than a subpoena process, to make a somewhat clumsy analogy. According to this report, bulk EI is still waiting in the wings. If true, it's a good thing because the double-lock process didn't actually go into effect until the end of November.
What bulk EI is remains somewhat of a mystery. But some of what's described in a 2016 report [PDF] containing several hypotheticals sounds like a lot of large-scale intrusion, ranging from Stingray-esque device location to tactics that have been left up to the imagination thus far.
This sounds a bit like the FBI's child porn hunting Network Investigative Technique: serving up malware to collect information on devices and their users.
Intelligence from sources including bulk interception identified a location in Syria used by extremists. However the widespread use of anonymisation and encryption prevented GCHQ from identifying specific individuals and their communications through bulk interception. GCHQ then used EI under an ISA authorisation (under the Bill this would be done using a targeted thematic EI warrant) to identify the users of devices in this location.
This may be a theoretical Stingray deployment:
A group of terrorists are at a training camp in a remote location overseas. The security and intelligence agencies have successfully deployed targeted EI against the devices the group are using and know that they are planning an attack on Western tourists in a major town in the same country, but not when the attack is planned for. One day, all of the existing devices suddenly stop being used. This is probably an indication that the group has acquired new devices and gone to the town to prepare for the attack. It is not known what devices the terrorists are now using. The security and intelligence agencies would use bulk EI techniques to acquire data from devices located in the town in order to try to identify the new devices that are being used by the group.
Whatever bulk electronic interference ends up being when it's actually deployed, GCHQ is sure of one thing: the less it knows about its targets, the more justified it is using it in bulk.
As the cell members can only be identified following considerable target discovery effort, a bulk EI warrant is suitable.
Whatever civil liberties concerns this program raises will probably be dismissed quickly. GCHQ's hypotheticals involve terrorism suspects overseas and child porn site operators -- the least sympathetic targets available. Foreigners are fair game for bulk anything and no one wants to side with child exploiters, even if they technically share the same civil liberties/rights.
The exception is the rule. This is how it works for those who promise the most worrying aspects of surveillance programs will be saved for the edge cases. Sooner or later, the edge cases are just cases, and no one is interested in walking anything back.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: bulk collection, electronic interference, investigatory powers, mass surveillance, uk
Reader Comments
Subscribe: RSS
View by: Time | Thread
Collateral damage: Not just for the opposition anymore
Mass-malware deployment to grab everything they can and only then narrow their focus, along with spying on entire towns just in case that allows them to find targets that their own hypothetical would indicate are smarter than them and not likely to be caught by such bumbling...
Oh yeah, I'm sure they can be totally trusted with tools and techniques that are by design meant to grab massive amounts of information, with large amounts of it from innocent people.
[ link to this | view in thread ]
Warrant process?
I think you meant a rubber stamp process.
To do high volume rubber stamping, the UK should study from the master: the USPTO.
[ link to this | view in thread ]
"double lock" process
[ link to this | view in thread ]
Circular reasoning turns into an ever closing circle.
The thing is, when those new enemies are in fact yourselves, finding ways to battle yourself creates new creative opportunities. After all, one can only shoot their selves in the foot so many times. At some point there is no foot left, and at some further points, the targets become fewer and fewer. For those who are bent on domination, there eventually will be nothing left to dominate. Then it becomes necessary to be creative when proclaiming who the winner is. I have no doubt those bent on domination have not thought this through, thoroughly.
What a world...what a world...
[ link to this | view in thread ]
So tell me...
[ link to this | view in thread ]
slight vocabulary change
I think you might get better traction with an article like this if you highlight that the EI techniques are targeted not at child pornographers but "supposed" or "suspected" child pornographers (or perhaps even shift verbage to CP collectors...Id imagine most individuals downloading CP from a website don't/cant make their own). Then you can highlight this can and likely will be deployed against those innocent of such crimes.
[ link to this | view in thread ]
Re: So tell me...
[ link to this | view in thread ]
Re: Re: So tell me...
[ link to this | view in thread ]
stringray hypothetical
False positives be damned!
[ link to this | view in thread ]
Senerio above..
Think hard about that.
Willingly the company GAVE them access..
Unwillingly, covertly, Unknowingly...They got access another way..
Hmmm..
Who is putting Strange hardware into systems..
[ link to this | view in thread ]