Leaked Documents Show New Zealand Company's Connection To GCHQ's Internet Dragnet
from the build-a-better-data-scoop-and-the-world's-government-will-beat-a-path-to-you dept
Another stack of documents has been leaked to The Intercept, these ones detailing a little-known New Zealand company's facilitation of worldwide surveillance.
Dozens of internal documents and emails from Endace, obtained by The Intercept and reported in cooperation with Television New Zealand, reveal the firm’s key role helping governments across the world harvest vast amounts of information on people’s private emails, online chats, social media conversations, and internet browsing histories.
Endace -- like almost every other company in the literal spyware business -- also seems willing to sell to the highest bidder, no matter where they sit on their home nation's friends/enemies lists.
The leaked files, which were provided by a source through SecureDrop, show that Endace listed a Moroccan security agency implicated in torture as one of its customers. They also indicate that the company sold its surveillance gear to more than half a dozen other government agencies, including in the United States, Israel, Denmark, Australia, Canada, Spain, and India.
The documents now in The Intercept's hands detail Endace's work for GCHQ, assisting it in its quest to pull as much data and communications as it can from underseas cables which conveniently route about one-fourth of the world's internet traffic into the waiting arms of the spy agency. These leaked documents were cross-referenced with The Intercept's Snowden stash to confirm their legitimacy.
The documents show GCHQ asked Endace for several modifications of the stock product it originally presented to the agency. These alterations served one purpose: to build haystacks faster.
A November 2010 company document said that “FGA” ["friendly government agency"] had an order of 20 systems scheduled for delivery in March 2011. Each system was equipped with two “data acquisition” cards capable of intercepting 20Gs of internet traffic. The total capacity of the order would enable GCHQ to monitor a massive amount of data — the equivalent of being able to download 3,750 high-definition movies every minute, or 2.5 billion average-sized emails an hour.
Other info in the documents shows Endace and GCHQ were (are?) aiming for deployment of 300-500 of these systems, allowing the agency to pull in a large percentage of the traffic traveling through tapped underseas cables. There are also hints that suggest some data is more useful to the GCHQ than others, with WhatsApp, Facebook, Gmail, and Hotmail being specifically named. Also of importance to GCHQ: the ability to track targets by MAC address.
When Endace isn't selling to "friendly" government surveillance agencies (and "friendly" governments with decades of human rights abuses under their belts), it's also selling its interception technology to telcos to better assist them in complying with law enforcement requests.
Perhaps the most darkly comic aspect of all of this is that UK and New Zealand taxpayers are likely being double-dipped for surveillance efforts that encompass their own data and communications. Not only are they paying for the tech and ongoing collection efforts, but Endace was also awarded $11.1 million in government grants to defray 50% of the cost of "substantial product developments." Endace isn't saying which products were developed using these grants, and the New Zealand government says the company isn't obligated to reveal how this money was spent.
Filed Under: gchq, new zealand, surveillance
Companies: endace
