A secret US system called Dishfire can read hundreds of millions of text messages from around the world, according to documents leaked by former National Security Agency contractor Edward Snowden.
The program enables US spies to intercept messages sent between countries, welcome messages sent to people when they arrive in a different country, text-based financial transactions, missed-call alerts and business cards, The Guardian and Channel 4 News reported.
UK spy agency GCHQ has reportedly been given full access to the information, raising concern that British privacy laws are being circumvented.
The NSA has to delete innocent texts involving Americans from the system but there is no requirement to do so for foreign phone numbers.
Mobile phone company Vodafone said it was concerned by the revelations and planned to raise the matter with the British Government.
A leaked GCHQ memo spelled out Dishfire was useful because it trawled through text messages without targeting suspected terrorists, for instance. Under UK law, intelligence agencies are supposed to seek permission from the Secretary of State to read an individual's text messages.
“In contrast to GCHQ equivalents, DISHFIRE contains a large volume of unselected SMS traffic,” it states.
“This makes it particularly useful for the development of new targets, since it is possible to examine the content of messages sent months or even years before the target was known to be of interest.”
Former Interception Commissioner Sir Swinton Thomas said the allegations were “a worry”.
“Certainly in my time I would take the view that it was not open to our intelligence services to obtain or certainly to use communications or data which would not be lawful in this country,” he told Channel 4 News.
Sir Swinton said use of such information was similar to using evidence obtained under torture in a foreign country. This was a “different area of course, but the concept is very similar”, he added.
And Stephen Deadman, group privacy officer at Vodafone Group, said the allegations sounded “concerning” because they suggested that British law had been “circumvented”.
“For us as a business this is anathema because our whole business is founded on protecting privacy as a fundamental imperative,” he said.
“We're going to be contacting the Government and are going to be challenging them on this. From our perspective, the law is there to protect our customers and it doesn't sound as if that is what is necessarily happening.”
Sir Malcolm Rifkind, chairman of the Intelligence and Security Committee, told i they would investigate the allegations.
“We always investigate these matters. The starting point is to ask the agency to respond to us. They have to do so by law. You can be confident we'll get to the bottom of it,” he said.
Sir Malcolm said the suggestion that GCHQ was circumventing UK law by getting intelligence about British people from the NSA had been made before by The Guardian.
He said his committee's investigation into those allegations — relating to another system called Prism — found that GCHQ “already had authority from the relevant Secretary of State” to obtain the information about the individuals concerned.
“The Guardian has form in this matter,” Sir Malcolm said, adding that he was not commenting on the quality of the current allegations.
In a statement, an NSA spokeswoman said: “As we have previously stated, the implication that NSA's collection is arbitrary and unconstrained is false.
“NSA's activities are focused and specifically deployed against - and only against - valid foreign intelligence targets in response to intelligence requirements.
“NSA actively works to remove extraneous data, to include that of innocent foreign citizens, as early as possible in the process.”
GCHQ said that all of its work was “carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate”.
It said there was “rigorous oversight” by the Secretary of State, current interception and intelligence services commissioners and the Intelligence and Security Committee.
Jacob Applebaum: To protect and infect