Belfast Telegraph

UK spy agencies have collected bulk personal data since 1990s, new papers reveal

New papers show that UK spies have been collecting bulk personal data on citizens since the 90s, and that the information found is liable to abuse

Equipment interference, also known as Computer Network Exploitation (CNE), allows GCHQ spies to bypass encryption and gain access to data sent from devices including phones and computer networks
Equipment interference, also known as Computer Network Exploitation (CNE), allows GCHQ spies to bypass encryption and gain access to data sent from devices including phones and computer networks
Edward Snowden says GCHQ is "for most intents and purposes a subsidiary of the NSA"

UK spies have been collecting bulk data on people since the 1990s, and abusing it to find out people’s addresses for birthday cards, new releases show.

MI5, MI6 and GCHQ have been collecting and relying on huge amounts of data collected on almost every person in the country, according to new documents obtained by Privacy International during a legal hearing.

And spies have even been accessing that data to find out that personal information so that they can use it for booking holidays and spying on their family members to get personal details, the papers show.

The files show the huge amount of information that is being gathered by British spying groups.

Ministers have previously argued that only people who are suspected of criminal or terrorist behaviour will be tracked – but they show that spies have been collecting bulk personal datasets on a range of innocent people for years, and arguing that they are used to find legitimate suspects.

“We’ve seen a few instances recently of individual users crossing the line with their database use, looking up addresses in order to send birthday cards, checking passport details to organise personal travel, checking details of family members for personal reasons.

Read more

Sign In

Government surveillance stops people sharing controversial opinions online, study suggests 

"Another area of concern is the use of the database as a ‘convenient’ way to check the personal details of colleagues when filling out service forms on their behalf."

The papers also show how the organisation had to explicitly tell spies not to search for themselves within the database – a practice that can often lead to accidental intrusion into other people’s lives.

“An example of an inappropriate ‘self search’ would be to use the database to remind yourself where you have travelled so you can update your records,” a policy added to the documents in 2001 says.

“This is not a proportionate use of the system, as you could find this information by another means (i.e. check the stamps in your passport or keep a running record of your travel) that would avoid collateral intrusion into other people’s data.”

Millie Graham Wood, Legal Officer at Privacy International, said the documents show "the staggering extent to which the intelligence agencies hoover up our data. This can be anything from your private medical records, your correspondence with your doctor or lawyer, even what petitions you have signed, your financial data, and commercial activities.”

"The agencies themselves admit that the majority of data collected relates to individuals who are not a threat to national security or suspected of a crime. This highly sensitive information about us is vulnerable to attack from hackers, foreign governments, and criminals.

"The agencies have been doing this for 15 years in secret and are now quietly trying to put these powers on the statute book for the first time, in the Investigatory Powers Bill, which is currently being debated in Parliament. These documents reveal a lack of openness and transparency with the public about these staggering powers and a failure to subject them to effective Parliamentary scrutiny."


Independent News Service