NSA Collects 200 Million International Texts Daily and Allows Access by GCHQ

NSA Collects 200 Million International Texts Daily and Allows Access by GCHQ
NSA Collects 200 Million International Texts Daily and Allows Access by GCHQ

The collection is under a project codenamed Dishfire, which in one presentation is subtitled, “SMS Text Messages: A Goldmine to Exploit.” A separate project called 'Prefer' conducts an automated analysis of the communications.

The Prefer program," reports The Guardian, "uses automated text messages such as missed call alerts or texts sent with international roaming charges to extract information, which the agency describes as 'content-derived metadata', and explains that 'such gems are not in current metadata stores and would enhance current analytics.'"

The documents suggest that communications from US phone numbers were removed or minimized, but foreign communications were retained. This is likely to increase dismay at the NSA around the world – except, perhaps in the UK, where GCHQ has been a 'beneficiary' of Dishfire. "While GCHQ is not allowed to search through the content of messages without a warrant – though the contents are stored rather than deleted or “minimized” from the database – the agency’s lawyers decided analysts were able to see who UK phone numbers had been texting, and search for them in the database," notes The Guardian.

Both the NSA and GCHQ insist that they operate within their national laws. The NSA repeated its usual position: “As we have previously stated, the implication that NSA's collection is arbitrary and unconstrained is false," said a spokeswoman. “NSA's activities are focused and specifically deployed against – and only against – valid foreign intelligence targets in response to intelligence requirements."

For its part, GCHQ repeated that it does not comment on intelligence matters, but operates within the law. "All of GCHQ's work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorized, necessary and proportionate," a spokesman told The Guardian.

Others are not so convinced of the legality of GCHQ's behavior. Nick Pickles, director of Big Brother Watch, said: “First we need to know how the NSA was able to get access to UK telephone networks and scoop up millions of our texts. Then we need to know who authorized it and why they decided to hand over the private messages of people under no suspicion whatsoever to the Americans without any public or Parliamentary debate."

He added, "“If an interception warrant for an individual is not in place, it is illegal to look at the content of a message. Descriptions of content derived metadata suggest the content of texts is being collected and inspected in bulk and if this is the case GCHQ has serious questions to answer about whether it is operating under a perverse interpretation of the law cooked up in secret."

Vodafone, one of the world's largest mobile phone carriers, also expressed both surprise and dismay. “What you’re describing," the group’s privacy officer and head of legal for privacy, security and content standards told Channel 4 News, "sounds concerning to us because the regime that we are required to comply with is very clear and we will only disclose information to governments where we are legally compelled to do so, won’t go beyond the law and comply with due process. But what you’re describing is something that sounds as if that’s been circumvented."

Jon Callas, of Silent Circle and Blackphone, suggested that texters should not be surprised. "You should assume every government in the world is spying on SMS messages that pass through their borders," he told The Register. "I consider text messages to be the least secure thing you can do on a mobile. SMS is a hack – it was never designed to be secure and was thrown together for convenience."

President Obama is due to give his response to the recent report of the NSA review panel later today. He is not currently expected to materially reduce the NSA's surveillance programs or mandate.

What’s Hot on Infosecurity Magazine?