LONDON (AP) — The U.K.’s electronic spy agency is legally
allowed to track the online activities of millions of Britons who use
U.S.-based platforms such as Facebook, Twitter and Google, Britain’s top
counterterrorism official has said.
In a witness statement made
public Tuesday, Office for Security and Counterterrorism chief Charles
Farr said data sent on those services is classed as "external" rather
than "internal" communications because the companies’ servers are based
outside Britain.
Amnesty International said that amounted to
"industrial-scale intrusion," but Farr said this did not amount to mass
surveillance because the vast majority of messages intercepted in this
way are not read.
The distinction between external and internal
interactions is significant because Britain’s electronic intelligence
agency, GCHQ, has broad powers to intercept communications outside the
country, but needs a warrant and suspicion of wrongdoing to monitor
domestic Internet traffic.
A broad definition of what constitutes
"external" communications expands the amount of data GCHQ can scoop up
to include the daily activities of millions of British Internet users.
In
the first public explanation of the rules used by Britain’s
cyber-spies, Farr said that emails sent between two people in Britain
would usually be classed as internal even if they traveled by route
outside the country. But Facebook and Twitter posts or searches on
Google or YouTube that went to data centers outside the British Isles
would fall under the external category.
Farr said data scooped up
in this way "cannot be read, looked at or listened to" except in
strictly limited circumstances. Rules exist to limit the way harvested
data can be searched and how long it can be retained, but the full
details of the regulations have never been made public.
"It is
important to note the significant distinction between the act of
interception itself, and a person actually reading, looking at or
listening to intercepted material," Farr wrote.
Britain’s Home
Office confirmed the document was genuine. It was written in response to
a legal action by civil liberties groups including Amnesty, Liberty,
Privacy International and the American Civil Liberties Union, who are
seeking to curb cyber-spying, and was published by the groups.
James
Welch, legal director of Liberty, said Farr’s document revealed that
Britain’s intelligence agencies "are operating in a legal and ethical
vacuum."
"If there was any remaining doubt that our snooping laws need a radical overhaul there can be no
longer," he said.
Simon
McKay, a criminal lawyer and author of a leading textbook on covert
policing, said Farr’s statement provided a "lifting of the veil of
secrecy" on spying.
"The statement admits GCHQ are routinely
intercepting communications from what are commonly known as social
networking sites," McKay said. "The suggestion that they do not monitor
them is a little harder to swallow."
Britain’s Home Office, which
is responsible for security and counterterrorism, said it could not
comment on an ongoing legal challenge.
The rights groups launched
their legal action after leaks about cyber-snooping from former U.S.
National Security Agency contractor Edward Snowden. He revealed details
of a program called PRISM, which gives the NSA access to Internet
companies’ customer data, and a British operation, TEMPORA, that allows
GCHQ to harvest data from undersea cables.
Farr would not confirm or deny the existence of TEMPORA or say whether GCHQ had received information from
PRISM.
__
Associated Press Writer Raphael Satter contributed to this report.
