Do you ever get the feeling that someone is watching you?
Maybe it’s someone eyeing you up on the street, perhaps you catch them ogling you on the subway, or maybe it’s an international surveillance network built for the sole purpose of spying on your every move.
I get that last one all the time.
Long gone are the days when that kind of idea was spouted only by tin-foil hat wearing conspiracy nuts.
It’s here. And it’s real.
China and Russia may be talked about as the connoisseurs of reconnaissance. But do we really believe that their reach is the furthest?
Not when you consider the Five Eyes alliance, along with its extended branches: the Nine Eyes and Fourteen Eyes.
Edward Snowden revealed the true extent of surveillance taking place on regular citizens. And it wasn’t the Chinese or the Russians carrying out these operations.
It was U.S. and U.K. intelligence agencies, with the go-ahead from their own governments, caught spying on the general public.
You and me.
So, what is the Five Eyes? When did it all start and what is its role today?
Let’s explore all there is to know about the largest intelligence-sharing agreement in existence.
What is the Five Eyes alliance?
The Five Eyes alliance is a group of intelligence agencies from different countries that work together and exchange information. Currently, the nations involved are:
- New Zealand
- United Kingdom
- United States
Each of the five members shares a variety of intelligence with the others.
Now, prepare yourself for literally all the acronyms.
Formally, the classification level used is AUS / CAN / NZ / UK / US Eyes Only.
A bit of a mouthful, I’m sure you’d agree. So, the term Five Eyes became commonly used as a shorter and easier way of referencing the alliance.
There’s an even briefer signifier that you may see as well, which is FVEY.
The alliance primarily deals with signals intelligence, or SIGINT for short.
SIGNIT counts as any intelligence derived from electronic signals and systems. For example, data gathered from communications systems, radars, and weapons systems.
Beyond this, the Five Eyes also gathers human intelligence (HUMINT) and geospatial intelligence (GEOINT).
HUMINT is data that comes from personal contact with a source. The use of spies is involved here, as well as interrogations, debriefings, and media exploitation.
GEOINT is what agencies are able to derive about human activity from satellite imagery, maps, and blueprints.
I spoke with Philip Ingram MBE, a former spy and Senior Military Intelligence Officer in the UK, about the Five Eyes. He added some very interesting points:
What many don’t realize is that the Five Eyes community is not just about intelligence sharing. The world is a big place and intelligence collection systems are, by their very nature, sensitive beasts. One country would not want to put its own technology into another sovereign state, and there is only limited collection that can be done from embassies. The Five Eyes network has portioned off the globe and agreed to collect on behalf of the other members. That intelligence is then shared. This means no one member can stop sharing with another without partially blinding themselves.
This suggests that there’s more to it than just the collecting and sharing of data.
Each nation has it’s own technology to protect, while also needing to be privy to potential threats around the world.
The Five Eyes network allows each member to focus on a specific region and, at the same time, maintain the integrity of its own systems.
A brief summary of the key intelligence agencies
In each of the member countries of the Five Eyes alliance, a number of intelligence agencies participate in the gathering and sharing of data.
Here’s a look at the main players:
America and Britain are the top honchos, so to speak. With Canada, Australia, and New Zealand involved as “second parties.”
In line with this structure, it is generally understood that the NSA and the GCHQ are the two most influential agencies within the Five Eyes intelligence network.
Shaping the Post-War World
It all began as an intelligence-sharing agreement between the US and the UK, born out of World War 2 and the Atlantic Charter, which set out the Allied vision of a post-war world.
Britain and America worked closely during the fight against the Axis powers. Sharing intercepted communications and deciphered intelligence was a big part of this cooperation.
Top marks for that.
And it’s clear how an exchange of info was beneficial to all parties, given the circumstances.
Following the war, in 1946, a secret treaty was sealed as the UK-USA Agreement. The intelligence partnership that had proven to work so well was now formalized.
Then, the next 10 years saw Canada, Australia, and New Zealand each joining up to complete the alliance.
However, the fact that the UK-USA Agreement existed at all wasn’t known until 2005. And a few years later, the text of the agreement was made public.
If you’re a cool cat like me, you can explore PDF images of the declassified documents over on the NSA website.
Just, you know, be aware that your visit is almost certainly being tracked. So, maybe hide your IP first.
Collaboration was seen as a way to prevent conflict moving forward, and during the Cold War, information was shared on the Soviet Union and China, which were seen to be the biggest threats of the era.
Although, the activity of the Five Eyes was not strictly limited to keeping tabs on these communist states.
Five Eyes fingerprints: how they use the intelligence
With the agreement in place, and key threats identified, gathered intelligence began to impact real-world decisions.
The Soviet Union could not be allowed to develop into as big a threat as the Allies had faced during World War 2.
And the CIA, with help from its brother and sister agencies in the Five Eyes network, sought to ensure that the USSR was starved of allies around the globe.
Here’s a look at some of the most high-profile incidents with FVEY fingerprints.
Buckle up, because things are about to get bumpy.
In the 1950s, the Central Intelligence Agency (CIA) and Britain’s Secret Intelligence Service (SIS) worked together to incite a coup in Iran, which saw the country’s democratically elected Prime Minister overthrown.
The codename for the project in the U.K. was ‘Project Boot.’ Perhaps because it involved booting a man out of power? America was slightly more creative, naming the operation ‘Project Ajax.’
Elected in 1951, Mohammad Mossadegh had moved to nationalize oil production. Something that would have been a serious blow to the U.S. and the U.K., but a big win for Soviet Russia.
It was essentially decided that this could not happen. And as you can imagine, the coup is one of the reasons the U.S. and Iran continue to have pretty strained relations to this day.
Five Eyes involvement in the assassination of Patrice Lumumba has also been confirmed.
A leader of independence and first Prime Minister of the independent Democratic Republic of Congo, Lumumba was immediately faced with a nightmare situation when elected.
The military had revolted while other groups also made their move to seize power. All while Belgian paratroopers returned under the guise of restoring order.
Certainly not an attempt by Belgium to recapture the colony they had just lost.
When Lumumba asked the Soviet Union for help in this dire situation, American and British ears pricked up.
After all, the USSR could not be allowed to gain a foothold in Africa.
Following a period spent in hiding, Patrice Lumumba was finally killed in 1961.
The CIA had invested a lot of money and effort into preventing Salvador Allende coming to power in Chile. But in 1970, Allende became the country’s first democratically elected socialist.
He didn’t last long.
On this occasion, it was Australia’s Secret Intelligence Service (ASIS) that played a key supporting role.
Australia was the eyes and ears for the CIA.
Reportedly, the role of ASIS in Chile was “surveillance and liaison.” But speculation about a more hands-on involvement remains.
General Pinochet’s military government was installed to replace Allende, who died when rebel officers attacked the presidential palace. This meant that instead of the leader they voted for, Chileans got torture and death squads.
Ousting foreign leaders and inciting coups are not the only things the Five Eyes are good at.
Sometimes, they can be commended for taking more virtuous actions.
One example of this was during the Tiananmen Square massacre that took place in China, on 3-4 June 1989.
A student protest calling for democracy and economic liberalization began in mid-1986, lasting three years until the government declared martial law.
Around 300,000 troops were mobilized and opened fire on the unarmed protesters with assault rifles and tanks.
Yes, actual tanks.
In the aftermath of these horrific events, surviving protest leaders and known demonstrators were placed on a “most wanted” list.
Operation Yellow Bird was an effort based out of Hong Kong to help Chinese dissidents escape arrest (and probable execution) by the government.
The CIA and SIS were heavily involved, as well as an unlikely combination of French diplomats, celebrities, pro-democracy politicians, and triad gang members.
The Modern Era
Once the Soviet Union had collapsed, other threats emerged.
Attacks took place on U.S. embassies in Nairobi and Dar es Salaam in August 1998.
Just two years later, the USS Cole was bombed in Yemen.
And then, on September 11th 2001, the unthinkable happened to the World Trade Center in New York City.
This is a trend that has not slowed over the years, and U.S. sites aren’t the only targets.
The Bali bombings killed 88 Australian citizens and 28 British citizens on October 12th 2002.
And the London bombings on July 7th 2005 saw 52 people killed in the worst terrorist incident that has taken place on British soil.
Events like these, and others around the world, are what many say justifies the existence of an intelligence-sharing alliance.
Preventing another attack on national infrastructure or innocent citizens is always proclaimed as a priority among the Five Eyes nations.
The most well-known code name for a SIGINT program is undoubtedly ECHELON.
It is understood that operations are based out of the NSA headquarters at Fort Meade in Maryland, USA, and at GCHQ in Cheltenham, UK.
Created in the late 1960s, its primary purpose was to monitor the diplomatic and military communications of the Soviet Union and the Eastern Bloc.
With the end of the Cold War, the program’s direction switched lanes. What was once a helpful tool in state espionage became an international surveillance system.
The focus now was keeping tabs on suspected terrorists, tracking organized crime, and snooping into sensitive diplomatic negotiations.
British investigative reporter Duncan Campbell first spoke of the program in a 1988 article for the New Statesman.
The story, titled ‘Somebody’s listening,’ detailed how ECHELON was not only deployed for national security reasons. According to Campbell, the program was also abused to carry out corporate espionage for U.S. business interests.
Campbell spent almost four decades attempting to expose mass surveillance.
However, it wasn’t until Edward Snowden leaked a 2005 document that the existence of this extensive surveillance scheme was confirmed.
Evolution of ECHELON
Advances in both computer technologies and telecommunications mean that ECHELON has evolved through the years.
And not for the better.
Today, the network is believed to capture large volumes of data in multiple ways as part of an upstream surveillance effort:
- Terrestrial radio antennae intercept satellite transmissions.
- Satellites dip into transmissions between cities.
- Many sites around the world tap into communications conducted via wires.
- Sniffing devices are installed at key internet routing centers, to catch addressing information from the packets of data passing through.
- Data travelling along fiber-optic network cables is not safe either. The NSA and GCHQ deploy devices that can tap such cables.
Needless to say, this results in an enormous amount of data that is being constantly collected on a global scale.
A large computer network, called XKeyscore, is believed to be used in order to examine the information that ECHELON hoovers up in bulk every day.
This system looks for keywords, phrases, names, addresses, and other details that the intelligence agencies deem pertinent. The Five Eyes can then build profiles of contact networks and delve into the specific communication histories of those considered to be of interest.
Part of the source code for XKeyscore was made public by German broadcaster, Norddeutscher Rundfunk and, when analyzed by experts, it revealed some startling results.
Simply conducting an online search for privacy-enhancing software tools highlighted in the XKeyscore rules is enough to get the NSA to mark and track your IP address.
The source code also shows that the NSA tracks privacy software users worldwide.
After the 2013 Snowden leaks, two types of surveillance became public knowledge. They are understood to be the main spying methods used by intelligence agencies in the Five Eyes alliance.
These two distinct methods are called Upstream and PRISM. You may also hear PRISM referred to as downstream.
Upstream surveillance involves directly collecting communication data as it travels over the internet. This is the type of bulk operation carried out by programs like ECHELON.
PRISM, on the other hand, is the collection of communication data from big tech companies.
What this essentially means is that Five Eyes intelligence agencies can go directly to the Googles, Facebooks, and Yahoos of the world, and force them to provide communication records involving people of interest.
Unfortunately, this can also include communications with regular citizens.
The companies are then prohibited from telling their users that their data has been turned over to the government.
A newcomer to the world of mass surveillance programs, Tempora only became operational in 2011.
But what is it?
Well, Tempora is the code name for a computer system used by the GCHQ to intercept personal data travelling along fiber-optic cables.
The information it is able to snipe and store includes:
- Recordings of phone calls
- Content of email messages
- Entries on Facebook
- Browsing history of any internet user
Just a little bit invasive, then.
Again, we have to thank Edward Snowden and his 2013 leaks for shining a light on these activities.
By revealing details of previously secret operations, we now know that not only are such mass surveillance programs taking place, but that the information gathered is shared between the Five Eyes’ intelligence agencies.
During my conversation with Philip Ingram MBE, he also explained how the government’s ability to tap into the general public’s communication data is often overstated:
There is much talk of the government being able to see everything that people do online and listen to every communication. The reality of what happens is very different. The fact is that digital 1s and 0s go through different computers, and commercial entities have greater access to those 1s and 0s than governments do. This is because it is those commercial entities that provide and enable the communications networks in the first place.
He says that it’s actually the world’s tech giants who pose the biggest threat in this regard, since they have greater means and greater incentive to spy on the masses:
Putting everything together to understand a message and read it takes a huge amount of effort. The likes of Microsoft, Facebook, Google, Amazon, have the commercial resources, and a commercial incentive to do a lot of that which is why you see spooky re-targeted adverts following you to different sites. Governments are limited by processing power, to a degree, and much more by language competence. They are not after a commercial quick buck. This means that what government agencies listen to is carefully targeted and often collection capabilities have to be tweaked to get them.
All aboard the spy train
A confirmation has been made with regards to the existence of both the Nine Eyes and Fourteen Eyes alliances, although the ties within these networks are not understood to be as closely woven as the Five Eyes.
The additional countries that make up the Nine and Fourteen Eyes are considered to be 3rd party members.
It is speculated that while these 3rd party members do have access to data and resources, they have less clearance than countries in the Five Eyes.
Here is a brief breakdown of the countries involved in each of the expanded intelligence sharing alliances:
Certain countries within the extended networks have reportedly been offered the chance to join the Five Eyes.
This was the case in 2009 when France turned down the opportunity.
Nicholas Sarkozy wanted France to be granted the same status as other Five Eyes members, which includes a no-spy agreement that ensures the countries won’t conduct intelligence gathering operations on each other.
Ultimately, the CIA and President Obama denied the request, which put an end to France’s potential promotion within the network.
Outside of the confirmed alliances, there are also a number of unofficial partners that contribute to worldwide intelligence-sharing efforts.
The motivations in each case may be different, but it all feeds back into the same network.
In 2018, it was announced that Japan entered into a coalition with the Five Eyes members and Germany to help counter the rise of Chinese and Russian influences.
Both Singapore and South Korea were revealed as Five Eyes partners, helping the U.S. and Australia in their efforts to tap the fiber-optic cables connecting Asia.
And Israel has long been a close surveillance partner of the NSA. According to a 2009 ‘Memorandum of Understanding,’ a deal is in place that allows for Israeli intelligence services to receive raw signals intelligence from the U.S.
The legal layout
Human rights groups and privacy advocates continue to argue that the laws underpinning the Five Eyes intelligence-gathering efforts allow for too much data to be collected.
When so much data is taken in bulk, the number of innocent users that become collateral damage is not acceptable.
Or so the line goes.
Philip Ingram MBE told me that things aren’t as bad as they seem:
Five Eyes governments have great oversight in their legal frameworks, independent overseers of surveillance and finally free press to hold them to account. The two factors that are applied when it comes to targeting surveillance are necessity and proportionality and those tests are always applied. In the few cases where individuals have exceeded their authority, they have been called out and the protections put back in place.
It may be true that protections are in place, and that they are generally adhered to. But can we really trust organizations that spent so long operating in the dark to be transparent about how they operate today?
Here’s a look at the legal layout, and what it allows intelligence agencies to do:
In America, the Foreign Intelligence Surveillance Act (FISA) was initially passed back in 1978.
The aim of the law is to establish the limits of how U.S. intelligence agencies can monitor the communications of American citizens.
When passed, it also brought with it the arrival of the Foreign Intelligence Surveillance Court.
This court is comprised of eleven federal district court judges, who each serve a maximum term of seven years. They decide whether to approve or deny government requests relating to electronic surveillance, physical search, and other investigative actions for foreign intelligence purposes.
A number of changes were made to FISA in 2008, including Section 702.
More like Section 70-booooooooo!
Why am I not a fan?
Maybe because it’s the provision that allows for the warrantless wiretapping of non-Americans outside the United States. And it applies to both phone and internet communications.
Snowden’s leaks shone a light on exactly how much surveillance is taking place. And claims have been made that intelligence agencies are taking advantage of the law to access information about U.S. citizens within the country too.
Lawmakers recently had an opportunity to make changes to FISA.
It was due to expire in December 2017, and while the government sought an extension of the act, it also gave Congress the opportunity to introduce reforms that would protect U.S. citizens.
Unfortunately, the decision was made to allow the warrantless surveillance program to continue for a further six years, with the House of Representatives specifically rejecting an amendment that would have imposed a series of new safeguards.
FISA expires again in 2023.
Another key aspect of American law that the NSA relies upon is Executive Order 12333, signed on 4 December 1981 by President Ronald Reagan.
The order is cited as giving the agency legal authorization to collect unencrypted information traveling from Google and Yahoo data centers.
This is because the text of the order allows for:
Incidentally obtained information that may indicate involvement in activities that may violate federal, state, local or foreign laws.
The amount of information gathered by American agencies that is deemed “incidental” has been described as enormous, unnecessary, and unconstitutional.
When the European Court of Justice rules that your mass surveillance program is unlawful, you know you’ve gone wrong somewhere.
That’s exactly what happened in the U.K. with the Snooper’s Charter, officially known as the Investigatory Powers Act (IPA).
The IPA allows for retention notices. These are issued to communication companies and ISPs, who are then required to hold communications data for 12 months.
This includes your internet browsing history, by the way.
It doesn’t stop there, though.
Next up are the bulk interception, acquisition and hacking powers which gives the government access to huge quantities of communications records.
This can be achieved either by intercepting the communication directly, while the transmission is taking place. Or, by forcing companies to surrender all the data they have.
Wait. There’s more.
A bulk warrant can also allow, legally, the widespread hacking of our electronic devices.
Intelligence agencies are only given this kind of warrant with the approval of both a minister of the government and a judge.
And, officially at least, they are only allowed to intercept or hack communications where the data is coming from outside the country or being sent abroad.
As if that wasn’t enough to worry about, the IPA holds one final trick up its sleeve.
The law allows the GCHQ to access entire databases held by credit agencies, the DVLA, and the Land Registry.
This opens the door for intelligence agencies to gather up data on basically everyone in the country. And they can claim it’s just collateral damage, completely legal under the IPA.
Liberty, a human rights group fighting an ongoing legal case against the government, say:
These [databases] contain details on religion, ethnic origin, sexuality, political leanings and health problems, potentially on the entire population – and are ripe for abuse and discrimination.
There is an Investigatory Powers Commissioner’s Office (ICPO) tasked with looking into mistakes and illegal activity by government agencies.
For example, an extraordinary case in 2017 saw Nigel Lang wrongly accused of vile crimes due to a typo by Hertfordshire Police.
It took years to clear his name and for those responsible to admit their error.
Yes. That actually happened.
In previous reports, the ICPO has also found that government hackers and bug-planters broke the law 83 times in a single year while carrying out “property interference.”
In 2018, Australia’s parliament passed extremely damaging legislation that allows intelligence and law enforcement agencies to demand access to encrypted communications data.
What this essentially means is that secure messaging platforms such as WhatsApp and iMessage will be forced to create backdoors when requested by authorities.
The decision has understandably received a lot of criticism from cybersecurity professionals and privacy advocates alike. And it’s thought that other countries around the world, particularly Australia’s allies within the Five Eyes, will seek to pass similar legislation.
We’ve already seen the U.S. Deputy Attorney General say that encryption is a “significant detriment” to public safety. And the U.K.’s Investigatory Powers Act can easily be seen as a framework for legally demanding encrypted data from companies.
Don’t believe me?
GCHQ already has plans to implement a similar proposal in Britain.
But instead of demanding that companies build backdoors into their apps, the “ghost protocol” idea would require the messaging services to ‘CC’ the encrypted message to a third-party when it’s sent.
More than 50 companies, organizations, and security experts have already come together to sign an open letter that calls for the GCHQ to abandon these plans due to the threats posed to the privacy and security of users.
What does this all mean for you?
It’s not good news, folks.
If you live in a country that is an active member of the Five, Nine, or Fourteen Eyes, the chances are that your data is being collected in bulk and then inspected.
And since the existence of these networks is to share information between the members, there’s a pretty high chance that if your information is collected by one country, it will end up in the hands of the others too.
It’s not easy to avoid being tracked online, but there are a number of things you can do to safeguard your data.
Using encryption software, like a good VPN, is one of the first steps you should take when it comes to protecting your privacy.
By hiding your IP address, you can make it much more difficult for governments and advertisers to track you online.
You should also make sure that the provider you choose has a robust no logs policy in place, and isn’t based in a country known for sharing data with intelligence agencies.
For example, here at CyberGhost we’re Romania-based.
This means that not only do we fall outside the Five, Nine, and Fourteen Eyes intelligence agreements illustrated in this article; but we’re also under no obligation from Romanian law to store data.
We can fully and truly honor our strict No Logs policy. As a result, we’re unable to comply with any data requests, even if they are legally binding.