Britain’s top counter-terrorism official says the country’s espionage rules allow its electronic spy agency to routinely intercept online communications between Britons who use US-based platforms such as Facebook, Twitter and Google.
A witness statement by Office for Security and Counterterrorism chief Charles Farr, made public Tuesday, said data sent on those services is classed as “external” rather than “internal” communications because the companies are based outside Britain.
Britain’s Home Office confirmed the document was genuine. It was written in response to a legal action by civil liberties groups who are seeking to curb cyber-spying, and was published by the groups Tuesday.
Britain’s electronic intelligence agency, GCHQ, has broad powers to intercept communications outside the country, but needs a warrant and suspicion of wrongdoing to monitor Britons.
In the document, Farr said some internal communications are intercepted under the external rules, but they “cannot be read, looked at or listened to” except in strictly limited circumstances. He said that was a “significant distinction.”
Civil liberties organisations say the rules are too vague and allow for mass surveillance.
“The security services consider that they’re entitled to read, listen and analyse all our communications on Facebook, Google and other US-based platforms,” said James Welch, legal director of Liberty — one of the groups involved in the legal action. “If there was any remaining doubt that our snooping laws need a radical overhaul there can be no longer.”
Farr said that emails sent between two people in Britain would usually be classed as internal even if they travelled by route outside the country. But Facebook and Twitter posts or Google searches that went to data centres outside the British Isles would fall under the external category.
GCHQ did not immediately respond to a request for comment.
The rights groups launched their legal action after leaks about cyber-snooping from former US National Security Agency contractor Edward Snowden.
He revealed details of a program called PRISM giving the NSA access to Internet companies’ customer data, and a British operation, TEMPORA, that allows GCHQ to harvest data from undersea cables.
The extent and mechanics of the programs are not fully clear.
Farr would not confirm or deny the existence of TEMPORA or say whether GCHQ had received information from PRISM.