UK Police Spying Expert Heading Probe into Snowden Leak Journalists

Wednesday, 28 October 2015

Back in July, London's Metropolitan Police admitted that it was still conducting a criminal investigation it launched two years ago into journalists who have reported on Edward Snowden's leaked documents.

Since then, I have been trying to find out more details about the investigation through the Freedom of Information Act. The Met is refusing to disclose virtually anything about the probe, but recently it did provide me with one new detail:
Specialist Operations under the direction of AC Mark Rowley is the MPS [Metropolitan Police Service] unit involved in the investigation related to the Snowden documents.
Rowley (pictured below) has taken over the Snowden investigation from Cressida Dick, the Met's former head of Specialist Operations, who quit the force in December last year to take up a secret new job at the Foreign Office. The Met confirmed this in an emailed letter it sent me late last month (I'd have written about it sooner but have been a bit swamped with other projects).

Rowley is an expert in covert surveillance methods and pioneered the development of new police spying techniques across the UK while working as a detective superintendent in the 1990s with the National Criminal Intelligence Service. Notably, he recently made clear he has no qualms about monitoring journalists' communications if he deems it necessary to “chase down criminals." He has also boasted about the London police being at the “cutting edge” of covert surveillance through the use of “specialist hardware and software.” (These specialist tools include powerful portable spying devices the Met uses to monitor mobile phone communications across targeted areas of London, as I reported back in 2011.)

The Met first announced it had launched an investigation related to the Snowden documents in August 2013, saying the criminal probe was being headed by its Counter Terrorism Command, which is a division of the Specialist Operations department. In December 2013, Rowley's predecessor Cressida Dick acknowledged during a parliamentary hearing that the investigation was looking at whether reporters at The Guardian had committed criminal offenses for their role in revealing secret surveillance operations exposed in the Snowden documents.

For almost seven months earlier this year, the Met refused to confirm or deny whether the investigation remained ongoing, repeatedly claiming doing so would be “detrimental to national security.” But the force performed a sudden volte-face on its position in late July following an intervention from the Information Commissioner’s Office, the public body that enforces the UK’s freedom of information laws.

I'm currently seeking more information about the investigation, such as details about how much money it has cost the taxpayer to date and the names of outside agencies or contractors that have assisted. The Met has so far refused to release this information — again spuriously claiming that doing so could somehow jeopardise national security — but I have lodged an appeal in an effort to have this decision reversed. Will post updates as and when I have them.

Questions About The Sunday Times Snowden Story

Sunday, 14 June 2015

The Sunday Times has a front page story out today claiming that the Chinese and Russian governments have somehow managed to obtain National Security Agency whistleblower Edward Snowden's trove of documents. The story is sourced from anonymous UK government officials who make a series of significant allegations, unfortunately backed up with zero evidence. It's worth going through some of the key points of the story to cast some critical scrutiny on the central claims and to raise a few questions about them:
1) "RUSSIA and China have cracked the top-secret cache of files stolen by the fugitive US whistleblower Edward Snowden...according to senior officials in Downing Street, the Home Office and the security services."
Is the claim here that a full archive of encrypted files was "cracked" by some sort of brute-force decryption attack? If so, how did these "senior officials" establish that? How did the Russians and Chinese allegedly obtain the encrypted material in the first place?
2) "forcing MI6 to pull agents out of live operations in hostile countries."
This was a surprise to me because I've reviewed the Snowden documents and I've never seen anything in there naming active MI6 agents. Were the agents pulled out as a precautionary measure? Keeping in mind that the UK government does not actually know exactly what Snowden leaked, how do these officials know there were documents in there that implicated MI6 operatives and live operations in the first place?
3) "Moscow gained access to more than 1m classified files held by the former American security contractor"
Snowden has said repeatedly that he did not carry any files with him when he left Hong Kong for Moscow. Is this article alleging that he is lying? If so, where's the evidence to support that? Moreover, I've seen nothing in the region of 1m documents in the Snowden archive, so I don't know where that number has come from. Oh, wait:
4) "Snowden, a former contractor at the CIA and National Security Agency (NSA), downloaded 1.7m secret documents"
This 1.7m figure was invented by US officials and since then it has been regurgitated repeatedly and unquestioningly by various media outlets. I've seen the trove of documents; the claim or insinuation that he leaked 1.7m is not true.
5) "A senior Downing Street source said: 'It is the case that Russians and Chinese have information'."
Of course they do: the same information that the rest of the world has access to in public news reports and documents published as part of those. If the claim here is that the Russians and Chinese have access to every single document in the entire archive (i.e. all the unpublished material), where is the evidence to support that? How do the officials know? Are they speculating? These are serious claims — and serious claims demand serious evidence. Which is unfortunately not provided here.
6) “Why do you think Snowden ended up in Russia?” said a senior Home Office source. “Putin didn’t give him asylum for nothing."
I thought this one had long since been debunked by now, but apparently not. The reality is that Snowden never intended to stay in Russia. He was trying to get to Latin America and only ended up in Russia because his passport was revoked by the US government while he was transiting through.
7) Senior Home Office source: "His documents were encrypted but they weren’t completely secure and we have now seen our agents and assets being targeted.”
So the UK Home Office is alleging Snowden lied about taking documents to Moscow? How has it established that? And the "targeted" assets — how does the source know this has happened as a direct consequence of the Snowden leaks? There are many other factors at play here, and correlation does not imply causation. Especially with regard to Russia, given that anonymous UK "security sources" claimed months ago — again in the Sunday Times — that they are engaged in a "new Cold War" against Kremlin spies due to the broader issue of Vladimir Putin's heightened military posturing.
8) "A British intelligence source said: 'We know Russia and China have access to Snowden’s material'."
As I noted above: the Russians and Chinese have access to documents published with public news reports, sure, that's obvious and true. But is the claim here that they have access to material beyond that? If so, where's the evidence? How does this source "know" and what does he "know," exactly? Why the vague statement? Let's hear what it is the source knows and how so we can properly assess and scrutinise the merit of the allegation.
9) "It is not clear whether Russia and China stole Snowden’s data, or whether he voluntarily handed over his secret documents in order to remain at liberty in Hong Kong and Moscow."
If it's not clear then why does the top line of the story say the Chinese and Russians "cracked" the documents? If Snowden just handed them over, why would they need to "crack" them? And if the Russians and Chinese somehow stole the documents in encrypted form, how did they a) manage to obtain them in the first place (especially given Snowden says he didn't carry the files with him into Russia), and then b) break the encryption?
10) "David Miranda, the boyfriend of the Guardian journalist Glenn Greenwald, was seized at Heathrow in 2013 in possession of 58,000 'highly classified' intelligence documents after visiting Snowden in Moscow."
This is wrong. Miranda was detained at Heathrow after visiting Laura Poitras in Berlin. He wasn't visiting Snowden in Moscow and I think this is the first time I've ever seen this asserted. It's false.


All in all, for me the Sunday Times story raises more questions than it answers, and more importantly it contains some pretty dubious claims, contradictions, and inaccuracies. The most astonishing thing about it is the total lack of scepticism it shows for these grand government assertions, made behind a veil of anonymity. This sort of credulous regurgitation of government statements is antithetical to good journalism.

The government has an obvious vested interest in portraying Snowden as a terrible person who's helped "the enemy" — it has been badly stung by his surveillance revelations and the political fallout that has ensued as a result of them. For that reason alone its claims should be treated with caution and not repeated unchallenged. Evidence should be necessary for allegations of this magnitude, which have such big ramifications. The Sunday Times has a long and commendable history of holding the government to account with great investigative journalism. But in this case, sadly, it has allowed itself to be used by faceless officials as a mouthpiece.

UPDATE, 14 June 2015, 19:30 BST: My colleague Glenn Greenwald has a post up at The Intercept dissecting the Sunday Times report, which he blasts as "pure stenography of the worst kind." Greenwald writes that "the exact kinds of accusations laundered in the Sunday Times today are made — and then disproven — in every case where someone leaks unflattering information about government officials." He says the story is "as shoddy and unreliable as it gets. Worse, its key accusations depend on retraction-level lies."

The Guardian has a good piece from Ewen MacAskill with five pertinent questions for the British government about the claims. "Anonymous sources are an unavoidable part of reporting, but neither Downing Street nor the Home Office should be allowed to hide behind anonymity in this case," writes MacAskill, who travelled with Greenwald and Laura Poitras to meet Snowden in Hong Kong back in 2013. "Where is the evidence?" he asks.

In another interesting development, the Sunday Times quietly deleted the false assertion I noted above (see #10) about David Miranda having documents on his possession "after visiting Snowden in Moscow." This has been removed from the online version of the story with no correction or note, but it can still be found in the paper version, which I got a copy of. The inaccuracy was significant as it underpinned the central dubious narrative of the story — that the documents were "held" by Snowden in Moscow, the insinuation being that this was how the Kremlin was supposed to have gotten hold of them, a claim presented in the story as unquestionable fact because nameless officials "confirmed" it (without offering any evidence).

UPDATE II, 15 June 2015, 19:00 BST: The lead reporter on the Sunday Times article, Tom Harper, has given an interview with CNN that has to be seen to be believed. In it, Harper is quizzed by host George Howell about the piece — and his answers highlight the many problems with the story's central allegations and how they were sourced. Here's a transcript of the important bits; I'll dissect some key points below.

Howell: How do senior officials at 10 Downing Street know that these files were breached?

Harper: Well, uhh, I don't know the answer to that George. All we know is that this is effectively the official position of the British government ... we picked up on it a while ago and we've been working on it and trying to stand it up through multiple sources, and when we approached the government late last week with our evidence, they confirmed effectively what you read today in the Sunday Times, so it's obviously allegations at the moment from our point of view and it's really for the British government to defend it.

How do they know what was in them [the files], if they were encrypted? Has the British government also gotten into these files?

Well, the files came from America and the UK, so they may already have known for some time what Snowden took — uhh, again, that's not something we're clear on ... we don't go into that level of detail in the story we just publish what we believe to be the position of the British government at the moment.

Your article asserts that it is not clear if the files were hacked or if he just gave these files over when he was in Hong Kong or Russia, so which is it?

Well again sorry to just repeat myself George, but we don't know so we haven't written that in the paper. It could be either, it could be another scenario ... when you're dealing with the world of intelligence there are so many unknowns and possibilities it's difficult to state anything with certainty and so we've been very careful to just stick to what we are able to substantiate.

The article mentions these MI6 agents ... were they directly under threat as a result of the information leaked or was this a precautionary measure?

Uhh, again, I'm afraid to disappoint you, we don't know ... there was a suggestion some of them may have been under threat but the statement from senior Downing Street sources suggests that no one has come to any harm, which is obviously a positive thing from the point of view of the West.

So essentially you are reporting what the government is saying, but as far as the evidence to substantiate it, you're not really able to comment or explain that at this point?

No. We picked up on the story a while back from an extremely well placed source in the Home Office. and picked up on trying to substantiate through various sources in various agencies throughout Britain, and finally presented the story to the government, and they effectively confirmed what you read in today's Sunday Times. But obviously when you're dealing with intelligence it's the toughest nut to crack and unless you have leaked documents like Snowden had, it's difficult to say anything with certainty.

So, in summary: How were the files breached? "I don't know." Were the files hacked or did Snowden hand them over? "We don't know." Were MI6 agents directly under threat? "We don't know." How did the government know what was in the files? "That's not something we're clear on." Can you substantiate the claims? "No."

The interview is quite extraordinary because it makes absolutely clear that not only was this entire dubious story based solely on claims made anonymously by government officials, the reporters who regurgitated the claims did not even seek to question the veracity of the information. They just credulously accepted the allegations and then printed them unquestioningly. That really is the definition of stenography journalism — it's shameful.

It's also worth noting that in Harper's interview he admits he has no idea how the Chinese and Russian governments supposedly obtained the files, yet the whole story was based on a bombshell claim that the trove of files was somehow "cracked" by Chinese and Russian government operatives (i.e. that the encryption on them was broken). As I noted above in point #9, if Snowden just handed over the files, why would these governments then need to "crack" them, unless the claim is that he handed over a set of encrypted documents? Either way, Harper says he has no idea how the files were obtained, so how does he know they were "cracked"? This central allegation seems to have been invented completely out of thin air, at worst a fabrication by technologically inept reporters who don't understand what terminology like "cracked" means, at best derived from evidence-free conjecture from spineless government officials too afraid to put their names to the claims.

It is also very telling to note that Harper cites "an extremely well placed source in the Home Office" as the initial person who tipped him off about the story. That's presumably the same "senior Home Office source" quoted in the story insinuating that Snowden chose to go to Russia and hand over documents in return for asylum. That absurd allegation, as I noted in point #6 above, contradicts the fact that Snowden only ended up in Moscow because the US government foolishly revoked his passport and stranded him there while he was passing through on route to Latin America; moreover, Snowden has said repeatedly that he didn't take any documents to Russia. Any reporter familiar with the story knows this. An assertion from an official claiming Snowden went there to hand over documents should surely have set off alarm bells about the credibility of his claims, and should have at least prompted a demand for evidence to back them up, given their magnitude.

But no alarm bells were triggered in our boy Harper's head. Sounding more like a government press officer than a journalist, he told CNN: "we just publish what we believe to be the position of the British government at the moment."

And that brings me to my final point on this. Harper claimed in his CNN interview that his story was "effectively the official position of the British government." If that's the case, then why will no one in the government come out and say so publicly? As the well-sourced BBC security correspondent Gordon Corera noted in a measured analysis on Sunday: "No one in government today is confirming that they are sure that the Russians and Chinese have got full access — that remains in the realm of 'no comment'."

UK Military Exports to Israel During 2014 Gaza Bombardment

Sunday, 5 April 2015

Between July and August last year, the Israeli military launched its "Operation Protective Edge" in the Gaza strip. The conflict led to the deaths of more than 2000 people, the majority of whom were Palestinian civilians, including a reported 578 children, 263 women, and 102 elderly.

Israel's heavy bombardment of Gaza during the operation was widely condemned by human rights groups and governments across the world. The UK government called for a ceasefire and deputy prime minister Nick Clegg said Israel's actions amounted to "a disproportionate form of collective punishment" that was leading to "a humanitarian crisis in Gaza."

But documents reveal that while the conflict was ongoing, the UK government continued approving the export of military equipment to Israel.

Arms exports records for the period between July and September 2014 show the UK approved exports of military and other equipment to Israel worth more than £2.3 million (that's about $3.4 million) including "components for combat helicopters" and "military aircraft navigation equipment" to be used by the Israeli air force, plus "targeting equipment," "components for targeting equipment," "components for electronic warfare equipment,"  and "military radars."

During the same period, the UK government also approved a licence that covered the trade of assault rifles, sniper rifles, pistols, weapon sights, small arms ammunition, and body armour between a number of countries, including Israel.

Read the export report here (Israel details are between pages 145 and 149).

Year in Review

Monday, 5 January 2015

Well, 2014 turned out to be quite a year. For me, it was a really productive one, and I was lucky enough to get the opportunity to work on some great projects. Below are a few personal highlights that I've put together as a sort of 'year in review', along with a list of notable stories and developments in the realm of surveillance and national security, some 'ones to watch' for 2015, and a few awards that I've decided to hand out for dishonourable government conduct, just because there was so much of it over the last twelve months, and the worst offenders deserve some recognition...

(I meant to post this last week, but I've been on a remote Spanish island on holiday with no internet connection... so here it is, better late than never...)
January to March

In January I worked with Canadian broadcaster CBC to reveal details about domestic surveillance in the Canada. In February, The Intercept launched, and I contributed to a story that revealed some new details about US and UK government efforts to target WikiLeaks. In March, I had a report out shining a light on how the US National Security Agency has worked alongside its UK partner Government Communication Headquarters to infect large numbers of computers across the world with malware. I also worked on a story exposing the NSA's targeting of innocent system administrators as part of its covert attempts to hack into communication networks.

April to June

In March, I worked with German news magazine Der Spiegel on a story revealing new details about the NSA's surveillance of world leaders. In April, I reported on British spies' attempts to get broad unsupervised access into NSA troves of surveillance data. And in June, I worked with some great reporters at Danish newspaper Dagbladet Information to reveal new information showing how the NSA forms secret partnerships with countries across the world in order to help significantly expand its surveillance reach.

July to September

In August, the US military banned its personnel from reading The Intercept, and a few days later we published one of the most important stories I've worked on to date, exposing a vast US surveillance search system used to share huge troves of private data among dozens of US government agencies, including domestic law enforcement. The story revealed the decades-long history of US agencies' use of masses of metadata to monitor people's behaviour, and exposed how the CIA was using metadata to aid its efforts to secretly kidnap terror suspects (a practice that often resulted in the suspects — some of whom were totally innocent — being brutally tortured).

In September, we began reporting details at The Intercept about the scope of surveillance in New Zealand, and shined a light on deceptive statements made by the government there about its spying efforts; meanwhile, police raided and ransacked the home of the excellent investigative reporter that we were (and are) working with on Snowden revelations related to New Zealand.

October to December

In November, I worked on a story revealing how one of the most sophisticated pieces of malware ever discovered — dubbed "Regin" by security experts — was linked to cyberattacks perpetrated by British spies against Belgian telecommunications company Belgacom and European Union offices. This piece was an interesting one to work on in that it combined both news reportage with malware analysis — something that's never been done before in journalism, I think — and was published alongside downloadable samples of the Regin malware.

In December, I had a new report out revealing a secret NSA program that involves spying on emails sent among hundreds of mobile phone companies around the world, a practice that helps the agency hack into phone networks. The story exposed how the NSA targeted a London-headquartered trade group that represents tech giants like Microsoft and Facebook, and provided evidence that NSA had been working to insert security vulnerabilities into global telecommunications infrastructure so that they can be exploited for surveillance.

Also in December, I reported new details about the GCHQ hack of Belgian telecommunications company Belgacom as part of a reporting collaboration with newspapers in Belgium and the Netherlands. This particular story is one that I am especially proud of; it was the culmination of about six months of work, and took a huge amount of cooperation with different teams operating out of four separate countries simultaneously. We were able to tell the full story of the British hack on Belgacom, a hugely significant incident representing an unprecedented cyberattack by one EU member state on another. The story included new 'smoking gun' evidence showing that the Regin malware samples contained code-names that also appeared in secret GCHQ documents obtained from whistleblower Edward Snowden.

Vital stories

Here a list of some reports and developments that stood out to me in 2014:

NSA collects millions of text messages daily in 'untargeted' global sweep, The Guardian, 16 January.

Snowden docs show UK spies attacked Anonymous, hackers, NBC News, 4 February.

The NSA’s secret role in the US assassination program, The Intercept, 10 February.

Optic Nerve: millions of Yahoo webcam images intercepted by GCHQ, The Guardian, 27 February.

NSA surveillance program reaches ‘into the past’ to retrieve, replay phone calls, Washington Post, 18 March.

Top EU court rejects EU-wide data retention law, BBC News, 8 April.

Death from above: how American drone strikes are devastating Yemen, Rolling Stone, 14 April.

Turkish president approves law widening secret service's powers, Reuters, 24 April.

The NSA is recording every cell phone call in the Bahamas, The Intercept, 19 May.

Germany arrests man suspected of spying for US, BBC News, 4 June.

NSA: Inside the five-eyed vampire squid of the Internet, The Register, 5 June.

Vodafone reveals existence of secret wires that allow state surveillance, The Guardian, 6 June.

US officials scrambled to nab Snowden, hoping he would take a wrong step. He didn’t, Washington Post, 14 June.

GCHQ sanctions spying on every Facebook, Google and Twitter user, The Telegraph, 17 June.

In NSA-intercepted data, those not targeted far outnumber the foreigners who are, Washington Post, 5 July.

Germany to spy on US for first time since 1945 after ‘double agent’ scandal, The Independent, 7 July.

Meet the Muslim-American leaders the FBI and NSA have been spying on, The Intercept, 9 July.

Hacking online polls and other ways British spies seek to control the Internet, The Intercept, 14 July.

The secret government rulebook for labeling you a terrorist, The Intercept, 23 July.

CIA Admits improperly hacked into Senate computers, Washington Times, 31 July.

Barack Obama’s secret terrorist-tracking system, by the numbers, The Intercept, 5 August.

The Islamic State (documentary), Vice, 7 August.

German spy company helped Bahrain hack Arab Spring protesters, The Intercept, 8 August.

Photos of alleged 9/11 '20th hijacker' can stay classified: court, Reuters, 2 September.

MRAPs and bayonets: what we know about the Pentagon's 1033 program, NPR, 2 September.

The NSA and GCHQ campaign against German satellite companies, The Intercept, 14 September.

Israel's NSA scandal, New York Times, 16 September.

Wikileaks releases FinFisher files to highlight government malware abuse, The Guardian, 16 September.

The NSA and me, The Intercept, 2 October.

Citizen Four (documentary), 10 October.

Why was the NSA chief playing the market? Foreign Policy, 22 October.

MI5 spied on leading British historians for decades, secret files reveal, The Guardian, 24 October.

In Cold War, US spy agencies used 1,000 Nazis, New York Times, 26 October.

Secret manuals show the spyware sold to despots and cops worldwide, The Intercept, 30 October.

Brazil is keeping its promise to avoid the US Internet, Gizmodo, 30 October.

Disguised as climate negotiators, Dagbladet Information, 1 November.

UK intelligence agencies spying on lawyers in sensitive security cases, The Guardian, 7 November.

FBI says it impersonated AP reporter in 2007 case, AP, 7 November.

Americans’ cellphones targeted in secret US spy program, Wall Street Journal, 14 November.

WhatsApp now provides end-to-end encryption for your messages, Gizmodo, 18 November.

Before Snowden, a debate inside NSA, AP, 19 November.

US firms accused of enabling surveillance in despotic Central Asian regimes, The Intercept, 20 November.

How Vodafone-subsidiary Cable & Wireless aided GCHQ’s spying efforts, Süddeutsche Zeitung, 25 November.

CIA torture report, 9 December.

WikiLeaks CIA leaks, 18 & 21 December.

Inside the NSA's war on internet security, Der Spiegel, 27 December.

The Sabu Files, Vice/Daily Dot.

Save our sources campaign, The Press Gazette.

Ones to watch in 2015

Some things worth keeping an eye on...

A new US cybersecurity unit that will advise agencies on surveillance operations.

Details about a secret database being used by federal agents in the US, the existence of which has become the subject of dispute in an ongoing court case.

Information about documents being shredded en masse in a UK police anti-corruption investigation.

Developments in the US government's ongoing criminal investigation into WikiLeaks, which may have involved the use of a prominent informant.

The long-overdue publication of a government-commissioned post-Snowden review of UK surveillance operations.

The US government using state secrecy powers to block the release of files from anti-Iran group.

Renewed 'crypto wars' as law enforcement agencies in the US push for more powers to combat privacy-protecting encryption technologies.

More details about the CIA's hacking of Senate computers.

A continuing government effort to introduce new laws bolstering surveillance powers in the US, UK, Australia, Canada, and New Zealand.

Many more stories from the Snowden documents related to secret spying conducted by the US, UK, Australia, Canada, New Zealand, and other countries.

Now for a few awards...

Because I feel like handing out some dubious accolades:

Bullshit statement of the year

Winner: Recently retired GCHQ spy chief Sir Iain Lobban for his claim in October that the agency doesn't engage in "anything remotely resembling mass surveillance." A completely false statement that could not be further from the truth.

Runner-up: UK home secretary Theresa May for "collection of bulk data is not mass surveillance."

3rd prize: former US vice-president Dick Cheney for "we were very careful to stop short of torture."

Dishonourable mentions: former NSA and CIA chief Michael Hayden for "I didn’t do anything wrong"; New GCHQ spy chief Robert Hannigan for "GCHQ is happy to be part of a mature debate on privacy in the digital age."

Orwellian euphemism of the year

New Zealand's prime minister John Key tries and fails to make mass surveillance palatable to the public in September by re-branding it "mass protection."

Outrageous admission of the year

Former NSA and CIA chief Michael Hayden tells an audience at Johns Hopkins University in April: "We kill people based on metadata."

Understatement of the year

President Barack Obama, in August, on the CIA's brutal human rights abuses post 9/11: "We tortured some folks."

Gaffe of the year

UK foreign secretary Philip Hammond, who is responsible for signing off on GCHQ surveillance operations, illustrates that he doesn't have a clue what he's been approving during a parliamentary hearing in October.

Hypocrite of the year

Michael Hayden, the CIA chief who overseen the agency's secret extrajudicial kidnapping operations that involved imprisoning and torturing terrorism suspects, some of whom were entirely innocentcomplains in December that a Senate report criticising CIA torture methods was like being "tried and convicted in absentia. We were not given an opportunity to mount a defense."

Most bizarre mass surveillance justification of the year

UK prime minister David Cameron explains to British lawmakers in January that fictional TV crime dramas demonstrate the need for new dragnet spying powers.

Most absurd response to surveillance revelations of the year

A special joint award that goes to the Canadian prime minister's parliamentary secretary, Paul Calandra, and John Key, New Zealand's prime minister. Instead of addressing the substance of revelations about secret government spying in 2014 (that I was involved in reporting), Calandra and Key both resorted to weird and childish petty insults, calling my colleague Glenn Greenwald a "porn spy" (Calandra) and a "loser" (Key).

Villain of the year

UK police and security agencies for establishing a precedent that means journalism — the mere publication of facts and opinions — can now be considered terrorism; for working to secretly identify journalists' confidential sources; and for eavesdropping on lawyers' privileged communications.

Extraordinary Rendition and the Secret Role of Metadata

Thursday, 28 August 2014

On Monday, I had a new story out at The Intercept revealing a secret search engine that the National Security Agency built to share a massive amount of data with other US government agencies, including domestic law enforcement. There are many new and important details scattered through the piece. But there is one in particular I would like to take a minute to focus on here, because it is a fact that strikes at the heart of the debate about government surveillance and deserves some more attention.

In one of the classified documents that we published with the story, dated from 2005, the NSA outlined some of the "successes" of a data-sharing project called CRISSCROSS that was led by the Central Intelligence Agency. The document shows that metadata collected about communications was integral to the CIA's extraordinary rendition program during the Bush Administration, which involved kidnapping terror suspects and taking them to secret "black site" jails where they would be brutally interrogated and sometimes tortured. The NSA document says:

Since 9/11, the contributions to the GWOT [global war on terror] due to our increased collection of signaling metadata are innumerable and significant. It is safe to say that it has been a contribution to virtually every successful rendition of suspects and often, the deciding factor.

This is an incredible detail. Remember, metadata is not the audio content of a phone call or the words contained within the body of an email message. It is merely information showing who you have contacted and when. Governments have often sought to defend the mass-scale collection of metadata by insisting that it is not information that is sensitive or very private. In June last year, President Obama tried to dismiss concerns about metadata collection in the United States by claiming that "nobody is listening to your telephone calls." But, clearly, the government doesn't need to be listening to your calls to deem you a threat. That metadata has been the deciding factor in targeting people for extraordinary rendition is a profound illustration of that — and it shows that metadata collection has real-world ramifications: it is not just some benign activity.

You might think, "well, I'm not a terror suspect so what do I care?" But this is not only about the Bad Guys — there are much wider consequences at play here. During the height of the extraordinary rendition program, for instance, some of the people targeted were victims of what was called "erroneous rendition." In other words, the CIA would kidnap the wrong person. (Yes, seriously.) In 2005, it was reported by the Washington Post that the CIA's inspector general was investigating a "growing number" of erroneous renditions, with some anonymous government officials saying that they believed there were as many as 30 instances of it having taken place.

Much is still unknown about these cocked-up renditions because the information has been kept secret. But now that we know metadata played a key role in targeting people — in some cases even being the "deciding factor" — questions must surely be asked about whether this method was ever to blame. From a legal and human rights perspective, it is disturbing enough that the CIA was secretly kidnapping, imprisoning, and then torturing people. But the possibility of innocent individuals being targeted on the basis of their metadata trail clearly adds a chilling extra dimension. It is a policy of guilt by association that bears all the hallmarks of a kind of terrible and flawed style of totalitarian policing.

Today, the practice of extraordinary rendition appears to have been largely phased out by President Obama. But the concerns raised by the use of metadata to target people are still highly pertinent. Indeed, as The Intercept reported back in February, metadata is actively being used to target and kill terror suspects in drone strikes in countries like Yemen, Pakistan and Somalia. One military source said that the method can result in the "wrong people" being bombed. And if you think that sounds far-fetched — that the US would not launch missiles at people because of their metadata — you don't need to take my word for it. Just go and listen to what former CIA and NSA chief Michael Hayden has to say. As he boasted in April: "We kill people based on metadata."

Sabu, LulzSec, and the FBI's WikiLeaks Investigation

Monday, 26 May 2014

Some very intriguing new details emerged on Friday about the case of former Anonymous hacker turned FBI informant Hector Monsegur, or "Sabu" as he is better known.

A document filed in a New York district court shed light on the "extraordinarily valuable and productive" extent of Sabu's cooperation with the government over a period of approximately three years.

It is already widely known that Sabu secretly helped authorities track down and jail his former hacker comrades who were part of LulzSec, a high-profile Anonymous splinter group that attacked and infiltrated major corporate and government websites in the summer of 2011.

But the latest court document for the first time hints at Sabu's broader role aiding another major FBI undercover operation — one that I believe likely relates to an aggressive investigation into WikiLeaks and its founder Julian Assange. The section of the document in question is vague, deliberately so, but offers enough detail to indicate that it directly involves WikiLeaks and is potentially of high importance, for reasons I'll explain below. The document states:

Monsegur also engaged in a significant undercover operation in an existing investigation through which, acting at the direction of law enforcement, Monsegur gathered evidence that exposed a particular subject’s role in soliciting cyber attacks on a foreign government. The evidence he enabled the Government to obtain was extremely valuable, and the Government could not otherwise have obtained it without his assistance. Although this cooperation has not resulted in any prosecutions to date, the Government believes his information, and the evidence he helped to obtain in this matter, is extremely significant.

To understand why this matters and why it struck me straight away, a bit of background is necessary.

As I reported last year in a piece for Slate, Sabu, while working as an FBI informant in 2011, was in contact with a young WikiLeaks volunteer who had established a close relationship with Assange.

The volunteer, Sigurdur Thordarson, told me that with Assange's approval he set up a line of communication between Sabu, LulzSec, and WikiLeaks. He said he then solicited the hackers to infiltrate computers at the Icelandic Ministry of Finance to find evidence of anti-WikiLeaks sentiment. "That was the first assignment WikiLeaks gave to LulzSec," Thordarson claimed, because the Ministry of Finance had months earlier thwarted an attempt by DataCell, a company that processes WikiLeaks donations, to purchase a large new data center in Reykyavik. The FBI appears to have monitored the exchange between WikiLeaks and LulzSec through Sabu, and a few days later contacted Icelandic authorities to warn them about an imminent cyber attack. Icelandic police travelled to the United States to discuss the matter, according to information published by the country's state prosecutor.

According to Thordarson, the LulzSec hackers eventually turned over some confidential documents to WikiLeaks that related to the US embassy in Iceland, as well as other hacked files, such as a huge trove of emails mined from Syrian government servers that were later released by WikiLeaks. Thordarson alleged that Assange spoke with Sabu over Skype during this time, and he showed me records of chats he had with Sabu that appear to support his version of events. Again, Sabu was secretly working as an FBI informant during his correspondence with WikiLeaks; FBI agents, who were monitoring Sabu's online activity 24/7 and directing his conduct, would have almost certainly been watching over his shoulder during any conversations with Assange or others.

In a bizarre twist, Thordarson himself later became an FBI informant, before he found out that Sabu, too, was working for the Bureau. (You can read the whole crazy backstory here.) WikiLeaks says Thordarson was a rogue operative and has accused the FBI of using "coercion and payments" in an effort to extract information that could be used against its staff in a prosecution. It is unclear whether Assange was personally involved at all in any attempt to solicit the hacking of foreign government computers.

Either way, one thing that is clear and undisputed is that Sabu was in contact with WikiLeaks while he was working for the FBI. And the new court document in Sabu's case strongly suggests to me that the contact was not some random occurrence — rather, it suggests it was part of a concerted FBI undercover sting operation aimed at implicating Assange and his colleagues in criminal activity.

The mention of "a particular subject’s role in soliciting cyber attacks on a foreign government" stood out to me immediately as a likely reference to the Assange-Thordarson-Sabu-Iceland affair, perhaps even intended as a warning shot from the Justice Department that this is an angle still being pursued. WikiLeaks seems to have noticed it, as well, tweeting on Saturday that the document contained an "apparent reference to [an] FBI operation against WL."

It is worth recalling that the FBI and the Justice Dept. still have an active and ongoing criminal investigation into WikiLeaks, a fact that was most recently confirmed just last week. But because of constitutional press freedom protections in the United States under the First Amendment, to prosecute any WikiLeaks staff for their role in publishing leaked classified US government documents would be untenable. That is precisely why it is far more likely that the FBI will be seeking to find other charges it can lay against Assange, such as conspiracy, and that is where I think Sabu comes into the frame. The new court document refers to an "existing investigation" and notes that while the information Sabu gleaned about the cyber attacks being solicited "has not resulted in any prosecutions to date," it remains "extremely significant." [Emphasis added.]

So watch this space. I expect more details about this dramatic debacle are going surface before long — possibly even in an indictment against Assange, if the FBI gets its way.

The Detainee Report and the UK Government Flouting FOIA Law

Wednesday, 26 March 2014

Back in September, as I explained in a previous post, I filed a Freedom of Information Act (FOIA) request with the UK government in an attempt to obtain a long-withheld report on British spies' complicity in torture and extraordinary rendition. The government repeatedly ignored my requests — refusing to even acknowledge them, as obligated under the law — but finally published the report in December.

As I suspected it would, the so-called 'Detainee Inquiry' report shined a light on the dubious involvement of the UK's security services in brutal interrogation tactics and kidnapping methods carried out by US government operatives in the aftermath of the September 11 attacks. British agents, it found, were under no obligation to report breaches of the Geneva conventions and turned a "blind eye" to the torture of detainees held in foreign prisons.

The report was put together by the Detainee Inquiry as a preliminary report and, unfortunately, it only scratched the surface. Headed by retired judge Sir Peter Gibson, the inquiry was originally supposed to dig deep into the allegations of complicity in the abuses. However, it was postponed in 2012 amid controversy because the government said that it clashed with ongoing police investigations into some of the same cases. Justice Secretary Ken Clarke promised that an independent judge-led inquiry would continue in time, but the government suddenly pulled a policy reversal in December and now says the issues will be dealt with (or should I say, swept under the rug) by the largely toothless parliamentary intelligence and security committee — a move that has been strongly criticised by human rights groups, lawyers, and two United Nations special rapporteurs.

Aside from pointing to substance of the Gibson report, though, I wanted address something else here: that is, he dismal conduct of the government in ignoring my original request to obtain it. The Cabinet Office repeatedly failed to respond to my inquires for a period of about five months, even after the Information Commissioner's Office (ICO) got involved. (The ICO is the public body that enforces access to information legislation in the UK.) Under the terms of the FOIA law, the government should have responded to my initial request within 30 days. Instead, it chose not to respond at all — not even an acknowledgement; nothing. I've never experienced anything like that, and I have submitted quite a lot of FOIA requests in my time.

It seemed that the Cabinet Office was clearly flouting its legal obligations, so I decided to submit a formal complaint with the ICO. Last month, the ICO issued a "decision notice" in my case (see below), finding in my favour that the government broke the law under section 10 of the Freedom of Information Act by ignoring my request. The ICO threatened to pursue contempt of court action against the government in the High Court if it did not contact me within a further 35 days. Unsurprisingly, earlier this month, about a day before the deadline was due to expire, the Cabinet Office finally responded — claiming "oversights" were the cause of the long delay while having the cheek to open its letter by referring to my "recent" FOIA request. The request was submitted half a year prior.

Cabinet officials were contacted on several occasions about my request over this six-month period; they confirmed to the ICO over the phone that they had received it, and were then warned about potential "enforcement action." Yet they continued to not respond to me. It was not until the government was formally threatened with contempt in the decision notice that it acted. And by then, the Detainee Inquiry report that I was originally seeking had been released publicly anyway.

I have no idea whether the government deliberately ignored my request in a bid to delay releasing the report, so that it could release it later on its own terms. But frankly that does not seem like a far-fetched possibility, especially given that some public bodies, like London's Metropolitan Police, have admitted treating FOIA requests from journalists as "high risk" — even though all requests are supposed to be treated "applicant and motive blind." Either way, whether the failure to respond was calculated or just down to total incompetence, I have certainly not come away from this debacle with a sense that the government cares much about fulfilling its legal responsibilities in the realm of transparency.

For that reason, there is a satisfaction in seeing the government get reprimanded by the ICO for its unlawful conduct in this case. But ultimately there is a kind of depressing futility about the finding. The decision notice will go against the government — damaging the Cabinet Office's FOIA credentials with the Information Commissioner, especially if other cases such as this continue to stack up. (The Cabinet could be placed on the ICO's "monitoring programme" if it keeps egregiously flouting its FOIA obligations.) However, that doesn't really count for much in practice. I would like to see the ICO given much stronger powers to enforce compliance with FOIA law — the power to dish out heavy fines for flagrant violations and inexplicably extreme delays in responding to people. Otherwise it seems highly likely that the government and other public bodies will continue to be content to ignore requests whenever it suits them to do so.

UPDATE, 27 March 2014: As a commenter below has pointed out, it turns out that the Cabinet Office has in fact already been placed on the "monitoring programme" by the Information Commissioner's Office after "serious shortcomings" were identified in its responses to freedom of information requests. The ICO announced in January, while my complaint was still ongoing, that it would be examining the Cabinet's responses to requests received between 1 January and 31 March 2014. The ICO claims that "failure to show signs of improvement during this period may result in enforcement action."