Recently in GCHQ Category

The Computer Misuse Act 1990 was controversially and ineptly amended by the police and Justice Act 2006 to try to curb Denial of Service attacks and a new "Making, supplying or obtaining articles" offence. The territorial scope of this Act was broadened to include the whole world, regardless of whether you are a British citizen or not and the penalties were increased so that they were serious enough for Extradition to the UK to apply.

Spy Blog used to think that the House of Lords did a better job of scrutinising the detail of Bills, especially in regard to technical details, than the House of Commons, but now there are doubts, judging by the Serious Crime Bill.

Perhaps it is because this typical Home Office "Christmas tree" Bill covering lots of topics was, for no good reason, introduced in the Lords rather than the Commons, that the standard of detailed scrutiny regarding the Computer Misuse Act amendments seems to be as poor as if it the Commons had had first crack at cocking things up.

The Computer Misuse Act is a vital in safeguarding "the economic wellbeing of the UK", but like the Regulation of Investigatory Powers Act is showing its age due to fast moving technological change. We deserve a full new Act, with proper public consultation and detailed pre-legislative scrutiny, not just a few stupid amendments sneaked in as part of a wider Bill, without any public consultation at all..

The Serious Crime Bill is making major changes to the Computer Misuse Act to combat "cyber attacks", without any public consultation or any actual evidence of need.

It also risks legally crippling the activities of GCHQ and SIS / MI6 and their computer software and hardware suppliers with the stupid criminalisation (with a penalty of up to imprisonment for life and or an unlimited fine) of "serious damage to the national security ofany country" - even enemy countries !

"Cyber attacks" are not just directed at the UK, they could originate from the UK against the "economy" or "national security" of other enemy countries

The Home Office pretends in its Serious Crime Bill computer misuse policy documents especially the CMA Aggravated Offence Impact Assessment document that:

"Although to date no cyber attacks have had an impact of this nature, a longer maximum sentence should be available should such an attack occur in future"

"There is no evidence that cyber criminals will necessarily be deterred by a longer sentence, but there may be deterrence benefits and/or benefits in public confidence."

No ! There will be a further reduction in public confidence in the Home Office and the Government in general as a result of s
stupid legislation

"A full public consultation will not be taken due to the tight time frame if the 4th session"

Only Ministry of Justice, Crown Prosecution Service, Scotland Office, Northern Ireland Office, GCHQ, Police and National crime Agency
were consulted as "stakeholders".

Note that no NGOs, Regulators, RIPA Commissioners, Information Commissioner industry, or the general public were consulted at all.

Note that there is no published Privacy Impact Assessment, something which they probably also never bothered with.

The Serious Ccrime Bill was introduced in June and after the Summer Recess, the House of Lords is set complete the Report stage next week. However they "considered" the Computer Misuse Act amending clauses on 14th October 2014
and passed 3 Amendments, none of which addressed the important bits.

14 Oct 2014 : Column 142

Clause 40: Unauthorised acts causing, or creating risk of, serious damage

Amendment 17

Moved by Baroness Williams of Trafford

17: Clause 40, page 30, line 40, leave out "country" and insert "place"

we have given further consideration to the position of installations such oil rigs, ships and so on that are located outside the territorial waters of any country. Although I acknowledge that this scenario is extremely unlikely, it is not clear that the offence as currently drafted would capture an attack that caused serious damage to the human welfare of those living and working on such an installation, or to the surrounding environment.

To provide greater clarity on this point, therefore, Amendment 17 replaces the reference to damage to human welfare in any country with a reference to damage to human welfare in any place. Amendment 18 similarly replaces the reference to damage to the environment in any country with a reference to damage to the environment of any place.

Once these changes are made, there is no longer any need to extend the meaning of "country" to include its territorial seas. References to damage to the economy or national security of any country will remain, as either the economy or national security of a country has been damaged or it has not. In these cases, it is not necessary to include territorial seas within the definition of a country, so Amendment 19 removes this reference.

Amendment 17 agreed.

Amendments 18 and 19

Moved by Baroness Williams of Trafford

18: Clause 40, page 31, line 1, leave out "in any country" and insert "of any place"

19: Clause 40, page 31, leave out line 23

Amendments 18 and 19 agreed.

So the Lords have broadened the territorial scope of the probably unenforceable new "b) damage to the environment of any place" offence to cover offshore oil rigs and pipelines outside of any country's national territorial waters.

At this point their Lordships collective minds seem to have wandered as they should also have looked at the very next two lines of the Bill

(c) damage to the economy of any country; or (d) damage to the national security of any country.

Why did they not think to apply exactly the same argument for changing "any country" to "any place" in respect of international telecommunications cables, physical or "cyber" damage to which would clearly " damage to the economy of any country" and which are even more than oil pipelines likely to be further out to sea than being merely adjacent to to national coastlines or territorial waters ?

As it stands, this criterion is far to broad and is likely to be unenforceable internationally or only selectively enforced, bringing the whole law into disrepute.

Even worse is the next line

(d) damage to the national security of any country.

Imprisonment for life and / or an unlimited fine for serious damage to the national security of any country ? Even Russia, China, Iran, Syria, Cuba etc. ?

Did nobody (including GCHQ) notice that this makes much of what GCHQ and SIS/MI6 do, or could do, illegal if it involves computers at all (which is very likely) ?

It will certainly make the

Intelligence Agencies' staff are not Constables (i.e. Police Officers) or Enforcement Officers (i.e. Court appointed Bailiffs, or even Civilian Enforcement Officers i.e. Traffic Wardens) so none of the Computer Misuse Act section 10 Saving for certain law enforcement powers applies, regardless of the Serious Crime Bill amendment to this section to include any Act in England, Wales, Scotland and Northern Ireland.

If the worldwide scope of these stupid Computer Misuse Act amendments is not removed before the Bill is enacted then Spy Blog predicts:

  • Whitehall control freaks will try to use the "national security" offences of the amended Computer Misuse Act against journalists and whistleblowers, instead of the Official Secrets Act. Even if nobody is ever actually prosecuted, it will have a chilling effect on UK investigative journalism and reporting of e.g. Manning, Assange or Snowden sourced stories all of which involve potential direct Computer Misuse Act offences or the "Making, supplying or obtaining articles for use" offence, or conspiracy to commit any of these.

  • Foreign Countries will issue Mutual Legal Assistance Treaty requests or, in Europe, simply issue a European Arrest Warrant for the extradition of GCHQ or SIS/MI6 staff who may be implicated in breaches of the "national security of any country.

  • Activists and non-governmental pressure groups will make formal complaints to the British Police, regarding the activities of UK companies who supply GCHQ and SIS/MI6 or the Ministry of Defence etc. with software of hardware which could be used to help "damage the national security of any country". N.B. there does not have to be any actual use of such articles, only a belief that they are" likely to be used to commit, or to assist in the commission of, an offence" which will now also apply to the new "economy" or "national security" "of any country" offences.

N.B. unlike the Official Secrets Act etc. the Computer Misuse act has no involvement of the Attorney General who might stop "national security" prosecutions from grinding their way through the Police & Crown Prosecution Service & Extradition proceedings.

GCHQ Sir Iain Lobban's valedictory speech


A few comments, in context, on:

Sir Iain Lobban's valedictory speech - as delivered
Full transcript of the speech given by Sir Iain Lobban, Director GCHQ, at the Cabinet War Rooms on 21 Oct 2014.

Weirdly, the GCHQ website no longer seems to support the use of https:// SSL / TLS encryption at all, unlike Security Service MI5 and Secret Intelligence Service SIS / MI6

In the middle of the summer, when I resolved to give this talk, the following events were taking place around the world:

  • A commercial airliner flying at over thirty thousand feet over eastern Ukraine was shot down with a sophisticated surface-to-air missile system, with the loss of 298 lives, 80 of them children
  • Fierce fighting on the ground continued after Russia's annexation of Crimea
  • ISIL advances in Syria and Iraq continued, treating local populations with devastating savagery, and the video of the beheading of the first western hostage spread across the internet
  • the American, Canadian and British embassies suspended operations in Tripoli due to armed clashes between Libyan militias in the country
  • the National Crime Agency carried out further arrests of predators involved in child exploitation

  • thirty-five adults and children, one of whom died, were discovered in a lorry, illegally trafficked from Afghanistan
  • £100 million pounds-worth of cocaine was seized off the coast of Ireland
  • Nearly 200 cyber incidents against the UK's networks of national significance were detected and responded to.

As my teams pivoted to tackle such intelligence and security requirements, and I marvelled yet again at their dedication and tenacity, I decided I wanted to use the occasion of my departure from this post to reflect publically on the profession to which I've devoted the past 31 years: to explain why people like me are motivated to do what we do. After all, it's sometimes called the second oldest profession in the world, and like the oldest, you tend not to talk about it as a career choice. But that's exactly what I want to do now. That career choice is one of the best decisions I've ever made, and I want to tell you why.

I also want to think aloud about the place of intelligence in national life, which makes this exactly the right place for this final public speech. Has there ever been a politician who was so comprehensively focused on intelligence, and on the policy and processes underpinning the production of intelligence, as Winston Churchill?

I joined GCHQ in what felt like the dark days of the Cold War. The majority of my early postings in the department were focused on the Warsaw Pact: a massive challenge. And as I leave, once more we look towards and beyond the Urals. Perhaps I needn't have bothered... Certainly the bookends of my career illustrate how the world continues to be a dangerous and unpredictable place.

But there's a longer timespan in which we should situate the work that GCHQ does today.

UK Signals Intelligence celebrates its centenary this year. There was no Sigint organisation in this country on 4 August 1914, but in November 1914 the First Sea Lord, Winston Churchill, issued a Charter. That Charter prescribed the operating model for Room 40, the section in the Admiralty which had started producing intelligence from intercepted and decrypted messages, would operate. Churchill oversaw the birth of British Sigint, and was instrumental in the creation in 1919 of GCHQ, under its former name of GC&CS.

In another dark time, a sparkling generation radiated their genius from dingy huts at Bletchley to defend a beleaguered nation against the Nazi onslaught:

  • They sent the intelligence to leaders right here in these War Rooms
  • Just as today, GCHQ continues to supply our National Security Council with the intelligence necessary to make the right strategic decisions.

It was here that Churchill applied the lessons he had learned during the First World War about keeping the use and the protection of Sigint in balance: intelligence is of no use if you can't use it, but it will quickly disappear if those using it do not protect its source.

In his Charter for Room 40, Churchill proposed that his Sigint staff should study intercepts, past and present, and compare them with what actually happened in order to penetrate the German mind. This process of traffic analysis was further developed at Bletchley Park, where analysts built a picture of hostile activity by analysing communications for patterns, connections and abnormalities.

  • Today, we continue to look for the patterns, connections and abnormalities that indicate of illuminate hostile capability and intent.

Bletchley Park saved the lives of numerous seamen and the shipping, materiel, and other supplies criss-crossing the Atlantic and the Arctic, all the while stalked by enemy submarines, providing intercepts on which evasive action could be taken. They kept those vital supply routes open.

  • Today, we continue to use intelligence to safeguard the electronic networks on which our trade, our finance, our way of life, now depend.

By June 1944, Sigint could tell General Eisenhower about the German Order of Battle in Normandy, about German perceptions on where the Second Front would be opened, on German intentions to respond to it, and on the success of his deception plan.

  • I am not going to tell you the details of the way we support the UK military today, but let me assure you that our aim is to ensure that every British or allied Commander has the same complete Information Superiority that Eisenhower had. The stakes of our mission today engage life and death as compellingly now as they did then. We are fiercely proud of the work we do to support troops in the front line, foiling attacks on British and allied forces deployed anywhere in the world.

But today's ask is in some ways broader than that of Bletchley Park:

  • With our partners at Mi5 and SIS we apply all our skills to keep our streets safe from terrorists
  • We work to stop the spread of destructive weapons across the world
  • We strain sinews to locate hostages imprisoned in dark and dangerous places, tragically not always with success
  • With the National Crime Agency we battle serious and organised crime
  • We counter internet fraudsters and their malware to save the taxpayer hundreds of millions of pounds.

We counter internet fraudsters and their malware to save the taxpayer hundreds of millions of pounds

GCHQ appear to be spectacularly unsuccessful in this regard, given the estimates of billions of pounds of attempted internet fraud each year.

Perhaps this is because the same "phishing" and malware techniques used by fraudsters seem to be used by GCHQ themselves, according to the Snowden revelations.

How many malware authors and distributors have been prosecuted and convicted in the UK ? Almost none. How many were caught by GCHQ ? Zero.

How many foreign cyber attackers have been extradited to the UK ? Zero

And we also battle to save something upon which nobody can place a value: we strive to protect our children from terrible abuse.

Wars, terrorism, fraud, child sexual exploitation - nothing new in that, you might think. Until you recall that we're witnessing the biggest migration in human history. In the six years since I took up this post, almost one and half billion people have joined the enormous exodus to the internet. That's a doubling of the people accessing information and communicating online. There are over six and a half billion mobile subscribers in the world, nearly two billion active social network users.

We all know that the beautiful dream of the internet as a totally ungoverned space was just that - a beautiful dream. Like all utopian visions, it was flawed because it failed to account for the persistence of the worst aspects of human nature. Alongside the amazing benefits - the comprehensive information, education, health, the communities of interest, the commercial opportunities and efficiencies - there are the plotters, the proliferators and the paedophiles. From what we know of ungoverned spaces in the real world, do we really believe that the world would be a better place if the internet becomes an ungoverned space where anybody can act freely with impunity?

the other impractical utopian vision is the myth that the state can or should provide absolute security.

Those who would do us harm don't want to be found. They choose certain routers or applications to hide in the darkest places of the internet. We have to enter that labyrinth to find them. We work to crack their defences. We have to understand what adversaries seek to do to us, and dedicate ourselves to preventing them from realising their plans. And the vast majority of those criminal threats to the UK are posed by groups or individuals based overseas. So we need strong intelligence and cyber capabilities to identify them and, where international law enforcement doesn't work, to disrupt them directly. This combination is increasingly essential.

where international law enforcement doesn't work, to disrupt them directly

"Disruption" is particularly evil concept, as it does not seem to require any actual evidence or proportionality or regard for collateral damage to the innocent or an appreciation of the economic damage to the UK.

But how to find them in the first place? We used to map the frequencies of the Warsaw Pact's naval, ground, and air forces, just as our predecessors at Bletchley Park tracked the frequencies used by U boats and panzer divisions. But now most of the time there's no tell-tale frequency to intercept, and our adversaries use a diverse range of complex comms methods. Unfortunately, there's no '' for us to log onto and to find terrorists or serious criminals: instead we have to search for them in the vast morass of the internet.

N.B. of course there is already a is a domain name and website registered, but hopefully GCHQ are not targeting it "just in case".

Again, I reach back to the First World War. The reason that there was no Sigint on 4 August 1914 was that the members of the Royal Navy's signal staff who had, from time to time, looked at foreign use of radio, had looked at random messages and had found little or nothing of interest. When they saw a message saying "Proceed to Grid 1596 by 0830 hours" it was dismissed as of no interest. It was only the collection and examination of many such messages that led to an understanding that such items were like tiny fragments of a mosaic: Sigint's job is to reveal the big picture. In the first few weeks of the war, those in Room 40 began to look at what today we would call the network,
focussing on the bigger patter of message traffic which produced intelligence about German intentions.

Today, of all the communications out there globally - the emails, the texts, the images - only a small percentage are within reach of our sensors.

  • Of that, we only intercept a small percentage
  • Of that, we store a miniscule percentage for a limited period of time
  • Of that, only a small percentage is ever viewed or listened to, as permitted by our legal framework, and self-evidently, constrained by resource.

TEMPORA snooping on fibre optic communications cables - "full take" cached for 3 days, "metadata" stored for 30 days, as revealed by Edward Snowden, appears to contradict these claims.

We access the internet at scale so as to dissect it with surgical precision. Practically, it is now impossible to operate successfully in any other way. You can't pick and choose the components of a global interception system that you like (catching terrorists and paedophiles), and those you don't (incidental collection of data at scale): it's one integrated system.
That process has other benefits beyond obtaining the intelligence needed by our nation and its allies. By understanding the technicalities of obtaining intelligence, we can help government, businesses and citizens to protect their systems and their data. And by understanding trends in both the technology itself and how it's used, we can help to build the kind of skilled workforce that our country will need in order to flourish in the future.

It is the duty of the state to protect its citizens and to develop a system of capabilities to ensure that its protection is as complete as it can be: the question becomes how we use that system in a way that is consistent with the law, and with values you and I are determined to uphold.

It's a process of intelligence-gathering laid down by law, pored over by parliament, inspected by independent commissioners and under the supervision of a Tribunal. And we wouldn't have it any other way. We've even implemented certain internal safeguards beyond what is required. We've done so because we want to belong to a society that can have confidence in its intelligence services. And so, even when we hear fellow citizens saying things like: "I don't mind being watched because I've nothing to hide" or "I don't mind because it's the price of security," that's depressing for us. The people who work at GCHQ would sooner walk out the door than be involved in anything remotely resembling 'mass surveillance'.

"mass surveillance" does not mean total blanket surveillance i.e. billions or trillions of events a day. It is still "mass surveillance" if only hundreds or thousands of people are caught up in it directly or indirectly.

I want to make it absolutely clear that the core of my organisation's mission is the protection of liberty, not the erosion of it. And that presenting our activities as some sort of binary option - security or privacy - is to represent a false choice: we are committed to doing our utmost to deliver security at the same time as protecting privacy to the greatest extent possible.

GCHQ's compliance regime, like those of our sister Agencies, is supported by a strong culture and ethos of personal accountability. My staff undertake mandatory policy and legalities training before they can access operational data. And we underpin all this internally with a series of processes to uphold not just the letter, but the spirit, of the relevant laws and policies. We respect privacy and take utterly seriously our obligations under Article 8 of the European Convention on Human Rights. We actively seek to minimise intrusion into everyday lives, working in accordance with the principles of necessity and proportionality. By definition, the acquisition, aggregation, usage, sharing and retention of information involve varying degrees of interference with, or intrusion into, the privacy rights of individuals. So those activities can only be undertaken if judged to be necessary in the interests of our statutory purposes - national security, economic wellbeing, or the prevention and detection of serious crime - and proportionate in what we seek to achieve.

This is perhaps the most interesting part of the speech, which seems to contradict the repeated questioning of the witnesses giving oral evidence in public to the Intelligence and Security committee last week about "balance" and "is privacy engaged at the point of collection ?" :

  • And so, even when we hear fellow citizens saying things like: "I don't mind being watched because I've nothing to hide" or "I don't mind because it's the price of security," that's depressing for us.
  • And that presenting our activities as some sort of binary option - security or privacy - is to represent a false choice: we are committed to doing our utmost to deliver security at the same time as protecting privacy to the greatest extent possible.
  • By definition, the acquisition, aggregation, usage, sharing and retention of information involve varying degrees of interference with, or intrusion into, the privacy rights of individuals

Why did the ISC waste so much time on these topics, when even Sir Iain agrees with the human rights activists and lawyers and academics on these points ?

Those principles of necessity and proportionality are fundamental to the functions and ethos of the Agencies, and are critical components of the legal framework within which the Agencies strictly operate. They are applied within every investigation, and are subject to multiple layers of scrutiny and controls.

From the Snowden revelations, it seems that none of this applies to NSA or other 5 Eyes partners (Australia, Canada and New Zealand) when they target UK citizens in the UK or overseas, or their internet or telecommunications traffic routed in transit overseas. They then share the raw data or the processed analyses with GCHQ and other UK intelligence agencies, in secret, with little or no effective UK oversight.

On top of that, GCHQ has an Ethical Framework, setting out our approach to ethical decision-making, applying objectivity and professionalism to those principles.

So why doesn't GCHQ publish this "Ethical Framework" so that the public can be reassured ? Surely this does not contain any "sources and methods" details ?

It's not for me to act as a cheerleader for the system of oversight and scrutiny that apply to GCHQ and my sister intelligence and security Agencies. But I will say that it is the most coherent and well-developed system of which I am aware in relation to such agencies around the world, with its triple lock of:

  • Authorisations by a Secretary of State
  • Informed, rigorous scrutiny by the Intelligence Services Commissioner and by the Interception of Communications Commissioner - and I commend Sir Anthony May's 87-page open report from April this year to the interested reader
  • Review by the parliamentary Intelligence and Security Committee, as strengthened by the recent Justice and Security Act.

2013 Annual Report of the Interception of Communications Commissioner (.pdf)

And that triple lock is supplemented by the Investigatory Powers Tribunal which can hear, and indeed is hearing, legal challenges against our activities, with access to secret material.

This "triple lock" is worse than useless for investigating real or imagined abuses of the system against individuals or groups - it is all too secret and relies on public trust in government bureaucracies which simply does not exist.

And some things do need to remain secret. Let me reflect on the relationship between the intelligence profession and the journalism profession. That relationship may be complex, but let me be clear: we may get frustrated when our efforts are undone, our enemies advantaged, and our integrity questioned, but we're not frustrated by the free press itself. We do what we do precisely to safeguard the kind of society that has a free press.

Why can't GCHQ and the other intelligence agencies have official spokesmen, just like in the USA, to correct the misreporting in the press ?

"Neither confirm nor deny" is a counter-productive policy which literally insults the intelligence of the public, fuels conspiracy theories and destroys public trust, not just of GCHQ but of the UK government in general.

I wonder if it's worth musing upon the shared motivations between our professions. I don't just mean the mutual concern with sources and methods. I mean something more fundamental: at the height of their professions, intelligence officers and journalists both care deeply about knowledge; we are scrupulous about the integrity of the analysis that our reporting depends upon; we both seek the truth; and to get it, we both have to shine a light into dark and often dangerous places, places where we aren't exactly welcome. The difference is what happens to the truth we find. For journalists, the public interest is served by publicity itself; for us, the public interest is served by some things remaining secret.

Over my three decade career I've spent about half of it in roles where it's been necessary to consider whether, and if so how, to use Sigint, to employ it outside the ring of secrecy, to 'disclose' it. The trick is to release the facts so action can be taken if necessary, but to avoid risk to the sources and methods involved. These are, for the most part, very finely balanced judgements made by deep professionals with an instinctive feel for what needs to be released so it can be used, at the same time as applying structured tests so as not to throw away the fragile 'edge' of knowledge secured by intelligence penetration. Back to Churchill again! It's crucial that the targets whose communications we seek to exploit for the purposes of our national security do not know what we can and can't do.

Presumably Sir Iain is talking about the Police and (secret) Courts and the censored RIPA Commisioners' and Intelligence and Security Committee reports when he talks about disclosing Sigint "outside the ring of secrecy" because GCHQ has never bothered to give any useful information to the public, even at a general policy level, without exposing any tactical details.

Secret does not have to equal sinister. The idea that it does is perhaps inspired by the portrayal of uncontrolled intelligence operations in popular films and TV programmes. The reality is more mundane, but contrary to what you might expect, it's also more inspiring. GCHQ staff are drawn from the British population. Yes, we have people with diverse skills and talents, and geniuses from our past, like Alan Turing, remind us that neuro-diverse conditions can frequently unlock exceptional contributions. But basically they are normal, decent human beings - people who spend their lives outside work shopping at Sainsbury's or the Co-op, watching EastEnders and Spooks, listening to Radio 4 and TalkSport, drinking in pubs, wine bars and Cotswold tea rooms, and worrying about their kids, the weather, the football, cricket, and rugby, and what to have for tea. They give their time to charitable causes and help children in local schools.

N.B. No mention of Geoffrey Prime the KGB Communist spy, who was not detected by GCHQ counter-intelligence, but by the local Police ,who arrested him for paedophile sex attacks on local children in the Cheltenham area.

"Prime constructed a system of 2,287 index cards bearing details of individual girls; each card contained information on their parents routines and detailed when they were alone at home"

Imagine what such a cunning spy and paedophile could do with GCHQ insider access to the internet, regardless of any laws or internal policies.

It is the potential unauthorised abuse of powerful state surveillance systems by corrupt or fanatical privileged insiders which is the worry and which is not alleviated by "neither confirm, nor deny" or "it's all legal with oversight" platitudes.

Outside work, we are the people that the inhabitants of Cheltenham, Gloucester and the surrounding area regard as friends, neighbours and customers. We don't suddenly lose our souls the moment we swipe into the Doughnut. My staff are ordinary people doing an extraordinary job.

...Ordinary people, but their extraordinary job can demand extraordinary sacrifices.

Sometimes those sacrifices are economic. My staff choose public service even where they possess astonishing skills prized by the market.

Sometimes those sacrifices are social. Intelligence professionals can't share the details of their work with family and friends. Imagine having no chance to share the good days and download the difficult days. And the same goes for the gratitude of the wider population: it's a rewarding form of public service, but more often than not, the thanks are received behind closed doors.

Their enemies don't stop, so neither can they - the analyst who misses their Christmas dinner to rush in for an urgent task; the teams mounting a 24/7 operation to find a fellow citizen taken hostage overseas. They miss sleep and family commitments over days, weeks and sometimes months, working against the clock, trying to save someone they've never met. They scour far-flung networks for clues and identifiers, feeling the thrill of a breakthrough and, sometimes, despair if they are unsuccessful and people are harmed. One of my saddest duties is to talk to teams devastated by such an outcome.

And the psychological sacrifices can be severe. Like the police or the military, British "spies" have to deal with the worst of human behaviour. Have no doubt that dealing with that is emotionally arduous. They have to look at some highly disturbing images of grotesque things being done to children, at graphic videos of beheadings. They examine such things carefully for clues to the perpetrators. You can imagine the potential effect of looking at such images day-in and day-out, and so we have mechanisms to support people in these roles. I can assure you viewing of such material at GCHQ is not taken lightly. We do it because our job is to protect your loved ones.

So I believe - passionately - that intelligence and security work in the United Kingdom is a noble profession. It helps good decision-taking. It can prevent wars and disrupt the proliferation of weapons of mass destruction. It does prevent terrorist attacks. It pursues criminals who threaten the most vulnerable. A monument in the National Memorial Arboretum honours those who have dedicated their careers to the pursuit of Signals Intelligence.

And, as I complete my own journey from Iron Curtain to Final Curtain, and give way to a distinguished successor waiting in the wings, I cherish my choice of career. My colleagues and I joined the intelligence services to protect others from those who would do them harm. That has always been the passion of our profession. It was our passion when we resisted the Wehrmacht, the Kriegsmarine and the Luftwaffe; it was our passion during the Cold War when we wrestled the Soviet machine; and it's our passion today.

Back to Winston Churchill: he was responsible for two momentous decisions which transformed GCHQ, and which mark it to this day.

  • He personally approved the proposal to share every single one of Bletchley Park's secrets with the United States, a decision which led to what is the most enduring intelligence partnership in history.
  • And he personally answered the urgent appeal made to him by Turing, Alexander, Welchman and Milner-Barry for more resources: "Action this day: Make sure they have all they want on extreme priority and report to me that this has been done". This decision transformed GCHQ: it became the organisation it is today, enabled by technology to produce intelligence at scale and at pace.

And even earlier than that, when he became Chancellor of the Exchequer in 1924, he demanded access to Sigint reporting, writing to the Prime Minister, Stanley Baldwin: "In the years I have been in office since Room 40 began in the autumn of 1914, I have read every one of these flimsies and I attach more importance to them as a means of forming a true judgement of public policy in these spheres than to any other source of knowledge at the disposal of the State". He shared our passion, and our predecessors recognised it and responded to it.

When I joined GCHQ, there were still veterans of Bletchley Park working in Cheltenham. They had worked alongside those who had started Sigint in 1914, learning not just how to do their jobs, but learning too why they did their work the way they did, and how GCHQ had grown and adapted as new sources became available, or productive sources were turned off. I learned from them, and eventually, as the Director of GCHQ, have had the responsibility of ensuring that the thread of continuity that links us to our past continues to extend into the future.

I won't pretend that I've enjoyed every minute of the media attention, but the only thing worse than being in the eye of the storm would have been to be anywhere else. Had that been so, I'd be unable to bear witness now to my fellow professionals, ordinary men and women whose integrity has been insulted time and again, and whose response to such provocation has not been a noisy retort but a quiet resolve - a resolve to continue doing extraordinary things for others. I will miss them, the friends who made the same career choice: their skill, their sacrifice, their silence.

I said this to the parliamentary committee in a closed evidence session, and I'll say it again now:

  • My staff are the embodiment of British values, not a threat to them.

Most current GCHQ staff are probably not a threat to British values, but the automated infrastructure of snooping is a huge threat to us all, including such privileged insiders themselves.

  • What if an extremist government takes power ?
  • What if a weak government fails to prevent the ponderous bureaucracy from sleep walking us into a repressive surveillance state on autopilot, as officials and politicians try to deflect blame and protect their budgets and empires, by seeking to "leave no stone unturned" in their surveillance activities ?

What will Sir Iain Lobban do next ? Will he enjoy a quiet retirement or will he magically appear as a Director or Consultant in the "revolving door" world of Defence / Intelligence / Lobbyist companies ?

How different, if at all, will his successor Robert Hannigan as Director of GCHQ ?

The legal challenge in the (mostly secret) Investigatory Powers Tribunal by several civil liberties groups against the mass surveillance schemes such as GCHQ's Tempora has led to a witness statement by Charles Farr at the Home office.

UK intelligence forced to reveal secret policy for mass surveillance of residents' Facebook and Google use

Unfortunately the copy of Charles Farr's witness statement, which needs to be analysed carefully, is only available as a non-accessible image scanned (.pdf) file.

Therefore, with the help of Optical Character Recognition, Spy Blog has produced a text / html version of this important historical document for the benefit of the public and search engines.

If we have time we will try to clear up the inevitable formatting errors and spelling mistakes, but you should get the gist and be able to search for key words:

Down load our text file

or read it here below:

The loss making (left of centre) Guardian newspaper is now lucky if it can sell 200,000 copies daily, a fraction of its tabloid or even "highbrow" rivals. It does, however, have a big influence online, but again mostly worldwide, rather than directly in the UK, where it cannot compete with, say, the right of centre / populist tabloid The Daily Mail.

The Guardian is one of the few organisations which still does real investigative journalism in the UK, especially when compared with broadcast media or their jealous commercial newspaper rivals . It has been one of the main conduits of leaks about the US National Security Agency (NSA) and the UK's GCHQ intelligence agencies via former CIA / NSA / Dell / Booz Allen Hamilton contractor Edward Snowden, since June 2013.

It is one of the main opinion forming newspapers read by the Westminster village of MPs and rival political journalists, by Whitehall bureaucrats and government politicians.

The current editor is Alan Rusbridger, who has been kind enough to say that Spy Blog is a useful resource.

On Tuesday 3rd December 2013, the House of Commons Home Affairs Committee, took the unusual step of "inviting" / ordering the Editor of The Guardian, Alan Rusbridger to give oral evidence before the Committee, nominally as part of its often repeated, but frequently ineffective inquires into Counter Terrorism.

The Home Affairs Select Committee is supposed to be acting on behalf of the public, to scrutinise the vast and powerful securocrat empires.

Civil servants can claim some measure of protection by getting their Minister's to appear before a Select Committee, citing the "unofficial" but nevertheless precedent setting Osmotherly Rules, there is nothing to protect ordinary or eminent members of the public from being abused by a Select Committee whose members choose to conduct McCarthy style public witch hunts, to try to trap invited / compelled witnesses into "confessions" of disloyalty or criminality, even when there has been no such investigation or accusation by the police etc.

The transcript of the session is now online and only reinforces the impression of incompetence and malice which some of the MPs (both Conservative and Labour) displayed, which has caused some damage to the reputations of those MPs themselves and, by extension to Select Committees and to Parliament.

If, you are a member of the public, regardless of how famous or eminent you are and you are "invited" to appear before the Home Affairs Committee as a witness, you should seek legal advice and given the disgraceful Questions posed of some of the MPs to Alan Rusbridger, you should seriously consider refusing to appear.

Home Affairs Committee
Tuesday 3 December 2013
Alan Rusbridger
Sir Bernard Hogan-Howe and Cressida Dick

The Members present were:

Keith Vaz (Chair) - Labour, Leicester East
Ian Austin - Labour, Dudley North
Nicola Blackwood - Conservative, Oxford West and Abingdon
Michael Ellis - Conservative, Northampton North
Paul Flynn - Labour, Newport West
Dr Julian Huppert - Liberal Democrat, Cambridge
Yasmin Qureshi - Labour, Bolton South East
Mark Reckless - Conservative, Rochester & Strood
Mr David Winnick - Labour, Walsall North

Below is the lengthy (uncorrected) transcript with some Spy Blog annotations:

One of the most important revelations from documents released from Edward Snowden to The Guardian (and Channel 4 tv news) is this story, over a week ago, with little or no follow up from the rest of the UK media:

US and UK struck secret deal to allow NSA to 'unmask' Britons' personal data
• 2007 deal allows NSA to store previously restricted material
• UK citizens not suspected of wrongdoing caught up in dragnet
• Separate draft memo proposes US spying on 'Five-Eyes' allies

James Ball
The Guardian, Wednesday 20 November 2013 19.00 GMT


The phone, internet and email records of UK citizens not suspected of any wrongdoing have been analysed and stored by America's National Security Agency under a secret deal that was approved by British intelligence officials, according to documents from the whistleblower Edward Snowden.


• In 2007, the rules were changed to allow the NSA to analyse and retain any British citizens' mobile phone and fax numbers, emails and IP addresses swept up by its dragnet. Previously, this data had been stripped out of NSA databases - "minimized", in intelligence agency parlance - under rules agreed between the two countries.


• A separate draft memo, marked top-secret and dated from 2005, reveals a proposed NSA procedure for spying on the citizens of the UK and other Five-Eyes nations, even where the partner government has explicitly denied the US permission to do so. The memo makes clear that partner countries must not be informed about this surveillance, or even the procedure itself.


Jack Straw was foreign secretary in 2005 and Margaret Beckett succeeded him in 2007. Neither was prepared to comment after being approached by the Guardian. The government and GCHQ were asked for a comment a fortnight ago, but they also declined.


Surely the Intelligence and Security Committee was aware of these two secret memos / agreements between GCHQ and the NSA ?

Were the RIPA Intelligence Services and the Interception of Communications Data Commissioners awre of this arrangement ?

Surely such a major change in the "we don't spy on each other" "5 Eyes" intelligence sharing partnership was explicitly singed off by at least a Secretary of State or the full Cabinet and the Prime Moister ?

Is the public seriously meant to be fooled into believing that if NSA snoops on communications meta data, and "incidentally" collects millions of "un-minimized" data records a month on innocent UK citizens, and dumps it into databases which are accessible by UK, Canada , Australia and New Zealand ("5 Eyes") partners, that UK GCHQ or other intelligence analysts go through the process of obtaining a Ministerial Warrant, every time time they run an automated database trawling / analysis tool ?

These memos make a mockery of the Intelligence and Security Committee, which rushed to proclaim that the PRISM allegations back in June were all without substance and that every single time that the US NSA had access to UK data, there was a corresponding UK approved certificate or warrant.

The increasingly irrelevant chairman of the ISC has, like the cunning politician he is, rushed to get a quote in The Guardian that

Watchdog demands GCHQ report on NSA's UK data storage
Intelligence and security committee chair Sir Malcolm Rifkind seeks explanation of deal that allowed US to 'unmask' Britons


Rifkind, whose committee is under tremendous pressure to prove it can credibly keep tabs on UK's spy agencies, said on Thursday: "As with any significant stories concerning any of the intelligence agencies, we will require and receive a full report from them on this."

but, significantly, the official ISC website

makes no formal announcement of any such inquiry or Report in Progress, even over a week since the story broke.

Having successfully paid lip service to what, in Whitehall is clearly seen as the small minority of Guardian reading troublemakers, the ISC and the intelligence agencies must be gratified that the rest of the British media has not bothered to put political pressure on the Government over this issue.

Rifkind, who sees his role as public relations for the Intelligence Agencies

Intelligence & Security Committee chair Sir Malcolm Rifkind sees its role as public relations for the intelligence agencies it is meant to scrutinise impartially

The Sunday Times reported last week that

Grilling of spy chiefs 'a total pantomime'

i.e. that the recent "historic" televised open evidence session where the Intelligence and Security Committee supposedly "grilled" the heads of the Intelligence Agencies in public, but where, it seems, they had already been tipped off to the questions that they were going to be asked . There was a 2 minute delay in transmission in case any "secrets" did somehow slip out and normal members of the public or the press were banned from attending in person.

The Liberal Democrat Lord Strasburger tried to ask about GCHQ Project Tempora in the House of Lords, and the clearly embarrassed Government Minister failed to give a satisfactory answer, but it was clear from that debate that the Intelligence and Security Committee were also kept in the dark about its specifics.

All of which further reduces the already low public trust in the Intelligence and Security Committee as a mechanism which properly scrutinises the activities of the UK intelligence agencies and their foreign partners, especially when they are wasting public money and putting the privacy and online security of innocent UK people at risk.

Given the pre-announced constraints, what Questions can the Intelligence and Security Committee actually sensibly ask the heads of GCHQ, Security Service MI5 and Secret Intelligence Service SIS/MI6, during tomorrow's "historic" first televised Open Evidence session ?

The Committee will question the Agency Heads on the work of the Agencies, their current priorities and the threats to the UK. Among other things it will cover the terrorist threat, regional instability and weapons proliferation, cyber security and espionage. However, since this is a public session, it will not cover details of intelligence capabilities or techniques, ongoing operations or sub judice matters. The Committee questions the Agencies about these details in their closed sessions.


Sir Iain Lobban, Director, GCHQ;
Mr Andrew Parker, Director General, Security Service; and
Sir John Sawers, Chief, Secret Intelligence Service.

will have rehearsed and / or have received tax payer funded "media coaching", like other senior civil servants have done when appearing before televised Parliamentary Committee sessions. Sir John Sawers, a former diplomat, is likely to require the least "coaching".

Here is are some Spy Blog suggested Questions for the ISC to ask:

Some Witness protection but currently no Whistleblower protection

Given the new powers of the ISC under the Justice & Security Act 2013 Schedule 1 (7) Protection for Witnesses

Protection for witnesses

7(1) Evidence given by a person who is a witness before the ISC may not be used in any civil or disciplinary proceedings, unless the evidence was given in bad faith.

(2) Evidence given by a person who is a witness before the ISC may not be used against the person in any criminal proceedings, unless the evidence was given in bad faith.

However, many potential whistleblowers will be scared of even contacting the ISC to merely discuss possible future witness testimony, regarding issues or details about which the senior managers of the Intelligence Agencies may not themselves be aware of. This will happen before any ISC witness immunity can be invoked, since this can only apply to actual evidence, rather than to investigative tip offs etc. for the ISC to probe further.

N.B. even if the Intelligence & Security Committee became a proper Joint Select Committee of Parliament, the legal privileges under the Bill of Rights would still only be Witness rather than Whistleblower protection.

Questions for the Open Session

Will each of the heads of the Intelligence Agencies publicly assure the Committee, the public and potential whistleblowers within their agencies and within their private sector subcontractors, that:

  1. They will not seek to use any of their Interception, Communications Data, Confidential Human Intelligence Sources or other Surveillance powers to try to identify potential or actual whistleblowers, who try to contact the Intelligence and Security Committee with tip offs, stories, testimony or hard evidence, regarding issues which the senior management of the agencies might not actually be aware of e.g. regarding knowledge or suspicion of the use of torture etc.
  2. They will not try to get the Police to conduct such "ISC whistleblower hunts" on their behalf and will forbid Foreign Intelligence Agency partners from doing so either.
  3. Contacting or actually giving evidence to the ISC will not affect an individual's Security Vetting / Clearance.
  4. Contacting or actually giving evidence to the ISC will not affect existing or future commercial contracts let by the intelligence agencies
Unless a current or future UK whistleblower can make use of the Intelligence and Security Committee, to get real or imagined wrongdoing properly investigated, without the risk of pre-emptive or post facto retaliation by the Intelligence Agencies, then it is more likely that they will simply dump their evidence anonymously to the internet at large, instead of using newspapers to (in most cases) responsibly publish them and raise legitimate democratic issues, like the NSA whistleblower Edward Snowden has done.

Promises about Whistleblower Protection are not enough on their own

Even if the ISC does extract such Whistleblower Protection promises from the current heads of the Intelligence Agencies, these need to be codfied into law, backed up by criminal sanctions, to bind their successors.

In addition, the ISC still needs to use suffcient technological and human counter espionage measures, because Hostile Foreign Intelligence Services (whether "enemies" or "allies") and criminals will also be targeting the Members of the Committee and their staff and families, to try to glean the identities of the Committee's confidential contacts and sources.

Will this Open Evidence session actually reassure the sceptics (like Spy Blog) of the effectiveness of the scrutiny provided by the Intelligence and Security Committee ?

Or will it be little more than a recital of how everything that the Intelligence Agencies do is lawful and that they should be trusted regardless ?

Send your own Questions (or tip offs) to the ISC

You can send the Intelligence and Security Committee an email with your own Questions or even tentative first approaches with a view to giving evidence in private via:

which will be encrypted in transit on the network, but which will be vulnerable to GCHQ and NSA and other snoopers whilst on the public internet.

Postal address is:

Intelligence and Security Committee
35 Great Smith Street

You are also welcome to send your Questions anonymously to Spy Blog, which will then be passed on to them as securely and as anonymously as possible:

Spy Blog PGP public encryption key for

After being hastily cancelled in the first week of July 2013, the Intelligence and Security Committee has again announced the "historic" first ever open oral evidence taking session with the three heads of the UK's intelligence agencies.

23 October 2013
posted 23 Oct 2013 03:04 by ISC Admin
Open Evidence Session

At 14:00 on Thursday 7 November, the Intelligence and Security Committee of Parliament will be holding an Open Evidence Session with the three heads of the UK Intelligence Agencies:

Sir Iain Lobban, Director, GCHQ;
Mr Andrew Parker, Director General, Security Service; and
Sir John Sawers, Chief, Secret Intelligence Service.

No doubt all three are rehearesing what they will say and are being given taxpayer funded TV media coaching, so that they do not make fools of themselves in public.

Sir John Sawers a former Ambassador and British Permanent Representative to the United Nations, is likely to have most experience with the media, but the ISC is unlikely to ask any of the tree of them any hard questions.

This will be the Committee's first Open Evidence Session: it will be the first time the three heads of the Intelligence Agencies have appeared in public together to talk about their work.

The session will give an insight into the world of intelligence, and the work the Agencies do on behalf of the UK. It represents a very significant step forward in terms of the openness and transparency of the Agencies. The Committee will question the Agency Heads on the work of the Agencies, their current priorities and the threats to the UK. Among other things it will cover the terrorist threat, regional instability and weapons proliferation, cyber security and espionage.

The sort of things readers of the censored ISC Annual Reports have become used to.

However, since this is a public session, it will not cover details of intelligence capabilities or techniques, ongoing operations or sub judice matters. The Committee questions the Agencies about these details in their closed sessions.

So absolutely everything to do with the Edward Snowden revelations will be kept secret.

The session will be held on the Parliamentary estate and will last approximately an hour and a half. It will be broadcast on

Clearly not this is not likely to be a Parliamentary Committee Room in the main Palace of Westminster and the "secure" brutalist bunker architecture of the QE II Conference Centre is part of the Department for Communities and Local Government (DCLG), not part of the Parliamentary Estate.

At a guess one of the Portcullis House Committee rooms might be used as they are already wired up for TV broadcast and which it is easier to smuggle the secret squirrels in and out via the maze of the Norman Shaw Building etc. for security reasons.


Parliamentary Estate boundaries as per Serious Organised Crime and Police Act 2005 section 128 - crossing these boundaries without permission is criminal trespass.

The session will be broadcast on a short time delay. The time delay is a security mechanism to allow the Committee to pause the broadcast if anything is mentioned which might endanger national security or the safety of those working for the Agencies. A similar process was used during the public hearings for the Iraq Inquiry.

There will be a limited number of seats available in the meeting room itself. For security reasons, the Committee has agreed that for this first Open Session these seats will be available to full Parliamentary pass holders and a small number of print journalists only. A notification of the event has been posted on the parliamentary intranet and pass holders have been invited to apply for a seat, which will be allocated on a 'first come, first served' basis.

Media arrangements are being dealt with separately.

The week before and the weekend after this "historic" session, there is likely to be a lot of Whitehall "media handling" and spin to manipulate the usual suspect newspapers and broadcast media to emphasise the official line and to ignore the unanswered (and probably unasked) questions.

Submit Questions for the ISC to ask the heads of GCHQ, MI5 & SIS

We invite Spy Blog readers to submit their own Questions for the heads of the UK Intelligence Agencies either for the open session or for the closed one, either directly to the ISC:

Postal Address

Intelligence and Security Committee
35 Great Smith Street

Email Address

Alternatively, if you suspect that you may be tracked and monitored by the Intelligence Agencies, especially if you are a current or former employee, Spy Blog will pass on your Questions as anonymously as possible on your behalf.

Spy Blog PGP public encryption key for
Fingerprint: F529 A804 A171 548E B2B7 A724 A165 A294 80CF AA4C
expires on 6th September 2014

See also Spy Blog's Technical Hints and Tips for protecting the anonymity of sources for
Whistleblowers, Investigative Journalists, Campaign Activists and Political Bloggers etc.

Intelligence agency staff whistleblower protection

The ISC has the theoretical power to protect actual witnesses giving evidence from any criminal or civil prosecutions or internal disciplinary measures. This is all very well for hiding the sins and errors of the heads or former heads or senior staff of the intelligence agencies, but is not adequate for more junior staff or contractors, whose evidence or testimony may contradict or may have been hidden from the more senior staff. These people risk their security clearances and commercial contracts if they speak out and so should get extra protection.

There should be whistleblower protection afforded by the Intelligence and Security Committe, similar to that outlined in our correspondence with the Detainee Inquiry (which was nobbled when trying to look into allegations of torture complicity by the UK intelligence services & MOD etc.)

Witness but not whistleblower protection for the Detainee Inquiry into torture complicity of MI5, SIS, GCHQ

Without this, middle level or senior intelligence agency staff, fearful for their own jobs, could well authorise the deployment of the full panoply of their state backed surveillance powers in a "mole hunt" exercise, self-justified on "internal national security" grounds, to try to identify who has attempted to "spill the beans" to the Intelligence and Security Committee, regardless of whether they actually go through with it or actually say anything really controversial.


Jemima Khan, Henry Porter and William Sieghart invite you to:

Mass Surveillance The debate in Britain must not be silenced

Twitter: @stopbuggingusUK
Twitter hashtags: #debatestartshere and #stopbuggingus

Tickets via email:


RIBA (Royal Institute of British Architects)
66 Portland Place
London W1B 1AD

Google Map

When ?

Monday 4th November 2013

6.45pm to 9.00pm [N.B. it now looks to be starting at 6.30]

Confirmed Speakers:

Alan Rusbridger (editor of The Guardian)
David Davis MP
Sir Simon Jenkins
Jo Glanville (PEN)
Tom Watson MP
Wolfgang Büchner (Editor-in-Chief, Der Spiegel)
Julian Huppert MP

It would be better if some proponents / defenders of the current surveillance state were willing to try to justify the status quo in the light of the Edward Snowden revelations as these speakers are all very likely to agree with each other.

The proximity of this event to the BBC and the presence of some print / online media editors should ensure some media coverage.

Remember that there will be a Whitehall led "media handling" / spinning campaign in the run up to the potentially very dull Intelligence and Security Committee televised open evidence session with the heads of the the three UK intelligence agencies (invited print media only in the audience) on Thursday 7th November 2013. There needs to be media coverage which counters the likely spin.

The meeting location is opposite the Chinese Embassy . Will the nearby Met Police / MI5 surveillance teams now "accidentally" log all the meeting attendees' mobile phones & add their CCTV images to their political "extremist" databases ?

Hopefully any Spy Blog readers who do attend will leave their usual mobile phones at home and / or will have registered via a disposable, one time email alias.

The Observer carries an extraordinarily worrying claim by Sir Malcolm Rifkind the chair of the supposedly independent Intelligence and Security Committee, which is supposed to provide statutory oversight of the intelligence agencies, in debate with Henry Porter.

Henry Porter v Malcolm Rifkind: surveillance and the free society

Malcolm Rifkind and Henry Porter
The Observer, Saturday 24 August 2013 20.49 BST


What you clearly don't understand is that the ISC has two duties, not one. The first is to criticise and condemn the intelligence agencies if they exceed their powers or act foolishly. The second, just as important, is to defend them and declare their innocence when unfairly attacked by journalists or politicians. They cannot defend themselves. We are determined to do so, but only when the facts justify it.


According the Intelligence Services Act 1994 which set up the Intelligence and Security Committee, its remit was:

10 The Intelligence and Security Committee.

1)There shall be a Committee, to be known as the Intelligence and Security Committee and in this section referred to as "the Committee ", to examine the expenditure, administration and policy of--
(a)the Security Service;
(b)the Intelligence Service; and

The recent Justice and Security Act 2013 slightly increases the powers of the ISC, but its purpose and duty remains the same

Main functions of the ISC

(1)The ISC may examine or otherwise oversee the expenditure, administration, policy and operations of--
(a)the Security Service,
(b)the Secret Intelligence Service, and
(c)the Government Communications Headquarters.

(2)The ISC may examine or otherwise oversee such other activities of Her Majesty's Government in relation to intelligence or security matters as are set out in a memorandum of understanding.

Therefore the duty of the Intelligence and Security Committee is the first role of scrutiny but not the second of public relations !

The ISC has no legal remit to

defend them and declare their innocence when unfairly attacked by journalists or politicians

It is nonsense to pretend that

they cannot defend themselves

There is no legal barrier to the heads of Mi5, MI6 and GCHQ from giving public interviews themselves or having official spokesmen and official press releases to counteract any unfounded rumours and speculation.

Each of these intelligence agencies is supposedly politically answerable to either the Home Secretary or the Foreign Secretary, both of whose departments employ a surfeit of public relations and media spin doctors, who could and should issue official, on the record, public statements on behalf of the intelligence agencies as required.

The practice of "anonymous Whitehall sources", selectively officially briefing journalists in secret, fools nobody except themselves.

The Home Secretary, the Foreign Secretary or the Prime Minister should te the ones defending the intelligence agencies. They should resign if and when the intelligence agencies are caught out having exceeded their democratically ethically acceptable roles, whether or not the agencies have been acting under the legal cover of a carte blanche under the UK's sneakily worded laws, which make it almost impossible for them to act illegally.

The Intelligence and Security Committee must not be seen to be fulfilling the role of a public relations department for the intelligence agencies, as this looks like a conflict of interest and destroys public trust in the whole system of supposed Parliamentary scrutiny .

Unfortunately that is exactly what it seems to have become under the chairmanship of Sir Malcolm Rifkind, who, incredibly, is making Spy Blog look back to previous Labour chairs of the ISC with a hint of nostalgia.


The recent Washington Post article via whistleblower Edward Snowden, NSA report on privacy violations in the first quarter of 2012 has a few figures, which were never intended to be made public about the inevitable errors in large scale interception and communication data / "metadata" trawling by the United States' National Security Agency (NSA)

Without any individual detail, there is mention of completely predictable errors such as transposing or mis-typing the digits of a telephone number, or failing to narrow a database query sufficiently, either on the original authorisation documentation or at a later stage by a human analyst.

There are also worrying mentions of what are claimed to be merely massive automated data snooping cockups, which can be interpreted as hints of illegal activity e.g. snooping on all telephone traffic in Washington D.C. (area code 202) during an election year when automated equipment was supposedly "only" snooping on all international phone calls to / from Egypt (international phone prefix 20). Why was that not noticed after an hour or at most a day ?

The NSA spin doctors claim that only a tiny percentage of their vast snooping schemes are affected by such (admitted) mistakes, which may reassure US citizens that they are mostly not being snooped on by the NSA, deliberately or accidentally, but that is of no comfort whatsoever to United Kingdom and other "foreign" citizens.

For Spy Blog and the other few readers of the United Kingdom's Regulation of Investigatory Powers Act 2000 Commissioner' Annual reports, anodyne, detail free "audits" of the secret surveillance snoopers are familiar and depressing.

However, if we assume that the public servants in the NSA Signals Intelligence Directorate's (SID) director of oversight and compliance office and the UK's Interception of Communications Commissioner have tried to do an honest job, with their deliberately limited resources, the figures which have been not published but revealed (USA) or which have been published & censored (UK) should be compared:


leaked NSA Privacy Violations 2011 - 2012 (.pdf)

Figure 1a
: Table of the Number of NSAW SID-reported Incidents by Authority

E.O. 12333396390601670

i.e. 2776 "privacy violations" = "unauthorized collection, storage, access to or distribution of legally protected communications" in 2012, just for the main NSA HQ at Fort Meade in Maryland, not including its other big centres in USA :Augusta, Georgia; San Antonio, Texas; Honolulu, Hawaii; Denver, Colorado. or foreign stations like Menwith Hill in the UK.


2012 Annual Report of the Interception of Communications Commissioner (.pdf)

page 15
2012 Annual Report of the Interception of Communications Commissioner

6.4 Interception Errors

Figure 4 - Total Number of Intercept Errors over the previous 5 years


During the reporting year, 55 errors / breaches were reported to my office by public authorities.


N.B. GCHQ only admits to 8 intercept errors, 3 of which were from the previous reporting period i.e. only 5 for 2012..

Compare this with the over 2700 "privacy violations" admitted to in secret by the NSA for 2012.

Page 27 About half a million Communications Data requests per year for all UK intelligence agencies, police forces, local authorities etc.


Page 28 Just under 1000 Communications Data errors in the last year for all UK intelligence agencies, police forces, local authorities etc.


This figure is higher than the previous year (895). However, as the number of requests has increased by 15% this year, the overall error percentage has actually reduced from 0.18% in 2011 to 0.17% in 2012. I am satisfied that the overall error rate is still low when compared to the number of requests that were made during the course of the reporting year

Less than 0.2% error rate for all of the United Kingdom's Intelligence Agencies, Police Forces, Local Authorities etc.

N.B. the Interception of Communications Commissioner only audits a tiny sample of the half a million or so Communications Data requests each year.

The UK'S GCHQ has about 6,000 employees worldwide compared with the estimated 37,000 to 40,000 at the USA's NSA i.e. about 7 times as many in total, probably at least 3 or 4 times as many (more than 20,000) at the Fort Meade HQ and nearby facilities which are the subject of the leaked audit report.

The likelyhood of human errors e.g. transpositions of telephone number digits etc. must be similar in both organisations and the technology appears to be identical in many cases, so why is there an apparent discrepancy between the two sets of figures ?

Is the NSA in Maryland really orders of magnitude more error prone than GCHQ, even allowing for its bigger size, or are the UK's publicly published figures seriously mis-reporting or covering up the real number of GCHQ intercept errors ?

How does over 2700 "privacy violations" a year compare with only low single figures for GCHQ intercepts and less than a thousand Communications Data errors a year for the whole of the United Kingdom, including GCHQ plus the other two UK intelligence agencies, the 50 or so Police Forces and the several hundred albeit low level users of Communications Data (Local Authorities mobile phone subscriber name & address lookups mostly) i.e. National Security and general crime and regulatory infringements

N.B. It is scandalous that the UK Communications Data figures are not broken down by agency.

There is no conceivable tactical impact on any ongoing counter espionage or counter terrorism investigations which could be harmed by publishing, openly, the figures and percentages of self defined, self reported vague "privacy violations", even broken down by database access programme codeword / cover name.

Both NSA and GCHQ should publish such data openly, so that their respective bosses i.e. politicians and the people, can get a vague idea as to whether privacy violations are on the increase or not and can adjust their policies and budgets accordingly.

About this blog

This United Kingdom based blog attempts to draw public attention to, and comments on, some of the current trends in ever cheaper and more widespread surveillance technology being deployed to satisfy the rapacious demand by state and corporate bureaucracies and criminals for your private details, and the technological ignorance of our politicians and civil servants who frame our legal systems.

The hope is that you the readers, will help to insist that strong safeguards for the privacy of the individual are implemented, especially in these times of increased alert over possible terrorist or criminal activity. If the systems which should help to protect us can be easily abused to supress our freedoms, then the terrorists will have won.

We know that there are decent, honest, trustworthy individual politicians, civil servants, law enforcement, intelligence agency personnel and broadcast, print and internet journalists etc., who often feel powerless or trapped in the system. They need the assistance of external, detailed, informed, public scrutiny to help them to resist deliberate or unthinking policies, which erode our freedoms and liberties.

Email & PGP Contact

Please feel free to email your views about this blog, or news about the issues it tries to comment on.


Our PGP public encryption key is available for those correspondents who wish to send us news or information in confidence, and also for those of you who value your privacy, even if you have got nothing to hide.

We offer this verifiable GPG / PGP public key (the ID is available on several keyservers, twitter etc.) as one possible method to establish initial contact with whistleblowers and other confidential sources, if it suits their Threat Model or Risk Appetite, but will then try to establish other secure, anonymous communications channels e.g. encrypted Signal Messenger via burner devices,or face to face meetings, postal mail or dead drops etc. as appropriate.

Current PGP Key ID: 0x1DBD6A9F0FACAD30 which will expire on 29th August 2021.

You can download a free copy of the PGP encryption software from
(available for most of the common computer operating systems, and also in various Open Source versions like GPG)

We look forward to the day when UK Government Legislation, Press Releases and Emails etc. are Digitally Signed so that we can be assured that they are not fakes. Trusting that the digitally signed content makes any sense, is another matter entirely.

Hints and Tips for Whistleblowers and Political Dissidents

Please take the appropriate precautions if you are planning to blow the whistle on shadowy and powerful people in Government or commerce, and their dubious policies. The mainstream media and bloggers also need to take simple precautions to help preserve the anonymity of their sources e.g. see Spy Blog's Hints and Tips for Whistleblowers - or use this easier to remember link:

BlogSafer - wiki with multilingual guides to anonymous blogging

Digital Security & Privacy for Human Rights Defenders manual, by Irish NGO Frontline Defenders.

Everyone’s Guide to By-Passing Internet Censorship for Citizens Worldwide (.pdf - 31 pages), by the Citizenlab at the University of Toronto.

Handbook for Bloggers and Cyber-Dissidents - March 2008 version - (2.2 Mb - 80 pages .pdf) by Reporters Without Borders

Reporters Guide to Covering the Beijing Olympics by Human Rights Watch.

A Practical Security Handbook for Activists and Campaigns (v 2.6) (.doc - 62 pages), by experienced UK direct action political activists

Anonymous Blogging with Wordpress & Tor - useful step by step guide with software configuration screenshots by Ethan Zuckerman at Global Voices Advocacy. (updated March 10th 2009 with the latest Tor / Vidalia bundle details)


Watching Them, Watching Us

London 2600

Our UK Freedom of Information Act request tracking blog - ethical and technical discussion about the project for anonymous mass leaking of documents etc.

Privacy and Security

Privacy International
United Kingdom Privacy Profile (2011)

Cryptome - censored or leaked government documents etc.

Identity Project report by the London School of Economics
Surveillance & Society the fully peer-reviewed transdisciplinary online surveillance studies journal

Statewatch - monitoring the state and civil liberties in the European Union

The Policy Laundering Project - attempts by Governments to pretend their repressive surveillance systems, have to be introduced to comply with international agreements, which they themselves have pushed for in the first place

International Campaign Against Mass Surveillance

ARCH Action Rights for Children in Education - worried about the planned Children's Bill Database, Connexions Card, fingerprinting of children, CCTV spy cameras in schools etc.

Foundation for Information Policy Research
UK Crypto - UK Cryptography Policy Discussion Group email list

Technical Advisory Board on internet and telecomms interception under RIPA

European Digital Rights

Open Rights Group - a UK version of the Electronic Frontier Foundation, a clearinghouse to raise digital rights and civil liberties issues with the media and to influence Governments.

Digital Rights Ireland - legal case against mandatory EU Comms Data Retention etc.

Blindside - "What’s going to go wrong in our e-enabled world? " blog and wiki and Quarterly Report will supposedly be read by the Cabinet Office Central Sponsor for Information Assurance. Whether the rest of the Government bureaucracy and the Politicians actually listen to the CSIA, is another matter.

Biometrics in schools - 'A concerned parent who doesn't want her children to live in "1984" type society.'

Human Rights

Liberty Human Rights campaigners

British Institute of Human Rights
Amnesty International

Prevent Genocide International

asboconcern - campaign for reform of Anti-Social Behavior Orders

Front Line Defenders - Irish charity - Defenders of Human Rights Defenders

Internet Censorship

OpenNet Initiative - researches and measures the extent of actual state level censorship of the internet. Features a blocked web URL checker and censorship map.

Committee to Protect Bloggers - "devoted to the protection of bloggers worldwide with a focus on highlighting the plight of bloggers threatened and imprisoned by their government."

Reporters without Borders internet section - news of internet related censorship and repression of journalists, bloggers and dissidents etc.

Judicial Links

British and Irish Legal Information Institute - publishes the full text of major case Judgments

Her Majesty's Courts Service - publishes forthcoming High Court etc. cases (but only in the next few days !)

House of Lords - The Law Lords are currently the supreme court in the UK - will be moved to the new Supreme Court in October 2009.

Information Tribunal - deals with appeals under FOIA, DPA both for and against the Information Commissioner

Investigatory Powers Tribunal - deals with complaints about interception and snooping under RIPA - has almost never ruled in favour of a complainant.

Parliamentary Opposition

The incompetent yet authoritarian Labour party have not apologised for their time in Government. They are still not providing any proper Opposition to the current Conservative - Liberal Democrat coalition government, on any freedom or civil liberties or privacy or surveillance issues.

UK Government

Home Office - "Not fit for purpose. It is inadequate in terms of its scope, it is inadequate in terms of its information technology, leadership, management systems and processes" - Home Secretary John Reid. 23rd May 2006. Not quite the fount of all evil legislation in the UK, but close.

No. 10 Downing Street Prime Minister's Official Spindoctors

Public Bills before Parliament

United Kingdom Parliament
Home Affairs Committee of the House of Commons.

House of Commons "Question Book"

UK Statute Law Database - is the official revised edition of the primary legislation of the United Kingdom made available online, but it is not yet up to date.

FaxYourMP - identify and then fax your Member of Parliament
WriteToThem - identify and then contact your Local Councillors, members of devolved assemblies, Member of Parliament, Members of the European Parliament etc.
They Work For You - House of Commons Hansard made more accessible ? UK Members of the European Parliament

Read The Bills Act - USA proposal to force politicians to actually read the legislation that they are voting for, something which is badly needed in the UK Parliament.

Bichard Inquiry delving into criminal records and "soft intelligence" policies highlighted by the Soham murders. (taken offline by the Home Office)

ACPO - Association of Chief Police Officers - England, Wales and Northern Ireland
ACPOS Association of Chief Police Officers in Scotland

Online Media

Boing Boing

Need To Know [now defunct]

The Register

NewsNow Encryption and Security aggregate news feed
KableNet - UK Government IT project news - UK eGovernment and public sector IT news
eGov Monitor

Ideal Government - debate about UK eGovernment

NIR and ID cards

Stand - email and fax campaign on ID Cards etc. [Now defunct]. The people who supported have gone on to set up other online tools like The Government's contemptuous dismissal of over 5,000 individual responses via the website to the Home Office public consultation on Entitlement Cards is one of the factors which later led directly to the formation of the the NO2ID Campaign who have been marshalling cross party opposition to Labour's dreadful National Identity Register compulsory centralised national biometric database and ID Card plans, at the expense of simpler, cheaper, less repressive, more effective, nore secure and more privacy friendly alternative identity schemes.

NO2ID - opposition to the Home Office's Compulsory Biometric ID Card
NO2ID bulletin board discussion forum

Home Office Identity Cards website
No compulsory national Identity Cards (ID Cards) BBC iCan campaign site
UK ID Cards blog
NO2ID press clippings blog
CASNIC - Campaign to STOP the National Identity Card.
Defy-ID active meetings and protests in Glasgow - New Alliance's ID Cards page - total rejection of any UK ID Card

International Civil Aviation Organisation - Machine Readable Travel Documents standards for Biometric Passports etc.
Anti National ID Japan - controversial and insecure Jukinet National ID registry in Japan
UK Biometrics Working Group run by CESG/GCHQ experts etc. the UK Government on Biometrics issues feasability
Citizen Information Project feasability study population register plans by the Treasury and Office of National Statistics - comments and links to each paragraph of the Home Office's "Strategic Action Plan for the National Identity Scheme".

De-Materialised ID - "The voluntary alternative to material ID cards, A Proposal by David Moss of Business Consultancy Services Ltd (BCSL)" - well researched analysis of the current Home Office scheme, and a potentially viable alternative.

Surveillance Infrastructures

National Roads Telecommunications Services project - infrastruture for various mass surveillance systems, CCTV, ANPR, PMMR imaging etc.

CameraWatch - independent UK CCTV industry lobby group - like us, they also want more regulation of CCTV surveillance systems.

Every Step You Take a documentary about CCTV surveillance in the Uk by Austrian film maker Nino Leitner.

Transport for London an attempt at a technological panopticon - London Congestion Charge, London Low-Emission Zone, Automatic Number Plate Recognition cameras, tens of thousands of CCTV cameras on buses, thousands of CCTV cameras on London Underground, realtime road traffic CCTV, Iyster smart cards - all handed over to the Metropolitan Police for "national security" purposes, in real time, in bulk, without any public accountibility, for secret data mining, exempt from even the usual weak protections of the Data Protection Act 1998.

RFID Links

RFID tag privacy concerns - our own original article updated with photos

NoTags - campaign against individual item RFID tags
Position Statement on the Use of RFID on Consumer Products has been endorsed by a large number of privacy and human rights organisations.
RFID Privacy Happenings at MIT
Surpriv: RFID Surveillance and Privacy
RFID Scanner blog
RFID Gazette
The Sorting Door Project blog - where we sometimes crosspost RFID articles

Genetic Links

DNA Profiles - analysis by Paul Nutteing
GeneWatch UK monitors genetic privacy and other issues
Postnote February 2006 Number 258 - National DNA Database (.pdf) - Parliamentary Office of Science and Technology

The National DNA Database Annual Report 2004/5 (.pdf) - published by the NDNAD Board and ACPO.

Eeclaim Your DNA from Britain's National DNA Database - model letters and advice on how to have your DNA samples and profiles removed from the National DNA Database,in spite of all of the nureacratic obstacles which try to prevent this, even if you are innocent.

Miscellanous Links

Michael Field - Pacific Island news - no longer a paradise - John Gilmore versus USA internal flight passports and passenger profiling etc.

The BUPA Seven - whistleblowers badly let down by the system.

Tax Credit Overpayment - the near suicidal despair inflicted on poor, vulnerable people by the then Chancellor Gordon Brown's disasterous Inland Revenue IT system.

Fassit UK - resources and help for those abused by the Social Services Childrens Care bureaucracy

Former Spies

MI6 v Tomlinson - Richard Tomlinson - still being harassed by his former employer MI6

Martin Ingram, Welcome To The Dark Side - former British Army Intelligence operative in Northern Ireland.

Operation Billiards - Mitrokhin or Oshchenko ? Michael John Smith - seeking to overturn his Official Secrets Act conviction in the GEC case.

The Dirty Secrets of MI5 & MI6 - Tony Holland, Michael John Smith and John Symond - stories and chronologies.

Naked Spygirl - Olivia Frank

Blog Links blog - Comments on IT security and Privacy or the lack thereof.
Rat's Blog -The Reverend Rat writes about London street life and technology
Duncan Drury - wired adventures in Tanzania & London
Dr. K's blog - Hacker, Author, Musician, Philosopher

David Mery - falsely arrested on the London Tube - you could be next.

James Hammerton
White Rose - a thorn in the side of Big Brother
Big Blunkett
Into The Machine - formerly "David Blunkett is an Arse" by Charlie Williams and Scribe
infinite ideas machine - Phil Booth
Louise Ferguson - City of Bits
Chris Lightfoot
Oblomovka - Danny O'Brien

Liberty Central

dropsafe - Alec Muffett
The Identity Corner - Stefan Brands
Kim Cameron - Microsoft's Identity Architect
Schneier on Security - Bruce Schneier
Politics of Privacy Blog - Andreas Busch
solarider blog

Richard Allan - former Liberal Democrat MP for Sheffield Hallam
Boris Johnson Conservative MP for Henley
Craig Murray - former UK Ambassador to Uzbekistan, "outsourced torture" whistleblower

Howard Rheingold - SmartMobs
Global Guerrillas - John Robb
Roland Piquepaille's Technology Trends

Vmyths - debunking computer security hype

Nick Leaton - Random Ramblings
The Periscope - Companion weblog to journalist network.
The Practical Nomad Blog Edward Hasbrouck on Privacy and Travel
Policeman's Blog
World Weary Detective

Martin Stabe
B2fxxx - Ray Corrigan
Matt Sellers
Grits for Breakfast - Scott Henson in Texas
The Green Ribbon - Tom Griffin
Guido Fawkes blog - Parliamentary plots, rumours and conspiracy.
The Last Ditch - Tom Paine
The (e)State of Tim - Tim Hicks
Ilkley Against CCTV
Tim Worstall
Bill's Comment Page - Bill Cameron
The Society of Qualified Archivists
The Streeb-Greebling Diaries - Bob Mottram

Your Right To Know - Heather Brooke - Freedom off Information campaigning journalist

Ministry of Truth _ Unity's V for Vendetta styled blog.

Bloggerheads - Tim Ireland

W. David Stephenson blogs on homeland security et al.
EUrophobia - Nosemonkey

Blogzilla - Ian Brown

BlairWatch - Chronicling the demise of the New Labour Project

dreamfish - Robert Longstaff

Informaticopia - Rod Ward


The Musings of Harry

Chicken Yoghurt - Justin McKeating

The Red Tape Chronicles - Bob Sullivan MSNBC

Campaign Against the Legislative and Regulatory Reform Bill

Stop the Legislative and Regulatory Reform Bill

Rob Wilton's esoterica

panGloss - Innovation, Technology and the Law

Arch Rights - Action on Rights for Children blog

Database Masterclass - frequently asked questions and answers about the several centralised national databases of children in the UK.


Moving On

Steve Moxon blog - former Home Office whistleblower and author.

Al-Muhajabah's Sundries - anglophile blog

Architectures of Control in Design - Dan Lockton

rabenhorst - Kai Billen (mostly in German)

Nearly Perfect Privacy - Tiffany and Morpheus

Iain Dale's Diary - a popular Conservative political blog

Brit Watch - Public Surveillance in the UK - Web - Email - Databases - CCTV - Telephony - RFID - Banking - DNA

BLOGDIAL - smart mobile phone forensics, information security, computer security and digital forensics by a couple of Australian researchers

Ralph Bendrath

Financial Cryptography - Ian Grigg et al.

UK Liberty - A blog on issues relating to liberty in the UK

Big Brother State - "a small act of resistance" to the "sustained and systematic attack on our personal freedom, privacy and legal system"

HosReport - "Crisis. Conspiraciones. Enigmas. Conflictos. Espionaje." - Carlos Eduardo Hos (in Spanish)

"Give 'em hell Pike!" - Frank Fisher

Corruption-free Anguilla - Good Governance and Corruption in Public Office Issues in the British Overseas Territory of Anguilla in the West Indies - Don Mitchell CBE QC

geeklawyer - intellectual property, civil liberties and the legal system

PJC Journal - I am not a number, I am a free Man - The Prisoner

Charlie's Diary - Charlie Stross

The Caucus House - blog of the Chicago International Model United Nations

Famous for 15 Megapixels

Postman Patel

The 4th Bomb: Tavistock Sq Daniel's 7:7 Revelations - Daniel Obachike

OurKingdom - part of OpenDemocracy - " will discuss Britain’s nations, institutions, constitution, administration, liberties, justice, peoples and media and their principles, identity and character"

Beau Bo D'Or blog by an increasingly famous digital political cartoonist.

Between Both Worlds - "Thoughts & Ideas that Reflect the Concerns of Our Conscious Evolution" - Kingsley Dennis

Bloggerheads: The Alisher Usmanov Affair - the rich Uzbek businessman and his shyster lawyers Schillings really made a huge counterproductive error in trying to censor the blogs of Tim Ireland, of all people.

Matt Wardman political blog analysis

Henry Porter on Liberty - a leading mainstream media commentator and opinion former who is doing more than most to help preserve our freedom and liberty.

HMRC is shite - "dedicated to the taxpayers of Britain, and the employees of the HMRC, who have to endure the monumental shambles that is Her Majesty's Revenue and Customs (HMRC)."

Head of Legal - Carl Gardner a former legal advisor to the Government

The Landed Underclass - Voice of the Banana Republic of Great Britain

Henrik Alexandersson - Swedish blogger threatened with censorship by the Försvarets Radioanstalt (FRA), the Swedish National Defence Radio Establishement, their equivalent of the UK GCHQ or the US NSA.

World's First Fascist Democracy - blog with link to a Google map - "This map is an attempt to take a UK wide, geographical view, of both the public and the personal effect of State sponsored fear and distrust as seen through the twisted technological lens of petty officials and would be bureaucrats nationwide."

Blogoir - Charles Crawford - former UK Ambassodor to Poland etc.

No CCTV - The Campaign against CCTV

Barcode Nation - keeping two eyes on the database state.

Lords of the Blog - group blog by half a dozen or so Peers sitting in the House of Lords.

notes from the ubiquitous surveillance society - blog by Dr. David Murakami Wood, editor of the online academic journal Surveillance and Society

Justin Wylie's political blog

Panopticon blog - by Timothy Pitt-Payne and Anya Proops. Timothy Pitt-Payne is probably the leading legal expert on the UK's Freedom of Information Act law, often appearing on behlaf of the Information Commissioner's Office at the Information Tribunal.

Armed and Dangerous - Sex, software, politics, and firearms. Life’s simple pleasures… - by Open Source Software advocate Eric S. Raymond.

Georgetown Security Law Brief - group blog by the Georgetown Law Center on National Security and the Law , at Georgtown University, Washington D.C, USA.

Big Brother Watch - well connected with the mainstream media, this is a campaign blog by the TaxPayersAlliance, which thankfully does not seem to have spawned Yet Another Campaign Organisation as many Civil Liberties groups had feared.

Spy on Moseley - "Sparkbrook, Springfield, Washwood Heath and Bordesley Green. An MI5 Intelligence-gathering operation to spy on Muslim communities in Birmingham is taking liberties in every sense" - about 150 ANPR CCTV cameras funded by Home Office via the secretive Terrorism and Allied Matters (TAM) section of ACPO.

FitWatch blog - keeps an eye on the activities of some of the controversial Police Forward Intelligence Teams, who supposedly only target "known troublemakers" for photo and video surveillance, at otherwise legal, peaceful protests and demonstrations.

Other Links

Spam Huntress - The Norwegian Spam Huntress - Ann Elisabeth

Fuel Crisis Blog - Petrol over £1 per litre ! Protest !
Mayor of London Blog
London Olympics 2012 - NO !!!!

Cool Britannia


Free Gary McKinnon - UK citizen facing extradition to the USA for "hacking" over 90 US Military computer systems.

Parliament Protest - information and discussion on peaceful resistance to the arbitrary curtailment of freedom of assembly and freedom of speech, in the excessive Serious Organised Crime and Police Act 2005 Designated Area around Parliament Square in London.

Brian Burnell's British / US nuclear weapons history at

Syndicate this site (XML):

Follow Spy Blog on Twitter

For those of you who find it convenient, there is now a Twitter feed to alert you to new Spy Blog postings.

Please bear in mind the many recent, serious security vulnerabilities which have compromised the Twitter infrastructure and many user accounts, and Twitter's inevitable plans to make money out of you somehow, probably by selling your Communications Traffic Data to commercial and government interests. (same window)

Recent Comments

  • wtwu: NetIDMe seems to be in process of being wound up read more
  • wtwu: The House of Lords have approved the Regulations, without a read more
  • wtwu: Data Retention and Investigatory Powers Bill Government Note on the read more
  • wtwu: The former Customs Officer and the others involved in dealing read more
  • wtwu: BBC reports the password was $ur4ht4ub4h8 When Hussain was read more
  • wtwu: "only" an extra 4 months in prison for failing to read more
  • wtwu: Although not confirmed as part of the Wilson Doctrine per read more
  • wtwu: For now (just before Christmas 2013) it appears that the read more
  • wtwu: As expected, the ISC did not give the intelligence agency read more
  • wtwu: N.B. the Intelligence & Security Committee is now legally consituted read more


Monthly Archives

August 2020

Sun Mon Tue Wed Thu Fri Sat
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 31          

UK Legislation

The United Kingdom suffers from tens of thousands of pages of complicated criminal laws, and thousands of new, often unenforceable criminal offences, which have been created as a "Pretend to be Seen to Be Doing Something" response to tabloid media hype and hysteria, and political social engineering dogmas. These overbroad, catch-all laws, which remove the scope for any judicial appeals process, have been rubber stamped, often without being read, let alone properly understood, by Members of Parliament.

The text of many of these Acts of Parliament are now online, but it is still too difficult for most people, including the police and criminal justice system, to work out the cumulative effect of all the amendments, even for the most serious offences involving national security or terrorism or serious crime.

Many MPs do not seem to bother to even to actually read the details of the legislation which they vote to inflict on us.

UK Legislation Links

UK Statute Law Database - is the official revised edition of the primary legislation of the United Kingdom made available online, but it is not yet up to date.

UK Commissioners

UK Commissioners some of whom are meant to protect your privacy and investigate abuses by the bureaucrats.

UK Intelligence Agencies

Intelligence and Security Committee - the supposedly independent Parliamentary watchdog which issues an annual, heavily censored Report every year or so. Currently chaired by the Conservative Sir Malcolm Rifkind. Why should either the intelligence agencies or the public trust this committee, when the untrustworthy ex-Labour Minister Hazel Blears is a member ?

Anti-terrorism hotline - links removed in protest at the Climate of Fear propaganda posters

MI5 Security Service
MI5 Security Service - links to encrypted reporting form removed in protest at the Climate of Fear propaganda posters

syf_logo_120.gif Secure Your Ferliliser logo
Secure Your Fertiliser - advice on ammonium nitrate and urea fertiliser security

cpni_logo_150.gif Centre for the Protection of National Infrastructure
Centre for the Protection of National Infrastructure - "CPNI provides expert advice to the critical national infrastructure on physical, personnel and information security, to protect against terrorism and other threats."

SIS MI6 careers_logo_sis.gif
Secret Intelligence Service (MI6) recruitment.

Government Communications Headquarters GCHQ

National Crime Agency - the replacement for the Serious Organised Crime Agency

Defence Advisory (DA) Notice system - voluntary self censorship by the established UK press and broadcast media regarding defence and intelligence topics via the Defence, Press and Broadcasting Advisory Committee.

Foreign Spies / Intelliegence Agencies in the UK

It is not just the UK government which tries to snoop on British companies, organisations and individuals, the rest of the world is constantly trying to do the same, regardless of the mixed efforts of our own UK Intelligence Agencies who are paid to supposedly protect us from them.

For no good reason, the Foreign and Commonwealth Office only keeps the current version of the London Diplomatic List of accredited Diplomats (including some Foreign Intelligence Agency operatives) online.

Presumably every mainstream media organisation, intelligence agency, serious organised crime or terrorist gang keeps historical copies, so here are some older versions of the London Diplomatic List, for the benefit of web search engine queries, for those people who do not want their visits to appear in the FCO web server logfiles or those whose censored internet feeds block access to UK Government websites.

Campaign Button Links

Watching Them, Watching Us - UK Public CCTV Surveillance Regulation Campaign
UK Public CCTV Surveillance Regulation Campaign

NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card
NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card and National Identity Register centralised database.

Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.
Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.

FreeFarid_150.jpg - Kafkaesque extradition of Farid Hilali under the European Arrest Warrant to Spain

Peaceful resistance to the curtailment of our rights to Free Assembly and Free Speech in the SOCPA Designated Area around Parliament Square and beyond
Parliament Protest blog - resistance to the Designated Area restricting peaceful demonstrations or lobbying in the vicinity of Parliament.

Petition to the European Commission and European Parliament against their vague Data Retention plans
Data Retention is No Solution - Petition to the European Commission and European Parliament against their vague Data Retention plans.

Save Parliament: Legislative and Regulatory Reform Bill (and other issues)
Save Parliament - Legislative and Regulatory Reform Bill (and other issues)

Open Rights Group

The Big Opt Out Campaign - opt out of having your NHS Care Record medical records and personal details stored insecurely on a massive national centralised database.

Tor - the onion routing network
Tor - the onion routing network - "Tor aims to defend against traffic analysis, a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security. Communications are bounced around a distributed network of servers called onion routers, protecting you from websites that build profiles of your interests, local eavesdroppers that read your data or learn what sites you visit, and even the onion routers themselves."

Tor - the onion routing network
Anonymous Blogging with Wordpress and Tor - useful Guide published by Global Voices Advocacy with step by step software configuration screenshots (updated March 10th 2009).

Amnesty International's campaign

BlogSafer - wiki with multilingual guides to anonymous blogging

NGO in a box - Security Edition privacy and security software tools

Home Office Watch blog, "a single repository of all the shambolic errors and mistakes made by the British Home Office compiled from Parliamentary Questions, news reports, and tip-offs by the Liberal Democrat Home Affairs team."

Reporters Without Borders - Reporters Sans Frontières - campaign for journalists 'and bloggers' freedom in repressive countries and war zones.

Committee to Protect Bloggers - "devoted to the protection of bloggers worldwide with a focus on highlighting the plight of bloggers threatened and imprisoned by their government."

Icelanders are NOT terrorists ! - despite Gordon Brown and Alistair Darling's use of anti-terrorism legislation to seize the assets of Icelandic banks.

No CCTV - The Campaign Against CCTV


I'm a Photographer Not a Terrorist !


Power 2010 cross party, political reform campaign


Cracking the Black Box - "aims to expose technology that is being used in inappropriate ways. We hope to bring together the insights of experts and whistleblowers to shine a light into the dark recesses of systems that are responsible for causing many of the privacy problems faced by millions of people."


Open Rights Group - Petition against the renewal of the Interception Modernisation Programme

wblogocrop_150.jpg - Fighting for justice for whistleblowers