I am astonished that still none of our pusillanimous media has published the simple fact that NSA and GCHQ share ALL intelligence reports with each other. Every member of the House of Commons who has ever been in the most junior ministerial position knows this – that amounts to hundreds. So do at least fifty thousand current or retired civil service and military personnel. So do the majority of senior journalists. Yet Hague was allowed to talk round the subject without being challenged about the truth, and the fiction of official secrecy persists.
The Guardian almost published the truth:
“It has been suggested GCHQ uses our partnership with the United States to get around UK law, obtaining information that they cannot legally obtain in the UK. I wish to be absolutely clear that this accusation is baseless. Any data obtained by us from the US involving UK nationals is subject to proper UK statutory controls and safeguards.”
This is the nub of the issue and the foreign secretary’s statement seems to mask a much more complex picture. If a UK agency wanted to tap the phone of a Briton living in the UK, it would have to get ministerial approval through RIPA. But not all telecoms and internet companies are based in the UK – most of the giants have their headquarters in the US. This is where the UK’s relationship with the NSA is critical. If the firm storing the required information is outside RIPA’s authority, GCHQ could ask the NSA for help.
And if the NSA had any relevant intelligence, via Prism or any other programme, it could give it to GCHQ. Strictly speaking, GCHQ would still have needed a RIPA authorisation if it was requesting this material. But if the NSA was offering, the same principles don’t appear to apply.
Matthew Ryder QC said: “It is not the breaking of laws that is most troubling in this area, but the absence of them. Foreigners storing their personal data on US servers have neither the protection that their own domestic laws would give them from their own governments, nor the protection that US citizens have from the US government. It is foreigners, potentially UK citizens in the UK, who are the targets of programmes like Prism.
“Once such data is in the hands of the US authorities, there is no clear legal framework that prevents it from being shared with UK authorities. The Security Service Act 1989 and the Intelligence Services Act 1994 place MI5, MI6 and GCHQ on a statutory basis, and permit those bodies to receive any information from foreign agencies in the ‘proper discharge’ of their statutory functions.
“Under that broad principle, UK agencies may receive and examine data from the US about UK citizens without having to comply with any of the legal requirements they would have to meet if the same agencies had tried to gather that information themselves.”
In fact GCHQ do not have to ask, and NSA do not have specifically to initiate. US citizens are included in the UK Prism operation, and UK citizens are included in the US Prism operation, and the swapping of resulting intelligence reports is an automatic process. So the UK takes the view it is not breaching the guidelines about spying on its own citizens as it is not REQUESTING the NSA to do anything, and vice versa.
It is precisely analogous to our receipt of intelligence from torture, which I was told as Ambassador was perfectly legal as long as we don’t request that the individual be tortured.