U.K. government tapped into PRISM surveillance program

According to a report, the U.K. government allegedly bypassed international intelligence-sharing treaties by piggybacking on the NSA's reported PRISM network.

Zack Whittaker Writer-editor
Zack Whittaker is a former security editor for CNET's sister site ZDNet.
Zack Whittaker
2 min read
GCHQ Cheltenham
The U.K.'s Government Communications Headquarters, or GCHQ. GCHQ

The U.K. government may have been complicit in secretly gathering intelligence from Internet companies, which were named on Thursday by a Washington Post report.

According to The Guardian, which has covered the brewing and ever-developing privacy saga extensively, the ability for the Government Communications Headquarters (GCHQ) -- the U.K. government's electronic intercepts and listening station -- to tap directly into the U.S. National Security Agency (NSA) PRISM database, may bypass mutual intelligence and information sharing treaties.

The London-based newspaper obtained documents allegedly confirming the suspicions. In the papers, the NSA included "special programs for GCHQ exist for focused [PRISM] processing."

The British spy agency generated 197 intelligence reports from Prism in the year through May 2102, the documents state. This is a 137 percent increase in reports year-over-year. Such reports are then passed to the other intelligence agencies, MI5 or SIS (MI6).

The U.S.-led PRISM program allegedly taps into the databases of major technology companies -- Microsoft, Yahoo, Google, Facebook, AOL, Skype, YouTube, Apple, and video chat room community PalTalk were named -- that allows the NSA to data mine and snoop through vast amounts of citizens' private and sensitive data. 

U.S. Director of National Intelligence James Clapper confirmed the existence of the program on Thursday night.

He said: "Information collected under this program is among the most important and valuable intelligence information we collect, and is used to protect our nation from a wide variety of threats."

According to the leaked training documents, these companies were complicit in the acts -- though it's not clear if they were legally bound to. 

Apple, Microsoft, Google, Facebook and others have strenuously denied the claims and reiterated their stance towards maintaining user and customer privacy.

The U.K. government, an ally in intelligence sharing, reportedly tapped into the PRISM system directly, bypassing the requirement to go through "mutual legal assistance" (MLA) requests, in which a state formally asks another government for assistance in a criminal or terrorism case.

MLA requests are sent from the U.K. to the U.S. Justice Department, which are then either turned into subpoenas or search warrants served to companies based in the U.S. In some cases, some companies will comply with a request that hasn't been passed through the courts.

With around 3,000 requests made to Google alone in 2012, the MLA request is costly and time consuming. Using PRISM would allow the U.K. to process requests in bulk extremely quickly. 

A Whitehall source speaking by phone declined to comment off the record. According to The Guardian, GCHQ said it declined to comment on intelligence matters.