How the Edward Snowden leaks damaged security services
Edward Snowden was accused of “very damaging” leaks after handing tens of thousands of top secret documents to journalists in 2013.
The very first story based on those documents was published five years ago. It revealed a secret court order allowing the US National Security Agency (NSA) to collect the data of more than 120 million phone calls between ordinary Americans.
More surveillance revelations based on top secret documents were published in the days and weeks which followed, all sourced through material which Mr Snowden had taken from the NSA while working as a contractor.
Half a decade on from the scandal about the internet surveillance apparatus shared by the US, UK, Canada, Australia and New Zealand, Sky News is looking at how significantly the publication of secret documents damaged the security services’ ability to keep the UK safe.
There have been enormous technological advancements since 2013, many of which were in development long before the Snowden disclosures.
Decentralised internet and web applications were always an easy sell to people who believed they were being spied on; whether privacy-inclined or actively attempting to avert the attention of law enforcement and intelligence agencies.
However “concern regarding government surveillance has led to a growth in the number of initiatives aimed at decentralising the internet,” said David Anderson QC, a former independent reviewer of terrorism legislation, in a 382-page report on investigatory powers published in 2015.
And according to Sir Iain Lobban, then director of GCHQ, just five months after the Snowden documents began to be published the agency’s ability to access intelligence covering “terrorist cells… people shipping secrets, expertise or materials to do with chemical, biological and nuclear, around the world… [and] those involved in online sexual exploitation of children” was “far, far weaker”.
Among the most frustrating technologies for anyone attempting to spy on internet traffic is end-to-end encryption, the practice of scrambling messages so they can only be read on the recipient and the sender’s devices.
Today, almost all messaging services offer end-to-end encryption as a security feature. Facebook Messenger, WhatsApp and Skype all allow users to protect their communications as they travel over the wire – something which wasn’t the case in 2013.
Nobody claims the Snowden revelations sparked this change, even if they did offer apps such as Telegram a beneficial marketing angle.
Jim Killock, executive director at Open Rights Group, argued: “The fact is that The Guardian and Snowden were careful to release just information about unethical practices, or things that needed democratic permission to stand any chance of being legally acceptable.
“Knowing the details has improved security practices at all major internet companies, like Google encrypting traffic on private cables, because GCHQ had been stealing it.
“That might damage GCHQ’s ability to harvest everything from Google, but really: so what. They should get a court order when they need something specific.
“There are lots more examples like that, where companies’ security was poor and needed fixing. Perhaps everyone is a bit more careful now, which makes us more secure from criminals, not just from GCHQ, who can get a warrant.”
Despite Sir Iain’s comments, today even GCHQ will offer statements contradicting the hard-line approach taken by David Cameron when he declared that the British government could not tolerate a “means of communications which it simply isn’t possible to read”.
Robert Hannigan, who succeeded Mr Lobban as GCHQ director before standing down in 2017, told Radio 4: “Encryption is an overwhelmingly good thing – it keeps us all safe and secure. Throughout the Cold War, until about 15 years ago, it was something which only governments could do at scale.
“What’s happened is that you can now get the same grade of encryption on a number of apps on your smartphone. It’s available to everybody. That is a good thing.”
Despite this position encouraging the use of security measures, the agency was also engaged in a major ongoing project in 2016 called FOXTROT, which was designed “to increase GCHQ’s ability to operate in an environment of ubiquitous encryption”.
Among the most serious damage reported to have been caused by the Snowden disclosures was the concern among allied nations that they did not know how much of their secret information had been stolen.
Reports suggested that officers with MI6 had been removed from their posts due to concerns that their identities had been compromised by the leak.
It is in the nature of secret intelligence services that little can be confirmed about the damage that the publishing of top secret documents did to their operations – short of additional leaks – but the agency declared that identification of methods of intelligence collection drove an enormous change in the operational security behaviours of terror groups.
The firmest statements from the security service heads on the matter were given on the 7 November 2013, when – for the first time ever – the directors of GCHQ, MI6 and MI5 appeared together to testify before Parliament in an open session which was dominated by discussion of the leaks.
Sir John Sawers, then chief of MI6, told the committee that “the leaks from Snowden have been very damaging. They have put our operations at risk. It is clear that our adversaries are rubbing their hands with glee. Al Qaeda is lapping it up and our own security has suffered as a consequence”.
The committee’s chairman noted a speech by MI5 head Andrew Parker, in which he described the Snowden leaks as “the gift [terrorists] need to evade us and strike at will”, and asked Mr Parker to explain.
The MI5 head offered to do so in a private sitting, but said his agency was dependent on GCHQ’s work to detect terrorist communications and identify plots before they are carried out – work which had been made far more difficult by the leaks.
Sir Iain added: “What we have seen over the last five months is near daily discussion amongst some of our targets… we have seen terrorist groups in the Middle East, in Afghanistan and elsewhere in South Asia, discussing the revelations in specific terms, in terms of the communications packages that they use, the communications packages that they wish to move to.
“We have intelligence on – we have actually seen chat around specific terrorist groups, including close to home, discussing how to avoid what they now perceive to be vulnerable communications methods or how to select communications which they now perceive not to be exploitable.”
Programmes such as FOXTROT and the march of privacy-inclined technologies on the internet suggest that this issue was not fundamentally changed by the Snowden leaks, even if it was accelerated.