Exclusive: America’s spy agency created a secret system, Dishfire, to intercept almost 200m text messages a day – a system used by GCHQ to exploit a loophole allowing them to spy on British citizens.
Documents leaked by the former National Security Agency (NSA) contractor Edward Snowden reveal that the agency set up a database, known as Dishfire, which snared hundreds of millions of messages as they were sent between countries.
A slide from a presentation, seen by The Guardian and Channel 4 News, shows how Dishfire gave spies access to a trove of information. For example, by intercepting the welcome messages phone users receive when they arrive in a new country, the NSA tracked the movements of more than 1.5 million people every day. The agency spied on phone users’ contacts by hoovering up five million missed call alerts per day, as well as business cards sent by text message.
The agency was even able to work out phone users’ credit card numbers using texts sent to their phones by banks.
Dishfire collects pretty much everything it can. Leaked documents
The spying is not targeted, meaning millions of innocent people have potentially had their data gathered.
“Dishfire collects pretty much everything it can,” one of the documents states.
The database has proved so useful that at one stage the NSA warned it was “overwhelmed” and urged intelligence officers to limit their queries to batches of 1,800 at a time.
Read more: What GCHQ knows about us – a timeline of revelations
GCHQ, Britain’s spy agency, was given full access to Dishfire. Such intelligence information is a vital tool for UK spies in tracking down terrorists and protecting British forces overseas. But it also raises concerns over the privacy of UK citizens’ data.
A separate document reveals the extent to which GCHQ staff used Dishfire to gain information which, under British law, they would need permission to request from telecoms companies within the UK.
Under American law, the NSA must delete all US-related texts from the Dishfire database, but does not do the same for UK numbers.
This gives GCHQ a vital store of information, and the documents encourage staff to use it to scope out numbers to see if they might be of interest.
“You can… run queries prior to targeting a number, as the content may give you an idea of how useful the number will be,” states the document.
It also offers GCHQ the chance to pull in mobile phone data from years ago – before the person ever became a suspect.
“This makes it particularly useful for development of new targets, since it is possible to examine the content of messages sent months or even years before the target was known to be of interest,” the document states.
Within the UK, if an intelligence agency wants to get text message data from a phone company it must first get permission under the Regulation of Investigatory Powers Act, or RIPA. Armed with a RIPA request, GCHQ can, for example, demand that a mobile phone company hands over details of which numbers a mobile phone has called.
But the Dishfire system gives GCHQ a legal loophole to get such information without needing a RIPA request. That’s because the text messages are gathered and stored by the NSA – and GCHQ’s access to foreign intelligence agencies’ stash of data is not covered by any UK law.
Dishfire “is invaluable in getting information on untargeted or unwarranted numbers”, the documents state.
Alex Bailin, a QC for Matrix Chambers said: “The title of the legislation, the regulation of investigatory powers, was intended to regulate the way our authorities conduct surveillance on UK citizens or persons within the UK.
“It wasn’t intended to have some enormous loophole where if the surveillance occurred by a foreign body our body could simply access that freely without any restriction at all.”
Earlier this year, the foreign secretary went on record to state that British agencies are not using hi-tech surveillance systems to flout British rules.
“The idea that in GCHQ people are sitting working out how to circumvent a UK law with another agency in another country is fanciful, it is nonsense,” said William Hague MP.
It is not dissimilar to the question: Do you use material which you may have reason to believe has been obtained by torture? Foreign interception commissioner, Sir Swinton Thomas
In an exclusive interview with Channel 4 News, the former interception commissioner Sir Swinton Thomas – who oversaw the agency’s use of snooping powers – expressed concern about the use of intelligence from foreign countries’ agencies: “It is a worry, yes. And certainly in my time I would take the view that it not open to our intelligence services to obtain or certainly to use communications or data which would not have been lawful in this country.
“It’s not dissimilar to the question: Do you use material which you may have reason to believe has been obtained by torture? It’s a different area of course, but the concept is very similar.”
GCHQ insisted it obeys all the relevant laws. In a statement it said: “All of GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the secretary of state, the interception and intelligence services commissioners and the parliamentary intelligence and security committee. All our operational processes rigorously support this position.”
The NSA confirmed Dishfire does exist and claimed it lawfully collects SMS data. It added that privacy protections are in place for US citizens, but did not mention protections for UK citizens in its statement.