NordVPN

Five Eyes, Nine Eyes and 14 Eyes Intelligence: A Guide for VPN Users

Ben Taylor

Ben Taylor

November 2, 2017

You’ll often hear references to “five eyes countries” (and “nine eyes” and “14 eyes” countries) in the context of VPNs and online privacy.

This guide lays out what these terms mean, which countries are involved, and what you need to know to help you choose the right VPN service.

So, let’s begin with the basics:

Who are the Five Eyes countries?

five eyes

The Five Eyes countries are the United States, the United Kingdom, Australia, New Zealand and Canada. Five Eyes (sometimes referred to as FVEY) is an intelligence alliance that dates back to the early 1940s.

Who are the Nine Eyes countries?

nine eyes

The Nine Eyes countries are the United States, the United Kingdom, Australia, New Zealand, Canada, Denmark, France, Holland and Norway. Nine Eyes is an extension of the core Five Eyes alliance.

Who are the 14 Eyes countries?

14 eyes

The 14 Eyes countries are the United States, the United Kingdom, Australia, New Zealand, Canada, Denmark, France, Holland, Norway, Germany, Italy, Belgium, Sweden and Spain. This alliance is also known as SIGINT Seniors Europe (SSEUR), and according to Wikipedia, it’s there to coordinate “the exchange of military signals intelligence among its members.”

What’s the history of the Five Eyes alliance (and the 9 / 14 Eyes alliances)?

Five Eyes originally came about as a way for the core countries to share intelligence. It’s also known as the UKUSA agreement, and began as an “informal agreement” in 1941. It was formalized between the UK and USA in 1946, in the wake of the second world war, and expanded to encompass the other core countries in the years that followed.

Beyond the core Five Eyes countries come the other nations that form the Nine and 14 Eyes groups. These nations joined the scheme as “3rd party countries.” It’s widely believed that there are other countries who participate in the schemes beyond the core countries listed, including “Pacific allies” such as South Korea and Singapore.

Five Eyes, and similar arrangements, have (by their nature) always been shrouded in secrecy. Wikipedia suggests that it was nearly 30 years after the original formation of the agreement before the Australian Prime Minister even became aware of it. Five Eyes was made public in 2005, and since 2010 it’s been possible to read some of the details of it online on the UK’s National Archives website.

Five Eyes: Recent Years Controversy

surveillance

The Five Eyes agreement gained modern mainstream relevance when it was linked to the NSA revelations made public as part of the Edward Snowden revelations. His revelations showed and proved that agreements made during the Cold War are being extensively used in the pursuit of widespread digital surveillance.

It’s become clear that these intelligence sharing agreements are used for purposes that go beyond signals intelligence. They effectively allow the intelligence services in multiple countries to liaise with each other and share information relating to anything from human and defense intelligence to matters of national security.

An example of how this can work in practice came out with Snowden’s revelations in 2013, when it emerged that the American NSA effectively outsources work to the UK’s GCHQ.

Most controversially for advocates of privacy, the Snowden revelations showed that governments make use of the Five Eyes framework to get around laws about monitoring their own citizens. As an example, the UK’s MI5 can ask the US NSA to tap UK phones, thus “allegedly circumventing laws.”

Here’s how it was described by De Spiegel at the time:

“Britain’s GCHQ intelligence agency can spy on anyone but British nationals, the NSA can conduct surveillance on anyone but Americans, and Germany’s BND foreign intelligence agency can spy on anyone but Germans. That’s how a matrix is created of boundless surveillance.”

What do the 5 / 9 / 14 Eyes alliances actually do?

If you’re a privacy conscious individual, this is a very valid question, as it’s more than reasonable to argue that what the agencies within these alliances do goes far beyond what they need to do to ensure they keep the world “safe.”

One of Edward Snowden’s most headline-grabbing revelations related to the NSA’s PRISM program, a mass data collection initiative whose participants include all the big players in the Internet world, including Microsoft, Google and Facebook. PRISM has made it incredibly easy for the NSA (even its “low-level agents”) to access information on commonly-used platforms, and the alliances mean that other countries involved can essentially tap in to that ability. Even those who believe they have “nothing to hide and nothing to fear” would be spooked by the ease with which the NSA – and therefore their alliance partners – can tap into anything from Skype conversations to email messages.

Then we can add to that the fact that these security agencies have been shown to engage in practices that are at best – underhand. These include cracking encryption algorithms and bribing companies to weaken their own IT security systems

While we’re not suggesting that the 5 / 9 / 14 Eyes alliances’ sole purposes are to snoop on citizen’s day-to-day lives, the by-product of much of the related agencies’ work allows them to do just that.

Why does 5 / 9 / 14 Eyes matter to VPN users?

For many, the whole point of using a VPN (Virtual Private Network) service is to avoid government surveillance and browse the Internet with a reasonable level of privacy.

As you can see from the information above, you can easily defeat that object by choosing a VPN provider based in one of the countries – particularly the Five Eyes countries – or one that locates its servers in one of those countries. A provider could be compelled to hand over details of your online activity to the authorities, and there’s nothing to say you would be any the wiser. And thanks to the information sharing that goes on between these countries, it could be ANY of the countries on the list!

What about connecting to a VPN SERVER in a Five Eyes country?

government surveillance

A commonly asked question is what the position is if someone uses a VPN provider in a country outside the 5 / 9 / 14 Eyes jurisdiction, but uses it to connect to a server in a country that IS within that jurisdiction, such as in the US or UK.

Without going into too much technical detail, there is some risk here; The FVEY country could subpoena the server provider for connection logs (or even perform its own monitoring of connections into and out of the server). However, if the VPN provider is taking the right security precautions on their infrastructure, the risk should be relatively small.

That said, people keen to minimise their exposure to the wide jurisdiction of these intelligence alliances should take the lowest-risk approach. And that would be using a provider outside the 5 / 9 / 14 Eyes jurisdiction AND only connecting to servers outside of the jurisdiction.

So which VPN should I choose?

A good starting point is to look at our list of the Best “no logs” VPNs.

These VPN services don’t keep any record of your browsing activity, which means that if they were ever required to hand over details of usage, they wouldn’t actually have any of that information to share.

In addition, at the time of writing, the majority of the recommended providers on the list are based outside of the countries we’ve discussed here. The main exception is Windscribe, which is based in Canada, which is a Five Eyes country. (AirVPN is in Italy, which is a 14-Eyes country).

By choosing a VPN that’s outside the far-reaching jurisdiction of 5 / 9 / 14 eyes, AND one that doesn’t keep activity logs, you are doing all you can to minimise the chance of your online activity being subject to a level of surveillance that privacy advocates would agree is unnecessary and unfair.

Image credits: O.Bellini/Shutterstock.com, Gorodenkoff/Shutterstock.com

Ben Taylor

Ben was a geek long before "geek chic," learning the ropes on BBC Micros, before moving on to Atari STs and IBM compatibles. He was "online" using a 1200bps modem before the Internet was even a thing. Now, after two decades in the industry, he writes about technology for various publications, operates a few websites of his own, and runs a bespoke IT consultancy based in London.

2 responses to “Five Eyes, Nine Eyes and 14 Eyes Intelligence: A Guide for VPN Users

  1. Good Job. Well written. Thank you.
    I am looking for an article that (I didn’t keep) told me to use a VPN and a proxy at the same time when downloading torrents. It also have a video showing the info with uTorrent and the proxy.
    I can not remember which came first. My PC, then the VPN, then the Proxy?
    Can you refresh my memory. 71 years old here. Any info you may have or find will be greatly appreciated.
    Have a good tomorrow.

    1. Hi Dennis,

      Using a proxy and a VPN at the same will give a degree of extra protection, but is complete overkill in my opinion. It also depends somewhat on how trustworthy the proxy service you use is. If you want to do it, connect your PC to a VPN service, and then configure your torrent client to connect to a SOCKS proxy.

Leave a Reply

Your email address will not be published. Required fields are marked *

Your Information will never be shared with any third party.
Enter your email address to receive your Beginner's Guide to Online Security for Free
You'll also receive great privacy news and exclusive software deals!
Enter your email to get the ebook:
Your Information will never be shared with any third party.
Enter your email address to receive your Ultimate Online Privacy Guide eBook!
You'll also receive great privacy news and exclusive software deals!
Enter your email to get the eBook:
Special VPN Deal
SAVE 49% TODAY
WITH OUR
Exclusive Offer
Get a Special Deal - 72% OFF!
With a biannual subscription
Exclusive Offer for BestVPN.com Visitors!
50% Off Annual Plan
Limited Time Only
Exclusive price of
$3.25/mo
Exclusive Offer
SAVE 72% TODAY
LIMITED TIME OFFER
Get NordVPN for only
$3.29/month