A report from German newspaper Süddeutsche Zeitung brings to light new documents obtained by NSA whistle-blower Edward Snowden, which show the UK’s spy organisation GCHQ (and therefore by extension its senior partner, the NSA) worked closely with UK telecom firm Cable & Wireless,
‘Cable & Wireless actively shaped and provided the most data to GCHQ mass surveillance programs, and received millions of pounds in compensation. The documents also suggest that Cable & Wireless assisted GCHQ in breaking into a competitor’s network.’
In fact, Cable and Wireless was paid £tens of millions, and according to Channel 4,
‘At one point, the Mastering the Internet programme was costing £1m per month.’
This relationship was apparently so cosy that GCHQ assigned one of its operatives to work full time at Cable & Wireless, overseeing the data collection process.
In 2012 Cable & Wireless was bought by Vodafone in a £1.04 billion takeover, but the documents make it clear that the company continued to pass on data to GCHQ until at least April 2013.
GERONTIC was apparently the codename for Cable & Wireless (and presumably included Vodafone after the 2012 acquisition)
In this July 2009 document we see how Cable & Wireless either owned or leased 29 out of the 63 underwater cables to which GCHQ had access to via ‘partnerships’. This means Cable and Wireless supplied 70 percent GCHQ’s access to major international data cables
Data collected was fed into the INCENSER ‘special source collection system’
Perhaps most shocking is this document, which suggests that because it did not have a ‘relationship’ with the owner of the the Fiber-Optic Link Around the Globe (FLAG) cable network (Indian company Reliance Globalcom, now called Global Cloud Xchange), it simply hacked its way in
While these documents do not come as a surprise, since earlier Snowden revelations over the Turbulence and Xkeyscore programs hinted strongly at the existence of such an operation, they constitute the first hard proof of the both extent of the data collection (global), and tech firm Cable & Wireless (and later Vodafone)’s complicity.
Vodafone has denied being engaged in any unlawful conduct, but has tacitly acknowledged that the data collection took place,
‘What we have in the UK is a system based on warrants, where we receive a lawful instruction from an agency or authority to allow them to have access to communications data on our network. We have to comply with that warrant and we do and there are processes for us to do that which we’re not allowed to talk about because the law constrains us from revealing these things. We don’t go beyond what the law requires.’
GCHQ has similarly insisted that worked within the bounds of the law,
‘It is longstanding policy that we do not comment on intelligence matters; Furthermore, all of GCHQ’s work is carried out in accordance with a strict legal and policy framework, which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight.’