Tuesday, 24 March 2015

Fresh document leaks show GCSB spying on WTO

A top secret two-page document purportedly shows a New Zealand spy agency monitored candidates running for the director-general position at the World Trade Organisation.

The supposed surveillance tasking document was active in 2013 and is called the “wto project”. The file lists is a group of keywords systematised as search terms to query a potential database.

The project could have been built to gather digital communications traffic (emails, messaging, files, etc) related to the World Trade Organisation’s attempt to hire a new director-general. At the time, New Zealand’s trade minister Tim Groser was one of nine candidates competing for the role. Mr Groser was ultimately unsuccessful in his attempt.

The document is referred to as a “fingerprint” used to “sort traffic by priority”. Search terms include: “WTO, director-general, candidate, Zealand” and others.

Some of the search terms include references to trade minister Tim Groser as well as the entire list of the surnames of the other eight candidates. The inclusion of Mr Groser in the file has not convinced the minister to comment on the documents.

"We do not comment on such leaks because they are often wrong, they are deliberately timed to try and create political damage and we do not comment on any of them," Mr Groser told media.

Both prime minister John Key and Mr Groser have released similar statements to those produced to respond to previous intelligence leaks. “The Government will not be responding to claims made from documents stolen by Edward Snowden,” the statement says.

It is not clear from the leaked documents what mission or operation the GCSB project was gathering intelligence to support, if any.

Mr Key is returning from a recent visit to South Korea to witness the signing of a new free trade deal with the country. A South Korean candidate, Dr Taeho Bark, was included in the search terms on the document, however Mr Key has refused to comment on whether the diplomat was under covert surveillance in 2013.

It is also not known whether the document is an official GCSB file or even whether it is part of a series of leaks stolen by National Security Agency (NSA) technician Edward Snowden.

The file is remarkably dissimilar to earlier files taken by Mr Snowden and neither the New Zealand Herald nor the news website dedicated to publishing Mr Snowden’s documents, The Intercept, mention the former NSA technician’s name as being the source of the leak.

Some media outlets are also speculating that the keywords listed are collated to refer to the NSA’s large database of digital communications traffic known as XKEYSCORE. The existence of such a database was revealed by other NSA documents.

Despite the media claim, no indication of the infamous NSA database XKEYSCORE appears on the latest WTO surveillance document, nor any mention of the NSA. Only two referred instances of the Government Communications Security Bureau (GCSB) appear on the document, the first as “SigDev support to GCSB Trade team- WTO DG Candidacy issues - focus on Indoesian [sic] candidate”.

This mention could refer to a team of analysts at the agency focusing on trade surveillance tasks or a special group created to monitor the WTO director-general candidacy or other reasons. A misspelling of the word “Indonesia” is also unusual compared to previous copywriting displayed in NSA documents released by Mr Snowden. The second reference is vague and preceded by a redacted word. It states: “Responsible sid [redacted]-gcsb”.

If the documents prove what some media outlets purport - that the GCSB was spying on WTO candidacy negotiations - then the alleged surveillance operation fits with the agency’s tasking requirements as part of the UKUSA agreement known more colloquially as the Five Eyes partnership.

The Five Eyes partnership includes Australia, Canada, New Zealand, United Kingdom and the United States signals intelligence and other intelligence agencies. It also refers to a partnership between the members structured around mutual economic and security cooperation.

Individual members of the partnership share responsibilities for intercepting communications from different regions around the world. The intelligence collection is directed by surveillance tasking requirements given to the agencies.

The specific tasking requirements can come from other branches of government interesting in gaining particular intelligence about issues or processes. These people are known in the intelligence community as the “intelligence consumers”, and can range from the leader of a country to domestic law enforcement personnel. All tasking requirements from intelligence consumers is strictly controlled by the laws of intelligence collection recognised by the nation-state. Those laws are generally more constricted for domestic intelligence collection than for foreign intelligence gathering, which is the domain of the GCSB.

Some of this collected foreign intelligence - requested by the intelligence consumers - is sent by all members of the Five Eyes to a centralised database called XKEYSCORE situated in Maryland, West Virginia as part of the gigantic NSA complex at Fort Meade. The NSA XKEYSCORE database, according to previously-released documents from Mr Snowden, is available to query for the New Zealand GCSB as part of the Five Eyes agreement. It is unknown whether the search terms in the leaked document can be used in the database.

Some of Mr Snowden’s stolen documents show that the GCSB has apparently struggled to gain complete access to the database in the past, but it is understood the agency possesses at least a partial access to the database.

They have also revealed the GCSB contributes to the XKEYSCORE database by feeding the spy system its intercepted communications gathered from the New Zealand agency’s area of responsibility. The GCSB’s area of responsibility is known to be include the South Pacific, Antarctica and South East Asia, potentially extending as high as East Asia.

No comments: