{"id":3651,"date":"2015-10-02T12:01:49","date_gmt":"2015-10-02T16:01:49","guid":{"rendered":"http:\/\/ncjolt.org\/?p=3651"},"modified":"2020-06-04T20:53:34","modified_gmt":"2020-06-04T20:53:34","slug":"karma-police-newly-published-documents-shed-light-on-a-massive-british-metadata-dragnet","status":"publish","type":"post","link":"https:\/\/journals.law.unc.edu\/ncjolt\/blogs\/karma-police-newly-published-documents-shed-light-on-a-massive-british-metadata-dragnet\/","title":{"rendered":"\u201cKarma Police\u201d: Newly Published Documents Shed Light on a Massive British Metadata Dragnet"},"content":{"rendered":"<p>No, it is not a fictitious plot to a dystopian novel or the lyrics to a <a href=\"https:\/\/play.google.com\/music\/preview\/T5exrdzxkdxz7z4tyquklpf2jla?lyrics=1&amp;utm_source=google&amp;utm_medium=search&amp;utm_campaign=lyrics&amp;pcampaignid=kp-lyrics&amp;u=0\">hit Radiohead song<\/a>. Sadly, a recent report is just yet another real-life example of a secretive intelligence institution\u2019s vast reach thanks to technology. Over two dozen documents recently <a href=\"https:\/\/theintercept.com\/2015\/09\/25\/gchq-radio-porn-spies-track-web-users-online-identities\/\">made public by The Intercept<\/a> provide startling revelations about a spy program carried out by the Government Communications Headquarters (GCHQ) \u2013 Britain\u2019s version of the National Security Agency (NSA). The documents are the latest to be released in series of leaks from <a href=\"http:\/\/www.theguardian.com\/world\/2013\/sep\/30\/nsa-americans-metadata-year-documents\">NSA whistleblower Edward Snowden<\/a>. In December of 2014 The Intercept reported on how GCHQ <a href=\"https:\/\/theintercept.com\/2014\/12\/13\/belgacom-hack-gchq-inside-story\/\">used malware to infiltrate Belgium\u2019s largest internet provider<\/a>. The newest documents include details about a program with the code name \u201cKarma Police,\u201d which makes use of loop-holes in British law to spy on citizens of the U.K., its allies, and the rest of the world.<br \/>\nWhile <a href=\"http:\/\/www.theguardian.com\/uk-news\/2015\/sep\/17\/counter-extremism-bill-could-play-into-terrorist-hands-watchdog\">the debate on mass-surveillance is still ongoing in Britain today<\/a>, in 2007 GCHQ discreetly began planning a spy regime the with aim of creating \u201ceither (a) a web browsing profile for every visible user on the Internet, or (b) a user profile for every visible website on the Internet.\u201d And the systems put in place where highly successful. Through a series of systems including <a href=\"https:\/\/theintercept.com\/gchq-appendix#karma\">Karma Police, \u201cMutant Broth\u201d, and \u201cMarbled Gecko\u201d<\/a>, GCHQ collected vast amounts of <a href=\"http:\/\/www.theguardian.com\/technology\/interactive\/2013\/jun\/12\/what-is-metadata-nsa-surveillance#meta=0000000\">metadata<\/a> and stored it in its \u201cBlack Hole.\u201d In 2010, GCHQ predicted they would operating the largest surveillance engine in the world by 2013.<br \/>\nBlack Hole is the code name for the system GCHQ used to store its raw metadata records. According to the report, \u201c[b]etween August 2007 and March 2009, GCHQ documents say that Black Hole was used to store more than 1.1 trillion \u2018events\u2019 \u2013 a term the agency uses to refer to metadata records \u2013 with about 10 billion new entries added every day.\u201d Karma Police is a surveillance system which recorded the IP address of anyone visiting a particular web-address. That information, combined with the capabilities of GCHQ\u2019s other systems like Mutant Broth, can reveal the identity of an internet user and create an incredibly revealing profile of their online activity. By piecing bits of data together, spies can gain access to information such as usernames and passwords, email addresses, and web browsing histories.<br \/>\nA big reason why reports like this one are so concerning is the shear scope of this type of drag-net surveillance.<\/p>\n<blockquote><p>These documents suggest that spy agencies such as GCHQ are interested in who visits what web-sites, regardless of any particular individual\u2019s connection to terrorism \u2013 or indeed any criminal activity whatsoever.<\/p><\/blockquote>\n<p>In one instance the documents show that GCHQ used Karma Police to track one person in Egypt\u2019s visits to sites ranging from Facebook to the porn site Redtube. No allegation was made, however, of any legitimate security reason for targeting this individual. In fact, as the report outlines, the data-scraping systems have been used in a variety of covert ways that had nothing \u2013 at least directly \u2013 to do with combating terrorism.<br \/>\nEven with <a href=\"http:\/\/whatis.techtarget.com\/definition\/SIGINT-signals-intelligence\">the intelligence community\u2019s insistence that such programs are designed to target foreign terrorist threats<\/a>, not to target law-abiding citizens, GCHQ is nonetheless authorized to gather domestic metadata without a judicial warrant. Although GCHQ cannot monitor \u201ccontent\u201d of emails and phone calls of U.K. citizens without a warrant, when it comes to metadata, \u201cthere is no exemption or extra privacy protection for British people or citizens from countries that are members of . . . a surveillance alliance that the U.K. is part of alongside the U.S., Canada, Australia, and New Zealand.\u201d Thus the fact <a href=\"https:\/\/www.eff.org\/deeplinks\/2015\/05\/usa-freedom-act-passes-what-we-celebrate-what-we-mourn-and-where-we-go-here\">that the NSA\u2019s power in the United States has recently been dealt a blow<\/a> with the passage of the USA Freedom Act may not mean U.S. web users\u2019 privacy is much safer after all.<br \/>\nLike the U.S., Britain is having to take a long hard look at the value of its spy program. Calls for reform are growing and an independent report on Britain\u2019s spy programs, including those run by GCHQ, has recently been released. All this ahead of <a href=\"http:\/\/www.dailydot.com\/politics\/united-kingdom-encryption-mi5-going-dark-security\/\">a legislative push by the home secretary, Theresa May<\/a>, for more spying powers. Perhaps this formidably-timed report from The Intercept will have some impact on the public debate.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>No, it is not a fictitious plot to a dystopian novel or the lyrics to a hit Radiohead song. Sadly, a recent report is just yet another real-life example of a secretive intelligence institution\u2019s vast reach thanks to technology. Over two dozen documents recently made public by The Intercept provide startling revelations about a spy <a href=\"https:\/\/journals.law.unc.edu\/ncjolt\/blogs\/karma-police-newly-published-documents-shed-light-on-a-massive-british-metadata-dragnet\/\" class=\"more-link\">&#8230;<\/a><\/p>\n","protected":false},"author":1,"featured_media":3652,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[51],"tags":[],"_links":{"self":[{"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/posts\/3651"}],"collection":[{"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/comments?post=3651"}],"version-history":[{"count":1,"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/posts\/3651\/revisions"}],"predecessor-version":[{"id":7293,"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/posts\/3651\/revisions\/7293"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/media\/3652"}],"wp:attachment":[{"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/media?parent=3651"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/categories?post=3651"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/tags?post=3651"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}