Seven internet service and communications providers from around the world filed a legal complaint today calling for an end to GCHQ's attacking and exploitation of network infrastructure in order to unlawfully gain access to potentially millions of people's private communications.
The complaint, filed by Riseup (US), GreenNet (UK), Greenhost (Netherlands), Mango (Zimbabwe), Jinbonet (Korea), May First/People Link (US), and the Chaos Computer Club (Germany), along with Privacy International, is the first time that internet and communication providers have taken collective action against GCHQ's targeting, attacking and exploitation of networks maintaining communications infrastructure.
Lodged today in the Investigatory Powers Tribunal, the claimants assert that GCHQ's attacks on providers are not only illegal, but are destructive, undermine the goodwill the companies and groups rely on, and damage the trust in security and privacy that makes the internet such a crucial tool of communication and empowerment. The group of seven are demanding an end to such exploitation of internet and communication services, the targeting of their systems administrators and protections for their users whose rights may have been infringed.
The widespread nature of these attacks became known through a series of articles from Der Spiegel and the Intercept, which detailed GCHQ's illicit activities and targeting of providers. The articles outlined that:
Employees of Belgian telecommunications company, Belgacom, were targeted by GCHQ and infected with malware through a highly developed attack called "Quantum Insert", in order to gain access to important network infrastructure.
GCHQ and NSA have a range of network exploitation and intrusion capabilities, including a "Man on the Side" technique, which covertly injects data into existing data streams in order to create connections that will enable the targeted infection of users.
The intelligence agencies utilise a technique through an automated system – codenamed TURBINE. TURBINE "allow[s] the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually," according to documents released by The Intercept.
Other companies - including three German internet exchange points - were targeted by GCHQ. The joint NSA-GCHQ operation is directed at exchange points which spy on all internet traffic coming through the nodes, and identify 'important' customers of German teleport provider.
While the claimants were not directly named in the Snowden documents, the type of surveillance being carried out allows them to challenge the practices in the IPT because they and their users are at threat of being targeted. Given the interconnectedness of the internet, the surveillance being carried out by GCHQ and NSA detailed in the articles could be carried out against any internet and communications provider, not just simply the networks and companies named in the reports.
The case filed today comes on the heels of two other cases filed by Privacy International in the aftermath of the Snowden revelations - the first against the mass surveillance programmes TEMPORA, PRISM and UPSTREAM, and the second against the deployment by GCHQ of computer intrusion capabilities and spyware.
Greenhost provides critical infrastructure for journalists and activists working in the harshest conditions. Their lives and that of their colleagues and sources depend on a reliable communication network. Outsider intrusion such as that of the GCHQ criminalises all the users of the network without legal ground and causes damage to fundamental processes that keep the network running. This illicit activity is not only a blatant violation of human rights but also endangers innocent lives. It must stop at once.