Documents
Operational Legalities – GCHQ Powerpoint Presentation
June 22, 2015
E:
E.
E.
at
E:
Operational Legalities
E:
E.
E.
at
E:
Operational Legalities
Not for display
Beware: there are several hidden slides
in this presentation. If you see this you
will also see the other hidden ones.
0 To find which are hidden, use slide
sorter View
0 There?s a print option to ignore hidden
slides
Not for display
Beware: there are several hidden slides
in this presentation. If you see this you
will also see the other hidden ones.
0 To find which are hidden, use slide
sorter View
0 There?s a print option to ignore hidden
slides
Agenda
Legal Framework
Tasking Targeting
incl Location/Nationality
SD Coffee/tea What,s OUT
g?condlpat?tiesgk I Data Protection
Issemina Ion ISC osure . .
ff
Safeguards Oversight 0 ma secre
Wrap_up FOIA
Thia information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leghlation. Refer any:r queries to GCHQ on -
x- or -@gchq.gai.gov.uk
Agenda
Legal Framework
Tasking Targeting
incl Location/Nationality
SD Coffee/tea What,s OUT
g?condlpat?tiesgk I Data Protection
Issemina Ion ISC osure . .
ff
Safeguards Oversight 0 ma secre
Wrap_up FOIA
Thia information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leghlation. Refer any:r queries to GCHQ on -
x- or -@gchq.gai.gov.uk
Operational Legalities
Legal Framework
This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries in GCHQ on -
x- or -@gohq.gsi.gov.uk
Operational Legalities
Legal Framework
This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries in GCHQ on -
x- or -@gohq.gsi.gov.uk
Legal Framework
Intelligence Services Act 1994
- functions; property interference; oversight
Human Rights Act 1998
- public authorities must act in accordance with ECHR
Regulation of Investigatory Powers Act 2000
- interception; safeguards; oversight
Wireless Telegraphy Act 2006
- interception/interference
This information is exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r FGLA queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Legal Framework
Intelligence Services Act 1994
- functions; property interference; oversight
Human Rights Act 1998
- public authorities must act in accordance with ECHR
Regulation of Investigatory Powers Act 2000
- interception; safeguards; oversight
Wireless Telegraphy Act 2006
- interception/interference
This information is exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r FGLA queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Intelligence Services Act
0 applies to all operations under control of
Director GCHQ
defines SIGINT function
prescribes purposes for SIGINT function:
National Security
Economic Well-being of the UK (EWB)
Prevention/detection of serious crime
under the Freedom oflnformatlon Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Intelligence Services Act
0 applies to all operations under control of
Director GCHQ
defines SIGINT function
prescribes purposes for SIGINT function:
National Security
Economic Well-being of the UK (EWB)
Prevention/detection of serious crime
under the Freedom oflnformatlon Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Human Rights Act 1998
incorporates the ECHR into UK law
0 requires all UK public authorities to act in
accordance with the ECHR
- allows actions against public authorities by
aggrieved parties
0 RIPA, ISA and WTA are the vehicles through
which ECHR or compatibility? are met
under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Human Rights Act 1998
incorporates the ECHR into UK law
0 requires all UK public authorities to act in
accordance with the ECHR
- allows actions against public authorities by
aggrieved parties
0 RIPA, ISA and WTA are the vehicles through
which ECHR or compatibility? are met
under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
The European Convention on
Human Rights (ECHR)
Article 8 is of most obvious relevance to GCHQ:
7L 8.1. ?Everyone has the right to respect for his
private and family life. his home and his
correspondence.
it 8.2. ?There shall be no inten?erence by a public
authority With the exercise of this right except
such as is in accordance with the law and is
under the Freedom oflnformation Act 2000 FGIA) and manyr be exempt under other UK information leghlation. Refer newr . 1 .. I: -
x- or -@gchq.gsi.gov.uk
The European Convention on
Human Rights (ECHR)
Article 8 is of most obvious relevance to GCHQ:
7L 8.1. ?Everyone has the right to respect for his
private and family life. his home and his
correspondence.
it 8.2. ?There shall be no inten?erence by a public
authority With the exercise of this right except
such as is in accordance with the law and is
under the Freedom oflnformation Act 2000 FGIA) and manyr be exempt under other UK information leghlation. Refer newr . 1 .. I: -
x- or -@gchq.gsi.gov.uk
The European Convention on
Human Rights
the interests of national security, public
safety or the economic well-being of the
country, for the prevention of disorder or
crime, for the protection of public health and
morals, or for the protection of the rights and
freedoms of others.?
under the Freedom eflnfermetmn Act 2000 FGIA an menr be exempt under other UK infermatien leghlatbn. Refer ?anyr queries In GCHQ en -
ch . 5?
The European Convention on
Human Rights
the interests of national security, public
safety or the economic well-being of the
country, for the prevention of disorder or
crime, for the protection of public health and
morals, or for the protection of the rights and
freedoms of others.?
under the Freedom eflnfermetmn Act 2000 FGIA an menr be exempt under other UK infermatien leghlatbn. Refer ?anyr queries In GCHQ en -
ch . 5?
Need for authorisation
ensures compliance with requirements of
ECHR and HRA
SIGINT intercept/CNE is illegal in UK
without it offences)
0 gives visibility of operational activities to
GCHQ seniors 505
under the Freedom oflnformation Act 2000 FGIA and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
i
x- or -@gchq.gsi.gov.uk
Need for authorisation
ensures compliance with requirements of
ECHR and HRA
SIGINT intercept/CNE is illegal in UK
without it offences)
0 gives visibility of operational activities to
GCHQ seniors 505
under the Freedom oflnformation Act 2000 FGIA and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
i
x- or -@gchq.gsi.gov.uk
Authorisation
Regulation of Investigatory Powers
Act 2000
Interception 8: surveillance
Intelligence Services Act 1994
Effects
Wireless Telegraphy Act 2006
Interception interference with wireless
telegraphy
under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r FGLA queries to GCHQ on -
x- or -@gohq.gsi.gov.uk
Authorisation
Regulation of Investigatory Powers
Act 2000
Interception 8: surveillance
Intelligence Services Act 1994
Effects
Wireless Telegraphy Act 2006
Interception interference with wireless
telegraphy
under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r FGLA queries to GCHQ on -
x- or -@gohq.gsi.gov.uk
Regulation of Investigatory
Powers Act 2000 (RIPA)
9n interception in the UK of comms carried on a
public or private telecommunications system
i surveillance covert human intelligence
source (CHIS) activity
acquisition of comms data
9n not just applicable to GCHQ
under the Freedom oflnformation Act 2000 FGIA and manyr be exempt under other UK information legislation. Refer ?any:r queries to GCHQ on -
i
x- or
Regulation of Investigatory
Powers Act 2000 (RIPA)
9n interception in the UK of comms carried on a
public or private telecommunications system
i surveillance covert human intelligence
source (CHIS) activity
acquisition of comms data
9n not just applicable to GCHQ
under the Freedom oflnformation Act 2000 FGIA and manyr be exempt under other UK information legislation. Refer ?any:r queries to GCHQ on -
i
x- or
RI PA warrants
5. 8(4) ?external? warrants
authorise ?at least one end foreign? interception
authorise selection according to Certificate
entries
9t target must be outside the UK (absent
additional authorisation)
ensure individuals? ECHR rights are protected
on a world-wide basis
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leghlation. Refer amlr queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
RI PA warrants
5. 8(4) ?external? warrants
authorise ?at least one end foreign? interception
authorise selection according to Certificate
entries
9t target must be outside the UK (absent
additional authorisation)
ensure individuals? ECHR rights are protected
on a world-wide basis
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leghlation. Refer amlr queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
RIPA warrants
5. 8(1) ?line-access' warrants
9n warrant authorises target (person or premises)
in the UK
schedules give telecomms addresses
9n schedules are served on those who can provide
the communications (usually CSPs)
9L PRESTON
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
RIPA warrants
5. 8(1) ?line-access' warrants
9n warrant authorises target (person or premises)
in the UK
schedules give telecomms addresses
9n schedules are served on those who can provide
the communications (usually CSPs)
9L PRESTON
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
RI PA warra certificates
6 months? duration for N5, 3 months for SC
7t approval and renewal by Secretary of State
7t can be modified addresses, categories
i urgency provisions
This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
RI PA warra certificates
6 months? duration for N5, 3 months for SC
7t approval and renewal by Secretary of State
7t can be modified addresses, categories
i urgency provisions
This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
ISA warrants authorisation
Computer Misuse Act 1990 (CMA)
s.5 warrant necessary if target computer is
in the British Islands (NS only)
- s.7 authorisation if elsewhere
mimics RIPA warrantry
- s.7 subject to internal procedures
under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
ISA warrants authorisation
Computer Misuse Act 1990 (CMA)
s.5 warrant necessary if target computer is
in the British Islands (NS only)
- s.7 authorisation if elsewhere
mimics RIPA warrantry
- s.7 subject to internal procedures
under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
ISA warrants authorisation
- 6 months? duration; only not SC
for warrant but possible for authorisation
approval and renewal by Secretary of State
A modification
A urgency/operational effectiveness
provisions
This information exempt under the Freedom oflnformatlon Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
ISA warrants authorisation
- 6 months? duration; only not SC
for warrant but possible for authorisation
approval and renewal by Secretary of State
A modification
A urgency/operational effectiveness
provisions
This information exempt under the Freedom oflnformatlon Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
Wireless Telegraphy Act
- authorises interception of wireless
telegraphy, ie that not covered by RIPA
- Secretary of State issues but without limit
of time
0 still needs to be proportionate
This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Wireless Telegraphy Act
- authorises interception of wireless
telegraphy, ie that not covered by RIPA
- Secretary of State issues but without limit
of time
0 still needs to be proportionate
This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
RIPA Directed Surveillance
Authorisations
- GCHQ does directed surveillance when it
observes a target with intention of gathering
private data on the target's private life,
associates and/or activities
- excludes historical research eg computer
forensics
This information fs exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
RIPA Directed Surveillance
Authorisations
- GCHQ does directed surveillance when it
observes a target with intention of gathering
private data on the target's private life,
associates and/or activities
- excludes historical research eg computer
forensics
This information fs exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
Questions?
Thi5 infermatien exempt under the Freedom eflnfarmetien Act 2000 FGIA) and manyr be exempt under other UK inferma?en leghlatien. Refer ?any:r queries In GCHQ en -
x- or -@gchq.gai.gev.uk
Questions?
Thi5 infermatien exempt under the Freedom eflnfarmetien Act 2000 FGIA) and manyr be exempt under other UK inferma?en leghlatien. Refer ?any:r queries In GCHQ en -
x- or -@gchq.gai.gev.uk
Operational Legalities
Tasking and Targeting
This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gohq.gsi.gov.uk
Operational Legalities
Tasking and Targeting
This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gohq.gsi.gov.uk
Principles
. We operate within the law
. We can demonstrate that we operate
within the law
. Staff have the information they need
to be able to comply with the law
under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer ?any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Principles
. We operate within the law
. We can demonstrate that we operate
within the law
. Staff have the information they need
to be able to comply with the law
under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer ?any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
All we do has to be:
9? authorised where necessary, under
law (ISA, RIPA, WTA), or policy
7? necessary NS, EWB or plus more
specific intelligence requirements
9? proportionate manner and extent to
which requirement is being met
under the Freedom oflnformation Act 2000 FGIA) and moor be exempt under other UK information legislation. Refer ?any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
All we do has to be:
9? authorised where necessary, under
law (ISA, RIPA, WTA), or policy
7? necessary NS, EWB or plus more
specific intelligence requirements
9? proportionate manner and extent to
which requirement is being met
under the Freedom oflnformation Act 2000 FGIA) and moor be exempt under other UK information legislation. Refer ?any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
What activities does that
apply to?
tasking access
targeting retention
database queries dissemination
TD pioneering
SD
under the Freedom oflnformation Act 2000 FGIA) and menr be exempt under other UK information legklation. Refer ?anyr queries to GCHQ on -
x- or -@gohq.gsi.gov.uk
What activities does that
apply to?
tasking access
targeting retention
database queries dissemination
TD pioneering
SD
under the Freedom oflnformation Act 2000 FGIA) and menr be exempt under other UK information legklation. Refer ?anyr queries to GCHQ on -
x- or -@gohq.gsi.gov.uk
Tasking
A ?at least one-end foreign' interception is
authorised by external RIPA 8(4) warrant
A selection is authorised according to
Certificate entries
A individuals? ECHR rights are
protected on a world-wide basis
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer amlr queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Tasking
A ?at least one-end foreign' interception is
authorised by external RIPA 8(4) warrant
A selection is authorised according to
Certificate entries
A individuals? ECHR rights are
protected on a world-wide basis
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer amlr queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Targeting
name
- communications addresses
0 web service authentication data
0 ID card number or passport number
0 driving licence number
0 car registration number
0 bank card/credit card account numbers
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Targeting
name
- communications addresses
0 web service authentication data
0 ID card number or passport number
0 driving licence number
0 car registration number
0 bank card/credit card account numbers
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
BROAD OAK
- strategic target knowledge database
0 users justify and review retention of target
knowledge
- justification of targeting selectors
separate, but may be cascaded from target.
Will be default in future iteration of BROAD
OAK
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
BROAD OAK
- strategic target knowledge database
0 users justify and review retention of target
knowledge
- justification of targeting selectors
separate, but may be cascaded from target.
Will be default in future iteration of BROAD
OAK
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
:9 ?reeling - Hines!? lrnemel
Ehimwl=m1mnu=b
.. . ..
mg gal-1mm; gnaw radium-mung; ?MimF-?ql {lab-1mm ?ne-emu 35mm. ~5.33m gignwm?q. gamma {?1me ?mum gm
TBP UH '5 [lr-lL'I'
@9033:
Hg;
. stun-1i Ina-u
El'r'i 'Ti-nr'qa
- New Heleuur nary-?ing
a mm mm um
Ma whip.
Err-6i" 1.ralIu-au? Description: 'Businm Email Fm"- H'au?mum
El?n-1mm; Pas-.1qu Ella! sum Ea'fgrium Frog: nac- Claw-lat: -
??hm?l?MaHR?I?Iislnq - .
Team DelaierF? - Weaiiltll'ls Tar-lath: Hame- Suing: Targeted.
an: Eiuim: m: l'
m?eulew my: [Iain-?Eons HM Retell-jawed m: El
6F her-15 FRDH
1-in- Ju?Im a! In. cumming --
?emerge; 1132.311. ma. rm mama" EW: mum;
Inn-:4 Hit-alumina?; .
sheen ?utllu. warmr? hri?l?dl?r-
Warrant Expiry: .-. nge? Mpli?m?un:
Elia. urn- I - ,El
mm Fm,? ?Mu Fae-seen OH. E. Date Deaem'a'te?. mamabau Eli.
Date Suhnitted: immune LasLUMateu ay- Lee: mama-unam: museum
it it I: . .
gun-1 rm D-hner?ip t-c- uin Urunnrr: WIUREEHT Primh: ?3
eunirll?rp if ail-dun .
rlupunzbl-I 31D: 7 Eat: 253':'5
eF ?mi-?lm] Fur 'Ihle
'Ii . I I
Luv?; Hen C?urh'y [Mr-ap'h. -EE- Chm. HJA
. .. .. ..
"Linn main? Jar.? Tia-?ileum Fmtelxm Sew-1t? Lat-El: I SEERET unmercnwauemz Ewe mm
Illa-den:
?lm-HH- m?mw In {E'Iim??ent?elemunin any-me rit
D-I'l'n-5cm; eel: Lu ruler-E sans :r samurai]:
553-! HME 5M5 31' EMWM
SAHDICT LR: EH HGHE 53E 3
This inform-alien is exempt under the Freedom ref Infurn?taljen Act FDIAII and man.r be exempt under ether UH: infunnatiun legislation. Refer any FDIA 'quen'? to GEHQ en-
-er
.1'1
:9 ?reeling - Hines!? lrnemel
Ehimwl=m1mnu=b
.. . ..
mg gal-1mm; gnaw radium-mung; ?MimF-?ql {lab-1mm ?ne-emu 35mm. ~5.33m gignwm?q. gamma {?1me ?mum gm
TBP UH '5 [lr-lL'I'
@9033:
Hg;
. stun-1i Ina-u
El'r'i 'Ti-nr'qa
- New Heleuur nary-?ing
a mm mm um
Ma whip.
Err-6i" 1.ralIu-au? Description: 'Businm Email Fm"- H'au?mum
El?n-1mm; Pas-.1qu Ella! sum Ea'fgrium Frog: nac- Claw-lat: -
??hm?l?MaHR?I?Iislnq - .
Team DelaierF? - Weaiiltll'ls Tar-lath: Hame- Suing: Targeted.
an: Eiuim: m: l'
m?eulew my: [Iain-?Eons HM Retell-jawed m: El
6F her-15 FRDH
1-in- Ju?Im a! In. cumming --
?emerge; 1132.311. ma. rm mama" EW: mum;
Inn-:4 Hit-alumina?; .
sheen ?utllu. warmr? hri?l?dl?r-
Warrant Expiry: .-. nge? Mpli?m?un:
Elia. urn- I - ,El
mm Fm,? ?Mu Fae-seen OH. E. Date Deaem'a'te?. mamabau Eli.
Date Suhnitted: immune LasLUMateu ay- Lee: mama-unam: museum
it it I: . .
gun-1 rm D-hner?ip t-c- uin Urunnrr: WIUREEHT Primh: ?3
eunirll?rp if ail-dun .
rlupunzbl-I 31D: 7 Eat: 253':'5
eF ?mi-?lm] Fur 'Ihle
'Ii . I I
Luv?; Hen C?urh'y [Mr-ap'h. -EE- Chm. HJA
. .. .. ..
"Linn main? Jar.? Tia-?ileum Fmtelxm Sew-1t? Lat-El: I SEERET unmercnwauemz Ewe mm
Illa-den:
?lm-HH- m?mw In {E'Iim??ent?elemunin any-me rit
D-I'l'n-5cm; eel: Lu ruler-E sans :r samurai]:
553-! HME 5M5 31' EMWM
SAHDICT LR: EH HGHE 53E 3
This inform-alien is exempt under the Freedom ref Infurn?taljen Act FDIAII and man.r be exempt under ether UH: infunnatiun legislation. Refer any FDIA 'quen'? to GEHQ en-
-er
.1'1
This i
nfo rmation
Source field - be specific
GCHQ report ref and date
SRI id and date
call records including root number
unique customer reference
ALWAYS INCLUDE A DATE
e-mail from customer
voice
CRA
?5 exempt under the Freedom oflnformation Act 2000 FGIA) and menr be exempt under other UK information leg?Blation. Refer ?any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
This i
nfo rmation
Source field - be specific
GCHQ report ref and date
SRI id and date
call records including root number
unique customer reference
ALWAYS INCLUDE A DATE
e-mail from customer
voice
CRA
?5 exempt under the Freedom oflnformation Act 2000 FGIA) and menr be exempt under other UK information leg?Blation. Refer ?any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Intelligence requirements
0 use MIRANDA number that equates to
intelligence requirement
0 TD - improving specific target knowledge,
identifying new sources etc is justified by
the intelligence requirement for that target
0 BOT - tick ?SigDevt' box
under the Freedom oflnformation Act 2000 FGIA and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
i
x- or -@gchq.gsi.gov.uk
Intelligence requirements
0 use MIRANDA number that equates to
intelligence requirement
0 TD - improving specific target knowledge,
identifying new sources etc is justified by
the intelligence requirement for that target
0 BOT - tick ?SigDevt' box
under the Freedom oflnformation Act 2000 FGIA and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
i
x- or -@gchq.gsi.gov.uk
HRA justification
explain exactly why you are targeting this individual
don?t just repeat the MIRANDA number but add
value
BOT - cascade of target-level HRA justi?cation to
selectors
your responsibility to amend if necessary
indirect targeting
This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legBIation. Refer anyr queries to GCHQ on -
or -@gchq.gsi.gov.uk
HRA justification
explain exactly why you are targeting this individual
don?t just repeat the MIRANDA number but add
value
BOT - cascade of target-level HRA justi?cation to
selectors
your responsibility to amend if necessary
indirect targeting
This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legBIation. Refer anyr queries to GCHQ on -
or -@gchq.gsi.gov.uk
HRA justification
Russian Minster for Foreign affairs
dialling analysis links to Senior Russian energy
policymaker
wife of Russian Minister, targeted to provide travel
details of target
Employee at Chinese Embassy in London
Presidential Administration Experts Directorate;
access to info on Russian policy affecting UK
Russian energy
Chinese weapons programme
This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legBIation. Refer anyr queries to GCHQ on -
or -@gchq.gsi.gov.uk
HRA justification
Russian Minster for Foreign affairs
dialling analysis links to Senior Russian energy
policymaker
wife of Russian Minister, targeted to provide travel
details of target
Employee at Chinese Embassy in London
Presidential Administration Experts Directorate;
access to info on Russian policy affecting UK
Russian energy
Chinese weapons programme
This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legBIation. Refer anyr queries to GCHQ on -
or -@gchq.gsi.gov.uk
This
Revalidating targeting
make sure it is clear why you are continuing to
invade this person?s privacy, so:
record your justification for continuing targeting
make sure all ?elds contain the most recent information
available
ongoing process
if you can no longer justify targeting, record your
reason for deactivating and then deactivate
information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on -
or -@gchq.gsi.gov.uk
This
Revalidating targeting
make sure it is clear why you are continuing to
invade this person?s privacy, so:
record your justification for continuing targeting
make sure all ?elds contain the most recent information
available
ongoing process
if you can no longer justify targeting, record your
reason for deactivating and then deactivate
information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on -
or -@gchq.gsi.gov.uk
Data content retrieval
UDAQ, DISHFIRE, IIB
not all data in these bases is ?selected?
retrieval must be:
authorised (lawful)
necessary
proportionate
HRA screens; audit logs
0 target in UK datamining STA
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
Data content retrieval
UDAQ, DISHFIRE, IIB
not all data in these bases is ?selected?
retrieval must be:
authorised (lawful)
necessary
proportionate
HRA screens; audit logs
0 target in UK datamining STA
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
:3 .
EH Edi anew Fay-mm Innhluel: I
Audra-as mums ?gmemewn
??ier
?e
5 ?555
'jri'f
Wen-la tool-i
Lit.
Item New Query Manager FreFereznces Help
Intercept: IUpensc-Lurce I
Recoverantere-epl: l? Famdalejieese ll? Famdale_l:24:
I Select All I Deselect ell I
I SEAR-EH TERMS.
Hateh Operator
ICentent ?le" er 1 Puter'naljcnalltr adde mu betweer?l all tel-mi :l
enter?'?
Free-Text Add Te Query
I emu-[? NGTI
I
Query Type: Tran silent
query- Name
Description i]
Unclassi?ed srene
Cen?den tial DEN REESE
I HESSE SUUNDER
Top Secret Hesse sceeEL
JUSTIFICATICHN
a: Mir-andcl'ligle ?gene gtm? JIC Izl-rierll?lr
Furpnse - ngal Guld?l??f
view mew
me?: under other
.LI
7" -
Dee trip-Hen
Expiry Date
QUERY I
Dnly
Reeulta. Limit to apprux Ilia?I iteme {Mex HEDGE):
Schedule:
F5 Notify C'l'l
Sis-rel I search I
lnfunnatiun legislatiun. Refer any FDIA qua-H's In GCHQ cm.-
IEI
fl?EW
:3 .
EH Edi anew Fay-mm Innhluel: I
Audra-as mums ?gmemewn
??ier
?e
5 ?555
'jri'f
Wen-la tool-i
Lit.
Item New Query Manager FreFereznces Help
Intercept: IUpensc-Lurce I
Recoverantere-epl: l? Famdalejieese ll? Famdale_l:24:
I Select All I Deselect ell I
I SEAR-EH TERMS.
Hateh Operator
ICentent ?le" er 1 Puter'naljcnalltr adde mu betweer?l all tel-mi :l
enter?'?
Free-Text Add Te Query
I emu-[? NGTI
I
Query Type: Tran silent
query- Name
Description i]
Unclassi?ed srene
Cen?den tial DEN REESE
I HESSE SUUNDER
Top Secret Hesse sceeEL
JUSTIFICATICHN
a: Mir-andcl'ligle ?gene gtm? JIC Izl-rierll?lr
Furpnse - ngal Guld?l??f
view mew
me?: under other
.LI
7" -
Dee trip-Hen
Expiry Date
QUERY I
Dnly
Reeulta. Limit to apprux Ilia?I iteme {Mex HEDGE):
Schedule:
F5 Notify C'l'l
Sis-rel I search I
lnfunnatiun legislatiun. Refer any FDIA qua-H's In GCHQ cm.-
IEI
fl?EW
UDAQ
A JIC purpose
A use appropriate MIRANDA number
explain why you are running this query
9L principle applies to use of any Sigint
database
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on -
or -@gchq.gsi.gov.uk
UDAQ
A JIC purpose
A use appropriate MIRANDA number
explain why you are running this query
9L principle applies to use of any Sigint
database
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on -
or -@gchq.gsi.gov.uk
Questions you should ask
yourself
0 would my justification record be clear to a
coHeague?
0 have I justified invading this person?s privacy?
0 will my successor understand?
This information is exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
Questions you should ask
yourself
0 would my justification record be clear to a
coHeague?
0 have I justified invading this person?s privacy?
0 will my successor understand?
This information is exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
Audits
IPTs currently carry out targeting audit
10% of entries each year, randomly chosen
all UK entries each year, wildcards each audit
0 quick check of record key HRA aspects:
source field
HRAjustification
MIRANDA number
revalidation
- UDAQ Events also audited
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer anyr queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Audits
IPTs currently carry out targeting audit
10% of entries each year, randomly chosen
all UK entries each year, wildcards each audit
0 quick check of record key HRA aspects:
source field
HRAjustification
MIRANDA number
revalidation
- UDAQ Events also audited
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer anyr queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Questions?
Thi5 infermatien exempt under the Freedom eflnfarmatien Act 2000 FGIA) and manyr be exempt under other UK inferma?en leghlatien. Refer ?any:r queries In GCHQ en -
x- or -@gchq.gai.gev.uk
Questions?
Thi5 infermatien exempt under the Freedom eflnfarmatien Act 2000 FGIA) and manyr be exempt under other UK inferma?en leghlatien. Refer ?any:r queries In GCHQ en -
x- or -@gchq.gai.gev.uk
Operational Legalities
Targeting: location and
nationality
This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Operational Legalities
Targeting: location and
nationality
This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Location, location, location
A Law: specific RIPA authorisation for
interception of a target located in the UK
9L Policy: internal authorisation (STA) for a target
outside the UK if nationality and/or location is
sensitive
9n all targets require HRA justification (GCHQ is a
public authority interfering with individuals? human rights)
This information ?5 exempt under the Freedom oflnformatlon Act 2000 FGIA) and mayr be exempt under other UK information leg? - ran ueries lo GCHQ on -
x- or -@gchq.gsi.gov.uk
Location, location, location
A Law: specific RIPA authorisation for
interception of a target located in the UK
9L Policy: internal authorisation (STA) for a target
outside the UK if nationality and/or location is
sensitive
9n all targets require HRA justification (GCHQ is a
public authority interfering with individuals? human rights)
This information ?5 exempt under the Freedom oflnformatlon Act 2000 FGIA) and mayr be exempt under other UK information leg? - ran ueries lo GCHQ on -
x- or -@gchq.gsi.gov.uk
Location?
without other information, assume:
individual is in their country
mobile phone is in country of registration
email address with country digraph is there
This information is exempt under the Freedom oflnformation Act 2000 FOIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on -
or -@gchq.gsi.gov.uk
Location?
without other information, assume:
individual is in their country
mobile phone is in country of registration
email address with country digraph is there
This information is exempt under the Freedom oflnformation Act 2000 FOIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on -
or -@gchq.gsi.gov.uk
Location: belief knowledge
7t belief is n_ot 100% knowledge with hindsight;
you must not ?turn a blind eye?
7t based on the information available at any
particular time
7t this may vary - so should our response
This information is exempt under the Freedom oflnformation Act 2000 FOIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on -
or -@gchq.gsi.gov.uk
Location: belief knowledge
7t belief is n_ot 100% knowledge with hindsight;
you must not ?turn a blind eye?
7t based on the information available at any
particular time
7t this may vary - so should our response
This information is exempt under the Freedom oflnformation Act 2000 FOIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on -
or -@gchq.gsi.gov.uk
Target arrives or is discovered
to be in the next?
Consider authorisation options
continuation targeting RIPA s.16(5)
5 working days (1 for SC)
signed by GCHQ Directorate
then over to customer RIPA 5.8(1) warrant
under the Freedom oflnformation Act 2000 FOIA and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
ch . 5?
Target arrives or is discovered
to be in the next?
Consider authorisation options
continuation targeting RIPA s.16(5)
5 working days (1 for SC)
signed by GCHQ Directorate
then over to customer RIPA 5.8(1) warrant
under the Freedom oflnformation Act 2000 FOIA and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
ch . 5?
Target in the s.16(3)
9n frequent visitors to the UK or known targets
505 signature required modification to 8(4)
certificate
7L new selectors may be used
indirect targeting is not allo wed
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Target in the s.16(3)
9n frequent visitors to the UK or known targets
505 signature required modification to 8(4)
certificate
7L new selectors may be used
indirect targeting is not allo wed
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
If no authorisation is
7L examine and report traffic intercepted up to
time you knew target was in UK
7L use B3M HRA ?register? to alert
7L check location using events or THUGGEE
9L examine a cut (B3M UDAQ) every 48 to
check whereabouts
under the Freedom oflnformation Act 2000 FOIA and mayr be exempt under other UK information legislation. Refer any:r - .
i
x- or -@gohq.gsi.gov.uk
If no authorisation is
7L examine and report traffic intercepted up to
time you knew target was in UK
7L use B3M HRA ?register? to alert
7L check location using events or THUGGEE
9L examine a cut (B3M UDAQ) every 48 to
check whereabouts
under the Freedom oflnformation Act 2000 FOIA and mayr be exempt under other UK information legislation. Refer any:r - .
i
x- or -@gohq.gsi.gov.uk
Policy authorisations
0 STA and provide records of actions
where UK &/or British Overseas Territory
law does not require authorisation
respect 2nd Party sensitivities
actions are validated by a GCHQ senior (or
nominated GC8s in ITT)
we can justify targeting if challenged
QC is mandatory 7
?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Policy authorisations
0 STA and provide records of actions
where UK &/or British Overseas Territory
law does not require authorisation
respect 2nd Party sensitivities
actions are validated by a GCHQ senior (or
nominated GC8s in ITT)
we can justify targeting if challenged
QC is mandatory 7
?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Datamining STA
Datamining STA for target in UK valid for
two days
named SCS officer signs STA
one-off search
- Count-only searches: no authorisation
needed
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Datamining STA
Datamining STA for target in UK valid for
two days
named SCS officer signs STA
one-off search
- Count-only searches: no authorisation
needed
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Special C2C authorisations
- special access to email communications
0 NS only; limited criteria
0 16(3) or STA also required if location or
nationality sensitive
- SCS or GC6 approval
This information is exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
Special C2C authorisations
- special access to email communications
0 NS only; limited criteria
0 16(3) or STA also required if location or
nationality sensitive
- SCS or GC6 approval
This information is exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
SRA
- authorises receipt of 2 or 3P intelligence on
UK?based targets
where GCHQ has no authorisation
avoids indirect targeting
0 limited period only
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
SRA
- authorises receipt of 2 or 3P intelligence on
UK?based targets
where GCHQ has no authorisation
avoids indirect targeting
0 limited period only
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
Operational Legalities
SIGINT Development
This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Operational Legalities
SIGINT Development
This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
SD justification
- Enhancing GCHQ's capabilities is a national
security purpose
0 TD improving specific target knowledge,
identifying new sources etc is justified by
the intelligence requirement for that target
This information ?5 exempt under the Freedom oflnformatlon Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
SD justification
- Enhancing GCHQ's capabilities is a national
security purpose
0 TD improving specific target knowledge,
identifying new sources etc is justified by
the intelligence requirement for that target
This information ?5 exempt under the Freedom oflnformatlon Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
SD proportionality
Restrict to the minimum necessary:
0 refine wide initial terms
0 define length of task and/or volumes
- limit dissemination and retention
Aim: sustained targeting as soon as practicable
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
SD proportionality
Restrict to the minimum necessary:
0 refine wide initial terms
0 define length of task and/or volumes
- limit dissemination and retention
Aim: sustained targeting as soon as practicable
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
SD reporting
0 you may report from SD traffic
- reporting guidelines reflect HRA requirements
This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
SD reporting
0 you may report from SD traffic
- reporting guidelines reflect HRA requirements
This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
Content or metadata?
voice mail boxes
0 SMS text
0 an email inside a message
0 email subject line
0 URL beyond the domain name
(eg
an attached routing diagram
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Content or metadata?
voice mail boxes
0 SMS text
0 an email inside a message
0 email subject line
0 URL beyond the domain name
(eg
an attached routing diagram
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Content or metadata?
- IP address
0 email address
- DTMF (tone dialling)
- a URL up to the domain
(eg
- location
This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legBIation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Content or metadata?
- IP address
0 email address
- DTMF (tone dialling)
- a URL up to the domain
(eg
- location
This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legBIation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Content or metadata?
password
authentication to a communications service
communications data
other passwords content
cookie
depends on data may be either
This information ts exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
Content or metadata?
password
authentication to a communications service
communications data
other passwords content
cookie
depends on data may be either
This information ts exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
Questions?
Thi5 infermatien exempt under the Freedom eflnfarmetien Act 2000 FGIA) and manyr be exempt under other UK inferma?en leghlatien. Refer ?any:r queries In GCHQ en -
x- or -@gchq.gai.gev.uk
Questions?
Thi5 infermatien exempt under the Freedom eflnfarmetien Act 2000 FGIA) and manyr be exempt under other UK inferma?en leghlatien. Refer ?any:r queries In GCHQ en -
x- or -@gchq.gai.gev.uk
Second Parties
Australia, Canada,
New Zealand USA
. . it:
This information is exempt under the Freedom oflnformatien Act 2000 FGIA) pt under other UK informa?nn legislation. Refer ?any:r queries in GCHQ on -
.
and mayr be exem
- or hq galgemuk
Second Parties
Australia, Canada,
New Zealand USA
. . it:
This information is exempt under the Freedom oflnformatien Act 2000 FGIA) pt under other UK informa?nn legislation. Refer ?any:r queries in GCHQ on -
.
and mayr be exem
- or hq galgemuk
GCHQ and Second Parties
- partners respect each others? laws and policies
2nd parties treat UK nationals as their own
- GCHQ must not ask a 2r"d party to do
something for which we would need a warrant
- we must not task a 2nd party with targeting
that would be unlawful in that country
I . i - L533:
This information is exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leghlation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
GCHQ and Second Parties
- partners respect each others? laws and policies
2nd parties treat UK nationals as their own
- GCHQ must not ask a 2r"d party to do
something for which we would need a warrant
- we must not task a 2nd party with targeting
that would be unlawful in that country
I . i - L533:
This information is exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leghlation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
USSID SP0018
No interception of persons in US without
a warrant
- Court order needed to intercept US
persons outside the USA
0 your use of NSA collection databases
mUSt reSQt Party laws _d o icies
all .FE. - 7 kg
This information is exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
USSID SP0018
No interception of persons in US without
a warrant
- Court order needed to intercept US
persons outside the USA
0 your use of NSA collection databases
mUSt reSQt Party laws _d o icies
all .FE. - 7 kg
This information is exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Operational Legalities
Dissemination 8:
Disclosure
This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Operational Legalities
Dissemination 8:
Disclosure
This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Dissemination
A EP is sole vehicle for passing intelligence
to customers
Reporting Standards applies
proportionality principle to EP
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
Dissemination
A EP is sole vehicle for passing intelligence
to customers
Reporting Standards applies
proportionality principle to EP
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
Disclosure
SIGINT collected under RIPA may not be
used in court
Relevance to prosecutions
A Public Interest Immunity PII certificates
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
Disclosure
SIGINT collected under RIPA may not be
used in court
Relevance to prosecutions
A Public Interest Immunity PII certificates
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
Questions?
Thi5 infermatien exempt under the Freedom eflnfarmetien Act 2000 FGIA) and manyr be exempt under other UK inferma?en leghlatien. Refer ?any:r queries In GCHQ en -
x- or -@gchq.gai.gev.uk
Questions?
Thi5 infermatien exempt under the Freedom eflnfarmetien Act 2000 FGIA) and manyr be exempt under other UK inferma?en leghlatien. Refer ?any:r queries In GCHQ en -
x- or -@gchq.gai.gev.uk
Operational Legalities
Safeguards and Oversight
This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gohq.gsi.gov.uk
Operational Legalities
Safeguards and Oversight
This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gohq.gsi.gov.uk
RIPA safeguards
9n intercepted material must be destroyed as
soon as its retention is no longer
9L it must be looked at, copied and disseminated
to the minimum
?n a purpose authorised under the Act
A as a matter of policy, GCHQ applies this ethos
to all material it acquires, regardless of source
policies for EP and data retention
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on -
x- or -@gchq.gsi.gou.uk
RIPA safeguards
9n intercepted material must be destroyed as
soon as its retention is no longer
9L it must be looked at, copied and disseminated
to the minimum
?n a purpose authorised under the Act
A as a matter of policy, GCHQ applies this ethos
to all material it acquires, regardless of source
policies for EP and data retention
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on -
x- or -@gchq.gsi.gou.uk
Errors and breaches
7L mistakes happen and we report them
A OPP-LEG and LA role: help advice
A an apparent error may be:
i? breaking the law .
a breach of RIPA safeguards
nothing to worry about! .
A response: procedures, processes training
This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Errors and breaches
7L mistakes happen and we report them
A OPP-LEG and LA role: help advice
A an apparent error may be:
i? breaking the law .
a breach of RIPA safeguards
nothing to worry about! .
A response: procedures, processes training
This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Political oversight
7L Executive - a Secretary of State exercises
authority over the I 5 services and is
answerable to Parliament
A Parliament - Intelligence 8: Security
Committee examines expenditure,
administration and policy (not operations);
members within the circle of secrecy; reports
annually to Parliament
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer anyr queries to GCHQ on -
or -@gchq.gsi.gov.uk
Political oversight
7L Executive - a Secretary of State exercises
authority over the I 5 services and is
answerable to Parliament
A Parliament - Intelligence 8: Security
Committee examines expenditure,
administration and policy (not operations);
members within the circle of secrecy; reports
annually to Parliament
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer anyr queries to GCHQ on -
or -@gchq.gsi.gov.uk
Judicial oversight:
Commissioners
7t Senior Judges: independent of HMG and
Parliament
9n review Secretary of State's use of powers
under
7L guaranteed access to agencies
9n annual reports to the Prime Minister
This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Judicial oversight:
Commissioners
7t Senior Judges: independent of HMG and
Parliament
9n review Secretary of State's use of powers
under
7L guaranteed access to agencies
9n annual reports to the Prime Minister
This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Investigatory Powers
Tribunal (IPT)
comprises 8 independent lawyers
investigates complaints against Agencies, law
enforcement etc
0 anyone, anywhere may complain
more than 40 people within GCHQ assist in
responding to complaint; audit logs
This information ts exempt under the Freedom oflnformatlon Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Investigatory Powers
Tribunal (IPT)
comprises 8 independent lawyers
investigates complaints against Agencies, law
enforcement etc
0 anyone, anywhere may complain
more than 40 people within GCHQ assist in
responding to complaint; audit logs
This information ts exempt under the Freedom oflnformatlon Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
The Tribunal will
what did we do?
0 was the action authorised?
was it necessary?
0 was it proportionate?
- did GCHQ act reasonably within its powers?
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
The Tribunal will
what did we do?
0 was the action authorised?
was it necessary?
0 was it proportionate?
- did GCHQ act reasonably within its powers?
This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
Operational Legalities
Wrap up
This information i5 exempt under the Freedom oflnformation Act 2000 FGIA) and ma?yr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Operational Legalities
Wrap up
This information i5 exempt under the Freedom oflnformation Act 2000 FGIA) and ma?yr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Key points: does it legally?
1. Your work must be:
- authorised
- necessary
- proportionate
2. Location:
beware UK UKUSA
seek authorisation
3. Errors: we are
honest and report them
under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
Key points: does it legally?
1. Your work must be:
- authorised
- necessary
- proportionate
2. Location:
beware UK UKUSA
seek authorisation
3. Errors: we are
honest and report them
under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
x- or -@gchq.gsi.gov.uk
What does this mean for me?
0Collection/technical staff: know what you can
and cannot intercept
-Collection mana? help ensure
selectors are justified and proportionate
oAnalyst/linguist: justify your targeting, seek
warrant or STA where necessary
oReporter: report only what is necessary to
address the requirement
This information entempt under 'Freemm of information Act 2000 FGIA) and mayr be exempt under other UK information legBIation. Refer anyr queries to GCHQ on -
or -@gchq.gsi.gov.uk
What does this mean for me?
0Collection/technical staff: know what you can
and cannot intercept
-Collection mana? help ensure
selectors are justified and proportionate
oAnalyst/linguist: justify your targeting, seek
warrant or STA where necessary
oReporter: report only what is necessary to
address the requirement
This information entempt under 'Freemm of information Act 2000 FGIA) and mayr be exempt under other UK information legBIation. Refer anyr queries to GCHQ on -
or -@gchq.gsi.gov.uk
Contacts
0 visit OPP-LEG in B4a
- call 36559
0 email laigchq
- OPP-LEG web pages compliance website
speak to your Legal POC ..
This information is exempt under the Freedom oflnformation Act 2000 FOIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
Contacts
0 visit OPP-LEG in B4a
- call 36559
0 email laigchq
- OPP-LEG web pages compliance website
speak to your Legal POC ..
This information is exempt under the Freedom oflnformation Act 2000 FOIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on -
or -@gchq.gsi.gov.uk
Legal 8: Policy Leads
UPC-CHE
erl: Freedom :15 Information Act Film] and men.r be exempt under other UK inl?omaticln legislation. Refer any FDIA queria tn GCHQ cm -
a Dr
Legal 8: Policy Leads
UPC-CHE
erl: Freedom :15 Information Act Film] and men.r be exempt under other UK inl?omaticln legislation. Refer any FDIA queria tn GCHQ cm -
a Dr
Questions?
Thi5 infermatinn ?5 exempt under the Freed-3m eflnfarmatien Act 2000 FGIA) and manyr be exempt under other UK inferma?nn leghlatinn. Refer ?any:r queries 13:: GCHQ en -
x- or -@gchq.gai.gev.uk
Questions?
Thi5 infermatinn ?5 exempt under the Freed-3m eflnfarmatien Act 2000 FGIA) and manyr be exempt under other UK inferma?nn leghlatinn. Refer ?any:r queries 13:: GCHQ en -
x- or -@gchq.gai.gev.uk
Operational Legalities
II
I
Protective marking of these notes: SECRET STRAPI
Protective marking of slides: UNCLASSIFIED
CORINTH
Intro; welcome; aims legal framework and how to apply this in day-
to-day work
GCHQ operates within the law; everyone?s responsibility; but we?re
here to help
Training is part of that
But we also:
-Offer advice (desk, legal inbox, etc) aim for prompt service; lawyers
always on hand as well;
-Deal with warrantry and disclosure
-Help shape new tools and applications
-Develop new policy as new requirements emerge, esp. with new
techniques, accesses etc that want to exploit
Our job is to enable Sigint: we have processes that enable us to do
things that would be illegal to the man on the street
But with that comes responsibilities.
Operational Legalities
II
I
Protective marking of these notes: SECRET STRAPI
Protective marking of slides: UNCLASSIFIED
CORINTH
Intro; welcome; aims legal framework and how to apply this in day-
to-day work
GCHQ operates within the law; everyone?s responsibility; but we?re
here to help
Training is part of that
But we also:
-Offer advice (desk, legal inbox, etc) aim for prompt service; lawyers
always on hand as well;
-Deal with warrantry and disclosure
-Help shape new tools and applications
-Develop new policy as new requirements emerge, esp. with new
techniques, accesses etc that want to exploit
Our job is to enable Sigint: we have processes that enable us to do
things that would be illegal to the man on the street
But with that comes responsibilities.
Not for display
- Beware: there are several hidden slides
in this presentation. If you see this you
will also see the other hidden ones.
- To find which are hidden, use slide
sorter View
- There?s a print option to ignore hidden
slides
Not for display
- Beware: there are several hidden slides
in this presentation. If you see this you
will also see the other hidden ones.
- To find which are hidden, use slide
sorter View
- There?s a print option to ignore hidden
slides
Agenda
Legal Framework
Tasking Targeting
incl Location/Nationality
SD Co?ee/tea What?s OUT
Second Parties Data Protection
Dissemination Disclosure Of?cial Secrets
Safeguards 8i Oversight 01A
Wrap-up
Thu .5 unir rim or his ma?a-minim: bim?g?ff "r?m'm him-?m- m? mm ?3 -
Structure
Blue lawyer, green (red audience)
30-minute brief intro to legal framework - lawyer
30 minutes on how this is applied to tasking and targeting OPP-LEG
15 minutes coffee-tea break when you can pick up and read quiz
sheets
15 minutes on SD and Second Parties OPP-LEG
15 minutes in groups to consider quiz
15 minutes led discussion on quiz questions
15 minutes on legal safeguards and oversight
15 minutes for wrap-up and further questions
Handouts on targeting and feedback sheet at the end
Reporting governed by same principles as targeting so covered in
general terms, but IPUL do the detailed guidance
Happy to take questions as we go along but if they?re on other areas
please leave sure we?ye covered the main
material ?rst. Ask about jargonll
Agenda
Legal Framework
Tasking Targeting
incl Location/Nationality
SD Co?ee/tea What?s OUT
Second Parties Data Protection
Dissemination Disclosure Of?cial Secrets
Safeguards 8i Oversight 01A
Wrap-up
Thu .5 unir rim or his ma?a-minim: bim?g?ff "r?m'm him-?m- m? mm ?3 -
Structure
Blue lawyer, green (red audience)
30-minute brief intro to legal framework - lawyer
30 minutes on how this is applied to tasking and targeting OPP-LEG
15 minutes coffee-tea break when you can pick up and read quiz
sheets
15 minutes on SD and Second Parties OPP-LEG
15 minutes in groups to consider quiz
15 minutes led discussion on quiz questions
15 minutes on legal safeguards and oversight
15 minutes for wrap-up and further questions
Handouts on targeting and feedback sheet at the end
Reporting governed by same principles as targeting so covered in
general terms, but IPUL do the detailed guidance
Happy to take questions as we go along but if they?re on other areas
please leave sure we?ye covered the main
material ?rst. Ask about jargonll
Operational Legalities
Legal Framework
Thu Irfn'matnn l5 mn? I11.- Df Ad .2053 WWII.) and rncqur mnp! untr uU'rrLH nl'n'milm hgula?m. Rzl'rr arrf FCIHI. in GIHQ l'.l'l -
JI- :Ir 9:1.le
Operational Legalities
Legal Framework
Thu Irfn'matnn l5 mn? I11.- Df Ad .2053 WWII.) and rncqur mnp! untr uU'rrLH nl'n'milm hgula?m. Rzl'rr arrf FCIHI. in GIHQ l'.l'l -
JI- :Ir 9:1.le
Legal Framework
Intelligence Services Act 1994
- functions; property interference; oversight
Human Rights Act 1998
- public authorities must act in accordance with ECHR
Regulation of Investigatory Powers Act 2000
- interception; safeguards; oversight
Wireless Telegraphy Act 2006
- interception/interference
The Irl'nn'nabnn l5 emf! umbrle Freedom Dl" ha! zoos and maybe Hermit u'lcbr ull'lrLN Irfn'rnallmlegubllm. Refer err,? FDTII. qumuz In ECHQ on -
-
- This is the legal framework that affect GCHQ Sigint operations and sets out
the 3 main Acts.
- ISA - governs the functions of GCHQ
- HRA - helps protect people?s privacy in general NOT just their
communications eg people round Heathrow?s new terminal feel their privan
is being violated
- it gained Roval Assent in 1998 but didn?t come into effect until 2 October
2000 when RIPA was set up.
- RIPA is the mechanism we use by which we make it ok to carrv out
interception
- WTA covers interception of am; wireless telegraphv not covered by RIPA
Background:
- HRA was a manifesto commitment of the new labour govt in 199? to allow people
under ECHR to pursue a case through the UK courts if grievance claim that their HR
have been interfered with; rather than taking it to Strasbourg
- Roval assent - act on statute books - signed by Queen
- RIPA 2000 covered for interception and surveillance comms data provided for 5
Januarv 2004
Legal Framework
Intelligence Services Act 1994
- functions; property interference; oversight
Human Rights Act 1998
- public authorities must act in accordance with ECHR
Regulation of Investigatory Powers Act 2000
- interception; safeguards; oversight
Wireless Telegraphy Act 2006
- interception/interference
The Irl'nn'nabnn l5 emf! umbrle Freedom Dl" ha! zoos and maybe Hermit u'lcbr ull'lrLN Irfn'rnallmlegubllm. Refer err,? FDTII. qumuz In ECHQ on -
-
- This is the legal framework that affect GCHQ Sigint operations and sets out
the 3 main Acts.
- ISA - governs the functions of GCHQ
- HRA - helps protect people?s privacy in general NOT just their
communications eg people round Heathrow?s new terminal feel their privan
is being violated
- it gained Roval Assent in 1998 but didn?t come into effect until 2 October
2000 when RIPA was set up.
- RIPA is the mechanism we use by which we make it ok to carrv out
interception
- WTA covers interception of am; wireless telegraphv not covered by RIPA
Background:
- HRA was a manifesto commitment of the new labour govt in 199? to allow people
under ECHR to pursue a case through the UK courts if grievance claim that their HR
have been interfered with; rather than taking it to Strasbourg
- Roval assent - act on statute books - signed by Queen
- RIPA 2000 covered for interception and surveillance comms data provided for 5
Januarv 2004
Intelligence Services Act
- applies to all operations under control of
Director GCHQ
- defines SIGINT function
- prescribes purposes for SIGINT function:
National Security
Economic Well-being of the UK (EWB)
Prevention/detection of serious crime
This Is mm! unir of Irfn'rnatm Ad map! untr nl'n'rnatlm hgula?m. Rzl'rr in IIHQ on -
'3
zero momma maybe
-a-nr- mum-m
Until 1994, GCHQ and SIS did not have an act in law to de?ne their
function.
BSS have the Security Services Act; ISA followed this.
De?nition: to monitor or interfere with electromagnetic, acoustic and
other emissions and any equipment producing such emissions and to
obtain and provide information derived from or related to such
emissions or equipment and ?om material
Advice and assistance about languages and
Broad covers passive collection; now also covers computer network
exploitation; rare to ?nd something that it doesn?t cover. BUT Act
does closely preso?ibe purposa for which GCHQ can exercise this
function. 3 purposes. Jonny stealing a Mars Bar example!
We are driven by customer requirements and need to make sure that
what we are asked to do falls within these 3 categories
(SC has four de?nitions, de?ned under RIPA).
This is the hard law; it?s the basic starting point; once we have
established that work meets this, move onto other considerations.
Intelligence Services Act
- applies to all operations under control of
Director GCHQ
- defines SIGINT function
- prescribes purposes for SIGINT function:
National Security
Economic Well-being of the UK (EWB)
Prevention/detection of serious crime
This Is mm! unir of Irfn'rnatm Ad map! untr nl'n'rnatlm hgula?m. Rzl'rr in IIHQ on -
'3
zero momma maybe
-a-nr- mum-m
Until 1994, GCHQ and SIS did not have an act in law to de?ne their
function.
BSS have the Security Services Act; ISA followed this.
De?nition: to monitor or interfere with electromagnetic, acoustic and
other emissions and any equipment producing such emissions and to
obtain and provide information derived from or related to such
emissions or equipment and ?om material
Advice and assistance about languages and
Broad covers passive collection; now also covers computer network
exploitation; rare to ?nd something that it doesn?t cover. BUT Act
does closely preso?ibe purposa for which GCHQ can exercise this
function. 3 purposes. Jonny stealing a Mars Bar example!
We are driven by customer requirements and need to make sure that
what we are asked to do falls within these 3 categories
(SC has four de?nitions, de?ned under RIPA).
This is the hard law; it?s the basic starting point; once we have
established that work meets this, move onto other considerations.
Human Rights Act 1998
- incorporates the ECHR into UK law
- requires all UK public authorities to act in
accordance with the ECHR
- allows actions against public authorities by
aggrieved parties
- RIPA, ISA and WTA are the vehicles through
which ECHR or compatibility? are met
bl.- amp! u'lchr :Itl'lrrUH nl'n'rr?lm hgula?m. Refer mfFCIllI. [cl IIHQ -
may
- JI- :Ir 91rd?;
Th5 Irl'cln'na?m I5 Freedom DfIrl'cln'nanm Ad .2
ECHR: post WW2, nations combined to ensure atrocities didn?t happen
again
-as a public authority it is unlawful for GCHQ to act in a way which is
incompatible with a convention right
- Public authorities are of 3 types:
- government depts/health authorities/armed forces/police
(NUT parliament)
- courts and tribunals
- personlorg carrying out functions of public nature (eg
Railtrack when acting as safety regulator but not as commercial
property developer)
- Some are absolute: eg. right to life, to protection from torture,
inhuman and degrading treatment and punishment
- Some are limited eg. the right to liberty (unless you commit an
offence) and to a fair trial can be limited under explicit and ?nite
circumstances de?ned in the Convention itself.
- Others are ..
Term HRA will be known to many of you if you target, use Corinth
easy to forget that this is part of UK law
Point 3: compliance and oversight more later
Human Rights Act 1998
- incorporates the ECHR into UK law
- requires all UK public authorities to act in
accordance with the ECHR
- allows actions against public authorities by
aggrieved parties
- RIPA, ISA and WTA are the vehicles through
which ECHR or compatibility? are met
bl.- amp! u'lchr :Itl'lrrUH nl'n'rr?lm hgula?m. Refer mfFCIllI. [cl IIHQ -
may
- JI- :Ir 91rd?;
Th5 Irl'cln'na?m I5 Freedom DfIrl'cln'nanm Ad .2
ECHR: post WW2, nations combined to ensure atrocities didn?t happen
again
-as a public authority it is unlawful for GCHQ to act in a way which is
incompatible with a convention right
- Public authorities are of 3 types:
- government depts/health authorities/armed forces/police
(NUT parliament)
- courts and tribunals
- personlorg carrying out functions of public nature (eg
Railtrack when acting as safety regulator but not as commercial
property developer)
- Some are absolute: eg. right to life, to protection from torture,
inhuman and degrading treatment and punishment
- Some are limited eg. the right to liberty (unless you commit an
offence) and to a fair trial can be limited under explicit and ?nite
circumstances de?ned in the Convention itself.
- Others are ..
Term HRA will be known to many of you if you target, use Corinth
easy to forget that this is part of UK law
Point 3: compliance and oversight more later
The European Convention on
Human Rights (ECHR)
Article 8 is of most obvious relevance to GCHQ:
8.1. ?Everyone has the right to respect for his
private and family life, his home and his
correspondence.
8.2. ?There shall be no interference by a public
authority with the exercise of this right except
such as is in accordance with the law and is
necessary in a democratic
Thu mm"! E1: Front-n ofIrfn'rr?m hi1 cal:an bgulanm.2053 WWII.) and may l1-
-a-nr- mam-m .-
psal-
Obvious why relevant to GCHQ examining forms of intercept; very
intrusive.
e.g. Heathrow night ?ights; partially successful.
8.2 is key right to privacy is not absolute. Public authorities may
interfere 1with this if certain conditions are met.
Brings concept of proportionality into UK law for ?rst time. Ends
mustjuslify means; Sigint as last resort.
The European Convention on
Human Rights (ECHR)
Article 8 is of most obvious relevance to GCHQ:
8.1. ?Everyone has the right to respect for his
private and family life, his home and his
correspondence.
8.2. ?There shall be no interference by a public
authority with the exercise of this right except
such as is in accordance with the law and is
necessary in a democratic
Thu mm"! E1: Front-n ofIrfn'rr?m hi1 cal:an bgulanm.2053 WWII.) and may l1-
-a-nr- mam-m .-
psal-
Obvious why relevant to GCHQ examining forms of intercept; very
intrusive.
e.g. Heathrow night ?ights; partially successful.
8.2 is key right to privacy is not absolute. Public authorities may
interfere 1with this if certain conditions are met.
Brings concept of proportionality into UK law for ?rst time. Ends
mustjuslify means; Sigint as last resort.
The European Convention on
Human Rights
the interests of national security, public
safety or the economic well-being of the
country, for the prevention of disorder or
crime, for the protection of public health and
morals, or for the protection of the rights and
freedoms of others.?
Thu mrr? H1: Fr?ch'n Ad .2053 mm untro?trLK nl'brrnatlm bgulanm. Rziirr In IIHQ on -
gonad-z
?Just? 3 at the moment. No reason why remit could not be
changed in future but this is 1what we are allowed to do at the
moment.
The European Convention on
Human Rights
the interests of national security, public
safety or the economic well-being of the
country, for the prevention of disorder or
crime, for the protection of public health and
morals, or for the protection of the rights and
freedoms of others.?
Thu mrr? H1: Fr?ch'n Ad .2053 mm untro?trLK nl'brrnatlm bgulanm. Rziirr In IIHQ on -
gonad-z
?Just? 3 at the moment. No reason why remit could not be
changed in future but this is 1what we are allowed to do at the
moment.
Need for authorisation
- ensures compliance with requirements of
ECHR and HRA
- SIGINT intercept/CNE is illegal in UK
without it offences)
- gives visibility of operational activities to
GCHQ seniors 505
Thu Irfn'matnn new H1.- of Irfn'rr?m Ad .2053 WOW.) drna'rlr mm urltr nrn'rnatlm bgulanm. Rzl'cr n: GCHQ on -
an
- 1-Dr '?gi'lqgu grand-z
1. Hard reason criminal offence. Give example of journalist recentlv
jailed.
Civil servants are not immune from prosecution.
2. Soft reason. Means that someone, usuallv makes a
judgement of proportionality and necessity.
3. Policy.
10
Need for authorisation
- ensures compliance with requirements of
ECHR and HRA
- SIGINT intercept/CNE is illegal in UK
without it offences)
- gives visibility of operational activities to
GCHQ seniors 505
Thu Irfn'matnn new H1.- of Irfn'rr?m Ad .2053 WOW.) drna'rlr mm urltr nrn'rnatlm bgulanm. Rzl'cr n: GCHQ on -
an
- 1-Dr '?gi'lqgu grand-z
1. Hard reason criminal offence. Give example of journalist recentlv
jailed.
Civil servants are not immune from prosecution.
2. Soft reason. Means that someone, usuallv makes a
judgement of proportionality and necessity.
3. Policy.
10
Authorisation
Regulation of Investigatory Powers
Act 2000
Interception surveillance
Intelligence Services Act 1994
Effects
Wireless Telegraphy Act 2006
Interception interference with wireless
telegra phy
Thu Irformotnn I5 mm! Eh.- cf Irfn'rr?m Ad .2053 Elmo'be map! untr nl'n'rr?lm hgulanm. Refer n: GZHQ on -
on
W1qu Lt
(Other considerations e.g. oversight) but this is what each one
authorises.
More detail on RIPA and ISA to follow
Surveillance for GCHQ, tends to be electronic surveillance (JTRIG)
although covers more ?traditional? forms of surveillance
WTA e.g. police broadcasts
11
Authorisation
Regulation of Investigatory Powers
Act 2000
Interception surveillance
Intelligence Services Act 1994
Effects
Wireless Telegraphy Act 2006
Interception interference with wireless
telegra phy
Thu Irformotnn I5 mm! Eh.- cf Irfn'rr?m Ad .2053 Elmo'be map! untr nl'n'rr?lm hgulanm. Refer n: GZHQ on -
on
W1qu Lt
(Other considerations e.g. oversight) but this is what each one
authorises.
More detail on RIPA and ISA to follow
Surveillance for GCHQ, tends to be electronic surveillance (JTRIG)
although covers more ?traditional? forms of surveillance
WTA e.g. police broadcasts
11
Regulation of Investigatory
Powers Act 2000 (RIPA)
interception in the UK of comms carried on a
public or private telecommunications system
9? surveillance covert human intelligence
source (CHIS) activity
9? acquisition of comms data
i not just applicable to GCHQ
Th: Irrnn'nonm I: min-nit! umbrle Freedom Di" Irl'nrrnabm Sui zoos and maybe Hermit u'lcbr Irfn'rnallmlegslallm. Refer arr,? FDTII. qumuz In on -
- gunk.
IRIPA -
- provides for interception and surveillance by public authorities since HRA came
into force
- It focuses on rights of individuals located in the UK (regardless of nationality)
and provides for warrants to be issued to authorise interception of comms
(including comms outside UK)
-Point 2 GCHQ could do this in law but hasn?t to date; Joint Section work with
covered by their warrants.
-Point 3 covers data direct from CSPs
-Also police, fraud of?ce, anvone carrying out intercept
12
Regulation of Investigatory
Powers Act 2000 (RIPA)
interception in the UK of comms carried on a
public or private telecommunications system
9? surveillance covert human intelligence
source (CHIS) activity
9? acquisition of comms data
i not just applicable to GCHQ
Th: Irrnn'nonm I: min-nit! umbrle Freedom Di" Irl'nrrnabm Sui zoos and maybe Hermit u'lcbr Irfn'rnallmlegslallm. Refer arr,? FDTII. qumuz In on -
- gunk.
IRIPA -
- provides for interception and surveillance by public authorities since HRA came
into force
- It focuses on rights of individuals located in the UK (regardless of nationality)
and provides for warrants to be issued to authorise interception of comms
(including comms outside UK)
-Point 2 GCHQ could do this in law but hasn?t to date; Joint Section work with
covered by their warrants.
-Point 3 covers data direct from CSPs
-Also police, fraud of?ce, anvone carrying out intercept
12
RI PA warrants
5. 8(4) ?external' warrants
authorise ?at least one end foreign? interception
authorise selection according to Certi?cate
entries
1 target must be outside the UK (absent
additional authorisation)
ensure individuals? ECHR rights are protected
on a world-wide basis
Thu new H1.- of Irfn'rr?m hi: .2 drna'rlr mm urltr nrn'rnatlm bgulanm. Rzl'cr n: GCHQ on -
- :I-or '?gi'lqgu gourd-z
[Pass round copy of certi?cate - later]
Mention SD and DefMon are covered
We have 10 one ?global? that covers Bude, MHS, Cyprus
-others for special source accesses
Selection of material governed by Certi?cate, specifying general
categories of material, rather than a speci?c individualiselectors.
Categories broadly mirror JIC requirements.
Slide 4 individual?s rights protected on world-wide basis; also allows
for anyone anywhere in the world to complain about our actions;
means we can demonstrate to Tribunal that we have acted lawfully.
13
RI PA warrants
5. 8(4) ?external' warrants
authorise ?at least one end foreign? interception
authorise selection according to Certi?cate
entries
1 target must be outside the UK (absent
additional authorisation)
ensure individuals? ECHR rights are protected
on a world-wide basis
Thu new H1.- of Irfn'rr?m hi: .2 drna'rlr mm urltr nrn'rnatlm bgulanm. Rzl'cr n: GCHQ on -
- :I-or '?gi'lqgu gourd-z
[Pass round copy of certi?cate - later]
Mention SD and DefMon are covered
We have 10 one ?global? that covers Bude, MHS, Cyprus
-others for special source accesses
Selection of material governed by Certi?cate, specifying general
categories of material, rather than a speci?c individualiselectors.
Categories broadly mirror JIC requirements.
Slide 4 individual?s rights protected on world-wide basis; also allows
for anyone anywhere in the world to complain about our actions;
means we can demonstrate to Tribunal that we have acted lawfully.
13
RI PA warrants
5. 8(1) ?line-access' warrants
warrant authorises target (person or premises)
in the UK
9? schedules give telecomms addresses
9? schedules are served on those who can provide
the communications (usually CSPs)
PRESTON
Thu Irfn'mdnn I5 mm! unir cf Irfn'rr?m in map! urltr nl'n'rr?lm hgula?m. Refer [n IIHQ on -
205:
-a-nr- mum-m
RIPA makes no distinction based on nationality (cf. there?ll be a
slide on this later.
The address can be a tel no or an email address warrant signed by
but
Schedules can be modi?ed by WLD (Whitehall liaison department) or
by a Director in an emergencv
GCHQ all current warrants are against premises rather than
individuals because of demarcation of responsibilities (us: foreign intel;
BSS internal UK although we may do intercept for them)
GCHQ must have schedule served on it to target selectors on our
external warrant; see error report in legal inbox 26/10/2001
Expand CSPs if not mentioned alreadv once served by a schedule,
have to comply with it (law). GCHQ can also be served bv schedules.
GCHQ therefore insists on seeing copies of warrant schedules before
taking action because of previous muck-ups which have had to be
repented to the Commissioner. Involves simple, well-established
comms process between LEG and SS warrantrv team.
Sav: No schedule No targeting! 14
RI PA warrants
5. 8(1) ?line-access' warrants
warrant authorises target (person or premises)
in the UK
9? schedules give telecomms addresses
9? schedules are served on those who can provide
the communications (usually CSPs)
PRESTON
Thu Irfn'mdnn I5 mm! unir cf Irfn'rr?m in map! urltr nl'n'rr?lm hgula?m. Refer [n IIHQ on -
205:
-a-nr- mum-m
RIPA makes no distinction based on nationality (cf. there?ll be a
slide on this later.
The address can be a tel no or an email address warrant signed by
but
Schedules can be modi?ed by WLD (Whitehall liaison department) or
by a Director in an emergencv
GCHQ all current warrants are against premises rather than
individuals because of demarcation of responsibilities (us: foreign intel;
BSS internal UK although we may do intercept for them)
GCHQ must have schedule served on it to target selectors on our
external warrant; see error report in legal inbox 26/10/2001
Expand CSPs if not mentioned alreadv once served by a schedule,
have to comply with it (law). GCHQ can also be served bv schedules.
GCHQ therefore insists on seeing copies of warrant schedules before
taking action because of previous muck-ups which have had to be
repented to the Commissioner. Involves simple, well-established
comms process between LEG and SS warrantrv team.
Sav: No schedule No targeting! 14
RI PA wa rra nts/ certificates
6 months? duration for 3 months for SC
approval and renewal by Secretary of State
at can be modified addresses, categories
i urgency provisions
The mrr? H1: :fIrfn'rr?m hi: .2 drnaq'lr mm! bgulonm. Refer turtles In ECHQ on -
- 1-Dr I?gi'lqgu grand-z
Urgency:
-GCHQ senior of?cial (on list) may sign:
-urgent 8(1) warrant if expressly authorised by
schedule modi?cation
-16(3) urgent modi?cation
15
RI PA wa rra nts/ certificates
6 months? duration for 3 months for SC
approval and renewal by Secretary of State
at can be modified addresses, categories
i urgency provisions
The mrr? H1: :fIrfn'rr?m hi: .2 drnaq'lr mm! bgulonm. Refer turtles In ECHQ on -
- 1-Dr I?gi'lqgu grand-z
Urgency:
-GCHQ senior of?cial (on list) may sign:
-urgent 8(1) warrant if expressly authorised by
schedule modi?cation
-16(3) urgent modi?cation
15
ISA warrants 8: authorisation
- Computer Misuse Act 1990 (CMA)
- s.5 warrant necessary if target computer is
in the British Islands (NS only)
- s.7 authorisation if elsewhere
- mimics RIPA warrantry
- s.7 subject to internal procedures
This Irfn'rnatnn new H1.- cf Irfn'rr?m hi: .2 drna'rlr mm urltr nrn'rnatlm bgulanm. Rzi'cr n: GCHQ on -
- :I-or @911un grand-z
1. Criminal offence to interfere with someone?s computer unless
properly authorised.
Viewed seriously in the possible jail terms due to increase to
between 5-10 years.
2. Signed by
3. Signed by but individual operations signed by DD, allows CNE
more ?exibility.
16
ISA warrants 8: authorisation
- Computer Misuse Act 1990 (CMA)
- s.5 warrant necessary if target computer is
in the British Islands (NS only)
- s.7 authorisation if elsewhere
- mimics RIPA warrantry
- s.7 subject to internal procedures
This Irfn'rnatnn new H1.- cf Irfn'rr?m hi: .2 drna'rlr mm urltr nrn'rnatlm bgulanm. Rzi'cr n: GCHQ on -
- :I-or @911un grand-z
1. Criminal offence to interfere with someone?s computer unless
properly authorised.
Viewed seriously in the possible jail terms due to increase to
between 5-10 years.
2. Signed by
3. Signed by but individual operations signed by DD, allows CNE
more ?exibility.
16
ISA warrants 8: authorisation
- 6 months? duration; only not SC
for warrant but possible for authorisation
- approval and renewal by Secretary of State
modification
1 urgency/operational effectiveness
provisions
Thu mrr? H1: DfIrfn'rr?m hi: .2 drna'rlr marl bgulanm. Rzi'cr turtles In ECHQ on -
- :I-or I?gi'lqgu grand-z
Urgency:
- GCHQ senior of?cial (on list) may sign:
- Urgent s.5 warrant to do something alreadv authorised
abroad under a authorisation
- 5-day grace extension when machine enters UK
1?
ISA warrants 8: authorisation
- 6 months? duration; only not SC
for warrant but possible for authorisation
- approval and renewal by Secretary of State
modification
1 urgency/operational effectiveness
provisions
Thu mrr? H1: DfIrfn'rr?m hi: .2 drna'rlr marl bgulanm. Rzi'cr turtles In ECHQ on -
- :I-or I?gi'lqgu grand-z
Urgency:
- GCHQ senior of?cial (on list) may sign:
- Urgent s.5 warrant to do something alreadv authorised
abroad under a authorisation
- 5-day grace extension when machine enters UK
1?
Wireless Teleg raphy Act
- authorises interception of wireless
ie that not covered by RIPA
- Secretary of State issues but without limit
of time
- still needs to be proportionate
Thu I: cum"! E1: ?nch-n of Irfn?rr?m Ad .2053 and marl].- urltr nil-Irrle n?a'rr?lm haul-anon. Rz?rr In IIHQ on -
JI- :Ir -I?g:hqg5 93-41le
18
Wireless Teleg raphy Act
- authorises interception of wireless
ie that not covered by RIPA
- Secretary of State issues but without limit
of time
- still needs to be proportionate
Thu I: cum"! E1: ?nch-n of Irfn?rr?m Ad .2053 and marl].- urltr nil-Irrle n?a'rr?lm haul-anon. Rz?rr In IIHQ on -
JI- :Ir -I?g:hqg5 93-41le
18
RIPA Directed Surveillance
Authorisations
- GCHQ does directed surveillance when it
observes a target with intention of gathering
private data on the target?s private lifejr
associates and/or activities
- excludes historical research eg computer
forensics
Thu Irfn'rr?nn l5 mun-rt! E1: cf Irfn'rr?m Ad .2053 mrr? untr n?a'rr?lm bgulanm. Rzlirr In IIHQ on
- 1-Dr I?gi'lqgu guard-z -
SI gn ed Internally
JTRIG including JEDI pods
Passive internet monitoring
19
RIPA Directed Surveillance
Authorisations
- GCHQ does directed surveillance when it
observes a target with intention of gathering
private data on the target?s private lifejr
associates and/or activities
- excludes historical research eg computer
forensics
Thu Irfn'rr?nn l5 mun-rt! E1: cf Irfn'rr?m Ad .2053 mrr? untr n?a'rr?lm bgulanm. Rzlirr In IIHQ on
- 1-Dr I?gi'lqgu guard-z -
SI gn ed Internally
JTRIG including JEDI pods
Passive internet monitoring
19
Questions?
Thu mrr? H1: ?nch-n DfIrfDm?m Ad .2053 mm! untru?rrLH nl'm'mtlm
JI- :Ir -I?g:hqg5 93-4:le
hgulmm. Rz?rr qumes n: GEHQ -
20
Questions?
Thu mrr? H1: ?nch-n DfIrfDm?m Ad .2053 mm! untru?rrLH nl'm'mtlm
JI- :Ir -I?g:hqg5 93-4:le
hgulmm. Rz?rr qumes n: GEHQ -
20
Operational Legalities
Tasking and Targeting
Thu l5 mn? I11.- pf Ad .2053 WWII.) and maybe mnp! untr uU'rrLH nl'n'matlm hgulmm. Refer arrf FCIHI. [cl GIHQ l'.l'l -
1
-
So you?ve heard about the principal laws that affect our work. So the
next pant i5 1what that means to us in practice.
21
Operational Legalities
Tasking and Targeting
Thu l5 mn? I11.- pf Ad .2053 WWII.) and maybe mnp! untr uU'rrLH nl'n'matlm hgulmm. Refer arrf FCIHI. [cl GIHQ l'.l'l -
1
-
So you?ve heard about the principal laws that affect our work. So the
next pant i5 1what that means to us in practice.
21
Principles
1. We operate within the law
2. We can demonstrate that we operate
within the law
3. Staff have the information they need
to be able to comply with the law
Thu I: cum"! E1: Fruit-n cf Irfn'rr?m Ad .2053 mm'I urltr u?'rrLN n?a'rr?lm bgulmn'l. Rz?rr In IIHQ -
-
22
Principles
1. We operate within the law
2. We can demonstrate that we operate
within the law
3. Staff have the information they need
to be able to comply with the law
Thu I: cum"! E1: Fruit-n cf Irfn'rr?m Ad .2053 mm'I urltr u?'rrLN n?a'rr?lm bgulmn'l. Rz?rr In IIHQ -
-
22
All we do has to be:
authorised where necessary, under
law (ISA, RIPA, WTA), or policy
it necessary NS, EWB or plus more
speci?c intelligence requirements
proportionate manner and extent to
which requirement is being met
Thu mrr? H1: DfIrfn'rr?m m1 .2 drna'rlr mm! bgulonm. Rzl'cr oanCIIlI. turtles In ECHQ on -
- :I-or ?911un 93w.le
Some ?elds in Corinth/UDAQ (and others in due course) are there for
legal compliance reasons. Not a Used by LEG to
audit actions.
Proportionate often the most challenging. Given the aim, the
conduct proposed is reasonable.
23
All we do has to be:
authorised where necessary, under
law (ISA, RIPA, WTA), or policy
it necessary NS, EWB or plus more
speci?c intelligence requirements
proportionate manner and extent to
which requirement is being met
Thu mrr? H1: DfIrfn'rr?m m1 .2 drna'rlr mm! bgulonm. Rzl'cr oanCIIlI. turtles In ECHQ on -
- :I-or ?911un 93w.le
Some ?elds in Corinth/UDAQ (and others in due course) are there for
legal compliance reasons. Not a Used by LEG to
audit actions.
Proportionate often the most challenging. Given the aim, the
conduct proposed is reasonable.
23
What activities does that
apply to?
tasking access
targeting retention
database queries dissemination
TD pioneering
SD
Thu l5 mrr? H1: ?nch-n of Irfn'rr?m Ad .2053 and marl].- mrr? urltr u?'rrLH nl'm'l?lm bgulanm. Rziirr In IIHQ on -
JI- :Ir -I?g:hqg5 93-41th
24
What activities does that
apply to?
tasking access
targeting retention
database queries dissemination
TD pioneering
SD
Thu l5 mrr? H1: ?nch-n of Irfn'rr?m Ad .2053 and marl].- mrr? urltr u?'rrLH nl'm'l?lm bgulanm. Rziirr In IIHQ on -
JI- :Ir -I?g:hqg5 93-41th
24
Tasking
?at least one-end foreign? interception is
authorised by external RIPA 8(4) warrant
1 selection is authorised according to
Certi?cate entries
1 individuals? ECHR rights are
protected on a world-wide basis
Thu Is mm! of Irfn'rr?m Ad .2053 WOW.) clrna'rlr map! untr :Iltl'rrLN nl'n'rr?lm hgulanon. Rz?rr n: ECHQ on -
an
- :I-or '?gi'lqgu 9:7.le
Pass round copy of certi?cate NB ?eyes' marking
Mention SD and DefMon are covered
We have about ten one?global? that covers Bude, MHS, Cyprus
-others for special source accesses
-Renewal every 6 months you might have been asked for highlights
-Certi?cate entries re?ne Intelligence topics
-New entries can be made e.g. Electronic Attack
25
Tasking
?at least one-end foreign? interception is
authorised by external RIPA 8(4) warrant
1 selection is authorised according to
Certi?cate entries
1 individuals? ECHR rights are
protected on a world-wide basis
Thu Is mm! of Irfn'rr?m Ad .2053 WOW.) clrna'rlr map! untr :Iltl'rrLN nl'n'rr?lm hgulanon. Rz?rr n: ECHQ on -
an
- :I-or '?gi'lqgu 9:7.le
Pass round copy of certi?cate NB ?eyes' marking
Mention SD and DefMon are covered
We have about ten one?global? that covers Bude, MHS, Cyprus
-others for special source accesses
-Renewal every 6 months you might have been asked for highlights
-Certi?cate entries re?ne Intelligence topics
-New entries can be made e.g. Electronic Attack
25
Targeting
- name
- communications addresses
- web service authentication data
In ID card number or passport number
- driving licence number
- car registration number
- bank card/credit card account numbers
Thu l5 mrr? H1: of Irfn'rr?m Ad .2053 WOW.) drna'rlr mm! urltr bgulanm. Rzi'cr turtles In ECHQ on -
an
- 1-Dr I?gi'lqgu grand-z
Any of these terms are referable to an individual so need to the
A, N, rule.
26
Targeting
- name
- communications addresses
- web service authentication data
In ID card number or passport number
- driving licence number
- car registration number
- bank card/credit card account numbers
Thu l5 mrr? H1: of Irfn'rr?m Ad .2053 WOW.) drna'rlr mm! urltr bgulanm. Rzi'cr turtles In ECHQ on -
an
- 1-Dr I?gi'lqgu grand-z
Any of these terms are referable to an individual so need to the
A, N, rule.
26
BROAD OAK
- strategic target knowledge database
- users justify and review retention of target
knowledge
- justification of targeting selectors
separate, but may be cascaded from target.
Will be default in future iteration of BROAD
OAK
Thu l5 mrr? H1: of Irfn'rr?m Ad .2053 drna'rlr mm! urltr bgulonm. Rzl'cr Lyme: In ECHQ on -
an
Lt
Storage of TK not quite so sensitive/intrusive but still need to justify.
BOT will replace Corinth (Release 4, Mar 09).
2?
BROAD OAK
- strategic target knowledge database
- users justify and review retention of target
knowledge
- justification of targeting selectors
separate, but may be cascaded from target.
Will be default in future iteration of BROAD
OAK
Thu l5 mrr? H1: of Irfn'rr?m Ad .2053 drna'rlr mm! urltr bgulonm. Rzl'cr Lyme: In ECHQ on -
an
Lt
Storage of TK not quite so sensitive/intrusive but still need to justify.
BOT will replace Corinth (Release 4, Mar 09).
2?
a .3341] I
All? I I . . I
In?ll-alum aim?lib [?unk-lulu min-Ivan [Ii-run [11. ljl'hI-I-I. [hill mu
enamel-1'
ava-uu-n- um- unm-
I?w
1n.- In? hullitumm
mu
mh- Inl? 1mm!
l'
I?W'urm '31 Elli?IN
maker-? Hamil--
. m-Ilun mum
H-H. t-w' -
amen}. laminae--
infra-Fm" nan-Luau ?nu-HI:
A we "h -
[in-m: cmm- 1
human. Imam
.- mun-n ll'l
I-u?u-nn-Ith-?u- fl" .-
.
WEBB-LI. [Ag-m um HH-
mmlui-I-
ill
?all.
?t
Shaw the '?e'tds that are there for Hegel cemplEa-nce reasons:
- Se-u-rce
number
-JIC purpese {in this. case 3 NS)
-HRA Justi?cation
-Authen'5at?nn: fin th'ie caee a Warrant number ens target in UK
2.3
a .3341] I
All? I I . . I
In?ll-alum aim?lib [?unk-lulu min-Ivan [Ii-run [11. ljl'hI-I-I. [hill mu
enamel-1'
ava-uu-n- um- unm-
I?w
1n.- In? hullitumm
mu
mh- Inl? 1mm!
l'
I?W'urm '31 Elli?IN
maker-? Hamil--
. m-Ilun mum
H-H. t-w' -
amen}. laminae--
infra-Fm" nan-Luau ?nu-HI:
A we "h -
[in-m: cmm- 1
human. Imam
.- mun-n ll'l
I-u?u-nn-Ith-?u- fl" .-
.
WEBB-LI. [Ag-m um HH-
mmlui-I-
ill
?all.
?t
Shaw the '?e'tds that are there for Hegel cemplEa-nce reasons:
- Se-u-rce
number
-JIC purpese {in this. case 3 NS)
-HRA Justi?cation
-Authen'5at?nn: fin th'ie caee a Warrant number ens target in UK
2.3
Source field - be specific
v? GCHQ report ref and date
SRI id and date
call records including root number
unique customer reference
ALWAYS INCLUDE A DATE
e-mail from customer
voice
CRA
Thu Irfn'mdnn l5 mrr? E1: of Irfn'rr?m Ad .2053 mrr? urltr haul-anon. Refer In ECHQ on -
- sum
Needs to be traceable as well as speci?c
29
Source field - be specific
v? GCHQ report ref and date
SRI id and date
call records including root number
unique customer reference
ALWAYS INCLUDE A DATE
e-mail from customer
voice
CRA
Thu Irfn'mdnn l5 mrr? E1: of Irfn'rr?m Ad .2053 mrr? urltr haul-anon. Refer In ECHQ on -
- sum
Needs to be traceable as well as speci?c
29
Intelligence requirements
- use MIRANDA number that equates to
intelligence requirement
- TD improving specific target knowledge,
identifying new sources etc is justified by
the intelligence requirement for that target
- BOT - tick ?SigDevt" box
This l5 mrr? E1: :Ilr Irfn'rr?m Ad .2053 mrr? untr bgulanm. Refer In ECHQ -
- an?
Address indirect targeting issues; will come onto UK issues
30
Intelligence requirements
- use MIRANDA number that equates to
intelligence requirement
- TD improving specific target knowledge,
identifying new sources etc is justified by
the intelligence requirement for that target
- BOT - tick ?SigDevt" box
This l5 mrr? E1: :Ilr Irfn'rr?m Ad .2053 mrr? untr bgulanm. Refer In ECHQ -
- an?
Address indirect targeting issues; will come onto UK issues
30
HRA justification
explain exactly why you are targeting this individual
don"t just repeat the MIRANDA number but add
value
BOT - cascade of target-level HRA justification to
selectors
your responsibility to amend if necessary
indirect targeting
Thu Irfn'mdnn Is mm! Eh.- cf Irfn'rr?m hi: .2 untr nl'n'rr?lm legislation. Refer n: GZHQ on -
go 931'.
War-?straws
Address indirect targeting issues; will come onto UK issues
Indirect targeting the use of a selector to identify and select the
communications of one individual with a view to selecting and
reporting the activities of another individual the target; such targeting
requires an authorisation appropriate to the location and nationality of
the real target
Indirect targeting is getting sustained intelligence on A by targeting B.
(Wanting intelligence on as well doesn?t get you off the hook.)
Point to note: it is using another selector to get at the
communications ofthe target, not to ?nd information about him.
So it is fine to target a Swedish girl-friend of a person in the UK to ?nd
out info about him, as long as you defeat communications between the
two of them.
31
HRA justification
explain exactly why you are targeting this individual
don"t just repeat the MIRANDA number but add
value
BOT - cascade of target-level HRA justification to
selectors
your responsibility to amend if necessary
indirect targeting
Thu Irfn'mdnn Is mm! Eh.- cf Irfn'rr?m hi: .2 untr nl'n'rr?lm legislation. Refer n: GZHQ on -
go 931'.
War-?straws
Address indirect targeting issues; will come onto UK issues
Indirect targeting the use of a selector to identify and select the
communications of one individual with a view to selecting and
reporting the activities of another individual the target; such targeting
requires an authorisation appropriate to the location and nationality of
the real target
Indirect targeting is getting sustained intelligence on A by targeting B.
(Wanting intelligence on as well doesn?t get you off the hook.)
Point to note: it is using another selector to get at the
communications ofthe target, not to ?nd information about him.
So it is fine to target a Swedish girl-friend of a person in the UK to ?nd
out info about him, as long as you defeat communications between the
two of them.
31
HRA justification
Russian Minster for Foreign affairs
v? dialling analysis links to Senior Russian energy
policymaker
v? wife of Russian Minister, targeted to provide travel
details of target
v? Employee at Chinese Embassy in London
v? Presidential Administration Experts Directorate;
access to info on Russian policy affecting UK
Russian energy
Chinese weapons programme
Thu Irformatnn l5 mm! H1.- of in mud untr o?'rrLN nrn'rnatlm hgulanon. Refer n: GCHQ on -
205: momma maybe
-a-nr- mam-m
All about proportionality
I hid two lines at the foot of this slide reset font colour) not sure I
can justify rejecting them! ..
We could do with some non-I'I'I' examples
suspected terrorist temporarin removed
32
HRA justification
Russian Minster for Foreign affairs
v? dialling analysis links to Senior Russian energy
policymaker
v? wife of Russian Minister, targeted to provide travel
details of target
v? Employee at Chinese Embassy in London
v? Presidential Administration Experts Directorate;
access to info on Russian policy affecting UK
Russian energy
Chinese weapons programme
Thu Irformatnn l5 mm! H1.- of in mud untr o?'rrLN nrn'rnatlm hgulanon. Refer n: GCHQ on -
205: momma maybe
-a-nr- mam-m
All about proportionality
I hid two lines at the foot of this slide reset font colour) not sure I
can justify rejecting them! ..
We could do with some non-I'I'I' examples
suspected terrorist temporarin removed
32
Revalidating targeting
- make sure it is clear why you are continuing to
invade this person?s privacy, so:
record your justification for continuing targeting
make sure all fields contain the most recent information
available
ongoing process
- if you can no longer justify targeting, record your
reason for deactivating and then deactivate
Thu l5 marl E1: of Irfn'rr?m m1 .2 urltr bgulanm. Rz?rr In ECHQ on -
g5 gnu:
marl
-a-=-r-ozw
Revalidation new requirement in it will be audited
33
Revalidating targeting
- make sure it is clear why you are continuing to
invade this person?s privacy, so:
record your justification for continuing targeting
make sure all fields contain the most recent information
available
ongoing process
- if you can no longer justify targeting, record your
reason for deactivating and then deactivate
Thu l5 marl E1: of Irfn'rr?m m1 .2 urltr bgulanm. Rz?rr In ECHQ on -
g5 gnu:
marl
-a-=-r-ozw
Revalidation new requirement in it will be audited
33
Data content retrieval
UDAQ, DISHFIRE, IIB
- not all data in these bases is ?selected?
- retrieval must be:
authorised (lawful)
necessary
proportionate
- HRA screens; audit logs
target in UK datamining STA
Thu I5 mm! cf Irfn'rr?m hi1 map! untr nl'n'rnatlm haul-anon. Rz?rr n: GZHQ on -
'3
2m: momma maybe
-a-nr- mum-m
Basis: data from authorised intercept, normally selected using a TND
but scope could include some unselected data, eg from a survey
Includes UDAQ (mixed), SAMDYCE (selected), DISH FIRE (mixed),
MAMBOOKIE (selected)
Issue: database users run queries and have potential to infringe
human rights of innocent people through reading their
communications
Normal A implemented by the analyst
Hence HRA screen
Also logging of queries for audit and queries (more later)
Querying is a form of targeting hence STA requirement
35
Data content retrieval
UDAQ, DISHFIRE, IIB
- not all data in these bases is ?selected?
- retrieval must be:
authorised (lawful)
necessary
proportionate
- HRA screens; audit logs
target in UK datamining STA
Thu I5 mm! cf Irfn'rr?m hi1 map! untr nl'n'rnatlm haul-anon. Rz?rr n: GZHQ on -
'3
2m: momma maybe
-a-nr- mum-m
Basis: data from authorised intercept, normally selected using a TND
but scope could include some unselected data, eg from a survey
Includes UDAQ (mixed), SAMDYCE (selected), DISH FIRE (mixed),
MAMBOOKIE (selected)
Issue: database users run queries and have potential to infringe
human rights of innocent people through reading their
communications
Normal A implemented by the analyst
Hence HRA screen
Also logging of queries for audit and queries (more later)
Querying is a form of targeting hence STA requirement
35
Jlnul
E's-95%
din-ff
4' I13-
IW I
MdIImLI'rLIiwlilL
.Jl run-.1
. . In.
Fi?m Hi-
f'url?rilil'J?
I ?3:5
mm. Tin-?int
helm-mu
13-min!-
.
'Hlil
MRI-HH-
Emhnh ?-l'llf
lam-Tm 1.9 gm r-I-In 1i: Hurt:
I 'F'I-rnml- Lani-Edits:
WISH-IN
Currently
crew-rum?
a hidden sEide
tum-Ll
Ian: ll
mi?m
hEE-Emu 1mm
Emu-1M: Hone
mum ?an
I.
I I
36
Jlnul
E's-95%
din-ff
4' I13-
IW I
MdIImLI'rLIiwlilL
.Jl run-.1
. . In.
Fi?m Hi-
f'url?rilil'J?
I ?3:5
mm. Tin-?int
helm-mu
13-min!-
.
'Hlil
MRI-HH-
Emhnh ?-l'llf
lam-Tm 1.9 gm r-I-In 1i: Hurt:
I 'F'I-rnml- Lani-Edits:
WISH-IN
Currently
crew-rum?
a hidden sEide
tum-Ll
Ian: ll
mi?m
hEE-Emu 1mm
Emu-1M: Hone
mum ?an
I.
I I
36
UDAQ
JIC purpose
1 use appropriate MIRANDA number
1 explain why you are running this query
1 principle applies to use of any Sigint
database
Thu mm"! E1: :fIrfn'rr?m Ad .2053 drna'rlr mm n?a'rr?lm bgulanm. Rz?rr In IIHQ on -
It.
an
W1qu
3?
UDAQ
JIC purpose
1 use appropriate MIRANDA number
1 explain why you are running this query
1 principle applies to use of any Sigint
database
Thu mm"! E1: :fIrfn'rr?m Ad .2053 drna'rlr mm n?a'rr?lm bgulanm. Rz?rr In IIHQ on -
It.
an
W1qu
3?
Questions you should ask
yourself
- would my justification record be clear to a
colleague?
- have I justified invading this person?s privacy?
- will my successor understand?
Thu mm! E1: :fIrfn'rr?m Ad .2053 drna'rlr mm"! n?IrnatIm bgulanm. Rzlirr aanCIIlI. In IIHQ on -
Ir.
an
Lt
Hidden replaced by previous slide
38
Questions you should ask
yourself
- would my justification record be clear to a
colleague?
- have I justified invading this person?s privacy?
- will my successor understand?
Thu mm! E1: :fIrfn'rr?m Ad .2053 drna'rlr mm"! n?IrnatIm bgulanm. Rzlirr aanCIIlI. In IIHQ on -
Ir.
an
Lt
Hidden replaced by previous slide
38
Audits
- IPTs currently carry out targeting audit
10% of entries each year, randomly chosen
all UK entries each year, wildcards each audit
- quick check of record at key HRA aspects:
source field
HRA justification
MIRANDA number
revalidation
- UDAQ Events also audited
Thu new H1.- cf Irfn'rr?m Ad .2053 mm untr nrn'rnatlm bgulonm. Rzl'cr n: GCHQ on -
- 1-Dr-?9d1q9? we?
Audit mandated by SUB
Not meant to be onerous
IPTs conduct audit in different ways.
Now ?nding that fewer entries need changing compliance levels
going up (education)
Next stage audit of other databases.
39
Audits
- IPTs currently carry out targeting audit
10% of entries each year, randomly chosen
all UK entries each year, wildcards each audit
- quick check of record at key HRA aspects:
source field
HRA justification
MIRANDA number
revalidation
- UDAQ Events also audited
Thu new H1.- cf Irfn'rr?m Ad .2053 mm untr nrn'rnatlm bgulonm. Rzl'cr n: GCHQ on -
- 1-Dr-?9d1q9? we?
Audit mandated by SUB
Not meant to be onerous
IPTs conduct audit in different ways.
Now ?nding that fewer entries need changing compliance levels
going up (education)
Next stage audit of other databases.
39
Questions?
Thu Irfn'mdnn l5 mrr? H1: cf Irfn'rr?m Ad .2053 and maybe mm! urltr bguldlm. Rzl'cr L?u?ll?' In ECHQ -
1 :Ir I?gi'lqgu 93w.le
15 minute break
40
Questions?
Thu Irfn'mdnn l5 mrr? H1: cf Irfn'rr?m Ad .2053 and maybe mm! urltr bguldlm. Rzl'cr L?u?ll?' In ECHQ -
1 :Ir I?gi'lqgu 93w.le
15 minute break
40
Operational Legalities
Targeting: location and
nationality
Thu Irforrnatnn Is mm! unir H1.- of Irforrnatm Ad .2 drna'lrlr map! urltr oLl'IrrLH nl'n'rnatlm hgula?m. Rzl'rr [n GIHQ on -
egmqgugnmm
Pick up from lawyer?s 1words on territoriality.
RIPA location matters
Policies address nationality issues
Cause of a great many queries to
41
Operational Legalities
Targeting: location and
nationality
Thu Irforrnatnn Is mm! unir H1.- of Irforrnatm Ad .2 drna'lrlr map! urltr oLl'IrrLH nl'n'rnatlm hgula?m. Rzl'rr [n GIHQ on -
egmqgugnmm
Pick up from lawyer?s 1words on territoriality.
RIPA location matters
Policies address nationality issues
Cause of a great many queries to
41
Location, location, location
1 Law: specific RIPA authorisation for
interception of a target located in the UK
9? Policy: internal authorisation (STA) for a target
outside the UK if nationally and/or location is
sensitive
9? all targets require HRA justification (GCHQ is a
public authority interfering with individuals? human rights)
I
drna'rbemrr?urdrr . - - seamen-.-
En El
-a-=-r-ozmum
Distinguish serendipity from indirect targeting. (Don?t scare people off
doing valid and legal reporting)
Location Iavv
Nationality policy
Any 2Ps in the audience?
Expand on Sensitive target not covered later.
May wish to mention here policy that a target entering a Second Party
country must be detasked from all Second Party collection systems
42
Location, location, location
1 Law: specific RIPA authorisation for
interception of a target located in the UK
9? Policy: internal authorisation (STA) for a target
outside the UK if nationally and/or location is
sensitive
9? all targets require HRA justification (GCHQ is a
public authority interfering with individuals? human rights)
I
drna'rbemrr?urdrr . - - seamen-.-
En El
-a-=-r-ozmum
Distinguish serendipity from indirect targeting. (Don?t scare people off
doing valid and legal reporting)
Location Iavv
Nationality policy
Any 2Ps in the audience?
Expand on Sensitive target not covered later.
May wish to mention here policy that a target entering a Second Party
country must be detasked from all Second Party collection systems
42
Location?
- without other information, assume:
individual is in their country
mobile phone is in country of registration
email address with country digraph is there
Thu mrr? E1: :fIrfn'rr?m hi: .2 dma'rlr mm! bgulanm. Rz?rr In ECHQ on -
- 1-Dr I?gi'lqgu gnu.th
Sensitive always trumps non-sensitive
43
Location?
- without other information, assume:
individual is in their country
mobile phone is in country of registration
email address with country digraph is there
Thu mrr? E1: :fIrfn'rr?m hi: .2 dma'rlr mm! bgulanm. Rz?rr In ECHQ on -
- 1-Dr I?gi'lqgu gnu.th
Sensitive always trumps non-sensitive
43
Location: belief 8: knowledge
1 belief is mi 100% knowledge with hindsight;
you must not ?turn a blind eye?
based on the information available at any
particular time
1 this may vary - so should our response
Tl'ls Irl'nn'nanm Is amp! Freedom Dl" he! zoos and maybe Hemp: u'lcbr oll'lrLN Refer arr,? FDTII. qumuz In on -
- 1-Dr-?sd1qs?wwk
-Not going into religion or philosophy frequent topic of questions to
OPP-LEG
-The main thing is to record 1why you made your decision so that, if
later it turns out to be incorrect, you have noted the reasons for
believing what you did.
- possibly BROAD OAK comments ?eld
- relies on honesty from - in good faith
- it?s your judgement call try to get collateral if possible to help make
the decision - but do the best you can possibly do
44
Location: belief 8: knowledge
1 belief is mi 100% knowledge with hindsight;
you must not ?turn a blind eye?
based on the information available at any
particular time
1 this may vary - so should our response
Tl'ls Irl'nn'nanm Is amp! Freedom Dl" he! zoos and maybe Hemp: u'lcbr oll'lrLN Refer arr,? FDTII. qumuz In on -
- 1-Dr-?sd1qs?wwk
-Not going into religion or philosophy frequent topic of questions to
OPP-LEG
-The main thing is to record 1why you made your decision so that, if
later it turns out to be incorrect, you have noted the reasons for
believing what you did.
- possibly BROAD OAK comments ?eld
- relies on honesty from - in good faith
- it?s your judgement call try to get collateral if possible to help make
the decision - but do the best you can possibly do
44
Target arrives or is discovered
to be in the next?
Consider authorisation options
continuation targeting RIPA s.16(5)
9n 5 working days (1 for SC)
1? signed by GCHQ Directorate
9? then over to customer RIPA 5.8(1) warrant
This I5 mm! I11.- Front-n of hi: .2 drna'rlr map! untr o?'rrLN nl'prrnatlm hgulanon. Rzi'rr n: ECHQ on -
- :I-or '?gi'lqgu 93w};
Target comes to UK no longer have to take targeting off cover. In
fact we should probably be more interested in why a target has come
to the UK and want to do some work on this. There are other options.
16(5) 5 days from moment analyst realises target is in UK (1 day for
SC). After this, need to apply for a warrant or drop targeting. Warrant
could have schedule served on us. 16(5) on 8(4) collection. Only
selectors you know about at the time, can?t add new ones in.
45
Target arrives or is discovered
to be in the next?
Consider authorisation options
continuation targeting RIPA s.16(5)
9n 5 working days (1 for SC)
1? signed by GCHQ Directorate
9? then over to customer RIPA 5.8(1) warrant
This I5 mm! I11.- Front-n of hi: .2 drna'rlr map! untr o?'rrLN nl'prrnatlm hgulanon. Rzi'rr n: ECHQ on -
- :I-or '?gi'lqgu 93w};
Target comes to UK no longer have to take targeting off cover. In
fact we should probably be more interested in why a target has come
to the UK and want to do some work on this. There are other options.
16(5) 5 days from moment analyst realises target is in UK (1 day for
SC). After this, need to apply for a warrant or drop targeting. Warrant
could have schedule served on us. 16(5) on 8(4) collection. Only
selectors you know about at the time, can?t add new ones in.
45
Target in the s.16(3)
frequent visitors to the UK or known targets
1 signature required modification to 8(4)
certi?cate
1 new selectors may be used
it indirect targeting is not allowed
Thu Irformotnn Is mm! unir H1.- of .2 untr oLl'IrrLH hgula?m. Refer to GIHQ on -
go gov.
map!
NB currently used only for counter-terrorism, serious crime, CP and Russian
intelligence of?cers (March 2008)
16(3) you might know the name of the target; or it?s a suspicious selector used
by one or more unknown targets; business case from IPT, goes through various
internal checks; OPPNLEG puts it into appropriate format renewed every 6
months (3 for update it with current knowledge.
Directorate may authorise urgent additions
Indirect targeting the use of a selector to identify and select the communications
of one individual with a view to selecting and reporting the activities of another
individual the target; such targeting requires an authorisation appropriate to the
location and nationality of the real target
Indirect targeting is getting sustained intelligence on A by targeting B. (Wanting
intelligence on as well doesn?t get you off the hook.)
Point to note: it is using another selector to get the communications of the target,
not to find information about him. So it is fine to target a Swedish girl-friend of a
person in the UK to ?nd out info about him, as long as you defeat communications
between the two of them.
e.g. Your target?s in South Africa, his wife?s in India. Targeting her phone no. to get
his comms indirect targeting, but is ok as long as you can demonstrate necessity
and proportionality. But if target comes from SA to UK, you?ll need additional
authorisation to continue to target the wife?s phone no.
46
Target in the s.16(3)
frequent visitors to the UK or known targets
1 signature required modification to 8(4)
certi?cate
1 new selectors may be used
it indirect targeting is not allowed
Thu Irformotnn Is mm! unir H1.- of .2 untr oLl'IrrLH hgula?m. Refer to GIHQ on -
go gov.
map!
NB currently used only for counter-terrorism, serious crime, CP and Russian
intelligence of?cers (March 2008)
16(3) you might know the name of the target; or it?s a suspicious selector used
by one or more unknown targets; business case from IPT, goes through various
internal checks; OPPNLEG puts it into appropriate format renewed every 6
months (3 for update it with current knowledge.
Directorate may authorise urgent additions
Indirect targeting the use of a selector to identify and select the communications
of one individual with a view to selecting and reporting the activities of another
individual the target; such targeting requires an authorisation appropriate to the
location and nationality of the real target
Indirect targeting is getting sustained intelligence on A by targeting B. (Wanting
intelligence on as well doesn?t get you off the hook.)
Point to note: it is using another selector to get the communications of the target,
not to find information about him. So it is fine to target a Swedish girl-friend of a
person in the UK to ?nd out info about him, as long as you defeat communications
between the two of them.
e.g. Your target?s in South Africa, his wife?s in India. Targeting her phone no. to get
his comms indirect targeting, but is ok as long as you can demonstrate necessity
and proportionality. But if target comes from SA to UK, you?ll need additional
authorisation to continue to target the wife?s phone no.
46
If no authorisation is sought. . .
9t examine and report traffic intercepted up to
time you knew target was in UK
3i- use B3M HRA?register" to alert
check location using events or THUGGEE
examine a cut (33M UDAQ) every 48 to
check whereabouts
Thu Irforrnatnnl: mm! H1.- ofIrfn'rrutm Ad .2053 WOW.) drna'rlr mm untro?'rrLN nrn'rnatlon hgulanon. Rzl'cr - 1
an
- :I-or '?gi'lqgu grand-z
All this assumes they can?t be bothered with any of the authorisation
options . Ask what this says about the level of justi?cation of the
target in the ?rst place.
Note no alert system on text repositories, only voice [and we don?t
know how widely used the BBM mark up is used, tho I think it?s
reasonably well known]
These days, esp for voice, call records are a better way of tracking
where someone is, and they?re less intrusive
NB 33M ?ag only for target in the UK
4?
If no authorisation is sought. . .
9t examine and report traffic intercepted up to
time you knew target was in UK
3i- use B3M HRA?register" to alert
check location using events or THUGGEE
examine a cut (33M UDAQ) every 48 to
check whereabouts
Thu Irforrnatnnl: mm! H1.- ofIrfn'rrutm Ad .2053 WOW.) drna'rlr mm untro?'rrLN nrn'rnatlon hgulanon. Rzl'cr - 1
an
- :I-or '?gi'lqgu grand-z
All this assumes they can?t be bothered with any of the authorisation
options . Ask what this says about the level of justi?cation of the
target in the ?rst place.
Note no alert system on text repositories, only voice [and we don?t
know how widely used the BBM mark up is used, tho I think it?s
reasonably well known]
These days, esp for voice, call records are a better way of tracking
where someone is, and they?re less intrusive
NB 33M ?ag only for target in the UK
4?
Policy authorisations
- STA and provide records of actions
where UK &/or British Overseas Territory
law does not require authorisation
- respect 2nd Party sensitivities
- actions are validated by a GCHQ senior (or
nominated GCBs in
- we can justify targeting if challenged .
- QC is mandatory
Thu Irforrnatnn l5 mm"! lh: of Irfn'rr?m Ad .2053 WWII.) and marl].- urltr bgulanm. Rz?rr In ECHQ on -
- 1-Dr I?gi'lqgu 93v.th
No legal authorisations required but ad:ion is still sensitive.
Reassurance to Commissioner/1PT.
48
Policy authorisations
- STA and provide records of actions
where UK &/or British Overseas Territory
law does not require authorisation
- respect 2nd Party sensitivities
- actions are validated by a GCHQ senior (or
nominated GCBs in
- we can justify targeting if challenged .
- QC is mandatory
Thu Irforrnatnn l5 mm"! lh: of Irfn'rr?m Ad .2053 WWII.) and marl].- urltr bgulanm. Rz?rr In ECHQ on -
- 1-Dr I?gi'lqgu 93v.th
No legal authorisations required but ad:ion is still sensitive.
Reassurance to Commissioner/1PT.
48
Datamining STA
Datamining STA for target in UK valid for
two days
named SCS of?cer signs STA
one-off search
Count-only searches: no authorisation
needed
Thu Irforrnotnn I5 mm! Eh.- of hi: .2 urltr nl'orrnotlm hgulonm. Rz?rr n: GZHQ on -
go gov.
meiosis
is handled by UPA-DCSD
SCS sign TTA and datamining STA for targets in the UK save
Directorate 1when novel or sensitive
For out of hours authorisations the BBC) oan approve all STA and TTA
requests as appropriate but authority from one of the above of?cers
must be obtained at the earliest opportunity.
Datamining for targets in the UK a one-off searoh per repository;
must perform search within 2 days but can go back further; can
examine all hits returned; count-only
ZTA ITT only
49
Datamining STA
Datamining STA for target in UK valid for
two days
named SCS of?cer signs STA
one-off search
Count-only searches: no authorisation
needed
Thu Irforrnotnn I5 mm! Eh.- of hi: .2 urltr nl'orrnotlm hgulonm. Rz?rr n: GZHQ on -
go gov.
meiosis
is handled by UPA-DCSD
SCS sign TTA and datamining STA for targets in the UK save
Directorate 1when novel or sensitive
For out of hours authorisations the BBC) oan approve all STA and TTA
requests as appropriate but authority from one of the above of?cers
must be obtained at the earliest opportunity.
Datamining for targets in the UK a one-off searoh per repository;
must perform search within 2 days but can go back further; can
examine all hits returned; count-only
ZTA ITT only
49
Special C2C authorisations
- special access to email communications
- NS only;r limited criteria
- 16(3) or STA also required if location or
nationality sensitive
- SCS or GC6 approval
This Irforrnaton Is mm! unir Front-n of hi: .2 untr nl'orrnatlon tool-mm. Rz?rr [flfIE?J n: GZHQ on -
go 931'.
Wan-?seams
is handled by UPA-DCSD
SCS sign TTA and datamining STA for targets in the UK save
Directorate 1when novel or sensitive
For out of hours authorisations the BBC) can approve all STA ancl TTA
requests as
appropriate but authority from one of the above of?cers must be
obtained at the earliest
opportunity.
Datamining for targets in the UK a one-off search per repository;
must perform search within 2 days but can go back further; can
examine all hits returned; count-only
ZTA ITT only
50
Special C2C authorisations
- special access to email communications
- NS only;r limited criteria
- 16(3) or STA also required if location or
nationality sensitive
- SCS or GC6 approval
This Irforrnaton Is mm! unir Front-n of hi: .2 untr nl'orrnatlon tool-mm. Rz?rr [flfIE?J n: GZHQ on -
go 931'.
Wan-?seams
is handled by UPA-DCSD
SCS sign TTA and datamining STA for targets in the UK save
Directorate 1when novel or sensitive
For out of hours authorisations the BBC) can approve all STA ancl TTA
requests as
appropriate but authority from one of the above of?cers must be
obtained at the earliest
opportunity.
Datamining for targets in the UK a one-off search per repository;
must perform search within 2 days but can go back further; can
examine all hits returned; count-only
ZTA ITT only
50
SRA
- authorises receipt of 2 or 3P intelligence on
UK?based targets
- where GCHQ has no authorisation
- avoids indirect targeting
- limited period only
Thu l5 mrr? E1: of Irfn'rr?m Ad .2053 drna'rlr mm! urltr haul-anon. Rz?rr In ECHQ on -
an
Wmus Lt
Max 6 months
51
SRA
- authorises receipt of 2 or 3P intelligence on
UK?based targets
- where GCHQ has no authorisation
- avoids indirect targeting
- limited period only
Thu l5 mrr? E1: of Irfn'rr?m Ad .2053 drna'rlr mm! urltr haul-anon. Rz?rr In ECHQ on -
an
Wmus Lt
Max 6 months
51
Operational Legalities
SIGINT Development
Thu Irformatnn Is mn? url:i:r I11.- Front-n of Irformim Ad .2053 WWII.) and rncqur mnp! untr oU'rrLH nl'n'milm hgulmm. Rzl'rr arrf FCIHI. [cl GIHQ on -
JI- or gov.th
By its nature, SD can be intrusive to many people?s human rights, as it
can involve large-scale interception of manv innocent people, cf.
interception using strong, known selectors with valid HRA
justi?cations.
SD can be for technical development or to ?nd target
communications from bulk data.
52
Operational Legalities
SIGINT Development
Thu Irformatnn Is mn? url:i:r I11.- Front-n of Irformim Ad .2053 WWII.) and rncqur mnp! untr oU'rrLH nl'n'milm hgulmm. Rzl'rr arrf FCIHI. [cl GIHQ on -
JI- or gov.th
By its nature, SD can be intrusive to many people?s human rights, as it
can involve large-scale interception of manv innocent people, cf.
interception using strong, known selectors with valid HRA
justi?cations.
SD can be for technical development or to ?nd target
communications from bulk data.
52
SD justification
- Enhancing capabilities is a national
security purpose
- TD improving specific target knowledge,
identifying new sources etc is justi?ed by
the intelligence requirement for that target
Thu Irfn'rnatnn l5 mrr? H1: cf Irfn'rr?m Ad .2053 WOW.) drna'rlr mm! urltr bgulanm. Rzi'cr turtles In ECHQ -
an
- 1-Dr I?gi'lqgu gas.le
Capabilities vital for the future of may embrace research
Both are referred to in RIPA certi?cate.
If asked, MIRANDA number for system testing is 20141
53
SD justification
- Enhancing capabilities is a national
security purpose
- TD improving specific target knowledge,
identifying new sources etc is justi?ed by
the intelligence requirement for that target
Thu Irfn'rnatnn l5 mrr? H1: cf Irfn'rr?m Ad .2053 WOW.) drna'rlr mm! urltr bgulanm. Rzi'cr turtles In ECHQ -
an
- 1-Dr I?gi'lqgu gas.le
Capabilities vital for the future of may embrace research
Both are referred to in RIPA certi?cate.
If asked, MIRANDA number for system testing is 20141
53
SD proportionality
Restrict to the minimum necessary:
- re?ne wide initial terms
I de?ne length of task and/or volumes
- limit dissemination and retention
Aim: sustained targeting as soon as practicable
Thu mrr? lh: DfIrfn'rr?m hi: .2 drna'rlr mm! bgulanm. Rzl'cr Lyme: In ECHQ on -
- 1-Dr I?gi'lqgu 91:.le
Capabilities vital for the future of may embrace research
If asked, MIRAN DA number for system testing is 20141
54
SD proportionality
Restrict to the minimum necessary:
- re?ne wide initial terms
I de?ne length of task and/or volumes
- limit dissemination and retention
Aim: sustained targeting as soon as practicable
Thu mrr? lh: DfIrfn'rr?m hi: .2 drna'rlr mm! bgulanm. Rzl'cr Lyme: In ECHQ on -
- 1-Dr I?gi'lqgu 91:.le
Capabilities vital for the future of may embrace research
If asked, MIRAN DA number for system testing is 20141
54
SD reporting
- you may report from SD traffic
- reporting guidelines reflect HRA requirements
Thu new H1.- of Irfn'rr?m Ad .2053 WOW.) drna'rlr mm urltr nrn'rnatlm bgulanm. Rzl'cr n: GCHQ on -
an
- 1-Dr '?gi'lqgu 9:7.le
Capabilities vital for the future of may embrace research
If asked, MIRAN DA number for system testing is 20141
55
SD reporting
- you may report from SD traffic
- reporting guidelines reflect HRA requirements
Thu new H1.- of Irfn'rr?m Ad .2053 WOW.) drna'rlr mm urltr nrn'rnatlm bgulanm. Rzl'cr n: GCHQ on -
an
- 1-Dr '?gi'lqgu 9:7.le
Capabilities vital for the future of may embrace research
If asked, MIRAN DA number for system testing is 20141
55
Content or metadata?
- voice mail boxes
SMS text
- an email inside a message
- email subject line
- URL beyond the domain name
(eg
an attached routing diagram
Thu I: cum"! E1: ?nch-n of Irfn?rr?m Ad .2053 mm'I urltr nil-Irrle n?a'rr?lm haul-anon. Rz?rr In IIHQ on -
JI- :Ir -I?g:hqg5 93-41le
56
Content or metadata?
- voice mail boxes
SMS text
- an email inside a message
- email subject line
- URL beyond the domain name
(eg
an attached routing diagram
Thu I: cum"! E1: ?nch-n of Irfn?rr?m Ad .2053 mm'I urltr nil-Irrle n?a'rr?lm haul-anon. Rz?rr In IIHQ on -
JI- :Ir -I?g:hqg5 93-41le
56
Content or metadata?
- IP address
- email address
- DTMF (tone dialling)
- a URL up to the domain
(eg
- location
Thu Irfn'mdnn l5 mm! H1.- of Irfn'rr?m Ad .2053 WOW.) drnaq'lr mrru urltr hguldlm. Refer n: GCHQ on -
an
- 1-Dr '?gi'lqgu grand-z
DTMF dual tone multi-frequency touch-tone dialling
- usually metadata but can be content (credit card number)
URL: not for acquisition
- yes for queries
Location is generally metadata too.
policy is to treat it pretty much all the same whether it?s
content or metadata]
5?
Content or metadata?
- IP address
- email address
- DTMF (tone dialling)
- a URL up to the domain
(eg
- location
Thu Irfn'mdnn l5 mm! H1.- of Irfn'rr?m Ad .2053 WOW.) drnaq'lr mrru urltr hguldlm. Refer n: GCHQ on -
an
- 1-Dr '?gi'lqgu grand-z
DTMF dual tone multi-frequency touch-tone dialling
- usually metadata but can be content (credit card number)
URL: not for acquisition
- yes for queries
Location is generally metadata too.
policy is to treat it pretty much all the same whether it?s
content or metadata]
5?
Content or metadata?
password
authentication to a communications service
communications data
other passwords content
- cookie
depends on data may be either
Thu Irfn'rnatnn Is mm! Eh.- cf Irfn'rr?m hi: .2 untr nl'n'rnatlm hgulancn. Refer n: GZHQ on -
cm 931'.
WWII.) and maybe map!
-a-=-r-ozw
Current ruling: content moving towards metadata, need to ?esh out
a few examples passwords to web sites are metadata; banking etc
would be content.
There are speci?c exemptions, eg PILBEAM, PRIMORDIAL SOUP, NED
PUDDING (but getting to be too many exceptions for liking)
Future of CZC exploitation
WIP to rede?ne as metadata if possible
Other measures possible, eg limit access to these elements of content
being explored for HAUSTO RIUM
58
Content or metadata?
password
authentication to a communications service
communications data
other passwords content
- cookie
depends on data may be either
Thu Irfn'rnatnn Is mm! Eh.- cf Irfn'rr?m hi: .2 untr nl'n'rnatlm hgulancn. Refer n: GZHQ on -
cm 931'.
WWII.) and maybe map!
-a-=-r-ozw
Current ruling: content moving towards metadata, need to ?esh out
a few examples passwords to web sites are metadata; banking etc
would be content.
There are speci?c exemptions, eg PILBEAM, PRIMORDIAL SOUP, NED
PUDDING (but getting to be too many exceptions for liking)
Future of CZC exploitation
WIP to rede?ne as metadata if possible
Other measures possible, eg limit access to these elements of content
being explored for HAUSTO RIUM
58
Questions?
Thu mrr? H1: ?nch-n DfIrfDm?m Ad .2053 mm! untru?rrLH nl'm'mtlm
JI- :Ir -I?g:hqg5 93-4:le
hgulmm. Rz?rr qumes n: GEHQ -
59
Questions?
Thu mrr? H1: ?nch-n DfIrfDm?m Ad .2053 mm! untru?rrLH nl'm'mtlm
JI- :Ir -I?g:hqg5 93-4:le
hgulmm. Rz?rr qumes n: GEHQ -
59
Second Parties
Australia, Canada,
New Zealand USA
Thu Irfn'rnatnnl: El?l'l'? unir H1: Fruit-n Ad .2053 Inn-rd! urtbru?'crLH nl'brrnallm bgulanm. Rz?rr In IIHQ -
1
- -I?g:hqgs 935'.le
60
Second Parties
Australia, Canada,
New Zealand USA
Thu Irfn'rnatnnl: El?l'l'? unir H1: Fruit-n Ad .2053 Inn-rd! urtbru?'crLH nl'brrnallm bgulanm. Rz?rr In IIHQ -
1
- -I?g:hqgs 935'.le
60
GCHQ and Second Parties
I partners respect each others? laws and policies
2"cl parties treat UK nationals as their own
- GCHQ must not ask a 2'1d party to do
something for which we would need a warrant
- we must not task a 2rld party with targeting
that would be unlawful in that country
THEE El?l'l'? unir H1: Fruit-n Ad .2053 Inn-rd! urtbru?'crLI'l bgulanm. Rz?rr In GCHQ -
1-Dr-I?gi1qg: 935311
Example: a target entering a Second Party country must be detasked
from all Second .- -. .
61
GCHQ and Second Parties
I partners respect each others? laws and policies
2"cl parties treat UK nationals as their own
- GCHQ must not ask a 2'1d party to do
something for which we would need a warrant
- we must not task a 2rld party with targeting
that would be unlawful in that country
THEE El?l'l'? unir H1: Fruit-n Ad .2053 Inn-rd! urtbru?'crLI'l bgulanm. Rz?rr In GCHQ -
1-Dr-I?gi1qg: 935311
Example: a target entering a Second Party country must be detasked
from all Second .- -. .
61
USSID SP0018
- No interception of persons in US without
a warrant
- Court order needed to intercept US
persons outside the USA
- your use of NSA collection databases
must respect 2nd Party laws and policies
THEE El?l'l'? unir H1: Firm-n Ad .2053 Inn-rd! unison-crud bgulanun. Rz?rr Lyme: In IIHQ on -
1-Dr-I?gi1qg: 935311
62
USSID SP0018
- No interception of persons in US without
a warrant
- Court order needed to intercept US
persons outside the USA
- your use of NSA collection databases
must respect 2nd Party laws and policies
THEE El?l'l'? unir H1: Firm-n Ad .2053 Inn-rd! unison-crud bgulanun. Rz?rr Lyme: In IIHQ on -
1-Dr-I?gi1qg: 935311
62
Operational Legalities
Dissemination
Disclosure
Thu Irformatnn l5 mun unir H1.- of Irfn'rmtm Ad .2053 WWII.) and rncqur map! urltr hgula?m. Rzl'rr in GIHQ on -
- 1-Dr-?9d1q9u Wm
63
Operational Legalities
Dissemination
Disclosure
Thu Irformatnn l5 mun unir H1.- of Irfn'rmtm Ad .2053 WWII.) and rncqur map! urltr hgula?m. Rzl'rr in GIHQ on -
- 1-Dr-?9d1q9u Wm
63
Dissemination
EP is sole vehicle for passing intelligence
to customers
i? Reporting Standards applies
proportionality principle to EP
Thu mrr? E1: DfIrfn'rr?m hi: .2 drna'rlr mm! bgulanm. Rz?rr In ECHQ on -
- :I-or @911un gnu.le
Do not send intelligence in emails! - you could end up in court?
64
Dissemination
EP is sole vehicle for passing intelligence
to customers
i? Reporting Standards applies
proportionality principle to EP
Thu mrr? E1: DfIrfn'rr?m hi: .2 drna'rlr mm! bgulanm. Rz?rr In ECHQ on -
- :I-or @911un gnu.le
Do not send intelligence in emails! - you could end up in court?
64
Disclosure
iu SIGINT collected under RIPA may not be
used in court
Relevance to prosecutions
9? Public Interest Immunity PII certificates
Thu Irfn'rnatnn Is mm! unir H1.- of Irfn'rnatm hi: .2 untr nl'n'rnatlm hgula?m. Rzl'rr in GIHQ on -
go 931'.
Weir-wee it
Do not send intelligence in emails! - you could end up in count?
Warranted intercept under RIPA can not be used in court (at the
moment)
PII used for other intelligence not covered by RIPA eg second party
reissues.
Pabiic Interest Immunity (PH) certi?cate. This document sets out the
damage that could be caused by exposing GCHQ capabilities. Whilst
the Foreign Secretary signs the certi?cate, it is the Judge who has the
ultimate say as to whether it is upheld (See
for further details). If the Judge orders in favour of disclosure, the only
remaining option is to drop part or all of the case;
Drop the case. If the Judge rejects the P11 certi?cate and orders that
disclosure should be made in the public interest, we would seek to
have that part of the case, or in extreme circumstances the case in its
entirety, dropped.
65
Disclosure
iu SIGINT collected under RIPA may not be
used in court
Relevance to prosecutions
9? Public Interest Immunity PII certificates
Thu Irfn'rnatnn Is mm! unir H1.- of Irfn'rnatm hi: .2 untr nl'n'rnatlm hgula?m. Rzl'rr in GIHQ on -
go 931'.
Weir-wee it
Do not send intelligence in emails! - you could end up in count?
Warranted intercept under RIPA can not be used in court (at the
moment)
PII used for other intelligence not covered by RIPA eg second party
reissues.
Pabiic Interest Immunity (PH) certi?cate. This document sets out the
damage that could be caused by exposing GCHQ capabilities. Whilst
the Foreign Secretary signs the certi?cate, it is the Judge who has the
ultimate say as to whether it is upheld (See
for further details). If the Judge orders in favour of disclosure, the only
remaining option is to drop part or all of the case;
Drop the case. If the Judge rejects the P11 certi?cate and orders that
disclosure should be made in the public interest, we would seek to
have that part of the case, or in extreme circumstances the case in its
entirety, dropped.
65
Questions?
Thu mrr? H1: ?nch-n DfIrfDm?m Ad .2053 mm! untru?rrLH nl'm'mtlm
JI- :Ir -I?g:hqg5 93-4:le
hgulmm. Rz?rr qumes n: GEHQ -
66
Questions?
Thu mrr? H1: ?nch-n DfIrfDm?m Ad .2053 mm! untru?rrLH nl'm'mtlm
JI- :Ir -I?g:hqg5 93-4:le
hgulmm. Rz?rr qumes n: GEHQ -
66
Operational Legalities
Safeguards and Oversight
drnaqur map! urltr ELI-crud hgula?m. Rzi'rr in GIHQ -
g:
2
- {Tl-Dr '?gi'lqgu 1'.th
6?
Operational Legalities
Safeguards and Oversight
drnaqur map! urltr ELI-crud hgula?m. Rzi'rr in GIHQ -
g:
2
- {Tl-Dr '?gi'lqgu 1'.th
6?
RIPA safeguards
intercepted material must be destroyed as
soon as its retention is no longer
it it must be looked at, copied and disseminated
to the minimum
1 a purpose authorised under the Act
Pu as a matter of policy, GCHQ applies this ethos
to all material it acquires, regardless of source
9? policies for EP and data retention
Thu Irfn'mdnn I: cum"! E1: of Irfn'rr?m Ad .2053 mrr? urltr n?a'rr?lm bgulanm. Rz?rr In IIHQ on -
- i-W-?wwu Hum
68
RIPA safeguards
intercepted material must be destroyed as
soon as its retention is no longer
it it must be looked at, copied and disseminated
to the minimum
1 a purpose authorised under the Act
Pu as a matter of policy, GCHQ applies this ethos
to all material it acquires, regardless of source
9? policies for EP and data retention
Thu Irfn'mdnn I: cum"! E1: of Irfn'rr?m Ad .2053 mrr? urltr n?a'rr?lm bgulanm. Rz?rr In IIHQ on -
- i-W-?wwu Hum
68
Errors and breaches
mistakes happen and we report them
and LA role: help 8L advice
an apparent error may be:
3L breaking the law
it a breach of RIPA safeguards 0
FL nothing to worry about! .
response: procedures, processes training
Thu l5 mrr? H1: ?nch-n of Irfn'rr?m Ad .2053 urltr nl'm'mtlm haul-mm. Rz?rr In IIHQ on -
JI- :Ir -I?g:hqg5 93-41le
69
Errors and breaches
mistakes happen and we report them
and LA role: help 8L advice
an apparent error may be:
3L breaking the law
it a breach of RIPA safeguards 0
FL nothing to worry about! .
response: procedures, processes training
Thu l5 mrr? H1: ?nch-n of Irfn'rr?m Ad .2053 urltr nl'm'mtlm haul-mm. Rz?rr In IIHQ on -
JI- :Ir -I?g:hqg5 93-41le
69
Political oversight
1 Executive - a Secretary of State exercises
authority over the I 5 services and is
answerable to Parliament
Parliament - Intelligence 8: Security
Committee examines expenditure,
administration and policy (not operations);
members within the circle of secrecy; reports
annually to Parliament
Thu mm"! unir E1: :fIrfn'rr?m Ad .2053 drna'rlr mm! n?IrnatIm bgulanm. Rzlirr In IIHQ on -
Ir.
an
Political oversight
1 Executive - a Secretary of State exercises
authority over the I 5 services and is
answerable to Parliament
Parliament - Intelligence 8: Security
Committee examines expenditure,
administration and policy (not operations);
members within the circle of secrecy; reports
annually to Parliament
Thu mm"! unir E1: :fIrfn'rr?m Ad .2053 drna'rlr mm! n?IrnatIm bgulanm. Rzlirr In IIHQ on -
Ir.
an
Judicial oversight:
Commissioners
A Senior Judges: independent of HMG and
Parliament
1 review Secretary of State?s use of powers
under
guaranteed access to agencies
at annual reports to the Prime Minister
Thu Irforrnatnn l5 mrr? E1: of Irfn'rr?m Ad .2053 WWII.) and marl].- mrr? untr bgulanm. In ECHQ on -
- :I-or I?gi'lqgu gym};
Interception Commissioner Sir Paul Kennedy
Intelligence Services Commissioner Sir Peter Gibson
?1
Judicial oversight:
Commissioners
A Senior Judges: independent of HMG and
Parliament
1 review Secretary of State?s use of powers
under
guaranteed access to agencies
at annual reports to the Prime Minister
Thu Irforrnatnn l5 mrr? E1: of Irfn'rr?m Ad .2053 WWII.) and marl].- mrr? untr bgulanm. In ECHQ on -
- :I-or I?gi'lqgu gym};
Interception Commissioner Sir Paul Kennedy
Intelligence Services Commissioner Sir Peter Gibson
?1
Investigatory Powers
Tribunal (IPT)
- comprises 8 independent lawyers
- investigates complaints against Agencies, law
enforcement etc
- anyone, anywhere may complain
- more than 40 peOple within GCHQ assist in
responding to complaint; audit logs
Thu Irforrnatnn I: cum"! E1: of Irfn?rr?m Ad .2053 and marl].- mrr? urltr nil-Irrle n?IrnatIm bgulanm. In IIHQ on -
JI- :Ir -I?g:hqg5 93-41le
?2
Investigatory Powers
Tribunal (IPT)
- comprises 8 independent lawyers
- investigates complaints against Agencies, law
enforcement etc
- anyone, anywhere may complain
- more than 40 peOple within GCHQ assist in
responding to complaint; audit logs
Thu Irforrnatnn I: cum"! E1: of Irfn?rr?m Ad .2053 and marl].- mrr? urltr nil-Irrle n?IrnatIm bgulanm. In IIHQ on -
JI- :Ir -I?g:hqg5 93-41le
?2
The Tribunal will
what did we do?
was the action authorised?
was it necessary?
was it proportionate?
did GCHQ act reasonably within its powers?
Thu Irformatnn I: cum! E1: Preach-n of Irfn?rr?m Ad .2053 and marl].- urltr nil-Irrle n?IrnatIm bgulanm. Rziirr In IIHQ on -
JI- :Ir -I?g:hqg5 gland-z
TF3
The Tribunal will
what did we do?
was the action authorised?
was it necessary?
was it proportionate?
did GCHQ act reasonably within its powers?
Thu Irformatnn I: cum! E1: Preach-n of Irfn?rr?m Ad .2053 and marl].- urltr nil-Irrle n?IrnatIm bgulanm. Rziirr In IIHQ on -
JI- :Ir -I?g:hqg5 gland-z
TF3
Operational Legalities
Wrap up
Thu Irfn'matnn l5 mn? I11.- Df Irfn'mim Ad .2053 WWII.) and rncqur mnp! untr uU'rrLH nl'n'milm hgula?m. Rzi'rr arrf FCIHI. in GIHQ -
- 1 931'.le
?4
Operational Legalities
Wrap up
Thu Irfn'matnn l5 mn? I11.- Df Irfn'mim Ad .2053 WWII.) and rncqur mnp! untr uU'rrLH nl'n'milm hgula?m. Rzi'rr arrf FCIHI. in GIHQ -
- 1 931'.le
?4
- authorised
necessary
proportionate 2. Location:
beware UK UKUSA
seek authorisation
3. Errors: we are
honest and report them
Thu l5 mrr? E1: of .2053 mrr? urltr haul-anon. Rz?rr In ECHQ on -
- :I-or @911un 91ml?;
1. You are responsible for this
2. Location law
nationality policy
3. We will help you and agree measures to prevent recurrence
?5
- authorised
necessary
proportionate 2. Location:
beware UK UKUSA
seek authorisation
3. Errors: we are
honest and report them
Thu l5 mrr? E1: of .2053 mrr? urltr haul-anon. Rz?rr In ECHQ on -
- :I-or @911un 91ml?;
1. You are responsible for this
2. Location law
nationality policy
3. We will help you and agree measures to prevent recurrence
?5
What does this mean for me?
staff: know what you can
and cannot intercept
-Collectlon manager: help ensure
selectors are justified and proportionate
justify your targeting, seek
warrant or STA where necessary
- eporter: report only what is necessary to
address the requirement
Irforrnatnn l5 H1: ?nch-n hi1 mrr? untr u?'rrLH nl'orn?lm haul-anon. Rz?rr In IIHQ on -
JI- :Ir -I?g:hqg5 93-41le
?6
What does this mean for me?
staff: know what you can
and cannot intercept
-Collectlon manager: help ensure
selectors are justified and proportionate
justify your targeting, seek
warrant or STA where necessary
- eporter: report only what is necessary to
address the requirement
Irforrnatnn l5 H1: ?nch-n hi1 mrr? untr u?'rrLH nl'orn?lm haul-anon. Rz?rr In IIHQ on -
JI- :Ir -I?g:hqg5 93-41le
?6
Contacts
ViSit OPP-LEG in B48
call 36559
- email -@gchq
- OPP-LEG web pages compliance website
- speak to your Legal POC ..
Thu Irfn'mdnn I5 mm! U1.- :Ilr Irfn'rr?m .2053 WOW.) drnaq'lr map! urltr nl'n'rr?lm hguldlm. Rz?rr n: ECHQ -
an
- 1-Dr '?gi'lqgu 931'.le
Don?t forget to sign the attendance sheet or you?ll have to come all
over again!
add your name if it?s not there.
7?
Contacts
ViSit OPP-LEG in B48
call 36559
- email -@gchq
- OPP-LEG web pages compliance website
- speak to your Legal POC ..
Thu Irfn'mdnn I5 mm! U1.- :Ilr Irfn'rr?m .2053 WOW.) drnaq'lr map! urltr nl'n'rr?lm hguldlm. Rz?rr n: ECHQ -
an
- 1-Dr '?gi'lqgu 931'.le
Don?t forget to sign the attendance sheet or you?ll have to come all
over again!
add your name if it?s not there.
7?
Legal 8: Policy [Leads
- DPC-CHE
wag-lunulrmnulmnce?
Den?t forget to Sign the attendance sheet er yeu'll' have to tame all
ever again!
add 1Fleur name it its net there.
?3
Legal 8: Policy [Leads
- DPC-CHE
wag-lunulrmnulmnce?
Den?t forget to Sign the attendance sheet er yeu'll' have to tame all
ever again!
add 1Fleur name it its net there.
?3
Questions?
Thu mrr? H1: Ad .2053 mrr? urthru?'ErLH haul-mun. Lfl?? In IIHQ -
1-Dr-I?gi1qgn gait.le
?9
Questions?
Thu mrr? H1: Ad .2053 mrr? urthru?'ErLH haul-mun. Lfl?? In IIHQ -
1-Dr-I?gi1qgn gait.le
?9