Documents

Operational Legalities – GCHQ Powerpoint Presentation

June 22, 2015

1/156
Download
Page 1 from Operational Legalities – GCHQ Powerpoint Presentation
E: E. E. at E: Operational Legalities
E: E. E. at E: Operational Legalities
Page 2 from Operational Legalities – GCHQ Powerpoint Presentation
Not for display Beware: there are several hidden slides in this presentation. If you see this you will also see the other hidden ones. 0 To find which are hidden, use slide sorter View 0 There?s a print option to ignore hidden slides
Not for display Beware: there are several hidden slides in this presentation. If you see this you will also see the other hidden ones. 0 To find which are hidden, use slide sorter View 0 There?s a print option to ignore hidden slides
Page 3 from Operational Legalities – GCHQ Powerpoint Presentation
Agenda Legal Framework Tasking Targeting incl Location/Nationality SD Coffee/tea What,s OUT g?condlpat?tiesgk I Data Protection Issemina Ion ISC osure . . ff Safeguards Oversight 0 ma secre Wrap_up FOIA Thia information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leghlation. Refer any:r queries to GCHQ on - x- or -@gchq.gai.gov.uk
Agenda Legal Framework Tasking Targeting incl Location/Nationality SD Coffee/tea What,s OUT g?condlpat?tiesgk I Data Protection Issemina Ion ISC osure . . ff Safeguards Oversight 0 ma secre Wrap_up FOIA Thia information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leghlation. Refer any:r queries to GCHQ on - x- or -@gchq.gai.gov.uk
Page 4 from Operational Legalities – GCHQ Powerpoint Presentation
Operational Legalities Legal Framework This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries in GCHQ on - x- or -@gohq.gsi.gov.uk
Operational Legalities Legal Framework This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries in GCHQ on - x- or -@gohq.gsi.gov.uk
Page 5 from Operational Legalities – GCHQ Powerpoint Presentation
Legal Framework Intelligence Services Act 1994 - functions; property interference; oversight Human Rights Act 1998 - public authorities must act in accordance with ECHR Regulation of Investigatory Powers Act 2000 - interception; safeguards; oversight Wireless Telegraphy Act 2006 - interception/interference This information is exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r FGLA queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Legal Framework Intelligence Services Act 1994 - functions; property interference; oversight Human Rights Act 1998 - public authorities must act in accordance with ECHR Regulation of Investigatory Powers Act 2000 - interception; safeguards; oversight Wireless Telegraphy Act 2006 - interception/interference This information is exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r FGLA queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 6 from Operational Legalities – GCHQ Powerpoint Presentation
Intelligence Services Act 0 applies to all operations under control of Director GCHQ defines SIGINT function prescribes purposes for SIGINT function: National Security Economic Well-being of the UK (EWB) Prevention/detection of serious crime under the Freedom oflnformatlon Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Intelligence Services Act 0 applies to all operations under control of Director GCHQ defines SIGINT function prescribes purposes for SIGINT function: National Security Economic Well-being of the UK (EWB) Prevention/detection of serious crime under the Freedom oflnformatlon Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 7 from Operational Legalities – GCHQ Powerpoint Presentation
Human Rights Act 1998 incorporates the ECHR into UK law 0 requires all UK public authorities to act in accordance with the ECHR - allows actions against public authorities by aggrieved parties 0 RIPA, ISA and WTA are the vehicles through which ECHR or compatibility? are met under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Human Rights Act 1998 incorporates the ECHR into UK law 0 requires all UK public authorities to act in accordance with the ECHR - allows actions against public authorities by aggrieved parties 0 RIPA, ISA and WTA are the vehicles through which ECHR or compatibility? are met under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 8 from Operational Legalities – GCHQ Powerpoint Presentation
The European Convention on Human Rights (ECHR) Article 8 is of most obvious relevance to GCHQ: 7L 8.1. ?Everyone has the right to respect for his private and family life. his home and his correspondence. it 8.2. ?There shall be no inten?erence by a public authority With the exercise of this right except such as is in accordance with the law and is under the Freedom oflnformation Act 2000 FGIA) and manyr be exempt under other UK information leghlation. Refer newr . 1 .. I: - x- or -@gchq.gsi.gov.uk
The European Convention on Human Rights (ECHR) Article 8 is of most obvious relevance to GCHQ: 7L 8.1. ?Everyone has the right to respect for his private and family life. his home and his correspondence. it 8.2. ?There shall be no inten?erence by a public authority With the exercise of this right except such as is in accordance with the law and is under the Freedom oflnformation Act 2000 FGIA) and manyr be exempt under other UK information leghlation. Refer newr . 1 .. I: - x- or -@gchq.gsi.gov.uk
Page 9 from Operational Legalities – GCHQ Powerpoint Presentation
The European Convention on Human Rights the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of public health and morals, or for the protection of the rights and freedoms of others.? under the Freedom eflnfermetmn Act 2000 FGIA an menr be exempt under other UK infermatien leghlatbn. Refer ?anyr queries In GCHQ en - ch . 5?
The European Convention on Human Rights the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of public health and morals, or for the protection of the rights and freedoms of others.? under the Freedom eflnfermetmn Act 2000 FGIA an menr be exempt under other UK infermatien leghlatbn. Refer ?anyr queries In GCHQ en - ch . 5?
Page 10 from Operational Legalities – GCHQ Powerpoint Presentation
Need for authorisation ensures compliance with requirements of ECHR and HRA SIGINT intercept/CNE is illegal in UK without it offences) 0 gives visibility of operational activities to GCHQ seniors 505 under the Freedom oflnformation Act 2000 FGIA and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - i x- or -@gchq.gsi.gov.uk
Need for authorisation ensures compliance with requirements of ECHR and HRA SIGINT intercept/CNE is illegal in UK without it offences) 0 gives visibility of operational activities to GCHQ seniors 505 under the Freedom oflnformation Act 2000 FGIA and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - i x- or -@gchq.gsi.gov.uk
Page 11 from Operational Legalities – GCHQ Powerpoint Presentation
Authorisation Regulation of Investigatory Powers Act 2000 Interception 8: surveillance Intelligence Services Act 1994 Effects Wireless Telegraphy Act 2006 Interception interference with wireless telegraphy under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r FGLA queries to GCHQ on - x- or -@gohq.gsi.gov.uk
Authorisation Regulation of Investigatory Powers Act 2000 Interception 8: surveillance Intelligence Services Act 1994 Effects Wireless Telegraphy Act 2006 Interception interference with wireless telegraphy under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r FGLA queries to GCHQ on - x- or -@gohq.gsi.gov.uk
Page 12 from Operational Legalities – GCHQ Powerpoint Presentation
Regulation of Investigatory Powers Act 2000 (RIPA) 9n interception in the UK of comms carried on a public or private telecommunications system i surveillance covert human intelligence source (CHIS) activity acquisition of comms data 9n not just applicable to GCHQ under the Freedom oflnformation Act 2000 FGIA and manyr be exempt under other UK information legislation. Refer ?any:r queries to GCHQ on - i x- or
Regulation of Investigatory Powers Act 2000 (RIPA) 9n interception in the UK of comms carried on a public or private telecommunications system i surveillance covert human intelligence source (CHIS) activity acquisition of comms data 9n not just applicable to GCHQ under the Freedom oflnformation Act 2000 FGIA and manyr be exempt under other UK information legislation. Refer ?any:r queries to GCHQ on - i x- or
Page 13 from Operational Legalities – GCHQ Powerpoint Presentation
RI PA warrants 5. 8(4) ?external? warrants authorise ?at least one end foreign? interception authorise selection according to Certificate entries 9t target must be outside the UK (absent additional authorisation) ensure individuals? ECHR rights are protected on a world-wide basis This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leghlation. Refer amlr queries to GCHQ on - x- or -@gchq.gsi.gov.uk
RI PA warrants 5. 8(4) ?external? warrants authorise ?at least one end foreign? interception authorise selection according to Certificate entries 9t target must be outside the UK (absent additional authorisation) ensure individuals? ECHR rights are protected on a world-wide basis This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leghlation. Refer amlr queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 14 from Operational Legalities – GCHQ Powerpoint Presentation
RIPA warrants 5. 8(1) ?line-access' warrants 9n warrant authorises target (person or premises) in the UK schedules give telecomms addresses 9n schedules are served on those who can provide the communications (usually CSPs) 9L PRESTON This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
RIPA warrants 5. 8(1) ?line-access' warrants 9n warrant authorises target (person or premises) in the UK schedules give telecomms addresses 9n schedules are served on those who can provide the communications (usually CSPs) 9L PRESTON This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 15 from Operational Legalities – GCHQ Powerpoint Presentation
RI PA warra certificates 6 months? duration for N5, 3 months for SC 7t approval and renewal by Secretary of State 7t can be modified addresses, categories i urgency provisions This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
RI PA warra certificates 6 months? duration for N5, 3 months for SC 7t approval and renewal by Secretary of State 7t can be modified addresses, categories i urgency provisions This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 16 from Operational Legalities – GCHQ Powerpoint Presentation
ISA warrants authorisation Computer Misuse Act 1990 (CMA) s.5 warrant necessary if target computer is in the British Islands (NS only) - s.7 authorisation if elsewhere mimics RIPA warrantry - s.7 subject to internal procedures under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
ISA warrants authorisation Computer Misuse Act 1990 (CMA) s.5 warrant necessary if target computer is in the British Islands (NS only) - s.7 authorisation if elsewhere mimics RIPA warrantry - s.7 subject to internal procedures under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 17 from Operational Legalities – GCHQ Powerpoint Presentation
ISA warrants authorisation - 6 months? duration; only not SC for warrant but possible for authorisation approval and renewal by Secretary of State A modification A urgency/operational effectiveness provisions This information exempt under the Freedom oflnformatlon Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
ISA warrants authorisation - 6 months? duration; only not SC for warrant but possible for authorisation approval and renewal by Secretary of State A modification A urgency/operational effectiveness provisions This information exempt under the Freedom oflnformatlon Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 18 from Operational Legalities – GCHQ Powerpoint Presentation
Wireless Telegraphy Act - authorises interception of wireless telegraphy, ie that not covered by RIPA - Secretary of State issues but without limit of time 0 still needs to be proportionate This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Wireless Telegraphy Act - authorises interception of wireless telegraphy, ie that not covered by RIPA - Secretary of State issues but without limit of time 0 still needs to be proportionate This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 19 from Operational Legalities – GCHQ Powerpoint Presentation
RIPA Directed Surveillance Authorisations - GCHQ does directed surveillance when it observes a target with intention of gathering private data on the target's private life, associates and/or activities - excludes historical research eg computer forensics This information fs exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
RIPA Directed Surveillance Authorisations - GCHQ does directed surveillance when it observes a target with intention of gathering private data on the target's private life, associates and/or activities - excludes historical research eg computer forensics This information fs exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 20 from Operational Legalities – GCHQ Powerpoint Presentation
Questions? Thi5 infermatien exempt under the Freedom eflnfarmetien Act 2000 FGIA) and manyr be exempt under other UK inferma?en leghlatien. Refer ?any:r queries In GCHQ en - x- or -@gchq.gai.gev.uk
Questions? Thi5 infermatien exempt under the Freedom eflnfarmetien Act 2000 FGIA) and manyr be exempt under other UK inferma?en leghlatien. Refer ?any:r queries In GCHQ en - x- or -@gchq.gai.gev.uk
Page 21 from Operational Legalities – GCHQ Powerpoint Presentation
Operational Legalities Tasking and Targeting This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gohq.gsi.gov.uk
Operational Legalities Tasking and Targeting This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gohq.gsi.gov.uk
Page 22 from Operational Legalities – GCHQ Powerpoint Presentation
Principles . We operate within the law . We can demonstrate that we operate within the law . Staff have the information they need to be able to comply with the law under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer ?any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Principles . We operate within the law . We can demonstrate that we operate within the law . Staff have the information they need to be able to comply with the law under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer ?any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 23 from Operational Legalities – GCHQ Powerpoint Presentation
All we do has to be: 9? authorised where necessary, under law (ISA, RIPA, WTA), or policy 7? necessary NS, EWB or plus more specific intelligence requirements 9? proportionate manner and extent to which requirement is being met under the Freedom oflnformation Act 2000 FGIA) and moor be exempt under other UK information legislation. Refer ?any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
All we do has to be: 9? authorised where necessary, under law (ISA, RIPA, WTA), or policy 7? necessary NS, EWB or plus more specific intelligence requirements 9? proportionate manner and extent to which requirement is being met under the Freedom oflnformation Act 2000 FGIA) and moor be exempt under other UK information legislation. Refer ?any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 24 from Operational Legalities – GCHQ Powerpoint Presentation
What activities does that apply to? tasking access targeting retention database queries dissemination TD pioneering SD under the Freedom oflnformation Act 2000 FGIA) and menr be exempt under other UK information legklation. Refer ?anyr queries to GCHQ on - x- or -@gohq.gsi.gov.uk
What activities does that apply to? tasking access targeting retention database queries dissemination TD pioneering SD under the Freedom oflnformation Act 2000 FGIA) and menr be exempt under other UK information legklation. Refer ?anyr queries to GCHQ on - x- or -@gohq.gsi.gov.uk
Page 25 from Operational Legalities – GCHQ Powerpoint Presentation
Tasking A ?at least one-end foreign' interception is authorised by external RIPA 8(4) warrant A selection is authorised according to Certificate entries A individuals? ECHR rights are protected on a world-wide basis This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer amlr queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Tasking A ?at least one-end foreign' interception is authorised by external RIPA 8(4) warrant A selection is authorised according to Certificate entries A individuals? ECHR rights are protected on a world-wide basis This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer amlr queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 26 from Operational Legalities – GCHQ Powerpoint Presentation
Targeting name - communications addresses 0 web service authentication data 0 ID card number or passport number 0 driving licence number 0 car registration number 0 bank card/credit card account numbers This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Targeting name - communications addresses 0 web service authentication data 0 ID card number or passport number 0 driving licence number 0 car registration number 0 bank card/credit card account numbers This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 27 from Operational Legalities – GCHQ Powerpoint Presentation
BROAD OAK - strategic target knowledge database 0 users justify and review retention of target knowledge - justification of targeting selectors separate, but may be cascaded from target. Will be default in future iteration of BROAD OAK This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
BROAD OAK - strategic target knowledge database 0 users justify and review retention of target knowledge - justification of targeting selectors separate, but may be cascaded from target. Will be default in future iteration of BROAD OAK This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 28 from Operational Legalities – GCHQ Powerpoint Presentation
:9 ?reeling - Hines!? lrnemel Ehimwl=m1mnu=b .. . .. mg gal-1mm; gnaw radium-mung; ?MimF-?ql {lab-1mm ?ne-emu 35mm. ~5.33m gignwm?q. gamma {?1me ?mum gm TBP UH '5 [lr-lL'I' @9033: Hg; . stun-1i Ina-u El'r'i 'Ti-nr'qa - New Heleuur nary-?ing a mm mm um Ma whip. Err-6i" 1.ralIu-au? Description: 'Businm Email Fm"- H'au?mum El?n-1mm; Pas-.1qu Ella! sum Ea'fgrium Frog: nac- Claw-lat: - ??hm?l?MaHR?I?Iislnq - . Team DelaierF? - Weaiiltll'ls Tar-lath: Hame- Suing: Targeted. an: Eiuim: m: l' m?eulew my: [Iain-?Eons HM Retell-jawed m: El 6F her-15 FRDH 1-in- Ju?Im a! In. cumming -- ?emerge; 1132.311. ma. rm mama" EW: mum; Inn-:4 Hit-alumina?; . sheen ?utllu. warmr? hri?l?dl?r- Warrant Expiry: .-. nge? Mpli?m?un: Elia. urn- I - ,El mm Fm,? ?Mu Fae-seen OH. E. Date Deaem'a'te?. mamabau Eli. Date Suhnitted: immune LasLUMateu ay- Lee: mama-unam: museum it it I: . . gun-1 rm D-hner?ip t-c- uin Urunnrr: WIUREEHT Primh: ?3 eunirll?rp if ail-dun . rlupunzbl-I 31D: 7 Eat: 253':'5 eF ?mi-?lm] Fur 'Ihle 'Ii . I I Luv?; Hen C?urh'y [Mr-ap'h. -EE- Chm. HJA . .. .. .. "Linn main? Jar.? Tia-?ileum Fmtelxm Sew-1t? Lat-El: I SEERET unmercnwauemz Ewe mm Illa-den: ?lm-HH- m?mw In {E'Iim??ent?elemunin any-me rit D-I'l'n-5cm; eel: Lu ruler-E sans :r samurai]: 553-! HME 5M5 31' EMWM SAHDICT LR: EH HGHE 53E 3 This inform-alien is exempt under the Freedom ref Infurn?taljen Act FDIAII and man.r be exempt under ether UH: infunnatiun legislation. Refer any FDIA 'quen'? to GEHQ en- -er .1'1
:9 ?reeling - Hines!? lrnemel Ehimwl=m1mnu=b .. . .. mg gal-1mm; gnaw radium-mung; ?MimF-?ql {lab-1mm ?ne-emu 35mm. ~5.33m gignwm?q. gamma {?1me ?mum gm TBP UH '5 [lr-lL'I' @9033: Hg; . stun-1i Ina-u El'r'i 'Ti-nr'qa - New Heleuur nary-?ing a mm mm um Ma whip. Err-6i" 1.ralIu-au? Description: 'Businm Email Fm"- H'au?mum El?n-1mm; Pas-.1qu Ella! sum Ea'fgrium Frog: nac- Claw-lat: - ??hm?l?MaHR?I?Iislnq - . Team DelaierF? - Weaiiltll'ls Tar-lath: Hame- Suing: Targeted. an: Eiuim: m: l' m?eulew my: [Iain-?Eons HM Retell-jawed m: El 6F her-15 FRDH 1-in- Ju?Im a! In. cumming -- ?emerge; 1132.311. ma. rm mama" EW: mum; Inn-:4 Hit-alumina?; . sheen ?utllu. warmr? hri?l?dl?r- Warrant Expiry: .-. nge? Mpli?m?un: Elia. urn- I - ,El mm Fm,? ?Mu Fae-seen OH. E. Date Deaem'a'te?. mamabau Eli. Date Suhnitted: immune LasLUMateu ay- Lee: mama-unam: museum it it I: . . gun-1 rm D-hner?ip t-c- uin Urunnrr: WIUREEHT Primh: ?3 eunirll?rp if ail-dun . rlupunzbl-I 31D: 7 Eat: 253':'5 eF ?mi-?lm] Fur 'Ihle 'Ii . I I Luv?; Hen C?urh'y [Mr-ap'h. -EE- Chm. HJA . .. .. .. "Linn main? Jar.? Tia-?ileum Fmtelxm Sew-1t? Lat-El: I SEERET unmercnwauemz Ewe mm Illa-den: ?lm-HH- m?mw In {E'Iim??ent?elemunin any-me rit D-I'l'n-5cm; eel: Lu ruler-E sans :r samurai]: 553-! HME 5M5 31' EMWM SAHDICT LR: EH HGHE 53E 3 This inform-alien is exempt under the Freedom ref Infurn?taljen Act FDIAII and man.r be exempt under ether UH: infunnatiun legislation. Refer any FDIA 'quen'? to GEHQ en- -er .1'1
Page 29 from Operational Legalities – GCHQ Powerpoint Presentation
This i nfo rmation Source field - be specific GCHQ report ref and date SRI id and date call records including root number unique customer reference ALWAYS INCLUDE A DATE e-mail from customer voice CRA ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and menr be exempt under other UK information leg?Blation. Refer ?any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
This i nfo rmation Source field - be specific GCHQ report ref and date SRI id and date call records including root number unique customer reference ALWAYS INCLUDE A DATE e-mail from customer voice CRA ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and menr be exempt under other UK information leg?Blation. Refer ?any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 30 from Operational Legalities – GCHQ Powerpoint Presentation
Intelligence requirements 0 use MIRANDA number that equates to intelligence requirement 0 TD - improving specific target knowledge, identifying new sources etc is justified by the intelligence requirement for that target 0 BOT - tick ?SigDevt' box under the Freedom oflnformation Act 2000 FGIA and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - i x- or -@gchq.gsi.gov.uk
Intelligence requirements 0 use MIRANDA number that equates to intelligence requirement 0 TD - improving specific target knowledge, identifying new sources etc is justified by the intelligence requirement for that target 0 BOT - tick ?SigDevt' box under the Freedom oflnformation Act 2000 FGIA and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - i x- or -@gchq.gsi.gov.uk
Page 31 from Operational Legalities – GCHQ Powerpoint Presentation
HRA justification explain exactly why you are targeting this individual don?t just repeat the MIRANDA number but add value BOT - cascade of target-level HRA justi?cation to selectors your responsibility to amend if necessary indirect targeting This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legBIation. Refer anyr queries to GCHQ on - or -@gchq.gsi.gov.uk
HRA justification explain exactly why you are targeting this individual don?t just repeat the MIRANDA number but add value BOT - cascade of target-level HRA justi?cation to selectors your responsibility to amend if necessary indirect targeting This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legBIation. Refer anyr queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 32 from Operational Legalities – GCHQ Powerpoint Presentation
HRA justification Russian Minster for Foreign affairs dialling analysis links to Senior Russian energy policymaker wife of Russian Minister, targeted to provide travel details of target Employee at Chinese Embassy in London Presidential Administration Experts Directorate; access to info on Russian policy affecting UK Russian energy Chinese weapons programme This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legBIation. Refer anyr queries to GCHQ on - or -@gchq.gsi.gov.uk
HRA justification Russian Minster for Foreign affairs dialling analysis links to Senior Russian energy policymaker wife of Russian Minister, targeted to provide travel details of target Employee at Chinese Embassy in London Presidential Administration Experts Directorate; access to info on Russian policy affecting UK Russian energy Chinese weapons programme This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legBIation. Refer anyr queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 33 from Operational Legalities – GCHQ Powerpoint Presentation
This Revalidating targeting make sure it is clear why you are continuing to invade this person?s privacy, so: record your justification for continuing targeting make sure all ?elds contain the most recent information available ongoing process if you can no longer justify targeting, record your reason for deactivating and then deactivate information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on - or -@gchq.gsi.gov.uk
This Revalidating targeting make sure it is clear why you are continuing to invade this person?s privacy, so: record your justification for continuing targeting make sure all ?elds contain the most recent information available ongoing process if you can no longer justify targeting, record your reason for deactivating and then deactivate information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 34 from Operational Legalities – GCHQ Powerpoint Presentation
Data content retrieval UDAQ, DISHFIRE, IIB not all data in these bases is ?selected? retrieval must be: authorised (lawful) necessary proportionate HRA screens; audit logs 0 target in UK datamining STA This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Data content retrieval UDAQ, DISHFIRE, IIB not all data in these bases is ?selected? retrieval must be: authorised (lawful) necessary proportionate HRA screens; audit logs 0 target in UK datamining STA This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 35 from Operational Legalities – GCHQ Powerpoint Presentation
:3 . EH Edi anew Fay-mm Innhluel: I Audra-as mums ?gmemewn ??ier ?e 5 ?555 'jri'f Wen-la tool-i Lit. Item New Query Manager FreFereznces Help Intercept: IUpensc-Lurce I Recoverantere-epl: l? Famdalejieese ll? Famdale_l:24: I Select All I Deselect ell I I SEAR-EH TERMS. Hateh Operator ICentent ?le" er 1 Puter'naljcnalltr adde mu betweer?l all tel-mi :l enter?'? Free-Text Add Te Query I emu-[? NGTI I Query Type: Tran silent query- Name Description i] Unclassi?ed srene Cen?den tial DEN REESE I HESSE SUUNDER Top Secret Hesse sceeEL JUSTIFICATICHN a: Mir-andcl'ligle ?gene gtm? JIC Izl-rierll?lr Furpnse - ngal Guld?l??f view mew me?: under other .LI 7" - Dee trip-Hen Expiry Date QUERY I Dnly Reeulta. Limit to apprux Ilia?I iteme {Mex HEDGE): Schedule: F5 Notify C'l'l Sis-rel I search I lnfunnatiun legislatiun. Refer any FDIA qua-H's In GCHQ cm.- IEI fl?EW
:3 . EH Edi anew Fay-mm Innhluel: I Audra-as mums ?gmemewn ??ier ?e 5 ?555 'jri'f Wen-la tool-i Lit. Item New Query Manager FreFereznces Help Intercept: IUpensc-Lurce I Recoverantere-epl: l? Famdalejieese ll? Famdale_l:24: I Select All I Deselect ell I I SEAR-EH TERMS. Hateh Operator ICentent ?le" er 1 Puter'naljcnalltr adde mu betweer?l all tel-mi :l enter?'? Free-Text Add Te Query I emu-[? NGTI I Query Type: Tran silent query- Name Description i] Unclassi?ed srene Cen?den tial DEN REESE I HESSE SUUNDER Top Secret Hesse sceeEL JUSTIFICATICHN a: Mir-andcl'ligle ?gene gtm? JIC Izl-rierll?lr Furpnse - ngal Guld?l??f view mew me?: under other .LI 7" - Dee trip-Hen Expiry Date QUERY I Dnly Reeulta. Limit to apprux Ilia?I iteme {Mex HEDGE): Schedule: F5 Notify C'l'l Sis-rel I search I lnfunnatiun legislatiun. Refer any FDIA qua-H's In GCHQ cm.- IEI fl?EW
Page 36 from Operational Legalities – GCHQ Powerpoint Presentation
UDAQ A JIC purpose A use appropriate MIRANDA number explain why you are running this query 9L principle applies to use of any Sigint database This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on - or -@gchq.gsi.gov.uk
UDAQ A JIC purpose A use appropriate MIRANDA number explain why you are running this query 9L principle applies to use of any Sigint database This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 37 from Operational Legalities – GCHQ Powerpoint Presentation
Questions you should ask yourself 0 would my justification record be clear to a coHeague? 0 have I justified invading this person?s privacy? 0 will my successor understand? This information is exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Questions you should ask yourself 0 would my justification record be clear to a coHeague? 0 have I justified invading this person?s privacy? 0 will my successor understand? This information is exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 38 from Operational Legalities – GCHQ Powerpoint Presentation
Audits IPTs currently carry out targeting audit 10% of entries each year, randomly chosen all UK entries each year, wildcards each audit 0 quick check of record key HRA aspects: source field HRAjustification MIRANDA number revalidation - UDAQ Events also audited This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer anyr queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Audits IPTs currently carry out targeting audit 10% of entries each year, randomly chosen all UK entries each year, wildcards each audit 0 quick check of record key HRA aspects: source field HRAjustification MIRANDA number revalidation - UDAQ Events also audited This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer anyr queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 39 from Operational Legalities – GCHQ Powerpoint Presentation
Questions? Thi5 infermatien exempt under the Freedom eflnfarmatien Act 2000 FGIA) and manyr be exempt under other UK inferma?en leghlatien. Refer ?any:r queries In GCHQ en - x- or -@gchq.gai.gev.uk
Questions? Thi5 infermatien exempt under the Freedom eflnfarmatien Act 2000 FGIA) and manyr be exempt under other UK inferma?en leghlatien. Refer ?any:r queries In GCHQ en - x- or -@gchq.gai.gev.uk
Page 40 from Operational Legalities – GCHQ Powerpoint Presentation
Operational Legalities Targeting: location and nationality This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Operational Legalities Targeting: location and nationality This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 41 from Operational Legalities – GCHQ Powerpoint Presentation
Location, location, location A Law: specific RIPA authorisation for interception of a target located in the UK 9L Policy: internal authorisation (STA) for a target outside the UK if nationality and/or location is sensitive 9n all targets require HRA justification (GCHQ is a public authority interfering with individuals? human rights) This information ?5 exempt under the Freedom oflnformatlon Act 2000 FGIA) and mayr be exempt under other UK information leg? - ran ueries lo GCHQ on - x- or -@gchq.gsi.gov.uk
Location, location, location A Law: specific RIPA authorisation for interception of a target located in the UK 9L Policy: internal authorisation (STA) for a target outside the UK if nationality and/or location is sensitive 9n all targets require HRA justification (GCHQ is a public authority interfering with individuals? human rights) This information ?5 exempt under the Freedom oflnformatlon Act 2000 FGIA) and mayr be exempt under other UK information leg? - ran ueries lo GCHQ on - x- or -@gchq.gsi.gov.uk
Page 42 from Operational Legalities – GCHQ Powerpoint Presentation
Location? without other information, assume: individual is in their country mobile phone is in country of registration email address with country digraph is there This information is exempt under the Freedom oflnformation Act 2000 FOIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on - or -@gchq.gsi.gov.uk
Location? without other information, assume: individual is in their country mobile phone is in country of registration email address with country digraph is there This information is exempt under the Freedom oflnformation Act 2000 FOIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 43 from Operational Legalities – GCHQ Powerpoint Presentation
Location: belief knowledge 7t belief is n_ot 100% knowledge with hindsight; you must not ?turn a blind eye? 7t based on the information available at any particular time 7t this may vary - so should our response This information is exempt under the Freedom oflnformation Act 2000 FOIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on - or -@gchq.gsi.gov.uk
Location: belief knowledge 7t belief is n_ot 100% knowledge with hindsight; you must not ?turn a blind eye? 7t based on the information available at any particular time 7t this may vary - so should our response This information is exempt under the Freedom oflnformation Act 2000 FOIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 44 from Operational Legalities – GCHQ Powerpoint Presentation
Target arrives or is discovered to be in the next? Consider authorisation options continuation targeting RIPA s.16(5) 5 working days (1 for SC) signed by GCHQ Directorate then over to customer RIPA 5.8(1) warrant under the Freedom oflnformation Act 2000 FOIA and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - ch . 5?
Target arrives or is discovered to be in the next? Consider authorisation options continuation targeting RIPA s.16(5) 5 working days (1 for SC) signed by GCHQ Directorate then over to customer RIPA 5.8(1) warrant under the Freedom oflnformation Act 2000 FOIA and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - ch . 5?
Page 45 from Operational Legalities – GCHQ Powerpoint Presentation
Target in the s.16(3) 9n frequent visitors to the UK or known targets 505 signature required modification to 8(4) certificate 7L new selectors may be used indirect targeting is not allo wed This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Target in the s.16(3) 9n frequent visitors to the UK or known targets 505 signature required modification to 8(4) certificate 7L new selectors may be used indirect targeting is not allo wed This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 46 from Operational Legalities – GCHQ Powerpoint Presentation
If no authorisation is 7L examine and report traffic intercepted up to time you knew target was in UK 7L use B3M HRA ?register? to alert 7L check location using events or THUGGEE 9L examine a cut (B3M UDAQ) every 48 to check whereabouts under the Freedom oflnformation Act 2000 FOIA and mayr be exempt under other UK information legislation. Refer any:r - . i x- or -@gohq.gsi.gov.uk
If no authorisation is 7L examine and report traffic intercepted up to time you knew target was in UK 7L use B3M HRA ?register? to alert 7L check location using events or THUGGEE 9L examine a cut (B3M UDAQ) every 48 to check whereabouts under the Freedom oflnformation Act 2000 FOIA and mayr be exempt under other UK information legislation. Refer any:r - . i x- or -@gohq.gsi.gov.uk
Page 47 from Operational Legalities – GCHQ Powerpoint Presentation
Policy authorisations 0 STA and provide records of actions where UK &/or British Overseas Territory law does not require authorisation respect 2nd Party sensitivities actions are validated by a GCHQ senior (or nominated GC8s in ITT) we can justify targeting if challenged QC is mandatory 7 ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Policy authorisations 0 STA and provide records of actions where UK &/or British Overseas Territory law does not require authorisation respect 2nd Party sensitivities actions are validated by a GCHQ senior (or nominated GC8s in ITT) we can justify targeting if challenged QC is mandatory 7 ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 48 from Operational Legalities – GCHQ Powerpoint Presentation
Datamining STA Datamining STA for target in UK valid for two days named SCS officer signs STA one-off search - Count-only searches: no authorisation needed This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Datamining STA Datamining STA for target in UK valid for two days named SCS officer signs STA one-off search - Count-only searches: no authorisation needed This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 49 from Operational Legalities – GCHQ Powerpoint Presentation
Special C2C authorisations - special access to email communications 0 NS only; limited criteria 0 16(3) or STA also required if location or nationality sensitive - SCS or GC6 approval This information is exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Special C2C authorisations - special access to email communications 0 NS only; limited criteria 0 16(3) or STA also required if location or nationality sensitive - SCS or GC6 approval This information is exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 50 from Operational Legalities – GCHQ Powerpoint Presentation
SRA - authorises receipt of 2 or 3P intelligence on UK?based targets where GCHQ has no authorisation avoids indirect targeting 0 limited period only This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
SRA - authorises receipt of 2 or 3P intelligence on UK?based targets where GCHQ has no authorisation avoids indirect targeting 0 limited period only This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 51 from Operational Legalities – GCHQ Powerpoint Presentation
Operational Legalities SIGINT Development This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Operational Legalities SIGINT Development This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 52 from Operational Legalities – GCHQ Powerpoint Presentation
SD justification - Enhancing GCHQ's capabilities is a national security purpose 0 TD improving specific target knowledge, identifying new sources etc is justified by the intelligence requirement for that target This information ?5 exempt under the Freedom oflnformatlon Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
SD justification - Enhancing GCHQ's capabilities is a national security purpose 0 TD improving specific target knowledge, identifying new sources etc is justified by the intelligence requirement for that target This information ?5 exempt under the Freedom oflnformatlon Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 53 from Operational Legalities – GCHQ Powerpoint Presentation
SD proportionality Restrict to the minimum necessary: 0 refine wide initial terms 0 define length of task and/or volumes - limit dissemination and retention Aim: sustained targeting as soon as practicable This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
SD proportionality Restrict to the minimum necessary: 0 refine wide initial terms 0 define length of task and/or volumes - limit dissemination and retention Aim: sustained targeting as soon as practicable This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 54 from Operational Legalities – GCHQ Powerpoint Presentation
SD reporting 0 you may report from SD traffic - reporting guidelines reflect HRA requirements This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
SD reporting 0 you may report from SD traffic - reporting guidelines reflect HRA requirements This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 55 from Operational Legalities – GCHQ Powerpoint Presentation
Content or metadata? voice mail boxes 0 SMS text 0 an email inside a message 0 email subject line 0 URL beyond the domain name (eg an attached routing diagram This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Content or metadata? voice mail boxes 0 SMS text 0 an email inside a message 0 email subject line 0 URL beyond the domain name (eg an attached routing diagram This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 56 from Operational Legalities – GCHQ Powerpoint Presentation
Content or metadata? - IP address 0 email address - DTMF (tone dialling) - a URL up to the domain (eg - location This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legBIation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Content or metadata? - IP address 0 email address - DTMF (tone dialling) - a URL up to the domain (eg - location This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legBIation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 57 from Operational Legalities – GCHQ Powerpoint Presentation
Content or metadata? password authentication to a communications service communications data other passwords content cookie depends on data may be either This information ts exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Content or metadata? password authentication to a communications service communications data other passwords content cookie depends on data may be either This information ts exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 58 from Operational Legalities – GCHQ Powerpoint Presentation
Questions? Thi5 infermatien exempt under the Freedom eflnfarmetien Act 2000 FGIA) and manyr be exempt under other UK inferma?en leghlatien. Refer ?any:r queries In GCHQ en - x- or -@gchq.gai.gev.uk
Questions? Thi5 infermatien exempt under the Freedom eflnfarmetien Act 2000 FGIA) and manyr be exempt under other UK inferma?en leghlatien. Refer ?any:r queries In GCHQ en - x- or -@gchq.gai.gev.uk
Page 59 from Operational Legalities – GCHQ Powerpoint Presentation
Second Parties Australia, Canada, New Zealand USA . . it: This information is exempt under the Freedom oflnformatien Act 2000 FGIA) pt under other UK informa?nn legislation. Refer ?any:r queries in GCHQ on - . and mayr be exem - or hq galgemuk
Second Parties Australia, Canada, New Zealand USA . . it: This information is exempt under the Freedom oflnformatien Act 2000 FGIA) pt under other UK informa?nn legislation. Refer ?any:r queries in GCHQ on - . and mayr be exem - or hq galgemuk
Page 60 from Operational Legalities – GCHQ Powerpoint Presentation
GCHQ and Second Parties - partners respect each others? laws and policies 2nd parties treat UK nationals as their own - GCHQ must not ask a 2r"d party to do something for which we would need a warrant - we must not task a 2nd party with targeting that would be unlawful in that country I . i - L533: This information is exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leghlation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
GCHQ and Second Parties - partners respect each others? laws and policies 2nd parties treat UK nationals as their own - GCHQ must not ask a 2r"d party to do something for which we would need a warrant - we must not task a 2nd party with targeting that would be unlawful in that country I . i - L533: This information is exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leghlation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 61 from Operational Legalities – GCHQ Powerpoint Presentation
USSID SP0018 No interception of persons in US without a warrant - Court order needed to intercept US persons outside the USA 0 your use of NSA collection databases mUSt reSQt Party laws _d o icies all .FE. - 7 kg This information is exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
USSID SP0018 No interception of persons in US without a warrant - Court order needed to intercept US persons outside the USA 0 your use of NSA collection databases mUSt reSQt Party laws _d o icies all .FE. - 7 kg This information is exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 62 from Operational Legalities – GCHQ Powerpoint Presentation
Operational Legalities Dissemination 8: Disclosure This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Operational Legalities Dissemination 8: Disclosure This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 63 from Operational Legalities – GCHQ Powerpoint Presentation
Dissemination A EP is sole vehicle for passing intelligence to customers Reporting Standards applies proportionality principle to EP This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Dissemination A EP is sole vehicle for passing intelligence to customers Reporting Standards applies proportionality principle to EP This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 64 from Operational Legalities – GCHQ Powerpoint Presentation
Disclosure SIGINT collected under RIPA may not be used in court Relevance to prosecutions A Public Interest Immunity PII certificates This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Disclosure SIGINT collected under RIPA may not be used in court Relevance to prosecutions A Public Interest Immunity PII certificates This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 65 from Operational Legalities – GCHQ Powerpoint Presentation
Questions? Thi5 infermatien exempt under the Freedom eflnfarmetien Act 2000 FGIA) and manyr be exempt under other UK inferma?en leghlatien. Refer ?any:r queries In GCHQ en - x- or -@gchq.gai.gev.uk
Questions? Thi5 infermatien exempt under the Freedom eflnfarmetien Act 2000 FGIA) and manyr be exempt under other UK inferma?en leghlatien. Refer ?any:r queries In GCHQ en - x- or -@gchq.gai.gev.uk
Page 66 from Operational Legalities – GCHQ Powerpoint Presentation
Operational Legalities Safeguards and Oversight This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gohq.gsi.gov.uk
Operational Legalities Safeguards and Oversight This information is exempt under the Freedom oflnformation Act 2000 FGIA) and may:r be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gohq.gsi.gov.uk
Page 67 from Operational Legalities – GCHQ Powerpoint Presentation
RIPA safeguards 9n intercepted material must be destroyed as soon as its retention is no longer 9L it must be looked at, copied and disseminated to the minimum ?n a purpose authorised under the Act A as a matter of policy, GCHQ applies this ethos to all material it acquires, regardless of source policies for EP and data retention This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on - x- or -@gchq.gsi.gou.uk
RIPA safeguards 9n intercepted material must be destroyed as soon as its retention is no longer 9L it must be looked at, copied and disseminated to the minimum ?n a purpose authorised under the Act A as a matter of policy, GCHQ applies this ethos to all material it acquires, regardless of source policies for EP and data retention This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on - x- or -@gchq.gsi.gou.uk
Page 68 from Operational Legalities – GCHQ Powerpoint Presentation
Errors and breaches 7L mistakes happen and we report them A OPP-LEG and LA role: help advice A an apparent error may be: i? breaking the law . a breach of RIPA safeguards nothing to worry about! . A response: procedures, processes training This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Errors and breaches 7L mistakes happen and we report them A OPP-LEG and LA role: help advice A an apparent error may be: i? breaking the law . a breach of RIPA safeguards nothing to worry about! . A response: procedures, processes training This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 69 from Operational Legalities – GCHQ Powerpoint Presentation
Political oversight 7L Executive - a Secretary of State exercises authority over the I 5 services and is answerable to Parliament A Parliament - Intelligence 8: Security Committee examines expenditure, administration and policy (not operations); members within the circle of secrecy; reports annually to Parliament This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer anyr queries to GCHQ on - or -@gchq.gsi.gov.uk
Political oversight 7L Executive - a Secretary of State exercises authority over the I 5 services and is answerable to Parliament A Parliament - Intelligence 8: Security Committee examines expenditure, administration and policy (not operations); members within the circle of secrecy; reports annually to Parliament This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer anyr queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 70 from Operational Legalities – GCHQ Powerpoint Presentation
Judicial oversight: Commissioners 7t Senior Judges: independent of HMG and Parliament 9n review Secretary of State's use of powers under 7L guaranteed access to agencies 9n annual reports to the Prime Minister This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Judicial oversight: Commissioners 7t Senior Judges: independent of HMG and Parliament 9n review Secretary of State's use of powers under 7L guaranteed access to agencies 9n annual reports to the Prime Minister This information exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 71 from Operational Legalities – GCHQ Powerpoint Presentation
Investigatory Powers Tribunal (IPT) comprises 8 independent lawyers investigates complaints against Agencies, law enforcement etc 0 anyone, anywhere may complain more than 40 people within GCHQ assist in responding to complaint; audit logs This information ts exempt under the Freedom oflnformatlon Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Investigatory Powers Tribunal (IPT) comprises 8 independent lawyers investigates complaints against Agencies, law enforcement etc 0 anyone, anywhere may complain more than 40 people within GCHQ assist in responding to complaint; audit logs This information ts exempt under the Freedom oflnformatlon Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer anyr queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 72 from Operational Legalities – GCHQ Powerpoint Presentation
The Tribunal will what did we do? 0 was the action authorised? was it necessary? 0 was it proportionate? - did GCHQ act reasonably within its powers? This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
The Tribunal will what did we do? 0 was the action authorised? was it necessary? 0 was it proportionate? - did GCHQ act reasonably within its powers? This information ?5 exempt under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information leg?Blation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 73 from Operational Legalities – GCHQ Powerpoint Presentation
Operational Legalities Wrap up This information i5 exempt under the Freedom oflnformation Act 2000 FGIA) and ma?yr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Operational Legalities Wrap up This information i5 exempt under the Freedom oflnformation Act 2000 FGIA) and ma?yr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 74 from Operational Legalities – GCHQ Powerpoint Presentation
Key points: does it legally? 1. Your work must be: - authorised - necessary - proportionate 2. Location: beware UK UKUSA seek authorisation 3. Errors: we are honest and report them under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Key points: does it legally? 1. Your work must be: - authorised - necessary - proportionate 2. Location: beware UK UKUSA seek authorisation 3. Errors: we are honest and report them under the Freedom oflnformation Act 2000 FGIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - x- or -@gchq.gsi.gov.uk
Page 75 from Operational Legalities – GCHQ Powerpoint Presentation
What does this mean for me? 0Collection/technical staff: know what you can and cannot intercept -Collection mana? help ensure selectors are justified and proportionate oAnalyst/linguist: justify your targeting, seek warrant or STA where necessary oReporter: report only what is necessary to address the requirement This information entempt under 'Freemm of information Act 2000 FGIA) and mayr be exempt under other UK information legBIation. Refer anyr queries to GCHQ on - or -@gchq.gsi.gov.uk
What does this mean for me? 0Collection/technical staff: know what you can and cannot intercept -Collection mana? help ensure selectors are justified and proportionate oAnalyst/linguist: justify your targeting, seek warrant or STA where necessary oReporter: report only what is necessary to address the requirement This information entempt under 'Freemm of information Act 2000 FGIA) and mayr be exempt under other UK information legBIation. Refer anyr queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 76 from Operational Legalities – GCHQ Powerpoint Presentation
Contacts 0 visit OPP-LEG in B4a - call 36559 0 email laigchq - OPP-LEG web pages compliance website speak to your Legal POC .. This information is exempt under the Freedom oflnformation Act 2000 FOIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Contacts 0 visit OPP-LEG in B4a - call 36559 0 email laigchq - OPP-LEG web pages compliance website speak to your Legal POC .. This information is exempt under the Freedom oflnformation Act 2000 FOIA) and mayr be exempt under other UK information legislation. Refer any:r queries to GCHQ on - or -@gchq.gsi.gov.uk
Page 77 from Operational Legalities – GCHQ Powerpoint Presentation
Legal 8: Policy Leads UPC-CHE erl: Freedom :15 Information Act Film] and men.r be exempt under other UK inl?omaticln legislation. Refer any FDIA queria tn GCHQ cm - a Dr
Legal 8: Policy Leads UPC-CHE erl: Freedom :15 Information Act Film] and men.r be exempt under other UK inl?omaticln legislation. Refer any FDIA queria tn GCHQ cm - a Dr
Page 78 from Operational Legalities – GCHQ Powerpoint Presentation
Questions? Thi5 infermatinn ?5 exempt under the Freed-3m eflnfarmatien Act 2000 FGIA) and manyr be exempt under other UK inferma?nn leghlatinn. Refer ?any:r queries 13:: GCHQ en - x- or -@gchq.gai.gev.uk
Questions? Thi5 infermatinn ?5 exempt under the Freed-3m eflnfarmatien Act 2000 FGIA) and manyr be exempt under other UK inferma?nn leghlatinn. Refer ?any:r queries 13:: GCHQ en - x- or -@gchq.gai.gev.uk
Page 79 from Operational Legalities – GCHQ Powerpoint Presentation
Operational Legalities II I Protective marking of these notes: SECRET STRAPI Protective marking of slides: UNCLASSIFIED CORINTH Intro; welcome; aims legal framework and how to apply this in day- to-day work GCHQ operates within the law; everyone?s responsibility; but we?re here to help Training is part of that But we also: -Offer advice (desk, legal inbox, etc) aim for prompt service; lawyers always on hand as well; -Deal with warrantry and disclosure -Help shape new tools and applications -Develop new policy as new requirements emerge, esp. with new techniques, accesses etc that want to exploit Our job is to enable Sigint: we have processes that enable us to do things that would be illegal to the man on the street But with that comes responsibilities.
Operational Legalities II I Protective marking of these notes: SECRET STRAPI Protective marking of slides: UNCLASSIFIED CORINTH Intro; welcome; aims legal framework and how to apply this in day- to-day work GCHQ operates within the law; everyone?s responsibility; but we?re here to help Training is part of that But we also: -Offer advice (desk, legal inbox, etc) aim for prompt service; lawyers always on hand as well; -Deal with warrantry and disclosure -Help shape new tools and applications -Develop new policy as new requirements emerge, esp. with new techniques, accesses etc that want to exploit Our job is to enable Sigint: we have processes that enable us to do things that would be illegal to the man on the street But with that comes responsibilities.
Page 80 from Operational Legalities – GCHQ Powerpoint Presentation
Not for display - Beware: there are several hidden slides in this presentation. If you see this you will also see the other hidden ones. - To find which are hidden, use slide sorter View - There?s a print option to ignore hidden slides
Not for display - Beware: there are several hidden slides in this presentation. If you see this you will also see the other hidden ones. - To find which are hidden, use slide sorter View - There?s a print option to ignore hidden slides
Page 81 from Operational Legalities – GCHQ Powerpoint Presentation
Agenda Legal Framework Tasking Targeting incl Location/Nationality SD Co?ee/tea What?s OUT Second Parties Data Protection Dissemination Disclosure Of?cial Secrets Safeguards 8i Oversight 01A Wrap-up Thu .5 unir rim or his ma?a-minim: bim?g?ff "r?m'm him-?m- m? mm ?3 - Structure Blue lawyer, green (red audience) 30-minute brief intro to legal framework - lawyer 30 minutes on how this is applied to tasking and targeting OPP-LEG 15 minutes coffee-tea break when you can pick up and read quiz sheets 15 minutes on SD and Second Parties OPP-LEG 15 minutes in groups to consider quiz 15 minutes led discussion on quiz questions 15 minutes on legal safeguards and oversight 15 minutes for wrap-up and further questions Handouts on targeting and feedback sheet at the end Reporting governed by same principles as targeting so covered in general terms, but IPUL do the detailed guidance Happy to take questions as we go along but if they?re on other areas please leave sure we?ye covered the main material ?rst. Ask about jargonll
Agenda Legal Framework Tasking Targeting incl Location/Nationality SD Co?ee/tea What?s OUT Second Parties Data Protection Dissemination Disclosure Of?cial Secrets Safeguards 8i Oversight 01A Wrap-up Thu .5 unir rim or his ma?a-minim: bim?g?ff "r?m'm him-?m- m? mm ?3 - Structure Blue lawyer, green (red audience) 30-minute brief intro to legal framework - lawyer 30 minutes on how this is applied to tasking and targeting OPP-LEG 15 minutes coffee-tea break when you can pick up and read quiz sheets 15 minutes on SD and Second Parties OPP-LEG 15 minutes in groups to consider quiz 15 minutes led discussion on quiz questions 15 minutes on legal safeguards and oversight 15 minutes for wrap-up and further questions Handouts on targeting and feedback sheet at the end Reporting governed by same principles as targeting so covered in general terms, but IPUL do the detailed guidance Happy to take questions as we go along but if they?re on other areas please leave sure we?ye covered the main material ?rst. Ask about jargonll
Page 82 from Operational Legalities – GCHQ Powerpoint Presentation
Operational Legalities Legal Framework Thu Irfn'matnn l5 mn? I11.- Df Ad .2053 WWII.) and rncqur mnp! untr uU'rrLH nl'n'milm hgula?m. Rzl'rr arrf FCIHI. in GIHQ l'.l'l - JI- :Ir 9:1.le
Operational Legalities Legal Framework Thu Irfn'matnn l5 mn? I11.- Df Ad .2053 WWII.) and rncqur mnp! untr uU'rrLH nl'n'milm hgula?m. Rzl'rr arrf FCIHI. in GIHQ l'.l'l - JI- :Ir 9:1.le
Page 83 from Operational Legalities – GCHQ Powerpoint Presentation
Legal Framework Intelligence Services Act 1994 - functions; property interference; oversight Human Rights Act 1998 - public authorities must act in accordance with ECHR Regulation of Investigatory Powers Act 2000 - interception; safeguards; oversight Wireless Telegraphy Act 2006 - interception/interference The Irl'nn'nabnn l5 emf! umbrle Freedom Dl" ha! zoos and maybe Hermit u'lcbr ull'lrLN Irfn'rnallmlegubllm. Refer err,? FDTII. qumuz In ECHQ on - - - This is the legal framework that affect GCHQ Sigint operations and sets out the 3 main Acts. - ISA - governs the functions of GCHQ - HRA - helps protect people?s privacy in general NOT just their communications eg people round Heathrow?s new terminal feel their privan is being violated - it gained Roval Assent in 1998 but didn?t come into effect until 2 October 2000 when RIPA was set up. - RIPA is the mechanism we use by which we make it ok to carrv out interception - WTA covers interception of am; wireless telegraphv not covered by RIPA Background: - HRA was a manifesto commitment of the new labour govt in 199? to allow people under ECHR to pursue a case through the UK courts if grievance claim that their HR have been interfered with; rather than taking it to Strasbourg - Roval assent - act on statute books - signed by Queen - RIPA 2000 covered for interception and surveillance comms data provided for 5 Januarv 2004
Legal Framework Intelligence Services Act 1994 - functions; property interference; oversight Human Rights Act 1998 - public authorities must act in accordance with ECHR Regulation of Investigatory Powers Act 2000 - interception; safeguards; oversight Wireless Telegraphy Act 2006 - interception/interference The Irl'nn'nabnn l5 emf! umbrle Freedom Dl" ha! zoos and maybe Hermit u'lcbr ull'lrLN Irfn'rnallmlegubllm. Refer err,? FDTII. qumuz In ECHQ on - - - This is the legal framework that affect GCHQ Sigint operations and sets out the 3 main Acts. - ISA - governs the functions of GCHQ - HRA - helps protect people?s privacy in general NOT just their communications eg people round Heathrow?s new terminal feel their privan is being violated - it gained Roval Assent in 1998 but didn?t come into effect until 2 October 2000 when RIPA was set up. - RIPA is the mechanism we use by which we make it ok to carrv out interception - WTA covers interception of am; wireless telegraphv not covered by RIPA Background: - HRA was a manifesto commitment of the new labour govt in 199? to allow people under ECHR to pursue a case through the UK courts if grievance claim that their HR have been interfered with; rather than taking it to Strasbourg - Roval assent - act on statute books - signed by Queen - RIPA 2000 covered for interception and surveillance comms data provided for 5 Januarv 2004
Page 84 from Operational Legalities – GCHQ Powerpoint Presentation
Intelligence Services Act - applies to all operations under control of Director GCHQ - defines SIGINT function - prescribes purposes for SIGINT function: National Security Economic Well-being of the UK (EWB) Prevention/detection of serious crime This Is mm! unir of Irfn'rnatm Ad map! untr nl'n'rnatlm hgula?m. Rzl'rr in IIHQ on - '3 zero momma maybe -a-nr- mum-m Until 1994, GCHQ and SIS did not have an act in law to de?ne their function. BSS have the Security Services Act; ISA followed this. De?nition: to monitor or interfere with electromagnetic, acoustic and other emissions and any equipment producing such emissions and to obtain and provide information derived from or related to such emissions or equipment and ?om material Advice and assistance about languages and Broad covers passive collection; now also covers computer network exploitation; rare to ?nd something that it doesn?t cover. BUT Act does closely preso?ibe purposa for which GCHQ can exercise this function. 3 purposes. Jonny stealing a Mars Bar example! We are driven by customer requirements and need to make sure that what we are asked to do falls within these 3 categories (SC has four de?nitions, de?ned under RIPA). This is the hard law; it?s the basic starting point; once we have established that work meets this, move onto other considerations.
Intelligence Services Act - applies to all operations under control of Director GCHQ - defines SIGINT function - prescribes purposes for SIGINT function: National Security Economic Well-being of the UK (EWB) Prevention/detection of serious crime This Is mm! unir of Irfn'rnatm Ad map! untr nl'n'rnatlm hgula?m. Rzl'rr in IIHQ on - '3 zero momma maybe -a-nr- mum-m Until 1994, GCHQ and SIS did not have an act in law to de?ne their function. BSS have the Security Services Act; ISA followed this. De?nition: to monitor or interfere with electromagnetic, acoustic and other emissions and any equipment producing such emissions and to obtain and provide information derived from or related to such emissions or equipment and ?om material Advice and assistance about languages and Broad covers passive collection; now also covers computer network exploitation; rare to ?nd something that it doesn?t cover. BUT Act does closely preso?ibe purposa for which GCHQ can exercise this function. 3 purposes. Jonny stealing a Mars Bar example! We are driven by customer requirements and need to make sure that what we are asked to do falls within these 3 categories (SC has four de?nitions, de?ned under RIPA). This is the hard law; it?s the basic starting point; once we have established that work meets this, move onto other considerations.
Page 85 from Operational Legalities – GCHQ Powerpoint Presentation
Human Rights Act 1998 - incorporates the ECHR into UK law - requires all UK public authorities to act in accordance with the ECHR - allows actions against public authorities by aggrieved parties - RIPA, ISA and WTA are the vehicles through which ECHR or compatibility? are met bl.- amp! u'lchr :Itl'lrrUH nl'n'rr?lm hgula?m. Refer mfFCIllI. [cl IIHQ - may - JI- :Ir 91rd?; Th5 Irl'cln'na?m I5 Freedom DfIrl'cln'nanm Ad .2 ECHR: post WW2, nations combined to ensure atrocities didn?t happen again -as a public authority it is unlawful for GCHQ to act in a way which is incompatible with a convention right - Public authorities are of 3 types: - government depts/health authorities/armed forces/police (NUT parliament) - courts and tribunals - personlorg carrying out functions of public nature (eg Railtrack when acting as safety regulator but not as commercial property developer) - Some are absolute: eg. right to life, to protection from torture, inhuman and degrading treatment and punishment - Some are limited eg. the right to liberty (unless you commit an offence) and to a fair trial can be limited under explicit and ?nite circumstances de?ned in the Convention itself. - Others are .. Term HRA will be known to many of you if you target, use Corinth easy to forget that this is part of UK law Point 3: compliance and oversight more later
Human Rights Act 1998 - incorporates the ECHR into UK law - requires all UK public authorities to act in accordance with the ECHR - allows actions against public authorities by aggrieved parties - RIPA, ISA and WTA are the vehicles through which ECHR or compatibility? are met bl.- amp! u'lchr :Itl'lrrUH nl'n'rr?lm hgula?m. Refer mfFCIllI. [cl IIHQ - may - JI- :Ir 91rd?; Th5 Irl'cln'na?m I5 Freedom DfIrl'cln'nanm Ad .2 ECHR: post WW2, nations combined to ensure atrocities didn?t happen again -as a public authority it is unlawful for GCHQ to act in a way which is incompatible with a convention right - Public authorities are of 3 types: - government depts/health authorities/armed forces/police (NUT parliament) - courts and tribunals - personlorg carrying out functions of public nature (eg Railtrack when acting as safety regulator but not as commercial property developer) - Some are absolute: eg. right to life, to protection from torture, inhuman and degrading treatment and punishment - Some are limited eg. the right to liberty (unless you commit an offence) and to a fair trial can be limited under explicit and ?nite circumstances de?ned in the Convention itself. - Others are .. Term HRA will be known to many of you if you target, use Corinth easy to forget that this is part of UK law Point 3: compliance and oversight more later
Page 86 from Operational Legalities – GCHQ Powerpoint Presentation
The European Convention on Human Rights (ECHR) Article 8 is of most obvious relevance to GCHQ: 8.1. ?Everyone has the right to respect for his private and family life, his home and his correspondence. 8.2. ?There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic Thu mm"! E1: Front-n ofIrfn'rr?m hi1 cal:an bgulanm.2053 WWII.) and may l1- -a-nr- mam-m .- psal- Obvious why relevant to GCHQ examining forms of intercept; very intrusive. e.g. Heathrow night ?ights; partially successful. 8.2 is key right to privacy is not absolute. Public authorities may interfere 1with this if certain conditions are met. Brings concept of proportionality into UK law for ?rst time. Ends mustjuslify means; Sigint as last resort.
The European Convention on Human Rights (ECHR) Article 8 is of most obvious relevance to GCHQ: 8.1. ?Everyone has the right to respect for his private and family life, his home and his correspondence. 8.2. ?There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic Thu mm"! E1: Front-n ofIrfn'rr?m hi1 cal:an bgulanm.2053 WWII.) and may l1- -a-nr- mam-m .- psal- Obvious why relevant to GCHQ examining forms of intercept; very intrusive. e.g. Heathrow night ?ights; partially successful. 8.2 is key right to privacy is not absolute. Public authorities may interfere 1with this if certain conditions are met. Brings concept of proportionality into UK law for ?rst time. Ends mustjuslify means; Sigint as last resort.
Page 87 from Operational Legalities – GCHQ Powerpoint Presentation
The European Convention on Human Rights the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of public health and morals, or for the protection of the rights and freedoms of others.? Thu mrr? H1: Fr?ch'n Ad .2053 mm untro?trLK nl'brrnatlm bgulanm. Rziirr In IIHQ on - gonad-z ?Just? 3 at the moment. No reason why remit could not be changed in future but this is 1what we are allowed to do at the moment.
The European Convention on Human Rights the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of public health and morals, or for the protection of the rights and freedoms of others.? Thu mrr? H1: Fr?ch'n Ad .2053 mm untro?trLK nl'brrnatlm bgulanm. Rziirr In IIHQ on - gonad-z ?Just? 3 at the moment. No reason why remit could not be changed in future but this is 1what we are allowed to do at the moment.
Page 88 from Operational Legalities – GCHQ Powerpoint Presentation
Need for authorisation - ensures compliance with requirements of ECHR and HRA - SIGINT intercept/CNE is illegal in UK without it offences) - gives visibility of operational activities to GCHQ seniors 505 Thu Irfn'matnn new H1.- of Irfn'rr?m Ad .2053 WOW.) drna'rlr mm urltr nrn'rnatlm bgulanm. Rzl'cr n: GCHQ on - an - 1-Dr '?gi'lqgu grand-z 1. Hard reason criminal offence. Give example of journalist recentlv jailed. Civil servants are not immune from prosecution. 2. Soft reason. Means that someone, usuallv makes a judgement of proportionality and necessity. 3. Policy. 10
Need for authorisation - ensures compliance with requirements of ECHR and HRA - SIGINT intercept/CNE is illegal in UK without it offences) - gives visibility of operational activities to GCHQ seniors 505 Thu Irfn'matnn new H1.- of Irfn'rr?m Ad .2053 WOW.) drna'rlr mm urltr nrn'rnatlm bgulanm. Rzl'cr n: GCHQ on - an - 1-Dr '?gi'lqgu grand-z 1. Hard reason criminal offence. Give example of journalist recentlv jailed. Civil servants are not immune from prosecution. 2. Soft reason. Means that someone, usuallv makes a judgement of proportionality and necessity. 3. Policy. 10
Page 89 from Operational Legalities – GCHQ Powerpoint Presentation
Authorisation Regulation of Investigatory Powers Act 2000 Interception surveillance Intelligence Services Act 1994 Effects Wireless Telegraphy Act 2006 Interception interference with wireless telegra phy Thu Irformotnn I5 mm! Eh.- cf Irfn'rr?m Ad .2053 Elmo'be map! untr nl'n'rr?lm hgulanm. Refer n: GZHQ on - on W1qu Lt (Other considerations e.g. oversight) but this is what each one authorises. More detail on RIPA and ISA to follow Surveillance for GCHQ, tends to be electronic surveillance (JTRIG) although covers more ?traditional? forms of surveillance WTA e.g. police broadcasts 11
Authorisation Regulation of Investigatory Powers Act 2000 Interception surveillance Intelligence Services Act 1994 Effects Wireless Telegraphy Act 2006 Interception interference with wireless telegra phy Thu Irformotnn I5 mm! Eh.- cf Irfn'rr?m Ad .2053 Elmo'be map! untr nl'n'rr?lm hgulanm. Refer n: GZHQ on - on W1qu Lt (Other considerations e.g. oversight) but this is what each one authorises. More detail on RIPA and ISA to follow Surveillance for GCHQ, tends to be electronic surveillance (JTRIG) although covers more ?traditional? forms of surveillance WTA e.g. police broadcasts 11
Page 90 from Operational Legalities – GCHQ Powerpoint Presentation
Regulation of Investigatory Powers Act 2000 (RIPA) interception in the UK of comms carried on a public or private telecommunications system 9? surveillance covert human intelligence source (CHIS) activity 9? acquisition of comms data i not just applicable to GCHQ Th: Irrnn'nonm I: min-nit! umbrle Freedom Di" Irl'nrrnabm Sui zoos and maybe Hermit u'lcbr Irfn'rnallmlegslallm. Refer arr,? FDTII. qumuz In on - - gunk. IRIPA - - provides for interception and surveillance by public authorities since HRA came into force - It focuses on rights of individuals located in the UK (regardless of nationality) and provides for warrants to be issued to authorise interception of comms (including comms outside UK) -Point 2 GCHQ could do this in law but hasn?t to date; Joint Section work with covered by their warrants. -Point 3 covers data direct from CSPs -Also police, fraud of?ce, anvone carrying out intercept 12
Regulation of Investigatory Powers Act 2000 (RIPA) interception in the UK of comms carried on a public or private telecommunications system 9? surveillance covert human intelligence source (CHIS) activity 9? acquisition of comms data i not just applicable to GCHQ Th: Irrnn'nonm I: min-nit! umbrle Freedom Di" Irl'nrrnabm Sui zoos and maybe Hermit u'lcbr Irfn'rnallmlegslallm. Refer arr,? FDTII. qumuz In on - - gunk. IRIPA - - provides for interception and surveillance by public authorities since HRA came into force - It focuses on rights of individuals located in the UK (regardless of nationality) and provides for warrants to be issued to authorise interception of comms (including comms outside UK) -Point 2 GCHQ could do this in law but hasn?t to date; Joint Section work with covered by their warrants. -Point 3 covers data direct from CSPs -Also police, fraud of?ce, anvone carrying out intercept 12
Page 91 from Operational Legalities – GCHQ Powerpoint Presentation
RI PA warrants 5. 8(4) ?external' warrants authorise ?at least one end foreign? interception authorise selection according to Certi?cate entries 1 target must be outside the UK (absent additional authorisation) ensure individuals? ECHR rights are protected on a world-wide basis Thu new H1.- of Irfn'rr?m hi: .2 drna'rlr mm urltr nrn'rnatlm bgulanm. Rzl'cr n: GCHQ on - - :I-or '?gi'lqgu gourd-z [Pass round copy of certi?cate - later] Mention SD and DefMon are covered We have 10 one ?global? that covers Bude, MHS, Cyprus -others for special source accesses Selection of material governed by Certi?cate, specifying general categories of material, rather than a speci?c individualiselectors. Categories broadly mirror JIC requirements. Slide 4 individual?s rights protected on world-wide basis; also allows for anyone anywhere in the world to complain about our actions; means we can demonstrate to Tribunal that we have acted lawfully. 13
RI PA warrants 5. 8(4) ?external' warrants authorise ?at least one end foreign? interception authorise selection according to Certi?cate entries 1 target must be outside the UK (absent additional authorisation) ensure individuals? ECHR rights are protected on a world-wide basis Thu new H1.- of Irfn'rr?m hi: .2 drna'rlr mm urltr nrn'rnatlm bgulanm. Rzl'cr n: GCHQ on - - :I-or '?gi'lqgu gourd-z [Pass round copy of certi?cate - later] Mention SD and DefMon are covered We have 10 one ?global? that covers Bude, MHS, Cyprus -others for special source accesses Selection of material governed by Certi?cate, specifying general categories of material, rather than a speci?c individualiselectors. Categories broadly mirror JIC requirements. Slide 4 individual?s rights protected on world-wide basis; also allows for anyone anywhere in the world to complain about our actions; means we can demonstrate to Tribunal that we have acted lawfully. 13
Page 92 from Operational Legalities – GCHQ Powerpoint Presentation
RI PA warrants 5. 8(1) ?line-access' warrants warrant authorises target (person or premises) in the UK 9? schedules give telecomms addresses 9? schedules are served on those who can provide the communications (usually CSPs) PRESTON Thu Irfn'mdnn I5 mm! unir cf Irfn'rr?m in map! urltr nl'n'rr?lm hgula?m. Refer [n IIHQ on - 205: -a-nr- mum-m RIPA makes no distinction based on nationality (cf. there?ll be a slide on this later. The address can be a tel no or an email address warrant signed by but Schedules can be modi?ed by WLD (Whitehall liaison department) or by a Director in an emergencv GCHQ all current warrants are against premises rather than individuals because of demarcation of responsibilities (us: foreign intel; BSS internal UK although we may do intercept for them) GCHQ must have schedule served on it to target selectors on our external warrant; see error report in legal inbox 26/10/2001 Expand CSPs if not mentioned alreadv once served by a schedule, have to comply with it (law). GCHQ can also be served bv schedules. GCHQ therefore insists on seeing copies of warrant schedules before taking action because of previous muck-ups which have had to be repented to the Commissioner. Involves simple, well-established comms process between LEG and SS warrantrv team. Sav: No schedule No targeting! 14
RI PA warrants 5. 8(1) ?line-access' warrants warrant authorises target (person or premises) in the UK 9? schedules give telecomms addresses 9? schedules are served on those who can provide the communications (usually CSPs) PRESTON Thu Irfn'mdnn I5 mm! unir cf Irfn'rr?m in map! urltr nl'n'rr?lm hgula?m. Refer [n IIHQ on - 205: -a-nr- mum-m RIPA makes no distinction based on nationality (cf. there?ll be a slide on this later. The address can be a tel no or an email address warrant signed by but Schedules can be modi?ed by WLD (Whitehall liaison department) or by a Director in an emergencv GCHQ all current warrants are against premises rather than individuals because of demarcation of responsibilities (us: foreign intel; BSS internal UK although we may do intercept for them) GCHQ must have schedule served on it to target selectors on our external warrant; see error report in legal inbox 26/10/2001 Expand CSPs if not mentioned alreadv once served by a schedule, have to comply with it (law). GCHQ can also be served bv schedules. GCHQ therefore insists on seeing copies of warrant schedules before taking action because of previous muck-ups which have had to be repented to the Commissioner. Involves simple, well-established comms process between LEG and SS warrantrv team. Sav: No schedule No targeting! 14
Page 93 from Operational Legalities – GCHQ Powerpoint Presentation
RI PA wa rra nts/ certificates 6 months? duration for 3 months for SC approval and renewal by Secretary of State at can be modified addresses, categories i urgency provisions The mrr? H1: :fIrfn'rr?m hi: .2 drnaq'lr mm! bgulonm. Refer turtles In ECHQ on - - 1-Dr I?gi'lqgu grand-z Urgency: -GCHQ senior of?cial (on list) may sign: -urgent 8(1) warrant if expressly authorised by schedule modi?cation -16(3) urgent modi?cation 15
RI PA wa rra nts/ certificates 6 months? duration for 3 months for SC approval and renewal by Secretary of State at can be modified addresses, categories i urgency provisions The mrr? H1: :fIrfn'rr?m hi: .2 drnaq'lr mm! bgulonm. Refer turtles In ECHQ on - - 1-Dr I?gi'lqgu grand-z Urgency: -GCHQ senior of?cial (on list) may sign: -urgent 8(1) warrant if expressly authorised by schedule modi?cation -16(3) urgent modi?cation 15
Page 94 from Operational Legalities – GCHQ Powerpoint Presentation
ISA warrants 8: authorisation - Computer Misuse Act 1990 (CMA) - s.5 warrant necessary if target computer is in the British Islands (NS only) - s.7 authorisation if elsewhere - mimics RIPA warrantry - s.7 subject to internal procedures This Irfn'rnatnn new H1.- cf Irfn'rr?m hi: .2 drna'rlr mm urltr nrn'rnatlm bgulanm. Rzi'cr n: GCHQ on - - :I-or @911un grand-z 1. Criminal offence to interfere with someone?s computer unless properly authorised. Viewed seriously in the possible jail terms due to increase to between 5-10 years. 2. Signed by 3. Signed by but individual operations signed by DD, allows CNE more ?exibility. 16
ISA warrants 8: authorisation - Computer Misuse Act 1990 (CMA) - s.5 warrant necessary if target computer is in the British Islands (NS only) - s.7 authorisation if elsewhere - mimics RIPA warrantry - s.7 subject to internal procedures This Irfn'rnatnn new H1.- cf Irfn'rr?m hi: .2 drna'rlr mm urltr nrn'rnatlm bgulanm. Rzi'cr n: GCHQ on - - :I-or @911un grand-z 1. Criminal offence to interfere with someone?s computer unless properly authorised. Viewed seriously in the possible jail terms due to increase to between 5-10 years. 2. Signed by 3. Signed by but individual operations signed by DD, allows CNE more ?exibility. 16
Page 95 from Operational Legalities – GCHQ Powerpoint Presentation
ISA warrants 8: authorisation - 6 months? duration; only not SC for warrant but possible for authorisation - approval and renewal by Secretary of State modification 1 urgency/operational effectiveness provisions Thu mrr? H1: DfIrfn'rr?m hi: .2 drna'rlr marl bgulanm. Rzi'cr turtles In ECHQ on - - :I-or I?gi'lqgu grand-z Urgency: - GCHQ senior of?cial (on list) may sign: - Urgent s.5 warrant to do something alreadv authorised abroad under a authorisation - 5-day grace extension when machine enters UK 1?
ISA warrants 8: authorisation - 6 months? duration; only not SC for warrant but possible for authorisation - approval and renewal by Secretary of State modification 1 urgency/operational effectiveness provisions Thu mrr? H1: DfIrfn'rr?m hi: .2 drna'rlr marl bgulanm. Rzi'cr turtles In ECHQ on - - :I-or I?gi'lqgu grand-z Urgency: - GCHQ senior of?cial (on list) may sign: - Urgent s.5 warrant to do something alreadv authorised abroad under a authorisation - 5-day grace extension when machine enters UK 1?
Page 96 from Operational Legalities – GCHQ Powerpoint Presentation
Wireless Teleg raphy Act - authorises interception of wireless ie that not covered by RIPA - Secretary of State issues but without limit of time - still needs to be proportionate Thu I: cum"! E1: ?nch-n of Irfn?rr?m Ad .2053 and marl].- urltr nil-Irrle n?a'rr?lm haul-anon. Rz?rr In IIHQ on - JI- :Ir -I?g:hqg5 93-41le 18
Wireless Teleg raphy Act - authorises interception of wireless ie that not covered by RIPA - Secretary of State issues but without limit of time - still needs to be proportionate Thu I: cum"! E1: ?nch-n of Irfn?rr?m Ad .2053 and marl].- urltr nil-Irrle n?a'rr?lm haul-anon. Rz?rr In IIHQ on - JI- :Ir -I?g:hqg5 93-41le 18
Page 97 from Operational Legalities – GCHQ Powerpoint Presentation
RIPA Directed Surveillance Authorisations - GCHQ does directed surveillance when it observes a target with intention of gathering private data on the target?s private lifejr associates and/or activities - excludes historical research eg computer forensics Thu Irfn'rr?nn l5 mun-rt! E1: cf Irfn'rr?m Ad .2053 mrr? untr n?a'rr?lm bgulanm. Rzlirr In IIHQ on - 1-Dr I?gi'lqgu guard-z - SI gn ed Internally JTRIG including JEDI pods Passive internet monitoring 19
RIPA Directed Surveillance Authorisations - GCHQ does directed surveillance when it observes a target with intention of gathering private data on the target?s private lifejr associates and/or activities - excludes historical research eg computer forensics Thu Irfn'rr?nn l5 mun-rt! E1: cf Irfn'rr?m Ad .2053 mrr? untr n?a'rr?lm bgulanm. Rzlirr In IIHQ on - 1-Dr I?gi'lqgu guard-z - SI gn ed Internally JTRIG including JEDI pods Passive internet monitoring 19
Page 98 from Operational Legalities – GCHQ Powerpoint Presentation
Questions? Thu mrr? H1: ?nch-n DfIrfDm?m Ad .2053 mm! untru?rrLH nl'm'mtlm JI- :Ir -I?g:hqg5 93-4:le hgulmm. Rz?rr qumes n: GEHQ - 20
Questions? Thu mrr? H1: ?nch-n DfIrfDm?m Ad .2053 mm! untru?rrLH nl'm'mtlm JI- :Ir -I?g:hqg5 93-4:le hgulmm. Rz?rr qumes n: GEHQ - 20
Page 99 from Operational Legalities – GCHQ Powerpoint Presentation
Operational Legalities Tasking and Targeting Thu l5 mn? I11.- pf Ad .2053 WWII.) and maybe mnp! untr uU'rrLH nl'n'matlm hgulmm. Refer arrf FCIHI. [cl GIHQ l'.l'l - 1 - So you?ve heard about the principal laws that affect our work. So the next pant i5 1what that means to us in practice. 21
Operational Legalities Tasking and Targeting Thu l5 mn? I11.- pf Ad .2053 WWII.) and maybe mnp! untr uU'rrLH nl'n'matlm hgulmm. Refer arrf FCIHI. [cl GIHQ l'.l'l - 1 - So you?ve heard about the principal laws that affect our work. So the next pant i5 1what that means to us in practice. 21
Page 100 from Operational Legalities – GCHQ Powerpoint Presentation
Principles 1. We operate within the law 2. We can demonstrate that we operate within the law 3. Staff have the information they need to be able to comply with the law Thu I: cum"! E1: Fruit-n cf Irfn'rr?m Ad .2053 mm'I urltr u?'rrLN n?a'rr?lm bgulmn'l. Rz?rr In IIHQ - - 22
Principles 1. We operate within the law 2. We can demonstrate that we operate within the law 3. Staff have the information they need to be able to comply with the law Thu I: cum"! E1: Fruit-n cf Irfn'rr?m Ad .2053 mm'I urltr u?'rrLN n?a'rr?lm bgulmn'l. Rz?rr In IIHQ - - 22
Page 101 from Operational Legalities – GCHQ Powerpoint Presentation
All we do has to be: authorised where necessary, under law (ISA, RIPA, WTA), or policy it necessary NS, EWB or plus more speci?c intelligence requirements proportionate manner and extent to which requirement is being met Thu mrr? H1: DfIrfn'rr?m m1 .2 drna'rlr mm! bgulonm. Rzl'cr oanCIIlI. turtles In ECHQ on - - :I-or ?911un 93w.le Some ?elds in Corinth/UDAQ (and others in due course) are there for legal compliance reasons. Not a Used by LEG to audit actions. Proportionate often the most challenging. Given the aim, the conduct proposed is reasonable. 23
All we do has to be: authorised where necessary, under law (ISA, RIPA, WTA), or policy it necessary NS, EWB or plus more speci?c intelligence requirements proportionate manner and extent to which requirement is being met Thu mrr? H1: DfIrfn'rr?m m1 .2 drna'rlr mm! bgulonm. Rzl'cr oanCIIlI. turtles In ECHQ on - - :I-or ?911un 93w.le Some ?elds in Corinth/UDAQ (and others in due course) are there for legal compliance reasons. Not a Used by LEG to audit actions. Proportionate often the most challenging. Given the aim, the conduct proposed is reasonable. 23
Page 102 from Operational Legalities – GCHQ Powerpoint Presentation
What activities does that apply to? tasking access targeting retention database queries dissemination TD pioneering SD Thu l5 mrr? H1: ?nch-n of Irfn'rr?m Ad .2053 and marl].- mrr? urltr u?'rrLH nl'm'l?lm bgulanm. Rziirr In IIHQ on - JI- :Ir -I?g:hqg5 93-41th 24
What activities does that apply to? tasking access targeting retention database queries dissemination TD pioneering SD Thu l5 mrr? H1: ?nch-n of Irfn'rr?m Ad .2053 and marl].- mrr? urltr u?'rrLH nl'm'l?lm bgulanm. Rziirr In IIHQ on - JI- :Ir -I?g:hqg5 93-41th 24
Page 103 from Operational Legalities – GCHQ Powerpoint Presentation
Tasking ?at least one-end foreign? interception is authorised by external RIPA 8(4) warrant 1 selection is authorised according to Certi?cate entries 1 individuals? ECHR rights are protected on a world-wide basis Thu Is mm! of Irfn'rr?m Ad .2053 WOW.) clrna'rlr map! untr :Iltl'rrLN nl'n'rr?lm hgulanon. Rz?rr n: ECHQ on - an - :I-or '?gi'lqgu 9:7.le Pass round copy of certi?cate NB ?eyes' marking Mention SD and DefMon are covered We have about ten one?global? that covers Bude, MHS, Cyprus -others for special source accesses -Renewal every 6 months you might have been asked for highlights -Certi?cate entries re?ne Intelligence topics -New entries can be made e.g. Electronic Attack 25
Tasking ?at least one-end foreign? interception is authorised by external RIPA 8(4) warrant 1 selection is authorised according to Certi?cate entries 1 individuals? ECHR rights are protected on a world-wide basis Thu Is mm! of Irfn'rr?m Ad .2053 WOW.) clrna'rlr map! untr :Iltl'rrLN nl'n'rr?lm hgulanon. Rz?rr n: ECHQ on - an - :I-or '?gi'lqgu 9:7.le Pass round copy of certi?cate NB ?eyes' marking Mention SD and DefMon are covered We have about ten one?global? that covers Bude, MHS, Cyprus -others for special source accesses -Renewal every 6 months you might have been asked for highlights -Certi?cate entries re?ne Intelligence topics -New entries can be made e.g. Electronic Attack 25
Page 104 from Operational Legalities – GCHQ Powerpoint Presentation
Targeting - name - communications addresses - web service authentication data In ID card number or passport number - driving licence number - car registration number - bank card/credit card account numbers Thu l5 mrr? H1: of Irfn'rr?m Ad .2053 WOW.) drna'rlr mm! urltr bgulanm. Rzi'cr turtles In ECHQ on - an - 1-Dr I?gi'lqgu grand-z Any of these terms are referable to an individual so need to the A, N, rule. 26
Targeting - name - communications addresses - web service authentication data In ID card number or passport number - driving licence number - car registration number - bank card/credit card account numbers Thu l5 mrr? H1: of Irfn'rr?m Ad .2053 WOW.) drna'rlr mm! urltr bgulanm. Rzi'cr turtles In ECHQ on - an - 1-Dr I?gi'lqgu grand-z Any of these terms are referable to an individual so need to the A, N, rule. 26
Page 105 from Operational Legalities – GCHQ Powerpoint Presentation
BROAD OAK - strategic target knowledge database - users justify and review retention of target knowledge - justification of targeting selectors separate, but may be cascaded from target. Will be default in future iteration of BROAD OAK Thu l5 mrr? H1: of Irfn'rr?m Ad .2053 drna'rlr mm! urltr bgulonm. Rzl'cr Lyme: In ECHQ on - an Lt Storage of TK not quite so sensitive/intrusive but still need to justify. BOT will replace Corinth (Release 4, Mar 09). 2?
BROAD OAK - strategic target knowledge database - users justify and review retention of target knowledge - justification of targeting selectors separate, but may be cascaded from target. Will be default in future iteration of BROAD OAK Thu l5 mrr? H1: of Irfn'rr?m Ad .2053 drna'rlr mm! urltr bgulonm. Rzl'cr Lyme: In ECHQ on - an Lt Storage of TK not quite so sensitive/intrusive but still need to justify. BOT will replace Corinth (Release 4, Mar 09). 2?
Page 106 from Operational Legalities – GCHQ Powerpoint Presentation
a .3341] I All? I I . . I In?ll-alum aim?lib [?unk-lulu min-Ivan [Ii-run [11. ljl'hI-I-I. [hill mu enamel-1' ava-uu-n- um- unm- I?w 1n.- In? hullitumm mu mh- Inl? 1mm! l' I?W'urm '31 Elli?IN maker-? Hamil-- . m-Ilun mum H-H. t-w' - amen}. laminae-- infra-Fm" nan-Luau ?nu-HI: A we "h - [in-m: cmm- 1 human. Imam .- mun-n ll'l I-u?u-nn-Ith-?u- fl" .- . WEBB-LI. [Ag-m um HH- mmlui-I- ill ?all. ?t Shaw the '?e'tds that are there for Hegel cemplEa-nce reasons: - Se-u-rce number -JIC purpese {in this. case 3 NS) -HRA Justi?cation -Authen'5at?nn: fin th'ie caee a Warrant number ens target in UK 2.3
a .3341] I All? I I . . I In?ll-alum aim?lib [?unk-lulu min-Ivan [Ii-run [11. ljl'hI-I-I. [hill mu enamel-1' ava-uu-n- um- unm- I?w 1n.- In? hullitumm mu mh- Inl? 1mm! l' I?W'urm '31 Elli?IN maker-? Hamil-- . m-Ilun mum H-H. t-w' - amen}. laminae-- infra-Fm" nan-Luau ?nu-HI: A we "h - [in-m: cmm- 1 human. Imam .- mun-n ll'l I-u?u-nn-Ith-?u- fl" .- . WEBB-LI. [Ag-m um HH- mmlui-I- ill ?all. ?t Shaw the '?e'tds that are there for Hegel cemplEa-nce reasons: - Se-u-rce number -JIC purpese {in this. case 3 NS) -HRA Justi?cation -Authen'5at?nn: fin th'ie caee a Warrant number ens target in UK 2.3
Page 107 from Operational Legalities – GCHQ Powerpoint Presentation
Source field - be specific v? GCHQ report ref and date SRI id and date call records including root number unique customer reference ALWAYS INCLUDE A DATE e-mail from customer voice CRA Thu Irfn'mdnn l5 mrr? E1: of Irfn'rr?m Ad .2053 mrr? urltr haul-anon. Refer In ECHQ on - - sum Needs to be traceable as well as speci?c 29
Source field - be specific v? GCHQ report ref and date SRI id and date call records including root number unique customer reference ALWAYS INCLUDE A DATE e-mail from customer voice CRA Thu Irfn'mdnn l5 mrr? E1: of Irfn'rr?m Ad .2053 mrr? urltr haul-anon. Refer In ECHQ on - - sum Needs to be traceable as well as speci?c 29
Page 108 from Operational Legalities – GCHQ Powerpoint Presentation
Intelligence requirements - use MIRANDA number that equates to intelligence requirement - TD improving specific target knowledge, identifying new sources etc is justified by the intelligence requirement for that target - BOT - tick ?SigDevt" box This l5 mrr? E1: :Ilr Irfn'rr?m Ad .2053 mrr? untr bgulanm. Refer In ECHQ - - an? Address indirect targeting issues; will come onto UK issues 30
Intelligence requirements - use MIRANDA number that equates to intelligence requirement - TD improving specific target knowledge, identifying new sources etc is justified by the intelligence requirement for that target - BOT - tick ?SigDevt" box This l5 mrr? E1: :Ilr Irfn'rr?m Ad .2053 mrr? untr bgulanm. Refer In ECHQ - - an? Address indirect targeting issues; will come onto UK issues 30
Page 109 from Operational Legalities – GCHQ Powerpoint Presentation
HRA justification explain exactly why you are targeting this individual don"t just repeat the MIRANDA number but add value BOT - cascade of target-level HRA justification to selectors your responsibility to amend if necessary indirect targeting Thu Irfn'mdnn Is mm! Eh.- cf Irfn'rr?m hi: .2 untr nl'n'rr?lm legislation. Refer n: GZHQ on - go 931'. War-?straws Address indirect targeting issues; will come onto UK issues Indirect targeting the use of a selector to identify and select the communications of one individual with a view to selecting and reporting the activities of another individual the target; such targeting requires an authorisation appropriate to the location and nationality of the real target Indirect targeting is getting sustained intelligence on A by targeting B. (Wanting intelligence on as well doesn?t get you off the hook.) Point to note: it is using another selector to get at the communications ofthe target, not to ?nd information about him. So it is fine to target a Swedish girl-friend of a person in the UK to ?nd out info about him, as long as you defeat communications between the two of them. 31
HRA justification explain exactly why you are targeting this individual don"t just repeat the MIRANDA number but add value BOT - cascade of target-level HRA justification to selectors your responsibility to amend if necessary indirect targeting Thu Irfn'mdnn Is mm! Eh.- cf Irfn'rr?m hi: .2 untr nl'n'rr?lm legislation. Refer n: GZHQ on - go 931'. War-?straws Address indirect targeting issues; will come onto UK issues Indirect targeting the use of a selector to identify and select the communications of one individual with a view to selecting and reporting the activities of another individual the target; such targeting requires an authorisation appropriate to the location and nationality of the real target Indirect targeting is getting sustained intelligence on A by targeting B. (Wanting intelligence on as well doesn?t get you off the hook.) Point to note: it is using another selector to get at the communications ofthe target, not to ?nd information about him. So it is fine to target a Swedish girl-friend of a person in the UK to ?nd out info about him, as long as you defeat communications between the two of them. 31
Page 110 from Operational Legalities – GCHQ Powerpoint Presentation
HRA justification Russian Minster for Foreign affairs v? dialling analysis links to Senior Russian energy policymaker v? wife of Russian Minister, targeted to provide travel details of target v? Employee at Chinese Embassy in London v? Presidential Administration Experts Directorate; access to info on Russian policy affecting UK Russian energy Chinese weapons programme Thu Irformatnn l5 mm! H1.- of in mud untr o?'rrLN nrn'rnatlm hgulanon. Refer n: GCHQ on - 205: momma maybe -a-nr- mam-m All about proportionality I hid two lines at the foot of this slide reset font colour) not sure I can justify rejecting them! .. We could do with some non-I'I'I' examples suspected terrorist temporarin removed 32
HRA justification Russian Minster for Foreign affairs v? dialling analysis links to Senior Russian energy policymaker v? wife of Russian Minister, targeted to provide travel details of target v? Employee at Chinese Embassy in London v? Presidential Administration Experts Directorate; access to info on Russian policy affecting UK Russian energy Chinese weapons programme Thu Irformatnn l5 mm! H1.- of in mud untr o?'rrLN nrn'rnatlm hgulanon. Refer n: GCHQ on - 205: momma maybe -a-nr- mam-m All about proportionality I hid two lines at the foot of this slide reset font colour) not sure I can justify rejecting them! .. We could do with some non-I'I'I' examples suspected terrorist temporarin removed 32
Page 111 from Operational Legalities – GCHQ Powerpoint Presentation
Revalidating targeting - make sure it is clear why you are continuing to invade this person?s privacy, so: record your justification for continuing targeting make sure all fields contain the most recent information available ongoing process - if you can no longer justify targeting, record your reason for deactivating and then deactivate Thu l5 marl E1: of Irfn'rr?m m1 .2 urltr bgulanm. Rz?rr In ECHQ on - g5 gnu: marl -a-=-r-ozw Revalidation new requirement in it will be audited 33
Revalidating targeting - make sure it is clear why you are continuing to invade this person?s privacy, so: record your justification for continuing targeting make sure all fields contain the most recent information available ongoing process - if you can no longer justify targeting, record your reason for deactivating and then deactivate Thu l5 marl E1: of Irfn'rr?m m1 .2 urltr bgulanm. Rz?rr In ECHQ on - g5 gnu: marl -a-=-r-ozw Revalidation new requirement in it will be audited 33
Page 112 from Operational Legalities – GCHQ Powerpoint Presentation
Data content retrieval UDAQ, DISHFIRE, IIB - not all data in these bases is ?selected? - retrieval must be: authorised (lawful) necessary proportionate - HRA screens; audit logs target in UK datamining STA Thu I5 mm! cf Irfn'rr?m hi1 map! untr nl'n'rnatlm haul-anon. Rz?rr n: GZHQ on - '3 2m: momma maybe -a-nr- mum-m Basis: data from authorised intercept, normally selected using a TND but scope could include some unselected data, eg from a survey Includes UDAQ (mixed), SAMDYCE (selected), DISH FIRE (mixed), MAMBOOKIE (selected) Issue: database users run queries and have potential to infringe human rights of innocent people through reading their communications Normal A implemented by the analyst Hence HRA screen Also logging of queries for audit and queries (more later) Querying is a form of targeting hence STA requirement 35
Data content retrieval UDAQ, DISHFIRE, IIB - not all data in these bases is ?selected? - retrieval must be: authorised (lawful) necessary proportionate - HRA screens; audit logs target in UK datamining STA Thu I5 mm! cf Irfn'rr?m hi1 map! untr nl'n'rnatlm haul-anon. Rz?rr n: GZHQ on - '3 2m: momma maybe -a-nr- mum-m Basis: data from authorised intercept, normally selected using a TND but scope could include some unselected data, eg from a survey Includes UDAQ (mixed), SAMDYCE (selected), DISH FIRE (mixed), MAMBOOKIE (selected) Issue: database users run queries and have potential to infringe human rights of innocent people through reading their communications Normal A implemented by the analyst Hence HRA screen Also logging of queries for audit and queries (more later) Querying is a form of targeting hence STA requirement 35
Page 113 from Operational Legalities – GCHQ Powerpoint Presentation
Jlnul E's-95% din-ff 4' I13- IW I MdIImLI'rLIiwlilL .Jl run-.1 . . In. Fi?m Hi- f'url?rilil'J? I ?3:5 mm. Tin-?int helm-mu 13-min!- . 'Hlil MRI-HH- Emhnh ?-l'llf lam-Tm 1.9 gm r-I-In 1i: Hurt: I 'F'I-rnml- Lani-Edits: WISH-IN Currently crew-rum? a hidden sEide tum-Ll Ian: ll mi?m hEE-Emu 1mm Emu-1M: Hone mum ?an I. I I 36
Jlnul E's-95% din-ff 4' I13- IW I MdIImLI'rLIiwlilL .Jl run-.1 . . In. Fi?m Hi- f'url?rilil'J? I ?3:5 mm. Tin-?int helm-mu 13-min!- . 'Hlil MRI-HH- Emhnh ?-l'llf lam-Tm 1.9 gm r-I-In 1i: Hurt: I 'F'I-rnml- Lani-Edits: WISH-IN Currently crew-rum? a hidden sEide tum-Ll Ian: ll mi?m hEE-Emu 1mm Emu-1M: Hone mum ?an I. I I 36
Page 114 from Operational Legalities – GCHQ Powerpoint Presentation
UDAQ JIC purpose 1 use appropriate MIRANDA number 1 explain why you are running this query 1 principle applies to use of any Sigint database Thu mm"! E1: :fIrfn'rr?m Ad .2053 drna'rlr mm n?a'rr?lm bgulanm. Rz?rr In IIHQ on - It. an W1qu 3?
UDAQ JIC purpose 1 use appropriate MIRANDA number 1 explain why you are running this query 1 principle applies to use of any Sigint database Thu mm"! E1: :fIrfn'rr?m Ad .2053 drna'rlr mm n?a'rr?lm bgulanm. Rz?rr In IIHQ on - It. an W1qu 3?
Page 115 from Operational Legalities – GCHQ Powerpoint Presentation
Questions you should ask yourself - would my justification record be clear to a colleague? - have I justified invading this person?s privacy? - will my successor understand? Thu mm! E1: :fIrfn'rr?m Ad .2053 drna'rlr mm"! n?IrnatIm bgulanm. Rzlirr aanCIIlI. In IIHQ on - Ir. an Lt Hidden replaced by previous slide 38
Questions you should ask yourself - would my justification record be clear to a colleague? - have I justified invading this person?s privacy? - will my successor understand? Thu mm! E1: :fIrfn'rr?m Ad .2053 drna'rlr mm"! n?IrnatIm bgulanm. Rzlirr aanCIIlI. In IIHQ on - Ir. an Lt Hidden replaced by previous slide 38
Page 116 from Operational Legalities – GCHQ Powerpoint Presentation
Audits - IPTs currently carry out targeting audit 10% of entries each year, randomly chosen all UK entries each year, wildcards each audit - quick check of record at key HRA aspects: source field HRA justification MIRANDA number revalidation - UDAQ Events also audited Thu new H1.- cf Irfn'rr?m Ad .2053 mm untr nrn'rnatlm bgulonm. Rzl'cr n: GCHQ on - - 1-Dr-?9d1q9? we? Audit mandated by SUB Not meant to be onerous IPTs conduct audit in different ways. Now ?nding that fewer entries need changing compliance levels going up (education) Next stage audit of other databases. 39
Audits - IPTs currently carry out targeting audit 10% of entries each year, randomly chosen all UK entries each year, wildcards each audit - quick check of record at key HRA aspects: source field HRA justification MIRANDA number revalidation - UDAQ Events also audited Thu new H1.- cf Irfn'rr?m Ad .2053 mm untr nrn'rnatlm bgulonm. Rzl'cr n: GCHQ on - - 1-Dr-?9d1q9? we? Audit mandated by SUB Not meant to be onerous IPTs conduct audit in different ways. Now ?nding that fewer entries need changing compliance levels going up (education) Next stage audit of other databases. 39
Page 117 from Operational Legalities – GCHQ Powerpoint Presentation
Questions? Thu Irfn'mdnn l5 mrr? H1: cf Irfn'rr?m Ad .2053 and maybe mm! urltr bguldlm. Rzl'cr L?u?ll?' In ECHQ - 1 :Ir I?gi'lqgu 93w.le 15 minute break 40
Questions? Thu Irfn'mdnn l5 mrr? H1: cf Irfn'rr?m Ad .2053 and maybe mm! urltr bguldlm. Rzl'cr L?u?ll?' In ECHQ - 1 :Ir I?gi'lqgu 93w.le 15 minute break 40
Page 118 from Operational Legalities – GCHQ Powerpoint Presentation
Operational Legalities Targeting: location and nationality Thu Irforrnatnn Is mm! unir H1.- of Irforrnatm Ad .2 drna'lrlr map! urltr oLl'IrrLH nl'n'rnatlm hgula?m. Rzl'rr [n GIHQ on - egmqgugnmm Pick up from lawyer?s 1words on territoriality. RIPA location matters Policies address nationality issues Cause of a great many queries to 41
Operational Legalities Targeting: location and nationality Thu Irforrnatnn Is mm! unir H1.- of Irforrnatm Ad .2 drna'lrlr map! urltr oLl'IrrLH nl'n'rnatlm hgula?m. Rzl'rr [n GIHQ on - egmqgugnmm Pick up from lawyer?s 1words on territoriality. RIPA location matters Policies address nationality issues Cause of a great many queries to 41
Page 119 from Operational Legalities – GCHQ Powerpoint Presentation
Location, location, location 1 Law: specific RIPA authorisation for interception of a target located in the UK 9? Policy: internal authorisation (STA) for a target outside the UK if nationally and/or location is sensitive 9? all targets require HRA justification (GCHQ is a public authority interfering with individuals? human rights) I drna'rbemrr?urdrr . - - seamen-.- En El -a-=-r-ozmum Distinguish serendipity from indirect targeting. (Don?t scare people off doing valid and legal reporting) Location Iavv Nationality policy Any 2Ps in the audience? Expand on Sensitive target not covered later. May wish to mention here policy that a target entering a Second Party country must be detasked from all Second Party collection systems 42
Location, location, location 1 Law: specific RIPA authorisation for interception of a target located in the UK 9? Policy: internal authorisation (STA) for a target outside the UK if nationally and/or location is sensitive 9? all targets require HRA justification (GCHQ is a public authority interfering with individuals? human rights) I drna'rbemrr?urdrr . - - seamen-.- En El -a-=-r-ozmum Distinguish serendipity from indirect targeting. (Don?t scare people off doing valid and legal reporting) Location Iavv Nationality policy Any 2Ps in the audience? Expand on Sensitive target not covered later. May wish to mention here policy that a target entering a Second Party country must be detasked from all Second Party collection systems 42
Page 120 from Operational Legalities – GCHQ Powerpoint Presentation
Location? - without other information, assume: individual is in their country mobile phone is in country of registration email address with country digraph is there Thu mrr? E1: :fIrfn'rr?m hi: .2 dma'rlr mm! bgulanm. Rz?rr In ECHQ on - - 1-Dr I?gi'lqgu gnu.th Sensitive always trumps non-sensitive 43
Location? - without other information, assume: individual is in their country mobile phone is in country of registration email address with country digraph is there Thu mrr? E1: :fIrfn'rr?m hi: .2 dma'rlr mm! bgulanm. Rz?rr In ECHQ on - - 1-Dr I?gi'lqgu gnu.th Sensitive always trumps non-sensitive 43
Page 121 from Operational Legalities – GCHQ Powerpoint Presentation
Location: belief 8: knowledge 1 belief is mi 100% knowledge with hindsight; you must not ?turn a blind eye? based on the information available at any particular time 1 this may vary - so should our response Tl'ls Irl'nn'nanm Is amp! Freedom Dl" he! zoos and maybe Hemp: u'lcbr oll'lrLN Refer arr,? FDTII. qumuz In on - - 1-Dr-?sd1qs?wwk -Not going into religion or philosophy frequent topic of questions to OPP-LEG -The main thing is to record 1why you made your decision so that, if later it turns out to be incorrect, you have noted the reasons for believing what you did. - possibly BROAD OAK comments ?eld - relies on honesty from - in good faith - it?s your judgement call try to get collateral if possible to help make the decision - but do the best you can possibly do 44
Location: belief 8: knowledge 1 belief is mi 100% knowledge with hindsight; you must not ?turn a blind eye? based on the information available at any particular time 1 this may vary - so should our response Tl'ls Irl'nn'nanm Is amp! Freedom Dl" he! zoos and maybe Hemp: u'lcbr oll'lrLN Refer arr,? FDTII. qumuz In on - - 1-Dr-?sd1qs?wwk -Not going into religion or philosophy frequent topic of questions to OPP-LEG -The main thing is to record 1why you made your decision so that, if later it turns out to be incorrect, you have noted the reasons for believing what you did. - possibly BROAD OAK comments ?eld - relies on honesty from - in good faith - it?s your judgement call try to get collateral if possible to help make the decision - but do the best you can possibly do 44
Page 122 from Operational Legalities – GCHQ Powerpoint Presentation
Target arrives or is discovered to be in the next? Consider authorisation options continuation targeting RIPA s.16(5) 9n 5 working days (1 for SC) 1? signed by GCHQ Directorate 9? then over to customer RIPA 5.8(1) warrant This I5 mm! I11.- Front-n of hi: .2 drna'rlr map! untr o?'rrLN nl'prrnatlm hgulanon. Rzi'rr n: ECHQ on - - :I-or '?gi'lqgu 93w}; Target comes to UK no longer have to take targeting off cover. In fact we should probably be more interested in why a target has come to the UK and want to do some work on this. There are other options. 16(5) 5 days from moment analyst realises target is in UK (1 day for SC). After this, need to apply for a warrant or drop targeting. Warrant could have schedule served on us. 16(5) on 8(4) collection. Only selectors you know about at the time, can?t add new ones in. 45
Target arrives or is discovered to be in the next? Consider authorisation options continuation targeting RIPA s.16(5) 9n 5 working days (1 for SC) 1? signed by GCHQ Directorate 9? then over to customer RIPA 5.8(1) warrant This I5 mm! I11.- Front-n of hi: .2 drna'rlr map! untr o?'rrLN nl'prrnatlm hgulanon. Rzi'rr n: ECHQ on - - :I-or '?gi'lqgu 93w}; Target comes to UK no longer have to take targeting off cover. In fact we should probably be more interested in why a target has come to the UK and want to do some work on this. There are other options. 16(5) 5 days from moment analyst realises target is in UK (1 day for SC). After this, need to apply for a warrant or drop targeting. Warrant could have schedule served on us. 16(5) on 8(4) collection. Only selectors you know about at the time, can?t add new ones in. 45
Page 123 from Operational Legalities – GCHQ Powerpoint Presentation
Target in the s.16(3) frequent visitors to the UK or known targets 1 signature required modification to 8(4) certi?cate 1 new selectors may be used it indirect targeting is not allowed Thu Irformotnn Is mm! unir H1.- of .2 untr oLl'IrrLH hgula?m. Refer to GIHQ on - go gov. map! NB currently used only for counter-terrorism, serious crime, CP and Russian intelligence of?cers (March 2008) 16(3) you might know the name of the target; or it?s a suspicious selector used by one or more unknown targets; business case from IPT, goes through various internal checks; OPPNLEG puts it into appropriate format renewed every 6 months (3 for update it with current knowledge. Directorate may authorise urgent additions Indirect targeting the use of a selector to identify and select the communications of one individual with a view to selecting and reporting the activities of another individual the target; such targeting requires an authorisation appropriate to the location and nationality of the real target Indirect targeting is getting sustained intelligence on A by targeting B. (Wanting intelligence on as well doesn?t get you off the hook.) Point to note: it is using another selector to get the communications of the target, not to find information about him. So it is fine to target a Swedish girl-friend of a person in the UK to ?nd out info about him, as long as you defeat communications between the two of them. e.g. Your target?s in South Africa, his wife?s in India. Targeting her phone no. to get his comms indirect targeting, but is ok as long as you can demonstrate necessity and proportionality. But if target comes from SA to UK, you?ll need additional authorisation to continue to target the wife?s phone no. 46
Target in the s.16(3) frequent visitors to the UK or known targets 1 signature required modification to 8(4) certi?cate 1 new selectors may be used it indirect targeting is not allowed Thu Irformotnn Is mm! unir H1.- of .2 untr oLl'IrrLH hgula?m. Refer to GIHQ on - go gov. map! NB currently used only for counter-terrorism, serious crime, CP and Russian intelligence of?cers (March 2008) 16(3) you might know the name of the target; or it?s a suspicious selector used by one or more unknown targets; business case from IPT, goes through various internal checks; OPPNLEG puts it into appropriate format renewed every 6 months (3 for update it with current knowledge. Directorate may authorise urgent additions Indirect targeting the use of a selector to identify and select the communications of one individual with a view to selecting and reporting the activities of another individual the target; such targeting requires an authorisation appropriate to the location and nationality of the real target Indirect targeting is getting sustained intelligence on A by targeting B. (Wanting intelligence on as well doesn?t get you off the hook.) Point to note: it is using another selector to get the communications of the target, not to find information about him. So it is fine to target a Swedish girl-friend of a person in the UK to ?nd out info about him, as long as you defeat communications between the two of them. e.g. Your target?s in South Africa, his wife?s in India. Targeting her phone no. to get his comms indirect targeting, but is ok as long as you can demonstrate necessity and proportionality. But if target comes from SA to UK, you?ll need additional authorisation to continue to target the wife?s phone no. 46
Page 124 from Operational Legalities – GCHQ Powerpoint Presentation
If no authorisation is sought. . . 9t examine and report traffic intercepted up to time you knew target was in UK 3i- use B3M HRA?register" to alert check location using events or THUGGEE examine a cut (33M UDAQ) every 48 to check whereabouts Thu Irforrnatnnl: mm! H1.- ofIrfn'rrutm Ad .2053 WOW.) drna'rlr mm untro?'rrLN nrn'rnatlon hgulanon. Rzl'cr - 1 an - :I-or '?gi'lqgu grand-z All this assumes they can?t be bothered with any of the authorisation options . Ask what this says about the level of justi?cation of the target in the ?rst place. Note no alert system on text repositories, only voice [and we don?t know how widely used the BBM mark up is used, tho I think it?s reasonably well known] These days, esp for voice, call records are a better way of tracking where someone is, and they?re less intrusive NB 33M ?ag only for target in the UK 4?
If no authorisation is sought. . . 9t examine and report traffic intercepted up to time you knew target was in UK 3i- use B3M HRA?register" to alert check location using events or THUGGEE examine a cut (33M UDAQ) every 48 to check whereabouts Thu Irforrnatnnl: mm! H1.- ofIrfn'rrutm Ad .2053 WOW.) drna'rlr mm untro?'rrLN nrn'rnatlon hgulanon. Rzl'cr - 1 an - :I-or '?gi'lqgu grand-z All this assumes they can?t be bothered with any of the authorisation options . Ask what this says about the level of justi?cation of the target in the ?rst place. Note no alert system on text repositories, only voice [and we don?t know how widely used the BBM mark up is used, tho I think it?s reasonably well known] These days, esp for voice, call records are a better way of tracking where someone is, and they?re less intrusive NB 33M ?ag only for target in the UK 4?
Page 125 from Operational Legalities – GCHQ Powerpoint Presentation
Policy authorisations - STA and provide records of actions where UK &/or British Overseas Territory law does not require authorisation - respect 2nd Party sensitivities - actions are validated by a GCHQ senior (or nominated GCBs in - we can justify targeting if challenged . - QC is mandatory Thu Irforrnatnn l5 mm"! lh: of Irfn'rr?m Ad .2053 WWII.) and marl].- urltr bgulanm. Rz?rr In ECHQ on - - 1-Dr I?gi'lqgu 93v.th No legal authorisations required but ad:ion is still sensitive. Reassurance to Commissioner/1PT. 48
Policy authorisations - STA and provide records of actions where UK &/or British Overseas Territory law does not require authorisation - respect 2nd Party sensitivities - actions are validated by a GCHQ senior (or nominated GCBs in - we can justify targeting if challenged . - QC is mandatory Thu Irforrnatnn l5 mm"! lh: of Irfn'rr?m Ad .2053 WWII.) and marl].- urltr bgulanm. Rz?rr In ECHQ on - - 1-Dr I?gi'lqgu 93v.th No legal authorisations required but ad:ion is still sensitive. Reassurance to Commissioner/1PT. 48
Page 126 from Operational Legalities – GCHQ Powerpoint Presentation
Datamining STA Datamining STA for target in UK valid for two days named SCS of?cer signs STA one-off search Count-only searches: no authorisation needed Thu Irforrnotnn I5 mm! Eh.- of hi: .2 urltr nl'orrnotlm hgulonm. Rz?rr n: GZHQ on - go gov. meiosis is handled by UPA-DCSD SCS sign TTA and datamining STA for targets in the UK save Directorate 1when novel or sensitive For out of hours authorisations the BBC) oan approve all STA and TTA requests as appropriate but authority from one of the above of?cers must be obtained at the earliest opportunity. Datamining for targets in the UK a one-off searoh per repository; must perform search within 2 days but can go back further; can examine all hits returned; count-only ZTA ITT only 49
Datamining STA Datamining STA for target in UK valid for two days named SCS of?cer signs STA one-off search Count-only searches: no authorisation needed Thu Irforrnotnn I5 mm! Eh.- of hi: .2 urltr nl'orrnotlm hgulonm. Rz?rr n: GZHQ on - go gov. meiosis is handled by UPA-DCSD SCS sign TTA and datamining STA for targets in the UK save Directorate 1when novel or sensitive For out of hours authorisations the BBC) oan approve all STA and TTA requests as appropriate but authority from one of the above of?cers must be obtained at the earliest opportunity. Datamining for targets in the UK a one-off searoh per repository; must perform search within 2 days but can go back further; can examine all hits returned; count-only ZTA ITT only 49
Page 127 from Operational Legalities – GCHQ Powerpoint Presentation
Special C2C authorisations - special access to email communications - NS only;r limited criteria - 16(3) or STA also required if location or nationality sensitive - SCS or GC6 approval This Irforrnaton Is mm! unir Front-n of hi: .2 untr nl'orrnatlon tool-mm. Rz?rr [flfIE?J n: GZHQ on - go 931'. Wan-?seams is handled by UPA-DCSD SCS sign TTA and datamining STA for targets in the UK save Directorate 1when novel or sensitive For out of hours authorisations the BBC) can approve all STA ancl TTA requests as appropriate but authority from one of the above of?cers must be obtained at the earliest opportunity. Datamining for targets in the UK a one-off search per repository; must perform search within 2 days but can go back further; can examine all hits returned; count-only ZTA ITT only 50
Special C2C authorisations - special access to email communications - NS only;r limited criteria - 16(3) or STA also required if location or nationality sensitive - SCS or GC6 approval This Irforrnaton Is mm! unir Front-n of hi: .2 untr nl'orrnatlon tool-mm. Rz?rr [flfIE?J n: GZHQ on - go 931'. Wan-?seams is handled by UPA-DCSD SCS sign TTA and datamining STA for targets in the UK save Directorate 1when novel or sensitive For out of hours authorisations the BBC) can approve all STA ancl TTA requests as appropriate but authority from one of the above of?cers must be obtained at the earliest opportunity. Datamining for targets in the UK a one-off search per repository; must perform search within 2 days but can go back further; can examine all hits returned; count-only ZTA ITT only 50
Page 128 from Operational Legalities – GCHQ Powerpoint Presentation
SRA - authorises receipt of 2 or 3P intelligence on UK?based targets - where GCHQ has no authorisation - avoids indirect targeting - limited period only Thu l5 mrr? E1: of Irfn'rr?m Ad .2053 drna'rlr mm! urltr haul-anon. Rz?rr In ECHQ on - an Wmus Lt Max 6 months 51
SRA - authorises receipt of 2 or 3P intelligence on UK?based targets - where GCHQ has no authorisation - avoids indirect targeting - limited period only Thu l5 mrr? E1: of Irfn'rr?m Ad .2053 drna'rlr mm! urltr haul-anon. Rz?rr In ECHQ on - an Wmus Lt Max 6 months 51
Page 129 from Operational Legalities – GCHQ Powerpoint Presentation
Operational Legalities SIGINT Development Thu Irformatnn Is mn? url:i:r I11.- Front-n of Irformim Ad .2053 WWII.) and rncqur mnp! untr oU'rrLH nl'n'milm hgulmm. Rzl'rr arrf FCIHI. [cl GIHQ on - JI- or gov.th By its nature, SD can be intrusive to many people?s human rights, as it can involve large-scale interception of manv innocent people, cf. interception using strong, known selectors with valid HRA justi?cations. SD can be for technical development or to ?nd target communications from bulk data. 52
Operational Legalities SIGINT Development Thu Irformatnn Is mn? url:i:r I11.- Front-n of Irformim Ad .2053 WWII.) and rncqur mnp! untr oU'rrLH nl'n'milm hgulmm. Rzl'rr arrf FCIHI. [cl GIHQ on - JI- or gov.th By its nature, SD can be intrusive to many people?s human rights, as it can involve large-scale interception of manv innocent people, cf. interception using strong, known selectors with valid HRA justi?cations. SD can be for technical development or to ?nd target communications from bulk data. 52
Page 130 from Operational Legalities – GCHQ Powerpoint Presentation
SD justification - Enhancing capabilities is a national security purpose - TD improving specific target knowledge, identifying new sources etc is justi?ed by the intelligence requirement for that target Thu Irfn'rnatnn l5 mrr? H1: cf Irfn'rr?m Ad .2053 WOW.) drna'rlr mm! urltr bgulanm. Rzi'cr turtles In ECHQ - an - 1-Dr I?gi'lqgu gas.le Capabilities vital for the future of may embrace research Both are referred to in RIPA certi?cate. If asked, MIRANDA number for system testing is 20141 53
SD justification - Enhancing capabilities is a national security purpose - TD improving specific target knowledge, identifying new sources etc is justi?ed by the intelligence requirement for that target Thu Irfn'rnatnn l5 mrr? H1: cf Irfn'rr?m Ad .2053 WOW.) drna'rlr mm! urltr bgulanm. Rzi'cr turtles In ECHQ - an - 1-Dr I?gi'lqgu gas.le Capabilities vital for the future of may embrace research Both are referred to in RIPA certi?cate. If asked, MIRANDA number for system testing is 20141 53
Page 131 from Operational Legalities – GCHQ Powerpoint Presentation
SD proportionality Restrict to the minimum necessary: - re?ne wide initial terms I de?ne length of task and/or volumes - limit dissemination and retention Aim: sustained targeting as soon as practicable Thu mrr? lh: DfIrfn'rr?m hi: .2 drna'rlr mm! bgulanm. Rzl'cr Lyme: In ECHQ on - - 1-Dr I?gi'lqgu 91:.le Capabilities vital for the future of may embrace research If asked, MIRAN DA number for system testing is 20141 54
SD proportionality Restrict to the minimum necessary: - re?ne wide initial terms I de?ne length of task and/or volumes - limit dissemination and retention Aim: sustained targeting as soon as practicable Thu mrr? lh: DfIrfn'rr?m hi: .2 drna'rlr mm! bgulanm. Rzl'cr Lyme: In ECHQ on - - 1-Dr I?gi'lqgu 91:.le Capabilities vital for the future of may embrace research If asked, MIRAN DA number for system testing is 20141 54
Page 132 from Operational Legalities – GCHQ Powerpoint Presentation
SD reporting - you may report from SD traffic - reporting guidelines reflect HRA requirements Thu new H1.- of Irfn'rr?m Ad .2053 WOW.) drna'rlr mm urltr nrn'rnatlm bgulanm. Rzl'cr n: GCHQ on - an - 1-Dr '?gi'lqgu 9:7.le Capabilities vital for the future of may embrace research If asked, MIRAN DA number for system testing is 20141 55
SD reporting - you may report from SD traffic - reporting guidelines reflect HRA requirements Thu new H1.- of Irfn'rr?m Ad .2053 WOW.) drna'rlr mm urltr nrn'rnatlm bgulanm. Rzl'cr n: GCHQ on - an - 1-Dr '?gi'lqgu 9:7.le Capabilities vital for the future of may embrace research If asked, MIRAN DA number for system testing is 20141 55
Page 133 from Operational Legalities – GCHQ Powerpoint Presentation
Content or metadata? - voice mail boxes SMS text - an email inside a message - email subject line - URL beyond the domain name (eg an attached routing diagram Thu I: cum"! E1: ?nch-n of Irfn?rr?m Ad .2053 mm'I urltr nil-Irrle n?a'rr?lm haul-anon. Rz?rr In IIHQ on - JI- :Ir -I?g:hqg5 93-41le 56
Content or metadata? - voice mail boxes SMS text - an email inside a message - email subject line - URL beyond the domain name (eg an attached routing diagram Thu I: cum"! E1: ?nch-n of Irfn?rr?m Ad .2053 mm'I urltr nil-Irrle n?a'rr?lm haul-anon. Rz?rr In IIHQ on - JI- :Ir -I?g:hqg5 93-41le 56
Page 134 from Operational Legalities – GCHQ Powerpoint Presentation
Content or metadata? - IP address - email address - DTMF (tone dialling) - a URL up to the domain (eg - location Thu Irfn'mdnn l5 mm! H1.- of Irfn'rr?m Ad .2053 WOW.) drnaq'lr mrru urltr hguldlm. Refer n: GCHQ on - an - 1-Dr '?gi'lqgu grand-z DTMF dual tone multi-frequency touch-tone dialling - usually metadata but can be content (credit card number) URL: not for acquisition - yes for queries Location is generally metadata too. policy is to treat it pretty much all the same whether it?s content or metadata] 5?
Content or metadata? - IP address - email address - DTMF (tone dialling) - a URL up to the domain (eg - location Thu Irfn'mdnn l5 mm! H1.- of Irfn'rr?m Ad .2053 WOW.) drnaq'lr mrru urltr hguldlm. Refer n: GCHQ on - an - 1-Dr '?gi'lqgu grand-z DTMF dual tone multi-frequency touch-tone dialling - usually metadata but can be content (credit card number) URL: not for acquisition - yes for queries Location is generally metadata too. policy is to treat it pretty much all the same whether it?s content or metadata] 5?
Page 135 from Operational Legalities – GCHQ Powerpoint Presentation
Content or metadata? password authentication to a communications service communications data other passwords content - cookie depends on data may be either Thu Irfn'rnatnn Is mm! Eh.- cf Irfn'rr?m hi: .2 untr nl'n'rnatlm hgulancn. Refer n: GZHQ on - cm 931'. WWII.) and maybe map! -a-=-r-ozw Current ruling: content moving towards metadata, need to ?esh out a few examples passwords to web sites are metadata; banking etc would be content. There are speci?c exemptions, eg PILBEAM, PRIMORDIAL SOUP, NED PUDDING (but getting to be too many exceptions for liking) Future of CZC exploitation WIP to rede?ne as metadata if possible Other measures possible, eg limit access to these elements of content being explored for HAUSTO RIUM 58
Content or metadata? password authentication to a communications service communications data other passwords content - cookie depends on data may be either Thu Irfn'rnatnn Is mm! Eh.- cf Irfn'rr?m hi: .2 untr nl'n'rnatlm hgulancn. Refer n: GZHQ on - cm 931'. WWII.) and maybe map! -a-=-r-ozw Current ruling: content moving towards metadata, need to ?esh out a few examples passwords to web sites are metadata; banking etc would be content. There are speci?c exemptions, eg PILBEAM, PRIMORDIAL SOUP, NED PUDDING (but getting to be too many exceptions for liking) Future of CZC exploitation WIP to rede?ne as metadata if possible Other measures possible, eg limit access to these elements of content being explored for HAUSTO RIUM 58
Page 136 from Operational Legalities – GCHQ Powerpoint Presentation
Questions? Thu mrr? H1: ?nch-n DfIrfDm?m Ad .2053 mm! untru?rrLH nl'm'mtlm JI- :Ir -I?g:hqg5 93-4:le hgulmm. Rz?rr qumes n: GEHQ - 59
Questions? Thu mrr? H1: ?nch-n DfIrfDm?m Ad .2053 mm! untru?rrLH nl'm'mtlm JI- :Ir -I?g:hqg5 93-4:le hgulmm. Rz?rr qumes n: GEHQ - 59
Page 137 from Operational Legalities – GCHQ Powerpoint Presentation
Second Parties Australia, Canada, New Zealand USA Thu Irfn'rnatnnl: El?l'l'? unir H1: Fruit-n Ad .2053 Inn-rd! urtbru?'crLH nl'brrnallm bgulanm. Rz?rr In IIHQ - 1 - -I?g:hqgs 935'.le 60
Second Parties Australia, Canada, New Zealand USA Thu Irfn'rnatnnl: El?l'l'? unir H1: Fruit-n Ad .2053 Inn-rd! urtbru?'crLH nl'brrnallm bgulanm. Rz?rr In IIHQ - 1 - -I?g:hqgs 935'.le 60
Page 138 from Operational Legalities – GCHQ Powerpoint Presentation
GCHQ and Second Parties I partners respect each others? laws and policies 2"cl parties treat UK nationals as their own - GCHQ must not ask a 2'1d party to do something for which we would need a warrant - we must not task a 2rld party with targeting that would be unlawful in that country THEE El?l'l'? unir H1: Fruit-n Ad .2053 Inn-rd! urtbru?'crLI'l bgulanm. Rz?rr In GCHQ - 1-Dr-I?gi1qg: 935311 Example: a target entering a Second Party country must be detasked from all Second .- -. . 61
GCHQ and Second Parties I partners respect each others? laws and policies 2"cl parties treat UK nationals as their own - GCHQ must not ask a 2'1d party to do something for which we would need a warrant - we must not task a 2rld party with targeting that would be unlawful in that country THEE El?l'l'? unir H1: Fruit-n Ad .2053 Inn-rd! urtbru?'crLI'l bgulanm. Rz?rr In GCHQ - 1-Dr-I?gi1qg: 935311 Example: a target entering a Second Party country must be detasked from all Second .- -. . 61
Page 139 from Operational Legalities – GCHQ Powerpoint Presentation
USSID SP0018 - No interception of persons in US without a warrant - Court order needed to intercept US persons outside the USA - your use of NSA collection databases must respect 2nd Party laws and policies THEE El?l'l'? unir H1: Firm-n Ad .2053 Inn-rd! unison-crud bgulanun. Rz?rr Lyme: In IIHQ on - 1-Dr-I?gi1qg: 935311 62
USSID SP0018 - No interception of persons in US without a warrant - Court order needed to intercept US persons outside the USA - your use of NSA collection databases must respect 2nd Party laws and policies THEE El?l'l'? unir H1: Firm-n Ad .2053 Inn-rd! unison-crud bgulanun. Rz?rr Lyme: In IIHQ on - 1-Dr-I?gi1qg: 935311 62
Page 140 from Operational Legalities – GCHQ Powerpoint Presentation
Operational Legalities Dissemination Disclosure Thu Irformatnn l5 mun unir H1.- of Irfn'rmtm Ad .2053 WWII.) and rncqur map! urltr hgula?m. Rzl'rr in GIHQ on - - 1-Dr-?9d1q9u Wm 63
Operational Legalities Dissemination Disclosure Thu Irformatnn l5 mun unir H1.- of Irfn'rmtm Ad .2053 WWII.) and rncqur map! urltr hgula?m. Rzl'rr in GIHQ on - - 1-Dr-?9d1q9u Wm 63
Page 141 from Operational Legalities – GCHQ Powerpoint Presentation
Dissemination EP is sole vehicle for passing intelligence to customers i? Reporting Standards applies proportionality principle to EP Thu mrr? E1: DfIrfn'rr?m hi: .2 drna'rlr mm! bgulanm. Rz?rr In ECHQ on - - :I-or @911un gnu.le Do not send intelligence in emails! - you could end up in court? 64
Dissemination EP is sole vehicle for passing intelligence to customers i? Reporting Standards applies proportionality principle to EP Thu mrr? E1: DfIrfn'rr?m hi: .2 drna'rlr mm! bgulanm. Rz?rr In ECHQ on - - :I-or @911un gnu.le Do not send intelligence in emails! - you could end up in court? 64
Page 142 from Operational Legalities – GCHQ Powerpoint Presentation
Disclosure iu SIGINT collected under RIPA may not be used in court Relevance to prosecutions 9? Public Interest Immunity PII certificates Thu Irfn'rnatnn Is mm! unir H1.- of Irfn'rnatm hi: .2 untr nl'n'rnatlm hgula?m. Rzl'rr in GIHQ on - go 931'. Weir-wee it Do not send intelligence in emails! - you could end up in count? Warranted intercept under RIPA can not be used in court (at the moment) PII used for other intelligence not covered by RIPA eg second party reissues. Pabiic Interest Immunity (PH) certi?cate. This document sets out the damage that could be caused by exposing GCHQ capabilities. Whilst the Foreign Secretary signs the certi?cate, it is the Judge who has the ultimate say as to whether it is upheld (See for further details). If the Judge orders in favour of disclosure, the only remaining option is to drop part or all of the case; Drop the case. If the Judge rejects the P11 certi?cate and orders that disclosure should be made in the public interest, we would seek to have that part of the case, or in extreme circumstances the case in its entirety, dropped. 65
Disclosure iu SIGINT collected under RIPA may not be used in court Relevance to prosecutions 9? Public Interest Immunity PII certificates Thu Irfn'rnatnn Is mm! unir H1.- of Irfn'rnatm hi: .2 untr nl'n'rnatlm hgula?m. Rzl'rr in GIHQ on - go 931'. Weir-wee it Do not send intelligence in emails! - you could end up in count? Warranted intercept under RIPA can not be used in court (at the moment) PII used for other intelligence not covered by RIPA eg second party reissues. Pabiic Interest Immunity (PH) certi?cate. This document sets out the damage that could be caused by exposing GCHQ capabilities. Whilst the Foreign Secretary signs the certi?cate, it is the Judge who has the ultimate say as to whether it is upheld (See for further details). If the Judge orders in favour of disclosure, the only remaining option is to drop part or all of the case; Drop the case. If the Judge rejects the P11 certi?cate and orders that disclosure should be made in the public interest, we would seek to have that part of the case, or in extreme circumstances the case in its entirety, dropped. 65
Page 143 from Operational Legalities – GCHQ Powerpoint Presentation
Questions? Thu mrr? H1: ?nch-n DfIrfDm?m Ad .2053 mm! untru?rrLH nl'm'mtlm JI- :Ir -I?g:hqg5 93-4:le hgulmm. Rz?rr qumes n: GEHQ - 66
Questions? Thu mrr? H1: ?nch-n DfIrfDm?m Ad .2053 mm! untru?rrLH nl'm'mtlm JI- :Ir -I?g:hqg5 93-4:le hgulmm. Rz?rr qumes n: GEHQ - 66
Page 144 from Operational Legalities – GCHQ Powerpoint Presentation
Operational Legalities Safeguards and Oversight drnaqur map! urltr ELI-crud hgula?m. Rzi'rr in GIHQ - g: 2 - {Tl-Dr '?gi'lqgu 1'.th 6?
Operational Legalities Safeguards and Oversight drnaqur map! urltr ELI-crud hgula?m. Rzi'rr in GIHQ - g: 2 - {Tl-Dr '?gi'lqgu 1'.th 6?
Page 145 from Operational Legalities – GCHQ Powerpoint Presentation
RIPA safeguards intercepted material must be destroyed as soon as its retention is no longer it it must be looked at, copied and disseminated to the minimum 1 a purpose authorised under the Act Pu as a matter of policy, GCHQ applies this ethos to all material it acquires, regardless of source 9? policies for EP and data retention Thu Irfn'mdnn I: cum"! E1: of Irfn'rr?m Ad .2053 mrr? urltr n?a'rr?lm bgulanm. Rz?rr In IIHQ on - - i-W-?wwu Hum 68
RIPA safeguards intercepted material must be destroyed as soon as its retention is no longer it it must be looked at, copied and disseminated to the minimum 1 a purpose authorised under the Act Pu as a matter of policy, GCHQ applies this ethos to all material it acquires, regardless of source 9? policies for EP and data retention Thu Irfn'mdnn I: cum"! E1: of Irfn'rr?m Ad .2053 mrr? urltr n?a'rr?lm bgulanm. Rz?rr In IIHQ on - - i-W-?wwu Hum 68
Page 146 from Operational Legalities – GCHQ Powerpoint Presentation
Errors and breaches mistakes happen and we report them and LA role: help 8L advice an apparent error may be: 3L breaking the law it a breach of RIPA safeguards 0 FL nothing to worry about! . response: procedures, processes training Thu l5 mrr? H1: ?nch-n of Irfn'rr?m Ad .2053 urltr nl'm'mtlm haul-mm. Rz?rr In IIHQ on - JI- :Ir -I?g:hqg5 93-41le 69
Errors and breaches mistakes happen and we report them and LA role: help 8L advice an apparent error may be: 3L breaking the law it a breach of RIPA safeguards 0 FL nothing to worry about! . response: procedures, processes training Thu l5 mrr? H1: ?nch-n of Irfn'rr?m Ad .2053 urltr nl'm'mtlm haul-mm. Rz?rr In IIHQ on - JI- :Ir -I?g:hqg5 93-41le 69
Page 147 from Operational Legalities – GCHQ Powerpoint Presentation
Political oversight 1 Executive - a Secretary of State exercises authority over the I 5 services and is answerable to Parliament Parliament - Intelligence 8: Security Committee examines expenditure, administration and policy (not operations); members within the circle of secrecy; reports annually to Parliament Thu mm"! unir E1: :fIrfn'rr?m Ad .2053 drna'rlr mm! n?IrnatIm bgulanm. Rzlirr In IIHQ on - Ir. an
Political oversight 1 Executive - a Secretary of State exercises authority over the I 5 services and is answerable to Parliament Parliament - Intelligence 8: Security Committee examines expenditure, administration and policy (not operations); members within the circle of secrecy; reports annually to Parliament Thu mm"! unir E1: :fIrfn'rr?m Ad .2053 drna'rlr mm! n?IrnatIm bgulanm. Rzlirr In IIHQ on - Ir. an
Page 148 from Operational Legalities – GCHQ Powerpoint Presentation
Judicial oversight: Commissioners A Senior Judges: independent of HMG and Parliament 1 review Secretary of State?s use of powers under guaranteed access to agencies at annual reports to the Prime Minister Thu Irforrnatnn l5 mrr? E1: of Irfn'rr?m Ad .2053 WWII.) and marl].- mrr? untr bgulanm. In ECHQ on - - :I-or I?gi'lqgu gym}; Interception Commissioner Sir Paul Kennedy Intelligence Services Commissioner Sir Peter Gibson ?1
Judicial oversight: Commissioners A Senior Judges: independent of HMG and Parliament 1 review Secretary of State?s use of powers under guaranteed access to agencies at annual reports to the Prime Minister Thu Irforrnatnn l5 mrr? E1: of Irfn'rr?m Ad .2053 WWII.) and marl].- mrr? untr bgulanm. In ECHQ on - - :I-or I?gi'lqgu gym}; Interception Commissioner Sir Paul Kennedy Intelligence Services Commissioner Sir Peter Gibson ?1
Page 149 from Operational Legalities – GCHQ Powerpoint Presentation
Investigatory Powers Tribunal (IPT) - comprises 8 independent lawyers - investigates complaints against Agencies, law enforcement etc - anyone, anywhere may complain - more than 40 peOple within GCHQ assist in responding to complaint; audit logs Thu Irforrnatnn I: cum"! E1: of Irfn?rr?m Ad .2053 and marl].- mrr? urltr nil-Irrle n?IrnatIm bgulanm. In IIHQ on - JI- :Ir -I?g:hqg5 93-41le ?2
Investigatory Powers Tribunal (IPT) - comprises 8 independent lawyers - investigates complaints against Agencies, law enforcement etc - anyone, anywhere may complain - more than 40 peOple within GCHQ assist in responding to complaint; audit logs Thu Irforrnatnn I: cum"! E1: of Irfn?rr?m Ad .2053 and marl].- mrr? urltr nil-Irrle n?IrnatIm bgulanm. In IIHQ on - JI- :Ir -I?g:hqg5 93-41le ?2
Page 150 from Operational Legalities – GCHQ Powerpoint Presentation
The Tribunal will what did we do? was the action authorised? was it necessary? was it proportionate? did GCHQ act reasonably within its powers? Thu Irformatnn I: cum! E1: Preach-n of Irfn?rr?m Ad .2053 and marl].- urltr nil-Irrle n?IrnatIm bgulanm. Rziirr In IIHQ on - JI- :Ir -I?g:hqg5 gland-z TF3
The Tribunal will what did we do? was the action authorised? was it necessary? was it proportionate? did GCHQ act reasonably within its powers? Thu Irformatnn I: cum! E1: Preach-n of Irfn?rr?m Ad .2053 and marl].- urltr nil-Irrle n?IrnatIm bgulanm. Rziirr In IIHQ on - JI- :Ir -I?g:hqg5 gland-z TF3
Page 151 from Operational Legalities – GCHQ Powerpoint Presentation
Operational Legalities Wrap up Thu Irfn'matnn l5 mn? I11.- Df Irfn'mim Ad .2053 WWII.) and rncqur mnp! untr uU'rrLH nl'n'milm hgula?m. Rzi'rr arrf FCIHI. in GIHQ - - 1 931'.le ?4
Operational Legalities Wrap up Thu Irfn'matnn l5 mn? I11.- Df Irfn'mim Ad .2053 WWII.) and rncqur mnp! untr uU'rrLH nl'n'milm hgula?m. Rzi'rr arrf FCIHI. in GIHQ - - 1 931'.le ?4
Page 152 from Operational Legalities – GCHQ Powerpoint Presentation
- authorised necessary proportionate 2. Location: beware UK UKUSA seek authorisation 3. Errors: we are honest and report them Thu l5 mrr? E1: of .2053 mrr? urltr haul-anon. Rz?rr In ECHQ on - - :I-or @911un 91ml?; 1. You are responsible for this 2. Location law nationality policy 3. We will help you and agree measures to prevent recurrence ?5
- authorised necessary proportionate 2. Location: beware UK UKUSA seek authorisation 3. Errors: we are honest and report them Thu l5 mrr? E1: of .2053 mrr? urltr haul-anon. Rz?rr In ECHQ on - - :I-or @911un 91ml?; 1. You are responsible for this 2. Location law nationality policy 3. We will help you and agree measures to prevent recurrence ?5
Page 153 from Operational Legalities – GCHQ Powerpoint Presentation
What does this mean for me? staff: know what you can and cannot intercept -Collectlon manager: help ensure selectors are justified and proportionate justify your targeting, seek warrant or STA where necessary - eporter: report only what is necessary to address the requirement Irforrnatnn l5 H1: ?nch-n hi1 mrr? untr u?'rrLH nl'orn?lm haul-anon. Rz?rr In IIHQ on - JI- :Ir -I?g:hqg5 93-41le ?6
What does this mean for me? staff: know what you can and cannot intercept -Collectlon manager: help ensure selectors are justified and proportionate justify your targeting, seek warrant or STA where necessary - eporter: report only what is necessary to address the requirement Irforrnatnn l5 H1: ?nch-n hi1 mrr? untr u?'rrLH nl'orn?lm haul-anon. Rz?rr In IIHQ on - JI- :Ir -I?g:hqg5 93-41le ?6
Page 154 from Operational Legalities – GCHQ Powerpoint Presentation
Contacts ViSit OPP-LEG in B48 call 36559 - email -@gchq - OPP-LEG web pages compliance website - speak to your Legal POC .. Thu Irfn'mdnn I5 mm! U1.- :Ilr Irfn'rr?m .2053 WOW.) drnaq'lr map! urltr nl'n'rr?lm hguldlm. Rz?rr n: ECHQ - an - 1-Dr '?gi'lqgu 931'.le Don?t forget to sign the attendance sheet or you?ll have to come all over again! add your name if it?s not there. 7?
Contacts ViSit OPP-LEG in B48 call 36559 - email -@gchq - OPP-LEG web pages compliance website - speak to your Legal POC .. Thu Irfn'mdnn I5 mm! U1.- :Ilr Irfn'rr?m .2053 WOW.) drnaq'lr map! urltr nl'n'rr?lm hguldlm. Rz?rr n: ECHQ - an - 1-Dr '?gi'lqgu 931'.le Don?t forget to sign the attendance sheet or you?ll have to come all over again! add your name if it?s not there. 7?
Page 155 from Operational Legalities – GCHQ Powerpoint Presentation
Legal 8: Policy [Leads - DPC-CHE wag-lunulrmnulmnce? Den?t forget to Sign the attendance sheet er yeu'll' have to tame all ever again! add 1Fleur name it its net there. ?3
Legal 8: Policy [Leads - DPC-CHE wag-lunulrmnulmnce? Den?t forget to Sign the attendance sheet er yeu'll' have to tame all ever again! add 1Fleur name it its net there. ?3
Page 156 from Operational Legalities – GCHQ Powerpoint Presentation
Questions? Thu mrr? H1: Ad .2053 mrr? urthru?'ErLH haul-mun. Lfl?? In IIHQ - 1-Dr-I?gi1qgn gait.le ?9
Questions? Thu mrr? H1: Ad .2053 mrr? urthru?'ErLH haul-mun. Lfl?? In IIHQ - 1-Dr-I?gi1qgn gait.le ?9