FYI.

This story is over 5 years old.

Tech

The UK's Spy Agency Is Even More FOIA-Proof Than the NSA

GCHQ has a blanket exemption from Freedom of Information requests, so one privacy organisation is taking its request to the European Court of Human Rights.

The Government Communications Headquarters—essentially the British equivalent of the National Security Agency in the US—is, perhaps ironically, not known for being very communicative.

Privacy International, a UK charity, is trying to get them to open up a little. This week, it filed a legal challenge to the European Court of Human Rights after GCHQ refused to reveal details about the 'Five Eyes' agreement, a piece of legislation that dictates how intelligence can be shared among different partner countries.

Advertisement

GCHQ issued a blanket refusal to Privacy International's Freedom of Information request on the matter. That's entirely unsurprising. The thing is, whatever the content of your request, GCHQ doesn't have to respond.

Under section 84 of the Freedom of Information Act 2000, GCHQ, along with some other intelligence agencies, is exempt from complying with FOI requests. Further, under sections 23 and 24, the law "precludes any government authority from disclosing information if it was directly or indirectly supplied by GCHQ," according to Privacy International's filing.

Basically, that means any details you want about GCHQ or the work they do, you're probably not going to get them via a Freedom of Information request. Even though that's pretty much the only way for the public to ask for information.

In a letter written in March to Sir Iain Lobban, the director of GCHQ, Privacy International asked for a laundry list of information and documents.

That's how we operate in a democracy—laws are made public

Some were details on surveillance legislation, such as the UKUSA Agreement (the official name of the Five Eyes agreement), and other documents around the sharing of communications intelligence between the UK, US, New Zealand, Australia and Canada.

Privacy International also wanted to know how many people GCHQ employs, and the hierarchical structure of the agency's various departments.

Some of the other requests were a little more mundane, like "the current menu and price list for any restaurants, canteens, cafes or other food service providers that operate within any GCHQ controlled building."

Advertisement

Mike Rispoli, Communications Manager at Privacy International, assured me that they weren't actually too bothered about getting their hands on some of the more trivial documents. It's the Five Eyes Agreement that "needs to be made public," he said over the phone. "That is the main thing that we are after."

The original UKUSA agreement, made in 1946 after the end of World War II was declassified back in 2010. But Rispoli suggested the fact that the latest iteration hasn't means that it could have changed substantially.

According to him, having access to this agreement is essential for the public to properly understand how their communications are shared. "That's how we operate in a democracy—laws are made public," he said.

But GCHQ's exemption from FOI requests means it doesn't have to consider if there is a genuine public interest in the information requested.

It cannot be correct that all information, without exception, directly or indirectly supplied by GCHQ is exempt from public disclosure

While it's not exactly open about its activities, the NSA is in theory subject to requests under the US Freedom of Information Act (though many records are protected by other exemptions). In fact, after the Snowden revelations, the Guardian reported (thanks to its own FOIA request) that the agency was so inundated with requests it struggled to cope.

And some requests to the NSA have yielded fruitful results. For example, Al Jazeera's Jason Leopold learned that the NSA deliberately pushed 9/11 as a 'sound bite' to justify surveillance. Many other attempts have been met with the frequent neither confirm nor deny response.

Advertisement

I asked GCHQ to comment on their position when it came to FOI requests. They said in an emailed statement that, "GCHQ complies at all times with the law. Our work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee. All our operational processes rigorously support this position."

They didn't comment on the specific Privacy International case, as they "have not yet received any formal details," according to their press office.

In sum, Privacy International feels that GCHQ's blanket exemption to provide any information may be illegal under European law. Specifically, they refer to Article 10 of the European Convention of Human Rights, which deals with the freedom to receive information.

Rosa Curling, a lawyer at Leigh Day, the firm representing Privacy International, said in a statement, "It cannot be correct that all information, without exception, directly or indirectly supplied by GCHQ is exempt from public disclosure. With the credibility and public confidence in the activities of the UK's secret service at an all time low, it is crucial that the European Court considers whether the current darkness in which GCHQ operates is allowed to continue."

If their challenge were to have an effect—and we're not holding our breath—it seems likely GCHQ would be met with the same flood of requests the NSA had to put up with. And perhaps we could find out once and for all how British government agencies' cafeterias shape up to their US equivalents.