This is precisely what the likes of GCHQ and the NSA are for.
I would imagine that any G20 host and it allies would use the opportunity to gather intelligence. I would also assume that where ever it is hosted, many intelligence agencies would be active.
If not, then what are these agencies for? They were never designed for crime fighting or mass surveillance of populations. There were and still are for spying on nations. G20 summits are a prime and legit target.
So is it okay to do this? Even diplomacy has laws, you know.
These actions are in breach of Articles 27 and 30 of the Vienna Convention on Diplomatic Relations (of which the US and UK are signatories):
Article 27:
1.The receiving State shall permit and protect free communication on the part of the mission for all official purposes.
Article 30:
1.The private residence of a diplomatic agent shall enjoy the same inviolability and protection as the premises of the mission.
2.His papers, correspondence and his property, shall likewise enjoy inviolability.
You'd have to be naive to think that every nation actually follows such laws. If they did, most jobs that intelligence agencies are supposed to conduct would be impossible.
With enemies really, who cares about the morality? They're out to get you, you're out to get them. With allies if you're both spying on each other you are thoroughly in the verify part of "Trust but verify." A decent intelligence network can give one a much higher level of security in one's allies good intentions.
Also, morality? Intelligence agencies? This is realpolitik man. If we assume high level politicians resemble executives they're 20% pstchopaths. The other 80% are also quite capable of reasoning amorally about goals and power.
I as a foreign citizen do take the morality of intelligence actions and foreign politics quite seriously.
As far as my view(which is rather ignorant, hence why I would like to know and discuss more) is concerned, I'd think that some form of international agreement on spying/intelligence gathering should be formed and enforced. For example the NSA hacking to Hong Kong machines should be a criminal offense, and the same should go the other way around. This stuff should really go through the legal system and people should be punished accordingly. Just because it is some form of governmental intelligence agency shouldn't ever put it above the law.
As we have seen with the case of NSA, it is used for domestic spying too and nobody really knows for what else.
Your proposed system requires a world government with real powers of enforcement. It is not in the interests of the USA, China, Russia, India, Pakistan or France to do this. Absent wholehearted cooperation by them this cannot happen. If you got all of them on board you might be able to get the rest of the world on board.
In the world we live in, and will continue living in until there is a world government there are bad people everywhere and some of them work for other governments, who can and will protect them. This doesn't even touch on the fact that your/my/any human values are not universal, and universal law is about universal enforcement. Whoever wins the last war gets to tell everyone what to do. That's what world government is.
Indeed this is an accurate statement of the values of many people everywhere. Given sufficiently alien values extermination is the goal. Compare the diversity of legitimate governmental systems in 1900 and now. Democracy is existentially hostile to everything else.
And burning the village to the ground is probably a stupid idea, which is a sufficient reason not to do it. But if it can be done and is the most efficient way of achieving the goal there are people doing it.
Service to the state, glory to the Race!
Ask not what your country can do for you, but what you can do for your country!
The reality is that if every major country is spying on other major countries (and they are), there is no trust to violate because there is no trust to begin with.
One would imagine that every country attending a G20 summit would expect to be spied on like this, because they would be doing the same to others.
Does this somehow make the matter more acceptable on moral grounds though? I think it does not. If a government can't trust another one even when they have all sorts of contracts, policies, treaties, meetings and plans, how on earth should citizens be able to trust them?
I think the status quo should be less offensive and competitive and more trustworthy and collaborative. But then again, who would trust a liar, especially in situation where one too would lie?
This is precisely what the likes of GCHQ and the NSA are for.
I was under the impression they were there to protect a nation's security against foreign threats, not to spy on delegates at international conferences for economic and political advantage.
If our behaviour is essentially amoral and we are willing to break diplomatic treaties and international law in secret (as you are advocating), we should expect the same in return, and have no right to talk about international law, human rights, democracy, national sovereignty or expect anyone else to respect them when we need them. Why shouldn't Russia simply cut off the gas supply to the UK next winter when they don't get what they want, or start murdering government ministers rather than dissidents with Polonium? Realpolitik is a dangerous game to play, particularly when you are a declining power (as the UK is), and I think it better we at least try to stand up for the values we think are right, and hold ourselves to the same standards we would hold others to.
A lot of people think it would be okay for the UK to storm the Ecuadorian Embassy and haul Assange out by the hair of his head, too.
>If not, then what are these agencies for?
Mitigating actual threats to our national security, our allies' security, the security of our citizens abroad maybe. And not for helping Boeing outbid Airbus.
Whilst I agree with you, Id add that leaks such as this are good anyway, in that they raise awareness and make intelligence gathering capabilities clearer.
And the marines and the army are agencies precisely designed to kill foreign nationals. Would it be a "proper use" for them to target diplomats attending a conference?
You left out one important distinction -- that the thing they are designed to do constitues an act of aggression or at the very least undermines trust. These are supposedly allies.
As a software engineer and fan of Tom Clancy novels, I find this fascinating. As an American who would like to be able to do business with people outside the country, I find this worrisome. This type of thing will increase the distrust of Americans (while this occurred in the UK, it was done in conjunction with the NSA). It paints us as diabolical geniuses running around spying on everyone and everything. Many international companies may decide that buying technology or related services from American companies simply isn't worth the risk that there will be some kind of monitoring going on.
Not to excuse the interception, but did a "top 20" nation's diplomats really use an Internet cafe to check and send email? Fake cafe or not, that seems like an awfully irresponsible act for what should be sensitive diplomatic traffic. Note that Russia was not nearly so inept; Medvedev's phone calls were encrypted, though NSA tried to decrypt (it's unspecified whether they did).
I wonder what Snowden is thinking by leaking the real cloak-and-dagger stuff though. Diplomacy has been at least somewhat adversarial since the world's "second oldest profession" came about, and the flipside to advancing your own citizens' negotiating position by spying is to allow the other nations to conspire against you behind your back.
Diplomacy is a dangerous, dangerous game to insert yourself into, Mr. Snowden, and will never have clear friends or enemies.
I wonder how many more G* meetings will be hosted in the UK or US.
On a more serious note, perhaps this will spur further investment in open, reliable encryption technologies around the world. After all, governments can put vast amounts of money into this, that individuals and most companies cannot.
And on a further note, I hope that these revelations keep coming, keep the outrage up, and force politicians to realise that they're in the crosshairs too.
In my view it's kind of embarrassing that any nations got caught by this at all, even in 2009 you had VPNs which could be used to setup a secure network over a dumb and unencrypted pipe. If the keyboards are smartcard-capable you could even have possibly used S/MIME.
In the worst case, use the telephone in your hotel room to setup a SLIP or PPP connection back home using a known-good and known-clean laptop brought from home. But an Internet cafe? Really?
It's embarrassing, but it's not surprising. Clearly some of the participating countries were more focused on an economic discussion than a game of cloak and dagger.
But there's a lot more to this than countries not taking proper security measures. It's not easy if your "adversary" has a 0-day exploit for your Blackberry that came straight from the company that made it (which may be the case).
Seeing secure, totally open hardware come out of this would be great.
Yes, that would be great... the U.S. uses Blackberries everywhere too and whatever hacks GCHQ or NSA can come up could be found by FSB or others as well. Not to mention the rest of us "average Joes" who would be at risk from insecure phone software.
Firefox logs in to GMail and Facebook just as well as Internet Explorer does, and the open protocols that would be used by OSS are just as susceptible to interception on the wire as the closed protocols used by Skype.
I do agree (and have for years) that people with Important Data should rely exclusively on open-source software if it is important that the data is handled properly, but OSS is not a panacea to this by any means.
It's impossible for business to continue as usual as more of this apparatus is revealed. Both legal changes and more secure technologies are imminent. Let's get working on easy, ubiquitous encryption and secure logon.
I love the timing on this. Just exactly when Putin is visiting the UK. So totally deliberate. The Guardian is having fun, but I imagine there are spies out there who are having no fun at all tonight.
"The September meeting of finance ministers was also the subject of a new technique to provide a live report on any telephone call made by delegates and to display all of the activity on a graphic which was projected on to the 15-sq-metre video wall of GCHQ's operations centre as well as on to the screens of 45 specialist analysts who were monitoring the delegates.
"For the first time, analysts had a live picture of who was talking to who that updated constantly and automatically," according to an internal review."
The fact that they talk about how this is nearly routine now would make me expect that the UK might not be a premier destination for international diplomatic conferences for much longer.
I'd love to hear more information on what they mean by "penetrated Blackberry's security". Given BlackBerry's current troubles, and their certifications for Government use, this could cause them quite a bit of brand damage.
I wonder if it's related to back doors RIM was forced to include, or security vulnerabilities that RIM shared with these agencies before fixing them.
I'm very interested to see where the argument for forcing manufacturers to include back doors goes once events like this are part of the public consciousness.
If the debacle between RIM, India and I think it was Saudi Arabia a year or two ago is anything to go by[1], then it's not a back door as much as giving out the private key to the servers located in a country. India and Saudi got those keys on the threat of disallowing Blackberries in their respective countries. I remember thinking at the time that surely the US would have the keys to US servers.
My understanding is that if the phone is linked with a self-hosted Enterprise Server (BES, not hosted by RIM) then RIM don't actually have the keys to hand over.
I would have assumed that a government would have enough cash (and sense) to purchase and run its own BES software, keeping the keys out of RIMs hands.
The disclosure raises new questions about the boundaries of surveillance by GCHQ and its American sister organisation, the National Security Agency, whose access to phone records and internet data has been defended as necessary in the fight against terrorism and serious crime.
So, are the diplomatic and political representatives of allied powers suspected criminals or suspected terrorists then?
I'm not sure how they can possibly wriggle out of this one without much egg on face, and possibly some significant consequences for diplomatic standing too, with the G8 summit taking place this week.
There's really no diplomatic issue here. There's some egg on face for it becoming public, but spying pre-dates terrorism. Governments spy on other governments. It's what's done.
I disagree with the article here. PRISM absolutely raises serious questions about the boundaries of intelligence agencies. But spying on other governments - which is the whole reason for GCHQ existing - that's exactly what these agencies exist to do.
It's like all those Russian sleeper agents in the US back in 2010. It was highly embarrassing for Russia, but there was virtually no change to diplomatic or political relations...because it's what spying is about. And exactly the same thing happened a few months ago when Russia threw out a US 'diplomat' (or, as it turned out, CIA agent) for totally botching a recruitment job. Embarrassing for the US, but no diplomatic consequences of any noticeable kind.
I agree that spies spying on people is hardly news. As far as any possible diplomatic consequences, it was more idly wondering whether anyone would try to turn the fact that this time it got out to their advantage during the G8.
But it doesn't reflect well on all the politicians rushing to defend mass surveillance/dragnet operations on the grounds that these capabilities are only used in serious crime/terrorism/whatever other specific cases they admitted to.
It's also rather surprising that some of these tactics were used or worked at all, not because there was any real doubt that these kinds of organisations could use them if they were willing to commit enough resources, but more because anyone attending a high profile event like that actually fell for the tactics and made it worthwhile to bother trying them in the first place.
Is this legal? I mean they aren't uk nationals so they aren't protected by the normal laws. I'd like to know what, if any, laws were broken or whether this is simply an ethical issue.
Almost certainly none at all. The UK intelligence services have a remit for espionage against foreign governments. Domestic targeting...that's another, altogether thornier issue.
I suppose you could say it was an ethical issue, but I can't imagine attendees not being aware that they were probably under surveillance. I would bet the countries caught out were those inexperienced in high-level foreign intelligence. The Guardian article alludes to this somewhat - it says GCHQ managed to "[target] the Turkish finance minister and possibly 15 others in his party", but only "receive reports from an NSA attempt to eavesdrop on the Russian leader". "Attempt" is the operative word here.
It would be incredibly naive for the Russians to go to a G8 conference in the UK and not expect to be bugged - and vice versa, if the conference was in Moscow. It's not as if the spying just stopped when the Cold War ended.
It's embarrassing that it's public, but I highly doubt the countries involved trusted their hosts. Do you really think Russia trusts the UK and the US?
I've always found it odd as hell that G20 summits aren't done by teleconferencing with one time pads. It's not like it'd be difficult, given the resources they have, to securely exchange a few TB of stuff for when you wanted really secure chats.
I would imagine that any G20 host and it allies would use the opportunity to gather intelligence. I would also assume that where ever it is hosted, many intelligence agencies would be active.
If not, then what are these agencies for? They were never designed for crime fighting or mass surveillance of populations. There were and still are for spying on nations. G20 summits are a prime and legit target.
IMHO, this is a proper use of such agencies.