By Poly Pantelides
CYPRUS, darling of sun seekers and beach goers, is also home to major spying facilities jointly funded by the UK and the US, ostensibly on pretext that knowing what everyone is doing will keep them safe.
Last week, a European Parliament inquiry on the mass surveillance of EU citizens discussed “restoring trust” between the US and the EU in the wake of reports the US National Security Agency (NSA) gather as much personal data as possible, including of EU citizens.
The draft report of the Civil Liberties Committee’s (LIBE) inquiry called for the US to do more to protect EU citizens’ personal data. The draft document called for “clear political signals” by the US to show it “understands the difference between allies and adversaries”. It also called for a code of conduct so that “no espionage is pursued against EU institutions and facilities”.
Experts warned the EU however that IT systems were deliberately vulnerable so that intelligence agencies can have access to data, which also makes them vulnerable to the very cyber-attacks we are told surveillance will prevent.
Declassified colonial files have already shown that when Cyprus became independent in 1960, British agencies including intelligence and security organisation GCHQ ensured they would be able to continue surveillance operations on the island. GCHQ has a listening station in Ayios Nikolaos, in one of the UK’s two sovereign bases in Cyprus. The colonial files also showed that Cyprus’ first president, Archbishop Makarios, had accepted British help in setting up Cyprus’ own security and intelligence agencies.
Decades later, half the cost of running the GCHQ facilities is paid by the US, according to documents leaked to British newspaper The Guardian by former NSA employee Edward Snowden. Leaked documents have been reported since June and make it clear the NSA and GCHQ try to glean as much information as possible, even if that involves intruding into people’s private lives. Carrying a mobile phone or being online enables these agencies to know many things about you: who you are, where you are, what you do and with whom.Press reports based on documents leaked by Snowden have shown that the US and its partners, including the UK, gather as much personal data as they can.
Last week, German chancellor Angela Merkel reportedly told US president Barack Obama the practice was akin to that of the Stasi, the secret police of East Germany serving the needs of a totalitarian regime. Merkel found out from German news magazine Der Spiegel her mobile phone may have been monitored since 2002, according to leaked NSA documents.
Last week journalists were invited by the European parliament’s directorate-general for communication to visit Brussels – expenses paid – and attend part of the inquiry on electronic mass surveillance of EU citizens. Most politicians tried to frame the discussion as seeking a compromise between civil liberties and national security, although four invited speakers told the EU there might be no middle way.
Four different security experts warned European parliament personal data could not be safe as long as governments and intelligence agencies insisted on deliberately engineering weaknesses into programmes so they could spy on others.
“Modern age technology is completely exposed,” said Stephan Lechner, director of the institute for the protection and security of the citizen, a European Commission joint research centre.
Lechner warned that online user agreements were so complex that thousands of people have agreed to “selling their immortal souls” by ticking “yes” to documents referencing layers and layers of agreements they never read. For this reason, the notion of “consent” was faulty, he said.
Chris Soghoian, senior policy analyst with the Speech, Privacy and Technology Project of the American Civil Liberties Union said mobile phone technology was decades-old and “quite thoroughly broken”. “Right now you have systems [that are] secure against no threat,” he said. But he warned that IT systems have been built with surveillance in mind making them unsafe “by design” because intelligence agencies and governments wanted access to data. German IT security consultant Christian Horchert said making IT systems deliberately unsafe was “completely the wrong way of going about it”. He warned the EU they needed to make a clear choice between making technology safe or saying “never mind” and allowing the situation to continue as is”. “There is no middle way. That’s the problem,” he said.
Compare this with the NSA’s standard response via their website to the question of which is more important: civil liberties or national security.
“It’s a false question; it’s a false choice,” answers NSA deputy director John Inglis.
“We have to find a way to ensure that we support the entirety of the Constitution – that was the intention of the framers of the Constitution, and that’s what we do on a daily basis at the National Security Agency,” Inglis added.
But a federal judge in the US ruled last week the NSA’s collection of phone records was likely unconstitutional.
The judge described the technology enabling the government to store and analyse the phone metadata of every telephone user in the US as “almost-Orwellian”.
The ruling is just the beginning of a legal battle, while further legal challenges to the NSA are expected in the near future.
Participating in the European Parliament inquiry discussion, Mike Rogers, chairman of the US House select committee on intelligence said the US and EU were under threat on multiple fronts. Those included Chinese economic cyber-espionage, terrorism, and losing Ukraine to the Russian bloc, he said. In this “very complicated world” where the European and American economy was under threat, “intelligence services have to be even better at trying to collect information to keep us all safe,” Rogers said.
About two years ago in January 2012, the Cyprus Mail reported on the European Commission’s efforts to update its personal data laws to give people the “right to be forgotten” and be able to delete their online personal data.
The Commission’s website on personal data http://ec.europa.eu/justice/data-protection/ describes the proposals – parts of efforts to reform data protection rules – as comprising the right to the protection of personal data. “Persons or organisations which collect and manage your personal information must protect it from misuse and must respect certain rights of the data owners which are guaranteed by EU law,” the commission says.
L’Espresso, an Italian news weekly said last month Cyprus – the hub of several submarine fibre-optic cables – was a natural site to spy on Eastern Mediterranean and Middle Eastern communications. The report, which also relied on documents leaked by Snowden, said the British were able to monitor the cables because of their agreement with Cyprus when the island gained independence. The Süddeutsche Zeitung said that American spies were based in Cyprus at the bases. L’Espresso said, “American intelligence staff are required to dress as tourists because the UK has promised the Cyprus government that only British staff will work there”.
The UK and the US have been promising people they are keeping them safe. The GCHQ for example says on its website it “gathers intelligence to better understand new and emerging threats”.
The GCHQ is trying to gather personal information from mobile phones and apps so it can “exploit any phone, anywhere, any time,” the Guardian said in August, reporting on documents leaked by Snowden. The documents said the GCHQ held China and Russia accountable for most cyber-attacks against the UK and was working with the NSA on increasing their cyber-warfare capabilities.
Some of the GCHQ staff working on one, unspecified, programme reportedly said they were worried over “the morality and ethics of their operational work, particularly given the level of deception involved,” the Guardian said.
Glenn Greenwald, the journalist who first reported on the documents leaked by Snowden told the EU inquiry there was one NSA/GCHQ objective emerging “over and over and over again” in the documents: “Collect it all.”