Risk
6/11/2013
11:43 AM
Connect Directly
RSS
E-Mail
50%
50%

NSA Prism: Snowden Is Wrong, Says British Government

Foreign Secretary denies that British government used Prism program to access communications of private citizens, but questions remain.

The British government has been forced to clarify the position of its own intelligence agencies in light of the unfolding Prism scandal.

Foreign Secretary William Hague on Monday rejected suggestions that British spymasters at its GCHQ communications center had been taking advantage of Prism to gain back-door access to citizens' communications.

If that is true, it would counter what most subjects of the Queen see as legitimate use of surveillance powers as well as the allegations of whistleblower Edward Snowden, which were revealed last week in his interview with The Guardian.

While claiming he wasn't being "drawn into confirming or denying any aspect of leaked information," Hague suggested that Snowden's claims are "baseless." He also stated that British laws simply "do not provide for indiscriminate trawling for information through the contents of people's communications."

[ For more on the Prism scandal, see Obama Defends NSA Prism, Google Denies Back Door. ]

However, Hague also confirmed there are strong links between GCHQ and U.S. intelligence services, links that center on the regular sharing of information between the two countries. This, he said, had been particularly marked during the London Olympics. "The House will not be surprised that our activity to counter terrorism intensified and rose to a peak in the summer of last year," he stated.

Nonetheless, the British government stands by its assertion that it possesses a strong set of legal safeguards that protect citizens. "Any data obtained by us from the United States involving U.K. nationals is subject to proper [British] statutory controls and safeguards," Hague said. In his remarks to the House on Monday, Hague also pointed out that British intelligence sharing with the U.S. is subject to "ministerial and independent oversight and to scrutiny by the Intelligence and Security Committee." For example, of the hundreds of requests to carry out covert operations his office receives every year, each one is reviewed by lawyers to make sure it meets legal requirements.

Even as he attempted to close the debate on the status of electronic communications access, however, Hague may have reopened another. This one concerns the Data Communications Bill, controversial legislation that proposed expanded access to data by law enforcement via the so-called "Snooper's Charter." That legislation was taken off the books last month by the Deputy Prime Minister Nick Clegg, who said his party, the junior one in the current Coalition government, rejected the measure's possible encroachment on civil liberty protection. However, in the wake of a recent attack on an unarmed British soldier by Islamist extremists, some commentators are pushing for a return of the legislation, even in revised form, to beef up security.

Following Hague's Monday address, an MP suggested that current traffic monitoring legislation known as RIPA has not kept up with modern technological trends since its 2000 introduction. "The case for a Communications Data Bill rests on its own merits," Hague responded, adding that Her Majesty's Government will "bring forward proposals in the near future on this subject," which suggests that the "Snooper's Charter" may be far from dead.

The Foreign Secretary isn't the only senior political figure who has attempted this week to defuse worries raised by the Snowden leaks. Former Home Secretary, Labor peer John Reid, claimed that "within the legal framework," British security services, operating and sharing relevant data with allies led by the U.S., have saved "literally thousands of lives in this country in the past 15 years."

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0619
Published: 2014-10-23
Untrusted search path vulnerability in Hamster Free ZIP Archiver 2.0.1.7 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the current working directory.

CVE-2014-2230
Published: 2014-10-23
Open redirect vulnerability in the header function in adclick.php in OpenX 2.8.10 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) dest parameter to adclick.php or (2) _maxdest parameter to ck.php.

CVE-2014-7281
Published: 2014-10-23
Cross-site request forgery (CSRF) vulnerability in Shenzhen Tenda Technology Tenda A32 Router with firmware 5.07.53_CN allows remote attackers to hijack the authentication of administrators for requests that reboot the device via a request to goform/SysToolReboot.

CVE-2014-7292
Published: 2014-10-23
Open redirect vulnerability in the Click-Through feature in Newtelligence dasBlog 2.1 (2.1.8102.813), 2.2 (2.2.8279.16125), and 2.3 (2.3.9074.18820) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter to ct.ashx.

CVE-2014-8071
Published: 2014-10-23
Multiple cross-site scripting (XSS) vulnerabilities in OpenMRS 2.1 Standalone Edition allow remote attackers to inject arbitrary web script or HTML via the (1) givenName, (2) familyName, (3) address1, or (4) address2 parameter to registrationapp/registerPatient.page; the (5) comment parameter to all...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.