On Friday, The Intercept revealed new details about the scope of British electronic eavesdropping agency GCHQ’s mass surveillance operations. Our special report describes a range of top-secret code-named systems that the agency has developed to analyze billions of intercepted emails, phone calls, Web browsing histories, and other private data. Below you can find summaries of each of the systems – including some additional details about their role within GCHQ’s global spying apparatus:
The BLACK HOLE is a massive GCHQ repository that contains raw logs of Internet data intercepted in bulk – including records of people’s Web browsing histories, social media connections, instant messenger chats, emails and online searches. It functions as a feed for multiple systems that are used to analyze the data – such as SOCIAL ANTHROPOID, MUTANT BROTH and KARMA POLICE (see below) – and is a core part of GCHQ’s mass surveillance architecture. The agency’s documents describe it as “invaluable.” It is mostly used to store metadata, but contains some content, such as full logs of queries entered into search engines.
KARMA POLICE enables GCHQ to monitor people’s website browsing histories. The system was designed to provide the agency’s spies with the ability to view “(a) a web browsing profile for every visible user on the internet, or (b) a user profile for every visible website on the internet.” One document describing the function of KARMA POLICE explains that it can be used to “enter a website of interest and this will tell you who has been looking at it.” Once a website browsing record is entered into KARMA POLICE, it is retained for a period of between three and six months, the documents indicate.
MARBLED GECKO was created to monitor people’s usage of Google Earth and Google Maps. Documents outlining the purpose of the system say it shows analysts “when, where, and from which IP address, particular areas of the earth have beeen looked at.” It is unclear whether MARBLED GECKO will still be effective today, as Google now appears to encrypt most users’ connections to Google Earth and Maps by default, making it harder, but not impossible, for spies to monitor how people are using these services.
MEMORY HOLE is used to surveil people’s search engine queries in bulk. The agency sifts through the searches in an effort to identify any that it deems suspicious. It can link each individual search query to an IP address, a unique identifier that is allocated to computers when they connect to the Internet. The IP address can in turn be entered into other surveillance systems – such as MUTANT BROTH (see below) – in an effort to track down the identity of the individual behind it.
MUTANT BROTH is used to analyze vast amounts of tiny Internet data files known as cookies, which are known inside the agency as “target detection identifiers.” Cookies are automatically placed on computers to identify and sometimes track people browsing the Internet, often for advertising purposes. GCHQ intercepts the tiny files from Internet cables using “probes” and then sifts through them to find surveillance targets. As of November 2010, 10.5 billion new cookies and other similar pieces of data were being made searchable through MUTANT BROTH every day. GCHQ used the system in controversial hacking operations targeting the European technology and telecommunications companies Gemalto and Belgacom.
GCHQ describes SAMUEL PEPYS as an “Internet diarisation tool” that works by “fusing all available traffic types in one place.” It allows the agency’s analysts to monitor the content and metadata of online communications and Web browsing activity as they are intercepted in real time. GCHQ’s documents say that the system is used to find out “what is my target doing online right now.” One image illustrating SAMUEL PEPYS in action shows it being used to monitor someone who visited a page about GCHQ on the U.S. anti-secrecy website Cryptome. The spying interface was named after a 17th century English Naval administrator and member of parliament, famed for his detailed diaries that documented every aspect of life through a historic period that saw the restoration of the English monarchy after wars in England, Ireland, and Scotland.
SOCIAL ANTHROPOID appears to be one of the GCHQ’s most broad-reaching mass surveillance tools. A document outlining its capabilities says it can be used to search through troves of metadata on emails, social media interactions, instant messenger chats, cellphone locations, text messages, and calls made on the Internet using “Voice over IP” technology such as Skype. Launched between 2010 and 2011, SOCIAL ANTHROPOID was designed to modernize and converge older separate spying systems built to handle bulk phone call records and location data (SALAMANCA), email and instant messenger records (HAUSTORIUM), and social media activity (SOCIAL ANIMAL).
INFINITE MONKEYS is a system used to sift through details about users of online forums. According to the agency’s documents, it “can reveal usernames/passwords/email addresses for users on a particular vbulletin site of interest.”
TEMPORA is what GCHQ describes as its “Internet buffer capability.” The program funnels the full content and metadata of intercepted Internet communications into a giant repository, which is made searchable through a system named XKEYSCORE (see below). TEMPORA “uses over 1000 machines to process and make available to analysts more than 40 billion pieces of content a day,” according to one document published by Der Spiegel last year, and it “provides a powerful discovery capability against Middle East, North African and European target sets.” The existence of TEMPORA was first revealed by The Guardian in 2013.
XKEYSCORE is a powerful system that was developed by the National Security Agency to analyze intercepted Internet traffic from eavesdropping sites located across the world. Today, the system is used by each of the so-called Five Eyes, a secretive alliance that includes the United States, the United Kingdom, Australia, Canada, and New Zealand. According to an NSA document from 2012, GCHQ’s contribution to XKEYSCORE dwarfs that of other agencies. The TEMPORA mass surveillance program (see above) amounts to the “world’s largest” deployment of XKEYSCORE and is “more than 10 times larger” than other installations of the system. Documents published by The Intercept in July showed how XKEYSCORE is used to record the full content of emails, chats, pictures, documents, voice calls, webcam photos, web searches, intercepted passwords, and much more. It was described in the secret files a “fully distributed processing and query system that runs on machines around the world.”