Last week’s disclosure of massive data collection efforts at the U.S. National Security Agency has generated heated debate in the U.S. and across the world about privacy. The NSA is collecting metadata on U.S. residents’ phone calls made on Verizon’s network and Internet records from nine Web companies, including Facebook, Google and Microsoft, according to reports in the Guardian and The Washington Post newspapers.
But intelligence agencies in other countries have similar goals, according to reports, and in some cases there are few details about what data these governments are collecting.
Leaks about the NSA program by former contractor Edward Snowden have led to questions in the U.K. about the data that intelligence agency Government Communications Headquarters (GCHQ) is collecting. Facing questions about GCHQ’s access to Internet data collected through the NSA’s PRISM program, Prime Minister David Cameron defended U.K. intelligence services and said they comply with the law.
“Let us be clear,” Cameron said in a Guardian article. “We cannot give a running commentary on the intelligence services. I am satisfied that the intelligence services, who do a fantastically important job to keep us safe, operate within the law and within a legal framework and they also operate within a proper framework of scrutiny by the intelligence and security committee.”
Cameron provided few details but mentioned the role intelligence gathering plays in security efforts. “We do live in a dangerous world and live in a world of terror and terrorism,” he said. “I do think it is right we have well-funded and well-organized intelligence services to keep us safe.”
The Germans, too, have a secret program called Strategic Communications Intelligence (Strategische Fernmeldeaufklärung), supervised by the Federal Intelligence Service (BND), according to a government response to an inquiry about the program published in 2012.
The program is used to sift trough digital communication using search terms. However, details of the technical capabilities of the BND were not published because they are secret, the document said.
The aim of the program, similar to Prism, is to examine global telecommunications, and German domestic situations aren’t covered, reported Germany’s Computerwoche.
The BND does not possess the means and knowledge of its U.S. counterparts, reported German national newspaper Die Zeit on Thursday. German intelligence authorities are envious of the U.S. capabilities, interior minister Hans-Peter Friedrich said, according to Die Zeit.
The Dutch General Intelligence and Security Service (Algemene Inlichtingen- en Veiligheidsdienst or AIVD), has access to PRISM data, Dutch national newspaper De Telegraaf reported on Tuesday, citing an anonymous AIVD agent.
There are more PRISM-like programs active in the Netherlands, the source told the newspaper.
If the AIVD classifies one U.S. email address as suspicious, the service is able to learn everything about the related person, the source told the paper. The AIVD gets full cooperation from the U.S. through liaisons, the source said. All big commercial Internet services are forced to provide an application allowing secret services unlimited browsing, the source told the paper.
“The Dutch government never provides information about how intelligence services work,” said Ivo Opstelten, the minister of security and justice, in a debate in the Dutch Lower House on Tuesday about how the U.S. government can access Dutch citizens’ data using PRISM. “And we never provide information about cooperation with foreign services.”
Opstelten avoided answering a question from Member of Parliament Gerard Schouw, who asked the minister if the U.S. has unlimited access to Dutch citizen data via PRISM.
On Tuesday, Dutch digital rights organization Bits of Freedom (BoF) called on Dutch intelligence services and the government “to put an end to this eavesdropping scandal as soon as possible.” The group called Opstelten’s appearance in the Lower House a “disappointing farce.”
In India, residents are grappling with privacy issues as the country plans to roll out its Central Monitoring System (CMS) to track communications on its networks.
The Indian government has said it needs a surveillance system to monitor suspected terrorists. Asking telephone carriers to intercept calls presented its own security risks, officials have said.
Milind Deora, India’s minister of state for communications and IT, confirmed earlier this month that CMS was being rolled out. Politicians and bureaucrats and even the officer in charge of the CMS, who will take orders from law enforcement agencies to intercept conversations, will not have access to the surveillance information, Deora said during a live session on Google+ Hangouts.
Critics have said that CMS—which aims to collect metadata and other information in real time—will compromise privacy.”It is not covered under any law, nor is it evidently prohibited under any specific law in the country,” said Pranesh Prakash, policy director at The Center for Internet and Society, a research organization in Bangalore focused on privacy and digital rights.
The country has rules under various laws including the Indian Telegraph Act and the Information Technology Act that govern the interception and monitoring of certain communications. The rules require law enforcement to specify the objective of its surveillance, and does not allow broad surveillance of large numbers of users.
“They can make it a little broader than interception of the communications of a particular person, but they can’t specify something as broad as, say, all telephone calls between two cities over a particular period,” Prakash said.
The Indian government announced it was rolling out CMS in November 2009. Officials described it to the upper house of Parliament as “a centralized system to monitor communications on mobile phones, landlines and the Internet in the country.”
(With reporting from Loek Essers, John Ribeiro and Grant Gross.)