 | |
 | |
 The Doughnut from above in 2017 | |
| Agency overview | |
|---|---|
| Formed | 1 November 1919; 106 years ago (1919-11-01) (asGovernment Code and Cypher School) |
| Preceding agencies | |
| Jurisdiction | His Majesty's Government |
| Headquarters | The Doughnut, Hubble Road,Cheltenham, England 51°53′58″N2°07′28″W / 51.89944°N 2.12444°W /51.89944; -2.12444 |
| Employees | 7,181[1] |
| Annual budget | Single Intelligence Account (£3.711 billion in 2021–2022)[1] |
| Minister responsible | |
| Agency executive | |
| Child agencies |
|
| Website | www |
| Footnotes | |
Government Communications Headquarters (GCHQ) is anintelligence andsecurity organisation responsible for providingsignals intelligence (SIGINT) andinformation assurance (IA) to thegovernment andarmed forces of theUnited Kingdom.[2] Primarily based atThe Doughnut in the suburbs ofCheltenham, GCHQ is the responsibility of the country'sSecretary of State for Foreign and Commonwealth Affairs (Foreign Secretary), but it is not a part of theForeign Office and its director ranks as aPermanent Secretary.
GCHQ was originally established after theFirst World War as theGovernment Code and Cypher School (GC&CS)[3] and was known under that name until 1946. During theSecond World War it was located atBletchley Park, where it was responsible for breaking the GermanEnigma codes. There are two main components of GCHQ, the Composite Signals Organisation (CSO), which is responsible for gathering information, and theNational Cyber Security Centre (NCSC), which is responsible for securing the UK's own communications. The Joint Technical Language Service (JTLS) is a small department and cross-government resource responsible for mainly technical language support and translation and interpreting services across government departments. It is co-located with GCHQ for administrative purposes.
In 2013, GCHQ received considerable media attention when the formerNational Security Agency contractorEdward Snowden revealed that the agency was in the process of collecting all online and telephone data in the UK via theTempora programme.[4] Snowden's revelations began a spate of ongoingdisclosures of global surveillance.The Guardian newspaper was forced to destroy computer hard drives with the files Snowden had given them because of the threats of a lawsuit under the Official Secrets Act.[5] In June 2014,The Register reported that the information the government sought to suppress by destroying the hard drives related to the location of a "beyond top secret" GCHQ internet monitoring base inSeeb, Oman, and the close involvement ofBT andCable & Wireless in intercepting internet communications.[6]
GCHQ is led by the director of GCHQ,Anne Keast-Butler, and a corporate board, made up of executive and non-executive directors. Reporting to the Corporate Board are:[7][8]
During the First World War, theBritish Army andRoyal Navy had separate signals intelligence agencies,MI1b andNID25 (initially known as Room 40) respectively.[10][11]
In 1919, the Cabinet's Secret Service Committee, chaired byLord Curzon, recommended that a peacetime codebreaking agency should be created, a task which was given to theDirector of Naval Intelligence,Hugh Sinclair.[12] Sinclair merged staff from NID25 and MI1b into the new organisation, which initially consisted of around 25–30 officers and a similar number of clerical staff.[13] It was titled the "Government Code and Cypher School" (GC&CS), a cover-name which was chosen by Victor Forbes of theForeign Office.[14]Alastair Denniston, who had been a member of NID25, was appointed as its operational head.[12] It was initially under the control of theAdmiralty and located in Watergate House, Adelphi, London.[12] Its public function was "to advise as to the security of codes and cyphers used by all Government departments and to assist in their provision", but also had a secret directive to "study the methods of cypher communications used by foreign powers".[15] GC&CS officially formed on 1 November 1919,[16] and produced its first decrypt prior to that date, on 19 October.[12]
Before the Second World War, GC&CS was a relatively small department. By 1922, the main focus of GC&CS was on diplomatic traffic, with "no service traffic ever worth circulating"[17] and so, at the initiative of Lord Curzon, it was transferred from the Admiralty to theForeign Office.[18] GC&CS came under the supervision ofHugh Sinclair, who by 1923 was both the Chief ofSIS and Director of GC&CS.[12] In 1925, both organisations were co-located on different floors of Broadway Buildings, oppositeSt. James's Park.[12] Messages decrypted by GC&CS were distributed in blue-jacketed files that became known as "BJs".[19] In the 1920s, GC&CS was successfully reading Soviet Union diplomatic cyphers. However, in May 1927, during a row over clandestine Soviet support for theGeneral Strike and the distribution of subversive propaganda, Prime MinisterStanley Baldwin made details from the decrypts public.[20]
During the Second World War, GC&CS was based largely atBletchley Park, in present-dayMilton Keynes, working on understanding the GermanEnigma machine andLorenz ciphers.[21] In 1940, GC&CS was working on the diplomatic codes and ciphers of 26 countries, tackling over 150 diplomatic cryptosystems.[22] Senior staff includedAlastair Denniston,Oliver Strachey,Dilly Knox,John Tiltman,Edward Travis,Ernst Fetterlein,Josh Cooper,Donald Michie,Alan Turing,Gordon Welchman,Joan Clarke,Max Newman,William Tutte,I. J. (Jack) Good,Peter Calvocoressi andHugh Foss.[23] The 1943 British–US Communication Intelligence Agreement,BRUSA, connected the signal intercept networks of the GC&CS and the USNational Security Agency (NSA).[24][25] Equipment used to break enemy codes included theColossus computer.[26] Colossus consisted of ten networked computers.[27]
An outstation in the Far East, theFar East Combined Bureau, was set up in Hong Kong in 1935 and moved to Singapore in 1939. Subsequently, with the Japanese advance down the Malay Peninsula, the Army and RAF codebreakers went to theWireless Experimental Centre in Delhi, India. The Navy codebreakers in FECB went toColombo, Ceylon, then toKilindini, nearMombasa, Kenya.[28]
GC&CS was renamed the Government Communications Headquarters (GCHQ) in June 1946.[29]
The organisation was at first based inEastcote in northwest London, then in 1951[30] moved to the outskirts ofCheltenham, setting up two sites atOakley andBenhall. One of the major reasons for selecting Cheltenham was that the town had been the location of the headquarters of theUnited States Army Services of Supply for the European Theater during the War, which built up a telecommunications infrastructure in the region to carry out its logistics tasks.[31]
Following theSecond World War, US and British intelligence have shared information as part of theUKUSA Agreement. The principal aspect of this is that GCHQ and its US equivalent, the National Security Agency (NSA), share technologies, infrastructure and information.[32][9]
GCHQ ran manysignals intelligence (SIGINT) monitoring stations abroad. During the earlyCold War, the remnants of theBritish Empire provided a global network of ground stations which were a major contribution to the UKUSA Agreement; the US regardedRAF Little Sai Wan inHong Kong as the most valuable of these. The monitoring stations were largely run by inexpensiveNational Service recruits, but when this ended in the early 1960s, the increased cost of civilian employees caused budgetary problems. In 1965 a Foreign Office review found that 11,500 staff were involved in SIGINT collection (8,000 GCHQ staff and 3,500 military personnel), exceeding the size of theDiplomatic Service. Reaction to theSuez War led to the eviction of GCHQ from several of its best foreign SIGINT collection sites, including the newPerkar, Ceylon site andRAF Habbaniya, Iraq. The staff largely moved to tented encampments on military bases in Cyprus, which later became theSovereign Base Area.[33]
During theCuban Missile Crisis,GCHQ Scarborough intercepted radio communications from Soviet ships reporting their positions and used that to establish where they were heading. A copy of the report was sent directly to the White House Situation Room, providing initial indications of Soviet intentions with regards the US naval blockade of Cuba.[34]
Duncan Campbell andMark Hosenball revealed the existence of GCHQ in 1976 in an article forTime Out; as a result, Hosenball was deported from the UK.[35][36] GCHQ had a very low profile in the media until 1983 when the trial ofGeoffrey Prime, aKGB mole within it, created considerable media interest.[37]
In 1984, GCHQ was the centre of a political row when, in the wake of strikes which affected Sigint collection, theConservative government ofMargaret Thatcher prohibited its employees from belonging to a trade union, asserting that membership of a union was in conflict withnational security.[9] The government offered £1,000 to each employee who agreed to give up their right to union membership. Following the breakdown of talks and the failure to negotiate a no-strike agreement, a number of mass national one-day strikes were held to protest against this decision, believed by some to be the first step to wider bans on trade unions. Appeals to British courts and theEuropean Commission of Human Rights[38] were unsuccessful. An appeal to theInternational Labour Organization resulted in a decision that the government's actions were in violation ofFreedom of Association and Protection of the Right to Organise Convention.[39]
A no-strike agreement was eventually negotiated and the ban lifted by the incomingLabour government in 1997, with the Government Communications Group of thePublic and Commercial Services Union (PCS) being formed to represent interested employees at all grades.[40][9] In 2000, a group of 14 former GCHQ employees, who had been dismissed after refusing to give up their union membership, were offered re-employment, which three of them accepted.[41]
The legal caseCouncil of Civil Service Unions v Minister for the Civil Service is significant beyond the dispute, and even beyond trade union law, in that it held for the first time that theroyal prerogative is generally subject tojudicial review, although the House of Lords ruled in favour of the Crown in this instance on grounds of national security.[42]
TheIntelligence Services Act 1994 formalised the activities of the intelligence agencies for the first time, defining their purpose, and the British Parliament'sIntelligence and Security Committee was given a remit to examine the expenditure, administration and policy of the three intelligence agencies.[43] The objectives of GCHQ were defined as working as "in the interests of national security, with particular reference to the defence and foreign policies of Her Majesty's government; in the interests of the economic wellbeing of the United Kingdom; and in support of the prevention and the detection of serious crime".[44] During the introduction of the Intelligence Agency Act in late 1993, the former Prime MinisterJim Callaghan had described GCHQ as a "full-blown bureaucracy", adding that future bodies created to provide oversight of the intelligence agencies should "investigate whether all the functions that GCHQ carries out today are still necessary."[45]
In late 1993 civil servantMichael Quinlan advised a deep review of the work of GCHQ following the conclusion of his "Review of Intelligence Requirements and Resources", which had imposed a 3% cut on the agency.[46] TheChief Secretary to the Treasury,Jonathan Aitken, subsequently held face to face discussions with the intelligence agency directors to assess further savings in the wake of Quinlan's review. Aldrich (2010) suggests that SirJohn Adye, the then Director of GCHQ performed badly in meetings with Aitken, leading Aitken to conclude that GCHQ was "suffering from out-of-date methods of management and out-of-date methods for assessing priorities".[47] GCHQ's budget was £850 million in 1993 (£2.19 billion as of 2023)[48] compared to £125 million for the Security Service and SIS (MI5 and MI6). In December 1994 the businessman Roger Hurn was commissioned to begin a review of GCHQ, which was concluded in March 1995.[49] Hurn's report recommended a cut of £100 million in GCHQ's budget; such a large reduction had not been suffered by any British intelligence agency since the end of World War II.[49] The J Division of GCHQ, which had collected SIGINT on Russia, disappeared as a result of the cuts.[49] The cuts had been mostly reversed by 2000 in the wake of threats fromviolent non-state actors, and risks from increased terrorism, organised crime and illegal access to nuclear, chemical and biological weapons.[50]
David Omand became the Director of GCHQ in 1996, and greatly restructured the agency in the face of new and changing targets and rapid technological change.[51] Omand introduced the concept of "Sinews" (or "SIGINT New Systems") which allowed more flexible working methods, avoiding overlaps in work by creating fourteen domains, each with a well-defined working scope.[51] The tenure of Omand also saw the construction of a modern new headquarters, intended to consolidate the two old sites at Oakley and Benhall into a single, more open-plan work environment.[51] Located on a 176-acre site in Benhall, it would be the largest building constructed for secret intelligence operations outside the United States.[52][9]
Operations at GCHQ'sChung Hom Kok listening station in Hong Kong ended in 1994.[53] GCHQ's Hong Kong operations were extremely important to their relationship with the NSA, who contributed investment and equipment to the station. In anticipation of thetransfer of Hong Kong to the Chinese government in 1997, the Hong Kong stations operations were moved toAustralian Defence Satellite Communications Station inGeraldton inWestern Australia.[54]
Operations that used GCHQ's intelligence-gathering capabilities in the 1990s included the monitoring of communications of Iraqi soldiers in theGulf War, ofdissident republican terrorists and theReal IRA, of the various factions involved in theYugoslav Wars, and of the criminalKenneth Noye.[50][54][55] In the mid-1990s GCHQ began to assist in the investigation ofcybercrime.[56]
At the end of 2003, GCHQ moved in to its new building. Built on a circular plan around a large central courtyard, it quickly became known asthe Doughnut. At the time, it was one of the largest public-sector building projects in Europe, with an estimated cost of £337 million. The new building, which was designed byGensler and constructed byCarillion, became the base for all of GCHQ'sCheltenham operations.[57]
The public spotlight fell on GCHQ in late 2003 and early 2004 following the sacking ofKatharine Gun after she leaked toThe Observer a confidential email from agents at the United States'National Security Agency addressed to GCHQ officers about the wiretapping of UN delegates in the run-up to the2003 Iraq war.[58]
GCHQ gains its intelligence by monitoring a wide variety of communications and other electronic signals. For this, a number of stations have been established in the UK and overseas. The listening stations are at Cheltenham itself,Bude,Scarborough,Ascension Island, and with the United States atRAF Menwith Hill.[59]Ayios Nikolaos Station in Cyprus is run by theBritish Army for GCHQ.[60]
In March 2010, GCHQ was criticised by theIntelligence and Security Committee for problems with its IT security practices and failing to meet its targets for work targeted against cyber attacks.[61]
As revealed byEdward Snowden inThe Guardian, GCHQ spied on foreign politicians visiting the2009 G-20 London Summit by eavesdropping phonecalls and emails and monitoring their computers, and in some cases even ongoing after the summit viakeystroke logging that had been undertaken during the summit.[62]
According to Edward Snowden, at that time GCHQ had two principal umbrella programs for collecting communications:
GCHQ has also had access to the US internet monitoring programmePRISM from at least as far back as June 2010.[64] PRISM is said to give theNational Security Agency and FBI easy access to the systems of nine of the world's top internet companies, including Google, Facebook, Microsoft, Apple, Yahoo, and Skype.[65]
From 2013, GCHQ realised that public attitudes to Sigint had changed and its former unquestioned secrecy was no longer appropriate or acceptable. The growing use of the Internet, together with its inherent insecurities, meant that the communications traffic of private citizens were becoming inextricably mixed with those of their targets and openness in the handling of this issue was becoming essential to their credibility as an organisation. The Internet had become a "cyber commons", with its dominance creating a "second age of Sigint". GCHQ transformed itself accordingly, including greatly expanded Public Relations and Legal departments, and adopting public education in cyber security as an important part of its remit.[66]
In February 2014,The Guardian, based on documents provided by Snowden, revealed that GCHQ had indiscriminately collected 1.8 million private Yahoo webcam images from users across the world.[67] In the same month NBC andThe Intercept, based on documents released by Snowden, revealed theJoint Threat Research Intelligence Group and the Computer Network Exploitation units within GCHQ. Their mission was cyber operations based on "dirty tricks" to shut down enemy communications, discredit, and plant misinformation on enemies.[68] These operations were 5% of all GCHQ operations according to a conference slideshow presented by the GCHQ.[69]
Soon after becoming Director of GCHQ in 2014,Robert Hannigan wrote an article in theFinancial Times on the topic ofinternet surveillance, stating that "however much [large US technology companies] may dislike it, they have become the command and control networks of choice for terrorists and criminals" and that GCHQ and its sister agencies "cannot tackle these challenges at scale without greater support from the private sector", arguing that most internet users "would be comfortable with a better and more sustainable relationship between the [intelligence] agencies and the tech companies". Since the2013 global surveillance disclosures, large US technology companies have improved security and become less co-operative with foreign intelligence agencies, including those of the UK, generally requiring a US court order before disclosing data.[70][71] However the head of the UK technology industry grouptechUK rejected these claims, stating that they understood the issues but that disclosure obligations "must be based upon a clear and transparent legal framework and effective oversight rather than, as suggested, a deal between the industry and government".[72]
In 2015, documents obtained byThe Intercept from USNational Security Agency whistleblowerEdward Snowden revealed that GCHQ had carried out a mass-surveillance operation, codenamedKARMA POLICE, since about 2008.[73] The operation swept up theIP address of Internet users visiting websites, and was established with no public scrutiny or oversight. KARMA POLICE is a powerful spying tool in conjunction with other GCHQ programs because IP addresses could be cross-referenced with other data.[73] The goal of the program, according to the documents, was "either (a) a web browsing profile for every visible user on the internet, or (b) a user profile for every visible website on the internet."[73]
In 2015, GCHQ admitted for the first time in court that it conducts computer hacking.[74]
In 2017, US Press SecretarySean Spicer made allegations that GCHQ had conducted surveillance on US PresidentDonald Trump. These unfounded claims were based on statements made during an opinion piece in a FOX media segment.[75][76] The US government formally apologised for the unfounded allegations and promised they would not be repeated.[77][78][79]
British intelligence did gather information relating to Russiancontacts made by Trump's campaign team in the run-up to his election, which were passed on to US intelligence agencies.[80][81]
On 31 October 2018, GCHQ joinedInstagram.[82][83]
GCHQ personnel are recognised annually byKing Charles III (formerly the Prince of Wales) at thePrince of Wales's Intelligence Community Awards atSt James's Palace orClarence House alongside members of theSecurity Service (MI5), andSecret Intelligence Service (MI6).[84] Awards and citations are given to teams within the agencies as well as individuals.[84]
As well as a mission to gather intelligence, GCHQ has for a long time had a corresponding mission to assist in the protection of the British government's own communications. When the Government Code and Cypher School (GC&CS) was created in 1919, its overt task was providing security advice.[85] GC&CS's Security section was located inMansfield College, Oxford during the Second World War.[85]
In April 1946, GC&CS became GCHQ, and the now GCHQ Security section moved from Oxford to join the rest of the organisation atEastcote later that year.[85]
From 1952 to 1954, the intelligence mission of GCHQ relocated to Cheltenham; the Security section remained at Eastcote,[85] and in March 1954 became a separate, independent organisation: theLondon Communications Security Agency (LCSA),[85] which in 1958 was renamed to theLondon Communications-Electronic Security Agency (LCESA).[85]
In April 1965, GPO and MOD units merged with LCESA to become theCommunications-Electronic Security Department (CESD).[85]
In October 1969, CESD was merged into GCHQ and becomingCommunications-Electronic Security Group (CESG).[85]
In 1977 CESG relocated from Eastcote to Cheltenham.[85]
CESG continued as the UK National Technical Authority forinformation assurance, includingcryptography. CESG did not manufacture security equipment, but worked with industry to ensure the availability of suitable products and services, while GCHQ itself funded research into such areas, for example to theCentre for Quantum Computation atOxford University and theHeilbronn Institute for Mathematical Research at theUniversity of Bristol.[86]
In the 21st century, CESG ran a number of assurance schemes such as CHECK,CLAS,Commercial Product Assurance (CPA) and CESG Assisted Products Service (CAPS).[87]
In 1970 the concept forpublic-key encryption (public key infrastructure) was developed and proven by GCHQ'sJames H. Ellis. Ellis lacked thenumber theory skills required to build a workable system. In 1974 GCHQ mathematicianClifford Cocks had developed a workable public key cryptography algorithm and a workable PKI system. Cocks's system was not available in the public domain until it wasdeclassified in 1997.[88][89]
By 1997 broader public key cryptography commercial technologies had been independently developed and had become well established, in areas such asemail security,digital signatures, andTLS (a fundamentalTCP/IP security component) etc.[90] Most notably in 1977 theRSA algorithm had been developed (equivalent to Cocks's system) and by 1997 was extremely well established.[91]
In 2016, theNational Cyber Security Centre was established under GCHQ but located in London, as the UK's authority on cybersecurity. It absorbed and replaced CESG as well as activities that had previously existed outside GCHQ: the Centre for Cyber Assessment (CCA), Computer Emergency Response Team UK (CERT UK) and the cyber-related responsibilities of theCentre for the Protection of National Infrastructure (CPNI).[92]
The Joint Technical Language Service (JTLS) was established in 1955,[93] drawing on members of the small Ministry of Defence technical language team and others, initially to provide standard English translations for organisational expressions in any foreign language, discover the correct English equivalents of technical terms in foreign languages and discover the correct expansions of abbreviations in any language.[94] The remit of the JTLS has expanded in the ensuing years to cover technical language support and interpreting and translation services across the UK Government and to local public sector services inGloucestershire and surrounding counties. The JTLS also produces and publishes foreign language working aids undercrown copyright and conducts research into machine translation and on-line dictionaries and glossaries. The JTLS is co-located with GCHQ for administrative purposes.[95]
GCHQ operates in partnership with equivalent agencies worldwide in a number of bi-lateral and multi-lateral relationships. The principal of these is with the United States (National Security Agency), Canada (Communications Security Establishment), Australia (Australian Signals Directorate) and New Zealand (Government Communications Security Bureau), through the mechanism of theUK-US Security Agreement, a broad intelligence-sharing agreement encompassing a range of intelligence collection methods. Relationships are alleged to include shared collection methods, such as the system described in the popular media asECHELON, as well as analysed product.[96]
GCHQ's legal basis is established by theIntelligence Services Act 1994 Section 3 as follows:
- (1) There shall continue to be a Government Communications Headquarters under the authority of the Secretary of State; and, subject to subsection (2) below, its functions shall be—
- (a) to monitor or interfere with electromagnetic, acoustic and other emissions and any equipment producing such emissions and to obtain and provide information derived from or related to such emissions or equipment and from encrypted material; and
- (b) to provide advice and assistance about—
- (i) languages, including terminology used for technical matters, and
- (ii) cryptography and other matters relating to the protection of information and other material, to the armed forces of the Crown, to Her Majesty's Government in the United Kingdom or to a Northern Ireland Department or to any other organisation which is determined for the purposes of this section in such manner as may be specified by the Prime Minister.
- (2) The functions referred to in subsection (1)(a) above shall be exercisable only—
- (a) in the interests of national security, with particular reference to the defence and foreign policies of His Majesty's Government in the United Kingdom; or
- (b) in the interests of the economic well-being of the United Kingdom in relation to the actions or intentions of persons outside the British Islands; or
- (c) in support of the prevention or detection of serious crime.
- (3) In this Act, the expression "GCHQ" refers to the Government Communications Headquarters and to any unit or part of a unit of the armed forces of the Crown which is for the time being required by the Secretary of State to assist the Government Communications Headquarters in carrying out its functions.[44]
Activities that involve interception of communications are permitted under theRegulation of Investigatory Powers Act 2000; this kind of interception can only be carried out after a warrant has been issued by aSecretary of State. TheHuman Rights Act 1998 requires the intelligence agencies, including GCHQ, to respect citizens' rights as described in theEuropean Convention on Human Rights.[97][98][99]
ThePrime Minister nominates cross-partyMembers of Parliament to anIntelligence and Security Committee. The remit of the Committee includes oversight of intelligence and security activities and reports are made directly to Parliament.[43] Its functions were increased under theJustice and Security Act 2013 to provide for further access and investigatory powers.[100]
Judicial oversight of GCHQ's conduct is exercised by theInvestigatory Powers Tribunal.[101] The UK also has an independentIntelligence Services Commissioner and Interception of Communications Commissioner, both of whom are former senior judges.[102]
The Investigatory Powers Tribunal ruled in December 2014 that GCHQ does not breach theEuropean Convention on Human Rights, and that its activities are compliant with Articles 8 (right to privacy) and 10 (freedom of expression) of the European Convention on Human Rights.[98] However, the Tribunal stated in February 2015 that one particular aspect, the data-sharing arrangement that allowed UK Intelligence services to request data from the US surveillance programmesPrism andUpstream, had been in contravention of human rights law prior to this until two paragraphs of additional information, providing details about the procedures and safeguards, were disclosed to the public in December 2014.[103][104][105]
Furthermore, the IPT ruled that the legislative framework in the United Kingdom does not permitmass surveillance and that while GCHQ collects and analyses data in bulk, it does not practice mass surveillance.[98][106][107] This complements independent reports by the Interception of Communications Commissioner,[108] and a special report made by the Intelligence and Security Committee of Parliament; although several shortcomings and potential improvements to both oversight and the legislative framework were highlighted.[109]
Despite the inherent secrecy around much of GCHQ's work, investigations carried out by the UK government after the Snowden disclosures have admitted various abuses by the security services. A report by theIntelligence and Security Committee (ISC) in 2015 revealed that a small number of staff at UK intelligence agencies had been found to misuse their surveillance powers, in one case leading to the dismissal of a member of staff at GCHQ, although there were no laws in place at the time to make these abuses a criminal offence.[110]
Later that year, a ruling by theInvestigatory Powers Tribunal found that GCHQ acted unlawfully in conducting surveillance on two human rights organisations. The closed hearing found the government in breach of its internal surveillance policies in accessing and retaining the communications of theEgyptian Initiative for Personal Rights and theLegal Resources Centre in South Africa. This was only the second time in the IPT's history that it had made a positive determination in favour of applicants after a closed session.[111]
At another IPT case in 2015, GCHQ conceded that "from January 2010, the regime for the interception/obtaining, analysis, use, disclosure and destruction of legally privileged material has not been in accordance with the law for the purposes of Article 8(2) of the European convention on human rights and was accordingly unlawful".[112] This admission was made in connection with a case brought against them byAbdelhakim Belhaj, a Libyan opponent of theGaddafi regime, and his wife Fatima Bouchard. The couple had accused the British government of participating in the regime's abduction of them to Libya in March 2004.[113]
On 25 May 2021, the European Court of Human Rights (ECHR) ruled that the GCHQ is guilty of violating data privacy rules through their bulk interception of communications, and does not provide sufficient protections for confidential journalistic material because it gathers communications in bulk.[114]
In 2015 there was a complaint byGreen Party MPCaroline Lucas that British intelligence services, including GCHQ, had been spying on MPs allegedly "in defiance of laws prohibiting it."[115]
Then-Home Secretary,Theresa May, had told Parliament in 2014 that:
Obviously, theWilson Doctrine applies to parliamentarians. It does not absolutely exclude the use of these powers against parliamentarians, but it sets certain requirements for those powers to be used in relation to a parliamentarian. It is not the case that parliamentarians are excluded and nobody else in the country is, but there is a certain set of rules and protocols that have to be met if there is a requirement to use any of these powers against a parliamentarian.[116]
TheInvestigatory Powers Tribunal investigated the complaint, and ruled that contrary to the allegation, there was no law that gave the communications of Parliament any special protection.[117] The Wilson Doctrine merely acts as apolitical convention.[118]
A controversial GCHQ case determined the scope of judicial review of prerogative powers (the Crown's residual powers under common law). This wasCouncil of Civil Service Unions v Minister for the Civil Service [1985] AC 374 (often known simply as the "GCHQ case"). In this case, a prerogative Order in Council had been used by the prime minister (who is theMinister for the Civil Service) to ban trade union activities by civil servants working at GCHQ. This order was issued without consultation. The House of Lords had to decide whether this was reviewable byjudicial review. It was held that executive action is not immune from judicial review simply because it uses powers derived from common law rather than statute (thus the prerogative is reviewable).[119]
The following is a list of the heads and operational heads of GCHQ and GC&CS:
The following are stations and former stations that have operated since theCold War.[120][121]
Current[edit]United Kingdom[edit]
Overseas[edit] | Former[edit]United Kingdom[edit]
Overseas[edit]Hong Kong[edit]
|
In the historical drama filmThe Imitation Game (2014)Benedict Cumberbatch portraysAlan Turing in his efforts to break the Enigma code while employed by the Government Code and Cypher School.[122]
GCHQ have set a number of cryptic online challenges to the public, used to attract interest and for recruitment, starting in late 1999.[123][124] The response to the 2004 challenge was described as "excellent",[125] and the challenge set in 2015 had over 600,000 attempts.[126] It also published theGCHQ Puzzle Book in 2016 which sold more than 300,000 copies, with the proceeds going to charity. A second book was published in October 2018.[127]
GCHQ appeared in theDoctor Who 2019 special "Resolution" where theReconnaissance Scout Dalek storms the facility and exterminates the staff in order to use the organisation's resources to summon aDalek fleet.[128][129]
GCHQ is the setting of the 2020Sky One sitcomIntelligence, featuringDavid Schwimmer as an incompetent AmericanNSA officer liaising with GCHQ's Cyber Crimes unit.[130]
In October 2020, intelligence and security expert John Ferris publishedBehind the Enigma: The Authorised History of GCHQ, Britain's Secret Cyber-Intelligence Agency.[131]
GCHQ is the setting of the 2022Channel 4 dramaThe Undeclared War. Set in the near future, it depicts a work experience student at the government agency during a cyberattack on the UK and the implications.[132]
GCHQ units:
GCHQ specifics:
UK agencies:
Elsewhere:
Well I guess what he's talking about is the fact that for certain aspects and certain of the more intrusive measures that our security service and police have available to them – i.e. Intercept, intercepting people's telephones and some other intrusive measures – the decision is taken by the Secretary of State, predominantly me. A significant part of my job is looking at these warrants and signing these warrants. I think it's... Some people argue that should be to judges....I think it's very important that actually those decisions are being taken by somebody who is democratically accountable to the public. I think that's an important part of our system. I think it's a strength of our system.
1. A declaration that the regime governing the soliciting, receiving, storing and transmitting by UK authorities of private communications of individuals located in the UK which have been obtained by US authorities pursuant to Prism and/or Upstream does not contravene Articles 8 or 10 ECHR. 2. A declaration that the regime in respect of interception under ss8(4), 15 and 16 of the Regulation of investigatory Powers Act 2000 does not contravene Articles 8 or 10 ECHR and does not give rise to unlawful discrimination contrary to Article 14, read together with Articles 8 and/or 10 of the ECHR.
| International | |
|---|---|
| National | |
| Other | |
