GCHQ and NSA intercepted Yahoo users' private photographs
This “Optic Nerve” program — administered by the UK's GCHQ with the assistance of the National Security Agency — routinely intercepted and stored those webcam images in secret starting in 2008, according to documents disclosed by former intelligence contractor Edward Snowden and published by The Guardian on Thursday.
The program indiscriminately collected millions of images from people who used Yahoo's webcam chat function, the Guardian's Spencer Ackerman and James Ball reported, “including substantial quantities of sexually explicit communications."
According to the journalists, the GCHQ relied on Optic Nerve to experiment with facial recognition programing to monitor existing targets and search for new persons of interest.
But the GCHQ didn't stop at targeting solely suspected terrorists, the report continues, and instead collected intelligence by seemingly anyone unfortunate enough to log-in to Yahoo's webcam chat feature, at least between 2008 and 2012.
"Yahoo webcam is known to be used by GCHQ targets,” reads a portion of the classified documentation published by the paper.
The GCHQ did not limit their surveillance to just those target, however. According to the leaked Snowden document, 1.8 million Yahoo users had their webcam images collected by the agency during just a six-month span shortly after Optic Nerve was first rolled out.
When reached for comment by the British paper, a representative for Yahoo said the GCHQ program as explained demonstrates a “whole new level of violation of our users' privacy.”
Elsewhere in the leaked documentation, GCHQ agents admitted that a large portion of the imagery collected contained “undesirable nudity.”
"Unfortunately … it would appear that a surprising number of people use webcam conversations to show intimate parts of their body to the other person,” one internal document cited by The Guardian reads. “Also, the fact that the Yahoo software allows more than one person to view a webcam stream without necessarily sending a reciprocal stream means that it appears sometimes to be used for broadcasting pornography."
And although the program was carried out by British spies, Ackerman and Ball acknowledged that millions of Americans may have had their own likeness — clothed or not — captured in the process.
“GCHQ does not have the technical means to make sure no images of UK or US citizens are collected and stored by the system, and there are no restrictions under UK law to prevent Americans' images being accessed by British analysts without an individual warrant,” they wrote.
But Vanee Vines, a spokesperson for the NSA, told the Guardian that the US spy agency “does not ask its foreign partners to undertake any intelligence activity that the US government would be legally prohibited from undertaking itself.”
"A key part of the protections that apply to both US persons and citizens of other countries is the mandate that information be in support of a valid foreign intelligence requirement, and comply with US Attorney General-approved procedures to protect privacy rights. Those procedures govern the acquisition, use, and retention of information about US persons,” Vines said.
In an op-ed published in The Guardian also on Thursday, acclaimed security expert and cryptographer Bruce Schneier said even safeguards in place to prevent these images being viewed by any GCHQ staffer should be questioned.
“[I]s it really okay for a computer to monitor you online, and for that data collection and analysis only to count as a potential privacy invasion when a person sees it? I say it’s not, and the latest Snowden leaks only make more clear how important this distinction is,” he wrote.