52
A Democratic Licence to Operate
cent of GDP online, representing a major potential vulnerability); the introduction of the
replacement to the Airwave emergency communication network; and specific threats,
such as the Gameover ZeuS malware used for banking fraud.
3.22
GCHQ also lead on supporting military operations of all types, with some military assets
operating under GCHQ strategic direction. It supplements military signals-intelligence
capabilities and its assistance has ranged from long-term analysis in the development
of weapon systems and assessments of future threats, through to tactical support in
helping adapt countermeasures against hostile states and actors. GCHQ has offered
extensive support to UK military actions in Afghanistan and Iraq.
3.23
GCHQ work closely with MI5 to support their highest-priority operations and has
contributed to the majority of MI5’s counter-terrorism operations. It focuses primarily
on the foreign and upstream elements of these operations, and how UK threats interact
with these elements. In this regard, it is closely involved with operations in Syria to
tackle the threat posed by ISIL.
3.24
GCHQ’s intelligence mission covers a spectrum from long-term operations to tactical
support: GCHQ support the NCA to focus on the ‘top’ organised-crime groups and activities,
which include people and commodity smuggling. It has directly contributed to drug
seizures. It also supports the NCA’s Child Exploitation and Online Protection Command.
3.25
Data interception is fundamental to the work of GCHQ and forms an essential part of its
tradecraft. Whereas in the past it was relatively straightforward to intercept telephone
data, the job of data interception is now much more complex. Analysts must now both
identify the target and work out by what means they are communicating, before they can
begin to consider intercepting the content of their messages. Targets also use multiple
and constantly changing personas, representing a major and continual challenge.
3.26
Only by filtering large volumes of information do GCHQ staff believe they can identify,
and analyse data on, a selected target. Collecting this data in bulk is potentially
problematic, from a privacy perspective, because of the sheer number of individuals
whose communications are affected. Even if an individual’s communications are never
actually read – for example, an electronic communication which was obtained pursuant
to a bulk data collection exercise but not selected for scrutiny – the fact that it could be
read is regarded by some as placing control in the hands of the state.18
3.27
Officials were keen to stress that GCHQ employees are aware they are the guardians
of what is potentially a very intrusive set of capabilities to collect this data. From their
perspective, the greater risk of intruding upon an individual’s privacy occurs at the point
at which the data is analysed, rather than collected. As the information is filtered, more
and more specific filters are applied before analysts can select any communications
18. David Anderson, A Question of Trust: Report of the Investigatory Powers Review [Anderson
Report] (London: The Stationery Office, 2015), p. 26.