Report suggests U.K. spies collected images from Yahoo webcam chats with NSA help

Read the Full Transcript


    A British news outlet reported today that the governments of the U.S. and United Kingdom have been literally peering into the lives of Americans and Britons.

    A covert program code-named Optic Nerve apparently used computer Webcams to watch online users. The Guardian newspaper based all this on documents provided by former NSA employee Edward Snowden.

    Hari Sreenivasan has more.


    The report details how a British spy agency collected images from Yahoo! Webcam chats, with help from the NSA. The images and associated metadata were stored and subject to search using experimental facial recognition software.

    According to the documents, in one six-month period, the program collected images of nearly two million Yahoo! users around the world, including a number of sexually explicit communications. The British agency the Government Communications Headquarters, or GCHQ, said in a statement today that all of its actions are in accordance with the law.

    Late today, the NSA e-mailed a statement to the NewsHour saying the National Security Agency does not ask its foreign partners to undertake any intelligence activity that the U.S. government would be legally prohibited from undertaking itself.

    Joining me to walk us through what they discovered is Guardian reporter Spencer Ackerman.

    So, Spencer, how did this program work?

  • SPENCER ACKERMAN, The Guardian:

    So what happened was, is, as part of its very broad abilities to collect data in transit across the Internet, GCHQ collected a lot of information from users of this specific Webcam service based out of Yahoo Messenger.

    And from there, it went into databases that analysts could use to comb through both the imagery and the associated data around where those images came from to both find targets that it already had in its intelligence-gathering purposes and figure out new targets.


    So, you are saying that it's not just the targeted folks that got swept up in this net. What about Americans that were using Yahoo! Webchat between 2008 and 2010? Should they be conditioned that there are images of them stored either at the NSA or GCHQ now?


    It's a major question, because GCHQ, like the NSA, does not have the ability on the front end of its bulk collection programs to filter out data coming from the U.S. and coming from the U.K.

    We didn't get direct answers as to how many Americans, if any, have been collected. But the rules and the laws that GCHQ is under on the search end, when analysts can look through this database, distinguish merely between people believed to be in the U.K. and people not believed to be in the U.K.

    So, Americans' data — Americans' imagery data that has been caught up in this could in fact be searched by GCHQ, the most important partner of the NSA from surveillance purposes.


    So what did they do with all these pictures? What is the facial recognition element?


    The facial recognition element is fascinating, because it's an emerging technology that even the documents can see just really isn't precisely mature yet.

    The idea would be, from an intelligence perspective, if you had a partial identifier, maybe an e-mail address or part of a screen name of an intelligence target, but didn't really have much more than that, potentially, if you swept up all of this Yahoo! Webcam data, you might be able to find the image of someone's face or someone's body type, and that could be used as part of a way of targeting this person, finding out more about this person and, if necessary, apprehending that person.


    Is there anything in the documents that says this program stopped? Is it still going on?


    No, it's an interesting question. We didn't get a precise answer to it.

    The latest the documents indicate that it was still active is 2012. But when we asked if it is ongoing or if it stopped, we got responses similar to the one that you read out, that discuss matters of law and how all of this was legal, not whether or not this actually stopped.


    So what are the legal consequences there? Was GCHQ allowed to do something that perhaps the U.S. government wouldn't do, or does the U.S. government have to get approval from the FISA court for all this?


    It's a fascinating question.

    GCHQ is under fewer legal constraints than the NSA is, from the sort of equivalent privacy laws, which aren't really equivalent, but, for the sake of this discussion, close enough. All GCHQ analysts have to have is a reasonable suspicion, not even reasonable from a particularly legally binding context, that its intelligence targets are genuine from out of this program.

    If they want to search for it, the protections are about whether they have reason to believe that the accounts associated are inside or outside the U.K. Beyond that, not really a lot. The question that still remains outstanding that NSA wouldn't address is what, if the level of access is to this database.

    They didn't directly address that to us when we went to them on that. And NSA's tools, like the XKeyscore query tool, are said in the documents to work alongside this data. So there are suspicions that remain outstanding as to the degree to which NSA was able to access this data.


    Alright. Alright. Both the statements from the NSA and Yahoo! are on our Web site.

    Spencer Ackerman from the Guardian, thanks so much for your time.


    Thanks for having me.

Listen to this Segment