The latest Snowden leak details DISHFIRE, a joint NSA/GCHQ program to slurp up hundreds of millions of SMS messages from global mobile phone users. Included in the program are text messages to and from Americans, though these are apparently subsequently purged. The UK spy agency GCHQ also makes extensive use of the database. Text messages are stored for long terms, so that spies can do historic lookups on people they target. The DISHFIRE database allows for full-text search.
Vodaphone expressed shock and outrage at the news that its customers' private messages were being harvested without a warrant or due process, characterising the program as outside the law.
“In contrast to [most] GCHQ equivalents, DISHFIRE contains a large volume of unselected SMS traffic,” it states (emphasis original). “This makes it particularly useful for the development of new targets, since it is possible to examine the content of messages sent months or even years before the target was known to be of interest.”
It later explains in plain terms how useful this capability can be. Comparing Dishfire favourably to a GCHQ counterpart which only collects against phone numbers that have specifically been targeted, it states “Dishfire collects pretty much everything it can, so you can see SMS from a selector which is not targeted”.
The document also states the database allows for broad, bulk searches of keywords which could result in a high number of hits, rather than just narrow searches against particular phone numbers: “It is also possible to search against the content in bulk (e.g. for a name or home telephone number) if the target’s mobile phone number is not known.”
Analysts are warned to be careful when searching content for terms relating to UK citizens or people currently residing in the UK, as these searches could be successful but would not be legal without a warrant or similar targeting authority.
However, a note from GCHQ’s operational legalities team, dated May 2008, states agents can search Dishfire for “events” data relating to UK numbers – who is contacting who, and when.
NSA collects millions of text messages daily in 'untargeted' global sweep [James Ball/The Guardian]