The UK intelligence agency GCHQ has been gathering information from Google, Facebook, Apple and others using the US-run Prism programme.

GCHQ in Cheltenham Using Prism Programme
The Government Communication Headquarters (GCHQ) in Cheltenham which is said to have access to the US-run Prism programme. (Credit: Reuters)

The report comes from the Guardian who broke the original story about the Prism programme and has now obtained documents which it says show the UK's security agency, GCHQ, is secretly using the system to gather personal data from a slew of the biggest names in the technology world.

The UK intelligence agency, which is based in Cheltenham, has had access to the system since June 2010, three years after the National Security Agency (NSA) in the US initiated the programme. In the past year it has generated 197 intelligence reports from Prism, according to the leaked documents.

In a statement to the Guardian, GCHQ, insisted it "takes its obligations under the law very seriously," but if the agency is in fact using this system to access a treasure trove of personal data from the likes Google, Facebook, Apple, Microsoft and Yahoo, it raises a lot of legal and ethical questions which David Cameron and his government will need to answer.

While all of the companies implicated in the Prism programme have denied knowledge of the system, its existence was tacitly revealed by US Director of National Security James Clapper who defended the US government's right monitor such data, calling the leaks and subsequent publication by the Guardian and the Washington Post "reprehensible" and a risk to the US' national security.

Unfettered access

The Prism programme gives NSA analysts unfettered access to the personal data stored on the servers at companies like Google and Apple, and although Clapper claims the system is only used to monitor non-US citizens while they are not on US soil, he also admits there is some information "incidentally acquired" about US citizens.

GCHQ has become increasingly reliant on Prism, with the 197 reports generated in 2012 marking a 137% increase over previous years. Reports generated by GCHQ are normally passed on to MI5 or MI6.

Rather than using the same system as their US counterparts, the leaked documents reveal that "special programmes for GCHQ exist for focussed Prism processing" meaning the systems have been tailored to search for threats specific to the UK.

The revelation comes in the wake of renewed calls for the Communications Data Bill to be revived, having been dumped in April following objections from Nick Clegg and the Liberal Democrats, saying provisions in the Bill went too far.

However it seems as if the intelligence agencies in the UK already have access to a lot of the data the Communications Data Bill was seeking to provide. Dubbed the Snooper's Charter by its opponents, the Bill sought to give the UK's uintelligence community the ability to monitor the so-called metadata surrounding internet communicaitons such as emails, Skype and instant messaging - though crucially not the content of such communications.

In that respect the Prism programme give the intelligence officers using it much greater power as it gives access to all the data sent by people using services like Facebook, Google or Yahoo - including photos, video, emails, voice-over-IP (such as Skype) calls and more.


A statement by GCHQ said: "Our work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the secretary of state, the interception and intelligence services commissioners and the intelligence and security committee."

The agency would not say how long it had been using Prism or how many intelligence reports it had gleaned from it, or which ministers knew it was being used.

When attempting to access data held by companies like Google, Facebook and Apple which are based in the US, the UK government is normally expected to make formal request through the US Department of Justice which will in turn make the request on the UK's behalf. While this channel is extensively used - over 3,000 requests to Google in 2012 alone - Prism would present a much more immediate though ethically murky way of accessing such data.