From zenadsl6186 at zen.co.uk  Tue Jan 28 10:16:54 2014
From: zenadsl6186 at zen.co.uk (Peter Fairbrother)
Date: Tue, 28 Jan 2014 10:16:54 +0000
Subject: Industrial espionage by TLA's
Message-ID: <52E78396.10303@zen.co.uk>

Snowden recently said that the NSA was 'engaged in industrial 
espionage'. see eg http://www.bbc.co.uk/news/25907502 .


"Referring to the German engineering company Siemens, Mr Snowden told 
ARD: "If there is information at Siemens that they [the NSA] think would 
be beneficial to the national interests, not the national security, of 
the United States, they will go after that information and they'll take 
it." "



I was wondering whether GCHQ did the same, and came to the conclusion 
that they do - it is specifically allowed under RIPA.

The Secretary of State (the Foreign Secretary in this case) can issue a 
single certificated warrant to allow interception and examination of any 
and all "external" [1] communications  "for the purpose of safeguarding 
the economic well-being of the United Kingdom".

See RIPA 8(4)(b)(ii) and 5(3)(c).


Peter Fairbrother


[1] "external" communications are communications where either the sender 
or the intended recipient, or both, are outside the UK.

It is uncertain whether this applies to eg an email which is sent from a 
person in the UK to another person in the UK, but which is sent via a 
foreign country - a not uncommon happening, eg mail to and from all 
Google mail, Gmail and Hotmail addresses will pass through servers in 
the US.

--


From chl at clerew.man.ac.uk  Tue Jan 28 19:57:45 2014
From: chl at clerew.man.ac.uk (Charles Lindsey)
Date: Tue, 28 Jan 2014 19:57:45 -0000
Subject: Industrial espionage by TLA's
In-Reply-To: <52E78396.10303@zen.co.uk>
References: <52E78396.10303@zen.co.uk>
Message-ID: <op.xaexqjrr6hl8nm@clerew.man.ac.uk>

On Tue, 28 Jan 2014 10:16:54 -0000, Peter Fairbrother  
<zenadsl6186 at zen.co.uk> wrote:

> I was wondering whether GCHQ did the same, and came to the conclusion  
> that they do - it is specifically allowed under RIPA.
>
> The Secretary of State (the Foreign Secretary in this case) can issue a  
> single certificated warrant to allow interception and examination of any  
> and all "external" [1] communications  "for the purpose of safeguarding  
> the economic well-being of the United Kingdom".
>
> See RIPA 8(4)(b)(ii) and 5(3)(c).

>
> [1] "external" communications are communications where either the sender  
> or the intended recipient, or both, are outside the UK.
>
> It is uncertain whether this applies to eg an email which is sent from a  
> person in the UK to another person in the UK, but which is sent via a  
> foreign country - a not uncommon happening, eg mail to and from all  
> Google mail, Gmail and Hotmail addresses will pass through servers in  
> the US.

But there the sender and (usually) the intended recipient will both be in  
the UK, so it is not an "external" communication. How they filter those  
out is their problem - somehow they have got to do it.

I suppose they might argue that Google is one of the "intended"  
recipients, since it is well-known that Google et al scan all messages to  
assist with directed advertising, but I doubt the courts would accept that  
:-).

-- 
Charles H. Lindsey ---------At Home, doing my own  
thing------------------------
Tel: +44 161 436 6131                         Web:  
http://www.cs.man.ac.uk/~chl
Email: chl at clerew.man.ac.uk      Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU,  
U.K.
PGP: 2C15F1A9      Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4  
AB A5


From zenadsl6186 at zen.co.uk  Tue Jan 28 21:20:19 2014
From: zenadsl6186 at zen.co.uk (Peter Fairbrother)
Date: Tue, 28 Jan 2014 21:20:19 +0000
Subject: Industrial espionage by TLA's
In-Reply-To: <op.xaexqjrr6hl8nm@clerew.man.ac.uk>
References: <52E78396.10303@zen.co.uk> <op.xaexqjrr6hl8nm@clerew.man.ac.uk>
Message-ID: <52E81F13.5060205@zen.co.uk>

On 28/01/14 19:57, Charles Lindsey wrote:
> On Tue, 28 Jan 2014 10:16:54 -0000, Peter Fairbrother
> <zenadsl6186 at zen.co.uk> wrote:
>
>> I was wondering whether GCHQ did the same, and came to the conclusion
>> that they do - it is specifically allowed under RIPA.
>>
>> The Secretary of State (the Foreign Secretary in this case) can issue
>> a single certificated warrant to allow interception and examination of
>> any and all "external" [1] communications  "for the purpose of
>> safeguarding the economic well-being of the United Kingdom".
>>
>> See RIPA 8(4)(b)(ii) and 5(3)(c).
>
>>
>> [1] "external" communications are communications where either the
>> sender or the intended recipient, or both, are outside the UK.
>>
>> It is uncertain whether this applies to eg an email which is sent from
>> a person in the UK to another person in the UK, but which is sent via
>> a foreign country - a not uncommon happening, eg mail to and from all
>> Google mail, Gmail and Hotmail addresses will pass through servers in
>> the US.
>
> But there the sender and (usually) the intended recipient will both be
> in the UK, so it is not an "external" communication. How they filter
> those out is their problem - somehow they have got to do it.
>
> I suppose they might argue that Google is one of the "intended"
> recipients, since it is well-known that Google et al scan all messages
> to assist with directed advertising, but I doubt the courts would accept
> that :-).
>

That's one legal theory - another is that the actual communication in a 
hop is between the two servers, with server 1 as the sender and server 2 
as the recipient.

As a variation, if the two servers are run by different people, they 
might even be considered as two different public telecommunication systems.


A fourth legal theory is that they don't have to bother to filter the 
"unintended" recipients out anyway:

5(6) The conduct authorised by an interception warrant shall be taken to 
include?  (a) all such conduct (including the interception of 
communications not identified by the warrant) as it is necessary to 
undertake in order to do what is expressly authorised or required by the 
warrant

and once they have the intercepted product, they may claim not to need 
any further authorisation in order to look at it for whatever reasons 
they like. I'd disagree there, but they may well make that claim.

Even if they don't make the larger claim, they may say that it's easier 
to eg scan the whole for keywords rather than seperating out what may be 
non-external content. I think that may be more likely to be acceptable 
to a Court (though again I'd disagree).

And if they find plans to commit a terrorist act, well, this isn't the 
US and evidence isn't inadmissible because it has been illegally 
collected - furthermore as it's intelligence collected under an 
interception warrant it can't be used in evidence anyway, and we'd never 
find out about it, or know if it's happening.


All four theories are at least debatable, which is why I said the 
position is "uncertain".




To get back to the main point, it's quite interesting that we can see 
what GCHQ are doing by analysing the law which allows them to do things 
- some may consider that a security loophole.

-- Peter Fairbrother


From brian at thejohnsons.co.uk  Tue Jan 28 22:36:13 2014
From: brian at thejohnsons.co.uk (Brian L Johnson)
Date: Tue, 28 Jan 2014 22:36:13 -0000
Subject: Industrial espionage by TLA's
In-Reply-To: <52E78396.10303@zen.co.uk>
References: <52E78396.10303@zen.co.uk>
Message-ID: <op.xae42nl9c3r7hz@thedell>

On Tue, 28 Jan 2014 10:16:54 -0000, Peter Fairbrother  
<zenadsl6186 at zen.co.uk> wrote:

> I was wondering whether GCHQ did the same, and came to the conclusion  
> that they do - it is specifically allowed under RIPA.
>
> The Secretary of State (the Foreign Secretary in this case) can issue a  
> single certificated warrant to allow interception and examination of any  
> and all "external" [1] communications  "for the purpose of safeguarding  
> the economic well-being of the United Kingdom".
>
> See RIPA 8(4)(b)(ii) and 5(3)(c).
>
>
> Peter Fairbrother
>
>
> [1] "external" communications are communications where either the sender  
> or the intended recipient, or both, are outside the UK.
>
> It is uncertain whether this applies to eg an email which is sent from a  
> person in the UK to another person in the UK, but which is sent via a  
> foreign country - a not uncommon happening, eg mail to and from all  
> Google mail, Gmail and Hotmail addresses will pass through servers in  
> the US.

Tom Watson recently posted this on Twitter:

tom_watson @tom_watson 2h

"Huge swath of GCHQ surveillance is illegal, says top lawyer":  
http://www.theguardian.com/uk-news/2014/jan/28/gchq-mass-surveillance-spying-law-lawyer  
? I'd appreciate your help in sharing this story.

-- 
Brian


From zenadsl6186 at zen.co.uk  Wed Jan 29 12:28:58 2014
From: zenadsl6186 at zen.co.uk (Peter Fairbrother)
Date: Wed, 29 Jan 2014 12:28:58 +0000
Subject: Industrial espionage by TLA's
In-Reply-To: <op.xae42nl9c3r7hz@thedell>
References: <52E78396.10303@zen.co.uk> <op.xae42nl9c3r7hz@thedell>
Message-ID: <52E8F40A.1040903@zen.co.uk>

On 28/01/14 22:36, Brian L Johnson wrote:
> On Tue, 28 Jan 2014 10:16:54 -0000, Peter Fairbrother
> <zenadsl6186 at zen.co.uk> wrote:
>
>> I was wondering whether GCHQ did the same, and came to the conclusion
>> that they do - it is specifically allowed under RIPA.
>>
>> The Secretary of State (the Foreign Secretary in this case) can issue
>> a single certificated warrant to allow interception and examination of
>> any and all "external" [1] communications  "for the purpose of
>> safeguarding the economic well-being of the United Kingdom".
>>
>> See RIPA 8(4)(b)(ii) and 5(3)(c).
>>
>>
>> Peter Fairbrother
>>
>>
>> [1] "external" communications are communications where either the
>> sender or the intended recipient, or both, are outside the UK.
>>
>> It is uncertain whether this applies to eg an email which is sent from
>> a person in the UK to another person in the UK, but which is sent via
>> a foreign country - a not uncommon happening, eg mail to and from all
>> Google mail, Gmail and Hotmail addresses will pass through servers in
>> the US.
>
> Tom Watson recently posted this on Twitter:
>
> tom_watson @tom_watson 2h
>
> "Huge swath of GCHQ surveillance is illegal, says top lawyer":
> http://www.theguardian.com/uk-news/2014/jan/28/gchq-mass-surveillance-spying-law-lawyer
> ? I'd appreciate your help in sharing this story.
>

Got a link for the opinion please?

Jemima Stratford is quoted as saying Ripa does not allow mass 
interception of contents of communications between two people in the UK, 
even if messages are routed via a transatlantic cable. I agree with her 
conclusion, but I'd like to see her reasoning.



-- Peter Fairbrother


From brian at thejohnsons.co.uk  Wed Jan 29 12:37:22 2014
From: brian at thejohnsons.co.uk (Brian L Johnson)
Date: Wed, 29 Jan 2014 12:37:22 -0000
Subject: Industrial espionage by TLA's
In-Reply-To: <52E8F40A.1040903@zen.co.uk>
References: <52E78396.10303@zen.co.uk> <op.xae42nl9c3r7hz@thedell>
	<52E8F40A.1040903@zen.co.uk>
Message-ID: <op.xaf70kw3c3r7hz@thedell>

On Wed, 29 Jan 2014 12:28:58 -0000, Peter Fairbrother  
<zenadsl6186 at zen.co.uk> wrote:

> On 28/01/14 22:36, Brian L Johnson wrote:
>>
>> Tom Watson recently posted this on Twitter:
>>
>> tom_watson @tom_watson 2h
>>
>> "Huge swath of GCHQ surveillance is illegal, says top lawyer":
>> http://www.theguardian.com/uk-news/2014/jan/28/gchq-mass-surveillance-spying-law-lawyer
>> ? I'd appreciate your help in sharing this story.
>>
>
> Got a link for the opinion please?
>
> Jemima Stratford is quoted as saying Ripa does not allow mass  
> interception of contents of communications between two people in the UK,  
> even if messages are routed via a transatlantic cable. I agree with her  
> conclusion, but I'd like to see her reasoning.

http://www.tom-watson.co.uk/wp-content/uploads/2014/01/APPG-Final.pdf

-- 
Brian




From zenadsl6186 at zen.co.uk  Wed Jan 29 16:43:41 2014
From: zenadsl6186 at zen.co.uk (Peter Fairbrother)
Date: Wed, 29 Jan 2014 16:43:41 +0000
Subject: Industrial espionage by TLA's
In-Reply-To: <op.xaf70kw3c3r7hz@thedell>
References: <52E78396.10303@zen.co.uk> <op.xae42nl9c3r7hz@thedell>
	<52E8F40A.1040903@zen.co.uk> <op.xaf70kw3c3r7hz@thedell>
Message-ID: <52E92FBD.7070304@zen.co.uk>

On 29/01/14 12:37, Brian L Johnson wrote:
> On Wed, 29 Jan 2014 12:28:58 -0000, Peter Fairbrother
> <zenadsl6186 at zen.co.uk> wrote:
>
>> On 28/01/14 22:36, Brian L Johnson wrote:
>>>
>>> Tom Watson recently posted this on Twitter:
>>>
>>> tom_watson @tom_watson 2h
>>>
>>> "Huge swath of GCHQ surveillance is illegal, says top lawyer":
>>> http://www.theguardian.com/uk-news/2014/jan/28/gchq-mass-surveillance-spying-law-lawyer
>>>
>>> ? I'd appreciate your help in sharing this story.
>>>
>>
>> Got a link for the opinion please?
>>
>> Jemima Stratford is quoted as saying Ripa does not allow mass
>> interception of contents of communications between two people in the
>> UK, even if messages are routed via a transatlantic cable. I agree
>> with her conclusion, but I'd like to see her reasoning.
>
> http://www.tom-watson.co.uk/wp-content/uploads/2014/01/APPG-Final.pdf

Thanks Brian.

I find the opinion a bit lacking - here I'll only comment on paragraphs 
1 to 26 as I haven't read it all, and I don't know much about EU law 
anyway, just a bit about RIPA.


Jemima Stratford QC goes through the law, some comments by Lord Bassam, 
and the statutory CoP and concludes, in para 26:

"In summary therefore, RIPA only entitles the UK security services to 
intercept bulk contents data where at least one party to the 
communication is located outside the British Isles.



I have some doubts about quite what this means. The relevant wording in 
RIPA is "" external communication? means a communication sent or 
received outside the British Islands".

In other definitions in RIPA, eg in the definition of interception in 
subsection 2(2), the wording "intended recipient" is frequently used - 
here the wording is different, and is such that if the communication is 
actually received outside the UK, whether by the intended recipient or 
by another, the communication is external.

As an example, suppose Alice in the UK sends Bob in the UK an email to 
Bob's Hotmail address. To deny that the email is actually received by a 
Hotmail server in the US email is fairly specious.

For synchronous communications like telephone calls the situation is 
somewhat less obvious, but eg if the call goes via satellite it is at 
some point received by the satellite - if it wasn't the satellite would 
not be able to forward it.




Miss Stratford continues:
"Thus the activities described in scenario (a) are unlawful as contrary 
to RIPA."

Scenario a is: "The Government Communications Headquarters (?GCHQ?) have 
intercepted bulk electronic data sent between two persons located in the 
UK, but transmitted along fibre-optic cables which run between the UK 
and the United States. The electronic data arise from internet, email 
and telephone use"

This is a little wooly. If the word "bulk" is excluded then it makes 
sense, otherwise not. I thinks she means GCHQ intercepted bulk data on 
the cable, which included messages sent between two persons located in 
the UK.



Again I have doubts about what Miss Stratford means. The the description 
of the communications which can be intercepted in a RIPA ss.8(4) 
certificated warrant cannot include internal communications - but under 
  ss.5(6) a warrant also allows "(a) all such conduct (including the 
interception of communications not identified by the warrant) as it is 
necessary to undertake in order to do what is expressly authorised or 
required by the warrant".





As a matter of practicality, suppose GCQH are intercepting some or all 
communications on a cable under a certificated ss8(4) warrant to 
intercept external communications of some type. They will obviously need 
to look at the actual traffic on the cable in order to to this.

Let's consider Alice's email to Bob at hotmail.com. Even if messages meant 
for persons in the UK are not to be intercepted, how are GCHQ to know 
whether Bob is in the UK? Or Alice for that matter?

The traffic data attached to the email won't tell them - Bob could be 
anywhere. He could be in the UK when the message was sent, and outside 
the UK when he picked it up from the US Hotmail web server.


In fact if GCHQ do not already know who Bob is, he could be anybody, as 
well as anywhere. He could be Bob in Dagenham, or Roberto in Spain, or 
Ali Robber Baron in Afghanistan. There is simply no way for GCHQ to tell 
from the traffic data whether the email is meant for a person in the UK 
or not.


Next, consider an email where a standard hop goes outside the UK but 
both the sender and the intended recipient's initial and final mail 
servers are in the UK. GCHQ will be able to tell this from the routing 
information, in many but not all cases - it is trivial to forge "from" 
addresses on emails, and this is often done for legitimate privacy purposes,

GCHQ may sometimes be able to tell that the persons are in the UK, but 
in most cases they will not be able to with any degree of surety - in 
general the intended recipient of an email can collect it from anywhere 
in the world.


As far as synchronous communications are concerned, the situation is not 
much better. For fixed line telephony it is fairly easy to tell where 
the sender and intended recipient are - sometimes. At other times it 
can't be done, for instance the use of cheap phone cards where the 
caller calls a UK number in order to call a foreign number.

[Sorry, I got called away - an example for hard to identify origin and 
destination country for internet traffic should go in here]

The initial point is, GCHQ has a warrant to intercept traffic on some 
cable, and it is genuinely very hard, and often impossible, for them to 
tell whether the traffic they are intercepting is external or not.



As the warrant allows them to do " all such conduct (including the 
interception of communications not identified by the warrant) as it is 
necessary to undertake in order to do what is expressly authorised or 
required by the warrant" they are legally allowed to intercept (and 
analyse) internal traffic as well as external traffic.

In part they can do this to determine whether it is internal or external 
traffic, but also as they cannot determine (or cannot be certain) 
whether traffic is external or not, they most likely just run all the 
traffic through their analyses. They will claim it is too much work to 
sort it, and unreasonable to ask them to.


So then they will have, in practice, intercepted and analysed the 
internal traffic on the cable quite lawfully under RIPA. All of the 
internal traffic on the cable.



I don't quite know what they do after the analysis if the traffic is 
later shown to be internal. However I don't think they chuck it away - I 
think it could legally be used as intelligence (but not as evidence, as 
evidence from interceptions is excluded from the Courts), but I am not a 
lawyer.


While I am in no way certain that I am correct in what I say above 
(actually I disagree with much of it), these lines of thought do deserve 
to be followed.

And I am of the opinion that in practice and as a general measure, GCHQ 
do intercept and analyse all the traffic which enters or leaves the UK 
on the cables they monitor.

-- Peter Fairbrother



From brian at thejohnsons.co.uk  Wed Jan 29 23:39:41 2014
From: brian at thejohnsons.co.uk (Brian L Johnson)
Date: Wed, 29 Jan 2014 23:39:41 -0000
Subject: Industrial espionage by TLA's
In-Reply-To: <52E92FBD.7070304@zen.co.uk>
References: <52E78396.10303@zen.co.uk> <op.xae42nl9c3r7hz@thedell>
	<52E8F40A.1040903@zen.co.uk> <op.xaf70kw3c3r7hz@thedell>
	<52E92FBD.7070304@zen.co.uk>
Message-ID: <op.xag2ofric3r7hz@thedell>

On Wed, 29 Jan 2014 16:43:41 -0000, Peter Fairbrother  
<zenadsl6186 at zen.co.uk> wrote:

> On 29/01/14 12:37, Brian L Johnson wrote:
>>
>> http://www.tom-watson.co.uk/wp-content/uploads/2014/01/APPG-Final.pdf
>
> Thanks Brian.
>
> I find the opinion a bit lacking - here I'll only comment on paragraphs  
> 1 to 26 as I haven't read it all, and I don't know much about EU law  
> anyway, just a bit about RIPA.

I find the opinions are... opinions. There's much there for discussion  
between lawyerly types.

> Jemima Stratford QC goes through the law, some comments by Lord Bassam,  
> and the statutory CoP and concludes, in para 26:
>
> "In summary therefore, RIPA only entitles the UK security services to  
> intercept bulk contents data where at least one party to the  
> communication is located outside the British Isles.
>
>
> I have some doubts about quite what this means. The relevant wording in  
> RIPA is "" external communication? means a communication sent or  
> received outside the British Islands".
>
> In other definitions in RIPA, eg in the definition of interception in  
> subsection 2(2), the wording "intended recipient" is frequently used -  
> here the wording is different, and is such that if the communication is  
> actually received outside the UK, whether by the intended recipient or  
> by another, the communication is external.

AFAICS there are at least 2 different definitions of 'external' in RIPA.   
And also, AFAICS, which one the government will use in any given scenario  
depends on which point of view they wish to portray at that time.

[snip]

> Miss Stratford continues:
> "Thus the activities described in scenario (a) are unlawful as contrary  
> to RIPA."
>
> Scenario a is: "The Government Communications Headquarters (?GCHQ?) have  
> intercepted bulk electronic data sent between two persons located in the  
> UK, but transmitted along fibre-optic cables which run between the UK  
> and the United States. The electronic data arise from internet, email  
> and telephone use"
>
> This is a little wooly. If the word "bulk" is excluded then it makes  
> sense, otherwise not. I thinks she means GCHQ intercepted bulk data on  
> the cable, which included messages sent between two persons located in  
> the UK.

Agreed.

> Again I have doubts about what Miss Stratford means. The the description  
> of the communications which can be intercepted in a RIPA ss.8(4)  
> certificated warrant cannot include internal communications - but under  
>   ss.5(6) a warrant also allows "(a) all such conduct (including the  
> interception of communications not identified by the warrant) as it is  
> necessary to undertake in order to do what is expressly authorised or  
> required by the warrant".

It's called 'covering your six' or 'covering all bases'.

> As a matter of practicality, suppose GCQH are intercepting some or all  
> communications on a cable under a certificated ss8(4) warrant to  
> intercept external communications of some type. They will obviously need  
> to look at the actual traffic on the cable in order to to this.
>
> Let's consider Alice's email to Bob at hotmail.com. Even if messages meant  
> for persons in the UK are not to be intercepted, how are GCHQ to know  
> whether Bob is in the UK? Or Alice for that matter?
>
> The traffic data attached to the email won't tell them - Bob could be  
> anywhere. He could be in the UK when the message was sent, and outside  
> the UK when he picked it up from the US Hotmail web server.
>
>
> In fact if GCHQ do not already know who Bob is, he could be anybody, as  
> well as anywhere. He could be Bob in Dagenham, or Roberto in Spain, or  
> Ali Robber Baron in Afghanistan. There is simply no way for GCHQ to tell  
> from the traffic data whether the email is meant for a person in the UK  
> or not.
>
>
> Next, consider an email where a standard hop goes outside the UK but  
> both the sender and the intended recipient's initial and final mail  
> servers are in the UK. GCHQ will be able to tell this from the routing  
> information, in many but not all cases - it is trivial to forge "from"  
> addresses on emails, and this is often done for legitimate privacy  
> purposes,
>
> GCHQ may sometimes be able to tell that the persons are in the UK, but  
> in most cases they will not be able to with any degree of surety - in  
> general the intended recipient of an email can collect it from anywhere  
> in the world.
>
>
> As far as synchronous communications are concerned, the situation is not  
> much better. For fixed line telephony it is fairly easy to tell where  
> the sender and intended recipient are - sometimes. At other times it  
> can't be done, for instance the use of cheap phone cards where the  
> caller calls a UK number in order to call a foreign number.
>
> [Sorry, I got called away - an example for hard to identify origin and  
> destination country for internet traffic should go in here]

A nod to Skype should go here also.

> The initial point is, GCHQ has a warrant to intercept traffic on some  
> cable, and it is genuinely very hard, and often impossible, for them to  
> tell whether the traffic they are intercepting is external or not.
>
> As the warrant allows them to do " all such conduct (including the  
> interception of communications not identified by the warrant) as it is  
> necessary to undertake in order to do what is expressly authorised or  
> required by the warrant" they are legally allowed to intercept (and  
> analyse) internal traffic as well as external traffic.
>
> In part they can do this to determine whether it is internal or external  
> traffic, but also as they cannot determine (or cannot be certain)  
> whether traffic is external or not, they most likely just run all the  
> traffic through their analyses. They will claim it is too much work to  
> sort it, and unreasonable to ask them to.
>
>
> So then they will have, in practice, intercepted and analysed the  
> internal traffic on the cable quite lawfully under RIPA. All of the  
> internal traffic on the cable.

I would say that GCHQ intercept everything they can get their hands on and  
then justify it -- in the remote possibility that they ever needed to --  
after the fact.

> I don't quite know what they do after the analysis if the traffic is  
> later shown to be internal. However I don't think they chuck it away - I  
> think it could legally be used as intelligence (but not as evidence, as  
> evidence from interceptions is excluded from the Courts), but I am not a  
> lawyer.

I think, if anything, the data will be being used as intelligence  
internally and temporarily. As a pointer, if you will, for directions in  
which to look. "It seems we should look at this person... Ooh! look what  
we found by [erase footprints} 'chance'."

> While I am in no way certain that I am correct in what I say above  
> (actually I disagree with much of it), these lines of thought do deserve  
> to be followed.
>
> And I am of the opinion that in practice and as a general measure, GCHQ  
> do intercept and analyse all the traffic which enters or leaves the UK  
> on the cables they monitor.

Agreed.

Rifkind's recent interview on Channel 4 http://youtu.be/rn1B1wwyZGs is  
worth watching.

He certainly had me convinced. :)

-- 
Brian