Robert Hannigan, former Director of GCHQ
Former Director, GCHQ
“The Five Eyes was a SIGINT creation dating from World War II, when Roosevelt and Churchill took a political decision to share their most sensitive cryptological secrets. It is based on trust and aligned values. It is still at its deepest in SIGINT and Cyber, where the default is to share data and technology and work together unless there are reasons not to. SIGINT staff are routinely posted in each others' facilities and spend whole careers working with each other. That is not quite true of the HUMINT agencies, although they have grown closer, especially on terrorism."
- The initial UKUSA Agreement, declassified in June 2010, lays out the extent of SIGINT collaboration, including the acquisition of equipment, collection of communications traffic, traffic analysis, cryptanalysis, decryption and translation. The primary bodies of the intelligence partnership are the U.S. National Security Agency (NSA), the UK’s Government Communications Headquarters (GCHQ), Australia’s Defence Signals Directorate (DSD), Canada’s Communications Security Establishment (CSE) and New Zealand’s Government Communications Security Bureau (GCSB).
- While the agreement initially began with SIGINT cooperation, it has since expanded to include sharing and cooperation in fields such as human intelligence, covert action, counterintelligence, geospatial intelligence, law enforcement, and finance and transportation security.
- A prominent example of the Five Eye’s joint SIGINT collection comes from the so-called Echelon program, which reportedly began in the 1960s and involved the interception of civilian satellite communications based on keywords submitted by each alliance member.
- A more recent example of how Five Eyes might collect SIGINT with geographic implications would be through downstream collection of communications data at rest from domestic internet companies and upstream collection of communications travelling through domestic internet service providers. This collected data can then be reportedly mined directly by all Five Eyes partners through programs such as XKeyscore, no matter which party actually collected the data.
- According to the initial agreement – which is reported to have evolved with the times with the current document remaining classified – all raw SIGINT traffic and intelligence products are shared relatively freely unless a party chooses to forgo sharing or receiving specific intelligence. There is a mutual understanding that the citizens of Five Eyes countries will not be targeted for collection by another member agency, and if such communications are incidentally intercepted, there will be an effort to minimize the use and analysis by the intercepting state – such as by labeling it with “UK Citizen” or “Canadian Company.”
- However, according to a leaked 2005 NSA document, under certain circumstances, Five Eyes members may conduct unilateral collection against the citizens of other members should collaboration with that member be declined. But any collection, processing and dissemination of that information must be maintained in NOFORN (“No Foreigners”) channels. This means that Five Eyes partners cannot, as both a matter of policy and legality, help each other bypass the privacy protections of their home countries.
Lt. Gen. (ret.) James Clapper, former Director of National Intelligence
“We don’t ‘monitor’ each other, if you mean do we spy on the UK, Australia, Canada and New Zealand, but that’s not to say we don’t try to understand what’s going on in each country. The difference with the Five Eyes is we can just ask each other.”
Robert Hannigan, former Director of GCHQ
Former Director, GCHQ
“As for monitoring each others' areas, this is an accusation which Snowden tried unsuccessfully to pin on the SIGINT community. It is nonsense and explicitly forbidden as part of the Five Eyes agreement. Both in law and policy, SIGINT agencies must respect their own legal framework and those of their partners. They cannot be used to get around others' legal constraints or do what would be unlawful for a partner agency. A number of parliamentary and oversight inquiries in the UK have confirmed that this has not happened."
Chris Inglis, former Deputy Director of the NSA
“It’s a highest-common-denominator approach. So the Brits could never ask the United States to spy on a Brit, and then benefit from those proceeds, and vice versa. But, turns out that American intelligence services could, at their discretion, spy on the Brits if they chose to do so. There’s nothing about our laws that would say ‘can’t be a Brit,’ but by policy, we don’t. Not only do we not do that for our British counterparts – helping them find a way around their law – and they don’t do that for us, but we don’t spy on each other. That’s essentially what makes it a ‘second party relationship,’ as opposed to a classic ‘third party relationship,’ which is everybody else.”
Issue: Heightened tensions between the Trump administration and Five Eyes partners, such as the UK, over conclusions of Russia’s interference in the 2016 elections, as well as a seemingly steady stream of leaks from U.S. intelligence in the past years could be causing strain among the Five Eyes alliance. Some have suggested that these political and counterintelligence afflictions, as well as ongoing privacy concerns, could hinder the close Five Eyes sharing in the future.
- In March, GCHQ issued a strong denial of Trump administration’s allegation that it targeted collection on Trump during the election campaign and passed the information onto the Obama administration, saying that such assertions were “utterly ridiculous and should be ignored.” A month later, GCHQ – along with fellow Five Eyes member Australia – was reported to have provided SIGINT to the U.S. as early as 2015 on members of Trump’s campaign team being in contact with known or suspected Russian agents, though this was again not likely through the direct targeting of Trump associates.
- In another instance, UK Prime Minister Theresa May briefly halted the sharing of information to U.S. counterparts following U.S. officials leaking operational details of the investigation into the May 2017 attacks on an Ariana Grande concert in Manchester.
- The instances are not without precedent. New Zealand was temporarily excluded from Five Eyes for a few years after 1985, when the government refused at the time to allow U.S. and UK warships to access to the country’s ports without their confirming that there were no nuclear weapons onboard.
- However, while the alliance may be met with tension, it is unlikely to falter in the face of political fallout. Interacting through common language, democratic values, and complementary national interests, there is a strong degree of professional trust that pervades the alliance. This has allowed the intelligence network to weather political storms as well as security breaches such as leaks and adversarial penetration in the past.
Robert Hannigan, former Director of GCHQ
Former Director, GCHQ
“I think the idea of tension is overplayed. Of course, sharing sensitive intelligence involves some risk and the originating agency will always worry that the receiver doesn't appreciate the sensitivity, but the instances of damaging leaks are rare, whether between the Five Eyes or other partners. There are very well-established processes and protocols to protect information. Often the differences are practical and cultural: the U.S. has a much larger intelligence community and the instinct to share information publicly is much stronger. The deeper the bonds and history and personal relationships between agencies, the easier it is to manage any tensions in a sensible and collaborative way."
Chris Inglis, former Deputy Director of the NSA
“Of course that creates some amount of tension and angst, but the relationships are much longer, much deeper, and the benefits are much more highly leveraged. The benefits are geometrics, the risks that we occasionally suffer are linear – not to be trivialized, certainly to be addressed, but by and large these relationships have hung in there through thick and thin. Increasingly in the world we live in, where these threats are not unique to one nation – terrorism is a case in point – intelligence becomes an instrument of international power as much as an instrument of sovereign national power. Therefore, this might just be the model for other partnerships and coalitions.”
Alastair Gordon, former senior national security officer for the Australian Government
"The Five Eyes is unique because of the shared history and values amongst the five nations. This provides levels of mutual trust and confidence difficult to replicate elsewhere. There are tensions from time to time, but the Five Eyes relationships are such that candid discussions can take place without long term damage to those relationships."
Response: The alliance goes far beyond the principal of collaboration or facilitation of information sharing, but also to enable the dividing of tasks to avoid duplication and leverage each other’s strengths. Each member does not have the ability or resources to unilaterally collect all the intelligence needed. As communications went global – first with satellite communications and then with packet switched networks transiting fiber optic cables – such close partnership makes the intelligence whole greater than the sum of its parts.
Rick Ledgett, former Deputy Director of the NSA
“The principle through which the Five Eyes operates on is that everybody pursues their national interest, and that national interest is to cooperate with likeminded nations who have useful capabilities in this space. The efforts are divided according to those national interests and those capabilities. Where one nation might be stronger, they will go ahead and shoulder the burden for the rest of the Five Eyes. What that cooperation does is that it allows us to extend our reach in terms of collection, in terms of linguistic and analytic capability, and it allows us to do things like divisions of effort so that the U.S. doesn’t have to do everything all the time. We can have partners who will do some of that for us, and vice versa. All of our relationships are asymmetrical – we tend to give more than we get - but you can’t look at this as a transactional thing. It is more of a relationship you are going to get into because long-term, there is value to the nation.”
- Expertise and geography play a crucial part of the alliance’s burden sharing. Each Five Eyes partner collects information over a specific area of the globe in accordance with their national priorities, but their collection and analysis are orchestrated to act as one. Australian analysts, for instance, may have better cultural and linguistic insight into communications collected from Asia, and therefore be better positioned to analyze that information, even if the U.S. is better positioned to collect it.
- While precise geographical focuses are not publically available, it has been reported that: Australia monitors South and East Asia communications; New Zealand covers the South Pacific and Southeast Asia; the UK monitors traffic over Europe, Western Russia and the Middle East and North Africa; Canada focuses on inner Russia and some of Latin America; and the U.S. intercepts communications from the Caribbean, China, Russia, the Middle East and Africa.
- While intelligence sharing was the initial purpose of the alliance, it has grown to include joint operations, capabilities development, training, and even jointly staffed bases. One example of this is the joint NSA-GCHQ upstream collection operation known as Tempora, which included some 300 analysts from GCHQ and 250 from the NSA co-located at Bude, along the southwest coast of the UK. Another example is the Australian Joint Defense Facility at Pine Gap, where U.S. and Australian intelligence analysts are working side by side to support – down to the tactical level – military operations in Afghanistan. This level of collaboration is not easily swept away by far off political winds.
Rick Ledgett, former Deputy Director of the NSA
“Our Five Eyes partners are part of our tactical support to military forces. In those cases where a Five Eyes partner has the responsibility for a particular area that the U.S. military cares a lot about, then they have signed up to provide a requisite level of support. And historically, they have provided outstanding support. The U.S. also provides support back to their forces. For example, when the Australians were in Afghanistan with the U.S., we provided exactly the same support that they provided to U.S. forces.”
Chris Inglis, former Deputy Director of the NSA
“The expectation is that each partner will find ways to make contributions, unique contributions, from their own circumstances. What I can talk about is that each of them has an intellectual base that is slightly different. You give some evidence, some facts to a New Zealander and say, ‘What does this mean?’ They’re likely to give you a slightly different answer given that they understand the world through a different lens than you might from an American perspective. And if this is something that’s happening in that neck of the woods, you probably want to take their account into consideration.”
Robert Hannigan, former Director of GCHQ
Former Director, GCHQ
"It's hard to think of any major disruption of a terrorist attack plan in recent years that hasn't involved Five Eyes sharing on the SIGINT side. Counterintelligence is also an important part of the Five Eyes, but heavily compartmented, as the assets, technical and HUMINT, are particularly sensitive and vulnerable."
Alastair Gordon, former senior national security officer for the Australian Government
"Prior to any passage of intelligence to a third country, prior approval needs to be sought from the agency which sourced the intelligence. I should also mention that when it comes to threat warning intelligence, that is, the possibility of a terrorist attack, it is a general principle that intelligence is shared with the country which is the target of that threat, regardless of the state of the intelligence relationship between the country which collected the intelligence and the target country."
Looking Ahead: Despite the clear strategic advantage of such a cohesive intelligence sharing apparatus based on mutual trust, such benefits can taper with the more partners included. For this reason, it is unlikely that the Five Eyes alliance – with the level of cooperation that it currently operates – will expand to include more members.
Robert Hannigan, former Director of GCHQ
Former Director, GCHQ
"I'm not sure it is worth the effort to extend the formal Five Eyes legal agreement - that feels like a distraction. What matters is that deep operational sharing is increasingly happening with other partners and that is very welcome. I doubt whether some partners would want to join the Five Eyes formally – they probably prefer bilateral agreements. In the UK, relationships with European countries, for example on terrorism and cyber, are incredibly important and have become deeply productive over the years. Beyond Europe, there are some extremely capable allies, not least Israel.”
- Instead of expanding Five Eyes to include other allies, it’s more likely that individual Five Eyes members will forge separate partnerships with other countries on a bilateral basis. The Five Eye’s partnership allows for working with “Third Party” countries, where a Five Eyes member establishes a bilateral relationship with a friendly government, including but not limited to fellow NATO members, where both provide technical support to allow them to better collect and share SIGINT as well as the end-product intelligence reporting. Known Third Party arrangements include Nine Eyes, an intelligence sharing network including Denmark, France, Norway and the Netherlands. There’s also Fourteen Eyes, a.k.a. SIGINT Seniors Europe (SSEUR), which includes the exchange of military signals with Nine Eyes plus Belgium, Germany, Italy, Spain and Sweden.
Lt. Gen. (ret.) James Clapper, former Director of National Intelligence
“Five Eyes countries are different because of the long history of the English-speaking countries’ intelligence relationships, which goes back to World War II, if not before—particularly in SIGINT. So, our intelligence partnership with them is closer and more fulsome. That’s not to say we don’t have very close relations with the other countries…I believe that at some point in the future, we will eliminate NOFORN restrictions with respect to the Five Eyes intelligence alliance, and extend dual-citizenship when and where we’re in each other’s intelligence footprint. There are all kinds of legal complexities here, but over time, we operate in a way that is moving in that direction. I must emphasize this is a personal opinion, not ‘company policy.’”
Levi Maxey is an analyst at The Cipher Brief. Follow him on Twitter @lemax13.
