'Squeaky Dolphin' for sale: How surveillance companies are targeting social networks

News & Analysis
'Squeaky Dolphin' for sale: How surveillance companies are targeting social networks

The latest Snowden document revelation, which shows how GCHQ and the NSA are conducting broad, real-time monitoring of YouTube, Facebook, and Blogger using a program called "Squeaky Dolphin," is the most recent demonstration of the immense interception capabilities of intelligence services.

Despite the program's cute name, "Squeaky Dolphin" is shocking in its ability to intercept raw data, which includes sensitive personal and location information, and keep tabs on people across the world who are simply uploading videos or 'liking' the links on their friends' Facebook walls. Such massive, unrestrained capabilities are no way consistent with international law, as their capabilities and execution are clearly neither necessary nor proportionate. Because of this, Privacy International has litigation underfoot to challenge the legality of GCHQ's surveillance activities on the grounds that they fly in the fact of the UK's human rights obligations. Operations like Squeaky Dolphin are yet another manifestation of GCHQ's disregard for privacy rights, and starkly illustrate the problem of secret, unaccountable intelligence gathering.

Frighteningly, the capabilities demonstrated by Squeaky Dolphin - the combination of tapping IP networks and the construction of that with sources such as Facebook, YouTube, Twitter, and other services - are not the exclusive preserve of the NSA and GCHQ. Privacy International's Surveillance Industry Index shows that surveillance companies are marketing and selling these services right off the shelf, giving willing governments anywhere the ability to intercept huge amounts of raw data, monitor social networks in real time, and analyse the information obtained to create profiles on specific individuals and targets.

Analysing and intercepting

Shortly after news broke about the Squeaky Dolphin program, surveillance researcher Dr Ben Hayes drew attention to Wire-X's "Content-based Social Network Analysis" and its similarities to GCHQ's Squeaky Dolphin. Wire-X's brochure, which is subtitled "Facing Social Networks", grabs attention with its heading "Good guys, Bad guys...They are all socializing online."

Named AQWIREX, the product "automatically intercept(s) and analyze(s) in real time the major social networks and extract all the relevant data including profile information, friends, feeds, and posts in order to provide a clear visualization of the entity and a mapping of all the target connections". The marketing material also says that the surveillance system can analyse emails, forums, and chats in real time, providing "real time packet analyse" and the ability to scale interception "from tactical to nationwide."

Through our Surveillance Industry Index, we have identified a similar technique being sold by surveillance companies, such as Israel's Nice Systems and their Horizon Insight product. Nice's Horizon Insight "Intercepts, formats and stores billions of telephony and IP events per data at a rate of thousands of data records per second" and performs integration with "all legacy sources with newly acquired sources in telephony, IP and open source fields to perform fusion of all intercepted data". The attempt to combine both the model of Open Source Intelligence gathering with mass surveillance and analysis of that material is illustrated in a diagram showing the pulling collation of disparate sources to form a stream of information able to be understood by an individual analyst or operator.

Sophisticated filtering provided within interception platforms can also lead to the targeting of particular websites. Italy's IPS sell a network interception platform called GENESI which centralises monitoring of IP networks, performing "real-time interception of different types of Internet Content and Services ( i.e. email messages, Web accesses, Chat sessions)". This capability is combined with content filtering that can focus on content in the protocol header such as URL, which can then allow focus on particular services such as Facebook and YouTube.

What’s more, IPS provides an analytics tool designed specifically for Facebook, implying a definite focus on the analysis of the kinds of services and websites that the GCHQ programme Squeaky Dolphin is using.

Glimmerglass, a California company specialising in physical fibre optic taps, advertises its probes as a way to intercept massive amounts of information travelling to social networks. In a presentation entitled "Paradigm Shifts" it displayed its physical probes and management system as a source of real time interception for particular communication sources. By selecting particular sources, the system intercepts traffic related to the particular "Communications Source," be it Facebook, Google, or Twitter. It would also appear to use IPS's Facebook analysis tool as an example of the mapping and reconstruction of a person's digital life that can be done using the traffic intercepted by Glimmerglass' tools.

Interception vs. Open Source

It is important to remember that these types of technologies, similar to Squeaky Dolphin, are not simply analysing publicly available information, or open-source intelligence (as it is called in the surveillance community). While the acquisition of information from publicly available sources is problematic, it is distinctly different from the practice of GCHQ in its Squeaky Dolphin programme, which focuses on the interception through physically tapping cables as the data is travelling across them, or gaining access through a third-party database.

The documents outlining Squeaky Dolphin come from 2010, before many social networks including Google and Facebook used https to encrypt user traffic across their sites. These latest revelations illuminate the serious need for all communications to be properly secured in order to protect users, including by implementing https. However, encryption is no silver bullet, as https only mitigates interception in transit and intelligence agencies are always seeking ways to crack the latest security measures. But at the very least these tools can help to better protect users' privacy and reduce their risk of exposure to agencies that seem determined to record and analyse every facet of our lives.

The contents of an individual's phone calls, emails and the websites they visit is information that is highly private in nature. So as the ambitious private surveillance market keeps pace with GCHQ and the NSA, we need effective laws in place to protect our privacy from surveillance, both by our governments and those abroad.