A 2007 agreement gave the US intelligence community access to UK citizens' phone numbers, email addresses, and IP addresses,Â The Guardian reports. Previous documents have described close collaboration between the NSA, GCHQ, and other national intelligence agencies, and several European countries have complained of spying on citizens or political leaders. But this leak confirms that under the Bush administration, the UK began allowing the US to collect and analyze "unminimized" data from its citizens, despite a long-standing policy against it. Before the 2007 decision, a 2004 change allowed the US to keep unminimized landline data.
Despite a policy against it, the UK allowed the US to collect "unminimized" data
The US and UK are both part of what's known as Five Eyes, a treaty that also includes Canada, Australia, and New Zealand. Along with sharing intelligence information, members generally agree to avoid spying on each others' citizens â and doing so could allow countries to pass that information along to other members, getting around laws that stop them from performing their own surveillance. That means that if the US accidentally collected metadata about a British citizen before the change, it would have to scrub that from its database, just as it's supposed to minimize US citizen data by removing it. Under the new agreement, the NSA was still barred from intentionally targeting UK citizens without further authorization, but data collected while pursuing another case was fair game. Effectively, this "incidental" data is from citizens who aren't even under suspicion.
Other documents suggest that the cloak-and-dagger business of spying on allies was very much at work within Five Eyes. A 2005 draft directive suggested that the US be allowed to unilaterally decide to spy on other member states; it's not known whether other countries considered similar policies. Inside the US, officially declassified documents have also revealed problems with the NSA's minimization of its own citizens' data, with the FISA court admonishing it for technical problems, policy confusion, and misleading testimony about its surveillance capabilities.