That Sunday Times article on Snowden
Four months ago, the Sunday Times ran a front page headline claiming that Edward Snowden was responsible for betraying the UK to Russia and China. The story was based entirely on unsubstantiated claims by anonymous UK government agents, and the journalist admitted he simply republished the government’s opinion.
The result was government propaganda in a highly respected publication with a print circulation of 839,077. The online edition ran with photographs of Snowden and Vladmir Putin, arranged together in front of a photo of the Kremlin, so as to make the unsubstantiated implication that Snowden has defected.
The article was heavily criticized by Al Jazeera, the Intercept, who noted that the article “does literally nothing other than quote anonymous British officials”.
Unsubstantiated claims
The article leads with a claim that both Russia and China acquired an encrypted copy of all the documents Snowden took from the NSA, numbering 1.7 million files, were able to crack the encryption to access those documents, that the files must have come from Snowden himself, that this forced MI6 to pull agents out of foreign countries, and that the leaks have caused deaths.
All of these claims are highly suspect.
1. That Russia and China have the documents
Earlier journalism establishes that Snowden passed his data to journalists in Hong Kong and erased his own copy before moving to Russia. Snowden, a trained intelligence agent, used advanced techniques to communicate with the press prior to their arrival and his identity and the nature of his documents were secret even from US intelligence prior to their release in the press.
By the time China or Russia knew Snowden had stolen valuable classified documents, he had already erased his own copy. Secure data erasure is well within the capability of a trained operative. Even the UK were unable to issue the press with a DA notice regarding PRISM until after it hit the press. It’s higly unlikely that any national intelligence agency had opportunity to steal the documents from Snowden himself.
It is possible that foreign intelligence stole the documents from one of the journalists with the cache, but the article strongly suggests that they were either stolen from Snowden or that he gave them voluntarily. The original version of the article made the inaccurate claim that David Miranda received his copy of the documents from Snowden in Moscow, which is verifiably false since Miranda’s copy came from Laura Poitras.
What is true is that Russia and China have access to at least those Snowden documents already leaked in the press.
2. That Snowden had 1.7 million files
The number of “over 1 million” comes from the NSA’s General Alexander who said Snowden had access to this many files, but the general admits that it’s impossible to tell how many of these files Snowden actually downloaded. It’s further impossible to tell how much of what he downloaded he kept, and how much of what he kept was passed on to journalists.
In fact, the article later states that Miranda’s copy of the documents numbered only 58,000. It’s possible that this represents only a part of the documents, but the figure of 1.7 million appears to be the Alexander number since none of the government sources in the article verify that number.
3. That Russia and China broke encryption
This claim is attributed to an anonymous senior Home Office source. The Home Office also claimed that Snowden had “blood on his hands” despite no evidence that his actions had resulted in deaths, and suggested that Snowden had ulterior motives in going to Moscow.
Snowden mentioned using PGP and Truecrypt, which are still considered highly secure and effectively unbreakable. If any world government has the ability to break these technologies, it would be an extremely top secret capability that would never be reported to the press.
We can reasonably assume that even if the encrypted files were stolen, they were not cracked due to a known Truecrypt vulnerability. However, various other attacks could circumvent the encryption: poor password use, keylogging the password, and other methods within the capability of nation states. They could not have cracked Snowden’s copy this way, but they could have hacked a journalists’ copy.
The claim that the encryption broken would disprove the suggestion that Snowden supplied the files voluntarily. If he supplied the files voluntarily, he would have had to supply the password for the same files.
4. That the documents were acquired from Snowden
As mentioned already, it is highly unlikely that they had opportunity to steal the documents from Snowden himself. There’s also no reason to assume he gave the documents willingly.
The article assumes the documents came directly from Snowden by one of these measures, but the article also originally assumed that Snowden took the documents with him to Moscow, a stance vaguely suggested by the Home Office source but which has no evidence.
The article claims that Snowden may have been forced to hand over the documents in exchange for safe passage or asylum, but Hong Kong did not grant asylum and there is no reason to assume Russia required the documents in exchange for asylum, nor do any of the articles sources corroborate this wild theory which the article admits is only speculation.
5. That Snowden caused MI6 to pull agents out
This claim comes from an anonymous senior Downing Street source, who says only that Russia and China have unspecified “information”, leading to MI6 agents being moved. There is no evidence from this statement that they have any information outside of evidence.
6. That the leaks have caused deaths
An anonymous British intelligence source claimed that agencies have been forced to pull agents from operations to protect their life. But no British agent outed in Russia has been killed since the Cold War.
The Home Office source also claimed Snowden had “blood on his hands”, but the Downing Street source says that while agents have been “targeted” since the Snowden disclosures there is no evidence that anyone has been harmed.
Unreasonable claims
The article further makes biased or misleading statements.
It claims that Snowden fled to seek protection specifically from Vladmir Putin, and has been under protection of Putin’s “regime”, and further cites the Home Office source that says “Putin didn’t give him asylum for nothing.” But there’s no reason to assume Putin was personally involved; nations including the UK grant political asylum to many people. It’s also established that Snowden had intended to leave Russia when the US stranded him by revoking his passport.
It briefly mentions Snowden’s claims of NSA/GCHQ mass surveillance, but completely fails to mention that these were true.
It describes David Anderson QC’s recommendations of judicial oversight for intrusrive surveillance having power “stripped from ministers and handed to judges”. The British press typically reserves “stripped” for a privilege removed in shameful circumstances as a punishment (e.g. stripped of a knighthood), and “handed” refers to something given unwarranted (as in government handouts).
It claims that Snowden may have voluntarily handed over data to China and Russia, and uses the manipulative tactic of following with an unproven speculated motive to make this unsubstantiated claim believable, even while admitting there is no evidence.
Who are the sources?
The article bases its information on statements from a fixed number of sources. It’s worth looking at precisely what each source said.
Home Office
Attributed to a senior Home Office official, or a senior Home Office source.
- A claim that Snowden has “blood on his hands”.
- “Why do you think Snowden ended up in Russia? … Putin didn’t give him asylum for nothing. His documents were encrypted but they weren’t completely secure and we have now seen our agents and assets being targeted.”
To put it bluntly, the Home Office source is full of shit.
The “blood on his hands” claim is unsubstantiated and contradicts Downing Street’s line that there is no evidence that anyone has been harmed.
The insinuation that Snowden made a secret deal with Putin is an angry, baseless smear. The Home Office source is making an intentional attempt to attack and discredit Snowden. The source avoids making specific accusations since it has no evidence to substantiate the claim.
Further, the OPM hack announced on June 11 and June 13, one day before this Sunday Times article, leaked the fingerprints and personal information of up to one million US federal employees and provides a much more likely reason for intelligence services to suddenly pull out agents in what may be joint US-UK operations, or to move MI6 officers to cover for US agents.
Downing Street
These are attributed to Downing Street, or a senior Downing Street source. One paragraph attributes similar information to “David Cameron’s aides” in a statement made on 13 July 2015, suggesting that Cameron’s aides may be the same person as the Downing Street source or were at the same meeting and provided duplicate information.
- “It is the case that Russians and Chinese have information. It has meant agents have had to be moved and that knowledge of how we operate has stopped us getting vital information. There is no evidence of anyone being harmed.”
It is peculiar that Downing Street would be available to the press on 13 July, a Saturday, unless the staff were called in a hurry. Again, the OPM hack would explain the sudden movement of agents.
It’s possible that the Downing Street mixes two issues: MI6 moving its agents immediately after the OPM hack became public, and Snowden’s disclosures leading providers like Google and Yahoo to enable HTTPS, inhibiting GCHQ’s mass surveillance as a source of leads in criminal and terrorist activity.
British intelligence
This quote is attributed to a British intelligence source. The article opening refers to the “security services”, a term which typically refers to domestic spying unit MI5 but could more generally be construed to refer to other agencies.
- “We know Russia and China have access to Snowden’s material and will be going through it for years to come, searching for clues to identify potential targets. … Snowden has done incalculable damage. In some cases the agencies have been forced to intervene and lift their agents from operations to prevent them from being identified and killed.”
While Downing Street and the Home Office also claim UK spies have been identified and targeted, only the intelligence source makes the claim that they are at risk of being killed.
That the Home Office talks about Snowden having “blood on his hands”, or that he knows anything at all about the spy movement issue, suggests that he’s been briefed by this intelligence source. The Downing Street source has apparently also been briefed, but is much more level-headed in admitting that nobody has actually been harmed. Historically, Russia has not killed a US/UK spy since the cold war.
US intelligence source
- A US intelligence source said the damage done by Snowden was “far greater than what has been admitted”.
The US source has no comment on the spy movement issue, but only states that Snowden in general has been disastrous for them.
Oliver Robbins
Deputy national security adviser in the Cabinet Office who testified on behalf of the government at the David Miranda court hearing in February 2014.
- (The release of Miranda’s documents) “would do serious damage to UK national security, and ultimately put lives at risk”.
This quote is taken from the Miranda court hearing where Robbins claimed, without evidence that the compromise of the methods documented in the documents would lives at risk. Robbins was not required to justify his claim and the government won despite providing no evidence in the case. Under UK law, all classified information is inadmissable in court, which has been interpreted as allowing the government to make claims without having to provide proof.
While the article states that High Court ruled there was “compelling evidence” that publishing the Snowden documents would endanger lives, the government presented no such evidence.
Sir David Omand
Sir David Omand is cited by name, as the former director of GCHQ. As a former senior intelligence officer, his opinion is relevant to the article.
But none of the current information in the article comes from him. Omand was director of GCHQ only from 1996 to 1997. He has not been part of the Cabinet Office since 2005.
All of Omand’s answers appear to be responses to questions posed by the journalist, who no doubt settled for Omand when the current GCHQ head refused to comment as per the agency’s famous policy.
Omand’s answers suggest the journalist told him that China and Russia have specific access to the Snowden documents beyond what was published by the press. His opinion is that this would be a setback, and even nations who only know of GCHQ’s capabilities from the press are likely to launch similar programmes.
Unsourced
The following claims made by the article are unsupported by any source quoted in the article:
- That MI6 is the one pulling its agents.
- That the pulled agents are in hostile countries.
- That the security services are finding it harder to monitor terrorists and criminals via e-mail, phone, chatrooms and social media.
- That the Snowden documents could allow spies to be identified.
The first is plausible. China is thought to be behind the OPM hack, suggesting the foreign intelligence agency MI6, rather than the domestic MI5 or the mainly digital GCHQ.
Neither Russia nor China are considered especially hostile, and although published Snowden documents have revealed surveillance of states like Afghanistan, this is mainly signals intelligence rather than human intelligence.
GCHQ is definitely finding it harder to spy on terrorists and criminals since the Snowden leaks. Those targets use civilian systems like Facebook, Google and Yahoo which have switched to HTTPS to protect the privacy of their users, in vast majority law-abiding citizens. Since terrorists are rare and have good OPSEC, the main problem is that the NCA can no longer rely on GCHQ to trawl private Internet for tip-offs on organised crime, drug crime and so on.
Whether the Snowden documents leak spy information is unknowable. Most of the documents refer to signals intelligence sources operated by NSA and GCHQ, not human intelligence. Former spies have come out since the article was written to point out that the names of agents are never written down for what since the Snowden leaks are obvious security reasons.
Conclusion
The timing of the Sunday Times article strongly indicates that it was the public announcement of the OPM hack, and not the Snowden documents, which betrayed the activity of British spies. The UK spy agencies used this opportunity to smear Snowden, and the Sunday Times was heavily complicit in this.