What is Five-Eyes Surveillance and Why You Should Be Worried?If you're concerned about online privacy, you've probably heard about Five-Eyes Surveillance but what is it and why it is important to you.
Five Eyes Surveillance is a nickname for the United Kingdom - United States of America Agreement (UKUSA), the top-secret, post-war arrangement for sharing intelligence between the United States and the UK.
The UKUSA was signed by representatives of the London Signals Intelligence Board and its American counterpart in March 1946. The UKUSA Agreement is not parallel in the Western intelligence world and formed the basis for cooperation between the two countries throughout the Cold War.
Despite the official name, the UKUSA agreement consists of five countries, which are the United States, Canada, the United Kingdom, New Zealand, and Australia. These countries' intelligence services, hence the term Five Eyes, collaborate under this agreement.
The Five Eyes surveillance agreement, in its pursuit of combating terrorism since 2001, has significantly expanded surveillance activities, particularly on the World Wide Web. This global Reach has led to numerous privacy scandals, such as PRISM, XKeyscore, and Tempora, which should raise concerns about the extent of online surveillance.
The documents that were revealed by Edward Snowden, a former NSA contractor, in 2013 showed that these Five Eyes have been involved in spying on one another's citizens and sharing the gathered details to evade restrictive domestic regulations on the citizen's surveillance.
Under the UKUSA agreement, the Five Eyes alliance now wields a range of scary powers. The agreement stipulates that each country can practice interception, collection, analysis, acquisition, and decryption within their territory, with all intelligence information shared by default. This level of surveillance poses a potential threat to personal freedom and should prompt individuals to take steps to safeguard their privacy and security.
The scope of the agreement means that they can force any communications service provider, including ISPs, social media platforms, email providers, phone networks and more, to:
- Insert malware on its users' devices.
- Ignore existing laws in pursuit of Five Eyes directives.
- Interfere with people's user experience.
- Provide governments with new product designs in advance.
- Provide user information as requested in secret warrants.
What Is Nine Eyes Surveillance?
Nine Eyes is another intelligence-sharing agreement. It's grown out of the original Five Eyes alliance. It includes all the Five Eyes members: Denmark, France, the Netherlands, and Norway.
What Is 14 Eyes Surveillance?
The 14 Eyes agreement, an extension of the original Five Eyes alliance, adds five more countries to the list: Germany, Belgium, Italy, Spain, and Sweden. This expansion further strengthens the intelligence-sharing network and its surveillance capabilities.
Interestingly, France and Germany were close to becoming full Five Eyes members in 2009 and 2013, respectively. The two agreements both fell through for various reasons.
It's important to mention Israel and Singapore. Israel reportedly enjoys observer status with the main Five Eyes group, which means it has some level of involvement and access to the intelligence shared within the group. At the same time, Singapore has partnered with the group but is not an official member.
Why Does Five Eyes Surveillance Matter?
Given the sweeping powers granted by these agreements, what impact does it have on you?
It's all a question of jurisdiction. When talking about a VPN provider's jurisdiction, there are three things to consider:
- Local laws: Some countries outright ban VPN usage.
- Company location: The state in which the VPN provider is registered and has its physical offices.
- Server location: VPN providers typically offer servers in many different countries.
From a surveillance perspective, the two things you need to worry about are the company location and the company servers.
A VPN provider with either a physical address or servers in the countries listed could be compelled to hand over any information it has, including connection logs and browser traffic. The country might even monitor a VPN server's inbound and outbound traffic. Worse still, the government can forbid the provider from even notifying the affected customers; you lose the chance to respond to the invasion of privacy.
Due to the very nature of the agreements, once your information has been acquired by one country, it's in the system and will be shared with the other countries.
If security is your main priority, you should avoid using a VPN within one of the Five, Nine, or 14 Eyes countries. The reason is that these countries have extensive surveillance capabilities and can potentially access your VPN data, compromising your privacy and security.
If you need to use a VPN provider from one of the Five, Nine, or 14 Eyes member countries (for example, due to a unique feature), select one that explicitly does not keep logs. However, not even that can adequately protect you.
