- An investigative committee of the European Parliament has concluded that the US National Security Agency, along with the intelligence services of four other countries - including New Zealand - operate a global electronic surveillance network code-named Echelon, but that the system is far less capable than previously reported.
A draft report by the EU's Temporary Committee on the Echelon Interception System concludes that while the existence of the system "is no longer in doubt," analysis shows that it "cannot be nearly as extensive as some sections of the media have assumed." Still, the committee urged EU member states, businesses and private citizens to use encryption software whenever possible.
The report, which is scheduled to be presented to the full parliament on September 4, is the latest in a series of reports spanning four years that have looked into claims of industrial espionage and civil liberties violations stemming from the Echelon system. Run by the US, Great Britain, Australia, Canada and New Zealand, Echelon is believed to be capable of capturing the vast majority of telephone, fax, email and radio communications around the globe for the purposes of being analysed by the intelligence services of the nations that run it. To date, officials in the US have publicly disavowed any knowledge of the Echelon system.
However, in a significant reversal of the hyperbole that has surrounded much of the debate about Echelon, the EU report concludes that "the majority of communications cannot be intercepted by earth stations, but only by tapping cables and intercepting radio signals." The report goes on to state that the five countries responsible for the Echelon system "have access to only a very limited proportion of cable and radio communications, and Échelon can analyse only a limited proportion of those communications."
Regardless of the limitations of the Echelon system, the EU committee has urged the parliament to encourage future development and greater use of open-source encryption technology by businesses and citizens in Europe. "Emails can and should be encrypted by everyone," the report states. "An unencrypted email message is like a letter without an envelope."
The report also asks the EU Parliament to urge businesses to bolster their security and cooperate more closely with the intelligence and security services in Europe to uncover cases of industrial espionage. "The entire working environment must be protected, thereby guaranteeing the security of a firm's premises, and checks must be carried out on persons entering offices and accessing computers," the report states.
"If security is to be taken seriously, only those operating systems should be used whose source code has been published and checked, since only then can it be determined with certainty what happens to the data."
The report comes after several members of the EU's Echelon Committee arrived in Washington on May 10 to conduct a fact-finding mission, only to be turned away by US officials. Sources in Washington and Europe, however, say the committee members, including committee chairman Carlos Coelho of Portugal and David Lowe, head of the secretariat for the committee, arrived without an official invitation or scheduled meetings.
"They received no invitation at all," says an expert in Europe who has testified on the Echelon system before the EU Parliament. "If you are not invited at the official level, you should not be surprised if nobody is willing to receive you."
"That's the official [Bush] administration's view of what happened," says Lowe. "But that's sort of splitting hairs," he says, adding that US officials pulled the plug on planned meetings only days before the committee members were scheduled to arrive.
"We did not wish to produce a report that contained a number of serious allegations, unless they had an opportunity to comment," says Lowe. "This was understood when I was in Washington in March," he says. "We're rather disappointed that an opportunity was lost. As it stands now, the allegations [in the report] remain open."