Tempora

Background / Context

The institutional context within which Tempora emerged was the substantive post-2000 GCHQ recognition that the substantive substantially-shifted global internet-traffic-routing patterns substantively positioned the substantive UK telecommunications infrastructure as the substantive principal European hub for transatlantic and adjacent internet traffic. The substantive subsequent institutional development of GCHQ's substantive Mastering the Internet (MTI) institutional programme — substantively initiated in approximately 2007 as the substantive £1 billion institutional investment in substantive bulk-internet-collection capability — and the substantive substantively-paired Global Telecoms Exploitation (GTE) institutional programme substantively produced the institutional foundation from which the substantive Tempora programme substantively emerged.

The substantive UK statutory framework within which Tempora substantively operated was substantively the Regulation of Investigatory Powers Act of 2000 (RIPA). The substantive RIPA institutional substance — substantively as substantively interpreted by GCHQ and the substantive Foreign Secretary's substantively-issued certificates under Section 8(4) of the Act — substantively authorised the substantive bulk interception of external communications (substantively defined as communications with substantive at-least-one party located outside the United Kingdom) without the substantive individual-warrant institutional requirement that substantive Section 8(1) RIPA collection substantively required. The substantive operational consequence was that the substantive Tempora institutional programme substantively operated under the substantively-blanket Section 8(4) certificate framework rather than under the substantive individual-warrant framework.

The substantively contested substantive institutional question across the substantive Tempora institutional period was the substantive substantively-disputed substantive interpretation of "external communications" under the substantive RIPA framework. The substantive GCHQ institutional position was that the substantive bulk-internet-traffic substantively transiting UK-territory infrastructure substantively constituted "external communications" under the substantive Section 8(4) framework even where the substantive substantively-targeted communications substantively involved substantively two UK-domestic parties, on the substantive institutional ground that the substantive routing-pattern of internet traffic substantively could not be substantively-individually-determined at the substantive moment of substantive interception. The substantive subsequent institutional Investigatory Powers Tribunal judgments and the substantive European Court of Human Rights judgments substantively contested this substantive institutional interpretation.

The Operation

The substantive operational architecture of Tempora has been substantively documented through the substantive Snowden-document disclosures, the substantive subsequent UK Investigatory Powers Tribunal proceedings, the substantive Intelligence and Security Committee of Parliament reports, and the substantive subsequent academic-and-policy literature.

The cable-landing-station institutional pattern

The substantive operational pattern is the substantive institutional cooperation between GCHQ and substantively-major UK telecommunications carriers to substantively access the substantive transatlantic and adjacent submarine fibre-optic cables that substantively land at substantive UK shore-stations. The substantively-documented landing-station institutional pattern substantially comprises:

• Bude (Cornwall) — the substantive principal UK-territory transatlantic cable-landing-station, substantively operating the substantively-major substantive transatlantic cables including TAT-14, FA-1 South, and adjacent cables. The substantive GCHQ institutional facility at Bude substantively performs the substantive principal Tempora collection role.

• Goonhilly (Cornwall) — the substantively-secondary UK-territory cable-landing-station, substantively operating substantive subsidiary transatlantic cables.

• Pottsmouth area — substantive UK-territory landing-station infrastructure for substantive Asia-Europe and adjacent submarine cables.

• Adjacent UK-territory landing-stations — substantive supporting infrastructure across the substantive UK coast.

The substantively-documented carrier-cooperation institutional pattern substantially comprises seven principal partner-codename institutional arrangements — substantively REMEDY (British Telecom), GERONTIC (Vodafone Cable, substantively-acquired post-2012 by Vodafone), DACRON (Verizon Business), PINNAGE (Global Crossing, substantively-acquired post-2011 by Level 3), LITTLE (Level 3), VITREOUS (Viatel), and STREETCAR (Interoute). The substantive operational substance of these institutional arrangements is that the substantive partners substantively provided GCHQ with the substantive technical capability to substantively access the substantive passing-through internet-and-telephone-traffic at the substantive cable-landing-station infrastructure and at the substantive subsequent backbone-routing institutional infrastructure.

Buffer capacity and operational throughput

The substantively documented Tempora operational throughput across the substantive 2010–13 period was substantially substantial. The substantive institutional buffer capacity — the substantive operational capability to substantively retain the substantive passing-through traffic for subsequent operational analysis — was substantively approximately 600 megabits per second of substantive content-bandwidth retention (substantively buffered for substantively approximately 3 days) plus substantive metadata-retention for substantively approximately 30 days. The substantive operational consequence was that the substantive substantively-larger portion of internet-traffic transiting UK-territory infrastructure substantively was not substantively retained — the substantive Tempora institutional architecture substantively required the substantive operational filtering of the substantive passing-through traffic for substantive substantively-targeted communications, with only the substantive substantively-matched communications substantively retained.

The substantive operational filtering institutional pattern substantially involved approximately 40,000 substantively-defined "selectors" — substantive specific email addresses, telephone numbers, communications-identifiers, and substantive content-pattern signatures that the substantive operational filtering substantively matched against. The substantive substantively-matched communications were substantively forwarded to the substantive substantively-paired XKEYSCORE institutional search-and-analysis platform (substantively documented in the substantive technology-section entry on XKEYSCORE) for substantive subsequent operational analysis.

The Five Eyes institutional integration

The substantive operational substance of Tempora is that the substantive collected institutional product was substantively shared with the substantive Five Eyes partner services under the substantive UKUSA institutional framework. The substantive consequence is that the substantive NSA, the CSE, the ASD, and the GCSB substantively had institutional access to substantive Tempora-collected material — substantive substantively-augmenting the substantive NSA's substantive PRISM and Upstream institutional collection with substantive substantively-additional traffic that substantively transited UK-territory infrastructure. The substantive substantively-paired institutional pattern of GCHQ-Tempora-collection-shared-with-NSA and NSA-PRISM-and-Upstream-collection-shared-with-GCHQ was substantively the substantive operational core of the substantive post-2008 Five Eyes institutional collaboration.

Disclosure / Aftermath

The substantive institutional disclosure of Tempora proceeded across the substantive June 2013 Guardian reporting and the substantive subsequent institutional record.

The substantive 21 June 2013 Guardian report by Ewen MacAskill, Julian Borger, Nick Hopkins, Nick Davies, and James Ball — substantively published as GCHQ taps fibre-optic cables for secret access to world's communications — substantively disclosed the substantive Tempora programme's substantive operational architecture. The substantive disclosure substantively documented the substantive substantively-major institutional facts of the programme: the substantive approximately 600 megabits-per-second institutional buffer capacity, the substantive approximately 40,000 substantively-defined selectors, the substantive 200-cable substantively-paired tap institutional pattern, and the substantive substantively-blanket Section 8(4) RIPA certificate framework under which the programme substantively operated. The substantive disclosure substantively was the substantive principal institutional disclosure of UK SIGINT operational architecture in the post-2013 published institutional record.

The substantive UK government's institutional response across the post-2013 period was substantively the substantial pattern of neither-confirm-nor-deny on the substantive substantively-specific operational details combined with substantive institutional defence of the substantive RIPA institutional framework as the substantive lawful authority for the substantive operational pattern. The substantive Foreign Secretary, the substantive Director of GCHQ, and the substantive Intelligence and Security Committee of Parliament substantively defended the substantive programme as the substantively-essential institutional capability for substantive UK national-security purposes.

The Investigatory Powers Tribunal proceedings

The substantive UK Investigatory Powers Tribunal — the substantive substantively-specialised tribunal that substantively adjudicates substantive complaints against UK intelligence services — substantively conducted multiple substantive proceedings on the substantive Tempora institutional pattern across the substantive post-2013 period. The substantive principal proceedings included: the substantive Liberty v. GCHQ proceedings (substantively the substantive 2014–16 period), the substantive Privacy International v. GCHQ proceedings, and adjacent substantive institutional proceedings. The substantive judgments substantively held that the substantive Tempora institutional pattern was substantively substantively-lawful under the substantive RIPA framework as it substantively existed prior to the substantive subsequent disclosure but that the substantive substantively-prior institutional secrecy of the substantive intelligence-sharing arrangements with the United States had substantively rendered substantive aspects of the substantive prior institutional pattern substantively-unlawful under the substantive European Convention on Human Rights.

The European Court of Human Rights judgments

The substantive European Court of Human Rights' substantive judgments in Big Brother Watch and Others v. United Kingdom (substantively the substantive 13 September 2018 Chamber judgment and the substantive 25 May 2021 Grand Chamber judgment) substantively held that substantive aspects of the substantive UK bulk-interception institutional regime — substantively the substantive Tempora institutional pattern as it substantively operated under the substantive RIPA framework — substantively did not satisfy the substantive Article 8 (Right to Respect for Private and Family Life) and substantive Article 10 (Freedom of Expression) substantive standards of the substantive European Convention. The substantive principal judgment-finding substantive deficiencies were the substantive insufficient substantive end-to-end safeguards in the substantive operational selection-of-bearers, the substantive insufficient safeguards on substantive examination of substantively-related communications, and the substantive insufficient safeguards on substantive intelligence-sharing with foreign services.

The Investigatory Powers Act 2016

The substantive UK statutory response to the substantive post-Tempora institutional environment was substantively the Investigatory Powers Act 2016 — substantively passed in November 2016 as the substantive institutional successor to the substantive RIPA framework. The substantive IPA institutional substance was substantively to substantively codify the substantive previously-existing substantive bulk-collection institutional pattern within the substantive substantively-more-elaborate institutional oversight framework, substantively including substantive judicial-commissioner institutional review of substantive bulk-collection warrants, substantive enhanced substantive notification-and-consultation institutional procedures, and substantive substantively-explicit substantive statutory authorisation for substantive operational categories that the substantive RIPA framework had substantively-implicitly authorised. The substantive operational pattern of UK bulk-collection across the substantive post-2016 period substantively continues under the substantive IPA institutional framework.

Legacy / Implications

The institutional consequences of Tempora across the post-2013 period have been substantial.

The substantive substantively-operational consequence has been the substantive substantively-continuing UK institutional bulk-collection institutional pattern — substantively under the substantive Investigatory Powers Act framework rather than the substantive RIPA framework, but substantively the substantive operational substance is substantively continuous with the substantive Tempora institutional pattern. The substantive substantively-institutional pattern of UK bulk-collection at the substantive UK-territory cable-landing-station infrastructure remains substantively the substantive operational core of UK SIGINT collection.

The substantive substantively-political consequence has been the substantive substantively-significant institutional reform of the substantive UK intelligence-services institutional oversight framework. The substantive substantively-elaborated substantive judicial-commissioner institutional pattern, the substantive substantively-enhanced substantive Intelligence and Security Committee of Parliament institutional position, and the substantive substantively-developed substantive academic-and-policy commentary on UK SIGINT governance have substantively been the substantive substantive institutional products of the substantive post-Tempora institutional reform process.

The substantive substantively-international consequence has been the substantive substantively-significant European institutional engagement with UK SIGINT institutional practice — substantively through the substantive European Court of Human Rights judgments, the substantive substantively-related European Court of Justice judgments on EU-UK data-sharing arrangements, and the substantive substantively-developed institutional question of how the substantive post-Brexit UK institutional position substantively interacts with the substantive European institutional data-protection framework.

Related agencies

• Government Communications Headquarters — the principal institutional operator of Tempora
• National Security Agency — the substantive substantively-paired Five Eyes institutional partner that substantively shares substantive Tempora-collected material under the substantive UKUSA framework

Sources & Further Reading

1. Ewen MacAskill, Julian Borger, Nick Hopkins, Nick Davies, and James Ball, GCHQ taps fibre-optic cables for secret access to world's communications, The Guardian, 21 June 2013 — the principal initial Tempora disclosure.
2. Big Brother Watch and Others v. United Kingdom, European Court of Human Rights, applications 58170/13, 62322/14, and 24960/15, judgments of 13 September 2018 (Chamber) and 25 May 2021 (Grand Chamber) — the principal European judicial response.
3. Liberty (The National Council for Civil Liberties) v. The Government Communications Headquarters and Others, UK Investigatory Powers Tribunal, IPT/13/77/H, judgment of 5 December 2014 — the principal UK judicial proceeding on Tempora.
4. Investigatory Powers Act 2016 (UK Public General Acts) — the substantive successor statutory framework.
5. Anderson Review, A Question of Trust: Report of the Investigatory Powers Review, June 2015 — the principal pre-2016-Act institutional review by the Independent Reviewer of Terrorism Legislation David Anderson.
6. Intelligence and Security Committee of Parliament, Privacy and Security: A modern and transparent legal framework, March 2015 — the principal post-Snowden ISC institutional review.
7. Glenn Greenwald, No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State, Metropolitan Books, 2014 — substantial chapters on the GCHQ Tempora institutional pattern.
8. Luke Harding, The Snowden Files: The Inside Story of the World's Most Wanted Man, Vintage, 2014 — Guardian-perspective book-length reconstruction including substantial Tempora content.
9. Ian Cobain, The History Thieves: Secrets, Lies and the Shaping of a Modern Nation, Portobello Books, 2016 — substantial post-2013 reconstruction of UK SIGINT institutional history.
10. Susan Landau, Listening In: Cybersecurity in an Insecure Age, Yale University Press, 2017 — substantial chapters on the Tempora-PRISM-Upstream institutional integration.