US, EU and Poland Collaborate in Cyber-Spying

Across the globe, one name has received more attention than any other in the past month. Edward Snowden, an American intelligence analyst, leaked information to two of the most respected English language news outlets, showing the extent to which the US government monitored the internet and phone activity of its own and other citizens.

Specific, country by country details, emerged only slowly and piecemeal after the Guardian and the Washington Post published their first revelations. At the time of writing, the latest reports suggested that the US not only eavesdropped on private citizens, but on the computers of European Union institutions. The German magazine Der Spiegel reported on June 30 that Snowden’s documents clearly identified the EU as a ‘location target,’ and showed that intelligence officers in the US hacked into EU computers in Brussels and America.

In Poland, clear confirmation that the US, the EU and Poland work together and share ‘know-how’ in tackling cybercrime came during the same weekend. Just days earlier, 22 government offices, hospitals and other public institutions across the country were evacuated after emails warning of a string of bombs were received. No bombs were found, and a security operation was launched to catch the hoaxer.

On June 28, a 26-year-old man was arrested at Katowice airport, and charged with 36 offences in connection with the bomb threats, including sending the hoax alerts, endangering life and property, and risking public health. The suspect was a Pole, who had just flown in from the UK’s Birmingham airport, and security officers in Poland said that the hoax emails had originated from phone-based email accounts in Britain.

After the arrest, Police Superintendent Marek Działoszyński confirmed that co-operation between Polish special services and those from the EU and the USA had been vital in tracking down the arrested man.

Maciej Karczyński, s spokesman for the Polish Internal Security Services, was even more explicit. He said: “We worked with foreign services, exchanging information,” adding that the agencies involved had pooled their information resources relating to cybercrime.

Covert, international co-operation in tracking down a suspect in such a serious case is one thing. But the Polish, US and British governments have also engaged in much more wide-ranging and indiscriminate operations, trawling electronic communications, gathering information about private Internet users in Poland, and attempting to censor ‘critical’ information.

The United States
A request for information to Microsoft revealed that US security agencies had made requests to the company for details about the activity of at least 70 people in Poland in 2012, and received the names, addresses and Internet histories of at least 55.

The security agency requests related to some 110 accounts, and concerned information about Microsoft’s Hotmail, Outlook, SkyDrive, Xbox LIVE, Microsoft Account, Messenger and Office 365 services. The company did not reveal ‘content information’ – ie, pictures, email content, address book information or calendar data – but confirmed that ‘non-content information’ (names, addresses, Internet histories etc.) was handed over.

Poland
When the Polish Agency for Enterprise Development (Polska Agencja Rozwoju Przedsiębiorczości) discovered that Google search results threw up information critical of its activities, it approached the company asking that the data be removed.

The agency made the request in the second half of 2011, confirmed by a statement from Google that reads: “We received a request from the Polish Agency for Enterprise Development to remove a search result that criticised the agency as well as eight more that linked to it. We did not remove content in response to this request.”

Google also confirmed that ‘executive [government], police, etc’ agencies had made other requests in 2011 and 2012, for the removal of other content. These included a YouTube film, deemed by authorities to be ‘religiously offensive,’ and other information on the grounds of ‘national security,’ ‘privacy and security’ and defamation. During the two-year period, Google received requests from Polish officials to remove 70 items, but Google declined, saying the content did not violate ‘community guidelines of local laws.’

Immediately after Edward Snowden’s revelations, Poland’s Interior Minister, Bartłomiej Sienkiewicz, announced that new laws to govern the way that information is monitored, accessed, collected and stored were being considered by the Polish government. Mr Sienkiewicz also said the Snowden documents showed a ‘shocking picture of total surveillance.’

On July 2, Poland’s Foreign Minister, Radosław Sikorski, said in response to a question via Twitter: “… we will demand an explanation regarding the activity of the NSA against Poland and the European Union,” but while the Polish government has responded angrily to the content of Mr Snowden’s revelations, it has not shown any inclination to shelter Snowdon from US justice.

On the same day as Mr Sikorski made this statement, he rejected a formal application for asylum from the fugitive former intelligence operative. Also via Twitter, Mr Sikorski announced that the government had received a document which did not meet the formal requirements for an application for asylum. Mr Sikorski added that, even if the paperwork had been in order, he would not recommend that Mr Snowden be granted asylum in Poland because ‘Poland and the United States are allies’.