Government Communications Headquarters

The Government Communications Headquarters (GCHQ) is responsible for the collection of signals intelligence for the UK government and armed forces.

Its legal basis is in the Intelligence Services Act 1994 making its functions exercisable "in the interests of national security [...], the economic well-being of the United Kingdom [and] in support of the prevention or detection of serious crime".

Revelations in the Guardian have shown the extent of GCHQ surveillance now including up to 30% of Internet traffic flowing to and from the UK.



The Guardian states:

  • GCHQ is pouring money into efforts to gather personal information from mobile phones and apps, and has said it wants to be able to "exploit any phone, anywhere, any time".
  • Some GCHQ staff working on one sensitive programme expressed concern about "the morality and ethics of their operational work, particularly given the level of deception involved".
  • The amount of personal data available to GCHQ from internet and mobile traffic has increased by 7,000% in the past five years – but 60% of all Britain's refined intelligence still appears to come from the NSA.
  • GCHQ blames China and Russia for the vast majority of cyber-attacks against the UK and is now working with the NSA to provide the British and US militaries with a cyberwarfare capability.[2]

Operation Socialist

GCHQ targeted Belgacom under Operation Socialist; customers include the European Commission, the European Council and the European Parliament.[3]


Edgehill is the UK's effort to weaken encryption and security products to allow 'backdoor' access.


According to the Washington Post:

For the MUSCULAR project, the GCHQ directs all intake into a “buffer” that can hold three to five days of traffic before recycling storage space. From the buffer, custom-built NSA tools unpack and decode the special data formats that the two companies use inside their clouds. Then the data is sent through a series of filters to “select” information the NSA wants and “defeat” what it does not.[4]

This is the cover name for a WINDSTOP operation to intercept data traffic from the private links connecting Yahoo and Google servers, among others. The access point is known as DS‐200B, which is outside the United States. It relies on an unnamed telecommunications provider to offer secret access to a cable or switch through which the Google and Yahoo traffic passes. [5]

The Guardian clarifies that they

understand from other documents provided by Snowden that the term instead refers to the system that enables the initial processing of information gathered from NSA or GCHQ cable taps[6]

Mobile phone access

GCHQ aims to "exploit any phone, anywhere, any time". [2]

National Cyber Security Centre

The National Cyber Security Centre is part of GCHQ.

External funding

The US's NSA paid over £100m over three years to GCHQ to support its activities, particularly Internet surveillance.[2]