In 1837 Giuseppe Mazzini, an activist fighting for Italian unification, fled to London on release from prison in Paris. Mazzini thought he’d be safe away from Europe’s mainland, but shortly after the young Italian arrived in London, the Foreign Office began spying on his correspondence, opening Mazzini’s private letters and passing their contents to the Austrian and Neapolitan governments. When news of the FCO’s espionage became public, Mazzini received an outpouring of support from British liberals, who were outraged that the government could make such overt intrusions into somebody’s private life.
Since Mazzini’s time, surveillance – both digital and political – has become ubiquitous. Public indignation around the state’s incursion into private life has been a crucial part of the history of GCHQ, the government department founded in 1919 as a permanent signals intelligence agency to protect national security. A new exhibition at the Science Museum in London marks the agency’s centenary, displaying notes and never seen before code-breaking machines.
“As long as the Internet and telecommunications have existed, GCHQ has existed as well,” says Tim Stevens, a professor at King’s College London in the war studies department.
“It’s had to reorganise and readjust quite quickly to different political situations, and it’s been able to do so.” The nature of espionage has changed dramatically since the Foreign Office spied on Mazzini’s communications in the 19th century; part of what made GCHQ’s work possible was the relative advances the agency made in technology during the first half of the 20th century.
The agency was once at the forefront of cybersecurity and information technology. In 1943 it piloted the Colossus machine – a hulking control panel widely considered the world’s first programmable electronic computer – to help codebreakers at Bletchley Park. GCHQ is still the home of the government’s technical expertise around cyber security and encryption; the creation of the National Centre for Cyber Security, an offshoot of GCHQ that opened in 2016, has given the agency a more focussed reach, and the government has also announced plans to draw up a new national cybersecurity plan by 2021.
But the growth of the internet, accelerations in computing power and increasingly sophisticated hackers have transformed the agency’s responsibilities since it was founded. Today, the average laptop or pocket-sized smartphone vastly outstrip the computing power of a machine like Colossus.
“GCHQ is leading on most of the technical issues which will affect our society over the next decade,” says Richard Aldrich, a professor at the University of Warwick and author of GCHQ: The Uncensored Story of Britain’s Most Secret Intelligence Agency. Yet security and espionage are in some ways antithetical; improving cybersecurity means ensuring computers and phones are impenetrable, whereas gathering intelligence and undertaking covert action requires “some level of permeability”, Aldrich says.
In the past 30 years, technology companies in Silicon Valley and elsewhere have grown to dominate computing. Private companies are beholden to shareholders and consumers rather than government surveillance; the 2016 standoff between the US Federal Bureau of Investigations and Apple, when the company refused to comply with a request to gain access to the phone of a shooter in San Bernardino, showed how these interests can rub up against the state.
The contemporary security environment confronts GCHQ with unprecedented difficulties. Toothbrushes, toasters and kettles can now be connected to the internet of things. Government-sponsored hacking groups threaten fair elections, and future questions hinge on what to do with the sheer amount of data that we’re now able to collect; IBM recently found that humans collected more data in 2018 than in all of human history.
“It used to be that you knew who the enemy was, but now, it could be criminal networks, extremism overseas, domestic terrorism – and the sophistication of the technology that people are using has increased as well,” says Daniel Lomas, who leads a course on intelligence and security studies at the University of Salford.
At the same time, GCHQ is dealing with a more informed and cautious public. The Edward Snowden leaks in 2013, which revealed numerous surveillance programmes run by the NSA and the Five Eyes Intelligence Alliance, with cooperation from telecoms companies and European governments, prompted a far-reaching public discussion about privacy.
GCHQ began a charm offensive after the leaks, releasing puzzle books with a foreword from the Duke of Cambridge and partnering with universities in an attempt to recruit young people into STEM subjects. John Ferris, a professor at the University of Calgary and an authorised GCHQ historian, says the agency is “not what it used to be – it has reinvented itself. It now is far more open than before, because it thinks that this is necessary to its job.”
Though GCHQ has been forced to become more accountable, there are still significant grey areas, such as the agency’s recent proposals to eavesdrop on encrypted conversations, which were widely condemned by a coalition of civil society groups. The Science Museum exhibition documents scandals and revelations that have dogged GCHQ in the past, such as the plans for a spy satellite that were revealed by investigative journalist Duncan Campbell in the New Statesman in 1987 (a copy of the original magazine is on display).
“Government is not the complete solution”, says Aldrich. “You can only really deal with cyber security if you partner with civil society, non-governmental organisations and corporations.” Where the agency was once at the cutting edge of computing technology, it now increasingly works with a range of companies that have niche technology expertise.
The public has demanded more accountability in recent years, but for GCHQ, espionage is still a secretive business. “There may be a public facing element, but the question remains about how much can be public, and how much will have to remain private”, Stevens says.