Sudesh Amman, arrested and jailed for preparing acts of terrorism in May 2018 and under the then Terror Legislation was automatically released on license after having served half of his sentence. Ten days later, at the beginning of February 2020, attacked two people on Streatham High Street before being shot dead by a police undercover surveillance team who had been tailing him. That legislation was changed today with the introduction of the Terrorist Offenders (Restriction of Early Release) Bill.
This was the third attack in so many months after an attack at Fishmongers’ Hall on London Bridge in December by Usman Khan. He had been released half-way through a 16-year sentence for terror offences. Then in January there was attack on prison officers at Whitemoor Prison in which at least one prisoner found guilty of a terrorist offence is understood to have been involved
Another terror attack on the streets of our capital city but this one has raised so many additional questions. Why, if Amman was so dangerous, was he released from prison? With this being the second In London attack from a newly released terror convict, in 3 months, how many more are due for release? Can the police and security services cope? What else can be done to protect the general public? Is the Terrorist Offenders (Restriction of Early Release) Bill the answer?
The numbers are horrific, 20,000 people have over the years come to feature on a terror database, 3000 are current persons of interest and there are over 800 active investigations going on today. In addition, as at February 2020 there are 224 convicted terrorists in jail in Great Britain and six are due for early release by March and up to another 50 at some stage in 2020.
As at the end of February, with the change in legislation those 50 must now serve at least two thirds of their prison term before being considered for release. The one individual who was due for release in the coming days, Mohammed Zahir Khan who was jailed in 2018 for four years for encouraging terrorism, stirring up religious hatred and disseminating a terror publication must serve another year.
Before Kahn and any of the other 50 prisoners impacted this year by the change in the Terrorist Offenders (Restriction of Early Release) Bill can be released, they will also need to pass a review by a panel of specialist judges and psychiatrists at the Parole Board. However, if these individuals pass, they will be released and if they don’t, at the end of their sentences they will be released.
It takes over 30 highly trained specialist surveillance officers to monitor one person and the head of UK counter-terror policing Neil Basu warned the threat from terrorism was not diminishing and that the number of subjects of interest and convicted terrorists due for release meant “we cannot watch all of them, all the time,” he said. So, priorities have to be made and resources allocated appropriately.
There is a perception from films and TV series that the police and Security Services can sit in a big control room and track people remotely using the over 600,000 CCTV cameras in London alone, one for every 14 people, using facial recognition capabilities, seamlessly tracking suspects and keeping surveillance operators informed. Unfortunately, that capability isn’t available outside the TV or film set, and surveillance remains a manpower intensive job.
The Counter Terrorism and Border Security Act 2019 amongst many other measures was launched to ensure sentencing for certain terrorism offences can properly reflect the severity of the crimes, as well as preventing re-offending and disrupting terrorist activity more rapidly.
This new legislation builds on what had already been introduced for the most dangerous terrorists with a minimum sentence of 14 years but seems to be just pushing the real problem into the future with a little more oversight. There is nothing obvious from additional deradicalization measures or even a realisation that potentially some convicted terrorists may never be deradicalized. It has and will continue to generate debate and it is unlikely to be long before human rights groups challenge this new legislation.
One thing is clear, the debate will continue, as Lord Carlile, a former reviewer of terror legislation from 2001 to 2011 suggested the plans might have gone too far and warned of a risk of legal challenge to their retrospective nature.
The clamour to find better ways of identifying potential terrorists, deradicalizing those already in the system if that is possible and monitoring those that remain a threat whilst in prison and when eventually released, will continue to increase. Maybe it is also time to recognise that current criminal law is not applicable for some terrorists who can never be deradicalized? However, that would have huge human rights implications in a free and democratic society built on the rule of law.
Why have global leaders from the 5 eyes countries started to blame Iran for shooting down Ukrainian airline flight PS752, a Boeing 737-800 from Tehran on Thursday? How would they know not having access to the on the ground investigation? Philip Ingram MBE a former Colonel in British Military Intelligence explains the science behind the intelligence, MASINT.
Talking about the crash, Justin Trudeau, the Canadian Prime Minister, said in a news conference in Ottawa in Canada on Thursday “We have intelligence from multiple sources, including our allies and our own intelligence. The evidence indicates the plane was shot down by an Iranian surface-to-air missile.”
Before that, CBS News in the US said, “U.S. intelligence picked up signals of a radar being turned on, sources told CBS News.”
The UK’s Daily Mail said, “US intelligence says the Boeing 737 was tracked by satellite data which showed the plane airborne for two minutes before detecting the heat signatures of two surface-to-air missiles.
That was quickly followed by an explosion, officials say, before infrared emissions from the plane showed it burning as it crashed to the ground.”
US President Donald Trump said, ‘It was flying in a pretty rough neighbourhood. Somebody could have made a mistake,’ and went on to tell reporters at the White House on Thursday. ‘I have a feeling that something very terrible happened, very devastating.’
The official Iranian line remains the aircraft suffered mechanical failure, so what is the truth and how can we believe reports from unnamed ‘intelligence sources’ that to the nay-sayers will smack of what the Russians love to call – маскировка (maskirovka) or masking. This is “Fake News” in Donald Trump’s vocabulary, at a time when accurately apportioning blame is critical in the international powerplay and need to de-escalate an unfolding crisis.
It was fascinating that CBS first quoted the unnamed intelligence source describing what had been seen from satellites, most of the intelligence derived from satellites is classified at a level of above TOP SECRET simply because the US doesn’t want the world to know what it sees.
The quotes in the press allow me to introduce the little-known world of what is called MASINT, or Measurement and Signature Intelligence, again a discipline where little is released because of the sensitivities of capabilities. However, the science around what has been mentioned is relatively straight forward and it is that science that gives a degree of certainty as to what has happened.
According to US intelligence publications, “Measurement and Signature Intelligence (MASINT) is technically derived intelligence (excluding traditional imagery (IMINT) and signal intelligence (SIGINT) which when collected, processed, and analysed, results in intelligence that detects, tracks, identifies, or describes the signatures (distinctive characteristics) of fixed or dynamic target sources. MASINT includes the advanced processing and exploitation of data derived from IMINT and SIGINT collection sources. MASINT sensors include, but are not limited to, radar, optical, infrared, acoustic, nuclear, radiation detection, spetroradiometric, and seismic systems as well as gas, liquid, and solid material sampling systems.”
From the reporting we have 2 signatures that have been analysed. The first is the “signals of a radar being turned on.” There is no one radar signature that does everything for everyone, different radars are designed to carry out different task, for example a long-range air traffic control radar will use a particular frequency to look out long distances, will rotate relatively slowly looking for objects a long way away and all around it. Radar uses a radio wave frequency and then analyses how that bounces off a particular object as it moves, using what is called the doppler shift, to work out how that object is moving and where it is relative to the Radar.
There are 3 signatures that are examined with Radars to identify their purpose and unique signature, every type of radar has a unique fingerprint of signals. These are the frequency of the signal it transmits and the way that transmission is coded, what is called the PRF, or pulse repetition frequency, and the rotation (including speed of rotation, if any) of the radar transmitter, some Radars are fixed and some, like those you see at airports, rotate. Putting all 3 together you can easily classify a radar as “Air Defence, fire control associated with TOR M-1 (SA15),” and rule in or out what the radar is usually used for, i.e. If it is a search radar or a fire control radar.
The second signature is more interesting. The quote that, “satellite data which showed the plane airborne for two minutes before detecting the heat signatures of two surface-to-air missiles. That was quickly followed by an explosion, officials say, before infrared emissions from the plane showed it burning as it crashed to the ground.” This tells us a lot.
It mentions heat signatures and infra-red signatures, simplifying the science behind these terms they are effectively the same but hide the detail within those phrases. It is widely reported in scientific journals how astronomers can tell the make-up of a star or the atmosphere around a planet by looking at the different light signatures received by the Hubble, other space or ground based optical or wide spectrum telescopes. That is looking billions of miles into space and examining the minutest electro magnetic signatures received. Infra-Red, is merely an electromagnetic signature.
When you burn coal on a home fire it gives off a different heat signature to burning wood or when the fire brigade is using their thermal cameras, through temperature differentials they can see the seat of a fire and in some cases if there are accelerants feeding it.
It is the same with a missile launch, compared to a rocket launch, compared with an explosion. The spectrum of visible and infra-red radiation detected is different for a solid rocket motor, liquid propelled rocket or an explosive substance going off and these are vastly different to a fuel or oil fire in an engine. For the geeks amongst you the energy released with the breaking of molecular bonds in the fuel or explosive compounds is different depending on the way the molecule breaks down and the excitement of different elections in atoms as they move between different valence levels. Apologies, my degree was in Applied Science from the Royal Military College of Science, and apologies to my old professors for the inaccuracy caused by oversimplification.
If scientists can use these techniques to work out what is happening billions of miles away, it is reasonable to believe that satellites a few hundred miles into space can detect the same and the intelligence analysts make the same conclusions that scientists can. In addition, a rocket, propelling a warhead to a target will ‘burn’, give an Infra-Red signature for a lot longer than an explosive incident that lasts a fraction of a second and then burning debris will have yet another different Infra-Red signature. Again, this is all part of MASINT. The Lockheed Martin Space Based Infra-Red Surveillance programme (SBIRS) provides the US with such a capability.
Putting all of this together is not a rapid task when it comes to properly identifying a system, putting it together in a way you can release information outside the classifications used with the systems deployed is a challenge. The science is in the public domain, the claims are in the public domain, putting both together is a naturally logical process and this is how I can be confident that the claims made by Justin Trudeau, reinforced by Boris Johnson, initially reported by CBS and now others, are probably true.
This can easily be reinforced by the suspicions raised when the pilots didn’t transmit a MAYDAY, they were probably incapacitated or killed in the missile explosion, the aircraft was new and had been inspected 2 days beforehand reducing the probability of mechanical failure, the crew were experienced and the Iranians have cleared the crash site before international inspectors could get there. Additional intelligence from SIGINT transmission around the time of the incident will probably tell more if, as is likely, Western intelligence can and has intercepted them. I am more certain than not by a large degree that this was a shoot down and almost certainly accidental. The only positive is that it could cause Iran to rethink the need a spectacular event as a revenge for the killing of Soleimani, at the very least in the short term.
Philip Ingram MBE is a former Colonel in British Military Intelligence and has studied the science behind many different systems at The Royal Military College of Science bot at degree and masters level. He remains available for comment.
The West’s relationship with General Soleimani and the Iranian Quds force has been chequered and been going on for many years. There is no doubt he and his organisation, has been responsible for the death and injury of hundreds of British, American and other allied military personnel and civilians over the years.
The excellent BBC documentary released last year, Shadow Commander: Iran’s Military Mastermind, quotes General David Petraeus, the US commander in Iraq, as saying, “We saw Soleimani as a very capable, charismatic, skilled, professionally competent, diabolically evil human being.” The programme describes how components for the devastatingly efficient killing devices used by the Iranian backed, Sadarist Militias in Iraq, that killed so many – the EFP IED (Explosively formed Projectile, Improvised Explosive Device, the roadside bomb that devastated so many convoys), came from or through Iran and through Quds force networks controlled by Soleimani.
Yet during the same time we read reports of US intelligence operations buying chemical weapons, according to Bush and Blair that eventually never existed, from an unnamed individual in the Amara region of Iraq (under British control) to ensure they didn’t fall into the wrong hands. The operation was called Operation Averice. The BBC documentary was very clear, nothing moved without Soleimani’s Quds force knowledge, none of the commentary has identified the ‘seller’ or where the US taxpayer’s money, used to buy these chemical weapons, went? It is highly probable it found its way to Soleimani’s Quds force and additional investigations throw doubt on the numbers reported in the New York times. It is believed the actual number of chemical weapons purchased was significantly higher.
There has been little commentary or analysis of the second ‘commander’ killed in the US drone strike, Abu Mahdi al-Muhandis, an Iraqi who commanded the Iranian-backed Kataib Hezbollah group. That group was hated by many across Iraq, was a designated terror organisation by the US and had been founded by Soleimani’s Quds and used to support the fight against ISIS in Iraq and support Bashar Al Assad’s fight against ISIS in Syria, but only in battles where US supported organisations were not engaged. Complex is an understatement. However, one has to ask over the years, what is the relationship the US and the West has had in any form with Soleimani and his Quds? We can safely assess US taxpayers’ dollars possibly went to them.
Soleimani’s influence, in keeping areas of the Middle East in a less than stable position with the proxy war in Yemen, where his proxy forces are the Houthi’s and are fighting a Saudi led coalition. Additionally, his proxy insurgency keeping Israel occupied with Hezbollah, a long-standing terror exporter and Hezbollah backed militias, is clear. What remains unclear is, charismatic that he was, ruthless and evil that he was, he was one man and will have groomed successors in his own image, to his own thinking, following his own doctrine. He is and was replaceable and has been replaced. We wait to see the cut of the cloth of his successor, but his first task will be planning revenge for the death of his old boss.
So, what will that revenge look like? There has been much speculation and increasing sabre rattling rhetoric with Iran’s supreme leader, Ayatollah Khamenei, warning of “severe revenge” for the attack and referring to Soleimani as having been “martyred;” Khamenei had a close personal relationship with Soleimani. The US Presidents response on twitter was that the US will strike 52 Iranian sites “very fast and very hard” if Tehran follows through with its vow of revenge.
The first thing to recognise about the revenge planning is timescales. The Iranian culture is such that planning is looked at in multigenerational timescales, not the timescale a Fox News headline or Twitter post, lasts in people memories. That makes potential Iranian responses all the more concerning; they will carefully choose the time and the place, or times and places for their revenge.
The second thing to recognise is that this isn’t a diplomatic issue that can be talked away, this isn’t something that will be forgotten because it was one evil man in the Wests eyes, this isn’t something that a solution could be bought through easing of sanctions or the like. This is a matter of honour, and national honour for Iran. This is a matter of honour for the Shi’a people and the military and paramilitary forces of the Houthi’s and Hezbollah. The conflicts and instability across the Middle East is as much a wider Sunni, Shi’a historical civil war as they are for power in different countries, hence the Quds force involvement supporting the Shi’a fight. The role of the Quds force is the extension of Iranian influence outside Iran.
The hoisting of a red flag on Jamkaran Mosque, one of the one of the most significant mosques in the city of Qom in Iran, is a significant symbol of this. Red flags, to the Shiite population are traditionally used to symbolise both blood spilled unjustly and serve as a call to avenge a person who is slain. Tradition has it that they can only be lowered when that death has been avenged.
The third thing to recognise is that the Iranians will do very careful consequence management when it comes to revenge attacks. It is highly unlikely that regular Iranian forces will attack US or UK interests at sea or in the air. It is highly likely that Iranian cyber capabilities will target the west, but that will not be seen as sufficient ‘revenge.’ It is highly likely that Iran will covertly encourage, enable, facilitate terror attacks across the globe using proxy organisations and often without them knowing who is ‘encouraging and enabling them. None of this will point directly back to Iran but everyone will know who is behind it; I doubt it will cross the threshold for Trumps 52 targets.
The fourth thing to recognise is President Trump has a re-election campaign to run this year and that, with the impeachment trial going ahead, will split his thinking – Iran will be aware of that and will exploit it.
The final thing to recognise is that Iran has proxies with Hezbollah and the Houthis that it can use to carry out a spectacular or several spectacular revenge attacks and Hezbollah have a global reach! Houthi rebels claimed responsibility for the drone strikes on Saudi Aramco facilities, saying 10 drones had been deployed in the attack in September last year. Would similar or more spectacular attacks from them or Hezbollah cross Trumps 52 target threshold?
The Iranians will have noted the Wests response to the nerve agent attack on Sergei Skripal in Salisbury, the Russian ‘rebel’ downing of MH17 in 2014, the US response, or lack thereof in real terms, to the shooting down of a US RQ-4A Global Hawk in international airspace over the Gulf in June last year and more, and will carefully weave this into their revenge planning and who executes the inevitable spectacular ensuring sufficient plausible deniability to reduce the probability of crossing Trumps 52 target threshold.
Two things come out of this. The first is the revenge, when, not if, will have consequences for non-Americans and possibly civilians even though Americans will be targeted. The second is, the increased chaos and instability, especially in Iraq, compounded by the Iraqi parliament asking for US forces to leave Iraq, is now being exploited by the rump of ISIS and they are regrouping and growing in influence again.
Has the killing of Soleimani in this way made the world safer in any way, evil that was, the answer is no. Could it have been done differently and the same message of ‘we can’t let you continue to destabilise the region’ be sent to Iran, definitely.
This blog was written by Philip Ingram MBE, who experienced 13 service personnel killed by Solemani’s IEDs and other weapons when he was in Iraq, a former Colonel in British Military Intelligence. He is available for further analysis or comment.
Soleimani attack – an oh S**t moment for the world?
***Updated 03 1930Z Jan 20***
The US Secretary of Defense, Dr Mark T. Esper prepared a statement on 02 Jan 2020 outlining the concerns the US had for Iranian backed activities across the region in recent months. Citing concerns with actions in November and through December, the statement was released just after the US carried out an air attack on a convoy leaving Baghdad Airport in Iraq, killing General Qasem Soleimani, the commander of the Iranian Quds force and an Iraqi militia leader Abu Mahdi al-Muhandis, head of the Iranian backed Popular Mobilization Forces, amongst others.
The Iranian Quds force is part of the Iranian Revolutionary Guard Corps (IRGC), set up approximately 40 years ago, answering to the Supreme Leader, Ayatollah Ali Khamenei and separate from Iran’s conventional military who answer to the political government under Iran’s President, Hassan Rouhani. The Quds force themselves are a secretive organisation responsible for irregular and overseas operations and Soleimani will have reported directly to the Supreme Leader, without consultation with the President. In essence, Soleimani is more important than Iran’s President.
So, what do we know? We know that the US and allied countries have been interested in Soleimani for some time and will have declared him as a ‘High Value Target’ and as such will have a constantly updated targeting pack against him, updated with new intelligence as it came in. That targeting pack does not automatically mean it is there to kill or capture him, but is continuously refined so any action, could be expedited in a timely manner.
Mark Esper’s pre-prepared statement cites a number of what in military parlance are tactical incidents, puts them into an operational framework and used that to explain a grand strategic action. That is the equivalent of using a Trident D5 missile to crack a nut – the nut will be vapourised, Soleimani was, however, there will be fallout from the immediate blast and shock wave, immediate damage from the radiation and then longer-term implications from the radioactive fallout!
It has to be said at the outset, that the Quds force have been responsible for many atrocities across the region resulting in the deaths of many Americans and innocent people. They are ruthless, capable and operate outside any legal or moral compass we would recognise in the West and have infiltrated many organisations across the Middle East and further. They are the main element enabling a proxy conflict with the Saudis in Yemen. Their wider destabilising influence has regional (operational) and global (strategic) implications that have been going on for too long. The Quds force are seen by many as a state-owned terror organisation, but they are so much more. They are a mixture between the Russian GRU, the CIA of the 1970’s, Mossad and a global terror organisation and have an influence and autonomy far beyond their size an Iran’s political and military needs.
It seems that Soleimani was tracked on a flight from Damascus in Syria to Baghdad whilst Abu Mahdi al-Muhandis was tracked in a convoy going to meet his flight and pick him up. It is probable that they both were being tracked using human intelligence (HUMINT) and signals intelligence (SIGINT) with a degree of fidelity that gave their exact movements and planned movements to the US intelligence machinery allowing the targeting pack to be updated. Given the actions against the US embassy in Baghdad over the proceeding days, coordinated by Abu Mahdi al-Muhandis militias, that targeting pack, and any options, would have been discussed at least daily.
The US will not have reacted without thinking through the implications and briefing those to the executive decision maker. The response to the downing of a US RQ-4A Global Hawk in international airspace by IRGC forces in June 2019 was measured and proportionate, designed to minimise any potential escalation. The response was a cyber-attack on Iranian air defence assets. The equivalent of a slap on the wrists.
However, given what was going on with the US Embassy, the deployment of troops from Kuwait to protect the Embassy, the deployment of additional troops from 82nd Airborne Division into the region to reconstitute a reserve the decision making process and review process will have been at the forefront of President Trumps mind. It is widely reported that President Trump gave the order personally and given the profile of the target that is what would be expected.
However, that does not necessarily mean it was the preferred option of the US military of diplomatic corps. President Trump is known for having premade up his mind before he speaks to his advisors, he has stopped listening to regional specialists and has ensured his inner circle of advisors are what can only be described as sycophants. He will have been running an emotional high from his concerns about the US embassy in Baghdad.
I am reminded of a UK General, just back from Afghanistan who I briefed weekly on Afghanistan intelligence matters. One brief indicated that the Taliban were changing their tactics from conventional military type attacks to more IED based attacks as they couldn’t sustain their casualty rate. The General ‘blew his top’ in public with me accusing me of inventing “defeatist intelligence reporting” and ordering me never to say such things again as he had been there, and he knew that would never happen. I do hope he has the moral courage to look the families of all those who died to IEDs and admit he was wrong, he never said it to me, and I didn’t stop my assessments from my intelligence enabled perspective, bollockings or not.
At this stage we do not know if President Trump properly listened to and took heed of wider fall out, or if he shot from the hip! A statement from the UK Foreign Secretary, Dominic Raab, said “We have always recognised the aggressive threat posed by the Iranian Quds force led by Qasem Soleimani. Following his death, we urge all parties to de-escalate. Further conflict is in none of our interests.”
This is a clear indication that the UK knew nothing of the attack beforehand, wants to show support to its ally the US and then run for the bunkers! Iran cannot and will not let this go. In a statement appointing Soleimani’s successor the supreme leader describes his death as “martyrdom of the glorious general,” in a previous statement announcing three days of mourning he said “severe revenge awaits the criminals” behind the attack.
It is probable that there will be several layers of retaliation; the immediate, a decisive act and then long-term actions, just like the Trident analogy I mentioned. The immediate will be to show strength and will probably happen just after the 3 days of mourning. It will be decisive act will be to send a clear message to the US that Iran will not stand back and do nothing and is likely to be spectacular in nature. Then we will possibly see a massive increase in proxy terror using AQ, ISIS and other organisations, often without their direct knowledge, as plausibly deniable outlets targeting terror at the US and its allies across the globe. Alongside we will likely see greater cooperation’s with the Russians and increasing activity in the proxy wars across the region including in Yemen.
A key question is, is the killing of this commander, evil that he is, going to make things safer for US troops, diplomats or other personnel within the Gulf region? To answer that it is worth asking if the threat comes from one man, and the answer clearly is no? The Quds force is approx 15,000 strong and as an organisation it is bigger than one personality. Soleimani has been replaced already, so the Quds Force activity will continue but now with greater murderous intent and a cause to seek revenge for. So, the killing of one man and his entourage in reality, has made the region and the world a more dangerous place for US interests and the interests of their allies. Mike Pompeo’s assertion that the US airstrike that killed Qasem Soleimani was to disrupt an “imminent attack” could be true in the very short term however, his statement that Americans “are safer in the region” after the strike and demise of Soleimani is definitely not true.
Two things are certain, we don’t have the full picture and the world has suddenly become a less safe place.
This blog was written by Philip Ingram MBE, a former Colonel in British Military Intelligence who has served in and studied the Middle East from a wider intelligence perspective. It will be updated as new information emerges.
To begin to understand where I’m coming from, we have to look at a little of the history behind a game that came out of nowhere, took the world by storm before going quiet. However, given the hype it has created a market and momentum it created all of its own, it seems to be coming back. It is always worth starting with a little history.
In 2001, a company called Keyhole Inc. was founded by John Hanke whose first job out of college was in a foreign affairs position within the U.S. government before he moved into the technology industry. Keyhole was an interesting choice of names as the name “Keyhole” is a homage to the KH reconnaissance satellites, the original eye-in-the-sky military reconnaissance system now some 50 years old.
Keyhole Inc. was a pioneering software development company specialising in geospatial data visualisation applications, it was acquired by Google in 2004 for $35 million. It was initially launched as a spin-off from a company called Intrinsic Graphics with initial funding coming from a Sony venture capital fund and others, with additional capital coming from the US graphics giant NVIDIA bundling deal including a company called In-Q-Tel.
The name, Keyhole combined with In-Q-Tel involvement starts to make the history of Pokémon Go very interesting in deed. In-Q-Tel was widely billed as the venture capital arm of the CIA and the majority of the funds it used for its venture with Keyhole came from the National Geospatial-Intelligence Agency (NGIC). Other funding came from the angel investor Brian McClendon who later became a VP with Google, when they acquired Keyhole, before moving to Uber.
The link between Keyhole and In-Q-Tel wasn’t as sinister as it could first seem when you understand the project that Keyhole was working on. It was called Earth Viewer which later became the widely used opensource mapping and imagery tool, Google Earth when Google acquired Keyhole in 2004.
In 2010, the company behind Pokémon Go was founded, initially inside Google, by Keyhole’s founder, John Henke. As it launched the initial game allowed a lot of activity for players for free which meant it quickly went viral across the globe; there were news storied of people chasing high priced ‘monsters’ all over the place and a rush to see who could get them all first. There was no obvious revenue stream that would pay for this ground-breaking, complex interactive game.
Working on the principal that you get nothing for free the only answer to the lack of obvious revenue is you paid in some other way, and that way had to be data. So, on launch, if we look at the data the game could access on any facility, (spook speak for a phone, tablet, laptop or computer associated with an individual), we get a list of what, when you click install and accept terms, you have just allowed the app to access on an android device:
Find accounts on the facility
Find accounts on the facility
Precise location (GPS and network-based)
Approximate location (network-based)
Modify or delete the contents of your USB storage
Read the contents of your USB storage
Modify or delete the contents of your USB storage
Read the contents of your USB storage
Take pictures and videos
Receive data from the internet
Pair with Bluetooth devices
Access Bluetooth settings
Full network access
Use accounts on the device
View network connections
Prevent the device from sleeping
So, what the game app can do with no difficulty is identify:
Where you are
Where you were
What route you took between those locations
When you were at each location
How long it took you to get between them
What you are looking at right now
What you were looking at in the past
What you look like
What files you have on your device and the entire contents of those files
What other facilities you are connected to
Access the data via Bluetooth and network connections on those other facilities
My next step was to look at the terms and conditions to see what was being done with all of this data. I have used extracts to illustrate certain points and those extracts have been italicised for clarity, there are the boring T’s and C’s but worth a scan!
Information Collected Using Cookies and other Web Technologies: Like many website owners and operators, we use automated data collection tools such as Cookies and Web Beacons to collect certain information on our Site.
We may use both session Cookies and persistent Cookies to identify that you (or your authorized child) have logged in to the Services and to tell us how and when you (or your authorized child) interact with our Services.
Some third-party services providers that we engage (including third party advertisers) may also place their own Cookies on your hard drive.
“Web Beacons” (also known as web bugs, pixel tags, or clear GIFs) are tiny graphics with a unique identifier that may be included on our Services.
In essence, you agree to data collection capabilities to be put on the facility with the app and give it access to almost everything.
Information Related to Use of the Services: Our servers automatically record certain information about how a person uses our Services. This may include information such as a User’s Internet Protocol (IP) address, user agent, browser type, operating system, the web page that a User was visiting before accessing our Services, the pages or features of our Services to which a User browsed and the time spent on those pages or features, search terms, the links on our Services that a User clicked on, and other statistics.
Information Sent by Your Mobile Device: We collect certain information that your (or your authorized child’s) mobile device sends when you (or your authorized child) use our Services, like a device identifier, user settings, and the operating system of your (or your authorized child’s) device, as well as information about your use of our Services while using the mobile device. We may use this information to provide the Services and to improve and personalize our Services for you (or your authorized child).
And the team are great, they tell you they are going to assess everything.
Location Information: The App is a location-based game. We collect and store information about your (or your authorized child’s) location when you (or your authorized child) use our App and take game actions that use the location services made available through your (or your authorized child’s) device’s mobile operating system, which makes use of cell/mobile tower triangulation, wifi triangulation, and/or GPS. You understand and agree that by using our App you (or your authorized child) will be transmitting your (or your authorized child’s) device location to us and some of that location information, along with your (or your authorized child’s) username, may be shared through the App. For example, when you take certain actions during gameplay, your (or your authorized child’s) username and location may be shared through the App with other users who are playing the game. We may also use location information to improve and personalize our Services for you (or your authorized child).
They also tell you they will track you through your facility and the cell towers and wifi you use, gathering all of that data. Think of the threat to your home router or the work routers?
International Transfer: Your (or your authorized child’s) PII may be transferred to, and maintained on, computers located outside of your state, province, country, or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you’re located outside the United States and choose to provide your (or your authorized child’s) PII to us, we may transfer your (or your authorized child’s) PII to the United States and process it there.
And the ‘coup de grâce’ is the data will be transferred to the US for processing (there is an opt out clause, but it is buried and goes on to say if you do, the game won’t work (I paraphrased it.)
The US Foreign Intelligence Surveillance Act describes procedures for physical searches and electronic surveillance of activities of foreign entities and individuals where a significant purpose of the search or surveillance and the collection of information is to obtain “foreign intelligence information.” The term “foreign intelligence information” is defined to include information that relates to actual or potential attacks or grave hostile acts of a foreign power or an agent of a foreign power, sabotage, international terrorism, weapons of mass destruction, clandestine intelligence activity by or on behalf of a foreign power, or similar issues.
The Patriot Act enlarged the scope of the existing law to apply when “a significant purpose” of the search or surveillance is the collection of foreign intelligence thereby bringing the sort of capability provided through Pokémon Go into the legal statute for intelligence collection.
The FISA was amended in 2008 through the FISA Amendment Act (FAA) to permit the U.S. Attorney General and the Director of National intelligence to jointly authorize the targeting of non-U.S. persons reasonably believed to be located outside the United States, in order to acquire foreign intelligence information.
In essence by signing up to Pokémon Go, developed through a linke to US intelligence agency money, designed to encourage taking pictures where high priced ‘monsters’ appear whilst giving access to your location data and all of the data on your facility, with lots of play before revenue streams appear to start asking for money, you are asked to believe it is just a game?
Hell, if as a spook I had thought of it, getting a 9-year-old to take a picture of a top-secret entrance to an intelligence facility without putting a special ops team on the ground, would I do it? Yup, I would.
Does this mean Pokémon Go is an intelligence gathering tool for the US Government, nope, but the T’s&C’s at release mean it could be and it is a great example of what apps on facilities can do and if you don’t know who has developed them what are you losing to the world?
We worry about Huawei hardware, given the proliferation of app technology, we don’t need to worry about the hardware at all as it is not the issue and this blog is merely an illustration of what could be happening; or is it………… A Happy New Year to all.