Documents leaked by Edward Snowden and published by the Intercept this week reveal that intelligence agencies, including the UK’s GCHQ and the United States’ NSA, spied on air passengers using a system that could intercept calls, PIN numbers, and even Internet downloads.

Specifically, phones that accessed in-flight connectivity systems provided by a number of airline companies, including here British Airways, Lufthansa, and others, were monitored when the aircraft was flying at 10,000 feet, with intelligence agencies being able to intercept pretty much every activity of a connected device, including here calls and data transfers.


United States, NSA, Edward Snowden – A slideshow put together by GCHQ for an internal presentation and which got leaked shows that a program called Thieving Magpie made it possible for agencies to intercept cellphone signal and track the activities of passengers onboard.

Using documents such as flight lists, intelligence services could easily identify a passenger and even prepare special teams that would conduct an arrest when the aircraft landed should they discovered criminal or terrorist activity.

The data snooping took place in real-time and documents show how the whole process was working on an Air France flight.

Most airline companies are using in-flight connectivity tech provided by British companies AeroMobile and SitaOnAir, whose GSM servers connect to Inmarsat satellites. What intelligence services were doing was to intercept the signal that was submitted by cell phones to satellites and then to the GSM networks on the ground.

BitTorrent downloads also monitored

According to one slideshow, they could track email passwords and other credentials, as well as Blackberry PIN numbers, all without even an active call. Phones that were connected to the network were all exposed, the documents show.

GCHQ says in the documents that in most of the cases, the intercepted data was “largely as expected,” explaining that it, however, tracked webmail information, social network accounts including Facebook and Twitter, media, VoIP traffic, as well as BitTorrent transfers.

It goes without saying that intelligence agencies refused to comment on this new document leak, but the GCHQ provided a statement that reveals virtually nothing.

“Furthermore, all of GCHQ’s work is carried out in accordance with a strict legal and policy framework, which ensures that our activities are authorised, necessary, and proportionate, and that there is rigorous oversight, including from the secretary of state, the interception and intelligence services commissioners, and the parliamentary intelligence and security committee,” they said.

“All our operational processes rigorously support this position. In addition, the UK’s interception regime is entirely compatible with the European Convention on Human Rights.”