The heads of the UK's three security agencies have lashed out at the government and media over the recent snooping scandal, claiming that their operations must remain secret in order to be effective against criminals and terrorists.
During a briefing with the Parliamentary Intelligence and Security Committee(ISC), the heads of GCHQ, the Security Service (MI5) and Secret Intelligence Service (MI6) defended their internet surveillance activities, despite the ongoing criticism.
GCHQ director Sir Iain Lobban argued during questioning that UK intelligence agencies have consistently acted within the law when mounting cyber operations. "A government's first duty is to protect its people. Doing this means some protective measures have to be secret, but that doesn't mean they're unaccountable," he stated.
"I believe certain methods should remain secret. Secret doesn't mean sinister. It feels strange to say we have nothing to hide as we work in secrecy, but we have people above us, we have our masters. We are subject to the law and I'm sure that's true of my sister agencies as well. There are very good safeguards in place."
MI5 director general Andrew Parker added that any ill will by the general public should fall on the government's shoulders. as the decision to allow or disallow operations similar to PRISM rests with politicians.
"Openness is something we've been on the road towards for some time and these are issues for ministers to lead on," he said.
"The constant and real issue for us is ensuring the work we do is lawful and that our staff can be assured what they're doing is lawful. The arrangements there are parliamentary. It may be more helpful to bring that to light, to make clear all these arrangements rely on the parliament and the public."
MI6 chief Sir John Sawers, mirrored Parker's sentiment saying, "The law is for you, the parliamentarians."
The intelligence chief's comments follow a ruling by the the committee that GCHQ's use of the US's National Security Agency (NSA) PRISM data was not illegal.
Despite the ruling, many privacy groups have expressed ongoing concerns about how UK intelligence agencies collect data. The concerns led the ISC to expand the scope of its investigation into whether new privacy legislation is required in the wake of the PRISM scandal.
Lobban moved to further allay these concerns, promising that GCHQ agents only analyse data on potential terrorists or criminals.
"We do not spend our time listening to calls or reading emails from the majority of UK citizens, it would not be legal, we do not do it. It would be wonderful if terrorists used one form of communication and everyone else used another, but they don't and we have to do detective work," he said
"If you would let me use an analogy about how we operate. Think that we're in an enormous hay field trying to find needles. We're collecting hay from areas we can get access to that might have the needles we're looking for. When we get that haystack full of potential needles we're aware there will be plenty of hay that is from innocent people – we draw that information to get the needles, we don't touch the rest of the hay."
MI5's Parker argued that, although they would follow any new laws about how they collect data, increased transparency could further damage their ability to protect the country.
"The reason things are secret isn't because we are embarrassed or scared to put them to the public, it's because we have to. If we make them public we can lose operational advantage. There will always be secrets. That's why the oversight mechanics are in secret," he said.
Lobban said the documents leaked by whistleblower Edward Snowden to the media have already hampered the agencies' ability to combat hostile groups.
"We have seen chat about specific terrorist groups discussing how to avoid what they now see as vulnerable communication methods. I am not happy compounding the damage by giving specific details in public," he said.
Sawers supported Lobban's claim. He said: "The leaks from Snowden have been very damaging. Our adversaries are rubbing their hands with glee. The alerting of targets and adversaries makes it more difficult to acquire the information they – our officers – need to defend this country."
Lobban said this development is troubling, as the cyber threat facing UK industry is growing.
"We're seeing attacks against the businesses that keep Britain going, things like communications, transport, healthcare and energy. We're seeing theft of intellectual property from over 20 industrial sectors," he claimed.
The comments mirror those of many security professionals. Ex-Navy Seal and Silent Circle chief executive Mike Janke told V3 that intelligence agencies will always go as far as the law lets them and it is up to governments to set limits on their powers.