If you are thinking about your privacy online, you’re not alone. According to Pew Research, roughly 50% of Americans don’t trust social media or the government to protect their data. In addition, most Americans or 91% agree that they do not have control over their personal data or how it is collected and shared by different entities. As personal privacy becomes a popular topic in courtrooms and business offices, global surveillance has continued to grow.
So it’s time to discuss 5 Eyes, 9 Eyes, and 14 Eyes, as well as how to use a VPN to protect your web privacy.
These terms reference the entities that have control over the collection and sharing of your personal data between global government entities. This article discusses how these global surveillance alliances have come together and what you can do to protect your online privacy.
What are the 5 Eyes, 9 Eyes, 14 Eyes
These terms relate to the protection of privacy and global surveillance, especially as the popularity of VPNs and privacy programs grows. These titles were given to the alliances formed between many countries around the world in an effort to share information. While methods of sharing information have changed in the past few years, these alliances have always been interested in the collection and sharing of information.
The Five Eyes
This refers to the surveillance alliance that includes:
- The United States
- The United Kingdom
- New Zealand
This alliance is the oldest and guarantees that these countries share information and record activities of their citizens.
There are many organizations included in the Five Eyes alliance. For the United States, the CIA, DIA, FBI, NSA, and NGA are actively collecting and sharing information.
However, the United Kingdom passed the Investigatory Powers Act in 2016, which gave the government the power to record anyone’s browsing history, text messages, and connection logs. This data is stored for two years and is made available to all government agencies and partners without ever needing to issue a warrant.
Large telecoms and internet service providers have been helping government agencies collect information, especially in the United States. These are part of what’s called the PRISM program. In a quiet move in 2017, internet service providers were also given the legal recourse to record all users’ activities and sell to third parties. No one can opt out.
However, most internet service providers have been collect private data on their customers since before this legal authority was approved. One of the key differences is that now these countries in the Five Eyes have the ability to force companies to hand over customer data.
The Patriot Act in the United States allowed for federal data collection. These laws gave the government all authority to compel a business to join data collection even if they didn’t have it previously. The data collected would then be handed over to the government agency.
Many have tried to expose the activities of the Five Eyes, such as Edward Snowden and WikiLeaks. Unfortunately the public remain largely unaware of how much they are patrolled online and what government agencies can collect from companies about their customers.
In addition, social media websites have been forced or partnered up with government agencies to hand over personal data and information about user activities as well. Both Facebook and Google have been compelled to hand over data.
In order to prevent your data from being heavily collected and shared, there are only a few shields against the Five Eyes. This includes VPN services.
The Nine Eyes
Five Eyes expanded later to include four more countries to from the Nine Eyes, as follows:
Snowden revealed that these countries had agencies that were also a part of global surveillance. These countries act as an extension of the power already within the Five Eyes. The goal is simply to collect and share information between these countries, including the use of mass surveillance data.
The Fourteen Eyes
There are five more EU countries included in this alliance, as follows:
These countries have also included their agencies in the collection and sharing of data. However, this group has an official name known as SSEUR or SIGINT Seniors Europe.
Other Alliances and Partners with Companies
PRISM is the name given to the collection of tech companies that cooperate with the NSA. It’s also called SIGAD US-984XN. The companies included in PRISM are:
However, many other companies cooperate or even support NSA’s surveillance programs including AT&T, Sprint, and Verizon.
While it is not officially listed as part of the Five Eyes, most believe that Israel must be included because of its close ties to the American government. For many decades, the US has operated alongside Israel’s governments. This has been documented by many sources, including articles that noted when NSA shared raw surveillance data straight to Israel’s agencies.
Japan is another country that has close ties to US and the Five Eyes. There were secret deals made with the NSA that included global surveillance. Singapore and South Korea are two other reported alliances with the Five Eyes.
History of the 5 Eyes, 9 Eyes, 14 Eyes
The Five Eye alliance started during the World War II era. It began as an intelligence cooperation alliance called the United States of America Agreement or UKUSA Agreement. This original alliance was between the United States, United Kingdom, Australia, Canada, and New Zealand or the Five Eyes. It was also known as FVEY.
While this agreement originally started in 1941, the secret treaty has evolved over the years, expanding into online surveillance and data collection. Nine other countries were also added to the agreements over the years.
In the 1950s, more countries joined the fold. These were mainly third party entities from Nordic areas around the world, including West Germany and Denmark. Eventually, it expanded again to include France, Norway, Netherlands, Spain, Germany, Sweden, Belgium, and Italy. However, these groups did not have as expansive as data collection in the beginning as English countries did.
That has changed in the past two years. As more companies have complied with government agencies and data collection, any information can now be access if you own a company and access the internet within the Fourteen Eyes.
In 2010, the UKUSA Agreement was finally made public and can now be viewed online. In 2013, Edward Snowden was one of the original individuals who shared files about this intelligence agreement and global surveillance. Other documents around this time also revealed that Israel was a member of the alliance, though it was not included in the Five Eyes, Nine Eyes, Fourteen Eyes.
Controversies with 5 Eyes, 9 Eyes, 14 Eyes
Many have tried to discredit information on global surveillance and data collection, but leaks made by Edward Snowden in 2013 as well as as a 2018 FOIA request document reveals that the UKUSA agreement is very much alive, and it continues to collect data and operate surveillance on citizens, particularly online.
There is a spy organization within the Five Eyes known as the ECHELON surveillance system. This is a network of espionage agents and data collectors. The Guardian wrote an article about ECHELON in which it described the full stretch of data collection and surveillance. These have since expanded in the past two years.
Here are a few things that ECHELON has been accused of doing:
- Telephone tracking
- Computer surveillance
- Bank account tracking
- Internet activities
- Social media activities
- Tracking other online behaviors
- Web cam surveillance
In September 2018, a meeting occurred between security and public safety officials in Australia. It was confirmed that the US, UK, New Zealand, Australia, and Canada urged to prioritize law enforcement’s access to more personal data, subject to strict safeguards and legal limitations within domestic laws. This seems to be a larger confirmation that Five Eyes still exists.
More recently in April 2019, Five Eyes intelligence met again to discuss Chinese telecoms and the mobile phone company Huawei, especially as the company has been considered to build Britain’s 5G network. Some were concerned that this would leave holes in data collection and cause national security threats.
The US has banned Huawei from its government networks and urged others in the Five Eyes to do the same. Britain’s PM has been criticized for allowing Huawei to continue operations despite warnings by MI6 that the Chinese company could corrupt data networks. Following actions by US against Huawei, it was also banned in Australia and New Zealand. However, Canada hasn’t agreed to join in on the ban, and they may be leaning towards the same actions by the UK. This would be a division within the Five Eyes.
It was revealed that Australia’s Prime Minister didn’t even know that Australia was in the Five Eyes until 1973 because it was such a secret organization. Since then, Australia has saved money on security investments. One professor from Australian National University stated that “there is a remarkable amount of ignorance” concerning the Five Eyes and defense planning.
In 2013, NSA contractor Edward Snowden released 200,000 classified documents from US intelligence that showed extensive surveillance from the Five Eyes, putting to bed any rumors that the alliance wasn’t active. Snowden also revealed evidence that Israel was a part of the Five Eyes as well, but this partnership was kept very secret.
Documents released in 2013 by Snowden revealed that the NSA doesn’t need a warrant to access anyone’s data.
Again in June 2013, documents revealed the telephony mass collection through AT&T. The Telephony Metadata Collection Program enabled the NSA to collect millions of communication records of US citizens without any use of warrants or reasons. The NSA also collected unique data sets such as time and duration of phone calls that were intercepted. These acts were considered legal under section 215 of the USA Patriot Act and pretty much forgotten about under the Obama Administration.
Pearson Airport was discovered conducting mass surveillance for CSE on Canadian travelers. In June 2014, the surveillance began, and CSA collected the data of travelers without any type of warrant. This data collection went on for many weeks, even though it was called illegal and unconstitutional.
Historic Targets of the Five Eyes
It should be noted that the Five Eyes can target any individual by any number of data points. It doesn’t need a reason, and no warrants need to be issued. This has been going on since the very beginning. Here are a few of the men and women who have been targeted by the Five Eyes alliance.
In addition, if another country wants to get around their own privacy laws, they can simply ask another country to watch a target. Some of these targets will show how this is arranged.
- Charlie Chaplin: There was a campaign against the famous silent film actor Charlie Chaplin in the 1950s because of his supposed ties to communism. He was placed under surveillance by MI5 agents acting on behalf of the United States’ FBI.
- Jane Fonda: The actress is also a political activist and former model. Because of her ties to political activist groups and her connection via her husband Tom Hayden, many communications from her were intercepted by the GCHQ and provided to the NSA.
- John Lennon: In 1971, a year long campaign started by the US government to watch John Lennon with extensive surveillance. He was monitored in case of need to deport him back to Britain. Both the FBI and MI5 worked together to track John Lennon after he moved to New York City in 1971.
- Diana, Princess of Wales: Documents show that the Princess of Wales was placed under surveillance because she was opposed to the use of land mines. Her file contained over 1,000 pages, showing that she had been under surveillance for many years by GCHQ and the NSA.
- Kim Dotcom: A relevantly unknown individual, Kim Schmitz or Kim Dotcom was the founder of an early file hosting site called Megaupload. As a well known hacktivist, he was placed under surveillance in New Zealand on behalf of the FBI. An apology was later issued by New Zealand Prime Minister John Key, considering GCSB’s surveillance to be illegal.
- Nelson Mandela: Both the CIA and British SIS placed surveillance on the South African activist. The President of South Africa served from 1994 to 1999. He was called a terrorist and was placed under surveillance by SIS. He was arrested in 1962 for terrorist activities, which were delivered by the CIA to local authorities.
Can the Government Collect Your Data?
In countries within the Five Eyes, Nine Eyes, Fourteen Eyes, all data can be collected, and anyone can be placed under surveillance.
The ACLU has also been fighting NSA’s war on American privacy, publishing documents about Fisa-approved policies for the NSA. These rules outline what NSA can and can’t do with your data. However, the rules are pretty lenient. Here is a breakdown:
- The NSA can keep data that contains personal information of US citizens for up to five years;
- Agencies can save and use information that is “inadvertently acquired” through communications, including any data deemed usable intelligence, criminal activities, activities deemed to harm any person or property, or if they have any information related to cyber security;
- The laws also allowed for the preservation of foreign intelligence information that can be collected within attorney-client communications;
- Information can be collected through content of communications gathered from machines based in the US. This includes computers and telecoms if the agency needs to establish that the target is in the US and if they need to increase surveillance
Through programs like ECHELON and PRISM, the 14 Eyes countries can surveil you through a number of different websites and companies. It’s clear that not only can the government access your data, but it is collecting data at an alarming rate. Based on information from a 2015 study, all of these companies involved with PRISM were giving over data about their customers:
The number of requests is also going up year to year. There were 17,000 requests for information from Facebook by NSA in 2015. It was reported that between January 2017 and June 2017, there were 32,716 requests for information by US law enforcement agencies.
It was also found that AT&T was cooperating with NSA heavily after 9/11. AT&T was revealed in documents to show an eagerness to begin surveillance, which started just days after the 9/11 attack. The NSA gained access to incredible amounts of internet activity, and there was reportedly an entire room at AT&T dedicated to copying the entire internet for NSA surveillance purposes.
The ECHELON program was a secret until it was revealed by Snowden to be very real. Documents revealed that the Bush administration tapped American phones without any warrants. One ECHELON facility in the UK monitored over 300 million emails and phone calls each and every day.
The Investigatory Power Act was a move in the UK to justify all types of surveillance activities by the GCHQ and other intelligence administrations within the country. This act enabled many internet service providers, telecom companies, and other sites to record all browsing history, conversations, text messages, and other data deemed to be important.
Other important surveillance programs include:
- Data Retention Bill in Australia
- Signals Intelligence
What Types of Data Can be Collected and Shared from Your Online Activity
As more documents and leaks have surfaced, many have put together a list of targets and data points that are made available to the NSA. Here is a rundown of everything that the Eyes alliances have access to:
All of the Calls Made in US
Over several billion calls per day can be tracked and recorded by the NSA. Leaked documents revealed that Verizon, AT&T, and Sprint have all been following orders to turn over data on a daily basis to the NSA.
Any Email You’ve Sent
Most emails are sent through Google, Microsoft, and Yahoo services. All emails can be intercepted and recorded. While rules state that there must be one party outside of the US involved in the communication, there is no way available to separate international and domestic communication, which means that the program captures all information from US citizens.
Facebook, Other Social Media, and Text Messages
Due to PRISM, any information sent through Facebook, Twitter, Microsoft, Apple, and other phone companies such as AT&T and Verizon, all of your activity via desktop or mobile can be recorded and used for intelligence purposes. Social media posts, browsing behavior, websites visited, online purchases, and other information such as credit scores and written private messages can be shared.
However, companies in PRISM maintain that they don’t complete every request. However, this hardly matters as most software companies are sharing data anyway. The raw internet traffic that is intercepted by the NSA uses a program called XKEYSCORE, allowing analysts to see anything that you do on the internet.
For example, analysts can track your browsing behavior, right down to any address that you type in Google Maps or any files that you upload to the internet.
These are some of the biggest reasons to set up your online privacy fortress now. With the availability of VPNs, you can start browsing the internet without being followed by the NSA.
What is a VPN and How It Protects You from 14 Eyes
A virtual private network (VPN) sets up an anonymous connection to the internet, where your IP is hidden. One of the main ways that companies and agencies track people is through their IP address and web activities.
While you may have an IP from your ISP, you can still purchase a VPN to connect to the internet and protect yourself. Basically, your IP is only shown to connect to the VPN, and after that, it’s difficult to trace where you go on the internet as your address can change locations several times.
It’s one of the main ways that people protect themselves from surveillance, but it isn’t the end-all-be-all defense. If the NSA wants to target you, you will likely see difficulties in staying connect to your VPN. Your bank may even block transactions from your VPN because they are typically from companies located outside of the US.
Why You Should Avoid VPNs Within 14 Eyes and Partners
If you are looking for a trusted VPN service, the first thing to do is find one that isn’t in a country that abides by the 14 Eyes agencies and their surveillance laws. This means that they likely will log your activity and won’t be able to prevent NSA from collecting your data or targeting you.
Some VPNs to consider avoiding include:
- Hotspot Shield
- Private Internet Access
When looking for a VPN, you also want to check for these services:
- Location not within 14 eyes or partner countries
- Fast connection speed with 99% uptime
- No data logging whatsoever
- DNS and IP leak protection
- AES encryption
- Automatic kill switch
- Hundreds of server locations for proper IP hiding
- Split tunneling
How to Protect Your Privacy Against the Eyes
While it is not well known how the NSA chooses its targets and whether they notify you, it’s clear that there are multiple reasons and ways that the NSA, FBI, and GCHQ are constantly looking for new targets through intelligent software.
However, you can make tracking and surveillance much more difficult by using a VPN. This also adds a new layer of privacy and security than most internet users have today. It will be more difficult for companies to track you as well.
You should also be aware of your devices and how they are used to track you.
From your smartphone to your watch to your Amazon Alexa, all of these smart devices are recording your every word and collecting other data on you as well. These are tools used to surveil any part of your life. Private companies have frequently been forced to hand over data to the NSA, as part of the PRISM program.
You should be careful of what apps you install on your phone, and you should limit your use of smart devices. Apple has been showing that it is a company that can be trusted for privacy, but even the microphone on your cell can be unlocked by certain apps.
Use a VPN When You Go Online
With a VPN, you can protect your data and prevent companies from collecting information on you. This is because a VPN can anonymize your IP address, making it difficult to track your web activity. One key difference between VPNs is the connection speed. Before you purchase any VPN, you should check their uptime and see if they are constantly dropping connection. This could be an indicator that you’ll browse very slowly when connected to these VPNs.
Choose Companies that Aren’t in PRISM
Google is one of the main companies that collects information, selling it to third parties and completing requests for NSA or FBI. This means that your Gmail account, Google searches, Google Chrome activity and advertising networks affiliated with Google have access to all of your information.
You should use a private and secure email service. There are a number of private and secure browsers that don’t sell information. You can also use a private search engine, and an ad blocker to get around these other problems.
Advanced Ways to Protect Your Data
A VPN is just one way to protect yourself in the digital world. As we wait for a decentralized “New Internet” as promised by Tim Berners-Lee, who is the original inventor of the current internet, there are many ways that you can take back control of your data and get away from companies that freely give your data to the NSA.
These are a few ways that users are fighting back and protecting themselves further online.
Switching to Private Computers and Operating Systems
Since Google, Apple, and Microsoft are part of PRISM, you should pick an operating system that uses Linux, as it is more difficult to hack this system.
Buy a Privacy-Focused, Fast VPN
Chaining VPNs is a common practice for those who want to mask their activities even further. For example, you may run your first VPN on your router and then connect that router to a computer that runs a second VPN. This ensures that no VPN has your originating IP address linked to your final web activity.
You may also want to cycle through different VPN providers, so that you prevent any VPN from logging your activities.
Browse Through a Virtual Box
This method is designed to set up a computer within your computer. These Virtual Boxes can run different operating systems, but the most popular is Linux. These virtual machines act like a guest to your host machine, which means that you can keep your data and machine separate.
Never Trust Any VPNs or Apps From China
China is one of the worst countries for surveillance. While it’s not officially apart of Five Eyes, the country heavily tracks web traffic no matter what and shows no issues with complying with US agencies. In 2011, China began cracking down on many VPNs, only allowing 3 to 4 VPN companies to remain.
Known as the Great Firewall of China, most traffic can be detected and blocked when trying to pass through China. You can also expect a heavy fine if you use an illegal VPN in China. For example, you can be charged $145.
What VPN Should You Use for Privacy Concerns
You can find VPNs located in these destinations are typically safe from the 14 Eyes:
- British Virgin Islands
Some people don’t agree with the use of VPNs, and they use arguments such as “I have nothing to hide” or “you can’t trust VPN companies.” These arguments were created to trap people into believing they don’t need to value their own privacy.
Even if you haven’t read George Orwell’s 1984, there are many reasons that you should protect yourself online.
- Your ISP is likely recording everything that you browse, including what you type in search. This is provided through DNS requests, which is then provided directly to surveillance agencies. Your name, address, billing information, and browsing activity can all be delivered directly to a government agency at a moment’s notice. If you have ever searched anything remotely illegal, you could be giving that information to the authorities without even knowing it. What if you just wanted to write a crime novel and researched firearms? You could be placed on a list.
- Many VPNs have no log services listed as a feature. This is important because you don’t want a VPN to track any of your data, as that’s exactly why you would want a VPN in the first place. Offshore jurisdiction also adds another layer of protection as these companies can’t be compelled to hand over any data to agencies.
- Have you ever watched illegally downloaded content? For example, did you torrent a movie and receive a DMCA complaint? You can prevent this by using a VPN.
Can You Trust All VPN Providers?
If a VPN provider states that it has a no log policy, then you may want to read user reviews first to verify the claim.
Unfortunately, a VPN provider may state that they are a “no log” provider, but they can be compelled to do the opposite, especially if they are located within a surveillance country. This ideally would mean that they don’t track any data and don’t provide any data. Some logs that VPNs keep include your original IP file, IP assigned when you logged into your server, session times, and amount of data used while you were on the vPN.
While that doesn’t seem like much, it can be used to incriminate you. For example, a recent cyberstalking case in the US used logs from the Hong Kong VPN service known as PureVPN, which claimed that it was a “no logs” service.
This phrase is used to say that VPNs aren’t tracking your online activities, but it can still place you online and show session times. While cyberstalking is obviously abusive, it just goes to show that not all VPNs are trustworthy.
Private Internet Access was another VPN company that was given a subpoena in March 2016, but the company was successful in preventing any data transfer because of its “no logs” claim.
Problems Today with Web Privacy & Surveillance
Even if you know that you don’t need a VPN because your activities are safe, you never know what is being tracked about you online. Many companies have built a profile around your behavior and listened to your conversations simply because they have the access to do so.
Why would you give your data away so easily? Whether it is used for advertising purposes or not, you are allowing companies to train you into believing that you need their content, products, and ads. If you want to remain anonymous on the internet, then protecting your IP address is the first step.
Many businesses use a VPN service because they don’t want sensitive business information revealed to unscrupulous companies and hackers that prey upon them. This is why most businesses have a very strict firewall too. However, a VPN is more protective for your business because it means that no one can latch onto your business’ IP address.
It’s also hard to tell what websites are safe. If you are browsing through Google, you may get a warning, but there are many companies using mobile phone hacks to access your phone’s data and get into your password list. This can be a huge problem for those who are worried about the Cloud and their privacy.
Conclusion: What’s Next After Learning About Five Eyes
In truth, many people won’t believe that it’s necessary to get a VPN yet. Most don’t think that they are doing anything wrong and that the NSA is only looking for terrorists or criminals. There are a ton of reasons why you should get a VPN to protect yourself from the Five Eyes, but it’s also because companies shouldn’t be allowed to access every single data point about you.
If you want companies to stop feeling like they own your data and can access you at any time through advertisers, then you have to treat your connection to the internet as an invitation. Many companies think that if you connect to their site, you are inviting them to spy on your activities.
Much of this, if not all of these concerns, can be avoided with a high-quality VPN. These is almost like you are connecting to the internet through a secondary computer that completely anonymizes your activities.
In conclusion, here is a quick summary of the perfect VPN:
- The VPN has a no logs policy that has been verified by users. The company doesn’t track any user activity or data, and it won’t provide logs of any kind to any of the Five Eyes agencies.
- It has a location outside of the 14 Eyes and partner countries. These countries typically include Switzerland, Romania, Bulgaria, British Virgin Islands, and Panama.
- Speed matters to your VPN provider, and they have a consistent speed delivery with no drops in connection or slow browsing.
- The VPN is not located or affiliated with any company in China. This could spell big legal and money troubles for you.
- Your VPN provider offers thousands of address to choose from, randomizing your location, and never tracking your connections.
- Owning at least two VPNs could be the ultimate way to circumvent all privacy issues. You should look into this option if you have a business that you want to keep safe from prowlers on the internet.