Extrait d'une présentation du GCHQ montrant comment le service britannique intercepte les communications au sein des avions Air France. Document Snowden

This is a real treasure; it was found in the huge stock of archives extracted by the former NSA (National Security Agency) consultant, Edward Snowden and begins with a riddle: ‘What do the President of Pakistan, a trafficker in firearms or cigars, a target of counter-terrorism or the member of a network for nuclear proliferation all have in common? They all use their mobile phone when they are in an aircraft.’

This riddle appeared in 2010 in the internal information newsletter, ‘SID today’ of one of the main departments in the NSA (the Signal Intelligence Directorate) and classified as ‘top secret’; it announced the emergence of a new field of espionage which had not yet been explored: the intercept of the data from telephone calls made on board civil aircrafts. In 2009, in an internal document, the NSA emphasizes that in December 2008, 50,000 people had already used their mobile phones in flight, a figure which rose to 100,000 in February 2009. For an explanation of this passion, the NSA listed: ‘An increasing number of aircraft are equipped, the fear of seeing the aircraft crash is declining. It is not as expensive as was thought (…). The sky seemed to belong to the NSA.’

At the end of 2012, in a presentation, the Government Communications Headquarters (GCHQ), the British equivalent of the NSA, in turn disclosed a ‘top secret strap’, the term used for the highest level of classification, the content of the Southwinds programme, set up to gather all the activity, voices and data, metadata and content of the calls on board aircraft. The zone was still restricted to the regions covered by the Inmarsat satellites: Europe, the Middle-East and Africa.

The data collection was done ‘practically in real time’ and an aircraft could be followed every two minutes. To spy on a telephone, all that was required was that the aircraft be cruising at an altitude of 10,000 feet. As the signal transited through the satellite, the intercept technique was done by secret aerial stations on the ground. The simple fact that the telephone was switched on was enough to give its position, the intercept could then be crossed with the list of passengers registered and the number of the aircraft to assign a name to the user of the smartphone. The GCHQ could even, remotely, interfere with the working of the phone; as a result the user was forced to redial using his or her access codes. The British Intelligence services intercepted the identification codes (login and password) at the same time.

“Magpie” and “Carrier pigeon”

The GCHQ and the NSA gave their surveillance of in-flight telephone calls names of birds, like ‘Magpie’ and ‘Carrier pigeon’ as we learn from Glenn Greenwald, in his book ‘No Place to Hide’ (Metropolitan Books, 2014). A careful reading of their presentation, along with that of other unpublished information from the Snowden archives given to Glenn Greenwald and Laura Poitras, consulted by Le Monde in collaboration with The Intercept, on surveillance activities of aircrafts and their passengers all over the world, between 2005 and 2013, demonstrates that Air France was, at an early date, a focus of attention by these two friendly countries, the United States and the United Kingdom.

Air France was targeted as from 2005; this appears in an NSA document setting out the broad lines for the project ‘The tracking of civil aircraft throughout the world’. Dated 5 July and signed by the second in command of one of the main departments, the Signal Intelligence Directorate (SID), the 13 page memo lists chronologically and in detail the main stages of this programme which was intended to avoid ‘a new September 11’. We can read that, as from the end of 2003, ‘the CIA considered that Air France and Air Mexico flights were potential targets for terrorists’. The legal department of the NSA stated at this point ‘there is absolutely no legal problem in targeting aircraft from these two companies abroad’ and ‘they should be kept under strict surveillance from the point at which they enter American air space’. As from February 2005, these same lawyers insisted on the legal procedure to be adopted ‘in particular for the collection of calls made on board the aircraft’.

The naming of Air France as a major risk for American interests and American territory is not just a simple hypothesis by a few technicians spying for the USA. An impressive circle of authorities responsible for security were informed of the ‘danger’ represented by the French company. The NSA memo was sent to roughly twenty recipients, including the North American Air Defence Command, the CIA, the Homeland Security Department (internal security), the Agency for Space Intelligence (NRO – National Reconnaissance Office), the Defence Intelligence Agency (DIA) or the Air Force Chief of Staff. This fixation on Air France was continuous throughout the following years and is not due to chance alone.

The first test of the use of a smartphone in full flight was made on board a Paris-Warsaw flight, AF1046, on 17 December 2007. As the Air France management confirmed to Le Monde, ‘We began early, but since then, we have carried out tests continuously and today, like other companies, we are getting ready to move directly to Wi-Fi on board’. Questioned by Le Monde about the British and American surveillance activities, their response was measured: ‘We are visibly not the only ones to have been targeted and we know absolutely nothing about these practices.’

In 2012, the British GCHQ observed that 27 companies had already enabled passengers to use mobile phones, or were about to do so, particularly in First and Business Class on long-haul flights. These included British Airways (only data and SMS), Hongkong Airways, Aeroflot, Etihad, Emirates, Singapore Airways, Turkish Airlines, Cathay Pacific and Lufthansa. Air France however is synonymous with the surveillance of in-flight calls to the extent that the British Intelligence Services use a full-page sketch of one of its planes to illustrate the working of in-flight intercept.

Data from Aeroflot, Qatar Airways, Saudi Airlines...

As a example of their know-how, the British GCHQ and the NSA provide numerous examples of calls intercepted on board commercial flights in other companies. Data recorded on March 23rd 2012 at 1.56pm on the Etihad ETD8271 flight from the United Arab Emirates between JFK and Denver. Data from the Nice-Moscow on May 20th 2011 (Aeroflot), or again in the same year, from the Milan-Doha (Qatar Airways), from Athens to Doha (once again Qatar Airways), from Jeddah to Cairo (Saudi Airlines) or from Paris to Muscat (Oman Air).

The data collection is also made on Blackberries. The PIN codes and the e-mail addresses were identified in an aircraft, on January 2nd 2012 at 10h23, but there is no information on the destination or the company of the aircraft. The spoils of war are proudly listed : voices, data, SMS, Webmail, Webchat, social networks (Facebook, Twitter, etc.), travel apps, Google Maps, Currency Converters, Media, VOIP, BitTorrent or Skype. In the course of their intrusion exercises the British Intelligence Services discovered, somewhat to their surprise, that they are not alone in their interest for these in-flight communications. They note that the Russian company, Aeroflot has set up a system of specific connections for the GSM on their aircraft ‘doubtless to enable intercept …’ as they remark in a technical memo.

Today, approximately one hundred companies permit in-flight use of telephone. ‘Customers now consider it normal, even necessary, to remain connected in flight’ stated the Air France management. The aviation security authorities have all approved the use of GSMs on board aircraft and the experts estimate that the years 2016, 2017 and 2018 will go down in history as the years of the in-flight mobile phone, in particular with the long-term installation of in-flight Wi-Fi.

This will further extend the scope of espionage by aiming at ‘several hundreds of thousands of people’ to be closely monitored, according to the NSA projections. This implies a population which goes far beyond the targets involving terrorism alone. The political or economic surveillance of passengers in Business or in First Class on long-haul flights is of interest to many more services.

There is no limit to surveillance activities and each novelty is a technical challenge to be met. The intelligence services even seem to be slightly jaded. The NSA technician-spies, in a 2010 internal memo, were already thinking further afield. ‘What will be the next area for experimentation? Perhaps trains? We will have to think about that...’

We are publishing four documents with this story : “Thieving Magpie”, “Homing Pigeon”, “In-Flight GSM is no joke” et “In-Flight GSM”.