Attacks¶

The patterns through which surveillance operates in practice. None of these require exceptional technical capability or extraordinary legal authority. Most of them are routine, documented, and legal.

Bulk collection, filter later¶

The foundational operational pattern of modern signals intelligence: collect as much as possible from accessible points, store it, and apply filtering and analysis subsequently when targets or criteria are known.

This pattern inverts the traditional model of targeted surveillance (identify a target, obtain authorisation, collect data on that target) into something more like a standing archive: most of what was collected will never be looked at, but the archive is there when needed. The legal justification is generally that collection and access are treated as separate acts; the collection itself is characterised as not constituting interference with privacy until a human analyst actually looks at the data.

Courts have been sceptical of this framing. States have retained the capability.

Metadata dominance¶

Content is regulated more tightly than metadata in most legal frameworks, which has driven a systematic shift toward metadata collection as the primary intelligence product. Metadata includes who communicated with whom, when, for how long, from what device, from what location, and through what service. It does not include the content of the message.

The practical intelligence value of metadata is, in most analytical contexts, higher than content. A social graph built from communications metadata maps networks, identifies key connectors, reveals relationships between organisations, and makes visible operational patterns that content alone would not expose. Former NSA Director Michael Hayden stated publicly that the US government “kills people based on metadata.” The legal threshold for accessing metadata is, in most jurisdictions, lower than for content.

The result is a surveillance environment where the most sensitive analytical product is the least regulated one.

Cross-border laundering¶

Data collected in one jurisdiction under that jurisdiction’s legal framework becomes accessible in another jurisdiction under different rules. This can operate through formal instruments (an MLAT request, EU cooperation frameworks) or through informal sharing within intelligence alliances.

The practical effect is that a person’s communications, collected by a foreign agency as “foreign intelligence” under that agency’s domestic law, can be made available to their own state’s intelligence service. The collection was legal from the collecting agency’s perspective. The access is legal from the accessing agency’s perspective. The person subject to it has no knowledge of either transaction and no avenue to challenge it.

Commercial bypass¶

Rather than deploying technical surveillance infrastructure or obtaining judicial authorisation, agencies purchase data from commercial brokers. The data purchased may include precise location histories extending over months or years, social connections derived from device proximity or shared network access, browsing and purchase behaviour, and biographical details compiled from public and semi-public sources.

The legal threshold for this procurement route is, in most jurisdictions, no different from any other government procurement decision. There is no warrant requirement. There is no judicial oversight. The data was collected commercially and is sold commercially. The fact that it describes, in granular detail, the movements and associations of a large number of people who never consented to state access is a consequence of the data broker industry operating in a regulatory gap, particularly in the national security context where GDPR does not apply.

Function creep¶

Data collected for one stated purpose is used for others. Counter-terrorism collection infrastructure is applied to serious organised crime, then to lower-level crime, then to immigration enforcement, then to monitoring of protest movements, then to background checks on civil servants, then to assessing political risk from civil society organisations.

Each extension looks incremental and each is argued to be proportionate. The cumulative effect is that infrastructure and legal authorities established for the most compelling security justifications become standard tools applied far outside those contexts.

This pattern is structural, not aberrant. Oversight bodies struggle with it because each individual application may be authorised. What is not authorised and often not even visible is the trajectory.

Targeted escalation¶

Surveillance does not apply uniformly across a population. It concentrates first on the groups perceived as posing the highest risk, then broadens as capability expands and risk definitions evolve. Journalists, lawyers, political opposition figures, activists, environmental groups, religious minorities, diaspora communities, and trade union organisers have all been documented targets of surveillance in EU member states under national security mandates.

This matters for the general population for two reasons. First, the definition of “at risk of targeting” has expanded consistently over time and shows no sign of contracting. Second, passive collection of population-scale data affects everyone regardless of whether they are specifically targeted; it is the targeting criteria that determine whose file is examined, not whose data was collected.

Parallel construction¶

Intelligence is used to drive investigation without disclosing the intelligence source. An individual is identified through surveillance as a person of interest. Law enforcement then opens an investigation through conventional means, constructs a case using evidence gathered without reference to the original intelligence, and prosecutes the individual. The intelligence remains classified. The source is never disclosed. The defence is never in a position to challenge the basis on which the individual became a target.

This practice has been documented in the United States and is structurally available wherever intelligence and law enforcement share information in one direction (intelligence to law enforcement) without the corresponding transparency obligation. It creates a system where the legal trial addresses the disclosed evidence while the actual basis for targeting remains permanently sealed.

AI-assisted analysis¶

Pattern recognition applied at scale to large datasets makes previously impractical analysis feasible. Communications networks can be mapped across millions of nodes. Behavioural anomalies can be flagged automatically. Individuals can be scored for risk based on patterns derived from population-level data. Predictive profiling can generate assessments of future behaviour based on correlations rather than evidence.

The analytical capability exists. The oversight frameworks for how it is applied, how its outputs are challenged, and what happens when it produces a false positive are generally underdeveloped. Misclassification at population scale is not a hypothetical risk: it is a statistical certainty.