🔗 Optic Nerve (GCHQ)
Optic Nerve is a mass surveillance programme run by the British signals intelligence agency Government Communications Headquarters (GCHQ), with help from the US National Security Agency, that surreptitiously collects private webcam still images from users while they are using a Yahoo! webcam application. As an example of the scale, in one 6-month period, the programme is reported to have collected images from 1.8 million Yahoo! user accounts globally. The programme was first reported on in the media in February 2014, from documents leaked by the former National Security Agency contractor Edward Snowden, but dates back to a prototype started in 2008, and was still active in at least 2012.
The leaked documents describe the users under surveillance as "unselected", meaning that data was collected indiscriminately in bulk from users regardless of whether they were an intelligence target or not. The vast majority of affected users would have been completely innocent of any crime or suspicion of a crime. Optic Nerve as described in the documents collected one still image every 5 minutes per user, attempting to comply with human rights legislation. The images were collected in a searchable database, and used for experiments in facial recognition, to monitor known targets, and to discover new targets. The choice of Yahoo! for surveillance was taken because "Yahoo webcam is known to be used by GCHQ targets". Unlike the US NSA, the UK GCHQ is not required by law to minimise the collection from domestic citizens, so UK citizens could have been targeted on the same level as non-UK citizens.
The story was broken by The Guardian in February 2014, and is based on leaked documents dating to between 2008 and 2012. Yahoo! expressed outrage at the programme, when approached by The Guardian, and subsequently called it "a whole new level of violation of our users' privacy." A GCHQ spokesperson stated "It is a long-standing policy that we do not comment on intelligence matters".
Though there were some limits to which photos security analysts were allowed to see, with bulk searches limited to metadata, security analysts were allowed to see "webcam images associated with similar Yahoo identifiers to your known target".