The turmoil in the leadership of the State Security Agency has again cast a baleful light on the role and reach of the secret apparatus available to the government.
The reasons alleged for the departure of National Intelligence Agency director Gibson Njenje underline persistent concerns about the abuse of covert power: Njenje refused to stop spying on some of the president’s friends — the controversial Guptas — and refused to start spying on some of his political enemies.
The role of surveillance in our politics recently is undeniable. Jacob Zuma would probably not be president if someone in crime intelligence had not leaked recordings of former Scorpions boss Leonard McCarthy to Zuma’s lawyer.
This week, as part of an occasional series on the Secret State, we explain the architecture of South Africa’s spy agencies and take a closer look at the use and abuse of state surveillance.
State intelligence agencies can — and do — access citizens’ private communications illegally. The Mail & Guardian has been told by well-placed sources that it is a common occurrence, especially in police crime intelligence (see “A police case in point” below).
The M&G‘s informants included two former police crime intelligence agents and a former military intelligence operative.
A fourth source, who works for a state department, described how he used a contact at police crime intelligence to obtain detailed information of an individual’s movements in and out of the country over seven months.
The source alleged that that it took crime intelligence less than 36 hours to source the information — without a judge’s permission.
Yet another source, a former police detective, claimed to have acquired cellphone billing and ownership records through crime intelligence on numerous occasions without a judge’s knowledge or approval, mainly to speed up investigations.
A sixth source asserted that she had obtained text messages and cellphone billing records that she needed for personal reasons through a contact at crime intelligence — again illegally.
No one is exempt from the South African government’s all-seeing eye. It has the capacity to see your text messages, hear your cellphone conversations, pinpoint your location through your cellphone, access your personal cellular and land-line telephone records and read your emails.
Parliament’s joint standing committee on intelligence revealed in its 2009/2010 report that, over a four-year period until the end of March last year, one of the state’s eavesdropping centre had legally carried out three million interceptions — phone calls, text messages or emails.
Two specific laws provide for legal interceptions for reasons of security and crime prevention.
The Regulation of Interception of Communications and Provision of Communication-related Information Act 70 of 2002 (Rica), which came into effect in 2005, makes it illegal for any authority to intercept communication without the permission of a judge designated to rule specifically on all interception applications in South Africa.
The normal legal route for authorities to access private communication can be tedious and time consuming: a law enforcement agency such as the police has to accumulate enough evidence to convince the designated judge that tapping or bugging is necessary to address crime, protect public health and safety, or ensure national security.
When the judge is satisfied that an interception is justified, he or she issues what is legally known as an “interception direction”.
With this direction in hand, law enforcement goes to the cellphone, telephone or internet service provider, which must comply with the judge’s orders and is legally bound not to inform a customer of the impending eavesdropping.
Criminal Procedures Act
Another way of accessing information related to communication is provided for in section 205 of the Criminal Procedures Act 51 of 1977, which allows a law enforcement agency to apply to a high court judge, a regional court magistrate or a magistrate to grant access to cellphone records, telephone records or information about billing and ownership of a cellphone.
It also provides for a person’s whereabouts to be tracked through his or her cellphone. This information has to be provided by a telecommunications service provider, which cannot legally release such privileged customer information without being ordered to do so under section 205.
According to the latest report of the Rica judge, retired Judge Joshua Khumalo, there were 419 interception applications between April 2009 and March, of which 34 were refused. The majority, 325, came from the police, with the rest coming from the National Intelligence Agency.
Khumalo commented that, given the vast extent of electronic communication taking place, the number was not excessive. However, the relatively modest number of directions may mask a much larger eavesdropping footprint.
Complaints are also rare. Any member of the public can complain to the inspector general of intelligence if they suspect that the state is illegally intercepting their information.
According to the office of the inspector general of intelligence, only two complaints about surveillance were received during 2010 and four so far this year. Neither of the individuals who complained in 2010 were actually under surveillance, the inspector general claimed.
Included in this year’s batch, the M&G understands, was a complaint by Sunday Times journalists Stephen Hofstatter and Mzilikazi wa Afrika. The inspector general found that Hofstatter was not bugged, but Wa Afrika was indeed — “pursuant to a judge’s direction”.
From the legal to the illegal
Despite strict legislative provisions, those working in state intelligence agencies can access private communication at any time through bypassing the legal system. And you are unlikely to know about it, unless someone in an agency informs you.
This is possible, sources say, because of the huge number of interceptions that take place, the advanced technology involved and the lack of oversight in intelligence agencies.
Where it all happens
The office for interception centres in Sandton houses the technology and expertise that enable the state to scrutinise ordinary citizen’s private lives. In particular, cellphone and telephone conversations, text messages and data — emails and internet website addresses — are intercepted using these facilities, all supposedly within the bounds of Rica.
Established in terms of Rica, the office serves all the state’s intelligence agencies and the National Prosecuting Authority. State intelligence agencies include the former National Intelligence Agency, now the domestic branch of the State Security Agency, and the former South Africa Secret Service, now the foreign branch, and the police and military crime intelligence divisions.
One source, who asked to remain anonymous, said that the sheer number of interceptions made it difficult for the designated judge to closely scrutinise them.
“Hundreds of cellphones are being monitored. How will the judge know if any of them are monitored illegally, unless an investigation is done into every single monitored phone?”
The source said that, although a careful record was kept of all cellphones monitored by intelligence agencies via the office, it was difficult for an inspecting authority to detect illegal interceptions.
He said because of the advanced technology, one was unlikely to hear a click, hum or echo on a cellphone if someone was eavesdropping.
“You’re not going to know if they’re listening to you. Many people say there’s a click or an echo, but today’s technology doesn’t allow for that type of detection,” said the source.
In fact, the cellphone operators are obliged to make provision for a live feed via the office, making cellphone interception easy.
Even if you have it on good authority that a state intelligence agency is illegally intercepting your communications, it would be very hard to prove.
“They know how to cover their tracks,” explained another source. “There’s no way of proving that the interception was illegal.”
Finessing the legal route
One way for law enforcement officers to listen in on the sly and make it appear legal is to falsify affidavits and evidence placed before the Rica judge. But this still leaves a paper trail that can be investigated and does not eliminate the long wait for a legal interception direction.
Sources said the quick and dirty method of intercepting illegally was to sneak a peek while no one was looking. Certain state surveillance projects run for years and involve intercepting the communication of a number of individuals.
So, if an agent wants to take a closer look at an individual but lacks the evidence required for a direction, the target is subsumed under an existing long-term surveillance project.
Under the pretence of suspecting the individual of being associated with the villains already under surveillance through the project, his or her communications are intercepted.
There is no specific direction, no case number and no paper trail marking the interception — and no judge has knowledge of the individual’s case.
Meanwhile, the investigating officer claims to be gathering evidence and assembling a case to present to the judge to legalise the interception.
Later it emerges that the targeted individual was not involved in the suspected malfeasance. The surveillance is dropped and he or she is forgotten — except that an embittered, soon-to-be ex-spouse knows what is in the individual’s bank account and what he or she has said on the phone to a divorce lawyer.
The intelligence sources said that one reason for illegal interception was to speed up investigations — the legal route takes time and wanting to bug a suspect based on a hunch would not convince the judge to issue a direction.
There is also a flow of information between state intelligence agencies and private investigators. If a private eye knows someone inside state intelligence, he or she can gain access to communications and phone records through that contact. And the deal can work both ways.
Another way in which the state can intercept communication illegally is by outsourcing to a private entity informally so that deniability is maintained. A private investigator obtains the information and passes it back to the state agency involved.
Private investigators can obtain such information by paying contacts at banks and telecommunications service providers. They can also intercept communication by bugging rooms — without obtaining entry warrants.
A bug is a hidden device that transmits conversations and other sounds. It can be a transmitter, sending signals to a recipient nearby, or can be based on cellphone technology. A bug can be located in a room in Cape Town while the eavesdropper dials in from London and listens to conversations in real time.
No permission required
The National Communications Centre houses interception facilities that provide for the bulk monitoring of telecommunications, including conversations, emails, text messages and data, by state agencies.
In bulk interception all signals, regardless of who sends them, are intercepted, and thousands of signals can be intercepted simultaneously. These are then analysed to find intelligence relevant to security issues by using methods such as voice and word recognition technology.
However, intelligence sources said the centre’s facilities were open to abuse and could be used to target individual numbers.
In 2005 an investigation of the then-National Intelligence Agency’s use of the centre found that bulk interception facilities had been used illegally to intercept conversations of private citizens in South Africa.
Because the centre targets “foreign signals intelligence”, this is interpreted as falling outside Rica and no judge’s direction is required. But the centre’s remit includes any foreign communication that “emanates from outside the borders of the republic, or passes through or ends in the republic”.
This leaves an obvious loophole for the interception of the communication of South African citizens. At the moment there is no legislation governing the centre. This means that you can be bugged completely outside of the law, and without a judge’s direction, if your communications involve a party in another country.
This week the South African Police Service vehemently denied involvement in illegal interceptions.
“The allegations made to the media are denied with the contempt it deserves. Interception is regulated by the Rica Act. The process is such that no illegal interception can occur due to the various ‘fail safes’ built in and is subject to full compliance audits and inspections by the office of the inspector general of intelligence.
“Any person with information or a perception that his or her communications are subject to ‘illegal interception’ by the SAPS is encouraged to lay a complaint with the office of the inspector general of intelligence, who is the competent authority to investigate such matters.”
The inspector general’s office said: “All complaints alleging illegal interceptions were fully investigated. In none of the complaints received did we find any unlawful interceptions.”
The State Security Agency had not commented at the time of going to print.
A police case in point
Deon Loots is an former police officer. Dressed in shorts, running shoes and a T-shirt, he is the guy next door. It is a look he has spent years perfecting as a former undercover officer for the police’s crime intelligence division, which he left in 2001.
Loots agreed to meet with the M&G to discuss his experience of illegal interception. He claims to have experienced both sides of this double-edged sword — intercepting others’ communications and having his own privacy violated through the abuse of state facilities.
After leaving the police, he said, he maintained close ties with former colleagues at crime intelligence headquarters in Prieska Street, Erasmuskloof, in Pretoria.
The links were useful for his work as a private investigator. Loots claimed that he could approach a contact at this office at any time and request information about, or the communication of, whoever he was investigating. Such information was usually obtained illegally through state facilities, he said.
But things went sour. Loots claimed that, after a personal dispute, his contact had used the crime intelligence division’s facilities to intercept his cellphone communication and access his bank accounts to sabotage his business and financial endeavours.
He said he knew this because his former contact knew intimate details of his financial and legal affairs that he had not shared with her and which she could only have learned through state facilities.
But there is another reason why Loots was certain that his communication was being intercepted. As a former member of the intelligence community, he said, he was well aware that illegal interception was an everyday occurrence.
Loots said that he had complained to the police and its crime intelligence division without any result. He had also filed a complaint with the inspector general of intelligence, Faith Radebe, from whom he was awaiting a response.
At the time of going to print, Radebe’s office had not confirmed receiving Loots’s complaint.
* Got a tip-off for us about this story? Email [email protected]
The M&G Centre for Investigative Journalism, a non-profit initiative to develop investigative journalism in the public interest, produced this story. All views are ours. See www.amabhungane.co.za for all our stories, activities and sources of funding.