France apparently has its own version of the PRISM program according to Le Monde. The news agency states that the General Directorate for External Security has a program that snags and processes metadata for all forms of communication such as calls, texts, IMs, and faxes.
While the intent is similar to that of the NSA’s PRISM in tracking threats to national security, it was mentioned that the Directorate shares the data with other intelligence agencies and the police. A Le Monde source mentions that France’s operation has more freedom to spy on French citizens since the country’s law supposedly doesn’t have provisions for handling or obtaining such data. From the report it seems as though France’s PRISM allows for a kind of grab bag of information where legislature on the matter is no man’s land.
Of course nothing is concrete about the existence of such a program from the General Directorate for External Security—then again the NSA’s PRISM was originally to be classified and the matter and extent of gathering metadata was to remain classified until the Snowden leaks happened. Also, considering the very nature of the Directorate and its dealing with External Security, it’s not totally beyond belief that the country and others for that matter would have its own program for monitoring calls, texts, IMs, and so on.
The question then doesn’t remain “Does France have its own PRISM program?” it becomes “How far does France’s PRISM go?” Could France simply take any and all information it wishes and if so, how do they store this private information and for how long? Also where does French law stand on this? How lax is the law that the General Directorate of External Security gets the supposed freedom of obtaining information that this unnamed Le Monde source says it gets?
To the latter questions there is actually some light on the subject. The Directorate’s actions—which also targets Yahoo, Google, Apple, Microsoft, Facebook, etc.—is considered illegal by the Commission nationale de l’informatique et des libertés. The CNIL is an independent authority agency which makes sure data privacy laws are adhered to in the case of obtaining and using collected data. With that said it seems like this should’ve been sorted out quickly enough…except for the fact several officials in the French government are aware of what the General Directorate for External Security does in this case.
The whole thing leaves a lot to the imagination and a lot in the air. This summer of leaks is seeing countries not only looking at the U.S—the first to be exposed for surveillance on home soil and abroad—but also their own countries. Since the very nature of intelligence is to be secretive of its operations and the information gained, it’s been assumed by most that the country itself isn’t being watched.
At the moment we can just watch this situation and see how it develops.