Le Monde and The Intercept revealed in an investigation based on documents from the Edward Snowden leak archive that US and UK intelligence officials routinely monitor communications inside commercial aircraft.
One document suggests that inflight mobile phone use was an exciting new avenue for surveillance in 2010.
This is especially true as several airlines had added or were considering adding the ability to make inflight calls.
Of course, adoption has only expanded since then. Customers of Aeromobile for instance have included:
- Air Seychelles
- Air Serbia
- EVA Air
- Aer Lingus
- Virgin Atlantic
And it’s not only airlines that offer inflight cell phone calling that are monitored.
[D]ata was intercepted on March 23, 2012, at 1:56 p.m. on the UAE airline Etihad’s flight 8271 between JFK and Denver; on an Aeroflot’s Nice-Moscow flight on May 20, 2011, and subsequently that same year; on Qatar Airways flights from Milan to Doha and from Athens to Doha; and from Jeddah to Cairo (Saudi Airlines) and from Paris to Muscat (Oman Air).
Note that Etihad EY8271 is currently a codeshare for a JetBlue domestic flight between New York JFK and Denver (currently JetBlue flight 97).
What’s strange is that Etihad’s codeshare with JetBlue has only been in effect for 3 years. They didn’t have a JetBlue codeshare in 2012. Their codeshare with American however predates this. I do not recall whether American used to serve New York JFK – Denver, or whether Etihad codeshared on this route.
One of the more interesting revelations, though, is that it’s not necessary to connect a mobile device for the government to obtain data from it. Merely turning it on (presumably not in airport mode) provides crucial data.
Over time there has been a particular interest in Air France flights. Aeroflot has apparently worked with the Russian government specifically to facilitate data collection.
Aeroflot has set up a system of specific connections for GSM phones on its aircraft “presumably for legal intercept,”
Programs in the US have been ongoing since 2005 under names like “Homing Pigeon” and “Thieving Magpie.” We don’t know the extent to which domestic communications are monitored, or the communications of domestic persons traveling abroad. In terms of legal basis, the NSA,
“no problem with targeting Air France and Air Mexico flights overseas,” and “when the flights enter U.S. airspace, they should be more than covered by the U.S. air traffic control system.”
However a domestic flight New York JFK – Denver was specifically noted as having been the subject of surveillance. Whether or not that continues under current law, and the extent to which US persons or foreigners are targeted on domestic flights, is unknown at this time.
The article suggests that communications monitoring have increased as mobile and internet connectivity have grown but the documents published are predominantly talking about mobile traffic and data.
We know, of course, that there are government systems and procedures in place for carrying onboard internet traffic. For instance, it’s a US government requirement that inflight internet providers make you clear CAPTCHA before getting online. It wouldn’t be surprising to learn that as a condition for government approval, internet providers have to provide government backdoor access to monitor internet traffic. Since I don’t expect a forthcoming response either way, I did not reach out to companies like Viasat or Gogo to ask.
Of course, even before the Snowden leaks made these sorts of things common knowledge, I wrote that “the government now collects and analyzes all cell phone geolocation data..data mining of grocery store discount cards and widespread cameras such as in New York and DC and license plate readers to track the movements of law-abiding individuals.”
Surprisingly, even nearly four years ago, 77 comments on that post and nobody seemed to mention thinking I was paranoid…