With our eyes, we see the world. We can watch the birds, the ocean, the moon. Sight is powerful and gives us the ability to enjoy the vastness of our surroundings and the beauty of what exists outside ourselves. But our eyes can also be used to study the movements around us, gathering more information through what we see. This secret watching happens for many reasons—curiosity, suspicion, fear—and can be a potent way to uncover that which is hidden, making it the ultimate enemy of privacy. The only thing more effective than one strong eye on the lookout is two, or four, or six eyes, all watching out for each other—the more, the better. Because where there is sight, there is information, and where there is information, there is power.
The Fourteen Eyes Are Born
The first two countries in the world to recognize and implement this method of collaborative sight were the U.S. and the U.K., who officially enacted a secret treaty between themselves in the 1940’s known as UKUSA Agreement. This intelligence-gathering pact was established to bolster their individual strength through shared surveillance of other nations around the world. Within a few years, they extended this accord to include Canada, Australia, and New Zealand, essentially constructing what is now known as the Five Eyes (FVEY), a network of nations all committed to collecting, analyzing, and sharing international intelligence.
Although these entities initially agreed not to spy on one another as enemies, asking another country to do so on their behalf was certainly not out of the question. If the U.S. couldn’t spy on their own citizens, why not have the U.K. do it for them? Every good loophole deserves an exploit. And so, a system intended to gather intelligence during wartime was eventually applied to billions of private communications worldwide, essentially becoming one of the most comprehensive known espionage alliances in history.
It soon became clear that having a “third party” of eyes couldn’t be a bad thing either. And as a result, the FVEY were joined by Denmark, France, Holland, and Norway to create the Nine Eyes (9EY). But the UKUSA Agreement still had plenty of territory left to cover—namely a need for more exchange of military intelligence—and the agreement was later extended to Germany, Belgium, Italy, Sweden, and Spain as well, establishing an official network of collaborating countries known as the Fourteen Eyes (14EY). But well before any of these subsequent liaisons, the FVEY had evolved past the point of basic military and diplomatic interest to become (according to Edward Snowden) a “supra-national intelligence organization that doesn’t answer to the known laws of its own countries.” And when his digital intelligence was finally leaked in 2013, it became clear the FVEY had been spying on its citizens and sharing their findings in an effort to avoid the restrictive domestic regulations on surveillance. The game remained the same, but the playing field was now much bigger.
The Fourteen Eyes Become All-Powerful
When fourteen watchful eyes are aimed at your business, there’s little that will go by unnoticed or recorded, which is precisely why you should fully understand how their laws can affect your privacy. For those who use VPNs or encrypted communications, this awareness is particularly important because these regulations can quickly and easily compromise any piece of sensitive information entrusted therein. Simply put, you can’t find complete digital privacy in any 14EY country, no matter what they say. You will need to choose a security provider based in a country outside of this network. On varying levels, the strength of the laws 14EY countries will completely overpower any would-be legal discussion of who has the right to access your data—they do, plain and simple.
In the U.S., an investigative tool similar to a subpoena, also known as a national security letter (NSL), gives federal agencies like the FBI the ability to take any information they want, from any company they want, at any moment they want, for any reason they want, using the ongoing justification of national security. This means no matter what your service’s privacy statement may have said when you signed up, those rules no longer apply. When a 14EY government steps in with an NSL, they do not need a judge’s approval—they just do it. They are fully authorized to seek any information they deem “relevant” to national security, a right only strengthened by the start of the global War on Terror in 2001. And while it’s true they cannot request the actual content of your communications, every aspect of your situation will be revealed.
When the government learned Edward Snowden had used the email service known as Lavabit to contact lawyers and activists, the Stored Communications Act allowed them to demand his metadata in addition to the private SSL keys of all Lavabit customers. Of course, the company had no choice but to comply, suspending all operations without much in the way of explanation, primarily because they were placed under a legal gag order preventing them from saying a word to anyone. So, while it’s true the 14EY countries share information on varying levels, they are places you should absolutely avoid when choosing a VPN or related service, including those related to housing servers.
The Fourteen Eyes Are Still Watching
It probably comes as no surprise that these government eyes have only intensified their effort to surveil other people, their communities, and the states they live in. In a quiet memo issued just this week, the original FVEY have recently pushed their agenda to “collect it all” even harder by demanding tech companies build backdoor access to the encrypted data of their customers—or else face punitive measures. These “customized solutions, tailored to their individual systems architectures” would provide the type of backdoor access governments from the U.S., U.K., Canada, Australia, and New Zealand need to access the encrypted, private data of their citizens. The request is so serious, these countries have even threatened to push through legislation to make this type of technological request illegal.