Five Eyes, Nine Eyes, and Fourteen Eyes, sinister sounding terms that aptly describe notorious international surveillance alliances. Here’s what you should know about them and how to best protect yourself.
Each eye denotes a member of the alliance. Five Eyes, the progenitor behind the nomenclature, is made up of the United States, the United Kingdom, Australia, Canada, and New Zealand. It was during World War II that the alliance started to form; the US and the UK had entered into an informal agreement to share intelligence with one another. After the war ended, the agreement was formalized and the two countries were joined by the remaining members, giving it its infamous colloquial name.
While the alliance was very active during both World War II and the Cold War, it’s existence was kept secret and wasn’t officially declared until 2005.
Both Nine and Fourteen Eyes have yet to be officially confirmed, but there is strong evidence to suggest that the alliance was expanded to include Denmark, France, Norway, and the Netherlands to form Nine Eyes, and Belgium, Italy, Germany, Spain, and Sweden to form Fourteen Eyes.
It is worth noting that other non-member countries have been involved in surveillance operations too. All in all, it is assumed that around 30 countries have at some point been part of this global surveillance sting.
Why Is It so Sinister?
Well, to begin with, while the alliance used to be focused on military and diplomatic intelligence gathering, as time passed, it branched out its snooping activities into private and commercial communications.
The alliance gained even more notoriety in 2003, after Edward Snowden, a former CIA employee who had leaked troves of classified information, claimed that the agencies involved in Five Eyes were spying on their own citizens. And the mechanics behind it are more sinister than you imagine.
The heart of the problem here is that the alliance provides its members with a way to avoid engaging in such an illegal practice themselves. So for example, while the law in the US forbids the government from spying on its own citizens, all the government had to do was to ask a fellow member of the alliance to do the spying for them.
Another particularly alarming aspect of this scenario is ‘data retention’. We already explained data retention laws in a previous article, but to quickly recap, those laws force internet providers and services to keep detailed logs on their users’ online activities and to make them available for scrutiny by local enforcement agencies.
And here’s the final nail in the coffin: All the members of those alliances have data retention laws in effect.
And What About VPNs?
Based on data retention laws, governments can force VPNs to store information on their users and release them when asked. The amount of influence that a certain government has over a VPN depends on the details of law itself, whether the VPN runs servers within that country, and whether the VPN company is headquartered within its territories.
The fact that the collected information can then be shared among members makes it even more tricky as well. For instance, practices that might be innocuous in one country – say criticizing the government – could be taboo in others. As such, traveling might become problematic for certain individuals.
What should you do? Minimize the risk. Choose a VPN that does not retain logs, permanently at least. You should also closely examine what kind of information they keep in their logs – keeping lists with usernames and expiry dates are harmless for example. Choose a VPN that’s is not headquartered in a Fourteen Eyes country, and if you still don’t feel secure, choose a VPN that is neither headquartered nor runs servers in any member countries. That, however, will prove to be very limiting, unfortunately.