The conditions governing Sweden’s security policy have fundamentally changed since the end of the Cold War.
This is the Swedish Ministry of Foreign Affairs’ principal message to the public on Sweden’s security policy. However, as an international surveillance power, less has changed than Sweden is willing to let on. Russia is still the adversary and the Swedish intelligence community still shares information with the United States, in secret and under questionable legal remits.
What has changed is a dramatic increase in collection capabilities and a vast expansion of Sweden’s geographic reach. Sweden has not only legislated for some of the most intrusive and far-reaching surveillance powers in Europe, it has also exploited the private interests of Swedish telecoms exporters to bolster its intelligence agenda.
The priorities have been set, sweeping surveillance powers has been granted, and technology has been advanced with no significant attempt to make public scrutiny possible. It is a clandestine agenda that has been pursued to secure Sweden’s position as a key power in an international intelligence collaboration network without precedent – the Fourteen Eyes.
Sweden’s History of International Cooperation
Sweden has promoted itself as a militarily non-aligned power for the last 200 years while secretly sharing intelligence, and even raw data, with Britain and the United States since 1954. Under the UKUSA Agreement, Sweden is a SIGINT Senior Europe (SSEUR) membrteeteen Eeryes. Conference.eio establishment and the US National Security Agency.. with its affiliation protected as “TOP SECRET” to uphold their image of political neutrality.
While the SSEUR is a 14 state cooperation, liaisons between the Swedish Defence Radio Establishment (FRA) and the US National Security Agency (NSA) indicate a closer relationship with the US rather than European counterparts.
At the outset of the 1954 accords, Sweden’s primary SIGINT partner was the British Government Communications Headquarters (GCHQ). That partnership was shifted over to the NSA in in the early 2000’s to allow the NSA access to FRA SIGINT materials “without pre-coordination with GCHQ.” Evidently, the NSA was aiming to exclude the British from this relationship all along.
Delegations at directorate level are now dispatched to meet with NSA counterparts annually in the “SWEDUSA” Strategic Planning Conference (SPC). The conference covers areas of mutual interest, from shared programs to domestic legislative and technological developments. US partners consequently know more about Swedish intelligence than the Swedish electorate itself.
The Swedish Intelligence Community’s Expanding International Role
Within the Fourteen Eyes partnership, Sweden has staked out a seemingly unchallenged claim as the eye towards the East. Nevertheless, the FRA’s quest to increase its international status, has lured it into a partnership on domestic Swedish targets as well – an area outside the scope of its mandate as a foreign intelligence agency.
The FRA reports broadly on issues relating to the “Russian leadership and internal politics” as well as Russian counterintelligence efforts and the energy sector. Time and again, this intelligence has been praised as a “unique” and invaluable insight into Russian politics by American partners.
Since 2008, the FRA has also established a wider regional reach to increase the salience of its intelligence. Apart from maintaining its own collection capabilities in the immediate Baltic neighborhood, the FRA has demonstrated significant efficacy in leveraging Swedish telecom providers with private interest “beyond Russia”, i.e. Central Asia.
Throughout the conferences, US partners have also expressed substantial interest in the FRA’s cooperation on counterterrorism. Sweden’s participation in Afghanistan and Central Asian intelligence has undoubtedly contributed to their value as a counterterrorism collaborator.
However, the leaks also imply US influencing on issues relating to the FRA’s legal capacity to access and cooperate on Swedish intelligence targets. The NSA has continually sought updates on the FRA’S competence to receive information from the Swedish Security Service (SÄPO) on Swedish targets. More worryingly, the NSA and FRA have also collaborated in translating US intelligence gathered in Swedish from bases in Germany.
The Swedish Intelligence Community’s Expanding Surveillance Powers
The FRA owes much of its international role as a SIGINT exporter to increasingly permissive legal regimes governing surveillance in Sweden. These legislative changes have not only allowed the FRA wiretapping powers, but also hacking powers (computer network exploitation) and internationally shared hacking programs.
On the 18th of June, 2008, the Swedish Parliament approved a suite of legal reforms, a.k.a. “the FRA Law,” making it one of the European cable tapping powers. The proposition was passed with after much controversy and with a marginal 158 votes for and 153 votes against the bill.
Irrespective of domestic controversy, the expanded surveillance powers have been greatly appreciated by the NSA which collaborated with FRA on its cable access program. One of the disclosures states specifically:
Thank Sweden for its continued work on the Russian target… including Russian leadership (…) and (…) counterintelligence. FRA cable access has resulted in unique SIGINT reporting on all of these areas.
Conspicuously, the FRA law also coincided with the amendments of the US Foreign Intelligence Surveillance Act (1978), effective as of July 2008.
Computer Network Exploitation (CNE)
[T]he law is not concerned with methods [of surveillance] other than differentiating between ether and cable… Otherwise there are no specifications on methods.
The statement by Runar Viksten, Director of the Swedish Defence Intelligence Court, paints a clear picture of how permissive Swedish surveillance laws are. The overly lax laws were passed with express declarations by the FRA before the Defence Committee of Parliament that “active” (read “hacking”) methods would never be used.
The FRA now have license to do as they please, and with American help they have. Discussions on CNE cooperation are tellingly recurrent on the common agenda. The NSA and FRA are partners on a special project called “WINTERLIGHT.” The project is part of the infamous attack suite known as the QUANTUM program.
A document, dated April 2013, reveals that the FRA WINTERLIGHT activities had “led to 100 shots, five of which” had been passed on to partners. In return for cooperating in the joint hacking program, Sweden was granted access to the XKEYSCORE traffic analysis program which an also trigger QUANTUM attacks.
A Concern for Accountability?
In 2013, as the indiscriminate practices of mass surveillance were exposed, calls for accountability were raised and lengthy inquiries initiated in the US and amongst its partners. Despite this, no significant inquiries were made by the Swedish oversight system which distinguished itself as shamefully unconcerned instead.
The State Inspection for Defence Intelligence (Siun), the primary intelligence oversight organ, addressed the international collaboration in its annual report for 2013. It addressed FRA’s international cooperation in two sentences with no mention of the Snowden revelations, no mention of any of the partners or the concerns raised internationally. It had no complaints.
Based on the meagre and wholly inadequate material of the Siun annual report, the Parliament subsequently launched a deliberation. The Parliament concluded that “the system to protect privacy during signals reconnaissance works in the manner intended by the law.”
To date, the disclosures on Swedish intelligence activities have been met with denial and complete avoidance of accountability. No impact assessments have been made and no inquiries have been launched to find if the surveillance methods are effective in protecting national security. Snowden seems to be a name that the Swedish security sector would rather forget.
Surveillance in Whose Interest?
Starkly, Swedish citizens must ask themselves whether their intelligence community is actually serving the national interests of the Swedish electorate or foreign interests.
The Snowden revelations opened the eyes of the public to the permissiveness of the legal frameworks governing the intelligence community. The legislature has passed laws that fundamentally fail in signposting the activities they allow.
International cooperation on Swedish surveillance targets is taking place with no public understanding on the safeguards that apply to this process. The intelligence sharing is not limited to specific targets, but possibly passing raw data with unanalyzed Swedish communications in it. The FRA has even aided the NSA with Swedish-language communications intercepted outside of Swedish law.
Additionally, Sweden’s greedy pursuit to expand the reach of its surveillance raises serious extraterritorial concerns. Not content with its cable tapping, Sweden also relies on its export of telecommunications as a means to gather information on foreign citizens.
It is a dirty game where top-tier representatives of the intelligence community have blatantly misinformed the public of their intent. The true aims behind Swedish intelligence have instead been secretly discussed and negotiated with foreign representatives.
Meanwhile, the oversight body tasked with keeping the intelligence communities under democratic control is happy to respond sweepingly, formulaically, and complacently as if nothing has happened.
Stay tuned as this blog series delves deeper into these issues in all of the Fourteen Eyes…