Rethinking the infrastructures of technology, Surveillance, Media Culture and Digital Spaces in relation to physical experience, material interactions and public space.
Midterm Project Statement
“This project examines the ethical, legal, and societal implications of espionage, guided by the research question: How have revelations about secret signals intelligence practices challenged legal frameworks, and what were the consequences for civil liberties, public trust, and global accountability in national security, particularly after 9/11?
Considering the Hawthorne Effect, which explains how individuals change their behavior when aware of being observed, I explored how surveillance influences both individual and state actions, impacting public trust and the legitimacy of government actions.
Espionage, while critical to national security, exists in a legal gray area, especially in peacetime, as international law does not explicitly authorize or prohibit spying. To understand the legal complexities of espionage, I researched the ECHELON surveillance program, created by the USA and the Five Eyes Alliance in the 1960s to monitor communications during the Cold War.
The Five Eyes, an intelligence alliance comprising the U.S., UK, Canada, Australia, and New Zealand, was established post-WWII to enhance intelligence-sharing capabilities. It coordinates surveillance, cyber operations, and intelligence gathering, particularly to address threats like terrorism and espionage.
This project explores how revelations of surveillance programs have reshaped legal frameworks, with key examples like the USA FREEDOM Act and the EU’s privacy regulations, both responding to public backlash against invasive surveillance.
Finally, reflecting upon my research, the materialisation will be in form of a game designed to engage players, raising awareness about mass surveillance and its implications through a reenactment of these practices on a small scale.”
Elements of Interest
- In group project:
- Hawthorne effect -> How do individuals or nations act when they suspect they’re being monitored?
- Surveillance -> How do intelligence agencies alter their own practices when they’re being scrutinised?
-> Modification of behaviour to protect sensitive information, for example encrypting communication, code language, changing routines, spreading disinformation.
INTELLIGENCE AGENCIES: Scrutinised by oversight bodies, whistleblowers, or the public.
- Brussels & the context of the European Commission:
- Brussels is one of the biggest spy hubs with hundreds of intelligence officers who target the European Commission’s institutions.
ESPIONAGE: the unauthorised collection of information not made publicly available.
COVERT ACTION: acting on information in pursuit of national interests
INFORMATION<INTELLIGENCE: classification by the acting state, depending on how important it is.
Espionage in different parts of the world and different techniques
First research step:
Different techniques of espionage in different areas of the world
United States:
- Agencies: NSA, CIA, FBI (counterintelligence).
- Global surveillance programs (e.g., PRISM), cyber intelligence, and drone-based reconnaissance
- Targets: Adversaries like Russia, China, Iran, and allies (e.g., tapping German Chancellor Angela Merkel’s phone).
Russia:
- Agencies: GRU, SVR, FSB (domestic).
- Cyberattacks (e.g., SolarWinds hack), disinformation campaigns, and high-profile poisoning cases (e.g., Sergei Skripal in the UK).
- Targets: NATO countries, Ukraine, and internal dissent.
China:
- Agencies: MSS (Ministry of State Security).
- Cyber espionage, economic espionage, and infiltrating foreign institutions like universities.
- Targets: Technology, defense, and government sectors worldwide, particularly in the U.S. and Europe.
Israel:
- Agency: Mossad (external), Shin Bet (domestic).
- Precision operations, like the assassination of nuclear scientists and recovering hostages.\
- Targets: Regional adversaries like Iran, Syria, and Hezbollah.
United Kingdom:
- Agencies: MI6 (external), MI5 (domestic), GCHQ (signals intelligence).
- Known For: Partnerships with the U.S. (e.g., Five Eyes alliance), counterterrorism, and monitoring Russian and Chinese activities in Europe.
France:
- Agency: DGSE (external intelligence).
- Industrial espionage targeting corporations for competitive advantage and counterterrorism in Africa.
Countries That Spy the Most (Based on Available Information)
- United States: Extensive leaks, such as Edward Snowden’s revelations, have exposed global surveillance programs.
- Russia: Documented cyberattacks, assassinations, and election interference.
- China: Numerous reports on cyberattacks and industrial espionage efforts targeting the West.
- Israel: Mossad’s reputation for high-stakes covert operations is widely documented.
- United Kingdom: Active in intelligence sharing (e.g., Five Eyes) and counterterrorism efforts.
Techniques of Espionage
Electronic Surveillance (SIGINT - Signals Intelligence):
- Intercepting communications like phone calls, emails, and encrypted messages.
- The United States’ National Security Agency (NSA) operates global surveillance programs like PRISM, which collects data from major tech companies.

Cyber Espionage:
- Hacking into systems to steal data, disrupt operations, or gather classified information.
- China is known for cyberattacks targeting U.S. and European organizations, including government agencies and corporations. Groups like APT10 and Unit 61398 are linked to state-sponsored operations.
Human Intelligence (HUMINT):
- Recruiting agents, using informants, or embedding spies in foreign entities.
- Russia’s GRU (military intelligence) and SVR (external intelligence) rely heavily on undercover agents to infiltrate organizations.
Economic Espionage:
- Stealing trade secrets, intellectual property, or economic data to gain competitive advantages.
- China’s targeting of Western companies for technology theft, including cases involving Huawei.
Propaganda and Influence Campaigns:
- Spreading misinformation, manipulating public opinion, and influencing elections.
- Russia’s Internet Research Agency (IRA) is known for disinformation campaigns, including interference in the 2016 U.S. presidential election.
Covert Operations:
- Sabotage, political subversion, and assassinations to achieve strategic goals.
- Israel’s Mossad is reputed for operations like targeting Iranian nuclear scientists.
Open Source Intelligence (OSINT):
- Analyzing publicly available data from social media, news outlets, and other sources.
- Widely used by many countries, including the UK’s GCHQ and France’s DGSE.
Soviet/ American Surveillance Organisations and spying in time of peace vs. War
KGB: Committee for State Security of the Soviet Union - 1954-1991 - Most operations conducted domestically, against Soviet citizens.
MI5: Military intelligence section 5 - Uk’s domestic counterintelligence and security agency - 1909-present day
Soviet spy groups
Cambridge 5
- Russian 10
- Walker spy ring
John Anthony Walker
Cambridge Five
The Cambridge Five were a group of British spies who operated as Soviet double agents during and after World War II. They were recruited while students at Cambridge University in the 1930s, motivated by a mix of Marxist ideology and opposition to fascism. The primary members were Kim Philby, Donald Maclean, Guy Burgess, Anthony Blunt, and John Cairncross. This group infiltrated key British intelligence and government positions, passing a significant amount of classified information to the Soviet Union. Their activities were not uncovered until the 1950s, and the full extent of their betrayal wasn’t known for years. Their exposure severely damaged UK and US intelligence relations with the Soviet Union during the Cold War.
Russian Ten
The "Russian Ten" refers to a group of Russian deep-cover spies arrested in the United States in 2010. This group, officially linked to Russia's Foreign Intelligence Service (SVR), posed as ordinary American citizens, blending into American society while gathering intelligence and attempting to build influential connections. The spies, including Anna Chapman, were part of a larger network of "illegals" who operated without diplomatic cover. Their arrests were part of a high-profile FBI operation, and the members were later swapped in a spy exchange between the US and Russia. This case shed light on the persistence of Russian espionage in the post-Cold War era.
Walker Spy Ring
The Walker Spy Ring was an espionage network led by John A. Walker Jr., a former U.S. Navy Chief Warrant Officer who spied for the Soviet Union from 1968 to 1985. Walker recruited his son, brother, and a friend into the operation, which became one of the most damaging intelligence breaches in U.S. Navy history. By passing cryptographic keys and other highly sensitive naval information, Walker gave the Soviets access to encrypted U.S. naval communications, compromising national security for nearly two decades. The ring’s discovery in 1985 led to prison sentences for all involved and significantly heightened awareness of espionage risks within U.S. military ranks.
Leakage of Atomic Bomb to Soviets
- Klaus Fuchs
- Julius and Ethel Rosenberg
- Theodore Hall
- David Greenglass
- Harry Gold
- Peter and Helen Kroger
- John Cairncross
- Aleksandr Feklisov
- Melita Normwod
- …
These spies operated during the 1940 as part of a Soviet espionage network targeting the U.S. Manhattan Project, which developed the first atomic bombs. Using techniques like dead drops, coded messages, and clandestine meetings, they smuggled critical scientific data to Soviet handlers. Their motives varied: while some, like Fuchs and Hall, were ideologically driven by communism and believed in nuclear parity to prevent future wars, others, like the Rosenbergs, were committed to aiding the Soviet cause. Their actions greatly accelerated the Soviet Union’s nuclear capabilities, leading to the Cold War arms race.
Modern cases
1. Maria Rosa Mayer Munos: A Spanish national accused of espionage for providing information to Russia, allegedly related to the defense sector.
2. Ludwig Gish: A former German intelligence officer, suspected of espionage and aiding Russian intelligence by passing confidential documents.
3. Dmitri Kovtun and Andrei Lugovoi – Litvinenko Case: Russian operatives implicated in the 2006 poisoning of former FSB officer Alexander Litvinenko in London, using polonium-210.
4. Anna Chapman & Illegals Program: A Russian sleeper agent arrested in 2010 as part of a larger Russian intelligence network operating undercover in the U.S., aiming to gather information on national security.
Times of Peace and War
In peacetime, espionage is widely considered illegal and a breach of sovereignty, resulting in domestic prosecution and diplomatic consequences. In wartime, however, it is seen as a strategic tool, with legal frameworks like the LOAC outlining different rules for handling captured spies, who may face prosecution but without the protections given to standard POWs. This differentiation reflects the greater tolerance for intelligence operations as part of warfare, even though wartime spies still risk severe penalties if captured.
Legal Practices in National Security and in Whistleblowing
Leaks and Whistleblowing
Definition: A leak is the unauthorized disclosure of confidential or sensitive information to the public or media, often without the consent of the organization or government involved.
Legal Framework: Leaks are generally considered illegal if they involve classified, proprietary, or privileged information protected by laws such as the Espionage Act in the United States or Official Secrets Acts in the UK. These laws prohibit unauthorized disclosure of government secrets and may result in criminal charges for leakers.
Legal Consequences: Individuals found guilty of leaking sensitive information may face penalties ranging from fines to imprisonment, especially when the information pertains to national security. Unlike whistleblowing, leaks lack legal protection and often lead to prosecution unless the individual can argue a public interest defense (though this defense is limited in many countries).
Definition: Whistleblowing is the act of disclosing information about illegal, unethical, or harmful activities within an organization to authorities or the public, with the intent to address misconduct, prevent harm, or promote accountability.
Legal Framework: Whistleblowing is legally protected in many countries through laws such as the Whistleblower Protection Act in the United States, the Public Interest Disclosure Act in the UK, and the EU Whistleblower Protection Directive in the European Union. These laws provide a legal basis for individuals to report wrongdoing without fear of retaliation and often establish channels for safely reporting within or outside the organization.
Legal Protections: Whistleblowers are generally protected from employer retaliation, such as firing or harassment, when reporting certain types of misconduct. If whistleblowers follow legal reporting channels, they may also receive support in the form of confidentiality protections and, in some cases, financial incentives (such as in U.S. SEC or IRS whistleblower programs).
FISA amendment Section 702
Section 702 of the FISA Amendments Act allows the U.S. government to conduct warrantless surveillance on non-U.S. persons located outside the United States for the purpose of gathering foreign intelligence. It enables programs like PRISM (data collection from tech companies) and Upstream (intercepting data from internet infrastructure).
While it targets foreign individuals, the communications of U.S. persons can be incidentally collected, raising privacy concerns. Oversight is provided through minimization guidelines reviewed by the Foreign Intelligence Surveillance Court (FISC), but critics argue that transparency and protections for U.S. citizens remain insufficient.
Legal framework
1. International Law and Espionage:
* International law lacks explicit regulations on espionage activities, meaning there is no universal treaty or convention directly governing the legality of espionage between states. This leaves espionage in a largely unregulated space under international law.
* State sovereignty is a core principle of international law, and espionage inherently violates this principle when conducted by foreign operatives on another country’s soil. As such, espionage is often considered illegal or criminal within domestic laws, even though it isn’t specifically addressed as such in international law.
2. Acknowledgment of Intelligence Agencies:
* States typically acknowledge their own intelligence agencies and consider their activities as legitimate under national security justifications. This aligns with the notion that espionage, while secretive, is a recognized and routine function of statecraft. However, states carefully avoid openly admitting to or justifying specific espionage operations, especially when directed at allies or neutral countries, to avoid diplomatic fallout.
3. Condemnation of Foreign Espionage:
* Most countries strongly condemn foreign espionage on their soil and often criminalize assisting foreign intelligence operations. In the U.S., for instance, aiding foreign espionage can result in charges of espionage, conspiracy, or aiding an enemy, while countries in the European Union and beyond have similar laws protecting state secrets.
4. Specific Limits on Espionage Tactics:
* International law is indeed clear on prohibiting torture and other inhumane practices, as established in treaties like the UN Convention Against Torture. Such limits are universal, applying to all state activities, including intelligence gathering. Thus, while espionage itself isn't explicitly illegal in international law, certain methods used to gather intelligence—such as torture or cruel treatment—are prohibited.
In summary, while espionage itself is not outright banned or legalized in international law, the methods used in espionage are subject to international regulations and prohibitions, particularly regarding human rights. States accept their intelligence activities as necessary for security but criminalize foreign espionage domestically to protect sovereignty, and they generally avoid admitting specific acts of espionage to manage diplomatic relations.
After 9/11
Increased Intelligence Sharing with the U.S.
* In the wake of 9/11, the EU strengthened its cooperation with the U.S. on counter-terrorism, which involved more extensive intelligence sharing between EU and U.S. agencies. European countries became more willing to share data with U.S. intelligence agencies, despite the European Parliament’s earlier concerns about foreign surveillance practices like ECHELON.
* This cooperation led to agreements like the Passenger Name Record (PNR) framework, which required airlines to share detailed passenger data with U.S. authorities. The European Parliament was initially resistant to this agreement, as it conflicted with EU privacy laws, but it eventually passed under pressure from security priorities.
The Data Retention Directive (2006)
* The EU adopted the Data Retention Directive in 2006, which required telecom companies to retain data on all communications (metadata, such as the time, duration, and location of calls) for 6 to 24 months for law enforcement purposes. This directive contradicted the privacy-focused mandate from 2001, as it required the mass storage of citizens' data, making it more accessible to intelligence and law enforcement agencies.
* The directive was controversial from the outset and faced numerous legal challenges. In 2014, it was ultimately struck down by the Court of Justice of the European Union (CJEU), which ruled that it violated fundamental rights to privacy and data protection.
SAFE HARBOR Agreement
* To facilitate data transfers for businesses operating between the EU and the U.S., the Safe Harbor Agreement was established in 2000, allowing companies to transfer personal data across borders under a shared privacy framework. After 9/11, this agreement took on new significance, as data-sharing became more critical for both commerce and security.
* The EU-U.S. Safe Harbor Agreement later came under scrutiny due to concerns that U.S. surveillance programs, including PRISM (exposed in 2013), undermined the privacy protections Safe Harbor was meant to ensure. This ultimately led to the agreement being invalidated by the CJEU in 2015, and replaced by the EU-U.S. Privacy Shield (also invalidated in 2020), as privacy advocates argued it still did not fully protect EU citizens from U.S. surveillance.
Expansion of Surveillance Laws in EU Member States
* Many EU countries implemented their own enhanced surveillance laws that included mass data retention and increased authority for intelligence agencies, often modeled on the U.S. PATRIOT Act. Countries like the UK, France, and Germany passed laws that allowed for greater interception of communications and expanded intelligence-gathering powers to counter terrorism.
* For example, the UK’s Investigatory Powers Act (often called the “Snooper’s Charter”) legalized broad surveillance powers, allowing for the collection of metadata and intercepting of internet communications. France and Germany also passed laws to enable more comprehensive monitoring of potential terror suspects.
Growing Legal Pushback and Privacy Activism
* Despite these post-9/11 security measures, the European Parliament and EU courts maintained some oversight. Privacy-focused organizations, like the European Digital Rights (EDRi) and individuals such as activist Max Schrems, continued to challenge surveillance practices in EU courts, arguing they violated EU privacy protections.
* These challenges ultimately led to landmark rulings, such as the 2014 CJEU decision that annulled the Data Retention Directive and the invalidation of Safe Harbor and Privacy Shield agreements, signaling a gradual return to prioritizing privacy protections.
Introduction of the General Data Protection Regulation (GDPR)
* The EU eventually implemented the General Data Protection Regulation (GDPR) in 2018, reinforcing data protection rights for EU citizens and giving them more control over their personal information. While GDPR is primarily a data protection law, it reinforced the EU’s commitment to privacy rights despite the surveillance pressures of the post-9/11 era.
* GDPR’s strict rules around data processing and transfers also put indirect pressure on surveillance practices, as it reinforced standards for protecting personal data against unauthorized access.