JASON LEWIS
UK
Mail On Sunday
Sunday, January 14, 2007
Confidential details sent to MI5 by thousands of individuals
and businesses have ended up with an American company specialising
in supermarket mailshots.
The security service's new email early warning system was designed
to reassure the public in the wake of the July 7 bombings and
the disclosure of a string of failed terror plots.
It was launched by the Home Office last week. The Government
said it was part of a long-planned programme to keep the public
better informed about the terrorist threat.
People signing up for the alerts were asked to type their name
and email details into the MI5 website alongside an assurance
their personal information would be protected by the Data Protection
Act and the Security Services Act.
They were emailed back by MI5 with the message: "Thank you
for your request to subscribe to the MI5/Home Office Threat Level
Update email list." Subscribers were led to believe their
details were being kept in secure computer files at MI5's Thames
House headquarters in Whitehall.
But The Mail on Sunday can reveal the service is not being run
by MI5. Instead it has been paying Whatcounts Inc, a US computer
firm based in Seattle, to store the details and send terror alerts.
The company specialises in sending advertising emails for retail
firms. It has close ties with the US government and runs internet
systems for the government-owned Voice of America broadcaster
which has historic links to the CIA.
There were also concerns about whether the US firm was vetted
by the security service. Conservative Homeland Security spokesman
Patrick Mercer said: "I am alarmed and surprised that the
Government would outsource this sort of sensitive material to
another country."
Data experts said information sent in this way was vulnerable
to interception by hackers or even Al Qaeda terrorists.
The boss of Whatcounts, who claims he was never told they were
working for MI5, described the set-up as 'a comedy of errors'.
He questioned why MI5 had not chosen to keep the information on
its own computers, and could not guarantee all the email messages
sent to warn a terrorist attack was imminent would reach the public.
David Geller, Whatcounts chief executive, said he was 'surprised
to learn' his system was being used by MI5. He said that the firm
guaranteed not to use the information for any other purpose or
sell it on.
"We are registered with the US government as being a safe
harbour for data," he said. "We would never release
any data unless we were compelled to do so by a court order from
an official government body. This protects that information even
from the CIA or the US National Security Agency."
Whitehall sources said the MI5 system had been set up by an unnamed
firm which was responsible for running its website. That firm
had hired London-based Mailtrack, another direct marketing firm,
to run the system. Mailtrack outsourced the work to Whatcounts.
Last night Whitehall sources said MI5's arrangements were now
being reviewed and the email data transferred back to the UK.
MI5 is likely to face further questions of the level of vetting
it gave computer firms involved after it emerged that David Geller
has an Iranian wife.
Cathia Geller, a public relations executive, describes her interests
as Iran, travel and cooking and gives her home town as Tehran.
There is no suggestion that the Gellers have any links to the
Iranian regime which has been named as part of the axis of evil
by President Bush for its sponsorship of international terrorism.
The couple live in a $600,000 lakeside home in Sammamish, a middle-class
commuter town outside Seattle with their four-year-old daughter.
Email
