GCHQ Uses Cookies to Track Google Users

And the leaks just keep on coming.

By latching on to the “GooglePrefIDs”, the British government and its intelligence wing the GCHQ was able to follow a user beyond their initial search and continue to collect data on them even after they had left the site.

Information about the data hijacking process can be found in documents released by the Washington Post on Wednesday, although details on the exact method of code injection are still somewhat vague. From what we can gather out of the info provided, it seems that the technique was used to “tag” users who were of interest to the agency, and then relay information back as they went about their daily browsing activities both within Google’s ecosystem and outside of it.

Google says it uses “preferences” cookies to enhance people’s use of the internet.

“These cookies allow our websites to remember information that changes the way the site behaves or looks, such as your preferred language or the region you are in,” it explains on its site.

The files being tracked contain a numeric hash that can be used to single out any “persons of interest”, enabling the GCHQ to keep tabs on potential suspects without ever actually planting malware or keyloggers on a particular machine in question. This frees them up to claim plausible deniability, while allowing their agents to keep close personal attention on anyone who the firm suspects might be using the internet to plan their next library bombing.

A spokesman for GCHQ said he could neither confirm nor deny the agency’s involvement in the alleged activity.

“All GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensures that its activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Intelligence and Security Committee,” he said.