The NSA and GCHQ have an extensive network of agents embedded within the users of online game services like Second Life, World of Warcraft, and Xbox Live, according to documents leaked by Edward Snowden.
Published by The Guardian in partnership with The New York Times and ProPublica, the NSA's 2008 Exploiting Terrorist Use of Games and Virtual Environments detailed plans to exploit the anonymity of game networks to monitor potential terrorist activities.
The document described games as “an opportunity" and advocated the monitoring and mapping of social interactions within online game communities to establish connections to terrorist cells and find new leads.
While it's unclear just how far these plans progressed or how the NSA and GCHQ were collecting their intelligence, the paper describes GCHQ as having a “vigorous effort to exploit GVEs [games]” and claims the group has produced exploitation modules in Xbox Live and World of Warcraft.
One of the chief aims of the report was to prove that terrorists were considering the use of games for training and communications, and points to a few instances – most notably the 9/11 attacks – where terrorists actively used games like Microsoft Flight Simulator for training.
The document states that “Al-Qaeda terrorist target selectors and GVE executables” were found associated with Xbox Live, Second Life, Word of Warcraft, and other games.
Potential targets didn't stop with terrorists, and the NSA listed Chinese hackers, an Iranian nuclear scientist, Hizballah, and Hamas Members.
According to the Guardian, a 2007 invitation to a secret internal briefing said that “terrorists use online games – but perhaps not for their amusement. They are suspected of using them to communicate secretly and to transfer funds,” though the agencies didn't have evidence to support this claim at the time.
The document also noted the use of games as tools of indoctrination, citing both the US Army's multiplayer shooter America's Army and the Lebanese Hizballah's corresponding Special Forces 2, which the militant group has acknowledged as a tool for both recruitment and training.
Liden Labs's Second Life got special mention for its SMS messaging and phone services, which allowed users to communicate without the need to provide a phone number or the risk of calls showing up in collection.
The Guardian reports that Second Life's “then-chief operating officer” gave a “brown-bag lunch” address at the NSA in May 2007 in which he touted his game's utility to intelligence officials as an “opportunity to understand the motivation, context and consequent behaviors of non-Americans through observation, without leaving US soil”.
The NSA document states that the FBI, CIA, and the Defense Humint Service [human intelligence] all had operations in Second Life and other games and were interested in forming a group to collaborate on these efforts.
Of note is a passage tucked at the end which states that more research is needed to discover which games should be targeted before evidence can be found proving terrorists use them in operations.
Put simply, the NSA didn't have much to support the idea that games were being used by terrorists, no matter how “vigorous” the efforts of its UK sister service.
"We are unaware of any surveillance taking place," a spokesman for Blizzard Entertainment told The Guardian.
"If it was, it would have been done without our knowledge or permission."
The NSA declined to comment on the Guardian's report, but a GCHQ statement claimed the agency's actions were within the bounds of the law.
“All GCHQ's work is carried out in accordance with a strict legal and policy framework which ensures that its activities are authorised, necessary and proportionate, and there is rigorous oversight, including from the secretary of state, the interception and intelligence services commissioners and the intelligence and security committee," said a representative.
Linden Labs declined to comment, as did the company's founder and former CEO Philip Rosedale.
"We're not aware of any surveillance activity," a Microsoft spokesperson told CVG.
"If it has occurred as reported, it certainly wasn't done with our consent."
[Note: Develop has noticed that the primary document provided by the Guardian looks to be dated 2007-01-08, though the news outlet itself has reported the document is from 2008. The above article has follows The Guardian's chronology due to their experience and expertise with the subject matter.]