A definite yes. LEEgime is a customer of some Israel-based surveillance companies and one based in the UK.
A better question should be: is LEEgime acting legally if it has a PRISM-like programme in Sinkieland?
If you have time, read the following article published in The Straits Times, 6 July 2013, pages D2 and D3
**************************************************************************
What the law says
THREE years ago, national serviceman Muhammad Fadil Abdul Hamid was detained under the Internal Security Act for wanting to embark on jihad activities overseas.
The Ministry of Home Affairs said he had made online contact with a suspected Al-Qaeda recruiter, and had also surfed the Internet for jihadist propaganda and videos.
His case and several others in recent years show the extent to which the Government can track private communications and data, right down to e-mail, chats and websites visited.
Almost any kind of information can be obtained by the Government without the need for the courts to grant permission, as it is empowered by several pieces of legislation to directly collect data.
The Criminal Procedure Code allows the police to order anyone to produce, or give them access to, any "document or thing" necessary for any investigation.
The police can access, inspect or check any computer suspected to be used in connection with an arrestable offence they are investigating. They can also obtain codes or technology to unscramble encrypted data.
Under the Telecommunications Act, the Government can order telcos to provide any document or any information considered related to an investigation. If the Government feels that it is in the public interest, under the Official Secrets Act, it can by court order require telcos to produce sent or received messages to or from anywhere outside Singapore.
Though there is the newly enacted Personal Data Protection Act, which requires individuals to be informed and that consent be gained if organisations are collecting personal data, most of the Act does not apply to public agencies.
The possibility for wider, large-scale cyber-surveillance was opened with the January amendment to the Computer Misuse and Cybersecurity Act. Now, the Government can compel any person or organisation to "take such measures or comply with such requirements as may be necessary to prevent, detect or counter any threat" to computer systems.
Previously it could authorise but not compel organisations to take such measures.
Mr Hri Kumar Nair, chairman of the government parliamentary committee for home affairs and law, said this amendment effectively "allows the Government to obtain information pre-emptively".
The broad phrasing of the amendment gives the Government leeway to potentially institute programmes to monitor and intercept communications, say lawyers.
For example, if the Government felt the air traffic control system was a likely target of attack, the amendment "is conceivably wide enough" for the monitoring of phone or Internet communications, to glean information to "prevent, detect or counter" any such threats, said Mr Gilbert Leong, a partner with Rodyk and Davidson, who has spoken on data protection matters.
The amendment comes with some restraints. The Government can use it only in cases of threats to national security, essential services, the defence of Singapore or its foreign relations. Those who use or disclose the information in an unauthorised manner can be fined up to $10,000 or jailed up to a year, or both.
In the January parliamentary debate on the amendment, Second Minister for Home Affairs S. Iswaran gave the assurance that the Government would exercise such powers "judiciously" and only "after careful consideration of the implications, and being satisfied that the measures are practical and reasonable".
So what kind of data can the Government get its hands on?
Lawyers say it can retrieve call and SMS logs, the contents of SMSes, logs of when a user accessed a particular website, and e-mail if the e-mail account is owned by the Internet service provider (ISP), such as a SingNet e-mail account.
Metadata, which is information generated when technology is used - such as the date and time of calls and the places where you accessed your e-mail - can also be retrieved.
Such data was produced by lawyers acting for American Shane Todd's family in the recent coroner's inquiry here into his death. Private information can be accessed by lawyers but, unlike the Government, they can do so only if they first obtain a court order.
Telcos and ISPs do not necessarily have to tell you, the user, that such information has been passed to the Government. In fact, they may not be allowed to do so.
The licensing agreement that the major three telcos signed with the Info-communications Development Authority (IDA) stipulates that they have to "safeguard the secrecy of all directions given by IDA" and cannot disclose such orders even after their licences expire.
SingTel, StarHub and M1 declined to give details on the frequency and number of times they have been asked to provide such information to the Government. StarHub would say only that such requests are received "from time to time".
But they all said they would disclose customer data only when legally obliged to do so, and would not otherwise share it with outside parties.
E-mail stored in Web-based accounts such as Gmail, and private information on social media sites such as Facebook, are somewhat harder to obtain. But if the company has an arm based in Singapore, or the server in which the information is stored is located here, it is within reach of the authorities.
According to Google's Transparency Report, the Singapore Government made 185 requests last year to the company for users' data, pertaining to some 200 accounts. Google complied with 70 per cent to 75 per cent of such requests.
In comparison, Australia made 1,107 requests last year, of which nearly two-thirds were fulfilled. The US made 16,407 requests, of which nearly 90 per cent was complied with.
A spokesman for Google Singapore said the Singapore numbers "primarily cover requests in criminal matters".
He declined to elaborate on the kind of data Google has provided. Besides its popular search engine and its e-mail service Gmail, Google also owns YouTube, the biggest video-sharing website, and file storage service Google Drive.
But he added that Google "only provides information within the scope and authority of the request, whether it stems from a criminal or civil case", and that it can refuse to produce information or try to narrow the request, especially if it believes that this is overly broad.
It did not respond to queries on the instances in which it turned down government requests, and why it refused.
Whenever possible and when it is legal to do so, Google also notifies users about such requests for data that may affect them, he said.
Recently, Facebook's US headquarters revealed that from June to December last year, it received between 9,000 and 10,000 requests for user data from US government entities. Facebook Singapore declined to give similar data for Singapore.
But its spokesman said: "Requests from law enforcement entities investigating national security-related cases are by their nature classified and highly sensitive, and the law traditionally has placed significant constraints onthe ability of companies like Facebook to even confirm or acknowledge receipt of these requests - let alone provide details of our responses."
She added that the company scrutinised each government data request, and "aggressively protect our users' data when confronted with such requests: we frequently reject such requests outright, or require the government to substantially scale down its requests, or simply give the government much less data than it has requested. And we respond only as required by law".
TESSA WONG