• Email
  • Single Page
  • Print

They Know Much More Than You Think

Bamford_2-081513.jpg
Edward Gorey Charitable Trust
Drawing by Edward Gorey

During the past decade, the NSA has secretly worked to gain access to virtually all communications entering, leaving, or going through the country. A key reason, according to the draft of a top secret NSA inspector general’s report leaked by Snowden, is that approximately one third of all international telephone calls in the world enter, leave, or transit the United States. “Most international telephone calls are routed through a small number of switches or ‘chokepoints’ in the international telephone switching system en route to their final destination,” says the report. “The United States is a major crossroads for international switched telephone traffic.” At the same time, according to the 2009 report, virtually all Internet communications in the world pass through the US. For example, the report notes that during 2002, less than one percent of worldwide Internet bandwidth—i.e., the international link between the Internet and computers—“was between two regions that did not include the United States.”

Accessing this data is possible through a combination of techniques. Through the most effective of them, the NSA can gain direct access to the fiber-optic cables that now carry most kinds of communications data. According to a slide released by Snowden, the cable-tapping operation is codenamed “UPSTREAM” and it is described as the “collection of communications on fiber cables and infrastructure as data flows past.” It also appears to be both far more secret and far more invasive than the PRISM program revealed by Snowden. Although PRISM gives the NSA access to data from the individual Internet companies, such as Yahoo, Google, and Microsoft, the companies claim that they don’t give the agency direct access to their servers. Through UPSTREAM, however, the agency does get direct access to fiber-optic cables and the supporting infrastructure that carries nearly all the Internet and telephone traffic in the country.

As part of its cable-tapping program, the NSA has secretly installed what amount to computerized filters on the telecommunications infrastructure throughout the country. According to the leaked inspector general’s report, the agency has secret cooperative agreements with the top three telephone companies in the country. Although the report disguises their names, they are likely AT&T, Verizon, and Sprint:

NSA determined that under the Authorization it could gain access to approximately 81% of the international calls into and out of the United States through three corporate partners: Company A had access to 39%, Company B 28%, and Company C 14%.

The filters are placed at key junction points known as switches. For example, much of the communications—telephone and Internet—to and from the northwestern United States pass through a nearly windowless nine-story building at 611 Folsom Street in San Francisco. This is AT&T’s regional switching center. In 2003, the NSA built a secret room in the facility and filled it with computers and software from a company called Narus. Established in Israel by Israelis, and now owned by Boeing, Narus specializes in spyware, equipment that examines both the metadata—the names and addresses of people communicating on the Internet—and the content of digital traffic such as e-mail as it zooms past at the speed of light.

The agency also has access to the telephone metadata—the numbers called and calling and other details—of all Americans. Phone calls from telephone numbers that have been selected as targets can be routed directly to the agency and recorded. According to William Binney, the former NSA senior official, the NSA has established between ten and twenty of these secret rooms at telecom company switches around the country.

It is this daily access to the telephone metadata of all Americans without FISA warrants that the NSA and the Office of National Intelligence tried to hide when they falsely denied that the agency had surveillance records on millions of Americans. For years, the agency also had a nationwide bulk e-mail and Internet metadata collection and storage program, although that was ended in 2011 for “operational and resource reasons,” according to the director of national intelligence.

But according to a joint statement issued on July 2 by senators Ron Wyden and Mark Udall, the real reason the program was shut down was that the NSA was “unable” to prove the usefulness of the operation. “We were very concerned about this program’s impact on Americans’ civil liberties and privacy rights,” they said, “and we spent a significant portion of 2011 pressing intelligence officials to provide evidence of its effectiveness. They were unable to do so, and the program was shut down that year.” The senators added, “It is also important to note that intelligence agencies made statements to both Congress and the [FISA court] that significantly exaggerated this program’s effectiveness. This experience demonstrates to us that intelligence agencies’ assessment of the usefulness of particular collection program—even significant ones—are not always accurate.”

Speaking on Meet the Press, Glenn Greenwald, a lawyer and journalist who wrote the story about the NSA’s collection of phone data for The Guardian, also mentioned a still-secret eighty-page FISA court opinion that, he said, criticized the NSA for violation of both the Fourth Amendment and the FISA statute. According to Greenwald, “it specifically said that they are collecting bulk transmissions, multiple conversations from millions of Americans…and that this is illegal.” The NSA, he said, “planned to try to accommodate that ruling.” On the same program, Representative Mike Rogers, Republican chairman of the House Intelligence Committee, confirmed that the FISA court had issued a critical opinion and said that the NSA had “figured out how to correct that.”

According to The Economist of June 29, “the NSA provided congressional intelligence committees with what it said were over 50 cases in which the programmes disclosed by Mr. Snowden had contributed to the ‘understanding and, in many cases, disruption’ of terrorist plots in America, and over 20 other countries.” In a recent New York Review blog post, Kenneth Roth, director of Human Rights Watch and a former federal prosecutor, commented that “upon scrutiny” many of the plots referred to by the NSA

appear in fact to have been uncovered not because of the mass collection of our metadata but through more traditional surveillance of particular phone numbers or e-mail addresses—the kinds of targeted inquiries that easily would have justified a judicial order allowing review of records kept by communications companies or even monitoring the content of those communications.

At the AT&T facility on Folsom Street and the other locations, fiber-optic cables containing millions of communications enter the building and go into what’s known as a beam-splitter. This is a prism-type device that produces a duplicate, mirror image of the original communications. The original beams, containing Internet data, continue on to wherever they were originally destined. The duplicate beam goes into Room 641A, the NSA’s secret room one floor below, a discovery made by another whistleblower, AT&T technician Mark Klein. There the Narus equipment scans all the Internet traffic for “selectors”—names, e-mail address, words, phrases, or other indicators that the NSA wants to know about. Any message containing a selector is then retransmitted in full to the NSA for further analysis, as are the contents of phone calls selected. With regard to targeted phone numbers, the agency supplies them to the company, which then gives the NSA access to monitor them.

The selectors are inserted by remote control into the Narus equipment by NSA analysts sitting at their desks at the agency’s headquarters at Fort Meade in Maryland or at dozens of locations around the world. What Snowden seemed to be saying in his interview is that as long as certain analysts have an e-mail address, for example, they can simply enter that information into the system and retrieve the content of the e-mails sent from and to that address. There are, by his account, no judicial checks and balances to assure that the targeting of an American has been approved by a FISA court order and not just by NSA employees. These claims by Snowden, and other revelations from the documents he released, should be investigated by either a select committee of Congress, such as the Church Committee, or an independent body, like the 9/11 Commission.

While UPSTREAM captures most of the telecommunications—about 80 percent according to Binney—there are still gaps in the coverage. That is where the PRISM program comes in. With PRISM, the NSA is able to go directly to the communications industry, including the major Internet companies, to get whatever they miss from UPSTREAM. According to the top secret inspector general’s report, the “NSA maintains relationships with over 100 US companies,” adding that the US has the “home field advantage as the primary hub for worldwide telecommunications.”

According to a recent slide released by Snowden, the NSA on April 5, 2013, had 117,675 active surveillance targets in the program and was able to access real-time data on live voice, text, e-mail, or Internet chat services, in addition to analyzing stored data.

In the end, both UPSTREAM and PRISM may be only the tips of a much larger system. Another new document released by Snowden says that on New Year’s Eve, 2012, SHELLTRUMPET, a metadata program targeting international communications, had just “processed its One Trillionth metadata record.” Started five years ago, it noted that half of that trillion was added in 2012. It also noted that two more new programs, MOONLIGHTPATH and SPINNERET, “are planned to be added by September 2013.”

One man who was prescient enough to see what was coming was Senator Frank Church, the first outsider to peer into the dark recesses of the NSA. In 1975, when the NSA posed merely a fraction of the threat to privacy it poses today with UPSTREAM, PRISM, and thousands of other collection and data-mining programs, Church issued a stark warning:

That capability at any time could be turned around on the American people and no American would have any privacy left, such [is] the capability to monitor everything: telephone conversations, telegrams, it doesn’t matter. There would be no place to hide. If this government ever became a tyranny, if a dictator ever took charge in this country, the technological capacity that the intelligence community has given the government could enable it to impose total tyranny, and there would be no way to fight back, because the most careful effort to combine together in resistance to the government, no matter how privately it was done, is within the reach of the government to know. Such is the capability of this technology…. I don’t want to see this country ever go across the bridge. I know the capacity that is there to make tyranny total in America, and we must see to it that this agency and all agencies that possess this technology operate within the law and under proper supervision, so that we never cross over that abyss. That is the abyss from which there is no return.

Church sounds as if he had absorbed the lessons of 1984. From the recent evidence, they are still to be learned.

—July 12, 2013

Letters

Our Hacking Government November 21, 2013

  • Email
  • Single Page
  • Print