[ExI] Surveillance 'partnership' between NSA and telcos points to AT&T, Verizon

Eugen Leitl eugen at leitl.org
Fri Jun 28 13:22:00 UTC 2013


Surveillance 'partnership' between NSA and telcos points to AT&T, Verizon

Newly disclosed classified document suggests firms allowed spy agency to
access e-mail and phone call data by tapping into their "fiber-optic cables,
gateway switches, and data networks."

by Declan McCullagh  June 27, 2013 2:40 PM PDT

The National Security Agency entered into "collection partnerships" with a
pair of telecommunications companies that permitted tapping their fiber
links. Evidence suggests it's AT&T and Verizon.

Want to play a game of "guess who?"

A newly disclosed top secret document lauds the National Security Agency's
"productive" and long-standing surveillance "partnership" with a pair of
telecommunications providers -- that permitted tapping into their fiber links
-- but without naming names.

This is where things get interesting for clue sleuths.

Even in the top-secret document published by the Guardian today, the firms
are described only as "Company A" and "Company B." But the NSA's inspector
general did disclose that, at the time the program was being formed in the
wake of the September 11 attacks, the agency entered into the partnerships
because Company A had access to 39 percent of international phone calls, and
Company B had access to 28 percent.

Those figures closely correspond with Federal Communications Commission data
(PDF). The most recent figures publicly available in late 2001, when the
carrier "partnerships" were being expanded, reveal that AT&T carried 38.2
percent of international minutes billed to U.S. carriers. MCI, now part of
Verizon, carried 29.1 percent.

Verizon spokesman Ed McFadden would not confirm or deny his employer's
identity as company B, and told CNET today that the company "always requires
appropriate legal process" when responding to requests from any government
agency. AT&T did not respond to questions.

"Collection partnerships" with these two firms have allowed the spy agency to
vacuum up e-mail and phone call content by tapping into their "fiber-optic
cables, gateway switches, and data networks," says the 2009 report. That's
consistent with previous reports that AT&T permitted the NSA to tap into its
telecommunications facilities.

The disclosures, part of a 2009 report prepared by the NSA's Office of the
Inspector General, emphasize how crucial -- and sensitive -- the agency's
relationships with U.S. telecommunications companies have become.

These relationships also allowed the NSA to take advantage of the United
States' role as an international Internet hub, which meant that an outsize
share of worldwide traffic flows through the networks of AT&T, Verizon, and
other U.S. providers. Even e-mail messages between Latin American and African
countries, for instance, are typically routed through U.S. switches because
of the lower cost.

NSA Director Keith Alexander believed, according to the inspector general's
report, "if the relationships with these companies were ever terminated," the
agency's eavesdropping ability would be "irrevocably damaged, because NSA
would have sacrificed America's home field advantage as the primary hub for
worldwide telecommunications."

Many of these relationships predated the September 11 attacks that
dramatically increased the NSA's authority in a warrantless surveillance
program secretly authorized by President Bush. A 1981 presidential executive
order, for instance, authorized the collection of "signals intelligence
information" for foreign intelligence purposes, which the NSA views as
authorizing the interception of phone calls "transiting" the United States.

Soon after the 2001 attacks, according to the report, representatives of both
Company A and Company B "contacted NSA and asked 'What can we do to help?'"
Both had previously been "providing telephony content to NSA before 2001"
under the 1981 executive order and the Foreign Intelligence Surveillance Act.

Initially, under the Bush-era program, the NSA was temporarily authorized to
intercept "communications with at least one communicant outside the United
States or for which no communicant was known to be a citizen of the United
States." Then, in 2007, the Justice Department secretly authorized the agency
to "analyze communications metadata associated with United States persons and
persons believed to be in the United States."

Metadata is defined, according to the inspector general's report, as
encompassing phone call records and "Internet Protocol" communications, which
would include a person's IP address and what company or service they're
communicating with. (Verizon turns over metadata of all customer calls to the
NSA, meaning the logs of who called whom, every day.)

The Guardian's report today also cited a December 2012 document prepared by
the NSA's Special Source Operations (SSO) directorate discussing classified
programs codenamed EvilOlive and ShellTrumpet, which had "processed its
one-trillionth metadata record" at the time. The newspaper, which did not
make the SSO document public, summarized it as:

 With this new system, the NSA is able to direct more than half of the
internet traffic it intercepts from its collection points into its own
repositories. One end of the communications collected are inside the United
States. The NSA called it the "One-End Foreign (1EF) solution". It intended
the program, codenamed EvilOlive, for "broadening the scope" of what it is
able to collect....This new system, SSO stated in December, enables vastly
increased collection by the NSA of Internet traffic. "The 1EF solution is
allowing more than 75% of the traffic to pass through the filter," the SSO
December document reads. "This milestone not only opened the aperture of the
access but allowed the possibility for more traffic to be identified,
selected and forwarded to NSA repositories."

One interpretation of EvilOlive is that the NSA is acquiring the majority of
Americans' confidential Internet and phone communications -- or at least the
majority flowing through the networks of its partner telecommunications
companies -- and archiving them for years. Any subsequent restrictions on
access by intelligence analysts would be policy-based, not technology-based,
and could be modified in the future to be more permissive.

The Obama administration has declined to discuss the NSA's vast collection
apparatus in any detail. A statement last week from James Clapper, the
director of national intelligence, said an analyst cannot "can eavesdrop on
domestic communications without proper legal authorization" -- but,
pointedly, did not say what "proper legal authorization" meant.

In an online chat earlier this month, Snowden said there were few practical
restrictions on analysts' ability to target American citizens:

 NSA likes to use "domestic" as a weasel word here for a number of
reasons....The reality is that due to [a 2008 federal law known as FAA 702],
Americans' communications are collected and viewed on a daily basis on the
certification of an analyst rather than a warrant. They excuse this as
"incidental" collection, but at the end of the day, someone at NSA still has
the content of your communications....If I target for example an email
address, for example under FAA 702, and that email address sent something to
you, Joe America, the analyst gets it. All of it. IPs, raw data, content,
headers, attachments, everything. And it gets saved for a very long time --
and can be extended further with waivers rather than warrants."

A document previously leaked by Snowden, the former NSA contractor believed
to be staying in the transit area of Moscow's Sheremetyevo Airport, described
"upstream" data collection from "fiber cables and infrastructure as data
flows past."

Documents that came to light in 2006 in a lawsuit brought by the Electronic
Frontier Foundation offer insight into the spy agency's relationship with
AT&T and other Tier 1 providers. Mark Klein, who worked as an AT&T technician
for over 22 years, disclosed (PDF) that he witnessed domestic voice and
Internet traffic being surreptitiously "diverted" through a "splitter
cabinet" to secure room 641A in one of the company's San Francisco
facilities. The room was accessible only to NSA-cleared technicians.

"This is a complete vindication," Klein, now retired and living in the San
Francisco bay area, told Wired today. "They are collecting everything on

During a hearing earlier this month, Alexander, the NSA director, said his
agency's surveillance programs were valuable intelligence gathering
techniques that have helped to keep Americans safe:

 Virtually all countries have lawful intercept programs under which they
compel communications providers to share data about individuals they believe
represent a threat to their societies. Communications providers are required
to comply with those programs in the countries in which they operate. The
United States is not unique in this capability. The U.S., however, operates
its program under the strict oversight and compliance regime that was noted
above, with careful oversights by the courts, Congress and the
administration....We have created and implemented and continued to monitor a
comprehensive mission compliance program inside NSA.

Alexander said that an analyst who wants to "target the content of a U.S.
person anywhere in the world" must get a specific court warrant."

Today's disclosures about the NSA's so-called EvilOlive and other programs
highlight the lack of strong encryption that would armor the communications
of Internet users against warrantless surveillance.

A CNET article last week reported that, with the exception of Google, few
large e-mail providers use encryption to protect their customers' privacy.
And few, another article yesterday reported, use strong encryption that would
shield their customers' Web browsing from government snoops.

Topics:Internet, Technology, Politics, Policy, Regulation, Legal Tags:nsa,
keith alexander, surveillance, verizon, at&t, national security agency Declan

Declan McCullagh is the chief political correspondent for CNET. Declan
previously was a reporter for Time and the Washington bureau chief for Wired
and wrote the Taking Liberties section and Other People's Money column for
CBS News' Web site.

More information about the extropy-chat mailing list