Disclosures of NSA and related global espionage
Ongoing news reports in the international media have revealed operational details about the Anglophone cryptographic agencies' global surveillance[1] of both foreign and domestic nationals. The reports mostly emanate from a cache of top secret documents leaked by ex-NSA contractor Edward Snowden, which he obtained whilst working for Booz Allen Hamilton, one of the largest contractors for defense and intelligence in the United States.[2] In addition to a trove of U.S. federal documents, Snowden's cache reportedly contains thousands of Australian, British and Canadian intelligence files that he had accessed via the exclusive "Five Eyes" network.[2] In June 2013, the first of Snowden's documents were published simultaneously by The Washington Post and The Guardian, attracting considerable public attention.[3] The disclosure continued throughout 2013, and a small portion of the estimated full cache of documents was later published by other media outlets worldwide, most notably The New York Times (United States), the Canadian Broadcasting Corporation, the Australian Broadcasting Corporation, Der Spiegel (Germany), O Globo (Brazil), Le Monde (France), L'espresso (Italy), NRC Handelsblad (the Netherlands), Dagbladet (Norway), El Pas (Spain), and Sveriges Television (Sweden).[4]
These media reports have shed light on the implications of several secret treaties signed by members of the UKUSA community in their efforts to implement global surveillance. For example, Der Spiegel revealed how the German Federal Intelligence Service (German: Bundesnachrichtendienst; BND) transfers "massive amounts of intercepted data to the NSA",[5] while Swedish Television revealed the National Defence Radio Establishment (FRA) provided the NSA with data from its cable collection, under a secret treaty signed in 1954 for bilateral cooperation on surveillance.[6] Other security and intelligence agencies involved in the practice of global surveillance include those in Australia (ASD), Britain (GCHQ), Canada (CSE), Denmark (PET), France (DGSE), Germany (BND), Italy (AISE), the Netherlands (AIVD), Norway (NIS), Spain (CNI), Switzerland (NDB), Singapore (SID) as well as Israel (ISNU), which receives raw, unfiltered data of U.S. citizens that is shared by the NSA.[7][8][9][10][11][12][13][14]
On June 14, 2013, United States prosecutors charged Edward Snowden with espionage and theft of government property. In late July 2013, he was granted a one-year temporary asylum by the Russian government,[15] contributing to a deterioration of RussiaUnited States relations.[16][17] Towards the end of October 2013, the British Prime Minister David Cameron warned The Guardian not to publish any more leaks, or it will receive a DA-Notice.[18] In November 2013, a criminal investigation of the disclosure was being undertaken by Britain's Metropolitan Police Service.[19] In December 2013, The Guardian editor Alan Rusbridger said: "We have published I think 26 documents so far out of the 58,000 we've seen."[20]
The extent to which the media reports have responsibly informed the public is disputed. In January 2014, Obama said that "the sensational way in which these disclosures have come out has often shed more heat than light"[21] and critics such as Sean Wilentz have noted that many of the Snowden documents released do not concern domestic surveillance.[22] The US & British Defense establishment weigh the strategic harm in the period following the disclosures more heavily than their civic public benefit. In its first assessment of these disclosures, the Pentagon concluded that Snowden committed the biggest "theft" of U.S. secrets in the history of the United States.[23] Sir David Omand, a former director of GCHQ, described Snowden's disclosure as the "most catastrophic loss to British intelligence ever".[24]
Barton Gellman, a Pulitzer Prizewinning journalist who led The Washington Post's coverage of Snowden's disclosures, summarized the leaks as follows:
Taken together, the revelations have brought to light a global surveillance system that cast off many of its historical restraints after the attacks of Sept. 11, 2001. Secret legal authorities empowered the NSA to sweep in the telephone, Internet and location records of whole populations.
The disclosure revealed specific details of the NSA's close cooperation with U.S. federal agencies such as the Federal Bureau of Investigation (FBI)[26][27] and the Central Intelligence Agency (CIA),[28][29] in addition to the agency's previously undisclosed financial payments to numerous commercial partners and telecommunications companies,[30][31][32] as well as its previously undisclosed relationships with international partners such as Britain,[33][34] France,[12][35] Germany,[5][36] and its secret treaties with foreign governments that were recently established for sharing intercepted data of each other's citizens.[7][37][38][39] The disclosures were made public over the course of several months since June 2013, by the press in several nations from the trove leaked by the former NSA contractor Edward J. Snowden,[40] who obtained the trove while working for Booz Allen Hamilton.[2]
George Brandis, the Attorney-General of Australia, asserted that Snowden's disclosure is the "most serious setback for Western intelligence since the Second World War."[41]
As of December2013[update], global surveillance programs include:
The NSA was also getting data directly from telecommunications companies code-named Artifice, Lithium, Serenade, SteelKnight, and X. The real identities of the companies behind these code names were not included in the Snowden document dump because they were protected as Exceptionally Controlled Information which prevents wide circulation even to those (like Snowden) who otherwise have the necessary security clearance.[64][65]
Although the exact size of Snowden's disclosure remains unknown, the following estimates have been put up by various government officials:
As a contractor of the NSA, Snowden was granted access to U.S. government documents along with top secret documents of several allied governments, via the exclusive Five Eyes network.[68] Snowden claims that he currently does not physically possess any of these documents, having surrendered all copies to journalists he met in Hong Kong.[69]
According to his lawyer, Snowden has pledged not to release any documents while in Russia, leaving the responsibility for further disclosures solely to journalists.[70] As of 2014, the following news outlets have accessed some of the documents provided by Snowden: Australian Broadcasting Corporation, Canadian Broadcasting Corporation, Channel 4, Der Spiegel, El Pais, El Mundo, L'espresso, Le Monde, NBC, NRC Handelsblad, Dagbladet, O Globo, South China Morning Post, Sddeutsche Zeitung, Sveriges Television, The Guardian, The New York Times, and The Washington Post.
In the 1970s, NSA analyst Perry Fellwock (under the pseudonym "Winslow Peck") revealed the existence of the UKUSA Agreement, which forms the basis of the ECHELON network, whose existence was revealed in 1988 by Lockheed employee Margaret Newsham.[71][72] Months before the September 11 attacks and during its aftermath, further details of the global surveillance apparatus were provided by various individuals such as the former MI5 official David Shayler and the journalist James Bamford,[73][74] who were followed by:
In the aftermath of Snowden's revelations, The Pentagon concluded that Snowden committed the biggest theft of U.S. secrets in the history of the United States.[23] In Australia, the coalition government described the leaks as the most damaging blow dealt to Australian intelligence in history.[41] Sir David Omand, a former director of GCHQ, described Snowden's disclosure as the "most catastrophic loss to British intelligence ever".[24]
In April 2012, NSA contractor Edward Snowden began downloading documents.[86] That year, Snowden had made his first contact with journalist Glenn Greenwald, then employed by The Guardian, and he contacted documentary filmmaker Laura Poitras in January 2013.[87][88]
In May 2013, Snowden went on temporary leave from his position at the NSA, citing the pretext of receiving treatment for his epilepsy. Towards the end of May, he traveled to Hong Kong.[89][90] Greenwald, Poitras and the Guardian's defence and intelligence correspondent Ewen MacAskill flew to Hong Kong to meet Snowden.
After the U.S.-based editor of The Guardian, Janine Gibson, held several meetings in New York City, she decided that Greenwald, Poitras and the Guardian's defence and intelligence correspondent Ewen MacAskill would fly to Hong Kong to meet Snowden. On June 5, in the first media report based on the leaked material,[91] The Guardian exposed a top secret court order showing that the NSA had collected phone records from over 120 million Verizon subscribers.[92] Under the order, the numbers of both parties on a call, as well as the location data, unique identifiers, time of call, and duration of call were handed over to the FBI, which turned over the records to the NSA.[92] According to The Wall Street Journal, the Verizon order is part of a controversial data program, which seeks to stockpile records on all calls made in the U.S., but does not collect information directly from T-Mobile US and Verizon Wireless, in part because of their foreign ownership ties.[93]
On June 6, 2013, the second media disclosure, the revelation of the PRISM surveillance program (which collects the e-mail, voice, text and video chats of foreigners and an unknown number of Americans from Microsoft, Google, Facebook, Yahoo, Apple and other tech giants),[94][95][96][97] was published simultaneously by The Guardian and The Washington Post.[85][98]
Der Spiegel revealed NSA spying on multiple diplomatic missions of the European Union and the United Nations Headquarters in New York.[99][100] During specific episodes within a four-year period, the NSA hacked several Chinese mobile-phone companies,[101] the Chinese University of Hong Kong and Tsinghua University in Beijing,[102] and the Asian fiber-optic network operator Pacnet.[103] Only Australia, Canada, New Zealand and the UK are explicitly exempted from NSA attacks, whose main target in the European Union is Germany.[104] A method of bugging encrypted fax machines used at an EU embassy is codenamed Dropmire.[105]
During the 2009 G-20 London summit, the British intelligence agency Government Communications Headquarters (GCHQ) intercepted the communications of foreign diplomats.[106] In addition, GCHQ has been intercepting and storing mass quantities of fiber-optic traffic via Tempora.[107] Two principal components of Tempora are called "Mastering the Internet" (MTI) and "Global Telecoms Exploitation".[108] The data is preserved for three days while metadata is kept for thirty days.[109] Data collected by GCHQ under Tempora is shared with the National Security Agency (NSA) of the United States.[108]
From 2001 to 2011, the NSA collected vast amounts of metadata records detailing the email and internet usage of Americans via Stellar Wind,[110] which was later terminated due to operational and resource constraints. It was subsequently replaced by newer surveillance programs such as ShellTrumpet, which "processed its one trillionth metadata record" by the end of December 2012.[111]
The NSA follows specific procedures to target non-U.S. persons[112] and to minimize data collection from U.S. persons.[113] These court-approved policies allow the NSA to:[114][115]
According to Boundless Informant, over 97 billion pieces of intelligence were collected over a 30-day period ending in March 2013. Out of all 97 billion sets of information, about 3 billion data sets originated from U.S. computer networks[116] and around 500 million metadata records were collected from German networks.[117]
In August 2013, it was revealed that the Bundesnachrichtendienst (BND) of Germany transfers massive amounts of metadata records to the NSA.[118]
Der Spiegel disclosed that out of all 27 member states of the European Union, Germany is the most targeted due to the NSA's systematic monitoring and storage of Germany's telephone and Internet connection data. According to the magazine the NSA stores data from around half a billion communications connections in Germany each month. This data includes telephone calls, emails, mobile-phone text messages and chat transcripts.[119]
The NSA gained massive amounts of information captured from the monitored data traffic in Europe. For example, in December 2012, the NSA gathered on an average day metadata from some 15 million telephone connections and 10 million Internet datasets. The NSA also monitored the European Commission in Brussels and monitored EU diplomatic Facilities in Washington and at the United Nations by placing bugs in offices as well as infiltrating computer networks.[120]
The U.S. government made as part of its UPSTREAM data collection program deals with companies to ensure that it had access to and hence the capability to surveil undersea fiber-optic cables which deliver e-mails, Web pages, other electronic communications and phone calls from one continent to another at the speed of light.[121][122]
According to the Brazilian newspaper O Globo, the NSA spied on millions of emails and calls of Brazilian citizens,[123][124] while Australia and New Zealand have been involved in the joint operation of the NSA's global analytical system XKeyscore.[125][126] Among the numerous allied facilities contributing to XKeyscore are four installations in Australia and one in New Zealand:
O Globo released an NSA document titled "Primary FORNSAT Collection Operations", which revealed the specific locations and codenames of the FORNSAT intercept stations in 2002.[127]
According to Edward Snowden, the NSA has established secret intelligence partnerships with many Western governments.[126] The Foreign Affairs Directorate (FAD) of the NSA is responsible for these partnerships, which, according to Snowden, are organized such that foreign governments can "insulate their political leaders" from public outrage in the event that these global surveillance partnerships are leaked.[128]
In an interview published by Der Spiegel, Snowden accused the NSA of being "in bed together with the Germans".[129] The NSA granted the German intelligence agencies BND (foreign intelligence) and BfV (domestic intelligence) access to its controversial XKeyscore system.[130] In return, the BND turned over copies of two systems named Mira4 and Veras, reported to exceed the NSA's SIGINT capabilities in certain areas.[5] Every day, massive amounts of metadata records are collected by the BND and transferred to the NSA via the Bad Aibling Station near Munich, Germany.[5] In December 2012 alone, the BND handed over 500 million metadata records to the NSA.[131][132]
In a document dated January 2013, the NSA acknowledged the efforts of the BND to undermine privacy laws:
The BND has been working to influence the German government to relax interpretation of the privacy laws to provide greater opportunities of intelligence sharing.[132]
According to an NSA document dated April 2013, Germany has now become the NSA's "most prolific partner".[132] Under a section of a separate document leaked by Snowden titled "Success Stories", the NSA acknowledged the efforts of the German government to expand the BND's international data sharing with partners:
The German government modifies its interpretation of the G-10 privacy law to afford the BND more flexibility in sharing protected information with foreign partners.[49]
In addition, the German government was well aware of the PRISM surveillance program long before Edward Snowden made details public. According to Angela Merkel's spokesman Steffen Seibert, there are two separate PRISM programs one is used by the NSA and the other is used by NATO forces in Afghanistan.[133] The two programs are "not identical".[133]
The Guardian revealed further details of the NSA's XKeyscore tool, which allows government analysts to search through vast databases containing emails, online chats and the browsing histories of millions of individuals without prior authorization.[134][135][136] Microsoft "developed a surveillance capability to deal" with the interception of encrypted chats on Outlook.com, within five months after the service went into testing. NSA had access to Outlook.com emails because "Prism collects this data prior to encryption."[45]
In addition, Microsoft worked with the FBI to enable the NSA to gain access to its cloud storage service SkyDrive. An internal NSA document dating from August 3, 2012, described the PRISM surveillance program as a "team sport".[45]
Even if there is no reason to suspect U.S. citizens of wrongdoing, the CIA's National Counterterrorism Center is allowed to examine federal government files for possible criminal behavior. Previously the NTC was barred to do so, unless a person was a terror suspect or related to an investigation.[137]
Snowden also confirmed that Stuxnet was cooperatively developed by the United States and Israel.[138] In a report unrelated to Edward Snowden, the French newspaper Le Monde revealed that France's DGSE was also undertaking mass surveillance, which it described as "illegal and outside any serious control".[139][140]
Documents leaked by Edward Snowden that were seen by Sddeutsche Zeitung (SZ) and Norddeutscher Rundfunk revealed that several telecom operators have played a key role in helping the British intelligence agency Government Communications Headquarters (GCHQ) tap into worldwide fiber-optic communications. The telecom operators are:
Each of them were assigned a particular area of the international fiber-optic network for which they were individually responsible. The following networks have been infiltrated by GCHQ: TAT-14 (EU-UK-US), Atlantic Crossing 1 (EU-UK-US), Circe South (France-UK), Circe North (Netherlands-UK), Flag Atlantic-1, Flag Europa-Asia, SEA-ME-WE 3 (Southeast Asia-Middle East-Western Europe), SEA-ME-WE 4 (Southeast Asia-Middle East-Western Europe), Solas (Ireland-UK), UK-France 3, UK-Netherlands 14, ULYSSES (EU-UK), Yellow (UK-US) and Pan European Crossing (EU-UK).[142]
Telecommunication companies who participated were "forced" to do so and had "no choice in the matter".[142] Some of the companies were subsequently paid by GCHQ for their participation in the infiltration of the cables.[142] According to the SZ, GCHQ has access to the majority of internet and telephone communications flowing throughout Europe, can listen to phone calls, read emails and text messages, see which websites internet users from all around the world are visiting. It can also retain and analyse nearly the entire European internet traffic.[142]
GCHQ is collecting all data transmitted to and from the United Kingdom and Northern Europe via the undersea fibre optic telecommunications cable SEA-ME-WE 3. The Security and Intelligence Division (SID) of Singapore co-operates with Australia in accessing and sharing communications carried by the SEA-ME-WE-3 cable. The Australian Signals Directorate (ASD) is also in a partnership with British, American and Singaporean intelligence agencies to tap undersea fibre optic telecommunications cables that link Asia, the Middle East and Europe and carry much of Australia's international phone and internet traffic.[143]
The U.S. runs a top-secret surveillance program known as the Special Collection Service (SCS), which is based in over 80 U.S. consulates and embassies worldwide.[145] The NSA hacked the United Nations' video conferencing system in Summer 2012 in violation of a UN agreement.[145]
The NSA is not just intercepting the communications of Americans who are in direct contact with foreigners targeted overseas, but also searching the contents of vast amounts of e-mail and text communications into and out of the country by Americans who mention information about foreigners under surveillance.[146] It also spied on Al Jazeera and gained access to its internal communications systems.[147]
The NSA has built a surveillance network that has the capacity to reach roughly 75% of all U.S. Internet traffic.[148][149][150] U.S. Law-enforcement agencies use tools used by computer hackers to gather information on suspects.[151][152] An internal NSA audit from May 2012 identified 2776 incidents i.e. violations of the rules or court orders for surveillance of Americans and foreign targets in the U.S. in the period from April 2011 through March 2012, while U.S. officials stressed that any mistakes are not intentional.[153][154][155][156][157][158][159]
The FISA Court that is supposed to provide critical oversight of the U.S. government's vast spying programs has limited ability to do so and it must trust the government to report when it improperly spies on Americans.[160] A legal opinion declassified on August 21, 2013, revealed that the NSA intercepted for three years as many as 56,000 electronic communications a year of Americans not suspected of having links to terrorism, before FISA court that oversees surveillance found the operation unconstitutional in 2011.[161][162][163][164][165] Under the Corporate Partner Access project, major U.S. telecommunications providers receive hundreds of millions of dollars each year from the NSA.[166] Voluntary cooperation between the NSA and the providers of global communications took off during the 1970s under the cover name BLARNEY.[166]
A letter drafted by the Obama administration specifically to inform Congress of the government's mass collection of Americans' telephone communications data was withheld from lawmakers by leaders of the House Intelligence Committee in the months before a key vote affecting the future of the program.[167][168]
The NSA paid GCHQ over 100 Million between 2009 and 2012, in exchange for these funds GCHQ "must pull its weight and be seen to pull its weight." Documents referenced in the article explain that the weaker British laws regarding spying are "a selling point" for the NSA. GCHQ is also developing the technology to "exploit any mobile phone at any time."[169] The NSA has under a legal authority a secret backdoor into its databases gathered from large Internet companies enabling it to search for U.S. citizens' email and phone calls without a warrant.[170][171]
The Privacy and Civil Liberties Oversight Board urged the U.S. intelligence chiefs to draft stronger US surveillance guidelines on domestic spying after finding that several of those guidelines have not been updated up to 30 years.[172][173] U.S. intelligence analysts have deliberately broken rules designed to prevent them from spying on Americans by choosing to ignore so-called "minimisation procedures" aimed at protecting privacy[174][175] and used the NSA's agency's enormous eavesdropping power to spy on love interests.[176]
After the U.S. Foreign Secret Intelligence Court ruled in October 2011 that some of the NSA's activities were unconstitutional, the agency paid millions of dollars to major internet companies to cover extra costs incurred in their involvement with the PRISM surveillance program.[177]
"Mastering the Internet" (MTI) is part of the Interception Modernisation Programme (IMP) of the British government that involves the insertion of thousands of DPI (deep packet inspection) "black boxes" at various internet service providers, as revealed by the British media in 2009.[178]
In 2013, it was further revealed that the NSA had made a 17.2 million financial contribution to the project, which is capable of vacuuming signals from up to 200 fibre-optic cables at all physical points of entry into Great Britain.[179]
The Guardian and The New York Times reported on secret documents leaked by Snowden showing that the NSA has been in "collaboration with technology companies" as part of "an aggressive, multipronged effort" to weaken the encryption used in commercial software, and GCHQ has a team dedicated to cracking "Hotmail, Google, Yahoo and Facebook" traffic.[186]
Germany's domestic security agency Bundesverfassungsschutz (BfV) systematically transfers the personal data of German residents to the NSA, CIA and seven other members of the United States Intelligence Community, in exchange for information and espionage software.[187][188][189] Israel, Sweden and Italy are also cooperating with American and British intelligence agencies. Under a secret treaty codenamed "Lustre", French intelligence agencies transferred millions of metadata records to the NSA.[62][63][190][191]
The Obama Administration secretly won permission from the Foreign Intelligence Surveillance Court in 2011 to reverse restrictions on the National Security Agency's use of intercepted phone calls and e-mails, permitting the agency to search deliberately for Americans' communications in its massive databases. The searches take place under a surveillance program Congress authorized in 2008 under Section 702 of the Foreign Intelligence Surveillance Act. Under that law, the target must be a foreigner "reasonably believed" to be outside the United States, and the court must approve the targeting procedures in an order good for one year. But a warrant for each target would thus no longer be required. That means that communications with Americans could be picked up without a court first determining that there is probable cause that the people they were talking to were terrorists, spies or "foreign powers." The FISC extended the length of time that the NSA is allowed to retain intercepted U.S. communications from five years to six years with an extension possible for foreign intelligence or counterintelligence purposes. Both measures were done without public debate or any specific authority from Congress.[192]
A special branch of the NSA called "Follow the Money" (FTM) monitors international payments, banking and credit card transactions and later stores the collected data in the NSA's own financial databank "Tracfin".[193] The NSA monitored the communications of Brazil's president Dilma Rousseff and her top aides.[194] The agency also spied on Brazil's oil firm Petrobras as well as French diplomats, and gained access to the private network of the Ministry of Foreign Affairs of France and the SWIFT network.[195]
In the United States, the NSA uses the analysis of phone call and e-mail logs of American citizens to create sophisticated graphs of their social connections that can identify their associates, their locations at certain times, their traveling companions and other personal information.[196] The NSA routinely shares raw intelligence data with Israel without first sifting it to remove information about U.S. citizens.[7][197]
In an effort codenamed GENIE, computer specialists can control foreign computer networks using "covert implants," a form of remotely transmitted malware on tens of thousands of devices annually.[198][199][200][201] As worldwide sales of smartphones began exceeding those of feature phones, the NSA decided to take advantage of the smartphone boom. This is particularly advantageous because the smartphone combines a myriad of data that would interest an intelligence agency, such as social contacts, user behavior, interests, location, photos and credit card numbers and passwords.[202]
An internal NSA report from 2010 stated that the spread of the smartphone has been occurring "extremely rapidly"developments that "certainly complicate traditional target analysis."[202] According to the document, the NSA has set up task forces assigned to several smartphone manufacturers and operating systems, including Apple Inc.'s iPhone and iOS operating system, as well as Google's Android mobile operating system.[202] Similarly, Britain's GCHQ assigned a team to study and crack the BlackBerry.[202]
Under the heading "iPhone capability", the document notes that there are smaller NSA programs, known as "scripts", that can perform surveillance on 38 different features of the iOS 3 and iOS 4 operating systems. These include the mapping feature, voicemail and photos, as well as Google Earth, Facebook and Yahoo! Messenger.[202]
On September 9, 2013, an internal NSA presentation on iPhone Location Services was published by Der Spiegel. One slide shows scenes from Apple's 1984-themed television commercial alongside the words "Who knew in 1984..."; another shows Steve Jobs holding an iPhone, with the text "...that this would be big brother..."; and a third shows happy consumers with their iPhones, completing the question with "...and the zombies would be paying customers?"[203]
On October 4, 2013, The Washington Post and The Guardian jointly reported that the NSA and GCHQ had made repeated attempts to spy on anonymous Internet users who have been communicating in secret via the anonymity network Tor. Several of these surveillance operations involved the implantation of malicious code into the computers of Tor users who visit particular websites. The NSA and GCHQ had partly succeeded in blocking access to the anonymous network, diverting Tor users to insecure channels. The government agencies were also able to uncover the identity of some anonymous Internet users.[204][205][206][207][208][209][210][211][212]
The Communications Security Establishment (CSE) has been using a program called Olympia to map the communications of Brazil's Mines and Energy Ministry by targeting the metadata of phone calls and emails to and from the ministry.[213][214]
The Australian Federal Government knew about the PRISM surveillance program months before Edward Snowden made details public.[215][216]
The NSA gathered hundreds of millions of contact lists from personal e-mail and instant messaging accounts around the world. The agency did not target individuals. Instead it collected contact lists in large numbers that amount to a sizable fraction of the world's e-mail and instant messaging accounts. Analysis of that data enables the agency to search for hidden connections and to map relationships within a much smaller universe of foreign intelligence targets.[217][218][219][220]
The NSA monitored the public email account of former Mexican president Felipe Caldern (thus gaining access to the communications of high-ranking cabinet members), the emails of several high-ranking members of Mexico's security forces and text and the mobile phone communication of current Mexican president Enrique Pea Nieto.[221][222] The NSA tries to gather cellular and landline phone numbersoften obtained from American diplomatsfor as many foreign officials as possible. The contents of the phone calls are stored in computer databases that can regularly be searched using keywords.[223][224]
The NSA has been monitoring telephone conversations of 35 world leaders.[225] The U.S. government's first public acknowledgment that it tapped the phones of world leaders was reported on October 28, 2013, by the Wall Street Journal after an internal U.S. government review turned up NSA monitoring of some 35 world leaders.[226] GCHQ has tried to keep its mass surveillance program a secret because it feared a "damaging public debate" on the scale of its activities which could lead to legal challenges against them.[227]
The Guardian revealed that the NSA had been monitoring telephone conversations of 35 world leaders after being given the numbers by an official in another U.S. government department. A confidential memo revealed that the NSA encouraged senior officials in such Departments as the White House, State and The Pentagon, to share their "Rolodexes" so the agency could add the telephone numbers of leading foreign politicians to their surveillance systems. Reacting to the news, German leader Angela Merkel, arriving in Brussels for an EU summit, accused the U.S. of a breach of trust, saying: "We need to have trust in our allies and partners, and this must now be established once again. I repeat that spying among friends is not at all acceptable against anyone, and that goes for every citizen in Germany."[225] The NSA collected in 2010 data on ordinary Americans' cellphone locations, but later discontinued it because it had no "operational value."[228]
Under Britain's MUSCULAR programme, the NSA and GCHQ have secretly broken into the main communications links that connect Yahoo and Google data centers around the world and thereby gained the ability to collect metadata and content at will from hundreds of millions of user accounts.[229][230][231][232][233]
The mobile phone of German Chancellor Angela Merkel might have been tapped by U.S. intelligence.[234][235][236][237][238][239][240] According to the Spiegel this monitoring goes back to 2002[241][242] and ended in the summer of 2013,[226] while The New York Times reported that Germany has evidence that the NSA's surveillance of Merkel began during George W. Bush's tenure.[243] After learning from Der Spiegel magazine that the NSA has been listening in to her personal mobile phone, Merkel compared the snooping practices of the NSA with those of the Stasi.[244] It was reported in March 2014, by Der Spiegel that Merkel had also been placed on an NSA surveillance list alongside 122 other world leaders.[245]
On October 31, 2013, Hans-Christian Strbele, a member of the German Bundestag, met Snowden in Moscow and revealed the former intelligence contractor's readiness to brief the German government on NSA spying.[246]
A highly sensitive signals intelligence collection program known as Stateroom involves the interception of radio, telecommunications and internet traffic. It is operated out of the diplomatic missions of the Five Eyes (Australia, Britain, Canada, New Zealand, United States) in numerous locations around the world. The program conducted at U.S. diplomatic missions is run in concert by the U.S. intelligence agencies NSA and CIA in a joint venture group called "Special Collection Service" (SCS), whose members work undercover in shielded areas of the American Embassies and Consulates, where they are officially accredited as diplomats and as such enjoy special privileges. Under diplomatic protection, they are able to look and listen unhindered. The SCS for example used the American Embassy near the Brandenburg Gate in Berlin to monitor communications in Germany's government district with its parliament and the seat of the government.[240][247][248][249]
Under the Stateroom surveillance programme, Australia operates clandestine surveillance facilities to intercept phone calls and data across much of Asia.[248][250]
In France, the NSA targeted people belonging to the worlds of business, politics or French state administration. The NSA monitored and recorded the content of telephone communications and the history of the connections of each target i.e. the metadata.[251][252] The actual surveillance operation was performed by French intelligence agencies on behalf of the NSA.[62][253] The cooperation between France and the NSA was confirmed by the Director of the NSA, Keith B. Alexander, who asserted that foreign intelligence services collected phone records in "war zones" and "other areas outside their borders" and provided them to the NSA.[254]
The French newspaper Le Monde also disclosed new PRISM and Upstream slides (See Page 4, 7 and 8) coming from the "PRISM/US-984XN Overview" presentation.[255]
In Spain, the NSA intercepted the telephone conversations, text messages and emails of millions of Spaniards, and spied on members of the Spanish government.[256] Between December 10, 2012, and January 8, 2013, the NSA collected metadata on 60 million telephone calls in Spain.[257]
According to documents leaked by Snowden, the surveillance of Spanish citizens was jointly conducted by the NSA and the intelligence agencies of Spain.[258][259]
The New York Times reported that the NSA carries out an eavesdropping effort, dubbed Operation Dreadnought, against the Iranian leader Ayatollah Ali Khamenei. During his 2009 visit to Iranian Kurdistan, the agency collaborated with GCHQ and the U.S.'s National Geospatial-Intelligence Agency, collecting radio transmissions between aircraft and airports, examining Khamenei's convoy with satellite imagery, and enumerating military radar stations. According to the story, an objective of the operation is "communications fingerprinting": the ability to distinguish Khamenei's communications from those of other people in Iran.[260]
The same story revealed an operation code-named Ironavenger, in which the NSA intercepted e-mails sent between a country allied with the United States and the government of "an adversary". The ally was conducting a spear-phishing attack: its e-mails contained malware. The NSA gathered documents and login credentials belonging to the enemy country, along with knowledge of the ally's capabilities for attacking computers.[260]
According to the British newspaper The Independent, the British intelligence agency GCHQ maintains a listening post on the roof of the British Embassy in Berlin that is capable of intercepting mobile phone calls, wi-fi data and long-distance communications all over the German capital, including adjacent government buildings such as the Reichstag (seat of the German parliament) and the Chancellery (seat of Germany's head of government) clustered around the Brandenburg Gate.[261]
Operating under the code-name "Quantum Insert", GCHQ set up a fake website masquerading as LinkedIn, a social website used for professional networking, as part of its efforts to install surveillance software on the computers of the telecommunications operator Belgacom.[262][263][264] In addition, the headquarters of the oil cartel OPEC were infiltrated by GCHQ as well as the NSA, which bugged the computers of nine OPEC employees and monitored the General Secretary of OPEC.[262]
For more than three years GCHQ has been using an automated monitoring system code-named "Royal Concierge" to infiltrate the reservation systems of at least 350 prestigious hotels in many different parts of the world in order to target, search and analyze reservations to detect diplomats and government officials.[265] First tested in 2010, the aim of the "Royal Concierge" is to track down the travel plans of diplomats, and it is often supplemented with surveillance methods related to human intelligence (HUMINT). Other covert operations include the wiretapping of room telephones and fax machines used in targeted hotels as well as the monitoring of computers hooked up to the hotel network.[265]
In November 2013, the Australian Broadcasting Corporation and The Guardian revealed that the Australian Signals Directorate (DSD) had attempted to listen to the private phone calls of the president of Indonesia and his wife. The Indonesian foreign minister, Marty Natalegawa, confirmed that he and the president had contacted the ambassador in Canberra. Natalegawa said any tapping of Indonesian politicians' personal phones "violates every single decent and legal instrument I can think ofnational in Indonesia, national in Australia, international as well".[266]
Other high-ranking Indonesian politicians targeted by the DSD include:
Carrying the title "3G impact and update", a classified presentation leaked by Snowden revealed the attempts of the ASD/DSD to keep up to pace with the rollout of 3G technology in Indonesia and across Southeast Asia. The ASD/DSD motto placed at the bottom of each page reads: "Reveal their secretsprotect our own."[267]
Under a secret deal approved by British intelligence officials, the NSA has been storing and analyzing the internet and email records of British citizens since 2007. The NSA also proposed in 2005 a procedure for spying on the citizens of the UK and other Five-Eyes nations alliance, even where the partner government has explicitly denied the U.S. permission to do so. Under the proposal, partner countries must neither be informed about this particular type of surveillance, nor the procedure of doing so.[37]
Towards the end of November, The New York Times released an internal NSA report outlining the agency's efforts to expand its surveillance abilities.[268] The five-page document asserts that the law of the United States has not kept up with the needs of the NSA to conduct mass surveillance in the "golden age" of signals intelligence, but there are grounds for optimism because, in the NSA's own words:
The culture of compliance, which has allowed the American people to entrust NSA with extraordinary authorities, will not be compromised in the face of so many demands, even as we aggressively pursue legal authorities...[269]
The report, titled "SIGINT Strategy 20122016", also said that the U.S. will try to influence the "global commercial encryption market" through "commercial relationships", and emphasized the need to "revolutionize" the analysis of its vast data collection to "radically increase operational impact".[268]
On November 23, 2013, the Dutch newspaper NRC Handelsblad reported that the Netherlands was targeted by U.S. intelligence agencies in the immediate aftermath of World War II. This period of surveillance lasted from 1946 to 1968, and also included the interception of the communications of other European countries including Belgium, France, West Germany and Norway.[270] The Dutch Newspaper also reported that NSA infected more than 50,000 computer networks worldwide, often covertly, with malicious spy software, sometimes in cooperation with local authorities, designed to steal sensitive information.[40][271]
LARGE CABLE20 major points of accesses, many of them located within the United States
According to the classified documents leaked by Snowden, the Australian Signals Directorate (ASD), formerly known as the Defense Signals Directorate, had offered to share intelligence information it had collected with the other intelligence agencies of the UKUSA Agreement. Data shared with foreign countries include "bulk, unselected, unminimized metadata" it had collected. The ASD provided such information on the condition that no Australian citizens were targeted. At the time the ASD assessed that "unintentional collection [of metadata of Australian nationals] is not viewed as a significant issue". If a target was later identified as being an Australian national, the ASD was required to be contacted to ensure that a warrant could be sought. Consideration was given as to whether "medical, legal or religious information" would be automatically treated differently to other types of data, however a decision was made that each agency would make such determinations on a case-by-case basis.[272] Leaked material does not specify where the ASD had collected the intelligence information from, however Section 7(a) of the Intelligence Services Act 2001 (Commonwealth) states that the ASD's role is "...to obtain intelligence about the capabilities, intentions or activities of people or organizations outside Australia...".[273] As such, it is possible ASD's metadata intelligence holdings was focused on foreign intelligence collection and was within the bounds of Australian law.
The Washington Post revealed that the NSA has been tracking the locations of mobile phones from all over the world by tapping into the cables that connect mobile networks globally and that serve U.S. cellphones as well as foreign ones. In the process of doing so, the NSA collects more than five billion records of phone locations on a daily basis. This enables NSA analysts to map cellphone owners' relationships by correlating their patterns of movement over time with thousands or millions of other phone users who cross their paths.[274][275][276][277][278][279][280][281]
The Washington Post also reported that both GCHQ and the NSA make use of location data and advertising tracking files generated through normal internet browsing (with cookies operated by Google, known as "Pref") to pinpoint targets for government hacking and to bolster surveillance.[282][283][284]
The Norwegian Intelligence Service (NIS), which cooperates with the NSA, has gained access to Russian targets in the Kola Peninsula and other civilian targets. In general, the NIS provides information to the NSA about "Politicians", "Energy" and "Armament".[285] A top secret memo of the NSA lists the following years as milestones of the NorwayUnited States of America SIGINT agreement, or NORUS Agreement:
The NSA considers the NIS to be one of its most reliable partners. Both agencies also cooperate to crack the encryption systems of mutual targets. According to the NSA, Norway has made no objections to its requests from the NIS.[286]
Read the original here:
Global surveillance disclosures (2013present) - Wikipedia
