A similar surveillance document from August 2010 reveals that the United States spied on eight members of the UN Security Council regarding a subsequent resolution about sanctions on Iran. The list included France, Brazil, Japan, and Mexico—all considered friendly nations. The espionage gave the US government valuable information about those countries’ voting intentions, giving Washington an edge when talking to other members of the Security Council.
To facilitate diplomatic spying, the NSA has gained various forms of access to the embassies and consulates of many of its closest allies. One 2010 document—shown here with some countries deleted—lists the nations whose diplomatic structures inside the United States were invaded by the agency. A glossary at the end explains the various types of surveillance used.
Some of the NSA’s methods serve all agendas—economic, diplomatic, security, and obtaining an all-purpose global advantage—and these are among the most invasive, and hypocritical, in the agency’s repertoire. For years, the US government loudly warned the world that Chinese routers and other Internet devices pose a “threat” because they are built with backdoor surveillance functionality that gives the Chinese government the ability to spy on anyone using them. Yet what the NSA’s documents show is that Americans have been engaged in precisely the activity that the United States accused the Chinese of doing.
The drumbeat of American accusations against Chinese Internet device manufacturers was unrelenting. In 2012, for example, a report from the House Intelligence Committee, headed by Mike Rogers, claimed that Huawei and ZTE, the top two Chinese telecommunications equipment companies, “may be violating United States laws” and have “not followed United States legal obligations or international standards of business behavior.” The committee recommended that “the United States should view with suspicion the continued penetration of the U.S. telecommunications market by Chinese telecommunications companies.”
The Rogers committee voiced fears that the two companies were enabling Chinese state surveillance, although it acknowledged that it had obtained no actual evidence that the firms had implanted their routers and other systems with surveillance devices. Nonetheless, it cited the failure of those companies to cooperate and urged US firms to avoid purchasing their products:
Private-sector entities in the United States are strongly encouraged to consider the long-term security risks associated with doing business with either ZTE or Huawei for equipment or services. U.S. network providers and systems developers are strongly encouraged to seek other vendors for their projects. Based on available classified and unclassified information, Huawei and ZTE cannot be trusted to be free of foreign state influence and thus pose a security threat to the United States and to our systems.
The constant accusations became such a burden that Ren Zhengfei, the sixty-nine-year-old founder and CEO of Huawei, announced in November 2013 that the company was abandoning the US market. As Foreign Policy reported, Zhengfei told a French newspaper: “‘If Huawei gets in the middle of U.S-China relations,’ and causes problems, ‘it’s not worth it.’”
But while American companies were being warned away from supposedly untrustworthy Chinese routers, foreign organizations would have been well advised to beware of American-made ones. A June 2010 report from the head of the NSA’s Access and Target Development department is shockingly explicit. The NSA routinely receives—or intercepts—routers, servers, and other computer network devices being exported from the United States before they are delivered to the international customers. The agency then implants backdoor surveillance tools, repackages the devices with a factory seal, and sends them on. The NSA thus gains access to entire networks and all their users. The document gleefully observes that some “SIGINT tradecraft … is very hands-on (literally!)”:
Eventually, the implanted device connects back to the NSA infrastructure:
Among other devices, the agency intercepts and tampers with routers and servers manufactured by Cisco to direct large amounts of Internet traffic back to the NSA’s repositories. (There is no evidence in the documents that Cisco is aware of, or condoned, these interceptions.) In April 2013, the agency grappled with technical difficulties involving the intercepted Cisco network switches, which affected the BLARNEY, FAIRVIEW, OAKSTAR, and STORMBREW programs:
It is quite possible that Chinese firms are implanting surveillance mechanisms in their network devices. But the United States is certainly doing the same.
Warning the world about Chinese surveillance could have been one of the motives behind the US government’s claims that Chinese devices cannot be trusted. But an equally important motive seems to have been preventing Chinese devices from supplanting American-made ones, which would have limited the NSA’s own reach. In other words, Chinese routers and servers represent not only economic competition but also surveillance competition: when someone buys a Chinese device instead of an American one, the NSA loses a crucial means of spying on a great many communication activities.
* * *
If the quantity of collection revealed was already stupefying, the NSA’s mission to collect all the signals all the time has driven the agency to expand and conquer more and more ground. The amount of data it captures is so vast, in fact, that the principal challenge the agency complains about is storing the heaps of information accumulated from around the globe. One NSA document, prepared for the Five Eyes SigDev Conference, set forth this central problem:
The story goes back to 2006, when the agency embarked on what it called “Large Scale Expansion of NSA Metadata Sharing.” At that point, the NSA predicted that its metadata collection would grow by six hundred billion records every year, growth that would include one to two billion new telephone call events collected every single day:
By May 2007, the expansion had evidently borne fruit: the amount of telephone metadata the agency was storing—independent of email and other Internet data, and excluding data the NSA had deleted due to lack of storage space—had increased to 150 billion records:
Once Internet-based communications were added to the mix, the total number of communication events stored was close to 1 trillion (this data, it should be noted, was then shared by the NSA with other agencies).
To address its storage problem, the NSA began building a massive new facility in Bluffdale, Utah, that has as one of its primary purposes the retention of all that data. As reporter James Bamford noted in 2012, the Bluffdale construction will expand the agency’s capacity by adding “four 25,000-square-foot halls filled with servers, complete with raised floor space for cables and storage. In addition, there will be more than 900,000 square feet for technical support and administration.” Considering the size of the building and the fact that, as Bamford says, “a terabyte of data can now be stored on a flash drive the size of a man’s pinky,” the implications for data collection are profound.
The need for ever-larger facilities is particularly pressing given the agency’s current invasions into global online activity, which extend far beyond the collection of metadata to include the actual content of emails, Web browsing, search histories, and chats. The key program used by the NSA to collect, curate, and search such data, introduced in 2007, is X-KEYSCORE, and it affords a radical leap in the scope of the agency’s surveillance powers. The NSA calls X-KEYSCORE its “widest-reaching” system for collecting electronic data, and with good reason.
A training document prepared for analysts claims the program captures “nearly everything a typical user does on the internet,” including the text of emails, Google searches, and the names of websites visited. X-KEYSCORE even allows “real-time” monitoring of a person’s online activities, enabling the NSA to observe emails and browsing activities as they happen.
Beyond collecting comprehensive data about the online activities of hundreds of millions of people, X-KEYSCORE allows any NSA analyst to search the system’s databases by email address, telephone number, or identifying attributes such as an IP address. The range of information available an
d the basic means an analyst uses to search it are illustrated in this slide:
Another X-KEYSCORE slide lists the various fields of information that can be searched via the program’s “plug-ins.” Those include “every email address seen in a session,” “every phone number seen in a session” (including “address book entries”), and “the webmail and chat activity”:
The program also offers the ability to search and retrieve embedded documents and images that were created, sent, or received:
Other NSA slides openly declare the all-encompassing global ambition of X-KEYSCORE:
The searches enabled by the program are so specific that any NSA analyst is able not only to find out which websites a person has visited but also to assemble a comprehensive list of all visits to a particular website from specified computers:
Most remarkable is the ease with which analysts can search for whatever they want with no oversight. An analyst with access to X-KEYSCORE need not submit a request to a supervisor or any other authority. Instead, the analyst simply fills out a basic form to “justify” the surveillance, and the system returns the information requested.
In the first video interview he gave when in Hong Kong, Edward Snowden made an audacious claim: “I, sitting at my desk, could wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal email.” US officials vehemently denied that this was true. Mike Rogers expressly accused Snowden of “lying,” adding, “It’s impossible for him to do what he was saying he could do.” But X-KEYSCORE permits an analyst to do exactly what Snowden said: target any user for comprehensive monitoring, which includes reading the content of their emails. Indeed, the program lets an analyst search for all emails that include targeted users in the “cc” line or mention of them in the body of the text.
The NSA’s own instructions for searching through emails demonstrate just how simple and easy it is for analysts to monitor anyone whose address they know:
One of X-KEYSCORE’s most valuable functions to the NSA is its ability to surveil the activities on online social networks (OSNs), such as Facebook and Twitter, which the agency believes provide a wealth of information and “insight into the personal lives of targets:”
The methods for searching social media activity are every bit as simple as the email search. An analyst enters the desired user name on, say, Facebook, along with the date range of activity, and X-KEYSCORE then returns all of that user’s information, including messages, chats, and other private postings.
Perhaps the most remarkable fact about X-KEYSCORE is the sheer quantity of data that it captures and stores at multiple collection sites around the world. “At some sites,” one report states, “the amount of data we receive per day (20+ terabytes) can only be stored for as little as 24 hours based on available resources.” For one thirty-day period beginning in December 2012, the quantity of records collected by X-KEYSCORE just for one unit, the SSO, exceeded forty-one billion:
X-KEYSCORE “stores the full-take content for 3–5 days, effectively ‘slowing down the internet,’”—meaning that “analysts can go back and recover sessions.” Then “content that is ‘interesting’ can be pulled out of X-KEYSCORE and pushed to Agility or PINWALE,” storage databases that provide longer retention.
X-KEYSCORE’s ability to access Facebook and other social media sites is boosted by other programs, which include BLARNEY, allowing the NSA to monitor a “broad range of Facebook data via surveillance and search activities”:
In the UK, meanwhile, the GCHQ’s Global Telecommunications Exploitation (GTE) division has also devoted substantial resources to the task, detailed in a 2011 presentation to the annual Five Eyes conference.
The GCHQ has paid special attention to weaknesses in Facebook’s security system and to obtaining the kind of data that Facebook users attempt to shield:
In particular, the GCHQ has found vulnerabilities in the network’s system for storing pictures, which can be used to gain access to Facebook IDs and album images:
Beyond social media networks, the NSA and the GCHQ continue to look for any gaps in their surveillance net, any communications that remain outside their grasp, and then develop ways to bring them under the agencies’ watchful eye. One seemingly obscure program demonstrates this point.
Both the NSA and GCHQ have been consumed by their perceived need to monitor Internet and phone communications of people on commercial airline flights. Because these are rerouted via independent satellite systems, they are extremely difficult to pinpoint. The idea that there is a moment when someone can use the Internet or their phone without detection—even for just a few hours while flying—is intolerable to the surveillance agencies. In response, they have devoted substantial resources to developing systems that will intercept in-flight communications.
At the 2012 Five Eyes conference, the GCHQ presented an interception program named Thieving Magpie, targeting the increasingly available use of cell phones during flights:
The proposed solution envisioned a system to ensure complete “global coverage”:
Substantial headway has been made to ensure that certain devices are susceptible to surveillance on passenger jets:
A related NSA document presented at the same conference, for a program entitled Homing Pigeon, also describes efforts to monitor in-air communications. The agency’s program was to be coordinated with the GCHQ, and the entire system made available to the Five Eyes group.
* * *
There is remarkable candidness, within parts of the NSA, about the true purpose of building so massive a secret surveillance system. A PowerPoint presentation prepared for a group of agency officials discussing the prospect of international Internet standards gives the unvarnished view. The author of the presentation is an “NSA/SIGINT National Intelligence Officer (SINIO) for Science and Technology,” a self-described “well trained scientist and hacker.”
The blunt title of his presentation: “The Role of National Interests, Money, and Egos.” These three factors together, he says, are the primary motives driving the United States to maintain global surveillance domination.
He notes that US dominance over the Internet has given the country substantial power and influence, and has also generated vast profit:
Such profit and power have also inevitably accrued, of course, to the surveillance industry itself, providing another motive for its endless expansion. The post-9/11 era has seen a massive explosion of resources dedicated to surveillance. Most of those resources were transferred from the public coffers (i.e., the American taxpayer) into the pockets of private surveillance defense corporations.
Companies like Booz Allen Hamilton and AT&T employ hordes of former top government officials, while hordes of current top defense officials are past (and likely future) employees of those same corporations. Constantly growing the surveillance state is a way to ensure that the government funds keep flowing, that the revolving door stays greased. That is also the best way to ensure that the NSA and its related agencies retain institutional importance and influence inside Washington.
As the scale and ambition of the surveillance industry has grown, so has the profile of its perceived adversary. Listing the various threats supposedly facing the United States, the NSA—in a document entitled “National Security Agency: Overview Briefing”—includes some predictable items: “hackers,” “criminal elements,” and “terrorists.” Revealingly, though, it also goes far broader by including among the threats a list of technologies, including the Internet itself:
The Internet has long been heralded as an unprecedented instrument of democratization and liberalization, even emancipation. But in the eyes of the US government, this global network and other types of communications technology threaten to undermine American power. Viewed from this perspective, the NSA’s ambition to “collect it all” at last becomes coherent. It is vital that the NSA monitor all parts of the Internet and any other means of communication, so that none can escape US government control.
Ultimately, beyond diplomatic manipulation and economic gain, a system of ubiquitous spying allows the United States to maintain its grip on the world. When the United States is able to know everything that everyone is doing, saying, thinking, and planning—its own citizens, foreign populations, international corporations, other government leaders—its power over those factions is maximized. That’s doubly true if the government operates at ever greater levels of secrecy. The secrecy creates a one-way mirror: the US government sees what everyone else in the world does, including its own population, while no one sees its own actions. It is the ultimate imbalance, permitting the most dangerous of all human conditions: the exercise of limitless power with no transparency or accountability.
Edward Snowden’s revelations subverted that dangerous dynamic by shining a light on the system and how it functions. For the first time, people everywhere were able to learn the true extent of the surveillance capabilities amassed against them. The news triggered an intense, sustained worldwide debate precisely because the surveillance poses such a grave threat to democratic governance. It also triggered proposals for reform, a global discussion of the importance of Internet freedom and privacy in the electronic age, and a reckoning with the vital question: What does limitless surveillance mean for us as individuals, in our own lives?
No Place to Hide Page 15