Dark Mirror
Page 13
I clicked to slides 15 and 40, the latter updated only six weeks before. I showed Baron and his team that PRISM had more than 45,000 “selectors,” or individual collection targets, at the end of 2012. By April 5, 2013, there were 117,675 accounts under active surveillance. The numbers were growing exponentially, more than doubling at Facebook and more than tripling at Skype from year to year.
Could there be that many terrorists, spies, and foreign government targets with Hotmail or Yahoo accounts? What definition of “terrorist,” the top target category, would result in numbers like that? The subtitle of this slide deck called PRISM the source “Used Most in NSA Reporting.” Reporting, in this context, meant alerts and briefings sent to intelligence customers around the U.S. government. Put another way, this briefing told us that Fort Meade shared more information obtained from American internet companies than from any other source.
“Okay,” Baron pronounced.
“Okay?” I had to hear him say it.
“Okay. I want the story. We can work with your conditions. We’ll come up with a security plan and a contract to cover you. When can I meet Laura?”
It felt as though I had been holding my breath a long time. I let it out.
“Can I have a private word?” I asked.
We walked to an empty office across the hall, Baine alongside. I pulled a small rectangular package from my bag. A hard drive, cloned two nights before. Pandora. I needed a secure home for this backup, and I needed to know the Post was all the way in.
I made my words carefully vague.
“It could be that more than one document will become available. More than one story. I’d like you to keep this safe for me.”
Another thin veil, the best I could come up with. The drive was encrypted. I would not leave the keys. Even under legal orders, Baron could not open it or profess to know the contents. He might surmise, but he did not owe his private thoughts to anyone.
Sharing custody of the archive would not diminish my own exposure, not formally. The First Amendment issued no membership cards. Whatever uncertain protection it offered, whatever shield law or common-law privilege applied, should extend equally in theory to a freelance reporter. In practice, in the legal culture of twenty-first-century America, a big newspaper’s embrace would constrain the government’s options. Kicking down my door was one thing, sending a team to toss the newsroom another. Even a polite subpoena might carry political costs. Baron had already promised a lot. Publishing a story would validate my links to the source as legitimate reporting. Covering my legal costs would spare me a burden. But the Post could not extend its unwritten privilege at arm’s length. Only by joining in my jeopardy would it make this story, and my legal defense, fully its own.
I wanted to know that Baron had skin in the game. I held the hard drive, palm up, at my side. It felt more like a question than an offer. Would he accept?
From over my right shoulder, Baine called time-out.
“Marty, as the company’s lawyer, I can’t advise you to do that,” he said.
I closed my eyes. I opened them. I wanted to object, to contest the ruling, but I had no grounds. Baine had warned me that he would speak up if a conflict of interest emerged. Here it was. This was the point where my interests and the newspaper’s diverged. Baron had agreed to publish a single story. Baine, I figured, saw me on thornier terrain, walking around with who knows what and who knows how much of it. There was no reason for Baron to join me in that briar patch. I knew what had to be coming next. Baine would parse and qualify the Post’s commitment. Terms and conditions applied. I braced myself, but the lawyer said nothing more. The room went quiet. It took quite a few beats to persuade me that Baine had spoken his piece. I had misjudged the moment. His silence became a subtle, thrilling signal.
He’s not really trying. He’s not trying at all. Baine had flagged a legal boundary, nothing more. That probably qualified literally as the least he could do. If he wanted to block this transaction, he could spell out nightmare scenarios, invoke the ghosts of subpoena fights past, point out that I had not even said what the package contained. He could pull Baron aside and tell him this decision was not an editor’s to make. Williams & Connolly represented the whole company. Baine could walk up two flights to the publisher. He did not do that. He did not do any of those things. Even the dozen words he spoke were soft at the edges. “Can’t advise” did not pack the punch of “advise against.” Hell, he could have said, “Marty, stop. Do not take that package. We need to talk.” Baine offered Baron an easy exit, no doubt about that. A lot of editors, a lot of executives anywhere, would be glad to have it. If Baron shouldered this burden without checking upstairs, it was all on him.
Baron nodded. Message received. Boundary noted.
“I’m doing it,” he said.
He held out his hand. The answer was yes. Yes to the story, yes to the hard drive, yes to the whole outlandish list. Something seemed to be in my eye. I struggled not to embarrass myself. The Post was still the Post. I was home.
FOUR
PRISM
As Snowden counted down his final days in Hawaii, a senior civilian manager was making the rounds of NSA headquarters, five thousand miles away. The manager, whose name was Rick, led a project called PRISM, one of the agency’s most prolific operations. As a start-up back in 2007, PRISM had produced a grand total of three intelligence reports in its first month. Now, five and a half years later, it had become a principal engine of the U.S. surveillance machine. Rick was its collection manager and chief evangelist.
The wire diagram of the NSA that year placed Rick’s operation within the unassumingly named subdirectorate of Data Acquisition, an arm of the Signals Intelligence Directorate. That is to say, Rick ran a spy shop, which is not a redundant thing to say in the context of the larger enterprise. The NSA did a whole lot of spying and a whole lot of other things, too. Great swaths of it, any one of which could swallow a lesser federal agency, took little or no part in the business of espionage. A chart of all those islands would divide the Fort Meade archipelago roughly in half. Information Assurance, on one side, locked down American secrets. Signals Intelligence, on the other, stole the secrets of others. The twin missions, defend and attack, had coequal status but not coequal power. Offense had always been the bigger, richer brother.
In principle, the ambitions of signals intelligence extended to all the world’s data in electromagnetic form. SIGINT did not confine its collection to human language and pictures. It filled immense reservoirs with the chatter of machines: missile telemetry, radar signatures, the handshakes at network switches on internet trunk lines. Oceans of information, ever replenished, deluged any vessel that mortal hands could build. “Swallowing the sea is a fatuous idea,” said Joel F. Brenner, a Harvard-trained lawyer who served as NSA inspector general in the mid-2000s. “No organization, and no technology, can do it. Doing SIGINT for foreign intelligence purposes therefore implies electronic filtering, sorting, and dissemination systems of amazing sophistication.”
George R. Cotter, who served as the NSA’s chief scientist until 2009, liked to describe the division of labor in signals intelligence as “Fetch It, Etch It and Retch It.” Fetching happened in acquisition, or S3 on the organization chart, where the first stage of spying took place. Thousands of workers reached into cables and routers and networks around the world to extract information that belonged to someone else. Etching was the domain of S2, analysis and production, where thousands of others filtered and looked for meaning in the raw intercepts. Retching, in Cotter’s irreverent phrase, described the labors of S1, where the NSA prepared intelligence reports for the president and a long list of lesser customers. The official NSA lexicon evoked a factory: “product lines” were sorted by topic and geography, then assembled into “finished intelligence,” most commonly in the form of “serialized reports,” and routed to consumers in portions that accorded with their clearances and need
s. By the numbers, the conveyor belt rolled backward from S3 to S2 to S1. Acquire, analyze, report. Fetch, etch, retch.
Rick lived on the “Fetch It” side of the house. He displayed evident pride in PRISM and made sure to spread the word. In April 2013, Rick was traveling from office to office in the corridors of S2, regaling analysts with tales of treasure to be had from Silicon Valley and the Microsoft empire east of Seattle: email, voice and video chat, instant messages, photographs, budget documents, travel and medical records, technical drawings, contact lists, and more. He drew upon a “corporate portfolio” of nine companies, listed in order of entry into the PRISM apparatus: “Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple.” Dropbox, the cloud storage and synchronization service, was described as “coming soon.”
Like a lot of pitches of this sort, Rick’s message mixed customer education with reputation-building and budget defense for his office. “PRISM is one of the most valuable, unique, and productive accesses for NSA—don’t miss out,” he told the analysts. Some offices, he mentioned, did not make optimal use of PRISM. “They are missing unique collection on their targets.”
Inevitably, this being a federal agency, Rick brought along a deck of PowerPoint slides. There were forty-one of them, so densely packed that the presentation must have lasted over an hour. He sprinkled the talk with eye-popping samples for each specialized “target office of primary interest” in the directorate. There were South Asia highlights for S2A, China and Korea highlights for S2B, and so on through S2I (Counterterrorism) and S2J (Weapons and Space).
Several qualities enriched Rick’s presentation from a journalist’s point of view. He wrote close to seven thousand words of speaker’s notes, full of granular detail that did not appear on the display slides themselves. Some passages disclosed collection details that a more cautious author might have left out. Prominent display of the PRISM Provider List, which was supposed to be the project’s deepest secret, lent a further air of indiscretion to the briefing.
Snowden came across the PRISM file in electronic form around the same time that Rick presented it to analysts in S2H, the Russia product line. Nothing Snowden had seen until now better suited his plan. He had been talking to Poitras for three months, but he still did not feel confident that his disclosures would seize attention from a public that had seldom responded strongly to privacy warnings. Most of the NSA programs that worried him were legally and technically intricate, not easy to explain. He needed examples that ordinary people would recognize. Along came Rick’s presentation, festooned at the top of every slide with iconic logos from the best-known Internet companies in the world. “PRISM hits close to people’s hearts,” he told me.
Alongside the famous trademarks, Rick had placed another image twice the size. This one represented the PRISM project itself. A lot of NSA offices designed their own seals, often relying on clip art found online. They were symbols of identity and prowess, akin to the crossed swords on an Army cavalry patch. PRISM’s emblem featured a slab of glass cut into rectilineal planes—an actual prism, the triangular kind used in optics. A beam of light passed through the glass. Two beams of light emerged. The second one, the twin, refracted into a rainbow of hidden colors. Was this a pun, a visual play on PRISM’s cover name, or did it mean to convey a more literal message? The internet itself was a construct of light that moved information through cables spun from glass. Did the NSA splice in and sort through the lightstream for secrets? In fact, it did not—or not with PRISM. Not under this program, as officials would say carefully in statements to come that year. There were splicing operations, literal and figurative, at other points of access for the NSA and its allied service in the United Kingdom. I had not pieced those clues together yet.
Snowden understood the power of images. “The internet is on principle a system that you reveal yourself to in order to fully enjoy, which differentiates it from, say, a music player that you can listen to without your interests being known,” he wrote to me as I neared publication of the PRISM story. “It is a TV that watches you.” In PRISM, he saw an image to persuade the public that there really might be someone on the other side of the screen.
* * *
—
In film and fiction, the NSA mostly listened in on telephone calls. PRISM had capabilities far beyond that. According to the users’ guide for the project’s Skype interface, a separate document, NSA analysts could not only review stored account information but also dial in and record live “audio, video, chat, and file transfers.” Analysts could ask for instant notifications when their targets logged on to Hotmail or AOL or Yahoo Messenger. Using other tools, outside the PRISM rubric, the NSA could monitor keystrokes as they happened during a live chat or an internet search, before a surveillance target even clicked Send. “They can literally watch your thoughts form as you type,” Snowden told me.
Never in history had there been richer troves of personal information than the ones held by the internet giants. Rick’s presentation described “continued exponential growth” in the volume of information his project obtained from those stores. By his accounting, PRISM produced the raw material for more than 15 percent of the agency’s distributed intelligence reports. Since 2011, no source had been cited as often in the President’s Daily Brief, which assembled the most timely work from all seventeen agencies and organizations in the U.S. intelligence community. Over the course of fiscal year 2012, the president had received a total of 8,233 articles in his highly classified daily brief. Nearly one in five, 1,477, drew upon information obtained from U.S. internet companies under the auspices of PRISM.
These were eye-opening figures in an enterprise that measured annual intake in the trillions of communications. How could an agency built to spy overseas have set its hooks so deeply into the U.S. information industry? Rick’s audience knew the basics, but he spelled them out. The NSA could lawfully target only foreigners, and only if they were located abroad, but “much of the world’s communications flow through the U.S.,” he told colleagues. “A target’s phone call, email or chat will take the cheapest path, not the physically most direct path.” The conversations that analysts needed most “could easily be flowing into and through the U.S.”
That happenstance might have been a bonanza for the NSA, but until fairly recently it had not been. Rick echoed a long-standing complaint that Congress had tied the agency’s hands. The Foreign Intelligence Surveillance Act of 1978, he said, had unduly “restricted our ‘home field advantage’ . . . because it provided privacy protections to people who were not entitled to them.” Something like “80 percent of known terrorist email accounts used Yahoo or Hotmail,” but until 2007 the NSA had to apply for an individual warrant for every surveillance order—“simply because the Government was collecting off a wire in the United States.”
Rick skipped over the first six years after September 11, 2001, when President Bush ordered the NSA to disregard the statutory warrant requirement. Under four collection programs overseen by Vice President Cheney, the NSA and FBI began wide-ranging surveillance of internet and telephone communications within the United States. Cheney and his lawyer insisted on concealing those operations from most of Bush’s national security staff and nearly everyone in Congress and the FISA Court. The operations were protected as “exceptionally compartmented information”—the most restricted category of classification—under the cover name WHIPGENIE. Later they were reflagged as STELLARWIND, with a special handling caveat known as RAGTIME. The one secrecy precaution Cheney did not allow was designation of STELLARWIND as a “special access program.” As Brenner put it, “the creation of a new special access program requires Congressional notification, but it was run directly by the Office of the Vice President and put under the direct personal control of the Vice President’s counsel, David Addington.”
When the New York Times revealed one of the secret programs in 2005, a speechwriter for Bush came up with the name “Terrorist
Surveillance Program,” a marketing slogan that deliberately misdirected public scrutiny. The domestic surveillance did not spy on known terrorists. It aspired to cover substantially all Americans, collecting hundreds of billions of telephone and internet records, in the hope of discovering unknown conspirators. According to an internal classification guide, the NSA followed Bush’s political lead and began using “TSP,” a made-up compartment name, “in briefings and declarations intended for external audiences, such as Congress and the courts.”
A rebellion in the Justice Department against unlawful orders forced Bush to seek authority for the warrantless programs from the FISA Court and eventually from Congress. That was where Rick’s briefing picked up the story again. In the Protect America Act of 2007, Congress temporarily removed the individual warrant requirement for surveillance of a foreign target whose communications can be obtained from a U.S. company. As noted in chapter 3, Congress extended the new NSA authority in Section 702 of the FISA Amendments Act of 2008. Legislators also granted retroactive immunity to any telephone carrier or internet provider that broke the law by giving protected information to the government without warrants.
Those were the laws that gave birth to PRISM. The executive branch had persuaded Congress that it was too hard for the NSA to reach its targets from overseas access points, where data split into packets and scattered over multiple paths. The same information, in many cases, was there for the taking on U.S. territory, reassembled and sitting still in the data centers of the American companies. “The [United States] overwhelmed the world, not in its own communications, but as the provider of the infrastructure,” Rick explained to his listeners. “We needed to collect the full content directly from the providers’ servers.”