Moreover, . . . the NSA . . . [is] still in the process of determining how the NSA’s own systems and personnel interact with the BR metadata. Under these circumstances, no one inside or outside of the NSA can represent with adequate certainty whether the NSA is complying with these procedures. In fact, the government acknowledges that, as of August 2006, “there was no single person who had a complete understanding of the BR FISA system architecture.” . . . This situation evidently had not been remedied as of February 18, 2009, when “NSA personnel determined,” only as a result of the “end-to-end review of NSA’s technical infrastructure” . . . that the [REDACTED] tool accessed the BR metadata on the basis of telephone identifiers that had not been RAS-approved. . . .
This end-to-end review has not been completed. . . . Nonetheless, the government submits that the technical safeguards implemented . . . “should prevent recurrences” of the identified forms of non-compliance, . . . and “expect[s] that any further problems NSA personnel may identify with the infrastructure will be historical,” rather than current . . . (emphasis added). However, until this end-to-end review has been completed, the Court sees little reason to believe that the most recent discovery of a systemic, ongoing violation . . . will be the last. Nor does the Court share the government’s optimism that technical safeguards implemented to respond to one set of problems will fortuitously be effective against additional problems identified in the future.
Moreover, . . . there is reason to question whether the newly implemented safeguards will be effective. For example, . . . the NSA reported on October 17, 2008, that it had deployed software modifications that would require analysts to specifically enable access to BR metadata when performing manual queries, but these modifications did not prevent hundreds of additional violations by analysts who inadvertently accessed BR metadata through queries using telephone numbers that had not been RAS-approved. . . .
. . .
In light of what appear to be systemic problems, this Court cannot accept the mere introduction of technological remedies as a demonstration that a problem is solved. More is required . . . to protect the privacy of U.S. person information acquired and retained pursuant to the FISC orders. . . . However, given the government’s repeated representations that the collection of BR metadata is vital to national security, . . . the Court concludes it would not be prudent to order that the government’s acquisition of the BR metadata cease at this time. However, except as authorized below, the Court will not permit the government to access the data collected until . . . the government is able to restore the Court’s confidence that the government can and will comply with previously approved procedures for accessing such data.
Accordingly, it is HEREBY ORDERED:
1. The NSA may continue to acquire all call detail records of “telephony metadata” created by [REDACTED] in accordance with the orders entered in the above-captioned docket . . . ;
2. The government is hereby prohibited from accessing BR metadata acquired pursuant to FISC orders . . . except as described herein. The data may be accessed for the purpose of ensuring data integrity and compliance with the Court’s orders. Except as provided in paragraph 3, access to the BR metadata shall be limited to the team of NSA data integrity analysts . . . and individuals directly involved in developing and testing any technological measures designed to enable the NSA to comply with previously approved procedures for accessing such data;
3. The government may request . . . that the Court authorize querying of the BR metadata for purposes of obtaining foreign intelligence on a case-by-case basis. However, if the government determines that immediate access is necessary to protect against an imminent threat to human life, the government may access the BR metadata for such purpose. . . . ;
4. Upon completion of the government’s end-to-end system engineering and process reviews, the government shall file a report with the Court, that shall, at a minimum, include:
a. an affidavit by the Director of the FBI . . . describing the value of the BR metadata to the national security of the United States and certifying that the tangible things sought are relevant to an authorized investigation (other than a threat assessment) to obtain foreign intelligence information not concerning a U.S. person or to protect against international terrorism or clandestine intelligence activities, and that such investigation of a U.S. person is not conducted solely on the basis of activities protected by the First Amendment;
b. a description of the results of the NSA’s end-to-end system engineering and process reviews, including any additional instances of non-compliance identified therefrom;
c. a full discussion of the steps taken to remedy any additional non-compliance as well as the incidents described herein, and an affidavit attesting that any technological remedies have been tested and demonstrated to be successful; and
d. the minimization and oversight procedures the government proposes to employ should the Court decide to authorize the government’s resumption of regular access to the BR metadata.
IT IS SO ORDERED, this 2nd day of March, 2009.
REGGIE B. WALTON
Judge, United States Foreign Intelligence
Surveillance Court
Foreign Intelligence Surveillance Court, In Re Production of Tangible Things from [REDACTED], March 2, 2009 (citations in text and footnotes omitted) [declassified by the U.S. government on September 10, 2013, with updated declassified version released on March 28, 2014].
Source: Office of the Director of National Intelligence, IC on the Record, http://www.dni.gov/files/documents/0328/039.%20A4000915%20%20BR%2008-13%20%20Order%20%283-2-09%29%20Redacted%2020140327.pdf.
Made in the USA?
NSA Surveillance and U.S. Technology Companies
8
NSA MUSCULAR Program Briefing Slide
The Washington Post disclosed this NSA slide obtained from Snowden in October 2013. It formed part of a briefing on “Google Cloud Exploitation,” through which the NSA accessed communications flowing between Google data centers located outside the United States. The Post story stated that the NSA did the same thing with Yahoo’s foreign communication links. This activity formed part of the MUSCULAR program. In PRISM, Google and Yahoo received FISC-approved orders to provide information to the NSA. The exposure of MUSCULAR angered Google, Yahoo, and other U.S. technology companies, worsening their deteriorating relationship with the NSA and damaging their global reputation for providing secure services.
In the MUSCULAR program, neither company was aware that the NSA was accessing its foreign-based communications facilities, which raised questions about the NSA’s authority to conduct this activity. The most likely source was the president’s constitutional authority to conduct foreign intelligence, as regulated by Executive Order 12333, initially adopted in 1981, and considered a less restrictive set of rules than FISA. A former State Department official published an op-ed in July 2014 arguing that U.S. government collection and retention of communications by U.S. persons under Executive Order 12333 violated the Fourth Amendment. In August 2014, the Privacy and Civil Liberties Oversight Board decided to examine Executive Order 12333 for its implications for privacy and civil liberties, and the ACLU released documents in October 2014 on the executive order it obtained under the Freedom of Information Act as part of its effort to increase scrutiny of the order.
NSA Briefing Slide on Collecting Information from Google’s Foreign-Based Servers and Communications Links under the MUSCULAR Program (date unknown) [disclosed October 30, 2013].
Source: Barton Gellman and Ashkan Soltani, “NSA Infiltrates Links to Yahoo, Google Data Centers Worldwide, Snowden Documents Say,” Washington Post, October 30, 2013, http://www.washingtonpost.com/world/national-security/nsa-infiltrates-links-to-yahoo-google-data-centers-worldwide-snowden-documents-say/2013/10/30/e51d661e-4166-11e3-8b74-d89d714ca4dd_story.html.
9
Marissa Mayer, Yahoo CEO, Statement on
Protecting Customer Information
The Oc
tober 2013 revelations that the NSA had accessed traffic flowing in Google’s and Yahoo’s foreign networks without the companies’ knowledge generated corporate backlash in Silicon Valley and beyond. U.S. technology companies already faced problems in global markets because of Snowden’s disclosures of the targeting of foreign communications through NSA surveillance and U.S. spying on foreign governments, leaders, and companies. Leading U.S. technology companies responded to their growing credibility crisis by, among other things, implementing stronger encryption of data within, and of traffic flowing through, their networks. The encryption moves announced by Yahoo CEO Marissa Mayer in November 2013 had counterparts at other U.S. technology companies, including Google and Microsoft. In 2014, high-level law enforcement officials and intelligence authorities in the United States and the United Kingdom raised concerns that private-sector efforts to expand encryption of digital communications benefited criminals and terrorists and thus threatened national security.
YAHOO!
Our Commitment to Protecting Your Information
We’ve worked hard over the years to earn our users’ trust and we fight hard to preserve it.
As you know, there have been a number of reports over the last six months about the U.S. government secretly accessing user data without the knowledge of tech companies, including Yahoo. I want to reiterate what we have said in the past: Yahoo has never given access to our data centers to the NSA or to any other government agency. Ever.
There is nothing more important to us than protecting our users’ privacy. To that end, we recently announced that we will make Yahoo Mail even more secure by introducing https (SSL - Secure Sockets Layer) encryption with a 2048-bit key across our network by January 8, 2014.
Today we are announcing that we will extend that effort across all Yahoo products. More specifically this means we will:
• Encrypt all information that moves between our data centers by the end of Q1 2014;
• Offer users an option to encrypt all data flow to/from Yahoo by the end of Q1 2014;
• Work closely with our international Mail partners to ensure that Yahoo co branded Mail accounts are https-enabled.
As we have said before, we will continue to evaluate how we can protect our users’ privacy and their data. We appreciate, and certainly do not take for granted, the trust our users place in us.
Marissa Mayer, Chief Executive Officer of Yahoo, Our Commitment to Protecting Your Information, November 18, 2013.
Source: Yahoo!, http://yahoo.tumblr.com/post/67373852814/our-commitment-to-protecting-your-information. Reproduced with permission of Yahoo. ©2014 Yahoo. Yahoo! and the Yahoo! logo are registered trademarks of Yahoo.
10
Reform Government Surveillance, Surveillance Reform Principles and Open Letter from U.S. Technology Companies
By the end of 2013, the problems Snowden’s disclosures about NSA surveillance were causing U.S. technology companies resulted in a group of prominent enterprises joining forces in an effort called Reform Government Surveillance. This document contains two products of this collaboration. First, the companies promulgated principles to guide the reform and operation of government surveillance activities worldwide. These principles included heading off data “localization” requirements that foreign government were considering in reaction to Snowden’s disclosures about the scale and intensity of NSA surveillance. Second, the companies sent a joint communication to U.S. political leaders highlighting the urgent need for reforms to government surveillance laws and practices at home and abroad. Reform Government Surveillance subsequently engaged with proposals to reform U.S. surveillance laws, such as the USA FREEDOM Act passed by the House of Representatives in May 2014 (see Document 37 for a summary of this proposed legislation).
Global Government Surveillance Reform, The Principles
1 Limiting Governments’ Authority to Collect Users’ Information
Governments should codify sensible limitations on their ability to compel service providers to disclose user data that balance their need for the data in limited circumstances, users’ reasonable privacy interests, and the impact on trust in the Internet. In addition, governments should limit surveillance to specific, known users for lawful purposes, and should not undertake bulk data collection of Internet communications.
2 Oversight and Accountability
Intelligence agencies seeking to collect or compel the production of information should do so under a clear legal framework in which executive powers are subject to strong checks and balances. Reviewing courts should be independent and include an adversarial process, and governments should allow important rulings of law to be made public in a timely manner so that the courts are accountable to an informed citizenry.
3 Transparency About Government Demands
Transparency is essential to a debate over governments’ surveillance powers and the scope of programs that are administered under those powers. Governments should allow companies to publish the number and nature of government demands for user information. In addition, governments should also promptly disclose this data publicly.
4 Respecting the Free Flow of Information
The ability of data to flow or be accessed across borders is essential to a robust 21st century global economy. Governments should permit the transfer of data and should not inhibit access by companies or individuals to lawfully available information that is stored outside of the country. Governments should not require service providers to locate infrastructure within a country’s borders or operate locally.
5 Avoiding Conflicts Among Governments
In order to avoid conflicting laws, there should be a robust, principled, and transparent framework to govern lawful requests for data across jurisdictions, such as improved mutual legal assistance treaty—or “MLAT”—processes [an international legal mechanism for law enforcement cooperation]. Where the laws of one jurisdiction conflict with the laws of another, it is incumbent upon governments to work together to resolve the conflict.
An Open Letter to Washington
Dear Mr. President and Members of Congress,
We understand that governments have a duty to protect their citizens. But this summer’s revelations highlighted the urgent need to reform government surveillance practices worldwide. The balance in many countries has tipped too far in favor of the state and away from the rights of the individual—rights that are enshrined in our Constitution. This undermines the freedoms we all cherish. It’s time for a change.
For our part, we are focused on keeping users’ data secure—deploying the latest encryption technology to prevent unauthorized surveillance on our networks and by pushing back on government requests to ensure that they are legal and reasonable in scope.
We urge the US to take the lead and make reforms that ensure that government surveillance efforts are clearly restricted by law, proportionate to the risks, transparent and subject to independent oversight. To see the full set of principles we support, visit ReformGovernmentSurveillance.com
Sincerely,
AOL, Apple, Dropbox, Facebook, Google, LinkedIn, Microsoft, Twitter, Yahoo
AOL, Apple, Dropbox, Facebook, Google, LinkedIn, Microsoft, Twitter, and Yahoo, Reform Government Surveillance: Global Government Surveillance Reform—The Principles and an Open Letter to Washington, December 9, 2013.
Source: Reform Government Surveillance, https://www.reformgovernmentsurveillance.com/.
Friend and Foe?
U.S. Espionage against Other Countries
11
NSA Briefing Slides on Brazilian President
Dilma Rousseff and Petrobas Oil Company
The documents released by Snowden included many disclosures about U.S. intelligence activities directed against other countries. These NSA briefing slides, for example, provide evidence of U.S. government surveillance and espionage directed at Brazil’s political leadership and national oil company, Petrobas. Snowden also leaked information about U.S. intelligence efforts targe
ting Afghanistan, Argentina, the Bahamas, Chile, China, Colombia, Costa Rica, El Salvador, France, Germany, Honduras, India, Iran, Italy, Japan, Kenya, Mexico, Nicaragua, North Korea, Pakistan, Panama, Paraguay, Peru, the Philippines, Russia, South Korea, Spain, Turkey, the Vatican, and Venezuela. Snowden-provided documents also indicated that the U.S. government spied on international institutions and their meetings, including the European Union, International Atomic Energy Agency, Organization of Petroleum Exporting Countries, Summit of the Americas, UN, UN Climate Change Conference, and the World Bank. These disclosures increased the displeasure of foreign governments, which were already upset about U.S. surveillance of foreign communications. Fellow democracies, such as Brazil, responded with particular pique to being targets of U.S. spying. These slides on Brazil also highlight (see bottom of each slide) the special relationship of the so-called “Five Eyes”—Australia, Canada, New Zealand, the United Kingdom, and the United States—among whom these slides (and other documents Snowden disclosed) circulated. These disclosures did not connect to Snowden’s allegations that the NSA was violating the U.S. Constitution; instead they brought international law more directly into the debate about U.S. surveillance and espionage.
The Snowden Reader Page 20