Following public outrage about surveillance in other countries, Germans are asking how much access their own intelligence services have to private communications. Not as much as they would like, it seems.

In 2010 the German Federal Intelligence Service (BND) gathered around 37 million e-mails, text messages and other telecommunications data. According to a report by the parliamentary watchdog, around 10 million of these messages fell under the heading of “international terrorism.”

Since then, however, the number has dropped to a fraction of that amount. In 2011 the BND intercepted 2.9 million electronic messages; in 2012 this dropped again, to 900,000. The messages checked were not only those containing certain keywords: telephone numbers and IP addresses that fell under suspicion were also monitored.
The German Federal Intelligence Service is subject to strict controls

It is the BND’s job to acquire information in order to identify and ward off threats to Germany’s security. It investigates terrorist plots, the illegal arms trade, people smuggling and drug trafficking. The intelligence service has to abide by strict laws when conducting any kind of surveillance, and is subject to supervision by a special committee of the German parliament.

Michael Hartmann of the opposition Social Democrats, Gisela Piltz of the junior coalition partner, the Free Democrats, and Hans-Peter Uhl of the Bavarian sister party of the governing Christian Democrats, the Christian Social Union, are three of the 11 members of the parliamentary watchdog in the Bundestag. The three are keen to reassure the public that Germany is not turning into a “Big Brother” surveillance state.

In recent years the watchdog has been given greater authority. It is authorized to interview all secret service agents, has access to all files, and can intervene if things are not being done according to the rules.

The three members of the committee point to the dramatic decrease in the amount of telecommunications data collected since 2010 – a consequence of improvements in surveillance techniques.

Privacy protected by the constitution
Edward Snowden’s revelations led Germans to ask what their secret services were up to

Michael Hartmann admits that the BND still throws its digital net wide, but emphasizes that collection of data is neither random nor unlimited. “Messages or phone conversations are only analyzed if there is concrete suspicion of criminal activity,” he says. Hartmann insists that the BND would never spy or eavesdrop on countries that are Germany’s allies.

Hans-Peter Uhl points out that it is forbidden for the BND to tap the phones of German citizens, either at home or abroad, unless there are concrete grounds for suspicion. “Should they eavesdrop on a foreigner in conversation with a German citizen, they have to erase the conversation,” he says. This deletion process is documented, so the data protection supervisor is able to check it really was carried out.

The watchdog members highlight the fact that a court order is required before any phone tap can be instigated. They acknowledge that personal privacy is a highly-valued commodity for everyone living in Germany, and that it is enshrined as such in the constitution. Whenever there is a question of the German intelligence services being allowed to do something which might infringe on this fundamental right, control measures must be put in place by a supervisory committee, the so-called G10 Commission, which supervises all invasions of postal, telephone and Internet privacy.

According to the German parliament, in 2011 the G10 Commission authorized Germany’s three intelligence services – domestic, foreign and military – to carry out 156 such infringements, limited to a maximum of between three and six months each.

Making surveillance public

German law also states that once an operation has come to an end, the person who has been under surveillance, or the object of a wiretap, has to be informed. This can result in official complaints, which are dealt with in public proceedings. At the last count, administrative courts in Berlin and Cologne were dealing with 16 such cases.
The BND is not allowed to eavesdrop on German citizens without a special court order

“We have a list of these complaints and follow them up,” says Gisela Piltz. “I don’t have the impression that the intelligence services are in general doing things illegally.”

In the past, representatives of the intelligence services have repeatedly attempted to persuade successive governments to allow them more extensive access to Internet and telephone data. They argue that it is essential if they are to be effective in countering terrorists and criminals using modern methods.

However, many of these requests have been denied: as, for example, when they wanted to be allowed to stockpile large amounts of data for possible future use, even if there was no concrete suspicion at the time of collection. The Constitutional Court rejected the application, and a law allowing it that was briefly in effect between 2008 and 2010 had to be repealed as a result.

An EU Commission guideline would now permit Germany to store telecommunications data for up to six months. So far, however, the justice minister has refused to adopt this into German law. The EU has instigated legal proceedings. Requirements for telecommunications providers to save data for longer than six months so that they can be made available to the intelligence services have also, so far, not been implemented.

Limited effectiveness
Rolf Tophoven believes data interception is only of limited use in combating terrorism

Rolf Tophoven, director of the Institute for Crisis Prevention in Essen and an expert on terrorism, says the secret services should not rely too heavily on the technical analysis of telecommunications data. “The results that are relevant to the intelligence services are very modest compared with the mass of data in the information gathered,” he says.

The parliamentary watchdog has even put a figure on this. It reports that out of 2.5 million e-mails analyzed by the BND, only 300 contained material relevant to their investigations.

Tophoven believes that the BND needs to employ more specialists in analyzing data and assessing a situation – if possible, on the ground. “The modern terrorist is radicalized in secret. He slips under the radar of the intelligence services and their high-tech computers,” he explains, giving the perpetrators of the Boston marathon bombings as an example.

Since the recent revelations about the extent of the United States’ surveillance program, there have been fears that Germany’s intelligence services may also be spying on its citizens more than previously admitted. However, Tophoven believes this is unlikely – and not just because of strict regulation: “The Germans don’t collect data that extensively because they don’t have anything like the personnel or the technical and financial means to do so.”

Date 26.06.2013
Author Wolfgang Dick / cc
Editor Michael Lawton

Find this story at 26 June 2013

© 2013 Deutsche Welle

Germans are apoplectic about the Internet spy programs Prism and Tempora. But police here this week announced the capture of a highway shooter using similar tactics. Privacy activists are concerned.

Germans are furious. Revelations that the United States and Britain — along with Canada, New Zealand and Australia, as part of the so-called “Five Eyes Alliance” — have spent recent years keeping a suffocatingly close watch on web and cellular communications have led politicians in Berlin to utter increasingly drastic condemnations. Over the weekend, for example, Justice Minister Sabine Leutheusser-Schnarrenberger referred to the British surveillance program Tempora as a “catastrophe” and said it was a “Hollywood-style nightmare.”

But is there not a time and a place for mass data collection? This, too, is a question Germany is grappling with this week after the capture of a truck driver who spent years shooting at other vehicles on the country’s autobahns. He was caught only after police set up a complicated surveillance system which was able to read the license plate numbers of tens of thousands of cars and trucks on the country’s highways.

The operation has unsettled data protection activists. But Jörg Ziercke, head of Germany’s Federal Criminal Police Office (BKA), praised the effort on Tuesday, telling journalists that “we have found the famous needle in a haystack.” He said there was “no alternative” to the intensive surveillance efforts the police used to capture the perpetrator.

The case involves a truck driver who fired at least 762 shots at cars and trucks on German highways and at buildings in a shooting spree that began in 2008. In several cases, his targets were only barely able to avoid accidents as a result of the shots. In 2009, one woman was hit in the neck with a bullet fired by the truck driver, identified on Tuesday only as a 57-year-old truck driver from North Rhine-Westphalia, but survived.

German officials said on Tuesday that the driver would be charged with attempted murder in addition to weapons related charges. Ziercke said the man had confessed soon after he was arrested over the weekend and said that he had acted “out of anger and frustration with traffic.” He said that he saw the situation on Germany’s autobahns as a kind of “war” and that he had merely been trying to defend himself.

A Police Monitoring System

Yet as unique as the case is, the methods employed by the police to solve it have attracted more attention. Initially, officers sought to attract shots themselves, driving a truck on the autobahns between Cologne, Frankfurt, Nuremberg and Karlsruhe where most of the gunfire had been reported. The police vehicle, however, was never targeted.

Plan B is the one that has raised data protection concerns. Even though Germany has a toll system which collects information on the trucks plying the country’s highways, police are forbidden access to the data collected. So they essentially constructed one of their own. On seven sections of the autobahns in question, police erected equipment that was able recognize and store the license plate numbers of vehicles that drove by. Using that data, they were able to identify vehicles that passed a certain section of highway at roughly the same time as did a target vehicle.

In April, the system hit pay-dirt. In just five days, six drivers reported being shot at. Officers were able to reconstruct the likely route taken by the perpetrator and they then looked at the license plate data collected by cameras stationed along that route. By filtering through the information gathered, they were able to identify one truck that could have been at each site where shots were reported. They were then able to match up the route with the mobile phone data of the driver. “The correspondence” between the two data sets “was clear,” Zierke said on Tuesday.

But were the methods employed by the federal police legal? Data protection officials aren’t so sure. “Even if the search for the highway shooter was successful in the end, from a data protection perspective the preliminary verdict on the methods used is rather ambivalent,” Edgar Wagner, the top data protection official for the state of Rhineland-Palatinate, said in a statement. “There is not a sufficient legal basis for such a nationwide … investigative technique.”

‘A Price to Pay’

He said that by his calculations, “60 to 80 million sets of data from completely innocent people” were gathered during the course of the investigation “to catch a single suspect. We have (long) known that such a procedure can be effective. But there is also a price to pay.”

It is a sentiment that is shared by many in Germany. The country has had plenty of experience with state overreach, with both the Nazis and the East Germans being experts at keeping close tabs on their citizenry. That history manifests itself in an extreme sensitivity to data privacy issues and the country has been particularly watchful when it comes to the use of digital data by companies such as Google and Facebook. Indeed, government officials beyond the Justice Ministry have reacted to US and British digital spying with notable vehemence.

It is perhaps not surprising then, that Wagner is not alone with his concerns. While not directly criticizing the methods used by federal police to track down the autobahn shooter, Wagner’s data-protection counterpart in North Rhine-Westphalia, Ulrich Lepper, expressed serious reservations in a Wednesday interview with the Bonn daily General-Anzeiger.

Powerful Preventative Measure

“The freedom to move around in the public space without being monitored is one of our fundamental rights,” he said. “Data protection — the right to control information about your person — means that you can decide who knows what and when … about you. These rights can only be infringed upon on the basis of a law.”

Ziercke, not surprisingly, does not share such concerns. He believes that law enforcement should have access to the data collected by the truck toll system and also argued on Tuesday that data collection could be a powerful preventative measure. “I would like to meet a data protection activist who is able to convince someone with the argument that we should not have been allowed to use that data to prevent danger,” he said. “I don’t find such arguments to be credible.”

Ziercke’s argument is notably close to that used by US President Barack Obama in defending the National Security Agency’s online spying program Prism. The data gathered is useful, Obama has repeatedly insisted this month, for the prevention of terror attacks.

Germans have largely rejected that line of argumentation. Whether their scorn will be applied closer to home remains to be seen.

06/26/2013 05:08 PM
By Charles Hawley

Find this story at 26 June 2013

© SPIEGEL ONLINE 2013

Reports of NSA snooping on Europe go well beyond previous revelations of electronic spying

Sabine Leutheusser-Schnarrenberger: ‘If the media reports are true, it is reminiscent of the actions of enemies during the cold war’. Photograph: Ole Spata/Corbis

Transatlantic relations plunged at the weekend as Berlin, Brussels and Paris all demanded that Washington account promptly and fully for new disclosures on the scale of the US National Security Agency’s spying on its European allies.

As further details emerged of the huge reach of US electronic snooping on Europe, Berlin accused Washington of treating it like the Soviet Union, “like a cold war enemy”.

The European commission called on the US to clarify allegations that the NSA, operating from Nato headquarters a few miles away in Brussels, had infiltrated secure telephone and computer networks at the venue for EU summits in the Belgian capital. The fresh revelations in the Guardian and allegations in the German publication Der Spiegel triggered outrage in Germany and in the European parliament and threatened to overshadow negotiations on an ambitious transatlantic free-trade pact worth hundreds of billions due to open next week.

The reports of NSA snooping on Europe – and on Germany in particular – went well beyond previous revelations of electronic spying said to be focused on identifying suspected terrorists, extremists and organised criminals.

Der Spiegel reported that it had seen documents and slides from the NSA whistleblower Edward Snowden indicating that US agencies bugged the offices of the EU in Washington and at the UN in New York. They are also accused of directing an operation from Nato headquarters in Brussels to infiltrate the telephone and email networks at the EU’s Justus Lipsius building in the Belgian capital, the venue for EU summits and home of the European council.

Citing documents it said it had “partly seen”, the magazine reported that more than five years ago security officers at the EU had noticed several missed calls apparently targeting the remote maintenance system in the building that were traced to NSA offices within the Nato compound in Brussels.

Less than three months before a German general election, the impact of the fresh disclosures is likely to be strongest in Germany which, it emerged, is by far the biggest target in Europe for the NSA’s Prism programme scanning phone and internet traffic and capturing and storing the metadata.

The documents reviewed by Der Spiegel showed that Germany was treated in the same US spying category as China, Iraq or Saudi Arabia, while the UK, Canada, Australia, and New Zealand were deemed to be allies not subject to remotely the same level of surveillance.

Germany’s justice minister, Sabine Leutheusser-Schnarrenberger, called for an explanation from the US authorities. “If the media reports are true, it is reminiscent of the actions of enemies during the cold war,” she was quoted as saying in the German newspaper Bild. “It is beyond imagination that our friends in the US view Europeans as the enemy.”

France later also asked the US for an explanation. The foreign minister, Laurent Fabius, said: “These acts, if confirmed, would be completely unacceptable.

“We expect the American authorities to answer the legitimate concerns raised by these press revelations as quickly as possible.”

Washington and Brussels are scheduled to open ambitious free-trade talks next week after years of arduous preparation. Senior officials in Brussels are worried that the talks will be setback by the NSA scandal. “Obviously we will need to see what is the impact on the trade talks,” said a senior official in Brussels.

A second senior official said the allegations would cause a furore in the European parliament and could then hamper relations with the US.

However, Robert Madelin, one of Britain’s most senior officials in the European commission, tweeted that EU trade negotiators always operated on the assumption that their communications were listened to.

A spokesman for the European commission said: “We have immediately been in contact with the US authorities in Washington and in Brussels and have confronted them with the press reports. They have told us they are checking on the accuracy of the information released yesterday and will come back to us.”

There were calls from MEPs for Herman Van Rompuy, president of the European council – who has his office in the building allegedly targeted by the US – and José Manuel Barroso, president of the European commission, to urgently appear before the chamber to explain what steps they were taking in response to the growing body of evidence of US and British electronic surveillance of Europe through the Prism and Tempora operations.

Guy Verhofstadt, the former Belgian prime minister and leader of the liberals in the European parliament, said: “This is absolutely unacceptable and must be stopped immediately. The American data-collection mania has achieved another quality by spying on EU officials and their meetings. Our trust is at stake.”

Luxembourg’s foreign minister, Jean Asselborn, told Der Spiegel: “If these reports are true, it’s disgusting.” Asselborn called for guarantees from the highest level of the US government that the snooping and spying be halted immediately.

Martin Schulz, the head of the European parliament, said: “I am deeply worried and shocked about the allegations of US authorities spying on EU offices. If the allegations prove to be true, it would be an extremely serious matter which will have a severe impact on EU-US relations.

“On behalf of the European parliament, I demand full clarification and require further information speedily from the US authorities with regard to these allegations.”

There were also calls for John Kerry, the US secretary of state on his way back from the Middle East, to make a detour to Brussels to explain US activities.

“We need to get clarifications and transparency at the highest level,” said Marietje Schaake, a Dutch liberal MEP. “Kerry should come to Brussels on his way back from the Middle East. This is essential for the transatlantic alliance.”

The documents suggesting the clandestine bugging operations were from September 2010, Der Spiegel said.

Der Spiegel quoted the Snowden documents as revealing that the US taps half a billion phone calls, emails and text messages in Germany a month. “We can attack the signals of most foreign third-class partners, and we do,” Der Spiegel quoted a passage in the NSA document as saying.

It quoted the document from 2010 as stating that “the European Union is an attack target”.

On an average day, the NSA monitored about 15m German phone connections and 10m internet datasets, rising to 60m phone connections on busy days, the report said.

Officials in Brussels said this reflected Germany’s weight in the EU and probably also entailed elements of industrial and trade espionage. “The Americans are more interested in what governments think than the European commission. And they make take the view that Germany determines European policy,” said one of the senior officials.

Jan Philipp Albrecht, a German Green party MEP and a specialist in data protection, told the Guardian the revelations were outrageous. “It’s not about political answers now, but rule of law, fundamental constitutional principles and rights of European citizens,” he said.

“We now need a debate on surveillance measures as a whole looking at underlying technical agreements. I think what we can do as European politicians now is to protect the rights of citizens and their rights to control their own personal data.”

Germany has some of the toughest data privacy laws in Europe, with the issue highly sensitive not least because of the comprehensive surveillance by the Stasi in former communist east Germany as well as the wartime experience with the Gestapo under the Nazis.

Der Spiegel noted that so far in the NSA debacle, the chancellor, Angela Merkel, had asked only “polite” questions of the Americans but that the new disclosures on the sweeping scale of the surveillance of Germany could complicate her bid for a third term in September.

Ian Traynor in Brussels
The Guardian, Sunday 30 June 2013 21.55 BST

Find this story at 30 June 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Overzealous data collectors in the US and Great Britain have no right to investigate German citizens. The German government must protect people from unauthorized access by foreign intelligence agencies, and it must act now. This is a matter of national security.

“Germany’s security is also being defended in the Hindu Kush, too,” Peter Struck, who was Germany’s defense minister at the time, said in 2002. If that’s true, then the government should also be expected to defend the security of its people at their own doorstep. Because the massive sniffing out and saving of data of all kinds — that of citizens and businesses, newspapers, political parties, government agencies — is in the end just that: a question of security. It is about the principles of the rule of law. And it is a matter of national security.

We live in changing times. At the beginning of last week, we thought after the announcement of the American Prism program, that US President Barack Obama was the sole boss of the largest and most extensive control system in human history. That was an error.

Since Friday, we have known that the British intelligence agency GCHQ is “worse than the United States.” Those are the words of Edward Snowden, the IT expert who uncovered the most serious surveillance scandal of all time. American and British intelligence agencies are monitoring all communication data. And what does our chancellor do? She says: “The Internet is uncharted territory for us all.”

That’s not enough. In the coming weeks, the German government needs to show that it is bound to its citizens and not to an intelligence-industrial complex that abuses our entire lives as some kind of data mine. Justice Minister Sabine Leutheusser-Schnarrenberger hit the right note when she said she was shocked by this “Hollywood-style nightmare.”

An Uncanny Alliance

We have Edward Snowden to thank for this insight into the interaction of an uncanny club, the Alliance of Five Eyes. Since World War II, the five Anglo-Saxon countries of Great Britain, the United States, Australia, New Zealand and Canada have maintained close intelligence cooperation, which apparently has gotten completely out of control.

It may be up to the Americans and the British to decide how they handle questions of freedom and the protection of their citizens from government intrusion. But they have no right to subject the citizens of other countries to their control. The shoulder-shrugging explanation by Washington and London that they have operated within the law is absurd. They are not our laws. We didn’t make them. We shouldn’t be subject to them.

The totalitarianism of the security mindset protects itself with a sentence: If you have nothing to hide, you have nothing to fear. But firstly, that contains a presumption: We have not asked the NSA and GCHQ to “protect” us. And secondly, the sentence is a stupid one: Because we all have something to hide, whether it pertains to our private lives or to our business secrets.

No Agency Should Collect So Much Data

Thus the data scandal doesn’t pertain just to our legal principles, but to our security as well. We were lucky that Edward Snowden, who revealed the spying to the entire world, is not a criminal, but an idealist. He wanted to warn the world, not blackmail it. But he could have used his information for criminal purposes, as well. His case proves that no agency in the world can guarantee the security of the data it collects — which is why no agency should collect data in such abundance in the first place.

That is the well-known paradox of totalitarian security policy. Our security is jeopardized by the very actions that are supposed to protect it.

So what should happen now? European institutions must take control of the data infrastructure and ensure its protection. The freedom of data traffic is just as important as the European freedom of exchange in goods, services and money. But above all, the practices of the Americans and British must come to an end. Immediately.

It is the responsibility of the German government to see to it that the programs of the NSA and GCHQ no longer process the data of German citizens and companies without giving them the opportunity for legal defense. A government that cannot make that assurance is failing in one of its fundamental obligations: to protect its own citizens from the grasp of foreign powers.

Germans should closely observe how Angela Merkel now behaves. And if the opposition Social Democrats and Green Party are still looking for a campaign issue, they need look no further.

06/24/2013 05:07 PM

A Commentary by Jakob Augstein

Find this story at 24 June 2013

© SPIEGEL ONLINE 2013

Berlin drängt auf Antworten aus London: Justizministerin Leutheusser-Schnarrenberger hat zwei britische Kabinettsmitglieder per Brief aufgefordert, mehr Details über das Spähprogramm Tempora zu veröffentlichen. In den Schreiben übt die FDP-Politikerin indirekt Kritik an der Cameron-Regierung.

Berlin – Jetzt schaltet sich die Bundesjustizministerin ein: Sabine Leutheusser-Schnarrenberger (FDP) hat den britischen Justizminister Christopher Grayling und die britische Innenministerin Theresa May aufgefordert, mehr Informationen über das Geheimdienstprogramm Tempora offenzulegen. Am Dienstag wandte sich Leutheusser-Schnarrenberger schriftlich an die beiden Kabinettsmitglieder von Großbritanniens Premier David Cameron. Die Briefe liegen SPIEGEL ONLINE vor.

In den beiden Schreiben identischen Inhalts, die am Vormittag parallel an die Minister verschickt wurden, äußerte sich die Ministerin sehr besorgt über die jüngsten Berichte über das gigantische Spähprogramm. Der Verdacht, durch digitale Überwachungsmethoden “riesige Mengen an Daten, E-Mails, Facebook-Nachrichten und Anrufe zu sammeln, zu speichern und zu verarbeiten”, hätte in Deutschland erhebliche Bedenken ausgelöst, heißt es in den Briefen.

Leutheusser-Schnarrenberger forderte Aufklärung in folgenden Punkten:

Auf welcher Rechtsgrundlage das Spähprogramm ausgeführt worden sei,
ob auf konkreten Verdacht ausgespäht oder die Daten allgemein ohne Anlass gesammelt worden seien,
ob die Überwachungsmaßnahmen von Richtern hätten abgesegnet werden müssen,
wie die Abhöraktionen konkret funktioniert hätten, welche Daten genau gespeichert und ob deutsche Bürger betroffen seien.

Auch übte sie indirekt Kritik an der Informationspolitik der Cameron-Regierung. “Die Kontrollfunktion von Parlament und Justiz zeichnet einen freien und demokratischen Staat aus. Sie kann aber nicht ihre Wirkung entfalten, wenn Regierungen bestimmte Maßnahmen in Schweigen hüllen”, hieß es weiter.

Leutheusser-Schnarrenberger appellierte an Grayling und May, die Grundsätze der Bürgerrechte nicht aus den Augen zu verlieren und mahnte Aufklärung an. “In unserer modernen Welt bieten die neuen Medien den Rahmen für einen freien Austausch von Meinungen und Informationen. Ein transparentes Regierungshandeln ist eine der wichtigsten Voraussetzungen für das Funktionieren eines demokratischen Staates und bedingt die Rechtsstaatlichkeit”, so die Ministerin.

Die FDP-Politikerin hatte sich bereits im Zusammenhang mit dem amerikanischen Spähprogramm Prism schriftlich an ihren US-Kollegen gewandt. Sie regte zudem an, im schwarz-gelben Kabinett eine Internet-Task-Force aus den beteiligten Ministerien zu bilden.

Die Ministerin beendete ihre Schreiben mit der Forderung nach strengeren Datenschutzstandards in der EU. Das Thema müsse beim nächsten Treffen der EU-Justizminister im Juli auf die Tagesordnung, so Leutheusser-Schnarrenberger.

Am Montag hat die Bundesregierung von Großbritannien offiziell Auskunft über das massenhafte Anzapfen von Telefon- und Internetverbindungen verlangt. Dazu sandte das Innenministerium eine Reihe von Fragen an den britischen Botschafter. Zur europäischen Chefsache will Kanzlerin Angela Merkel den Fall Tempora allerdings vorerst nicht machen. Beim EU-Gipfel Ende der Woche wolle Merkel keine Debatte über das britische Spionageprogramm forcieren, hieß es zu Beginn der Woche.

25. Juni 2013, 11:40 Uhr

Find this story at 25 June 2013

© SPIEGEL ONLINE 2013

An einem einzigen Tag soll der britische Geheimdienst GCHQ Zugriff auf 21.600 Terabyte gehabt haben – wozu, weiß nicht einmal der BND. Sicher ist nur: Die Überwacher bekommen Hilfe von großen Telekommunikationskonzernen.

Das amerikanische Außenministerium hat vor Jahren einen kleinen Flecken in Ostfriesland auf eine Liste der weltweit schützenswürdigen Einrichtungen gesetzt. Ein Angriff auf das Städtchen Norden könnte angeblich die nationale Sicherheit der USA bedrohen. Sogar der Chef des US-Geheimdienstes NSA, General Keith B. Alexander, hat vor terroristischen Attacken gewarnt.

Norden ist ein heimliches Zentrum der neuen virtuellen Welt. Das TAT-14 (Trans Atlantic Telephone Cable No 14) ist am Hilgenrieder Siel bei Norden verbuddelt. Die meisten Internetverbindungen zwischen Deutschland und Amerika laufen dort durch mehrere Glasfaserleitungen; auch Frankreich, die Niederlande, Dänemark und Großbritannien sind durch TAT-14 miteinander verbunden. Etwa 50 internationale Telekommunikationsfirmen, darunter die Deutsche Telekom, betreiben ein eigenes Konsortium für dieses Kabel.

Manchmal fließen pro Sekunde Hunderte Gigabyte an Daten durch die Leitungen. Es ist ein gigantischer Datenrausch: Millionen Telefonate und E-Mails schießen durch das Netz. Auch deshalb hat der deutsche Verfassungsschutz stets nachgeschaut, ob in Norden alles in Ordnung ist. Keine Sabotage. Keine Terroristen. Kein Problem?

Für die über die “Seekabelendstelle” Norden, wie die offizielle Bezeichnung der Einrichtung lautet, vermittelten Daten hat sich offenbar der britische Geheimdienst Government Communications Headquarters (GCHQ) brennend interessiert. Aus Unterlagen des Whistleblowers Edward Snowden jedenfalls soll hervorgehen, dass die Briten im Rahmen der Operation “Tempora” die Daten abgegriffen haben. Es soll sich um unzählige Daten handeln, die aus Deutschland kamen oder nach Deutschland geschickt wurden.

Das ist nicht der Cyberkrieg, vor dem die amerikanische NSA immer gewarnt hat, sondern ein heimlicher umfassender Big-Data-Angriff auf die Bevölkerung eines befreundeten Landes. Die alte Formel: “Freund hört mit” umfasst das Problem nicht mal ungefähr. Großbritanniens Geheimdienst hat einen Lauschangriff auf Deutschland gestartet.

Die Menge der abgefangenen Daten ist noch Spekulation, und unklar ist auch, wo der Angriff genau erfolgt sein soll. Sicher nicht in Norden, das früher durch sein Seeheilbad bekannt wurde. Das würde sich kein Nachrichtendienstler trauen. Schon gar nicht in freundlicher Absicht.

Wahrscheinlich erfolgte der Angriff in dem kleinen Küstenstädtchen Bude im Südwesten Englands, das 858 Kilometer Luftlinie von Norden entfernt liegt. Dort macht das Kabel Zwischenstation – das Ende der Strecke ist New Jersey.

Dass ein britischer Geheimdienst auf diese Weise und so umfassend E-Mails deutscher Bürger abfängt oder Telefonate abhört, war vor Snowdens Enthüllungen für undenkbar gehalten worden. Der Bundesnachrichtendienst erklärt seit Tagen, dass er von den Aktivitäten der Amerikaner oder der Briten nichts wusste und selbst nur Zeitungswissen habe. Das klingt glaubhaft. Die beiden befreundeten Nationen, heißt es in Berlin, hätten offenbar ihr eigenes nationales Sicherheitsprogramm gefahren.

So viel Sicherheit war sicherlich nur mithilfe von Kommunikationsgesellschaften möglich. Angeblich sollen die beiden britischen Unternehmen Vodafone und British Telecommunications (BT) den Geheimen behilflich gewesen sein.

Jeder Eingriff, das erklärt eine Telekom-Sprecherin, müsste von dem internationalen Konsortium genehmigt werden, aber eine solche Genehmigung liegt nicht vor. Ein Sprecher der britischen Vodafone erklärte auf Anfrage, dass sich das Unternehmen an die Gesetze in den jeweiligen Ländern halte und Angelegenheiten, die mit der nationalen Sicherheit zusammenhingen, nicht kommentiere. Diese Formel klingt in diesen Tagen sehr vertraut.

Rechtsgrundlage für die Aktion “Tempora” ist ein sehr weit gefasstes Gesetz aus dem Jahr 2000. Danach kann die Kommunikation mit dem Ausland abgefangen und gespeichert werden. Die privaten Betreiber der Datenkabel, die beim Abhören mitmachen, sind zum Stillschweigen verpflichtet.

Nordengate macht klar, wie unterschiedlich Gesetze und Regeln in dieser Welt angewandt werden, es symbolisiert aber auch den Wandel der Geheimdienstarbeit. Ganz früher haben Nachrichtendienste Telefonate über relativ simple Horchposten abgehört. Glasfaserleitungen stellten die Dienste vor neue Herausforderungen. Telefonate werden seitdem in optische Signale umgewandelt. Da die Leitungen vor allem am Meeresboden verlaufen, gerieten Nachrichtendienste für kurze Zeit an ihre Grenzen.

Bereits um die Jahrtausendwende berichteten amerikanische Blätter, dass die NSA mithilfe von U-Booten an die Daten gelangen wollte. So wurde das Atom-U-Boot Jimmy Carter umgerüstet, um Glasfaserkabel aufzuschlitzen und dann abzuhören. Vorher hatten die Dienste auf anderem Weg regelmäßig Seekabel angezapft. Bei früheren Kupferkabeln reichte ein Induktions-Mikrofon, um die Gespräche abzugreifen. Glasfaserkabel hingegen müssen gebogen werden, um die optisch vermittelten Signale auslesen zu können. Am verwundbarsten sind die Kabel freilich an Land.

Was die Briten mit den vielen deutschen Daten machen und gemacht haben, erschließt sich selbst dem BND nicht so ganz. An einem einzigen Tag soll der britische Geheimdienst insgesamt Zugriff auf 21.600 Terabyte gehabt haben. Dank Snowden ist bekannt, dass die abgefangenen Inhalte drei Tage vorgehalten wurden und Benutzerdaten 30 Tage. In der Zwischenzeit wurden die Daten mit speziellen Programmen gefiltert. Selbst dem Briten George Orwell wäre ein solches Überwachungsprogramm im Leben nicht eingefallen.

25. Juni 2013 05:10 Großbritanniens Abhördienst GCHQ
Von John Goetz, Hans Leyendecker und Frederik Obermaier

Find this story at 25 June 2013

Copyright: Süddeutsche Zeitung Digitale Medien GmbH / Süddeutsche Zeitung GmbH

Ecuador’s flag flying above its coat of arms at the country’s embassy in Moscow on Monday. Snowden is seeking asylum in the South American nation.

Journalists flocked to Moscow’s Sheremetyevo Airport on Monday to board a flight to Cuba that supposedly would also contain fugitive Edward Snowden, who is attempting to escape arrest by U.S. authorities for revealing highly classified surveillance programs.

According to a widely distributed statement by an unidentified Aeroflot employee, Snowden should have been on flight SU150 direct to Havana leaving Moscow on Monday afternoon. The Aeroflot employee even said which seat he was to occupy, 17A.

But reporters, whose news organizations shelled out about $2,000 per ticket to get them on board at the last minute, found no Snowden anywhere on board — increasing suspicions that Russia could be helping to stymie U.S. efforts to catch him amid a low point in bilateral relations.

After Snowden supposedly arrived at Sheremetyevo from Hong Kong on Sunday, Washington pressured Moscow to detain him, apparently to no avail. Russian officials said that given poor ties between the countries, which have split in recent months over issues including the civil war in Syria and the U.S. Magnitsky Act, they are in no rush to help their former Cold War foes.

“Ties are in a rather complicated phase, and when ties are in such a phase, when one country undertakes hostile action against another, why should the United States expect restraint and understanding from Russia?” Alexei Pushkov, the head of the State Duma’s International Affairs Committee, repeated Reuters.

A former technical contractor with the U.S. National Security Agency, Snowden is reportedly seeking to travel to Ecuador, which is considering his asylum request. His current whereabouts are unknown.

Ecuador has already equipped Snowden with refugee papers that could allow him safe passage to his destination, according to WikiLeaks founder Julian Assange, whose organization has assisted Snowden. The U.S. government said earlier that Snowden’s American passport had been revoked.

Assange told the Guardian on Monday that he was aware of Snowden’s whereabouts but that he was unable to reveal them due to “bellicose threats coming from the U.S. administration.”

U.S. Secretary of State John Kerry, speaking on Monday at a news conference in New Delhi, implored Russia to assist in efforts to apprehend Snowden, recalling that over the last two years, the U.S. had extradited seven prisoners requested by Russia. “Reciprocity and the enforcement of the law is pretty important,” he said.

“I suppose there is no small irony here. I mean, I wonder if Mr. Snowden chose China and Russia’s assistance in his flight from justice because they are such powerful bastions of Internet freedom, and I wonder if while he was in either of those countries he raised the question of Internet freedom, since that seems to be what he champions,” Kerry said.

The cooperation described by Kerry is a drop in the bucket compared to the disputes between the countries, however.

Following some successes during a “reset” in ties kicked off in 2009 at the behest of U.S. President Barack Obama, relations took a sharp downward turn with the return of Vladimir Putin to the Kremlin last year.

Under Putin, the Russian government has undertaken what critics call a harsh crackdown on the opposition and on civil society, including kicking out the U.S. Agency for International Development, while the U.S. last year passed the Magnitsky Act, which imposes economic and travel restrictions on Russian officials implicated in human rights abuses. Russia retaliated by outlawing U.S. adoptions of Russian orphans.

More recently, the two nations have argued bitterly over what tack to take in seeking a solution to the civil war in Syria, with Russia backing President Bashar Assad and the U.S. supporting the rebels.

Now, the fate of Snowden, a 30-year-old former employee of a U.S. security contractor whose exposure of government phone and Internet surveillance has provoked public outrage, is becoming another point of contention.

According to Andrei Soldatov, a leading expert in Russia’s security agencies, the Russian government itself has an extensive system to monitor almost any kind of communication between its citizens.

Pushkov said Russia had no obligation to help the U.S. in this situation, given the recently passed Magnitsky Act. It was unclear whether Russian authorities had had contact with Snowden — Putin’s spokesman said Monday that the Kremlin was unaware of any such contact — but it seemed unlikely that the government could be unaware of Snowden’s whereabouts if he had entered Russia.

“All these flights carried out by Aeroflot via Moscow, as though there is no other route, are emblematic of Russia’s involvement in the process,” said Valery Garbuzov, deputy director of the Institute for U.S. and Canadian Studies in Moscow.

Ecuador’s foreign minister also said his government was in “respectful” contact with Russia over Snowden’s asylum application.

Nonetheless, Washington appears to be holding out hope for assistance from Moscow.

Caitlin Hayden, a spokeswoman for the U.S. National Security Council, mentioned “intensified cooperation after the Boston marathon bombings and our history of working with Russia on law enforcement matters” as grounds for Russia “to look at all options available to expel Mr. Snowden back to the U.S. to face justice for the crimes with which he is charged.”

25 June 2013 | Issue 5154
By Ivan Nechepurenko

Nikolay Asmolovskiy / Reuters

Find this story at 25 June 2013

© Copyright 1992-2013. The Moscow Times

William Hague has hailed GCHQ’s ‘democratic accountability’, but legislation drafted before a huge expansion of internet traffic appears to offer flexibility

GCHQ – the government’s communications headquarters. Does it have the strongest checks and balances in the world? Photograph: Reuters

William Hague was adamant when he addressed MPs on Monday last week. In an emergency statement (video) forced by the Guardian’s disclosures about GCHQ involvement with the Prism programme, the foreign secretary insisted the agency operated within a “strong framework of democratic accountability and oversight”.

The laws governing the intelligence agencies provide “the strongest systems of checks and balances for secret intelligence anywhere in the world”, he said.

Leaked documents seen by the Guardian give the impression some high-ranking officials at GCHQ have a different view.

In confidential briefings, one of Cheltenham’s senior legal advisers, whom the Guardian will not name, made a note to tell his guests: “We have a light oversight regime compared with the US”.

The parliamentary intelligence and security committee, which scrutinises the work of the agencies, was sympathetic to the agencies’ difficulties, he suggested.

“They have always been exceptionally good at understanding the need to keep our work secret,” the legal adviser said.

Complaints against the agencies, undertaken by the interception commissioner, are conducted under “the veil of secrecy”. And the investigatory powers tribunal, which assesses complaints against the agencies, has “so far always found in our favour”.

The briefings offer important glimpses into the GCHQ’s view of itself, the legal framework in which it works, and, it would seem, the necessity for reassuring the UK’s most important intelligence partner, the United States, that sensitive information can be shared without raising anxiety in Washington.

None of the documents advocates law-breaking – quite the opposite. But critics will say they highlight the limitations of the three pieces of legislation that underpin the activities of GCHQ, MI5 and MI6 – which were repeatedly mentioned by Hague as pillars of the regulatory and oversight regime during his statement to the Commons.

The foreign secretary said GCHQ “complied fully” with the Regulation of Investigatory Powers Act (Ripa), the Human Rights Act (HRA) and the Intelligence Services Act (Isa).

Privacy campaigners argue the laws have one important thing in common: they were drafted in the last century, and nobody involved in writing them, or passing them, could possibly have envisaged the exponential growth of traffic from telecoms and internet service providers over the past decade.

Nor could they have imagined that GCHQ could have found a way of storing and analysing so much of that information as part of its overarching Mastering the Internet project.

The Tempora programme appears to have given Britain’s spymasters that resource, with documents seen by the Guardian showing Britain can retain for up to 30 days an astronomical amount of unfiltered data garnered from cables carrying internet traffic.

This raises a number of questions about the way GCHQ officials and ministers have legitimised the programme.

The briefings, which are entitled UK Operational Legalities, stress that GCHQ “is an organisation with a highly responsible approach to compliance with the law”.

GCHQ also has a well staffed legal team, known as OPP-LEG, to help staff navigate their way through the complexities of the law.

But there appears to be some nervousness about Tempora. In a paper written for National Security Agency (NSA) analysts entitled A Guide to Using Internet Buffers at GCHQ, the author notes: “[Tempora] represents an exciting opportunity to get direct access to enormous amounts of GCHQ’s special source data.

“As large-scale buffering of metadata and content represent a new concept for GCHQ’s exploitation of the internet, GCHQ’s legal and policy officers are understandably taking a careful approach to their access and use.”

So how did GCHQ secure the legal authority for setting up Tempora, and what safeguards are in place for sharing the intelligence with the Americans? According to the documents, the British government used Ripa to get taps on to the fibre-optic cables.

These cables carry internet traffic in and out of the country and contain details of millions of emails and web searches. The information from these cables went straight into the Tempora storage programme.

In one presentation, which appeared to be for US analysts from the NSA, GCHQ explained: “Direct access to large volumes of unselected SSE data [is] collected under a Ripa warrant.”

The precise arrangement between the firms is unclear, as are the legal justifications put before ministers. Isa gives GCHQ some powers for the “passive collection” of data, including from computer networks.

But it appears GCHQ has relied on paragraph four of section 8 of Ripa to gain “external warrants” for its programmes.

They allow the agency to intercept external communications where, for instance, one of the people being targeted is outside Britain.

In most Ripa cases, a minister has to be told the name of an individual or company being targeted before a warrant is granted.

But section 8 permits GCHQ to perform more sweeping and indiscriminate trawls of external data if a minister issues a “certificate” along with the warrant.

According to the documents, the certificate authorises GCHQ to search for material under a number of themes, including: intelligence on the political intentions of foreign governments; military postures of foreign countries; terrorism, international drug trafficking and fraud.

The briefing document says such sweeping certificates, which have to be signed off by a minister, “cover the entire range of GCHQ’s intelligence production”.

“The certificate is issued with the warrant and signed by the secretary of state and sets out [the] class of work we can do under it … cannot list numbers or individuals as this would be an infinite list which we couldn’t manage.”

Lawyers at GCHQ speak of having 10 basic certificates, including a “global” one that covers the agency’s support station at Bude in Cornwall, Menwith Hill in North Yorkshire, and Cyprus.

Other certificates have been used for “special source accesses” – a reference, perhaps, to the cables carrying web traffic. All certificates have to be renewed by the foreign secretary every six months.

A source with knowledge of intelligence confirmed: “Overall exercise of collection and analysis [is] done under a broad, overall legal authority which has to be renewed at intervals, and is signed off at a senior political level.”

The source said the interception commissioner was able to “conclude that [the process] was not appropriate”, and that the companies involved were not giving up the information voluntarily.

“We have overriding authority to compel [them] to do this,” the source said. “There’s an overarching condition of the licensing of the companies that they have to co-operate in this.

“Should they decline, we can compel them to do so. They have no choice. They can’t talk about the warrant, they can’t reveal the existence of it.”

GCHQ says it can also seek a sensitive targeting authority (STA), which allows it snoop on any Briton “anywhere in the world” or any foreign national located in the UK.

It is unclear how the STA system works, and who has authority over it.

The intelligence agencies also have to take note of the HRA, which demands any interception is “necessary and proportionate”.

But the documents show GCHQ believes these terms are open to interpretation – which “creates flexibility”. When Tempora became fully functional in around 2011, GCHQ gave the NSA access to the programme on a three-month trial – and the NSA was keen to impress.

The US agency sent a briefing to some of its analysts urging them to show they could behave responsibly with the data. Under a heading – “The need to be successful!” – the author wrote: “As the first NSA users to receive operational access [to Tempora], we’re depending on you to provide the business case required to justify expanded access. Most importantly we need to prove that NSA users can utilise the internet buffers in ways that are consistent with GCHQ’s legal and policy rules.

“In addition, we need to prove that NSA’s access … is necessary to prosecute our mission and will greatly enhance the production of the intelligence … success of this three-month trial will determine expanded NSA access to internet buffers in the future.”

The NSA appears to have made a successful case. In May last year, an internal GCHQ memo said it had 300 analysts working on intelligence from Tempora, and the NSA had 250. The teams were supporting “the target discovery mission”.

But the safeguards for the sharing of this information are unclear.

Though GCHQ says it only keeps the content of messages for three working days, and the metadata for up to 30 days, privacy campaigners here and in the US will want to know if the NSA is adhering to the same self-imposed rules. One concern for privacy campaigners is that GCHQ and the NSA could conduct intercepts for each other, and then offer to share the information – a manoeuvre that could bypass the domestic rules they have to abide by.

This was raised by MPs during last week’s statement, with the former Labour home secretary David Blunkett calling for clarification on this potential loophole.

Last week, the Guardian sent a series of questions to the Foreign Office about this issue, but the department said it would not be drawn on it.

“It is a longstanding policy not to comment on intelligence matters; this includes our intelligence co-operation with the United States.

“The intelligence and security committee is looking into this, which is the proper channel for such matters.”

Ewen MacAskill, Julian Borger, Nick Hopkins, Nick Davies and James Ball
The Guardian, Friday 21 June 2013 17.23 BST

Find this story at 21 June 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Fisa court submissions show broad scope of procedures governing NSA’s surveillance of Americans’ communication

• Document one: procedures used by NSA to target non-US persons
• Document two: procedures used by NSA to minimise data collected from US persons

The documents show that discretion as to who is actually targeted lies directly with the NSA’s analysts. Photograph: Martin Rogers/Workbook Stock/Getty

Top secret documents submitted to the court that oversees surveillance by US intelligence agencies show the judges have signed off on broad orders which allow the NSA to make use of information “inadvertently” collected from domestic US communications without a warrant.

The Guardian is publishing in full two documents submitted to the secret Foreign Intelligence Surveillance Court (known as the Fisa court), signed by Attorney General Eric Holder and stamped 29 July 2009. They detail the procedures the NSA is required to follow to target “non-US persons” under its foreign intelligence powers and what the agency does to minimize data collected on US citizens and residents in the course of that surveillance.

The documents show that even under authorities governing the collection of foreign intelligence from foreign targets, US communications can still be collected, retained and used.

The procedures cover only part of the NSA’s surveillance of domestic US communications. The bulk collection of domestic call records, as first revealed by the Guardian earlier this month, takes place under rolling court orders issued on the basis of a legal interpretation of a different authority, section 215 of the Patriot Act.

The Fisa court’s oversight role has been referenced many times by Barack Obama and senior intelligence officials as they have sought to reassure the public about surveillance, but the procedures approved by the court have never before been publicly disclosed.

The top secret documents published today detail the circumstances in which data collected on US persons under the foreign intelligence authority must be destroyed, extensive steps analysts must take to try to check targets are outside the US, and reveals how US call records are used to help remove US citizens and residents from data collection.

However, alongside those provisions, the Fisa court-approved policies allow the NSA to:

• Keep data that could potentially contain details of US persons for up to five years;

• Retain and make use of “inadvertently acquired” domestic communications if they contain usable intelligence, information on criminal activity, threat of harm to people or property, are encrypted, or are believed to contain any information relevant to cybersecurity;

• Preserve “foreign intelligence information” contained within attorney-client communications;

• Access the content of communications gathered from “U.S. based machine[s]” or phone numbers in order to establish if targets are located in the US, for the purposes of ceasing further surveillance.

The broad scope of the court orders, and the nature of the procedures set out in the documents, appear to clash with assurances from President Obama and senior intelligence officials that the NSA could not access Americans’ call or email information without warrants.

The documents also show that discretion as to who is actually targeted under the NSA’s foreign surveillance powers lies directly with its own analysts, without recourse to courts or superiors – though a percentage of targeting decisions are reviewed by internal audit teams on a regular basis.

Since the Guardian first revealed the extent of the NSA’s collection of US communications, there have been repeated calls for the legal basis of the programs to be released. On Thursday, two US congressmen introduced a bill compelling the Obama administration to declassify the secret legal justifications for NSA surveillance.

The disclosure bill, sponsored by Adam Schiff, a California Democrat, and Todd Rokita, an Indiana Republican, is a complement to one proposed in the Senate last week. It would “increase the transparency of the Fisa Court and the state of the law in this area,” Schiff told the Guardian. “It would give the public a better understanding of the safeguards, as well as the scope of these programs.”

Section 702 of the Fisa Amendments Act (FAA), which was renewed for five years last December, is the authority under which the NSA is allowed to collect large-scale data, including foreign communications and also communications between the US and other countries, provided the target is overseas.

FAA warrants are issued by the Fisa court for up to 12 months at a time, and authorise the collection of bulk information – some of which can include communications of US citizens, or people inside the US. To intentionally target either of those groups requires an individual warrant.
One-paragraph order

One such warrant seen by the Guardian shows that they do not contain detailed legal rulings or explanation. Instead, the one-paragraph order, signed by a Fisa court judge in 2010, declares that the procedures submitted by the attorney general on behalf of the NSA are consistent with US law and the fourth amendment.

Those procedures state that the “NSA determines whether a person is a non-United States person reasonably believed to be outside the United States in light of the totality of the circumstances based on the information available with respect to that person, including information concerning the communications facility or facilities used by that person”.

It includes information that the NSA analyst uses to make this determination – including IP addresses, statements made by the potential target, and other information in the NSA databases, which can include public information and data collected by other agencies.

Where the NSA has no specific information on a person’s location, analysts are free to presume they are overseas, the document continues.

“In the absence of specific information regarding whether a target is a United States person,” it states “a person reasonably believed to be located outside the United States or whose location is not known will be presumed to be a non-United States person unless such person can be positively identified as a United States person.”

If it later appears that a target is in fact located in the US, analysts are permitted to look at the content of messages, or listen to phone calls, to establish if this is indeed the case.

Referring to steps taken to prevent intentional collection of telephone content of those inside the US, the document states: “NSA analysts may analyze content for indications that a foreign target has entered or intends to enter the United States. Such content analysis will be conducted according to analytic and intelligence requirements and priorities.”

Details set out in the “minimization procedures”, regularly referred to in House and Senate hearings, as well as public statements in recent weeks, also raise questions as to the extent of monitoring of US citizens and residents.

NSA minimization procedures signed by Holder in 2009 set out that once a target is confirmed to be within the US, interception must stop immediately. However, these circumstances do not apply to large-scale data where the NSA claims it is unable to filter US communications from non-US ones.

The NSA is empowered to retain data for up to five years and the policy states “communications which may be retained include electronic communications acquired because of limitations on the NSA’s ability to filter communications”.

Even if upon examination a communication is found to be domestic – entirely within the US – the NSA can appeal to its director to keep what it has found if it contains “significant foreign intelligence information”, “evidence of a crime”, “technical data base information” (such as encrypted communications), or “information pertaining to a threat of serious harm to life or property”.

Domestic communications containing none of the above must be destroyed. Communications in which one party was outside the US, but the other is a US-person, are permitted for retention under FAA rules.

The minimization procedure adds that these can be disseminated to other agencies or friendly governments if the US person is anonymised, or including the US person’s identity under certain criteria.
Holder’s ‘minimization procedure’ says once a target is confirmed to be in the US, interception of communication must stop. Photo: Nicholas Kamm/AFP/Getty Images

A separate section of the same document notes that as soon as any intercepted communications are determined to have been between someone under US criminal indictment and their attorney, surveillance must stop. However, the material collected can be retained, if it is useful, though in a segregated database:

“The relevant portion of the communication containing that conversation will be segregated and the National Security Division of the Department of Justice will be notified so that appropriate procedures may be established to protect such communications from review or use in any criminal prosecution, while preserving foreign intelligence information contained therein,” the document states.

In practice, much of the decision-making appears to lie with NSA analysts, rather than the Fisa court or senior officials.

A transcript of a 2008 briefing on FAA from the NSA’s general counsel sets out how much discretion NSA analysts possess when it comes to the specifics of targeting, and making decisions on who they believe is a non-US person. Referring to a situation where there has been a suggestion a target is within the US.

“Once again, the standard here is a reasonable belief that your target is outside the United States. What does that mean when you get information that might lead you to believe the contrary? It means you can’t ignore it. You can’t turn a blind eye to somebody saying: ‘Hey, I think so and so is in the United States.’ You can’t ignore that. Does it mean you have to completely turn off collection the minute you hear that? No, it means you have to do some sort of investigation: ‘Is that guy right? Is my target here?” he says.

“But, if everything else you have says ‘no’ (he talked yesterday, I saw him on TV yesterday, even, depending on the target, he was in Baghdad) you can still continue targeting but you have to keep that in mind. You can’t put it aside. You have to investigate it and, once again, with that new information in mind, what is your reasonable belief about your target’s location?”

The broad nature of the court’s oversight role, and the discretion given to NSA analysts, sheds light on responses from the administration and internet companies to the Guardian’s disclosure of the PRISM program. They have stated that the content of online communications is turned over to the NSA only pursuant to a court order. But except when a US citizen is specifically targeted, the court orders used by the NSA to obtain that information as part of Prism are these general FAA orders, not individualized warrants specific to any individual.

Once armed with these general orders, the NSA is empowered to compel telephone and internet companies to turn over to it the communications of any individual identified by the NSA. The Fisa court plays no role in the selection of those individuals, nor does it monitor who is selected by the NSA.

The NSA’s ability to collect and retain the communications of people in the US, even without a warrant, has fuelled congressional demands for an estimate of how many Americans have been caught up in surveillance.

Two US senators, Ron Wyden and Mark Udall – both members of the Senate intelligence committee – have been seeking this information since 2011, but senior White House and intelligence officials have repeatedly insisted that the agency is unable to gather such statistics.

Glenn Greenwald and James Ball
guardian.co.uk, Thursday 20 June 2013 23.59 BST

Find this story at 20 June 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

WASHINGTON — When Max Kelly, the chief security officer for Facebook, left the social media company in 2010, he did not go to Google, Twitter or a similar Silicon Valley concern. Instead the man who was responsible for protecting the personal information of Facebook’s more than one billion users from outside attacks went to work for another giant institution that manages and analyzes large pools of data: the National Security Agency.

Mr. Kelly’s move to the spy agency, which has not previously been reported, underscores the increasingly deep connections between Silicon Valley and the agency and the degree to which they are now in the same business. Both hunt for ways to collect, analyze and exploit large pools of data about millions of Americans.

The only difference is that the N.S.A. does it for intelligence, and Silicon Valley does it to make money.

The disclosure of the spy agency’s program called Prism, which is said to collect the e-mails and other Web activity of foreigners using major Internet companies like Google, Yahoo and Facebook, has prompted the companies to deny that the agency has direct access to their computers, even as they acknowledge complying with secret N.S.A. court orders for specific data.

Yet technology experts and former intelligence officials say the convergence between Silicon Valley and the N.S.A. and the rise of data mining — both as an industry and as a crucial intelligence tool — have created a more complex reality.

Silicon Valley has what the spy agency wants: vast amounts of private data and the most sophisticated software available to analyze it. The agency in turn is one of Silicon Valley’s largest customers for what is known as data analytics, one of the valley’s fastest-growing markets. To get their hands on the latest software technology to manipulate and take advantage of large volumes of data, United States intelligence agencies invest in Silicon Valley start-ups, award classified contracts and recruit technology experts like Mr. Kelly.

“We are all in these Big Data business models,” said Ray Wang, a technology analyst and chief executive of Constellation Research, based in San Francisco. “There are a lot of connections now because the data scientists and the folks who are building these systems have a lot of common interests.”

Although Silicon Valley has sold equipment to the N.S.A. and other intelligence agencies for a generation, the interests of the two began to converge in new ways in the last few years as advances in computer storage technology drastically reduced the costs of storing enormous amounts of data — at the same time that the value of the data for use in consumer marketing began to rise. “These worlds overlap,” said Philipp S. Krüger, chief executive of Explorist, an Internet start-up in New York.

The sums the N.S.A. spends in Silicon Valley are classified, as is the agency’s total budget, which independent analysts say is $8 billion to $10 billion a year.

Despite the companies’ assertions that they cooperate with the agency only when legally compelled, current and former industry officials say the companies sometimes secretly put together teams of in-house experts to find ways to cooperate more completely with the N.S.A. and to make their customers’ information more accessible to the agency. The companies do so, the officials say, because they want to control the process themselves. They are also under subtle but powerful pressure from the N.S.A. to make access easier.

Skype, the Internet-based calling service, began its own secret program, Project Chess, to explore the legal and technical issues in making Skype calls readily available to intelligence agencies and law enforcement officials, according to people briefed on the program who asked not to be named to avoid trouble with the intelligence agencies.

Project Chess, which has never been previously disclosed, was small, limited to fewer than a dozen people inside Skype, and was developed as the company had sometimes contentious talks with the government over legal issues, said one of the people briefed on the project. The project began about five years ago, before most of the company was sold by its parent, eBay, to outside investors in 2009. Microsoft acquired Skype in an $8.5 billion deal that was completed in October 2011.

A Skype executive denied last year in a blog post that recent changes in the way Skype operated were made at the behest of Microsoft to make snooping easier for law enforcement. It appears, however, that Skype figured out how to cooperate with the intelligence community before Microsoft took over the company, according to documents leaked by Edward J. Snowden, a former contractor for the N.S.A. One of the documents about the Prism program made public by Mr. Snowden says Skype joined Prism on Feb. 6, 2011.

Microsoft executives are no longer willing to affirm statements, made by Skype several years ago, that Skype calls could not be wiretapped. Frank X. Shaw, a Microsoft spokesman, declined to comment.

In its recruiting in Silicon Valley, the N.S.A. sends some of its most senior officials to lure the best of the best. No less than Gen. Keith B. Alexander, the agency’s director and the chief of the Pentagon’s Cyber Command, showed up at one of the world’s largest hacker conferences in Las Vegas last summer, looking stiff in an uncharacteristic T-shirt and jeans, to give the keynote speech. His main purpose at Defcon, the conference, was to recruit hackers for his spy agency.

N.S.A. badges are often seen on the lapels of officials at other technology and information security conferences. “They’re very open about their interest in recruiting from the hacker community,” said Jennifer Granick, the director of civil liberties at Stanford Law School’s Center for Internet and Society.

But perhaps no one embodies the tightening relationship between the N.S.A. and the valley more than Kenneth A. Minihan.

A career Air Force intelligence officer, Mr. Minihan was the director of the N.S.A. during the Clinton administration until his retirement in the late 1990s, and then he ran the agency’s outside professional networking organization. Today he is managing director of Paladin Capital Group, a venture capital firm based in Washington that in part specializes in financing start-ups that offer high-tech solutions for the N.S.A. and other intelligence agencies. In effect, Mr. Minihan is an advanced scout for the N.S.A. as it tries to capitalize on the latest technology to analyze and exploit the vast amounts of data flowing around the world and inside the United States.

The members of Paladin’s strategic advisory board include Richard C. Schaeffer Jr., a former N.S.A. executive. While Paladin is a private firm, the American intelligence community has its own in-house venture capital company, In-Q-Tel, financed by the Central Intelligence Agency to invest in high-tech start-ups.

Many software technology firms involved in data analytics are open about their connections to intelligence agencies. Gary King, a co-founder and chief scientist at Crimson Hexagon, a start-up in Boston, said in an interview that he had given talks at C.I.A. headquarters in Langley, Va., about his company’s social media analytics tools.

The future holds the prospect of ever greater cooperation between Silicon Valley and the N.S.A. because data storage is expected to increase at an annual compound rate of 53 percent through 2016, according to the International Data Corporation.

“We reached a tipping point, where the value of having user data rose beyond the cost of storing it,” said Dan Auerbach, a technology analyst with the Electronic Frontier Foundation, an electronic privacy group in San Francisco. “Now we have an incentive to keep it forever.”

Social media sites in the meantime are growing as voluntary data mining operations on a scale that rivals or exceeds anything the government could attempt on its own. “You willingly hand over data to Facebook that you would never give voluntarily to the government,” said Bruce Schneier, a technologist and an author.

James Risen reported from Washington, and Nick Wingfield from Seattle. Kitty Bennett contributed reporting.

June 19, 2013
By JAMES RISEN and NICK WINGFIELD

Find this story at 19 June 2013

© 2013 The New York Times Company

Scheme – set up before firm was purchased by Microsoft – allegedly eased access for US law enforcement agencies

Prosecutors in Zhu Yufu’s trial for subversion cited text messages that he sent using Skype. Photograph: Mario Tama/Getty Images

Skype, the web-based communications company, reportedly set up a secret programme to make it easier for US surveillance agencies to access customers’ information.

The programme, called Project Chess and first revealed by the New York Times on Thursday, was said to have been established before Skype was bought by Microsoft in 2011. Microsoft’s links with US security are under intense scrutiny following the Guardian’s revelation of Prism, a surveillance program run by the National Security Agency (NSA), that claimed “direct” access to its servers and those of rivals including Apple, Facebook and Google.

Project Chess was set up to explore the legal and technical issues involved in making Skype’s communications more readily available to law enforcement and security officials, according to the Times. Only a handful of executives were aware of the plan. The company did not immediately return a call for comment.

Last year Skype denied reports that it had changed its software following the Microsoft acquisition in order to allow law enforcement easier access to communications. “Nothing could be more contrary to the Skype philosophy,” Mark Gillett, vice president of Microsoft’s Skype division, said in a blog post.

According to the Prism documents, Skype had been co-operating with the NSA’s scheme since February 2011, eight months before the software giant took it over. The document gives little detail on the technical nature of that cooperation. Microsoft declined to comment.

The news comes as the tech firms are attempting to distance themselves from the Prism revelations. All the firm’s listed as participating in the Prism scheme have denied that they give the NSA “direct” access to their servers, as claimed by the slide presentation, and said that they only comply with legal requests made through the courts.

But since the story broke a more nuanced picture of how the tech firms work with the surveillance authorities has emerged. The US authorities have become increasingly interested in tech firms and its employees after initially struggling to keep up with the shift to digital communications. NSA officials have held high level talks with executives in the tech firms and are actively recruiting in the tech community.
‘That information is how they make their money’

Shane Harris, author of The Watchers: The Rise of America’s Surveillance State, said the NSA had a crisis in the late 1990s when it realised communication was increasingly digital and it was falling behind in its powers to track that data. “You can not overstate that without this data the NSA would be blind,” he said.

The NSA employs former valley executives, including Max Kelly, the former chief security officer for Facebook, and has increasingly sought to hire people in the hacker community. Former NSA director lieutenant general Kenneth Minihan has taken the opposite tack and is helping create the next generation of tech security firms. Minihan is managing director of Paladin Capital, a private equity firm that has a fund dedicated to investing in homeland security. Paladin also employs Dr Alf Andreassen, a former technical adviser for naval warfare who was also for classified national programmes at AT&T and Bell Laboratories.

Harris said the ties were only likely to deepen as technology moves ever more of our communications on line. He warned the move was likely to present more problems for the tech firms as their consumers worry about their privacy. “It’s been fascinating for me listening to the push back from the tech companies,” said Harris.

Christopher Soghoian, a senior policy analyst studying technological surveillance at the American Civil Liberties Union, said the relationship between the tech giants and the NSA has a fundamental – and ironic – flaw that guarantees the Prism scandal is unlikely to be the last time tensions surface between the two.

The US spying apparatus and Silicon Valley’s top tech firms are basically in the same business, collecting information on people, he said. “It’s a weird symbiotic relationship. It’s not that Facebook and Google are trying to build a surveillance system but they effectively have,” he said. “If they wanted to, Google and Facebook could use technology to tackle the issue, anonymizing and deleting their customers’ information. But that information is how they make their money, so that is never going to happen.”

Dominic Rushe in New York
guardian.co.uk, Thursday 20 June 2013 17.37 BST

Find this story at 20 June 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Skype calls’ immunity to police phone tapping threatened
Suspicious phone conversations on Skype could be targeted for tapping as part of a pan-European crackdown.

Suspicious phone conversations on Skype could be targeted for tapping as part of a pan-European crackdown on what law authorities believe is a massive technical loophole in current wiretapping laws, allowing criminals to communicate without fear of being overheard by the police.

The European investigation could also help U.S. law enforcement authorities gain access to Internet calls. The National Security Agency (NSA) is understood to believe that suspected terrorists use Skype to circumvent detection.

While the police can get a court order to tap a suspect’s land line and mobile phone, it is currently impossible to get a similar order for Internet calls on both sides of the Atlantic.

Skype insisted that it does cooperate with law enforcement authorities, “where legally and technically possible,” the company said in a statement.

“Skype has extensively debriefed Eurojust on our law enforcement program and capabilities,” Skype said.

Eurojust, a European Union agency responsible for coordinating judicial investigations across different jurisdictions announced Friday the opening of an investigation involving all 27 countries of the European Union.

“We will bring investigators from all 27 member states together to find a common approach to this problem,” said Joannes Thuy, a spokesman for Eurojust based in The Hague in the Netherlands.

The purpose of Eurojust’s coordination role is to overcome “the technical and judicial obstacles to the interception of Internet telephony systems”, Eurojust said.

The main judicial obstacles are the differing approaches to data protection in the various E.U. member states, Thuy said.

The investigation is being headed by Eurojust’s Italian representative, Carmen Manfredda.

Criminals in Italy are increasingly making phone calls over the Internet in order to avoid getting caught through mobile phone intercepts, according to Direzione Nazionale Antimafia, the anti-Mafia office in Rome.

Police officers in Milan say organized crime, arms and drugs traffickers, and prostitution rings are turning to Skype and other systems of VOIP (voice over Internet Protocol) telephony in order to frustrate investigators.

While telecommunications companies are obliged to comply with court orders to monitor calls on land lines and mobile phones, “Skype’ refuses to cooperate with the authorities,” Thuy said.

In addition to the issue of cooperation, there are technical obstacles to tapping Skype calls. The way calls are set up and carried between computers is proprietary, and the encryption system used is strong. It could be possible to monitor the call on the originating or receiving computer using a specially written program, or perhaps to divert the traffic through a proxy server, but these are all far more difficult than tapping a normal phone. Calls between a PC and a regular telephone via the SkypeIn or SkypeOut service, however, could fall under existing wiretapping regulations and capabilities at the point where they meet the public telephone network.

The pan-European response to the problem may open the door for the U.S. to take similar action, Thuy said.

“We have very good cooperation with the U.S.,” he said, pointing out that a U.S. prosecutor, Marylee Warren, is based in The Hague in order to liaise between U.S. and European judicial authorities.

The NSA (National Security Agency) is so concerned by Skype that it is offering hackers large sums of money to break its encryption, according to unsourced reports in the U.S.

Italian investigators have become increasingly reliant on wiretaps, Eurojust said, giving a recent example of customs and tax police in Milan, who overheard a suspected cocaine trafficker telling an accomplice to switch to Skype in order to get details of a 2kg drug consignment.

“Investigators are convinced that the interception of telephone calls have become an essential tool of the police, who spend millions of euros each year tracking down crime through wiretaps of land lines and mobile phones,” Eurojust said.

The first meeting of Eurojust’s 27 national representatives is planned in the coming weeks but precise details of its timing and the location of the meeting remain secret, Thuy said.

“They will exchange information and then we will give advice on how to proceed,” he said. Bringing Internet telephony into line with calls on land lines and mobile phones “could be the price we have to pay for our security,” he said.

Paul Meller (IDG News Service)
— 23 February, 2009 09:47

Find this story at 23 February 2009

Copyright 2013 IDG Communications

MUMBAI, India — The terrorists who struck this city last month stunned authorities not only with their use of sophisticated weaponry but also with their comfort with modern technology.

The terrorists navigated across the Arabian Sea to Mumbai from Karachi, Pakistan, with the help of a global positioning system handset. While under way, they communicated using a satellite phone with those in Pakistan believed to have coordinated the attacks. They recognized their targets and knew the most direct routes to reach them in part because they had studied satellite photos from Google Earth.

And, perhaps most significantly, throughout the three-day siege at two luxury hotels and a Jewish center, the Pakistani-based handlers communicated with the attackers using Internet phones that complicate efforts to trace and intercept calls.

Those handlers, who were apparently watching the attacks unfold live on television, were able to inform the attackers of the movement of security forces from news accounts and provide the gunmen with instructions and encouragement, authorities said.

Hasan Gafoor, Mumbai’s police commissioner, said Monday that as once complicated technologies — including global positioning systems and satellite phones — have become simpler to operate, terrorists, like everyone else, have become adept at using them. “Well, whether terrorists or common criminals, they do try to be a step ahead in terms of technology,” he said.

Indian security forces surrounding the buildings were able to monitor the terrorists’ outgoing calls by intercepting their cellphone signals. But Indian police officials said those directing the attacks, who are believed to be from Lashkar-e-Taiba, a militant group based in Pakistan, were using a Voice over Internet Protocol (VoIP) phone service, which has complicated efforts to determine their whereabouts and identities.

VoIP services, in which conversations are carried over the Internet as opposed to conventional phone lines or cellphone towers, are increasingly popular with people looking to save money on long distance and international calls. Many such services, like Skype and Vonage, allow a user to call another VoIP-enabled device anywhere in the world free of charge, or to call a standard telephone or cellphone at a deeply discounted rate.

But the same services are also increasingly popular with criminals and terrorists, a trend that worries some law enforcement and intelligence agencies. “It’s a concern,” said one Indian security official, who spoke anonymously because the investigation was continuing. “It’s not something we have seen before.”

In mid-October, a draft United States Army intelligence report highlighted the growing interest of Islamic militants in using VoIP, noting recent news reports of Taliban insurgents using Skype to communicate. The unclassified report, which examined discussions of emerging technologies on jihadi Web sites, was obtained by the Federation of American Scientists, a Washington-based nonprofit group that monitors the impact of science on national security.

VoIP calls pose an array of difficulties for intelligence and law enforcement services, according to communications experts. “It means the phone-tapping techniques that work for old traditional interception don’t work,” said Matt Blaze, a professor and computer security expert at the University of Pennsylvania.

An agency using conventional tracing techniques to track a call from a land line or cellphone to a VoIP subscriber would be able to get only as far as the switching station that converts the voice call into Internet data, communications experts said. The switch, usually owned and operated by the company providing the VoIP service, could be located thousands of miles from the subscriber.

The subscriber’s phone number would also likely reveal no information about his location. For instance, someone in New York could dial a local phone number but actually be connected via the Internet to a person in Thailand.

In Mumbai, authorities have declined to disclose the names of the VoIP companies whose services the Lashkar-e-Taiba handlers used, but reports in Indian news media have said the calls have been traced to companies in New Jersey and Austria. Yet investigators have said they are convinced that the handlers who directed the attacks were actually sitting somewhere in Pakistan during the calls.

One senior Lashkar-e-Taiba leader who American officials believe may have played a key role in planning the Mumbai attacks is Zarrar Shah. Mr. Shah, known to be a specialist in communications technology, may have been aware of the difficulties in tracing VoIP.

To determine the location of a VoIP caller, an investigating agency has to access a database kept by the service provider. The database logs the unique numerical identifier, known as an Internet Protocol (I.P.) address, of whatever device the subscriber was using to connect to the Internet. This could be a computer equipped with a microphone, a special VoIP phone, or even a cellphone with software that routes calls over the Internet using wireless connections as opposed to cellular signals.

It would then take additional electronic sleuthing to determine where the device was located. The customer’s identity could be obtained from the service provider as well, but might prove fraudulent, experts said.

Getting the I.P. address and then determining its location can take days longer than a standard phone trace, particularly if service providers involved are in a foreign country.

“Ultimately, we can trace them,” said Mr. Gafoor, referring to VoIP calls. “It takes a little longer, but we will trace them.”

Washington is assisting the Indian authorities in obtaining this information, according to another Indian police official who also spoke anonymously because of the continuing investigation.

Further complicating this task is the fact that I.P. addresses change frequently and are less tied to a specific location than phone numbers.

Computer experts said that while these challenges were formidable, none were insurmountable. And they cautioned that security services and police forces might be disingenuous when they complain about terrorists’ use of new technologies, including VoIP.

The experts said that VoIP calls left a far richer data trail for investigators to mine than someone calling from an old-fashioned pay phone. Mr. Blaze, the computer security expert at the University of Pennsylvania, also noted that 15 years ago the Mumbai attackers would probably not have had the capacity to make calls to their handlers during the course of their attacks, depriving investigators of vital clues to their identities. “As one door closes — traditional wire line tapping — all these other doors have opened,” Mr. Blaze said.

December 9, 2008
By JEREMY KAHN

Find this story at 9 December 2008

Copyright 2008 The New York Times Company

Exclusive: British spy agency collects and stores vast quantities of global email messages, Facebook posts, internet histories and calls, and shares them with NSA, latest documents from Edward Snowden reveal

Secret document detailing GCHQ’s ambition to ‘master the internet’

Britain’s spy agency GCHQ has secretly gained access to the network of cables which carry the world’s phone calls and internet traffic and has started to process vast streams of sensitive personal information which it is sharing with its American partner, the National Security Agency (NSA).

The sheer scale of the agency’s ambition is reflected in the titles of its two principal components: Mastering the Internet and Global Telecoms Exploitation, aimed at scooping up as much online and telephone traffic as possible. This is all being carried out without any form of public acknowledgement or debate.

One key innovation has been GCHQ’s ability to tap into and store huge volumes of data drawn from fibre-optic cables for up to 30 days so that it can be sifted and analysed. That operation, codenamed Tempora, has been running for some 18 months.

GCHQ and the NSA are consequently able to access and process vast quantities of communications between entirely innocent people, as well as targeted suspects.

This includes recordings of phone calls, the content of email messages, entries on Facebook and the history of any internet user’s access to websites – all of which is deemed legal, even though the warrant system was supposed to limit interception to a specified range of targets.

The existence of the programme has been disclosed in documents shown to the Guardian by the NSA whistleblower Edward Snowden as part of his attempt to expose what he has called “the largest programme of suspicionless surveillance in human history”.

“It’s not just a US problem. The UK has a huge dog in this fight,” Snowden told the Guardian. “They [GCHQ] are worse than the US.”

However, on Friday a source with knowledge of intelligence argued that the data was collected legally under a system of safeguards, and had provided material that had led to significant breakthroughs in detecting and preventing serious crime.

Britain’s technical capacity to tap into the cables that carry the world’s communications – referred to in the documents as special source exploitation – has made GCHQ an intelligence superpower.

By 2010, two years after the project was first trialled, it was able to boast it had the “biggest internet access” of any member of the Five Eyes electronic eavesdropping alliance, comprising the US, UK, Canada, Australia and New Zealand.

UK officials could also claim GCHQ “produces larger amounts of metadata than NSA”. (Metadata describes basic information on who has been contacting whom, without detailing the content.)

By May last year 300 analysts from GCHQ, and 250 from the NSA, had been assigned to sift through the flood of data.

The Americans were given guidelines for its use, but were told in legal briefings by GCHQ lawyers: “We have a light oversight regime compared with the US”.

When it came to judging the necessity and proportionality of what they were allowed to look for, would-be American users were told it was “your call”.

The Guardian understands that a total of 850,000 NSA employees and US private contractors with top secret clearance had access to GCHQ databases.

The documents reveal that by last year GCHQ was handling 600m “telephone events” each day, had tapped more than 200 fibre-optic cables and was able to process data from at least 46 of them at a time.
Document quoting Lt Gen Keith Alexander, head of the NSA, during a visit to Britain

Each of the cables carries data at a rate of 10 gigabits per second, so the tapped cables had the capacity, in theory, to deliver more than 21 petabytes a day – equivalent to sending all the information in all the books in the British Library 192 times every 24 hours.

And the scale of the programme is constantly increasing as more cables are tapped and GCHQ data storage facilities in the UK and abroad are expanded with the aim of processing terabits (thousands of gigabits) of data at a time.

For the 2 billion users of the world wide web, Tempora represents a window on to their everyday lives, sucking up every form of communication from the fibre-optic cables that ring the world.

The NSA has meanwhile opened a second window, in the form of the Prism operation, revealed earlier this month by the Guardian, from which it secured access to the internal systems of global companies that service the internet.

The GCHQ mass tapping operation has been built up over five years by attaching intercept probes to transatlantic fibre-optic cables where they land on British shores carrying data to western Europe from telephone exchanges and internet servers in north America.

This was done under secret agreements with commercial companies, described in one document as “intercept partners”.

The papers seen by the Guardian suggest some companies have been paid for the cost of their co-operation and GCHQ went to great lengths to keep their names secret. They were assigned “sensitive relationship teams” and staff were urged in one internal guidance paper to disguise the origin of “special source” material in their reports for fear that the role of the companies as intercept partners would cause “high-level political fallout”.

The source with knowledge of intelligence said on Friday the companies were obliged to co-operate in this operation. They are forbidden from revealing the existence of warrants compelling them to allow GCHQ access to the cables.

“There’s an overarching condition of the licensing of the companies that they have to co-operate in this. Should they decline, we can compel them to do so. They have no choice.”

The source said that although GCHQ was collecting a “vast haystack of data” what they were looking for was “needles”.

“Essentially, we have a process that allows us to select a small number of needles in a haystack. We are not looking at every piece of straw. There are certain triggers that allow you to discard or not examine a lot of data so you are just looking at needles. If you had the impression we are reading millions of emails, we are not. There is no intention in this whole programme to use it for looking at UK domestic traffic – British people talking to each other,” the source said.

He explained that when such “needles” were found a log was made and the interception commissioner could see that log.

“The criteria are security, terror, organised crime. And economic well-being. There’s an auditing process to go back through the logs and see if it was justified or not. The vast majority of the data is discarded without being looked at … we simply don’t have the resources.”

However, the legitimacy of the operation is in doubt. According to GCHQ’s legal advice, it was given the go-ahead by applying old law to new technology. The 2000 Regulation of Investigatory Powers Act (Ripa) requires the tapping of defined targets to be authorised by a warrant signed by the home secretary or foreign secretary.

However, an obscure clause allows the foreign secretary to sign a certificate for the interception of broad categories of material, as long as one end of the monitored communications is abroad. But the nature of modern fibre-optic communications means that a proportion of internal UK traffic is relayed abroad and then returns through the cables.

Parliament passed the Ripa law to allow GCHQ to trawl for information, but it did so 13 years ago with no inkling of the scale on which GCHQ would attempt to exploit the certificates, enabling it to gather and process data regardless of whether it belongs to identified targets.

The categories of material have included fraud, drug trafficking and terrorism, but the criteria at any one time are secret and are not subject to any public debate. GCHQ’s compliance with the certificates is audited by the agency itself, but the results of those audits are also secret.

An indication of how broad the dragnet can be was laid bare in advice from GCHQ’s lawyers, who said it would be impossible to list the total number of people targeted because “this would be an infinite list which we couldn’t manage”.

There is an investigatory powers tribunal to look into complaints that the data gathered by GCHQ has been improperly used, but the agency reassured NSA analysts in the early days of the programme, in 2009: “So far they have always found in our favour”.

Historically, the spy agencies have intercepted international communications by focusing on microwave towers and satellites. The NSA’s intercept station at Menwith Hill in North Yorkshire played a leading role in this. One internal document quotes the head of the NSA, Lieutenant General Keith Alexander, on a visit to Menwith Hill in June 2008, asking: “Why can’t we collect all the signals all the time? Sounds like a good summer project for Menwith.”

By then, however, satellite interception accounted for only a small part of the network traffic. Most of it now travels on fibre-optic cables, and the UK’s position on the western edge of Europe gave it natural access to cables emerging from the Atlantic.

The data collected provides a powerful tool in the hands of the security agencies, enabling them to sift for evidence of serious crime. According to the source, it has allowed them to discover new techniques used by terrorists to avoid security checks and to identify terrorists planning atrocities. It has also been used against child exploitation networks and in the field of cyberdefence.

It was claimed on Friday that it directly led to the arrest and imprisonment of a cell in the Midlands who were planning co-ordinated attacks; to the arrest of five Luton-based individuals preparing acts of terror, and to the arrest of three London-based people planning attacks prior to the Olympics.

As the probes began to generate data, GCHQ set up a three-year trial at the GCHQ station in Bude, Cornwall. By the summer of 2011, GCHQ had probes attached to more than 200 internet links, each carrying data at 10 gigabits a second. “This is a massive amount of data!” as one internal slideshow put it. That summer, it brought NSA analysts into the Bude trials. In the autumn of 2011, it launched Tempora as a mainstream programme, shared with the Americans.

The intercept probes on the transatlantic cables gave GCHQ access to its special source exploitation. Tempora allowed the agency to set up internet buffers so it could not simply watch the data live but also store it – for three days in the case of content and 30 days for metadata.

“Internet buffers represent an exciting opportunity to get direct access to enormous amounts of GCHQ’s special source data,” one document explained.

The processing centres apply a series of sophisticated computer programmes in order to filter the material through what is known as MVR – massive volume reduction. The first filter immediately rejects high-volume, low-value traffic, such as peer-to-peer downloads, which reduces the volume by about 30%. Others pull out packets of information relating to “selectors” – search terms including subjects, phone numbers and email addresses of interest. Some 40,000 of these were chosen by GCHQ and 31,000 by the NSA. Most of the information extracted is “content”, such as recordings of phone calls or the substance of email messages. The rest is metadata.

The GCHQ documents that the Guardian has seen illustrate a constant effort to build up storage capacity at the stations at Cheltenham, Bude and at one overseas location, as well a search for ways to maintain the agency’s comparative advantage as the world’s leading communications companies increasingly route their cables through Asia to cut costs. Meanwhile, technical work is ongoing to expand GCHQ’s capacity to ingest data from new super cables carrying data at 100 gigabits a second. As one training slide told new users: “You are in an enviable position – have fun and make the most of it.”

Ewen MacAskill, Julian Borger, Nick Hopkins, Nick Davies and James Ball
The Guardian, Friday 21 June 2013 17.23 BST

Find this story at 21 June 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Data includes recordings of telephone calls, contents of emails, details of messages on social media and the history of internet use

Britain’s electronic eavesdropping centre, GCHQ, has started collecting data from the network of fibre-optic cables carrying the world’s telephone calls and internet traffic, it was reported tonight.

The massive programme of surveillance allows the agency to store vast volumes of information for up to 30 days which it can then study for evidence of terrorist and criminal activity.

The claims, in The Guardian, will provoke a fresh civil liberties storm following recent allegations that thousands of Britons could have been spied on by GCHQ through a covert link with the US National Security Agency (NSA).

According to the paper, the agency has been running Operation Tempora for 18 months under which it gains access to transatlantic cables carrying data about phone calls and internet use. It is said to share information gleaned from it with the NSA.

The data includes recordings of telephone calls, contents of emails, details of messages on social media and the history of internet use.

Documents seen by the paper suggest that by last year GCHQ was handling 600m “telephone events” each day, had tapped more than 200 fibre-optic cables and was able to process data from at least 46 at a time.

A source told The Guardian that the eavesdropping allowed the security services to arrest three people planning attacks on last year’s London Olympics, as well as terrorist cells in the Midlands and Luton. It has also been used against child exploitation networks and to boost cyberdefence.

A GCHQ spokesman said: “It is longstanding practice that we do not comment on intelligence matters.”

He added: “GCHQ takes its obligations under the law very seriously. Our work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Intelligence and Security Committee.”

* Edward Snowden has been charged in his absence by US prosecutors with spying and theft of government property. The charges are included in sealed documents filed by prosecutors.

Nigel Morris
Saturday, 22 June 2013

Find this story at 22 June 2013

© independent.co.uk