Video: Watch: Michael Brissenden on how leaked documents prove Australia spied on SBY (ABC News)
Photo: The documents show the DSD tracked activity on Susilo Bambang Yudhoyono’s mobile phone. (Reuters: Supri)
Related Story: Live: Follow the unfolding reaction to this story
Map: Australia
Australian intelligence tried to listen in to Indonesian president Susilo Bambang Yudhoyono’s mobile phone, material leaked by NSA whistleblower Edward Snowden reveals.
Documents obtained by the ABC and Guardian Australia, from material leaked by the former contractor at the US National Security Agency, show Australian intelligence attempted to listen in to Mr Yudhoyono’s telephone conversations on at least one occasion and tracked activity on his mobile phone for 15 days in August 2009.
Spy games explained
Australia’s role in the NSA spy program, including what it means for Indonesian relations.
The top-secret documents are from Australia’s electronic intelligence agency, the Defence Signals Directorate (now called the Australian Signals Directorate), and show for the first time how far Australian spying on Indonesia has reached.
The DSD motto stamped on the bottom of each page reads: “Reveal their secrets – protect our own.”
The documents show that Australian intelligence actively sought a long-term strategy to continue to monitor the president’s mobile phone activity.
The surveillance targets also included senior figures in his inner circle and even the president’s wife Kristiani Herawati (also known as Ani Yudhoyono).
Also on the list of targets is the vice president Boediono, the former vice president Yussuf Kalla, the foreign affairs spokesman, the security minister, and the information minister.
Mr Yudhoyono’s spokesman Teuku Faizasyah has responded to the revelations, saying: “The Australian Government needs to clarify this news, to avoid further damage … [but] the damage has been done.”
Asked about the spying in Question Time today, Prime Minister Tony Abbott said: “First of all, all governments gather information and all governments know that every other government gathers information… the Australian government never comments on specific intelligence matters. This has been the long tradition of governments of both political persuasions and I don’t intend to change that today.”
Documents list ‘who’s who’ of Indonesian government
One page in the documentation lists the names and the 3G handsets the surveillance targets were using at the time.
A number of the people on the list are lining up as potential candidates for the presidential election to replace Mr Yudhoyono next year.
The documents are titled “3G impact and update” and appear to chart the attempts by Australian intelligence to keep pace with the rollout of 3G technology in Indonesia and across South-East Asia.
A number of intercept options are listed and a recommendation is made to choose one of them and to apply it to a target – in this case the Indonesian leadership.
The document shows how DSD monitored the call activity on Mr Yudhoyono’s Nokia handset for 15 days in August 2009.
One page is titled “Indonesian President voice events” and provides what is called a CDR view. CDR are call data records; it can monitor who is called and who is calling but not necessarily what was said.
Another page shows that on at least one occasion Australian intelligence did attempt to listen in to one of Mr Yudhoyono’s conversations.
But according to the notes on the bottom of the page, the call was less than one minute long and therefore did not last long enough to be successfully tapped.
Factbox: Indonesia and Australia
Indonesia is one of Australia’s most important bilateral relationships.
Indonesia was Australia’s 12th largest trade partner in 2012.
Prime Minister Tony Abbott has pledged to increase two-way trade and investment flows.
President Yudhoyono has visited Australia four times during his presidency, more than any predecessor.
Asylum seekers remain a sticking point in relations; Australia seeks active cooperation.
In 2012-13, Australia’s aid assistance to Indonesia was worth an estimated $541.6 million.
Source: http://www.dfat.gov.au/geo/indonesia/indonesia_brief.html
Given the diplomatic furore that has already surrounded the claims that the Australian embassy in Jakarta was involved in general spying on Indonesia, these revelations of specific and targetted surveillance activity at the highest level are sure to increase the tension with our nearest and most important neighbour significantly.
On an official visit to Canberra last week, the Indonesian vice president publicly expressed Indonesia’s concern.
“Yes, the public in Indonesia is concerned about this,” Boediono said.
“I think we must look to come to some arrangement that guarantees intelligence information from each side is not used against the other.”
Last week Prime Minister Tony Abbott was keen to play down the significance of the spying allegations, saying that he was very pleased “we have such a close, cooperative and constructive relationship with the Indonesian government”.
That may be a little harder to say today.
By national defence correspondent Michael Brissenden
Updated Mon 18 Nov 2013, 8:11pm AEDT
Find this story at 18 November 2013
© 2013 ABC

Secret documents revealed by Edward Snowden show Australia tried to monitor the mobile calls of Susilo Bambang Yudhoyono and his wife
Susilo Bambang Yudhoyono, accompanied by his first lady, Kristiani Herawati, speaks to his Democratic party supporters during a rally in Banda Aceh, Aceh province, in March 2009. Photograph: Supri/Reuters
Australia’s spy agencies have attempted to listen in on the personal phone calls of the Indonesian president, Susilo Bambang Yudhoyono, and have targeted the mobile phones of his wife, senior ministers and confidants, a top-secret document from whistleblower Edward Snowden reveals.
The document, dated November 2009, names the president and nine of his inner circle as targets of the surveillance, including the vice-president, Boediono, who last week visited Australia. Other named targets include ministers from the time who are now possible candidates in next year’s Indonesian presidential election, and the first lady, Kristiani Herawati, better known as Ani Yudhoyono.
When a separate document from Snowden, a former contractor to the US’s National Security Agency (NSA), showed Australia had spied on Indonesia and other countries from its embassies, the Indonesian foreign minister, Marty Natalegawa, reacted angrily and threatened to review co-operation on issues crucial to Australia such as people smuggling and terrorism.
The revelation strained a bilateral relationship already under pressure over the Abbott government’s policy to “turn back” boats of asylum seekers coming to Australia. The new leak, published jointly by Guardian Australia and the Australian Broadcasting Corporation, reveals the specific top-level targets and is likely to seriously escalate those tensions.
The leaked material is a slide presentation, marked top secret, from the Australian Department of Defence and the Defence Signals Directorate, or DSD, (now called the Australian Signals Directorate), dealing with the interception of mobile phones as 3G technology was introduced in Asia. It includes a slide titled Indonesian President Voice Intercept, dated August 2009 and another slide, titled IA Leadership Targets + Handsets, listing the president and the first lady as having Nokia E90-1s, Boediono as having a BlackBerry Bold 9000, as well as the type and make of the mobile phones held by the other targets.
Also named as targets for the surveillance are Dino Patti Djalal, at the time the president’s foreign affairs spokesman, who recently resigned as Indonesia’s ambassador to the US and is seeking the candidacy in next year’s presidential election for the president’s embattled Democratic party, and Hatta Rajasa, now minister for economic affairs and possible presidential candidate for the National Mandate party. Hatta was at the time minister for transport and his daughter is married to the president’s youngest son.
A slide entitled Indonesian President Voice Intercept (August ’09), shows a call from an unknown number in Thailand to Yudhoyono. But the call did not last long enough for the DSD to fulfil its aims. “Nil further info at this time (didn’t make the dev threshold – only a sub-1minute call),” a note at the bottom says.
Another slide, titled Indonesian President Voice Events, has a graphic of calls on Yudhoyono’s Nokia handset over 15 days in August 2009. It plots CDRs – call data records – which record the numbers called and calling a phone, the duration of calls, and whether it was a voice call or SMS. The agency, in what is standard procedure for surveillance, appears to have expanded its operations to include the calls of those who had been in touch with the president. Another slide, entitled Way Forward, states an imperative: “Must have content.”
Also on the list of “IA Leadership Targets” are:
• Jusuf Kalla, the former vice-president who ran as the Golkar party presidential candidate in 2009.
• Sri Mulyani Indrawati, then a powerful and reforming finance minister and since 2010 one of the managing directors of the World Bank Group.
• Andi Mallarangeng, a former commentator and television host who was at the time the president’s spokesman, and who was later minister for youth and sports before resigning amid corruption allegations.
• Sofyan Djalil, described on the slide as a “confidant”, who until October 2009 was minister for state-owned enterprises.
• Widodo Adi Sucipto, a former head of the Indonesian military who was until October 2009 security minister.
Asked about the previous revelations about the embassies, Tony Abbott emphasised that they occurred during the administration of the former Labor government, that Australia’s activities were not so much “spying” as “research” and that its intention would always be to use any information “for good”. The prime minister has repeatedly insisted Australia’s relationship with Indonesia is “good and getting better”.
Boediono said during his visit to Australia – before being revealed as an intended target of Australia’s surveillance – that the Indonesian public was “concerned” about the spying allegations.
“I think we must look forward to come to some arrangement which guarantees that intelligence information from each side is not used against the other,” he said. “There must be a system.”
At the bottom of each slide in the 2009 presentation is the DSD slogan: “Reveal their secrets – protect our own.” The DSD is credited with supplying the information.
Yudhoyono now joins his German, Brazilian and Mexican counterparts as leaders who have been monitored by a member of Five Eyes, the collective name for the surveillance agencies of the US, Britain, Australia, New Zealand and Canada, who share information.
Germany, Brazil and Mexico have all protested to the US over the infringement of privacy by a country they regarded as friendly. The German chancellor, Angela Merkel, reacted with outrage to the revelation that her personal mobile phone had been tapped by the US, calling President Barack Obama to demand an explanation. The US eventually assured the chancellor that her phone was “not currently being tapped and will not be in the future”.
The Australian slide presentation, dated November 2009, deals with the interception of 3G mobile phones, saying the introduction of 3G in south-east Asia was nearly complete and providing dates for 3G rollout in Cambodia, Malaysia, the Philippines, Singapore and Thailand.
Talking about future plans, the Australian surveillance service says it “must have content” and be able to read encrypted messages, which would require acquiring the keys that would unlock them. Other documents from Snowden show the intelligence agencies have made huge inroads in recent years in finding ways into encrypted messages.
One of the slides, entitled DSD Way Forward, acknowledges that the spy agency’s resources are limited compared with its US and British counterparts. It says there is a “need to capitalise on UKUSA and industry capability”, apparently a reference to the help provided – willingly or under pressure – from telecom and internet companies. The slides canvass “options” for continued surveillance and the final slide advises: “Choose an option and apply it to a target (like Indonesian leadership).”
The tension between Australia and Indonesia began in October when documents revealed by the German newspaper Der Spiegel and published by Fairfax newspapers revealed that Australian diplomatic posts across Asia were being used to intercept phone calls and data. The Guardian then revealed that the DSD worked alongside America’s NSA to mount a massive surveillance operation in Indonesia during a UN climate change conference in Bali in 2007.
But these earlier stories did not directly involve the president or his entourage. Abbott made his first international trip as prime minister to Indonesia and has repeatedly emphasised the crucial importance of the bilateral relationship.
Speaking after his meeting with Boediono last week, Abbott said: “All countries, all governments gather information. That’s hardly a surprise. It’s hardly a shock.
“We use the information that we gather for good, including to build a stronger relationship with Indonesia and one of the things that I have offered to do today in my discussions with the Indonesian vice-president is to elevate our level of information-sharing because I want the people of Indonesia to know that everything, everything that we do is to help Indonesia as well as to help Australia. Indonesia is a country for which I have a great deal of respect and personal affection based on my own time in Indonesia.”
Asked about the spying revelations in a separate interview, Abbott said: “To use the term spying, it’s kind of loaded language … researching maybe. Talking to people. Understanding what’s going on.”
On Monday a spokesman for Abbott said: “Consistent with the long-standing practice of Australian governments, and in the interest of national security, we do not comment on intelligence matters.”
It remains unclear exactly who will contest next year’s Indonesian presidential election, in which Yudhoyono, having already served two terms, is not eligible to stand. Based on recent polling, the popular governor of Jakarta, Joko Widodo, known as Jokowi, and former general Prabowo Subianto would be frontrunners.
Ewen MacAskill in New York and Lenore Taylor in Canberra
theguardian.com, Monday 18 November 2013 00.58 GMT
Find this story at 18 November 2013
Find the documents at
 
© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Alan Rusbridger is being grilled by MPs – but he has published nothing that could be a threat to national security
The Guardian’s editor, Alan Rusbridger, is due to appear before the House of Commons home affairs select committee on Tuesday to answer questions about his newspaper’s publication of intelligence files leaked by Edward Snowden. Unlike the directors of MI5, MI6 and GCHQ, who gave evidence recently before the intelligence and security committee, Rusbridger will not be provided with a list of questions in advance.
There are at least five legal and political issues arising out of Snowden’s revelations on which reasonable opinion is divided. These include whether Snowden should enjoy the legal protection accorded a whistleblower who reveals wrongdoing; whether his revelations have weakened the counter-terrorism apparatus of the US or the UK; whether, conversely, they show the need for an overhaul of surveillance powers on both sides of the Atlantic (and even an international agreement to protect partners like Germany); whether parliament has been misled by the services about the extent of intrusive surveillance; and whether the current system for parliamentary oversight of the intelligence and security services is sufficiently robust to meet the international standards laid down by my predecessor at the UN, Martin Scheinin.
These questions are too important for the UN to ignore, and so on Tuesday I am launching an investigation that will culminate in a series of recommendations to the UN general assembly next autumn. As in the case of Chelsea Manning, there are also serious questions about sensitive information being freely available to so many people. The information Snowden had access to, which included top-secret UK intelligence documents, was available to more than 850,000 people, including Snowden – a contractor not even employed by the US government.
There is, however, one issue on which I do not think reasonable people can differ, and that is the importance of the role of responsible media in exposing questions of public interest. I have studied all the published stories that explain how new technology is leading to the mass collection and analysis of phone, email, social media and text message data; how the relationship between intelligence services and technology and telecoms companies is open to abuse; and how technological capabilities have moved ahead of the law. These issues are at the apex of public interest concerns. They are even more important – dare I say it – than whether Hugh Grant’s mobile was hacked by a tabloid.
The astonishing suggestion that this sort of journalism can be equated with aiding and abetting terrorism needs to be scotched decisively. Attacking the Guardian is an attempt to do the bidding of the services themselves, by distracting attention from the real issues. It is the role of a free press to hold governments to account, and yet there have even been outrageous suggestions from some Conservative MPs that the Guardian should face a criminal investigation.
It is disheartening to see some tabloids give prominence to this nonsense. When the Mail on Sunday took the decision to publish the revelations of the former MI5 officer David Shayler, no one suggested that the paper should face prosecution. Indeed, when the police later tried to seize the Guardian’s notes of its own interviews with Shayler, Lord Judge, the former lord chief justice, refused to allow it to happen – saying, rightly, that it would interfere with the vital role played by the media to expose public wrongdoing.
When it comes to damaging national security, comparisons between the two cases are telling. The Guardian has revealed that there is an extensive programme of mass surveillance that potentially affects every one of us, while being assiduous in avoiding the revelation of any name or detail that could put sources at risk. Rusbridger himself has made most of these decisions, as befits their importance. The Mail on Sunday, on the other hand, published material that was of less obvious public interest.
An even closer example is Katharine Gunn, the GCHQ whistleblower who revealed in 2003 that the US and UK were spying on the missions of Mexico and five other countries at the UN, in order to manipulate a vote in the security council in favour of military intervention in Iraq. Like Snowden, her defence was that she was acting to prevent a greater wrong – the attempt to twist the security council to the bellicose will of the US and UK. She was charged under the Official Secrets Act, but the case was dropped because the director of public prosecutions and attorney general rightly concluded that no jury would convict Gunn.
There can be no doubt that the Guardian’s revelations concern matters of international public interest. There is already an intense debate that has drawn interventions from some of the UK’s most senior political figures. Wholesale reviews have been mooted by President Obama, Chancellor Merkel and Nick Clegg, Britain’s deputy prime minister. Current and former privy councillors and at least one former law officer have weighed in.
In the US, a number of the revelations have already resulted in legislation. Senior members of Congress have informed the Guardian that they consider the legislation to have been misused, and the chair of the US Senate intelligence committee has said that as a result of the revelations it is now “abundantly clear that a total review of all intelligence programmes is necessary”.
In Europe, and particularly in Germany (which has a long and unhappy history of abusive state surveillance) the political class is incandescant. In November the Council of Europe parliamentary assembly endorsed the Tshwane International Principles on National Security and the Right to Information, which provide the strongest protection for public interest journalism deriving from whistleblowers. Lord Carlile, the former independent reviewer of terrorism legislation in the UK, took part in the drafting of the principles and has endorsed them as an international template for resolving issues such as the present one. Many states have registered serious objections at the UN about spying, and there are diplomatic moves towards an international agreement to restrict surveillance activity. In direct response to the Guardian’s revelations, Frank La Rue, the special rapporteur on freedom of expression, has brought forward new guidelines on internet privacy, which were adopted last week by the UN general assembly.
When it comes to assessing the balance that must be struck between maintaining secrecy and exposing information in the public interest there are often borderline cases. This isn’t one. It’s a no-brainer. The Guardian’s revelations are precisely the sort of information that a free press is supposed to reveal.
The claims made that the Guardian has threatened national security need to be subjected to penetrating scrutiny. I will be seeking a far more detailed explanation than the security chiefs gave the intelligence committee. If they wish to pursue an agenda of unqualified secrecy, then they are swimming against the international tide. They must justify some of the claims they have made in public, because, as matters stand, I have seen nothing in the Guardian articles that could be a risk to national security. In this instance the balance of public interest is clear.
Ben Emmerson
The Guardian, Monday 2 December 2013 18.21 GMT
Find this story at 2 December 2013
© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

With every fresh leak, the world learns more about the U.S. National Security Agency’s massive and controversial surveillance apparatus. Lost in the commotion has been the story of the NSA’s indispensable partner in its global spying operations: an obscure, clandestine unit of the Federal Bureau of Investigation that, even for a surveillance agency, keeps a low profile.
When the media and members of Congress say the NSA spies on Americans, what they really mean is that the FBI helps the NSA do it, providing a technical and legal infrastructure that permits the NSA, which by law collects foreign intelligence, to operate on U.S. soil. It’s the FBI, a domestic U.S. law enforcement agency, that collects digital information from at least nine American technology companies as part of the NSA’s Prism system. It was the FBI that petitioned the Foreign Intelligence Surveillance Court to order Verizon Business Network Services, one of the United States’ biggest telecom carriers for corporations, to hand over the call records of millions of its customers to the NSA.
But the FBI is no mere errand boy for the United States’ biggest intelligence agency. It carries out its own signals intelligence operations and is trying to collect huge amounts of email and Internet data from U.S. companies — an operation that the NSA once conducted, was reprimanded for, and says it abandoned.
The heart of the FBI’s signals intelligence activities is an obscure organization called the Data Intercept Technology Unit, or DITU (pronounced DEE-too). The handful of news articles that mentioned it prior to revelations of NSA surveillance this summer did so mostly in passing. It has barely been discussed in congressional testimony. An NSA PowerPoint presentation given to journalists by former NSA contractor Edward Snowden hints at DITU’s pivotal role in the NSA’s Prism system — it appears as a nondescript box on a flowchart showing how the NSA “task[s]” information to be collected, which is then gathered and delivered by the DITU.
But interviews with current and former law enforcement officials, as well as technology industry representatives, reveal that the unit is the FBI’s equivalent of the National Security Agency and the primary liaison between the spy agency and many of America’s most important technology companies, including Google, Facebook, YouTube, and Apple.
The DITU is located in a sprawling compound at Marine Corps Base Quantico in Virginia, home of the FBI’s training academy and the bureau’s Operational Technology Division, which runs all the FBI’s technical intelligence collection, processing, and reporting. Its motto: “Vigilance Through Technology.” The DITU is responsible for intercepting telephone calls and emails of terrorists and foreign intelligence targets inside the United States. According to a senior Justice Department official, the NSA could not do its job without the DITU’s help. The unit works closely with the “big three” U.S. telecommunications companies — AT&T, Verizon, and Sprint — to ensure its ability to intercept the telephone and Internet communications of its domestic targets, as well as the NSA’s ability to intercept electronic communications transiting through the United States on fiber-optic cables.
For Prism, the DITU maintains the surveillance equipment that captures what the NSA wants from U.S. technology companies, including archived emails, chat-room sessions, social media posts, and Internet phone calls. The unit then transmits that information to the NSA, where it’s routed into other parts of the agency for analysis and used in reports.
After Prism was disclosed in the Washington Post and the Guardian, some technology company executives claimed they knew nothing about a collection program run by the NSA. And that may have been true. The companies would likely have interacted only with officials from the DITU and others in the FBI and the Justice Department, said sources who have worked with the unit to implement surveillance orders.
“The DITU is the main interface with providers on the national security side,” said a technology industry representative who has worked with the unit on many occasions. It ensures that phone companies as well as Internet service and email providers are complying with surveillance law and delivering the information that the government has demanded and in the format that it wants. And if companies aren’t complying or are experiencing technical difficulties, they can expect a visit from the DITU’s technical experts to address the problem.
* * *
Recently, the DITU has helped construct data-filtering software that the FBI wants telecom carriers and Internet service providers to install on their networks so that the government can collect large volumes of data about emails and Internet traffic.
The software, known as a port reader, makes copies of emails as they flow through a network. Then, in practically an instant, the port reader dissects them, removing only the metadata that has been approved by a court.
The FBI has built metadata collection systems before. In the late 1990s, it deployed the Carnivore system, which the DITU helped manage, to pull header information out of emails. But the FBI today is after much more than just traditional metadata — who sent a message and who received it. The FBI wants as many as 13 individual fields of information, according to the industry representative. The data include the route a message took over a network, Internet protocol addresses, and port numbers, which are used to handle different kinds of incoming and outgoing communications. Those last two pieces of information can reveal where a computer is physically located — perhaps along with its user — as well as what types of applications and operating system it’s running. That information could be useful for government hackers who want to install spyware on a suspect’s computer — a secret task that the DITU also helps carry out.
The DITU devised the port reader after law enforcement officials complained that they weren’t getting enough information from emails and Internet traffic. The FBI has argued that under the Patriot Act, it has the authority to capture metadata and doesn’t need a warrant to get them. Some federal prosecutors have gone to court to compel port reader adoption, the industry representative said. If a company failed to comply with a court order, it could be held in contempt.
The FBI’s pursuit of Internet metadata bears striking similarities to the NSA’s efforts to obtain the same information. After the 9/11 terrorist attacks, the agency began collecting the information under a secret order signed by President George W. Bush. Documents that were declassified Nov. 18 by Barack Obama’s administration show that the agency ran afoul of the Foreign Intelligence Surveillance Court after it discovered that the NSA was collecting more metadata than the court had allowed. The NSA abandoned the Internet metadata collection program in 2011, according to administration officials.
But the FBI has been moving ahead with its own efforts, collecting more metadata than it has in the past. It’s not clear how many companies have installed the port reader, but at least two firms are pushing back, arguing that because it captures an entire email, including content, the government needs a warrant to get the information. The government counters that the emails are only copied for a fraction of a second and that no content is passed along to the government, only metadata. The port reader is designed also to collect information about the size of communications packets and traffic flows, which can help analysts better understand how communications are moving on a network. It’s unclear whether this data is considered metadata or content; it appears to fall within a legal gray zone, experts said.
* * *
The DITU also runs a bespoke surveillance service, devising or building technology capable of intercepting information when the companies can’t do it themselves. In the early days of social media, when companies like LinkedIn and Facebook were starting out, the unit worked with companies on a technical solution for capturing information about a specific target without also capturing information related to other people to whom the target was connected, such as comments on posts, shared photographs, and personal data from other people’s profiles, according to a technology expert who was involved in the negotiations.
The technicians and engineers who work at the DITU have to stay up to date on the latest trends and developments in technology so that the government doesn’t find itself unable to tap into a new system. Many DITU employees used to work for the telecom companies that have to implement government surveillance orders, according to the industry representative. “There are a lot of people with inside knowledge about how telecommunications work. It’s probably more intellectual property than the carriers are comfortable with the FBI knowing.”
The DITU has also intervened to ensure that the government maintains uninterrupted access to the latest commercial technology. According to the Guardian, the unit worked with Microsoft to “understand” potential obstacles to surveillance in a new feature of Outlook.com that let users create email aliases. At the time, the NSA wanted to make sure that it could circumvent Microsoft’s encryption and maintain access to Outlook messages. In a statement to the Guardian, Microsoft said, “When we upgrade or update products we aren’t absolved from the need to comply with existing or future lawful demands.” It’s the DITU’s job to help keep companies in compliance. In other instances, the unit will go to companies that manufacture surveillance software and ask them to build in particular capabilities, the industry representative said.
The DITU falls under the FBI’s Operational Technology Division, home to agents, engineers, electronic technicians, computer forensics examiners, and analysts who “support our most significant investigations and national security operations with advanced electronic surveillance, digital forensics, technical surveillance, tactical operations, and communications capabilities,” according to the FBI’s website. Among its publicly disclosed capabilities are surveillance of “wireline, wireless, and data network communication technologies”; collection of digital evidence from computers, including audio files, video, and images; “counter-encryption” support to help break codes; and operation of what the FBI claims is “the largest fixed land mobile radio system in the U.S.”
The Operational Technology Division also specializes in so-called black-bag jobs to install surveillance equipment, as well as computer hacking, referred to on the website as “covert entry/search capability,” which is carried out under law enforcement and intelligence warrants.
The tech experts at Quantico are the FBI’s silent cybersleuths. “While [the division’s] work doesn’t typically make the news, the fruits of its labor are evident in the busted child pornography ring, the exposed computer hacker, the prevented bombing, the averted terrorist plot, and the prosecuted corrupt official,” according to the website.
According to former law enforcement officials and technology industry experts, the DITU is among the most secretive and sophisticated outfits at Quantico. The FBI declined Foreign Policy’s request for an interview about the unit. But in a written statement, an FBI spokesperson said it “plays a key role in providing technical expertise, services, policy guidance, and support to the FBI and the intelligence community in collecting evidence and intelligence through the use of lawfully authorized electronic surveillance.”
In addition to Carnivore, the DITU helped develop early FBI Internet surveillance tools with names like CoolMiner, Packeteer, and Phiple Troenix. One former law enforcement official said the DITU helped build the FBI’s Magic Lantern keystroke logging system, a device that could be implanted on a computer and clandestinely record what its user typed. The system was devised to spy on criminals who had encrypted their communications. It was part of a broader surveillance program known as Cyber Knight.
In 2007, Wired reported that the FBI had built another piece of surveillance malware to track the source of a bomb threat against a Washington state high school. Called a “computer and Internet protocol address verifier,” it was able to collect details like IP addresses, a list of programs running on an infected computer, the operating system it was using, the last web address visited, and the logged-in user name. The malware was handled by the FBI’s Cryptologic and Electronic Analysis Unit, located next door to the DITU’s facilities at Quantico. Wired reported that information collected by the malware from its host was sent via the Internet to Quantico.
The DITU has also deployed what the former law enforcement official described as “beacons,” which can be implanted in emails and, when opened on a target’s computer, can record the target’s IP address. The former official said the beacons were first deployed to track down kidnappers.
* * *
Lately, one of the DITU’s most important jobs has been to keep track of surveillance operations, particularly as part of the NSA’s Prism system, to ensure that companies are producing the information that the spy agency wants and that the government has been authorized to obtain.
The NSA is the most frequent requester of the DITU’s services, sources said. There is a direct fiber-optic connection between Quantico and the agency’s headquarters at Fort Meade, Maryland; data can be moved there instantly. From the companies’ perspective, it doesn’t much matter where the information ends up, so long as the government shows up with a lawful order to get it.
“The fact that either the targets are coming from the NSA or the output goes to the NSA doesn’t matter to us. We’re being compelled. We’re not going to do any more than we have to,” said one industry representative.
But having the DITU act as a conduit provides a useful public relations benefit: Technology companies can claim — correctly — that they do not provide any information about their customers directly to the NSA, because they give it to the DITU, which in turn passes it to the NSA.
But in the government’s response to the controversy that has erupted over government surveillance programs, FBI officials have been conspicuously absent. Robert Mueller, who stepped down as the FBI’s director in September, testified before Congress about disclosed surveillance only twice, and that was in June, before many of the NSA documents that Snowden leaked had been revealed in the media. On Nov. 14, James Comey gave his first congressional testimony as the FBI’s new director, and he was not asked about the FBI’s involvement in surveillance operations that have been attributed to the NSA. Attorney General Eric Holder has made few public comments about surveillance. (His deputy has testified several times.)
The former law enforcement official said Holder and Mueller should have offered testimony and explained how the FBI works with the NSA. He was concerned by reports that the NSA had not been adhering to its own minimization procedures, which the Justice Department and the FBI review and vouch for when submitting requests to the Foreign Intelligence Surveillance Court.
“Where they hadn’t done what was represented to the court, that’s unforgivable. That’s where I got sick to my stomach,” the former law enforcement official said. “The government’s position is, we go to the court, apply the law — it’s all approved. That makes for a good story until you find out what was approved wasn’t actually what was done.”
BY SHANE HARRIS | NOVEMBER 21, 2013
Find this story at 21 November 2013
©2013 The Slate Group, LLC.

For now, law enforcement has trouble monitoring Gmail communications in real time
Despite the pervasiveness of law enforcement surveillance of digital communication, the FBI still has a difficult time monitoring Gmail, Google Voice, and Dropbox in real time. But that may change soon, because the bureau says it has made gaining more powers to wiretap all forms of Internet conversation and cloud storage a “top priority” this year.
Last week, during a talk for the American Bar Association in Washington, D.C., FBI general counsel Andrew Weissmann discussed some of the pressing surveillance and national security issues facing the bureau. He gave a few updates on the FBI’s efforts to address what it calls the “going dark” problem—how the rise in popularity of email and social networks has stifled its ability to monitor communications as they are being transmitted. It’s no secret that under the Electronic Communications Privacy Act, the feds can easily obtain archive copies of emails. When it comes to spying on emails or Gchat in real time, however, it’s a different story.
That’s because a 1994 surveillance law called the Communications Assistance for Law Enforcement Act only allows the government to force Internet providers and phone companies to install surveillance equipment within their networks. But it doesn’t cover email, cloud services, or online chat providers like Skype. Weissmann said that the FBI wants the power to mandate real-time surveillance of everything from Dropbox and online games (“the chat feature in Scrabble”) to Gmail and Google Voice. “Those communications are being used for criminal conversations,” he said.
While it is true that CALEA can only be used to compel Internet and phone providers to build in surveillance capabilities into their networks, the feds do have some existing powers to request surveillance of other services. Authorities can use a “Title III” order under the “Wiretap Act” to ask email and online chat providers furnish the government with “technical assistance necessary to accomplish the interception.” However, the FBI claims this is not sufficient because mandating that providers help with “technical assistance” is not the same thing as forcing them to “effectuate” a wiretap. In 2011, then-FBI general counsel Valerie Caproni—Weissmann’s predecessor—stated that Title III orders did not provide the bureau with an “effective lever” to “encourage providers” to set up live surveillance quickly and efficiently. In other words, the FBI believes it doesn’t have enough power under current legislation to strong-arm companies into providing real-time wiretaps of communications.
Because Gmail is sent between a user’s computer and Google’s servers using SSL encryption, for instance, the FBI can’t intercept it as it is flowing across networks and relies on the company to provide it with access. Google spokesman Chris Gaither hinted that it is already possible for the company to set up live surveillance under some circumstances. “CALEA doesn’t apply to Gmail but an order under the Wiretap Act may,” Gaither told me in an email. “At some point we may expand our transparency report to cover this topic in more depth, but until then I’m not able to provide additional information.”
Either way, the FBI is not happy with the current arrangement and is on a crusade for more surveillance authority. According to Weissmann, the bureau is working with “members of intelligence community” to craft a proposal for new Internet spy powers as “a top priority this year.” Citing security concerns, he declined to reveal any specifics. “It’s a very hard thing to talk about publicly,” he said, though acknowledged that “it’s something that there should be a public debate about.”
Ryan Gallagher is a journalist who reports from the intersection of surveillance, national security, and privacy for Slate’s Future Tense blog. He is also a Future Tense fellow at the New America Foundation.
By Ryan Gallagher
Find this story at 26 March 2013
© 2013 The Slate Group, LLC.

From the ‘Uncle Sam is Watching’ files:
Lots of concern and talk in the last couple of days over the Washington Post’s leaked government story on PRISM.
The TL;dr version is that PRISM was/is an NSA operation that routes American’s private information to the NSA where it can be analyzed in the interest of national security.
While the revelation about NSA PRISM is new – the fact that the U.S. Government has active programs to surveil the Internet for email and otherwise is not.
Back in 2005 it was revealed that the FBI had to abandon it’s own Internet surveillance effort known as Carnivore. With Carnivore, the FBI was quite literally injesting email and Internet content en masse from the U.S .
Officially known as the Digital Collection System 1000 (DCS-1000), Carnivore captures data traffic that flows through an Internet service provider (ISP). The system prompted a flurry of criticism from privacy advocates when it was announced in 2000 during the Clinton administration.
At the time that Carnivore was shut down, the Electronic Privacy Information Center (EPIC) speculated that, “FBI’s need for Carnivore-like Internet surveillance tools is decreasing, likely because ISPs are providing Internet traffic information directly to the government.”
Eight years later, it looks like EPIC was right – since it would appear based on the WaPo report that the NSA has been getting info directly from providers.
I saw the head of the NSA, General Alexander speak at Defcon last year and he’s slotted to speak as a keynote at Black Hat this year. I wonder if he’ll actually show up now given the revelation of PRISM.
By Sean Michael Kerner | June 06, 2013
Find this story at 6 June 2013
Copyright 2013 QuinStreet Inc.

FBI surveillance experts have put their once-controversial Carnivore Internet surveillance tool out to pasture, preferring instead to use commercial products to eavesdrop on network traffic, according to documents released Friday.
Two reports to Congress obtained by the Washington-based Electronic Privacy Information Center under the Freedom of Information Act reveal that the FBI didn’t use Carnivore, or its rebranded version “DCS-1000,” at all during the 2002 and 2003 fiscal years. Instead, the bureau turned to unnamed commercially-available products to conduct Internet surveillance thirteen times in criminal investigations in that period.
Carnivore became a hot topic among civil libertarians, some network operators and many lawmakers in 2000, when an ISP’s legal challenge brought the surveillance tool’s existence to light. One controversy revolved around the FBI’s legally-murky use of the device to obtain e-mail headers and other information without a wiretap warrant — an issue Congress resolved by explicitly legalizing the practice in the 2001 USA PATRIOT Act.
Under section 216 of the act, the FBI can conduct a limited form of Internet surveillance without first visiting a judge and establishing probable cause that the target has committed a crime. In such cases the FBI is authorized to capture routing information like e-mail addresses or IP addresses, but not the contents of the communications.
According to the released reports, the bureau used that power three times in 2002 and six times in 2003 in cases in which it brought its own Internet surveillance gear to the job. Each of those surveillance operations lasted sixty days or less, except for one investigation into alleged extortion, arson and “teaching of others how to make and use destructive devices” that ran over eight months from January 10th to August 26th, 2002.
Other cases investigated under section 216 involved alleged mail fraud, controlled substance sales, providing material support to terrorism, and making obscene or harassing telephone calls within the District of Columbia. The surveillance targets’ names are not listed in the reports.
In four additional cases, twice each in 2002 and 2003, the FBI obtained a full-blown Internet wiretap warrant from a judge, permitting them to capture the contents of a target’s Internet communications in real time. No more information on those cases is provided in the reports because they involved “sensitive investigations,” according to the bureau.
The new documents only enumerate criminal investigations in which the FBI deployed a government-owned surveillance tool, not those in which an ISP used its own equipment to facilitate the spying. Cases involving foreign espionage or international terrorism are also omitted.
Developed by a contractor, Carnivore was a customizable packet sniffer that, in conjunction with other FBI tools, could capture e-mail messages, and reconstruct Web pages exactly as a surveillance target saw them while surfing the Web. FBI agents lugged it with them to ISPs that lacked their own spying capability.
Kevin Poulsen, SecurityFocus 2005-01-14
Find this story at 14 January 2005
Copyright 2010, SecurityFocus

One of the nation’s largest Internet-service providers, EarthLink Inc., has refused toinstall a new Federal Bureau of Investigation electronic surveillance device on its network, saying technical adjustments required to use the device caused disruptions for customers.
The FBI has used Carnivore, as the surveillance device is called, in a number of criminal investigations. But EarthLink is the first ISP to offer a public account of an actual experience with Carnivore. The FBI has claimed that Carnivore won’t interfere with an ISP’s operations.
“It has the potential to hurt our network, to bring pieces of it down,” Steve Dougherty, EarthLink’s director of technology acquisition, said of Carnivore. “It could impact thousands of people.”
While EarthLink executives said they would continue to work with authorities in criminal investigations, they vowed not to allow the FBI to install Carnivore on the company’s network. The company also has substantial privacy concerns.
EarthLink has already voiced its concerns in court. The ISP is the plaintiff in a legal fight launched against Carnivore earlier this year with the help of attorney Robert Corn-Revere, according to people close to the case. Previously, the identity of the plaintiff in the case, which is under seal, wasn’t known. A federal magistrate ruled against EarthLink in the case early this year, forcing it to give the FBI access to its system. Mr. Corn-Revere declined to comment.
EarthLink’s problems with Carnivore began earlier this year, when the FBI installed a Carnivore device on its network at a hub site in Pasadena, Calif. The FBI had a court order that allowed it to install the equipment as part of a criminal investigation.
The FBI connected Carnivore, a small computer box loaded with sophisticated software for monitoring e-mail messages and other online communications, to EarthLink’s remote access servers, a set of networking equipment that answers incoming modem calls from customers. But Carnivore wasn’t compatible with the operating system software on the remote access servers. So EarthLink had to install an older version of the system software that would work with Carnivore, according to Mr. Dougherty.
EarthLink says the older version of the software caused its remote access servers to crash, which in turn knocked out access for a number of its customers. Mr. Dougherty declined to specify how many, saying only that “many” people were affected.
EarthLink executives said they were also concerned about privacy. The company said it had no way of knowing whether Carnivore was limiting its surveillance to the criminal investigation at hand or trolling more broadly. Other ISPs have said there could be serious liability issues for them if the privacy of individuals not connected to an investigation is compromised.
“There ought to be some transparency to the methods and tools that law enforcement is using to search-and-seize communications,” said John R. LoGalbo, vice president of public policy at PSINet Inc., an ISP in Ashburn, Va.
EarthLink executives declined to say whether the company has received court orders for information about other customers since the disruption earlier this year. EarthLink said it would help authorities in criminal investigations using techniques other than Carnivore.
The FBI insists that Carnivore doesn’t affect the performance or stability of an ISP’s existing networks. The bureau says Carnivore passively monitors traffic, recording only information that is relevant to FBI investigations.
In some cases, the FBI said, the ISP is equipped to turn over data without the use of Carnivore. This is common in cases where only e-mail messages are sought because that type of data can easily be obtained through less-intrusive means.
Attorney General Janet Reno said Thursday that she was putting the system under review. She said the Justice Department would investigate Carnivore’s constitutional implications and make sure that the FBI was using it in “a consistent and balanced way.”
Write to Nick Wingfield at nick.wingfield@wsj.com , Ted Bridis at ted.bridis@wsj.com and Neil King Jr. at neil.king@wsj.com
By NICK WINGFIELD, TED BRIDIS and
NEIL KING JR. | Staff Reporters of
THE WALL STREET JOURNAL
Find this story at 14 July 2000
Copyright ©2013 Dow Jones & Company, Inc.

On July 11, 2000, the existence of an FBI Internet monitoring system called “Carnivore” was widely reported. Although the public details were sketchy, reports indicated that the Carnivore system is installed at the facilities of an Internet Service Provider (ISP) and can monitor all traffic moving through that ISP. The FBI claims that Carnivore “filters” data traffic and delivers to investigators only those “packets” that they are lawfully authorized to obtain. Because the details remain secret, the public is left to trust the FBI’s characterization of the system and — more significantly — the FBI’s compliance with legal requirements.
One day after the initial disclosures, EPIC filed a Freedom of Information Act (FOIA) request seeking the public release of all FBI records concerning Carnivore, including the source code, other technical details, and legal analyses addressing the potential privacy implications of the technology. On July 18, 2000, after Carnivore had become a major issue of public concern, EPIC asked the Justice Department to expedite the processing of its request. When DOJ failed to respond within the statutory deadline, EPIC filed suit in U.S. District Court seeking the immediate release of all information concerning Carnivore.
At an emergency hearing held on August 2, 2000, U.S. District Judge James Robertson ordered the FBI to report back to the court by August 16 and to identify the amount of material at issue and the Bureau’s schedule for releasing it. The FBI subsequently reported that 3000 pages of responsive material were located, but it refused to commit to a date for the completion of processing.
In late January 2001, the FBI completed its processing of EPIC’s FOIA request. The Bureau revised its earlier estimate and reported that there were 1756 pages of responsive material; 1502 were released in part and 254 were withheld in their entirety (see link below for sample scanned documents).
On August 1, 2001, the FBI moved for summary judgment, asserting that it fully met its obligations under FOIA. On August 9, 2001, EPIC filed a motion to stay further proceedings pending discovery, on the grounds that the FBI has failed to conduct an adequate search for responsive documents.
On March 25, 2002, the court issued an order directing the FBI to initiate a new search for responsive documents. The new search was to be conducted in the offices of General Counsel and Congressional & Public Affairs, and be completed no later than May 24, 2002. The documents listed above were located and released as a result of that court-ordered search.
Find this story at 11 July 2000
Find the FOIA documents at
And here

A web spying capability, multi-million dollar price tag, and a secret Carnivore ancestor are some of the details to poke through heavy FBI editing.
“ Carnivore is remarkably tolerant of network aberration, such a speed change, data corruption and targeted smurf type attacks. ”
FBI report
WASHINGTON–The FBI’s Carnivore surveillance tool monitors more than just email. Newly declassified documents obtained by Electronic Privacy Information Center (EPIC) under the Freedom of Information Act reveal that Carnivore can monitor all of a target user’s Internet traffic, and, in conjunction with other FBI tools, can reconstruct web pages exactly as a surveillance target saw them while surfing the web. The capability is one of the new details to emerge from some six-hundred pages of heavily redacted documents given to the Washington-based nonprofit group this week, and reviewed by SecurityFocus Wednesday. The documents confirm that Carnivore grew from an earlier FBI project called Omnivore, but reveal for the first time that Omnivore itself replaced a still older tool. The name of that project was carefully blacked out of the documents, and remains classified “secret.” The older surveillance system had “deficiencies that rendered the design solution unacceptable.” The project was eventually shut down. Development of Omnivore began in February 1997, and the first prototypes were delivered on October 31st of that year. The FBI’s eagerness to use the system may have slowed its development: one report notes that it became “difficult to maintain the schedule,” because the Bureau deployed the nascent surveillance tool for “several emergency situations” while it was still in beta release. “The field deployments used development team personnel to support the technical challenges surrounding the insertion of the OMNIVORE device,” reads the report. The ‘Phiple Troenix’ Project In September 1998, the FBI network surveillance lab in Quantico launched a project to move Omnivore from Sun’s Solaris operating system to a Windows NT platform. “This will facilitate the miniaturization of the system and support a wide range of personal computer (PC) equipment,” notes the project’s Statement of Need. (Other reasons for the switch were redacted from the documents.) The project was called “Phiple Troenix”–apparently a spoonerism of “Triple Phoenix,” a type of palm tree–and its result was dubbed “Carnivore.” Phiple Troenix’s estimated price tag of $800,000 included training for personnel at the Bureau’s Washington-based National Infrastructure Protection Center (NIPC). Meanwhile, the Omnivore project was formally closed down in June 1999, with a final cost of $900,000. Carnivore came out of beta with version 1.2, released in September 1999. As of May 2000, it was in version 1.3.4. At that time it underwent an exhaustive series of carefully prescribed tests under a variety of conditions. The results, according to a memo from the FBI lab, were positive. “Carnivore is remarkably tolerant of network aberration, such a speed change, data corruption and targeted smurf type attacks.
RELATED STORIES
Corporate Carnivore Available
Forty-five days of the Carnivore
Carnivore: Just Say No?
Carnivore in Court
“We call ours ‘Sniffy.'”
FBI Defends Carnivore
The FBI can
configure the tool to store all traffic to or from a particular Internet IP address, while monitoring DHCP and RADIUS protocols to track a particular user. In “pen mode,” in which it implements a limited type of surveillance not requiring a wiretap warrant, Carnivore can capture all packet header information for a targeted user, or zero in on email addresses or FTP login data. Web Surveillance Version 2.0 will include the ability to display captured Internet traffic directly from Carnivore. For now, the tool only stores data as raw packets, and another application called “Packeteer” is later used to process those packets. A third program called “CoolMiner” uses Packeteer’s output to display and organize the intercepted data. Collectively, the three applications, Carnivore, Packeteer and CoolMiner, are referred to by the FBI lab as the “DragonWare suite.” The documents show that in tests, CoolMiner was able to reconstruct HTTP traffic captured by Carnivore into coherent web pages, a capability that would allow FBI agents to see the pages exactly as the user saw them while surfing the web. Justice Department and FBI officials have testified that Carnivore is used almost exclusively to monitor email, but noted that it was capable of monitoring messages sent over web-based email services like Hotmail. An “Enhanced Carnivore” contract began in November 1999, the papers show, and will run out in January of next year at a total cost of $650,000. Some of the documents show that the FBI plans to add yet more features to version 2.0 and 3.0 of the surveillance tool, but the details are almost entirely redacted. A document subject to particularly heavy editing shows that the FBI was interested in voice over IP technology, and was in particular looking at protocols used by Net2Phone and FreeTel. EPIC attorney David Sobel said the organization intends to challenge the FBI’s editing of the released documents. In the meantime, EPIC is hurriedly scanning in the pages and putting them on the web, “so that the official technical review is not the only one,” explained Sobel. “We want an unofficial review with as wide a range of participants as possible.” The FBI’s next release of documents is scheduled for mid-November.
Kevin Poulsen, SecurityFocus 2000-10-04
Find this story at 4 October 2000
Copyright 2010, SecurityFocus

Agent Thomas gave a demonstration of both Carnivore 1.34 (the currently
deployed version) and Carnivore 2.0 (the development version) as well as
some of the other DragonWare tools.
Most of this information isn’t new, but it demonstrates that the
DragonWare tools can be used to massively analyze all network traffic
accessible to a Carnivore box.
The configuration screen of Carnivore shows that protocol information can
be captured in 3 different modes: Full, Pen, and None. There are check
boxes for TCP, UDP, and ICMP.
Carnivore can be used to capture all data sent to or from a given IP
address, or range of IP addresses.
It can be used to search on information in the traffic, doing matching
against text entered in the “Data Text Strings” box. This, the agent
assured us, was so that web mail could be identified and captured, but
other browsing could be excluded.
It can be used to automatically capture telnet, pop3, and FTP logins with
the click of a check box.
It can monitor mail to and/or from specific email addresses.
It can be configured to monitor based on IP address, RADIUS username, MAC
address, or network adaptor.
IPs can be manually added to a running Carnivore session for monitoring.
Carnivore allows for monitoring of specific TCP or UDP ports and port
ranges (with drop down boxes for the most common protocols).
Carnivore 2.0 is much the same, but the configuration menu is cleaner, and
it allows Boolean statements for exclusion filter creation.
—
The Packeteer program takes raw network traffic dumps, reconstructs the
packets, and writes them to browsable files.
CoolMiner is the post-processor session browser. The demo was version
1.2SP4. CoolMiner has the ability to replay a victim’s steps while web
browsing, chatting on ICQ, Yahoo Messenger, AIM, IRC. It can step through
telnet sessions, AOL account usage, and Netmeeting. It can display
information sent to a network printer. It can process netbios data.
CoolMiner displays summary usage, broken down by origination and
destination IP addresses, which can be selectively viewed.
Carnivore usually runs on Windows NT Workstation, but could run on Windows
2000.
Some choice quotes from Agent Thomas:
“Non-relevant data is sealed from disclosure.”
“Carnivore has no active interaction with any devices on the network.”
“In most cases Carnivore is only used with a Title III. The FBI will
deploy Carnivore without a warrant in cases where the victim is willing to
allow a Carnivore box to monitor his communication.”
“We rely on the ISP’s security [for the security of the Carnivore box].”
“We aren’t concerned about the ISP’s security.”
When asked how Carnivore boxes were protected from attack, he said that
the only way they were accessible was through dialup or ISDN. “We could
take measures all the way up to encryption if we thought it was
necessary.”
While it doesn’t appear that Carnivore uses a dial-back system to prevent
unauthorized access, Thomas mentioned that the FBI sometimes “uses a
firmware device to prevent unauthorized calls.”
When asked to address the concerns that FBI agents could modify Carnivore
data to plant evidence, Thomas reported that Carnivore logs FBI agents’
access attempts. The FBI agent access logs for the Carnivore box become
part of the court records. When asked the question “It’s often common
practice to write back doors into [software programs]. How do we know you
aren’t doing that?”, Thomas replied “I agree 100%. You’re absolutely
right.”
When asked why the FBI would not release source, he said: “We don’t sell
guns, even though we have them.”
When asked: “What do you do in cases where the subject is using
encryption?” Thomas replied, “This suite of devices can’t handle that.” I
guess they hand it off to the NSA.
He further stated that about 10% of the FBI’s Carnivore cases are thwarted
by the use of encryption, and that it is “more common to find encryption
when we seize static data, such as on hard drives.”
80% of Carnivore cases have involved national security.
Marcus Thomas can be contacted for questions at mthomas@fbi.gov or at
(730) 632-6091. He is “usually at his desk.”
24 October 2000
Find this story at 24 October 2000

Abdeen Jabara was hardly shocked when the scandal over the National Security Agency’s global surveillance dragnet broke in June.

“I was not at all surprised by the Snowden revelations about the NSA,” Jabara, a prominent lawyer and a founder of the American-Arab Anti-Discrimination Committee, told me in a phone interview. “The United States has this huge, huge international surveillance apparatus in place and after 9/11 they were going to use it as much as they could as part of the war on terror. It was just too tempting.”

He would know–he’s lived it. Jabara is one of many Americans to have been personally spied on by the NSA decades ago. A court battle that started in 1972 eventually forced the secretive surveillance agency to acknowledge that it pried into the life of an American in an effort that began in August 1967. The disclosure was the first time the U.S. admitted it had spied on an American.

Jabara’s story lays bare the deep roots of the NSA’s surveillance. Today, with the NSA operating under the ethos of “collect it all,” there’s much more surveillance of Americans when compared to prior decades. But the current spying occurs in a less targeted way.

Documents published by The Guardian have revealed that virtually every American’s communications are swept up by phone and Internet surveillance, though the government is not targeting individual Americans. Instead, the NSA is targeting foreigners but has retained–and sometimes searched– information about Americans in communication with foreign subjects of spying. In contrast, Jabara was working as a lawyer at a time when the NSA was specifically targeting domestic dissidents.

In 1972, Jabara filed suit against the government for prying into his life. A young Detroit-based attorney at the time, Jabara represented people from the Arab-American community caught up in legal trouble. He also took on the cases of people harassed by the Federal Bureau of Investigation, which had stepped up efforts to surveil Arab activists in the aftermath of the 1967 war, when the U.S. alliance with Israel was solidified. Jabara was caught up in what was called “Operation Boulder,” a Nixon administration-era program that put Arabs under surveillance. “Operation Boulder,” which was sparked by the murder of Israeli athletes at the Munich Olympics in 1972, went after domestic activist groups and was instrumental in the deportation of hundreds of people on technical irregularities.

Jabara was spied on without a warrant, albeit incidentally–the U.S. government never targeted him, but surveilled phone calls and telegrams from his clients. His case forced the government to disclose that Jabara was spied on and that non-governmental domestic groups shared information on Jabara with the U.S. The FBI was the primary agency tracking him, but it was the NSA that furnished the federal law enforcement agency with records of Jabara’s phone conversations.

In 1979, a federal district court judge handed Jabara and his legal team a victory with a ruling that said the U.S. had violated Jabara’s Fourth Amendment and privacy rights. The federal government appealed, and a separate court delivered a setback to Jabara. In 1982, an appeals court ruled that the government can intercept conversations between U.S. citizens and people overseas–even if there is no reason to believe the citizen is a “foreign agent.” The final step in the case came in 1984, when the FBI agreed to destroy all the files on Jabara and stipulated that the lawyer did not engage in criminal activity.

The timeline of Jabara’s case traverses a changing legal landscape governing surveillance. When Jabara first filed suit, there was no legal framework prohibiting the government from spying on Americans without a warrant. But in the wake of disclosures about the NSA keeping a “watch list” of some 1,650 anti-war activists and other evidence of domestic surveillance, the Foreign Intelligence Surveillance Act was passed in 1979. The act required intelligence agencies to go to a secretive court–where the judges are handpicked by the Supreme Court’s Chief Justice–in order to target Americans. It’s an open question whether the secretive court, criticized for being deferential to government claims, would have denied the NSA’s and FBI’s bid to spy on Jabara. But it would have had to show probable cause that Jabara was an agent of a foreign power–an assertion that federal judges eventually rejected.

Parallels between current-day surveillance and the spying on Jabara are easy to come by. The U.S. government attempted to shield disclosing data on surveilling Jabara by asserting the “state secrets” privilege. The Obama administration used the same argument to try to dismiss a lawsuit against the NSA. Both surveillance efforts raise the question of how to square a secret spying regime with a Constitution that ostensibly protects privacy. And the government revealed that it shared information on Jabara with three foreign governments–a foreshadowing of revelations that the U.S. shares intelligence information with allies, including the Israeli government. (Jabara suspected that the U.S. shared data on him with Israel, though the government denied that.)

Lee Tien, a senior staff attorney with the Electronic Frontier Foundation, said that not much had shifted since the government spied on Jabara. “What has changed is that the intelligence community is doing even more surveillance,” Tien told me in an interview. “What didn’t change? They’re still surveilling people in the United States and they’re doing it illegally.”

Now, the question is whether more legal checks will be put on the NSA’s surveillance regime. The secretive agency is battling civil liberties groups in courts and could be reined in by new legislation proposed by elected officials. But Jabara’s case–and the long history of NSA spying–shows that despite reform efforts, spying on Americans continues unabated.

Alex Kane on October 3, 2013

Find this story at 3 October 2013

© 2013 Mondoweiss

As more revelations come to light about the National Security Agency, we speak to civil rights attorney Abdeen Jabara, co-founder of the American-Arab Anti-Discrimination Committee. He was involved in a groundbreaking court case in the 1970s that forced the NSA to acknowledge it had been spying on him since 1967. At the time of the spying, Jabara was a lawyer in Detroit representing Arab-American clients and people being targeted by the FBI. The disclosure was the first time the NSA admitted it had spied on an American.
Transcript

This is a rush transcript. Copy may not be in its final form.

AMY GOODMAN: I want to turn now to a—perhaps related, but certainly to the climate, I want to end today’s show on the National Security Agency. Our guest here in New York, Abdeen Jabara, who was co-founder of the American-Arab Anti-Discrimination Committee, was involved in a groundbreaking court case in the 1970s that forced the National Security Agency to acknowledge it had been spying on him since 1967. The disclosure was the first time, I believe, that the NSA admitted it had spied on an American. I mean, this is at a time, Abdeen Jabara, that most people had no idea what the NSA was. This is not like these last few months.

ABDEEN JABARA: Well, it was—this is very interesting. I didn’t know what the NSA was. I mean, I started a lawsuit against the FBI, because I thought that the FBI had been spying on me and monitoring my activities—

AMY GOODMAN: Why?

ABDEEN JABARA: —and that of my clients. Well, I’ll tell you why. Because I had been very, very active in Palestinian support work. And one day I read in Newsweek magazine, in the Periscope section, that 26 Arabs in the United States had been targeted for surveillance, electronic surveillance. So, I thought, surely, some of those had been clients of mine or had talked to me on the phone about issues and so forth. And that’s when I brought the lawsuit. And—

AMY GOODMAN: So you sued the FBI in 1972.

ABDEEN JABARA: Right, I sued the FBI in 1972, and the FBI answered. And on the issue about electronic surveillance, they declined to answer on the basis that it was privileged and state secret. At that point in time, the ACLU came in to represent me, and we forced them to answer that question. They admitted that there had been some overhears, alright, that I had not been personally targeted for electronic surveillance, but there had been overhears of my conversations with some of my clients. And they also said they received information from other federal agencies. And they didn’t want to answer that, who that agency was. And the court compelled them to answer. And it turned out that other agency was the NSA. And we didn’t know, you know, what the NSA was. Jim Bamford’s book, The Puzzle Palace, hadn’t yet been published. And we found out that the FBI had requested any information that the NSA had, and the NSA had six different communications that I had made. I was president of the Association of American Arab University Graduates in 1972, so I had a great deal of work on my plate as the president of the association. And I don’t know what these communications were.

And the district court, Judge Ralph Freeman, held that my First Amendment and my Fourth Amendment rights had been violated. An appeal was made to the Sixth Circuit Court of Appeals in Cincinnati. And the Sixth Circuit set aside part of that ruling, saying that there is no violation of a Fourth Amendment right by the National Security Agency to surveil an American’s communications overseas, even though the person is not a foreign agent. And, in fact, five years ago, Congress codified that, where they have said—and there’s an article in today’s New York Times about this—by saying that there’s no warrant requirement where the target is a foreign target, even though an American citizen is communicating overseas.

So, this whole issue, I was surprised, after all the revelations about the Snowden-NSA brouhaha, that nobody had looked back at what had occurred back in the—in the ’70s to show that at that time it came out in the press that over 1,600 Americans had been surveilled by the NSA. And this was before the passage of FISA, Foreign Intelligence Surveillance Act. Out of that issue in the ’70s, they passed this FISA Act, which said that—and they set up a secret court, which is the national security court. The judges of that are appointed by the chief justice of the Supreme Court.

AMY GOODMAN: We have less than a minute. So—

ABDEEN JABARA: Yes.

AMY GOODMAN: —keep going.

ABDEEN JABARA: So, they set that up, and they said that that will create safeguards, alright? This will create safeguards, and that the only targets can be foreign agents.

AMY GOODMAN: Finally, Abdeen Jabara, so there are all these records on you, not only that the FBI and NSA had. How many other agencies had them? And did you get them expunged?

ABDEEN JABARA: As a matter of fact, I did. After the case was remanded to the trial court, the district in Detroit, we entered into a settlement with the FBI whereby they acknowledged that I had not been in violation of any U.S. laws, that I had been exercising my constitutional rights, and that they would destroy the entire file that they had collected on me.

AMY GOODMAN: How many agencies had they shared this file with?

ABDEEN JABARA: They had shared it with three foreign governments and 17—

AMY GOODMAN: Which governments?

ABDEEN JABARA: —17 domestic agencies.

AMY GOODMAN: Which governments?

ABDEEN JABARA: Well, they didn’t tell us.

AMY GOODMAN: Ah—

ABDEEN JABARA: But you can just surmise.

AMY GOODMAN: I want to thank you all for being with us. Thank you so much, Abdeen Jabara, former vice chair of the ADC, one of the founders of the American-Arab Anti-Discrimination Committee; Albert Mokhiber, former president of the ADC; and Congressmember John Conyers. Congratulations on your almost 50 years of service.

I’ll be speaking on Saturday at 2:00 at the Green Fest in Los Angeles, and at 6:00 at Newport Beach Marriott in California.

The original content of this program is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 United States License. Please attribute legal copies of this work to democracynow.org. Some of the work(s) that this program incorporates, however, may be separately licensed. For further information or additional permissions, contact us.

Thursday, October 17, 2013

Find this story at 17 October 2013

For those of us who know something about the National Security Agency (NSA) and who have at the same time been closely following the drip-drop page-at-a-time disclosures of NSA documents by Glenn Greenwald and Laura Poitras, this has been an enormously frustrating time. Many of the recent headlines in the newspapers, especially in Europe, promise much, but when you do a tear-down analysis of the contents there is very little of substance there that we did not already know. Last week’s expose by the Dutch newspaper NRC Handelsblad was just such an example, where with one single example everything that the newspaper claimed was brand new had (in fact) been published 17 years earlier by Dutch historian Dr. Cees Wiebes. Ah, what we do to sell newspapers.

There should also be tighter fact-checking by the newspapers of their interpretation of the information that they are being spoon-fed before they rush to print.

For instance, over the past month or so we have been fed once-a-week articles from newspapers France, Germany, Spain, Norway and now the Netherlands (does anyone see a pattern here) all based on a single NSA document from the agency’s BOUNDLESSINFORMANT database of metadata intercepts for a 30-day period from December 2012 to January 2013. The newspaper headlines all have claimed that the BOUNDLESSINFORMANT revealed that NSA was intercepting the telephone and internet communications of these countries. But an analysis of the SIGINT Activity Designators (SIGADs) listed in these documents reveals that NSA was not intercepting these communications, but rather the host nation intelligence services – to whit the BND in Germany, DGSE in France, the FE in Norway and the MIVD in the Netherlands. These agencies have secretly been proving this metadata material to NSA, although it is not known for how long.

There are other factual problems with the interpretation that has been placed on these documents. It really would be nice if the individuals using these materials do a little research into NSA operational procedures before leaping to conclusions lest they be further embarrassed in the future by mistakes such as this.

I am not the only person who has noted some of these glaring mistakes being made by the authors of the recent newspaper articles based on the BOUNDLESSINFORMANT document. Here is an insightful study done by a Dutch analyst who has been closely following the materials being leaked:

Screenshots from BOUNDLESSINFORMANT can be misleading

electrospaces.blogspot.nl

November 23, 2013

Over the last months, a number of European newspapers published screenshots from an NSA tool codenamed BOUNDLESSINFORMANT, which were said to show the number of data that NSA collected from those countries.

Most recently, a dispute about the numbers mentioned in a screenshot about Norway urged Snowden-journalist Glenn Greenwald to publish a similar screenshot about Afghanistan. But as this article will show, Greenwald’s interpretation of the latter was wrong, which also raises new questions about how to make sense out of the screenshots about other countries.

Norway vs Afghanistan

On November 19, the website of the Norwegian tabloid Dagbladet published a BOUNDLESSINFORMANT screenshot which, according to the paper, showed that NSA apparently monitored 33 million Norwegian phone calls (although actually, the NSA tool only presents metadata).

The report by Dagbladet was almost immediatly corrected by the Norwegian military intelligence agency Etteretningstjenesten (or E-tjenesten), which said that they collected the data “to support Norwegian military operations in conflict areas abroad, or connected to the fight against terrorism, also abroad” and that “this was not data collection from Norway against Norway, but Norwegian data collection that is shared with the Americans”.

Earlier, a very similar explanation was given about the data from France, Spain and Germany. They too were said to be collected by French, Spanish and German intelligence agencies outside their borders, like in war zones, and then shared with NSA. Director Alexander added that these data were from a system that contained phone records collected by the US and NATO countries “in defense of our countries and in support of military operations”.

Glenn Greenwald strongly contradicted this explanation in an article written for Dagbladet on November 22. In trying to prove his argument, he also released a screenshot from BOUNDLESSINFORMANT about Afghanistan (shown down below) and explained it as follows:
“What it shows is that the NSA collects on average of 1.2-1.5 million calls per day from that country: a small subset of the total collected by the NSA for Spain (4 million/day) and Norway (1.2 million).

Clearly, the NSA counts the communications it collects from Afghanistan in the slide labeled «Afghanistan» — not the slides labeled «Spain» or «Norway». Moreover, it is impossible that the slide labeled «Spain» and the slide labeled «Norway» only show communications collected from Afghanistan because the total collected from Afghanistan is so much less than the total collected from Spain and Norway.”

Global overview

But Greenwald apparently forgot some documents he released earlier:

Last September, the Indian paper The Hindu published three less known versions of the BOUNDLESSINFORMANT global overview page, showing the total amounts of data sorted in three different ways: Aggregate, DNI and DNR. Each results in a slightly different top 5 of countries, which is also reflected in the colors of the heat map.

In the overall (aggregated) counting, Afghanistan is in the second place, with a total amount of over 2 billion internet records (DNI) and almost 22 billion telephony records (DNR) counted:

The screenshot about Afghanistan published by Greenwald only shows information about some 35 million telephony (DNR) records, collected by a facility only known by its SIGAD US-962A5 and processed or analysed by DRTBox. This number is just a tiny fraction of the billions of data from both internet and telephone communications from Afghanistan as listed in the global overview.

Differences

With these big differences, it’s clear that this screenshot about Afghanistan is not showing all data which NSA collected from that country, not even all telephony data. The most likely option is that it only shows metadata from telephone communications intercepted by the facility designated US-962A5.

That fits the fact that this SIGAD denotes a sub- or even sub-sub-facility of US-962, which means there are more locations under this collection program. Afghanistan is undoubtedly being monitored by numerous SIGINT collection stations and facilities, so seeing only one SIGAD in this screenshot proves that it can never show the whole collection from that country.

This makes that Greenwald’s argument against the data being collected abroad is not valid anymore (although there maybe other arguments against it). Glenn Greenwald was asked via Twitter to comment on the findings of this article, but there was no reaction.

More questions

The new insight about the Afghanistan data means that the interpretation of the screenshots about other countries can be wrong too. Especially those showing only one collection facility, like France, Spain and Norway (and maybe also Italy and The Netherlands), might not be showing information about that specific country, but maybe only about the specific intercept location.

This also leads to other questions, like: are this really screenshots (why is there no classification marking)? Are they part of other documents or did Snowden himself made them? And how did he make the selection: by country, by facility, or otherwise?

There are many questions about NSA capabilities and operations which Snowden cannot answer, but he can answer how exactly he got to these documents and what their proper context is. Maybe Glenn Greenwald also knows more about this, and if so, it’s about time to tell that part of the story too.

Matthew M. Aid is the author of Intel Wars: The Secret History of the Fight Against Terror (January 2012) and The Secret Sentry, the definitive history of the National Security Agency. He is a leading intelligence historian and expert on the NSA, and a regular commentator on intelligence matters for the New York Times, the Financial Times, the National Journal, the Associated Press, CBS News, National Public Radio (NPR) and many others. He lives in Washington, DC.

November 24, 2013

Find this story at 24 November 2013

Een van de elementen op de kaart van de NRC van zaterdag zijn de rode stippen die de vestigingen van SCS aangeven. Dat bestand is hetzelfde als dat van de kaart in Spiegel, waarvan een ongecensureerde versie  beschikbaar is bij Cryptome.

Die kaart is uit augustus 2010. Als je de kaarten naast elkaar legt kom je een eind bij het vaststellen welke plaatsen NRC zwart heeft gemaakt. Wat betreft Europa kom je dan bijv. op het rijtje Bakoe, Kiev, Madrid , Moskou en
Tblisi.

x-keyscore servers op Cryptome

SCS sites op Cryptome

NRC driver 1