Berlin drängt auf Antworten aus London: Justizministerin Leutheusser-Schnarrenberger hat zwei britische Kabinettsmitglieder per Brief aufgefordert, mehr Details über das Spähprogramm Tempora zu veröffentlichen. In den Schreiben übt die FDP-Politikerin indirekt Kritik an der Cameron-Regierung.

Berlin – Jetzt schaltet sich die Bundesjustizministerin ein: Sabine Leutheusser-Schnarrenberger (FDP) hat den britischen Justizminister Christopher Grayling und die britische Innenministerin Theresa May aufgefordert, mehr Informationen über das Geheimdienstprogramm Tempora offenzulegen. Am Dienstag wandte sich Leutheusser-Schnarrenberger schriftlich an die beiden Kabinettsmitglieder von Großbritanniens Premier David Cameron. Die Briefe liegen SPIEGEL ONLINE vor.

In den beiden Schreiben identischen Inhalts, die am Vormittag parallel an die Minister verschickt wurden, äußerte sich die Ministerin sehr besorgt über die jüngsten Berichte über das gigantische Spähprogramm. Der Verdacht, durch digitale Überwachungsmethoden “riesige Mengen an Daten, E-Mails, Facebook-Nachrichten und Anrufe zu sammeln, zu speichern und zu verarbeiten”, hätte in Deutschland erhebliche Bedenken ausgelöst, heißt es in den Briefen.

Leutheusser-Schnarrenberger forderte Aufklärung in folgenden Punkten:

Auf welcher Rechtsgrundlage das Spähprogramm ausgeführt worden sei,
ob auf konkreten Verdacht ausgespäht oder die Daten allgemein ohne Anlass gesammelt worden seien,
ob die Überwachungsmaßnahmen von Richtern hätten abgesegnet werden müssen,
wie die Abhöraktionen konkret funktioniert hätten, welche Daten genau gespeichert und ob deutsche Bürger betroffen seien.

Auch übte sie indirekt Kritik an der Informationspolitik der Cameron-Regierung. “Die Kontrollfunktion von Parlament und Justiz zeichnet einen freien und demokratischen Staat aus. Sie kann aber nicht ihre Wirkung entfalten, wenn Regierungen bestimmte Maßnahmen in Schweigen hüllen”, hieß es weiter.

Leutheusser-Schnarrenberger appellierte an Grayling und May, die Grundsätze der Bürgerrechte nicht aus den Augen zu verlieren und mahnte Aufklärung an. “In unserer modernen Welt bieten die neuen Medien den Rahmen für einen freien Austausch von Meinungen und Informationen. Ein transparentes Regierungshandeln ist eine der wichtigsten Voraussetzungen für das Funktionieren eines demokratischen Staates und bedingt die Rechtsstaatlichkeit”, so die Ministerin.

Die FDP-Politikerin hatte sich bereits im Zusammenhang mit dem amerikanischen Spähprogramm Prism schriftlich an ihren US-Kollegen gewandt. Sie regte zudem an, im schwarz-gelben Kabinett eine Internet-Task-Force aus den beteiligten Ministerien zu bilden.

Die Ministerin beendete ihre Schreiben mit der Forderung nach strengeren Datenschutzstandards in der EU. Das Thema müsse beim nächsten Treffen der EU-Justizminister im Juli auf die Tagesordnung, so Leutheusser-Schnarrenberger.

Am Montag hat die Bundesregierung von Großbritannien offiziell Auskunft über das massenhafte Anzapfen von Telefon- und Internetverbindungen verlangt. Dazu sandte das Innenministerium eine Reihe von Fragen an den britischen Botschafter. Zur europäischen Chefsache will Kanzlerin Angela Merkel den Fall Tempora allerdings vorerst nicht machen. Beim EU-Gipfel Ende der Woche wolle Merkel keine Debatte über das britische Spionageprogramm forcieren, hieß es zu Beginn der Woche.

25. Juni 2013, 11:40 Uhr

Find this story at 25 June 2013

© SPIEGEL ONLINE 2013

An einem einzigen Tag soll der britische Geheimdienst GCHQ Zugriff auf 21.600 Terabyte gehabt haben – wozu, weiß nicht einmal der BND. Sicher ist nur: Die Überwacher bekommen Hilfe von großen Telekommunikationskonzernen.

Das amerikanische Außenministerium hat vor Jahren einen kleinen Flecken in Ostfriesland auf eine Liste der weltweit schützenswürdigen Einrichtungen gesetzt. Ein Angriff auf das Städtchen Norden könnte angeblich die nationale Sicherheit der USA bedrohen. Sogar der Chef des US-Geheimdienstes NSA, General Keith B. Alexander, hat vor terroristischen Attacken gewarnt.

Norden ist ein heimliches Zentrum der neuen virtuellen Welt. Das TAT-14 (Trans Atlantic Telephone Cable No 14) ist am Hilgenrieder Siel bei Norden verbuddelt. Die meisten Internetverbindungen zwischen Deutschland und Amerika laufen dort durch mehrere Glasfaserleitungen; auch Frankreich, die Niederlande, Dänemark und Großbritannien sind durch TAT-14 miteinander verbunden. Etwa 50 internationale Telekommunikationsfirmen, darunter die Deutsche Telekom, betreiben ein eigenes Konsortium für dieses Kabel.

Manchmal fließen pro Sekunde Hunderte Gigabyte an Daten durch die Leitungen. Es ist ein gigantischer Datenrausch: Millionen Telefonate und E-Mails schießen durch das Netz. Auch deshalb hat der deutsche Verfassungsschutz stets nachgeschaut, ob in Norden alles in Ordnung ist. Keine Sabotage. Keine Terroristen. Kein Problem?

Für die über die “Seekabelendstelle” Norden, wie die offizielle Bezeichnung der Einrichtung lautet, vermittelten Daten hat sich offenbar der britische Geheimdienst Government Communications Headquarters (GCHQ) brennend interessiert. Aus Unterlagen des Whistleblowers Edward Snowden jedenfalls soll hervorgehen, dass die Briten im Rahmen der Operation “Tempora” die Daten abgegriffen haben. Es soll sich um unzählige Daten handeln, die aus Deutschland kamen oder nach Deutschland geschickt wurden.

Das ist nicht der Cyberkrieg, vor dem die amerikanische NSA immer gewarnt hat, sondern ein heimlicher umfassender Big-Data-Angriff auf die Bevölkerung eines befreundeten Landes. Die alte Formel: “Freund hört mit” umfasst das Problem nicht mal ungefähr. Großbritanniens Geheimdienst hat einen Lauschangriff auf Deutschland gestartet.

Die Menge der abgefangenen Daten ist noch Spekulation, und unklar ist auch, wo der Angriff genau erfolgt sein soll. Sicher nicht in Norden, das früher durch sein Seeheilbad bekannt wurde. Das würde sich kein Nachrichtendienstler trauen. Schon gar nicht in freundlicher Absicht.

Wahrscheinlich erfolgte der Angriff in dem kleinen Küstenstädtchen Bude im Südwesten Englands, das 858 Kilometer Luftlinie von Norden entfernt liegt. Dort macht das Kabel Zwischenstation – das Ende der Strecke ist New Jersey.

Dass ein britischer Geheimdienst auf diese Weise und so umfassend E-Mails deutscher Bürger abfängt oder Telefonate abhört, war vor Snowdens Enthüllungen für undenkbar gehalten worden. Der Bundesnachrichtendienst erklärt seit Tagen, dass er von den Aktivitäten der Amerikaner oder der Briten nichts wusste und selbst nur Zeitungswissen habe. Das klingt glaubhaft. Die beiden befreundeten Nationen, heißt es in Berlin, hätten offenbar ihr eigenes nationales Sicherheitsprogramm gefahren.

So viel Sicherheit war sicherlich nur mithilfe von Kommunikationsgesellschaften möglich. Angeblich sollen die beiden britischen Unternehmen Vodafone und British Telecommunications (BT) den Geheimen behilflich gewesen sein.

Jeder Eingriff, das erklärt eine Telekom-Sprecherin, müsste von dem internationalen Konsortium genehmigt werden, aber eine solche Genehmigung liegt nicht vor. Ein Sprecher der britischen Vodafone erklärte auf Anfrage, dass sich das Unternehmen an die Gesetze in den jeweiligen Ländern halte und Angelegenheiten, die mit der nationalen Sicherheit zusammenhingen, nicht kommentiere. Diese Formel klingt in diesen Tagen sehr vertraut.

Rechtsgrundlage für die Aktion “Tempora” ist ein sehr weit gefasstes Gesetz aus dem Jahr 2000. Danach kann die Kommunikation mit dem Ausland abgefangen und gespeichert werden. Die privaten Betreiber der Datenkabel, die beim Abhören mitmachen, sind zum Stillschweigen verpflichtet.

Nordengate macht klar, wie unterschiedlich Gesetze und Regeln in dieser Welt angewandt werden, es symbolisiert aber auch den Wandel der Geheimdienstarbeit. Ganz früher haben Nachrichtendienste Telefonate über relativ simple Horchposten abgehört. Glasfaserleitungen stellten die Dienste vor neue Herausforderungen. Telefonate werden seitdem in optische Signale umgewandelt. Da die Leitungen vor allem am Meeresboden verlaufen, gerieten Nachrichtendienste für kurze Zeit an ihre Grenzen.

Bereits um die Jahrtausendwende berichteten amerikanische Blätter, dass die NSA mithilfe von U-Booten an die Daten gelangen wollte. So wurde das Atom-U-Boot Jimmy Carter umgerüstet, um Glasfaserkabel aufzuschlitzen und dann abzuhören. Vorher hatten die Dienste auf anderem Weg regelmäßig Seekabel angezapft. Bei früheren Kupferkabeln reichte ein Induktions-Mikrofon, um die Gespräche abzugreifen. Glasfaserkabel hingegen müssen gebogen werden, um die optisch vermittelten Signale auslesen zu können. Am verwundbarsten sind die Kabel freilich an Land.

Was die Briten mit den vielen deutschen Daten machen und gemacht haben, erschließt sich selbst dem BND nicht so ganz. An einem einzigen Tag soll der britische Geheimdienst insgesamt Zugriff auf 21.600 Terabyte gehabt haben. Dank Snowden ist bekannt, dass die abgefangenen Inhalte drei Tage vorgehalten wurden und Benutzerdaten 30 Tage. In der Zwischenzeit wurden die Daten mit speziellen Programmen gefiltert. Selbst dem Briten George Orwell wäre ein solches Überwachungsprogramm im Leben nicht eingefallen.

25. Juni 2013 05:10 Großbritanniens Abhördienst GCHQ
Von John Goetz, Hans Leyendecker und Frederik Obermaier

Find this story at 25 June 2013

Copyright: Süddeutsche Zeitung Digitale Medien GmbH / Süddeutsche Zeitung GmbH

Ecuador’s flag flying above its coat of arms at the country’s embassy in Moscow on Monday. Snowden is seeking asylum in the South American nation.

Journalists flocked to Moscow’s Sheremetyevo Airport on Monday to board a flight to Cuba that supposedly would also contain fugitive Edward Snowden, who is attempting to escape arrest by U.S. authorities for revealing highly classified surveillance programs.

According to a widely distributed statement by an unidentified Aeroflot employee, Snowden should have been on flight SU150 direct to Havana leaving Moscow on Monday afternoon. The Aeroflot employee even said which seat he was to occupy, 17A.

But reporters, whose news organizations shelled out about $2,000 per ticket to get them on board at the last minute, found no Snowden anywhere on board — increasing suspicions that Russia could be helping to stymie U.S. efforts to catch him amid a low point in bilateral relations.

After Snowden supposedly arrived at Sheremetyevo from Hong Kong on Sunday, Washington pressured Moscow to detain him, apparently to no avail. Russian officials said that given poor ties between the countries, which have split in recent months over issues including the civil war in Syria and the U.S. Magnitsky Act, they are in no rush to help their former Cold War foes.

“Ties are in a rather complicated phase, and when ties are in such a phase, when one country undertakes hostile action against another, why should the United States expect restraint and understanding from Russia?” Alexei Pushkov, the head of the State Duma’s International Affairs Committee, repeated Reuters.

A former technical contractor with the U.S. National Security Agency, Snowden is reportedly seeking to travel to Ecuador, which is considering his asylum request. His current whereabouts are unknown.

Ecuador has already equipped Snowden with refugee papers that could allow him safe passage to his destination, according to WikiLeaks founder Julian Assange, whose organization has assisted Snowden. The U.S. government said earlier that Snowden’s American passport had been revoked.

Assange told the Guardian on Monday that he was aware of Snowden’s whereabouts but that he was unable to reveal them due to “bellicose threats coming from the U.S. administration.”

U.S. Secretary of State John Kerry, speaking on Monday at a news conference in New Delhi, implored Russia to assist in efforts to apprehend Snowden, recalling that over the last two years, the U.S. had extradited seven prisoners requested by Russia. “Reciprocity and the enforcement of the law is pretty important,” he said.

“I suppose there is no small irony here. I mean, I wonder if Mr. Snowden chose China and Russia’s assistance in his flight from justice because they are such powerful bastions of Internet freedom, and I wonder if while he was in either of those countries he raised the question of Internet freedom, since that seems to be what he champions,” Kerry said.

The cooperation described by Kerry is a drop in the bucket compared to the disputes between the countries, however.

Following some successes during a “reset” in ties kicked off in 2009 at the behest of U.S. President Barack Obama, relations took a sharp downward turn with the return of Vladimir Putin to the Kremlin last year.

Under Putin, the Russian government has undertaken what critics call a harsh crackdown on the opposition and on civil society, including kicking out the U.S. Agency for International Development, while the U.S. last year passed the Magnitsky Act, which imposes economic and travel restrictions on Russian officials implicated in human rights abuses. Russia retaliated by outlawing U.S. adoptions of Russian orphans.

More recently, the two nations have argued bitterly over what tack to take in seeking a solution to the civil war in Syria, with Russia backing President Bashar Assad and the U.S. supporting the rebels.

Now, the fate of Snowden, a 30-year-old former employee of a U.S. security contractor whose exposure of government phone and Internet surveillance has provoked public outrage, is becoming another point of contention.

According to Andrei Soldatov, a leading expert in Russia’s security agencies, the Russian government itself has an extensive system to monitor almost any kind of communication between its citizens.

Pushkov said Russia had no obligation to help the U.S. in this situation, given the recently passed Magnitsky Act. It was unclear whether Russian authorities had had contact with Snowden — Putin’s spokesman said Monday that the Kremlin was unaware of any such contact — but it seemed unlikely that the government could be unaware of Snowden’s whereabouts if he had entered Russia.

“All these flights carried out by Aeroflot via Moscow, as though there is no other route, are emblematic of Russia’s involvement in the process,” said Valery Garbuzov, deputy director of the Institute for U.S. and Canadian Studies in Moscow.

Ecuador’s foreign minister also said his government was in “respectful” contact with Russia over Snowden’s asylum application.

Nonetheless, Washington appears to be holding out hope for assistance from Moscow.

Caitlin Hayden, a spokeswoman for the U.S. National Security Council, mentioned “intensified cooperation after the Boston marathon bombings and our history of working with Russia on law enforcement matters” as grounds for Russia “to look at all options available to expel Mr. Snowden back to the U.S. to face justice for the crimes with which he is charged.”

25 June 2013 | Issue 5154
By Ivan Nechepurenko

Nikolay Asmolovskiy / Reuters

Find this story at 25 June 2013

© Copyright 1992-2013. The Moscow Times

In early 2010, journalist and satirist Barrett Brown was working on a book on political pundits, when the hacktivist collective Anonymous caught his attention. He soon began writing about its activities and potential. In a defense [2] of the group’s anti-censorship operations in Australia published on February 10, Brown declared, “I am now certain that this phenomenon is among the most important and under-reported social developments to have occurred in decades, and that the development in question promises to threaten the institution of the nation-state and perhaps even someday replace it as the world’s most fundamental and relevant method of human organization.”

By then, Brown was already considered by his fans to be the Hunter S. Thompson of his generation. In point of fact he wasn’t like Hunter S. Thompson, but was more of a throwback—a sharp-witted, irreverent journalist and satirist in the mold of Ambrose Bierce or Dorothy Parker. His acid tongue was on display in his co-authored 2007 book, Flock of Dodos: Behind Modern Creationism, Intelligent Design and the Easter Bunny, in which he declared: “This will not be a polite book. Politeness is wasted on the dishonest, who will always take advantage of any well-intended concession.”

But it wasn’t Brown’s acid tongue so much as his love of minutia (and ability to organize and explain minutia) that would ultimately land him in trouble. Abandoning his book on pundits in favor of a book on Anonymous, he could not have known that delving into the territory of hackers and leaks would ultimately lead to his facing the prospect of spending the rest of his life in prison. In light of the bombshell revelations published by Glenn Greenwald and Barton Gellman about government and corporate spying, Brown’s case is a good—and underreported—reminder of the considerable risk faced by reporters who report on leaks.

In February 2011, a year after Brown penned his defense of Anonymous, and against the background of its actions during the Arab Spring, Aaron Barr, CEO of the private intelligence company HBGary, claimed to have identified the leadership of the hacktivist colletive. (In fact he only had screen names of a few members). Barr’s boasting provoked a brutal hack of HBGary by a related group called Internet Feds (it would soon change its name to “LulzSec”). Splashy enough to attract the attention of The Colbert Report [3], the hack defaced and destroyed servers and websites belonging to HBGary. Some 70,000 company emails were downloaded and posted online. As a final insult to injury, even the contents of Aaron Barr’s iPad were remotely wiped.

The HBGary hack may have been designed to humiliate the company, but it had the collateral effect of dropping a gold mine of information into Brown’s lap. One of the first things he discovered was a plan to neutralize Glenn Greenwald’s defense of Wikileaks by undermining them both. (“Without the support of people like Glenn, wikileaks would fold,” read one slide.) The plan called for “disinformation,” exploiting strife within the organization and fomenting external rivalries—“creating messages around actions to sabotage or discredit the opposing organization,” as well as a plan to submit fake documents and then call out the error.” Greenwald, it was argued, “if pushed,” would “choose professional preservation over cause.”

Other plans targeted social organizations and advocacy groups. Separate from the plan to target Greenwald and WikiLeaks, HBGary was part of a consortia that submitted a proposal to develop a “persona management [4]” system for the United States Air Force, that would allow one user to control multiple online identities for commenting in social media spaces, thus giving the appearance of grassroots support or opposition to certain policies.

The data dump from the HBGary hack was so vast that no one person could sort through it alone. So Brown decided to crowdsource the effort. He created a wiki page, called it ProjectPM [5], and invited other investigative journalists to join in. Under Brown’s leadership, the initiative began to slowly untangle a web of connections between the US government, corporations, lobbyists, and a shadowy group of private military and information security consultants.

One connection was between Bank of America and the Chamber of Commerce. WikiLeaks had claimed to possess a large cache of documents belonging to Bank of America. Concerned about this, Bank of America approached the United States Department of Justice. The DOJ directed it to the law and lobbying firm Hunton and Williams [6], which does legal work for Wells Fargo and General Dynamics and also lobbies for Koch Industries, Americans for Affordable Climate Policy, Gas Processors Association, Entergy among many other firms. The DoJ recommended that Bank of America hire Hunton and Williams, explicitly suggesting Richard Wyatt [7] as the person to work with. Wyatt, famously, was the lead attorney in the Chamber of Commerce’s lawsuit against the Yes Men.

In November 2010, Hunton and Williams organized a number of private intelligence, technology development and security contractors—HBGary, plus Palantir Technologies, Berico Technologies, and, according to Brown, a secretive corporation with the ominous name Endgame Systems—to form “Team Themis” —‘themis’ being a Greek word meaning “divine law.” Its main objective was to discredit critics of the Chamber of Commerce, like Chamber Watch [8] using such tactics as creating a “false document, perhaps highlighting periodical financial information,” giving it to a progressive group opposing the Chamber, and then subsequently exposing the document as a fake to “prove that US Chamber Watch cannot be trusted with information and/or tell the truth.” In addition, the group proposed creating a “fake insider persona” to infiltrate Chamber Watch. They would “create two fake insider personas, using one as leverage to discredit the other while confirming the legitimacy of the second.” The leaked emails showed that similar disinformation campaigns were being planned against WikiLeaks and Glenn Greenwald.

It was clear to Brown that these were actions of questionable legality, but beyond that, government contractors were attempting to undermine Americans’ free speech—with the apparent blessing of the DOJ. A group of Democratic Congressmen asked for an investigation [9] into this arrangement, to no avail.

By June 2011, the plot had thickened further. The FBI had the goods on the leader of LulzSec, one Hector Xavier Monsegur, who went under the nom de guerre Sabu. The FBI arrested him on June 7, 2011 and (according to court documents) turned him into an informant the following day. Just three days before his arrest, Sabu had been central to the formation of a new group called AntiSec, which comprised his former LulzSec crew members, as well as members as Anonymous. In early December AntiSec hacked the website of a private security company called Stratfor Global Intelligence. On Christmas Eve, it released a trove of some five million internal compnay emails. AntiSec member and Chicago activist Jeremy Hammond [10], has pled guilty to the attack and is currently facing ten years in prison for it.

The contents of the Stratfor leak were even more outrageous than those of the HBGary hack. They included discussion of opportunities for renditions and assassinations. For example, in one video, Statfor’s Vice President of Intelligence, Fred Burton, suggested taking advantage of the chaos in Libya to render Lockerbie bomber Abdelbaset al-Megrahi, who had been released from prison on compassionate grounds due to his terminal illness. Burton said that the case “was personal.” When someone pointed out in an email that such a move would almost certainly be illegal—“This man has already been tried, found guilty, sentenced…and served time”—another Stratfor employee responded that this was just an argument for a more efficient solution: “One more reason to just bugzap him with a hellfire. :-)”

(Stratfor employees also seemed to take a keen interest in Jeremy Scahill’s writings about Blackwater in The Nation, copying and circulating entire articles, with comments suggesting a principle interest was in the question of whether Blackwater was setting up a competing intelligence operation. Emails also showed grudging respect for Scahill: “Like or dislike Scahill’s position (or what comes of his work), he does an amazing job outing [Blackwater].”)

When the contents of the Stratfor leak became available, Brown decided to put ProjectPM on it. A link to the Stratfor dump appeared in an Anonymous chat channel; Brown copied it and pasted it into the private chat channel for ProjectPM, bringing the dump to the attention of the editors.

Brown began looking into Endgame Systems [11], an information security firm that seemed particularly concerned about staying in the shadows. “Please let HBGary know we don’t ever want to see our name in a press release,” one leaked email read. One of its products, available for a $2.5 million annual subscription, gave customers access to “zero-day exploits”—security vulnerabilities unknown to software companies—for computer systems all over the world. Business Week [12] published a story on Endgame in 2011, reporting that “Endgame executives will bring up maps of airports, parliament buildings, and corporate offices. The executives then create a list of the computers running inside the facilities, including what software the computers run, and a menu of attacks that could work against those particular systems.” For Brown, this raised the question of whether Endgame was selling these exploits to foreign actors and whether they would be used against computer systems in the United States. Shortly thereafter, the hammer came down.

The FBI acquired a warrant [13] for Brown’s laptop, gaining the authority to seize any information related to HBGary, Endgame Systems, Anonymous, and, most ominously, “email, email contacts, ‘chat’, instant messaging logs, photographs, and correspondence.” In other words, the FBI wanted his sources.

When the FBI went to serve Brown he was at his mother’s house. Agents returned with a warrant to search his mother’s house, retrieving his laptop. To turn up the heat on Brown, the FBI initiated charges against his mother for obstruction of justice for concealing his laptop computer in her house. (Facing criminal charges, on March 22, 2013, his mother, Karen McCutchin, pled guilty to one count of obstructing the execution of a search warrant. She faces up to twelve months in jail. Brown maintains that she did not know the laptop was in her home.)

By his own admission, the FBI’s targeting of his mother made Brown snap. In September 2012, he uploaded an incoherent YouTube video [14], in which he explained that he had been in treatment for an addiction to heroin, taking the medication Suboxone, but had gone off his meds and now was in withdrawal. He threatened the FBI agent that was harassing his mother, by name, warming:

“I know what’s legal, I know what’s been done to me… And if it’s legal when it’s done to me, it’s going to be legal when it’s done to FBI Agent Robert Smith—who is a criminal.”

“That’s why [FBI special agent] Robert Smith’s life is over. And when I say his life is over, I’m not saying I’m going to kill him, but I am going to ruin his life and look into his fucking kids… How do you like them apples?”

Please support our journalism. Get a digital subscription for just $9.50! [15]

The media narrative was immediately derailed. No longer would this be a story about the secretive information-military-industrial complex; now it was the sordid tale of a crazy drug addict threatening an FBI agent and his (grown) children. Actual death threats against agents are often punishable by a few years in jail. But Brown’s actions made it easier for the FBI to sell some other pretext to put him away for life.

The Stratfor data included a number of unencrypted credit card numbers and validation codes. On this basis, the DOJ accused Brown of credit card fraud for having shared that link with the editorial board of ProjectPM. Specifically, the FBI charged him with Traffic in Stolen Authentication Features, Access Device Fraud, Aggravated Identity Theft, as well as an Obstruction of Justice charge (for being at his mother’s when the initial warrant was served) and charges stemming from his threats against the FBI agent. All told, Brown is looking at century of jail time: 105 years in federal prison if served sequentially. He has been denied bail.

Considering that the person who carried out the actual Stratfor hack had several priors and is facing a maximum of ten years, the inescapable conclusion is that the problem is not with the hack itself, but with Brown’s journalism. As Glenn Greenwald remarked in the Guardian: “it is virtually impossible to conclude that the obscenely excessive prosecution he now faces is unrelated to that journalism and his related activism.”

Today, Brown is in prison and ProjectPM is under increased scrutiny by the DOJ, even as its work has ground to a halt. In March, the DOJ served the domain hosting service CloudFlare with a subpoena [16] for all records on the ProjectPM website, and in particular asked for the IP addresses of everyone who had accessed and contributed to ProjectPM, describing it as a “forum” through which Brown and others would “engage in, encourage, or facilitate the commission of criminal conduct online.” The message was clear: Anyone else who looks into this matter does so at their grave peril.

Some journalists are now understandably afraid to go near the Stratfor files. The broader implications of this go beyond Brown; one might think that what we are looking at is Cointelpro 2.0—an outsourced surveillance state—but in fact it’s worse. One can’t help but infer that the US Department of Justice has become just another security contractor, working alongside the HBGarys and Stratfors on behalf of corporate bidders, with no sense at all for the justness of their actions; they are working to protect corporations and private security contractors and give them license to engage in disinformation campaigns against ordinary citizens and their advocacy groups. The mere fact that the FBI’s senior cybersecurity advisor has recently moved to Hunton and Williams shows just how incestuous this relationship has become. Meanwhile the Department of Justice is also using its power and force to trample on the rights of citizens like Barrett Brown who are trying to shed light on these nefarious relationships. In order to neutralize those who question or investigate the system, laws are being reinterpreted or extended or otherwise misappropriated in ways that are laughable—or would be if the consequences weren’t so dire.

While the media and much of the world have been understandably outraged by the revelation of the NSA’s spying programs, Barrett Brown’s work was pointing to a much deeper problem. It isn’t the sort of problem that can be fixed by trying to tweak a few laws or by removing a few prosecutors. The problem is not with bad laws or bad prosecutors. What the case of Barrett Brown has exposed is that we confronting a different problem altogether. It is a systemic problem. It is the failure of the rule of law.

Links:
[1] http://www.youtube.com/watch?v=TOW7GOrXNZI
[2] http://www.huffingtonpost.com/barrett-brown/anonymous-australia-and-t_b_457776.html
[3] http://www.colbertnation.com/the-colbert-report-videos/426198/may-09-2013/colbert-s-book-club—learning–the-great-gatsby-
[4] http://boingboing.net/2011/02/18/hbgarys-high-volume.html
[5] http://wiki.echelon2.org/wiki/Main_Page
[6] http://www.hunton.com/
[7] http://www.huffingtonpost.com/2010/10/19/chamber-of-commerce-still_n_768076.html
[8] http://images2.americanprogress.org/ThinkProgress/ProposalForTheChamber.pdf
[9] http://www.washingtonpost.com/wp-dyn/content/article/2011/02/28/AR2011022805810.html
[10] http://www.dailydot.com/news/lulzsec-jeremy-hammond-bail-denied-hacker/
[11] http://wiki.echelon2.org/wiki/Endgame_Systems
[12] http://www.businessweek.com/magazine/cyber-weapons-the-new-arms-race-07212011.html
[13] http://www.buzzfeed.com/mhastings/exclusive-fbi-escalates-war-on-anonymous
[14] https://www.youtube.com/watch?v=TOW7GOrXNZI
[15] https://subscribe.thenation.com/servlet/OrdersGateway?cds_mag_code=NAN&cds_page_id=122425&cds_response_key=I12SART1
[16] http://leaksource.wordpress.com/2013/04/05/doj-issues-subpoena-for-info-on-barrett-browns-project-pm-site/

Peter Ludlow | June 18, 2013

Find this story at 18 June 2013

© 2012 The Nation

Jeremy Hammond pleaded guilty today to the infamous Stratfor hack, as well as taking responsibility for eight additional hacks of law enforcement and defense contractor websites in 2011 and 2012. As a condition of the plea, the radical hacker will face a maximum of 10 years in federal prison, and restitution costs of up to $2.5 million. After Hammond entered his plea, his legal team framed his prosecution as part of the government’s larger attempt to control the flow of information and punish those who seek to distribute it to journalists and the public.

“There’s a war going on about corporate spying and access to information,” said defense attorney Sarah Kunstler at a press conference immediately following the hearing. “Jeremy is someone who worked toward making information public.”

In a statement posted online after the plea deal, Hammond echoed this point. “I did this because I believe people have a right to know what governments and corporations are doing behind closed doors,” Hammond wrote. “I did what I believe is right.”

The Rise and Fall of Jeremy Hammond: Enemy of the State

Hammond entered his plea – admitting to one count of conspiracy to engage in computer hacking – in a federal courtroom in lower Manhattan, surrounded by observers and supporters. One of those in attendance was his twin brother, Jason, who had just flown in from Chicago. When Hammond initially addressed the judge, he raised his right hand to be sworn in, and clenched his fist in a symbol of defiance.

The hack Hammond pleaded guilty to involved accessing information from the servers of Stratfor, a private intelligence company, and providing it to Wikileaks, who then published some of the information. Hammond was charged under the controversial 1984 Computer Fraud and Abuse Act, the same law used to charge the late Aaron Swartz and other cyber-activists. “Included among the leaked internal documents were millions of emails that exposed Stratfor’s wide-ranging spying activities, including surveillance of Bhopal activists at the behest of Dow Chemical, of PETA on behalf of Coca-Cola, and of Occupy Wall Street under contract to the U.S. Department of Homeland Security,” supporters said in a statement.

Beyond Stratfor, Hammond took responsibility for eight other hacks, all of which involved either law enforcement, intelligence firms or defense contractor websites. From June 2011 to February 2012, Hammond obtained unauthorized information from the Arizona Department of Public Safety, the FBI virtual academy, a marketing firm that builds websites for law enforcement called Brooks Jeffreys, Special Forces Gear, Vanguard Defense Industries, the Jefferson County sheriffs department, the Boston Police Patrolman’s Institute and a Pennsylvania firm called Combined Systems that makes tear gas. Hammond was granted immunity from federal prosecution for any of those hacks in exchange for taking responsibility for them. Kunstler said he could potentially face charges at the state level, though she said there may be some double jeopardy protection.

The New Political Prisoners: Leakers, Hackers and Whistleblowers

Michael Ratner, president emeritus of the Center For Constitutional Rights and lawyer for Wikileaks founder Julian Assange, said that journalists should stand up for Hammond. “He should be looked at as a source, as a whistle-blower,” Ratner said after the plea deal. “He, like other whistle-blowers in this country, ought to be protected, because they’re the only thing that let us know what our government and our private security companies are doing and they’re the only things that can keep this government even close to honest.”

Earlier in the case, Hammond’s legal team made a motion for Judge Loretta Preska to recuse herself because her husband was a victim of the Stratfor leak. That motion was denied. (Full disclosure: This reporter previously spoke at a rally that called for Preska to recuse herself.)

Other hackers in the Anonymous-affiliated group called Lulzsec who were charged in similar leaks – but were tried in the U.K. – have received much lighter sentences, from 20 to 32 months. Jason Hammond has asked supporters to sign a Change.org petition on his brother’s behalf calling for Judge Preska to sentence Hammond to time served. Jeremy Hammond’s sentencing hearing is scheduled for September 6th.

by John Knefel
MAY 28, 2013

Find this story at 28 May 2013

©2013 Rolling Stone

LONDON—Today, Monday 27 February, WikiLeaks began publishing The Global Intelligence Files – more than five million emails from the Texas-headquartered “global intelligence” company Stratfor. The emails date from between July 2004 and late December 2011. They reveal the inner workings of a company that fronts as an intelligence publisher, but provides confidential intelligence services to large corporations, such as Bhopal’s Dow Chemical Co., Lockheed Martin, Northrop Grumman, Raytheon and government agencies, including the US Department of Homeland Security, the US Marines and the US Defense Intelligence Agency. The emails show Stratfor’s web of informers, pay-off structure, payment-laundering techniques and psychological methods, for example :

“[Y]ou have to take control of him. Control means financial, sexual or psychological control… This is intended to start our conversation on your next phase” – CEO George Friedman to Stratfor analyst Reva Bhalla on 6 December 2011, on how to exploit an Israeli intelligence informant providing information on the medical condition of the President of Venezuala, Hugo Chavez.

The material contains privileged information about the US government’s attacks against Julian Assange and WikiLeaks and Stratfor’s own attempts to subvert WikiLeaks. There are more than 4,000 emails mentioning WikiLeaks or Julian Assange. The emails also expose the revolving door that operates in private intelligence companies in the United States. Government and diplomatic sources from around the world give Stratfor advance knowledge of global politics and events in exchange for money. The Global Intelligence Files exposes how Stratfor has recruited a global network of informants who are paid via Swiss banks accounts and pre-paid credit cards. Stratfor has a mix of covert and overt informants, which includes government employees, embassy staff and journalists around the world.

The material shows how a private intelligence agency works, and how they target individuals for their corporate and government clients. For example, Stratfor monitored and analysed the online activities of Bhopal activists, including the “Yes Men”, for the US chemical giant Dow Chemical. The activists seek redress for the 1984 Dow Chemical/Union Carbide gas disaster in Bhopal, India. The disaster led to thousands of deaths, injuries in more than half a million people, and lasting environmental damage.

Stratfor has realised that its routine use of secret cash bribes to get information from insiders is risky. In August 2011, Stratfor CEO George Friedman confidentially told his employees : “We are retaining a law firm to create a policy for Stratfor on the Foreign Corrupt Practices Act. I don’t plan to do the perp walk and I don’t want anyone here doing it either.”

Stratfor’s use of insiders for intelligence soon turned into a money-making scheme of questionable legality. The emails show that in 2009 then-Goldman Sachs Managing Director Shea Morenz and Stratfor CEO George Friedman hatched an idea to “utilise the intelligence” it was pulling in from its insider network to start up a captive strategic investment fund. CEO George Friedman explained in a confidential August 2011 document, marked DO NOT SHARE OR DISCUSS : “What StratCap will do is use our Stratfor’s intelligence and analysis to trade in a range of geopolitical instruments, particularly government bonds, currencies and the like”. The emails show that in 2011 Goldman Sach’s Morenz invested “substantially” more than $4million and joined Stratfor’s board of directors. Throughout 2011, a complex offshore share structure extending as far as South Africa was erected, designed to make StratCap appear to be legally independent. But, confidentially, Friedman told StratFor staff : “Do not think of StratCap as an outside organisation. It will be integral… It will be useful to you if, for the sake of convenience, you think of it as another aspect of Stratfor and Shea as another executive in Stratfor… we are already working on mock portfolios and trades”. StratCap is due to launch in 2012.

The Stratfor emails reveal a company that cultivates close ties with US government agencies and employs former US government staff. It is preparing the 3-year Forecast for the Commandant of the US Marine Corps, and it trains US marines and “other government intelligence agencies” in “becoming government Stratfors”. Stratfor’s Vice-President for Intelligence, Fred Burton, was formerly a special agent with the US State Department’s Diplomatic Security Service and was their Deputy Chief of the counterterrorism division. Despite the governmental ties, Stratfor and similar companies operate in complete secrecy with no political oversight or accountability. Stratfor claims that it operates “without ideology, agenda or national bias”, yet the emails reveal private intelligence staff who align themselves closely with US government policies and channel tips to the Mossad – including through an information mule in the Israeli newspaper Haaretz, Yossi Melman, who conspired with Guardian journalist David Leigh to secretly, and in violation of WikiLeaks’ contract with the Guardian, move WikiLeaks US diplomatic cables to Israel.

Ironically, considering the present circumstances, Stratfor was trying to get into what it called the leak-focused “gravy train” that sprung up after WikiLeaks’ Afghanistan disclosures :

“[Is it] possible for us to get some of that ’leak-focused’ gravy train ? This is an obvious fear sale, so that’s a good thing. And we have something to offer that the IT security companies don’t, mainly our focus on counter-intelligence and surveillance that Fred and Stick know better than anyone on the planet… Could we develop some ideas and procedures on the idea of ´leak-focused’ network security that focuses on preventing one’s own employees from leaking sensitive information… In fact, I’m not so sure this is an IT problem that requires an IT solution.”

Like WikiLeaks’ diplomatic cables, much of the significance of the emails will be revealed over the coming weeks, as our coalition and the public search through them and discover connections. Readers will find that whereas large numbers of Stratfor’s subscribers and clients work in the US military and intelligence agencies, Stratfor gave a complimentary membership to the controversial Pakistan general Hamid Gul, former head of Pakistan’s ISI intelligence service, who, according to US diplomatic cables, planned an IED attack on international forces in Afghanistan in 2006. Readers will discover Stratfor’s internal email classification system that codes correspondence according to categories such as ’alpha’, ’tactical’ and ’secure’. The correspondence also contains code names for people of particular interest such as ’Hizzies’ (members of Hezbollah), or ’Adogg’ (Mahmoud Ahmedinejad).

Stratfor did secret deals with dozens of media organisations and journalists – from Reuters to the Kiev Post. The list of Stratfor’s “Confederation Partners”, whom Stratfor internally referred to as its “Confed Fuck House” are included in the release. While it is acceptable for journalists to swap information or be paid by other media organisations, because Stratfor is a private intelligence organisation that services governments and private clients these relationships are corrupt or corrupting.

WikiLeaks has also obtained Stratfor’s list of informants and, in many cases, records of its payoffs, including $1,200 a month paid to the informant “Geronimo” , handled by Stratfor’s Former State Department agent Fred Burton.

WikiLeaks has built an investigative partnership with more than 25 media organisations and activists to inform the public about this huge body of documents. The organisations were provided access to a sophisticated investigative database developed by WikiLeaks and together with WikiLeaks are conducting journalistic evaluations of these emails. Important revelations discovered using this system will appear in the media in the coming weeks, together with the gradual release of the source documents.

END

Public partners in the investigation
Comment
Current WikiLeaks status
How to read the data
Public partners in the investigation:

More than 25 media partners (others will be disclosed after their first publication) :

Al Akhbar – Lebanon – http://english.al-akhbar.com
Al Masry Al Youm – Egypt – http://www.almasry-alyoum.com
Bivol – Bulgaria – http://bivol.bg
CIPER – Chile – http://ciperchile.cl
Dawn Media – Pakistan – http://www.dawn.com
L’Espresso – Italy – http://espresso.repubblica.it
La Repubblica – Italy – http://www.repubblica.it
La Jornada – Mexico – www.jornada.unam.mx/
La Nacion – Costa Rica – http://www.nacion.com
Malaysia Today – Malaysia – www.malaysia-today.net
McClatchy – United States – http://www.mcclatchydc.com
Nawaat – Tunisia – http://nawaat.org
NDR/ARD – Germany – http://www.ndr.de
Owni – France – http://owni.fr
Pagina 12 – Argentina – www.pagina12.com.ar
Plaza Publica – Guatemala – http://plazapublica.com.gt
Publico.es – Spain – www.publico.es
Rolling Stone – United States – http://www.rollingstone.com
Russian Reporter – Russia – http://rusrep.ru
Sunday Star-Times – New Zealand – www.star-times.co.nz
Ta Nea – Greece –- http://www.tanea.gr
Taraf – Turkey – http://www.taraf.com.tr
The Hindu – India – www.thehindu.com
The Yes Men – Bhopal Activists – Global http://theyesmen.org
Comment:

WikiLeaks – Kristinn Hrafnsson, Official WikiLeaks representative, +35 4821 7121

Other comment :
Bhopal Medical Appeal (in UK) – Colin Toogood : colintoogood@bhopal.org / +44 (0) 1273 603278/ +44 (0) 7798 845074
International Campaign for Justice in Bhopal (in India) – Rachna Dhingra : rachnya@gmail.com, +91 98 261 67369
Yes Men – mike@theyesmen.org / +44 (0) 7578 682321 – andy@theyesmen.org, +1-718-208-0684
Privacy International – +44 (0) 20 7242 2836

Twitter tag : #gifiles
CURRENT WIKILEAKS STATUS:

An extrajudicial blockade imposed by VISA, MasterCard, PayPal, Bank of America, and Western Union that is designed to destroy WikiLeaks has been in place since December 2010. The EU Commission is considering whether it will open a formal investigation, but two lawsuits have been filed (http://wikileaks.org/Banking-Blocka…). There are also other ways to donate (https://shop.wikileaks.org/donate). It is legal to donate, including in the United States. The US Treasury has publicly stated that that there are no grounds to place WikiLeaks on a US government blacklist.

WikiLeaks Founder and Publisher Julian Assange has not been charged with any crime in any country. Four prosecutors are currently trying to charge him under the Espionage Act of 1917 before a closed Grand Jury in Virginia, in the United States. Julian Assange has been detained for 447 days (10,728 hours) since Dec 7, 2010, without charge, and he is currently awaiting a decision from the UK Supreme Court on extradition to Sweden (http://www.justiceforassange.com/Su…). The decision is expected in March. The decision on whether he will be onwardly extradited to the US lies in the hands of the Swedish Executive, but Sweden’s Prime Minister Fredrik Reinfeldt has refused to state whether he will protect Assange from a politically motivated extradition to the United States (http://justice4assange.com/US-Extra… ).

The Swedish Foreign Minister Carl Bildt has repeatedly attacked WikiLeaks this week in a bizarre manner (http://ferrada-noli.blogspot.com/20… ).

An alleged WikiLeaks US military source, Bradley Manning, has been in pre-trial detention for 639 days (http://bradleymanning.org/ ). His arraignment took place on 24 February 2012. In December 2011, Manning’s attorney revealed in the preliminary hearing that the US government is attempting to enter a plea deal with Manning in order to “go after” Assange. Manning has 22 charges against him, including violating the Espionage Act of 1917 and aiding the enemy. Manning has deferred entering a plea. Julian Assange and WikiLeaks are legally represented in the Manning hearings by the US Centre for Constitutional Rights (http://ccrjustice.org/ ). WikiLeaks was denied full access to Manning’s hearing after appeal (http://ccrjustice.org/newsroom/pres… ). WikiLeaks put out a statement relating to Manning’s trial ahead of the Article 32 Hearing : (http://www.wikileaks.org/Statement-… ).

The alleged WikiLeaks-supporting hacktivists known as the “PayPal 14” were arrested in 2011 following co-ordinated online demonstrations against the financial services companies that are carrying out the unlawful financial blockade on WikiLeaks (VISA, MasterCard, Paypal, Western Union, Bank of America). They are represented by attorney Stanley Cohen and will go before court in May 2012 (http://www.cyberguerrilla.org/?p=4644 ).

WikiLeaks is about to launch a distributed, encrypted “Facebook for revolutionaries” (https://wlfriends.org/ ).

Julian Assange is currently directing interviews, from house arrest, for a programme on the future of the world that is syndicated to various broadcasters. The first show will be broadcast in March (http://www.wikileaks.org/New-Assang… )
HOW TO READ THE DATA

This is a glossary and information on how to understand the internal terms and codes used by Stratfor in their emails. It is not a complete list. We call on the public to add to this list by tweeting #gifind

To see a list of the terms George Friedman considers useful for his staff to know please download this PDF : The Stratfor Glossary of Useful, Baffling and Strange Intelligence Terms.

OPEN SOURCE VS. “COVERT”

As you browse through the content, you will notice that a large set of it is what is classified as “open source” (subject lines which include [OS]). These are basically email threads that start with someone posting a published and accessible source, such as news sites, and follow with commentary by the staff. In one of the emails, Joseph Nye is referenced saying :

“Open source intelligence is the outer pieces of the jigsaw puzzle, without which one can neither begin nor complete the puzzle”

CODES IN SUBJECT LINES

Many of the emails have codes in the subject lines as well as in the body, to make it easier for the staff to “quickly identify when we need to go back and have a look-see.” [*] :

Examples : INSIGHT – COUNTRY – Subject – SOURCE CODE INSIGHT – CHINA – Trains and planes – CN1000

Please refer to the glossary for the code names of subject and country tags, as well as mailing list names.

SOURCE CODES

A lot of interesting stuff comes from “sources”. Sources are either informal contacts or people they have a formal relationship with. The IDs for sources have the format of CN120 or ME001. In terms of the character part, it refers to a region or a country :

A) Regions ME – Middle East region EU – European Union EE – Eastern Europe LA- South America SA- South Asia

B) Countries or Orgs CN – China PK – Pakistan IN- India ML – Malaysia VN – Vietnam NP- Nepal

US – United States VZ – Venezuela CO- Colombia BR-Brazil NC- Nicaragua MX- Mexico CL/CH- Chile AR- Argentina PY- Paraguay BOL- Bolivia

RU – Russia UA – Ukraine GE – Georgia TJ – Tajikstan MD – Moldova BG -Bulgaria CR/CZ- Czech Republic PT- Portugal

ZA – South Africa AO – Angola SO – Somalia NG- Nigeria CD- DR Congo CI- Cote D’Ivoire ZW- Zimbabwe ZM- Zambia RW- Rwanda KE- Kenya ET- Ethiopia SD -Sudan MA- Morocco SN- Senegal GN- Guinea SL- Sierra Leone

IR – Iran IQ- Iraq IL or IS- Israel SA- Saudi Arabia SY- Syria KU- Kuwait Y or YN – Yemen HZ – Hizbollah TK – Turkey LN- Lebanon LY- Libya UAE- UAE EG- Egypt (etc.)

C) Odd codes OCH – Old China hand, a finance insider. Stick – Scott Stewart, high level employee Z’s – Zetas, Mexican drug gang

INSIGHTS FORMAT

When “insights” are sent, they usually have the following header information :

SOURCE : The ID of the source, say CN123. Sometimes this is left “no source ID” when it’s a new source.

ATTRIBUTION : How the source is to be attributed, i.e. “Source in the pharma distribution industry in China”, Stratfor source, etc.

SOURCE DESCRIPTION : Describes the source, for example : “Source works with Mercator Pharmaceutical Solutions, distributing pharma to developing countries.” These include concrete details on the source for internal consumption so that there’s a better understanding on the source’s background and ability to make assessments on the ground.

PUBLICATION : Yes or No. If the option is yes it doesn’t mean that it would be published, but rather that it _can_ be published.

SOURCE RELIABILITY : A/B

SOURCE RELIABILITY : A-F, A being the best and F being the worst. This grades the turnaround time of this source in responding to requests.

ITEM CREDIBILITY : 1-10, 1 being the best and 10 being the worst (we may change the range here in the future). this changes a lot based on the info provided. 1 is “you can take this to the bank” and 10 would be an example of maybe – “this is a totally ridiculous rumor but something that is spreading on the ground”

SPECIAL HANDLING : often this is “none” but it may be something like, “if you use this we need to be sure not to mention the part about XXX in the publication” or any other special notes

SOURCE HANDLER : the person who can take follow-up questions and communicate with the source.

MAILING LISTS

alpha@stratfor.com Discussions circulated exclusively among analysts, writers and higher-ups, including ’insights’ and discussions about sources and source meetings. secure@stratfor.com Discussions circulated exclusively among analysts and higher-ups, and only for use within continental US (analysts traveling ’overseas’ are removed from the list for the duration of their journey). analysts@stratfor.com – Discussion among analysts only, who manage sources, gather and analyze intelligence. ct@stratfor.com Ongoing discussions to collect and analyze counterterrorism intelligence, circulated among select group of analysts. tactical@statfor.com Non-time sensitive discussions for internal training on technical and tactical matters within field of counterterrorism. intelligence@stratfor.com gvalerts@stratfor.com – Related to Gas ventures clients military@stratfor.com Military list for pre-approved staff africa@stratfor.com eastasia@stratfor.com mesa@stratfor.com Middle East/South Asia list for pre-approved staff. eurasia@stratfor.com os@stratfor.com List with information from the public domain circulated and discussed among all employees. adp@stratfor.com List for ADPs. See Glossary. translations@stratfor.com alerts@stratfor.com responses@stratfor.com dialog-list@stratfor.com

GLOSSARY

a) Industry and other misc. tags :

HUMINT – Human intelligence OSINT- Open source intelligence DATA FLU BIRDFLU ECON TECH ENERGY MINING GV – Gas Venture CT – Counterterrorism G1-G4 B2-B4 S1-S4 MILITARY or MIL PENTAGON AQ- Al Qaeda AQAP – Al Qaeda in the Arabia Peninsula SF- Special Forces CONUS- Continental US

b) Special internal codewords :

Hizzies or HZ – Hizbollah Izzies or IZ – Israel A-dogg – Mahmoud Ahmadinajad, Iranian President Baby bashar – Bashar Al-Assad, Syrian President Uncle Mo – Moammar Gaddhafi ADP- Analyst Development Program. Four-month program at STRATFOR from which candidates— mostly recent college graduates— are selected for hire. Strictly protect and protect – Often mentioned in the ’subject’, means that the source is protected. Played- A term used for procuring sensitive information from sources. E.g. from one of the secure list messages circulating the ’complete scenario for the Israeli team in Centcom’s war game,’ the analyst who procured the data wrote : “I played the head of the Mossad which was great fun.” Excomm- Appears to be ’executive committee’ of STRATFOR.

c) Regions and Orgs

AFRICOM – African countries LATAM – Latin American MERCOSUR NATFA ASEAN APEC FSU – Former Soviet Union countries MESA or MIDDLEEAST – Middle East EASTASIA OPEC EURASIA SA – South Asia FSB- Federal Security Service (Russia)

ATTACHED DOCUMENTS

Attached documents can be searched by Filename or part of the file name. Preliminary searches for filenames using the terms ’lists’, ’source lists’ or ’insight lists’, coupled with the names of source handlers (e.g. Reva for Turkey, Brazil or Venezuela) produced Excel lists of the source names, contact info and source descriptions which correspond to the source codes (e.g. ME1315).

Sourcing Criteria

The following are the proposed criteria for analyzing both sources and insight.

1. Source Timeliness 2. Source Accessibility/Position 3. Source Availability 4. Insight Credibility 5. Insight Uniqueness

Source Timeliness : This is the average grade on how long this particular source turns around tasks and replies to inquiries. It may change but is more of a static indicator.

Source Accessibility : Accessibility weighs the source’s position to have certain knowledge in a particular field. So, for example, if we are looking for energy insight and the source is an official in an energy agency, his or her Accessibility would be ranked higher than if s/he was a banker giving insight on energy. While we would welcome a banker giving his/her insight, a good source may not have a high accessibility ranking if they aren’t in a position to offer reliable insight on a certain topic. The source’s access to decision makers, specific training or education in the desired topic area, specific knowledge of events/situations/incidents can also be considered.

Source Availability : How often can we go to this source ? Are they someone we can tap daily, weekly, monthly, yearly ?

Insight Credibility : This is our assessment of the veracity of the insight offered. Here we need to consider whether or not this is disinformation, speculation, correct data or knowledgeable interpretation. Any bias that the source is displaying or any specific viewpoints or personal background the source is using in the assessment provided should also be considered.

Insight Uniqueness : Is this insight something that could be found in OS ? If it is but the analysis of the information is unique, it would still have a high uniqueness ranking. Or, if it is concrete data, but is something that is only offered to industry insiders, i.e. stats that aren’t published but that aren’t secret, it would still have a high uniqueness score.

Scoring

All of the above factors will be scored on an A-F scale, with A being exemplary and F being useless.

Source Timeliness : A = turnaround within 24 hours B = turnaround within 48 hours C = turnaround within a week D = turnaround within a month F = lucky to receive a reply at all

Source Accessibility : A = Someone with intimate knowledge of the particular insight B = Someone within the industry but whose knowledge of the topic is not exact (e.g. if we were asking someone in the oil industry about natural gas) C = Someone working close to the industry who doesn’t have intimate knowledge of a particular topic but can speak to it intelligently (e.g. a financial consultant asked to gauge the movement of the stock market) D = Someone who may know a country but doesn’t have any concrete insight into a particular topic but can offer rumors and discussions heard on the topic F = Someone who has no knowledge of a particular industry at all

Source Availability : A = Available pretty much whenever B = Can tap around once a week C = Can tap about once a month D = Can tap only several times a year F = Very limited availability

Insight Credibility : A = We can take this information to the bank B = Good insight but maybe not entirely precise C = Insight is only partially true D = There may be some interest in the insight, but it is mostly false or just pure speculation. F = Likely to be disinformation

Insight Uniqueness : A = Can’t be found anywhere else B = Can only be found in limited circles C = Insight can be found in OS, but the source has an interesting take/analysis D = Insight can be found in OS, but still may not be common knowledge F = Insight is accessible in numerous locations

Daily Insight Scoring

SOURCE : code ATTRIBUTION : this is what we should say if we use this info in a publication, e.g. STRATFOR source/source in the medical industry/source on the ground, etc SOURCE DESCRIPTION : this is where we put the more concrete details of the source for our internal consumption so we can better understand the source’s background and ability to make the assessments in the insight. PUBLICATION : Yes or no. If you put yes it doesn’t mean that we will publish it, but only that we can publish it. SOURCE RELIABILITY : A-F. A being the best and F being the worst. This grades the source overall – access to information, timeliness, availability, etc. In short, how good is this source ? ITEM CREDIBILITY : A-F. A = we can take this info to the bank ; B = Good insight but maybe not entirely precise ; C = Insight is only partially true ; D = There may be some interest in the insight, but it is mostly false or just pure speculation ; F = Likely to be disinformation. SPECIAL HANDLING : often this is “none” but it may be something like, “if you use this we need to be sure not to mention the part about XXX in thepublication” or any other special notes SOURCE HANDLER : the person who can take follow-up questions and communicate with the source.

Find this story at 27 February 2012

William Hague has hailed GCHQ’s ‘democratic accountability’, but legislation drafted before a huge expansion of internet traffic appears to offer flexibility

GCHQ – the government’s communications headquarters. Does it have the strongest checks and balances in the world? Photograph: Reuters

William Hague was adamant when he addressed MPs on Monday last week. In an emergency statement (video) forced by the Guardian’s disclosures about GCHQ involvement with the Prism programme, the foreign secretary insisted the agency operated within a “strong framework of democratic accountability and oversight”.

The laws governing the intelligence agencies provide “the strongest systems of checks and balances for secret intelligence anywhere in the world”, he said.

Leaked documents seen by the Guardian give the impression some high-ranking officials at GCHQ have a different view.

In confidential briefings, one of Cheltenham’s senior legal advisers, whom the Guardian will not name, made a note to tell his guests: “We have a light oversight regime compared with the US”.

The parliamentary intelligence and security committee, which scrutinises the work of the agencies, was sympathetic to the agencies’ difficulties, he suggested.

“They have always been exceptionally good at understanding the need to keep our work secret,” the legal adviser said.

Complaints against the agencies, undertaken by the interception commissioner, are conducted under “the veil of secrecy”. And the investigatory powers tribunal, which assesses complaints against the agencies, has “so far always found in our favour”.

The briefings offer important glimpses into the GCHQ’s view of itself, the legal framework in which it works, and, it would seem, the necessity for reassuring the UK’s most important intelligence partner, the United States, that sensitive information can be shared without raising anxiety in Washington.

None of the documents advocates law-breaking – quite the opposite. But critics will say they highlight the limitations of the three pieces of legislation that underpin the activities of GCHQ, MI5 and MI6 – which were repeatedly mentioned by Hague as pillars of the regulatory and oversight regime during his statement to the Commons.

The foreign secretary said GCHQ “complied fully” with the Regulation of Investigatory Powers Act (Ripa), the Human Rights Act (HRA) and the Intelligence Services Act (Isa).

Privacy campaigners argue the laws have one important thing in common: they were drafted in the last century, and nobody involved in writing them, or passing them, could possibly have envisaged the exponential growth of traffic from telecoms and internet service providers over the past decade.

Nor could they have imagined that GCHQ could have found a way of storing and analysing so much of that information as part of its overarching Mastering the Internet project.

The Tempora programme appears to have given Britain’s spymasters that resource, with documents seen by the Guardian showing Britain can retain for up to 30 days an astronomical amount of unfiltered data garnered from cables carrying internet traffic.

This raises a number of questions about the way GCHQ officials and ministers have legitimised the programme.

The briefings, which are entitled UK Operational Legalities, stress that GCHQ “is an organisation with a highly responsible approach to compliance with the law”.

GCHQ also has a well staffed legal team, known as OPP-LEG, to help staff navigate their way through the complexities of the law.

But there appears to be some nervousness about Tempora. In a paper written for National Security Agency (NSA) analysts entitled A Guide to Using Internet Buffers at GCHQ, the author notes: “[Tempora] represents an exciting opportunity to get direct access to enormous amounts of GCHQ’s special source data.

“As large-scale buffering of metadata and content represent a new concept for GCHQ’s exploitation of the internet, GCHQ’s legal and policy officers are understandably taking a careful approach to their access and use.”

So how did GCHQ secure the legal authority for setting up Tempora, and what safeguards are in place for sharing the intelligence with the Americans? According to the documents, the British government used Ripa to get taps on to the fibre-optic cables.

These cables carry internet traffic in and out of the country and contain details of millions of emails and web searches. The information from these cables went straight into the Tempora storage programme.

In one presentation, which appeared to be for US analysts from the NSA, GCHQ explained: “Direct access to large volumes of unselected SSE data [is] collected under a Ripa warrant.”

The precise arrangement between the firms is unclear, as are the legal justifications put before ministers. Isa gives GCHQ some powers for the “passive collection” of data, including from computer networks.

But it appears GCHQ has relied on paragraph four of section 8 of Ripa to gain “external warrants” for its programmes.

They allow the agency to intercept external communications where, for instance, one of the people being targeted is outside Britain.

In most Ripa cases, a minister has to be told the name of an individual or company being targeted before a warrant is granted.

But section 8 permits GCHQ to perform more sweeping and indiscriminate trawls of external data if a minister issues a “certificate” along with the warrant.

According to the documents, the certificate authorises GCHQ to search for material under a number of themes, including: intelligence on the political intentions of foreign governments; military postures of foreign countries; terrorism, international drug trafficking and fraud.

The briefing document says such sweeping certificates, which have to be signed off by a minister, “cover the entire range of GCHQ’s intelligence production”.

“The certificate is issued with the warrant and signed by the secretary of state and sets out [the] class of work we can do under it … cannot list numbers or individuals as this would be an infinite list which we couldn’t manage.”

Lawyers at GCHQ speak of having 10 basic certificates, including a “global” one that covers the agency’s support station at Bude in Cornwall, Menwith Hill in North Yorkshire, and Cyprus.

Other certificates have been used for “special source accesses” – a reference, perhaps, to the cables carrying web traffic. All certificates have to be renewed by the foreign secretary every six months.

A source with knowledge of intelligence confirmed: “Overall exercise of collection and analysis [is] done under a broad, overall legal authority which has to be renewed at intervals, and is signed off at a senior political level.”

The source said the interception commissioner was able to “conclude that [the process] was not appropriate”, and that the companies involved were not giving up the information voluntarily.

“We have overriding authority to compel [them] to do this,” the source said. “There’s an overarching condition of the licensing of the companies that they have to co-operate in this.

“Should they decline, we can compel them to do so. They have no choice. They can’t talk about the warrant, they can’t reveal the existence of it.”

GCHQ says it can also seek a sensitive targeting authority (STA), which allows it snoop on any Briton “anywhere in the world” or any foreign national located in the UK.

It is unclear how the STA system works, and who has authority over it.

The intelligence agencies also have to take note of the HRA, which demands any interception is “necessary and proportionate”.

But the documents show GCHQ believes these terms are open to interpretation – which “creates flexibility”. When Tempora became fully functional in around 2011, GCHQ gave the NSA access to the programme on a three-month trial – and the NSA was keen to impress.

The US agency sent a briefing to some of its analysts urging them to show they could behave responsibly with the data. Under a heading – “The need to be successful!” – the author wrote: “As the first NSA users to receive operational access [to Tempora], we’re depending on you to provide the business case required to justify expanded access. Most importantly we need to prove that NSA users can utilise the internet buffers in ways that are consistent with GCHQ’s legal and policy rules.

“In addition, we need to prove that NSA’s access … is necessary to prosecute our mission and will greatly enhance the production of the intelligence … success of this three-month trial will determine expanded NSA access to internet buffers in the future.”

The NSA appears to have made a successful case. In May last year, an internal GCHQ memo said it had 300 analysts working on intelligence from Tempora, and the NSA had 250. The teams were supporting “the target discovery mission”.

But the safeguards for the sharing of this information are unclear.

Though GCHQ says it only keeps the content of messages for three working days, and the metadata for up to 30 days, privacy campaigners here and in the US will want to know if the NSA is adhering to the same self-imposed rules. One concern for privacy campaigners is that GCHQ and the NSA could conduct intercepts for each other, and then offer to share the information – a manoeuvre that could bypass the domestic rules they have to abide by.

This was raised by MPs during last week’s statement, with the former Labour home secretary David Blunkett calling for clarification on this potential loophole.

Last week, the Guardian sent a series of questions to the Foreign Office about this issue, but the department said it would not be drawn on it.

“It is a longstanding policy not to comment on intelligence matters; this includes our intelligence co-operation with the United States.

“The intelligence and security committee is looking into this, which is the proper channel for such matters.”

Ewen MacAskill, Julian Borger, Nick Hopkins, Nick Davies and James Ball
The Guardian, Friday 21 June 2013 17.23 BST

Find this story at 21 June 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Fisa court submissions show broad scope of procedures governing NSA’s surveillance of Americans’ communication

• Document one: procedures used by NSA to target non-US persons
• Document two: procedures used by NSA to minimise data collected from US persons

The documents show that discretion as to who is actually targeted lies directly with the NSA’s analysts. Photograph: Martin Rogers/Workbook Stock/Getty

Top secret documents submitted to the court that oversees surveillance by US intelligence agencies show the judges have signed off on broad orders which allow the NSA to make use of information “inadvertently” collected from domestic US communications without a warrant.

The Guardian is publishing in full two documents submitted to the secret Foreign Intelligence Surveillance Court (known as the Fisa court), signed by Attorney General Eric Holder and stamped 29 July 2009. They detail the procedures the NSA is required to follow to target “non-US persons” under its foreign intelligence powers and what the agency does to minimize data collected on US citizens and residents in the course of that surveillance.

The documents show that even under authorities governing the collection of foreign intelligence from foreign targets, US communications can still be collected, retained and used.

The procedures cover only part of the NSA’s surveillance of domestic US communications. The bulk collection of domestic call records, as first revealed by the Guardian earlier this month, takes place under rolling court orders issued on the basis of a legal interpretation of a different authority, section 215 of the Patriot Act.

The Fisa court’s oversight role has been referenced many times by Barack Obama and senior intelligence officials as they have sought to reassure the public about surveillance, but the procedures approved by the court have never before been publicly disclosed.

The top secret documents published today detail the circumstances in which data collected on US persons under the foreign intelligence authority must be destroyed, extensive steps analysts must take to try to check targets are outside the US, and reveals how US call records are used to help remove US citizens and residents from data collection.

However, alongside those provisions, the Fisa court-approved policies allow the NSA to:

• Keep data that could potentially contain details of US persons for up to five years;

• Retain and make use of “inadvertently acquired” domestic communications if they contain usable intelligence, information on criminal activity, threat of harm to people or property, are encrypted, or are believed to contain any information relevant to cybersecurity;

• Preserve “foreign intelligence information” contained within attorney-client communications;

• Access the content of communications gathered from “U.S. based machine[s]” or phone numbers in order to establish if targets are located in the US, for the purposes of ceasing further surveillance.

The broad scope of the court orders, and the nature of the procedures set out in the documents, appear to clash with assurances from President Obama and senior intelligence officials that the NSA could not access Americans’ call or email information without warrants.

The documents also show that discretion as to who is actually targeted under the NSA’s foreign surveillance powers lies directly with its own analysts, without recourse to courts or superiors – though a percentage of targeting decisions are reviewed by internal audit teams on a regular basis.

Since the Guardian first revealed the extent of the NSA’s collection of US communications, there have been repeated calls for the legal basis of the programs to be released. On Thursday, two US congressmen introduced a bill compelling the Obama administration to declassify the secret legal justifications for NSA surveillance.

The disclosure bill, sponsored by Adam Schiff, a California Democrat, and Todd Rokita, an Indiana Republican, is a complement to one proposed in the Senate last week. It would “increase the transparency of the Fisa Court and the state of the law in this area,” Schiff told the Guardian. “It would give the public a better understanding of the safeguards, as well as the scope of these programs.”

Section 702 of the Fisa Amendments Act (FAA), which was renewed for five years last December, is the authority under which the NSA is allowed to collect large-scale data, including foreign communications and also communications between the US and other countries, provided the target is overseas.

FAA warrants are issued by the Fisa court for up to 12 months at a time, and authorise the collection of bulk information – some of which can include communications of US citizens, or people inside the US. To intentionally target either of those groups requires an individual warrant.
One-paragraph order

One such warrant seen by the Guardian shows that they do not contain detailed legal rulings or explanation. Instead, the one-paragraph order, signed by a Fisa court judge in 2010, declares that the procedures submitted by the attorney general on behalf of the NSA are consistent with US law and the fourth amendment.

Those procedures state that the “NSA determines whether a person is a non-United States person reasonably believed to be outside the United States in light of the totality of the circumstances based on the information available with respect to that person, including information concerning the communications facility or facilities used by that person”.

It includes information that the NSA analyst uses to make this determination – including IP addresses, statements made by the potential target, and other information in the NSA databases, which can include public information and data collected by other agencies.

Where the NSA has no specific information on a person’s location, analysts are free to presume they are overseas, the document continues.

“In the absence of specific information regarding whether a target is a United States person,” it states “a person reasonably believed to be located outside the United States or whose location is not known will be presumed to be a non-United States person unless such person can be positively identified as a United States person.”

If it later appears that a target is in fact located in the US, analysts are permitted to look at the content of messages, or listen to phone calls, to establish if this is indeed the case.

Referring to steps taken to prevent intentional collection of telephone content of those inside the US, the document states: “NSA analysts may analyze content for indications that a foreign target has entered or intends to enter the United States. Such content analysis will be conducted according to analytic and intelligence requirements and priorities.”

Details set out in the “minimization procedures”, regularly referred to in House and Senate hearings, as well as public statements in recent weeks, also raise questions as to the extent of monitoring of US citizens and residents.

NSA minimization procedures signed by Holder in 2009 set out that once a target is confirmed to be within the US, interception must stop immediately. However, these circumstances do not apply to large-scale data where the NSA claims it is unable to filter US communications from non-US ones.

The NSA is empowered to retain data for up to five years and the policy states “communications which may be retained include electronic communications acquired because of limitations on the NSA’s ability to filter communications”.

Even if upon examination a communication is found to be domestic – entirely within the US – the NSA can appeal to its director to keep what it has found if it contains “significant foreign intelligence information”, “evidence of a crime”, “technical data base information” (such as encrypted communications), or “information pertaining to a threat of serious harm to life or property”.

Domestic communications containing none of the above must be destroyed. Communications in which one party was outside the US, but the other is a US-person, are permitted for retention under FAA rules.

The minimization procedure adds that these can be disseminated to other agencies or friendly governments if the US person is anonymised, or including the US person’s identity under certain criteria.
Holder’s ‘minimization procedure’ says once a target is confirmed to be in the US, interception of communication must stop. Photo: Nicholas Kamm/AFP/Getty Images

A separate section of the same document notes that as soon as any intercepted communications are determined to have been between someone under US criminal indictment and their attorney, surveillance must stop. However, the material collected can be retained, if it is useful, though in a segregated database:

“The relevant portion of the communication containing that conversation will be segregated and the National Security Division of the Department of Justice will be notified so that appropriate procedures may be established to protect such communications from review or use in any criminal prosecution, while preserving foreign intelligence information contained therein,” the document states.

In practice, much of the decision-making appears to lie with NSA analysts, rather than the Fisa court or senior officials.

A transcript of a 2008 briefing on FAA from the NSA’s general counsel sets out how much discretion NSA analysts possess when it comes to the specifics of targeting, and making decisions on who they believe is a non-US person. Referring to a situation where there has been a suggestion a target is within the US.

“Once again, the standard here is a reasonable belief that your target is outside the United States. What does that mean when you get information that might lead you to believe the contrary? It means you can’t ignore it. You can’t turn a blind eye to somebody saying: ‘Hey, I think so and so is in the United States.’ You can’t ignore that. Does it mean you have to completely turn off collection the minute you hear that? No, it means you have to do some sort of investigation: ‘Is that guy right? Is my target here?” he says.

“But, if everything else you have says ‘no’ (he talked yesterday, I saw him on TV yesterday, even, depending on the target, he was in Baghdad) you can still continue targeting but you have to keep that in mind. You can’t put it aside. You have to investigate it and, once again, with that new information in mind, what is your reasonable belief about your target’s location?”

The broad nature of the court’s oversight role, and the discretion given to NSA analysts, sheds light on responses from the administration and internet companies to the Guardian’s disclosure of the PRISM program. They have stated that the content of online communications is turned over to the NSA only pursuant to a court order. But except when a US citizen is specifically targeted, the court orders used by the NSA to obtain that information as part of Prism are these general FAA orders, not individualized warrants specific to any individual.

Once armed with these general orders, the NSA is empowered to compel telephone and internet companies to turn over to it the communications of any individual identified by the NSA. The Fisa court plays no role in the selection of those individuals, nor does it monitor who is selected by the NSA.

The NSA’s ability to collect and retain the communications of people in the US, even without a warrant, has fuelled congressional demands for an estimate of how many Americans have been caught up in surveillance.

Two US senators, Ron Wyden and Mark Udall – both members of the Senate intelligence committee – have been seeking this information since 2011, but senior White House and intelligence officials have repeatedly insisted that the agency is unable to gather such statistics.

Glenn Greenwald and James Ball
guardian.co.uk, Thursday 20 June 2013 23.59 BST

Find this story at 20 June 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

WASHINGTON — When Max Kelly, the chief security officer for Facebook, left the social media company in 2010, he did not go to Google, Twitter or a similar Silicon Valley concern. Instead the man who was responsible for protecting the personal information of Facebook’s more than one billion users from outside attacks went to work for another giant institution that manages and analyzes large pools of data: the National Security Agency.

Mr. Kelly’s move to the spy agency, which has not previously been reported, underscores the increasingly deep connections between Silicon Valley and the agency and the degree to which they are now in the same business. Both hunt for ways to collect, analyze and exploit large pools of data about millions of Americans.

The only difference is that the N.S.A. does it for intelligence, and Silicon Valley does it to make money.

The disclosure of the spy agency’s program called Prism, which is said to collect the e-mails and other Web activity of foreigners using major Internet companies like Google, Yahoo and Facebook, has prompted the companies to deny that the agency has direct access to their computers, even as they acknowledge complying with secret N.S.A. court orders for specific data.

Yet technology experts and former intelligence officials say the convergence between Silicon Valley and the N.S.A. and the rise of data mining — both as an industry and as a crucial intelligence tool — have created a more complex reality.

Silicon Valley has what the spy agency wants: vast amounts of private data and the most sophisticated software available to analyze it. The agency in turn is one of Silicon Valley’s largest customers for what is known as data analytics, one of the valley’s fastest-growing markets. To get their hands on the latest software technology to manipulate and take advantage of large volumes of data, United States intelligence agencies invest in Silicon Valley start-ups, award classified contracts and recruit technology experts like Mr. Kelly.

“We are all in these Big Data business models,” said Ray Wang, a technology analyst and chief executive of Constellation Research, based in San Francisco. “There are a lot of connections now because the data scientists and the folks who are building these systems have a lot of common interests.”

Although Silicon Valley has sold equipment to the N.S.A. and other intelligence agencies for a generation, the interests of the two began to converge in new ways in the last few years as advances in computer storage technology drastically reduced the costs of storing enormous amounts of data — at the same time that the value of the data for use in consumer marketing began to rise. “These worlds overlap,” said Philipp S. Krüger, chief executive of Explorist, an Internet start-up in New York.

The sums the N.S.A. spends in Silicon Valley are classified, as is the agency’s total budget, which independent analysts say is $8 billion to $10 billion a year.

Despite the companies’ assertions that they cooperate with the agency only when legally compelled, current and former industry officials say the companies sometimes secretly put together teams of in-house experts to find ways to cooperate more completely with the N.S.A. and to make their customers’ information more accessible to the agency. The companies do so, the officials say, because they want to control the process themselves. They are also under subtle but powerful pressure from the N.S.A. to make access easier.

Skype, the Internet-based calling service, began its own secret program, Project Chess, to explore the legal and technical issues in making Skype calls readily available to intelligence agencies and law enforcement officials, according to people briefed on the program who asked not to be named to avoid trouble with the intelligence agencies.

Project Chess, which has never been previously disclosed, was small, limited to fewer than a dozen people inside Skype, and was developed as the company had sometimes contentious talks with the government over legal issues, said one of the people briefed on the project. The project began about five years ago, before most of the company was sold by its parent, eBay, to outside investors in 2009. Microsoft acquired Skype in an $8.5 billion deal that was completed in October 2011.

A Skype executive denied last year in a blog post that recent changes in the way Skype operated were made at the behest of Microsoft to make snooping easier for law enforcement. It appears, however, that Skype figured out how to cooperate with the intelligence community before Microsoft took over the company, according to documents leaked by Edward J. Snowden, a former contractor for the N.S.A. One of the documents about the Prism program made public by Mr. Snowden says Skype joined Prism on Feb. 6, 2011.

Microsoft executives are no longer willing to affirm statements, made by Skype several years ago, that Skype calls could not be wiretapped. Frank X. Shaw, a Microsoft spokesman, declined to comment.

In its recruiting in Silicon Valley, the N.S.A. sends some of its most senior officials to lure the best of the best. No less than Gen. Keith B. Alexander, the agency’s director and the chief of the Pentagon’s Cyber Command, showed up at one of the world’s largest hacker conferences in Las Vegas last summer, looking stiff in an uncharacteristic T-shirt and jeans, to give the keynote speech. His main purpose at Defcon, the conference, was to recruit hackers for his spy agency.

N.S.A. badges are often seen on the lapels of officials at other technology and information security conferences. “They’re very open about their interest in recruiting from the hacker community,” said Jennifer Granick, the director of civil liberties at Stanford Law School’s Center for Internet and Society.

But perhaps no one embodies the tightening relationship between the N.S.A. and the valley more than Kenneth A. Minihan.

A career Air Force intelligence officer, Mr. Minihan was the director of the N.S.A. during the Clinton administration until his retirement in the late 1990s, and then he ran the agency’s outside professional networking organization. Today he is managing director of Paladin Capital Group, a venture capital firm based in Washington that in part specializes in financing start-ups that offer high-tech solutions for the N.S.A. and other intelligence agencies. In effect, Mr. Minihan is an advanced scout for the N.S.A. as it tries to capitalize on the latest technology to analyze and exploit the vast amounts of data flowing around the world and inside the United States.

The members of Paladin’s strategic advisory board include Richard C. Schaeffer Jr., a former N.S.A. executive. While Paladin is a private firm, the American intelligence community has its own in-house venture capital company, In-Q-Tel, financed by the Central Intelligence Agency to invest in high-tech start-ups.

Many software technology firms involved in data analytics are open about their connections to intelligence agencies. Gary King, a co-founder and chief scientist at Crimson Hexagon, a start-up in Boston, said in an interview that he had given talks at C.I.A. headquarters in Langley, Va., about his company’s social media analytics tools.

The future holds the prospect of ever greater cooperation between Silicon Valley and the N.S.A. because data storage is expected to increase at an annual compound rate of 53 percent through 2016, according to the International Data Corporation.

“We reached a tipping point, where the value of having user data rose beyond the cost of storing it,” said Dan Auerbach, a technology analyst with the Electronic Frontier Foundation, an electronic privacy group in San Francisco. “Now we have an incentive to keep it forever.”

Social media sites in the meantime are growing as voluntary data mining operations on a scale that rivals or exceeds anything the government could attempt on its own. “You willingly hand over data to Facebook that you would never give voluntarily to the government,” said Bruce Schneier, a technologist and an author.

James Risen reported from Washington, and Nick Wingfield from Seattle. Kitty Bennett contributed reporting.

June 19, 2013
By JAMES RISEN and NICK WINGFIELD

Find this story at 19 June 2013

© 2013 The New York Times Company

Scheme – set up before firm was purchased by Microsoft – allegedly eased access for US law enforcement agencies

Prosecutors in Zhu Yufu’s trial for subversion cited text messages that he sent using Skype. Photograph: Mario Tama/Getty Images

Skype, the web-based communications company, reportedly set up a secret programme to make it easier for US surveillance agencies to access customers’ information.

The programme, called Project Chess and first revealed by the New York Times on Thursday, was said to have been established before Skype was bought by Microsoft in 2011. Microsoft’s links with US security are under intense scrutiny following the Guardian’s revelation of Prism, a surveillance program run by the National Security Agency (NSA), that claimed “direct” access to its servers and those of rivals including Apple, Facebook and Google.

Project Chess was set up to explore the legal and technical issues involved in making Skype’s communications more readily available to law enforcement and security officials, according to the Times. Only a handful of executives were aware of the plan. The company did not immediately return a call for comment.

Last year Skype denied reports that it had changed its software following the Microsoft acquisition in order to allow law enforcement easier access to communications. “Nothing could be more contrary to the Skype philosophy,” Mark Gillett, vice president of Microsoft’s Skype division, said in a blog post.

According to the Prism documents, Skype had been co-operating with the NSA’s scheme since February 2011, eight months before the software giant took it over. The document gives little detail on the technical nature of that cooperation. Microsoft declined to comment.

The news comes as the tech firms are attempting to distance themselves from the Prism revelations. All the firm’s listed as participating in the Prism scheme have denied that they give the NSA “direct” access to their servers, as claimed by the slide presentation, and said that they only comply with legal requests made through the courts.

But since the story broke a more nuanced picture of how the tech firms work with the surveillance authorities has emerged. The US authorities have become increasingly interested in tech firms and its employees after initially struggling to keep up with the shift to digital communications. NSA officials have held high level talks with executives in the tech firms and are actively recruiting in the tech community.
‘That information is how they make their money’

Shane Harris, author of The Watchers: The Rise of America’s Surveillance State, said the NSA had a crisis in the late 1990s when it realised communication was increasingly digital and it was falling behind in its powers to track that data. “You can not overstate that without this data the NSA would be blind,” he said.

The NSA employs former valley executives, including Max Kelly, the former chief security officer for Facebook, and has increasingly sought to hire people in the hacker community. Former NSA director lieutenant general Kenneth Minihan has taken the opposite tack and is helping create the next generation of tech security firms. Minihan is managing director of Paladin Capital, a private equity firm that has a fund dedicated to investing in homeland security. Paladin also employs Dr Alf Andreassen, a former technical adviser for naval warfare who was also for classified national programmes at AT&T and Bell Laboratories.

Harris said the ties were only likely to deepen as technology moves ever more of our communications on line. He warned the move was likely to present more problems for the tech firms as their consumers worry about their privacy. “It’s been fascinating for me listening to the push back from the tech companies,” said Harris.

Christopher Soghoian, a senior policy analyst studying technological surveillance at the American Civil Liberties Union, said the relationship between the tech giants and the NSA has a fundamental – and ironic – flaw that guarantees the Prism scandal is unlikely to be the last time tensions surface between the two.

The US spying apparatus and Silicon Valley’s top tech firms are basically in the same business, collecting information on people, he said. “It’s a weird symbiotic relationship. It’s not that Facebook and Google are trying to build a surveillance system but they effectively have,” he said. “If they wanted to, Google and Facebook could use technology to tackle the issue, anonymizing and deleting their customers’ information. But that information is how they make their money, so that is never going to happen.”

Dominic Rushe in New York
guardian.co.uk, Thursday 20 June 2013 17.37 BST

Find this story at 20 June 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Skype calls’ immunity to police phone tapping threatened
Suspicious phone conversations on Skype could be targeted for tapping as part of a pan-European crackdown.

Suspicious phone conversations on Skype could be targeted for tapping as part of a pan-European crackdown on what law authorities believe is a massive technical loophole in current wiretapping laws, allowing criminals to communicate without fear of being overheard by the police.

The European investigation could also help U.S. law enforcement authorities gain access to Internet calls. The National Security Agency (NSA) is understood to believe that suspected terrorists use Skype to circumvent detection.

While the police can get a court order to tap a suspect’s land line and mobile phone, it is currently impossible to get a similar order for Internet calls on both sides of the Atlantic.

Skype insisted that it does cooperate with law enforcement authorities, “where legally and technically possible,” the company said in a statement.

“Skype has extensively debriefed Eurojust on our law enforcement program and capabilities,” Skype said.

Eurojust, a European Union agency responsible for coordinating judicial investigations across different jurisdictions announced Friday the opening of an investigation involving all 27 countries of the European Union.

“We will bring investigators from all 27 member states together to find a common approach to this problem,” said Joannes Thuy, a spokesman for Eurojust based in The Hague in the Netherlands.

The purpose of Eurojust’s coordination role is to overcome “the technical and judicial obstacles to the interception of Internet telephony systems”, Eurojust said.

The main judicial obstacles are the differing approaches to data protection in the various E.U. member states, Thuy said.

The investigation is being headed by Eurojust’s Italian representative, Carmen Manfredda.

Criminals in Italy are increasingly making phone calls over the Internet in order to avoid getting caught through mobile phone intercepts, according to Direzione Nazionale Antimafia, the anti-Mafia office in Rome.

Police officers in Milan say organized crime, arms and drugs traffickers, and prostitution rings are turning to Skype and other systems of VOIP (voice over Internet Protocol) telephony in order to frustrate investigators.

While telecommunications companies are obliged to comply with court orders to monitor calls on land lines and mobile phones, “Skype’ refuses to cooperate with the authorities,” Thuy said.

In addition to the issue of cooperation, there are technical obstacles to tapping Skype calls. The way calls are set up and carried between computers is proprietary, and the encryption system used is strong. It could be possible to monitor the call on the originating or receiving computer using a specially written program, or perhaps to divert the traffic through a proxy server, but these are all far more difficult than tapping a normal phone. Calls between a PC and a regular telephone via the SkypeIn or SkypeOut service, however, could fall under existing wiretapping regulations and capabilities at the point where they meet the public telephone network.

The pan-European response to the problem may open the door for the U.S. to take similar action, Thuy said.

“We have very good cooperation with the U.S.,” he said, pointing out that a U.S. prosecutor, Marylee Warren, is based in The Hague in order to liaise between U.S. and European judicial authorities.

The NSA (National Security Agency) is so concerned by Skype that it is offering hackers large sums of money to break its encryption, according to unsourced reports in the U.S.

Italian investigators have become increasingly reliant on wiretaps, Eurojust said, giving a recent example of customs and tax police in Milan, who overheard a suspected cocaine trafficker telling an accomplice to switch to Skype in order to get details of a 2kg drug consignment.

“Investigators are convinced that the interception of telephone calls have become an essential tool of the police, who spend millions of euros each year tracking down crime through wiretaps of land lines and mobile phones,” Eurojust said.

The first meeting of Eurojust’s 27 national representatives is planned in the coming weeks but precise details of its timing and the location of the meeting remain secret, Thuy said.

“They will exchange information and then we will give advice on how to proceed,” he said. Bringing Internet telephony into line with calls on land lines and mobile phones “could be the price we have to pay for our security,” he said.

Paul Meller (IDG News Service)
— 23 February, 2009 09:47

Find this story at 23 February 2009

Copyright 2013 IDG Communications

In het voorjaar van 2010 was India een paar weken in de ban van een afluisterschandaal, maar vervolgens verdween dat in de vergetelheid. Dit is opmerkelijk gezien de staat van dienst van de inlichtingenwereld in India. Schandalen die gewone Indiërs raken, maar ook corruptie, slecht management, verkeerde technologie en apparatuur en bovenal incompetentie lijken de boventoon te voeren bij de NTRO, die verantwoordelijk wordt gehouden voor het schandaal. NTRO, National Technical Research Organisation, gebruikt IMSI Catchers om voor lange tijd en op grote schaal politici, ambtenaren, zakenmensen, beroemdheden en gewone Indiërs af te luisteren.

Het gebruik van een IMSI catcher moet nauwlettend gecontroleerd worden. Het afluisterschandaal in India laat zien wat de gevaren zijn van het toelaten van het apparaat in een veiligheidsstelsel. Een IMSI catcher is een mobiele zendmast. Het International Mobile Subscriber Identity nummer is een uniek nummer dat aan een SIM kaart voor een mobiele telefoon is gekoppeld. Aan het IMSI nummer zit tevens een uniek telefoonnummer. Het IMSI nummer bestaat uit drie groepen getallen, 111/22/3333333333. Aan het nummer is te zien uit welk land de SIM kaart komt. De eerste cijfers (111) staan voor het land, Nederland heeft bijvoorbeeld 204 als code. De tweede set cijfers (22) onthullen de provider, KPN heeft bijvoorbeeld 08 en Vodafone 04. De laatste cijfers, maximaal tien cijfers, zijn het unieke abonnementsnummer. Dit is niet hetzelfde als het telefoonnummer. Telefoons waar twee SIM kaarten in zitten, hebben ook twee IMSI nummers.
De IMSI catcher fungeert als mobiele antenne die het gsm verkeer in de buurt opvangt, hierbij gaat het alleen om uitgaande gesprekken. Bij gewone mobiele telefoons vindt de versleuteling van de conversaties plaats in de dichtstbijzijnde mast. De IMSI catcher hoeft de informatie dus niet te kraken, maar kan simpelweg de gesproken of geschreven data lezen. De catcher moet het telefoonverkeer wel doorgeleiden naar een reguliere mast anders kan er geen contact worden gemaakt met de persoon die door de gsm wordt gebeld. De catcher fungeert als tussenstation om de data ofwel direct af te vangen ofwel niet versleuteld door te geleiden. Het doel van de catcher is natuurlijk ook? om het telefoonnummer van een beller te achterhalen. Voor opsporingsinstanties die het gsm nummer van een verdachte niet kunnen traceren is dit een handig middel. Men plaatst een catcher in de buurt van de persoon in kwestie, vangt de nummers allemaal af en kan nagaan welk nummer men moet hebben. Bij politie-invallen kan het apparaat ook zijn dienst bewijzen door op locatie het telefoonverkeer te monitoren, vooral als binnen een onderzoek niet alle gsm-nummers bekend zijn. Tevens kan de catcher worden gebruikt voor spionage doeleinden, vooral spionage die de overheid niet aan de grote klok wil hangen. Bij het afluisteren met een IMSI catcher heeft men namelijk geen medewerking van een Telecom provider nodig. De IMSI catcher laat echter wel een spoor achter die een gebruiker kan wijzen op onregelmatigheden in de transmissie en het apparaat is niet altijd succesvol. De IMSI catcher was tot begin 2011 ook te koop door particulieren. Verschillende bedrijven in New Delhi, Gurgaon en Noida boden de ‘off-the-air-monitoring’ systemen aan. In 2011 besloot de regering de handel van de apparaten aan banden te leggen. Private ondernemingen bleken namelijk gebruik te maken van de catcher.

NTRO
In India is de IMSI Catcher op grote schaal ingezet voor spionage doeleinden, zo onthulde het weekblad Outlook in het voorjaar van 2010. Vanaf waarschijnlijk eind 2006 tot en met april 2010 werden politieke tegenstanders, mensen die promotie zouden maken, leden van het kabinet en allerlei andere politieke en niet politieke figuren door één van de Indiase geheime diensten afgeluisterd. De gesprekken werden afgeluisterd, opgenomen en bewaard. De dienst die verantwoordelijk is voor het afluisteren is de National Technical Research Organisation, de NTRO. De NTRO werd na de Kargil oorlog in 1999 opgezet. Dit conflict ontstond toen het Pakistaanse leger posities in het district Kargil, in de regio Kashmir innam. India reageerde furieus en verdreef de Pakistanen uit een groot deel van Kargil. De laatste posities werden door Pakistan verlaten na diplomatieke druk. De Kargil Review Committee concludeerde in 1999 dat een van de redenen van het uit de hand lopen van het conflict gebrekkige inlichtingen was. De Defence Intelligence Agency (DIA) en de National Technical Facilities Organization (NTFO) die al snel NTRO werd gedoopt, werden opgezet.
De NTRO begon zijn werkzaamheden in april 2004. De NTRO is de Indiase stofzuiger van data, zowel internet als telecommunicatie data, en monitort het Indiase grondgebied en luchtruim. De NTRO gebruikt hiervoor allerlei technische hulpmiddelen, van satellieten tot IMSI catchers. De Technology Experiment Satellite (TES), een satelliet die is uitgerust met een camera die foto’s kan maken van voorwerpen van een meter, is een van de hulpmiddelen. De satelliet werd in oktober 2001 gelanceerd en de beelden worden beheerd door de Indian Space Research Organisation (ISRO). Beelden worden ook commercieel verhandeld door een bedrijf dat verbonden is aan de ISRO, Antrix Corporation. BBC News rapporteerde dat India door TES ook beelden bezit van de oorlog in Afghanistan. In 2001 was India het tweede land naast de Verenigde Staten dat een satelliet bezit die beelden kan genereren van voorwerpen van een meter groot. Een van de functionarissen die centraal staat in de introductie van de afluister praktijken door de NTRO is dhr. Narayanan. Narayanan heeft decennia lang een centrale rol gespeeld in de Indiase inlichtingenwereld. Hij was hoofd van het Intelligence Bureau van 1988 tot 1992, en diende daarbij onder vijf verschillende minister-presidenten. Daarna nam hij een adviserende rol op zich onder de directe verantwoordelijkheid van de minister-president van India. In zijn rol als National Security Advisor (NSA) introduceerde hij de nieuwe afluistertechnologie in India in 2005. Narayanan wordt wel de ‘super spook’ van India genoemd, omdat hij zijn gehele wat? leven? al in de kringen van de Research and Analysis Wing (R&AW), het Intelligence Bureau en de NSA heeft bewogen. Zijn verhouding met minister-president Manmohan Singh was toen hij National Security Advisor niet close. Hij had bezwaren tegen de nucleaire samenwerking tussen Amerika en India en de toenadering van India en Pakistan. In de Wikileaks Cables over India die begin 2011 zijn vrijgegeven door The Hindu wordt Narayanan echter wel omschreven als een belangenbehartiger van de relatie met de Verenigde Staten. In een van de berichten wordt hij omschreven als de smeerolie voor zaken die voor de Amerikanen interessant zijn.
De NTRO valt onder de verantwoordelijkheid van de inlichtingendienst buitenland van India, de Research and Analysis Wing (R&AW), hoewel het een zekere mate van onafhankelijkheid heeft. De NTRO faciliteit waar het afluisteren van de communicatie met het buitenland wordt gedaan ligt in de buurt van Kala Ghoda, zuidelijk Mumbai. Bij Malad, dat in de buurt ligt van Kala Ghoda, komen de datakabels die internet- en telecommunicatie tussen continenten mogelijk maken het Indiase vasteland binnen. De NTRO zit er letterlijk boven op. Hierbij gaat het om communicatie tussen India en het buitenland. De inlichtingendiensten van India hebben daarnaast genoeg binnenlandse capaciteit om de iedere Indiase burger af te luisteren.

Afluisteren
Het afluisterschandaal van de NTRO werd eind april 2010 door het weekblad Outlook onthuld. In de editie van 3 mei van dat jaar zegt een senior inlichtingenofficier dat de NTRO geen toestemming nodig heeft om een telefoon te tappen. Het gaat volgens hem om het onderscheppen van een signaal tussen de gsm en de antenne. Volgens de officier gaat het daarom niet om het afluisteren van een telefoonnummer. Het apparaat zou signalen binnen een cirkel van twee kilometer kunnen onderscheppen. De medewerker van de NTRO lijkt te suggereren dat er helemaal niets mis is met het afluisteren met behulp van een IMSI catcher, het signaal wordt gewoon opgevangen en bewaard. Op dezelfde wijze lijkt de minister van Binnenlandse Zaken van India, P. Chidambaram, de storm rond het afluisterschandaal te willen sussen. In een van de eerste reacties verklaarden bronnen binnen de regering dat het ging om een proef van de NTRO. De regering had geen opdracht gegeven, dus is zij niet verantwoordelijk, en er hoeft geen onderzoek te komen. Volgens de minister waren in de bestanden van de NTRO ook geen bewijzen gevonden van het afluisteren van politici. Tevens wees de regering erop dat de NTRO niet zelfstandig operaties uitvoert, maar werkt onder auspiciën van andere diensten. Bij deze diensten zou het gaan om zeven inlichtingendiensten: het Intelligence Bureau, de Research and Analysis Wing, de Directorate of Revenue Intelligence, Enforcement Directorate, Narcotics Control Bureau, Economic Intelligence Unit and Directorate-General of Investigations, Income-Tax (CBDT). Een oud medewerker van de NTRO voegde daar in de Economic Times van 24 april 2010 nog aan toe dat de dienst slechts onderzoek doet naar technische hulpmiddelen. Volgens hem luistert de dienst geen individuen af en wordt het NTRO in diskrediet gebracht door verongelijkte werknemers.
Ook de politie heeft de bevoegdheid om af te luisteren. De minister van Binnenlandse Zaken stelde dat ruim dertig instanties in de verschillende Indiase deelstaten de mogelijkheid hebben om te tappen en af te luisteren. Volgens minister Chidambaram ligt daarom de macht tot het uitvoeren van deze observaties niet alleen op nationaal niveau, maar ook op deelstaatniveau. Dat dit ook daadwerkelijk aan de hand is werd in dezelfde periode geïllustreerd door een afluisterschandaal van de CBDT. Deze dienst had lobbyisten van de telecommunicatie industrie afgeluisterd ten tijde van de toewijzing van mobiele breedband netwerken met de 2G technologie. Bij deze onthulling werd niet de CBDT beschuldigd van illegale taps, maar kregen de bedrijven het te verduren. De afgeluisterde gesprekken onthulden de grote invloed van de industrie op de besluitvorming van de regering. De CBDT luisterde de lobbyisten af in het kader van een onderzoek naar belastingfraude. Zowel politiek als binnen de juridische wereld worden er vraagtekens gezet bij het afluisteren van mensen die worden verdacht van belastingfraude.
Hoewel de onthulling in de Outlook erg gedetailleerd was, was het antwoord van de minister en de dienst dat er niets aan de hand is. Er wordt niet afgeluisterd en er is geen bewijs gevonden dat het is gebeurd, luidde het officiële regeringsstandpunt. De Indiase Telecomwet van 1885 en de toegevoegde wijziging van 2008 maken afluisteren echter wel mogelijk. Bij het afluisteren gaat het om uitzonderlijke situaties en niet om een standaard regel. Het was dus wel degelijk een schending van wettelijke regels. In de week erna bevestigden enkele inlichtingenofficieren anoniem dat er op grote schaal afgeluisterd wordt. Naast de vier politici waarover Outlook in het nummer van 3 mei 2010 publiceerde bleken er veel meer mensen te zijn afgeluisterd. Het gaat daarbij naast politici om ambtenaren, zakenmensen, gewone Indiërs en beroemdheden. Volgens de anonieme officieren werden de gesprekken zonder wettelijke toestemming afgeluisterd . De officieren vertellen in de Outlook van 10 mei 2010 dat zij de opdrachten mondeling kregen of soms op een geel memo papiertje. Volgens de officieren waren de afluisteroperaties allemaal illegaal , zonder toestemming van de NSA of het kabinet van de minister-president. Er mocht ook geen administratie van worden bijgehouden. De IMSI catchers werden ingezet om bijvoorbeeld in Delhi, de hoofdstad van India, rond te rijden om gsm verkeer op te vangen. Eigenlijk waren het ‘fishing operaties’ op zoek naar dat ene gesprek dat mogelijk een gevaar kan zijn voor de nationale veiligheid. Het systeem scant alle nummers zonder onderscheid te maken en kan alles opnemen. Op elk willekeurig moment kan het apparaat dat in India is gebruikt maximaal 64 gesprekken opnemen. Sommige gesprekken werden vernietigd, andere werden bewaard. Het wordt uit het interview met de medewerkers niet duidelijk wie er verantwoordelijk was voor het besluit om gesprekken al dan niet te vernietigen. In The Times of India worden anonieme bronnen aangehaald die zeggen dat het afluisteren van de politici was uitgevoerd door “junior officials”, maar dat hun werk deel uitmaakt van een grotere operatie.
Volgens de medewerkers van de inlichtingendiensten gaat het om in totaal vijf apparaten die door de NTRO gebruikt worden. Van de ritten van de auto met de IMSI Catcher worden twee logboeken bijgehouden. Het ene logboek bevat geen enkel detail van de operatie. Het andere logboek is “top secret” en bevat gedetailleerde informatie over de locatie waar het apparaat heeft afgeluisterd. De precieze route, bestemmingen, data en tijden zijn in dat logboek te vinden. Medewerkers van de inlichtingendienst vertelden dat het niet alleen de NTRO hoeft te zijn die verantwoordelijk is voor het tappen. Verschillende van de zeven inlichtingendiensten en zelfs de politie hebben een IMSI catcher. Bronnen in de inlichtingenwereld hebben het weekblad Outlook aangegeven dat er in totaal 90 apparaten zijn aangeschaft door de verschillende instanties. Vooral in regio’s waar veel moslims wonen gebeurt dit volgens de officier. De inlichtingenofficieren die in Outlook worden geïnterviewd worden ondersteund in hun verhalen door een oud- directeur van het Intelligence Bureau (IB), dhr. Dhar. Hij vertelde het Indiase weekblad Tehelka dat de NTRO namen moet hebben gekregen om af te luisteren. Tevens verklaart hij dat politieke leiders regelmatig inlichtingendiensten de opdracht geven om mensen af te luisteren zonder schriftelijke toestemming. Medewerkers van diensten die weigeren aan deze afluisterpraktijken mee te doen, worden ontslagen volgens de oud-directeur van het Intelligence Bureau.

Iedereen is verdacht
Het is onduidelijk wat het doel is van de afluisteroperatie die zeker vier jaar heeft geduurd. Hoewel de verantwoordelijk minister in zijn eerste reactie had aangegeven niets van het afluisteren af te weten, gaven regeringsbronnen aan de The Times of India toe dat de NTRO wel toezicht uitvoerde. Welk toezicht wordt door de Times niet vermeld. Volgens de bronnen staan die activiteiten onder directe verantwoordelijkheid van de National Security Advisor of het kabinet van de minister-president waaronder de Research and Analysis Wing en de NTRO valt. Bij de NSA zou het gaan om dhr. Narayanan, de man die aan de wieg stond van het afluisteren in 2005. In de Indiase media worden ook verbanden gelegd met de lange traditie van de Indian National Congress (INC), een regeringspartij, om de oppositie in diskrediet te brengen door het verzamelen van politiek gevoelige informatie door het inzetten van inlichtingendiensten. Het dagblad The Pioneer vergelijkt het met de werkwijze van de Indiase roddelpers, maar dan veel serieuzer. Volgens de krant gaat het er bij het afluisteren om om te achterhalen wie elkaar ontmoeten, met wie iemand contact heeft, met wie personen van de elite slapen en vergelijkbare vragen uit de roddelbladen. Het lijkt er volgens de krant op dat de inlichtingendiensten de levens van politieke spelers in kaart probeert te brengen.
De Indian National Congress (INC) is echter niet de enige politieke partij die deze middelen inzet. Het lijkt erop dat het binnen de Indiase democratie de gewoonte is om de oppositie op allerlei manieren in de gaten te houden. De wijze waarop de oppositie het schandaal gebruikte om de regering onder druk te zetten, lijkt deze stelling ook te ondersteunen. De oppositie is geschokt en wil uitleg van de minister-president, maar daadwerkelijke wettelijke hervormingen werden niet met zoveel woorden geëist.
De verantwoordelijk minister voor de afluisteroperatie is Chidambaram. Chidambaram is lid van de Indian National Congress (INC). Onder de afgeluisterde politici bevond zich ook de minister voor Consumentenzaken, voedsel en distributie, Sharad Pawar van de Nationalist Congress Party (NCP), een afsplitsing van de INC. De NCP neemt op dit moment ook deel aan de regering samen met het INC. Ook leden van de partij van de minister van Binnenlandse Zaken zoals dhr. Digvijay Singh werden afgeluisterd, evenals leden van de oppositie, zoals het hoofd van de Communistische Partij India, dhr. Karat. Het afluisteren vond niet alleen nationaal plaats, ook in deelstaten van India zoals in Bihar werden hoge politici afgeluisterd, zoals de premier van Bihar, dhr. Kumar.
De onderwerpen van de gesprekken die Outlook in haar bezit heeft, zijn uiteenlopend. Bij de gesprekken van de minister van Consumentenzaken ging het om het grote schandaal rond de Indian Premier League (IPL), de Indiase cricket competitie, IPL-gate, waar sprake was van witwassen van geld en het vooraf bepalen van de winnaar van een wedstrijd. De premier van Bihar belde een collega om te lobbyen voor meer geld voor zijn deelstaat. En van de communistische partij zijn gesprekken bewaard uit 2008 toen er oppositie werd gevoerd tegen de aankoop van nucleaire technologie van de Verenigde Staten. Hoewel Karat tegenstander was van de overeenkomst tussen India en de Verenigde Staten stond hij onderhandelingen met minister-president Singh niet in weg. Hij fungeerde ook als een belangrijke exponent van de oppositie in India tegen de overeenkomst. De gegevens over de afluisterpraktijk van de NTRO geven nu aan dat dhr. Karat toen is afgeluisterd. Uiteindelijk bleef de Communistische Partij bij haar standpunt om tegen te stemmen, maar de regering behaalde toch een nipte overwinning. De Samajwadi Party (SP) en tien leden van de BJP, beide oppositie partijen, hielpen de regering aan haar meerderheid. De overeenkomst met de Amerikanen kon doorgaan. Naar nu blijkt werden er tijdens de onderhandelingen over het akkoord met de Amerikanen parlementariërs omgekocht. In documenten van de Amerikaanse vertegenwoordiging in India die door Wikileaks zijn buitgemaakt, blijkt dat de Amerikanen op de hoogte waren van de steekpenningen die parlementariërs ontvingen om voor te stemmen. Of de afgeluisterde gesprekken hebben bijgedragen aan het omkopen van leden van het parlement is niet duidelijk.

DE NTRO als schandaal
De NTRO heeft absoluut geen schoon blazoen. De korte historie van de dienst kent al vele schandalen, gebrekkig functioneren, politieke benoemingen en tekenen van corruptie. India kent geen Commissie van Toezicht op de Inlichtingen en Veiligheidsdiensten, wel een algemene controledienst, te vergelijken met de algemene Rekenkamer. De regering stelde dhr. P.V. Kumar van de Comptroller and Auditor General of India (CAG) aan om de misstanden bij de NTRO te onderzoeken. Kumar is een oud medewerker van de Research and Analysis Wing en werd na zijn onderzoek begin 2011 aangesteld om de NTRO te leiden. In hoeverre er een einde is gekomen aan de misstappen is dan ook niet duidelijk. Een van de schandalen naast het afluisteren van politici is de benoeming van de tweede man van de dienst, dhr. Vijararaghavan, en zijn betrokkenheid bij een deal met het Amerikaanse bedrijf CISCO. Na de deal met CISCO werd de dochter van Vijararaghavan door CISCO in dienst genomen. De positie van de tweede man staat ook ter discussie omdat hij naast zijn functie bij de NTRO ook nog zijn oude functie als hoofd van Defence Research and Development Organisation (DRDO) vervult en tevens directeur is van een lobbygroep van de elektronica-industrie. Ook diverse andere benoemingen worden door de CAG onderzocht op hun onvolkomenheden. Het gerechtshof in Delhi oordeelde verder dat er een onderzoek moet komen naar administratieve en financiële onregelmatigheden bij de aanstelling van ruim zeventig werknemers. Vacatures zouden zijn opgevuld met niet capabele mensen zonder de juiste opleiding en voor sommige functies is zelfs geen vacature uitgeschreven, maar die zijn onderhands opgevuld.
Naast het personeelsbeleid zijn er ook vragen gerezen over de aankoop van apparatuur door de dienst. Een medewerker schafte zonder overleg met het agentschap dat over de aankopen van gevoelige apparatuur gaat, computers aan die vitale Chinese onderdelen bevat. De spanningen tussen India en China fluctueren al decennia lang tussen gespannen en vriendschappelijk. De laatste jaren gaat het beter, maar tien jaar geleden had de verhouding tussen de twee landen een nieuw dieptepunt bereikt na Indiase kernproeven. En dat de relatie verre van close is maakten Canadese onderzoekers van de Information Warfare Monitor (IWM) duidelijk toen zij India erop wezen dat begin 2010 Chinese hackers zich de toegang hadden verschaft tot computers van het Indiase leger. IWM had de Indiase overheid er een jaar eerder al op gewezen dat haar computers en servers kwetsbaar waren voor aanvallen uit vooral China. Op de computers die in 2010 gehackt zijn, zou informatie staan over het raketprogramma van India, de artillerie-brigades van Assam, luchtmachtbases en andere militaire informatie. De Canadese onderzoekers produceerden een rapport over de Chinese elektronische infiltratie, ‘Shadow in the Cloud’. In mei 2010 bleek dat de schade van de Chinese spionage operatie aanzienlijk is. Computers en servers van diplomatieke vestigingen van India in Kabul, Moskou, Dubai, Abuja, in de Verenigde Staten, Servië, België, Duitsland, Cyprus, het Verenigd Koninkrijk en Zimbabwe waren door de Chinezen overgenomen. Ook het kantoor van de National Security Advisor was besmet en zelfs bedrijven als Tata, YKK India en DLF Limited. Naast deze militair en economisch strategische spionage hadden de Chinezen het ook gemunt op de Tibetaanse gemeenschap in Dharamshala.
Een andere medewerker kocht satelliet communicatiemiddelen van een bedrijf uit Singapore (Singapore Technologies), een bedrijf dat door de Indiase overheid op een zwarte lijst was geplaatst. Bij de aanbesteding van de satelliet communicatie apparatuur kwamen de specificaties van de NTRO precies overeen met het product van Singapore Technologies. In andere gevallen, zoals bij de aanschaf van onbemande vliegtuigen van het Israëlische bedrijf Israel Aerospace Industries (IAI) is door het NTRO geen aanbesteding uitgeschreven volgens de onderzoekers van CAG. De onbemande vliegtuigen moesten in januari 2010 aan de grond worden gehouden, omdat bleek dat de NTRO onveilige en open radiofrequenties gebruikte voor de besturing van de vliegtuigen. Volgens de India Today zouden ook de onbemande vliegtuigen van het Indiase leger op deze manier worden bediend. Bij grote uitgaven dient de NTRO een aanbesteding te doen en toestemming te vragen aan de National Security Advisor en uiteindelijk de minister-president. Ook dit laatste is bij diverse aankopen door de dienst niet gebeurd.
Naast deze personele en technische misstappen wordt de kwaliteit van het werk van de dienst in het publieke debat in India in twijfel getrokken. Hoewel haar taak het verzamelen van informatie over mogelijke terroristische aanslagen, cyber crime, opstanden en illegale grensoverschrijdingen is, heeft de dienst geen enkel duidelijk succes geboekt. De aanslagen van 26 november 2008 in Mumbai worden gezien als het bewijs van de mislukking van de dienst. Toch lijkt de dienst onaantastbaar, zoals zoveel inlichtingendiensten. Twee jaar later was het opnieuw raak. Op basis van informatie van de inlichtingendiensten werd een man gearresteerd die verantwoordelijk werd gehouden van de aanslag op de “Duitse bakkerij”, een populaire uitgaansgelegenheid voor toeristen in Pune. Minister Chidambaram feliciteerde de inlichtingendiensten, maar ze bleken het bij het verkeerde eind te hebben. De man moest worden vrijgelaten wegens ontlastend bewijs.
En hoewel de NTRO de stofzuiger is van data van Indiase burgers staat zij net als de andere spelers in de Indiase inlichtingenwereld bekend om het ‘kwijtraken’ van gevoelige data. In 2003 was de Defence Research and Development Organisation (DRDO) plotseling 53 computers kwijt. Toen zij werden teruggevonden, ontbraken de harde schijven. Op de harde schijven stonden geheime codes voor communicatie met inlichtingendiensten en het leger. In 2006 raakte een belangrijke wetenschapper van de DRDO zijn laptop kwijt op het vliegveld van Delhi. Op de laptop bewaarde de wetenschapper geheime informatie over het Indiase kernwapenarsenaal en raketsystemen. En in 2008 raakte een directeur van de NTRO zijn laptop met geheime informatie over de kernwapenprogramma’s in Pakistan, China en Noord Korea kwijt in Washington DC.

Het schandaal staat niet op zich
De NTRO is niet de enige dienst die tekenen vertoont van verval. Ook de dienst waaruit zij is voortgekomen, de Research and Analysis Wing, wordt geteisterd door technische, personele, administratieve en financiële schandalen. Eigenlijk is het niet onlogisch dat er schandalen optreden binnen de Indiase inlichtingenwereld. Met zoveel onregelmatigheden is het bijna vanzelfsprekend dat er schandalen plaatsvinden die ook Indiase burgers raken. Het NTRO schandaal staat dan ook niet op zich. Vergelijkbare afluisterpraktijken zijn de afgelopen decennia aan het licht gekomen. In de jaren tachtig kwam aan het licht dat de Indiase overheid politieke leiders afluisterde. Daarnaast werden ook toen toonaangevende journalisten in de gaten gehouden. In 1990 – 1991 was het opnieuw raak met een nieuw afluisterschandaal. De Peoples Union for Civil Liberties (PUCL), een burgerrechtenbeweging, bracht de zaak voor de rechter. Tijdens de rechtzaak gaf de CBI, Central Bureau of Investigation, toe dat op grote schaal journalisten, parlementariërs en leden van het kabinet zowel op nationaal als op deelstaatniveau waren afgeluisterd. Het CBI gaf toe dat deze afluisterpartij onwettig was.
En is er wat veranderd na het schandaal in het voorjaar van 2010 dat de Indiase politiek enkele weken bezig hield? Nee, in juli van hetzelfde jaar werd de IMSI Catcher als nieuw gepresenteerd in een operatie met de codenaam Fox, alsof het om een nieuwe strijd ging tegen terrorisme en criminele bendes. De media waren het schandaal van twee maanden eerder al weer vergeten.

Buro Jansen & Janssen

Find this story at 20 April 2011

MUMBAI, India — The terrorists who struck this city last month stunned authorities not only with their use of sophisticated weaponry but also with their comfort with modern technology.

The terrorists navigated across the Arabian Sea to Mumbai from Karachi, Pakistan, with the help of a global positioning system handset. While under way, they communicated using a satellite phone with those in Pakistan believed to have coordinated the attacks. They recognized their targets and knew the most direct routes to reach them in part because they had studied satellite photos from Google Earth.

And, perhaps most significantly, throughout the three-day siege at two luxury hotels and a Jewish center, the Pakistani-based handlers communicated with the attackers using Internet phones that complicate efforts to trace and intercept calls.

Those handlers, who were apparently watching the attacks unfold live on television, were able to inform the attackers of the movement of security forces from news accounts and provide the gunmen with instructions and encouragement, authorities said.

Hasan Gafoor, Mumbai’s police commissioner, said Monday that as once complicated technologies — including global positioning systems and satellite phones — have become simpler to operate, terrorists, like everyone else, have become adept at using them. “Well, whether terrorists or common criminals, they do try to be a step ahead in terms of technology,” he said.

Indian security forces surrounding the buildings were able to monitor the terrorists’ outgoing calls by intercepting their cellphone signals. But Indian police officials said those directing the attacks, who are believed to be from Lashkar-e-Taiba, a militant group based in Pakistan, were using a Voice over Internet Protocol (VoIP) phone service, which has complicated efforts to determine their whereabouts and identities.

VoIP services, in which conversations are carried over the Internet as opposed to conventional phone lines or cellphone towers, are increasingly popular with people looking to save money on long distance and international calls. Many such services, like Skype and Vonage, allow a user to call another VoIP-enabled device anywhere in the world free of charge, or to call a standard telephone or cellphone at a deeply discounted rate.

But the same services are also increasingly popular with criminals and terrorists, a trend that worries some law enforcement and intelligence agencies. “It’s a concern,” said one Indian security official, who spoke anonymously because the investigation was continuing. “It’s not something we have seen before.”

In mid-October, a draft United States Army intelligence report highlighted the growing interest of Islamic militants in using VoIP, noting recent news reports of Taliban insurgents using Skype to communicate. The unclassified report, which examined discussions of emerging technologies on jihadi Web sites, was obtained by the Federation of American Scientists, a Washington-based nonprofit group that monitors the impact of science on national security.

VoIP calls pose an array of difficulties for intelligence and law enforcement services, according to communications experts. “It means the phone-tapping techniques that work for old traditional interception don’t work,” said Matt Blaze, a professor and computer security expert at the University of Pennsylvania.

An agency using conventional tracing techniques to track a call from a land line or cellphone to a VoIP subscriber would be able to get only as far as the switching station that converts the voice call into Internet data, communications experts said. The switch, usually owned and operated by the company providing the VoIP service, could be located thousands of miles from the subscriber.

The subscriber’s phone number would also likely reveal no information about his location. For instance, someone in New York could dial a local phone number but actually be connected via the Internet to a person in Thailand.

In Mumbai, authorities have declined to disclose the names of the VoIP companies whose services the Lashkar-e-Taiba handlers used, but reports in Indian news media have said the calls have been traced to companies in New Jersey and Austria. Yet investigators have said they are convinced that the handlers who directed the attacks were actually sitting somewhere in Pakistan during the calls.

One senior Lashkar-e-Taiba leader who American officials believe may have played a key role in planning the Mumbai attacks is Zarrar Shah. Mr. Shah, known to be a specialist in communications technology, may have been aware of the difficulties in tracing VoIP.

To determine the location of a VoIP caller, an investigating agency has to access a database kept by the service provider. The database logs the unique numerical identifier, known as an Internet Protocol (I.P.) address, of whatever device the subscriber was using to connect to the Internet. This could be a computer equipped with a microphone, a special VoIP phone, or even a cellphone with software that routes calls over the Internet using wireless connections as opposed to cellular signals.

It would then take additional electronic sleuthing to determine where the device was located. The customer’s identity could be obtained from the service provider as well, but might prove fraudulent, experts said.

Getting the I.P. address and then determining its location can take days longer than a standard phone trace, particularly if service providers involved are in a foreign country.

“Ultimately, we can trace them,” said Mr. Gafoor, referring to VoIP calls. “It takes a little longer, but we will trace them.”

Washington is assisting the Indian authorities in obtaining this information, according to another Indian police official who also spoke anonymously because of the continuing investigation.

Further complicating this task is the fact that I.P. addresses change frequently and are less tied to a specific location than phone numbers.

Computer experts said that while these challenges were formidable, none were insurmountable. And they cautioned that security services and police forces might be disingenuous when they complain about terrorists’ use of new technologies, including VoIP.

The experts said that VoIP calls left a far richer data trail for investigators to mine than someone calling from an old-fashioned pay phone. Mr. Blaze, the computer security expert at the University of Pennsylvania, also noted that 15 years ago the Mumbai attackers would probably not have had the capacity to make calls to their handlers during the course of their attacks, depriving investigators of vital clues to their identities. “As one door closes — traditional wire line tapping — all these other doors have opened,” Mr. Blaze said.

December 9, 2008
By JEREMY KAHN

Find this story at 9 December 2008

Copyright 2008 The New York Times Company

Exclusive: British spy agency collects and stores vast quantities of global email messages, Facebook posts, internet histories and calls, and shares them with NSA, latest documents from Edward Snowden reveal

Secret document detailing GCHQ’s ambition to ‘master the internet’

Britain’s spy agency GCHQ has secretly gained access to the network of cables which carry the world’s phone calls and internet traffic and has started to process vast streams of sensitive personal information which it is sharing with its American partner, the National Security Agency (NSA).

The sheer scale of the agency’s ambition is reflected in the titles of its two principal components: Mastering the Internet and Global Telecoms Exploitation, aimed at scooping up as much online and telephone traffic as possible. This is all being carried out without any form of public acknowledgement or debate.

One key innovation has been GCHQ’s ability to tap into and store huge volumes of data drawn from fibre-optic cables for up to 30 days so that it can be sifted and analysed. That operation, codenamed Tempora, has been running for some 18 months.

GCHQ and the NSA are consequently able to access and process vast quantities of communications between entirely innocent people, as well as targeted suspects.

This includes recordings of phone calls, the content of email messages, entries on Facebook and the history of any internet user’s access to websites – all of which is deemed legal, even though the warrant system was supposed to limit interception to a specified range of targets.

The existence of the programme has been disclosed in documents shown to the Guardian by the NSA whistleblower Edward Snowden as part of his attempt to expose what he has called “the largest programme of suspicionless surveillance in human history”.

“It’s not just a US problem. The UK has a huge dog in this fight,” Snowden told the Guardian. “They [GCHQ] are worse than the US.”

However, on Friday a source with knowledge of intelligence argued that the data was collected legally under a system of safeguards, and had provided material that had led to significant breakthroughs in detecting and preventing serious crime.

Britain’s technical capacity to tap into the cables that carry the world’s communications – referred to in the documents as special source exploitation – has made GCHQ an intelligence superpower.

By 2010, two years after the project was first trialled, it was able to boast it had the “biggest internet access” of any member of the Five Eyes electronic eavesdropping alliance, comprising the US, UK, Canada, Australia and New Zealand.

UK officials could also claim GCHQ “produces larger amounts of metadata than NSA”. (Metadata describes basic information on who has been contacting whom, without detailing the content.)

By May last year 300 analysts from GCHQ, and 250 from the NSA, had been assigned to sift through the flood of data.

The Americans were given guidelines for its use, but were told in legal briefings by GCHQ lawyers: “We have a light oversight regime compared with the US”.

When it came to judging the necessity and proportionality of what they were allowed to look for, would-be American users were told it was “your call”.

The Guardian understands that a total of 850,000 NSA employees and US private contractors with top secret clearance had access to GCHQ databases.

The documents reveal that by last year GCHQ was handling 600m “telephone events” each day, had tapped more than 200 fibre-optic cables and was able to process data from at least 46 of them at a time.
Document quoting Lt Gen Keith Alexander, head of the NSA, during a visit to Britain

Each of the cables carries data at a rate of 10 gigabits per second, so the tapped cables had the capacity, in theory, to deliver more than 21 petabytes a day – equivalent to sending all the information in all the books in the British Library 192 times every 24 hours.

And the scale of the programme is constantly increasing as more cables are tapped and GCHQ data storage facilities in the UK and abroad are expanded with the aim of processing terabits (thousands of gigabits) of data at a time.

For the 2 billion users of the world wide web, Tempora represents a window on to their everyday lives, sucking up every form of communication from the fibre-optic cables that ring the world.

The NSA has meanwhile opened a second window, in the form of the Prism operation, revealed earlier this month by the Guardian, from which it secured access to the internal systems of global companies that service the internet.

The GCHQ mass tapping operation has been built up over five years by attaching intercept probes to transatlantic fibre-optic cables where they land on British shores carrying data to western Europe from telephone exchanges and internet servers in north America.

This was done under secret agreements with commercial companies, described in one document as “intercept partners”.

The papers seen by the Guardian suggest some companies have been paid for the cost of their co-operation and GCHQ went to great lengths to keep their names secret. They were assigned “sensitive relationship teams” and staff were urged in one internal guidance paper to disguise the origin of “special source” material in their reports for fear that the role of the companies as intercept partners would cause “high-level political fallout”.

The source with knowledge of intelligence said on Friday the companies were obliged to co-operate in this operation. They are forbidden from revealing the existence of warrants compelling them to allow GCHQ access to the cables.

“There’s an overarching condition of the licensing of the companies that they have to co-operate in this. Should they decline, we can compel them to do so. They have no choice.”

The source said that although GCHQ was collecting a “vast haystack of data” what they were looking for was “needles”.

“Essentially, we have a process that allows us to select a small number of needles in a haystack. We are not looking at every piece of straw. There are certain triggers that allow you to discard or not examine a lot of data so you are just looking at needles. If you had the impression we are reading millions of emails, we are not. There is no intention in this whole programme to use it for looking at UK domestic traffic – British people talking to each other,” the source said.

He explained that when such “needles” were found a log was made and the interception commissioner could see that log.

“The criteria are security, terror, organised crime. And economic well-being. There’s an auditing process to go back through the logs and see if it was justified or not. The vast majority of the data is discarded without being looked at … we simply don’t have the resources.”

However, the legitimacy of the operation is in doubt. According to GCHQ’s legal advice, it was given the go-ahead by applying old law to new technology. The 2000 Regulation of Investigatory Powers Act (Ripa) requires the tapping of defined targets to be authorised by a warrant signed by the home secretary or foreign secretary.

However, an obscure clause allows the foreign secretary to sign a certificate for the interception of broad categories of material, as long as one end of the monitored communications is abroad. But the nature of modern fibre-optic communications means that a proportion of internal UK traffic is relayed abroad and then returns through the cables.

Parliament passed the Ripa law to allow GCHQ to trawl for information, but it did so 13 years ago with no inkling of the scale on which GCHQ would attempt to exploit the certificates, enabling it to gather and process data regardless of whether it belongs to identified targets.

The categories of material have included fraud, drug trafficking and terrorism, but the criteria at any one time are secret and are not subject to any public debate. GCHQ’s compliance with the certificates is audited by the agency itself, but the results of those audits are also secret.

An indication of how broad the dragnet can be was laid bare in advice from GCHQ’s lawyers, who said it would be impossible to list the total number of people targeted because “this would be an infinite list which we couldn’t manage”.

There is an investigatory powers tribunal to look into complaints that the data gathered by GCHQ has been improperly used, but the agency reassured NSA analysts in the early days of the programme, in 2009: “So far they have always found in our favour”.

Historically, the spy agencies have intercepted international communications by focusing on microwave towers and satellites. The NSA’s intercept station at Menwith Hill in North Yorkshire played a leading role in this. One internal document quotes the head of the NSA, Lieutenant General Keith Alexander, on a visit to Menwith Hill in June 2008, asking: “Why can’t we collect all the signals all the time? Sounds like a good summer project for Menwith.”

By then, however, satellite interception accounted for only a small part of the network traffic. Most of it now travels on fibre-optic cables, and the UK’s position on the western edge of Europe gave it natural access to cables emerging from the Atlantic.

The data collected provides a powerful tool in the hands of the security agencies, enabling them to sift for evidence of serious crime. According to the source, it has allowed them to discover new techniques used by terrorists to avoid security checks and to identify terrorists planning atrocities. It has also been used against child exploitation networks and in the field of cyberdefence.

It was claimed on Friday that it directly led to the arrest and imprisonment of a cell in the Midlands who were planning co-ordinated attacks; to the arrest of five Luton-based individuals preparing acts of terror, and to the arrest of three London-based people planning attacks prior to the Olympics.

As the probes began to generate data, GCHQ set up a three-year trial at the GCHQ station in Bude, Cornwall. By the summer of 2011, GCHQ had probes attached to more than 200 internet links, each carrying data at 10 gigabits a second. “This is a massive amount of data!” as one internal slideshow put it. That summer, it brought NSA analysts into the Bude trials. In the autumn of 2011, it launched Tempora as a mainstream programme, shared with the Americans.

The intercept probes on the transatlantic cables gave GCHQ access to its special source exploitation. Tempora allowed the agency to set up internet buffers so it could not simply watch the data live but also store it – for three days in the case of content and 30 days for metadata.

“Internet buffers represent an exciting opportunity to get direct access to enormous amounts of GCHQ’s special source data,” one document explained.

The processing centres apply a series of sophisticated computer programmes in order to filter the material through what is known as MVR – massive volume reduction. The first filter immediately rejects high-volume, low-value traffic, such as peer-to-peer downloads, which reduces the volume by about 30%. Others pull out packets of information relating to “selectors” – search terms including subjects, phone numbers and email addresses of interest. Some 40,000 of these were chosen by GCHQ and 31,000 by the NSA. Most of the information extracted is “content”, such as recordings of phone calls or the substance of email messages. The rest is metadata.

The GCHQ documents that the Guardian has seen illustrate a constant effort to build up storage capacity at the stations at Cheltenham, Bude and at one overseas location, as well a search for ways to maintain the agency’s comparative advantage as the world’s leading communications companies increasingly route their cables through Asia to cut costs. Meanwhile, technical work is ongoing to expand GCHQ’s capacity to ingest data from new super cables carrying data at 100 gigabits a second. As one training slide told new users: “You are in an enviable position – have fun and make the most of it.”

Ewen MacAskill, Julian Borger, Nick Hopkins, Nick Davies and James Ball
The Guardian, Friday 21 June 2013 17.23 BST

Find this story at 21 June 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Britain’s intelligence agencies will emerge as the biggest winners from the Government’s review of public spending, The Telegraph can disclose.
MI6, MI5 and Government Communications Headquarters will see an increase in their combined £1.9 billion budget

MI6, MI5 and Government Communications Headquarters (GCHQ) will see an inflation-busting increase in their combined £1.9 billion budget, underlining the Government’s concern over the growing terrorist threat following the Woolwich attack.

Police spending on counter-terrorism will also be protected and will rise in line with inflation.

The percentage increase in the budgets of the intelligence agencies – at more than three per cent in addition to inflation – will be the largest of any item of government spending including the NHS, schools and international development.

It will lead to the agencies receiving about another £100 million in funding annually from 2015.

Local councils are also expected to emerge as winners with increased funding for elderly social care. Money from the ring-fenced NHS budget is expected to be diverted to help fund care homes and home visits for frail pensioners.
Related Articles
George Osborne: I’d rather not have tax rises but can’t rule it out 27 Jun 2013
Sketch: Dr Osborne needles Labour 26 Jun 2013
Tax rises likely after spending review cuts, says IFS 26 Jun 2013
Are the two Eds Attlee and Cripps – or Tory clones? 25 Jun 2013
Nick Clegg: even more cuts are coming 25 Jun 2013
Married couples to be offered tax breaks 24 Jun 2013

George Osborne will on Wednesday unveil the Government’s spending plans for the 2015-16 financial year following months of Whitehall wrangling.

The Spending Review, which will cut a further £11.5 billion in public expenditure, is regarded as especially sensitive as the cuts will be implemented just weeks before the next general election.

The biggest losers will include the Business department, the Culture department, the Home Office and the Justice department, which are expected to each lose about eight per cent from their budgets.

The Ministry of Defence will see its budget cut by about £1 billion, although this will not involve further reductions in front-line troops.

Mr Osborne is also expected to set out plans for long-term caps on welfare spending and other areas of government expenditure which are not tightly controlled.

The Chancellor will detail proposals to divert the money saved from Whitehall spending to fund long-term infrastructure projects such as widening major roads.

He is expected to say: “Britain is moving from rescue to recovery. But while the British economy is leaving intensive care, now we need to secure that recovery.

“We’re saving money on welfare and waste to invest in the roads and railways, schooling and science our economy needs to succeed in the future.”

The intelligence agencies have recently faced criticism that they are struggling to deal with emerging threats, amid suggestions that MI5 and MI6 could have done more to prevent the murder of Drummer Lee Rigby in Woolwich. One of the suspects had attempted to travel to Somalia and both were known to the intelligence services.

GCHQ’s activities have also come under scrutiny following accusations that it may be abusing its power in secretive projects with the United States to monitor internet traffic.

The Chancellor is understood to have contacted the heads of the three agencies last Friday to inform them of their spending increases. MI5, MI6 and GCHQ have seen their budgets fall in real terms by more than 10 per cent since 2010 and there were fears that they would face a further round of cuts.

A Whitehall source said: “This has been one of George’s personal priorities. It is vitally important we look after these budgets and they were settled last week with agreement at the very highest level.”

Mr Osborne and the Prime Minister are understood to believe the agencies need more resources to tackle the growing terrorist threat from sub-Saharan Africa and Syria, and the rising problem posed by cyber terrorism.

In the wake of the GCHQ snooping row, William Hague, the Foreign Secretary, praised the agencies’ work and cooperation with US counterparts.

Speaking in America, he said “we should have nothing but pride” in the “intelligence-sharing relationship between Britain and the United States”. He added that both countries’ intelligence work operated “under the rule of law” and “only exists to protect” people’s freedoms.

Mr Osborne confirmed on Tuesday that the NHS and schools budgets would continue to rise.

Money is also expected to be diverted from the health budget to local authorities to fund social care. Norman Lamb, a health minister, recently warned of an impending crisis in social care as councils struggled to fund enough places for ailing pensioners.

Last week, council leaders warned Mr Osborne that street lights may have to be switched off and libraries closed unless NHS funding was diverted to help pay for elderly care.

They said the amount of money spent on social care has been cut by a fifth in less than three years and they were preparing to reduce budgets further.

Mr Osborne agreed for £2 billion to be transferred from the NHS to the social care sector in his previous Spending Review, but councils said much of the money has gone on propping up the system because of the ageing population.

Ministers are also expected to set out the entitlement criteria for state help. The Government has pledged to cap the maximum bill that anyone faces for social care at £72,000 from 2016, and the details of how this will work are to be announced this week.

Earl Howe, a health minister, was asked about the growing problem in social care, with hospitals often forced not to discharge elderly patients who are infirm but not ill because they have nowhere to go. He said there would be “more news” about increased funding for social care on Wednesday and sources confirmed that the social care budget would rise after several years of cuts.

Danny Alexander, the Chief Secretary to the Treasury, also hinted that the Government may speed up the introduction of its community budgets programme, which is designed to make public sector services share operations.

He urged MPs to “listen carefully” to the Chancellor’s statement for more news after being asked about the programme’s national implementation.

By Robert Winnett, Political Editor
10:00PM BST 25 Jun 2013

Find this story at 25 June 2013

© Copyright of Telegraph Media Group Limited 2013