Tuesday, August 18, 2015

You’ve Got Mail and NSA Has It Too — Still Feel Safe and Free

AT&T Text Message to the NSA: We Are Open for Business. 
Here's the Key to the Goodies.

Both 100% True and Accurate
(based on current history)

Quite a long post, but one that needs to be reported on again. The vast majority of this post today is drawn from ProPublica with my editing to allow it to fit this blog format and intent and without modifying the excellent source article … (BTW: AT&T is my carrier).

The NSA’s ability to capture Internet traffic on United States soil has been based on an extraordinary, decades-long partnership with a single company: AT&T.
While it has been long known that American telecommunications companies worked closely with the spy agency, newly disclosed NSA documents show that the relationship with AT&T has been considered unique and especially productive. One document described it as “highly collaborative,” while another lauded the company’s “extreme willingness to help.”
AT&T’s cooperation has involved a broad range of classified activities, according to the documents, which date from 2003 to 2013. AT&T has given the NSA access, through several methods covered under different legal rules, to billions of emails as they have flowed across its domestic networks. They have also provided technical assistance in carrying out a secret court order permitting the wiretapping of all Internet communications at the UN headquarters, also a customer of AT&T. One NSA document reminds NSA officials to be polite when visiting AT&T facilities, noting: “This is a partnership, not a contractual relationship.” A range of documents provided by Edward Snowden were jointly reviewed by The New York Times and ProPublica.  NSA, AT&T, and Verizon all have declined to discuss the findings from the files.
At this point, I need to insert a few comments based on the canned statement by AT&T and Verizon and the NSA that we hear all the time regarding that document review and that is this in part:  “We don’t comment on matters of national security.”
1.  Recently, a group of AT&T customers claimed that the NSA’s tapping of the Internet violated the Fourth Amendment protection against unreasonable searches and they sued.
2.  A federal judge just dismissed key portions of that lawsuit after the Obama administration argued that “…public discussion of its telecom surveillance efforts would reveal state secrets, damaging national security.” (I insert: please tell us how national security is damaged by AT&T examining millions of American emails and text messages? We do have the right to know – keeping us safe is not a good excuse if we are not safe from government prying into our daily and very personal lives).
3.  All the while, our government has been fighting in court to keep the identities of its telecom partners hidden. (I insert, why? What are they ashamed of? We as consumers of their services have the right to know who they are since we have the right to drop them as our provider – that right is ours,  not government’s or the providers – so, tell us who all of them are)...!
NOTE: The NSA documents do not identify AT&T or other companies by name, instead they refer to corporate partnerships run by the agency’s Special Source Operations (SSO) division using code names. The division is responsible for more than 80 percent of the information the NSA collects, one document states. 
(I insert: So, they can be ultra-secret with code names while we pay them openly using their real names – I see, I see … what a crock. FYI: Is paying a spy agency a tax deductible item, I wonder?).
Fairview is one of its oldest programs. It began in 1985, the year after antitrust regulators broke up the Ma Bell telephone monopoly and its long-distance division became AT&T Communications.
Stormbrew is another program named that is run by NSA and it has included Verizon and the former MCI, which Verizon purchased in 2006. One describes a Stormbrew cable landing that is identifiable as one that Verizon operates. Another names a contact person whose LinkedIn profile says he is a longtime Verizon employee with a top-secret clearance.
Lookback:  After 9/11, AT&T and MCI were instrumental in the Bush administration’s warrantless wiretapping programs, according to a draft report by the NSA IG.  That report, disclosed by Edward Snowden and previously published by The Guardian, does not identify the companies by name but describes their market share in numbers that correspond to those two businesses according to FCC reports. For example: AT&T began turning over emails and phone calls “within days” after the warrantless surveillance began in October 2001. MCI did not start until February 2002.
In September 2003, according to NSA documents, AT&T was the first partner to turn on a new collection capability that the NSA said amounted to a “live’ presence on the global net.” In one of its first months of operation, the Fairview program forwarded to NSA some 400 billion Internet metadata records — which include who contacted whom and other details, but not what they said. That program was “forwarding more than one million emails a day to the keyword selection system” at the agency headquarters in Fort Meade, MD.  Stormbrew was still gearing up to use the new technology, which appeared to process foreign-to-foreign traffic separate from the post-9/11 program.
Specifically how the whole shebang works:
Because of the way the Internet works, intercepting a targeted person’s email requires copying pieces of many other people’s emails, too, and sifting through those pieces.
Plaintiffs have been trying without success to get courts to address whether copying and sifting pieces of all those emails violates the Fourth Amendment.
Many privacy advocates have suspected that AT&T was giving the NSA a copy of all Internet data to sift for itself.  One 2012 presentation says the NSA does not “typically have direct access to telecoms’ hubs.” Instead, the telecoms do the sifting and forwarding of messages the government believes it may legally collect to NSA for analysis and I guess storage.
Precisely, companies that sort the data has allowed NSA to bring different surveillance powers to bear in the operation of sorting and collecting.
NOTE: Targeting someone on American soil requires a court order under the FISA (Foreign Intelligence Surveillance Act).
When a foreigner abroad is communicating with an American, that law permits the government to target that foreigner without a warrant, however, the American’s stuff is captured, too.  When foreigners are messaging other foreigners, the FISA law does not apply and the government can collect such emails in bulk without targeting anyone. 
Related Key Documents and a Timeline Related to this Story:
  1. Special Source Operations: Corporate Partner Access
  2. Cyber Threats and Special Source Operations
  3. Excerpts from the Spy Dictionary
  4. NSA’s Corporate Portfolio
  5. One Million Emails a Day From AT&T
  6. Fairview Defined
  7. Fairview Data Schematics
  8. AT&T Confirms "Foreignness" for Stormbrew
  9. Spying on the United Nations
  10. Billions of AT&T Cellphone Records
  11. The Cable Break Due to the Japanese Earthquake
  12. AT&T’s ‘Extreme Willingness to Help’
  13. AT&T’s ‘Highly Collaborative Nature’
  14. Verizon's Cable Station Installs NSA Collection Systems

1984:  The “Ma Bell” phone monopoly breaks up into regional “Baby Bells” and a long-distance company that retains the AT&T name and enters the computer business.
1985: NSA launches Fairview program partnership with a single partner, AT&T, according to internal documents. AT&T’s first big contract as a standalone company is a nearly $1 billion agreement to provide computers and services to the National Security Agency, according to news reports at the time.
2001: In the days after the 9/11 terrorist attacks, Congress passes the Patriot Act. President George W. Bush also secretly authorizes a warrantless wiretapping program known as Stellar Wind. AT&T is the first company to start turning over records under both programs, according to internal documents.
2003: AT&T is forwarding more than 1 million emails per day and 400 million Internet metadata records a month to the NSA, according to internal documents.
2003–2006: For three years, AT&T provides the FBI with illegal ‘sneak peeks’ at the calling records for communities of hundreds of people without legally valid requests for the information, according to congressional testimony by FBI General Counsel Valerie Caproni. Verizon told Congress it did not provide similar community information.
2005: The New York Times reveals President Bush’s warrantless wiretapping program.
2006: Former AT&T engineer Mark Klein publicly reveals in a lawsuit a secret room in AT&T’s San Francisco office that he says siphons traffic to the NSA.
2008: Congress passes the FISA Amendments Act, legalizing portions of warrantless wiretapping and granting legal immunity to AT&T and other telecommunications companies for their participation in it.
2009: 9th Circuit Court of Appeals dismisses the case based on Klein’s allegations, citing the immunity granted to telecommunications companies by Congress.
2011: AT&T starts delivering 1.1 billion of its customers’ cellphone calling records per day to the NSA, under the Patriot Act business records provision, according to internal documents.
2013: Edward Snowden blows the whistle and passes journalists a trove of NSA documents that reveal the vast scope of NSA spying.
2015: U.S. District Court for the Northern District of California dismisses key portions of another constitutional challenge to AT&T’s fiber taps, after the government argued that any discussion of its collaborations with telecom companies was a state secret.
In 2011, AT&T began handing over 1.1 billion domestic cellphone calling records a day to the NSA after “a push to get this flow operational prior to the tenth anniversary of 9/11,” according to an internal agency newsletter. This revelation is striking because after Snowden disclosed the program of collecting the records of Americans’ phone calls, intelligence officials told reporters that, for technical reasons, it consisted mostly of landline phone records.
That year, one slide presentation shows, the NSA spent $188.9 million on the Fairview program, twice the amount spent on Stormbrew, its second-largest corporate program.
After the Times disclosed the Bush administration’s warrantless wiretapping program in December 2005, plaintiffs began trying to sue AT&T and the NSA In a 2006 lawsuit, a retired AT&T technician named Mark Klein claimed that three years earlier he had seen a secret room in a company building in San Francisco where the NSA had installed equipment. Klein claimed that AT&T was providing the NSA with access to Internet traffic that AT&T transmits for other telecom companies.
Such cooperative arrangements, known in the industry as “peering,” mean that communications from customers of other companies could end up on AT&T’s network. (Note: also reported by PBS FRONTLINE show). After Congress passed a 2008 law legalizing the Bush program and immunizing the telecom companies for their cooperation with it, that lawsuit was thrown out. But the newly disclosed documents show that AT&T has provided access to peering traffic from other companies’ networks.
AT&T’s “corporate relationships provide unique accesses to other telecoms and ISP’s,” one 2013 NSA document states.
So, here “We the People” are today: “Safe, dumb, and somewhat sorry” with our hands tied as our ISP forks over our most-private emails and calls to keep us free while ISIS/ISIL and others continue to blow up the world. I guess ISIS/ISIL are AT&T customers, or that the NSA is not interested in intercepting their bombing schedules (but I hope they truly are).
In this era this must be the new price of freedom and safety: Total submission to snooping and spying by “our” government – representative democracy in action, right…?? I guess so.

No comments: