Volgens de overheid is bulkinterceptie noodzakelijk om aanslagen te voorkomen. Maar het middel kan het zicht van de inlichtingendiensten dusdanig vertroebelen waardoor potentiële aanslagplegers door de mazen van het sleepnet glippen.

Het massaal aftappen van het internetverkeer, ook wel bulkinterceptie genoemd, is volgens de overheid noodzakelijk om de nationale veiligheid te vergroten en terroristische aanslagen te voorkomen. De in de WIV 2017 opgenomen bevoegdheid tot bulkinterceptie geeft de inlichtingendiensten de mogelijkheid om grote hoeveelheden communicatie (telefoon en internet) zonder selectie, dus van iedereen in een bepaalde stad of zelfs land, te verzamelen.

lees meer

Van nieuwsblog.burojansen.nl

Germany’s spy agency BND is being frozen out by GCHQ as well as in America
Both believe insecure servers have led to Wikileaks taking classified documents

Berlin officials are angry that secret intelligence data has not been handed over

The freeze-out also applies to the Metropolitan Police and UK Border Force

Relations between British and German spy chiefs have hit rock bottom because London says its counterparts in Berlin cannot be trusted to keep secrets.

At a time of escalating Islamic terror threats across Europe, Germany’s spy agency BND is being frozen out by GCHQ and the National Security Agency in the US.

Both London and Washington believe insecure German data servers have contributed to the leaking of tens of thousands of classified documents to Wikileaks.

And they have infuriated Berlin by refusing to hand over secret intelligence data demanded by left wing and Green politicians which they fear will be aired in the German parliament.

At a time of escalating Islamic terror threats across Europe, Germany’s spy agency BND is being frozen out by GCHQ (base pictured)
At a time of escalating Islamic terror threats across Europe, Germany’s spy agency BND is being frozen out by GCHQ (base pictured)

It is claimed in Germany that a tranche of 500,000 sides of files put out by Wikileaks this month were GCHQ documents on covert mobile phone policy for British intelligence agents dated June 2010 and classified as secret.

They believe that the documents, once shared with Germany, were transferred to hackers – possibly Russian – who then fed them to the whistleblowing group.

Also listed as top secret was a briefing paper for attendees at a pre-G20 meeting held in London between September 2 and 5 2009 in which Turkey’s role in Europe was on the agenda.

It is understood that in November 2014 there was a meeting in Berlin between Sir Simon McDonald, the then British ambassador to Germany, together with Patrick McGuinness, Deputy National Security Adviser for Intelligence, Security, and Resilience at the Cabinet Office, and high security officials in Angela Merkel’s government.

In November 2014 there was a meeting in Berlin between Sir Simon McDonald, the then-British ambassador to Germany, and high security officials in Angela Merkel’s government
In November 2014 there was a meeting in Berlin between Sir Simon McDonald, the then-British ambassador to Germany, and high security officials in Angela Merkel’s government

The British made it plain at the meeting that co-operation between Britain and Germany was becoming increasingly problematic because of leaks.

A source familiar with the meeting said: ‘They stressed that a secret service is just that and that its workings and operations must remain secret and they felt that Germany was leaking them like a sieve.

Britain told the Germans that the freeze on information would not only apply to MI6 and GCHQ but also to the Metropolitan Police, the Serious Organised Crime Agency (SOCA) and the UK Border Force.

The source said: ‘It has now reached the point where there is virtual radio silence between the two biggest and most important intelligence services of the western world and the BND of Germany.

‘Germany is worried because it needs the umbrella protection of these agencies. It is virtually blind without it.’

Another crisis meeting was held in Berlin in February last year to discuss the biggest rift between secret services since the end of the Second World War. It failed to placate the British and the Americans.

High-grade information on jihadists, their movements and terror plans as discovered by London and Washington and directly involving Germany, are no longer being passed on as a matter of routine.

The upheaval has been caused in part by left-wing and green politicians still fuming over the spying activities carried out in Germany by America’s National Security Agency, which involved the eavesdropping on Mrs Merkel’s personal mobile telephone.

The German government requested Britain to release details of the secret operations to a committee probing the NSA and other foreign spy agency activities in the country.

The move was forced by politicians of the hard-left Die Linke and the environmentalist Green parties.

Left-wing and green politicians are still fuming over the spying activities carried out by the National Security Agency, including eavesdropping on Mrs Merkel’s personal mobile
Left-wing and green politicians are still fuming over the spying activities carried out by the National Security Agency, including eavesdropping on Mrs Merkel’s personal mobile

Both the UK and America refused to send any of the requested files to Germany. Included among them was a demand for information about a 2013 operation handled by both countries – and in co-operation with the BND – which was, and remains, top secret but was known to involve a massive surveillance programme on suspected Islamic terrorists across Europe.

Britain fears a ‘big debate’ in the German parliament which would lay open secret sources and intelligence gathering techniques.

A BND insider said: ‘Never has a friendly nation been asked to divulge its secrets in this way. It is outrageous and we completely understand the fury that this has unleashed in Whitehall. But it has left us vulnerable.’

By ALLAN HALL IN BERLIN and IAN DRURY IN LONDON FOR THE DAILY MAIL
PUBLISHED: 00:22 GMT, 16 December 2016 | UPDATED: 01:36 GMT, 16 December 2016

Find this story at 16 December 2016
© Associated Newspapers Ltd

Van nieuwsblog.burojansen.nl

Britain’s intelligence agencies have been secretly collecting bulk personal data since the late 1990s and privately admit they have gathered information on people who are “unlikely to be of intelligence or security interest”.

Disclosure of internal MI5, MI6 and GCHQ documents reveals the agencies’ growing reliance on amassing data as a prime source of intelligence even as they concede that such “intrusive” practices can invade the privacy of individuals.

A cache of more than 100 memorandums, forms and policy papers, obtained by Privacy International during a legal challenge over the lawfulness of surveillance, demonstrates that collection of bulk data has been going on for longer than previously disclosed while public knowledge of the process was suppressed for more than 15 years.

The files show that GCHQ, the government’s electronic eavesdropping centre based in Cheltenham, was collecting and developing bulk data sets as early as 1998 under powers granted by section 94 of the 1984 Telecommunications Act.

The documents offer a unique insight into the way MI5, MI6, and GCHQ go about collecting and storing bulk data on individuals, as well as authorising discovery of journalists’ sources.

Bulk personal data includes information extracted from passports, travel records, financial data, telephone calls, emails and many other open or covert sources. Often they are “fused” together to help pinpoint suspects.

The frequency of warnings to intelligence agency staff about the dangers of trespassing on private records is at odds with ministers’ repeated public reassurances that only terrorists and serious criminals are having their personal details compromised.

For example, a newsletter circulated in September 2011 by the Secret Intelligence Agency (SIS), better known as MI6, cautioned against staff misuse. “We’ve seen a few instances recently of individuals crossing the line with their database use … looking up addresses in order to send birthday cards, checking passport details to organise personal travel, checking details of family members for personal convenience,” it says.

“Another area of concern is the use of the database as a ‘convenient way’ to check the personal details of colleagues when filling out service forms on their behalf. Please remember that every search has the potential to invade the privacy of individuals, including individuals who are not the main subject of your search, so please make sure you always have a business need to conduct that search and that the search is proportionate to the level of intrusion involved.” Better where possible to use “less intrusive” means, it adds.

Theresa May unveils UK surveillance measures in wake of Snowden claims
Read more
There has been disciplinary action. Between 2014 and 2016, two MI5 and three MI6 officers were disciplined for mishandling bulk personal data. Last year, it was reported that a member of GCHQ’s staff had been sacked for making unauthorised searches.

The papers show that data handling errors remain a problem. Government lawyers have admitted in responses to Privacy International that between 1 June 2014 and 9 February this year, “47 instances of non-compliance either with the MI5 closed section 94 handling arrangements or internal guidance or the communications data code of practice were detected.” Four errors involved “necessity and proportionality” issues; 43 related to mistransposed digits, material that did not relate to the subject of investigation or duplicated requests.

Another MI5 file notes that datasets “contain personal data about individuals, the majority of whom are unlikely to be of intelligence or security interest”.

The documents have been disclosed before a trial due later this summer at the investigatory powers tribunal, which hears complaints about state-authorised surveillance and the intelligence agencies. IPT sessions hear secret evidence behind closed doors.

Release of these internal records follows admissions by David Cameron and by parliament’s intelligence and security committee (ISC) last year in the wake of revelations by the US whistleblower Edward Snowden.

The most recent documents refer to a “more onerous authorisation process” after the prime minister’s avowal of the “use of bulk personal data”. They provide fresh detail of what is happening in the intelligence agencies.

Web and phone companies are required to retain data for official access for 12 months, but the intelligence agency documents make clear that acquired bulk data sets can be held far longer.

An MI5 memorandum says retention of “low intrusion” material needs to be reviewed only every two years. Some key words are missing from the memo, but it adds: “In MI5, a maximum retention period [redaction] is applied to [bulk personal data]. This can be increased in exceptional circumstances via a policy waiver. This waiver must be authorised by a senior MI5 official and agreed by the BPDRP [bulk data retention review panel] but shall be subject to a detailed review.”

Bulk personal data is exchanged with “foreign agencies”, presumably mainly those from other countries in the UK’s traditional “Five Eyes” alliance – the USA, Canada, Australia and New Zealand.

European court to consider legality of UK surveillance laws
Read more
The documents do not specify every type of information exploited but give examples and broad categories: population data and passports, travel records, financial data and communications information. “Some of this data is publicly available, some of it is purchased and some of it is acquired covertly in accordance with SIS statutory functions,” according to an MI6 note.

Monetary information is held. “The fact that [MI5] holds bulk financial, albeit anonymised data is assessed to be a high corporate risk since there is no public expectation that the service will hold or have access to this data in bulk. Were it to become widely known that the service held this data, the media response would most likely be unfavourable and probably inaccurate.

“In some cases, it may be necessary for the relevant team to approach the data provider to examine whether any unnecessary/extraneous parts of the dataset can be removed prior to acquisition. Such extraneous data might include large numbers of minors, details of earnings or medical information.”
Death provides no escape. “Policy and processes in relation to bulk personal data is the same for both the living and the dead,” a combined agencies memo records.

Each intelligence service has its own database, it appears from the documents. For MI5, storage of bulk data is at their London HQ, Thames House. “In order to ensure the security and integrity of the datasets that the service relies upon for its enhanced analytical capabilities and to reassure data providers that their data will be handled securely, it is essential that the necessary physical controls are in place to mitigate unauthorised access to, or loss of, this information during transportation to and subsequent storage in Thames House.”

The justification for assembling such sophisticated databases, according to an MI5 document, is that it speeds up the process of detecting suspects. “By integrating bulk data [redaction] with information about individual subjects of interest from other sources of intelligence (liaison relationships, agent reporting, intercept, eavesdropping, surveillance) and from ‘fusing’ different data-sets in order to identify common links, we can better understand target networks, locations and behaviours, enabling a greater depth and breadth of target coverage.

“The fragmentary nature of many intelligence leads and the magnitude of the threat all mean that there is currently no effective method of resolving identities in a timely fashion without using bulk data.”

The standard MI5 form for acquisition of bulk data requires agency staff to a tick box if it holds sensitive personal data such as “biometric, financial, medical, racial or ethnic origin, religious, journalistic, political, legal, sexual or criminal activity” and membership of a trade union. MI5 officers also need to explain why acquisition is “necessary and proportionate”.

The documents show how alert the agencies are to their legal obligations. They refer to the agencies’ “ethics team”, the need for “proportionality” and “necessity”. One note stresses that GCHQ employees’ conditions of employment state that “unauthorised entry to computer records may constitute gross misconduct”.

But the papers also reveal how much latitude the law – notably Ripa, the Telecommunications Act, and the Data Protection Act – in practice gives them.

Investigatory powers bill: the key points
Read more
The documents include for the first time certificates under section 28 of the Data Protection Act – signed by David Blunkett and Jack Straw in 2001 when they were home and foreign secretary respectively – which provided secrecy about authorised bulk data interceptions under section 94 of the Telecommunications Act. The existence of such directions were not disclosed until last year.

The quantity of information the agencies have been forced to release suggests their long-established position of “neither confirming nor denying” any operational details may be crumbling at the edges.

In parliamentary debate over the investigatory powers bill, the government has argued that the security services only conduct targeted searches of data under legal warrants in pursuit of terrorist or criminal activity and that bulk interception is necessary as a first step in that process.

Millie Graham Wood, a legal officer at Privacy International, said: “The information revealed by this disclosure shows the staggering extent to which the intelligence agencies hoover up our data.

“This highly sensitive information about us is vulnerable to attack from hackers, foreign governments and criminals. The agencies have been doing this for 15 years in secret and are now quietly trying to put these powers on the statute book for the first time in the investigatory powers bill, which is currently being debated in parliament. These documents reveal a lack of openness and transparency with the public about these staggering powers and a failure to subject them to effective parliamentary scrutiny.”

A Home Office spokesman said: “Bulk powers have been essential to the security and intelligence agencies over the last decade and will be increasingly important in the future.

“The acquisition and use of bulk provides vital and unique intelligence that the security and intelligence agencies cannot obtain by any other means. The security and intelligence agencies use the same techniques that modern businesses increasingly rely on to analyse data in order to overcome the most significant national security challenges.”

Owen Bowcott and Richard Norton-Taylor
Thursday 21 April 2016 00.01 BST Last modified on Saturday 7 May 2016 15.01 BST
Find this story at 21 April 2016

© 2016 Guardian News and Media Limited

Van nieuwsblog.burojansen.nl

• Snowden files reveal emails of BBC, NY Times and more
• Agency includes investigative journalists on ‘threat’ list
• Editors call on Cameron to act against snooping on media
GCHQ

GCHQ’s bulk surveillance of electronic communications has scooped up emails to and from journalists working for some of the US and UK’s largest media organisations, analysis of documents released by whistleblower Edward Snowden reveals.

Emails from the BBC, Reuters, the Guardian, the New York Times, Le Monde, the Sun, NBC and the Washington Post were saved by GCHQ and shared on the agency’s intranet as part of a test exercise by the signals intelligence agency.

The disclosure comes as the British government faces intense pressure to protect the confidential communications of reporters, MPs and lawyers from snooping.

The journalists’ communications were among 70,000 emails harvested in the space of less than 10 minutes on one day in November 2008 by one of GCHQ’s numerous taps on the fibre-optic cables that make up the backbone of the internet.

The communications, which were sometimes simple mass-PR emails sent to dozens of journalists but also included correspondence between reporters and editors discussing stories, were retained by GCHQ and were available to all cleared staff on the agency intranet. There is nothing to indicate whether or not the journalists were intentionally targeted.

The mails appeared to have been captured and stored as the output of a then-new tool being used to strip irrelevant data out of the agency’s tapping process.

New evidence from other UK intelligence documents revealed by Snowden also shows that a GCHQ information security assessment listed “investigative journalists” as a threat in a hierarchy alongside terrorists or hackers.

Senior editors and lawyers in the UK have called for the urgent introduction of a freedom of expression law amid growing concern over safeguards proposed by ministers to meet concerns over the police use of surveillance powers linked to the Regulation of Investigatory Powers Act 2000 (Ripa).

More than 100 editors, including those from all the national newspapers, have signed a letter, coordinated by the Society of Editors and Press Gazette, to the UK prime minister, David Cameron, protesting at snooping on journalists’ communications.

In the wake of terror attacks on the Charlie Hebdo offices and a Jewish grocer in Paris, Cameron has renewed calls for further bulk-surveillance powers, such as those which netted these journalistic communications.

Ripa has been used to access journalists’ communications without a warrrant, with recent cases including police accessing the phone records of Tom Newton-Dunn, the Sun’s political editor, over the Plebgate investigation. The call records of Mail on Sunday reporters involved in the paper’s coverage of Chris Huhne’s speeding row were also accessed in this fashion.

Under Ripa, neither the police nor the security services need to seek the permission of a judge to investigate any UK national’s phone records – instead, they must obtain permission from an appointed staff member from the same organisation, not involved in their investigation.

However, there are some suggestions in the documents that the collection of billing data by GCHQ under Ripa goes wider – and that it may not be confined to specific target individuals.

A top secret document discussing Ripa initially explains the fact that billing records captured under Ripa are available to any government agency is “unclassified” provided that there is “no mention of bulk”.

The GCHQ document goes on to warn that the fact that billing records “kept under Ripa are not limited to warranted targets” must be kept as one of the agency’s most tightly guarded secrets, at a classification known as “Top secret strap 2”.

That is two levels higher than a normal top secret classification – as it refers to “HMG [Her Majesty’s government] relationships with industry that have areas of extreme sensitivity”.

Internal security advice shared among the intelligence agencies was often as preoccupied with the activities of journalists as with more conventional threats such as foreign intelligence, hackers or criminals.

One restricted document intended for those in army intelligence warned that “journalists and reporters representing all types of news media represent a potential threat to security”.

It continued: “Of specific concern are ‘investigative journalists’ who specialise in defence-related exposés either for profit or what they deem to be of the public interest.

“All classes of journalists and reporters may try either a formal approach or an informal approach, possibly with off-duty personnel, in their attempts to gain official information to which they are not entitled.”

It goes on to caution “such approaches pose a real threat”, and tells staff they must be “immediately reported” to the chain-of-command.

GCHQ information security assessments, meanwhile, routinely list journalists between “terrorism” and “hackers” as “influencing threat sources”, with one matrix scoring journalists as having a “capability” score of two out of five, and a “priority” of three out of five, scoring an overall “low” information security risk.

Terrorists, listed immediately above investigative journalists on the document, were given a much higher “capability” score of four out of five, but a lower “priority” of two. The matrix concluded terrorists were therefore a “moderate” information security risk.

A spokesman for GCHQ said: “It is longstanding policy that we do not comment on intelligence matters. Furthermore, all of GCHQ’s work is carried out in accordance with a strict legal and policy framework, which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the secretary of state, the interception and intelligence services commissioners and the parliamentary intelligence and security committee.

“All our operational processes rigorously support this position. In addition, the UK’s interception regime is entirely compatible with the European convention on human rights.”

James Ball
Monday 19 January 2015 15.04 GMT Last modified on Tuesday 20 January 2015 00.17 GMT

Find this story at 19 January 2015

© 2015 Guardian News

Van nieuwsblog.burojansen.nl

Journalists represent ‘a potential threat to security’, according to GCHQ
Revelation buried in secret documents leaked from the UK spy centre
Comes amid calls for security services to be given power to monitor emails
Journalists a ‘low’ security risk compared to terrorists who are ‘moderate’
GCHQ scooped up 70,000 emails in just 10 minutes, documents reveal
Among intercepted emails were some sent by BBC and New York Times

British spooks intercepted emails from US and UK media organisations and rated ‘investigative journalists’ alongside terrorists and hackers as potential security threats, secret documents reveal.
Internal advice circulated by intelligence chiefs at the Government spy centre GCHQ claims ‘journalists and reporters representing all types of news media represent a potential threat to security’.
Intelligence documents leaked by the fugitive US whistleblower Edward Snowden also show that British security officers scooped up 70,000 emails in just 10 minutes during one interception exercise in 2008.
Among the private exchanges were emails between journalists at the BBC, New York Times and US network NBC.

The disclosure comes amid growing calls for the security services to be handed more power to monitor the internet following the Paris terror attacks.
Internal security advice, shared among British intelligence agencies, scored journalists in a table of potential threats.
One restricted document, which according to the Guardian was intended for those in army intelligence, warned that ‘journalists and reporters representing all types of news media represent a potential threat to security’.

Furious Chuka Umunna storms off ‘ridiculous’ live TV…
Prime Minister David Cameron makes a speech at Ransomes Jacobsen in Ipswich, Suffolk, where he set out the Tory path to full employment, promising to keep Britain the “jobs factory of Europe” by backing small business. PRESS ASSOCIATION Photo. Picture date: Monday January 19, 2015. Mr Cameron admitted it had been a “tough few years” for UK plc, but said the country was “coming out the other side” – and urged voters to stick with his plan. See PA story POLITICS Cameron. Photo credit should read: Chris Radburn/PA Wire
Britain is the ‘jobs factory of Europe’, Cameron boasts as…
Prime Minister David Cameron and his wife Samantha take a drink by a beach during their holiday on the Spanish Island of Ibiza today. PRESS ASSOCIATION Photo. Picture date: Sunday May 26, 2013. See PA story POLITICS Cameron. Photo credit should read: Stefan Rousseau/PA Wire
Young Tories promised a holiday in Ibiza with Dave and…

It continued: ‘Of specific concern are “investigative journalists” who specialise in defence-related exposés either for profit or what they deem to be of the public interest.’
The document adds: ‘All classes of journalists and reporters may try either a formal approach or an informal approach, possibly with off-duty personnel, in their attempts to gain official information to which they are not entitled.’
It warns staff that ‘such approaches pose a real threat’, adding it must be ‘immediately reported’.
One table scored journalists a ‘low’ information security risk – compared to terrorists who are seen as a ‘moderate’ threat.

A spokesman for GCHQ refused to confirm or deny if the leaked documents were accurate. The spokesman said: ‘It is longstanding policy that we do not comment on intelligence matters.
‘Furthermore, all of GCHQ’s work is carried out in accordance with a strict legal and policy framework, which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the secretary of state, the interception and intelligence services commissioners and the parliamentary intelligence and security committee.
‘All our operational processes rigorously support this position. In addition, the UK’s interception regime is entirely compatible with the European convention on human rights.’
According to the Guardian, GCHQ scooped up emails to and from journalists during one 10-minute ‘tapping’ session in November 2008.
Emails from the BBC, the Sun and the Mail on Sunday were picked up and shared on the agency’s internal computer system – alongside memos from US media organisations.
The revelation comes as the British government faces growing pressure to ensure journalists’ texts and emails are protected from snooping.
Newspaper editors and lawyers have called for a new freedom of expression law.

By TOM MCTAGUE, DEPUTY POLITICAL EDITOR FOR MAILONLINE
PUBLISHED: 16:32 GMT, 19 January 2015 | UPDATED: 18:06 GMT, 19 January 2015

Find this story at 19 January 2015

© Associated Newspapers Ltd

Fears of customer backlash over breach of privacy as firms give GCHQ unlimited access to their undersea cables

Some of the world’s leading telecoms firms, including BT and Vodafone, are secretly collaborating with Britain’s spy agency GCHQ, and are passing on details of their customers’ phone calls, email messages and Facebook entries, documents leaked by the whistleblower Edward Snowden show.

BT, Vodafone Cable, and the American firm Verizon Business – together with four other smaller providers – have given GCHQ secret unlimited access to their network of undersea cables. The cables carry much of the world’s phone calls and internet traffic.

In June the Guardian revealed details of GCHQ’s ambitious data-hoovering programmes, Mastering the Internet and Global Telecoms Exploitation, aimed at scooping up as much online and telephone traffic as possible. It emerged GCHQ was able to tap into fibre-optic cables and store huge volumes of data for up to 30 days. That operation, codenamed Tempora, has been running for 20 months.

On Friday Germany’s Süddeutsche newspaper published the most highly sensitive aspect of this operation – the names of the commercial companies working secretly with GCHQ, and giving the agency access to their customers’ private communications. The paper said it had seen a copy of an internal GCHQ powerpoint presentation from 2009 discussing Tempora.

The document identified for the first time which telecoms companies are working with GCHQ’s “special source” team. It gives top secret codenames for each firm, with BT (“Remedy”), Verizon Business (“Dacron”), and Vodafone Cable (“Gerontic”). The other firms include Global Crossing (“Pinnage”), Level 3 (“Little”), Viatel (“Vitreous”) and Interoute (“Streetcar”). The companies refused to comment on any specifics relating to Tempora, but several noted they were obliged to comply with UK and EU law.

The revelations are likely to dismay GCHQ and Downing Street, who are fearful that BT and the other firms will suffer a backlash from customers furious that their private data and intimate emails have been secretly passed to a government spy agency. In June a source with knowledge of intelligence said the companies had no choice but to co-operate in this operation. They are forbidden from revealing the existence of warrants compelling them to allow GCHQ access to the cables.

Together, these seven companies operate a huge share of the high-capacity undersea fibre-optic cables that make up the backbone of the internet’s architecture. GCHQ’s mass tapping operation has been built up over the past five years by attaching intercept probes to the transatlantic cables where they land on British shores. GCHQ’s station in Bude, north Cornwall, plays a role. The cables carry data to western Europe from telephone exchanges and internet servers in north America. This allows GCHQ and NSA analysts to search vast amounts of data on the activity of millions of internet users. Metadata – the sites users visit, whom they email, and similar information – is stored for up to 30 days, while the content of communications is typically stored for three days.

GCHQ has the ability to tap cables carrying both internet data and phone calls. By last year GCHQ was handling 600m “telephone events” each day, had tapped more than 200 fibre-optic cables and was able to process data from at least 46 of them at a time.

Each of the cables carries data at a rate of 10 gigabits per second, so the tapped cables had the capacity, in theory, to deliver more than 21 petabytes a day – equivalent to sending all the information in all the books in the British Library 192 times every 24 hours.

This operation is carried out under clandestine agreements with the seven companies, described in one document as “intercept partners”. The companies are paid for logistical and technical assistance.

The identity of the companies allowing GCHQ to tap their cables was regarded as extremely sensitive within the agency. Though the Tempora programme itself was classified as top secret, the identities of the cable companies was even more secret, referred to as “exceptionally controlled information”, with the company names replaced with the codewords, such as “GERONTIC”, “REMEDY” and “PINNAGE”.

However, some documents made it clear which codenames referred to which companies. GCHQ also assigned the firms “sensitive relationship teams”. One document warns that if the names emerged it could cause “high-level political fallout”.

Germans have been enraged by the revelations of spying by the National Security Agency and GCHQ after it emerged that both agencies were hoovering up German data as well. On Friday the Süddeutsche said it was now clear that private telecoms firms were far more deeply complicit in US-UK spying activities than had been previously thought.

The source familiar with intelligence maintained in June that GCHQ was “not looking at every piece of straw” but was sifting a “vast haystack of data” for what he called “needles”.

He added: “If you had the impression we are reading millions of emails, we are not. There is no intention in this whole programme to use it for looking at UK domestic traffic – British people talking to each other.” The source said analysts used four criteria for determining what was examined: security, terror, organised crime and Britain’s economic wellbeing.”The vast majority of the data is discarded without being looked at … we simply don’t have the resources.”

Nonetheless, the agency repeatedly referred to plans to expand this collection ability still further in the future.

Once it is collected, analysts are able to search the information for emails, online chats and browsing histories using an interface called XKeyscore, uncovered in the Guardian on Wednesday. By May 2012, 300 analysts from GCHQ and 250 NSA analysts had direct access to search and sift through the data collected under the Tempora program.

Documents seen by the Guardian suggest some telecoms companies allowed GCHQ to access cables which they did not themselves own or operate, but only operated a landing station for. Such practices could raise alarm among other cable providers who do not co-operate with GCHQ programmes that their facilities are being used by the intelligence agency.

Telecoms providers can be compelled to co-operate with requests from the government, relayed through ministers, under the 1984 Telecommunications Act, but privacy advocates have raised concerns that the firms are not doing enough to challenge orders enabling large-scale surveillance, or are co-operating to a degree beyond that required by law.

“We urgently need clarity on how close the relationship is between companies assisting with intelligence gathering and government,” said Eric King, head of research for Privacy International. “Were the companies strong-armed, or are they voluntary intercept partners?”

Vodafone said it complied with the laws of all the countries in which its cables operate. “Media reports on these matters have demonstrated a misunderstanding of the basic facts of European, German and UK legislation and of the legal obligations set out within every telecommunications operator’s licence … Vodafone complies with the law in all of our countries of operation,” said a spokesman.

“Vodafone does not disclose any customer data in any jurisdiction unless legally required to do so. Questions related to national security are a matter for governments not telecommunications operators.”

A spokeswoman for Interoute said: “As with all communication providers in Europe we are required to comply with European and local laws including those on data protection and retention. From time to time we are presented with requests from authorities. When we receive such requests, they are processed by our legal and security teams and if valid, acted upon.”

A spokeswoman for Verizon said: “Verizon continually takes steps to safeguard our customers’ privacy. Verizon also complies with the law in every country in which we operate.”

BT declined to comment.

James Ball, Luke Harding and Juliette Garside
The Guardian, Friday 2 August 2013 18.36 BST

Find this story at 2 August 2013

© 2014 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Obama administration officials faced deepening political skepticism Wednesday about a far-reaching counterterrorism program that collects millions of Americans’ phone records, even as they released newly declassified documents in an attempt to spotlight privacy safeguards.

The previously secret material — a court order and reports to Congress — was released by Director of National Intelligence James R. Clapper as a Senate Judiciary Committee hearing opened Wednesday morning in which lawmakers sharply questioned the efficacy of the collection of bulk phone records. A senior National Security Agency official conceded that the surveillance effort was the primary tool in thwarting only one plot — not the dozens that officials had previously suggested.

Read the documents
NSA
Secret FISA court order to Verizon
The Obama administration declassified government documents related to NSA collection of telephone metadata records on Wednesday.
Graphic
How the secret FISA court works Click Here to View Full Graphic Story
How the secret FISA court works
Click here to subscribe.

In recent weeks, political support for such broad collection has sagged, and the House last week narrowly defeated a bipartisan bid to end the program, at least in its current form. On Wednesday, senior Democratic senators voiced equally strong doubts.

“This bulk-collection program has massive privacy implications,” said Senate Judiciary Committee Chairman Patrick J. Leahy (Vt.). “The phone records of all of us in this room — all of us in this room — reside in an NSA database. I’ve said repeatedly, just because we have the ability to collect huge amounts of data does not mean that we should be doing so. . . . If this program is not effective, it has to end. So far, I’m not convinced by what I’ve seen.”

Administration officials defended the collection effort and a separate program targeting foreigners’ communication as essential and operating under stringent guidelines.

“With these programs and other intelligence activities, we are constantly seeking to achieve the right balance between the protection of national security and the protection of privacy and civil liberties,” Deputy Attorney General James Cole said. “We believe these two programs have achieved the right balance.”

Cole nonetheless said the administration is open to amending the program to achieve greater public trust. Legislation is pending in the Senate that would narrow its scope.

The NSA program collecting phone records began after the September 2001 terrorist attacks and was brought under the supervision of the Foreign Intelligence Surveillance Court in 2006. But its existence remained hidden until June, when the Guardian newspaper in Britain published a classified FISC order to a U.S. phone company to turn over to the NSA all call records. Former NSA contractor Edward Snowden leaked the order to the newspaper.

On Wednesday, the Guardian published new documents provided by Snowden that outlined previously unknown features of an NSA data-retrieval system called XKeyscore. The newspaper reported that the search tool allowed analysts to “search with no prior authorization through vast databases containing emails, online chats and the browsing histories of millions of individuals.”

NSA slides describing the system published with the Guardian article indicated that analysts used it to sift through government databases, including Pinwale, the NSA’s primary storage system for e-mail and other text, and Marina, the primary storage and analysis tool for “metadata.” Another slide described analysts using XKeyscore to access a database containing phone numbers, e-mail addresses, log-ins and Internet user activity generated from other NSA programs.

The newspaper said the disclosures shed light on Snowden’s claim that the NSA’s surveillance programs allowed him while sitting at his desk to “wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal ­e-mail.” U.S. officials have denied that he had such capability.

In a statement responding to the Guardian report, the NSA said “the implication that NSA’s collection is arbitrary and unconstrained is false. NSA’s activities are focused and specifically deployed against — and only against — legitimate foreign intelligence targets.” The agency further said: “Access to XKEYSCORE, as well as all of NSA’s analytic tools, is limited to only those personnel who require access for their assigned tasks. . . . Not every analyst can perform every function, and no analyst can operate freely. Every search by an NSA analyst is fully auditable, to ensure that they are proper and within the law.”

On Wednesday, Clapper disclosed the FISA court’s “primary” order that spells out the program’s collection rules and two reports to Congress that discussed the program, which is authorized under Section 215 of the “business records” provision of the Foreign Intelligence Surveillance Act. Administration officials released the documents to reassure critics that the program is strictly supervised and minimally invasive.

For instance, the primary order states that only “appropriately trained and authorized personnel” may have access to the records, which consist of phone numbers of calls made and received, their time and duration, but not names and content. Officials call this metadata. The order also states that to query the data, there must be “reasonable, articulable suspicion,” presumably that the number is linked to a foreign terrorist group.

But the documents fueled more concern about the program’s scope among civil liberties advocates who are pressing the administration to release the legal rationale that might explain what makes such large numbers of records relevant to an authorized investigation. Perhaps most alarming to some critics was the disclosure, in the order, that queries of the metadata return results that are placed into a “corporate store” that may then be searched for foreign intelligence purposes with fewer restrictions.

That disclosure takes on significance in light of Deputy NSA Director John C. Inglis’s testimony last month that analysts could extend their searches by “three hops.” That means that starting from a target’s phone number, analysts can search on the phone numbers of people in contact with the target, then the numbers of people in contact with that group, and then the numbers of people in contact with that larger pool. That is potentially millions of people, said Jameel Jaffer, deputy legal director of the American Civil Liberties Union, who also testified Wednesday.

The Office of the DNI earlier released a statement that fewer than 300 numbers were queried in 2012. That could still mean potentially hundreds of millions of records, Sen. Richard J. Durbin (D-Ill.) said at the hearing.

Also, according to the order, the NSA does not need to audit the results of searches of the corporate store.

The order asserts that phone metadata could be obtained with a grand jury subpoena. That may be true for one person or even a group of people, but not for all Americans’ phone records, critics said.

Privacy advocates criticized redactions in the reports to Congress of information about the NSA’s failure to comply with its own internal rules. That is “among the most important information that the American public needs to critically assess whether these programs are proper,” said Mark Rumold, a staff lawyer at the Electronic Frontier Foundation.

At the hearing, Leahy voiced upset with the administration for suggesting that the program was as effective in thwarting terrorist plots as another NSA program, authorized under Section 702 of FISA and targeting foreigners’ communications. “I don’t think that’s a coincidence when we have people in government make that comparison, but it needs to stop,” he said of attempts to conflate the two programs’ utility.

He noted that senior officials had testified that the phone logging effort was critical to thwarting 54 plots, but after reviewing NSA material, he said that assertion cannot be made — “not by any stretch.” Pressed by Leahy on the point, Inglis admitted that the program “made a contribution” in 12 plots with a domestic nexus, but only one case came close to a “but-for” or critical contribution.

Carol D. Leonnig and William Branigin contributed to this report.

By Ellen Nakashima, Published: July 31, 2013

Find this story at 31 July 2013

© 1996-2014 The Washington Post

Der britische Geheimdienst wurde bei Abhöraktionen umfangreicher von Telekommunikationsfirmen unterstützt als bislang bekannt. Das berichten “Süddeutsche Zeitung” und NDR. Sogar Programmierarbeit soll an die Firmen ausgelagert worden sein.

Berlin – Laut übereinstimmenden Berichten des NDR und der “Süddeutschen Zeitung” (SZ) sind einige private Telekommunikationsunternehmen stärker in die Abhöraktionen ausländischer Geheimdienste verwickelt als bisher angenommen. Der britische Geheimdienst GCHQ etwa, ein enger Partner des US-Diensts NSA, arbeite beim Abhören des Internetverkehrs mit sieben großen Firmen zusammen.

NDR und “Süddeutsche Zeitung” beziehen sich in ihren Berichten auf Dokumente des ehemaligen NSA-Vertragsmitarbeiters Edward Snowden, die sie einsehen konnten. Die interne Präsentation von 2009 nennt neben den internationalen Unternehmen British Telecom, Verizon und Vodafone auch die Netzwerkbetreiber Level 3, Interoute, Viatel und Global Crossing als Schlüsselpartner des GCHQ. Global Crossing wurde inzwischen von Level 3 gekauft.

Gemeinsam spannen die Unternehmen laut NDR und “SZ” ein engmaschiges Datennetz über Europa und weite Teile der Welt. Einige Firmen wie Level 3 betreiben in Deutschland demnach große Datenzentren. Demnach betreibt Level 3 Rechenzentren in mehreren deutschen Städten, ein Transatlantikkabel von Global Crossing ist in Westerland auf Sylt mit deutschen Netzen verbunden. Das Unternehmen Interoute, das den Unterlagen zufolge auch mit dem GCHQ kooperiert, betreibt 15 Netzknoten in Deutschland.

Teilweise sei die Kooperation mit dem Geheimdienst über den einfachen Zugang zu den Datennetzen hinausgegangen, berichten “SZ” und NDR. Einige Firmen sollen laut den Dokumenten sogar Computerprogramme entwickelt haben, um dem britischen Geheimdienst das Abfangen von Daten aus ihren Netzen zu erleichtern. Faktisch habe der GCHQ einen Teil seiner Ausspäharbeit an Privatunternehmen delegiert.

Viatel bestreitet Zusammenarbeit

Die meisten der Unternehmen verwiesen laut NDR und “SZ” auf Gesetze, die Regierungen erlaubten, Firmen unter bestimmten Umständen zur Herausgabe von Informationen zu verpflichten. Viatel widersprach den Angaben und erklärte, nicht mit dem GCHQ zu kooperieren und dem Geheimdienst auch keinen Zugang zur eigenen Infrastruktur oder zu Kundendaten zu gewähren.

02. August 2013, 09:20 Uhr

Find this story at 2 August 2013

© SPIEGEL ONLINE 2013

Prime Minister John Key says he has no details on briefings that documents released by US whistleblower Edward Snowden show were given to Kiwi spooks.

Key would not confirm or deny the briefings, which were revealed overnight by author and journalist Glenn Greenwald, who worked with MSNBC to reveal the documents.

“The law states very clearly that for SIS or GCSB [Government Communications Security Bureau] to undertake surveillance against New Zealanders it has to be with warranted authority,” Key said this afternoon.

“In my view that will involve a very small group of New Zealanders from time to time.”

The Government is bracing itself for more leaks from the Snowden archive.

“I don’t know what Snowden has … what they chose to release and when, who knows?” Key said.

“They are of no great consequence, I don’t think.”

The documents show Kiwi spooks were briefed on setting honey traps and internet “dirty tricks” to “control, infiltrate, manipulate, and warp” online discourse.

GCSB agents – part of the Five Eyes intelligence network – were briefed by counterparts from the ultra-secret Joint Threat Research Intelligence Group.

A slide-show presentation, called The Art of Deception: Training for Online Covert Operations, was given at a top secret spy conference in 2012.

It outlined sex and dirty tricks cyber operations used by JTRIG, a unit of the British signals intelligence agency GCHQ, which focused on cyber forensics, espionage and covert operations. GCHQ described the purpose of the unit as “using online techniques to make something happen in the real or cyber world”, including “information ops (influence or disruption)”.

According to the slides, JTRIG conducted “honey traps”, sent computer viruses, deleted the online presence of targets and engaged in cyber-attacks on the “hacktivist” collective Anonymous.

One carried the title “Cyber offensive session: pushing the boundaries and action against hacktivism” revealing the agency was going after online political activists.

The presentation outlined tactics to destroy the reputation of targets online. It detailed how agents could get another country to “believe a secret” by placing information on a compromised computer or making it visible on networks under surveillance.

A JTRIG tool, called AMBASSADORS RECEPTION, involved sending a virus to someone’s computer to stop it functioning. It would delete emails, encrypt files, make the screen shake, deny service or stop logins.

Other methods were deployed to “stop someone communicating”, bombarding their phone with text messages and calls – in some cases every 10 seconds, deleting their online presence and blocking up their fax machines.

Ad Feedback

According to the presentation these tactics were used in Afghanistan, “significantly disrupting Taliban operations”.

Changing a profile photo on social networking sites “can take paranoia to a whole new level”.

A honey trap was described as “a great option” and “very successful when it works”. Writing false blogs, pretending to be a “victim” of a target worked in “serious crime ops” and in Iran, the conference was told.

The presentation also outlined “info ops” to discredit a company by leaking confidential information to rival firms and the press, posting negative information to online forums and stopping deals or ruining business relationships.

The documents were presented to the GCSB, NSA and agents from Australia and Canada.

Greenwald wrote on The Intercept website that the agencies were “attempting to control, infiltrate, manipulate and warp online discourse, and in doing so are compromising the integrity of the internet itself”.

Greenwald called the tactics “extremist” and pointed out they do not only target hostile nations or spy agencies, terrorists or nation security threats, but also “people suspected (but not charged or convicted) of ordinary crimes or … those who use online protest activity for political ends”.

He added: “It is not difficult to see how dangerous it is to have secret government agencies being able to target any individuals they want – who have never been charged with, let alone convicted of, any crimes.”

ANDREA VANCE
Last updated 15:14 26/02/2014

Find this story at 26 February 2014

© Fairfax NZ News

Kiwi spooks were briefed on setting honey traps and internet “dirty tricks” to “control, infiltrate, manipulate, and warp” online discourse, documents leaked by Edward Snowden reveal.

Government Communications Security Bureau (GCSB) agents – part of the Five Eyes intelligence network – were briefed by counterparts from the ultra-secret Joint Threat Research Intelligence Group. A slide-show presentation, called “The Art of Deception: Training for Online Covert Operations”, was given at a top secret spy conference in 2012.

It outlined sex and dirty tricks cyber operations used by JTRIG, a unit of the British Signals intelligence agency GCHQ which focused on cyber forensics, espionage and covert operations. GCHQ described the purpose of the unit as “using online techniques to make something happen in the real or cyber world,” including “information ops (influence or disruption).”

According to the slides, JTRIG conducted “honey traps,” sent computer viruses, deleted the online presence of targets and engaged in cyber-attacks on the “hacktivist” collective Anonymous.

One carried the title “Cyber offensive session: pushing the boundaries and action against hacktivism” revealing the agency was going after online political activists.

Reputation destroying tactics

The presentation outlined tactics to destroy the reputation of targets online. It detailed how agents could get another country to “believe a secret” by placing information on a compromised computer or making it visible on networks under surveillance.

A JTRIG tool, called AMBASSADORS RECEPTION, involved sending a virus to someone’s computer to stop it functioning. It would delete emails, encrypt files, make the screen shake, deny service or stop log-ins.

Other methods were deployed to “stop someone communicating,” bombarding their phone with text messages and calls – in some cases every 10 seconds, deleting their online presence and blocking up their fax machines. According to the presentation these tactics were used in Afghanistan “significantly disrupting Taliban Operations.”

Changing a profile photo on social networking sites “can take paranoia to a whole new level.” A honey trap was described as ” a great option” and “very successful when it works.” Writing false blogs, pretending to be a “victim” of a target worked in “serious crime ops” and in Iran, the conference was told.

The documents were presented to the GCSB, NSA and agents from Australia and Canada.

Author and journalist Glen Greenwald worked with MSNBC to reveal the documents. On “The Intercept” website he wrote that the agencies were “attempting to control, infiltrate, manipulate and warp online discourse, and in doing so are compromising the integrity of the internet itself.”

Published: 1:41PM Wednesday February 26, 2014 Source: Fairfax

Find this story at 26 February 2014

© 2014, Television New Zealand Limited

Edward Snowden papers unmask close technical cooperation and loose alliance between British, German, French, Spanish and Swedish spy agencies

The German, French, Spanish and Swedish intelligence services have all developed methods of mass surveillance of internet and phone traffic over the past five years in close partnership with Britain’s GCHQ eavesdropping agency.

The bulk monitoring is carried out through direct taps into fibre optic cables and the development of covert relationships with telecommunications companies. A loose but growing eavesdropping alliance has allowed intelligence agencies from one country to cultivate ties with corporations from another to facilitate the trawling of the web, according to GCHQ documents leaked by the former US intelligence contractor Edward Snowden.

The files also make clear that GCHQ played a leading role in advising its European counterparts how to work around national laws intended to restrict the surveillance power of intelligence agencies.

The German, French and Spanish governments have reacted angrily to reports based on National Security Agency (NSA) files leaked by Snowden since June, revealing the interception of communications by tens of millions of their citizens each month. US intelligence officials have insisted the mass monitoring was carried out by the security agencies in the countries involved and shared with the US.

The US director of national intelligence, James Clapper, suggested to Congress on Tuesday that European governments’ professed outrage at the reports was at least partly hypocritical. “Some of this reminds me of the classic movie Casablanca: ‘My God, there’s gambling going on here,’ ” he said.

Sweden, which passed a law in 2008 allowing its intelligence agency to monitor cross-border email and phone communications without a court order, has been relatively muted in its response.

The German government, however, has expressed disbelief and fury at the revelations from the Snowden documents, including the fact that the NSA monitored Angela Merkel’s mobile phone calls.

After the Guardian revealed the existence of GCHQ’s Tempora programme, in which the electronic intelligence agency tapped directly into the transatlantic fibre optic cables to carry out bulk surveillance, the German justice minister, Sabine Leutheusser-Schnarrenberger, said it sounded “like a Hollywood nightmare”, and warned the UK government that free and democratic societies could not flourish when states shielded their actions in “a veil of secrecy”.

‘Huge potential’

However, in a country-by-country survey of its European partners, GCHQ officials expressed admiration for the technical capabilities of German intelligence to do the same thing. The survey in 2008, when Tempora was being tested, said the Federal Intelligence Service (BND), had “huge technological potential and good access to the heart of the internet – they are already seeing some bearers running at 40Gbps and 100Gbps”.

Bearers is the GCHQ term for the fibre optic cables, and gigabits per second (Gbps) measures the speed at which data runs through them. Four years after that report, GCHQ was still only able to monitor 10 Gbps cables, but looked forward to tap new 100 Gbps bearers eventually. Hence the admiration for the BND.

The document also makes clear that British intelligence agencies were helping their German counterparts change or bypass laws that restricted their ability to use their advanced surveillance technology. “We have been assisting the BND (along with SIS [Secret Intelligence Service] and Security Service) in making the case for reform or reinterpretation of the very restrictive interception legislation in Germany,” it says.

The country-by-country survey, which in places reads somewhat like a school report, also hands out high marks to the GCHQ’s French partner, the General Directorate for External Security (DGSE). But in this case it is suggested that the DGSE’s comparative advantage is its relationship with an unnamed telecommunications company, a relationship GCHQ hoped to leverage for its own operations.

“DGSE are a highly motivated, technically competent partner, who have shown great willingness to engage on IP [internet protocol] issues, and to work with GCHQ on a “cooperate and share” basis.”

Noting that the Cheltenham-based electronic intelligence agency had trained DGSE technicians on “multi-disciplinary internet operations”, the document says: “We have made contact with the DGSE’s main industry partner, who has some innovative approaches to some internet challenges, raising the potential for GCHQ to make use of this company in the protocol development arena.”

GCHQ went on to host a major conference with its French partner on joint internet-monitoring initiatives in March 2009 and four months later reported on shared efforts on what had become by then GCHQ’s biggest challenge – continuing to carry out bulk surveillance, despite the spread of commercial online encryption, by breaking that encryption.

“Very friendly crypt meeting with DGSE in July,” British officials reported. The French were “clearly very keen to provide presentations on their work which included cipher detection in high-speed bearers. [GCHQ’s] challenge is to ensure that we have enough UK capability to support a longer term crypt relationship.”

Fresh opportunities

In the case of the Spanish intelligence agency, the National Intelligence Centre (CNI), the key to mass internet surveillance, at least back in 2008, was the Spaniards’ ties to a British telecommunications company (again unnamed. Corporate relations are among the most strictly guarded secrets in the intelligence community). That was giving them “fresh opportunities and uncovering some surprising results.

“GCHQ has not yet engaged with CNI formally on IP exploitation, but the CNI have been making great strides through their relationship with a UK commercial partner. GCHQ and the commercial partner have been able to coordinate their approach. The commercial partner has provided the CNI some equipment whilst keeping us informed, enabling us to invite the CNI across for IP-focused discussions this autumn,” the report said. It concluded that GCHQ “have found a very capable counterpart in CNI, particularly in the field of Covert Internet Ops”.

GCHQ was clearly delighted in 2008 when the Swedish parliament passed a bitterly contested law allowing the country’s National Defence Radio Establishment (FRA) to conduct Tempora-like operations on fibre optic cables. The British agency also claimed some credit for the success.

“FRA have obtained a … probe to use as a test-bed and we expect them to make rapid progress in IP exploitation following the law change,” the country assessment said. “GCHQ has already provided a lot of advice and guidance on these issues and we are standing by to assist the FRA further once they have developed a plan for taking the work forwards.”

The following year, GCHQ held a conference with its Swedish counterpart “for discussions on the implications of the new legislation being rolled out” and hailed as “a success in Sweden” the news that FRA “have finally found a pragmatic solution to enable release of intelligence to SAEPO [the internal Swedish security service.]”

GCHQ also maintains strong relations with the two main Dutch intelligence agencies, the external MIVD and the internal security service, the AIVD.

“Both agencies are small, by UK standards, but are technically competent and highly motivated,” British officials reported. Once again, GCHQ was on hand in 2008 for help in dealing with legal constraints. “The AIVD have just completed a review of how they intend to tackle the challenges posed by the internet – GCHQ has provided input and advice to this report,” the country assessment said.

“The Dutch have some legislative issues that they need to work through before their legal environment would allow them to operate in the way that GCHQ does. We are providing legal advice on how we have tackled some of these issues to Dutch lawyers.”

European allies

In the score-card of European allies, it appears to be the Italians who come off the worse. GCHQ expresses frustration with the internal friction between Italian agencies and the legal limits on their activities.

“GCHQ has had some CT [counter-terrorism] and internet-focused discussions with both the foreign intelligence agency (AISE) and the security service (AISI), but has found the Italian intelligence community to be fractured and unable/unwilling to cooperate with one another,” the report said.

A follow-up bulletin six months later noted that GCHQ was “awaiting a response from AISI on a recent proposal for cooperation – the Italians had seemed keen, but legal obstacles may have been hindering their ability to commit.”

It is clear from the Snowden documents that GCHQ has become Europe’s intelligence hub in the internet age, and not just because of its success in creating a legally permissive environment for its operations. Britain’s location as the European gateway for many transatlantic cables, and its privileged relationship with the NSA has made GCHQ an essential partner for European agencies. The documents show British officials frequently lobbying the NSA on sharing of data with the Europeans and haggling over its security classification so it can be more widely disseminated. In the intelligence world, far more than it managed in diplomacy, Britain has made itself an indispensable bridge between America and Europe’s spies.

Julian Borger
The Guardian, Friday 1 November 2013 17.02 GMT

Find this story at 1 November 2013

© 2014 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Top-secret documents from the National Security Agency and its British counterpart reveal for the first time how the governments of the United States and the United Kingdom targeted WikiLeaks and other activist groups with tactics ranging from covert surveillance to prosecution.

The efforts – detailed in documents provided previously by NSA whistleblower Edward Snowden – included a broad campaign of international pressure aimed not only at WikiLeaks founder Julian Assange, but at what the U.S. government calls “the human network that supports WikiLeaks.” The documents also contain internal discussions about targeting the file-sharing site Pirate Bay and hacktivist collectives such as Anonymous.

One classified document from Government Communications Headquarters, Britain’s top spy agency, shows that GCHQ used its surveillance system to secretly monitor visitors to a WikiLeaks site. By exploiting its ability to tap into the fiber-optic cables that make up the backbone of the Internet, the agency confided to allies in 2012, it was able to collect the IP addresses of visitors in real time, as well as the search terms that visitors used to reach the site from search engines like Google.

Another classified document from the U.S. intelligence community, dated August 2010, recounts how the Obama administration urged foreign allies to file criminal charges against Assange over the group’s publication of the Afghanistan war logs.

A third document, from July 2011, contains a summary of an internal discussion in which officials from two NSA offices – including the agency’s general counsel and an arm of its Threat Operations Center – considered designating WikiLeaks as “a ‘malicious foreign actor’ for the purpose of targeting.” Such a designation would have allowed the group to be targeted with extensive electronic surveillance – without the need to exclude U.S. persons from the surveillance searches.

In 2008, not long after WikiLeaks was formed, the U.S. Army prepared a report that identified the organization as an enemy, and plotted how it could be destroyed. The new documents provide a window into how the U.S. and British governments appear to have shared the view that WikiLeaks represented a serious threat, and reveal the controversial measures they were willing to take to combat it.

In a statement to The Intercept, Assange condemned what he called “the reckless and unlawful behavior of the National Security Agency” and GCHQ’s “extensive hostile monitoring of a popular publisher’s website and its readers.”

“News that the NSA planned these operations at the level of its Office of the General Counsel is especially troubling,” Assange said. “Today, we call on the White House to appoint a special prosecutor to investigate the extent of the NSA’s criminal activity against the media, including WikiLeaks, its staff, its associates and its supporters.”

Illustrating how far afield the NSA deviates from its self-proclaimed focus on terrorism and national security, the documents reveal that the agency considered using its sweeping surveillance system against Pirate Bay, which has been accused of facilitating copyright violations. The agency also approved surveillance of the foreign “branches” of hacktivist groups, mentioning Anonymous by name.

The documents call into question the Obama administration’s repeated insistence that U.S. citizens are not being caught up in the sweeping surveillance dragnet being cast by the NSA. Under the broad rationale considered by the agency, for example, any communication with a group designated as a “malicious foreign actor,” such as WikiLeaks and Anonymous, would be considered fair game for surveillance.

Julian Sanchez, a research fellow at the Cato Institute who specializes in surveillance issues, says the revelations shed a disturbing light on the NSA’s willingness to sweep up American citizens in its surveillance net.

“All the reassurances Americans heard that the broad authorities of the FISA Amendments Act could only be used to ‘target’ foreigners seem a bit more hollow,” Sanchez says, “when you realize that the ‘foreign target’ can be an entire Web site or online forum used by thousands if not millions of Americans.”
GCHQ Spies on WikiLeaks Visitors

The system used by GCHQ to monitor the WikiLeaks website – codenamed ANTICRISIS GIRL – is described in a classified PowerPoint presentation prepared by the British agency and distributed at the 2012 “SIGDEV Conference.” At the annual gathering, each member of the “Five Eyes” alliance – the United States, United Kingdom, Canada, Australia and New Zealand – describes the prior year’s surveillance successes and challenges.

In a top-secret presentation at the conference, two GCHQ spies outlined how ANTICRISIS GIRL was used to enable “targeted website monitoring” of WikiLeaks (See slides 33 and 34). The agency logged data showing hundreds of users from around the world, including the United States, as they were visiting a WikiLeaks site –contradicting claims by American officials that a deal between the U.K. and the U.S. prevents each country from spying on the other’s citizens.

The IP addresses collected by GCHQ are used to identify individual computers that connect to the Internet, and can be traced back to specific people if the IP address has not been masked using an anonymity service. If WikiLeaks or other news organizations were receiving submissions from sources through a public dropbox on their website, a system like ANTICRISIS GIRL could potentially be used to help track them down. (WikiLeaks has not operated a public dropbox since 2010, when it shut down its system in part due to security concerns over surveillance.)

In its PowerPoint presentation, GCHQ identifies its target only as “wikileaks.” One slide, displaying analytics derived from the surveillance, suggests that the site monitored was the official wikileaks.org domain. It shows that users reached the targeted site by searching for “wikileaks.org” and for “maysan uxo,” a term associated with a series of leaked Iraq war logs that are hosted on wikileaks.org.

The ANTICRISIS GIRL initiative was operated by a GCHQ unit called Global Telecoms Exploitation (GTE), which was previously reported by The Guardian to be linked to the large-scale, clandestine Internet surveillance operation run by GCHQ, codenamed TEMPORA.

Operating in the United Kingdom and from secret British eavesdropping bases in Cyprus and other countries, GCHQ conducts what it refers to as “passive” surveillance – indiscriminately intercepting massive amounts of data from Internet cables, phone networks and satellites. The GTE unit focuses on developing “pioneering collection capabilities” to exploit the stream of data gathered from the Internet.

As part of the ANTICRISIS GIRL system, the documents show, GCHQ used publicly available analytics software called Piwik to extract information from its surveillance stream, not only monitoring visits to targeted websites like WikiLeaks, but tracking the country of origin of each visitor.

It is unclear from the PowerPoint presentation whether GCHQ monitored the WikiLeaks site as part of a pilot program designed to demonstrate its capability, using only a small set of covertly collected data, or whether the agency continues to actively deploy its surveillance system to monitor visitors to WikiLeaks. It was previously reported in The Guardian that X-KEYSCORE, a comprehensive surveillance weapon used by both NSA and GCHQ, allows “an analyst to learn the IP addresses of every person who visits any website the analyst specifies.”

GCHQ refused to comment on whether ANTICRISIS GIRL is still operational. In an email citing the agency’s boilerplate response to inquiries, a spokeswoman insisted that “all of GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorized, necessary and proportionate, and that there is rigorous oversight.”

But privacy advocates question such assurances. “How could targeting an entire website’s user base be necessary or proportionate?” says Gus Hosein, executive director of the London-based human rights group Privacy International. “These are innocent people who are turned into suspects based on their reading habits. Surely becoming a target of a state’s intelligence and security apparatus should require more than a mere click on a link.”

The agency’s covert targeting of WikiLeaks, Hosein adds, call into question the entire legal rationale underpinning the state’s system of surveillance. “We may be tempted to see GCHQ as a rogue agency, ungoverned in its use of unprecedented powers generated by new technologies,” he says. “But GCHQ’s actions are authorized by [government] ministers. The fact that ministers are ordering the monitoring of political interests of Internet users shows a systemic failure in the rule of law.”
Going After Assange and His Supporters

The U.S. attempt to pressure other nations to prosecute Assange is recounted in a file that the intelligence community calls its “Manhunting Timeline.” The document details, on a country-by-country basis, efforts by the U.S. government and its allies to locate, prosecute, capture or kill alleged terrorists, drug traffickers, Palestinian leaders and others. There is a timeline for each year from 2008 to 2012.

An entry from August 2010 – headlined “United States, Australia, Great Britain, Germany, Iceland” – states: “The United States on August 10 urged other nations with forces in Afghanistan, including Australia, United Kingdom, and Germany, to consider filing criminal charges against Julian Assange.” It describes Assange as the “founder of the rogue Wikileaks Internet website and responsible for the unauthorized publication of over 70,000 classified documents covering the war in Afghanistan.”

In response to questions from The Intercept, the NSA suggested that the entry is “a summary derived from a 2010 article” in the Daily Beast. That article, which cited an anonymous U.S. official, reported that “the Obama administration is pressing Britain, Germany, Australia, and other allied Western governments to consider opening criminal investigations of WikiLeaks founder Julian Assange and to severely limit his nomadic travels across international borders.”

The government entry in the “Manhunting Timeline” adds Iceland to the list of Western nations that were pressured, and suggests that the push to prosecute Assange is part of a broader campaign. The effort, it explains, “exemplifies the start of an international effort to focus the legal element of national power upon non-state actor Assange, and the human network that supports WikiLeaks.” The entry does not specify how broadly the government defines that “human network,” which could potentially include thousands of volunteers, donors and journalists, as well as people who simply spoke out in defense of WikiLeaks.

In a statement, the NSA declined to comment on the documents or its targeting of activist groups, noting only that the agency “provides numerous opportunities and forums for their analysts to explore hypothetical or actual circumstances to gain appropriate advice on the exercise of their authorities within the Constitution and the law, and to share that advice appropriately.”

But the entry aimed at WikiLeaks comes from credentialed officials within the intelligence community. In an interview in Hong Kong last June, Edward Snowden made clear that the only NSA officials empowered to write such entries are those “with top-secret clearance and public key infrastructure certificates” – a kind of digital ID card enabling unique access to certain parts of the agency’s system. What’s more, Snowden added, the entries are “peer reviewed” – and every edit made is recorded by the system.

The U.S. launched its pressure campaign against WikiLeaks less than a week after the group began publishing the Afghanistan war logs on July 25, 2010. At the time, top U.S. national security officials accused WikiLeaks of having “blood” on its hands. But several months later, McClatchy reported that “U.S. officials concede that they have no evidence to date that the documents led to anyone’s death.”

The government targeting of WikiLeaks nonetheless continued. In April 2011, Salon reported that a grand jury in Virginia was actively investigating both the group and Assange on possible criminal charges under espionage statutes relating to the publication of classified documents. And in August of 2012, the Sydney Morning Herald, citing secret Australian diplomatic cables, reported that “Australian diplomats have no doubt the United States is still gunning for Julian Assange” and that “Australia’s diplomatic service takes seriously the likelihood that Assange will eventually be extradited to the US on charges arising from WikiLeaks obtaining leaked US military and diplomatic documents.”

Bringing criminal charges against WikiLeaks or Assange for publishing classified documents would be highly controversial – especially since the group partnered with newspapers like The Guardian and The New York Times to make the war logs public. “The biggest challenge to the press today is the threatened prosecution of WikiLeaks, and it’s absolutely frightening,” James Goodale, who served as chief counsel of the Times during its battle to publish The Pentagon Papers, told the Columbia Journalism Review last March. “If you go after the WikiLeaks criminally, you go after the Times. That’s the criminalization of the whole process.”

In November 2013, The Washington Post, citing anonymous officials, reported that the Justice Department strongly considered prosecuting Assange, but concluded it “could not do so without also prosecuting U.S. news organizations and journalists” who had partnered with WikiLeaks to publish the documents. According to the Post, officials “realized that they have what they described as a ‘New York Times problem’” – namely, that any theory used to bring charges against Assange would also result in criminal liability for the Times, The Guardian, and other papers which also published secret documents provided to WikiLeaks.
NSA proposals to target WikiLeaks

As the new NSA documents make clear, however, the U.S. government did more than attempt to engineer the prosecution of Assange. NSA analysts also considered designating WikiLeaks as a “malicious foreign actor” for surveillance purposes – a move that would have significantly expanded the agency’s ability to subject the group’s officials and supporters to extensive surveillance.

Such a designation would allow WikiLeaks to be targeted with surveillance without the use of “defeats” – an agency term for technical mechanisms to shield the communications of U.S. persons from getting caught in the dragnet.

That top-secret document – which summarizes a discussion between the NSA’s Office of the General Counsel and the Oversight and Compliance Office of the agency’s Threat Operations Center – spells out a rationale for including American citizens in the surveillance:

“If the foreign IP is consistently associated with malicious cyber activity against the U.S., so, tied to a foreign individual or organization known to direct malicious activity our way, then there is no need to defeat any to, from, or about U.S. Persons. This is based on the description that one end of the communication would always be this suspect foreign IP, and so therefore any U.S. Person communicant would be incidental to the foreign intelligence task.”

In short, labeling WikiLeaks a “malicious foreign target” would mean that anyone communicating with the organization for any reason – including American citizens – could have their communications subjected to government surveillance.

When NSA officials are asked in the document if WikiLeaks or Pirate Bay could be designated as “malicious foreign actors,” the reply is inconclusive: “Let us get back to you.” There is no indication of whether either group was ever designated or targeted in such a way.

The NSA’s lawyers did, however, give the green light to subject other activists to heightened surveillance. Asked if it would be permissible to “target the foreign actors of a loosely coupled group of hackers … such as with Anonymous,” the response is unequivocal: “As long as they are foreign individuals outside of the US and do not hold dual citizenship … then you are okay.”
NSA Lawyers: “It’s Nothing to Worry About”

Sanchez, the surveillance expert with the Cato Institute, says the document serves as “a reminder that NSA essentially has carte blanche to spy on non-Americans. In public statements, intelligence officials always talk about spying on ‘terrorists,’ as if those are the only targets — but Section 702 [of the 2008 FISA Amendments Act] doesn’t say anything about ‘terrorists.’ They can authorize collection on any ‘persons reasonably believed to be [located] outside the United States,’ with ‘persons’ including pretty much any kind of group not ‘substantially’ composed of Americans.”

Sanchez notes that while it makes sense to subject some full-scale cyber-attacks to government surveillance, “it would make no sense to lump together foreign cyberattackers with sites voluntarily visited by enormous numbers of Americans, like Pirate Bay or WikiLeaks.”

Indeed, one entry in the NSA document expressly authorizes the targeting of a “malicious” foreign server – offering Pirate Bay as a specific example –“even if there is a possibility that U.S. persons could be using it as well.” NSA officials agree that there is no need to exclude Americans from the surveillance, suggesting only that the agency’s spies “try to minimize” how many U.S. citizens are caught in the dragnet.

Another entry even raises the possibility of using X-KEYSCORE, one of the agency’s most comprehensive surveillance programs, to target communications between two U.S.-based Internet addresses if they are operating through a “proxy” being used for “malicious foreign activity.” In response, the NSA’s Threat Operations Center approves the targeting, but the agency’s general counsel requests “further clarification before signing off.”

If WikiLeaks were improperly targeted, or if a U.S. citizen were swept up in the NSA’s surveillance net without authorization, the agency’s attitude seems to be one of indifference. According to the document – which quotes a response by the NSA’s Office of General Counsel and the oversight and compliance office of its Threat Operations Center – discovering that an American has been selected for surveillance must be mentioned in a quarterly report, “but it’s nothing to worry about.”

The attempt to target WikiLeaks and its broad network of supporters drew sharp criticism from the group and its allies. “These documents demonstrate that the political persecution of WikiLeaks is very much alive,” says Baltasar Garzón, the Spanish former judge who now represents the group. “The paradox is that Julian Assange and the WikiLeaks organization are being treated as a threat instead of what they are: a journalist and a media organization that are exercising their fundamental right to receive and impart information in its original form, free from omission and censorship, free from partisan interests, free from economic or political pressure.”

For his part, Assange remains defiant. “The NSA and its U.K. accomplices show no respect for the rule of law,” he told The Intercept. “But there is a cost to conducting illicit actions against a media organization.” Referring to a criminal complaint that the group filed last year against “interference with our journalistic work in Europe,” Assange warned that “no entity, including the NSA, should be permitted to act against a journalist with impunity.”

Assange indicated that in light of the new documents, the group may take further legal action.

“We have instructed our general counsel, Judge Baltasar Garzón, to prepare the appropriate response,” he said. “The investigations into attempts to interfere with WikiLeaks’ work will go wherever they need to go. Make no mistake: those responsible will be held to account and brought to justice.”

By Glenn Greenwald and Ryan Gallagher
18 Feb 2014, 1:50 AM EST

Find this story at 18 February 2014

© 2014 First Look Productions, Inc.

Leaked documents posted by Glenn Greenwald and Ryan Gallagher hint at the discussions that took place around online actors like WikiLeaks, The Pirate Bay, and Anonymous, as well as the standards for spying on foreign and domestic internet users. At The Intercept, Greenwald and Gallagher have revealed details about when the NSA and agencies abroad believe it’s acceptable to target a person or site without “defeats” or measures to prevent collecting American information, with an eye towards groups that have proved a thorn in the side of government agencies.

Julian Assange appears in national security ‘Manhunting Timeline’

“Can we treat a foreign server who stores, or potentially disseminates leaked or stolen US data on it’s [sic] server as a ‘malicious foreign actor’ for the purpose of targeting with no defeats? Examples: WikiLeaks, thepiratebay.org, etc.” says one of several frequently asked questions apparently posted to an intelligence wiki for the US and other nations in the Five Eyes surveillance partnership. “Let us get back to you,” said a response from the NSA/CSS [Central Security Service] Threat Operation Center and the NSA’s Office of General Counsel. Another question asks whether it’s legal to target members of Anonymous who operate outside the US. “As long as they are foreign individuals outside of the US and do not hold dual citizenship… then you are okay,” came the answer. Agencies were not, however, apparently allowed to store copies of classified documents leaked by Anonymous or other groups in order to analyze the data.

WikiLeaks in particular came under fire. In addition to these questions, The Intercept leaked parts of a “Manhunting Timeline” that details where and how the US government is attempting to find, capture, or kill terrorists, drug traffickers, and others. This timeline apparently included information on Julian Assange, including attempts to pressure foreign governments into taking legal action against him and “the human network that supports WikiLeaks.” None of this comes as a surprise — the government’s attempts to get governments to put pressure on Assange is well known. Likewise, Anonymous has allegedly compromised government computers, and it’s not strange that the NSA wants to monitor it. The question of treating leaked document repositories as malicious foreign actors is thornier, playing into much larger debates over whether non-traditional journalism should be given the same protection as older outlets like The New York Times.

“If you ‘guess’ foreign and it’s not, then it is a serious violation.”

More generally, the document shows a complicated dance between minimizing US data collection and casting an expansive net over foreign surveillance. According to the FAQ, it’s legal to monitor foreign servers that Americans visit (The Pirate Bay is cited again) so long as agents attempt to filter out US information. The same goes for botnets that are operated from hacked US computers by a foreign source. As before, the document points to a fairly low standard for being certain that a target is foreign: 51 percent. A more complicated question is how agents are allowed to search traffic from US-based web giants like Gmail and Twitter. If an agency knows that a foreign potential threat is using one of these sites, it’s theoretically possible to look for traffic from it. But “if you ‘guess’ foreign and it’s not, then it is a serious violation.” In general, though, accidentally making queries a US person who was believed to be foreign was “nothing to worry about,” although it had to be logged for the Office of General Counsel.

The revelations here are far less conclusive than many of the leaked documents published so far. One slide apparently from an expanded version of this GCHQ document shows an analytics page that seems to monitor visits to WikiLeaks, including which countries visitors came from and how they found the site. But it’s not clear whether this is an ongoing program or a proof of concept test, especially given how few visits appear to be logged. The results are also broadly similar to what someone would get from a basic analytics page, not detailed user information. This slideshow and the FAQ do, however, give us a look into how the NSA and other agencies view online spycraft, both inside and outside the US.

By Adi Robertson on February 18, 2014 10:36 am

Find this story at 18 February 2014

© 2014 Vox Media,

Squeaky Dolphin, GCHQ’s broad social media monitoring tool, is part of the agency’s campaign to “understand and shape the Human Terrain”—that is, regional public sentiment.

Documents obtained by former NSA contractor Edward Snowden and published on The Intercept show that NSA analysts monitored content on The Pirate Bay and used the agency’s surveillance systems to track where it came from. The documents also show that the NSA’s British partners at the GCHQ used XKeyscore data as part of a surveillance program on sites that included WikiLeaks. That was part of a broader psychological profiling and targeting program to collect intelligence, influence individuals online, and disrupt groups like Anonymous that were considered threats.

The new documents show that the GCHQ conducted “broad real-time monitoring of social media activities, processing data on activities like watching YouTube videos and Facebook Likes to profile, categorize, and target individuals for psychological operations.” The NSA documents in the latest disclosure refer to monitoring for content that could be considered “malicious foreign activity.” But it’s clear that the NSA also used its XKeyscore surveillance to dig through traffic to the torrent-sharing site, and it could very well have profiled foreign users of sites like WikiLeaks and monitored their access to that and other websites.

However, the documents—one an internal NSA “frequently asked questions” Wiki page and the other a set of GCHQ slides on psychological operations—do not provide a picture of how much information about people accessing WikiLeaks was shared between the GCHQ and the NSA. And while the documents point to NSA monitoring of Pirate Bay, there’s no suggestion of how the information gathered was used or if it was used at all.

A third, unpublished document shows that the Obama administration apparently encouraged foreign governments in 2010 (including the UK) to pursue charges against WikiLeaks for the publication of diplomatic “wires” provided by Chelsea Manning, formerly known as Bradley Manning.
“Squeaky Dolphin,” “Airwolf,” and “AnticrisisGirl”

The GCHQ slide deck, published in 2012, highlights two tools used to conduct social networking, Web monitoring, and profiling. The first, called “Squeaky Dolphin,” pulls online activities within Web traffic caught by the agency’s monitoring systems. The monitoring systems are called “Airwolf” in the slides, which may be a UK codeword for the GCHQ’s equivalent of XKeyscore. That data includes webmail, blogs visited, YouTube views, Facebook “likes” clicked on websites themselves, and other data culled from individual users’ captured activity.

It runs those activities, captured in real-time, through IBM’s InfoSphere Streams processing software to create analytical feeds. Those feeds are then piped into a Splunk database and surfaced through a “dashboard” view that allows analysts to find trends in sentiment. As an example, the slides showed activity related to cricket matches in London and the surge in Facebook likes for Conservative member of Parliament Liam Fox. It can also be used to spot trends in traffic that might indicate upcoming events such as protests or other civil unrest.

While Squeaky Dolphin tends to look at things with a wider view, “AnticrisisGirl” is a bit more targeted. It can be used to passively monitor specific websites—including traffic to WikiLeaks, as the slides demonstrate. The tool can be tuned to a specific set of Internet user signatures or keywords, and it provides analytics of their behavior in real time, capturing search terms or direct Web addresses used to get to the sites in question.
“Nothing to worry about”

The final document in the latest disclosure, from an NSA internal Wiki, is entitled “Discovery SIGINT Targeting Scenarios and Compliance.” Created in 2011, it provides guidance on what is and isn’t allowed in performing XKeyscore queries and using other analytics tools to capture and analyze data. The document explains when it’s allowed to query against US “selectors”—people or systems running within the United States.

One of the entries is entitled “Unknowingly targeting a US person”:

I screwed up…the selector had a strong indication of being foreign, but it turned out to be US…now what?

NOC/OGC RESPONSE: With all querying, if you discover it actually is US, then it must be submitted and go in the [Office of General Counsel] quarterly report…’but it’s nothing to worry about.’ (Source #001)

Several of the entries on the Wiki page relate to monitoring of PirateBay. One question posted asked whether it was OK to back-trace connections to thepiratebay.org “even if it hops through US based proxies.” The NSA’s Office of General Counsel responded that it was allowed only by use of metadata “chaining” in compliance with the Department of Defense’s Supplemental Procedures Governing Communications Metadata Analysis” (SPCMA). That order requires that analysts “enter a foreign intelligence (FI) justification for making a query or starting a chain”—in other words, analysts can’t just start a query of a post on The Pirate Bay without documenting their cause.

Another question posted about The Pirate Bay asked if a password for an account associated with a US person was enough to rule out tracking the source. “If a list of .mil passwords were released to thepiratebay.org…can we go back into [XKeyscore data] (using a custom created fingerprint) to search for traffic containing that password in foreign traffic just before the release?” The official response was that while a password alone would not normally be considered to a “US person,” searching for the password data for military accounts would be allowed due to the NSA’s support role for the Defense Department. Such actions would be “consistent with the SIGINT Consensual Collection package signed by [the commander of] USCYBERCOM and [director of the NSA], appropriate to both of his hats”—referring to Gen. Keith Alexander’s dual role as head of both DOD’s cyber operations and the NSA.

Ironically, the NSA’s privacy regulations do keep it from collecting one type of data—private information published by hackers. In a response to a question on whether it was legal to store data exposed by Anonymous or other groups for forensic purposes, the NSA general counsel said it was only legal to retain “.mil information.” It wasn’t clear whether it was legal to retain data from other government agencies.

by Sean Gallagher – Feb 18 2014, 8:35pm +0100

 Find this story at 18 February 2014

© 2014 Condé Nast.

The latest report from the Intercept based on Edward Snowden’s NSA leaks reveals how the NSA and its British counterpart GCHQ targeted WikiLeaks and its supporters. The report details how the U.S. and U.K. governments deployed surveillance tools against WikiLeaks networks and supporters, while pressuring international governments to persecute the organization’s founder, Julian Assange, over the publication of the Afghanistan war logs. The documents also show that the NSA considered ways to spy on Anonymous affiliates and hackers as well as users of file-sharing site Pirate Bay.

The documents are some of the most significant to come to light yet in highlighting the government’s engagement in what Snowden’s attorney Jesselyn Raddack has long called a “war on information.” Publishers and activists have been specifically targeted for making public otherwise secrecy-shrouded instances of abuses of power by the government and the military. “This is a very troubling report,” said Jameel Jaffer, American Civil Liberties Union deputy legal director. “Publishers who disclose abuses of government power should not be subjected to invasive surveillance for having done so, and individuals should not be swept up into surveillance dragnets simply because they’ve visited websites that report on those abuses.”

The efforts – detailed in documents provided previously by NSA whistleblower Edward Snowden – included a broad campaign of international pressure aimed not only at WikiLeaks founder Julian Assange, but at what the U.S. government calls “the human network that supports WikiLeaks.” The documents also contain internal discussions about targeting the file-sharing site Pirate Bay and hacktivist collectives such as Anonymous.

One classified

Tuesday, Feb 18, 2014 07:31 PM +0100
Natasha Lennard

Find this story at 18 February 2013

© 2014 The Associated Press