Orange has been cooperating allegedly illegally for years with France’s main intelligence agency (the DGSE). According to a newly found report by Edward Snowden and an investigation by Le Monde, the DGSE was given access to all of Orange’s data (not just metadata).

Orange is the leading telecom company in France with more than 26 million clients. These clients have communicated with tens of millions of non-Orange clients. Nearly everyone in France is concerned by today’s revelation. No regulating agency has a say in this special relationship between France’s intelligence agencies and Orange. Data is shared with allies, such as the GCHQ in the U.K.

While the state still owns 27 percent of Orange, Orange has operated as a private company for years. Yet, when it comes to data collecting, it still works as if it was a state-owned company.

Orange employees help the DGSE create and develop new tools to collect and analyze data. Contrarily to PRISM, it’s not just an agreement between the government and big Internet companies, it’s an implicit “joint venture” that has been going on for around 30 years.

Both the government and the DGSE had no comment on the allegations. Orange CEO Stéphane Richard said that he wasn’t aware of what the DGSE was doing. He just granted access to Orange for employees of the DGSE in order to comply with the law. The three other main telecom companies denied the existence of similar programs with them.

Last July, Le Monde discovered that France has a PRISM-like program which collects thousands of trillions of metadata elements, collecting data on call history, recipient and sizes of text message, email subject etc. The program targets phone communications, emails and data from Internet giants, such as Google, Facebook, Apple, Microsoft and Yahoo.

The public outcry has been very moderated so far. These popular Internet services are still dominant. In other words, in France, convenience comes first, privacy second.

Update: An Orange spokesperson sent the following statement.

As is the case for all operators, Orange has relations with the French state’s services that are responsible for national security. This relationship takes place within a strict legal framework, under the responsibility of the state and appropriate legal control by judges.

Posted Mar 20, 2014 by Romain Dillet (@romaindillet)

Find this story at 20 March 2014

© 2013-2014 AOL Inc.

Another day, another round of troubling surveillance news. In a twist, though, today’s nugget has less to do with the US or the NSA but rather, France’s central intelligence agency, the DGSE. According to a leak by Edward Snowden to the French paper Le Monde, Orange, the country’s leading telecom, has been willingly sharing all of its call data with the agency. And according to the leaked document — originally belonging to the UK intelligence agency GCHQ — the French government’s records don’t just include metadata, but all the information Orange has on file. As you might expect, the DGSE then shares this information with other countries, including, of course, the UK, which had this incriminating document in the first place.

In a way, this isn’t surprising: the French government owns a 27 percent stake in the company. But until now, Orange has ostensibly been operating as a private firm. What’s more, the leaked document would suggest that the DGSE’s relationship with Orange has been cooperative, with Orange employees creating new tools to collect and interpret the data. If true, then, this arrangement would go beyond the DGSE merely requesting specific cell phone records and getting them. For now, both the French government and the DGSE have declined to comment, according to TechCrunch, while Orange CEO Stéphane Richard told LeMonde that he isn’t aware of what the DGSE is doing, but that Orange has granted access to the DGSE to comply with the law.

BY DANA WOLLMAN @DANAWOLLMAN MARCH 20TH 2014, AT 3:29:00 PM ET 16

Find this story at 20 March 2014

© 2014 AOL Inc.

Selon un document auquel “Le Monde” eu accès, l’opérateur historique France Télécom-Orange est un acteur essentiel du renseignement français.
On apprend souvent davantage de choses sur soi par des gens qui n’appartiennent pas à votre famille. Les Britanniques, un peu malgré eux, viennent de nous éclairer sur les liens hautement confidentiels qui existent entre les services secrets français, la Direction générale de la sécurité extérieure (DGSE) et l’opérateur historique de télécommunication France Télécom, qui a pris le nom d’Orange en février 2012.
Selon un document interne des services secrets techniques britanniques (GCHQ), l’équivalent de l’Agence nationale de sécurité (NSA) américaine, la DGSE entretient une coopération étroite avec « un opérateur de télécommunication français ». L’ancienneté de leurs liens, la description des savoir-faire spécifiques de l’entreprise ainsi que l’enquête du Monde permettent de conclure qu’il s’agit bien de France Télécom-Orange.

Lire les autres éléments de l’enquête Les services secrets britanniques ont accès aux données des clients français d’Orange

Lire les autres éléments de l’enquête Les X-Télécoms, maîtres d’œuvre du renseignement

Lire les autres éléments de l’enquête Surveillance : « Les opérateurs n’ont pas les moyens de résister aux Etats »

Selon le GCHQ, la DGSE et l’opérateur historique français travaillent ensemble pour améliorer les capacités nationales d’interception sur les réseaux de communication et collaborent pour casser les cryptages de données qui circulent dans les réseaux. France Télécom est un acteur important du système de surveillance en France.

COLLECTE DE DONNÉES LIBRE DE TOUT CONTRÔLE

Cette note, extraite des archives de la NSA par son ex-consultant Edward Snowden, assure que la relation entre la DGSE et l’opérateur français constitue un atout majeur par rapport à ses homologues occidentaux. L’une des forces de la DGSE résiderait dans le fait qu’elle ne se contente pas des autorisations accordées par le législateur pour accéder aux données des clients de France Télécom-Orange. Elle dispose surtout, à l’insu de tout contrôle, d’un accès libre et total à ses réseaux et aux flux de données qui y transitent.

Cette collecte libre de tout contrôle, par le biais de l’opérateur français, portant sur des données massives, concerne aussi bien des Français que des étrangers. Elle est utilisée par la DGSE, qui la met à la disposition de l’ensemble des agences de renseignement françaises au titre de la mutualisation du renseignement technique et de sa base de données. Ces données sont également partagées avec des alliés étrangers comme le GCHQ. Enfin, l’opérateur français développe, en partenariat avec la DGSE, des recherches en cryptologie.

Au plus haut niveau de l’Etat, en France, on se refuse à tout commentaire, mais on indique au Monde que, si la puissance publique est devenue minoritaire (27 %) au sein du capital de France Télécom, le plus ancien opérateur français reste considéré comme « un délégataire de service public ». Le savoir-faire de l’entreprise, qui fut en premier lieu une administration, contribue, de manière essentielle, « aujourd’hui comme hier », à la sécurité du territoire et à l’autonomie de décision des dirigeants français.

« Le rapport entre France Télécom et la DGSE n’est pas de même nature que celui révélé dans le programme Prism de la NSA, qui a des liens contractuels avec les géants d’Internet, explique un ancien chef de service de renseignement français. En France, c’est consubstantiel. » Il n’existe pas de formalisation de cette coopération entre la DGSE et France Télécom-Orange. Elle est portée par des personnes habilitées secret-défense, au sein de l’entreprise, et pérennisée, depuis au moins trente ans, par des ingénieurs, qui font la navette entre les deux institutions.

« USAGE INTERNE ET NON OFFICIEL »

Au quotidien, dans l’entreprise, ce lien est géré par un très petit nombre de personnes au sein de trois services. La direction des réseaux, en premier lieu, gère, notamment, les stations dites « d’atterrissement », où accostent les câbles sous-marins France Télécom-Orange touchant la France et par lesquels transitent les flux massifs de données collectées. Un tri préalable peut aisément être réalisé en fonction des pays et des régions d’origine, puis tout est stocké dans des locaux de la DGSE.

« Le transit massif des données est stocké pour un usage interne et non officiel, détaille un cadre attaché à la direction des réseaux. Mais le point névralgique, c’est l’accès au fournisseur d’accès, comme ça, vous croisez la circulation de la donnée et l’identité de ceux qui l’échangent. C’est pour cette raison que la DGSE est en contact avec l’ensemble des opérateurs français. »

La DGSE s’appuie aussi sur la direction internationale de l’opérateur, qui gère les filiales de téléphonie mobile à l’étranger. Orange joue dans certains cas un rôle stratégique. Il a ainsi accompagné les opérations militaires françaises au Mali et en Centrafrique. Enfin, la direction sécurité, chasse gardée des anciens de la direction technique de la DGSE, est le principal interlocuteur des services secrets. Elle veille, avec Orange Business Services, sur les questions de protection de données et de déchiffrement.

Interrogé, le patron d’Orange, Stéphane Richard, a indiqué que « des personnes habilitées secret-défense peuvent avoir à gérer, au sein de l’entreprise, la relation avec les services de l’Etat et notamment leur accès aux réseaux, mais elles n’ont pas à m’en référer. Tout ceci se fait sous la responsabilité des pouvoirs publics dans un cadre légal ». La DGSE s’est refusée à tout commentaire.

LE MONDE | 20.03.2014 à 11h25 • Mis à jour le 26.03.2014 à 16h14 |
Par Jacques Follorou

Find this story at 20 March 2013

© Le Monde.fr

The French intelligence agency in charge of military and electronic spying is massively collecting data and monitoring networks of telecoms giant Orange, Le Monde newspaper reported in its Friday edition.

A picture taken on February 24, 2014 in the French northern city of Lille, shows people walking in front of an Orange store

“The DGSE can read, like an open book, the origin and destination of all communications of Orange customers,” the paper said.

Monitoring operations were being carried out without any external supervision with access “free and total” for spies at the General Directorate for External Security (DGSE).

Le Monde said its report was based on an internal British intelligence document made available by former US intelligence contractor Edward Snowden.

Contacted by AFP, an Orange spokesman said the company “like all (other) operators has relations with state agencies in charge of the country’s and the French people’s security.”

“These relations strictly comply with the laws and are legal under the responsibility of the State and the control of judges,” he added.

The DGSE and agents with military clearance have been working with Orange, formerly known as France Telecom, “for at least 30 years”, said Le Monde.

The DGSE would not comment on the report.

Snowden, who has been charged in the United States with espionage, lives in exile in Russia.

He said earlier this month he had no regrets over his leaks about mass surveillance programmes by the US National Security Agency (NSA), saying they sparked a needed public debate on spying and data collection.

Published: 21 Mar 2014 at 03.49Online news: World

Find this story at 21 March 2014

© 2014 The Post Publishing PCL

Edward Snowden papers unmask close technical cooperation and loose alliance between British, German, French, Spanish and Swedish spy agencies

The German, French, Spanish and Swedish intelligence services have all developed methods of mass surveillance of internet and phone traffic over the past five years in close partnership with Britain’s GCHQ eavesdropping agency.

The bulk monitoring is carried out through direct taps into fibre optic cables and the development of covert relationships with telecommunications companies. A loose but growing eavesdropping alliance has allowed intelligence agencies from one country to cultivate ties with corporations from another to facilitate the trawling of the web, according to GCHQ documents leaked by the former US intelligence contractor Edward Snowden.

The files also make clear that GCHQ played a leading role in advising its European counterparts how to work around national laws intended to restrict the surveillance power of intelligence agencies.

The German, French and Spanish governments have reacted angrily to reports based on National Security Agency (NSA) files leaked by Snowden since June, revealing the interception of communications by tens of millions of their citizens each month. US intelligence officials have insisted the mass monitoring was carried out by the security agencies in the countries involved and shared with the US.

The US director of national intelligence, James Clapper, suggested to Congress on Tuesday that European governments’ professed outrage at the reports was at least partly hypocritical. “Some of this reminds me of the classic movie Casablanca: ‘My God, there’s gambling going on here,’ ” he said.

Sweden, which passed a law in 2008 allowing its intelligence agency to monitor cross-border email and phone communications without a court order, has been relatively muted in its response.

The German government, however, has expressed disbelief and fury at the revelations from the Snowden documents, including the fact that the NSA monitored Angela Merkel’s mobile phone calls.

After the Guardian revealed the existence of GCHQ’s Tempora programme, in which the electronic intelligence agency tapped directly into the transatlantic fibre optic cables to carry out bulk surveillance, the German justice minister, Sabine Leutheusser-Schnarrenberger, said it sounded “like a Hollywood nightmare”, and warned the UK government that free and democratic societies could not flourish when states shielded their actions in “a veil of secrecy”.

‘Huge potential’

However, in a country-by-country survey of its European partners, GCHQ officials expressed admiration for the technical capabilities of German intelligence to do the same thing. The survey in 2008, when Tempora was being tested, said the Federal Intelligence Service (BND), had “huge technological potential and good access to the heart of the internet – they are already seeing some bearers running at 40Gbps and 100Gbps”.

Bearers is the GCHQ term for the fibre optic cables, and gigabits per second (Gbps) measures the speed at which data runs through them. Four years after that report, GCHQ was still only able to monitor 10 Gbps cables, but looked forward to tap new 100 Gbps bearers eventually. Hence the admiration for the BND.

The document also makes clear that British intelligence agencies were helping their German counterparts change or bypass laws that restricted their ability to use their advanced surveillance technology. “We have been assisting the BND (along with SIS [Secret Intelligence Service] and Security Service) in making the case for reform or reinterpretation of the very restrictive interception legislation in Germany,” it says.

The country-by-country survey, which in places reads somewhat like a school report, also hands out high marks to the GCHQ’s French partner, the General Directorate for External Security (DGSE). But in this case it is suggested that the DGSE’s comparative advantage is its relationship with an unnamed telecommunications company, a relationship GCHQ hoped to leverage for its own operations.

“DGSE are a highly motivated, technically competent partner, who have shown great willingness to engage on IP [internet protocol] issues, and to work with GCHQ on a “cooperate and share” basis.”

Noting that the Cheltenham-based electronic intelligence agency had trained DGSE technicians on “multi-disciplinary internet operations”, the document says: “We have made contact with the DGSE’s main industry partner, who has some innovative approaches to some internet challenges, raising the potential for GCHQ to make use of this company in the protocol development arena.”

GCHQ went on to host a major conference with its French partner on joint internet-monitoring initiatives in March 2009 and four months later reported on shared efforts on what had become by then GCHQ’s biggest challenge – continuing to carry out bulk surveillance, despite the spread of commercial online encryption, by breaking that encryption.

“Very friendly crypt meeting with DGSE in July,” British officials reported. The French were “clearly very keen to provide presentations on their work which included cipher detection in high-speed bearers. [GCHQ’s] challenge is to ensure that we have enough UK capability to support a longer term crypt relationship.”

Fresh opportunities

In the case of the Spanish intelligence agency, the National Intelligence Centre (CNI), the key to mass internet surveillance, at least back in 2008, was the Spaniards’ ties to a British telecommunications company (again unnamed. Corporate relations are among the most strictly guarded secrets in the intelligence community). That was giving them “fresh opportunities and uncovering some surprising results.

“GCHQ has not yet engaged with CNI formally on IP exploitation, but the CNI have been making great strides through their relationship with a UK commercial partner. GCHQ and the commercial partner have been able to coordinate their approach. The commercial partner has provided the CNI some equipment whilst keeping us informed, enabling us to invite the CNI across for IP-focused discussions this autumn,” the report said. It concluded that GCHQ “have found a very capable counterpart in CNI, particularly in the field of Covert Internet Ops”.

GCHQ was clearly delighted in 2008 when the Swedish parliament passed a bitterly contested law allowing the country’s National Defence Radio Establishment (FRA) to conduct Tempora-like operations on fibre optic cables. The British agency also claimed some credit for the success.

“FRA have obtained a … probe to use as a test-bed and we expect them to make rapid progress in IP exploitation following the law change,” the country assessment said. “GCHQ has already provided a lot of advice and guidance on these issues and we are standing by to assist the FRA further once they have developed a plan for taking the work forwards.”

The following year, GCHQ held a conference with its Swedish counterpart “for discussions on the implications of the new legislation being rolled out” and hailed as “a success in Sweden” the news that FRA “have finally found a pragmatic solution to enable release of intelligence to SAEPO [the internal Swedish security service.]”

GCHQ also maintains strong relations with the two main Dutch intelligence agencies, the external MIVD and the internal security service, the AIVD.

“Both agencies are small, by UK standards, but are technically competent and highly motivated,” British officials reported. Once again, GCHQ was on hand in 2008 for help in dealing with legal constraints. “The AIVD have just completed a review of how they intend to tackle the challenges posed by the internet – GCHQ has provided input and advice to this report,” the country assessment said.

“The Dutch have some legislative issues that they need to work through before their legal environment would allow them to operate in the way that GCHQ does. We are providing legal advice on how we have tackled some of these issues to Dutch lawyers.”

European allies

In the score-card of European allies, it appears to be the Italians who come off the worse. GCHQ expresses frustration with the internal friction between Italian agencies and the legal limits on their activities.

“GCHQ has had some CT [counter-terrorism] and internet-focused discussions with both the foreign intelligence agency (AISE) and the security service (AISI), but has found the Italian intelligence community to be fractured and unable/unwilling to cooperate with one another,” the report said.

A follow-up bulletin six months later noted that GCHQ was “awaiting a response from AISI on a recent proposal for cooperation – the Italians had seemed keen, but legal obstacles may have been hindering their ability to commit.”

It is clear from the Snowden documents that GCHQ has become Europe’s intelligence hub in the internet age, and not just because of its success in creating a legally permissive environment for its operations. Britain’s location as the European gateway for many transatlantic cables, and its privileged relationship with the NSA has made GCHQ an essential partner for European agencies. The documents show British officials frequently lobbying the NSA on sharing of data with the Europeans and haggling over its security classification so it can be more widely disseminated. In the intelligence world, far more than it managed in diplomacy, Britain has made itself an indispensable bridge between America and Europe’s spies.

Julian Borger
The Guardian, Friday 1 November 2013 17.02 GMT

Find this story at 1 November 2013

© 2014 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Spain and France’s intelligence agencies carried out collection of phone records and shared them with NSA, agency says

European intelligence agencies and not American spies were responsible for the mass collection of phone records which sparked outrage in France and Spain, the US has claimed.
General Keith Alexander, the head of the National Security Agency, said reports that the US had collected millions of Spanish and French phone records were “absolutely false”.
“To be perfectly clear, this is not information that we collected on European citizens,” Gen Alexander said when asked about the reports, which were based on classified documents leaked by Edward Snowden, the former NSA contractor.
Shortly before the NSA chief appeared before a Congressional committee, US officials briefed the Wall Street Journal that in fact Spain and France’s own intelligence agencies had carried out the surveillance and then shared their findings with the NSA.
The anonymous officials claimed that the monitored calls were not even made within Spanish and French borders and could be surveillance carried on outside of Europe.

In an aggressive rebuttal of the reports in the French paper Le Monde and the Spanish El Mundo, Gen Alexander said “they and the person who stole the classified data [Mr Snowden] do not understand what they were looking at” when they published slides from an NSA document.
The US push back came as President Barack Obama was said to be on the verge of ordering a halt to spying on the heads of allied governments.
The White House said it was looking at all US spy activities in the wake of leaks by Mr Snowden but was putting a “special emphasis on whether we have the appropriate posture when it comes to heads of state”.
Mr Obama was reported to have already halted eavesdropping at UN’s headquarters in New York.
German officials said that while the White House’s public statements had become more conciliatory there remained deep wariness and that little progress had been made behind closed doors in formalising an American commitment to curb spying.
“An agreement that you feel might be broken at any time is not worth very much,” one diplomat told The Telegraph.
“We need to re-establish trust and then come to some kind of understanding comparable to the [no spy agreement] the US has with other English speaking countries.”
Despite the relatively close US-German relations, the White House is reluctant to be drawn into any formal agreement and especially resistant to demands that a no-spy deal be expanded to cover all 28 EU member states.
Viviane Reding, vice-president of the European Commission and EU justice commissioner, warned that the spying row could spill over and damage talks on a free-trade agreement between the EU and US.
“Friends and partners do not spy on each other,” she said in a speech in Washington. “For ambitious and complex negotiations to succeed there needs to be trust among the negotiating partners. It is urgent and essential that our US partners take clear action to rebuild trust.”
A spokesman for the US trade negotiators said it would be “unfortunate to let these issues – however important – distract us” from reaching a deal vital to freeing up transatlantic trade worth $3.3 billion dollars (£2bn) a day.
James Clapper, America’s top national intelligence, told a Congressional hearing yesterday the US does not “spy indiscriminately on the citizens of any country”.
“We do not spy on anyone except for valid foreign intelligence purposes, and we only work within the law,” Mr Clapper said. “To be sure on occasions we’ve made mistakes, some quite significant, but these are usually caused by human error or technical problems.”
Pressure from European leaders was added to as some of the US intelligence community’s key Congressional allies balked at the scale of surveillance on friendly governments.
Dianne Feinstein, the chair of powerful Senate intelligence committee, said she was “totally opposed” to tapping allied leaders and called for a wide-ranging Senate review of the activities of US spy agencies.
“I do not believe the United States should be collecting phone calls or emails of friendly presidents and prime ministers,” she said.
John Boehner, the Republican speaker of the house and a traditional hawk on national security, said US spy policy was “imbalanced” and backed calls for a review.
Mr Boehner has previously been a staunch advocate of the NSA and faced down a July rebellion by libertarian Republicans who tried to pass a law significantly curbing the agency’s power.

By Raf Sanchez, Peter Foster in Washington8:35PM GMT 29 Oct 2013 Comments15 Comments

Find this story at 29 October 2013

© Copyright of Telegraph Media Group Limited 2014

U.S. officials are alerting some foreign intelligence services that documents detailing their secret cooperation with the United States have been obtained by former National Security Agency contractor Edward Snowden, according to government officials.

Snowden, U.S. officials said, took tens of thousands of military intelligence documents, some of which contain sensitive material about collection programs against adversaries such as Iran, Russia and China. Some refer to operations that in some cases involve countries not publicly allied with the United States.

The process of informing officials in capital after capital about the risk of disclosure is delicate. In some cases, one part of the cooperating government may know about the collaboration while others — such as the foreign ministry — may not, the officials said. The documents, if disclosed, could compromise operations, officials said.

The notifications come as the Obama administration is scrambling to placate allies after allegations that the NSA has spied on foreign leaders, including German Chancellor Angela Merkel. The reports have forced the administration to play down operations targeting friends while also attempting to preserve other programs that depend on provisional partners. In either case, trust in the United States may be compromised.

“It is certainly a concern, just as much as the U.S. collection [of information on European allies] being put in the news, if not more, because not only does it mean we have the potential of losing collection, but also of harming relationships,” a congressional aide said.

The Office of the Director of National Intelligence is handling the job of informing the other intelligence services, the officials said. ODNI declined to comment.

In one case, for instance, the files contain information about a program run from a NATO country against Russia that provides valuable intelligence for the U.S. Air Force and Navy, said one U.S. official, who requested anonymity to discuss an ongoing criminal investigation. Snowden faces theft and espionage charges.

“If the Russians knew about it, it wouldn’t be hard for them to take appropriate measures to put a stop to it,” the official said.

Snowden lifted the documents from a top-secret network run by the Defense Intelligence Agency and used by intelligence arms of the Army, Air Force, Navy and Marines, according to sources, who spoke on the condition of anonymity to discuss sensitive matters.

Snowden took 30,000 documents that involve the intelligence work of one of the services, the official said. He gained access to the documents through the Joint Worldwide Intelligence Communications System, or JWICS, for top-secret/sensitive compartmented information, the sources said.

The material in question does not deal with NSA surveillance but primarily with standard intelligence about other countries’ military capabilities, including weapons systems — missiles, ships and jets, the officials say.

Although Snowden obtained a large volume of documents, he is not believed to have shared all of them with journalists, sources say. Moreover, he has stressed to those he has given documents that he does not want harm to result.

“He’s made it quite clear that he was not going to compromise legitimate national intelligence and national security operations,” said Thomas Drake, a former NSA executive who visited Snowden in Moscow this month. Snowden separately told Drake and a New York Times reporter that he did not take any documents with him to Russia. “There’s a zero percent chance the Russians or Chinese have received any documents,” Snowden told the Times in an online interview last week.

Indeed, Drake said, Snowden made clear in their conversation that he had learned the lessons of prior disclosures, including those by an Army private who passed hundreds of thousands of diplomatic cables to the anti-
secrecy organization WikiLeaks, which posted them in bulk online. “It’s telling,” Drake said, “that he did not give anything to WikiLeaks.”

Nonetheless, the military intelligence agencies remain fearful, officials said. The NSA in recent months has provided them with an accounting of the documents it believes Snowden obtained.

Intelligence officials said that they could discern no pattern to the military intelligence documents taken and that Snowden appeared to have harvested them at random. “It didn’t seem like he was targeting something specific,” the U.S. official said.

The notifications are reminiscent of what the State Department had to do in late 2010 in anticipation of the release of hundreds of thousands of sensitive diplomatic cables by WikiLeaks. The department feared that embarrassing details in some of the cables would lead to tension in relations between the United States and other countries.

In the case of WikiLeaks, the State Department had a number of months to assess the potential impact of the cables’ release and devise a strategy, former State Department spokesman P.J. Crowley said.

“I’m not sure there were that many startling surprises in the cables,” he said. But there was damage on a country-by-country basis, he said.

For instance, some of the cables reflected unfavorably on ­then-Libyan leader Moammar Gaddafi, alleging that he feared flying over water and almost never traveled without his “voluptuous blonde” Ukrainian nurse. “All of a sudden we found there were some unsavory guys following” then-U.S. Ambassador to Libya Gene Cretz, Crowley said. “We brought him home for consultations and did not send him back.”

“But broadly speaking,” Crowley said, “relationships are guided by interests, rather than personalities, and, over time, interests carry the day.”

The fundamental issue is one of trust, officials said. “We depend to a very great extent on intelligence-sharing relationships with foreign partners, mostly governments — or, in some cases, organizations within governments,” a second U.S. official said. “If they tell us something, we will keep it secret. We expect the same of them. [If that trust is undermined,] these countries, at a minimum, will be thinking twice if they’re going to share something with us or not.”

Snowden has instructed the reporters with whom he has shared records to use their judgment to avoid publishing anything that would cause harm. “I carefully evaluated every single document I disclosed to ensure that each was legitimately in the public interest,” he told the Guardian newspaper. “There are all sorts of documents that would have made a big impact that I didn’t turn over, because harming people isn’t my goal. Transparency is.”

It is those documents that may not be subject to journalistic vetting or may be breached by hackers that worry some intelligence officials. Snowden is known to have given documents in any quantity to only three journalists: The Post’s Barton Gellman, independent filmmaker Laura Poitras and former Guardian columnist Glenn Greenwald.

So far, Drake said, no such documents have been released. Snowden’s disclosures about the NSA have prompted a global debate about the proper scope and purpose of U.S. espionage — against its own and other countries’ citizens.

“I consider that a good thing,” Drake said.

By Ellen Nakashima, Published: October 24

Find this story at 24 October 2013

© The Washington Post Company

Espionage by the US on France has already strained relations between the two countries, threatening a trans-Atlantic trade agreement. Now a document seen by SPIEGEL reveals that the NSA also spied on the French Foreign Ministry.

America’s National Security Agency (NSA) targeted France’s Foreign Ministry for surveillance, according to an internal document seen by SPIEGEL.

Dated June 2010, the “top secret” NSA document reveals that the intelligence agency was particularly interested in the diplomats’ computer network. All of the country’s embassies and consulates are connected with the Paris headquarters via a virtual private network (VPN), technology that is generally considered to be secure.

Accessing the Foreign Ministry’s network was considered a “success story,” and there were a number of incidents of “sensitive access,” the document states.

An overview lists different web addresses tapped into by the NSA, among them “diplomatie.gouv.fr,” which was run from the Foreign Ministry’s server. A list from September 2010 says that French diplomatic offices in Washington and at the United Nations in New York were also targeted, and given the codenames “Wabash” and “Blackfoot,” respectively. NSA technicians installed bugs in both locations and conducted a “collection of computer screens” at the one at the UN.

A priority list also names France as an official target for the intelligence agency. In particular, the NSA was interested in the country’s foreign policy objectives, especially the weapons trade, and economic stability.

US-French relations are being strained by such espionage activities. In early July, French President François Hollande threatened to suspend negotiations for a trans-Atlantic free trade agreement, demanding a guarantee from the US that it would cease spying after it was revealed that the French embassy in Washington had been targeted by the NSA.

“There can be no negotiations or transactions in all areas until we have obtained these guarantees, for France but also for all of the European Union, for all partners of the United States,” he said at the time.

The NSA declined to comment to SPIEGEL on the matter. As details about the scope of the agency’s international spying operations continue to emerge, Washington has come under increasing pressure from its trans-Atlantic partners. Officials in Europe have expressed concern that negotiations for the trade agreement would be poisoned by a lack of trust.

09/01/2013 09:32 AM

Find this story at 1 September 2013

© SPIEGEL ONLINE 2013

Top-secret documents from the National Security Agency and its British counterpart reveal for the first time how the governments of the United States and the United Kingdom targeted WikiLeaks and other activist groups with tactics ranging from covert surveillance to prosecution.

The efforts – detailed in documents provided previously by NSA whistleblower Edward Snowden – included a broad campaign of international pressure aimed not only at WikiLeaks founder Julian Assange, but at what the U.S. government calls “the human network that supports WikiLeaks.” The documents also contain internal discussions about targeting the file-sharing site Pirate Bay and hacktivist collectives such as Anonymous.

One classified document from Government Communications Headquarters, Britain’s top spy agency, shows that GCHQ used its surveillance system to secretly monitor visitors to a WikiLeaks site. By exploiting its ability to tap into the fiber-optic cables that make up the backbone of the Internet, the agency confided to allies in 2012, it was able to collect the IP addresses of visitors in real time, as well as the search terms that visitors used to reach the site from search engines like Google.

Another classified document from the U.S. intelligence community, dated August 2010, recounts how the Obama administration urged foreign allies to file criminal charges against Assange over the group’s publication of the Afghanistan war logs.

A third document, from July 2011, contains a summary of an internal discussion in which officials from two NSA offices – including the agency’s general counsel and an arm of its Threat Operations Center – considered designating WikiLeaks as “a ‘malicious foreign actor’ for the purpose of targeting.” Such a designation would have allowed the group to be targeted with extensive electronic surveillance – without the need to exclude U.S. persons from the surveillance searches.

In 2008, not long after WikiLeaks was formed, the U.S. Army prepared a report that identified the organization as an enemy, and plotted how it could be destroyed. The new documents provide a window into how the U.S. and British governments appear to have shared the view that WikiLeaks represented a serious threat, and reveal the controversial measures they were willing to take to combat it.

In a statement to The Intercept, Assange condemned what he called “the reckless and unlawful behavior of the National Security Agency” and GCHQ’s “extensive hostile monitoring of a popular publisher’s website and its readers.”

“News that the NSA planned these operations at the level of its Office of the General Counsel is especially troubling,” Assange said. “Today, we call on the White House to appoint a special prosecutor to investigate the extent of the NSA’s criminal activity against the media, including WikiLeaks, its staff, its associates and its supporters.”

Illustrating how far afield the NSA deviates from its self-proclaimed focus on terrorism and national security, the documents reveal that the agency considered using its sweeping surveillance system against Pirate Bay, which has been accused of facilitating copyright violations. The agency also approved surveillance of the foreign “branches” of hacktivist groups, mentioning Anonymous by name.

The documents call into question the Obama administration’s repeated insistence that U.S. citizens are not being caught up in the sweeping surveillance dragnet being cast by the NSA. Under the broad rationale considered by the agency, for example, any communication with a group designated as a “malicious foreign actor,” such as WikiLeaks and Anonymous, would be considered fair game for surveillance.

Julian Sanchez, a research fellow at the Cato Institute who specializes in surveillance issues, says the revelations shed a disturbing light on the NSA’s willingness to sweep up American citizens in its surveillance net.

“All the reassurances Americans heard that the broad authorities of the FISA Amendments Act could only be used to ‘target’ foreigners seem a bit more hollow,” Sanchez says, “when you realize that the ‘foreign target’ can be an entire Web site or online forum used by thousands if not millions of Americans.”
GCHQ Spies on WikiLeaks Visitors

The system used by GCHQ to monitor the WikiLeaks website – codenamed ANTICRISIS GIRL – is described in a classified PowerPoint presentation prepared by the British agency and distributed at the 2012 “SIGDEV Conference.” At the annual gathering, each member of the “Five Eyes” alliance – the United States, United Kingdom, Canada, Australia and New Zealand – describes the prior year’s surveillance successes and challenges.

In a top-secret presentation at the conference, two GCHQ spies outlined how ANTICRISIS GIRL was used to enable “targeted website monitoring” of WikiLeaks (See slides 33 and 34). The agency logged data showing hundreds of users from around the world, including the United States, as they were visiting a WikiLeaks site –contradicting claims by American officials that a deal between the U.K. and the U.S. prevents each country from spying on the other’s citizens.

The IP addresses collected by GCHQ are used to identify individual computers that connect to the Internet, and can be traced back to specific people if the IP address has not been masked using an anonymity service. If WikiLeaks or other news organizations were receiving submissions from sources through a public dropbox on their website, a system like ANTICRISIS GIRL could potentially be used to help track them down. (WikiLeaks has not operated a public dropbox since 2010, when it shut down its system in part due to security concerns over surveillance.)

In its PowerPoint presentation, GCHQ identifies its target only as “wikileaks.” One slide, displaying analytics derived from the surveillance, suggests that the site monitored was the official wikileaks.org domain. It shows that users reached the targeted site by searching for “wikileaks.org” and for “maysan uxo,” a term associated with a series of leaked Iraq war logs that are hosted on wikileaks.org.

The ANTICRISIS GIRL initiative was operated by a GCHQ unit called Global Telecoms Exploitation (GTE), which was previously reported by The Guardian to be linked to the large-scale, clandestine Internet surveillance operation run by GCHQ, codenamed TEMPORA.

Operating in the United Kingdom and from secret British eavesdropping bases in Cyprus and other countries, GCHQ conducts what it refers to as “passive” surveillance – indiscriminately intercepting massive amounts of data from Internet cables, phone networks and satellites. The GTE unit focuses on developing “pioneering collection capabilities” to exploit the stream of data gathered from the Internet.

As part of the ANTICRISIS GIRL system, the documents show, GCHQ used publicly available analytics software called Piwik to extract information from its surveillance stream, not only monitoring visits to targeted websites like WikiLeaks, but tracking the country of origin of each visitor.

It is unclear from the PowerPoint presentation whether GCHQ monitored the WikiLeaks site as part of a pilot program designed to demonstrate its capability, using only a small set of covertly collected data, or whether the agency continues to actively deploy its surveillance system to monitor visitors to WikiLeaks. It was previously reported in The Guardian that X-KEYSCORE, a comprehensive surveillance weapon used by both NSA and GCHQ, allows “an analyst to learn the IP addresses of every person who visits any website the analyst specifies.”

GCHQ refused to comment on whether ANTICRISIS GIRL is still operational. In an email citing the agency’s boilerplate response to inquiries, a spokeswoman insisted that “all of GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorized, necessary and proportionate, and that there is rigorous oversight.”

But privacy advocates question such assurances. “How could targeting an entire website’s user base be necessary or proportionate?” says Gus Hosein, executive director of the London-based human rights group Privacy International. “These are innocent people who are turned into suspects based on their reading habits. Surely becoming a target of a state’s intelligence and security apparatus should require more than a mere click on a link.”

The agency’s covert targeting of WikiLeaks, Hosein adds, call into question the entire legal rationale underpinning the state’s system of surveillance. “We may be tempted to see GCHQ as a rogue agency, ungoverned in its use of unprecedented powers generated by new technologies,” he says. “But GCHQ’s actions are authorized by [government] ministers. The fact that ministers are ordering the monitoring of political interests of Internet users shows a systemic failure in the rule of law.”
Going After Assange and His Supporters

The U.S. attempt to pressure other nations to prosecute Assange is recounted in a file that the intelligence community calls its “Manhunting Timeline.” The document details, on a country-by-country basis, efforts by the U.S. government and its allies to locate, prosecute, capture or kill alleged terrorists, drug traffickers, Palestinian leaders and others. There is a timeline for each year from 2008 to 2012.

An entry from August 2010 – headlined “United States, Australia, Great Britain, Germany, Iceland” – states: “The United States on August 10 urged other nations with forces in Afghanistan, including Australia, United Kingdom, and Germany, to consider filing criminal charges against Julian Assange.” It describes Assange as the “founder of the rogue Wikileaks Internet website and responsible for the unauthorized publication of over 70,000 classified documents covering the war in Afghanistan.”

In response to questions from The Intercept, the NSA suggested that the entry is “a summary derived from a 2010 article” in the Daily Beast. That article, which cited an anonymous U.S. official, reported that “the Obama administration is pressing Britain, Germany, Australia, and other allied Western governments to consider opening criminal investigations of WikiLeaks founder Julian Assange and to severely limit his nomadic travels across international borders.”

The government entry in the “Manhunting Timeline” adds Iceland to the list of Western nations that were pressured, and suggests that the push to prosecute Assange is part of a broader campaign. The effort, it explains, “exemplifies the start of an international effort to focus the legal element of national power upon non-state actor Assange, and the human network that supports WikiLeaks.” The entry does not specify how broadly the government defines that “human network,” which could potentially include thousands of volunteers, donors and journalists, as well as people who simply spoke out in defense of WikiLeaks.

In a statement, the NSA declined to comment on the documents or its targeting of activist groups, noting only that the agency “provides numerous opportunities and forums for their analysts to explore hypothetical or actual circumstances to gain appropriate advice on the exercise of their authorities within the Constitution and the law, and to share that advice appropriately.”

But the entry aimed at WikiLeaks comes from credentialed officials within the intelligence community. In an interview in Hong Kong last June, Edward Snowden made clear that the only NSA officials empowered to write such entries are those “with top-secret clearance and public key infrastructure certificates” – a kind of digital ID card enabling unique access to certain parts of the agency’s system. What’s more, Snowden added, the entries are “peer reviewed” – and every edit made is recorded by the system.

The U.S. launched its pressure campaign against WikiLeaks less than a week after the group began publishing the Afghanistan war logs on July 25, 2010. At the time, top U.S. national security officials accused WikiLeaks of having “blood” on its hands. But several months later, McClatchy reported that “U.S. officials concede that they have no evidence to date that the documents led to anyone’s death.”

The government targeting of WikiLeaks nonetheless continued. In April 2011, Salon reported that a grand jury in Virginia was actively investigating both the group and Assange on possible criminal charges under espionage statutes relating to the publication of classified documents. And in August of 2012, the Sydney Morning Herald, citing secret Australian diplomatic cables, reported that “Australian diplomats have no doubt the United States is still gunning for Julian Assange” and that “Australia’s diplomatic service takes seriously the likelihood that Assange will eventually be extradited to the US on charges arising from WikiLeaks obtaining leaked US military and diplomatic documents.”

Bringing criminal charges against WikiLeaks or Assange for publishing classified documents would be highly controversial – especially since the group partnered with newspapers like The Guardian and The New York Times to make the war logs public. “The biggest challenge to the press today is the threatened prosecution of WikiLeaks, and it’s absolutely frightening,” James Goodale, who served as chief counsel of the Times during its battle to publish The Pentagon Papers, told the Columbia Journalism Review last March. “If you go after the WikiLeaks criminally, you go after the Times. That’s the criminalization of the whole process.”

In November 2013, The Washington Post, citing anonymous officials, reported that the Justice Department strongly considered prosecuting Assange, but concluded it “could not do so without also prosecuting U.S. news organizations and journalists” who had partnered with WikiLeaks to publish the documents. According to the Post, officials “realized that they have what they described as a ‘New York Times problem’” – namely, that any theory used to bring charges against Assange would also result in criminal liability for the Times, The Guardian, and other papers which also published secret documents provided to WikiLeaks.
NSA proposals to target WikiLeaks

As the new NSA documents make clear, however, the U.S. government did more than attempt to engineer the prosecution of Assange. NSA analysts also considered designating WikiLeaks as a “malicious foreign actor” for surveillance purposes – a move that would have significantly expanded the agency’s ability to subject the group’s officials and supporters to extensive surveillance.

Such a designation would allow WikiLeaks to be targeted with surveillance without the use of “defeats” – an agency term for technical mechanisms to shield the communications of U.S. persons from getting caught in the dragnet.

That top-secret document – which summarizes a discussion between the NSA’s Office of the General Counsel and the Oversight and Compliance Office of the agency’s Threat Operations Center – spells out a rationale for including American citizens in the surveillance:

“If the foreign IP is consistently associated with malicious cyber activity against the U.S., so, tied to a foreign individual or organization known to direct malicious activity our way, then there is no need to defeat any to, from, or about U.S. Persons. This is based on the description that one end of the communication would always be this suspect foreign IP, and so therefore any U.S. Person communicant would be incidental to the foreign intelligence task.”

In short, labeling WikiLeaks a “malicious foreign target” would mean that anyone communicating with the organization for any reason – including American citizens – could have their communications subjected to government surveillance.

When NSA officials are asked in the document if WikiLeaks or Pirate Bay could be designated as “malicious foreign actors,” the reply is inconclusive: “Let us get back to you.” There is no indication of whether either group was ever designated or targeted in such a way.

The NSA’s lawyers did, however, give the green light to subject other activists to heightened surveillance. Asked if it would be permissible to “target the foreign actors of a loosely coupled group of hackers … such as with Anonymous,” the response is unequivocal: “As long as they are foreign individuals outside of the US and do not hold dual citizenship … then you are okay.”
NSA Lawyers: “It’s Nothing to Worry About”

Sanchez, the surveillance expert with the Cato Institute, says the document serves as “a reminder that NSA essentially has carte blanche to spy on non-Americans. In public statements, intelligence officials always talk about spying on ‘terrorists,’ as if those are the only targets — but Section 702 [of the 2008 FISA Amendments Act] doesn’t say anything about ‘terrorists.’ They can authorize collection on any ‘persons reasonably believed to be [located] outside the United States,’ with ‘persons’ including pretty much any kind of group not ‘substantially’ composed of Americans.”

Sanchez notes that while it makes sense to subject some full-scale cyber-attacks to government surveillance, “it would make no sense to lump together foreign cyberattackers with sites voluntarily visited by enormous numbers of Americans, like Pirate Bay or WikiLeaks.”

Indeed, one entry in the NSA document expressly authorizes the targeting of a “malicious” foreign server – offering Pirate Bay as a specific example –“even if there is a possibility that U.S. persons could be using it as well.” NSA officials agree that there is no need to exclude Americans from the surveillance, suggesting only that the agency’s spies “try to minimize” how many U.S. citizens are caught in the dragnet.

Another entry even raises the possibility of using X-KEYSCORE, one of the agency’s most comprehensive surveillance programs, to target communications between two U.S.-based Internet addresses if they are operating through a “proxy” being used for “malicious foreign activity.” In response, the NSA’s Threat Operations Center approves the targeting, but the agency’s general counsel requests “further clarification before signing off.”

If WikiLeaks were improperly targeted, or if a U.S. citizen were swept up in the NSA’s surveillance net without authorization, the agency’s attitude seems to be one of indifference. According to the document – which quotes a response by the NSA’s Office of General Counsel and the oversight and compliance office of its Threat Operations Center – discovering that an American has been selected for surveillance must be mentioned in a quarterly report, “but it’s nothing to worry about.”

The attempt to target WikiLeaks and its broad network of supporters drew sharp criticism from the group and its allies. “These documents demonstrate that the political persecution of WikiLeaks is very much alive,” says Baltasar Garzón, the Spanish former judge who now represents the group. “The paradox is that Julian Assange and the WikiLeaks organization are being treated as a threat instead of what they are: a journalist and a media organization that are exercising their fundamental right to receive and impart information in its original form, free from omission and censorship, free from partisan interests, free from economic or political pressure.”

For his part, Assange remains defiant. “The NSA and its U.K. accomplices show no respect for the rule of law,” he told The Intercept. “But there is a cost to conducting illicit actions against a media organization.” Referring to a criminal complaint that the group filed last year against “interference with our journalistic work in Europe,” Assange warned that “no entity, including the NSA, should be permitted to act against a journalist with impunity.”

Assange indicated that in light of the new documents, the group may take further legal action.

“We have instructed our general counsel, Judge Baltasar Garzón, to prepare the appropriate response,” he said. “The investigations into attempts to interfere with WikiLeaks’ work will go wherever they need to go. Make no mistake: those responsible will be held to account and brought to justice.”

By Glenn Greenwald and Ryan Gallagher
18 Feb 2014, 1:50 AM EST

Find this story at 18 February 2014

© 2014 First Look Productions, Inc.

Leaked documents posted by Glenn Greenwald and Ryan Gallagher hint at the discussions that took place around online actors like WikiLeaks, The Pirate Bay, and Anonymous, as well as the standards for spying on foreign and domestic internet users. At The Intercept, Greenwald and Gallagher have revealed details about when the NSA and agencies abroad believe it’s acceptable to target a person or site without “defeats” or measures to prevent collecting American information, with an eye towards groups that have proved a thorn in the side of government agencies.

Julian Assange appears in national security ‘Manhunting Timeline’

“Can we treat a foreign server who stores, or potentially disseminates leaked or stolen US data on it’s [sic] server as a ‘malicious foreign actor’ for the purpose of targeting with no defeats? Examples: WikiLeaks, thepiratebay.org, etc.” says one of several frequently asked questions apparently posted to an intelligence wiki for the US and other nations in the Five Eyes surveillance partnership. “Let us get back to you,” said a response from the NSA/CSS [Central Security Service] Threat Operation Center and the NSA’s Office of General Counsel. Another question asks whether it’s legal to target members of Anonymous who operate outside the US. “As long as they are foreign individuals outside of the US and do not hold dual citizenship… then you are okay,” came the answer. Agencies were not, however, apparently allowed to store copies of classified documents leaked by Anonymous or other groups in order to analyze the data.

WikiLeaks in particular came under fire. In addition to these questions, The Intercept leaked parts of a “Manhunting Timeline” that details where and how the US government is attempting to find, capture, or kill terrorists, drug traffickers, and others. This timeline apparently included information on Julian Assange, including attempts to pressure foreign governments into taking legal action against him and “the human network that supports WikiLeaks.” None of this comes as a surprise — the government’s attempts to get governments to put pressure on Assange is well known. Likewise, Anonymous has allegedly compromised government computers, and it’s not strange that the NSA wants to monitor it. The question of treating leaked document repositories as malicious foreign actors is thornier, playing into much larger debates over whether non-traditional journalism should be given the same protection as older outlets like The New York Times.

“If you ‘guess’ foreign and it’s not, then it is a serious violation.”

More generally, the document shows a complicated dance between minimizing US data collection and casting an expansive net over foreign surveillance. According to the FAQ, it’s legal to monitor foreign servers that Americans visit (The Pirate Bay is cited again) so long as agents attempt to filter out US information. The same goes for botnets that are operated from hacked US computers by a foreign source. As before, the document points to a fairly low standard for being certain that a target is foreign: 51 percent. A more complicated question is how agents are allowed to search traffic from US-based web giants like Gmail and Twitter. If an agency knows that a foreign potential threat is using one of these sites, it’s theoretically possible to look for traffic from it. But “if you ‘guess’ foreign and it’s not, then it is a serious violation.” In general, though, accidentally making queries a US person who was believed to be foreign was “nothing to worry about,” although it had to be logged for the Office of General Counsel.

The revelations here are far less conclusive than many of the leaked documents published so far. One slide apparently from an expanded version of this GCHQ document shows an analytics page that seems to monitor visits to WikiLeaks, including which countries visitors came from and how they found the site. But it’s not clear whether this is an ongoing program or a proof of concept test, especially given how few visits appear to be logged. The results are also broadly similar to what someone would get from a basic analytics page, not detailed user information. This slideshow and the FAQ do, however, give us a look into how the NSA and other agencies view online spycraft, both inside and outside the US.

By Adi Robertson on February 18, 2014 10:36 am

Find this story at 18 February 2014

© 2014 Vox Media,

Squeaky Dolphin, GCHQ’s broad social media monitoring tool, is part of the agency’s campaign to “understand and shape the Human Terrain”—that is, regional public sentiment.

Documents obtained by former NSA contractor Edward Snowden and published on The Intercept show that NSA analysts monitored content on The Pirate Bay and used the agency’s surveillance systems to track where it came from. The documents also show that the NSA’s British partners at the GCHQ used XKeyscore data as part of a surveillance program on sites that included WikiLeaks. That was part of a broader psychological profiling and targeting program to collect intelligence, influence individuals online, and disrupt groups like Anonymous that were considered threats.

The new documents show that the GCHQ conducted “broad real-time monitoring of social media activities, processing data on activities like watching YouTube videos and Facebook Likes to profile, categorize, and target individuals for psychological operations.” The NSA documents in the latest disclosure refer to monitoring for content that could be considered “malicious foreign activity.” But it’s clear that the NSA also used its XKeyscore surveillance to dig through traffic to the torrent-sharing site, and it could very well have profiled foreign users of sites like WikiLeaks and monitored their access to that and other websites.

However, the documents—one an internal NSA “frequently asked questions” Wiki page and the other a set of GCHQ slides on psychological operations—do not provide a picture of how much information about people accessing WikiLeaks was shared between the GCHQ and the NSA. And while the documents point to NSA monitoring of Pirate Bay, there’s no suggestion of how the information gathered was used or if it was used at all.

A third, unpublished document shows that the Obama administration apparently encouraged foreign governments in 2010 (including the UK) to pursue charges against WikiLeaks for the publication of diplomatic “wires” provided by Chelsea Manning, formerly known as Bradley Manning.
“Squeaky Dolphin,” “Airwolf,” and “AnticrisisGirl”

The GCHQ slide deck, published in 2012, highlights two tools used to conduct social networking, Web monitoring, and profiling. The first, called “Squeaky Dolphin,” pulls online activities within Web traffic caught by the agency’s monitoring systems. The monitoring systems are called “Airwolf” in the slides, which may be a UK codeword for the GCHQ’s equivalent of XKeyscore. That data includes webmail, blogs visited, YouTube views, Facebook “likes” clicked on websites themselves, and other data culled from individual users’ captured activity.

It runs those activities, captured in real-time, through IBM’s InfoSphere Streams processing software to create analytical feeds. Those feeds are then piped into a Splunk database and surfaced through a “dashboard” view that allows analysts to find trends in sentiment. As an example, the slides showed activity related to cricket matches in London and the surge in Facebook likes for Conservative member of Parliament Liam Fox. It can also be used to spot trends in traffic that might indicate upcoming events such as protests or other civil unrest.

While Squeaky Dolphin tends to look at things with a wider view, “AnticrisisGirl” is a bit more targeted. It can be used to passively monitor specific websites—including traffic to WikiLeaks, as the slides demonstrate. The tool can be tuned to a specific set of Internet user signatures or keywords, and it provides analytics of their behavior in real time, capturing search terms or direct Web addresses used to get to the sites in question.
“Nothing to worry about”

The final document in the latest disclosure, from an NSA internal Wiki, is entitled “Discovery SIGINT Targeting Scenarios and Compliance.” Created in 2011, it provides guidance on what is and isn’t allowed in performing XKeyscore queries and using other analytics tools to capture and analyze data. The document explains when it’s allowed to query against US “selectors”—people or systems running within the United States.

One of the entries is entitled “Unknowingly targeting a US person”:

I screwed up…the selector had a strong indication of being foreign, but it turned out to be US…now what?

NOC/OGC RESPONSE: With all querying, if you discover it actually is US, then it must be submitted and go in the [Office of General Counsel] quarterly report…’but it’s nothing to worry about.’ (Source #001)

Several of the entries on the Wiki page relate to monitoring of PirateBay. One question posted asked whether it was OK to back-trace connections to thepiratebay.org “even if it hops through US based proxies.” The NSA’s Office of General Counsel responded that it was allowed only by use of metadata “chaining” in compliance with the Department of Defense’s Supplemental Procedures Governing Communications Metadata Analysis” (SPCMA). That order requires that analysts “enter a foreign intelligence (FI) justification for making a query or starting a chain”—in other words, analysts can’t just start a query of a post on The Pirate Bay without documenting their cause.

Another question posted about The Pirate Bay asked if a password for an account associated with a US person was enough to rule out tracking the source. “If a list of .mil passwords were released to thepiratebay.org…can we go back into [XKeyscore data] (using a custom created fingerprint) to search for traffic containing that password in foreign traffic just before the release?” The official response was that while a password alone would not normally be considered to a “US person,” searching for the password data for military accounts would be allowed due to the NSA’s support role for the Defense Department. Such actions would be “consistent with the SIGINT Consensual Collection package signed by [the commander of] USCYBERCOM and [director of the NSA], appropriate to both of his hats”—referring to Gen. Keith Alexander’s dual role as head of both DOD’s cyber operations and the NSA.

Ironically, the NSA’s privacy regulations do keep it from collecting one type of data—private information published by hackers. In a response to a question on whether it was legal to store data exposed by Anonymous or other groups for forensic purposes, the NSA general counsel said it was only legal to retain “.mil information.” It wasn’t clear whether it was legal to retain data from other government agencies.

by Sean Gallagher – Feb 18 2014, 8:35pm +0100

 Find this story at 18 February 2014

© 2014 Condé Nast.

The latest report from the Intercept based on Edward Snowden’s NSA leaks reveals how the NSA and its British counterpart GCHQ targeted WikiLeaks and its supporters. The report details how the U.S. and U.K. governments deployed surveillance tools against WikiLeaks networks and supporters, while pressuring international governments to persecute the organization’s founder, Julian Assange, over the publication of the Afghanistan war logs. The documents also show that the NSA considered ways to spy on Anonymous affiliates and hackers as well as users of file-sharing site Pirate Bay.

The documents are some of the most significant to come to light yet in highlighting the government’s engagement in what Snowden’s attorney Jesselyn Raddack has long called a “war on information.” Publishers and activists have been specifically targeted for making public otherwise secrecy-shrouded instances of abuses of power by the government and the military. “This is a very troubling report,” said Jameel Jaffer, American Civil Liberties Union deputy legal director. “Publishers who disclose abuses of government power should not be subjected to invasive surveillance for having done so, and individuals should not be swept up into surveillance dragnets simply because they’ve visited websites that report on those abuses.”

The efforts – detailed in documents provided previously by NSA whistleblower Edward Snowden – included a broad campaign of international pressure aimed not only at WikiLeaks founder Julian Assange, but at what the U.S. government calls “the human network that supports WikiLeaks.” The documents also contain internal discussions about targeting the file-sharing site Pirate Bay and hacktivist collectives such as Anonymous.

One classified

Tuesday, Feb 18, 2014 07:31 PM +0100
Natasha Lennard

Find this story at 18 February 2013

© 2014 The Associated Press

American and British spy agencies conducted a campaign against the WikiLeaks website and its surrounding “human network,” according to a new report.

The article, appearing Tuesday in the online publication The Intercept, is based on new information found in documents previously released by Edward Snowden. He is the former National Security Agency (NSA) contractor who has made public — through WikiLeaks — a large cache of otherwise secret NSA materials.

One classified document from the British spy agency Government Communications Headquarters (GCHQ) appears to be presenting a primer on passive monitoring of websites. But the Intercept story adds the factor that GCHQ’s monitoring system, called ANTICRISIS GIRL, secretly monitored visitors to WikiLeaks via a tap into Internet backbone cables, capturing in real time the IP addresses of site visitors.

Also included is a 2011 document of an internal NSA wiki with a brief discussion about whether the classification “malicious foreign actor” can be applied to WikiLeaks:

“Can we treat a foreign server who stores or potentially disseminates leaked or stolen data on its server as a ‘malicious foreign actor’ for the purpose of targeting with no defeats? Examples: WikiLeaks, thepiratebay.org, etc.”

The response by an unnamed NSA employee says, “Let me get back to you.” The term “no defeats” is considered to mean “with no protections.” The inclusion of the Pirate Bay site, which has been cited for copyright violations, either indicates that classified material was thought to be part of its inventory, or the national security agency was expanding its scope to include copyright.

There is no indication that WikiLeaks or Pirate Bay was actually classified as a “malicious foreign actor” by the NSA. But a 2008 U.S. Army report did identify WikiLeaks as an enemy.

The “human network” also included, of course, WikiLeaks’ founder and editor-in-chief, Julian Assange. An August, 2010 unclassified document also unearthed by The Intercept indicates that the U.S. urged other countries fighting in Afghanistan to file criminal charges against Assange for the publication of more than 70,000 classified documents relating to the war, which had been provided by Army Private First Class Bradley Manning.

The document said that this “appeal exemplifies the start of an international effort to focus the legal element of national power upon non-state actor Assange and the human network that supports WikiLeaks.”

Last year, James Goodale, then the chief counsel of The New York Times, told the Columbia Journalism Review that “the biggest challenge to the press today is the threatened persecution of WikiLeaks, and it’s absolutely frightening.” The Times worked with WikiLeaks in publishing the content of some of the secret documents.

February 18, 2014 1:00 PM
Barry Levine

 Find this story at 18 February 2014

© Copyright 2014 VentureBeat

Julian Assange in 2011 after losing appeals against extradition to Swedenacidpolly/Flickr/CC BY-NC-SA 2.0

Efforts undertaken by the NSA and GCHQ to target groups including WikiLeaks, Anonymous and Pirate Bay using internet surveillance and prosecution have been detailed in an article published by The Intercept.

The latest documents leaked by NSA contractor Edward Snowden reveal that the NSA went to great lengths to target individuals associated with WikiLeaks, including founder Julian Assange and “the human network that supports it”.

One particular document revealed that GCHQ tapped into fibre-optic cables to monitor visitors to the site in real time by tracking their IP addresses. It also tracked the search terms that visitors were using to reach the site, all as part of an operation codenamed ANTICRISIS GIRL. This suggests that internet users from anywhere in the world who visited WikiLeaks regularly could potentially have become a target for the NSA.

The documents also reveal that the NSA labelled WikiLeaks “a malicious foreign actor”. The US government encouraged foreign regimes to press charges against Assange over WikiLeaks’ publication of Afghanistan war logs.

“WikiLeaks strongly condemns the reckless and unlawful behaviour of the National Security Agency,” said Julian Assange in a statement published on the WikiLeaks site. He called upon the Obama administration to conduct an investigation into the extent of the NSA’s activity regarding the media, including the WikiLeaks network. He also criticised the media-monitoring activities of GCHQ, saying it shows no respect for the rule of law.

“No entity, including the NSA, should be permitted to act against journalists with impunity. We have instructed our General Counsel Judge Baltasar Garzón to prepare the appropriate response. The investigations into attempts to interfere with the work of WikiLeaks will go wherever they need to go. Make no mistake: those responsible will be held to account and brought to justice.”

The Intercept — the new publication launched by ex-Guardian journalist Glenn Greenwald, who has headed up the reporting on the Snowden documents — points out that the WikiLeaks surveillance reveals just how far the NSA’s actions stray from its “self-proclaimed focus on terrorism”.

“The documents call into question the Obama administration’s repeated insistence that US citizens are not being caught up in the sweeping surveillance dragnet being cast by the NSA. Under the broad rationale considered by the agency, for example, any communication with a group designated as a ‘malicious foreign actor,’ such as WikiLeaks and Anonymous, would be considered fair game for surveillance,” the site points out.

The targeting of WikiLeaks, Anonymous and Pirate Bay follows earlier revelations that GCHQ used DDoS attacks to target hacker collectives Anonymous and LulzSec. These latest accusations do not reflect well on GCHQ, which maintains its stance that “all of GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight”. It’s hard to see how this would apply to the monitoring of citizens from the UK and abroad who might be doing nothing more than reading the WikiLeaks site.

Politics / 19 February 14 / by Katie Collins

Find this story at 19 February 2014

© Condé Nast UK 2014

A member of the White House review panel on NSA surveillance said he was “absolutely” surprised when he discovered the agency’s lack of evidence that the bulk collection of telephone call records had thwarted any terrorist attacks.
“It was, ‘Huh, hello? What are we doing here?’” said Geoffrey Stone, a University of Chicago law professor, in an interview with NBC News. “The results were very thin.”
While Stone said the mass collection of telephone call records was a “logical program” from the NSA’s perspective, one question the White House panel was seeking to answer was whether it had actually stopped “any [terror attacks] that might have been really big.”
“We found none,” said Stone.
Under the NSA program, first revealed by ex-contractor Edward Snowden, the agency collects in bulk the records of the time and duration of phone calls made by persons inside the United States.
Stone was one of five members of the White House review panel – and the only one without any intelligence community experience – that this week produced a sweeping report recommending that the NSA’s collection of phone call records be terminated to protect Americans’ privacy rights.
The panel made that recommendation after concluding that the program was “not essential in preventing attacks.”
“That was stunning. That was the ballgame,” said one congressional intelligence official, who asked not to be publicly identified. “It flies in the face of everything that they have tossed at us.”
Despite the panel’s conclusions, Stone strongly rejected the idea they justified Snowden’s actions in leaking the NSA documents about the phone collection. “Suppose someone decides we need gun control and they go out and kill 15 kids and then a state enacts gun control?” Stone said, using an analogy he acknowledged was “somewhat inflammatory.” What Snowden did, Stone said, was put the country “at risk.”
“My emphatic view,” he said, “is that a person who has access to classified information — the revelation of which could damage national security — should never take it upon himself to reveal that information.”
Stone added, however, that he would not necessarily reject granting an amnesty to Snowden in exchange for the return of all his documents, as was recently suggested by a top NSA official. “It’s a hostage situation,” said Stone. Deciding whether to negotiate with him to get all his documents back was a “pragmatic judgment. I see no principled reason not to do that.”
The conclusions of the panel’s reports were at direct odds with public statements by President Barack Obama and U.S. intelligence officials. “Lives have been saved,” Obama told reporters last June, referring to the bulk collection program and another program that intercepts communications overseas. “We know of at least 50 threats that have been averted because of this information.”
White House Jay Carney is pressed Thursday over whether President Barack Obama believes that the NSA surveillance program saved lives.
But in one little-noticed footnote in its report, the White House panel said the telephone records collection program – known as Section 215, based on the provision of the U.S. Patriot Act that provided the legal basis for it – had made “only a modest contribution to the nation’s security.” The report said that “there has been no instance in which NSA could say with confidence that the outcome [of a terror investigation] would have been any different” without the program.
The panel’s findings echoed that of U.S. Judge Richard Leon, who in a ruling this week found the bulk collection program to be unconstitutional. Leon said that government officials were unable to cite “a single instance in which analysis of the NSA’s bulk collection metadata collection actually stopped an imminent attack, or otherwise aided the Government in achieving any objective that was time-sensitive in nature.”
Stone declined to comment on the accuracy of public statements by U.S. intelligence officials about the telephone collection program, but said that when they referred to successes they seemed to be mixing the results of domestic metadata collection with the intelligence derived from the separate, and less controversial, NSA program, known as 702, to intercept communications overseas.
The comparison between 702 overseas interceptions and 215 bulk metadata collection was “night and day,” said Stone. “With 702, the record is very impressive. It’s no doubt the nation is safer and spared potential attacks because of 702. There was nothing like that for 215. We asked the question and they [the NSA] gave us the data. They were very straight about it.”
He also said one reason the telephone records program is not effective is because, contrary to the claims of critics, it actually does not collect a record of every American’s phone call. Although the NSA does collect metadata from major telecommunications carriers such as Verizon and AT&T, there are many smaller carriers from which it collects nothing. Asked if the NSA was collecting the records of 75 percent of phone calls, an estimate that has been used in briefings to Congress , Stone said the real number was classified but “not anything close to that” and far lower.
The heads of top tech companies in the U.S. have ask President Obama to reform government’s surveillance laws and practices. NBC’s Steve Handelsman reports.
When panel members asked NSA officials why they didn’t expand the program to include smaller carriers, the answer they gave was “money,” Stone said. “They were setting financial priorities,” said Stone, and that was “really revealing” about how useful the bulk collection of telephone calls really was.
An NSA spokeswoman declined to comment on any aspect of the panel’s report, saying the agency was deferring to the White House. Asked Wednesday about the surveillance panel’s conclusions about telephone record collection, White House press secretary Jay Carney said that “the president does still believe and knows that this program is an important piece of the overall efforts that we engage in to combat threats against the lives of American citizens and threats to our overall national security.”
By Michael Isikoff
NBC News National Investigative Correspondent
Find this story at 20 December 2013
© 2013 NBCNews.com