• Buro Jansen & Janssen is een onderzoeksburo dat politie, justitie, inlichtingendiensten, de overheid in Nederland en Europa kritisch volgt. Een grond-rechten kollektief dat al 30 jaar publiceert over uitbreiding van repressieve wetgeving, publiek-private samenwerking, bevoegdheden, overheids-optreden en andere staatsaangelegenheden.
    Buro Jansen & Janssen Postbus 10591, 1001EN Amsterdam, 020-6123202/06-34339533, info@burojansen.nl.
    Steun Buro Jansen & Janssen. Word donateur, NL56 INGB 0000 6039 04 ten name van Stichting Res Publica, Postbus 11556, 1001 GN Amsterdam.
  • Publicaties

  • Europa

  • Politieklachten

  • Veilig Internetten

  • Jansen Library

  • 1. #@??KQP/X:+GT^^C;*A![]W>

    The keyboard as weapon

    When calling from a mobile phone or sending e-mail, most people assume that no one else is listening to their conversation or reading their mail. If, however, they want to be absolutely sure of this, they must encrypt these messages. Protecting one’s privacy or sensitive information can be good and legitimate reasons for using encryption. Police and intelligence services, however, seem to think that encryption is suspicious by definition. Their line of reasoning is that anyone who encrypts a message has something to hide. The possibilities for the police to intercept communications have reached unprecedented heights, but recently, the wide scale use of encryption has threatened to bring this development to a halt, something that the authorities are none too pleased about.

    Eavesdropping is as old as humankind. Whereas previously the rural constable would position himself strategically in a ditch near a meeting of anarchists in the hope of catching secret information from loose-tongued revolutionaries, later on interception centres were established in order to listen in on telephone conversations. The police are always keen to listen to conversations with suspects, in the hope of obtaining information that can lead to solving crimes and putting criminals behind bars. Intelligence services also like to lend a listening ear.
    Listening to telephone conversations is a serious invasion of individual privacy, which is why regulations have been laid down to restrict interception. In The Netherlands, the police are only allowed to bug a line under certain situations and must first obtain permission to do so from an examining magistrate.[1] These restrictions apply to the Intelligence services to a much lesser degree.

    The interception of communication has increased greatly in recent years. After a robbery, it is now standard procedure to find out which mobile telephones were in use around the scene and time of the crime. Thanks to new technology, it is not only possible to listen to conversations, but also to get an idea of someone’s phoning habits, to make links and use the mobile phone as a tracing device.
    Even with the receiver down, telephones can be tapped from a distance, thereby being transformed into pieces of bugging equipment. It’s also possible to set up large scale “fishing expeditions”.
    An example is the way the British government intercepted every telephone call between Ireland and mainland Britain for ten years. A windowless, thirteen storey flat crammed full of listening devices, formed the heart of an interception centre which intercepted, saved, decoded and searched messages for key words. This grandiose effort was supposedly solely in aid of the fight against the IRA.[2]
    The French police were able to arrest the perpetrators of the murder of the Corsican prefect Erignac after they had analysed 3000 thousand GSM messages on the evening of his murder. Using a special computer program, the police not only discovered that the suspects had frequently called each other around the time of the murder, they were also able to locate the position of the callers to within a square kilometre, which happened to be the scene of the murder. Confronted with these facts, the suspects broke down and confessed.[3]
    The police and judicial authorities nevertheless rant on about the problems created by the modernisation of the telecommunications industry. The Internet especially is seen as a source of uncontrolled and potentially dangerous communication. In addition to this, a new development has arisen which will give the average eavesdropper many sleepless nights; the use of encryption to secure the contents of messages. Whereas before, agents intercepting communications used to puzzle over cryptic messages such as “Clara can collect the flight of whimbrels at nest 5”, nowadays they are confronted with bizarre squeaks and crackling noises on the line, or with an illegible mishmash of words that look as if a blindfolded chimpanzee has just gone wild on the keyboard. In fact, encryption is the same as placing a seal upon an envelope; a way of making sure that your message cannot be read by anyone unauthorised to do so. As such, its uses in the digital society extend across a wide range of matters, including private communication, e-commerce, digital voting, or the exchange of sensitive business or political information. There is therefore a classic conflict between citizens’ need for privacy, the economic interests of the business community and the political interests of human rights organisations or opposition groups on one hand and the wish of law enforcers, the police and intelligence services to be able to conduct their research as effectively as possible on the other.

    Echelon
    The use of cryptography elicited warnings from the National Security Agency, (NSA) as early as 1979. The NSA, America’s most secret intelligence service, has elevated interception to an art-form. In 1979, former NSA director Bobby Inman gave an address that came to be known as “the sky is falling” speech, in which he warned that “non-governmental cryptological developments clearly pose a risk to national security”.[4] As experts in the field of intercepting and cracking codes, the NSA should know what they are talking about. Together with several other countries, the NSA runs Echelon, a worldwide interception network that hit the headlines in February 1998 as a result of a report from the Scientific Technological Options Assessment (STOA), a research department of the European Parliament.[5] The report revealed that the NSA routinely intercepted all telephone, fax and e-mail traffic in several parts of the world, including Europe. Further inquiries by investigative journalists have already revealed the basics of a worldwide interception system, although many details remain secret.[6] In May 1999, official confirmation of the existence of Echelon came from an unexpected source. Martin Brady, director of the Australian Defence Signals Directorate (DSD), confirmed that his service intercepted and processed millions of messages on a daily basis within the framework of Echelon.[7] Documents recently released under the Freedom of Information Act also confirm the existence of Echelon. There is mention of “Echelon Installations” serving the Naval Security Group in Sugar Groove (West Virginia) in declassified NSA documents.[8]
    On 23 February, the European Parliament devoted a hearing to Echelon. The chairperson of the parliament, Nicole Fontaine, condemned its spying activities as an assault on individual privacy and legitimate business concerns. “For the European Union, these are essential interests” declared Fontaine. “It seems well established that there has been a violation of the fundamental rights of its citizens and economic espionage may have had disastrous consequences on employment.”[9] Other members of parliament are also convinced of the existence of Echelon, although they have doubts as to whether it is being misused for economic gain. In any case, they demanded a thorough investigation by the European Commission. However, the matter is currently shrouded in silence. It is, above all, the question what line of action the governments of the member states will eventually take as where political and economic espionage are concerned, no one has a clean slate.

    Echelon originated in the Second World War. The Allies were fairly successful in listening to and decoding the stream of messages from their enemies. When at the end of the war, a new enemy, the Soviet Union, appeared on the scene, the United States and England decided to collaborate closely in intercepting, collecting and processing electronic information. This activity came to be known as signal intelligence, or SIGINT in abbreviated jargon. The so-called UKUSA agreement is still secret. Later, other Commonwealth countries joined; Canada, Australia and New Zealand. Together they founded the Commonwealth SIGNIT Alliance in 1947.
    In America, the National Security Alliance (NSA) is the secret service responsible for signal intelligence. In England, it is the Government Communications Headquarters (GCHQ), in Australia, the Defence Signals Directorate (DSD), in Canada, the Communications Security Establishment (CSE) and in New Zealand, the Governments Communications Security Bureau (GCSB). These countries are so called “partners” in the agreement; they are active participants in Echelon and reap the benefits it gives. Other countries also participate in the network, but then primarily by providing facilities for interception stations or by passing on information that they themselves have gathered. Countries involved with Echelon in this way include Germany, Japan, Norway, South Korea, Turkey and China.

    The Netherlands is also doing its bit. The Technical Information processing Centre (TIVC) located in the Marine Complex Kattenburg in Amsterdam receives and decodes satellite communications that are picked up at a number of stations on the ground. The most famous one of these is the ground station at Zoutkamp. Judging from the publication of internal articles and revelations in the Haagschse Courant in 1985, the TIVC operates in much the same way as big brother NSA. Conversations via satellite connections were recorded on tape and selected for further investigation on the basis of key words. The information gathered by the TIVC went to the Foreign Secret Service, until this was abolished in 1994. Since then, all electronic intelligence services have been in the hands of the Military Intelligence Service.[10]
    At the beginning of 1999, word leaked out that the Swiss had set up their own mini-Echelon. The secret decision to build an enormous interception installation leaked out because the new building failed to escape attention. The Ministry of Defence was forced to acknowledge having built the installation and later admitted that not only the military secret service but also the police force would have access to the intercepted material.[11]
    Russia has also developed a similar sort of spying network; the Russian secret service (FSB) has founded SORM 1, a counterpart of Echelon, to intercept Internet traffic. At the moment it is still necessary to obtain a court order to do this, but in the plans for SORM 2, the mediation of an examining magistrate will no longer be necessary. The FSB wants all four hundred Russian service providers to open a permanent connection to the FSB, so that the FSB can have access to all Internet traffic – at the service providers’ expense.[12]

    The Echelon network is a product of the Cold War. There is a certain logic in spying upon enemies with which one is in a state of (cold) war. The real problem is that Echelon can be used for many more purposes and that this is exactly what is happening. Because all data communication is being intercepted, it is also possible that this is searched for other key words. Echelon is also used to observe countries’ own citizens and organisations with unwanted political opinions or involvement, for example.[13]

    Operating between 1967 and 1973, almost 6000 foreigners and 1700 organisations and US citizens were included on the Minaret project’s watch lists. Despite extensive efforts to conceal the NSA’s involvement in this project, NSA director Lew Allen testified before the Senate’s Intelligence Committee in 1975 that the NSA had brought out over 3900 reports on American citizens on the lists. The NSA Office of Security Services additionally maintained reports on at least 75,000 Americans between 1952 and 1974. This list included the names of anyone that was mentioned in a message intercepted by the NSA.

    Seemingly non-controversial organisations have ended up in the fixed gaze of Echelon, as several former GCHQ officials confidentially told the London Observer in June 1992. Among the targeted organisations they named were Amnesty International, Greenpeace and Christian Aid, an American missionary organisation that works with indigenous pastors in countries closed to Western Christian workers.
    – STOA, An appraisal of technologies of political control, Interim study, Luxemburg 19 January 1998.

    Espionage
    In addition, economic espionage has gained increasing importance, particularly since the end of the Cold War. On April 13th 1992, Robert Gates, director of the CIA, gave a speech on this topic to the Economic Club of Detroit. “The national security review highlighted the dramatically increased importance of international, economic affairs as an intelligence issue”, he stated. “Nearly 40 % of the new requirements are of an economic nature. Most senior policy makers clearly see that many of the most important challenges and opportunities at and beyond the end of this decade are in the international economic arena.”
    In an earlier interview with Time, Gates had insisted that although the CIA “did not carry out commercial spying” the agency could “be helpful to economic intelligence by identifying foreign governments that are involved in unfair practices,” including cases “where they are colluding with businesses in their own country to the detriment of the U.S.”.
    In his Detroit speech, Gates also stated that, “the second general economic intelligence task of the community is to monitor trends in technology that could affect national security.” “We must continue to watch closely the development of foreign capacity in the area of advanced technology – not only in the military field – that can have major security or economic consequences.”[14]

    Economic espionage is not only an American hobby; Canada, for one, is also partial. “Western governments’ concern about their economies and employment and so forth has prompted them to pay increasingly more attention to economic espionage” said Alistair Hensler, who was an assistant director at the Canadian Security Intelligence Service (CSIS) from 1991 to 1995. “If a country loses a contract of several billion dollars as a result of the espionage of another country, an entire industry may be put out of work.”[15]
    The English also know how to put the unprecedented possibilities afforded by Echelon to use. The former British Minister of Foreign Affairs Lord Owen and ex-top civil servant Lord Renwick admitted in the BBC documentary “How to be a foreign secretary” (January 1998) that M16 spied upon other members of the European Community. “It would be a form of neglect if we didn’t try to gather as much information as possible on the people we are dealing with, but our intentions are entirely honourable”, he said.[16]
    The English, in turn, are spied upon by the French. The French Intelligence services have invested millions of dollars in the modernisation of their interception centres, and receivers from at least eight stations are now directed at British business people in the defence and oil industries and other commercial sectors. British Petroleum, British Airways and British Aerospace are among the companies targeted in this way. The British Government has warned business people not to conduct confidential conversations via their mobile phones and to exercise extreme caution when carrying out campaigns for new orders, such as the current market competition for the supply of rockets for the Euro fighter.[17]
    At the other extreme, law suits demanding compensation for failed business deals are currently being prepared in France against the American and British governments. French members of parliament are convinced of the existence of Echelon and there is talk of “a particularly acute conflict of interest within the European Union”. According to the Parisian lawyer Jean Pierre Millet, “you can bet that every time a French Government minister makes a mobile phone call, it is recorded.”[18]

    In 1993, the New York Times reported that the CIA and the NSA had intercepted telephone conversations on GATT two years earlier, providing the U.S. with accounts of conversations held between the French President Francis Mitred and the head of the European Commission, Jacks Delores. This is “a war with different weapons”, the New York Times concluded.

    In the summer of 1996, security experts at the European Union’s Luxembourg offices found evidence that via the Internet, the NSA had penetrated the internal e-mail system that links 5000 EU elected officials and bureaucrats. The Americans reportedly used this information in the 1995 negotiations on the GATT. The infiltration of the EU prompted a study by the STOA on the NSA’s surveillance of Europe.
    – STOA, An appraisal of technologies of political control, Interim study, Luxemburg 19 January 1998.

    Both the police and intelligence service have a lot to lose if they are no longer able to uninterruptedly intercept communication. Although “protection of national security” and “fighting organised crime” are legitimising arguments, it should be born in mind that in practise, both police and security services and the authorities can show a creative side to their natures when it comes to describing their activities. In a moment of honesty, David Henderson, head of the Senior Officials Group on Information Security, who in acting on behalf of the European Commission negotiates with OESO countries on the harmonisation of telecommunications traffic, called the fight against crime a “smoke-screen”. “We are talking about foreign intelligence, that’s what all this is about”, he told Engineering Weekly. “Crime is a good cover because everyone is familiar with police officers, law courts and the like. Law enforcement is indeed a serious aspect, I won’t deny that, but it’s also a cover. Half of the people with I deal with at the OESO are aware of this, but the other half are not.”[19]
    Added to this, police and intelligence services are now operating increasingly within each other’s territory. Secret Services now have organised crime in their portfolios, whilst the police have entered the shadowy world of terrorism and political activism. Both have a mutual interest in keeping the new data communication methods open to interception. The police and the legal authorities are more tightly bound by legal restrictions than the intelligence services, especially when it comes to intercepting communication. The increasing overlap makes it more difficult to control where police and justice obtain their information and whether or not it has been obtained by legal means. The classic legitimisation for intelligence work – that spying on one’s political and military opponents requires unorthodox methods which, by necessity fall short of the usual forms of democratic and legal control – is spreading like a pool of spilt ink across other areas.

    Cyberterrorism
    The assault on the use of encryption began in the United States. “It is clear that the success of the NSA’s intelligence operations depend upon their continued capacity to gather and read foreign communication. Encryption can disturb our capacity to produce foreign intelligence”, declared Dr. Clinton Brooks of the NSA to the American Congress in 1994.[20]
    The FBI also issues regular warnings about the dreadful dangers posed by encryption. “Law enforcers are in unanimous agreement that the widespread use of robust non-key recovery encryption ultimately will devastate our ability to fight crime and prevent terrorism,” said FBI director Louis Fresh at a senate hearing in January 1999. “Uncrackable encryption will allow drug lords, terrorists, and even violent gangs to communicate with impunity. Other than some kind of key recovery system, there is no technical solution.” [21]
    CIA director John Deutsch sounded the alarm in 1996, adding his voice to the calls for control of the new communication networks and encryption. He conjured up imagery of America’s greatest national trauma when he testified before a congress committee in June 1996, saying that they were being threatened with “an electronic pearl harbour”. Its increasing dependence on computer networks is making America more and more vulnerable to cyber attacks that could dislocate its economic infrastructure “Countries and terrorist organisations can easily come by the technology needed to break into our information systems”, he warned. With the right technology a small enemy could fight against the United States on equal footing. According to Deutsch, criminal hackers were offering their services to so-called rogue states with “various schemes to undo vital US interests through computer intrusions.”[22]
    Deutsch’ warning was the prelude to a series of reports and policy initiatives, all of which had the heady cocktail of the Internet, encryption and the vulnerability of the United States as their subject. The concept of Information Warfare began to play a prominent role in these writings. According to one such report, America’s “digital underbelly” was being threatened.[23] Another report announced, “Bytes not bullets are the new ammunition”.[24] “We have to prevent an electronic Waterloo”, warned the next report. [25]
    President Clinton has made the new threat to security a permanent item in his speeches. In May 1998, he said in a speech to the US Naval Academy; “our security is challenged increasingly by non-traditional threats from adversaries, both old and new, not only hostile regimes, but also international criminals and terrorists who cannot defeat us in traditional theatres of battle, but search instead for new ways to attack by exploiting new technologies and the world’s increasing openness (…) Intentional attacks against our critical systems are already underway.” Tomorrow’s frontline commanders, said Clinton, will be drawn from the ranks of computer wizards.[26]

    The combination of the Internet and encryption is a deadly mixture requiring active control; this is the message being sent out by the authorities. This American virus is spreading all over the world and Cybercrime and Cyberterrorism are rapidly becoming hot issues. Statements on the dangers of the Internet have been issued throughout Europe. The tone is always the same; the Internet evades all forms of control. Partially due to the use of encryption, it is threatening to become a free playground for diverse villains, including paedophiles, terrorists and drugs dealers. The electronic highway is in acute need of patrollers who have the legal authority and technical means to direct all sorts of illegal drivers off the road. These urgent statements from police and intelligence services have had the desired effect; the problem has been given a prominent place on the political agenda.


    [1] Under the new Special Investigation Powers Act, it is still necessary to obtain permission to tap a telephone line from an examining magistrate. In fact, a lot of interception goes on in the Netherlands, and it appears that permission to tap a line is given rather easily. The new investigation powers also allow for the interception of telephone lines of people who are not suspects, but who have ‘links’ with organised crime.
    [2] Leidsch Dagblad, 16 July 1999
    [3] Volkskrant, 26 May 1999
    [4] Wired, nr 4, 1993
    [5] Scientific Technological Options Assessment, An Appraisal of Technologies of political control – Interim Study, Luxemburg 19 January 1998
    [6] See: Nicky Hager, Secret Power: New Zealand’s role in the international spy network; James Badford, The Puzzle palace; Duncan Campbell, Somebody’s listening, New Statesman 12 August 1988.
    [7] Duncan Campbell, Existenz von Echelon erstmals offiziel bestatigt, Telepolis 28 May 1999
    [8] See: http://www.gwu.edu/~nsarchiv/NSAEBB/NSAEBB23/09-03.htm
    [9] Barry James, Report EU says U.S. and U.K. Spied on Allies, International Herald Tribune, 24 February 2000
    [10] See: de Groene Amsterdammer, 2 December 1998; Bob de Graaf en Cees Wiebes, Villa Maarheeze, de geschiedenis van de inlichtingendienst buitenland, SDU 1998, Den Haag
    [11] Martin Stoll, Echelon fur die Schweiz, Sonntags Zeitung, 10 February 1999
    [12] Florian Rötzer, Russlands Geheimdienst will freie hand zum Abhoren der Internetkommunikation, Telepolis, 21 February 1999; Forian Hassel, Die langen Ohren des FSB im Internet, Frankfurter Rundschau, 18 March 1999
    [13] See examples in STOA report (note 5)
    [14] Quotes from: Stanley Kober, Policy Analysis No.185, 8 December 1992, Cato-Institute, Washington
    [15] See Patrick S. Poole, Echelon: America’s Secret Global Surveillance Network, http://fly.hiwaay.net/~pspoole/echelon.html
    [16] Quoted in De Groene Amsterdammer, 24 February 1998
    [17] Sunday Times, 23 January 2000
    [18] Adam Sage, French to sue U.S. and Britain over network of spies, The Times, 10 February 2000
    [19] De Groene Amsterdammer, 18 February 1998
    [20] Dr. Clinton Brooks, National Security Agency testimony before the House science, space and technology committee’s technology, environment and aviation sub-committee May 3, 1994
    [21] Quoted in De Groene Amsterdammer, 10 February 1999
    [22] Quoted in Global Organised Crime Project, Cybercrime, Cyberterrorism, Cyber-warfare….Averting an Electronic Waterloo, Washington, February 1999
    [23] United States Senate Committee on the judiciary sub-committee on technology, terrorism and government information, senator John Kyle, chairman, “Crime, terror and war; national security and public safety in the information age”, November 1998
    [24] Wired News, 16 December 1998
    [25] CSIS – Taskforce on Information warfare and Security: Cybercrime, Cyber-terrorism, Cyberwarfare….Averting an Electronic Waterloo, December 1998
    [26] Quoted in: Global Organised Crime project, Cybercrime, Cyberterrorism, Cyber-warfare…..Averting an Electronic Waterloo, Centre for Strategic and International Studies, Washington, February 1999