Tag Archives: National Security Agency

Fear of the Enemy Within: Unrestricted Surveillance

Leave a reply

The Supreme Court declined to hear a constitutional challenge to a secretive government surveillance program, dealing a setback to privacy groups including the American Civil Liberties Union ahead of a looming debate in Congress over whether to renew the law that authorizes the intelligence tool.

In a brief order issued on February 2023, the high court said it wouldn’t hear arguments challenging the legality of the National Security Agency program known as “Upstream,” in which the intelligence agency collects and monitors internet communications without obtaining search warrants. Classified details about the program were among those exposed a decade ago by former intelligence contractor Edward Snowden, who has been charged with theft of government property and violating espionage laws and lives in Russia.

The legal challenge was brought by Wikimedia, the nonprofit owner of the Wikipedia online encyclopedia. Wikimedia was represented by lawyers at the ACLU, Cooley LLP and the Knight First Amendment Institute at Columbia University. Wikimedia’s lawyers urged the high court to rein in the “state secrets privilege,” a legal doctrine that allows the government to shut down lawsuits that could jeopardize sensitive national-security information. 

“The Supreme Court’s refusal to grant our petition strikes a blow against an individual’s right to privacy and freedom of expression—two cornerstones of our society and the building blocks of Wikipedia,” said James Buatti, Wikimedia’s legal director, in a statement.

Excerpts from  Jan Wolfe  and Dustin Volz, Justices Won’t Hear Challenged to NSA Surveillance, Feb. 22, 2023

The Cyber-Intelligence Ruling Class

Leave a reply

[The] Intelligence National Security Alliance. INSA is a powerful but 
little-known coalition established in 2005 by companies working for the National Security Agency. In recent years, it has become the premier organization for the men and women who run the massive cyberintelligence-industrial complex that encircles Washington, DC…[One such company is founded by]  former Navy SEAL named Melchior Baltazar, the CEO of an up-and-coming company called SDL Government. Its niche, an eager young flack explained, is providing software that military agencies can use to translate hundreds of thousands of Twitter and Facebook postings into English and then search them rapidly for potential clues to terrorist plots or cybercrime.

It sounded like the ideal tool for the NSA. Just a few months earlier, Snowden had leaked documents revealing a secret program called PRISM, which gave the NSA direct access to the servers of tech firms, including Facebook and Google. He had also revealed that the NSA and its British counterpart, the GCHQ, had special units focused on cracking encryption codes for social media globally….

This small company, and INSA itself, are vivid examples of the rise of a new class in America: the cyberintelligence ruling class.  These are the people—often referred to as “intelligence professionals”—who do the actual analytical and targeting work of the NSA and other agencies in America’s secret government. Over the last 15 years, thousands of former high-ranking intelligence officials and operatives have left their government posts and taken up senior positions at military contractors, consultancies, law firms, and private-equity firms. In their new jobs, they replicate what they did in government—often for the same agencies they left. But this time, their mission is strictly for-profit.

Take Olsen, who served as general counsel for the NSA and as a top lawyer for the Justice Department before joining the National Counter-Terrorism Center (NCTC). He is now the president for consulting services of IronNet Cybersecurity, the company founded last year by Army Gen. Keith Alexander, the longest-
serving director in the history of the NSA. The  firm is paid up to $1 million a month to consult with major banks and financial institutions in a “cyber war council” that will work with the NSA, the Treasury Department, and other agencies to deter cyberattacks that “could trigger financial panic,” Bloomberg reported last July 2014.

Some members of this unique class are household names. Most cable-news viewers, for example, are familiar with Michael Chertoff and Michael Hayden, two of the top national-security officials in the Bush administration. In 2009, they left their positions at the Justice Department and the NSA, respectively, and created the Chertoff Group, one of Washington’s largest consulting firms, with a major emphasis on security..

Well, enough, you might say: Isn’t this simply a continuation of Washington’s historic revolving door? The answer is no. As I see it, the cyberintelligence- industrial complex is qualitatively different from—and more dangerous than—the military-industrial complex identified by President Eisenhower in his famous farewell address. This is because its implications for democracy, inequality, and secrecy are far more insidious….To confront the surveillance state, we also have to confront the cyberintelligence ruling class and expose it for what it really is: a joint venture of government officials and private-sector opportunists with massive power and zero accountability.

Excerpts from Tim Shorrock, How Private Contractors Have Created a Shadow NSA, Nation, May  27, 2015.

Surveillance State: US

Leave a reply

Were it not for Edward Snowden or someone like him, the N.S.A. would likely still be collecting the records of almost every phone call made in the United States, and no one outside of government would know it. A handful of civil-liberties-minded representatives and senators might drop hints in hearings and ask more pointed questions in classified settings. Members of the public would continue making phone calls, unaware that they were contributing to a massive government database that was supposedly intended to make their lives safer but had not prevented a single terrorist attack. And, on Monday June 1, 2015  the government’s Section 215 powers, used to acquire records from hundred of billions of phone calls, among other “tangible things,” would be quietly renewed.

Snowden shouldn’t have been necessary. The Foreign Intelligence Surveillance Court (or FISA Court), which evaluates Section 215 requests, is supposed to be interpreting the law to make sure that government surveillance doesn’t go outside of it. Congressional intelligence committees, which review the activities of the N.S.A., are supposed to be providing some oversight. The N.S.A. itself reports to the Department of Defense, which reports to the White House, all of which have dozens of lawyers, who are all supposed to apply the law. The government, in other words, is supposed to be watching itself…

The government enshrouds the details of its surveillance programs in a technical vocabulary (“reasonable articulable suspicion,” “seeds,” “queries,” “identifiers”) that renders them too dull and opaque for substantive discussion by civilians. …Little is known about how other authorities, including Executive Order 12333, which some consider the intelligence community’s most essential charter, are being interpreted to permit spying on Americans. And a redacted report, released last week by the Department of Justice’s Office of the Inspector General, hints at how much we still don’t know about Section 215. Nearly two years into the congressional debate over the use and legality of Section 215, the report provides the first official confirmation that the “tangible things” obtained by the F.B.I. through Section 215 include not just phone metadata but “email transactional records” and two full lines of other uses, all of which the F.B.I. saw fit to redact.

Excerpts from MATTATHIAS SCHWARTZ, Who Needs Edward Snowden?,  New Yorker, MAY 28, 2015

Wikipedia Lawsuit against U.S. NSA

Leave a reply

Excerpts from the Lawsuit of Wikipedia against the NSA

UNITED STATES DISTRICT COURT DISTRICT OF MARYLAND, Case 1:15-cv-00662-RDB, Filed 03/10/15

The government conducts at least two kinds of surveillance under the The Foreign Intelligence Surveillance Amendments Act of 2008 (FAA).  Under a program called “PRISM,” the government obtains stored and real-time communications directly from U.S. companies—such as Google, Yahoo, Facebook, and Microsoft—that provide communications services to targeted accounts.

This case concerns a second form of surveillance, called Upstream. Upstream surveillance involves the NSA’s seizing and searching the internet communications of U.S. citizens and residents en masse as those communications travel across the internet “backbone” in the United States. The internet backbone is the network of high-capacity cables, switches, and routers that facilitates both domestic and international communication via the internet.The NSA conducts Upstream surveillance by connecting surveillance devices to multiple major internet cables, switches, and routers inside the United States. These access points are controlled by the country’s largest telecommunications providers, including Verizon Communications, Inc. and AT&T, Inc. ….

. With the assistance of telecommunications providers, the NSA intercepts a wide variety of internet communications, including emails, instant messages, webpages, voice calls, and video chats. It copies and reviews substantially all international emails and other “text-based” communications—i.e., those whose content includes searchable text.

More specifically, Upstream surveillance encompasses the following processes, some of which are implemented by telecommunications providers acting at the NSA’s direction:

• Copying. Using surveillance devices installed at key access points, the NSA makes a copy of substantially all international text-based communications—and many domestic ones—flowing across certain high-capacity cables, switches, and routers. The copied traffic includes email, internet-messaging communications, web-browsing content, and search-engine queries.

• Filtering. The NSA attempts to filter out and discard some wholly domestic communications from the stream of internet data, while preserving international communications. The NSA’s filtering out of domestic communications is incomplete, however, for multiple reasons. Among them, the NSA does not eliminate bundles of domestic and international communications that transit the internet backbone together. Nor does it eliminate domestic communications that happen to be routed abroad.

• Content Review. The NSA reviews the copied communications—including their full content—for instances of its search terms. The search terms, called “selectors,” include email addresses, phone numbers, internet protocol (“IP”) addresses, and other identifiers that NSA analysts believe to be associated with foreign intelligence targets. Again, the NSA’s targets are not limited to suspected foreign agents and terrorists, nor are its selectors limited to individual email addresses. The NSA may monitor or “task” selectors used by large groups of people who are not suspected of any wrongdoing— such as the IP addresses of computer servers used by hundreds of different people.

• Retention and Use. The NSA retains all communications that contain selectors associated with its targets, as well as those that happened to be bundled with them in transit….

NSA analysts may read, query, data-mine, and analyze these communications with few restrictions, and they may share the results of those efforts with the FBI, including in aid of criminal investigations….. In other words, the NSA copies and reviews the communications of millions of innocent people to determine whether they are discussing or reading anything containing the NSA’s search terms. The NSA’s practice of reviewing the content of communications for selectors is sometimes called “about” surveillance. This is because its purpose is to identify not just communications that are to or from the NSA’s targets but also those that are merely “about” its targets. Although it could do so, the government makes no meaningful effort to avoid the interception of communications that are merely “about” its targets; nor does it later purge those communications.

PDF document of Lawsuit

The Nationalization of Internet

Leave a reply

The Swiss government has ordered tighter security for its own computer and telephone systems that could block foreign companies from key technology and communications contracts.  The governing Federal Council’s decision Wednesday cited concerns about foreign spies targeting Switzerland.

National Security Agency leaker Edward Snowden, who worked for the CIA at the U.S. mission to the U.N. in Geneva from 2007 to 2009, has released documents indicating that large American and British IT companies cooperated with those countries’ intelligence services.According to a Swiss government statement, contracts for critical IT infrastructure will “where possible, only be given to companies that act exclusively according to Swiss law, where a majority of the ownership is in Switzerland and which provides all of its services from within Switzerland’s borders.”

Swiss govt tightens tech security over NSA spying, Associated Press, Feb. 5, 2014

Open, Free, and American: the Internet

Leave a reply

[T]he odds are almost zero that the NSA hasn’t tried to influence Intel’s chips.” In 2012 a paper from two British researchers described an apparent backdoor burned into a chip designed by an American firm called Actel and manufactured in China. The chip is widely used in military and industrial applications. Actel says the feature is innocent: a tool to help its engineers fix hardware bugs…

Now America’s tech giants stand accused not just of mishandling their customers’ data, but, in effect, of knowingly selling them flawed software. Microsoft has always denied installing backdoors. It says it has “significant concerns” about the latest leaks and will be “pressing the government for an explanation”. The damage goes well beyond individual companies’ brands. American technology executives often use their economic clout to shape global standards in ways that suit their companies. Now that will be harder. American input to international cryptographic standards, for example, will have to overcome sceptical scrutiny: are these suggestions honest, or do they have a hidden agenda? More broadly still, America has spent years battling countries such as Russia, China and Iran which want to wrest control of the internet from the mainly American engineers and companies who run it now, and give a greater role to governments. America has fought them off, claiming that its influence keeps the internet open and free. Now a balkanisation of the web seems more likely. Jason Healey of the Atlantic Council, a think-tank, says that the denizens of Washington, DC, have lost sight of the fact that the true source of American cyber-power is neither the NSA and its code-breaking prowess nor the offensive capabilities that produced the Stuxnet virus, which hit centrifuges at an Iranian nuclear plant; it is the hugely successful firms which dominate cyberspace and help disseminate American culture and values worldwide. By tarnishing the reputations of these firms, America’s national-security apparatus has scored an own goal.

NSA and Cryptography: Cracked Credibility, Economist, Sept. 14, 2013, at 65