April 2013 FISC Order demanding that Verizon hand over all telephony metadata to NSA. The order had been initially granted in May 2006. In 2009 the FISC discovered that the government had made repeated and substantial misrepresentations to the court about its use, and had routinely been "running queries of the metadata using querying terms that did not meet the required standard for querying." It further concluded that the violations had been routine and systematic.[1]
Legal Justification of the bulk telephony metadata collection (officially released)[2]
2009 NSA Procedures for Targeting Foreigners for Surveillance
2009 NSA Procedures for Minimizing collection on US Persons
2011 NSA Procedures for Minimizing collection on US Persons (officially released)[3]
Reference to a 2011 Change in the court-approved Minimization Procedures allowing analysts to run search queries using US persons' identifiers if there is "effective" oversight by NSA (it is not publicly known if such oversight has been established, or if any such searches have been conducted).[4] The court order mentioned was later officially released.[5]
October 2011 Court decision finding NSA's upstream collection program, which collected tens of thousands of non-target communications, to have violated the law. It held, citing multiple Supreme Court precedents, that the Fourth Amendment applies to the contents of all communications, whatever the means (they are "papers"). It also finds that the NSA's minimization and targeting policies to be legally and/or constitutionally deficient, and recommends changes. (officially released).[5][6][7][8][9][10][11][12][13][14] Additional findings:
The collection of Upstream data had begun before a court order approving it, in violation of 50 USC § 1809(a), which makes it a crime to engage in, use or disseminate surveillance knowing, or having reason to know such surveillance was not authorized. [15]
March 2009 FISC ruling showing a consistent pattern of misrepresentations of the bulk telephone metadata collection program by the government to the Court. It also held that the data was being routinely queried in ways that did not meet "reasonable articulatable suspicion", demonstrating inadequate safeguards in the software and training of analysts. Showing that "thousands of violations resulted from the use of identifiers that were not "RAS-approved by analysts who were not even aware that they were accessing BR metadata," and that in 2006 "there was no single person [in the NSA] who had a complete understanding of the BR FISA system architecture," a situation which persisted until February 2009 or later. RAS is shorthand for Reasonable Articulatable Suspicion. The Court nonetheless reapproved the collection of bulk phone metadata, while mandating additional safeguards and training, and "end-to-end system engineering reviews," and reports from the review. (Officially released by court order)[16][17][18][19][20][21][22]
April 2013 list of US Spying targets and topics by priority. The top priority countries are: Iran, Russia, China, Pakistan, North Korea and Afghanistan. Germany, France, the European Union, and Japan are mid-level priorities; Italy and Spain rank lower.[23][24]
A memorandum of understanding concerning US sharing of raw SIGINT with Israel. The data has not been scrubbed to eliminate US persons, it asks Israel not to deliberately target US persons, however the agreement allows Israel to retain US person data for one full year. The memorandum is not legally binding. A separate document states "And there are other kinds of CI threats that are right on our midst. For example, one of NSA's biggest threats is actually from friendly intelligence services, like Israel.", it continues "Balancing the SIGINT exchange between US and Israeli needs has been a constant challenge. In the last decade, it arguably tilted heavily in favor of Israeli security concerns. 9/11 came and went, and with NSA's only true Third Party CT relationship being driven almost entirely driven by the needs of the partner."[27]
September 13, 2013 FISC Court order declassifying all the legal opinions relating to Section 215 of the Patriot Act written after May 2011 not already the subject of Freedom of Information Act litigation. The FISA Court ruled that the White House must identify the opinions in question by October 4, 2013.[28][29][30]
1,000 pages of documents were released by James R. Clapper Jr. on November 19, 2013, in response to lawsuits filed by the American Civil Liberties Union and the Electronic Frontier Foundation and a directive by U.S. President Barack Obama. Among the documents are what appeared to be the original court document authorizing the National Security Agency to conduct sweeping collections of Americans' electronic communications records for counterterrorism purposes, the NSA's failure to abide by court-imposed rules to protect Americans' privacy, reports to Congress, training slides and regulations issued under President Obama.[31][32][33][34][35]
December 16, 2013 ruling by US district court judge for the District of Columbia Richard Leon[36][37][38][39][40][41] declaring that the mass collection of metadata of Americans' telephone records by the National Security Agency probably violates the fourth amendment prohibition unreasonable searches and seizures.[42] Leon granted the request for a preliminary injunction that blocks the collection of phone data for two private plaintiffs (Larry Klayman, a conservative lawyer, and Charles Strange, father of a cryptologist killed in Afghanistan when his helicopter was shot down in 2011)[43] and ordered the government to destroy any of their records that have been gathered. But the judge stayed action on his ruling pending a government appeal, recognizing in his 68-page opinion the "significant national security interests at stake in this case and the novelty of the constitutional issues."[42]
2013-12-27 ruling by U.S. District Judge William H. Pauley III in New York City holding[44] the U.S. government's global telephone data-gathering system is needed to thwart potential terrorist attacks, and that it can only work if everyone's calls are swept in. In his opinion, he wrote, "a bulk telephony metadata collection program [is] a wide net that could find and isolate gossamer contacts among suspected terrorists in an ocean of seemingly disconnected data" and noted that a similar collection of data prior to 9/11 might have prevented the attack.[45] U.S. District Judge William H. Pauley III also ruled that Congress legally set up the program and that it does not violate anyone's constitutional rights. The judge also concluded that the telephone data being swept up by NSA did not belong to telephone users, but to the telephone companies. And further he ruled that, when NSA obtains such data from the telephone companies, and then probes into it to find links between callers and potential terrorists, this further use of the data was not even a search under the Fourth Amendment. He also concluded that the controlling precedent is Smith v. Maryland: "Smith's bedrock holding is that an individual has no legitimate expectation of privacy in information provided to third parties," Judge Pauley wrote.[46][47][48][49]
Extracts from reports relating to XKeyscore. One entitled "Tales from the Land of Brothers Grimm" and others detailing the successes of said software, another is a note from an analyst who felt that he always had one foot in prison when using it. XKeyscore is also described as "big and scary, strong and powerful" and lets an analyst do whatever they like.[50]
Reports detailing thousands of privacy violations[51]
Numerous reports relating to drones, including "Threats to Unmanned Aerial Vehicles", a report summarizing attempts to shoot down, intercept, control or otherwise spoof drones. While the report details vulnerabilities of specific aircraft, the document itself has not been published, but only excerpts described. Other reports detail American spin efforts, suggesting that the phrases "drone strike," "kill list," "robot warfare," "Aerial Assassins" be avoided, offering "lethal UAV operations" instead, and also terms like "Pre-emptive and Preventive Military Action" and "Inherent Right of Self Defense." Likewise, reports detail efforts by Al-Qaeda to spin, portraying attacks as cowardly and immoral. Analysts also questioned whether America was losing rhetorical battle in courts, media, and public opinion. Another report stated that drone strikes "could be brought under increased scrutiny, perceived to be illegitimate, openly resisted or undermined."[52]
The US learned that Pakistan engaged in a pattern of extrajudicial killings, mostly against militants. However, not all targets militants, Pakistan also planned to murder a human rights activist, Asma Jahangir, while she was on a visit to India. The plot was aborted when she learned of it. The US sought to avoid public disclosure of this, and other incidents.[53][54]
The NSA and GCHQ have access to user data in iPhones, BlackBerrys, and Android phones. They are able to read almost all smartphone information, including SMS, location, emails, and notes.[55]
Accounts for 91% of collection under FAA702 authority.
Cooperation between the NSA and internet companies, whereby the companies allow the NSA access (whether direct or indirect is disputed) to their servers.[58]
MARINA: An NSA Database of Internet metadata.[61][62]
Timing Advances: no explanation has been provided in the source material.
Transit Authority: A legal authority that states communications that transit the United States are collectible, provided that both endpoints are foreign.
RAGTIME – A blanket term for any of four different surveillance programs[56][68]
Special Collection Service – Joint CIA/NSA eavesdropping team focused based in about 80 US embassies and consulates around the world. There are known branches in Frankfurt and Vienna. According to Der Spiegel, many of their operations are a direct violation of at least 3 signed treaties: "The Convention on the Privileges and Immunities of the United Nations of 1946, the Vienna Convention on Diplomatic Relations of 1961, and a signed an agreement in 1947 that rules out all undercover operations.[69]
STATEROOM – Surveillance on embassies and consulates. Highly Classified.[69]
BULLRUN, named after the Battle of Bull Run. – Bullrun refers to the NSA's set of codebreaking capabilities, including the use of Computer Network Exploitation (hacking) to obtain keys, weakening of encryption standards and providing backdoors to the same.[70] The following codenames are known to be related to BULLRUN: APERIODIC, AMBULANT, AUNTIE, PAINTEDEAGLE, PAWLEYS, PITCHFORD, PENDLETON, PICARESQUE, and PIEDMONT. No further explanation of the above codenames has been provided to date.[71]
Treasure Map, near real-time, interactive map of the global Internet. Collects Wi-Fi network and geolocation data, and the traffic of 30–50 million unique Internet addresses. It can reveal the location and owner of a computer, mobile device or router on a daily basis. NSA boasts that the program can map "any device, anywhere, all the time."[72]
Special Source Operations (SSO) – Is a division of the NSA responsible for all programs which collaborate with corporate entities.[73]
Upstream collects data from fiber-optic cables and internet backbones.[58][74]
Codenames of companies participating in Upstream: BLARNEY (a surveillance program which was established by the NSA with AT&T and which operates at or near key fiber-optic landing points in the U.S. to capture foreign communications coming in and out of the country),[75][76]STORMBREW, FAIRVIEW (a highly classified program for tapping into the world's intercontinental fiber-optic cables according to NSA whistleblower Thomas Andrews Drake),[76] and OAKSTAR. There are conflicting sources: some that call these "programs",[75][77][78] versus the official statement called "The National Security Agency: Missions, Authorities, Oversight and Partnerships" that describes them as codenames of cooperating companies.[79][80] A third source, just released groups them with describes them as "programs authorized to collect cable transit traffic passing through US Gateways with both sides of the communication being foreign.[56]The FY 2013 budget for the above programs is as follows:[81]
RAMPART – Described as being part of Special Source operations, there is at least one known subdivision.[82]
RAMPART-T – Started in 1991 or earlier, documents describe this program as: "Penetration of hard targets at or near leadership level". The information is intended for "the president and his national security advisers". Rampart-T is aimed at China, Russia, and Eastern European countries, there are around 20 nations targeted.[69]
Microsoft allows the NSA to bypass encryption on Outlook.com.
Apalatchee = The EU mission by the East River, in New York.[69]
Magothy = The EU embassy in Washington, DC. This embassy had its internal videoconferencing, and other areas of the computer network tapped. Both by the US, and by the Chinese. The US effort was conducted by the team working for the BLARNEY program.[69]
Wabash = French diplomatic office in Washington. This office was bugged.[87]
Blackfoot = French diplomatic office in the UN in New York. This office was bugged and computer screen captures obtained.[87]
Tempora – Collects data from transatlantic fibre-optic cables of major telecommunications corporations by directly tapping on them and from Internet backbones. Tempora uses intercepts on the fibre-optic cables that make up the backbone of the internet to gain access to swaths of internet users' personal data. The intercepts are placed in the United Kingdom and overseas, with the knowledge of companies owning either the cables or landing stations. It is a GCHQ program to create a large-scale "Internet buffer" which stores Internet content for three days and metadata for up to 30 days.[74][90][91] Its component programs are Mastering the Internet and Global Telecoms Exploitation.[92]
Karma Police – Internet metadata collection program designed to profile the web browsing habits of 'every visible user on the Internet'.[93]
Britain runs a large-scale intercept station in the Middle East, capable of tapping underwater fiber-optic cables and satellites, and extracting email, telephone, and web traffic. The information is then passed to the GCHQ and shared with the NSA. The operation costs around £1 billion and is still being assembled. It is part of the "Tempora" project.[94]Edward Snowden disputes the Independent's claim that he, or anyone he has had direct contact with is the source of this information.[95]Süddeutsche Zeitung's fiber optic revelations were also described as having been obtained from GC-Wiki by Snowden.[96]
GCHQ is believed to have forced some six global telecommunications and Internet companies to allow them to access more than 14 fiber optic cables that transport telephone communications.[96] The six companies, BT, Vodafone, Viatel, Interoute, Verizon and Level-3, gave GCHQ access to the cables in return for payment, it is believed the companies had no choice in this decision.[96] Three of the cables' terminal stations are on German territory; two of the cables are partially owned by Deutsche Telekom, who have denied knowledge of or participation in GCHQ's activities.[96]
The Belgian telecom company Belgacom reports that it had been hacked, and has filed criminal charges, and will be cooperating with the investigation into the hacking.[citation needed] According to documents released by Der Spiegel, the operation against Belgacom was entitled 'Operation Socialist' and was done by the GCHQ for the purpose of enabling Man-in-the-middle attacks against smartphones.[97][98]
Spying on Latin America with the help of Global Crossing.
The NSA operates the global monitoring network Special Collection Service that collects from more than 80 embassies and consulates worldwide, often without the knowledge or consent of the host country.[99][100]
The NSA spied on a UN videoconferencing system, in violation of the US agreement with the UN not to do so. In the process NSA discovered that the Chinese had already done so, and then started analyzing what the Chinese were taking. Shortly thereafter, the NSA gained access to approximately 500 other UN channels of communications.[99][100]
Additional details of the raid on Osama bin Laden's Abbottabad, Pakistan compound. The work of Tailored Access Operations, in installing spyware on phones is highlighted. Also highlighted are the roles of the CIA, other agencies, and the Navy SEALs.[101]
The NSA's Network Analysis Center cracked the reservation system for Aeroflot, and also hacked Al Jazeera, accessing specially protected material, according to a document dated in 2006.[102]
The NSA hacked the French Foreign Ministry, and bugged the French diplomatic offices in Washington and New York in 2010.[87]
The NSA conducted extensive spying on Enrique Peña Nieto, and his aides, accessing their emails. Likewise, the NSA spied on the communications of Dilma Rousseff, and her aides, and also created a two hop contact graph. The source document is dated June 2012, it is unclear whether the operation is ongoing.[103][104][105]
The NSA and GCHQ target banks and credit card companies by various means including "Tailored Access Operations", specifically by targeting printer traffic from banks. VISA has also been targeted. According to a GCHQ document, the collection involves "bulk data" containing "rich personal information" that is mostly "not about our targets".[86]
From collection points outside the United States, the NSA gathers contact lists belonging to users of e-mail and instant messaging services, including Yahoo, Hotmail, Facebook and Gmail.[106]
NSA relationships with foreign intelligence services
Payments to GCHQ from NSA totaling at least £100 million
Relationships with Germany's BND, exchange of technology: (XKeyscore, and the German programs and bulk metadata (500 Million records in one month alone)).
The US directly spies on most of its allies, even those with intelligence sharing agreements, with only the Five Eyes being immune.[50]
In cryptography, encryption is the process of encoding information in such a way that eavesdroppers or hackers cannot read it, but that authorized parties can. According to Snowden's recommendations published by The Guardian Edward in September 2013,[107] properly implemented strong crypto systems were among the few things which one can rely on. However, endpoint security is often too weak to prevent the NSA from finding ways around it.[107]
In September 2013, it was reported by the press that a number of countries deemed by the US and its allies to be rogue states, such as Syria, Iran and North Korea, had successfully evaded U.S. government surveillance by constructing secret bunkers deep below the Earth's surface.[108]
In 2002, the NSA, in cooperation with the FBI, and in cooperation with Qwest, monitored nearly all communications in the Salt Lake area in the six months surrounding the Olympic games.[75][109][110]
Since 2005, Canada has been running a bulk phone metadata, email and text message program.[111][112][113]
The NYPD is engaging in mass surveillance, particularly of Muslims, in mosques, in social gatherings, and even at home. The department employs "rakers" to troll Muslim neighborhoods. The unit employing said rakers, was once called "The Demographics Unit," the name was changed in 2010 to the "Zone Assessment Unit" to mask the appearance, though not change the fact of racial profiling. Knowledge of this program was kept from the city council.[114]
Devices made by the American company Blue Coat Systems, which are used for Internet surveillance and censorship, have turned up repeatedly in countries that censor and surveil the Internet, and have a record of human rights abuses, such as Iran, Syria, China, Burma (Myanmar) and Sudan.[115][116][117][118]
The ACLU has released a report on the proliferation of license plate readers and on the retention of data from them.[119][120]
The FBI has been pressuring ISPs to install surveillance software, referred to as the "harvesting program".[121]
The FBI has been using malware and hacking to surveil suspects. Reports indicate however, that hacking and malware usage remains a last resort, and that warrants are sought for individual cases.[122][123]
The NSA collects the contents of emails that transit from the US to abroad, and searches them for keywords.[124]
India will be building a mass domestic surveillance program called the "Central Monitoring System", which will be able to track all voice, fax, and text across all telephone networks in the country. It will also contract the Israeli company Verint Systems to monitor encrypted Gmail, BlackBerry, Skype and Yahoo! mail.[126][127]
More than 230 thousand people were questioned under the United Kingdom's Schedule 7 of the Terrorism act of 2000 between April 2009 and March 2012.[128]
New Zealand passed a bill allowing domestic spying against its citizens and residents, by a narrow margin (61–59).[129][130]
"The Find," the NSA can locate cellphones even when they were turned off.[133]
The DEA's and IRS's use of NSA data to start criminal investigations against US citizens, and their method of "Parallel Construction" to conceal the true origins of their evidence.[134][135]
CIA operative De Sousa, convicted in absentia in Italy in the extraordinary rendition case of Osama Mustapha Hassan Nasr AKA Abu Omar goes on camera describing the case.[136]
Insider Threat Program – policy requiring federal employees to report "high-risk persons or behaviors" from among co-workers, as well as to punish those who fail to report such colleagues.[137] In 2013, the NSA planned to investigate over 4000 cases.[25]
The German Federal Office for Information Security has warned that Windows 8 has a built-in backdoor, that could allow Microsoft, and by extension the NSA to access many Windows 8 machines via the Trusted Platform Module that comes embedded on many Windows 8 machines.[138][139] Of the subset of CIA applicants whose backgrounds raised flags, one fifth were found to have ties to either terrorism or foreign hostile intelligence.[140]
The NSA has admitted about a dozen cases of willful violations by analysts over the last 10 years.[141] One common form, in which an analyst spies on a love interest, has been dubbed "LOVEINT"[142]
The Hemisphere Project, a secret partnership between federal and local drug officials and AT&T since September 2007. Law enforcement has access to electronic call detail records for any telephone carrier that uses an AT&T switch to process a telephone call. Records go back to 1987 and about 4 billion are added every day. Officials are instructed to obfuscate the existence of the program, by a method similar to "Parallel Construction" in which a separate subpoena is obtained for records which had already been returned by the Hemisphere project, thus disguising the true origin of the data.[143][144]
Sweden is helping the GCHQ tap fiber-optic cables and has become, effectively, a member of the 'Five Eyes', according to Duncan Campbell in a hearing of the EU parliament's LIBE committee. He further states that the codename for the tapping operation is "Sardine" and is classified several levels above top secret, and that the information about Sweden was withheld from publication in the Guardian, The New York Times, and Pro Publica.[145][146][147]
CIA, BND and the Federal Office for the Protection of the Constitution ran Projekt 6 (P6 for short) from 2005 to 2010. Its aim was to gather intelligence on suspected jihadists and terrorism supporters. An American query request for the internal database, code name PX contains the passport number, date of birth and name of German investigative journalist Peter Buchen.[148]
The ACLU released a 69-page report on the FBI entitled "Unleashed and Unaccountable" detailing warrantless wiretapping, spying on political activists and journalists, biased training and racial profiling, proxy detentions in foreign countries, use of the no-fly list as a means of pressuring people to become informants, bulk data collection (eGuardian and bulk telephony metadata), dodging oversight and misleading the public.[149][150]
The NSA purchases zero-day exploits from Vupen, as revealed in a FOIA request. In response, the CEO of Vupen suggested that a FOIA request also be made for Raytheon, Lockheed Martin and Northrop, because they also sell exploits.[151]
^A published heat map shows that most data is collected from Iran, Pakistan and Jordan, with over 40 billion individual pieces of information collected from these three countries alone in March 2013 alone, from a total of 97 billion worldwide.