Background: the US Intelligence Community
Seventeen agencies make up the US Intelligence Community, including the Central Intelligence Agency (CIA), Federal Bureau of Investigation (FBI), Office of the Director of National Intelligence (ODNI) and the National Security Agency (NSA). The total budget for fiscal year 2013 for the Intelligence Community was US$52.6 billion. Although the bulk of the documents released by Edward Snowden are related to NSA operations, different Intelligence Community agencies often work together, request data together and share their intelligence with each other.
The NSA seems to classify its programs under three units, though these are not necessarily mutually exclusive: Special Source Operations (SSO), Global Access Operations (GAO) and Tailored Access Operations (TAO). GAO programs involve open access collection using satellites (FORNSAT), microwave intercept sites, or other forms of open collection in cooperative countries. SSO programs require privileged access for the data they collect, and TAO programs that collect data involve remote exploitation of computers or networks. In addition to these units, there is a joint NSA-CIA group called Special Collection Services (SCS), which inserts equipment in areas that are difficult to access, particularly diplomatic premises.
Many of the documents initially released by Edward Snowden and reported on in mainstream media contained details on the SSO unit. In particular, under the PRISM program, service providers – including Google, Apple, Microsoft, Facebook, YouTube, PalTalk, AOL and Yahoo – allowed the NSA to collect communications data for analysis. Also part of SSO are the programs which tap fibre-optic cables around the world – at least some of the access to these fibre-optic cables is achieved through industry cooperation. Other operations are undertaken without the knowledge of the companies involved.
Another category of documents reveals NSA operations that compromise smartphones and calling patterns. Location data enables the agency to discern previously unknown relationships between individuals using its CO-TRAVELER system. Cookies and data from mobile apps are targeted by a number of NSA tools. Text messages are also routinely collected.
Other documents show screenshots of a program called Boundless Informant, which maps and graphs data from every Digital Network Intelligence (DNI) record in the SIGINT system and offers a full view of GAO’s collection capabilities. High data volumes were observed, notably in US-allied countries such as Germany and Brazil, as well as the most heavily surveilled places, such as Iran and Afghanistan. The NSA’s XKeyscore database allows for analysis of data from the combination of data from PRISM, SCS sites (also called F6 sites) and FORNSAT sites.
Project BULLRUN, an NSA program aiming to defeat the encryption used to secure network communication technologies, works with the TAO unit. Documents on BULLRUN describe capabilities against SSL/TLS, SSH, encrypted chat, HTTPS, VPN and encrypted Voice-over-Internet-Protocol (VOIP).
The Snowden documents include indications of the extent and scale of the targeted TAO attacks carried out by the NSA and its international partners together with some details about individual targets. Documents also describe how TAO’s hardware and software attacks are implemented, including the interdiction and compromise of hardware produced by US companies that is intended for use overseas.
Documents in the Snowden archive also describe operations that are primarily carried out by the NSA’s Five Eyes partners in the UK, Canada, Australia and New Zealand. There are close staffing and funding relationships between these agencies. The NSA also has particularly close relationships that include jointly staffed projects, sharing of NSA tools and raw data about US citizens with signals intelligence agencies in Germany, Sweden and Israel.
The law behind surveillance
A number of important releases also reveal the justification that the NSA uses to enable the extent of collection and analysis mentioned above, as well as the US legislation that enables these programs. A 2009 draft report from the NSA Inspector General summarises NSA activities post-9/11 and, in particular, the transition from authorisation of warrantless surveillance by President Bush to Foreign Intelligence Surveillance Court (FISC) authorisation.
Two key parts of the Foreign Intelligence Surveillance Act (FISA) enable NSA surveillance: Section 215 of Title II in the Patriot Act of 2001 amending FISA, and Section 702 of the FISA Amendments Act (FAA) of 2008, also amending FISA. Section 215, entitled ‘Access to certain business records for foreign intelligence and international terrorism investigations’, allows the FBI to request metadata from US service providers, as they did in a court order issued to Verizon for all call records for a three-month period in 2013. Other NSA operations, including PRISM, seem to be authorised by FAA Section 702, which does not explicitly allow for targeting of US-person data. However, certain documents show that programs enabled by Section 702 inevitably contain US-person data in their databases, and those databases can be used to search for US persons or analyse their metadata under appropriate procedures.
Executive Order 12333, signed by President Reagan 4 December 1981, is also an important source for NSA authorities, allowing US intelligence agencies to operate beyond the bounds of judicial and legislative oversight for foreign intelligence purposes, with the approval of the US attorney general. The NSA’s interpretation of Executive Order 12333 is not public, but the order is said to place few restrictions on the gathering of US persons’ communications content and metadata where it is collected “incidentally” and allow the broad collection of non US persons’ data. Edward Snowden has suggested that “indefensible collection activities”, such as the upstream collection of US internet companies’ data travelling between their data centres, takes place under Executive Order 12333 authorities.
US foreign intelligence involves extensive spying on diplomatic allies and trade partners. UN and EU embassies in New York and Washington have been bugged by the NSA, and SCS sites are intercepting communications of US diplomatic partners overseas. Documents released in Brazilian media outlets show that the US gathers foreign intelligence by spying on participants of the Summit of the Americas and the Organization of American States and by analysing data on topics such as oil and energy. One document details a ‘success’ in pushing for Iran sanctions after significant support from NSA espionage reports on the UN Security Council.
The NSA has had extensive collaboration with the British Government Communications Headquarters (GCHQ), even paying the UK intelligence agency for access to certain operations. The GCHQ Tempora operation provided both agencies with data from a number of tapped fibre-optic cables. Intelligence and collected data is also shared between the NSA and the intelligence agencies in Germany, Israel and Sweden.