This internal NSA memo from SIGINT Director Teresa H Shea shows how the agency reacted to a October 2011 ruling of the FISA court, which was declassified after Edward Snowden’s revelations began. The ruling found that NSA had been intercepting the communications of non-targeted persons in the United States, violating the Fourth Amendment. The memo announces minimal changes to the Agency’s procedures, which the agency finally admitted were lacking in 2017, when it finally amended its mode of collection: see the Intercept article The Wiretap Rooms: The NSA’s Hidden Spy Hubs In Eight U.S. Cities, 25 June 2018.
This NSA Special Source Operations presentation from 22 March 2013 supplies a detail about the Breckenridge access point that supports the identification of the corporate partner codenamed STORMBREW as US telecommunications company Verizon: see the New York Times article AT&T Helped U.S. Spy on Internet on a Vast Scale, 15 August 2015.
This NSA Staff Processing Form dated 27 March 2012 describes the type of assistance the agency will provide to the FBI on the basis of the new FAA702 “cyberwar” certification: see the New York Times article Hunting for Hackers, N.S.A. Secretly Expands Internet Spying at U.S. Border, 4 June 2015.
24 November 2014 – Over the past 24 hours, security companies have released information about an advanced malware tool called Regin.
Symantec described Regin as “a complex piece of malware whose structure displays a degree of technical competence rarely seen”, concluding that the “capabilities and the level of resources behind Regin indicate that it is one of the main cyberespionage tools used by a nation state.”
This undated image, taken from NSA training materials, shows the role played by Executive Order 12333 in authorising the agency’s activities: see the Washington Post article Privacy watchdog’s next target: the least-known but biggest aspect of NSA surveillance, 23 July 2014.
This document lists the 193 governments, intragovernmental organisations and other entities which the NSA was granted the legal authority to intercept communications “about” for foreign intelligence purposes in August 2010: see the Washington Post article Court gave NSA broad leeway in surveillance, 30 June 2014.
On 8 April 2014, Edward Snowden gave testimony to the Council of Europe’s Committee on Legal Affairs and Human Rights by video link. As with his previous testimony to the European Parliament, Mr Snowden used his statement to elaborate on topics that had been previously outlined by journalists. Topics covered include data mining, XKeyscore fingerprinting and the surveillance of Amnesty and other human rights organisations. Mr Snowden also confirmed that we can expect to see “more, and more specific” reporting on NSA attempts to change legal regimes overseas.
The Council of Europe is preparing reports on mass surveillance and on the protection of whistleblowers, which will be published before the end of this year. This is the first hearing supporting those reports; a second will be held on 24 June. Legal challenges to GCHQ’s activities have also been lodged in and fast-tracked by, the European Court of Human Rights.
This slide from a March 2013 NSA Special Source Operations presentation reveals the existence of a FISA Court order (case number 13-319) relating to “Germany”, among others: see the Der Spiegel article ‘A’ for Angela: GCHQ and NSA Targeted Private German Companies and Merkel, 29 March 2014.
This NSA Staff Processing form from 6 September 2006 describes some of the problems relating to the expansion of the raw FISA information made available to NSA field offices. Referring to different classes of FISA information being stored together the memo concludes that “it is possible that there are already FISA violations resulting from the way data has been stored in these databases”: see the New York Times article How a Court Secretly Evolved, Extending U.S. Spies’ Reach, 12 March 2014.