New Snowden Documents Reveal US Spying Has Actually Expanded
U.S Surveillance of international Internet traffic is expanding in the search for evidence of malicious computer hacking.
For anyone still in doubt about the impact of Edward Snowden’s revelations, it might be instructive to review what has been going on in the US Congress over the last few months, with legislators grappling with bills aimed at curbing the surveillance capabilities of the NSA and other federal agencies. In the end, in a classic congressional farce, there was a brief intermission in the NSA’s data-gathering capabilities, after which the Senate passed a bill to end the agency’s bulk collection of the phone records of millions of Americans.
Without public notice or debate, the Obama administration has expanded the National Security Agency's warrantless surveillance of Americans' international Internet traffic to search for evidence of malicious computer hacking, according to classified NSA documents.
In mid-2012, Justice Department lawyers wrote two secret memos permitting the spy agency to begin hunting on Internet cables, without a warrant and on American soil, for data linked to computer intrusions originating abroad—including traffic that flows to suspicious Internet addresses or contains malware, the documents show.
The Justice Department allowed the agency to monitor only addresses and "cyber signatures"—patterns associated with computer intrusions—that it could tie to foreign governments. But the documents also note that the NSA sought to target hackers even when it could not establish any links to foreign powers.
The disclosures, based on documents provided by Edward J. Snowden, the former NSA contractor, and shared with the New York Times and ProPublica, come at a time of unprecedented cyberattacks on American financial institutions, businesses, and government agencies, but also of greater scrutiny of secret legal justifications for broader government surveillance.
While the Senate passed legislation this week limiting some of the NSA's authority, it involved provisions in the USA Patriot Act and did not apply to the warrantless wiretapping program.
Government officials defended the NSA's monitoring of suspected hackers as necessary to shield Americans from the increasingly aggressive activities of foreign governments. But critics say it raises difficult trade-offs that should be subject to public debate.
The government can also gather significant volumes of Americans' information—anything from private e-mails to trade secrets and business dealings—through Internet surveillance because monitoring the data flowing to a hacker involves copying that information as the hacker steals it.
The surveillance activity traces to changes that began after the Sept. 11 terrorist attacks. The government tore down a so-called wall that prevented intelligence and criminal investigators from sharing information about suspected spies and terrorists. The barrier had been erected to protect Americans' rights because intelligence investigations use lower legal standards than criminal inquiries, but policy makers decided it was too much of an obstacle to terrorism investigations.
In a response to questions for this article, the FBI pointed to its existing procedures for protecting victims' data acquired during investigations but also said it continually reviewed its policies "to adapt to these changing threats while protecting civil liberties and the interests of victims of cybercrimes."
None of these actions or proposals had been disclosed to the public. As recently as February, when President Obama spoke about cybersecurity at an event at Stanford University, he lauded the importance of transparency but did not mention this change.
"The technology so often outstrips whatever rules and structures and standards have been put in place, which means that government has to be constantly self-critical and we have to be able to have an open debate about it," Obama said.
Going Back in Citizen Spy History
In 1946, peace was less than a year old. Labour was in power and the wartime signals intelligence service had been renamed as GCHQ. Building on their wartime collaboration, Britain and America signed an agreement that was to prove crucial to the so-called "special relationship".
They agreed to share intelligence on foreign countries but not to spy on each other's citizens. Later that was extended to five English-speaking countries, and is known as the "five eyes" agreement. This means Australia, Canada, New Zealand and of course the US and UK can spy on their own citizens.
Between 2004 and 2007 the Labour government gave the US National Security Agency permission to use information on innocent British people collected in the process of spying on actual targets.
The Five Eyes agencies have found ways to infiltrate all aspects of modern communications networks: forcing companies to hand over their customers’ data under secret orders, and secretly tapping fibre optic cables between the same companies’ data centres anyway; accessing sensitive financial data through SWIFT, the world’s financial messaging system; spending years negotiating an international agreement to regulate access to the data through a democratic and accountable process, and then hacking the networks to get direct access; threatening politicians with trumped-up threats of impending cyber war while conducting intrusion operations that weaken the security of networks globally; and sabotaging encryption standards and standards bodies, thereby undermining the ability of internet users to secure information.
