Is There Anything Left for the NSA to Spy On?

New leaks from Edward Snowden portray an agency breaking into systems it already had obtained legal access to.

National Journal
Dustin Volz, Matt Berman and Brian Resnick
Oct. 30, 2013, 9:11 a.m.

There’s a new leak out today from Ed­ward Snowden and The Wash­ing­ton Post. And it just con­firms the man­tra of 2013: If you thought the last leak was big, just wait for the next one. Today we learn that the NSA drag­net can cap­ture the cloud.

“Two en­gin­eers with close ties to Google ex­ploded in pro­fan­ity when they saw the draw­ing. ‘I hope you pub­lish this,’ one of them said.”

The fit­tingly named pro­gram, MUS­CU­LAR, secretly sends “mil­lions of re­cords every day from Ya­hoo and Google in­tern­al net­works to data ware­houses at the agency’s Fort Meade headquar­ters.”

The new dis­clos­ure is stun­ning — even for a Snowden leak — be­cause the Na­tion­al Se­cur­ity Agency already pos­sesses court-ap­proved au­thor­ity to col­lect vast amounts of on­line com­mu­nic­a­tion re­cords, thanks to Sec­tion 702 of the For­eign In­tel­li­gence Sur­veil­lance Act. Le­gis­la­tion in­tro­duced this week by Rep. Jim Sensen­bren­ner, R-Wis., and Sen. Patrick Leahy, D-Vt., would lim­it the gov­ern­ment’s au­thor­ity for such data-sweep­ing un­der the sec­tion.

As The Post notes, “The in­filt­ra­tion is es­pe­cially strik­ing be­cause the NSA, un­der a sep­ar­ate pro­gram known as PRISM, has front-door ac­cess to Google and Ya­hoo user ac­counts through a court-ap­proved pro­cess.” However, when asked about the Post art­icle, NSA Dir­ect­or Keith Al­ex­an­der told Bloomberg News Wed­nes­day “This is not NSA break­ing in­to any data­bases. It would be il­leg­al for us to do that. And so I don’t know what the re­port is, but I can tell you fac­tu­ally we do not have ac­cess to Google serv­ers, Ya­hoo serv­ers.”

So why go through a stealth back­door, too? Be­cause get­ting ad­di­tion­al in­form­a­tion from the cloud is ap­par­ently too much for the NSA to pass up.

The leaks come just a day after seni­or in­tel­li­gence of­fi­cials test­i­fied be­fore Con­gress and ex­pressed skep­ti­cism that the White House did not know about NSA’s over­seas eaves­drop­ping that has in­cluded tap­ping com­mu­nic­a­tions of for­eign heads of state. Both Al­ex­an­der and Dir­ect­or of Na­tion­al In­tel­li­gence James Clap­per in­dic­ated that the White House is aware, at least gen­er­ally, of much of the agency’s spy­ing.

The in­tel­li­gence of­fi­cials also said that a lot of this work oc­curs with the col­lab­or­a­tion of for­eign gov­ern­ments. The data col­lec­tion abroad “rep­res­ents in­form­a­tion that we and our NATO al­lies have col­lec­ted in de­fense of our coun­tries and in sup­port of mil­it­ary op­er­a­tions,” Al­ex­an­der said. MUS­CU­LAR is run in con­junc­tion with Bri­tain’s GCHQ.

In case this wasn’t already com­pletely ob­vi­ous, the MUS­CU­LAR rev­el­a­tion is not go­ing over well with Google. The Snowden-leaked NSA slides that de­scribe the pro­gram make it seem as if the gov­ern­ment is in­ten­tion­ally con­grat­u­lat­ing it­self for out-think­ing the In­ter­net co­los­sus:

In an NSA present­a­tion slide on “Google Cloud Ex­ploit­a­tion,” however, a sketch shows where the “Pub­lic In­ter­net” meets the in­tern­al “Google Cloud” where their data resides. In hand-prin­ted let­ters, the draw­ing notes that en­cryp­tion is “ad­ded and re­moved here!” The artist adds a smi­ley face, a cheeky cel­eb­ra­tion of vic­tory over Google se­cur­ity.

Two en­gin­eers with close ties to Google ex­ploded in pro­fan­ity when they saw the draw­ing. “I hope you pub­lish this,” one of them said.

Google, of course, is not alone in hav­ing something to shout pro­fan­it­ies about.

To re­cap, from the leaked files of Ed­ward Snowden we’ve learned that the NSA tracks phone-call metadata; tracks email cor­res­pond­ence tak­ing place in for­eign coun­tries (and ap­par­ently has the tech­nic­al cap­ab­il­it­ies to do the same with U.S. cit­izens); has a sys­tem that al­lows ana­lysts to dig through these ex­pans­ive data­bases; does mass col­lec­tions of ad­dress books; some­times in­ter­cepts the com­mu­nic­a­tions of world lead­ers; and has dir­ect taps in­to the most widely used In­ter­net ser­vices.

But wait, there’s more. Al­most sim­ul­tan­eously, Al Jaz­eera pub­lished NSA doc­u­ments ob­tained through a Free­dom of In­form­a­tion Act re­quest coach­ing of­fi­cials to use the ter­ror­ist at­tacks of Sept. 11, 2001, as jus­ti­fic­a­tion when pub­licly dis­cuss­ing sur­veil­lance pro­grams.

What’s next?

×