In the public interest.
In the public interest.
PRISM, Snowden and Government Surveillance: 6 Things You Need To Know
By Lavanya Rathnam
— Last Updated: 19 Apr’17 2017-04-19T14:22:13+00:00
Edward Snowden, one of the most famous whistleblowers of our times, brought to light the many surveillance programs and other snooping activities of the U.S. government. This former intelligence officer revealed top secret documents to Glenn Greenwald of The Guardian and Laura Poitras, a freelance journalist, in May 2013 at a hotel in Hong Kong.
The many documents that he gathered from U.S. intelligence agencies like the NSA show the depth and breadth of surveillance programs that have been in place since 2007. It also showed the role of corporations, governments of other countries and lawmakers in furthering and legitimizing these surveillance programs.
Privacy enthusiasts, including us at Cloudwards.net, were shocked by some of these programs. Here’s a quick look into some of the surveillance schemes that Edward Snowden blew the whistle on back in 2013.
Probably Snowden’s biggest revelation was concerning a program called PRISM, under which the National Security Agency (NSA) accesses emails, documents, photographs and other sensitive users’ data stored in major companies.
Documents leaked by Snowden show that Facebook, Google, Microsoft, Yahoo, PalTalk, AOL, Skype, YouTube and Apple give the NSA direct access to its users’ information. According to the documents, Dropbox also joined this list (one of the many reasons we recommend our readers stick with secure alternatives to this service).
PRISM was launched from the ashes of President George W. Bush’s domestic surveillance programs, which were abandoned due to lawsuits, disclosures in the media and widespread protest.
Due to past controversies, this program was given the legal go-ahead by the U.S. Congress when it passed the Protect America Act in 2007. Also, the FISA Amendments Act of 2008 gave legal immunity to private companies that cooperated voluntarily with U.S Intelligence agencies.
Microsoft became PRISM’s first partner in 2007 and the NSA began collecting vast amounts of data from its servers. Other companies joined the program in due course. In 2008, Congress gave the Justice Department authority to compel a reluctant company to “comply” with the needs of PRISM. This means that even companies that were not willing to join the program voluntarily had to do so at the behest of a court order.
This gave the NSA access to even more information. Soon, PRISM became a leading source of raw material for the NSA, as it accounted for one in every seven intelligence reports. PalTalk, for example, is much smaller when compared to the other companies on the list, but it provided substantial intelligence during the Arab Spring and the ongoing Syrian civil war.
A court order shows that Verizon was ordered to provide the details of all calls, on a daily basis, to the NSA. This included calls that were made within the U.S. as well as between the U.S. and other countries.
This order was granted by the secret Foreign Intelligence Surveillance Court to the FBI on April 25, 2013. Under this order, Verizon has to provide the numbers of both parties on a call, location data, call duration, time of the call, International Mobile Subscriber Identity (IMSI) number and any other unique identifiers.
In addition, the court order explicitly forbids Verizon from disclosing to the public the existence of FISA order or this request from the FBI. The terms of this order complies with the “business records” provision of the Patriot Act.
A report in The Wall Street Journal shows that this court order was sent to AT&T and Sprint Nextel too. This arrangement with the country’s three largest phone companies means that the NSA gets a record of almost every call that is made.
To top it, some documents show that the NSA can crack cellphone encryption, so it can easily decode the content of intercepted calls and messages.
The report also states that the NSA made a similar arrangement with Internet service providers to obtain data about emails and browsing history of all individuals. A recent decision by the U.S. Senate will compound this breach of privacy by ISPs, as they will not just be working with the NSA but also with commercial third parties to sell customer data.
Besides wiretapping and ISP spying, credit card transactions are also cataloged and stored in NSA’s servers for analysis.
The British intelligence agency, the Government Communications Headquarters (GCHQ) works closely with the NSA in a program called Tempora.
Under this program, GCHQ monitors the world’s phone and Internet traffic to gather information on emails, calls, facebook messages and browsing history by tapping directly into the transatlantic fiber optic cables that land on the shores of the UK. All this data and intelligence is shared with the NSA. In fact, more than 850,000 NSA employees and private contractors like Snowden had access to the GCHQ database.
A report shows that in 2012 alone, the GCHQ handled 600 million phone calls a day by tapping into 200 cables. Since each cable can carry 10GB of data per second, this agency had access to about 21 petabytes of data every day.
This collection is legal, as the Regulation of Investigatory Powers Act (RIPA) allows the GCHQ to collect information without a warrant. As a result, Tempora gives the British spying agency the “biggest Internet access” among a coalition called “Five Eyes,” which comprises Australia, Canada and New Zealand, besides the UK and the U.S.
Tailored Access Operations (TAO)
When the NSA is unable to break encryption codes, it uses an elite hacker team called Tailored Access Operations, or TAO for short. This team hacks into computers worldwide and infects them with malware to access the computer’s stored content.
The NSA is believed to use this tactic when it needs detailed information on a specific target or when it’s unable to break an encryption code.
Another surveillance program called Dishfire collects almost 200 million text messages from across the world and uses them to extract data such as location, contact networks and credit card details.
Using this information, the NSA could extract people’s travel plans, financial transactions and more. In addition, another program called “Prefer” conducts an automated analysis of these text messages on all individuals, even those who were not under the suspicion of any illegal activity.
For example, on an average, the NSA was able to extract information related to 1.6 million border crossings and over 800,000 financial transactions through text-to-text payments using “Prefer.”
The NSA is intercepting, recording and storing all calls made in the Bahamas under a program called SOMALGET, a top-secret program that is implemented without the knowledge or consent of the Bahamian government.
A report by The Intercept showed that the U.S. Drug Enforcement Administration opened a backdoor to the country’s cellular network, thereby giving the NSA covert access to all mobile calls. In fact, SOMALGET is a cutting-edge tool that allows the NSA to store the actual content of every conversation, not just the metadata.
This program is a part of a larger program called MYSTIC, under which the U.S is secretly monitoring the telecommunication systems of other countries like Mexico, the Philippines and Kenya.
The NSA is using MYSTIC to gather personal data on mobile calls placed in countries that have a population of more than 250 million people. It is gaining access to these networks through the interception mechanism covertly installed by American companies that operate in these countries. According to some classified documents, the agency is seeking more funding to expand its surveillance program to other countries.
From the above facts it’s clear that the NSA is keeping a constant watch over your activities. With the help of large corporations and lawmakers, the government knows every little thing you do. Even information you access, store and use is recorded in NSA’s facilities, thereby giving you little to no privacy in your everyday life.
Such programs show how surveillance practices have shifted from individual suspicion in favor of a large and systematic practice of collecting mass data. Given this, the onus is on you to protect your privacy in a methodical way.
Sign up for our newsletter
to get the latest on new releases and more.
Thankfully, people who take their privacy seriously have a host of ways to protect it: from VPN services (we’d recommend reading our ExpressVPN review in that case) to secure providers of cloud storage and online backup. Some privacy tools are free, making keeping your data safe something anyone can do regardless of financial situation.
What do you think about the government and corporations spying on us? Let us know in the comments below, thank you for reading.
Surveillance and visibility is in the public interest.
The same discussion applies to Australians under surveillance. The question would be – is Pine Gap (US facility) and other intel operators surveilling Australians?
Snowden, PRISM, and Surveillance: an Aftermath
In the wake of Edward Snowden’s leaked information about government surveillance activities, Congress passed a law restricting some of the actions of US intelligence agencies. This law, known as the USA Freedom Act, was a valiant attempt to rein in excesses of the National Security Agency (NSA).
As part of Internet Privacy week, Namecheap is exploring different topics relating to online privacy. Below we’ll examine the USA Freedom Act and what it accomplished, as well as what still needs to be done to protect American privacy rights.
What is the USA Freedom Act?
The USA Freedom Act was signed into law by President Barack Obama on June 2, 2015.
It is a modified reauthorization of the USA Patriot Act and was passed in response to the leak of classified documents by Edward Snowden exposing details of various government surveillance programs.
Domestic Surveillance and PRISM
As we explored in the article Why Edward Snowden Matters, we now know a great deal more about US surveillance efforts thanks to the actions of a young NSA contractor.
In 2013, Edward Snowden’s concerns over US surveillance activities led him to release thousands of documents exposing the United States’ and several of its allies’ efforts to spy on their own citizens. In particular, Snowden’s leaks revealed that the National Security Agency and other intelligence agencies were monitoring domestic communications using a program known as PRISM.
PRISM enables the NSA to obtain data from multiple private Internet companies, including the content of emails and instant messages, photographs, and videos. Furthermore, the NSA created a system for cataloguing the surveillance data it has collected, ominously known as Boundless Informant, and used data mining procedures to analyze all of the records.
PRISM and Boundless Informant are able to track and record nearly every aspect of people’s online activity without obtaining a warrant. The NSA has reportedly been able to collect contact lists from private email accounts all over the world, search the content of email messages sent into and out of the U.S., and track the location of cell phones anywhere in the world.
The NSA Bulk Collection Program
These surveillance programs were created to collect information on people outside the United States, but the Snowden leaks also revealed that many of the NSA’s activities are directed at U.S citizens. For example, a “bulk collection program” by the NSA involved the collection of massive amounts of telecommunication metadata for telephone calls within the U.S.
This metadata does not include the actual content of a call, like a wiretap might provide. Instead, it includes information like phone numbers and the time and duration of calls.
Even without the substance of the call, the sheer volume of information collected by the NSA through this program gives it an unprecedented ability to track people’s interactions and movements.
Is Domestic Surveillance Legal?
Yes and no.
The NSA claimed the authority to collect telecommunication metadata in bulk through Section 215 of the Patriot Act, the sweeping national security law passed by Congress shortly after the September 11, 2001 terrorist attacks. This clause gave the federal government broad authority to obtain a wide range of information, including “books, records, papers, documents, and other items,” with very little oversight.
However, the law states that the law may not be used against U.S. citizens who are exercising their First Amendment rights. This led to numerous critics arguing that the NSA routinely exceeded its authority, such as by:
- Collecting records of nearly every telephone call made within the United States during periods lasting weeks or longer; and
- Using the PRISM program to obtain massive amounts of information about email, text, and other communications from internet and telecommunications companies, all without search warrants
What Does the USA Freedom Act Do?
The success of the USA Freedom Act gave privacy advocates reason to cheer, but they remain wary.
While the law effectively eliminated the statutory provision used by the NSA to justify its bulk metadata collection program, ending one type of domestic surveillance, there are other laws that still allow for domestic surveillance.
For example, the Reagan-era Executive Order 12333 authorizes the collection of telephone and electronic communications in other countries by U.S. intelligence agencies. Domestic surveillance was never the intent of this order. Still, it reportedly allows the NSA to capture information about communications that take place within the U.S., once again without a warrant, if the communication is stored on servers in other countries.
In a recent positive development, a federal court sided with Microsoft in its refusal to comply with an FBI subpoena for communications records stored on servers in Ireland.
Several other federal laws could still allow the NSA to resume surveillance on American citizens. For example, Section 702 of the Foreign Intelligence Surveillance Act (FISA) potentially allows mass surveillance of domestic communications. FISA is up for reauthorization in 2017.
Protect Your Privacy
Despite efforts across the globe, Internet privacy remains elusive. Because so much of the NSA’s activities happen outside of public (or even Congressional) scrutiny, Americans and people all around the world must continue to push for transparency and fairness, and to demand a balance between privacy and security.
It requires, in the words of Thomas Jefferson, “eternal vigilance.”
Join Namecheap in the call to strengthen laws and policy dealing with Internet privacy.
With Internet Privacy Week (Oct. 18-24), we will offer more information about government surveillance as well as how private companies track your data.
By signing our Internet Privacy Bill of Rights we encourage you to take a stand for Internet privacy for all.
Follow Namecheap on Twitter and Facebook and sign up for our newsletter (in the sidebar) to learn more about Internet Privacy Week and how you help hold companies accountable for privacy.
David C. Wells is an Austin, Texas-based writer and blogger. He was a lawyer for nine years, and while he no longer practices law, the experience helped make him a better writer. Also, he still sometimes gets to play a lawyer on the Internet. David is also a dog caretaker, an improviser and actor, an avid comic book reader, and a proud husband.
In the public interest.
The video below is essential viewing. It is entitled Age of Surveillance Capitalism: “We Thought We Were Searching Google, But Google Was Searching Us”. Author Shoshana Zuboff worked on the book for 7 years. The biggest revelation is to understand we are entering the 21st century with a new domain of social inequality.
Author Shoshana Zuboff, professor emeritus at Harvard Business School, discusses her new book, “The Age of Surveillance Capitalism: The Fight for a Human Future at the New Frontier of Power”. She points out that capitalism has historically been based on labor as the key economic driver. Now the marketplace is mining data derived from our personal experiences. High tech firms such as Amazon, Facebook and Google then sell it to third parties without regard to our wellbeing. She argues that our democracy is at risk.
“We are told that if we have nothing to hide then we have nothing to fear. The fact is ,what they don’t tell us is and what we are forgetting is that if we have nothing to hide then we are nothing… Because everything about us that makes us our unique identities that gives us…our sense of freedom of will and action and right to our own futures…is our private realm and is intended to be private..and turns us into people who assert moral autonomy, an essential element of a democratic society.”
5G will greatly expand surveillance and privacy threats as our every move will be digitized. (refer link below video)
Note: I do not give permission for my data to be gathered, my private life to be profiled or using data to create predictive products. I am concerned about the asymmetries and inequality in this type of knowledge. In the wrong hands I believe we are looking at totalitarianism full spectrum dominance. This video has confirmed my instincts and inner feeling was correct.
- Facebook is referred to as digital gangsters and there is a concern given the lack of regulation. Some notes have been produced below from the author’s comments.
- Surveillance Capitalism requires a social response to interrupt this economic logic globally. It has been put it on a collision course with democracy. It is not the same as technology. It is about predicting our behaviour and influencing behaviour towards commercial outcomes.
- The digital media; devices, phones, laptops, sensors, facial recognition, smart dishwater, smart tv set, smart car, smart city – all of this digital infrastructure now has been taken by surveillance capitalism as a way to nudge, tune and herd our behaviour towards its guaranteed outcomes. It does it this with subliminal cues. It is highly scientific process. It does in ways it is outside of our awareness, no right of come back, we cannot resist, we cannot say no and we cannot exit. This is what the author calls a global means of behavioural modification.
- This great digital architecture that we built in order to be emancipatory and life giving process for us, help us in our lives has how now become commandeered by surveillance capitalism, as a means to modify our behaviour towards its commercial ends, which is a direct assault on: human autonomy, our decision rights and notion of individual sovereignty.
- She states, back in the 1970s a senate committee including Edward Kennedy and Sam Rubin they met for months, they decided that behavioural modification was a pernicious action, it was a complete was a defiance of democratic principles. They decided that no federal money would fund any program based on behavioural modification in schools, prisons and hospitals.
- Today, 2019 we have spent the last 2 decades, as democracy slept the private sector under the aegis of surveillance capitalism, has been able to command the digital to create a literally ubiquitous means of behavioural modification, without anyone saying no, without most of us noticing or understanding what has occurred.
- We have been fed a lot of lies, euphemism and misdirection, these are the strategies that allowed surveillance capitalism. We are in the regime of a economic logic. We going backwards through the looking glass and come out in a place called reality where we start to see clearly...
- The services are not free. We think the services are free, they think we are free, we are not the product, they understand that we are not the product we are the free source of raw material like elephant tusks (poachers). Everything about us, what our problems are, real needs are, our real concerns, everything about us is ignored. They have no interest in us, doesn’t matter if we are happy or sad. It only matters that we do things so they can scape the experience and turn into data…
- Few other interesting lies she says…We think we are searching Google, Google is searching us. We think the companies have privacy policies those policies are surveillance policies. We are told if we have nothing to hide we have nothing to fear. The fact is – what they don’t tell us, what we are forgetting that if you have nothing to hide then you are nothing. Everything about us that makes us our unique identities, gives us our individual spirit, our personality our sense of freedom of will, freedom action, sense of a right to our own futures, comes from WITHIN. inner resources, that is our private realms… people who assert moral autonomy, essential element of a flourishing democratic society.
- We are further informed about apps and how they use our data.
This is recommended viewing IN THE PUBLIC INTEREST.
Another important link in the public interest from Physicians for safe technology.