Last month’s revelations about the large-scale program of electronic surveillance by U.S. and U.K. spy agencies have caused some confusion. The details emerged gradually in several long articles chiefly published in the Guardian and the Washington Post. Updates on developing situations in the aftermath of the leaks are still being published. Many things are still unclear, and what we do know is gleaned from gigantic documents written in impenetrable intelligence-speak. This makes it difficult to find out exactly what happened, especially if you are coming in late.
So what happened, then? It started when Edward Snowden, then a technical contractor for the NSA (National Security Agency), approached the Guardian with classified documents describing U.S. surveillance programs in lurid detail. One of the first programs to be publicized was the mass collection of phone call records from Verizon. This was untargeted bulk data mining – records were collected from all U.S. Verizon customers, even if they were not suspected of anything.
The records include information about who called whom at what time. They may also contain information about where the callers were at the time of the conversation. The actual contents of the calls were not recorded. However, especially with sophisticated statistical methods, an intelligence agency can glean a lot from this much data.
This kind of information, known as metadata (information about communications, rather than the communications themselves) is not protected as strictly by U.S. law, and does not require individual warrants to access. The NSA obtained it under a broad court order issued by the Foreign Intelligence Surveillance Court. This court was formed in 1978 to review applications for warrants in national security investigations. It operates in secret, almost never publishes any of its findings or opinions, and in the vast majority of cases has granted requests for warrants.
The most dramatic revelation to come from Snowden’s documents was the Prism program. A top-secret NSA PowerPoint presentation published by the Washington Post mentions two intelligence sources, Prism and Upstream, with a note that says, “You should use both.” Upstream is an initative to collect data directly from the transoceanic fibre-optic Internet cables as it flows past.
Prism, on the other hand, collects data (such as emails or text messages) straight from the servers of nine U.S. service providers: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, and Apple. When the news broke, many of these providers denied any knowledge of the program. An Apple spokesman said the company had “never heard” of Prism, and Google published a statement saying, “Google does not have a back door for the government to access private user data.”
However, when more slides from the presentation were released by the Washington Post, the source of the confusion became clear: the companies in question did not deal directly with the NSA, but provided data to the FBI, who acted as an intermediary.
In theory, Prism does not allow NSA analysts to collect communications between U.S. citizens in the U.S. However, various loopholes allow them to hold onto U.S. communications they have collected by accident.
In late June a new article published by the Guardian showed that Britain’s intelligence agency, the Government Communications Headquarters (GCHQ), was tapping into the trans-Atlantic Internet cables and sharing the data with the NSA in a program known as “Tempora.” GCHQ, which has lighter oversight than the NSA, may be able to take advantage of a legal loophole to collect data on British users. Snowden called the GCHQ’s monitoring “the largest programme of suspicionless surveillance in human history” and characterized GCHQ as “worse than the U.S.”
Both Prism and Tempora involve the collection of complete communications—such as emails, videos, photos, and voice over IP (Skype)—and not just the metadata. Privacy advocates have expressed grave concerns over these and the many other revelations from Snowden’s leaks.
Jameel Jaffer, director of the American Civil Liberties Union’s Center for Democracy, said “The NSA is part of the military. The military has been granted unprecedented access to civilian communications. [ . . . ] That is profoundly troubling to anyone who is concerned about that separation.”