Privacy enthusiasts, including us at Cloudwards.net, were shocked by some of these programs. Here’s a quick look into some of the surveillance schemes that Edward Snowden blew the whistle on back in 2013.
Probably Snowden’s biggest revelation was concerning a program called PRISM, under which the National Security Agency (NSA) accesses emails, documents, photographs and other sensitive users’ data stored in major companies.
Documents leaked by Snowden show that Facebook, Google, Microsoft, Yahoo, PalTalk, AOL, Skype, YouTube and Apple give the NSA direct access to its users’ information. According to the documents, Dropbox also joined this list (one of the many reasons we recommend our readers stick with secure alternatives to this service).
PRISM was launched from the ashes of President George W. Bush’s domestic surveillance programs, which were abandoned due to lawsuits, disclosures in the media and widespread protest.
Due to past controversies, this program was given the legal go-ahead by the U.S. Congress when it passed the Protect America Act in 2007. Also, the FISA Amendments Act of 2008 gave legal immunity to private companies that cooperated voluntarily with U.S Intelligence agencies.
Microsoft became PRISM’s first partner in 2007 and the NSA began collecting vast amounts of data from its servers. Other companies joined the program in due course. In 2008, Congress gave the Justice Department authority to compel a reluctant company to “comply” with the needs of PRISM. This means that even companies that were not willing to join the program voluntarily had to do so at the behest of a court order.
This gave the NSA access to even more information. Soon, PRISM became a leading source of raw material for the NSA, as it accounted for one in every seven intelligence reports. PalTalk, for example, is much smaller when compared to the other companies on the list, but it provided substantial intelligence during the Arab Spring and the ongoing Syrian civil war.
A court order shows that Verizon was ordered to provide the details of all calls, on a daily basis, to the NSA. This included calls that were made within the U.S. as well as between the U.S. and other countries.
This order was granted by the secret Foreign Intelligence Surveillance Court to the FBI on April 25, 2013. Under this order, Verizon has to provide the numbers of both parties on a call, location data, call duration, time of the call, International Mobile Subscriber Identity (IMSI) number and any other unique identifiers.
In addition, the court order explicitly forbids Verizon from disclosing to the public the existence of FISA order or this request from the FBI. The terms of this order complies with the “business records” provision of the Patriot Act.
A report in The Wall Street Journal shows that this court order was sent to AT&T and Sprint Nextel too. This arrangement with the country’s three largest phone companies means that the NSA gets a record of almost every call that is made.
To top it, some documents show that the NSA can crack cellphone encryption, so it can easily decode the content of intercepted calls and messages.
The report also states that the NSA made a similar arrangement with Internet service providers to obtain data about emails and browsing history of all individuals. A recent decision by the U.S. Senate will compound this breach of privacy by ISPs, as they will not just be working with the NSA but also with commercial third parties to sell customer data.
Besides wiretapping and ISP spying, credit card transactions are also cataloged and stored in NSA’s servers for analysis.
The British intelligence agency, the Government Communications Headquarters (GCHQ) works closely with the NSA in a program called Tempora.
Under this program, GCHQ monitors the world’s phone and Internet traffic to gather information on emails, calls, facebook messages and browsing history by tapping directly into the transatlantic fiber optic cables that land on the shores of the UK. All this data and intelligence is shared with the NSA. In fact, more than 850,000 NSA employees and private contractors like Snowden had access to the GCHQ database.
A report shows that in 2012 alone, the GCHQ handled 600 million phone calls a day by tapping into 200 cables. Since each cable can carry 10GB of data per second, this agency had access to about 21 petabytes of data every day.
This collection is legal, as the Regulation of Investigatory Powers Act (RIPA) allows the GCHQ to collect information without a warrant. As a result, Tempora gives the British spying agency the “biggest Internet access” among a coalition called “Five Eyes,” which comprises Australia, Canada and New Zealand, besides the UK and the U.S.
Tailored Access Operations (TAO)
When the NSA is unable to break encryption codes, it uses an elite hacker team called Tailored Access Operations, or TAO for short. This team hacks into computers worldwide and infects them with malware to access the computer’s stored content.
The NSA is believed to use this tactic when it needs detailed information on a specific target or when it’s unable to break an encryption code.
Another surveillance program called Dishfire collects almost 200 million text messages from across the world and uses them to extract data such as location, contact networks and credit card details.
Using this information, the NSA could extract people’s travel plans, financial transactions and more. In addition, another program called “Prefer” conducts an automated analysis of these text messages on all individuals, even those who were not under the suspicion of any illegal activity.
For example, on an average, the NSA was able to extract information related to 1.6 million border crossings and over 800,000 financial transactions through text-to-text payments using “Prefer.”
The NSA is intercepting, recording and storing all calls made in the Bahamas under a program called SOMALGET, a top-secret program that is implemented without the knowledge or consent of the Bahamian government.
A report by The Intercept showed that the U.S. Drug Enforcement Administration opened a backdoor to the country’s cellular network, thereby giving the NSA covert access to all mobile calls. In fact, SOMALGET is a cutting-edge tool that allows the NSA to store the actual content of every conversation, not just the metadata.
This program is a part of a larger program called MYSTIC, under which the U.S is secretly monitoring the telecommunication systems of other countries like Mexico, the Philippines and Kenya.
The NSA is using MYSTIC to gather personal data on mobile calls placed in countries that have a population of more than 250 million people. It is gaining access to these networks through the interception mechanism covertly installed by American companies that operate in these countries. According to some classified documents, the agency is seeking more funding to expand its surveillance program to other countries.
From the above facts it’s clear that the NSA is keeping a constant watch over your activities. With the help of large corporations and lawmakers, the government knows every little thing you do. Even information you access, store and use is recorded in NSA’s facilities, thereby giving you little to no privacy in your everyday life.
Such programs show how surveillance practices have shifted from individual suspicion in favor of a large and systematic practice of collecting mass data. Given this, the onus is on you to protect your privacy in a methodical way.
- First published here – https://www.cloudwards.net/prism-snowden-and-government-surveillance/