• Buro Jansen & Janssen is een onderzoeksburo dat politie, justitie, inlichtingendiensten, de overheid in Nederland en Europa kritisch volgt. Een grond-rechten kollektief dat al 30 jaar publiceert over uitbreiding van repressieve wetgeving, publiek-private samenwerking, bevoegdheden, overheids-optreden en andere staatsaangelegenheden.
    Buro Jansen & Janssen Postbus 10591, 1001EN Amsterdam, 020-6123202, 06-34339533, signal +31684065516, info@burojansen.nl (pgp)
    Steun Buro Jansen & Janssen. Word donateur, NL43 ASNB 0856 9868 52 of NL56 INGB 0000 6039 04 ten name van Stichting Res Publica, Postbus 11556, 1001 GN Amsterdam.

  • Categorieën

  • Greenwald’s Interpretation of BOUNDLESSINFORMANT NSA Documents Is Oftentimes Wrong

    For those of us who know something about the National Security Agency (NSA) and who have at the same time been closely following the drip-drop page-at-a-time disclosures of NSA documents by Glenn Greenwald and Laura Poitras, this has been an enormously frustrating time. Many of the recent headlines in the newspapers, especially in Europe, promise much, but when you do a tear-down analysis of the contents there is very little of substance there that we did not already know. Last week’s expose by the Dutch newspaper NRC Handelsblad was just such an example, where with one single example everything that the newspaper claimed was brand new had (in fact) been published 17 years earlier by Dutch historian Dr. Cees Wiebes. Ah, what we do to sell newspapers.

    There should also be tighter fact-checking by the newspapers of their interpretation of the information that they are being spoon-fed before they rush to print.

    For instance, over the past month or so we have been fed once-a-week articles from newspapers France, Germany, Spain, Norway and now the Netherlands (does anyone see a pattern here) all based on a single NSA document from the agency’s BOUNDLESSINFORMANT database of metadata intercepts for a 30-day period from December 2012 to January 2013. The newspaper headlines all have claimed that the BOUNDLESSINFORMANT revealed that NSA was intercepting the telephone and internet communications of these countries. But an analysis of the SIGINT Activity Designators (SIGADs) listed in these documents reveals that NSA was not intercepting these communications, but rather the host nation intelligence services – to whit the BND in Germany, DGSE in France, the FE in Norway and the MIVD in the Netherlands. These agencies have secretly been proving this metadata material to NSA, although it is not known for how long.

    There are other factual problems with the interpretation that has been placed on these documents. It really would be nice if the individuals using these materials do a little research into NSA operational procedures before leaping to conclusions lest they be further embarrassed in the future by mistakes such as this.

    I am not the only person who has noted some of these glaring mistakes being made by the authors of the recent newspaper articles based on the BOUNDLESSINFORMANT document. Here is an insightful study done by a Dutch analyst who has been closely following the materials being leaked:

    Screenshots from BOUNDLESSINFORMANT can be misleading

    electrospaces.blogspot.nl

    November 23, 2013

    Over the last months, a number of European newspapers published screenshots from an NSA tool codenamed BOUNDLESSINFORMANT, which were said to show the number of data that NSA collected from those countries.

    Most recently, a dispute about the numbers mentioned in a screenshot about Norway urged Snowden-journalist Glenn Greenwald to publish a similar screenshot about Afghanistan. But as this article will show, Greenwald’s interpretation of the latter was wrong, which also raises new questions about how to make sense out of the screenshots about other countries.

    Norway vs Afghanistan

    On November 19, the website of the Norwegian tabloid Dagbladet published a BOUNDLESSINFORMANT screenshot which, according to the paper, showed that NSA apparently monitored 33 million Norwegian phone calls (although actually, the NSA tool only presents metadata).

    The report by Dagbladet was almost immediatly corrected by the Norwegian military intelligence agency Etteretningstjenesten (or E-tjenesten), which said that they collected the data “to support Norwegian military operations in conflict areas abroad, or connected to the fight against terrorism, also abroad” and that “this was not data collection from Norway against Norway, but Norwegian data collection that is shared with the Americans”.

    Earlier, a very similar explanation was given about the data from France, Spain and Germany. They too were said to be collected by French, Spanish and German intelligence agencies outside their borders, like in war zones, and then shared with NSA. Director Alexander added that these data were from a system that contained phone records collected by the US and NATO countries “in defense of our countries and in support of military operations”.

    Glenn Greenwald strongly contradicted this explanation in an article written for Dagbladet on November 22. In trying to prove his argument, he also released a screenshot from BOUNDLESSINFORMANT about Afghanistan (shown down below) and explained it as follows:
    “What it shows is that the NSA collects on average of 1.2-1.5 million calls per day from that country: a small subset of the total collected by the NSA for Spain (4 million/day) and Norway (1.2 million).

    Clearly, the NSA counts the communications it collects from Afghanistan in the slide labeled «Afghanistan» — not the slides labeled «Spain» or «Norway». Moreover, it is impossible that the slide labeled «Spain» and the slide labeled «Norway» only show communications collected from Afghanistan because the total collected from Afghanistan is so much less than the total collected from Spain and Norway.”

    Global overview

    But Greenwald apparently forgot some documents he released earlier:

    Last September, the Indian paper The Hindu published three less known versions of the BOUNDLESSINFORMANT global overview page, showing the total amounts of data sorted in three different ways: Aggregate, DNI and DNR. Each results in a slightly different top 5 of countries, which is also reflected in the colors of the heat map.

    In the overall (aggregated) counting, Afghanistan is in the second place, with a total amount of over 2 billion internet records (DNI) and almost 22 billion telephony records (DNR) counted:

    The screenshot about Afghanistan published by Greenwald only shows information about some 35 million telephony (DNR) records, collected by a facility only known by its SIGAD US-962A5 and processed or analysed by DRTBox. This number is just a tiny fraction of the billions of data from both internet and telephone communications from Afghanistan as listed in the global overview.

    Differences

    With these big differences, it’s clear that this screenshot about Afghanistan is not showing all data which NSA collected from that country, not even all telephony data. The most likely option is that it only shows metadata from telephone communications intercepted by the facility designated US-962A5.

    That fits the fact that this SIGAD denotes a sub- or even sub-sub-facility of US-962, which means there are more locations under this collection program. Afghanistan is undoubtedly being monitored by numerous SIGINT collection stations and facilities, so seeing only one SIGAD in this screenshot proves that it can never show the whole collection from that country.

    This makes that Greenwald’s argument against the data being collected abroad is not valid anymore (although there maybe other arguments against it). Glenn Greenwald was asked via Twitter to comment on the findings of this article, but there was no reaction.

    More questions

    The new insight about the Afghanistan data means that the interpretation of the screenshots about other countries can be wrong too. Especially those showing only one collection facility, like France, Spain and Norway (and maybe also Italy and The Netherlands), might not be showing information about that specific country, but maybe only about the specific intercept location.

    This also leads to other questions, like: are this really screenshots (why is there no classification marking)? Are they part of other documents or did Snowden himself made them? And how did he make the selection: by country, by facility, or otherwise?

    There are many questions about NSA capabilities and operations which Snowden cannot answer, but he can answer how exactly he got to these documents and what their proper context is. Maybe Glenn Greenwald also knows more about this, and if so, it’s about time to tell that part of the story too.

    Matthew M. Aid is the author of Intel Wars: The Secret History of the Fight Against Terror (January 2012) and The Secret Sentry, the definitive history of the National Security Agency. He is a leading intelligence historian and expert on the NSA, and a regular commentator on intelligence matters for the New York Times, the Financial Times, the National Journal, the Associated Press, CBS News, National Public Radio (NPR) and many others. He lives in Washington, DC.

    November 24, 2013

    Find this story at 24 November 2013

    NRC over NSA

    Een van de elementen op de kaart van de NRC van zaterdag zijn de rode stippen die de vestigingen van SCS aangeven. Dat bestand is hetzelfde als dat van de kaart in Spiegel, waarvan een ongecensureerde versie  beschikbaar is bij Cryptome.

    Die kaart is uit augustus 2010. Als je de kaarten naast elkaar legt kom je een eind bij het vaststellen welke plaatsen NRC zwart heeft gemaakt. Wat betreft Europa kom je dan bijv. op het rijtje Bakoe, Kiev, Madrid , Moskou en
    Tblisi.

    x-keyscore servers op Cryptome

    SCS sites op Cryptome

    NRC driver 1

    Europeans Shared Spy Data With U.S.; Phone Records Collected Were Handed Over to Americans to Help Protect Allied Troops in War Zones

    Millions of phone records at the center of a firestorm in Europe over spying by the National Security Agency were secretly supplied to the U.S. by European intelligence services—not collected by the NSA, upending a furor that cast a pall over trans-Atlantic relations.

    Widespread electronic spying that ignited a political firestorm in Europe was conducted by French and European intelligence services and not by the National Security Agency, as was widely reported in recent days. Adam Entous reports on the News Hub. Photo: AP.

    The revelations suggest a greater level of European involvement in global surveillance, in conjunction at times with the NSA. The disclosures also put European leaders who loudly protested reports of the NSA’s spying in a difficult spot, showing how their spy agencies aided the Americans.

    The phone records collected by the Europeans—in war zones and other areas outside their borders—were shared with the NSA as part of efforts to help protect American and allied troops and civilians, U.S. officials said.

    European leaders remain chagrined over revelations that the U.S. was spying on dozens of world leaders, including close allies in Europe. The new disclosures were separate from those programs.

    But they nevertheless underline the complexities of intelligence relationships, and how the U.S. and its allies cooperate in some ways and compete in others.
    More
    NSA Said to View 23 Countries Closer U.S. Intelligence Partners Than Israel
    Senate to Review All U.S. Spying
    Spying Revelations Add Hurdle to U.S.-EU Trade Talks
    Germany Warns of Repercussions from U.S. Spying
    Obama Unaware as NSA Spied on World Leaders

    “That the evil NSA and the wicked U.S. were the only ones engaged in this gross violation of international norms—that was the fairy tale,” said James Lewis, a former State Department official, now a technology-policy specialist at the Center for Strategic and International Studies. “It was never true. The U.S’s behavior wasn’t outside the norm. It is the norm.”

    Consecutive reports in French, Spanish and Italian newspapers over the past week sparked a frenzy of finger-pointing by European politicians. The reports were based on documents leaked by former NSA contractor Edward Snowden and purportedly showed the extent to which the NSA sweeps up phone records in those countries.

    France’s Le Monde said the documents showed that more than 70 million French phone records between early December 2012 and early January 2013 were collected by the NSA, prompting Paris to lodge a protest with the U.S. In Spain, El Mundo reported that it had seen NSA documents that showed the U.S. spy agency had intercepted 60.5 million Spanish phone calls during the same time period.

    U.S. officials initially responded to the reports by branding them as inaccurate, without specifying how. On Tuesday, The Wall Street Journal reported that the data cited by the European news reports wasn’t collected by the NSA, but by its European partners.

    U.S. officials said the data was provided to the NSA under long-standing intelligence sharing arrangements.

    In a congressional hearing Tuesday, the National Security Agency director, Gen. Keith Alexander, confirmed the broad outlines of the Journal report, saying that the specific documents released by Mr. Snowden didn’t represent data collected by the NSA or any other U.S. agency and didn’t include records from calls within those countries.
    Phone Trouble

    Politicians have reacted to recent disclosures about U.S. surveillance programs based on leaks from former National Security Agency contractor Edward Snowden.
    View Graphics

    He said the data—displayed in computer-screen shots—were instead from a system that contained phone records collected by the U.S. and North Atlantic Treaty Organization countries “in defense of our countries and in support of military operations.”

    He said the conclusion that the U.S. collected the data “is false. And it’s false that it was collected on European citizens. It was neither.”

    The U.S. until now had been silent about the role of European partners in these collection efforts so as to protect the relationships.

    French officials declined to comment.

    A Spanish official said that Spain’s intelligence collaboration with the NSA has been limited to theaters of operations in Mali, Afghanistan and certain international operations against jihadist groups. The so-called metadata published in El Mundo was gathered during these operations, not in Spain.

    The Italian Embassy in Washington didn’t immediately respond to a request for comment.

    The revelations that the phone data were collected by European intelligence services rather than NSA could spark a backlash against the same politicians who had been pointing their fingers at the U.S.—although that response could be tempered by assurances that the data were collected abroad and not domestically.

    A U.S. analysis of the document published by Le Monde concluded the phone records the French had collected were actually from outside of France, then were shared with the U.S. The data don’t show that the French spied on their own people inside France.

    U.S. intelligence officials said they hadn’t seen the documents cited by El Mundo, but that the data appear to come from similar information the NSA obtained from Spanish intelligence agencies documenting their collection efforts abroad.

    At Tuesday’s House Intelligence Committee hearing, lawmakers also pressed Gen. Alexander and the Director of National Intelligence James Clapper on the NSA’s tapping of world leaders’ phone conversations, including German Chancellor Angela Merkel.

    Asked whether U.S. allies spy on the U.S., Mr. Clapper said, “Absolutely.”

    Rep. Adam Schiff (D., Calif.) asked why Congress hadn’t been informed when U.S. spies tapped a world leader’s telephone. Mr. Clapper said Congress isn’t told about each and every “selector,” the intelligence term for a phone number or other information that would identify an espionage target.

    “Not all selectors are equal,” Mr. Schiff responded, especially “when the selector is the chancellor of an allied nation.”

    The Wall Street Journal reported Monday that President Barack Obama didn’t know about NSA’s tapping of Ms. Merkel’s phone—which stretched back as far as 2002—until a review this summer turned it up.

    Mr. Clapper said that intelligence agencies follow the priorities set by the president and key departments, but they don’t necessarily provide top officials with details on how each requirement is being fulfilled.

    The White House does, however, see the final product, he said.

    Reporting to policy makers on the “plans and intentions” of world leaders is a standard request to intelligence agencies like the NSA, Mr. Clapper said. The best way to understand a foreign leader’s intentions, he said, is to obtain that person’s communications.

    Privately, some intelligence officials disputed claims that the president and top White House officials were unaware of how such information is obtained.

    “If there’s an intelligence report that says the leader of this country is likely to say X or Y, where do you think that comes from?” the official said.

    The House Intelligence Committee chairman, Rep. Mike Rogers (R., Mich.) remained a staunch defender of the NSA’s operations.

    “I am a little concerned about where we are—that we’ve decided that we’re going to name our intelligence services at the earliest opportunity as the bad guys in the process of trying to collect information lawfully and legally, with the most oversight that I’ve ever seen,” he said. “We’re the only intelligence service in the world that is forced to go to a court before they even collect on foreign intelligence operations, which is shocking to me.”

    —Christopher Bjork in Madrid and Stacy Meichtry in Paris contributed to this article.

    By Adam Entous and Siobhan Gorman connect
    Updated Oct. 29, 2013 7:31 p.m. ET

    Find this story at 29 October 2013

    ©2013 Dow Jones & Company, Inc.

    Europe shared spy data with US; Europe spy services ‘shared phone data’

    The NSA says European spy services shared phone data with it, and reports alleging otherwise are ‘false’.

    MILLIONS of phone records at the centre of a firestorm in Europe over spying by the National Security Agency were secretly supplied to the US by European intelligence services – not collected by the NSA, upending a furore that cast a pall over trans-Atlantic relations.

    The revelations suggest a greater level of European involvement in global surveillance, in conjunction at times with the NSA. The disclosures also put European leaders who loudly protested reports of the NSA’s spying in a difficult spot, showing how their spy agencies aided the Americans.

    The phone records collected by the Europeans – in war zones and other areas outside their borders – were shared with the NSA as part of efforts to help protect American and allied troops and civilians, US officials said.

    European leaders remain chagrined over revelations that the US was spying on dozens of world leaders, including close allies in Europe.

    The new disclosures were separate from those programs, but they underline the complexities of intelligence relationships, and how the US and its allies co-operate in some ways and compete in others.

    “That the evil NSA and the wicked US were the only ones engaged in this gross violation of international norms -that was the fairy tale,” said James Lewis, a former State Department official, now a technology-policy specialist at the Centre for Strategic and International Studies.

    “It was never true. The US’s behaviour wasn’t outside the norm. It is the norm.”

    Consecutive reports in French, Spanish and Italian newspapers over the past week sparked a frenzy of finger-pointing by European politicians. The reports were based on documents leaked by former NSA contractor Edward Snowden and purportedly showed the extent to which the NSA sweeps up phone records in those countries.

    France’s Le Monde said the documents showed that more than 70 million French phone records between early December last year and early January this year were collected by the NSA, prompting Paris to lodge a protest with the US. In Spain, El Mundo reported that it had seen NSA documents that showed the US spy agency had intercepted 60.5 million Spanish phone calls during the same time period.

    US officials initially responded to the reports by branding them as inaccurate, without specifying how. Late yesterday, The Wall Street Journal reported that the data cited by the European news reports wasn’t collected by the NSA but by its European partners.

    US officials said the data was provided to the NSA under long-standing intelligence sharing arrangements.

    Hours later, in a congressional hearing, the National Security Agency director, General Keith Alexander, confirmed the broad outlines of the Journal report, saying the specific documents released by Mr Snowden didn’t represent data collected by the NSA or any other US agency and didn’t include records from calls within those countries.

    He said the data, displayed in computer-screen shots, was instead from a system that contained phone records collected by the US and NATO countries “in defence of our countries and in support of military operations”.

    He said conclusions the US collected the data were “false. And it’s false that it was collected on European citizens. It was neither.”

    The US until now had been silent about the role of European partners in these collection efforts to protect the relationships. French officials declined to comment.

    A Spanish official said Spain’s intelligence collaboration with the NSA has been limited to theatres of operations in Afghanistan, Mali and international operations against jihadist groups. The data published in El Mundo was gathered during these operations, not in Spain.

    At yesterday’s house intelligence committee hearing, politicians pressed General Alexander and Director of National Intelligence James Clapper on the NSA’s tapping of world leaders’ phone conversations, including the German Chancellor, Angela Merkel.

    Asked whether US allies spy on the US, Mr Clapper said: “Absolutely.”

    Democrat congressman Adam Schiff asked why congress had not been informed when US spies tapped a world leader’s telephone.

    Mr Clapper said congress wasn’t told about each and every “selector”, the intelligence term for a phone number or other information that would identify an espionage target.

    “Not all selectors are equal,” Mr Schiff responded, especially “when the selector is the chancellor of an allied nation.”

    Mr Clapper said intelligence agencies followed the priorities set by the President and key departments, but did not necessarily provide top officials with details on how each requirement was being fulfilled.

    The White House did, however, see the final product, he said.

    Reporting to policymakers on the “plans and intentions” of world leaders was a standard request to intelligence agencies such as the NSA, Mr Clapper said, and the best way to understand a foreign leader’s intentions was to obtain their communications.

    Privately, some intelligence officials disputed claims that the President and top White House officials were unaware of how such information was obtained.

    “If there’s an intelligence report that says the leader of this country is likely to say X or Y, where do you think that comes from?” the official said

    Adam Entous and Siobhan Gorman
    The Wall Street Journal
    October 31, 2013 12:00AM

    Find this story at 31 October 2013

    © www.theaustralian.com.au

    NSA spy row: France and Spain ‘shared phone data’ with US

    Spain and France’s intelligence agencies carried out collection of phone records and shared them with NSA, agency says

    European intelligence agencies and not American spies were responsible for the mass collection of phone records which sparked outrage in France and Spain, the US has claimed.

    General Keith Alexander, the head of the National Security Agency, said reports that the US had collected millions of Spanish and French phone records were “absolutely false”.

    “To be perfectly clear, this is not information that we collected on European citizens,” Gen Alexander said when asked about the reports, which were based on classified documents leaked by Edward Snowden, the former NSA contractor.

    Shortly before the NSA chief appeared before a Congressional committee, US officials briefed the Wall Street Journal that in fact Spain and France’s own intelligence agencies had carried out the surveillance and then shared their findings with the NSA.

    The anonymous officials claimed that the monitored calls were not even made within Spanish and French borders and could be surveillance carried on outside of Europe.
    Related Articles
    GCHQ monitors luxury hotel bookings made by foreign diplomats 17 Nov 2013
    US spy chief defends spying on foreign leaders 30 Oct 2013
    Germany, France and Spain ‘were all spying on citizens’ 01 Nov 2013
    Anger in France over claims that NSA spied on politicians, business leaders as well as terrorists 21 Oct 2013
    NSA spying: US should not be collecting calls on allies, says top senator 28 Oct 2013
    Russia ‘spied on G20 leaders with USB sticks’ 29 Oct 2013

    In an aggressive rebuttal of the reports in the French paper Le Monde and the Spanish El Mundo, Gen Alexander said “they and the person who stole the classified data [Mr Snowden] do not understand what they were looking at” when they published slides from an NSA document.

    The US push back came as President Barack Obama was said to be on the verge of ordering a halt to spying on the heads of allied governments.

    The White House said it was looking at all US spy activities in the wake of leaks by Mr Snowden but was putting a “special emphasis on whether we have the appropriate posture when it comes to heads of state”.

    Mr Obama was reported to have already halted eavesdropping at UN’s headquarters in New York.

    German officials said that while the White House’s public statements had become more conciliatory there remained deep wariness and that little progress had been made behind closed doors in formalising an American commitment to curb spying.

    “An agreement that you feel might be broken at any time is not worth very much,” one diplomat told The Telegraph.

    “We need to re-establish trust and then come to some kind of understanding comparable to the [no spy agreement] the US has with other English speaking countries.”

    Despite the relatively close US-German relations, the White House is reluctant to be drawn into any formal agreement and especially resistant to demands that a no-spy deal be expanded to cover all 28 EU member states.

    Viviane Reding, vice-president of the European Commission and EU justice commissioner, warned that the spying row could spill over and damage talks on a free-trade agreement between the EU and US.

    “Friends and partners do not spy on each other,” she said in a speech in Washington. “For ambitious and complex negotiations to succeed there needs to be trust among the negotiating partners. It is urgent and essential that our US partners take clear action to rebuild trust.”

    A spokesman for the US trade negotiators said it would be “unfortunate to let these issues – however important – distract us” from reaching a deal vital to freeing up transatlantic trade worth $3.3 billion dollars (£2bn) a day.

    James Clapper, America’s top national intelligence, told a Congressional hearing yesterday the US does not “spy indiscriminately on the citizens of any country”.

    “We do not spy on anyone except for valid foreign intelligence purposes, and we only work within the law,” Mr Clapper said. “To be sure on occasions we’ve made mistakes, some quite significant, but these are usually caused by human error or technical problems.”

    Pressure from European leaders was added to as some of the US intelligence community’s key Congressional allies balked at the scale of surveillance on friendly governments.

    Dianne Feinstein, the chair of powerful Senate intelligence committee, said she was “totally opposed” to tapping allied leaders and called for a wide-ranging Senate review of the activities of US spy agencies.

    “I do not believe the United States should be collecting phone calls or emails of friendly presidents and prime ministers,” she said.

    John Boehner, the Republican speaker of the house and a traditional hawk on national security, said US spy policy was “imbalanced” and backed calls for a review.

    Mr Boehner has previously been a staunch advocate of the NSA and faced down a July rebellion by libertarian Republicans who tried to pass a law significantly curbing the agency’s power.

    By Raf Sanchez, Peter Foster in Washington

    8:35PM GMT 29 Oct 2013

    Find this story at 29 October 2013

    © Copyright of Telegraph Media Group Limited 2013

    ‘We didn’t spy on the Europeans, their OWN governments did’, says NSA (but still no apology for tapping German chancellor Merkel’s phone)

    Gen. Keith Alexander, the National Security Agency director, says foreign governments spied on their own people and shared data with the U.S.
    The NSA had been accused of snooping on 130.5 million phone calls in France and Spain, and keeping computerized records
    Sen. Dianne Feinstein said newspapers in Europe ‘got it all wrong’

    Alexander’s denial will fall heavily on the fugitive leaker Edward Snowden and his journalist cohorts, whom the NSA chief said ‘did not understand what they were looking at’
    The National Security Agency’s director flatly denied as ‘completely false’ claims that U.S. intelligence agencies monitored tens of millions of phone calls in France and Spain during a month-long period beginning in late 2012.

    Gen. Keith Alexander contradicted the news reports that said his NSA had collected data about the calls and stored it as part of a wide-ranging surveillance program, saying that the journalists who wrote them misinterpreted documents stolen by the fugitive leaker Edward Snowden.

    And a key Democratic senator added that European papers that leveled the allegations ‘got it all wrong’ with respect to at least two countries – saying that it was those nations’ intelligence services that collected the data and shared it with their U.S. counterparts as part of the global war on terror.

    Protests: (Left to right) NSA Deputy Director Chris Inglis, NSA Director General Keith Alexander and DNI James Clapper look on as a protestor disrupts the Capitol Hill hearing

    National Security Agency Director Gen. Keith Alexander testified Tuesday that the governments of France and Spain conducted surveillance on their own citizens’ phone conversations, and then shared the intelligence data with the U.S.

    On Monday newspapers in three countries published computer-screen images, reportedly provided by Snowden, showing what appeared to be data hoovered up by the United States from European citizens’ phone calls.

    But Alexander testified in a House Intelligence Committee hearing that ’those screenshots that show – or lead people to believe – that we, the NSA, or the U.S., collect that information is false.’

    ‘The assertions by reporters in France, Spain and Italy that NSA collected tens of millions of phone calls are completely false,’ Alexander said.

    According to the French newspaper Le Monde and the Spanish daily El Mundo, the NSA had collected the records of at least 70 million phone calls in France and another 60.5 million in Spain between December and January.

    Italy’s L’Espresso magazine also alleged, with help from Snowden, that the U.S. was engaged in persistent monitoring of Italy’s telecommunications networks.

    General Alexander denied it all.

    ‘To be perfectly clear, this is not information that we collected on European citizens. It represents information that we and our NATO allies have collected in defense of our countries and in support of military operations.’

    Reporters, he added, ‘cite as evidence screen shots of the results of a web tool used for data management purposes, but both they and the person who stole the classified data did not understand what they were looking at.’

    President Barack Obama said he is instituting a complete review of U.S. intelligence procedures in the wake of stinging allegations that the NSA has been peeping on foreign leaders through their phones and email accounts

    California Democratic Sen. Dianne Feinstein, who chairs the Senate Intelligence Committee, said Tuesday that ’the papers got it all wrong on the two programs, France and Germany.’

    ‘This was not the United States collecting on France and Germany. This was France and Germany collecting. And it had nothing to do with their citizens, it had to do with collecting in NATO areas of war, like Afghanistan.’

    Feinstein on Monday called for a complete review of all the U.S. intelligence community’s spying programs, saying that ‘Congress needs to know exactly what our intelligence community is doing.’

    In the weekend’s other intelligence bombshell, the U.S. stood accused of snooping on German Chancellor Angela Merkel’s cell phone and spying on Mexican President Felipe Calderon’s private emails.

    But Director of National Intelligence James Clapper told the committee that spying on foreign leaders is nothing new.

    ‘That’s a hardy perennial,’ he said, ‘and as long as I’ve been in the intelligence business, 50 years, leadership intentions, in whatever form that’s expressed, is kind of a basic tenet of what we are to collect and analyze.’

    ‘It’s one of the first things I learned in intel school in 1963,’ he assured the members of Congress, saying that the U.S. routinely spies on foreign leaders to ascertain their intentions, ‘no matter what level you’re talking about. That can be military leaders as well.’

    Clapper hinted that committee members had been briefed on such programs, saying that in cases where the NSA is surveilling foreign leaders, ’that should be reported to the committee … in considerable detail’ as a ‘significant’ intelligence activity over which Congress has oversight.’

    He added that ‘we do only what the policymakers, writ large, have actually asked us to do.’

    Republican committee chair Mike Rogers of Michigan began the hearing by acknowledging that ‘every nation collects foreign intelligence’ and ’that is not unique to the United States’.

    Clapper pleaded with the panel to think carefully before restricting the government’s ability to collect foreign intelligence, warning that they would be ‘incurring greater risks’ from overseas adversaries.

    Gen. Alexander dispensed with his prepared statement and spoke ‘from the heart,’ saying that his agency would rather ’take the beatings’ from reporters and the public ’than … give up a program’ that would prevent a future attack on the nation.

    The Wall Street Journal reported Tuesday afternoon that other U.S. officials had confirmed Alexander’s version of events, and that the electronic spying in France and Spain was carried out by those nations’ governments.

    The resulting phone records, they said, were then shared with the NSA as part of a program aimed at keeping U.S. military personnel and civilians safe in areas of military conflict.

    None of the nations involved would speak to the Journal about their own level of involvement in a scandal that initially touched only the U.S., but which now promises to embroil intelligence services on a global scale.

    By David Martosko, U.s. Political Editor

    PUBLISHED: 21:45 GMT, 29 October 2013 | UPDATED: 10:59 GMT, 30 October 2013

    Find this story at 29 October 2013

    © Associated Newspapers Ltd

     

    NSA Powerpoint Slides on BOUNDLESSINFORMANT

    These 4 slides are from the powerpoint “BOUNDLESSINFORMANT: Describing Mission Capabilities from Metadata Records.” They include the cover page and pages 3, 5, and 6 of the presentation. The powerpoint, leaked to the Guardian newspaper’s Glenn Greenwald by Edward Snowden, was first released by the Guardian newspaper on June 8, 2013 at this web page: http://www.guardian.co.uk/world/interactive/2013/jun/08/nsa-boundless-informant-data-mining-slides

    Also included with this collection is a “heat map” of parts of the world most subject to surveillance by Boundless Informant. This image was embedded in the Guardian’s story, which described Boundless Informant as “the NSA’s secret tool to track global surveillance data,” which collected “almost 3 billion pieces of intelligence from US computer networks over a 30-day period ending in March 2013.” http://www.theguardian.com/world/2013/jun/08/nsa-boundless-informant-global-datamining

    UNCLASSIFIED//FOR OFFICIAL USE ONLY
    BOUNDLESSINFORMANT – Frequently Asked Questions
    09-06-2012

     

    (U/FOUO) Questions

     

    1) What is BOUNDLESSINFORMANT! What is its purpose?

    2) Who are the intended users of the tool?

    3) What are the different views?

    4) Where do you get your data?

    5) Do you have all the data? What data is missing?

    6) Why are you showing metadata record counts versus content?

    7) Do you distinguish between sustained collect and survey collect?

    8) What is the technical architecture for the tool?

    9) What are some upcoming features/enhancements?

    1 0) How are new features or views requested and prioritized?

    1 1) Why are record counts different from other tools like ASDF and What’s On Cover?

    12) Why is the tool NOFORN? Is there a releasable version?

    13) How do you compile your record counts for each country?

     

    Note: This document is a work-in-progress and will be updated frequently as additional
    questions and guidance are provided.

    1) (U) What is BOUNDLESSINFORMANT? What is its purpose?

    (U//FOUO) BOUNDLESSINFORMANT is a GAO prototype tool for a self-documenting SIGINT
    system. The purpose of the tool is to fundamentally shift the manner in which GAO describes its
    collection posture. BOUNDLESSINFORMANT provides the ability to dynamically describe GAO’s
    collection capabilities (through metadata record counts) with no human intervention and graphically
    display the information in a map view, bar chart, or simple table. Prior to

    BOUNDLESSINFORMANT, the method for understanding the collection capabilities of GAO’s
    assets involved ad hoc surveying of repositories, sites, developers, and/or programs and offices. By
    extracting information from every DNI and DNR metadata record, the tool is able to create a near real-
    time snapshot of GAO’s collection capability at any given moment. The tool allows users to select a
    country on a map and view the metadata volume and select details about the collection against that
    country. The tool also allows users to view high level metrics by organization and then drill down to a
    more actionable level – down to the program and cover term.

    Sample Use Cases

    • (U//FOUO) How many records are collected for an organizational unit (e.g. FORNSAT)?

    • (U//FOUO) How many records (and what type) are collected against a particular country?

    • (U//FOUO) Are there any visible trends for the collection?

    • (U//FOUO) What assets collect against a specific country? What type of collection?

    • (U//FOUO) What is the field of view for a specific site? What countriees does it collect
    against? What type of collection?

    2) (U) Who are the intended users of the tool?

    • (U//FOUO) Mission and collection managers seeking to understand output characteristics
    of a site based on what is being ingested into downstream repositories. .

    (U//FOUO) Strategic Managers seeking to understand top level metrics at the

     

    organization/office level or seeking to answer data calls on NSA collection capability.

    BOUNDLESSINFORMANT – FAQ Page 1 o:

    UNCLASSIFIED//FOR OFFICIAL USE ONLY

     

    UNCLASSIFIED//FOR OFFICIAL USE ONLY

    BOUNDLESSINFORMANT – Frequently Asked Questions

    09-06-2012

    • (U//FOUO) Analysts looking for additional sites to task for coverage of a particular

    technology within a specific country.

    3) What are the different views?

    (U//FOUO) Map View – The Map View is designed to allow users to view overall DNI, DNR, or
    aggregated collection posture of the agency or a site. Clicking on a country will show the collection
    posture (record counts, type of collection, and contributing SIGADs or sites) against that particular
    country in addition to providing a graphical display of record count trends. In order to bin the records
    into a country, a normalized phone number (DNR) or an administrative region atom (DNI) must be
    populated within the record. Clicking on a site (within the Site Specific view) will show the viewshed
    for that site – what countries the site collects against.

    (U//FOUO) Org View – The Organization View is designed to allow users to view the metadata record
    counts by organizational structure (i.e. GAO – SSO – RAM-A – SPINNERET) all the way down to the
    cover term. Since it’s not necessary to have a normalized number or administrative region populated,
    the numbers in the Org View will be higher than the numbers in the Map View.

    (U//FOUO) Similarity View – The Similarity View is currently a placeholder view for an upcoming
    feature that will graphically display sites that are similar in nature. This can be used to identify areas
    for a de-duplication effort or to inform analysts of additional SIGADs to task for queries (similar to
    Amazon’s “if you like this item, you’ll also like these” feature).

     

    4) (U) Where do you get your data?

    (U//FOUO) BOUNDLESSINFORMANT extracts metadata records from GM-PLACE post-
    FALLOUT (DNI ingest processor) and post-TUSKATTIRE (DNR ingest processor). The records are
    enriched with organization information (e.g. SSO, FORNSAT) and cover term. Every valid DNI and
    DNR metadata record is aggregated to provide a count at the appropriate level. See the different views
    question above for additional information.

     

    5) (U) Do you have all the data? What data is missing?

    • (U//FOUO) The tool resides on GM-PLACE which is only accredited up to TS//SI//NOFORN.
    Therefore, the tool does not contain ECI or FISA data.

    • (U//FOUO) The Map View only shows counts for records with a valid normalized number
    (DNR) or administrative region atom (DNI).

    • (U//FOUO) Only metadata records that are sent back to NSA-W through FASCIA or
    FALLOUT are counted. Therefore, programs with a distributed data distribution system (e.g.
    MUSCULAR and Terrestrial RF) are not currently counted.

    • (U//FOUO) Only SIGINT records are currently counted. There are no ELINT or other “INT”
    records included.

    6) (U) Why are you showing metadata record counts versus content?

    (U//FOUO)

    7) (U ) Do you distin g uish between sustained collect and survey collect?

    (U//FOUO) The tool currently makes no distinction between sustained collect and survey collect. This
    feature is on the roadmap.

     

    BOUNDLESSINFORMANT – FAQ Page 2 o:

    UNCLASSIFIED//FOR OFFICIAL USE ONLY

     

    UNCLASSIFIED//FOR OFFICIAL USE ONLY
    BOUNDLESSINFORMANT – Frequently Asked Questions
    09-06-2012

     

    8) What is the technical architecture for the tool?

    Click here for a graphical view of the tool’s architecture

    (U//FOUO) DNI metadata (ASDF), DNR metadata (FASCIA) delivered to Hadoop
    Distributed File System (HDFS) on GM-PLACE

    (U//FOUO) Use Java MapReduce job to transform/filter and enrich FASCIA/ASDF data with
    business logic to assign organization rules to data

    (U//FOUO) Bulk import of DNI/DNR data (serialized Google Protobuf objects) into
    Cloudbase (enabled by custom aggregators)

    (U//FOUO) Use Java web app (hosted via Tomcat) on MachineShop (formerly Turkey Tower)
    to query Cloudbase

    (U//FOUO) GUI triggers queries to CloudBase – GXT (ExtGWT)

     

    9) What are some upcoming features/enhancements?

    • (U//FOUO) Add technology type (e.g. JUGGERNAUT, LOPER) to provide additional
    granularity in the numbers

    (U//FOUO) Add additional details to the Differential view

    (U//FOUO) Refine the Site Specific view

    (U//FOUO) Include CASN information

    (U//FOUO) Add ability to export data behind any view (pddg,sigad,sysid,casn,tech,count)

    (U//FOUO) Add in selected (vs. unselected) data indicators

    (U//FOUO) Include filter for sustained versus survey collection

     

    10) How are new features or views requested and prioritized?

    (U//FOUO) The team uses Flawmill to accept user requests for additional functionality or
    enhancements. Users are also allowed to vote on which functionality or enhancements are most
    important to them (as well as add comments). The BOUNDLESSINFORMANT team will periodically
    review all requests and triage according to level of effort (Easy, Medium, Hard) and mission impact
    (High, Medium, Low). The team will review the queue with the project champion and government
    steering committee to be added onto the BOUNDLESSINFORMANT roadmap.

    1 1) Why are record counts different from other tools like ASDF and What’s On

    Cover?

    (U//FOUO) There are a number of reasons why record counts may vary. The purpose of the tool is to
    provide

     

    BOUNDLESSINFORMANT – FAQ

     

    Page 3 o:

     

    UNCLASSIFIED//FOR OFFICIAL USE ONLY

    July 13, 2012

    Find this story at  txt

    Find this story at jpeg

    Find this story at pdf

    Order of Battle of the CIA-NSA Special Collection Service (SCS)

    The following page from an August 13, 2010 NSA powerpoint presentation on the joint CIA-NSA clandestine SIGINT unit known as the Special Collection Service (SCS) appeared on the Der Spiegel website last week. It has since be replaced by a heavily redacted version of the same page which deletes the locations of all SCS listening posts outside of Europe.

    The page shows the locations of all SCS listening posts around the world as of August 2010, of which 74 were active, 3 were listed as being dormant, 14 were unmanned remote controlled stations, three sites were then being surveyed, and two were listed as being “technical support activities.”

    In Europe, SCS sites were located at Athens and embassy annex, Baku, Berlin, Budapest, RAF Croughton (UK), Frankfurt, Geneva, Kiev, Madrid, Milan, Moscow and embassy annex, Paris, Prague, Pristina, Rome, Sarajevo, Sofia, Tblisi, Tirana, Vienna and embassy annex, and Zagreb.

    In Asia SCS were located at Bangkok and PSA, Beijing, Chengdu, Chiang Mai, Hong Kong, Jakarta, Kuala Lumpur, Manila, Phnom Penh, Rangoon, Shanghai, and Taipei.

    In the Middle East and North Africa (MENA) region, SCS sites were located at Abu Dhabi, Algiers, Amman, Amarah, Ankara, Baghdad and embassy annex, Basrah, Beirut, Benghazi, Cairo, Damascus, Istanbul, Jeddah, Khartoum, Kirkuk, Kuwait City, Manama, Mosul, Riyadh, Sana’a, Sulaymaniyah, Talil(?), “Tehran-in-Exile”, and Tripoli.

    In South Asia, SCS sites were located at one site illegible, Islamabad, Herat, Kabul and embassy annex, Karachi, Lahore, New Delhi, and Peshawar.

    In Africa, SCS sites were located inside the U.S. embassies in Abuja, Addis Ababa, Bamako, Lagos, Nairobi, Monrovia, Kinshasa, Lusaka, and Luanda.

    In Central America and the Caribbean, SCS sites were located at Guadalajara, Guatemala City, Havana, Hermosillo, Managua, Mexico City, Monterrey, Panama City, San Jose, and Tegucigalpa.

    And in South America, SCS sites were located in Brasilia, Bogota, Caracas, La Paz, Merida and Quito.

    Any corrections to the above would be gratefully received.

    Matthew M. Aid is the author of Intel Wars: The Secret History of the Fight Against Terror (January 2012) and The Secret Sentry, the definitive history of the National Security Agency. He is a leading intelligence historian and expert on the NSA, and a regular commentator on intelligence matters for the New York Times, the Financial Times, the National Journal, the Associated Press, CBS News, National Public Radio (NPR) and many others. He lives in Washington, DC.

    October 28, 2013

    Find this story at 28 October 2013

    Der Spiegel pdf 

    Der Spiegel unredacted image

    The Radome Archipelago (1999)

    During the Cold War there were hundreds of secret remote listening posts spread around the globe. From large stations in the moors of Scotland and mountains of Turkey that were complete with golf balllike structures called “radomes” to singly operated stations in the barren wilderness of Saint Lawrence Island between Alaska and Siberia that had only a few antennae, these stations constituted the ground-based portion of the United States Signals Intelligence (SIGINT) System or “USSS.”

    Operated by the supersecret National Security Agency (NSA), these stations were designed to intercept Morse Code, telephone, telex, radar, telemetry, and other signals emanating from behind the Iron Curtain. At one time, the NSA contemplated a worldwide, continuously operated array of 4120 intercept stations. While the agency never achieved that goal, it could still boast of several hundred intercept stations. These included its ground-based “outstations,” which were supplemented by other intercept units located on ships, submarines, aircraft (from U-2s to helicopters), unmanned drones, mobile vans, aerostats (balloons and dirigibles), and even large and cumbersome backpacks.

    With the collapse of the Communist “bloc” and the advent of microwaves, fiber optics, and cellular phones, NSA’s need for numerous ground-based intercept stations waned. It began to rely on a constellation of sophisticated SIGINT satellites with code names like Vortex, Magnum, Jumpseat, and Trumpet to sweep up the world’s satellite, microwave, cellular, and high-frequency communications and signals. Numerous outstations met with one of three fates: they were shut down completely, remoted to larger facilities called Regional SIGINT Operations Centers or “RSOCs,” or were turned over to host nation SIGINT agencies to be operated jointly with NSA.

    However, NSA’s jump to relying primarily on satellites proved premature. In 1993, Somali clan leader Mohammed Farah Aideed taught the agency an important lesson. Aideed’s reliance on older and lower-powered walkie-talkies and radio transmitters made his communications virtually silent to the orbiting SIGINT “birds” of the NSA. Therefore, NSA technicians came to realize there was still a need to get in close in some situations to pick up signals of interest. In NSA’s jargon this is called improving “hearability.”

    As NSA outstations were closed or remoted, new and relatively smaller intercept facilities such as the “gateway” facility in Bahrain, reportedly used for retransmit signals intercepted in Baghdad last year to the U.S. sprang up around the world. In addition to providing NSA operators with fresh and exotic duty stations, the new stations reflected an enhanced mission for NSA economic intelligence gathering. Scrapping its old Cold War A and B Group SIGINT organization, NSA expanded the functions of its W Group to include SIGINT operations against a multitude of targets. Another unit, M Group, would handle intercepts from new technologies like the Internet.

    Many people who follow the exploits of SIGINT and NSA are eager to peruse lists of secret listening posts operated by the agency and its partners around the world. While a master list probably exists somewhere in the impenetrable lair that is the NSA’s Fort Meade, Maryland, headquarters, it is assuredly stamped with one of the highest security classifications in the U.S. intelligence community.  W.M. & J.V.

    The United States SIGINT System (USSS)

    The following list is the best unclassified shot at describing the locations of the ground-based “ears” of the Puzzle Palace. It is culled from press accounts, informed experts, and books written about the NSA and its intelligence partners. It does not include the numerous listening units on naval vessels and aircraft nor those operating from U.S. and foreign embassies, consulates, and other diplomatic missions.

    United States

    NSA Headquarters, Fort Meade, Maryland
    Buckley Air National Guard Ground Base, Colorado
    Fort Gordon, Georgia (RSOC)
    Imperial Beach, California
    Kunia, Hawaii (RSOC)
    Northwest, Virginia
    Sabana Seca, Puerto Rico
    San Antonio, Texas (RSOC)
    Shemya, Alaska -3
    Sugar Grove, West Virginia
    Winter Harbor, Maine
    Yakima, Washington

    Albania

    Durres -6
    Shkoder -6
    Tirana -6

    Ascension Island

    Two Boats -1

    Australia

    Bamaga -6 -7
    Cabarlah -7
    Canberra (Defense Signals Directorate Headquarters) -5
    Harman -7
    Kojarena, Geraldton -1
    Nurunggar -1
    Pearce -1
    Pine Gap, Alice Springs -1
    Riverina -7
    Shoal Bay, Darwin -1
    Watsonia -1

    Austria

    Konigswarte -7
    Neulengbach -7

    Bahrain

    Al-Muharraq Airport -3
    Bosnia and Herzegovina

    Tuzla

    Botswana

    Mapharangwane Air Base

    British Indian Ocean Territory

    Diego Garcia -1

    Brunei

    Bandar Seri Begawan -7

    Canada

    Alert -7
    Gander -7
    Leitrim -1
    Masset -6 -7
    Ottawa [Communications Security Establishment (CSE) Headquarters] -5

    China

    Korla -1 -6
    Qitai -1 -6

    Croatia

    Brac� Island, Croatia -6
    Zagreb-Lucko Airport -7

    Cuba

    Guantanamo Bay

    Cyprus

    Ayios Nikolaos -1

    Denmark

    Aflandshage -7
    Almindingen, Bornholm -7
    Dueodde, Bornholm -7
    Gedser -7
    Hj�rring -7
    L�gumkl�ster -7

    Eritrea

    Dahlak Island -1 (NSA/Israel “8200” site)

    Estonia

    Tallinn -7

    Ethiopia

    Addis Ababa -1

    Finland

    Santahamina -7

    French Guiana

    Kourou -7 (German Federal Intelligence Service station)

    Germany

    Achern -7
    Ahrweiler -7
    Bad Aibling -2
    Bad M�nstereifel -7
    Braunschweig -7
    Darmstadt -7
    Frankfurt -7
    Hof -7
    Husum -7
    Mainz -7
    Monschau -7
    Pullach (German Federal Intelligence Service Headquarters) -5
    Rheinhausen -7
    Stockdorf -7
    Strassburg -7
    Vogelweh, Germany

    Gibraltar

    Gibraltar -7

    Greece

    Ir�klion, Crete

    Guam

    Finegayan

    Hong Kong

    British Consulate, Victoria (“The Alamo”) -7

    Iceland

    Keflavik -3

    India

    Charbatia -7

    Israel

    Herzliyya (Unit 8200 Headquarters) -5
    Mitzpah Ramon -7
    Mount Hermon, Golan Heights -7
    Mount Meiron, Golan Heights -7

    Italy

    San Vito -6
    Sorico

    Japan

    Futenma, Okinawa
    Hanza, Okinawa
    Higashi Chitose -7
    Higashi Nemuro -7
    Kofunato -7
    Miho -7
    Misawa
    Nemuro -7
    Ohi -7
    Rebunto -7
    Shiraho -7
    Tachiarai -7
    Wakkanai

    Korea (South)

    Kanghwa-do Island -7
    Osan -1
    Pyong-dong Island -7
    P’yongt’aek -1
    Taegu -1 -2 -6
    Tongduchon -1
    Uijo�ngbu -1
    Yongsan -1

    Kuwait

    Kuwait

    Latvia

    Ventspils -7

    Lithuania

    Vilnius -7

    Netherlands

    Amsterdam (Technical Intelligence Analysis Center (TIVC) Headquarters)-5
    Emnes -7
    Terschelling -7

    New Zealand

    Tangimoana -7
    Waihopai -1
    Wellington (Government Communications Security Bureau Headquarters -5

    Norway

    Borhaug -7
    Fauske/Vetan -7
    Jessheim -7
    Kirkenes -1
    Randaberg -7
    Skage/Namdalen -7
    Vads� -7
    Vard� -7
    Viksjofellet -7

    Oman

    Abut -1
    Goat Island, Musandam Peninsula -3
    Khasab, Musandam Peninsula -3
    Masirah Island -3

    Pakistan

    Parachinar

    Panama

    Galeta Island -3

    Papua New Guinea

    Port Moresby -7

    Portugal

    Terceira Island, Azores

    Rwanda

    Kigali

    S�o Tom� and Pr�ncipe

    Pinheiro

    Saudi Arabia

    Araz -7
    Khafji -7

    Singapore

    Kranji -7

    Spain

    Pico de las Nieves, Grand Canary Island -7
    Manzanares -7
    Playa de Pals -3
    Rota

    Solomon Islands

    Honiara -7

    Sri Lanka

    Iranawilla

    Sweden

    Karlskrona -7
    Lov�n (Swedish FRA Headquarters) -7
    Musk� -7

    Switzerland

    Merishausen -7
    R�thi -7

    Taiwan:

    Quemoy -7
    Matsu -7
    Shu Lin Kuo -5 (German Federal Intelligence Service/NSA/Taiwan J-3 SIGINT service site)

    Turkey

    Adana
    Agri -7
    Antalya -7
    Diyarbakir
    Edirne -7
    Istanbul -7
    Izmir -7
    Kars
    Sinop -7

    Thailand

    Aranyaprathet -7
    Khon Kaen -1 -3
    Surin -7
    Trat -7

    Uganda

    Kabale
    Galangala Island, Ssese Islands (Lake Victoria)

    United Arab Emirates

    Az-Zarqa� -3
    Dalma� -3
    Ras al-Khaimah -3
    Sir Abu Nuayr Island -3

    United Kingdom:

    Belfast (Victoria Square) -7
    Brora, Scotland -7
    Cheltenham (Government Communications Headquarters) -5
    Chicksands -7
    Culm Head -7
    Digby -7
    Hawklaw, Scotland -7
    Irton Moor -7
    Menwith Hill, Harrogate -1 (RSOC)
    Molesworth -1
    Morwenstow -1
    Westminster, London -7
    (Palmer Street)
    Yemen
    Socotra Island (planned)

    KEY:

    -1 Joint facility operated with a SIGINT partner.

    -2 Joint facility partially operated with a SIGINT partner.

    -3 Contractor-operated facility.

    -4 Remoted facility.

    -5 NSA liaison is present.

    -6 Joint NSA-CIA site.

    -7 Foreign-operated “accommodation site” that provides occasional SIGINT product to the USSS.

    February 24 – March 2, 1999
    by
    jason vest and wayne madsen A Most Unusual Collection Agency

    Find this story at February March 1999

    Copyright 1999 The Village Voice – all rights reserved.

    A Most Unusual Collection Agency; How the U.S. undid UNSCOM through its empire of electronic ears (1999)

    When Saddam Hussein raised the possibility of attacking U.S. planes in Turkey last week, his threats illustrated what many in diplomatic circles regard as an international disgrace the emasculation of the UN by the U.S.

    When UNSCOM, the UN’s arms-inspection group for Iraq, was created in 1991, it drew on personnel who, despite their respective nationalities, would serve the UN. Whatever success UNSCOM achieved, however, was in spite of its multinational makeup. While a devoted group of UN staffers managed to set up an independent unit aimed at finding Saddam’s weapons and ways of concealing them, other countries seeking to do business with sanctions-impaired Iraq notably France and Russia used inspectors as spies for their own ends.

    But what ultimately killed UNSCOM were revelations that the U.S. government had manipulated it by assuming control of its intelligence apparatus last spring (or perhaps even earlier by using the group to slip spies into Iraq) not so much to aid UNSCOM’s mission, but to get information for use in future aerial bombardments. When stories to this effect broke last month, however, there was almost no consistency in descriptions of the agencies involved or techniques used. The New York Times, for example, said only one CIA spy had been sent into Baghdad last March to set up an automated eavesdropping device. Time had multiple Defense Intelligence Agency (DIA) operatives planting bugs around Baghdad throughout 1998. The Wall Street Journal referred to the use of one “device” from the National Security Agency (NSA) last year and “a series of espionage operations used by the U.S. [since] 1996 to monitor the communications” of Saddam and his elite.

    When probing the world of espionage, rarely does a clear picture emerge. But according to a handful of published sources, as well as assessments by independent experts and interviews with current and former intelligence officers, the U.S. government’s prime mover in Iraqi electronic surveillance was most likely a super-secret organization run jointly by the the CIA and the NSA the spy agency charged with gathering signals intelligence (known as SIGINT) called the Special Collection Service. Further, there is evidence to suggest that the Baghdad operation was an example of the deployment of a highly classified, multinational SIGINT agreement one that may have used Australians to help the U.S. listen in months after the CIA failed to realize the U.S. objective of overthrowing Saddam Hussein through covert action.

    According to former UNSCOM chief inspector Scott Ritter, when the U.S. took over the group’s intelligence last year, a caveat was added regarding staffing: only international personnel with U.S. clearances could participate. “This requirement,” says Ritter, “really shows the kind of perversion of mission that went on. The U.S. was in control, but the way it operated from day one was, U.S. runs it, but it had to be a foreigner [with a clearance] operating the equipment.”

    Under the still-classified 1948 UKUSA signals intelligence treaty, eavesdropping agencies of the U.S., United Kingdom, Canada, Australia, and New Zealand share the same clearances. According to Federation of American Scientists intelligence analyst John Pike, this gives the U.S. proxies for electronic espionage: “In the context of UKUSA, think of NSA as one office with five branches,” he says. As UNSCOM demonstrates, though, sometimes the partnership gets prickly; the British, according to Ritter, withdrew their personnel following the U.S.’s refusal to explain “how the data was going to be used.” (According to a longtime British intelligence officer, there was another reason: lingering bad feelings over the NSA’s cracking a secret UN code used by British and French peacekeepers during a Bosnian UN mission.) At this point, says Ritter, he was instructed to ask the Australian government for a “collection” specialist. “We deployed him to Baghdad in July of 1998,” recalls Ritter. “In early August, when I went to Baghdad, he pulled me aside and told me he had concerns about what was transpiring.

    He said there was a very high volume of data, and that he was getting no feedback about whether it was good, bad, or useful. He said that it was his experience that this was a massive intelligence collection operation one that was not in accordance with what UNSCOM was supposed to be doing.”

    In other words, the Australian most likely an officer from the Defence Signals Directorate, Australia’s NSA subsidiary, who was supposed to have been working for the UN may have been effectively spying for the U.S. Stephanie Jones, DSD’s liaison to NSA, did not take kindly to a Voice inquiry about this subject; indeed, despite being reached at a phone number with an NSA headquarters prefix, she would not even confirm her position with DSD. However, a former high-ranking U.S. intelligence official said that such a scenario was probable. “The relationship between the UKUSA partners has always been of enormous value to U.S. intelligence, even when their governments have been on the opposite sides of policy issues,” the official said. “I would not be surprised at all if the Aussies happened to be the ones who actually did this [at U.S. behest].”

    With an intelligence community of over a dozen components, billion-dollar budgets, and cutting-edge technology, the U.S. can cast a wide net, be it with human sources or signals interception. Iraq, however, has presented a special challenge since Saddam’s Ba’ath party took power in 1968. “In Iraq,” says Israeli intelligence expert Amatzai Baram, “you are dealing with what is arguably the best insulated security and counterintelligence operation in the world. The ability of Western or even unfriendly Arab states to penetrate the system is very, very limited.”

    According to the former Cairo station chief of the Australian Secret Intelligence Service (ASIS), the West got this message loud and clear after Iraqi counterintelligence pulled British MI6 case officers off a Baghdad street in the mid ’80s and took them to a warehouse on the outskirts of town. “They had arrayed before them the various agents they had been running,” the exASIS officer told the Australian Broadcasting Corporation in 1994. “There were wires hanging from the rafters in the warehouse. All the men were strung up by wires around their testicles and they were killed in front of the faces of their foreign operators, and they were told, you had better get out and never come back.”

    When UNSCOM was inaugurated in 1991, it quickly became apparent that the organization’s intelligence capability would depend largely on contributions from various UN member countries. According to several intelligence community sources, while the CIA did provide UNSCOM with information, and, later, serious hardware like a U-2 spy plane, the focus of the U.S. intelligence community at the time was on working with anti-Saddam groups in and around Iraq to foment a coup.

    What resulted, as investigative authors Andrew and Patrick Cockburn demonstrate in their just published book Out of the Ashes: The Resurrection of Saddam Hussein, were two of the most colossally bungled CIA covert operations since the Bay of Pigs. While details of one of the failed operations were widely reported, the Cockburns fleshed out details of an arguably worse coup attempt gone awry in June 1996. Iraqi counterintelligence had not only managed to finger most of the suspects in advance, but months before had even captured an encrypted mobile satellite communications device that the CIA gave the plotters. Adding insult to injury, the Cockburns report, Iraqi counterintelligence used the CIA’s own device to notify them of their failure: “We have arrested all your people,” the CIA team in Amman, Jordan, reportedly was told via their uplink. “You might as well pack up and go home.”

    Some UNSCOM staffers first under Russian Nikita Smidovich, later under American Scott Ritter managed to create what amounted to a formidable micro-espionage unit devoted to fulfilling UNSCOM’s mission. Between information passed on from various countries and use of unspecified but probably limited surveillance equipment, the inspectors were gathering a great deal. But in March 1998, according to Ritter, the U.S. told UNSCOM chair Richard Butler of Australia that it wanted to “coordinate” UNSCOM’s intelligence gathering.

    Ritter insists that no U.S. spies under UNSCOM cover could have been operating in Baghdad without his knowledge prior to his resignation in August 1998. However, as veteran spies point out, if they were, Ritter probably wouldn’t have known. A number of sources interviewed by the Voice believe it possible that Special Collection Service personnel may have been operating undercover in Baghdad.

    According to a former high-ranking intelligence official, SCS was formed in the late 1970s after competition between the NSA’s embassy-based eavesdroppers and the CIA’s globe-trotting bugging specialists from its Division D had become counterproductive. While sources differ on how SCS works some claim its agents never leave their secret embassy warrens where they perform close-quarters electronic eavesdropping, while others say agents operate embassy-based equipment in addition to performing riskier “black-bag” jobs, or break-ins, for purposes of bugging “there’s a lot of pride taken in what SCS has accomplished,” the former official says.

    Intriguingly, the only on-the-record account of the Special Collection Service has been provided not by an American but by a Canadian. Mike Frost, formerly of the Communications Security Establishment Canada’s NSA equivalent served as deputy director of CSE’s SCS counterpart and was trained by the SCS. In a 1994 memoir, Frost describes the complexities of mounting “special collection” operations finding ways to transport sophisticated eavesdropping equipment in diplomatic pouches without arousing suspicion, surreptitiously assembling a device without arousing suspicion in his embassy, technically troubleshooting under less than ideal conditions and also devotes considerable space to describing visits to SCS’s old College Park headquarters.

    “It is not the usual sanitorium-clean atmosphere you would expect to find in a top-secret installation,” writes Frost. “Wires everywhere, jerry-rigged gizmos everywhere, computers all over the place, some people buzzing around in three-piece suits, and others in jeans and t-shirts. [It was] the ultimate testing and engineering centre for any espionage equipment.” Perhaps one of its most extraordinary areas was its “live room,” a 30-foot-square area where NSA and CIA devices were put through dry runs, and where engineers simulated the electronic environment of cities where eavesdroppers are deployed. Several years ago, according to sources, SCS relocated to a new, 300-acre, three-building complex disguised as a corporate campus and shielded by a dense forest outside Beltsville, Maryland. Curious visitors to the site will find themselves stopped at a gate by a Department of Defense police officer who, if one lingers, will threaten arrest.

    There are good reasons, explains an old NSA hand, for havingelectronic ears on terra firma in addition to satellites. “If you’re listening to something from thousands of miles up, the footprint to sort through is so huge, and finding what you are looking for is not a simple chore. If you know more or less specifically what you want, it’s easier to get it in close proximity. And if it happens to be a low-powered signal, it may not travel far enough.”

    According to two sources familiar with intelligence activity in Iraq, the U.S. may have been aided by information delivered either to UNSCOM or SCS from Ericsson, the Swedish telecommunications firm. It’s not an unreasonable assumption; though Ericsson brushes off questions about it, in 1996 a Middle Eastern businessman filed suit against the company, claiming, among other things, that it had stiffed him on his commission for brokering a deal between the Iraqis and Ericsson for sensitive defense communications equipment, which, reportedly, included encrypted cell phones.

    Speaking on condition of anonymity, a veteran intelligence official confirmed that the NSA has “arrangements” with other communications firms that allow NSA to access supposedly secure communications, but cooperation from Ericsson would be “a breakthrough despite our best efforts, they always kept their distance. But it’s not beyond the realm of possibility.” (This is not without precedent; though hardly covered in the American press, it has been reported that Switzerland’s Crypto AG long the supplier of cipher equipment to many of the world’s neutral and “rogue” states enjoyed such an “arrangement” with the NSA for decades. Crypto AG denies this.)

    There is, however, another possible scenario regarding participation by Ericsson in an intelligence venture. According to FAS analyst Pike, it’s much more likely that anyone doing intelligence work in Iraq would want a schematic of Baghdad’s telephone system which Ericsson installed in the late ’60s and has subsequently updated. “I would find it to be far more plausible that the U.S. intelligence community would be interested in acquiring, and Ericsson would be interested in supplying, the wiring diagram for Baghdad’s telephone exchange than encryption algorithms for cell phones,” he says.

    Also, he explains, finding ways to tap into a whole phone system or pull short-range signals out of the air without being obvious is clearly SCS’s portfolio. “This type of risky close surveillance is what SCS was formed to do,” he says. “When you think of NSA, you think satellites. When you think CIA, you think James Bond and microfilm. But you don’t really think of an agency whose sole purpose is to get up real close and use the best technology there is to listen and transmit. That’s SCS.”

    Regarding any possible collaboration in Iraq with SCS or UNSCOM, Kathy Egan, Ericsson spokesperson, said she had no information on such an operation, but if there was one, “It would be classified and we would not be able to talk about it.” It’s also possible, according to Mike Frost, that cleverly disguised bugs might have been planted in Baghdad SCS, he recalls, managed to listen in on secured facilities by bugging pigeons. But, says a retired CIA veteran, with UNSCOM effectively dead, bugging is now out of the question. “I hope the take from this op,” he says, “was worth losing the only access the outside world’s disarmament experts had to Iraq.”

    February 24 – March 2, 1999
    by
    jason vest and wayne madsen

    Find this story at February March 1999

    Copyright 1999 The Village Voice