• Buro Jansen & Janssen is een onderzoeksburo dat politie, justitie, inlichtingendiensten, de overheid in Nederland en Europa kritisch volgt. Een grond-rechten kollektief dat al 30 jaar publiceert over uitbreiding van repressieve wetgeving, publiek-private samenwerking, bevoegdheden, overheids-optreden en andere staatsaangelegenheden.
    Buro Jansen & Janssen Postbus 10591, 1001EN Amsterdam, 020-6123202, 06-34339533, signal +31684065516, info@burojansen.nl (pgp)
    Steun Buro Jansen & Janssen. Word donateur, NL43 ASNB 0856 9868 52 of NL56 INGB 0000 6039 04 ten name van Stichting Res Publica, Postbus 11556, 1001 GN Amsterdam.

  • Categorieën

  • Ghosts of the NSA Relics of Cold War Spying Dot Germany

    The National Security Agency has long been active in Germany, though much of its spying was conducted against the Eastern Bloc during the Cold War. Today, former listening stations and other facilities dot the German landscape.

    Tracking down traces of the National Security Agency in Germany isn’t particularly difficult. One merely has to head to Berlin and look for the city’s highest point. It can be found in the southwest corner of the city — Teufeslberg, or “Devil’s Mountain.” Made of piled up rubble gathered from Berlin following World War II, the “mountain” rises 115 meters (377 feet) above the nearby waterway known as the Havel.

    In the winter, it is the place where Berliners meet to sled; in the summer it is a haven for mountain bikers and daytrippers. And hobby historians: At the very top of the hill stands the most famous NSA relict in Germany — five gigantic white radar balls. The listening station was used until the end of the Cold War, primarily to spy on the east.

    Teufelsberg used to be part of the NSA’s global espionage network called Echelon, which the US intelligence service used to keep an eye on Moscow. From 1957 to 1991, the NSA maintained a presence on Teufelsberg and eavesdropped on satellite-based telephone conversations, filtered fax reports and analyzed Internet datasets. The NSA was still doing all that in 2013, as SPIEGEL recently reported, but it no longer requires the massive radar towers.

    Desolate and in Disrepair

    Today, the artificial hill looks desolate. When the Americans withdrew, the listening station began to fall into disrepair. The covering on the radomes is torn in many places, and inside the facility weeds are growing out of the debris.

    But it’s not just weather and age that have led the buildings to deteriorate. Shortly after the turn of the century, the government of the city-state of Berlin decided that guarding the empty facility had become too expensive. It then became the target of regular break-ins and vandalism. Rotraud von der Heide, an artist and the curator of the Initiative Teufelsberg, a group seeking to preserve the facility, says, “the facility is totally destroyed because private owners weren’t able to carry out their construction plans, and now the building permits have expired. For the past year-and-a-half, two young people have been leasing it.” Originally, a conference hotel had been envisioned for the site, but those plans ultimately failed.

    Those leasing the site are now responsible for security at the facility. Using revenues generated through frequent tours, they are financing the constant repairs required for the fence surrounding property. “New holes are cut in the fence every night, and we turn trespassers over to the police,” said von der Heide. “Earlier, people had parties in the facility. There were also copper thieves who ripped wires out of the walls. That’s no longer possible now.”

    Big Plans

    The initiative has big plans for the hill. During Germany’s “Day of Open Monuments,” in September, they plan to open the former listening station to the public for three days.

    By then, von der Heide plans to completely transform the area into one giant artwork. “The hill is becoming more and more fantastic. It’s a magical art space that is constantly changing,” the artist says. That’s also a product of anonymous graffiti artists whose paintings cover the massive walls and the insides of the radomes, she says.

    A second NSA listening station in Germany, located some 200 kilometers to the west — represents the opposite extreme. Whereas the Teufelsberg radomes were difficult to ignore, the facility in Schöningen, near Braunschweig, was more hidden. Mayor Henry Bäsecke says that there was an American facility in the nearby forest consisting of “containers and large antennas. But the facility has since been torn down. “There’s nothing left here, and nature is slowly reconquering the property,” Bäsecke says.

    At Least 17 Surveillance Hubs at Cold War Peak

    Some 50 kilometers south of Munich is yet another listening post of note. Bad Aibling the southernmost facility in a chain of such espionage centers operated in Germany by US intelligence agencies. In 1989, shortly before the end of the Cold War, SPIEGEL counted 17 such surveillance hubs. But it’s a figure that may have been even higher. The network extended from the town of Schleswig near the Danish border right down to the edge of the Alps. Most of the facilities were located close to the former border between West and East Germany, as close as possible to the enemy.

    In Bad Aibling, the outsized radomes of the disused listening station also dominate the landscape. In 2004, the Americans left, but Germany’s foreign intelligence agency, the BND, continues to operate nearby. The 17,000 resident city is hard at work transforming the 134 hectare (331 acre) property for civilian use. The community has already turned a small part of the property into sporting facilities, Peter Schmid of the city administration says. Here, local teams play football in the shadows of the radomes. The rest is to be built up by a property developer, with plans for a zero-energy settlement to be constructed.

    Still, the area’s eventful history hasn’t been forgotten. Since 2009, it has hosted an annual electro- and house-music festival that attracted 17,000 fans last year to revel between the radar towers and a former aircraft hangar. The name of the two-day festival recalls the American spy network: The Echelon festival.

    07/05/2013 03:24 PM
    By Johannes Korge

    Find this story at 5 July 2013

    © SPIEGEL ONLINE 2013

    „Prism ist nur die Spitze des Eisbergs“ NSA-Mitarbeiter: BND nutzt seit den 90ern Spähsoftware

    Eine Kuppel der ehemaligen Abhörstation der NSA auf dem Teufelsberg in Berlin
    Der BND und der US-Geheimdienst NSA arbeiten offenbar bereits 20 Jahre bei der Datenspionage zusammen. Einem Medienbericht zufolge wurden entsprechende Spähprogramme schon früher geteilt. Auch Kanzlerin Merkel könnte ausspioniert worden sein.
    Die Zusammenarbeit des Bundesnachrichtendienstes BND und der amerikanischen National Security Agency (NSA) bei der Nutzung von Spähsoftware war offenbar schon in den 1990er-Jahren intensiver als bislang bekannt. In einem Gespräch mit dem Magazin „Stern“ sagte der langjährige NSA-Mitarbeiter William Binney, der BND habe neben „Xkeyscore“ noch ein weiteres NSA-Ausspähprogramm genutzt. Der Entschlüsselungsspezialist arbeitete mehr als 30 Jahre in leitender Funktion bei der NSA und war viele Jahre auch für die technische Zusammenarbeit mit dem BND zuständig.

    Laut Binney soll die Zusammenarbeit im Bereich der Spähsoftware bereits Anfang der 1990er-Jahre begonnen haben. 1999 habe der BND von der NSA den Quellcode zum damals entwickelten Spähprogramm „Thin Thread“ erhalten. „Thin Thread“ sollte die Erfassung und Analyse von Verbindungsdaten wie Telefondaten, E-Mails oder Kreditkartenrechnungen weltweit ermöglichen. „Mein Ziel war es, den Datenverkehr der ganzen Welt zu erfassen“, sagte Binney dem „Stern“. Der BND sei „bis heute einer unserer wichtigsten Partner“.

    Mindestens 50 Spähprogramm lieferten Daten
    Auf der Basis von „Thin Thread“ sei eine Vielzahl von Abhör- und Spähprogrammen entwickelt worden. Eines der wichtigsten davon soll das Dachprogramm „Stellar Wind“ sein, dem nach Angaben von Binney mindestens 50 Spähprogramme Daten zugeliefert haben – auch die durch Edward Snowden bekannt gewordene Software „Prism“ zur direkten Erfassung von Telefon- und Internetdaten bei Telekommunikationsunternehmen.

    „Stellar Wind“ sei mindestens bis 2009, möglicherweise auch bis 2011 im Einsatz gewesen. Es werde heute wahrscheinlich unter anderem Namen fortgeführt, so Binney gegenüber dem Magazin.

    Nach Schätzungen von Binney speichert die NSA mittlerweile zwischen 40 und 50 Billionen Telefonate und E-Mails aus der ganzen Welt, vor allem Verbindungsdaten, aber auch Inhalte. Das von der NSA zurzeit gebaute Datenzentrum in Bluffdale im US-Bundesstaat Utah könne aufgrund seiner Kapazitäten „mindestens 100 Jahre der globalen Kommunikation speichern“, sagte Binney dem „Stern“. „Dieser Ort sollte uns endgültig in Angst und Schrecken versetzen. Die NSA will alles. Jederzeit.“ Er fügte hinzu: „Diese Macht gefährdet unsere Demokratie.“

    Regierungskommunikation im Visier der NSA
    Neben William Binney äußerten sich im „Stern“ zwei weitere ehemalige ranghohe NSA-Mitarbeiter, die zu Whistleblowern wurden: J. Kirk Wiebe, der für die Datenanalyse zuständig war, und Thomas Drake, der zur Führungsebene des Geheimdienstes gehörte. Binney trat im Oktober 2001 aus Protest gegen die NSA-Spähprogramme unter der Regierung von George W. Bush von seinem Posten zurück.
    Die Ex-Geheimdienstler halten es für möglich, dass selbst Daten von Kanzlerin Angela Merkels Handy auf den Servern der NSA landen. „Prism ist nur die Spitze des Eisbergs“, so Drake gegenüber dem „Stern“. „Ihre Kanzlerin könnte sich einmal für das Programm „Ragtime“ interessieren. Es dient unter anderem der Abschöpfung von Regierungskommunikation durch die NSA“. Auch Binney hält das Ausspionieren von Merkels Verbindungsdaten für nicht ausgeschlossen. „Ich würde sogar sagen, dass es durchaus möglich ist“, sagte er dem Magazin.

    Mittwoch, 24.07.2013, 16:59

    Find this story at 24 July 2013

    © FOCUS Online 1996-2013

    BND nutzte bislang unbekanntes NSA-Spähprogramm

    Im stern packen drei Ex-NSA-Mitarbeiter aus: Der BND nutzte seit Anfang der 90er Jahre ein bislang unbekanntes Spähprogramm. Für die Kanzlerin könnte der Begriff “Ragtime” wichtig werden. Von Katja Gloger

    “Hallo, Merkel am Apparat.”: Womöglich landen auf den Servern der NSA auch Handydaten der Kanzlerin. Mit dem Programm “Ragtime” spioniert die NSA Kommunikation von Regierungen aus.
    © Rainer Jensen/DPA/LBN

    Die Zusammenarbeit des Bundesnachrichtendienstes BND und der amerikanischen National Security Agency (NSA) bei der Nutzung von Spähsoftware war offenbar schon in den 90er Jahren intensiver als bislang bekannt. In einem Gespräch mit dem stern sagte der langjährige NSA-Mitarbeiter William Binney, der BND habe neben “Xkeyscore” noch ein weiteres NSA-Ausspähprogramm genutzt. Der Entschlüsselungsspezialist arbeitete mehr als 30 Jahre in leitender Funktion bei der NSA und war viele Jahre auch für die technische Zusammenarbeit mit dem BND zuständig.

    BND hatte den Quellcode

    Laut Binney soll die Zusammenarbeit im Bereich der Spähsoftware bereits Anfang der 90er Jahre begonnen haben. 1999 habe der BND von der NSA den Quellcode zum damals entwickelten Spähprogramm “Thin Thread” erhalten, zu Deutsch “dünner Faden”.

    “Thin Thread” sollte die Erfassung und Analyse von Verbindungsdaten wie Telefondaten, E-Mails oder Kreditkartenrechnungen weltweit ermöglichen. “Mein Ziel war es, den Datenverkehr der ganzen Welt zu erfassen”, so Binney zum stern. Der BND sei “bis heute einer unserer wichtigsten Partner”.

    Auf der Basis von “Thin Thread” wurde eine Vielzahl von Abhör- und Spähprogrammen entwickelt. Eines der wichtigsten davon soll das Dachprogramm “Stellar Wind” (“Sternwind”) sein, dem nach Angaben von Binney mindestens 50 Spähprogramme Daten zugeliefert haben – auch die durch Edward Snowden bekannt gewordene Software “Prism” zur direkten Erfassung von Telefon- und Internetdaten bei Telekommunikationsunternehmen. “Stellar Wind” war mindestens bis 2009, möglicherweise auch bis 2011 im Einsatz. Es werde, so Binney, heute wahrscheinlich unter anderem Namen fortgeführt.
    Neues Datenzentrum kann 100 Jahre der globalen Kommunikation speichern

    Nach Schätzung von Binney speichert die NSA mittlerweile zwischen 40 und 50 Billionen Telefonate und E-Mails aus der ganzen Welt, vor allem Verbindungsdaten, aber auch Inhalte. Das von der NSA zur Zeit gebaute Datenzentrum in Bluffdale im US-Bundesstaat Utah könne aufgrund seiner Kapazitäten “mindestens 100 Jahre der globalen Kommunikation speichern”, sagte Binney dem stern. “Dieser Ort sollte uns endgültig in Angst und Schrecken versetzen. Die NSA will alles. Jederzeit.” Und fügte hinzu: “Diese Macht gefährdet unsere Demokratie.”

    Neben William Binney äußern sich im stern zwei weitere ehemalige ranghohe NSA-Mitarbeiter, die zu Whistleblowern (“Enthüllern”) wurden: J. Kirk Wiebe, der für die Datenanalyse zuständig war, und Thomas Drake, der zur Führungsebene des Geheimdienstes gehörte. Binney trat im Oktober 2001 aus Protest gegen die NSA-Spähprogramme unter der Regierung von George W. Bush von seinem Posten zurück.
    Auch Merkels Handydaten womöglich auf NSA-Servern

    Die Ex-Geheimdienstler halten es für möglich, dass selbst Daten von Kanzlerin Angela Merkels Handy auf den Servern der NSA landen. “Prism ist nur die Spitze des Eisbergs”, so Drake zum stern. “Ihre Kanzlerin könnte sich einmal für das Programm “Ragtime” interessieren. Es dient unter anderem der Abschöpfung von Regierungskommunikation durch die NSA”. Auch Binney hält das Ausspionieren von Merkels Verbindungsdaten für nicht ausgeschlossen: “Ich würde sogar sagen, dass es durchaus möglich ist.”

    24. Juli 2013, 16:51 Uhr

    Find this story at 24 July 2013

    © stern.de

    Skandale, Organisation, Geschichte NSA, Mossad und die verräterische Nackttänzerin – so spionieren die Geheimdienste

    Eine Chronik der Geheimdienstarbeit: Von Meisterspionin Mata Hari bis zur Cyber-Spionage der NSA
    Geheimdienste wie NSA, Mossad oder BND scheinen tun zu können, was sie wollen: Überwachen, ausspionieren, töten – ihre Methoden sind dabei nicht immer legal. FOCUS Online zeigt die interessantesten Geheimdienste der Welt, ihre Organisation, ihre Geschichte, ihre Skandale.
    Die Enthüllungen des ehemaligen Geheimdienstlers Edward Snowden zeigen, wie zügellos und weit verbreitet heute abgehört wird. Dabei richtet sich die Arbeit der Geheimdienste nicht nur gegen Offizielle und Politiker. Auch ganz normale Bürger werden überwacht. Die Öffentlichkeit ist besorgt, Fragen nach der Kontrolle der Behörden drängen sich auf, die Menschen fordern Konsequenzen.

    Dabei galten Geheimdienste schon immer als mysteriös und spannend. Doch die Realität ihrer Arbeit hat oft wenig mit den Meisterspionen a la James Bond oder „Mission Impossible“-Held Ethan Hunt zu tun. Die Behörden sammeln Daten, werten sie aus, informieren, desinformieren, verhandeln und tauschen. Ihr Netz haben sie über die ganze Welt ausgeworfen. Das zeigen nicht erst die Enthüllungen von Prism und Edward Snowden.

    Eines der ältesten Gewerbe der Welt
    „Spionage ist eines der ältesten Gewerbe der Welt“, erklärt der Historiker und Geheimdienstexperte Siegfried Beer im Gespräch mit FOCUS Online. Beer leitet das österreichische Center für „Intelligence, Propaganda & Security Studies“, kurz ACIPSS, in Graz. Das Wissen um den Feind sei für jeden Staat von entscheidender Bedeutung. Schon Alexander der Große, der makedonische Heeresführer, dessen Reich ungeheure Ausmaße annahm, verließ sich auf Spionage.

    Das wurde ihm beinahe zum Verhängnis, wie Wolfgang Krieger in seiner „Geschichte der Geheimdienste“ zeigt: 333 v. Christus, bei Issus „berühmter Keilerei“, wurde Alexander falsch informiert. Seine Agenten sagten ihm, der Perserkönig und sein Heer seien noch weit entfernt – Tatsache war, dass sie aneinander vorbeimarschiert waren. Und Alexander so in umgekehrter Schlachtformation kämpfen musste – doch er siegte.

    Eine Folge der Industrialisierung
    „Organisierte, moderne Spionage gibt es aber erst seit etwa 130 Jahren“, erklärt der Geheimdienst-Experte Beer vom ACIPSS. „Großbritannien nahm eine Vorreiterrolle ein.“ Die Briten begannen in den 1870er-Jahren mit dem Aufbau eines Nachrichtendienstes: aus Angst vor den unterdrückten und rebellischen Iren. Das brachte die anderen Länder unter Zugzwang: Alle europäischen Großmächte des 19. Jahrhunderts gründeten ihrerseits nach und nach Geheimdienste.

    „Die moderne Spionage ist eine Folge der Industrialisierung“, sagt Beer. Wegen der verbesserten Kommunikation, den schnellen Transportwegen und der beginnenden Globalisierung mussten die Regierungen umdenken. In den Weltkriegen und dem Kalten Krieg entwickelten sie neue Methoden, um ihre Feinde besser zu überwachen und sich entscheidende Vorteile zu sichern. Heute hat jedes Land eigene Geheimdienste. Nicht nur zur Spionage und Gegenspionage, sondern auch zur Sicherung eigener Daten. Und, vor allem nach 9/11, zur Terrorismusbekämpfung.
    Geschichten aus Hunderten Jahren Spionage
    Doch die Prism-Enthüllung ist nur eine in einer langen Reihe vergleichbarer Skandale. Seien es Spione, die überliefen, die gefährlichen Methoden des Mossad oder die Meisterspione des KGB. Seitdem es organisierte Spionage gibt, werden die verborgenen Tätigkeiten in regelmäßigen Abständen enthüllt. Und immer bieten sie genug Stoff für spektakuläre Geschichten. FOCUS Online stellt eine Auswahl der aktivsten und gefährlichsten Geheimdienste der Welt und ihre Methoden vor – und zeigt ihre brisantesten Skandale und berühmtesten Spione.
    Deutschland – BND, BfV, MAD
    Montage/Panther
    In Deutschland sammelt unter anderem der Bundesnachrichtendienst Informationen
    Organisation der deutschen Nachrichtendienste

    Drei Nachrichtendienste teilen sich in Deutschland den Schutz der Bürger: Das Bundesamt für Verfassungsschutz (BfV) beobachtet das Inland, der Bundesnachrichtendienst das Ausland (BND), der militärische Abschirmdienst (MAD) kümmert sich um den Schutz der Armee. Die drei Behörden arbeiten großteils getrennt.

    Geschichte des BND

    Die Alliierten gaben 1949 die Struktur des Geheimdienstes in der Bundesrepublik vor. Dabei zogen sie vor allem die Lehren aus dem System des NS-Regiems: Die Geheime Staatspolizei, kurz Gestapo, hatte dort die Möglichkeit, eigenmächtig Verhaftungen durchzuführen. Das darf der Verfassungsschutz in Deutschland nicht. Die Nachrichtendienste haben generell keine polizeilichen Befugnisse.

    Der BND ist als deutscher Auslandsgeheimdienst dem Kanzleramt unterstellt und wurde 1956 gegründet. Zu den Aufgabenbereichen gehört die Beobachtung mutmaßlicher Terroristen, der organisierten Kriminalität, illegaler Finanzströme, des Rauschgifthandels, der Weitergabe von ABC-Waffen und Rüstungsgütern sowie von Krisenregionen wie Afghanistan oder Pakistan. Dazu wertet der BND Informationen von menschlichen Quellen, elektronische Kommunikation sowie Satelliten- und Luftbilder aus. Er zählt etwa 6000 Mitarbeiter – vom Fahrer bis zum Nuklearphysiker. Wie viel Geld der BND für Spionage ausgeben darf, hält die Behörde streng geheim.

    1950 wurde in der Deutschen Demokratischen Republik wohl einer der bekanntesten Geheimdienste der Welt gegründet: Das Ministerium für Staatssicherheit, kurz Stasi. Angegliedert an die Stasi war der Auslandsgeheimdienst Hauptverwaltung Aufklärung, die sich vor allem mit dem westlichen Bruder beschäftigte. Die Stasi mauserte sich zu einem entscheidenden Machtinstrument der sozialistischen Regierung. Sie unterdrückte Andersdenkende, warb sogenannte Spitzel an, inhaftierte Dissidenten – die Bevölkerung hatte Angst vor der Behörde. Das lag daran, dass die Behörde polizeiliche Befugnisse hatte. Bis heute läuft die Aufarbeitung über das Ausmaß der Stasi-Überwachung.

    Spektakuläres über den BND

    Deutsche Spione à la James Bond? Falsch. Beim BND sind Fremdsprachenexperten, Informatiker, Juristen, Biologen, Ingenieure und Islamwissenschaftler gefragt, keine Superagenten. Sie werden innerhalb von zwei bis drei Jahren zum Agenten ausgebildet – und dann als Tarifbeschäftigte, Soldaten und Beamten angestellt.

    2006 erschütterte ein Bericht über die Arbeit des BND die Bundesrepublik: Im großen Stil hörte der Dienst Journalisten ab. Gerade in den Achtzigern war der Bedarf an Informationen besonders hoch, namhafte Autoren bei Zeitungen wie Stern, Spiegel oder FOCUS standen unter Beobachtung.
    Welche Rolle spielte der BND im Irak-Krieg 2003? Hartnäckig halten sich Gerüchte, dass der Dienst einen Informanten hatte, der behauptete, dass der Irak Massenvernichtungswaffen und Biolabore besessen haben soll. Weiterhin haben Agenten des BND, so zeigt Alexandra Sgro in ihrem Buch „Geheimdienste der Welt“, angeblich strategische Informationen über irakische Verteidigungsstellungen und Truppenbewegungen an die USA weitergegeben. Die Bundesregierung hatte offiziell verlauten lassen, dass sich Deutschland aus dem Irak-Krieg heraushält – lässt sich dieser Status nach den Enthüllungen noch halten?
    Türkei – MIT
    Colourbox/Montage
    Die Türkei hat nur einen Nachrichtendienst: den „Millî Istihbarat Teşkilâti“
    Organisation türkischen Geheimdienstes

    Der Millî Istihbarat Teşkilâti (MIT) ist der einzige Nachrichtendienst der Türkei. Er ist für innere Sicherheit und Spionageabwehr zuständig. Außerdem hat er die Pflicht, für den Schutz der Landesgrenzen zu sorgen. Der Geheimdienst untersteht direkt dem Premierminister und ist dafür verantwortlich, bedrohliche Gruppierungen im In- und Ausland zu beobachten. Dabei gibt es häufig gewaltsame Konflikte mit Anhängern der verbotenen Arbeiterpartei Kurdistans PKK. Denn diese kämpfen für die Autonomie der kurdischen Gebiete der Türkei.

    Geschichte des MIT

    Schon vor der Gründung der Türkei gab es Geheimdienste. 1913 wurde Teşkilât-I Mahsusa als erster zentralisierter und organisierter türkischer Nachrichtendienst gegründet. Er sollte die Aktivitäten von Separatisten eindämmen. Während des Ersten Weltkrieges erlebte die Behörde ihre Blütezeit und war militärisch und paramilitärisch aktiv. Das Ende des Krieges bedeutete auch das Ende des Geheimdienstes.

    Sein Nachfolger war Karakol Cemiyeti, der Zivilpersonen und kleine Gruppierungen ab 1919 im türkischen Unabhängigkeitskrieg mit Waffen ausstattete. So gelang es, die Besatzungsmächte zu besiegen. Als die Briten im Jahr 1920 Istanbul besetzten, lösten sie auch den Nachrichtendienst auf. Danach gab es viele verschiedene Geheimdienste, die nie lange Bestand hatten. Bis 1965 der Millî Istihbarat Teşkilâti gegründet wurde.

    Spektakuläres über den MIT

    Wie Sgro in ihrem Buch „Geheimdienste der Welt“ schreibt, werden beim türkischen Geheimdienst nur schriftliche Bewerbungen angenommen, die per Post eingesendet werden – eine Vorbereitung auf die Spionagetätigkeit? Die frisch gebackenen Agenten bekommen ihren Arbeitsort dann per Losverfahren zugeteilt.

    In den Neunzigern machten Berichte die Runde, der türkische Geheimdienst würde militante Separatisten bekämpfen. Allerdings nicht nur im eigenen Land, sondern auch in Deutschland. Dabei schüchterten die Agenten angeblich Oppositionelle ein, bedrohten Asylbewerber und kündigten Repressalien gegen die in der Türkei lebenden Verwandten an.
    Ein anderes Ziel hatte laut Spekulationen sogenannter Experten der türkische Geheimdienst Mitte der 2000er-Jahre: Zu diesem Zeitpunkt war gerade die sogenannte Sauerland-Gruppe verhaftet worden. Sie plante offenbar einen Bombenanschlag in Deutschland, unterstützt von dem Türken Mevlüt K. – laut Medienberichten ein Informant des türkischen Geheimdienstes. Fakt ist: Er ist untergetaucht und wird per internationalem Haftbefehl gesucht.
    Frankreich – DGSE
    Motage/Panther
    Frankreichs Geheimdienst DGSE
    Organisation des französischen Geheimdienstes

    Der französische Geheimdienst nennt sich „Direction Générale de la Sécurité Extérieure“, kurz DGSE. Spezialoperationen des DGSE müssen von oberster Stelle genehmigt werden: Seit 2009 darf sie nur der französische Präsident bewilligen. Wer eingestellt wird, entscheidet das Verteidigungsministerium. Schwerpunkt des Geheimdienstes mit Sitz in Paris: Terrorismusbekämpfung. Außerdem haben die Geheimdienstler ein Auge auf Länder, in denen Massenvernichtungswaffen hergestellt und vertrieben werden.

    Geschichte des DGSE

    Die Geschichte des DGSE beginnt mit Charles de Gaulle. Der spätere Ministerpräsident Frankreichs ließ 1940 aus dem Exil einen Geheimdienst zusammenstellen. Er sollte für die Widerstandsbewegung „France Libre“ gegen das NS-Regime spionieren. Nach dem Krieg wurde ein neuer Geheimdienst gegründet, der Service de Documentation Extérieure et de Contre-Espionnage (SDECE). Seine Aufgaben: ausländische Berichterstattung und Gegenspionage. 1982 löste ihn der DGSE ab.

    Die Schwerpunkte des DGSE sind stark von Frankreichs Geschichte als Kolonialmacht geprägt. Denn zu seinen ehemaligen Kolonien pflegt Frankreich auch heute noch wirtschaftliche Beziehungen. Die Regierungen sollten also stabil bleiben. Wo Frankreich Fundamentalismus fürchtete, griff der Geheimdienst ein. So wie Ende der 1980er-Jahre in Algerien. Angeblich ermordete der DGSE 1992 den algerischen Präsidenten Muhammad Boudiaf. Und auch in Syrien könnte sich die Behörde 2012 eingemischt haben, Sgro. Agenten sollen dem syrischen General Manaf Tlass bei der Flucht geholfen haben. Der stand einst Machthaber Assad nahe.

    Spektakuläres über den DGSE

    Die wohl legendärste Doppelspionin überhaupt war für die Franzosen im Einsatz: Mata Hari. Die Nackttänzerin ließ sich zur Zeit des Ersten Weltkriegs von den Deutschen dafür bezahlen, französischen Militärs Geheimnisse zu entlocken. Gleichzeitig spionierte sie für die Franzosen in den von den Deutschen besetzten Gebieten. Die schöne Niederländerin wurde schließlich von den Franzosen zum Tode verurteilt, weil sie auch an Deutschland Geheimnisse verraten haben soll. Was genau sie wem erzählt hat, ist bis heute nicht bekannt. Erst 2017 wird der französische Staat die Akten freigegeben.

    In den 1980er-Jahren kämpfte der französische Geheimdienst gegen Greenpeace. Die französische Regierung testete zu dieser Zeit im Mururoa-Atoll im Pazifik Atomwaffen. Greenpeace-Aktivisten wollten dagegen protestieren. Agenten des DGSE gelang es, auf dem Greenpeace-Schiff Sprengsätze anzubringen. Bei der Explosion starb ein Mensch. Bewilligt wurde die Aktion angeblich vom damaligen Präsidenten François Mitterand. Der Verteidigungsminister rechtfertigte das Vorgehen: Anders hätte man den Protest nicht verhindern können.
    Großes Aufsehen erregte auch der Vorgänger des DGSE, der SDECE: 1965 verschwand Ben Barka, ein Marokkaner im französischen Exil – bis heute ist nicht geklärt, wer ihn entführt hat. Im Verdacht stehen französische Agenten. Sie hätten damit dem marokkanischen König geholfen und zugleich den Einfluss Frankreichs auf Marokko gesichtert. Bakra war in Marokko wegen Hochverrats verurteilt worden, weil er den König scharf kritisiert hatte. Er soll vom marokkanischen Innenminister getötet worden sein.
    Brasilien – Abin
    dpa/Montage
    Brasiliens Nachrichtendienst heißt „Agência Brasiliera de Inteligência“
    Organisation des brasilianischen Geheimdienstes

    Der brasilianische Geheimdienst heißt Agência Brasileira de Inteligência (Abin) und ist dem Präsidenten unterstellt. Die Aufgaben umfassen Spionage- und Terror-Abwehr, Informationsbeschaffung und Schutz der Bürger.

    Geschichte der Albin

    Schon 1927 wurde die militärische Behörde Conselho de Defesa Nacional gegründet, die sich zunächst mit geheimdienstlichen Aufgaben beschäftigte. Nachdem die Folgeorganisation die Arbeit in den Wirren des Militärputsches von 1964 schon wieder einstellte und durch einen regimehörigen Dienst ersetzt wurde, bestand die Behörde bis 1990. Die Abin wurde 1999 gegründet und übernimmt seitdem die Aufgabe des In- und Auslands-Geheimdienstes – im Gegensatz zu seinem Vorgänger als zivile Behörde.

    Spektakuläres über die Albin

    Nachwuchsarbeit bei Zehn bis 15-Jährigen? Warum nicht, muss sich die Abin gedacht haben. 2005, so beschreibt es Sgro in ihrem Buch, habe eine Informationsveranstaltung stattgefunden, bei der Jugendlichen die Arbeit von Agenten nahegebracht wurde. Dieses Programm soll weitergeführt werden und sich in Zukunft verstärkt an Schüler und Studenten richten.

    Es muss eine skurrile Situation gewesen sein: 1983 entdeckte ein Maler im Büro des damaligen Präsidenten eine Wanze mit aktivem Sender. Brasilianische Zeitungen machten schnell den Schuldigen aus: den Geheimdienst. Der habe sich derartige Abhör-Vergehen schon öfters zuschulden kommen lassen, so die Argumentation. Die wahren Hintergründe bleiben unbekannt.
    Im Juli diesen Jahres kam im Zuge des weltweiten Abhörskandals heraus, dass auch Brasilien im Fadenkreuz der NSA stand: Millionen Emails und Telefonate seien abgehört worden. Nach Informationen der Zeitung „O Blobo“ ist Brasilien das am meiste ausgespähte Land Lateinamerikas.
    Syrien – Abteilung für militärische Aufklärung
    AFP
    Syriens Geheimdienst ist in der Hand des Machthabers Baschar al-Assad
    Organisation des syrischen Geheimdienstes

    Etwas unübersichtlich stellt sich die Situation in Syrien dar: Fünf Behörden teilen die Geheimdienst-Aufgaben unter sich auf. Es gibt einen allgemeinen zivilen Nachrichtendienst, einen Nachrichtendienst der Luftwaffe, das Direktorat für Staatssicherheit sowie das Direktorat für politische Sicherheit im Innenministerium – in den Zeiten des Umbruchs ist aber vor allem eine Behörde wichtig: die Abteilung für Aufklärung. Sie unterstützt die militärischen Truppen und soll Dissidentengruppen zerschlagen – und soll dabei an illegalen Aktionen beteiligt gewesen sein.

    Geschichte der Abteilung für Militärische Aufklärung

    Die Gründung der Abteilung für Militärische Aufklärung datiert auf das Jahr 1969. In der westlichen Welt wurde der Geheimdienst allerdings erst in den 2000er-Jahren bekannt. Im Kampf gegen die Auswirkungen des arabischen Frühlings in Syrien koordinierte die Abteilung ab 2010 die Niederschlagung von Demonstrationen und die Diskreditierung der Rebellen.

    Doch auch in westliche Staaten entsendete der Geheimdienst seine Agenten: So soll ein Deutsch-Libanese über mehrere Jahre hinweg Informationen über syrische Oppositionelle in der Bundesrepublik gesammelt und an den syrischen Geheimdienst weitergegeben haben. Und auch der BND hat offenbar gute Kontakte nach Syrien: Die Tagesschau berichtete im Mai, dass der BND-Präsident an einem Treffen mit syrischen Geheimdienstlern teilgenommen haben soll.

    Spektakuläres über die Abteilung für Militärische Aufklärung

    Wenig ist über die Arbeit des syrischen Geheimdienstes bekannt. Doch ein Name steht wohl in direktem Zusammenhang mit einer Aktion syrischer Agenten im Jahr 2011: Oberstleutnant Hussein Harmusch. Er rief in einem Internetvideo dazu auf, sich gegen die syrische Regierung zu stellen und setzte sich in die Türkei ab. Kurze Zeit später verschwand er spurlos. Was war passiert? Sgro schildert die Geschichte folgendermaßen: Am Tag seines Verschwindens traf sich Harmusch mit einem türkischen Agenten, der ihn mit dem Auto abholte, aber nach Eigenaussage wenige Minuten später wieder absetzte.

    Mehr als zwei Wochen nach dieser Episode strahlte das syrische Staatsfernsehen ein Video aus, in dem Harmusch seinen Aufruf zum Widerstand widerrief. Experten erkennen einen tiefverängstigten Mann, sie gehen davon aus, dass er gezwungen wurde. Harmusch verschwindet daraufhin von der Bildfläche, bis heute weiß niemand, wo er ist. Nur die türkische Regierung äußerte sich noch einmal zu dem Fall: Sie ließ verlauten, dass der angebliche türkische Agent tatsächlich aus Syrien stammte.

    Mit welcher Grausamkeit der syrische Geheimdienst beispielsweise gegen Dissidenten vorgeht, zeigen Berichte aus dem Jahr 2012: Menschenrechtsorganisationen sprechen bei den Geheimdienstzentren in Damaskus von der „Hölle auf Erden“. „Human Rights Watch“ erfasste zahlreiche Fälle, in denen Familien ihre vermissten Angehörigen nur noch tot finden konnten: Mit Brandflecken und Blutergüssen übersät. Überlebende berichten von Methoden, die man aus dem europäischen Mittelalter kennt: Sie wurden an den Händen aufgehangen, dann wurden sie geschlagen und geschnitten. Oder sie wurden auf Kreuz-ähnliche Holzbretter geschnallt und von Häschern auf die Fußsohlen geschlagen. Andere berichten von Stromschocks im Genitalbereich und weiteren Foltermethoden.
    Die Beobachtergruppe „Violations Documentation Center“ spricht von über 25 000 Syrern, die seit 2011 verhaftet worden sind. Weniger als ein Fünftel sei bislang freigelassen worden. Experten gehen allerdings von weiter höheren Zahlen aus: Sie sprechen von Hunderttausenden Inhaftierten.
    Russland – KGB, FSB, SWR, GRU
    Colourbox/Montage
    Der FSB ist nur einer von Russlands Geheimdiensten
    Organisation des russischen Geheimdienstes

    Russland verlässt sich seit dem Zerfall der Sowjetunion auf diese Geheimdienst-Behörden: Den Inlandsgeheimdienst FSB, den Auslandsnachrichtendienst SWR, den Schutzdienst FSO und den Militärnachrichtendienst GRU. Die Aufgaben des SWR umfassen dabei Gegenspionage und Fernaufklärung, der Dienst umfasst rund 13 000 Mitarbeiter. Spannend ist aber vor allem der Inlandsgeheimdienst FSB, da er als Nachfolger des berüchtigten KGB gilt.

    Geschichte des russischen Geheimdienstes

    Die Wirren um die Abdankung des Zaren Nikolaus II. in der Februarrevolution 1917 forderten ein ganzes Land heraus: Eine provisorische Regierung wurde gebildet, die Oktoberrevolution brach aus, schon bald übernahmen kommunistische Bolschewiken die Macht. Der starke Mann Lenin regte die Gründung eines neuen Geheimdienstes an, um die Konterrevolution und Klassenfeinde zu bekämpfen.

    Nach einigen Umstrukturierungen und dem Zweiten Weltkrieg entstand 1954 der KGB als eigenständiges Ministerium. Erst 1991, mit dem Ende der Sowjetunion, hörte er auf zu existieren – wobei der Geheimdienst in Weißrussland noch immer KGB heißt. Der sowjetische KGB arbeitete dabei sowohl nach innen als auch nach außen, dazu gehörten Gegenspionage, Auslandsspionage, Bekämpfung von Regimegegnern, Sicherung der Parteimitglieder. SWR und FSB wurden in den 1990-Jahren gegründet und teilen sich wiederum in eigene Büros und Organe auf.

    Spektakuläres über den russischen Geheimdienst

    Normalerweise sind es Geschichtsbegeisterte, die Geheimdiensten Verschwörungstheorien andichten. In den 80er-Jahren, so schreibt Sgro in ihrem Buch, war es allerdings der KGB selbst, der für Furore sorgte: Tüchtige Sowjet-Agenten setzten das Gerücht in Umlauf, dass die US-Amerikaner den HI-Virus hergestellt und aus Versehen freigesetzt hätten. Der Plan: die USA damit zu diskreditieren. Selbst die deutsche Zeitung „taz“ griff die These auf. 1987 entschuldigte sich der Staatschef Gorbatschow bei US-Diplomaten, die Zeitung brauchte 20 Jahre länger und entschuldigte sich 2010.

    Unabhängig davon unterstanden dem KGB einige der berühmtesten Spione des 20. Jahrhunderts: Beispielsweise sorgte der Journalist Richard Sorge dafür, dass sich die Sowjets auf die deutschen und japanischen Angriffspläne einstellen konnten – weil der überzeugte Kommunist Dokumente weitergab. Aldrich Ames dagegen arbeitete eigentlich beim CIA, dort leitete der die Abteilung „Gegenspionage UDSSR“. Was niemand wusste: Ames spionierte für Russland. Er bekam Geld, die Sowjets die Namen von US-Spitzeln. Und dann wären da noch das Spionage-Ehepaar Rosenberg, der Doppel-Agent Heinz Felfe, der Atomwaffen-Physiker Klaus Fuchs und und und.

    Wie im Kalten Krieg: Erst im Juli stand ein russisches Agenten-Ehepaar vor dem Gericht in Stuttgart. Das Ehepaar firmierte unter den Decknamen Andreas und Heidrun Anschlag. Auch wenn die beiden nicht als klassische Spione gearbeitet haben sollen, hatten sie wohl als eine Art Briefkasten gedient. Das Paar wurde 2011 von Beamten des BKA und der GSG9 aufgespürt und festgenommen, nachdem sie 20 Jahre lang unentdeckt geblieben waren. Derzeit verhandeln russische und deutsche Behörden über einen Austausch der beiden Russen gegen einen deutschen Agenten.
    Dass auch der moderne russische Geheimdienst an traditionellen Methoden festhält, zeigt eine Meldung der russischen Zeitung „Iswestija“. Zum Schutz streng geheimer Informationen schreiben russische Geheimdienste auf Schreibmaschinen, nicht digital, auch handschriftliche Aufzeichnungen seien üblich. Besonders beliebt: das deutsche Modell Triumph-Adler Twen 180. Dabei hat jede Schreibmaschine eine eigene Signatur, so dass jedes Dokument der Maschine zugeordnet werden kann, auf der es geschrieben wurde.
    Neuseeland – GCSB
    Colourbox/Montage
    „Government Communications Security Bureau“ heißt der Geheimdienst Neuseelands
    Organisation des neuseeländischen Geheimdienstes

    Neuseeland hat zwei Geheimdienstbehörden: Den Security Intelligence Service und das nachgeordnete Government Communications Security Bureau (GCSB). Das GCSB kümmert sich um die nationale Sicherheit, überwacht ausländische Datenströme, stellt Sicherheitssysteme für die Regierung zusammen – Einheimische und Zugezogene mit ständigem Wohnsitz dürfen dabei nicht überwacht werden. Die Behörde ist dem Premierminister unterstellt.

    Geschichte des GCSB

    Im Jahr 1977 wünschte sich der neuseeländische Premierminister einen Geheimdienst – vergleichsweise spät im Vergleich zu anderen Staaten. Schnell wurden Anlagen für die Überwachung in Waihopai und in Tangimoana gebaut. Bis dahin arbeiteten Angestellte des Auslands- und Verteidigungsministeriums an der Nachrichtenbeschaffung. Um besser reagieren zu können, baute die Regierung das GCSB auf.

    Vor den Augen der Öffentlichkeit im Verteidigungsministerium versteckt, wurde die Behörde in den Anfang der 80er-Jahren zunächst nur der Politik vorgestellt. 1984 erfuhr die neuseeländische Öffentlichkeit von der Existenz des Geheimdienstes.Bis das GCSB aber eine eigene Behörde wurde, sollten noch mehrere Jahrzehnte vergehen: 2003, durch einen Erlass, wurde das GCSB als öffentliche Dienstleistungsabteilung eingerichtet.

    Spektakuläres über das GCSB

    Ausgerechnet ein Deutscher mit doppelter Staatsbürgerschaft – er hat auch einen finnischen Pass – wurde zum Politikum in Neuseeland: Kim Schmitz, auch bekannt als Kim Dotcom, geriet aufgrund zwielichtiger Online-Geschäfte in das Fadenkreuz des GCSB. Schmitz wurde im Januar 2012 aufgrund des Verdachts auf Urheberrechtsverletzungen sowie Geldwäsche verhaftet, doch bereits zuvor hörten neuseeländische Agenten Mr Dotcom ab – ohne Einverständnis der Regierung, allerdings im Auftrag der Polizei.
    Die Auswertung von Emails und Telefonaten, so zeichnet Sgro in ihrem Buch „Geheimdienste der Welt“ nach, brachte die Behörde auf die Spur der meisten Mitangeklagten. Das Problem: langjährige Bewohner Neuseelands dürfen nicht bespitzelt werden. Das Ergebnis: Die gesammelten Daten waren illegal erworben, der Premierminister entschuldigte sich bei Schmitz und dem neuseeländischen Volk.
    Österreich – HNA, HAA, BVT
    Motage/Panther
    Einer der österreichischen Geheimdienste, das Abwehramt
    Organisation des österreichischen Geheimdienstes

    In Österreich gibt es drei Geheimdienste: Der Auslandsnachrichtendienst ist das Heeresnachrichtenamt (HNaA oder HNA). Sein Gegenstück ist das Heeres-Abwehramt (HAA oder HabwA) als militärischer Inlandsnachrichtendienst. Beide unterstehen dem Bundesministerium für Landesverteidigung und Sport. Das Bundesamt für Verfassungsschutz und Terrorismusbekämpfung (BVT) ist die dritte Behörde.

    Geschichte der österreichischen Geheimdienste

    Militärische Nachrichtendienste gibt es in Österreich seit den Napoleonischen Kriegen. Napoleon veränderte damals mit seiner „Grande Armée“ die Kriegsführung, die Truppen waren beweglicher und agierten schneller. Die österreichische Monarchie musste darauf reagieren und begann, ein strukturiertes „militärisches Nachrichtenwesen“ aufzubauen. 1850 wurde der erste offizielle Nachrichtendienst in der österreichischen Monarchie eingerichtet: das Evidenzbüro. Ende des 19. Jahrhunderts überwachten dann die ersten „Geheimen Polizeiagenten“ hauptsächlich die öffentliche Sittlichkeit.

    Diese Struktur änderte sich bis zum Anschluss Österreichs an das Deutsche Reich im Jahr 1938 kaum. Danach spionierte die Gestapo im Inland, der Sicherheitsdienst war für das Ausland zuständig und die Abwehr für militärische Spionage. Sie galten auch in Österreich als mächtiges Instrument der Nationalsozialisten. Eine der ersten Amtshandlungen nach dem Zweiten Weltkrieg war die Gründung einer österreichischen Staatspolizei. Erst 1955 gründete das Bundesheer einen militärischen Geheimdienst.

    1972 wurde dieser in das heutige Heeres-Nachrichtenamt (HNaA) umgebaut. Zunächst beschäftigte sich dieses sowohl mit Auslandsaufklärung als auch mit Abwehr. 1985 wurde vom HNaA das Abwehramt abgespalten, weil das Heeresnachrichtenamt zu mächtig geworden war. Heute ist das Heeresnachrichtenamt vor allem im Einsatz gegen Terrorismus, Organisierte Kriminalität und irreguläre Migration.

    Spektakuläres über die österreichischen Geheimdienste

    Im Parlament ist ein ständiger Unterausschuss des Landesverteidigungsausschuss für die Kontrolle des Heeresnachrichtenamtes zuständig, die Parlamentarier sind aber auf strenge Verschwiegenheit vereidigt. Das HNaA soll eng mit US-amerikanischen Geheimdiensten zusammenarbeiten und vor allem in der Zeit des Kalten Krieges wichtige Informationen über Vorgänge in den Balkanstaaten an die USA weitergegeben haben. 1968 waren es österreichische Agenten des Heeresnachrichtenamtes, die als erste über den Einmarsch der Truppen des Warschauer Pakts in die Tschechoslowakei Bescheid wussten.
    Das Stillschweigen rund um die Arbeit des Heeresnachrichtenamtes verlieh dem Nachrichtendienst zwischenzeitlich große Macht. Das ging so weit, dass sogar Verteidigungsminister ausspioniert worden sein sollen. Als Verteidigungsminister Friedhelm Frischenschlager das zufällig erfuhr, soll er so erbost gewesen sein, dass er im Jahr 1985 das Heeresnachrichtenamt reformieren und das Heeres-Abwehramt davon abspalten ließ. Die beiden Nachrichtendienste sind bis heute politisch verfeindet: Das HNaA wird der Österreichischen Volkspartei zugeordnet, das HAA den österreichischen Sozialdemokraten. Diese sollen sich seit ihrem Bestehen immer wieder gegenseitig ausspionieren.
    USA – CIA, FBI, NSA, DEA
    Montage/Colourbox
    Zwei der US-Geheimdienste: FBI und CIA
    Organisation des US-amerikanischen Geheimdienstes

    Über keinen Geheimdienst gibt es derart viele Informationen wie über den US-amerikanischen. Der Auslandsgeheimdienst CIA, die inländische Spionageabwehr FBI, die weltweit operierende NSA, die amerikanische Bundespolizei, die Drogenbehörde DEA und elf weitere Dienste bilden die sogenannte United States Intelligence Community (IC). Insgesamt sollen dort etwa 200 000 Menschen arbeiten mit einem Gesamtbudget von 30 Milliarden Euro.

    Geschichte des CIA und der NSA

    Mit Gründung des Amts der Marineaufklärung begann 1882 die offizielle geheimdienstliche Aufklärung der USA. Doch schon unter George Washington hatten Agenten in geheimen Operationen, Aufklärung und Spionage gearbeitet. Die bekannteste Einrichtung, die Central Intelligence Agency, wurde 1947 ins Leben gerufen. Sie ist die Folgeorganisation des Office of Strategic Services, das im Laufe des Zweiten Weltkriegs aufgebaut wurde. Das Ziel: Die Sammlung strategisch wertvoller Informationen, aber auch Sabotage und Spionageabwehr. Mit dem National Security Act übernahm die Behörde Aufgaben, die FBI-Chef J. Edgar Hoover zunächst für seine Agenten vorgesehen hatte. ACIPSS-Experte Siegfried Beer erklärt, dass die USA zwar sehr spät mit der Errichtung eines Auslandsgeheimdienstes begonnen haben, dieser heute aber zu den effizientesten weltweit gehört.

    Doch eine andere Behörde macht derzeit Schlagzeilen: Die National Security Agency (NSA). Ihr Aufgabengebiet ist die weltweite, nachrichtliche Aufklärung. Die Wurzeln der Behörde reichen bis in die 40er-Jahre zurück, die offizielle Gründung datiert auf das Jahr 1952. Seitdem hält die NSA mit den technologischen Entwicklungen von Satellit bis Internet Schritt. In den Mittelpunkt einer weltweiten Diskussion über Datenschutz rückte die NSA, weil der Geheimdienstler Edward Snowden brisante Informationen über die weltweite Überwachung und die Kenntnisnahme europäischer Politiker von den Abhör-Programmen der Behörde veröffentlichte.

    Spektakuläres über die CIA

    „Bis in die frühen Siebziger hinein hatte die CIA weitgehend freie Hand“, sagt Beer. Und das nutzte die Agency voll aus: Waren CIA-Agenten am Attentat an John F. Kennedy beteiligt? Welche Rolle spielte die CIA bei den Anschlägen von 2001? Verdient die Behörde an weltweiten Drogen- und Geldwäschegeschäften? Für Verschwörungstheoretiker ist der US-Geheimdienst eine wahre Pandora-Kiste hanebüchener Geschichten. Dabei gibt es zahlreiche verbriefte Operationen: 1961 war die CIA beispielsweise an der Invasion in der Schweinebucht beteiligt, bei der Exilkubaner auf Kuba landen und die Regierung Castros stürzen wollten – und scheiterte spektakulär.
    Viele weitere Operationen mit dem Ziel, Machthaber zu stürzen, wurden von der CIA angeleiert. In Afghanistan warben CIA-Agenten ab 1979 bis zu 100 000 Einheimische an, trainierten sie, unterstützten sie mit Waffen und Geld und schickten sie in den Kampf gegen sowjetische Truppen. Wohl einer der Hauptgründe für die gegenwärtige Stärke der Taliban in dem befreiten Land. Nicht immer nutzt die Agency bei ihren Operationen legale Mittel, Menschenrechtsorganisationen werfen der Behörde Verletzung internationalen Rechts und Folter vor.
    Großbritannien – MI5, MI6
    Motage/Panther
    Großbritanniens MI5 und MI6
    Organisation des englischen Geheimdienstes

    Neun Behörden kümmern sich in Großbritannien um die Geheimdienstarbeit, organisiert im Secret Service Bureau. Am bekanntesten sind sicherlich der Security Service und der Secret Intelligence Service, kurz: MI5 und SIS oder MI6. Während sich der Blick des MI5 in das eigene Land richtet, kümmert sich der MI6 um das Ausland. Hinlänglich bekannt wurde der MI6 durch die Arbeit des wohl berühmtesten Spions James Bond, auch wenn dieser natürlich nur ein Roman- und Filmheld und kein echter Agent ist.

    Geschichte des MI6

    Ursprünglich war der MI6 für die Marine zuständig, als er 1909 gegründet wurde. Zunehmend spezialisierte sich der Dienst aber auf das Ausland, im Ersten Weltkrieg sammelten Agenten Informationen über das Deutsche Reich und kämpften gegen den Kommunismus in Russland. Nach der Machtübernahme durch die Nationalsozialisten arbeitete der SIS unter anderem an der Entschlüsselung der Geheim-Codes der Nazis.

    Im Kalten Krieg versuchte sich die Behörde in der Anwerbung sowjetischer Offizieller oder an Staatsstreichen, über die Erfolgsrate schweigt sie sich bis heute aus. Seit 1994 sind die Zuständigkeiten im Intelligence Services Act geregelt. Auch die Überwachung von Telefonaten und Internetaktivitäten Verdächtiger gehört zur Aufgabe der Behörde. Könnten Sie ein MI6-Agent sein?

    Spektakuläres über den MI6

    Eine der bekanntesten und schillerndsten Personen in der Geschichte der Geheimdienste ist Thomas Edward Lawrence, auch bekannt als Lawrence von Arabien. Der studierte Archäologe begab sich 1914 offiziell zur Kartographierung in den Nahen Osten, unter der Hand ging es um militärisches Auskundschaften. Aufgrund seiner Erfolge und Fähigkeiten wurde er schnell vom britischen Geheimdienst angeworben – und integrierte sich derart gut in die einheimischen Beduinenvölker, dass er sie zum Aufstand gegen die Fremdherrschaft durch die Türken führte. Ganz im Sinne seines Heimatlandes. Noch zu Lebzeiten wurde Lawrence zum Mythos – und zu einem beliebten Gesprächsgegenstand der englischen Aristokratie.
    Eine spektakuläre Mordtheorie geistert seit dem 3. August 1997 durch Großbritannien: Wurde Prinzessin Diana, die Ex-Frau des britischen Thronfolgers Prinz Charles, vom MI6 beseitigt? Sgro schreibt dazu, dass das britische Königshaus Angst vor einem muslimischen Schwiegervater des zukünftigen Königs gehabt hatte und Lady Di zu allem Überfluss auch noch schwanger gewesen sein soll. Diana war seit kurzem mit Dodi Al-Fayed zusammen, dem Sohn des Harrod-Geschäftsführers Mohamed Al-Fayed. Bis heute ist der Fall nicht aufgeklärt, Gerüchte über vertauschte Blutproben, eine überschnelle Einbalsamierung zur Vertuschung der Schwangerschaft und den Einsatz einer Stroboskop-Lichtkanone zur Blendung des Limousinen-Fahrers machen noch immer die Runde.
    Spanien – CNI
    panther/Montage
    CNI, das Kürzel des spanischen Geheimdienstes, steht für „Centro Nacional de Inteligencia“
    Organisation des spanischen Geheimdienstes

    In Spanien kümmert sich der Centro Nacional de Inteligencia (CNI) um Spionage-Dinge. Der Geheimdienst ist Teil des spanischen Verteidigungsministeriums. Seine Aufgaben umfassen die Informationsbeschaffung und Abwehr, aber auch wirtschaftliche Analysen und politische Risikobewertungen. Der spanische Ministerrat fungiert einerseits als Kontrollorgan, andererseits bestimmt er jährlich die Ziele der Behörde neu. Der CNI umfasst etwa 600 Mitarbeiter.

    Geschichte des CNI

    Die Wurzeln der Behörde liegen in der Zeit des spanischen Bürgerkriegs: 1935 gründete die Zweite Republik einen Geheimdienst, der – überrascht vom Beginn des Krieges – allerdings nie seine Arbeit aufnahm. Bis zu acht verschiedene Dienste arbeiteten bis in die 70er-Jahre gleichzeitig, zum Teil beschafften sie sogar dieselben Informationen.

    Erst 1972 gründete sich der erste offizielle Geheimdienst in Spanien, der sogenannte Zentrale Dokumentationsdienst – noch unter der Diktatur des Generals Francisco Franco. Hauptzweck war der Schutz der Diktatur und die Aufdeckung von Umsturzplänen. 1977, zwei Jahre nach dem Tod des Diktators, wurde der Geheimdienst reformiert und dem Verteidigungsministerium angegliedert.

    Spektakuläres über das CNI

    „Sieben spanische Agenten im Irak getötet“ – diese Nachricht ging 2003 um die Welt. Mit einem Schlag verlor der spanische Geheimdienst praktisch alle Experten in dem Land. Und alles nur, weil die Agenten offenbar einem irakischen Doppelagenten zum Opfer fielen. An einem Samstag im November trafen sich vier dort stationierte CNI-Agenten mit ihren Kollegen, die sie ablösen sollten. Mit dabei: ihre Kontaktperson und Informanten – und ein Maulwurf, der die Spanier an Saddams Truppen verriet. Ein tödlich verwundeter Agent rief offenbar noch während des Hinterhalts bei der CNI-Zentrale an und flehte mit letzter Kraft: „Sie bringen uns um. Schickt Hubschrauber herbei!“.
    Ein schwieriges Verhältnis hat der CNI zum spanischen Königshaus: Als sich König Juan Carlos in den 2000ern eine Geliebte leistete, musste Spaniens Geheimdienstchef vor dem Parlament antanzen und Auskunft geben – offiziell zum Schutz der Monarchie und des Wohl des Königs. Doch eigentlich ging es um die Frage, ob die „enge Freundin“ des Königs auf Staatskosten ausgehalten wurde. Die Befragung verlief allerdings hinter verschlossenen Türen und ergab nichts Erhellendes. Erst ein Mitarbeiter der Polizeigewerkschaft erhärtete die Gerüchte und so wurde das Verhältnis zum Politikum – ohne Beteiligung des CNI.
    Israel – Mossad
    AFP/Montage
    Israels berüchtigter Geheimdienst Mossad
    Organisation des israelischen Geheimdienstes

    In Israel gibt es vier Behörden, die sich um nachrichtendienstliche Belange kümmern: Den militärischen Geheimdienst Aman, den wissenschaftlichen Nachrichtendienst Lakam, den Inlandsgeheimdienst Schin Bet und den – sicherlich am bekanntesten – Auslandsgeheimdienst Mossad. Das Hauptquartier des Mossad befindet sich in Tel Aviv, laut Schätzungen arbeiten in der Behörde etwa 1200 Geheimdienstler. Darunter aktive Agenten, die sogenannten Katsas, und freiwillige Helfer, die sogenannten Sjanim – organisiert in einem weltweiten Netz israelischer Spione. Der Mossad kümmert sich um die Sicherheit des Landes und des Militärs, gilt aber auch als operativer Arm der Regierung – Geschichten über Liquidierungen und Entführungen durch Mossad-Agenten gibt es seit jeher.

    Geschichte des Mossad

    Israel ist ein vergleichsweise junger Staat: 1947 teilte die UN Palästina in einen jüdischen und einen arabischen Staat – um einen Lebensraum für die Überlebenden des Holocausts zu schaffen. Für die arabische Bevölkerung stellten die Pläne jedoch eine Provokation dar: Einer der zentralen Konflikte des 20. Jahrhunderts war geschaffen. Kriegerische Auseinandersetzungen folgten, gleichzeitig arbeiteten inoffizielle Organisationen daran, arabische Aufstände zu vermeiden. 1949 gründete der damalige Premierminister David Ben-Gurion dann den ersten offiziellen Geheimdienst, zunächst dem Außenministerium zugeordnet, später Teil des Büros des Premierministers.

    Spektakuläres über den Mossad

    Wie Alexandra Sgro in ihrem Buch „Geheimdienste der Welt“ beschreibt, wählte der Mossad seine Bewerber besonders streng aus: Angehende Agenten mussten ihre Geschicklichkeit unter Beweis stellen, indem sie an gut einsehbaren Stellen Bomben platzieren sollten – ohne, dass sie dabei gesehen werden. Wer geschickt genug war, wurde Agent. Heute steht am Beginn lediglich ein medizinischer und psychologischer Check, die Ausbildung dauert drei Jahre – mit einem Stundenplan aus Ausfragen, Leeren toter Briefkästen, Durchführung von Anschlägen und die spezielle israelische Kampfkunst Krav Maga.

    Doch das sollte nicht darüber hinwegtäuschen, dass der Mossad einer der effizientesten Geheimdienste weltweit ist, erklärt der Experte Beer. Eine der spektakulärsten – und ersten großen – Operationen des Mossads war die Gefangennahme des nach Argentinien geflohenen Nazis Adolf Eichmann. Er war als Mitglied des Reichsicherheitshauptamtes maßgeblich an der Deportation und Ermordung der Juden im „Dritten Reich“ beteiligt. Er tauchte in Südamerika unter, wurde allerdings vom Mossad aufgespürt und 1960 verhaftet. Nach einem neunmonatigen Prozess wurde er zum Tode verurteilt und 1962 hingerichtet.

    Zehn Jahre später kam es bei den Olympischen Spiele in München zur Katastrophe: Eine palästinensische Terror-Gruppe ermordete elf israelische Sportler – die israelische Führung schwor Rache. Die Sonderheinheit „Caesarea“ jagte die acht Mörder über den gesamten Globus und vollendete die Hatz mit dem Mord an dem letzten Attentäter im Jahr 1979. Die Operation „Zorn Gottes“ ging in die Geschichte ein – wohl auch deshalb, weil ein Unschuldiger sterben musste. Mossad-Agenten töteten den Marokkaner Ahmed Bouchiki. Sie verwechselten ihn mit einem der palästinensischen Attentäter.
    Und auch heute noch scheint der Mossad sehr aktiv zu sein. 2012 machte ein Medienbericht die Runde, wonach sich israelische Agenten Mitte der 2000er als CIA-Spione ausgegeben haben sollen, um eine Rebellen-Organisation zu Anschlägen im Iran anzustiften. Es war eine der „besonderen“ Methoden im geheimen Atomkrieg. Von 2010 bis 2012 wurden vier iranische Atom-Wissenschaftler ermordet – von Israel, so Beobachter.
    China – Ministerium für Staatssicherheit
    Colourbox
    In China ist das Ministerium für Staatssicherheit als Geheimpolizei tätig
    Organisation des chinesischen Geheimdienstes

    Der Geheimdienst in der Volksrepublik China teilt sich in das Ministerium für Staatssicherheit und den Militärnachrichtendienst auf. Das Ministerium kümmert sich dabei um in- wie ausländische Belange und gilt als einer der größten Geheimdienste weltweit. Die Methoden wie Netzzensur, Verletzung von Menschenrechten und zum Teil gewalttätige Überwachung von Dissidenten zeigt, dass das Ministerium ein Dienst mit polizeilichen Befugnissen zu sein scheint.

    Geschichte des Ministeriums für Staatssicherheit

    Dass Geheimdienste nicht erst ein Phänomen der Moderne sind, zeigt das riesige Netzwerk von Geheimdiensten in der Ming-Dynastie. Die Agenten wurden von Eunuchen angeführt, zumeist einfache Männer aus dem Volk. Die Ming-Herrscher sahen sich im 16. Jahrhundert zunehmend bedroht durch die Macht der Geheimtruppen und ihren Führern. Alle Maßnahmen kamen schließlich zu spät, die große Ming-Dynastie zerbrach. Unter anderem wegen des Konflikts zwischen hohen Beamten und den aus niedriger Herkunft stammenden Eunuchen.

    Im Jahr 1949 gründete die Kommunistische Partei den Vorläufer des Sicherheitsministeriums. Die Behörde sollte die Granden der Partei über weltweite Vorkommnisse unterrichten, basierend auf Nachrichten der Presseagenturen und einer limitierten Zahl Zeitungen und Bücher. Mit der Konsolidierung der Macht der Kommunistischen Partei wuchs auch die Aufgabe des Geheimdienstes, die jäh durch die Kulturrevolution unterbrochen wurde. In den Siebziger Jahren wurde die Arbeit wieder aufgenommen und die Behörde in kurzer Zeit massiv erweitert, bis sie 1983 in das Ministerium für Staatssicherheit überformt wurde – um alles abzuwehren, was dem sozialistischen System Chinas gefährlich werden könnte.

    Spektakuläres über das Ministerium für Staatssicherheit

    Die größte Bedrohung geht von Chinas Cyberspionage aus: Erst im Mai hatte eine US-Expertenkommission eine Liste von militärischen Projekten veröffentlicht, die vom chinesischen Geheimdienst über das Internet ausspioniert wurde. Darunter derart wichtige strategische Objekte wie das Patriot-Raketenabwehrsystem, Flugzeuge und Kriegsschiffe. Aber auch das Videosystem für Drohnen, Nanotechnologie, Nachrichtenverbindungen – der Schaden sei kaum absehbar, so die Kommission. Der Hintergrund sind offenbar die Modernisierungsbemühungen der chinesischen Armee.
    Doch auch vor Ort scheinen chinesische Spione ihrer subversiven Tätigkeit nachzugehen: Etwa 120 Agenten arbeiten in den USA, Kanada, Japan, West-, Ost- und Nord-Europa als Geschäftsleute, Industrie-Arbeiter, Banker, Wissenschaftler, Journalisten.
    Finnland – Supo
    Motage/Panther
    Der „Supo“, der zivile Nachrichtendienst, ist nur einer von Finnlands Geheimdiensten
    Organisation des finnischen Geheimdienstes

    In Finnland gibt es zwei offizielle Nachrichtendienste: Zum einen die „Suojelupoliisi“ (Supo), den zivilen Nachrichtendienst, und das „Pääesikunnan tiedusteluosasto“, den militärischen Nachrichtendienst. Die Supo ist ein Teil der finnischen Polizei und untersteht dem Innenminister, ihr Hauptquartier steht in Helsinki. Etwa 220 Geheimdienstler arbeiten dort an Terrorismus-Bekämpfung, Gegenspionage und allgemein der Bekämpfung von Verbrechen, die sich gegen die Regierung und die Politik richten.

    Das „Pääesikunnan tiedusteluosasto“ dagegen untersteht dem finnischen Verteidigungsminister. Die Behörde ist mit dem Schutz des finnischen Hoheitsgebiets beauftragt. Ein zentrales Mittel für die Überwachung ist die Funkaufklärung: Sie sitzt in der zentralfinnischen Kleinstadt Tikkakoski.

    Geschichte der Supo

    Finnland litt schon immer unter seiner exponierten Lage: Über Jahrhunderte hinweg führten Schweden und Russland ihre kriegerischen Konflikte auf dem finnischen Festland aus, erst im 19. Jahrhundert konnten die Finnen die Fremdherrschaft abschütteln und zu einem eigenständigen Staat werden, obgleich eine starke Abhängigkeit zu Russland auch weiterhin bestand. 1917 rief Finnland seine Unabhängigkeit aus, eine tiefe Kluft zwischen rechten und linken politischen Kräften durchzog jedoch das Land.

    Darin fußt die Geschichte der Geheimdienste: Rechte Kräfte gründeten eine Vorläufer-Organisation der Supo, um die „Roten“ zu überwachen. Nach dem Ende der Konflikte 1919 wurde die Geheimdienstarbeit dem Innenministerium unterstellt. Ab da lässt sich eine durchgehende Spionage-Tätigkeit bis in die Gegenwart verfolgen. Doch die politische Entzweiung brodelte weiter: 1949 wurde die Supo gegründet, um die mit Kommunisten besetzte Staatspolizei abzulösen. Die Organisation hat kein eigenes Einsatzkommando. Sie kann allerdings auf das „Karhu“-Team zurückgreifen, ähnlich dem amerikanischen Swat-Team.

    Spektakuläres über die Supo

    Eine der spektakulärsten Einsätze ist sicherlich Operation Stella Polaris: Im Zweiten Weltkrieg wurde Finnland erneut Dreh- und Angelpunkt östlicher und westlicher Machtinteressen. Einerseits verbündete sich Finnland zwar mit Nazi-Deutschland, andererseits fürchtete die Führung sowohl eine Invasion der Wehrmacht als auch der sowjetischen Truppen. Die Lösung war eine geheime Operation mit den Vereinigten Staaten: Mehrere finnische Spione setzten sich in das benachbarte Schweden ab und verkauften Informationen über das „Dritte Reich“ und die Sowjetunion an die USA.
    1942, bei einem Besuch Heinrich Himmlers, spionierte der finnische Geheimdienst den damaligen Reichsführer SS aus – und rettete so wohl 2000 Juden das Leben, wie die Historikerin Janne Könönen 2002 herausfand. Die heimlich abfotografierte Liste mit den Namen einheimischer Juden wurde dem damaligen Staatspräsidenten ausgehändigt – dieser sprach sich vehement gegen eine Auslieferung der Juden aus und bewahrte sie so vor der sicheren Deputation in deutsche Lager.
    Die schwierige Quellenlage
    Das Internet ist voll brisanter Informationen über die Geheimdienste der Welt. Teilweise ist die Quellenlage mysteriös – und oft falsch. Behörden, die im Geheimen agieren, haben es natürlich an sich, zu den wildesten Verschwörungstheorien einzuladen, die Grenzen zwischen Wahrheit und Fiktion verwischen gerne. Doch es gibt auch seriöse und wissenschaftliche Ansätze – eine Übersicht:

    Einen pragmatischen und sehr überblicksreichen Ansatz bietet das Buch „Geheimdienste der Welt“ von Alexandra Sgro, 2013 erschienen im Compact Verlag. Sgro fasst die wichtigsten Informationen zu bekannten Geheimdiensten wie MI6, BND, CIA aber auch unbekannteren Behörden wie Schwedens Säkerhetspolisen oder Griechenlands Ethniki Ypiresia Pliroforion zusammen und reichert die Berichte mit Geschichten zu den größten Skandalen und bekanntesten Spionen an.

    Auf der wissenschaftlichen Seite schreibt der emeritierte Professor Dr. Wolfgang Krieger in seiner Monographie „Geschichte der Geheimdienste. Von den Pharaonen bis zur CIA“, 2010 in der zweiten Auflage bei C.H. Beck erschienen. Wie der Titel vermuten lässt, beginnt Krieger seine historische Suche nach den Wurzeln der Spionage in der Antike und verfolgt sie bis in die Gegenwart. Die aktuellsten Entwicklungen zu Snowden und der NSA fanden dabei aufgrund des Veröffentlichungszeitpunktes nicht in das Buch. Spannend: Trotz allem schreibt Krieger über Bürgerrechtsverletzungen, versteckte Kooperationen der internationalen Geheimdienste und „Whistleblower“.

    Das „Austrian Center for Intelligence, Propaganda & Security Studies“ (ACIPSS) ist eine wissenschaftliche Plattform unter der Ägide von Professor Dr. Siegfried Beer. Das ACIPSS bietet Tagungsberichte, wissenschaftliche Studien und Interviews zu aktuellen Phänomenen – wie beispielsweise zum Abhör-Skandal. Außerdem beschäftigt sich das Center mit der Geschichte der Geheimdienste im europäischen Westen sowie den USA.

    Von FOCUS-Online-Redakteur Julian Rohrer , FOCUS-Online-Autor Johannes Ruprecht und FOCUS-Online-Autorin Lisa Kohn

    Find this story at Augustus 2013

    © FOCUS Online 1996-2013

    Datenspionage in Deutschland; BND schnüffelte millionenfach für US-Geheimdienste

    Ist der Bundesnachrichtendienst ein Handlanger der US-Geheimdienste? Einem Bericht des “Spiegel” zufolge leiten die deutschen Agenten noch weit mehr Daten an die US-Kollegen weiter als angenommen.

    Eine Demonstrantin vor dem Gebäude des Bundesnachrichtendienstes

    Der Bundesnachrichtendienst (BND) übermittelt nach einem “Spiegel”-Bericht in großem Umfang Metadaten aus der eigenen Fernmeldeaufklärung an die wegen ihrer Datensammelwut umstrittene US-Behörde NSA. Der deutsche Auslandsgeheimdienst gehe inzwischen davon aus, dass sich sein Standort im bayerischen Bad Aibling hinter einer der beiden Datensammelstellen (Sigads) verbergen könnte, über die der US-Geheimdienst laut Unterlagen aus dem Archiv des US-Informanten Edward Snowden allein im Dezember 2012 unter der Überschrift “Germany – Last 30 days” rund 500 Millionen Metadaten erfasste. Das schreibt das Hamburger Magazin in seiner neuen Ausgabe.
    Anzeige

    Der BND betonte, man arbeite mit der NSA seit über 50 Jahren zusammen – “insbesondere bei der Aufklärung der Lage in Krisengebieten, zum Schutz der dort stationierten deutschen Soldatinnen und Soldaten und zum Schutz und zur Rettung entführter deutscher Staatsangehöriger. Genau diesen Zielen dient auch die Zusammenarbeit mit der NSA in Bad Aibling, die in dieser Form seit über zehn Jahren erfolgt und auf einer Vereinbarung aus dem Jahr 2002 basiert.” Nach wie vor gebe es “keine Anhaltspunkte dafür, dass die NSA in Deutschland personenbezogene Daten deutscher Staatsangehöriger erfasst”, betonte der Geheimdienst-Sprecher.

    Man gehe davon aus, “dass die Sigad US-987LA und -LB” den Stellen “Bad Aibling und der Fernmeldeaufklärung in Afghanistan zugeordnet sind”, teilte der BND laut “Spiegel” mit. “Vor der Weiterleitung von auslandsbezogenen Metadaten werden diese in einem mehrstufigen Verfahren um eventuell darin enthaltene personenbezogene Daten Deutscher bereinigt.” Deutscher Telekommunikationsverkehr werde nicht erfasst, so der BND.

    Unterlagen aus dem Snowden-Archiv zufolge unterhalten NSA-Abhörspezialisten auf dem Gelände der Mangfall-Kaserne in Bad Aibling eine eigene Kommunikationszentrale und eine direkte elektronische Verbindung zum Datennetz der NSA, so “Der Spiegel”. Die Weiterleitung der Metadaten in diesem Umfang wirft laut Magazin neue Fragen auf, etwa nach der rechtlichen Grundlage für einen derart weitgehenden Austausch.

    Dem BND zufolge laufen “alle Aktivitäten im Rahmen von Kooperationen mit anderen Nachrichtendiensten unter Einhaltung der Gesetze, insbesondere des BND-Gesetzes und des G-10-Gesetzes”. Die Übermittlung personenbezogener Daten deutscher Staatsangehöriger erfolge auch “nicht massenhaft, sondern nur im Einzelfall und nach Vorgaben des G-10-Gesetzes. Im Jahr 2012 wurden lediglich zwei Datensätze eines deutschen Staatsangehörigen im Rahmen eines derzeit noch laufenden Entführungsfalls an die NSA übermittelt.”

    3. August 2013, 20:34 Uhr

    Find this story at 3 August 2013

    © stern.de

    NSA use of bases in Germany remains murky

    More than 20 years after the end of the Cold War, the US still has several military bases in Germany. Experts think that they could play a key role for the NSA’s activities.

    “German law applies on German soil and anyone operating here needs to adhere to it,” German Chancellor Angela Merkel said at a news conference before the summer recess. Merkel made the comment in connection with alleged US intelligence activities in Germany.

    After Merkel had gone off on holiday, UK daily The Guardian published fresh revelations on the NSA software XKeyscore. The article showed a graphic that pointed to data being mined by US intelligence from servers in Germany rather than just from servers based in the US.

    There is now speculation that the NSA and other US intelligence agencies obtain access to German Internet hubs via US military bases in Germany. More than 50,000 US soldiers are still based in Germany – more than the entire armed forces of Belgium. Worldwide, the US has several hundred bases.
    Gaycken: Spying from US military basis likely

    It helps to be close by

    IT specialist Sandro Gaycken from the Free University Berlin says it is highly likely that the US uses its military bases to gain access to cables. “It helps to be physically close to the data hubs you want to mine from,” he told DW. “It does make sense,” he added.

    But can US intelligence really gain access without the German government’s knowledge? Gaycken says it is possible, but unlikely. “If it’s servers in allied countries, it could be that special contracts allow you direct and legal access to those systems,” he explains.

    Legal basis for spying

    And there are agreements regulating US intelligence activities on US military bases in Germany. In 1968, the G10 law was passed, regulating the surveillance of postal and telecommunications services by German intelligence agencies.

    The law also included an administrative agreement that allowed wiretapping and surveillance by the allied forces in Germany for the purpose of protecting the troops.

    On Friday (02.08.2013) Germany’s Foreign Ministry declared that “the administrative agreement from 1968/69 in connection with the G10 law” with the US and the UK was being suspended “by mutual consent.”

    German Foreign Minister Guido Westerwelle called it “a necessary and correct consequence resulting from the recent debates about privacy.”
    The German government suspended an agreement with the US

    Purely symbolic?

    But the announcement has not changed anything, as the agreement has long been obsolete, according to a government spokesman, who said on July 8 that it had not been applied since reunification in 1990.

    And so the speculating continues as to the legality of the NSA’s activities in Germany. What is clear is that US intelligence agencies operate on US military bases in Germany.

    The German Defense Ministry issued a paper listing companies that profited from discounts available to those who do business with US forces in Germany. The paper names 207 companies that were granted discounts “for analytical services.”

    “Senior intelligence systems analyst” or “signal intelligence analyst” are two job descriptions that would have fit the bill, according to the paper.

    The German government told reporters on July 31 that “analytical activities” included technical, military services. But they said they were not exactly sure what that entails.

    The firm whistleblower Edward Snowden worked for, Booz Allen Hamilton, was granted a license for “intelligence operations” in Germany, according to a German Foreign Ministry source from November 28, 2008.
    Scmidt-Eenboom: NSA is an all too powerful force

    What happened in the Dagger complex?

    Some of the companies eligible for those discounts may well be working for the NSA in the Dagger complex in Griesheim near Darmstadt. More than 1,000 US intelligence agents work in this predominantly underground complex.

    “Germany could demand for the US to close down a facility like the one in Griesheim – if Germany took the view that the Americans are violating Germans’ civil rights,” says intelligence expert Erich Schmidt-Eenboom.

    “But that would mean confrontation, also between the various agencies. And that’s something the relatively small [German Foreign Intelligence Service] BND cannot afford.”

    Date 03.08.2013
    Author Marcus Lütticke / ng
    Editor Richard Connor

    Find this story at 3 August 2013

    © 2013 Deutsche Welle

    Überwachung; BND leitet massenhaft Metadaten an die NSA weiter

    Die NSA verfügt über Millionen Verbindungsdaten aus Deutschland – nach SPIEGEL-Recherchen übermittelt der Bundesnachrichtendienst viele der Informationen. Auch die technische Kooperation der beiden Geheimdienste ist enger als bislang bekannt.

    Hamburg – Der Bundesnachrichtendienst (BND) übermittelt in großem Umfang Metadaten aus der eigenen Fernmeldeaufklärung an die NSA. Der deutsche Auslandsgeheimdienst geht inzwischen davon aus, dass sich sein Standort in Bad Aibling hinter einer der beiden Datensammelstellen (Sigads) verbergen könnte, über die der US-Geheimdienst laut Unterlagen aus dem Archiv des Whistleblowers Edward Snowden allein im Dezember vergangenen Jahres unter der Überschrift “Germany – Last 30 days” rund 500 Millionen Metadaten erfasste.

    Man gehe davon aus, “dass die Sigad US-987LA und -LB” den Stellen “Bad Aibling und der Fernmeldeaufklärung in Afghanistan zugeordnet sind”, erklärte der BND gegenüber dem SPIEGEL. Unter Metadaten versteht man bei Telefonaten, E-Mails oder SMS die Verbindungsdaten, also unter anderem die Informationen, wann welche Anschlüsse miteinander verbunden waren.

    “Vor der Weiterleitung von auslandsbezogenen Metadaten werden diese in einem mehrstufigen Verfahren um eventuell darin enthaltene personenbezogene Daten Deutscher bereinigt.” Deutscher Telekommunikationsverkehr werde nicht erfasst, so der BND. Zudem habe man bislang “keine Anhaltspunkte, dass die NSA personenbezogene Daten deutscher Staatsangehöriger in Deutschland erfasst”. Ob die NSA noch weitere Metadaten aus Deutschland sammelt, und wenn ja auf welchem Wege, ist weiterhin unbekannt.

    Unterlagen aus dem Snowden-Archiv zufolge unterhalten NSA-Abhörspezialisten auf dem Gelände der Mangfall-Kaserne in Bad Aibling eine eigene Kommunikationszentrale und eine direkte elektronische Verbindung zum Datennetz der NSA.

    Die Weiterleitung der Metadaten in diesem Umfang wirft neue Fragen auf, etwa nach der rechtlichen Grundlage für einen derart weitgehenden Austausch. Dem BND zufolge laufen “alle Aktivitäten im Rahmen von Kooperationen mit anderen Nachrichtendiensten unter Einhaltung der Gesetze, insbesondere des BND-Gesetzes und des G-10-Gesetzes”.

    BND gab NSA Kopie zweier Programme

    Auch die technische Kooperation ist enger als bekannt. Unterlagen aus dem Snowden-Archiv zufolge gaben NSA-Spezialisten Vertretern von BND und Bundesamt für Verfassungsschutz ein Training im Umgang mit den neuesten Analysemethoden des Programms XKeyscore – dem Material zufolge soll es dabei unter anderem um Verhaltenserkennung (“behavior detection”) gehen.

    Umgekehrt zeigten sich NSA-Analysten schon vor Jahren an Systemen wie Mira4 und Veras interessiert, die beim BND vorhanden waren. “In einigen Punkten haben diese Werkzeuge Fähigkeiten, die die US-Sigint-Möglichkeiten übertreffen”, heißt es in den Unterlagen. Sigint bedeutet nachrichtendienstliche Informationsgewinnung. Weiter heißt es, dass der BND “positiv auf die NSA-Bitte nach einer Kopie von Mira4 und Veras” geantwortet habe.

    Der BND teilte am Abend als Reaktion auf den SPIEGEL-Bericht mit, er arbeite seit über 50 Jahren mit der NSA zusammen, insbesondere bei der Aufklärung der Lage in Krisengebieten. Diesem Ziel diene auch die Kooperation in Bad Aibling, die seit mehr als zehn Jahren erfolge und auf gesetzlicher Grundlage stattfinde. Personenbezogene Daten deutscher Staatsangehöriger würden nur im Einzelfall übermittelt.

    03. August 2013, 18:06 Uhr

    Find this story at 3 August 2013

    © SPIEGEL ONLINE 2013

    NSA-Skandal empört Datenschützer; Schaar will Schnüffel-Server notfalls persönlich aufspüren

    Die NSA soll für ihre Schnüffelei auch Server in Deutschland nutzen. Datenschützer Peter Schaar verlangt darüber Auskunft von den Telekomanbietern. Weil diese schweigen, droht er mit Kontrollbesuchen.

    “Die Tätigkeit von ausländischen Nachrichtendiensten auf deutschem Boden muss geklärt werden”: Deutschlands oberster Datenschützer Peter Schaar.

    Die USA halten uns hin, die Bundesregierung weiß angeblich von nichts und Kanzlerin Merkel gibt sich mit solchen Details nicht ab: Manchmal scheint es, als wäre der Bundesdatenschutzbeauftragte Peter Schaar der einzige Offizielle, der wirklich an der Aufklärung der NSA-Spähaffäre interessiert ist. Tief besorgt über die offenbar fast grenzenlosen Möglichkeiten zur Überwachung des Internets durch den US-Auslandsgeheimdienst zeigte sich Deutschlands oberster Datenschützer am Freitag in der ARD. “Das versetzt uns in Alarm, zurecht”, sagte Schaar. Das Programm “XKeyscore” sei “nicht nur so ein Stück Software”. Es handele sich offensichtlich um ein System, das aus einem Programm und weltweit verteilten Servern besteht.
    Anzeige

    “Was mich besonders beunruhigt, sind die Meldungen darüber, dass es auch in Deutschland entsprechende Server geben soll, über die entsprechende Informationen über den Internetverkehr abgegriffen werden”, erklärte Schaar. Dieser Frage gehe er derzeit nach. Er habe sich an die entsprechenden Telekommunikationsunternehmen gewandt – aber “bisher kaum Antworten gekriegt”. Er und seine Mitarbeiter hätten jedoch das Recht, sich dies vor Ort anzuschauen, warnte der Bundesbeauftragte die Telekomanbieter. “Und gegebenenfalls werden wir davon auch Gebrauch machen.”

    Von der Bundesregierung erwartet er dabei offenbar mehr Unterstützung und ein selbstbewussteres Auftreten gegenüber der US-Regierung und der NSA: “Auch die Tätigkeit von ausländischen Nachrichtendiensten auf deutschem Boden, etwa im Rhein-Main-Gebiet, wo sich die wichtigsten Internetknoten befinden, muss geklärt werden”, forderte er in der “Berliner Zeitung”.
    “Unsere Grundrechte werden ausgehebelt”

    Die eigene Regierung griff Schaar in der NSA-Affäre ungewöhnlich scharf an. “Wie Herr Pofalla zu sagen, die deutschen Nachrichtendienste hielten zu 100 Prozent den Datenschutz ein, ist sehr mutig”, sagte er der Zeitung mit Bezug auf die jüngsten Beschwichtigungen von Kanzleramtsminister Ronald Pofalla (CDU). “Wenn Sie meine Tätigkeitsberichte lesen, werden Sie feststellen, dass da auch nicht alles zu 100 Prozent datenschutzkonform gelaufen ist.”

    Da in- und ausländische Nachrichtendienste ihre Informationen offenbar austauschten, bestehe der begründete Verdacht, “dass auf diese Weise unsere Grundrechte ausgehebelt werden, selbst wenn es bei uns eine gesetzliche Begrenzung auf 20 Prozent der Übertragungskapazität gibt”. Klärungsbedarf sieht Schaar nach wie vor, da nicht nur das Parlamentarische Kontrollgremium – in dem Pofalla jüngst vorgesprochen hatte – Anspruch auf Informationen habe. “Wir brauchen mehr Transparenz”, sagte er der Zeitung, “nicht nur gegenüber Geheimgremien, sondern in der Öffentlichkeit”. Eine Kontrolle im Geheimen sei nur “sehr begrenzt wirksam”.
    “Ich habe Friedrichs Äußerung nicht verstanden”

    Tadelnde Worte richtete Schaar auch an Bundesinnenminister Hans-Peter Friedrich (CSU), der im Zusammenhang mit den aufgedeckten Überwachungsprogrammen von einem “Supergrundrecht” auf Sicherheit gesprochen hatte. “Ich habe diese Äußerung nicht verstanden”, sagte der zum Jahresende aus dem Amt scheidende Datenschutzbeauftragte. “Es gibt im Grundgesetz ein einziges Supergrundrecht, und das ist die Menschenwürde.” Sicherheit sei wichtig, dürfe aber nicht über allem stehen. Schaar zufolge muss eine Demokratie den Anspruch haben, “hier steuernd einzugreifen und die Überwachung zurückzufahren”.

    2. August 2013, 11:32 Uhr

    Find this story at 2 August 2013

    © stern.de

    NSA: permission to spy in Germany

    Germany has been under surveillance by the United States for decades, and German leaders have been fully aware of it, says historian Josef Foschepoth. The reason? Secret post-war accords.

    Deutsche Welle: The NSA spy scandal continues to ruffle feathers in Germany, Mr. Foschepoth. As a historian, you say the surveillance has been going on since the early days of post-war Germany. So, the revelations of Edward Snowden were not a surprise to you?

    Josef Foschepoth: No, not really. I was surprised instead by the initial reactions, in particular, from the political side. They were as if this had happened for the first time, as if it was something terribly bad and unique. But that is not the case. From my own research, I know that this happened countless times in the 1960s in Germany.

    How do you explain the rather low-key response from the German government?

    Well, such affairs are always very uncomfortable because they bring to light something that had functioned in the shadows. And this function should not be disturbed, so it’s played down. But now, this is no longer the case because it is an instance of severe and intensive surveillance. And moreover: it has been conducted by a friendly state.

    This surveillance, as you’ve said, has been going on for decades, since the beginning of the Federal Republic of Germany in 1949. What rights did the occupation forces – among them, the Americans – have at that time?

    Let’s be clear that the victorious forces were in Germany to occupy the country. They wanted to make sure that Germany would never again be a threat as it was during the Nazi dictatorship. But, after the victory over Nazi Germany, a further conflict began with the Soviet Union and the Cold War was born. It was a two-fold conflict that required a new strategy from the United States. A policy of double containment ensued: containment of the Soviet Union on the one hand and Germany on the other. And an essential element of this policy was surveillance.

    The so-called General Treaty, which regulated ties between Germany and the three allied powers, went into effect in 1955. The Federal Republic was to have the full powers of sovereignty over its domestic and foreign affairs. What did that mean for the surveillance strategy of the Americans?

    These formulations, of course, are always very nice and are meant for the public, more than anything. Ten years after the end of World War Two, the Germans felt the fundamental urge to be a sovereign state once again. But that was not the case at all because in the treaties from 1955 – it was volumes of treaties – were secret supplemental agreements which guaranteed key rights for the Western allied forces; among them, the right to monitor telephone and postal communications.

    What was the motivation for the German side behind all this?

    The Americans exerted massive pressure. They did not want to give up this territory, which was geostrategically important for its surveillance operations. German leaders, of course, wanted to be able to say that we now had a bit more sovereignty; in other words, a few strokes for the reawakening national psyche. Of course, what they didn’t say was we had to accept the same circumstances we had in the past under the occupation in the future as well, due to the international treaties and secret agreements. And these agreements are still valid and binding for every German government, even today.

    How could these agreements survive all these years?

    They were secret. The US had build a little America with its bases, in which the German government could not govern. When then-chancellor Helmut Kohl worked to clinch German reunification, he realized that this issue was a little difficult and controversial, so he said let’s just ignore it, and so, there were no negotiations over America’s special status rights. Therefore, these supplemental agreements are still in effect.

    Chancellor Merkel stresses that Germany is not a ‘big brother’ society. You say that Germany is one of the most closely monitored countries in Europe.

    The phrase ‘big brother society’ is certainly a bit polemical. But let me put it this way: The fall from grace happened in 1955 when Konrad Adenauer agreed to the special status rights in negotiations with the allied forces. The recognition of these rights by the chancellor meant that there was no going back to the sanctity and privacy of post and telecommunications, as it is written in the German constitution. That is how the large German-allied intelligence complex arose.

    That is interesting in that Germans are known for being very private about their data and it’s why they put great emphasis on data privacy.

    In the early years of the Federal Republic that was even more pronounced than it is today. That is why it was kept secret in the first place.

    Professor Josef Foschepoth is a historian at the University of Freiburg and author of the book “Überwachtes Deutschland. Post- und Telefonüberwachung in der alten Bundesrepublik” (Vandenhoeck & Ruprecht, Göttingen, 2012)

    Find this story at 29 July 2013

    © 2013 Deutsche Welle

    Rumors of NSA surveillance outpost in Wiesbaden persist

    Is a new building under construction at US Army headquarters in Wiesbaden also designed to house NSA spies? There are rumors, but the army says the facility is strictly for military intelligence units.

    One of the US Army’s most important facilities in Europe since the end of World War Two is in Wiesbaden, west of Frankfurt. During the Berlin blockade, this is where US planes took off in 1949 to supply Berlin with food, fuel and aid in what became known as the Berlin airlift. Today, the US Army in Europe (USAREUR) has its headquarters in Wiesbaden and is reportedly building a new military intelligence center that may also be used by the US National Security Agency (NSA.)

    The chief of Germany’s Federal Intelligence Service (BND), Gerhard Schindler, is said to have disclosed the plans during a closed-door meeting of parliament’s internal affairs committee. The BND, however, denied a subsequent German newspaper report on the planned surveillance outpost,and refused further comment.
    Mayor Gerich held lengthy talks with the US

    The army applied for a building permit for the high-tech structure, the Consolidated Intelligence Center (CIC), in 2008. The building is expected to be completed by the end of 2015, and will cost 124 million euros ($163 million). In the wake of mounting outrage at disclosures that the NSA was spying on allied governments and their citizens, Wiesbaden Mayor Sven Gerich wanted more information on the new surveillance outpost at Clay Barracks. Gerich met earlier this week for four hours of talks with Colonel David Carstens, commander of the US garrison in Wiesbaden.

    Friendly clarification

    The US military did not react angrily when asked about a possible NSA presence, the Wiesbaden mayor told DW. They understand how sensitive the issue is in Germany, Gerich said: “Colonel Carstens literally told me, this is purely a US Army facility, not an NSA facility.”

    But how credible is this information? “I do not have the impression that Colonel Carstens was lying,” the German mayor said, adding that the building was designed to house elements of a brigade currently at a base in Darmstadt. The US Army’s military intelligence brigade is being given better working conditions and more space to gather information for the safety of US troops in Europe. Larger structures, including antennas are not planned, Mayor Gerich said and made it clear that the city is in no position to object, anyway.
    The former NSA monitoring base in Bad Aibling near Munich

    New openness

    The meeting with the US military had an element of surprise, Gerich said. Media have reported the new surveillance structure in Wiesbaden will be completely sealed off, with access only by US personnel and even construction firms and material shipped from the US. However, it appears this secrecy is to be loosened somewhat by new information polices to accommodate concern among the population. Colonel Carstens offered to invite the media once construction of a good part of the surveillance center was finished. He wants people to realize that there are no subterranean facilities.
    Under certain circumstances the German government could have the site shut down

    The NSA site in Griesheim near Darmstadt has quite a few underground, or secret, facilities. Intelligence groups formerly set up in the Bavarian town of Bad Aibling work at the so-called Dagger Complex. That facility was closed in 2004, due to political pressure by former Bavarian state premier Edmund Stoiber. There was concern American intelligence services were using the Echelon intelligence collection and analysis network at the Bad Aibling station for industrial espionage in Germany. “They did not just have an eye on the Balkans, Afghanistan and Iraq,” German espionage expert Erich Schmidt-Eenboom told Deutsche Welle.

    Probably no NSA in Wiesbaden

    According to the expert, the Griesheim units are predominantly involved in satellite tracking. Depending on intelligence priorities, satellites are repositioned in their orbit, and moved to cover new areas of a crisis. NSA experts help with the data analysis. “If it is true that the Griesheim unit is not being moved to Wiesbaden, the information the US colonel gave the mayor is correct: NSA staff will not be working in the new surveillance building,” Schmidt-Eenboom said. The Wiesbaden mayor’s office confirmed authorities always noted military intelligence units from Darmstadt would move to Wiesbaden, there was never mention of the NSA in Griesheim .
    Satellite trackers reposition satelites

    Schmidt-Eenboom pointed out, however, that should the US Army’s information turn out to be false after all, the German government has the right to demand the site be shut down. Under the NATO Status of Forces Agreement, intelligence installations are not meant to provide protection to one individual nation, but to all member states.

    Should US spying activities actually target Germany, a difficult situation would arise – in theory. In reality, according to information spread by US whistleblower Edward Snowden, German and American intelligence services cooperate closely. Thus, and despite official disclaimers, experts are convinced NSA workers come and go at US bases across Germany.

    Date 26.07.2013
    Author Wolfgang Dick / db
    Editor Gregg Benzow

    Find this story at 26 July 2013

    © 2013 Deutsche Welle

    Police investigate ‘United Stasi of America’ artist

    Berlin police are investigating whether an artist who projected “United Stasi of America” onto the US embassy in the German capital earlier this week could be charged with a criminal offence.

    German artist Oliver Bienkowski projected the message, along with a picture of internet tycoon and online activist Kim Dotcom onto the US embassy in Berlin on Sunday night.

    He was likening reported sweeping internet surveillance by Washington and London to spying by the former East German secret police. And while the image was projected onto the building for 30 seconds on Sunday night, the action has caused quite a stir.

    An investigation has been launched into whether the action constituted “slander against the organizations and representatives of a foreign state,” the Berlin-based Der Tagesspiegel newspaper reported on Thursday.

    Bienkowski’s lawyer Fabian Eickstädt pointed out that the projection was onto the US embassy, which is technically US territory. “For me it is not even clear whether German law would apply,” he said.

    And Der Tagesspiegel said that a criminal case of slander could only be launched if the victim were to make a formal complaint. The US embassy told the paper it had no interest in a prosecution.

    While Dotcom had no problem claiming the projection. “I defaced the U.S. embassy in Berlin with a truth-projection last night. 0Wned!” he tweeted. The video on YouTube has garnered nearly 80,000 hits.

    Dotcom, a German national, is the founder of file-sharing website Megaupload that was shut down by US authorities who seek to extradite him on charges of racketeering, fraud, money laundering and copyright theft.

    Dotcom, born Kim Schmitz, denies any wrongdoing and is free on bail in New Zealand ahead of his extradition hearing.

    US intelligence leaker Edward Snowden, in limbo at a Moscow airport, is also seeking to evade US justice after leaking explosive details about a vast US electronic surveillance programme and bugging of European missions.

    Germany has reacted with particular alarm to the revelations about the US and British spy programmes, given its history of state surveillance under the Nazis and the communist East German regime.

    Published: 11 Jul 2013 11:51 CET | Print version

    Find this story at 11 July 2013

    © The Local Europe GmbH

    Im Namen von „Kim Dotcom“ bestrahlte er die US-Botschaft; Dieser Freimaurer verübte den Licht-Anschlag

    Berlin – Er ist bekennender Freimaurer, Sympathisant der Hacker-Gruppe „Anonymous“ – und er hat den Licht-Anschlag auf die US-Botschaft in Berlin für „Kim Dotcom“ verübt.

    Oliver Bienkowski (31), Chef einer Düsseldorfer Guerilla-Werbeagentur, projizierte den Schriftzug „United Stasi of America“ auf das Botschaftsgebäude. Für die Aktion brauchte er mehrere Wochen Vorbereitung, dazu drei Tage lang in der Hauptstadt, um sich den Ort anzuschauen.

    Sonntagnacht schlägt er zu: Plötzlich blitzt gegenüber dem Berliner Holocaust-Mahnmal die Licht-Botschaft auf. Darunter ein Bild von Internet-Betrüger Kim Schmitz (39), alias „Kim Dotcom“.

    ► Die Licht-Parole auf der US-Botschaft soll ein Protest gegen die Abhör-Aktivitäten der USA sein. Und weil Bienkowski ein Fan von „Kim Dotcom“ ist, schrieb er ihm per Mail von der Idee. Bienkowski zu BILD.de: „Er hat gesagt, dass wir sein Bild benutzen dürfen. Der Slogan stammt von ihm.“ Hacker „Kim Dotcom“ lebt in Neuseeland und betrieb dort die illegale Daten-Tauschbörse „Megaupload“.

    Der Licht-Anschlag kostete 5000 Euro, inklusive digitalem Beamer. Bienkowski hat alles aus eigener Tasche bezahlt. Auf YouTube stellte der Künstler ein Video der Aktion ein.

    Schließlich wurde er von der Polizei verjagt, eine Anzeige fürchtet der Lichtmaler, wie er sich nennt, aber nicht. Für die Grünen strahlte er bereits das Kanzleramt an, beim „Festival of Lights“ zauberte er einen Regenbogen aufs Brandenburger Tor.

    „Kim Dotcom“ freute sich seinerseits über die Aufmerksamkeit und postete den ersten BILD-Artikel bei Twitter.

    Ein Sprecher der US-Botschaft über die Aktion: „Sehr lustig, aber wer so einen Vergleich anstellt, kennt weder die Stasi noch Amerika.“

    08.07.2013 – 18:09 Uhr
    Von SOLVEIG RATHENOW

    Find this story at 8 July 2013

    © BILD.de

    System XKeyscore: US-Privatfirmen suchen Überwachungsfachleute

    Das Spionagewerkzeug XKeyscore, das NSA und BND einsetzen, hat viele Fans – auch in privaten US-Unternehmen. In Stellenanzeigen suchen die Firmen ganz offen nach Fachleuten für diverse NSA-Programme. Wichtige Einstellungsbedingung: ein bestandener Lügendetektortest.

    Washington/Fort Meade – Die National Security Agency ist eine gewaltige Behörde. Der “Washington Post” zufolge arbeiten derzeit etwa 33.000 Menschen für den US-Geheimdienst, der auf Spionage, Verteidigung und Angriff in Netzwerken spezialisiert ist. Die NSA unterhält nicht nur eine riesige Zentrale in Fort Meade, Maryland, sondern auch noch zahlreiche Stützpunkte in den USA und anderswo. Im britischen Menwith Hill sollen demnächst bis zu 2500 NSA-Bedienstete arbeiten. In Bluffdale, Utah, baut der Geheimdienst derzeit das vermutlich größte Rechenzentrum des Planeten.

    Doch all diese Einrichtungen sind nur ein Teil des tatsächlichen Geheimdienstapparats – andere Teile der US-Sicherheitsarchitektur sind längst outgesourct. In einem großangelegten Bericht über diese Schattenbranche schätzte die “Washington Post” schon 2010, dass von 854.000 Personen mit der Sicherheitsfreigabe “Top Secret” 265.000 Vertragsangestellte von Privatunternehmen waren.

    Noch immer suchen sowohl die NSA als auch die knapp 500 privaten Firmen, mit denen sie zusammenarbeitet, ganz offen nach weiterem Fachpersonal für Überwachung, Spionage und Cyberwar. Eine ganze Reihe von Stellenanzeigen der NSA selbst für Positionen etwa im Bereich Computer Network Operations beginnt jeweils mit der gleichen, erstaunlich offenen Passage:

    “Unsere Nation ist in eine neue Ära eingetreten, die tiefgreifende Veränderungen hinsichtlich der Operationsweise der National Security Agency mit sich bringt. Die explosive Ausbreitung des World Wide Web verlangt nach einer Mission im Bereich Computer Network Operations. Diese wichtige Mission besteht aus drei Teilen: Netzwerkverteidigung, Netzwerkattacken und Erschließung von Computernetzwerken. Um diese Funktionen zu erfüllen, sucht die NSA Menschen, die mit hoher Sachkunde und Leidenschaft den Krieg im Cyberspace gewinnen wollen.”

    Dass der Geheimdienst den “Krieg im Cyberspace” als gegeben betrachtet, lässt tief blicken. Die NSA verschickt solche Stellenanzeigen sogar über einen eigenen Twitteraccount.

    Doch die NSA selbst ist bei weitem nicht die einzige Organisation, die in Online-Stellenanzeigen freimütig mit dem eigenen Bedarf an Arbeitskräften hausieren geht. Eine ganze Reihe von Unternehmen sucht beispielsweise Analysten, Techiker, Programmierer, die mit dem als streng geheim eingestuften System XKeyscore umgehen können, das SPIEGEL-Informationen zufolge auch der Bundesnachrichtendienst (BND) und der Verfassungsschutz (BVF) einsetzen.

    Doch nicht nur nach Fachleuten im Umgang mit dieser NSA-Software wird gesucht. In zahlreichen Stellenanzeigen tauchen Programmnamen auf, die man von den bislang publizierten NSA-Folien – etwa über das Prism-Programm – kennt. Andere stehen auf einer Liste mit NSA-Programmnamen, die der Geheimdienst-Fachmann William Arkin schon im März 2012 veröffentlichte.

    Einige Beispiele:

    Der Rüstungskonzern L3 Communications (nicht zu verwechseln mit dem Telekommunikationskonzern Level 3 Communications) sucht für seine Sicherheitssparte einen Systems Integration Engineer am Standort Maryland / Fort Meade – dort ist auch die NSA zu Hause. Mit Programmen wie XKeyscore sollte sich der Bewerber auskennen, vor allem mit dem Entwickeln von Zusatzprogrammen, sogenannten Plug-ins.
    Als Netzwerk-Spezialist ist man gefragt bei Tasc. Die Firma mit mehreren tausend Mitarbeitern und laut “Washington Post” schon 2009 einem Jahresumsatz von zwei Milliarden Dollar bietet IT-Lösungen für Geheimdienste und Militär an. Mitbringen sollen Bewerber Kenntnisse von NSA-Programmen wie XKeyscore, Tuningfork, Discoroute oder Marina. Letzteres dient den Prism-Folien zufolge der Auswertung von Internetverbindungsdaten. Die potentiellen Mitarbeiter werden mit der Aussicht gelockt, “Schutz und Sicherheit zu verbessern und die Grundwerte der Gesellschaft zu schützen”.
    Das Unternehmen CyTech sucht einen Analysten, der sich auf das Auswerten verschiedener Quellen versteht – mit NSA-Programmen wie Anchory/Maui, Pathfinder oder Skywriter. Pluspunkte sind Kenntnisse von Pinwale und XKeyscore. Pinwale ist ein Analyseprogramm für Video-Inhalte, das ebenfalls auf den Prism-Folien auftaucht.

    Die Liste ließe sich fortsetzen: Auch andere einschlägige Unternehmen wie Saic, Raytheon oder BAE Systems suchen nach qualifizierten Fachkräften für Überwachungssoftware, die man nun als NSA-Werkzeuge kennt. Umgekehrt preisen im Business-Netzwerk LinkedIn Dutzende Mitglieder ihre Erfahrung mit XKeyscore und anderen NSA-Programmen als Qualifikation an.

    Was Bewerber in der Regel mitbringen müssen: eine Sicherheitsfreigabe “mit Lügendetektor”. Die Kandidaten müssen Dokumente der höchsten Geheimhaltungsstufe einsehen dürfen, außerdem eine Überprüfung durchlaufen haben, um auch mit besonders gesicherten Informationen zu arbeiten.

    Auch auf den XKeyscore- und den Prism-Folien steht stets “Top Secret” – die Unternehmen aus dem Dunstkreis der US-Geheimdienste suchen dennoch ganz offen nach Fachleuten. Womöglich nach solchen, die wiederum die NSA selbst ausgebildet hat. Für sein “Digital Network Exploitation Analyst Development Program” (DDP) wirbt der Geheimdienst etwa mit den Worten: “Wegen ihres Fachwissens und der Bandbreite ihrer Erfahrungen herrscht intensive Nachfrage nach Personen mit einem Abschluss in diesem Programm.”

    Tatsächlich wandern ständig junge, gut ausgebildete Leute von den US-Diensten zu privaten Unternehmen ab, die einfach besser bezahlen – um dann über Outsourcing-Verträge doch wieder für NSA oder CIA zu arbeiten. So war es auch bei Edward Snowden: Er arbeitete für die CIA, bevor er sich von der privaten Firma Booz Allen Hamilton anheuern ließ, um dann für ein sechsstelliges Gehalt als Systemadministrator zu arbeiten. Bis er sich mit Tausenden NSA-Dokumenten aus dem Staub machte.

    22. Juli 2013, 18:08 Uhr
    Von Christian Stöcker und Ole Reißmann
    Mitarbeit: Judith Horchert

    Find this story at 22 July 2013

    © SPIEGEL ONLINE 2013

    ‘Key Partners’; Secret Links Between Germany and the NSA

    Chancellor Angela Merkel has repeatedly said she knew nothing about American surveillance activities in Germany. But documents seen by SPIEGEL show that German intelligence cooperates closely with the NSA and even uses spy software provided by the US. By SPIEGEL

    It was a busy two days for the surveillance specialists of the Bundesnachrichtendienst (BND), Germany’s foreign intelligence agency. At the end of April, a team of 12 senior BND officials flew to the United States, where they visited the heart of the global American surveillance empire: the National Security Agency (NSA). The purpose of their mission can be read in a “top secret” NSA document which SPIEGEL has seen — one of the trove of files in the possession of whistleblower Edward Snowden.

    According to the document, BND President Gerhard Schindler repeatedly expressed an “eagerness” to cooperate more closely with the NSA. The Germans, the document reads, were looking for “guidance and advice.”

    Their wish was fulfilled. Senior employees with the NSA’s Foreign Affairs Directorate were assigned to look after the German delegation. The Americans organized a “strategic planning conference” to bring their German partners up to speed. In the afternoon, following several presentations on current methods of data acquisition, senior members of a division known as Special Source Operations, or SSO, spoke to their German guests. The SSO, one of the most secretive groups within the intelligence community, is the division that forms alliances with US companies, especially in the IT sector, for data mining purposes. Snowden describes this elite unit as the NSA’s “crown jewels”.

    The journey to Washington wasn’t the first educational trip by German intelligence officials across the Atlantic this spring — nor was it the last. Documents from Snowden that SPIEGEL has seen show that cooperation between Berlin and Washington in the area of digital surveillance and defense has intensified considerably during the tenure of Chancellor Angela Merkel. According to one document, the Germans are determined to “strengthen and expand bilateral cooperation.”

    Completely Unaware?

    This is awkward news for Merkel, who is running for re-election as the head of the center-right Christian Democrats. The German campaign had been relatively uneventful until recently, but now a new issue seems to have emerged: the Americans’ lust for data. Opposition politicians have intensified their attacks in recent days. First Peer Steinbrück, the Social Democratic candidate for the Chancellery, accused Merkel of having violated her oath of office for failing to protect the basic rights of Germans. Not long later, SPD Chairman Sigmar Gabriel referred to Merkel as a “spin doctor who is trying to placate the population.” According to Gabriel, it has since been proven that the German government knew about the NSA’s activities.

    But the attacks from the SPD are not the chancellor’s biggest worry; the real threat comes from within. At a very early juncture, Merkel insisted that her government had been completely unaware of the NSA’s activities. It is a position she reiterated before starting her summer vacation last Friday.

    She will now be judged on the basis of those statements. Internally, Merkel’s advisors argue that she had no choice but to take such a clear position. After all, both the head of the BND and the president of the Federal Office for the Protection of the Constitution (BfV), Germany’s domestic intelligence agency, had said that they had had no detailed knowledge of the Prism surveillance program and the extent of American data collection. On what basis could Merkel have contradicted them?

    But with each day, fears are growing at the Chancellery that a paper could eventually turn up that clearly shows the government’s knowledge of the NSA activities.

    But does that really matter? What is worse? To be governed by a cabinet that conceals its connivance from citizens? Or to have a chancellor and ministers whose intelligence agencies exist in a parallel world, beyond the supervision of the government and parliament? Internal NSA documents show that the Americans and German intelligence agencies are cooperating more closely than previously known. The repeated assertions by the government and intelligence agencies in recent weeks that they were not fully aware of what US surveillance specialists were doing appear disingenuous in the extreme in light of the documents SPIEGEL has seen from the collection secured by Snowden.

    ‘Key Partners’

    According to those documents, the BND, the BfV and the Bonn-based Federal Office for Information Security (BSI) all play a central role in the exchange of information among intelligence agencies. The NSA refers to them as “key partners.”

    The Americans provided the BfV with one of their most productive spying tools, a system called “XKeyscore.” It’s the same surveillance program that the NSA uses to capture a large share of the up to 500 million data sets from Germany, to which it has access each month, according to internal documents seen and reported on by SPIEGEL on the first of this month.

    The documents also reveal the lengths to which the German agencies and German politicians were willing to go to develop an even closer relationship with the Americans. This is especially applicable to the G-10 law, which establishes the conditions under which surveillance of German citizens is permissible. In one classified document — under a section titled “Success Stories” — it reads: “The German government modifies its interpretation of the G-10 privacy law … to afford the BND more flexibility in sharing protected information with foreign partners.”

    The claim that German intelligence agencies knew nothing was already hard to believe given that they have been cooperating with American agencies for decades. According to an NSA document from this January, cooperation between the offensive divisions of the NSA and the BND’s “Technical Reconnaissance” unit began long ago in 1962.

    The Americans are extremely satisfied with the Germans. For decades, Washington poked fun at the conscientious German spies, who always had a legal decree on hand to justify why they were regrettably unable to participate in an especially delicate operation. This was a source of annoyance to the Americans, but ultimately they had no choice but to accept it.

    More recently, however, that has changed, as the Snowden documents indicate: The German bureaucrats have become real spies.

    During the course of 2012, in particular, the Germans showed great “eagerness and desire” to improve their surveillance capacities and even “to take risks and to pursue new opportunities for cooperation with the US,” according to the NSA documents to which SPIEGEL was given access.

    A Close Link

    The shift to a more offensive German security policy began in 2007, when Merkel’s conservatives were in power in a coalition with the SPD, the so-called “Grand Coalition.” Based on information the NSA had passed on to the BfV, German authorities discovered a group of Islamists led by convert Fritz Gelowicz, known as the Sauerland cell. Gelowicz and several of his friends had planned to detonate bombs in Germany. To this day, the German government is grateful to the Americans for the tip.

    According to the NSA document, the successful operation created “a significant level of trust” between the NSA and the BfV. Since then, the document reads, there have been “regular US-German analytic exchanges and closer cooperation in tracking both German and non-German extremist targets.” The documents show that the NSA also provided several training sessions for BfV agents. The aim was “to improve the BfV’s ability to exploit, filter and process domestic data.” The hope was to create interfaces so that data could be exchanged on a larger scale — a cooperation “that could benefit both Germany and the US,” the paper reads.

    The pact also intensified on German soil. An NSA analyst accredited as a diplomat at the US Embassy in Berlin uses an office at the BfV once a week. According to the document, the analyst’s job is to “nurture” the thriving relationship with the BfV. The agent also “facilitates US requirements.” In addition, the Germans set up a “communications link” to the NSA to improve ties between agencies.

    Personal relationships also intensified. In May alone, just a few weeks before the Snowden revelations began, BfV President Hans-Georg Maassen, Interior Minister Hans-Peter Friedrich and the 12-member BND delegation paid a visit to NSA headquarters. In the same month, NSA Director General Keith Alexander traveled to Berlin, where he made a stop at the Chancellery, which supervises the BND.

    The cooperation went beyond high level visits. According to the papers from the Snowden files which SPIEGEL has seen, the NSA provided the BfV with XKeyscore, and BND officials were also very familiar with the tool, given that their job was to instruct their counterparts with German domestic intelligence on how to use the spy program. The main reason the BfV was to be provided with XKeyscore was to “expand their ability to support NSA as we jointly prosecute CT (counter-terrorism) targets.”

    A “top secret” presentation dated Feb. 25, 2008, which almost reads like an advertising brochure (the American spies are apparently very proud of the system), reveals all the things XKeyscore was capable of doing already five years ago.

    NSA Pleased with German ‘Eagerness’
    According to the presentation, the system is easy to use and enables surveillance of raw data traffic “like no other system.”

    An NSA transparency titled “What is XKeyscore?” describes a buffer memory that enables the program to absorb a “full take” of all unfiltered data for a number of days. In other words, XKeyscore doesn’t just track call connection records, but can also capture the contents of communication, at least in part.

    In addition, the system makes it possible to retroactively view which key words targeted individuals enter into Internet search engines and which locations they search for on Google Maps.

    The program, for which there are several expansions known as plug-ins, apparently has even more capabilities. For instance, “user activity” can be monitored practically in real time and “anomalous events” traced in Internet traffic. If this is true, it means that XKeyscore makes almost total digital surveillance possible.

    From the German perspective, this is especially troubling. Of the roughly 500 million data sets from Germany to which the NSA has access each month, XKeyscore captured about 180 million in December 2012.

    This raises several questions. Does this mean that the NSA doesn’t just have access to hundreds of millions of data sets from Germany, but also — at least for periods of days — to a so-called “full take,” meaning to the content of communication in Germany? Can the BND and the BfV access the NSA databases with their versions of XKeyscore, which would give them access to the data on German citizens stored in those databases?

    If this were the case, the government could hardly claim that it had no knowledge of the Americans’ vigorous data acquisition activities.

    German ‘Eagerness’ Is ‘Welcomed’

    SPIEGEL put these questions to both agencies and the Chancellery, but it received no answers on the use of the system. The BND merely issued a brief statement, saying that it was regrettably unable to comment publicly on the details of intelligence activities.

    The NSA and the White House were similarly curt in their responses to SPIEGEL inquiries, merely noting that they had nothing to add to the remarks President Barack Obama made during his recent visit to Berlin.

    The new revelations also shine a spotlight on the presidents of the BND and the BfV, Gerhard Schindler and Hans-Georg Maassen. Both men are relatively new in their positions. But BND President Schindler in particular, in office since January 2012, has already made his mark. He embodies the new, more offensive approach being taken by the foreign intelligence agency, which the NSA has expressly praised. Schindler’s “eagerness,” according to the NSA documents, was “welcomed” already in 2012.

    When he came into office, the outspoken head of the BND encapsulated the new willingness to take risks. Internally, he asked each BND department to submit three proposals for joint operations with the US intelligence agencies.

    Of course, there are also positive sides to this closer cooperation with the Americans. One of the BND’s responsibilities is to protect German soldiers and prevent terrorist attacks. Doing so adequately is impossible without help from the Americans. Conversely, the BND’s reputation has improved among US intelligence agencies, especially after it proved to be helpful in the Kunduz region of northern Afghanistan, where the German military, the Bundeswehr, is stationed. The Germans are now the third-largest procurer of information there.

    They don’t just share their information with the NSA, but also with 13 other Western countries. Some time ago, the agency brought its technical equipment in Afghanistan up to the latest standard. Results have been especially good since then, and the NSA is pleased.

    In recent years, the BND has had the capability to listen in on phone conversations on a large scale in northern Afghanistan, aiding in the arrests of more than 20 high-ranking members of the Taliban — including Mullah Rahman, once the shadow governor of Kunduz.

    Relaxed Interpretation of Privacy Laws

    According to an NSA document dated April 9, Germany, as part of the surveillance coalition in Afghanistan, has developed into the agency’s “most prolific partner.” The Germans are similarly successful in North Africa, where they also have special technical capabilities of interest to the NSA. The same applies in Iraq.

    But according to the documents, the German foreign intelligence agency went even further in its effort to please the Americans. “The BND has been working to influence the German government to relax interpretation of the privacy laws to provide greater opportunities of intelligence sharing,” the NSA agents noted with satisfaction in January.

    Indeed, when Schindler took office, BND officials were divided over whether it was legal to pass on information to partner intelligence agencies that had been obtained in accordance with the German G-10 law. Schindler decided that it was, and the United States was pleased.

    The surveillance base in Bad Aibling, a well-known American listening post in southern Germany, also shows how close ties are between the BND and the NSA. It was a symbol of technical espionage during the Cold War. Most recently, the NSA referred to the listening post by the code name “garlic.” Although the last parts of the base were officially handed over to the BND in May 2012, NSA officials still come and go.

    The NSA chief for Germany is still stationed at the local Mangfall Barracks. Some 18 Americans were still working at the surveillance station at the beginning of the year, 12 from the NSA and six working for private contractors. The office is expected to be scaled back during the course of the year, with the plans ultimately calling for only six NSA employees to remain at the base. According to the Snowden documents, their work will be to “cultivate new cooperation opportunities with Germany.”

    To be sure, intensive cooperation in counterterrorism activities is part of the core mission of Germany’s foreign intelligence agency. But did lawmakers know about the scope of cooperation with the Americans? And, if they did, since when?

    Making Things Worse

    So far, the BND has been able to count on support from the Chancellery for its new approach. But things seem to be changing. The surveillance scandal has the potential to shake public confidence in the German government and in Chancellor Merkel — and could negatively effect her chances for re-election.

    The NSA’s activities, of course, are not exactly driving the German people into the streets in droves. Nevertheless, revelations as to the extent of America’s surveillance abroad are chipping away at Merkel’s image as a reliable manager of the government. Some 69 percent of Germans are dissatisfied with her efforts to shed light on the issue, a number that has alarmed the Chancellery. Until the end of last week, Merkel had tried to distance herself from the subject, issuing only sparse statements. Instead of Merkel, Interior Minister Friedrich was expected to handle the delicate matter.

    But Friedrich only made things worse, returning largely empty-handed from his trip to Washington. Instead, he seemed extremely proud of the fact that he had been allowed to speak with US Vice President Joe Biden.

    To make matters worse, Friedrich had hardly returned to Germany before making the remark that “security” was a “Supergrundrecht,” a new concept that implies that security trumps other civil rights. A minister charged with upholding the constitution who suddenly invented an interpretation of the German constitution that suits the NSA’s purposes? At that moment, Merkel must have realized that she couldn’t leave things entirely to her interior minister.

    Last Friday, shortly before leaving for her summer vacation, Merkel unveiled an eight-point plan intended to provide more data security. But most of her points felt more like placebos. How, for example, are European intelligence agencies to agree on common data privacy guidelines if British and French intelligence agents are already snickering over the Germans’ obsession with data privacy?

    In a Bind

    Merkel is in a bind. On the one hand, she doesn’t want to give the impression that she is doing nothing about the Americans’ lust for information. On the other hand, this also brings the scandal closer to the chancellor. In the end, it will revolve around the question of how much the government knew about the Americans’ surveillance activities. Last Friday, the BND insisted, once again, that it had “no knowledge of the name, scope and extent of the NSA ‘Prism’ project being discussed.”

    But even if that’s true, Prism was only a part of the NSA’s surveillance system, and the new documents show that Germany was indeed extremely familiar with the agency’s comprehensive ability to spy. They benefited from it, and they wanted more.

    But Merkel claims that she knew nothing about the Americans’ surveillance software. “I became aware of programs like Prism through current news reports,” she told the left-leaning weekly newspaper Die Zeit last week. According to Merkel’s staff, when she uses such language, she is relying on statements made by the German intelligence chiefs.

    But what does that mean? Does the German government still have its intelligence agencies under control? Or have they become a kind of state-within-a-state?

    And who exactly keeps track of whether the agencies, in their zeal to enforce the “Supergrundrecht” of security, haven’t already gone too far?

    The place where the activities of domestic and foreign intelligence agencies ought to be debated is the Parliamentary Control Panel in the German Bundestag. By law, the government is required to regularly and “comprehensively” inform the 11 members of the board, which meets in secret, about the work of the BND and the BfV, and explain “procedures with special importance.”

    Oddly enough, the board has met four times since the beginning of the NSA scandal, and, four times, lawmakers have learned little about the global data surveillance programs. Instead, they were forced to listen to long-winded lectures by those responsible, the essence of which generally was: We really don’t know anything.

    Spotlight on Merkel

    Over the years, the board has mutated into a stage for large egos and is no longer particularly secret. The problem is that many panel members don’t have sufficient time or expertise to truly understand the kind of activities the intelligence agencies are engaged in. It is a perfect situation for Germany’s spies: The less the public learns about their activities, the more they can go about their business undisturbed.

    “Monitoring of the agencies is purely theoretical,” says Hans-Christian Ströbele, the Green Party representative on the board. “We don’t learn about the truly explosive issues until they’ve been exposed by the media.” This isn’t surprising, given the vagueness of statutory provisions on the supervision of intelligence agencies.

    The agencies enjoy “complete freedom,” says attorney Wolfgang Neškovi, who once spent many years on the control board for the Left Party. The CDU, its Bavarian sister party, the Christian Social Union (CSU), and the liberal Free Democratic Party (FDP) have now agreed to establish an intelligence body to monitor the intelligence agencies. But in light of recent events, CDU domestic policy expert Clemens Binninger believes that a “major solution” is needed. He favors the idea of a parliamentary intelligence official, to be provided with his own powers and staff.

    There is also growing mistrust of the intelligence agencies within Merkel’s government, a situation which led to a memorable scene in the federal press conference last Wednesday. According to a NATO document that had been circulated before the press conference, the German military was indeed aware of the existence of Prism. Government spokesman Steffen Seibert stated that it was the BND’s assessment that the program in question had nothing to do with NSA spy software. But he made sure to keep a distance from the intelligence agency’s assessment. Later, the Defense Ministry issued a statement of its own which directly contradicted the BND statement.

    It is an awkward situation for Merkel. In the midst of an election campaign, her government suddenly looks to be characterized by chaos. Of course, if it turns out that the intelligence agencies were deceiving her, she could clean house. BND chief Schindler would seem to be in the front of the firing line, with Ronald Pofalla, who, as Merkel’s chief of staff, is tasked with monitoring the intelligence agencies, not far behind.

    But the Chancellery staff has no illusions. The SPD and the Greens will continue putting Merkel in the NSA spotlight no matter what happens. “The chancellor is more interested in defending the interests of the US intelligence agencies in Germany than German interests in the United States,” says SPD Chairman Gabriel. It seems unlikely that the opposition will stand down any time between now and election day, on Sept. 22.

    BY RENÉ PFISTER, LAURA POITRAS, MARCEL ROSENBACH, JÖRG SCHINDLER and HOLGER STARK
    Translated from the German by Christopher Sultan
    07/22/2013 12:19 PM

    Find this story at 22 July 2013

    © SPIEGEL ONLINE 2013

    Nach Offenlegung von NSA-Unterlagen; BND und Verfassungsschutz haben Spähsoftware “getestet”

    Die Präsidenten der deutschen Geheimdienste haben Vorwürfe dementiert, wonach sie mittels NSA-Spähsoftware im großen Stil Daten gesammelt hätten. Die Software sei nur zu Testzwecken verwendet worden.

    Hans-Georg Maaßen, der Präsident des Bundesamtes für Verfassungsschutz, gerät nach Enthüllungen über eine in Deutschland verwendete NSA-Spähsoftware zusehends unter Druck

    Der Präsident des Bundesamtes für Verfassungsschutz (BfV), Hans-Georg Maaßen, und der Präsident des Bundesnachrichtendienstes (BND), Gerhard Schindler, haben sich gegen die Vorwürfe gewehrt, ihre Dienste hätten in großem Umfang mit dem US-Geheimdienst NSA (National Security Agency) zusammengearbeitet. Zu einem Bericht des Nachrichtenmagazins “Der Spiegel”, wonach das BfV NSA-Software zur großflächigen Ausspähung von Daten verwende, sagte Maaßen der Zeitung “Bild am Sonntag”, dass dies nur zur Testzwecken geschehe. Die zur Verfügung gestellte Software werde “derzeit” aber nicht für die Arbeit des BfV eingesetzt.
    Anzeige

    Auch BND-Chef Schindler sagte der Zeitung, es gebe keine “millionenfache monatliche Weitergabe von Daten aus Deutschland an die NSA” durch seinen Dienst. 2012 seien zwei einzelne personenbezogene Datensätze deutscher Staatsbürger an die NSA übermittelt worden. Die Zusammenarbeit mit der NSA habe er jüngst im Parlamentarischen Kontrollgremium vorgetragen.
    Riexinger fordert Suspendierung der Geheimdienst-Chefs

    “Der Spiegel” hatte am Samstag vorab aus seiner jüngsten Ausgabe berichtet, der Verfassungsschutz habe der NSA mit der Schnüffelsoftware “Xkeyscore” beim Datensammeln geholfen. Mit dem Programm könne unter anderem sichtbar gemacht werden, welche Begriffe eine Zielperson in eine Suchmaschine eingegeben habe. Auch sei das System in der Lage, teilweise auf Kommunikationsinhalte zuzugreifen.

    Der Vorsitzende der Partei Die Linke, Bernd Riexinger, forderte die Suspendierung Maaßens und Schindlers “bis zur vollständigen Klärung der Vorwürfe”. Alles spreche dafür, dass die deutschen Geheimdienste die “systematische Aushebelung von Grundrechten” betrieben hätten. Auch die Klärung der politischen Verantwortung müsse ohne Ansehen der Person vorangetrieben werden. Im kommenden Bundestag werde seine Partei deshalb die Einsetzung eines Untersuchungsausschusses beantragen, fügte Riexinger hinzu.
    Grüne fordern Änderung des Grundgesetzes

    Als Konsequenz aus der NSA-Datenaffäre fordern die Grünen eine Änderung des Grundgesetzes. In einem Beitrag für die “Frankfurter Rundschau” schreiben die Spitzenkandidaten Katrin Göring-Eckardt und Jürgen Trittin: “Was für Briefe gilt, muss für jede E-Mail und SMS gelten.” Deshalb wollen die Grünen “den Artikel 10 Grundgesetz – das Postgeheimnis – ausbauen, zu einem Kommunikations- und Mediennutzungsgeheimnis auch für die digitale Welt”.

    21. Juli 2013, 10:30 Uhr

    Find this story at 21 July 2013

    © stern.de

    Deutschland tiefer in US-Spionage verstrickt als angenommen; BND und Verfassungsschutz „testen“ NSA-Spähsoftware

    Der BND wisse seit Jahren von der nahezu totalen Datenerfassung
    Der Auslandsgeheimdienst BND und das Bundesamt für Verfassungsschutz nutzen laut eines Medienberichts eine Spähsoftware des US-amerikanischen Geheimdienstes NSA. Es gilt als eines der ergiebigsten Spionage-Programme und ermöglicht nahezu digitale Totalüberwachung.
    Was wissen Angela Merkel und ihre Minister in der Abhör-Affäre? Laut einem Bericht des Nachirchtenmagazins „Spiegel“ nutzen der Auslandsgeheimdienst BND und das Bundesamt für Verfassungsschutz eine Spähsoftware des US-amerikanischen Geheimdienstes NSA. Das berichtet das Magazin am Samstag auf seiner Internetseite. Das gehe aus geheimen Unterlagen der NSA hervor, die dem Magazin vorlägen. Demnach habe sich der BND um die Schulung des Verfassungsschutzes mit dem Umgang des Programms gekümmert. Der Verfassungsschutz, so das Magazin weiter, habe die NSA bei der Terrorbekämpfung unterstützt.

    Das System „XKeyscore“, um das es sich handele, sei ein ergiebiges Spionagewerkzeug, so der „Spiegel“ weiter. Es ermögliche die digitale Totalüberwachung und könne beispielsweise sichtbar machen, nach welchen Begriffen Zielpersonen im Internet gesucht haben. Von rund 500 Millionen Datensätzen aus Deutschland, auf die die NSA monatlich Zugriff habe, seien im Dezember 2012 etwa 180 Millionen von „Xkeyscore“ erfasst worden.

    Verantwortungslose Heuchelei
    In der Meldung des „Spiegel“ heißt es außerdem, dass sich die „Zusammenarbeit deutscher Dienste mit der NSA zuletzt intensiviert“ hätte. Weiterhin hätten die Amerikaner die deutschen Kollegen und den BND-Präsidenten Gerhard Schindler für ihren Eifer gelobt. In Afghanistan, so zitiert das Magazin aus einem internen Papier, sei der BND der „fleißigste Partner“ in Sachen Informationsbeschaffung. BND und Verfassungsschutz hätten sich auf Anfragen des „Spiegels“ aber nicht zum Einsatz des Spionagewerkzeugs geäußert.

    Die Hinweise auf eine Einbindung europäischer Nachrichtendienste in die Ausspähprogramme des US-Geheimdienstes NSA verdichten sich also. Nach Darstellung des früheren NSA-Chefs Michael Hayden im ZDF hatten die USA ihre Kooperation mit den Europäern nach den Anschlägen vom 11. September 2001 massiv ausgeweitet – und dabei keinen Zweifel an den Zielen gelassen: „Wir waren sehr offen zu unseren Freunden.“ Zu dieser Zeit regierten in Deutschland SPD und Grüne. Sie dringen nun auf rasche Aufklärung. Die CDU warf der Opposition deshalb „verantwortungslose Heuchelei“ vor.

    Samstag, 20.07.2013, 18:46
    dpa / Paul Zinken

    Find this story at 20 July 2013

    © FOCUS Online 1996-2013

    Merkel denies US spying ‘old news’ to army

    The German government Wednesday denied a report claiming that the nation’s military knew for years about the US surveillance programme PRISM revealed by fugitive former intelligence analyst Edward Snowden.

    Germany’s foreign intelligence service BND said that a separate programme with the same name existed for NATO forces in Afghanistan to share intelligence.

    The spokesman for Chancellor Angela Merkel, who faces elections on September 22, said he had no reason to doubt the BND statement.

    The issue is sensitive for Merkel, who said last week she only learnt about the scope of the US National Security Agency (NSA) snooping through media reports.

    Many Germans are angry that their emails, phone calls, web searches and other data have been captured and stored under the NSA programme.

    Any suggestion that the government failed to stop it or was complicit in it
    would spell political danger for Merkel, whose chancellery oversees Germany’s
    secret services.

    The mass-circulation daily Bild reported earlier that the German military
    command for northern Afghanistan had been informed of PRISM in September 2011

    in a letter from the Kabul command of the NATO-led International Security
    Assistance Force.

    According to Bild the letter mentioned that the programme was for phone
    and email surveillance and run by the NSA.

    However, the BND later said in a brief statement: “The programme referred
    to as PRISM in today’s Bild newspaper is a NATO/ISAF programme that is not
    identical to the PRISM programme of the NSA. It is also not classified as
    secret.”

    The BND also stressed that it “had no knowledge of the name, scope and extent of the NSA programme”.

    Merkel has testily told Washington that “we are not in the Cold War anymore” but also defended the role of secret services in keeping citizens safe and preventing terrorist attacks.

    Snowden, on the run from the US government, has been marooned at a Moscow
    airport since June 23 and on Tuesday filed an application for temporary asylum
    in Russia. Venezuela, Bolivia and Nicaragua have said they would be open to
    offering refuge to Snowden.

    Published: 17 Jul 2013 17:00 CET | Print version

    Find this story at 17 July 2013

    © The Local Europe GmbH

    Spähaffäre; Deutsche Geheimdienste außer Kontrolle

    Der NSA-Skandal geht in Woche sechs, doch die Aufklärung läuft schleppend. Die Spähaffäre wirft ein Schlaglicht auf das Geflecht von Bundesregierung, Parlament und Agenten-Apparat. Kann man Geheimdienste überhaupt kontrollieren?

    Berlin – Die Bundesregierung gerät im Skandal um amerikanische Spähaktivitäten zunehmend unter Druck – und zieht sich auf drei Formeln zurück. Erstens: Deutsche und ausländische Nachrichtendienste arbeiten zusammen. Zweitens: Von der Dimension der Spähprogramme habe man erst durch den Whistleblower Edward Snowden erfahren. Drittens: Details über die Arbeit deutscher Geheimdienste werden nicht öffentlich, sondern in Gremien beraten.

    In einem dieser Gremien ging die Debatte um die Spionageaffäre am Dienstag in die nächste Runde: Innenminister Hans-Peter Friedrich (CSU) war im Parlamentarischen Kontrollgremium zu Gast – eine vertraulich tagende Gruppe, die die deutschen Geheimdienste überwachen soll. Dreimal tagte das Gremium in den vergangenen Wochen. Viel klüger ist man allerdings noch immer nicht.

    Der NSA-Skandal wirft ein Licht auf das undurchsichtige Geflecht von Bundesregierung, Parlament und Geheimdiensten: Wer informiert wen? Kann man Nachrichtendienste überhaupt kontrollieren? Wie geht es jetzt weiter?

    Die wichtigsten Fragen und Antworten:

    1. Warum tagt das Gremium geheim?

    Die elf Mitglieder des Parlamentarischen Kontrollgremiums (PKG) setzen sich aus Innen- und Sicherheitsexperten aller Bundestagsfraktionen zusammen. Sie treffen sich in einem abhörsicheren, fensterlosen Raum in einem Nebengebäude des Reichstags, unweit der Kantine. Da die Arbeit der Geheimdienste naturgemäß geheim bleiben soll, ist die Gruppe zur Verschwiegenheit verpflichtet, auch gegenüber anderen Abgeordneten.

    Innenminister Friedrich berichtete am Dienstag dem PKG, was er während seines Besuchs in Washington an Informationen bekam. Ähnlich wie beim Bundessicherheitsrat, der über Rüstungsexporte entscheidet, dringen aber nur selten Details nach draußen, so auch dieses Mal.

    Bei der letzten Sitzung war Kanzleramtsminister Ronald Pofalla geladen, der unter anderem für die Koordinierung der Geheimdienste zuständig ist. Dazu die Chefs der drei Geheimdienste: Bundesnachrichtendienst (BND), Militärischer Abschirmdienst (MAD), Bundesamt für Verfassungsschutz (BfV). Die Grünen fordern, die Kanzlerin selbst müsse vor dem Gremium erscheinen. Das soll in absehbarer Zeit allerdings nicht passieren.

    Die Regierung muss das Gremium über die Arbeit der Geheimdienste und besondere Vorgänge unterrichten. Die Gruppe darf Geheimakten einsehen und Mitarbeiter der Dienste befragen.

    So weit die Theorie. In der Praxis kann die Arbeit frustrierend sein, denn was Bundesregierung und Geheimdienste für berichtenswert halten, entscheiden sie zunächst einmal selbst. Die Folge: Von wirklich heiklen Vorfällen oder möglichen Skandalen erfahren die Bundestagskontrolleure oft erst aus den Medien.

    2. Kann man Geheimdienste überhaupt kontrollieren?

    Zwar mag die Kontrolle hierzulande besser sein als anderswo. Doch eine echte Überwachung der Geheimdienste ist kaum möglich. Wie sollen elf Parlamentarier auch überblicken, was Zehntausende Agenten im In- und Ausland treiben?

    Der Grünen-Abgeordnete Hans-Christian Ströbele, Dienstältester im PKG, sagte einmal: “Wie sollen wir die Geheimdienste kontrollieren, wenn wir keine Informationen bekommen?” Der Abgeordnete Wolfgang Neskovic, der für die Linken bis 2012 im PKG saß, nannte das Kontrollniveau “erbärmlich”, das Gremium einen “Wachhund ohne Gebiss”. Geheimdienstler würden die Sitzungen als “Märchenstunde” verspotten.

    Neben dem PKG ist aber auch noch die beim Bundestag angesiedelte sogenannte G-10-Kommission für die Kontrolle der Geheimdienste zuständig. Der Name bezieht sich auf das “Gesetz zur Beschränkung des Brief-, Post- und Fernmeldegeheimnisses” (Artikel-10-Gesetz). Auch dieses Gremium tagt geheim. Es hat vier Mitglieder, die vom PKG bestellt werden. Sie müssen keine Bundestagsabgeordneten sein. Derzeit sitzt dem Gremium der SPD-Politiker Hans de With vor, der einst Parlamentarischer Staatssekretär im Justizministerium war.

    Die G-10-Kommission muss ihre Genehmigung erteilen, wenn Geheimdienste Computer oder Telefone anzapfen wollen, um deutsche Staatsbürger auszuspähen. Auch die Durchsuchung von Kommunikationsdaten nach bestimmten verdächtigen Schlagworten muss die Kommission genehmigen.

    2011 soll das Gremium den Inlandsgeheimdiensten insgesamt 156 Abhörmaßnahmen bewilligt haben. Die Gründe dafür sind im Gesetz festgelegt, unter anderem geht es um Terrorabwehr, Waffen- und Drogenschmuggel sowie organisierte Geldwäsche.

    Allerdings kann auch der Auslandsgeheimdienst BND bei der G-10-Kommission beantragen, im großen Stil Daten an den internationalen Internetknotenpunkten abzufischen. Eine flächendeckende Überwachung ist verboten, das Gesetz sieht eine Grenze von 20 Prozent vor. Die wird angeblich nicht ausgeschöpft, sondern “pendelt bei etwa fünf Prozent”, sagte jüngst Kommissionschef de With.

    3. Was wussten deutsche Agenten vom US-Lauschangriff?

    Darauf gibt es bislang keine abschließende Antwort. Die hiesigen Geheimdienstler sagen, sie hätten keine Hinweise darauf, dass an deutschen Kommunikationsknotenpunkten Daten abgesaugt wurden. Es gebe zwar eine Zusammenarbeit mit den US-Behörden. Über massenhafte Lauscheinsätze gegen deutsche Bürger sei man aber nicht informiert gewesen.

    Der Whistleblower Snowden hatte im SPIEGEL angegeben, deutsche und amerikanische Geheimdienste steckten in Sachen Internetüberwachung “unter einer Decke”. Auch ein Bericht der “Bild”-Zeitung wirft neue Fragen auf. Demnach wusste der BND angeblich seit Jahren von der nahezu kompletten Datenerfassung durch die Amerikaner und griff in Gefahrenlagen aktiv darauf zu.

    Derzeit kann nichts nachgewiesen, aber Zweifel können auch nicht ausgeräumt werden. Wenn deutsche Geheimdienste von den Aktionen der US-Dienste gewusst und diese möglicherweise unterstützt haben, wäre das nach deutschem Recht strafbar.

    4. Wie geht es jetzt weiter?

    Die Kanzlerin telefonierte mit US-Präsident Barack Obama, mehrere Fragenkataloge wurden verfasst, zwei Delegationen nach Washington geschickt. Zur Zeit wird gewartet: Darauf, dass die USA einige als geheim eingeordnete Dokumente deklassifizieren, also aus der Geheimhaltungsstufe herausheben. Von diesem Schritt verspricht sich Berlin Aufschluss über das Ausmaß der NSA-Aktivitäten. Weitere Besuche und Gespräche sind geplant.

    Teile der Opposition fordern einen parlamentarischen Untersuchungsausschuss. Schnelle Antworten gäbe es durch den aber auch nicht. Im EU-Parlament beschäftigt sich der Innenausschuss mit der Materie und will bis Ende des Jahres einen Bericht vorlegen. Zu einem Sonderausschuss konnte man sich in Straßburg nicht durchringen. Sechs Wochen nach den Enthüllungen sind also wichtige Fragen noch immer offen. Gut möglich, dass das Thema den Wahlkampf mitbestimmen wird – vor allem, wenn noch weitere Details herauskommen sollten.

    16. Juli 2013, 14:25 Uhr
    Von Annett Meiritz und Philipp Wittrock

    Find this story at 16 July 2013

    © SPIEGEL ONLINE 2013

    Daten über Entführte; Deutscher Geheimdienst profitierte von NSA-Sammelwut

    Noch immer behauptet die Bundesregierung eisern, sie habe von den US-Schnüffelprogrammen erst kürzlich erfahren. Nun wird klar, dass der BND schon vor Jahren gezielt in den USA nach gespeicherten Daten von entführten Deutschen fragte – und sie auch bekam.

    Berlin – Der Bundesnachrichtendienst (BND) hat in den vergangenen Jahren immer wieder von der Sammelwut der US-Geheimdienste im Internet profitiert und offenkundig von der kompletten Speicherung auch deutscher Daten gewusst. Unter Berufung auf US-Geheimdienstler berichtete die “Bild”-Zeitung am Montag, der deutsche Dienst habe bei Geiselnahmen im Jemen und Afghanistan in den vergangenen Jahren mehrfach gezielt um die von der NSA gespeicherten Internetdaten der Entführten gebeten. So sollten die letzten Kontakte der Gekidnappten und mögliche Hintergründe des Verschwindens recherchiert werden.

    Was sich wie eine selbstverständliche Amtshilfe unter befreundeten Diensten anhört, hat weitreichende Implikationen. Da der BND sich direkt wegen der gespeicherten Daten an die US-Kollegen wandte, müssen die Deutschen von dem Speicherprogramm der Amerikaner gewusst haben. Ebenso muss dem Geheimdienst klar gewesen sein, dass die USA auch deutsche Kommunikation standardmäßig speichern.

    Die neuen Fakten passen nicht zur angeblichen Ahnungslosigkeit der deutschen Regierung bis hoch ins Kanzleramt. Diesem ist der BND direkt unterstellt. Von dort ließ Kanzlerin Merkel noch in der vergangenen Woche mitteilen, sie habe erst aus der Presse vom Abhörprogramm Prism erfahren. Seit Anfang Juni enthüllt der Ex-Geheimdienstmitarbeiter Edward Snowden immer wieder Details über die Praktiken der internationalen Geheimdienste (eine Chronik der Affäre finden Sie hier).

    Für den BND waren die US-Daten sicherlich hilfreich. Bei Entführungen sind vor allem die letzten E-Mails und Telefongespräche wichtig. An ihnen kann man ablesen, ob die Opfer bedroht wurden, es geschäftliche Probleme im Vorfeld gab oder ob gar das Umfeld der Gekidnappten an der Verschleppung beteiligt sein könnte.

    Die Daten der NSA flossen laut “Bild”-Zeitung mehrfach in die Arbeit deutscher Krisenstäbe ein, um entführte Deutsche zu befreien. US-Regierungs- und Geheimdienstkreise betonen laut der Zeitung ebenfalls, dass der BND seit Jahren von der nahezu totalen Datenerfassung weiß, in Gefahrenlagen darauf zugreifen konnte – und dies auch aktiv tat.

    Auch in Zukunft sollen die Daten fließen

    Die Bundesregierung reagierte ausweichend auf diese Enthüllungen. Ein Regierungssprecher sagte lediglich, es sei “bekannt, dass es zwischen den deutschen Nachrichtendiensten und US-Diensten eine langjährige Kooperation gibt”.

    Tatsächlich aber bangen die Dienste derzeit um diese Kooperation. So bat Innenminister Hans-Peter Friedrich bei seiner US-Reise hinter verschlossenen Türen eindringlich, dass die USA trotz der Affäre auch in Zukunft NSA-Informationen weitergeben. Dies verlautete aus seinem Ministerium. Aus Friedrichs Sicht sind die US-Daten – ganz gleich wo sie herkommen – für die Gefahrenabwehr in Deutschland extrem wichtig. Öffentlich erwähnt hat er seine Bitte an die USA jedoch in keinem der vielen Statements während und nach der Reise.

    15. Juli 2013, 11:16 Uhr

    Find this story at 15 July 2013

    © SPIEGEL ONLINE 2013

    Indispensible Exchange; Germany Cooperates Closely with NSA

    German authorities insist they knew nothing of the NSA’s Internet spying operations. But SPIEGEL research shows how closely US and German agencies work together. The German opposition is asking uncomfortable questions 11 weeks ahead of a general election.

    Chancellor Angela Merkel’s government faces uncomfortable questions about German involvement in American and British Internet and telephone surveillance after whistleblower Edward Snowden told SPIEGEL that German agencies and the NSA are “in bed together.”

    With a general election due in 11 weeks, the controversy has opened up a new battleground in the campaign, and the opposition center-left Social Democrats (SPD) and the Green Party are charging onto it.

    SPD leader Sigmar Gabriel said it could be that Merkel “knows more than has become known so far.”

    Thomas Oppermann, a senior member of the SPD, called on the government to cancel surveillance cooperation agreements with the United States. Hans-Christian Ströbele, a lawmaker with the Greens, said he didn’t believe the government’s statements that it didn’t know about the spying.

    “For me it’s just a matter of time before the government admits something,” he told SPIEGEL ONLINE. Petra Pau of the Left Party said Merkel should stop “pretending she knew nothing.”

    For the last four weeks, the German government has been insisting that it didn’t know that the United States has spent years monitoring vast quantities of Internet traffic, emails and telephone calls.

    The parliament’s oversight committee monitoring German intelligence activities has met three times since the revelations came to light, and each time senior government representatives who had been called to testify shrugged their shoulders.

    The Federal Office for the Protection of the Constitution — Germany’s domestic intelligence agency — the BND foreign intelligence agency, and Merkel’s Chancellery were all apparently unaware of what has been going on. Interior Minister Hans-Peter Friedrich said he knew nothing but made clear that the data fishing by Germany’s American friends was bound to be OK. Criticism of it, he said, amounted to “anti-Americanism.”

    Germany Cooperates Closely With NSA

    But Snowden told SPIEGEL that the BND knew more about the activities of the NSA in Germany than previously known.

    SPIEGEL reporting also indicates that cooperation between the NSA and Germany’s foreign intelligence service, the BND, is more intensive than previously known.

    A lot is at stake for Europe and the US. This week talks will begin on the planned trans-Atlantic free trade agreement, the Transatlantic Trade and Invesment Partnership (TTIP). The Americans’ snooping could endanger the project.

    The Snowden case is entering its next round. At first he revealed how the NSA spes on data networks. Last week SPIEGEL reported that the US was also spying on its allies including Germany. Now the controversy has broadened to include whether the allies themselves are involved in the snooping.

    There are times when the inner workings of the world suddenly come to light. Veils fall to the ground and the world suddenly looks different. These are such times.

    A man does something that represents the best traditions of the West — he enlightens people, points out wrongdoing and opens eyes. That’s what Edward Snowden has done. And what’s happening to him? The West’s leading nation, the US, is hunting him down, and almost every country is going along with it, especially the rest of the West.

    Western Nations Kow-Towing to US

    Fear is governing the world, fear of the wrath of the US, fear of President Barack Obama who was once hailed as a global savior. Few seem ready to dare to take on the political and economic superpower.

    The West is making itself look ridiculous through submissiveness, by failing to live up to its own values. Meanwhile, states like China or Russia, the constant focus of Western moral finger-wagging, were the first where Snowden sought shelter.

    Last Wednesday, Merkel and Obama had a telephone conversation in which both tried to play down the row. There would be “opportunities for an intense exchange about these questions,” officials said afterwards. That wasn’t the tough talking that 78 percent of Germans are demanding of Merkel in her dealings with the US on the issue, according to a recent opinion poll by Infratest Dimap.

    This week a German government delegation will travel to Washington for talks with the Department of Homeland Security, the NSA and the US administration. They hope to glean information on what has been going on. When German opposition parties complained that the delegation only consisted of second-tier officials, Interior Minister Friedrich hastily decided to join them.

    9/11 Silenced Criticism of ‘Echelon’ Spying System

    Foreign data snooping has caused outrage in Germany and Europe before. Twelve years ago, a European Parliament committee criticized “Echelon,” which it described as a “global surveillance system for private and business communcations.” In a 200-page report, the committee said that within Europe, all communications via email, telephone and fax were regularly monitored by the intelligence services of the US, Britain, Canada and Australia.

    The European lawmakers recommended a series of rules and agreements to curb the snooping. But two months later, terrorists flew planes into the World Trade Center and it quickly emerged that some of them had lived in Germany. All criticism of “Echelon” fell abruptly silent.

    But the German government, despite all its current protestations of ignorance and innocence, cannot be unaware that US surveillance specialists remain active on German soil. At present the NSA is expanding its presence in Germany considerably.

    The best-known monitoring facility is in the Bavarian town of Bad Aibling, extensively described in the “Echelon” report. Officially, the Americans gave up the listening post in 2004. But the white domes of the “Echelon” system, known as radomes, are still there. When the site was officially turned over to civilian use, that didn’t apply to the area with the snooping technology. A connecting cable now transmits the captured signals to the site of the Mangfall army base a few hundred meters away. This is officially a German army communications base — but in truth it belongs to the BND. Cooperating closely with a handful of NSA surveillance specialists, the German foreign intelligence service analyzes telephone calls, faxes and everything else transmitted via satellite.

    BND Admits Monitoring Cooperation With NSA

    Officially, the BND post in Bad Aibling doesn’t exist, and neither does the local cooperation with the Americans. But in a confidential meeting with the parliament’s intelligence oversight committee, BND head Gerhard Schindler last Wednesday confirmed the cooperation with the US service,

    There are other locations in Germany where the Americans engage in data monitoring. The US army runs a top secret lstening post in the town of Griesheim near Darmstadt, in western Germany. Five radomes stand on the edge of the August-Euler airfield, hidden behind a little forest. If you drive past “Dagger Complex” you get suspicious looks from security guards. It’s forbidden to take photos. Inside, soldiers analyze information for the armed forces in Europe. The NSA supports the analysts.

    The need for data appears to be so great that the US army is building a new Consolidated Intelligence Center in the nearby city of Wiesbaden. The $124 million building will house bug-proof offices and a high-tech control center. As soon as it’s completed, “Dagger Complex” will be shut down. Only US construction firms are being used. Even the building materials are being brought in from the US and closely guarded along the way.

    Is it really conceivable that the German government knows nothing of what the NSA is doing on its own doorstep? Last month Interior Minister Friedrich said in a parliamentary debate on the NSA snooping: “Germany has fortunately been spared big attacks in recent years. We owe that in part to the information provided by our American friends.” Sentences like that reveal a pragmatic view of the US surveillance apparatus: What the NSA gets up to in detail is secondary — what counts is what its snooping reveals. And that information, intelligence officials admit, is indispensable.

    Without the tip-offs provided by the Americans, authorities would be partly blind in the fight against terrorism. While the BND and the Federal Office for the Protection of the Constitution are bound by strict rules, foreign intelligence agencies operating in Germany are largely uncontrolled in what they do, as long as it serves the war on terror.

    Frankfurt’s Role as East-West Data Crossroads

    The example of Frankfurt, Germany’s financial center, illustrates that. Frankfurt is a major crossroads for digital data. This where fiber-optic cables from Eastern Europe and Central Asia meet data lines from Western Europe. Emails, photos, telepone calls and tweets from crisis-hit countries in the Middle East also pass through Frankfurt. This is where international providers — companies like Deutsche Telekom or US firm Level 3, which claims to transmit a third of the world’s Internet traffic — operate digital hubs.

    For agencies like the NSA or BND, Frankfurt is an inexhaustible source of information. Documents provided by Snowden show that the NSA accesses half a billion pieces of communication each month. The BND also helps itself to data here. It is allowed to tap up to 20 percent of it. The service feeds data from five hubs in Germany for analysis to its headquarters in Pullach near Munich. Its analysts comb through the data for phone calls, emails or Internet messages that might uncover a nuclear smuggling deal or an al-Qaida plot.

    The BND uses the NSA’s help to analyze Internet traffic from the Middle East. The Americans provide the Germans with special tools that work with Arabic search terms. Does the US agency get access to the data in return? The BND denies this. All cooperation is in the form of assessing “finished intelligence,” or completed intelligence reports, it insists.

    But relations between the BND and NSA are closer than publicly admitted. They work together on clearly defined individual joint operations abroad when it comes to fighting terrorism or monitoring weapons shipments. At the Bad Aibling listening post, an NSA team works closely with BND agents. The BND uses Bad Aibling mainly to monitor Thuraya satellite phones used in remote regions of Pakistan and Afghanistan. The Americans help the Germans in this work. Is it really conceivable that with such close cooperation the one partner didn’t know what the other was doing?

    US Need Not Fear Much German Criticism

    “We have no information so far that Internet hubs in Germany were spied on by the NSA,” says the president of the Federal Office for the Protection of the Constitution, Hans-Georg Maassen. He also has no information on any snooping on the German government by the US. The agency has set up a working group to investigate Snowden’s allegations.

    In the end it’s relatively insignificant whether any light will be shed on the outflow of German Internet data to the US. The German authorities are unlikely to criticize the Americans too harshly. “We can be blackmailed,” said a high-ranking security official. “If the NSA shut off the tap, we’d be blind.”

    The US isn’t just a friend, it’s an all-powerful force one can choose to be friends with or not. The Snowden case shows how closely intertwined friendship and submissiveness can be.

    SVEN BECKER, THOMAS DARNSTÄDT, JENS GLÜSING, HUBERT GUDE, FRITZ HABEKUSS, KONSTANTIN VON HAMMERSTEIN, MARC HUJER, DIRK KURBJUWEIT, MATHIEU VON ROHR, MARCEL ROSENBACH, MATTHIAS SCHEPP, JÖRG SCHINDLER, GREGOR PETER SCHMITZ, CHRISTOPH SCHULT, HOLGER STARK
    07/08/2013 05:47 PM

    Find this story at 8 july 2013
    © SPIEGEL ONLINE 2013

    Police go in search of online pranksters

    Too much data surveillance?

    Not everybody has a sense of irony. Some people simply lack the ability to read between the lines. A funny, ironical remark left online could see the police come knocking at your door.

    “I’m known for my sense of irony. But even I would not have come to think of putting a statue of liberty in New York Harbor,” Irish Nobel Prize winner of Literature George Bernard Shaw once said. But, as far as we know, he got away with this sharp-tongued comment when trying to enter US territory, a comment that implicitly made fun of the US’ idea of liberty.

    But maybe he was only left alone because in the early 20th century, border officials did not yet have access to the vast amount of data about people desiring to cross into their countries as they do today. Today, every visitor seems transparent; and harmless but remarks are often interpreted as evil intentions. Shaw’s fellow countryman just experienced that.

    US Homeland security strike

    The young Irishman was denied entry by the US homeland security agency DHS at Los Angeles airport. The reason: an ironic remark on Twitter. The sender insists he wasn’t even targeting the US. On the contrary, he wanted to tell his followers that he was going to “party to the extreme in LA,” and he described it by saying that “digging out Marilyn Monroe” and “destroying America” were part of his plan. But immigration officers didn’t care much about his sense of humor. He spent 12 hours detained in a cell.
    Security comes first during border controls in the US

    “I can only advise against such remarks, even if you’re sure you’re being ironic,” said Klaus Lodigkeit, a Hamburg-based IT law specialist. “Americans store almost all our phonecalls, they store a lot online, and make backup copies. And if they search for a name or a nickname online and find such posts they can link to a certain person then you represent a danger for the security of the United States. So be careful.”

    Cheeky teenager

    But offhand and ironic remarks online can also be misinterpreted outside of airports’ immigration zones. Just before the verdict for security guard George Zimmerman was announced, the killer of black teenager Trayvon Martin, a 15-year-old in the small town of Zion in Illinois posted a comment online. If Zimmerman was acquitted, he wrote, he would shoot dead every single person in Zion and then also be acquitted of charges.

    A short while later, local police detained the teenager. After an examination, the officers were convinced he didn’t constitute a threat. “He doesn’t own any weapons and doesn’t have access to any either,” a police report said.

    Crazy or just foolish?

    18-year-old US citizen Justin Carter wasn’t that lucky. According to his parents, he had a fight with other users while playing a fantasy role-playing game online. When the users then wrote on Facebook that he was “a lunatic, crazy, and off his head,” Carter replied: “Yeah, sure I’m a total mess, I will go and shoot children at a school and eat their beating hearts.”

    He must have instantly realized that remarks like that are often misunderstood. He quickly added a ‘LOL’ [‘Laughing out loud’] and a ‘JK’ [‘Just Kidding’]. But it didn’t help: He spent several months in prison because of that comment on Facebook. He has been released on bail.

    “If you publish a concrete threat to life or physical condition online, the threat itself constitutes a criminal offence,” according to IT legal expert Lodigkeit. “It’s enough to be convicted. And you’re remanded in custody while investigations are conducted because you’re considered a flight risk.”
    The Pirate party criticizes online spying and surveillance activities by governments

    But does that give security agencies in Germany and the US the right to spy on private communication? “No,” said Mario Tants, spokesman for online freedom advocates the Pirate party in the German state of Schleswig-Holstein. “In the cases we’ve talked about, security authorities in the US didn’t screen private communication. Instead, what happened was that somebody who knew the respective perpetrator or potential perpetrator gave them hints. And if a real person gives a real hint, then security agencies are obliged to examine what’s going on.”

    ‘NSA spy protection league’

    The latest case from Germany is slightly more confusing in comparison. 28-year-old Daniel Bangert invited others on facebook to join him on a “Walk to the Dagger complex.” It’s a US-American installation near Darmstadt in the German state of Hesse, where the NSA is said to have underground offices. Bangert clearly used an ironic tone, calling his group the “NSA spy protection league,” inviting others to “explore and observe.”

    But the US military police in Germany apparently don’t share Bangert’s sense of humor. The Americans informed German security agencies who then visited the young man early in the morning and interrogated him. State security were also involved and asked Bangert questions about his “political leanings,” as he put it.

    “That’s exactly what we’re critical of,” said Mario Tants from the Pirates’ party. “In future, any citizen writing anything anywhere has to expect a visit by the police or state protection. That’s the problem in surveillance states, and we’re actually effectively already there.”

    Date 21.07.2013
    Author Marcus Lütticke / nh
    Editor Jessie Wingard

    Find this story at 21 July 2013

    © 2013 Deutsche Welle

    Spaziergang in Grieshei; Neue Spion-Safari am Dagger Complex

    Wegen eines angekündigten Spaziergangs zum streng geheimen Dagger Complex bekam Daniel Bangert Besuch vom Staatsschutz. Das schreckt ihn nicht ab: Jetzt lädt er zu einer zweiten Erkundungstour nach Griesheim, um “NSA-Spione” zu beobachten.

    Selten hat ein Spaziergang für so viel Aufsehen gesorgt: Der Griesheimer Daniel Bangert hatte auf Facebook scherzhaft dazu eingeladen, einen Erkundungsgang zum streng geheimen Dagger Complex zu unternehmen. Vor der abgeschotteten US-Einrichtung in der Nähe von Darmstadt wolle man “gemeinsam den bedrohten Lebensraum der NSA-Spione erforschen”.

    Der ironische Aufruf stieß auf Facebook zunächst nicht auf viele Interessenten, dafür aber bei der Polizei. Die US-Militärpolizei, die für die Sicherheit auf dem Dagger Complex zuständig ist, hatte die deutsche Polizei eingeschaltet – die Bangert prompt aus dem Bett klingelte. Danach kam auch noch der Staatsschutz vorbei und brachte Bangert dazu, seinen Spaziergang als Demo anzumelden, was er auch tat. Schließlich spazierten 70 Leute in Begleitung zweier Streifenwagen zu der abgeschotteten US-Einrichtung.

    Trotz oder wegen des ganzen Wirbels soll es nun einen weiteren Erkundungsgang geben. “Der Vorstand des NSA-Spion-Schutzbundes lädt Sie recht herzlich zum zweiten Entdecken und Beobachten Wochenende am Dagger Complex ein”, heißt es in einer öffentlichen Einladung auf Facebook.

    Ein Picknick auf der Straße

    Schließlich war die letzte demonstrative Entdeckertour zwar ein großer Medienerfolg, vom “wissenschaftlichen” Standpunkt aus gesehen aber ein Reinfall: “Ein Teil der Gruppe hat mit allerlei Lockrufen versucht, die NSA-Spione aus ihrem Bau zu locken”, schreibt Bangert in einem Rückblick auf Facebook. Leider habe man aber “keine echten NSA-Spione zu sehen” bekommen. Deshalb wolle man dieses Mal “im Anschluss an den Spaziergang ein Picknick auf der Straße vor dem Dagger Complex machen”. Vielleicht ließen sich die Spione ja “durch den Duft diverser Köstlichkeiten aus ihrem Bau locken”.

    Es sollen wieder viele Kameras mitgebracht werden, Papier und Stift, Verpflegung fürs Picknick und Blumen, “um den Lebensraum der NSA-Spione etwas aufzupeppen”. Verkleidungen sind erwünscht, und Theaterrequisiten, etwa in Form von Edward-Snowden-Masken, sind ausdrücklich erlaubt.

    Klingt alles wie beim letzten Mal – nur dürften sich diesmal wohl ein paar mehr spazierende Demonstranten einfinden, die aus den Medien vom Wirbel um den ersten Erkundungsgang erfahren haben. Deshalb steht in der aktuellen Einladung außerdem: Der Spaziergang und das anschließende Picknick seien selbstverständlich angemeldet.

    Die Teilnehmerzahl ist nicht abzuschätzen

    “Wie viele Teilnehmer es werden, ist völlig unberechenbar”, sagt Initiator Daniel Bangert, “das habe ich auch der Polizei gesagt: Es können 50 werden oder auch 1000, wobei ich das nicht glaube.” Er habe diesmal Kooperationsgespräche geführt, und wieder sei der Staatsschutz dabei gewesen, erzählt er. Auch wenn das womöglich in Darmstadt so üblich sei, irritiere ihn das.

    Trotzdem tut er sich den ganzen Stress gern an, angefangen bei den Formalitäten bis hin zu den Fragen der vielen Journalisten. “Ich finde einfach, dass da bei den Leuten mehr Interesse herrschen könnte”, begründet er seine Motivation. Und seine Geschichte zeige doch, “dass ein Einzelner sehr wohl etwas erreichen kann, auch ohne Mittel”.

    Ansonsten hofft er auf ein bisschen Hilfe durch die anderen selbsternannten Spion-Forscher: Es stünden mehr Ordner zur Verfügung; doch es wäre gut, wenn ein paar Teilnehmer Warnwesten mitbrächten.

    19. Juli 2013, 14:19 Uhr
    Von Judith Horchert

    Find this story at 19 July 2013

    © SPIEGEL ONLINE 2013

    Spy-spotter: joke about scary visit came true

    A German man who called on Facebook friends concerned about American secret service operations to join him in a walk around a US army spy centre near his home, found secret service men at his door checking his political leanings.

    Daniel Bangert, 28, told The Local he had joked about US spies reading what he had written – and had even told his friends he was waiting for a knock on the door – when it actually came.

    “I was still very sleepy when the phone rang – it was 7.17 in the morning – and a police officer started asking questions about what I was planning,” he said.

    “Then the doorbell rang and I saw out the window that a police van was parked outside. The officer on the phone said I should open the door to the others.”

    He put on a “Team Edward” T-shirt with a picture of NSA whistle-blower Edward Snowden, and answered scores of questions about his plans.

    Bangert, a veteran of the Blockupy protests in Frankfurt, had set up a group calling itself “NSA spy protection league” (NSA Spion Schutzbund), as if the US spies were an endangered species of birds.

    He wanted, he said, to take a walk with some friends to “observe them in their natural habitat” – the Dagger Complex in Griesheim near Darmstadt. This is one base where the NSA (US National Security Agency) is said to operate from. The authority stands accused of monitoring much of Germany’s internet traffic.

    The uniformed police seemed satisfied with his answers about the expected number of people on the walk – 32 had shown an interest, Bangert told The Local. But despite there being no specific agenda, and no plans for a rally or speeches, he was told he had to register the event.

    “I asked them why, but they could not really explain it to me. They couldn’t help me understand what the difference was between going for a walk and meeting up to play football – which you don’t have to register,” he said.

    A few hours later, his phone rang again, and one of the police officers who had been at his house that morning, told him the state security wanted to talk with him.

    “She said I should call them, that it was important that I did. So I did, and they asked me again about the Facebook entry, and how many people were expected and so on. Then they asked if I would go to see them or if they could come to see me for a personal conversation.”

    He said a state security agent arrived with a local police officer, and asked him a load of questions about his political activities and his opinions, and whether he had any connection to activists willing to use violence. They suggested his Facebook entry could be interpreted in different ways, but he said he was really just organizing a walk.

    “Then they told me I should not put the meeting on the internet, that I should not write about it,” he added.

    They seemed to be concerned that the walk could get out of control if lots of people showed up – like the Facebook parties which are hijacked by hoodlums. “But I was not offering anything for free like at the parties,” he said.

    “And in any case, all there is, is a fence, with nothing behind it – everything is underground. No-one is interested.”

    In the end around 80 people showed up on Saturday to take a walk, have a talk and look at the US base.

    The “NSA spy protection league” Facebook page says of the day: “A group of people young and old gathered at the Griesheim market square and walked to the NSA spy complex, in the most fabulous weather. On the way there, surveillance methods were discussed … and possible behaviour of the NSA spies was the subject of consideration.”

    It said some of the group had tried with various calls to tempt the NSA spies from the building, but none showed themselves. “Taking part in the walk was not enough, just to know that NSA spies are there – everyone agreed they wanted to see NSA spies with their own eyes. We will see what we can do.”

    Hannah Cleaver
    Published: 15 Jul 2013 17:44 CET | Print version

    Find this story at 15 July 2013

    © The Local Europe GmbH

    When states monitored their citizens we used to call them authoritarian. Now we think this is what keeps us safe

    The internet is being snooped on and CCTV is everywhere. How did we come to accept that this is just the way things are?

    These days we are all supects, or at least consumers. Photograph: Alamy

    America controls the sky. Fear of what America might do can make countries divert planes – all because Edward Snowden might be on one.

    Owning the sky has somehow got to me more than controlling the internet. Maybe because I am a simpleton and sometimes can only process what I can see – the actual sky, rather than invisible cyberspace in which data blips through fibre-optic cables.

    Thus the everyday internet remains opaque to all but geeks. And that’s where I think I have got it wrong. My first reaction to the Prism leaks was to make stupid jokes: Spies spy? Who knew? The fact that Snowden looked as if he came from central casting didn’t help. Nor did the involvement of Julian Assange, a cult leader who should be in Sweden instead of a cupboard in an embassy.

    What I failed to grasp, though, was quite how much I had already surrendered my liberty, not just personally but my political ideals about what liberty means. I simply took for granted that everyone can see everything and laughed at the idea that Obama will be looking at my pictures of a cat dressed as a lobster. I was resigned to the fact that some random FBI merchant will wonder at the inane and profane nature of my drunken tweets.

    Slowly but surely, The Lives of Others have become ours. CCTV cameras everywhere watch us, so we no longer watch out for each other. Public space is controlled. Of course, much CCTV footage is never seen and often useless. But we don’t need the panopticon once we have built one in our own minds. We are all suspects.

    Or at least consumers. iTunes thinks I might like Bowie; Amazon thinks I want a compact tumble dryer. Really? Facebook seems to think I want to date men in uniform. I revel in the fact that the algorithms get it as wrong as the man who knocks on my door selling fish out of a van. “And not just fish,” as he sometimes says mysteriously.

    But how did I come to accept that all this data gathered about me is just the way it is? Wasn’t I once interested in civil liberties? Indeed, weren’t the Lib Dems? Didn’t freedom somehow incorporate the idea of individual privacy? When the state monitored all its citizens as though they were suspects – whether in East Germany or North Korea – we called it authoritarianism. Now we think it is what keeps us safe.

    In 2009 I sat on a panel with Vince Cable at the cross-party Convention on Modern Liberty. Cable told us that a recession could provide the preconditions for fascism. Gosh, I thought, that’s a bit strong. Then the recession hit and austerity became the narrative that subsumed all debates about freedom. No one poor is free, and it is no coincidence that the poor are the most snooped on of all.

    What Snowden, who is no spy, has revealed is the nature of the game: that surveillance is a huge private industry; that almost full control of the internet has been achieved already; that politicians here and in the US have totally acquiesced to industrial-scale snooping. There is a generation now made up of people who will never have had a private conversation online or by phone. These are my children. And should they or anyone else want to organise against the powers that be, they will be traceable. We have sleepwalked into this because liberty remains such an alien concept, still. But the US has the fourth amendment: “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizure, shall not be violated.”

    It has been violated. Bradley Manning is in prison, Guantánamo remains open, CIA agents who spoke out about waterboarding are banged up. And there are other kinds of whistleblowers who conveniently kill themselves. The letter from Daniel Somers, who served in Iraq, says he was made to do things he could not live with. He described his suicide as a mercy killing and reminded us that 22 veterans kill themselves every day. This is not whistleblowing. It is screaming into a void.

    But we remain passive while other European countries are angry at what Snowden has told us. We maintain the special relationship. For Snowden, the truth will not set him free, it will imprison him for ever. We now debate whether we should exchange liberty for security, but it is too late. As John Locke said: “As soon as men decide all means are permitted to fight an evil, then their good becomes indistinguishable from the evil they set out to destroy.” He could have been talking about our passivity.

    When did you surrender your freedom to communicate, something that was yours and yours alone, whether an email to a lover or a picture of your child? Ask yourself, do you feel safer now you know that you have no secrets? Now, the intimacies that are of no import to anyone but you have been subject to virtual extraordinary rendition. Because, fundamentally, your government does not trust you. Why therefore should you trust it?

    Suzanne Moore
    The Guardian, Wednesday 3 July 2013 20.00 BST

    Find this story at 3 July 2013

    © 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

    Revelations on the French Big Brother

    If the revelations about the American espionage program Prism set off a chorus of indignation in Europe, France itself protested only weakly. For two excellent reasons: Paris already knew about it – and it”s doing exactly the same thing. Le Monde is able to disclose that the General Directorate of External Security (the DGSE, or special services) systematically collects the electromagnetic signals emitted by computers and telephones in France, and the flow of signals between France and countries abroad: the entirety of our communications are being spied on. All of our email messages, SMS messages, itemised phone bills and connections to FaceBook and Twitter are then stored for years.
    If this immense data base was used just by the DGSE, which operates only outside French borders, it would already be illegal. But the six other intelligence services – among them the Central Directorate of Internal Intelligence, the customs service and the Tracfin anti-money-laundering service – delve into this base daily for the data of interest to them. This takes place discreetly, on the margins of legality and and beyond any serious control. Politicians are perfectly aware of it, but secrecy is the rule.

    A CLANDESTINE SYSTEM

    This French Big Brother, a little brother of the American services, is clandestine. Yet its existence appears discreetly in parliamentary documents. In a report issued on April 30, the eight deputies and senators in the parliamentary intelligence delegation note that “progress has been made since 2008 in the mutualisation of capabilities, notably regarding intelligence of electromagnetic origin, effected by the DGSE for the benefit of the entire intelligence community.”

    The parliamentarians propose to go still further, to “reinforce the capabilities exploited by the DGSE” and to “consolidate the access of other services to the capabilities mutualised by the DGSE.”

    THE TARGET: “METADATA”

    The intelligence services are not looking for the content of the messages, but rather their context. It is more interesting to know who is speaking to whom than to record what they are saying. More than phone tapping, it”s the technical data – the “metadata” – that is being combed through.

    The DGSE thus collects the itemised telephone bills of millions of subscribers – the names of the callers and the called, the place, the date, the duration, the weight of the message. The same goes for email (with the possibility of reading the title of the message), SMS messages, faxes… And all activity on the Internet that takes place via Google, Facebook, Microsoft, Apple, Yahoo… It’s what the parliamentary intelligence delegation very aptly calls “intelligence of electromagnetic origin”, the equivalent of the NSA’s SigInt (signals intelligence).

    This metadata may be used to draw huge graphs of links among people based on their digital activity, and it’s been going on for years. The idea is to sketch out a kind of diary of each person’s activity on both telephone and computer. When an interesting group has been identified, it then becomes the responsibility of the intelligence services to use more intrusive techniques, like wire-tapping or police tails.

    A SUPERCOMPUTER ON BOULEVARD MORTIER IN PARIS

    This system is obviously of great value in the fight against terrorism. But it allows spying on anyone, any time. The DGSE collects billions of billions of units of data, which are compressed and stored on three floors in the basement of the DGSE headquarters on Boulevard Mortier in Paris.

    Bernard Barbier, technical director of the DGSE since 2006, has spoken publicly about this system on two occasions – in 2010 at a symposium on the security of information and communications technology, and to the Association of Reservists in Encryption and Information Security (Arsci). His comments were reported on a few specialised sites, including Bug Brother, a blog by Jean-Marc Manach on lemonde.fr. Mr. Barbier spoke of “the development of a calculator based on FPGA” – Field Programmable Gate Array, or an integrated circuit that may be programmed for logical functions – that is “probably the biggest data processing center in Europe after the English”, capable of managing dozens of petaoctets of data, in other words dozens of millions of gigaoctets. The heat emitted by the computers is sufficient to heat all the buildings of the DGSE…

    France is said to be among the Top 5 in computing capacity, after the United States, Britain, Israel and China. Mr. Barbier estimated the number of connections picked up by the system at 4 billion in 2013, with a flow of about 1 billion simultaneous communications. “Today, our targets are the networks of the public at large,” the director said at the time, “because they are used by terrorists.”

    The DGSE heads “the strongest team of crypto-mathematicians” in France, penetrates computer systems – and of course collects millions of units of personal data.

    “MUTUALISED” INTELLIGENCE

    The other French intelligence services have access to this gigantic data base, which is soberly called the “mutualisation infrastructure”. They include the DGSE of course, but also the Directorate of Military Intelligence (DRM); the Directorate of Protection and Security of Defense (DPSD); the Central Directorate of Internal Security (DCRI); the Directorate of National Intelligence and Customs Investigations (DNRED); Tracfin, the anti-money-laundering unit; and even the small intelligence service of the police headquarters in Paris.

    According to Senate reports, 80% of the resources of the technical management of the DGSE are used by these other intelligence services. Each supplies the name of the target of their investigation to the DGSE, which replies “hit” or “no hit” according to whether the target appears in the data base or not. Then the services of the DGSE make the metadata intelligible with the addition of classical intelligence.

    Requests for consultation go far beyond just terrorism and the defence of France’s economic property. The very vague wording – protection of national security – makes it possible notably to identify the entourage of politicians at the highest level of the state, whatever their position and the nature of the links under surveillance.

    ABSENCE OF MONITORING

    The system is perfectly illegal – or “a-legal”, as the chief of one of the intelligence agencies puts it. According to the National Commission for Information Technology and Freedom (CNIL), the French agency in charge of protecting personal data, “The legal system governing security interceptions forbids the establishment by the intelligence services of a procedure like Prism.” It adds : “Each request for the requisition or interception of data must be targeted and may not be carried out massively in terms of the quantity or the time period. Such practices thus have no legal foundation.” The CNIL can neither confirm or deny the existence of the French system – it moveover does not have access to the files of the DGSE or the DCRI.

    To be sure, there is a strict legal framework for security interceptions, which are to be authorised by the prime minister, on the recommendation of the National Consultative Commission for Security Interceptions, but this framework did not forecess the massive stocking of technical data by the secret services. “We’ve been operating is a zone of virtual autorisation for years”, confided a former chief of one of the services. “And each agency is quite content with this freedom, which is possible thanks to the legal vagueness surrounding metadata.” A parliamentarian confirmed that “a large portion of the electronic connections in France are effectively intercepted and stocked by the DGSE.” But, officially, the “mutualisation infrastructure” does not exist.

    (Translated by Meg Bortin)
    LE MONDE | 04.07.2013 à 17h06 • Mis à jour le 04.07.2013 à 17h24 |
    Par Jacques Follorou et Franck Johannès

    Find this story at 4 July 2013

    © Le Monde.fr

    Auch Frankreichs Geheimdienst zapft massenhaft Daten ab

    Die Briten tun es, die Amerikaner sowieso – und jetzt stellt sich heraus: Auch die Franzosen greifen laut “Le Monde” massenhaft Kommunikationsdaten ab. Der Auslandsgeheimdienst späht systematisch Telefonate, Mails und soziale Netzwerke aus.

    Paris – Frankreich hat womöglich seit Donnerstag seinen eigenen Datenskandal: Die Tageszeitung “Le Monde” berichtet auf ihrer Website, der französische Auslandsgeheimdienst DGSE greife in ähnlicher Art und Weise Kommunikationsdaten ab wie der US-Geheimdienst NSA. “Enthüllungen über den französischen Big Brother”, hat das Blatt seine Geschichte überschrieben.

    Der DGSE fange Signale von Computern und Telefonen in Frankreich ab, betroffen seien auch Verbindungen zwischen Frankreich und dem Ausland. Zwar würden nicht die Inhalte von Gesprächen ausgeforscht, heißt es in dem Bericht. Es gehe vielmehr darum, eine Übersicht, eine Art Karte zu erstellen, wer mit wem kommuniziere.

    Laut der Zeitung, die sich auf namentlich nicht genannte Geheimdienstquellen sowie offizielle Äußerungen von Geheimdienstmitarbeitern beruft, handelt es sich um illegale Eingriffe. E-Mails, SMS, Verbindungsdaten und die Nutzung von Facebook und Twitter etwa würden über Jahre gespeichert.

    Das Vorgehen ähnelt dem der NSA, das der SPIEGEL enthüllt hatte. Demnach überwacht die NSA in Deutschland monatlich rund eine halbe Milliarde Telefonate, E-Mails oder SMS – systematisch wird ein Großteil der Telefon- und Internetverbindungsdaten kontrolliert und gespeichert. Außerdem überwachen die Amerikaner offenbar gezielt EU-Vertretungen. Auch in Großbritannien sorgte ein ähnlicher Abhörskandal für Aufsehen.

    Eine Stellungnahme der DGSE gibt es bisher nicht. Laut “Le Monde” zweifelt die für die Kontrolle solcher Spionagemaßnahmen zuständige Kommission den Bericht allerdings an und versicherte, der Geheimdienst arbeite im Einklang mit den Gesetzen. Die einzige Einrichtung, die Kommunikationsdaten sammle, sei eine Regierungsstelle, die dem Premierminister unterstellt sei und deren Aufgabe es sei, Sicherheitslücken aufzuspüren.

    Die Vorwürfe in dem Zeitungsbericht sind allerdings sehr konkret. Der Dienst DGSE horte die Daten im Keller seines Hauptquartiers in Paris, schreibt “Le Monde”. Die Wärme, die das Rechenzentrum ausstrahle, reiche aus, um das gesamte Gebäude zu heizen.

    Die übrigen sieben französischen Geheimdienste, darunter Inlandsdienste, Experten für Geldwäsche und Zollfahnder, hätten Zugriff auf die Daten. Diesen anderen Diensten sei es dann freigestellt, sich in als verdächtig aufgefallene Kommunikation einzuklinken und etwa Gespräche abzuhören.

    ffr/Reuters/Mitarbeit: Valérie Wagner
    04. Juli 2013, 18:25 Uhr

    Find this story at 4 July 2013

    © SPIEGEL ONLINE 2013

    France ‘has vast data surveillance’ – Le Monde report

    France’s foreign intelligence service intercepts computer and telephone data on a vast scale, like the controversial US Prism programme, according to the French daily Le Monde.

    The data is stored on a supercomputer at the headquarters of the DGSE intelligence service, the paper says.

    The operation is “outside the law, and beyond any proper supervision”, Le Monde says.

    Other French intelligence agencies allegedly access the data secretly.

    It is not clear however whether the DGSE surveillance goes as far as Prism. So far French officials have not commented on Le Monde’s allegations.

    The DGSE allegedly analyses the “metadata” – not the contents of e-mails and other communications, but the data revealing who is speaking to whom, when and where.

    Connections inside France and between France and other countries are all monitored, Le Monde reports.

    The paper alleges the data is being stored on three basement floors of the DGSE building in Paris. The secret service is the French equivalent of Britain’s MI6.

    The operation is designed, say experts, to uncover terrorist cells. But the scale of it means that “anyone can be spied on, any time”, Le Monde says.

    There is a continuing international furore over revelations that the US has been systematically seizing vast amounts of phone and web data.

    The French government has sharply criticised the US spying, which allegedly included eavesdropping on official EU communications.

    The scale of surveillance by America’s National Security Agency (NSA) emerged from classified intelligence documents leaked by whistleblower Edward Snowden.

    The UK spy agency GCHQ is reported to run a similarly vast data collection operation, co-operating closely with the NSA.
    4 July 2013 Last updated at 14:11 GMT

    Find this story at 4 July 2013

    BBC © 2013 The BBC is not responsible for the content of external sites. Read more.

    Neue Snowden-Enthüllung; NSA-Verbindung bringt deutsche Dienste in Erklärungsnot

    Der deutsche Geheimdienst wusste mehr über die Umtriebe der NSA in Deutschland als bisher bekannt. “Die stecken unter einer Decke”, sagt Edward Snowden in einem Interview im SPIEGEL. Auch gegen die Briten erhebt der Whistleblower Vorwürfe.

    Seit Wochen hält Edward Snowden die Geheimdienstwelt mit immer neuen Enthüllungen in Atem. Ob die amerikanische NSA oder die GCHQ aus Großbritannien, Systeme wie Prism oder Tempora: Der Whistleblower lässt wohldosiert Skandalöses über die internationalen Schnüffeldienste durchsickern. In einem Interview, das der SPIEGEL in seiner neuen Ausgabe veröffentlicht, beschreibt Snowden die Nähe zwischen US- und deutschem Geheimdienst – und die Datensammelwut der britischen Spione.

    In Deutschland hatten die Berichte über die umfangreichen Spionage-Tätigkeiten der USA für Überraschung und Entsetzen gesorgt – auch unter Politkern. Die Version von der vollkommenen Unwissenheit der Deutschen will Snowden so nicht gelten lassen. Im Gegenteil: Die NSA-Leute steckten “unter einer Decke mit den Deutschen”, erklärte der Whistleblower dem amerikanischen Chiffrier-Experten Jacob Appelbaum und der Dokumentarfilmerin Laura Poitras mit Hilfe verschlüsselter E-Mails, kurz bevor er weltweit bekannt wurde.

    Snowden beschreibt die Zusammenarbeit der Geheimdienste detailliert. In der NSA gebe es für solche Kooperationen mit anderen Ländern eine eigene Abteilung, das sogenannte Foreign Affairs Directorate. Dabei enthüllt er ein bemerkenswertes Detail zum Schutz von Entscheidungsträgern: Die Zusammenarbeit werde so organisiert, dass Behörden anderer Länder “ihr politisches Führungspersonal vor dem ‘Backlash’ schützen” können, falls herauskommen sollte, wie “massiv die Privatsphäre von Menschen missachtet wird”, sagt der US-Amerikaner.

    Nach SPIEGEL-Recherchen ist die Zusammenarbeit zwischen der NSA und dem Bundesnachrichtendienst (BND) offenbar tatsächlich deutlich intensiver als bislang bekannt. So lieferte die NSA die Analyse-Tools für den Lauschangriff des BND auf ausländische Datenströme, die durch Deutschland führen. Im Fokus des BND steht unter anderem die Nahost-Strecke, über die Datenpakete etwa aus Krisenregionen verlaufen.

    BND-Chef Gerhard Schindler hat den Mitgliedern des Parlamentarischen Kontrollgremiums die Zusammenarbeit mit der NSA bestätigt. (Mehr zum Thema finden Sie hier)

    Doch nicht nur die Umtriebe des BND stehen im Fokus des Gesprächs mit Snowden. Auch über den britischen Geheimdienst Government Communications Headquarters (GCHQ) gibt der 30-Jährige weitere neue Details preis. So läuft in Großbritannien ein Versuch der Komplettdatenspeicherung. Das Tempora-System der Briten sei “der erste ‘ich speichere alles’-Ansatz (‘full take’) in der Geheimdienstwelt”, sagt Snowden.

    Daten bleiben drei Tage im Pufferspeicher

    Der Umfang dieses “Full Take”-Systems ist gewaltig. Im Rahmen von Tempora werden dem Whistleblower und dem “Guardian” zufolge Verbindungsdaten bis zu 30 Tage, aber auch alle Inhalte bis zu drei Tage lang gespeichert, in einem sogenannten Pufferspeicher. “Dieser Zwischenspeicher macht nachträgliche Überwachung möglich, ihm entgeht kein einziges Bit”.

    Auf Rückfrage, ob man dieser Totalerfassung aller Internetkommunikation entgehen könne, antwortet er: “Na ja, wenn man die Wahl hat, sollte man niemals Informationen durch britische Leitungen oder über britische Server schicken.”

    Entgehen könne man dem Zugriff durch die GCHQ nur, wenn man keine Informationen über britische Leitungen oder britische Server schicke, so Snowden. Deutsche Internet-Experten halten dies in der Praxis allerdings für kaum durchführbar.

    Metadaten liefern Orientierung im Datenmeer

    Der Versuch der Komplettdatenspeicherung ist bemerkenswert, war doch bisher im Zusammenhang mit den Abhörskandalen meist von Metadaten die Rede. Auch Snowden betont in der aktuellen Ausgabe des SPIEGEL noch einmal wie wichtig die Metadaten – etwa Telefonnummern, IP-Adressen und Verbindungszeiten – eigentlich sind. Und wie sie genutzt werden. Die Metadaten seien meist “wertvoller als der Inhalt der Kommunikation”, sagt Snowden.

    Wer die Metadaten hat, weiß, wer wann mit wem kommuniziert hat. Auf dieser Basis lässt sich dann entscheiden, welche Datensätze, welche Kommunikationsinhalte man sich genauer ansehen möchte. “Die Metadaten sagen einem, was man vom breiten Datenstrom tatsächlich haben will”, so Snowden im SPIEGEL.

    So wird nach und nach klar, wie die Überwachungsprogramme von NSA und GCHQ, Prism, Tempora und Boundless Informant zusammenwirken:

    Die Metadaten-Abfrage gibt Analysten Hinweise, für welche Kommunikationen und Inhalte sie sich vielleicht interessieren könnten, dann, sagt Snowden sinngemäß, lässt sich per Knopfdruck festlegen, dass von einer Person oder einer Gruppe alle verfügbaren Inhalte im Volltext mitgeschnitten oder anderweitig erfasst werden. Zum Zielobjekt könne man aber auch “aufgrund des eigenen Facebook-Profils oder der eigenen E-Mails” werden.

    07. Juli 2013, 19:31 Uhr

    Find this story at 7 July 2013

    © SPIEGEL ONLINE 2013

    Merkel: NSA spying aided our security

    Chancellor Angela Merkel confirmed German secret services profited from the spying and tapping operations of their USA colleagues. But whistleblower Edward Snowden says the extent of the cooperation was hidden from politicians.

    Der Spiegel magazine reported over the weekend that Snowden, currently hiding in a Moscow airport, had said the US secret service was “in bed with the Germans.”

    His assertion was confirmed by Merkel who said of the spying programme: “We as Germans got a lot of information.” Speaking to a Christian Democratic Union party conference on Saturday she said terrorist attacks in Germany had been foiled thanks to timely information from the Americans.

    “But this does not justify bugging each other’s embassies. And that is why I say bugging really doesn’t work between friends,” she added.

    Referring to Monday’s talks between the European Union and the US about free trade agreements, opposition Social Democratic Party’s parliamentary party leader Frank-Walter Steinmeier said he expected “clear and dependable guarantees that there will be no further spying operations – before the assumption of negotiations.”

    Snowden is in Moscow avoiding American authorities who want to prosecute him for leaking details of the National Security Agency (NSA) spying operation known as Prism, the exposure of which has caused international scandal.

    He told US cipher expert Jacob Appelbaum and documentary filmmaker Laura Poitras that security chiefs on both sides of the Atlantic had organized their cooperation so that they could protect their “political leadership from any backlash”, Der Spiegel reported.

    The pair had sent Snowden questions shortly before he revealed the Prism operation in early June, but his answers have only now been published.

    “We warn the others when someone who we want to get, uses one of their airports – and they deliver then to us,” said Snowden.

    “The other authorities don’t ask us where we have the evidence from, and we don’t ask them anything.” This protects politicians from having to take any responsibility should it be revealed how “massively the privacy of people is being abused,” he said.

    Published: 8 Jul 13 15:00 CET
    The Local/DPA/hc

    Find this story at 8 July 2013

    © www.thelocal.de

    NSA ‘in bed’ with German intelligence says US whistleblower Edward Snowden – and GCHQ operates a ‘full take’ data monitoring system

    The fugitive US whistleblower Edward Snowden alleged on Sunday that the National Security Agency was “in bed together” with German intelligence despite claims by politicians in Chancellor Angela Merkel’s coalition that they were shocked by the extent of American spying in Germany.

    In an interview with Der Spiegel , Snowden claimed that the NSA provided German intelligence, with analysis tools to help the organisation monitor data flowing through Germany. “The NSA people are in bed together with the Germans,”” he told the magazine.

    He added that the NSA’s foreign affairs directorate, which is responsible for relations with other countries, had set up a system whereby political leaders “could be insulated” from the backlash if spying became public and helped to play down how grievously they were “violating global privacy.”

    Snowden also claimed to shed further light on the extent of British spying activities saying that the UK’s GCHQ was the only organisation which operated a so-called “full take” system of information monitoring which stored all data crossing its path for a total of 30 days.

    The allegations seemed certain to cause further shock waves in Germany, where the issue of NSA spying is fast turning into a thorny political campaign issue in the run up to the September general election.

    German MPs have expressed outrage at the extent of British and American spying on German internet and phone traffic and NSA spying on European Union offices. Chancellor Angela Merkel’s Interior Minister is scheduled to fly to Washington this week to obtain an “explanation” from the US authorities.

    Ms Merkel has herself complained that the extent of US and British spying is reminiscent of the Cold War and demanded that it be brought under control. However it is well known that German intelligence has been able to prevent planned terror attacks on German soil with the help of NSA intelligence.

    Snowden is believed to be still holed up in the transit area of Moscow’s Sheremetyevo airport. He has been trying to find a country to give him sanctuary since arriving there from Hong Kong on June 23. However his Russian hosts appear to be becoming irked by his continued presence.

    On Sunday Alexei Pushkov, an influential Russian MP who often speaks for the Kremlin said he would encourage Snowden to accept Venezuela’s recent offer of asylum, saying it was probably his “last chance”.

    Tony Paterson
    Sunday, 7 July 2013

    Find this story at 7 July 2013

    © independent.co.uk

    Snowden Claims; NSA Ties Put German Intelligence in Tight Spot

    The German foreign intelligence service knew more about the activities of the NSA in Germany than previously known. “They’re in bed together,” Edward Snowden claims in an interview in SPIEGEL. The whistleblower also lodges fresh allegations against the British.

    For weeks now, officials at intelligence services around the world have been in suspense as one leak after another from whistleblower Edward Snowden has been published. Be it America’s National Security Agency, Britain’s GCHQ or systems like Prism or Tempora, he has been leaking scandalous information about international spying agencies. In an interview published by SPIEGEL in its latest issue, Snowden provides additional details, describing the closeness between the US and German intelligence services as well as Britain’s acquisitiveness when it comes to collecting data.

    In Germany, reports of the United States’ vast espionage activities have surprised and upset many, including politicians. But Snowden isn’t buying the innocence of leading German politicians and government figures, who say that they were entirely unaware of the spying programs. On the contrary, the NSA people are “in bed together with the Germans,” the whistleblower told American cryptography expert Jacob Appelbaum and documentary filmmaker Laura Poitras in an interview conducted with the help of encrypted emails shortly before Snowden became a globally recognized name.

    Snowden describes the intelligence services partnerships in detail. The NSA even has a special department for such cooperation, the Foreign Affairs Directorate, he says. He also exposes a noteworthy detail about how government decision-makers are protected by these programs. The partnerships are organized in a way so that authorities in other countries can “insulate their political leaders from the backlash” in the event it becomes public “how grievously they’re violating global privacy,” the former NSA employee says.

    Intensive Cooperation with Germany

    SPIEGEL reporting also indicates that cooperation between the NSA and Germany’s foreign intelligence service, the BND, is more intensive than previously known. The NSA, for example, provides “analysis tools” for the BND to monitor signals from foreign data streams that travel through Germany. Among the BND’s focuses are the Middle East route through which data packets from crisis regions travel.

    BND head Gerhard Schindler confirmed the partnership during a recent meeting with members of the German parliament’s control committee for intelligence issues.

    But it’s not just the BND’s activities that are the focus of the interview with Snowden.

    The 30-year-old also provides new details about Britain’s Government Communications Headquarters (GCHQ). He says that Britain’s Tempora system is the signal intelligence community’s first “full-take Internet buffer,” meaning that it saves all of the data passing through the country.

    Data Remains Buffered for Three Days

    The scope of this “full take” system is vast. According to Snowden and Britain’s Guardian newspaper, Tempora stores communications data for up to 30 days and saves all content for up to three days in a so-called Internet buffer. “It snarfs everything in a rolling buffer to allow retroactive investigation without missing a single bit,” Snowden says.

    Asked if it is possible to get around this total surveillance of all Internet communication, he says: “As a general rule, so long as you have any choice at all, you should never route through or peer with the UK under any circumstances.”

    In other words, Snowden says, one can only prevent GCHQ from accessing their data if they do not send any information through British Internet lines or servers. However, German Internet experts believe this would be almost impossible in practice.

    Metadata Provide Orientation in Sea of Data

    The attempt to conduct total data retention is noteworthy because most of the leaks so far in the spying scandal have pertained to so-called metadata. In the interview, Snowden reiterates just how important metadata — which can include telephone numbers, IP addresses and connection times, for example — really are. “In most cases, content isn’t as valuable as metadata,” Snowden says.

    Those in possession of metadata can determine who has communicated with whom. And using the metadata, they can determine which data sets and communications content they would like to take a closer look at. “The metadata tells you what out of their data stream you actually want,” Snowden says.

    It is becoming increasingly clear to recognize the way in which surveillance programs from the NSA and GCHQ — including Prism, Tempora and Boundless Informant — cooperate. The metadata provides analysts with tips on which communications and content might be interesting. Then, Snowden says, with the touch of a button they can then retrieve or permanently collect the full content of communications that have already been stored for a specific person or group, or they can collect future communications. But a person can also be “selected for targeting based on, for example, your Facebook or webmail content.”

    07/07/2013 07:30 PM

    Find this story at 7 July 2013

    © SPIEGEL ONLINE 2013

    Interview mit Edward Snowden; NSA liefert BND Werkzeuge für Lauschangriff

    Welche Macht hat die US-Lauschbehörde NSA? Nach SPIEGEL-Recherchen ist die Zusammenarbeit zwischen Amerikanern und BND offenbar intensiver als bislang bekannt. Geheimdienst-Enthüller Edward Snowden sagt in einem Interview: Die NSA-Leute steckten “unter einer Decke mit den Deutschen”.

    Hamburg – Die NSA kontrolliert das Internet, hat Edward Snowden enthüllt. Selbst die engen Verbündeten werden von den USA ausgespäht. Doch die Deutschen wollen davon nichts gewusst haben.

    Die NSA-Leute steckten “unter einer Decke mit den Deutschen”, erklärt Edward Snowden in einem Interview, das der SPIEGEL in seiner neuen Ausgabe veröffentlicht. Nach Angaben des Geheimdienst-Enthüllers gebe es in der US-Lauschbehörde NSA das “Foreign Affairs Directorate”, das zuständig für Kooperationen mit anderen Ländern sei.

    Die Zusammenarbeit werde so organisiert, dass Behörden anderer Länder “ihr politisches Führungspersonal vor dem ‘Backlash’ schützen” können, falls herauskommen sollte, wie “massiv die Privatsphäre von Menschen missachtet wird”, sagt der US-Amerikaner. Und weiter: Telekommunikationsfirmen würden mit der NSA kooperieren, Personen würden normalerweise “aufgrund etwa des Facebook-Profils oder der eigenen E-Mails als Zielobjekt markiert”.

    Das Interview wurde von dem amerikanischen Chiffrier-Experten Jacob Appelbaum und der Dokumentarfilmerin Laura Poitras mit Hilfe verschlüsselter E-Mails geführt, kurz bevor Snowden als Whistleblower weltweit bekannt wurde.

    Snowden sitzt wahrscheinlich noch immer im Transitbereich des Moskauer Flughafens fest. Inzwischen haben ihm Venezuela und Nicaragua Asyl angeboten. Doch seit der Offerte am Samstag habe man keinen Kontakt mit Snowden gehabt, sagte der Außenminister Venezuelas Elías Jaua.

    BND-Chef bestätigt Zusammenarbeit mit der NSA

    Nach SPIEGEL-Recherchen ist die Zusammenarbeit zwischen der NSA und dem Bundesnachrichtendienst (BND) offenbar deutlich intensiver als bislang bekannt. So lieferte die NSA die Analyse-Tools für den Lauschangriff des BND auf ausländische Datenströme, die durch Deutschland führen. Im Fokus des BND steht unter anderem die Nahost-Strecke, über die Datenpakete etwa aus Krisenregionen verlaufen.

    Insgesamt zieht der BND nach SPIEGEL-Recherchen aus fünf digitalen Knotenpunkten Informationen, die in Pullach analysiert werden. BND-Chef Gerhard Schindler bestätigte den Mitgliedern des Parlamentarischen Kontrollgremiums die Zusammenarbeit mit der NSA.

    Das Bundesamt für Verfassungsschutz, das für Spionageabwehr zuständig ist, untersucht derzeit, wo die NSA Zugriff auf den Internetverkehr nimmt, der durch Deutschland geht. Eine erste Analyse ergab keine Klarheit, sagte der Präsident des Bundesamts für Verfassungsschutz (BfV), Hans-Georg Maaßen. “Wir haben bislang keine Erkenntnisse, dass Internetknotenpunkte in Deutschland durch die NSA ausspioniert wurden”, sagte Maaßen dem SPIEGEL.

    Neuer Stützpunkt in Wiesbaden

    Ein neuer Stützpunkt der US-Armee auf dem Boden der Bundesrepublik, den auch die NSA nutzen soll, ist mit den deutschen Behörden abgesprochen. In Wiesbaden wird derzeit ein neues “Consolidated Intelligence Center” errichtet. Für 124 Millionen Dollar entstehen abhörsichere Büros und ein Hightech-Kontrollzentrum. Sobald die Anlage in Wiesbaden fertiggestellt ist, wird ein bislang genutzter Komplex bei Darmstadt geschlossen.

    Die Amerikaner vertrauen bei dem Neubau in Wiesbaden nur auf Landsleute. Die Baufirmen müssen aus den USA stammen und sicherheitsüberprüft sein. Und selbst die Materialien sollen aus den Vereinigten Staaten importiert und auf ihrem Weg nach Deutschland überwacht werden.

    07. Juli 2013, 08:17 Uhr

    Find this story at 7 July 2013

    © SPIEGEL ONLINE 2013

    Answers to Frequently Asked Questions (FAQ) about Echelon

    Q – What is Project ECHELON?

    ECHELON is the term popularly used for an automated global interception and relay system operated by the intelligence agencies in five nations: the United States, the United Kingdom, Canada, Australia and New Zealand (it is believed that ECHELON is the code name for the portion of the system that intercepts satellite-based communications). While the United States National Security Agency (NSA) takes the lead, ECHELON works in conjunction with other intelligence agencies, including the Australian Defence Signals Directorate (DSD). It is believed that ECHELON also works with Britain’s Government Communications Headquarters (GCHQ) and the agencies of other allies of the United States, pursuant to various treaties. (1)

    These countries coordinate their activities pursuant to the UKUSA agreement, which dates back to 1947. The original ECHELON dates back to 1971. However, its capabilities and priorities have expanded greatly since its formation. According to reports, it is capable of intercepting and processing many types of transmissions, throughout the globe. In fact, it has been suggested that ECHELON may intercept as many as 3 billion communications everyday, including phone calls, e-mail messages, Internet downloads, satellite transmissions, and so on. (2) The ECHELON system gathers all of these transmissions indiscriminately, then distills the information that is most heavily desired through artificial intelligence programs. Some sources have claimed that ECHELON sifts through an estimated 90 percent of all traffic that flows through the Internet. (3)

    However, the exact capabilities and goals of ECHELON remain unclear. For example, it is unknown whether ECHELON actually targets domestic communications. Also, it is apparently very difficult for ECHELON to intercept certain types of transmissions, particularly fiber communications.

    Q – How does ECHELON work?

    ECHELON apparently collects data in several ways. Reports suggest it has massive ground based radio antennae to intercept satellite transmissions. In addition, some sites reputedly are tasked with tapping surface traffic. These antennae reportedly are in the United States, Italy, England, Turkey, New Zealand, Canada, Australia, and several other places. (4)

    Similarly, it is believed that ECHELON uses numerous satellites to catch “spillover” data from transmissions between cities. These satellites then beam the information down to processing centers on the ground. The main centers are in the United States (near Denver), England (Menwith Hill), Australia, and Germany. (5)

    According to various sources, ECHELON also routinely intercepts Internet transmissions. The organization allegedly has installed numerous “sniffer” devices. These “sniffers” collect information from data packets as they traverse the Internet via several key junctions. It also uses search software to scan for web sites that may be of interest. (6)

    Furthermore, it is believed that ECHELON has even used special underwater devices which tap into cables that carry phone calls across the seas. According to published reports, American divers were able to install surveillance devices on to the underwater cables. One of these taps was discovered in 1982, but other devices apparently continued to function undetected. (7)
    It is not known at this point whether ECHELON has been able to tap fiber optic phone cables.

    Finally, if the aforementioned methods fail to garner the desired information, there is another alternative. Apparently, the nations that are involved with ECHELON also train special agents to install a variety of special data collection devices. One of these devices is reputed to be an information processing kit that is the size of a suitcase. Another such item is a sophisticated radio receiver that is as small as a credit card. (8)

    After capturing this raw data, ECHELON sifts through them using DICTIONARY. DICTIONARY is actually a special system of computers which finds pertinent information by searching for key words, addresses, etc. These search programs help pare down the voluminous quantity of transmissions which pass through the ECHELON network every day. These programs also seem to enable users to focus on any specific subject upon which information is desired. (9)

    Q – If ECHELON is so powerful, why haven’t I heard about it before?

    The United States government has gone to extreme lengths to keep ECHELON a secret. To this day, the U.S. government refuses to admit that ECHELON even exists. We know it exists because both the governments of Australia (through its Defence Signals Directorate) and New Zealand have admitted to this fact. (10) However, even with this revelation, US officials have refused to comment.

    This “wall of silence” is beginning to erode. The first report on ECHELON was published in 1988. (11) In addition, besides the revelations from Australia, the Scientific and Technical Options Assessment program office (STOA) of the European Parliament commissioned two reports which describe ECHELON’s activities. These reports unearthed a startling amount of evidence, which suggests that Echelon’s powers may have been underestimated. The first report, entitled “An Appraisal of Technologies of Political Control,” suggested that ECHELON primarily targeted civilians.

    This report found that:

    The ECHELON system forms part of the UKUSA system but unlike many of the electronic spy systems developed during the cold war, ECHELON is designed for primarily non-military targets: governments, organisations and businesses in virtually every country. The ECHELON system works by indiscriminately intercepting very large quantities of communications and then siphoning out what is valuable using artificial intelligence aids like Memex to find key words. Five nations share the results with the US as the senior partner under the UKUSA agreement of 1947, Britain, Canada, New Zealand and Australia are very much acting as subordinate information servicers.

    Each of the five centres supply “dictionaries” to the other four of keywords, phrases, people and places to “tag” and the tagged intercept is forwarded straight to the requesting country. Whilst there is much information gathered about potential terrorists, there is a lot of economic intelligence, notably intensive monitoring of all the countries participating in the GATT negotiations. But Hager found that by far the main priorities of this system continued to be military and political intelligence applicable to their wider interests. Hager quotes from a “highly placed intelligence operatives” who spoke to the Observer in London. “We feel we can no longer remain silent regarding that which we regard to be gross malpractice and negligence within the establishment in which we operate.” They gave as examples. GCHQ interception of three charities, including Amnesty International and Christian Aid. “At any time GCHQ is able to home in on their communications for a routine target request,” the GCHQ source said. In the case of phone taps the procedure is known as Mantis. With telexes its called Mayfly. By keying in a code relating to third world aid, the source was able to demonstrate telex “fixes” on the three organisations. With no system of accountability, it is difficult to discover what criteria determine who is not a target. (12)

    A more recent report, known as Interception Capabilities 2000, describes ECHELON capabilities in even more elaborate detail. (13) The release of the report sparked accusations from the French government that the United States was using ECHELON to give American companies an advantage over rival firms. (14) In response, R. James Woolsey, the former head of the US Central Intelligence Agency (CIA), charged that the French government was using bribes to get lucrative deals around the world, and that US surveillance networks were used simply to level the playing field. (15) However, experts have pointed out that Woolsey missed several key points. For example, Woolsey neglected to mention alleged instances of economic espionage (cited in Intelligence Capabilities 2000) that did not involve bribery. Furthermore, many observers expressed alarm with Woolsey’s apparent assertion that isolated incidents of bribery could justify the wholesale interception of the world’s communications. (16)

    The European Parliament formed a temporary Committee of Enquiry to investigate ECHELON abuses. (17) In May 2001, members of this committee visited the United States in an attempt to discover more details about ECHELON. However, officials from both the NSA and the US Central Intelligence Agency (CIA) canceled meetings that they had previously scheduled with the European panel. The committee’s chairman, Carlos Coelho, said that his group was “very disappointed” with the apparent rebuffs; in protest, the Parliamentary representatives returned home a day early. (18)

    Afterwards, the committee published a report stating that ECHELON does indeed exist and that individuals should strongly consider encrypting their emails and other Internet messages. (19) However, the panel was unable to confirm suspicions that ECHELON is used to conduct industrial espionage, due to a lack of evidence. (20) Ironically, the report also mentioned the idea that European government agents should be allowed greater powers to decrypt electronic communications, which was criticized by some observers (including several members of the committee) as giving further support to Europe’s own ECHELON-type system. (21) The European Parliament approved the report, but despite the apparent need for further investigation, the committee was disbanded. (22) Nevertheless, the European Commission plans to draft a “roadmap” for data protection that will address many of the concerns aired by the EP panel. (23)

    Meanwhile, after years of denying the existence of ECHELON, the Dutch government issued a letter that stated: “Although the Dutch government does not have official confirmation of the existence of Echelon by the governments related to this system, it thinks it is plausible this network exists. The government believes not only the governments associated with Echelon are able to intercept communication systems, but that it is an activity of the investigative authorities and intelligence services of many countries with governments of different political signature.” (24)These revelations worried Dutch legislators, who had convened a special hearing on the subject. During the hearing, several experts argued that there must be tougher oversight of government surveillance activities. There was also considerable criticism of Dutch government efforts to protect individual privacy, particularly the fact that no information had been made available relating to Dutch intelligence service’s investigation of possible ECHELON abuses.(25)

    In addition, an Italian government official has begun to investigate Echelon’s intelligence-gathering efforts, based on the belief that the organization may be spying on European citizens in violation of Italian or international law. (26)

    Events in the United States have also indicated that the “wall of silence” might not last much longer. Exercising their Constitutionally created oversight authority, members of the House Select Committee on Intelligence started asking questions about the legal basis for NSA’s ECHELON activities. In particular, the Committee wanted to know if the communications of Americans were being intercepted and under what authority, since US law severely limits the ability of the intelligence agencies to engage in domestic surveillance. When asked about its legal authority, NSA invoked the attorney-client privilege and refused to disclose the legal standards by which ECHELON might have conducted its activities. (27)

    President Clinton then signed into law a funding bill which required the NSA to report on the legal basis for ECHELON and similar activities. (28) However, the subsequent report (entitled Legal Standards for the Intelligence Community in Conducting Electronic Surveillance) gave few details about Echelon’s operations and legality. (29)

    However, during these proceedings, Rep. Bob Barr (R-GA), who has taken the lead in Congressional efforts to ferret out the truth about ECHELON, stated that he had arranged for the House Government Reform and Oversight Committee to hold its own oversight hearings.(30)

    Finally, the Electronic Privacy Information Center has sued the US Government, hoping to obtain documents which would describe the legal standards by which ECHELON operates.(31)

    Q – What is being done with the information that ECHELON collects?

    The original purpose of ECHELON was to protect national security. That purpose continues today. For example, we know that ECHELON is gathering information on North Korea. Sources from Australia’s DSD have disclosed this much because Australian officials help operate the facilities there which scan through transmissions, looking for pertinent material. (32) Similarly, the Spanish government has apparently signed a deal with the United States to receive information collected using ECHELON. The consummation of this agreement was confirmed by Spanish Foreign Minister Josep Pique, who tried to justify this arrangement on security grounds. (33)

    However, national security is not Echelon’s only concern. Reports have indicated that industrial espionage has become a part of Echelon’s activities. While present information seems to suggest that only high-ranking government officials have direct control over Echelon’s tasks, the information that is gained may be passed along at the discretion of these very same officials. As a result, much of this information has been given to American companies, in apparent attempts to give these companies an edge over their less knowledgeable counterparts. (34)

    In addition, there are concerns that Echelon’s actions may be used to stifle political dissent. Many of these concerns were voiced in a report commissioned by the European Parliament. What is more, there are no known safeguards to prevent such abuses of power. (35)

    Q – Is there any evidence that ECHELON is doing anything improper or illegal with the spying resources at its disposal?

    ECHELON is a highly classified operation, which is conducted with little or no oversight by national parliaments or courts. Most of what is known comes from whistleblowers and classified documents. The simple truth is that there is no way to know precisely what ECHELON is being used for.

    But there is evidence, much of which is circumstantial, that ECHELON (along with its British counterpart) has been engaged in significant invasions of privacy. These alleged violations include secret surveillance of political organizations, such as Amnesty International. (36) It has also been reported that ECHELON has engaged in industrial espionage on various private companies such as Airbus Industries and Panavia, then has passed along the information to their American competitors. (37) It is unclear just how far Echelon’s activities have harmed private individuals.

    However, the most sensational revelation was that Diana, Princess of Wales may have come under ECHELON surveillance before she died. As reported in the Washington Post, the NSA admitted that they possessed files on the Princess, partly composed of intercepted phone conversations. While one official from the NSA claimed that the Princess was never a direct target, this disclosure seems to indicates the intrusive, yet surreptitious manner by which ECHELON operates. (38)

    What is even more disquieting is that, if these allegations are proven to be true, the NSA and its compatriot organizations may have circumvented countless laws in numerous countries. Many nations have laws in place to prevent such invasions of privacy. However, there are suspicions that ECHELON has engaged in subterfuge to avoid these legal restrictions. For example, it is rumored that nations would not use their own agents to spy on their own citizens, but assign the task to agents from other countries. (39) In addition, as mentioned earlier, it is unclear just what legal standards ECHELON follows, if any actually exist. Thus, it is difficult to say what could prevent ECHELON from abusing its remarkable capabilities.

    Q – Is everyone else doing what ECHELON does?

    Maybe not everyone else, but there are plenty of other countries that engage in the type of intelligence gathering that ECHELON performs. These countries apparently include Russia, France, Israel, India, Pakistan and many others. (40) Indeed, the excesses of these ECHELON-like operations are rumored to be similar in form to their American equivalents, including digging up information for private companies to give them a commercial advantage.

    However, it is also known that ECHELON system is the largest of its kind. What is more, its considerable powers are enhanced through the efforts of America’s allies, including the United Kingdom, Canada, Australia, and New Zealand. Other countries don’t have the resources to engage in the massive garnering of information that the United States is carrying out.

    Notes

    1. Development of Surveillance Technology and Risk of Abuse of Economic Information (An appraisal of technologies for political control), Part 4/4: The state of the art in Communications Intelligence (COMINT) of automated processing for intelligence purposes of intercepted broadband multi-language leased or common carrier systems, and its applicability to COMINT targeting and selection, including speech recognition, Ch. 1, para. 5, PE 168.184 / Part 4/4 (April 1999). See Duncan Campbell, Interception Capabilities 2000 (April 1999) (http://www.iptvreports.mcmail.com/stoa_cover.htm).

    2. Kevin Poulsen, Echelon Revealed, ZDTV (June 9, 1999).

    3. Greg Lindsay, The Government Is Reading Your E-Mail, TIME DIGITAL DAILY (June 24, 1999).

    4. PE 168.184 / Part 4/4, supra note 1, Ch. 2, para. 32-34, 45-46.

    5. Id. Ch. 2, para. 42.

    6. Id. Ch. 2, para. 60.

    7. Id. Ch. 2, para. 50.

    8. Id. Ch. 2, para. 62-63.

    9. An Appraisal of Technologies for Political Control, at 20, PE 166.499 (January 6, 1998). See Steve Wright, An Appraisal of Technologies for Political Control (January 6, 1998) (http://cryptome.org/stoa-atpc.htm).

    10.Letter from Martin Brady, Director, Defence Signals Directorate, to Ross Coulhart, Reporter, Nine Network Australia 2 (Mar. 16, 1999) (on file with the author); see also Calls for inquiry into spy bases, ONE NEWS New Zealand (Dec. 28, 1999).

    11. Duncan Campbell, Somebody’s listening, NEW STATESMAN, 12 August 1988, Cover, pages 10-12. See Duncan Campbell, ECHELON: NSA’s Global Electronic Interception, (last visited October 12, 1999) (http://jya.com/echelon-dc.htm).

    12. PE 166.499, supra note 9, at 19-20.

    13. PE 168.184 / Part 4/4, supra note 1.

    14. David Ruppe, Snooping on Friends?, ABCNews.com (US) (Feb. 25, 2000) (http://abcnews.go.com/sections/world/dailynews/echelon000224.html).

    15. R. James Woolsey, Why We Spy on Our Allies, WALL ST. J., March 17, 2000. See also CRYPTOME, Ex-CIA Head: Why We Spy on Our Allies (last visited April 11, 2000) (http://cryptome.org/echelon-cia2.htm).

    16. Letter from Duncan Campbell to the Wall Street Journal (March 20, 2000) (on file with the author). See also Kevin Poulsen, Echelon Reporter answers Ex-CIA Chief, SecurityFocus.com (March 23, 2000) (http://www.securityfocus.com/news/6).

    17. Duncan Campbell, Flaw in Human Rights Uncovered, HEISE TELEPOLIS, April 8, 2000. See also HEISE ONLINE, Flaw in Human Rights Uncovered (April 8, 2000) (http://www.heise.de/tp/english/inhalt/co/6724/1.html).

    18.Angus Roxburgh, EU investigators ‘snubbed’ in US, BBC News, May 11, 2001 (http://news.bbc.co.uk/hi/english/world/europe/newsid_1325000/1325186.stm).

    19.Report on the existence of a global system for intercepting private and commercial communications (ECHELON interception system), PE 305.391 (July 11, 2001) (available in PDF or Word format at http://www2.europarl.eu.int).

    20. Id.; see also E-mail users warned over spy network, BBC News, May 29, 2001 (http://news.bbc.co.uk/hi/english/world/europe/newsid_1357000/1357264.stm).

    21. Steve Kettman, Echelon Furor Ends in a Whimper, Wired News, July 3, 2001 (http://www.wired.com/news/print/0,1294,44984,00.html).

    22. European Parliament resolution on the existence of a global system for the interception of private and commercial communications (ECHELON interception system) (2001/2098(INI)), A5-0264/2001, PE 305.391/DEF (Sept. 5, 2001) (available at http://www3.europarl.eu.int); Christiane Schulzki-Haddouti, Europa-Parlament verabsciedet Echelon-Bericht, Heise Telepolis, Sept. 5, 2001 (available at http://www.heise.de/tp/); Steve Kettman, Echelon Panel Calls It a Day, Wired News, June 21, 2001 (http://www.wired.com/news/print/0,1294,44721,00.html).

    23. European Commission member Erkki Liikanen, Speech regarding European Parliament motion for a resolution on the Echelon interception system (Sept. 5, 2001) (transcript available at http://europa.eu.int).

    24. Jelle van Buuren, Dutch Government Says Echelon Exists, Heise Telepolis, Jan. 20, 2001 (available at http://www.heise.de/tp/).

    25. Jelle van Buuren, Hearing On Echelon In Dutch Parliament, Heise Telepolis, Jan. 23, 2001 (available at http://www.heise.de/tp/).

    26. Nicholas Rufford, Spy Station F83, SUNDAY TIMES (London), May 31, 1998. See Nicholas Rufford, Spy Station F83 (May 31, 1998) (http://www.sunday-times.co.uk/news/pages/sti/98/05/31/stifocnws01003.html?999).

    27. H. Rep. No. 106-130 (1999). See Intelligence Authorization Act for Fiscal Year 2000, Additional Views of Chairman Porter J. Goss (http://www.echelonwatch.org/goss.htm).

    28. Intelligence Authorization Act for Fiscal Year 2000, Pub. L. 106-120, Section 309, 113 Stat. 1605, 1613 (1999). See H.R. 1555 Intelligence Authorization Act for Fiscal Year 2000 (Enrolled Bill (Sent to President)) http://www.echelonwatch.org/hr1555c.htm).

    29. UNITED STATES NATIONAL SECURITY AGENCY, LEGAL STANDARDS FOR THE INTELLIGENCE COMMUNITY IN CONDUCTING ELECTRONIC SURVEILLANCE (2000) (http://www.fas.org/irp/nsa/standards.html).

    30. House Committee to Hold Privacy Hearings, (August 16, 1999) (http://www.house.gov/barr/p_081699.html).

    31. ELECTRONIC PRIVACY INFORMATION CENTER, PRESS RELEASE: LAWSUIT SEEKS MEMOS ON SURVEILLANCE OF AMERICANS; EPIC LAUNCHES STUDY OF NSA INTERCEPTION ACTIVITIES (1999). See also Electronic Privacy Information Center, EPIC Sues for NSA Surveillance Memos (last visited December 17, 1999) (http://www.epic.org/open_gov/foia/nsa_suit_12_99.html).

    32. Ross Coulhart, Echelon System: FAQs and website links, (May 23, 1999).

    33. Isambard Wilkinson, US wins Spain’s favour with offer to share spy network material, Sydney Morning Herald, June 18, 2001 (http://www.smh.com.au/news/0106/18/text/world11.html).

    34. PE 168.184 / Part 4/4, supra note 1, Ch. 5, para. 101-103.

    35. PE 166.499, supra note 9, at 20.

    36. Id.

    37. PE 168.184 / Part 4/4, supra note 1, Ch. 5, para. 101-102; Brian Dooks, EU vice-president to claim US site spies on European business, YORKSHIRE POST, Jan. 30, 2002 (available at http://yorkshirepost.co.uk).

    38. Vernon Loeb, NSA Admits to Spying on Princess Diana, WASHINGTON POST, December 12, 1998, at A13. See Vernon Loeb, NSA Admits to Spying on Princess Diana, WASHINGTON POST, A13 (December 12, 1998) (http://www.washingtonpost.com/wp-srv/national/daily/dec98/diana12.htm).

    39. Ross Coulhart, Big Brother is listening, (May 23, 1999).

    40. PE 168.184 / Part 4/4, supra note 1, Ch. 1, para. 7.

    Find this story at 2000

    © ACLU

    24 February 2000: Link to Presentation and Analysis Volume 1/5, by Peggy Becker, October 1999. Volume 1 renumbers the reports below.

    20 August 1999
    Source: Hardcopy of 61 pages. Thanks to Sten Linnarsson.

    Find this story at 2000 part 1
    Find this story at 2000 part 2
    Find this story at 2000 part 3
    Find this story at 2000 part 4
    Campbell’s report: http://cryptome.org/jya/ic2000.zip (981KB)
    http://www.fas.org/irp/program/process/docs/98-14-01-2en.pdf

    This is part 1 of 4 of “Development of Surveillance Technology and Risk of Abuse of Economic Information (an appraisal of technologies of political control).”

    Part 2: “The legality of the interception of electronic communications: A concise survey of the principal legal issues and instruments under international, European and national law,” by Prof. Chris Elliott: http://cryptome.org/dst-2.htm

    Part 3: “Encryption and cryptosystems in electronic surveillance: a survey of the technology assessment issues,” by Dr. Franck Leprévost: http://cryptome.org/dst-3.htm

    Part 4: “The state of the art in Communications Intelligence (COMINT) of automated processing for intelligence purposes of intercepted broadband multi-language leased or common carrier systems, and its applicability to COMINT targeting and selection, including speech recognition,” by Duncan Campbell: http://www.iptvreports.mcmail.com/stoa_cover.htm [dead]

    Campbell’s report: http://cryptome.org/jya/ic2000.zip (981KB)

    EUROPEAN PARLIAMENT

    SCIENTIFIC AND TECHNOLOGICAL OPTIONS ASSESSMENT
    STOA
    DEVELOPMENT OF SURVEILLANCE
    TECHNOLOGY AND RISK OF ABUSE
    OF ECONOMIC INFORMATION
    (An appraisal of technologies of political control)

    Part 1/4

    The perception of economic risks arising from the potential vulnerability
    of electronic commercial media to interception

    Survey of opinions of experts
    Interim Study

    Working document for the STOA Panel

    Luxembourg, May 1999 PE 168.184/Int.St./part 1/4
    Directorate General for Research

    Cataloguing data:

    Title:

    Part 1/4 of:
    DEVELOPMENT OF SURVEILLANCE TECHNOLOGY AND
    RISK OF ABUSE OF ECONOMIC INFORMATION
    (An appraisal of technologies of political control)

    Workplan Ref.: EP/IV/B/STOA/98/1401

    Publisher: European Parliament
    Directorate General for Research
    Directorate A
    The STOA Programme

    Author: Mr Nikos BOGONIKOLOS – ZEUS E.E.I.G.

    Editor: Mr Dick HOLDSWORTH, Head of STOA Unit

    Date: May 1999

    PE number: PE 168. 184/Int.St./1/4

    This document is a working Document for the ‘STOA Panel’. It is not an official publication of STOA.

    This document does not necessarily represent the views of the European Parliament.

    CONTENTS
    PART A: OPTIONS
    Introduction
    General overview of the outcome of the survey (interim stage)
    Views on privacy collected from the survey
    General privacy issue
    The market for privacy
    The role of industry
    The need for European legislation

    Options for action on surveillance and privacy
    PART B: ARGUMENTS AND EVIDENCE
    General
    Examples of Abuse of Economic Information
    PART C: TECHNICAL FILE
    1. INTRODUCTION
    Surveillance and Privacy
    Dataveillance Techniques
    Risks Inherent in Data Surveillance
    Controls

    2. SURVEILLANCE: TOOLS AND TECHNIQUES – Current technologies
    1. Visual Surveillance
    2. Audio Surveillance
    3. Phone Tapping and Encryption
    4. Voice and Word Pattern Recognition
    5. Proximity Smart Cards
    6. Transmitter Location
    7. E-mail at Workplace
    8. Electronic Databases
    9. The Internet

    3. THE USE OF SURVEILLANCE TECHNOLOGY SYSTEMS FOR THE TRANSMISSION AND COLLECTION OF ECONOMIC INFORMATION
    3.1 CALEA System
    3.2 ECHELON Connection
    3.3 Inhabitant identification Schemes

    4. THE NATURE OF ECONOMIC INFORMATION SELECTED BY SURVEILLANCE TECHNOLOGY SYSTEMS
    A. From telecommunication systems
    B. From new information technologies (Internet)
    C. Some examples of data collection on the Internet

    5. PROTECTION FROM ELECTRONIC SURVEILLANCE
    A. Encryption (Cryptography)
    Private sector initiatives

    B. Key – recovery
    Encryption and the global information infrastructure
    Key-Recovery: Requirements and proposals

    6. SURVEILLANCE TECHNOLOGY SYSTEMS IN LEGAL AND REGULATORY CONTEXT
    A. Privacy regulation
    Multinational data protection measures
    Data protection directive in Europe
    Privacy regulation in the United States

    B. Protection of Privacy in the telecommunications sector

    C. Cryptography
    Cryptography policy in USA
    Cryptography policy guidelines from OECD
    E. U. cryptography policy
    Other national and international activities related to cryptography policy

    D. Key recovery

    E. European Initiatives
    DLM-FORUM- Electronic Records
    Promoting Safe Use of Internet
    REFERENCES

    PART A: OPTIONS

    Introduction

    The present study, ‘Development of surveillance technology and risk of abuse of economic information’ presents the interim results from a survey of the opinions of experts, together with additional research and analytical material by the authors. It has been conducted by ZEUS E.E.I.G. as part of a technology assessment project on this theme initiated by STOA in 1998 at the request of the Committee on Civil Liberties and Internal Affairs of the European Parliament. This STOA project is a follow-up to an earlier one entitled: “An appraisal of technologies of political control” conducted for the same Committee. The earlier project resulted in an Interim Study (PE 166.499) written by OMEGA Foundation, Manchester, and published by STOA on January 1998 and later updated (September 1998).

    In the earlier study it was reported that within Europe all fax, e-mail and telephone messages are routinely intercepted by means of what is called the ECHELON global surveillance system. The monitoring was said to be “routine and indiscriminate”. The ECHELON system formed part of the UKUSA system, but unlike many of the electronic spy systems developed during the cold war, ECHELON was said to be designed for primarily non-military targets: governments, organisations and businesses in virtually every country.

    In the present study the authors were requested to investigate the use of surveillance technology systems, for the collection and possible abuse of sensitive economic information.

    The principal method selected was a procedure of data collection and processing based on a modified DELPHI method (to be referred to here as “the survey”). Under this method, a list of potential sources of data was prepared. These were some 49 experts from universities, industrial and commercial undertakings in the informations and telecommunications technology sector, as well as a smaller number of persons in international or governmental organisations. The experts were drawn from 11 Member States of the European Union, plus Cyprus, Norway and Switzerland.

    The next step was the collection of the data. This was mostly achieved by direct interviews of the experts, with the use of a questionnaire. The views (data) were processed and a convergence examination performed. The convergence procedure was based on a recursive approach for the exclusion of the non-reliable data. The last step was the drawing of the analytical results.

    General overview of the outcome of the survey

    The predominant view among the experts was that since nowadays almost all economic information is exchanged through electronic means (telephone, fax, e-mail), and, in addition, all digital telecommunication devices and switches have enhanced wiretapping capabilities, for these reasons they suggested that we must focus on the protection of the data when transmitted (using encryption products), on the use of government-approved encryption products and on the adoption of common standards concerning encryption and key-recovery products. The position could be summed up in the statement that ‘since it is difficult to prove that economic information has been captured by ECHELON system and passed on by the NSA, we have to consider privacy protection in a global international networked society’.

    In summary, therefore, we see that two perceptions of this question emerge: (1) a concern about the possible threat to privacy and economic and civil rights potentially posed by global clandestine electronic surveillance systems operated by large and powerful secret government agencies, and (2) anxiety about the problems of commercial and personal privacy which arise now that so much commercial and other communications traffic is conducted over the Internet. Managers of businesses engaged in electronic commerce may perhaps be concerned about global clandestine surveillance systems: what is certain is that they are worried in a more familiar way about threats to commercial security posed by the nature of the new electronic business media and their possible vulnerability to interception by competitors and fraudsters.

    Reflecting the feedback from the survey, the present study tends to reflect Perception 2, whereas the earlier one of 1998 tended to reflect Perception 1.

    Advances in information and communication technologies have fostered the development of complex national and international networks which enable thousands of geographically dispersed users to distribute, transmit, gather and exchange all kinds of data. Transborder electronic exchanges — private, professional, industrial and commercial — have proliferated on a global scale and are bound to intensify among businesses and between businesses and consumers, as electronic commerce develops.

    At the same time developments in digital computing have increased the capacity for accessing, gathering, recording, processing, sorting, comparing and linking alphanumeric, voice and image data. This substantial growth in international networks and the increase in economic data processing have arisen the need at securing privacy protection in transborder data flows.

    Today, it is not necessary to define new principles for the protection of data (and privacy) in an expanding global electronic environment. It is necessary to define the appropriate means of putting the established principles into practice, particularly on the information and communication networks.

    An active education strategy may be one of the ways to help achieve on-line and privacy protection and to give all actors the opportunities to understand their common interests.

    Common technological solutions can assist in implementing privacy and data protection guidelines in global information networks. The general optimism about technological solutions, the pressure to collect economic information and the need for political and social policy decisions to ensure privacy must be considered.

    The growth in international networks and the increase in economic data processing have arisen the need at securing privacy protection in transborder data flows and especially the use of contractual solutions. Global E-Commerce has changed the nature of retailing. There were great cultural and legal differences between countries affecting attitudes to the use of sensitive data (economic or personal) and the issue of applicable law in global transaction had tope resolved. Contracts might bridge the gab between those with legislation and the others.

    Since Internet symbolised global commerce, faced with a rapid expansion in the numbers of transactions, there is a need to define a stable lasting framework for business. Internet is changing profound the markets and adjusting new contracts. To that reality is a complex problem.

    Views on privacy collected from the survey

    In this section the experts’ views on the various privacy issues are reported. The information was mostly collected by direct interviews of the experts, based on a predefined questionnaire.

    General privacy issues

    Privacy can be a contentious subject because it means different things to different people. The definition given is: “Privacy is the claim of individuals, groups, or institutions to determine for themselves how, when and to what extent information about them is communicated to others”
    A clear problem expressed is that in an electronic environment, it becomes hard to differentiate between a private and public place and therefore what should be protected and what should not.
    It was argued that is unreasonable for the society to subsidise the cost of individuals to maintain their privacy, pointing out that most people will choose utility over security (and consequently privacy)
    It was suggested that privacy in many ways sacrifices other goods (time, effort and energy among them) in order to obtain it.
    Three basic tools necessary for privacy protection were outlined: notice (to the data supplier), consent (to the consumer), and accountability.
    Although accountability may be essential to ensuring privacy, it unfortunately conflicts with the anonymity, privacy implies. For any commerce to take place on the Internet, therefore, some level of anonymity and therefore privacy must be sacrificed. The question to be answered is ” how much and who will decide”.

    The market for privacy

    When the European Commission adopted the privacy directive (95/46/EC), it stated that privacy protection is a central precondition to consumers’ acceptance of electronic commerce. Accordingly, a critical issue experts argued, was whether there was a “market failure’ in the electronic environment that required some sort of government intervention to ensure data privacy.
    Some experts responded that data privacy is not purely a public good, and so at some point someone will have a market incentive to protect it. Some corporations that have tried to market their strong privacy protection have yet to see any results and have concluded that: “privacy doesn’t sell”. Other industries have marketed privacy successfully (such as the cellular telephone industry) which could mean that the public demands for privacy are forthcoming and will eventually be profitable.
    They feel that a question to be answered is: Who governs the responsibility of the information collector, or does society have to impose a sense of responsibility?”

    The role of industry

    Most experts expressed the view that the information industry should be primarily self-regulated: the industry is changing too rapidly for government legislative solutions, and most corporations are not simply looking at National or European but at global markets, which national governments cannot regulate.
    Indeed several experts expressed the fear that any European attempt to allow USA to oversee (via global surveillance systems) data would lead to abuses by the government or other competitive companies.
    They noted that many companies (such as Citibank) already inform consumers and clients that, unless told otherwise, they will disclose information to their affiliates. They suggested that a simple seal on the home page of a Web site, declaring that a company adheres to certain industry privacy standards might cease the fears of the public and offer some level of accountability.
    Alternatively, they suggested that the media could act as an effective watchdog, informing consumers and companies of what information is being collected about them and how that information is being used.
    They also noted that multinational companies could better negotiate for themselves across national boundaries than governments can. Electronic commerce is unlikely to gain popularity until the issues of notice, consent and recourse have been resolved. The market will force companies wishing to participate in this medium to address and solve these concerns.

    The need for European legislation

    Experts took the view that the European Parliament must now ask how, in a world of the Internet, one reconciles the objectives of protecting both: privacy and free flow of information.
    In recent years there have been disclosures that unauthorised individuals have examined financial information from the Internal Revenue Service in USA. Several experts pointed to the flap over the decision by the Social Security Administration in USA to provide companies account information on-line. Each of these examples suggests that protecting data privacy may be a great challenge for the European Parliament.
    Experts agreed that the European Parliament should play a role in creating a standard for disclosure. Several experts went further and argued the need of a privacy agency within the European Union to act as an ombudsman and to represent privacy interests, so that in debates between European Union and USA there is someone whose responsibility would be to protect privacy.
    Whatever several experts believe the appropriate role for national governments to be in ensuring privacy in an electronic environment, some “private regulation” is already occurring on the Internet by the computer engines, who write code and decide computer standards. In fact experts suggested that when encryption software becomes ubiquitous it will push Internet commerce because it allows for potentially anonymous transactions, which will solve privacy issues by default.
    It was pointed out that a group of high-tech companies in co-operation with standardisation organisations should agree on a web-based standard that would allow companies and consumers to interact with data collectors and inform them of what information they would be comfortable having disclosed to other parties.

    Options for action on surveillance and privacy

    The policy options for consideration by the committee on Civil Liberties and Internal Affairs of the European Parliament which emerged from the survey are:

    Authorities in the EU and Member States should:

    engage in a dialogue involving the private sector and individual users of networks in order to learn about their needs for implementing the privacy guidelines in the global network;

    undertake an examination of private sector technical initiatives;

    encourage the development of applications within global networks, of technological solutions that implement the privacy principles and uphold the right of users, businesses and consumers for protection of their privacy in the electronic environment.
    Drafting methods for enforcing codes of conduct and privacy statements ranging from standardisation, labelling and certification in the global environment through third-party audit to formal enforcement by a regulatory body.
    Definitions of the transactions which must remain anonymous, and technical capabilities for providing anonymity need to be specified.
    Enforcement for the adoption of adequate standards (cryptography and key encryption) from all E.U. member states. Multilateral agreements with other countries could then be negotiated.
    Drafting of common guidelines of credit information use (in each member state of the E.U. different restriction policies exist). It must be dear how those restrictions could apply to a globally operating credit reference agency.
    Drafting of common specifications for cryptography systems and government access key recovery systems, which must be compatible with large scale, economical, secure cryptographic systems.
    Enforcement for the adoption of special authorisation schemes for Information Society Services and supervision of their activities by National Authorisation Bodies.
    Drafting of a common responsibilities framework for on-line service providers, who transmit and store third party information. This could be drafted and supervised by National PTTs.
    The European Parliament should examine critically proposals from the US for the elimination of cryptography and the adoption of encryption controls supervised by US Agencies.
    Annual statistics and reporting on abuse of economic information by any means must be reported to the Parliament of each member state of the E.U.
    Measures for encouraging the formal education systems of each member state of the E.U. or the appropriate European Training Institute/Organisation to take up the general task of educating users in the technology and their rights.

    PART B: ARGUMENTS AND EVIDENCE

    General

    Nowadays almost all economic information is exchanged through electronic means (telephone, fax, e-mail). In addition, all digital telecommunication devices and switches have enhanced wiretapping capabilities. As a conclusion we have to consider privacy protection in a global international networked society. And when we speak about electronic protection and privacy in the exchange of economic information, we actually speak for electronic commerce over the Internet.

    The information society promises economic and social benefits for all: citizens, companies and governments. Advances in information and communication technologies have fostered the proliferation of private, professional, industrial and commercial transborder electronic exchanges on a global scale which are bound to intensify among businesses and between businesses and consumers as electronic commerce develops. New methods for processing the vast accumulation of data -such as data mining techniques- make it possible, on the basis of demographic data, credit information, details of on-line transactions etc, to identify new kinds of purchasing patterns or unusual relationships.

    Indeed, compliance with rules governing the protection of privacy and personal data is crucial to establishing confidence in electronic transactions, and particularly in Europe, which has traditionally been heavily regulated in this area. The development of the global information society makes the convergence of government policies, the transparency of rules and regulations and their effective implementation on economic and social life. In particular, in the context of electronic commerce, the development of on-line commercial activities hinges to a large extent, not only on the faith consumers have in business in terms of guaranteed product delivery or security payment systems, but also on the confidence that users and consumers will have in the ways that businesses handle their personal data.

    To operate with confidence on the global networks, most consumers need assurance that their on-line activities and electronic transactions will not be collected or used without their knowledge or made available to parties other than their initial correspondents. Neither linked to other data about them in order to compile behavioural profiles without their consent.

    The importance of information and communication systems for society and the global economy is intensifying with the increasing value and quantity of data that is transmitted and stored on those systems. At the same time those systems and data are also increasingly vulnerable to a variety of threats such as unauthorised access and use, misappropriation, alteration and destruction. Proliferation of computers, increased computing power, interconnectivity, decentralisation, growth of networks and the number of users, as well as the convergence of information and communication technologies, while enhancing the utility of these systems, also increase system invulnerability.

    Cryptography is an important component of secure information and communication systems and a variety of application have been developed that incorporate cryptographic methods to provide data security.

    Although there are legitimate governmental, commercial and individual needs and uses for cryptography, it may also be used by individuals or entities for illegal activities, which can affect public safety, national security, the enforcement of laws, business interests, consumers interests or privacy. Governments together with industry and the general public, are challenged to develop balanced policies to address these issues.

    Cryptography uses an algorithm to transform data in order to render it unintelligible to anyone who does not possess certain secret information (the cryptographic “key”), necessary for decryption of the data. Within the new concept of cryptography, rather than sharing one secret key, the new design uses two mathematically related keys for each communication party: a “public key” that is disclosed to the public and a corresponding “private key”, that is kept secret. A message that is encrypted with a public key can only be decrypted by the corresponding private key.

    An important application for public key cryptography is “digital signature”, which can be used to verify the integrity of data or the authenticity of the sender of data. In this case, the private key is used to “sign” a message, while the corresponding public key is used to verify a “signed” message.

    Public key cryptography plays an important role in developing information infrastructure. Much of the interest in information and communication networks and technologies centres on their potential to accommodate electronic commerce; however open networks such as the Internet present significant challenges for making enforceable electronic contracts and secure payments.

    Since Electronic Commerce on one hand is one of the key strategies of the European Union and the privacy protection on the other hand, one of its main principles, E.U. in 1998 released three “key” working documents:

    Proposal for a European Parliament and Council Directive on certain legal aspects of Electronic Commerce in the internal market [ COM(1998) 586 final].
    Proposal for a European Parliament and Council directive on a common framework for electronic signatures [COM (1998)297 final].
    Ensuring security and trust in electronic communication: “Towards a European framework for digital signatures and Encryption” [COM(1997) 503 final].

    Increasing the number of people with authorised access to the critical infrastructure and to business data, will increase the likelihood of attack, whether through technical means, by exploitation of mistakes or through corruption. Further “key-recovery” requirements to the extent that they made encryption can have the effect of discouraging or delaying the deployment of cryptography in increasingly vulnerable computing and communication networks.

    As the Internet and other communications systems reach further into everyday lives, national security, law enforcement and individual privacy have become perilously intertwined. Governments want to restrict the free flow of information; software producers are seeking ways to ensure consumers are not bugged from the very moment of purchase. The US is behind a world-wide effort to limit individual privacy and enhance the capability of its intelligence services to eavesdrop on personal conversations. The campaign has had two legal strategies: the first made it mandatory for all digital telephone switches, cellular and satellite phones and all developing communication technologies to build in surveillance capabilities; the second sought to limit the dissemination of software that contains encryption, a technique which allows people to scramble their communications and files to prevent others from reading them. The first effort to heighten surveillance opportunities was to force telecommunications companies to use equipment designed to include enhanced wiretapping capabilities. The end goal was to ensure that the US and its allied intelligence services could easily eavesdrop on telephone networks anywhere in the world. In the late 1980s, in a programme known internally as ‘Operation Root Canal’, US law enforcement officials demanded that telephone companies alta their equipment to facilitate the interception of messages. The companies refused but, after several years of lobbying, Congress enacted the Communications Assistance for Law Enforcement Act (CALEA) in 1994.

    CALEA requires that terrestrial carriers, cellular phone services and other entities ensure that all their ‘ equipment, facilities or services’ are capable of expeditiously. . . enabling the government…to intercept… all wire and oral communications carried by the carrier…concurrently with their transmission.’ Communications must be interceptable in such a form that they could be transmitted to a remote government facility.

    Manufacturers must work with industry and law enforcement officials to ensure that their equipment meets federal standards. A court can fine a company US$10,000 per day for each product that does not comply.

    The passage of CALEA has been controversial but its provisions have yet to be enforced due to FBI efforts to include even more rigorous regulations under the law. These include the requirement that cellular phones allow for location-tracking on demand and that telephone companies provide capacity for up to 50,000 simultaneous wiretaps.

    While the FBI lobbied Congress and pressured US companies into accepting a tougher CALEA, it also leaned on US allies to adopt it as an international standard. In 1991, the FBI held a series of secret meetings with EU member states to persuade them to incorporate CALEA into European law. The plan, according to an EU report, was to ‘call for the Western World (EU, US and allies) to agree to norms and procedures and then sell their products to Third World countries. Even if they do not agree to interception orders, they will find their telecommunications monitored by the UK-USA signals intelligence network the minute they use the equipment.’ The FBI’s efforts resulted in an EU Council of Ministers resolution that was quietly adopted in January 1995, but not publicly released until 20 months later. The resolution’s text is almost word for word identical to the FBI’s demands at home. The US government is now pressuring the International Telecommunications Union (ITU) to adopt the standards globally.

    The second part of the strategy was to ensure that intelligence and police agencies could understand every communication they intercepted. They attempted to impede the development of cryptography and other security measures, fearing that these technologies would reduce their ability to monitor the emissions of foreign governments and to investigate crime.

    These latter efforts have not been successful. A survey by the Global Internet Liberty Campaign (GILC) found that most countries have either rejected domestic controls or not addressed the issue at all. The GILC found that ‘many countries, large and small, industrialised and developing, seem to be ambivalent about the need to control encryption technologies’.

    The FBI and the National Security Agency (NSA) have instigated efforts to restrict the availability of encryption world-wide. In the early 1970s, the NSA’s pretext was that encryption technology was ‘born classified’ and, therefore, its dissemination fell into the same category as the diffusion of A-bomb materials. The debate went underground until 1993 when the US launched the Clipper Chip, an encryption device designed for inclusion in consumer products. The Clipper Chip offered the required privacy, but the government would retain a ‘pass-key’ – anything encrypted with the chip could be read by government agencies.

    Behind the scenes, law enforcement and intelligence agencies were pushing hard for a ban on other forms of encryption. In a February 1993 document, obtained by the Electronic Privacy Information Center (EPIC), they recommended ‘Technical solutions, such as they are, will only work if they are incorporated into all encryption products’.

    To ensure that this occurs, legislation mandating the use of government-approved encryption products, or adherence to government encryption criteria, is required.’ The Clipper Chip was widely criticised by industry, public interest groups, scientific societies and the public and, though it was officially adopted, only a few were ever sold or used.

    From 1994 onwards, Washington began to woo private companies to develop an encryption system that would provide access to keys by government agencies. Under the proposals – variously known as ‘key escrow’, ‘key recovery’ or ’trusted third parties’ – the keys would be held by a corporation, not a government agency, and would be designed by the private sector, not the NSA. The systems, however, still entailed the assumption of guaranteed access to the intelligence community and so proved as controversial as the Clipper Chip. The government used export incentives to encourage companies to adopt key escrow products: they could export stronger encryption, but only if they ensured that intelligence agencies had access to the keys.

    Under US law, computer software and hardware cannot be exported if it contains encryption that the NSA cannot break. The regulations stymie the availability of encryption in the USA because companies are reluctant to develop two separate product lines — one, with strong encryption, for domestic use and another, with weak encryption, for the international market. Several cases are pending in the US courts on the constitutionality of export controls; a federal court recently ruled that they violate free speech rights under the First Amendment.
    (… The NSA is one of the shadowiest of the US intelligence agencies. Until a few years ago, it existence was a secret and its charter and any mention of its duties are still classified. However, it does have a Web site (www.nsa.gov:8080) in which it describes itself as being responsible for the signals intelligence and communications security activities of the US government. One of its bases, Menwith Hill, was to become the biggest spy station in the world. Its ears — known as radomes — are capable of listening in to vast chunks of the communications spectrum throughout Europe and the old Soviet Union

    In its first decade the base sucked data from cables and microwave links running through a nearby Post Office tower, but the communications revolutions of the Seventies and Eighties gave the base a capability that even its architects could scarcely have been able to imagine. With the creation of Intelsat and digital telecommunications, Menwith and other stations developed the capability to eavesdrop on an extensive scale on fax, telex and voice messages. Then, with the development of the Internet, electronic mail and electronic commerce, the listening posts were able to increase their monitoring capability to eavesdrop on an unprecedented spectrum of personal and business communications.

    This activity has been all but ignored by the UK Parliament. When Labour MPs raised questions about the activities of the NSA, the Government invoked secrecy rules. It has been the same for 40years…. )

    (Simon Davis report: http://www.telegraph.co.uk)

    The FBI has not let up on efforts to ban products on which it cannot eavesdrop. In mid-1997, it introduced legislation to mandate that key-recovery systems be built into all computer systems. The amendment was adopted by several congressional Committees but the Senate preferred a weaker variant. A concerted campaign by computer, telephone and privacy groups finally stopped the proposal; it now appears that no legislation will be enacted in the current Congress.

    While the key escrow approach was being pushed in the USA, Washington had approached foreign organisations and states. The linchpin for the campaign was David Aaron, US ambassador to the Organisation for Economic Co-operation and Development (OECD), who visited dozens of countries in what one analyst derided as a programme of ‘laundering failed US policy through international bodies to give it greater acceptance’.

    Led by Germany and the Scandinavians, the EU has been generally distrustful of key escrow technology. In October 1997, the European Commission released a report which advised: ‘Restricting the use of encryption could well prevent law-abiding companies and citizens from protecting themselves against criminal attacks. It would not, however, totally prevent criminals from using these technologies.’ The report noted that ‘privacy considerations suggest limit the use of cryptography as a means to ensure data security and confidentiality’.

    Some European countries have or are contemplating independent restrictions. France had a longstanding ban on the use of any cryptography to which the government does not have access. However, a 1996 law, modified the existing system, allowing a system of “tiers du confidence”, although it has not been implemented, because of EU opposition. In 1997, the Conservative government in the UK introduced a proposal creating a system of trusted third parties.

    It was severely criticised at the time and by the new Labour government, which has not yet acted upon its predecessor’s recommendations. The debate over encryption and the conflicting demands of security and privacy are bound to continue. The commercial future of the Internet depends on a universally-accepted and foolproof method of on-line identification; as of now, the only means of providing it is through strong encryption. That put the US government and some of the world’s largest corporations, notably Microsoft, on a collision course. (Report of David Banisar, Deputy director of Privacy International and Simon Davies, Director General of Privacy International).

    The issue of encryption divides the member states of the European Union. Last October the European Commission published a report entitled: “Ensuring security and Trust in Electronic Commerce”, which argued that the advantages of allowing law enforcement agencies access to encrypted messages are not clear and could cause considerable damage to the emerging electronic industry. It says that if citizens and companies “fear that their communications and transactions are being monitored with the help of key access or similar schemes unduly enlarging the general surveillance possibility of government agencies, they may prefer to remaining in the anonymous off-line world and electronic commerce will just not happen”.

    However, Mr Straw said in Birmingham (JHA Informal JHA Ministers) that: “It would not be in the public interest to allow the improper use of encryption by criminals to be totally immune from the attention of law enforcement agencies”. The UK, along with France (which already has a law obliging individuals to use “crackable” software) and the USA, is out on a limb in the EU. “The UK presidency has a particular view and they are one of the access hard-liners. They want access: “them and the French”, commented an encryption expert. They are particularly about “confidential services” which ensure that a message can only be read by the person for whom it is intended who has a “key” to access it. The Commission’s report proposes “monitoring” Member States laws’ on “confidential services” to ensure they do not contravene the rules of the single market.

    Examples of Abuse of Economic Information

    In the course of collecting the data for and preparing this Interim Study various examples were cited of abuse of privacy via global surveillance telecommunication systems. A number of them is given in [54]. For the final version of the study, we shall see whether the experts have further comments to make on these examples, or whether they have new examples to suggest.

    The consultation of experts in our survey so far yielded the following comments:

    Since Internet has come to play a significant role in global commerce, then (as in Examples 1, 2, 3 and 4 cited below) Internet also became a tool of misleading information and a platform for deceitful advertisement.
    On the positive side, Internet is a “golden highway” for those interested in the process of information.
    However, apart from global surveillance technology systems, additional tools have been developed for surveillance. The additional tool used for information transferred via Internet or via Digital Global telecommunication systems is the capture of data with Taiga software. Taiga software has the possibility to capture, process and analyse multilingual information in a very short period of time (I billion characters per second), using key-words.

    The examples given below are taken from the sources named:

    Example 1

    On January 15, 1990, the telephone network of AT&T company, in all the North-east part of USA faced serious difficulties. The network NuPrometheus had illegally owned and distributed the key-code of the operational system of AT&T Macintosh computer (Apple company).
    J.P. Barlow: “A not terribly brief history of the Electronic Frontier Foundation,” 8 November 1990

    Example 2

    On January 24, 1990, the Electronic Frontier Foundation (EFF) in USA, accused a huge police operation under the encoded name “Sun Devil”, in which 40 computers and 23,000 diskettes were seized from teenagers, in 15 towns within USA. Teenager Craig Neidorf supported by EFF, not to be punished in 60 years prison and 120,000 USD penalty. Craig Neidorf had published in Phrack (a hackers magazine) part of the internal files of a telephone company.
    M. Godwin: “The EFF and virtual communities,” 1991

    Example 3

    On June 25, 1998, in Absheim, an aircraft A-320 of the European Company “Airbus Industries” crashed during a demonstration flight. The accident was reportedly caused by dangerous manoeuvres. One person died and 20 were injured.

    Very soon afterwards, and before the announcement of the official report, in the aerospace and transport Internet newsgroups there appeared many hostile messages against the Airbus undertaking and against the French company Aerospatiale as well, with which Airbus had close cooperation. Messages declared that the accident was to be expected because European engineers are not so highly qualified as American engineers. It was also clearly stated, that in the future similar accidents were to be expected.

    Aerospatiale’s representatives took these hostile messages very seriously. They tried to discover the sources of messages and they finally realised that senders’ identification data, addresses and nodes were false. The source messages came from USA, from computers with misleading identification data and transferred from anonymous servers in Finland.
    B. Martnet and Y.M. Marti: “L’intelligence econimique. Les yeux et les oreilles de 1′ enterprise, Editions d’organisation”. Paris 1995

    Example 4

    In October 31, 1994, in USA, an accident occurred to an ATR aircraft (of the European Consortium Aeritalia and Aerospatiale). Owing to this accident, a ban on ATR flights for two months was imposed. This decision became catastrophic on a commercial level for the company, because ATR was obliged to carry out test flights in fog conditions.

    During this period, in Internet newsgroups (and especially in the AVSIG forum, supported by Compuserve), the exchange of messages was of vital significance. The messages supporting the European company were few, while the messages against ATR were many.

    At the beginning of January 1995, there appeared a message from a journalist in this forum asking the following: “I have heard that ATR flights will begin soon. Can anybody confirm this information?” The answer came very soon. Three days after, unexpectedly, permission to continue ATR flights was given. The company learned this, as soon as the permission announced. But if they had actively participated in the newsgroups, they would have gained some days to inform their offices and their clients.
    “Des langages pour analyser la poussiere d’ info”, Liberation, 9 June 1995

    Example 5

    The government of Brasil in 1994, announced its intention to assign an international contract (Amazonios). This procurement was of great interest since the total amount available for the contract was 1,4 billion USD. From Europe, the French companies Thomson and Alcatel expressed their interest and from USA, the huge weapon industry Raytheon. Although the offer of the French companies was technically excellent and allegedly better documented, the contract was eventually assigned to the USA company. It was reported in the press that this was achieved with a new offensive strategy used by USA. When the government of Brazil was about to assign the contract to the French companies, American Officials (allegedly with the personal involvement of President Bill Clinton) readjusted their offer, according to the offer of the European companies, and asserted that French companies influenced the committee, an accusation which was never proved. On the other hand, the European companies were reported to have indications that the intention of the government of Brazil to assign the contract to the European companies became known to Americans with the use of FBI’s surveillance technologies.
    “La nouvelle machine de querre americaine”, LeMonde du reseingnement no 158, 16 February 1995

    Example 6

    In January 1994 Edouard Balladur, French Prime Minister, went to Ryadh (Saudi Arabia), feeling certain to bring back a historic contract for more than 30 million francs in sale of weapons and, especially, Airbus. He returned disappointed. The contract went to the McDonnell-Douglas American company, rival of Airbus. The French were report to believe that this was at least in part due to electronic surveillance by the ECHELON system, which had given to the Americans the financial conditions and incentives authorised by Airbus.

    French press reports said the National Security Agency is the most secret and most significant of the thirteen secret agencies of the United States. It receives about a third of the appropriations allocated with clandestine intelligence: 8 of the 26,6 billion dollars (160 18 billion francs) registered appropriations in the 1997 budget. With its 20.000 employees in United States and some thousands of agents throughout the world, the NSA (which forms part of ministry for Defence since its creation in 1956) is more important than the CIA, even if the latter is better known to the public. Its site at Fort Meade contains, according to sources familiar with the place, the greatest concentration of data processing power and mathematicians in the world. They are employed to sort and analyse the flood of data acquired by ECHELON on the networks of international telecommunications.
    “Echelon est au service des interets americains”, Liberation, 21 April 1998

    PART C: TECHNICAL FILE
    1. INTRODUCTION

    Surveillance and Privacy

    Surveillance is the systematic investigation or monitoring of the actions or communications of one or more persons. It has traditionally been undertaken by physical means (e.g. prison guards on towers). In recent decades it has been enhanced through image amplification devices such as binoculars and high-resolution satellite cameras.

    The basic born [sic] physical surveillance comprises watching (visual surveillance) and listening (aural surveillance). Monitoring may be undertaken remotely in space, with the aid of image amplification devices like field glasses, infrared binoculars, light amplifiers and satellite cameras and sound amplification devices like directional microphones; and remotely in time with the aid of image and sound recording devices.

    Electronic devices have been developed to augment physical surveillance and offer new possibilities such as closed-circuit TV (CCTV), VCR, telephone bugging, Proximity cards, Electronic Database, etc.

    In addition to physical surveillance, several kinds of communications surveillance are practiced, including mail covers and telephone interception.

    The popular term electronic surveillance refers to both augmentations to physical surveillance (such as directional microphones and audio bugs) and to communication surveillance, particularly telephone taps.

    The recent years have seen the emergence and refinement of a new form of surveillance no longer of the real person, but of the person’s data shadow or digital persona. Data surveillance or Dataveillance is the systematic use of personal data systems in the investigation or monitoring of the actions or communications of one or more persons. Dataveillance is significantly lees expensive than physical and electronic surveillance, because it can be automated. As a result, the economic constraints on surveillance are diminished and more individuals and larger populations are capable of being monitored. Like surveillance, more generally, Dataveillance is of two kinds: “personal Dataveillance”, where a particular person has been previously identified as being of interest, “mass Dataveillance”, where a group or large population is monitored, in order to detect individuals of interest, and / or to deter people from stepping out of line.

    Surveillance technology systems are mechanisms, which can identify, monitor and track movements and data. During the last few decades since information technology has become immensely sophisticated real benefits have been achieved in the development of surveillance technology systems.

    On the other hand, negative impacts have been considerable:
    The application of IT to the surveillance of people through their data.

    IT technology may have substantial implications in privacy.

    People often think of privacy as some kind of right. Unfortunately, the concept of a “right” is a problematic way to start, became a right seems to be some kind of absolute standard. What’s worse, is very easy to get confused between legal rights on one hand and natural or moral rights on the other. It turns out to be much more useful to think about privacy as one kind of thing (among many kinds of things) that people like to have lots of.

    Privacy the interest that individuals have in sustaining a “personal space” free from interference by other people and organizations.

    To a deeper level privacy turns out not to be a single interest but rather has several dimensions:

    privacy of the person
    privacy of personal behavior
    privacy of personal communications
    privacy of personal data

    With the close coupling that has occurred between computing and communications, particularly since the 1980’s the last two aspects have become closely linked, and are commonly referred as information privacy.

    Information privacy is the interest an individual has in controlling, or at least significantly influencing the handling of data about themselves.

    The term ‘data privacy’ is sometimes used in the same way. ‘Data’ refers to inert numbers, where information implies the use of data by humans to extract meaning; hence ‘information privacy’ is arguably the more descriptive way of the two alternatives.

    ‘Confidentiality’ is an incidental and wholly inadequate substitute for proper information privacy, protection, where:
    ‘Confidentiality is the legal duty of individuals who come into the procession of information about others, especially in the course of particular kinds of relationships with them’.

    Dataveillance Techniques

    A variety of Dataveillnce techniques exists. Front-end verification (FEV), for example, comprises the checking of data supplied by an applicant (e.g. for a loan or government benefit) against data from a variety of additional sources, in order to identify discrepancies.

    FEV may be applied as a person dataveillance tool where responsible grounds exist for suspecting that the information the person has provided may be unreliable; where, on the other hand, it is applied to every applicant, mass dataveillance is being undertaken. Data matching is a facilitative mechanism of particular value in mass dataveillance. It involves trawling through large volumes of data collected for different purposes, searching for discrepancies and drawing influences from them.
    Personal dataveillance of previously identified individuals

    integration of data hitherto stored in various locations within a single organization
    screening or authentication of transactions against internal norms
    front-end verification of transactions that appear to be exceptional, against data relevant to the matter at hand. and sought from other databases or from third parties.
    front-end audit of individuals who appear to be exceptional against data related to other databases or from third parties.
    cross-system enforcement against individuals, where a third party reports that the individual has committed a transgression in his or her relationship with the third party.

    Mass dataveillance of groups of people.

    screening or authentication of all transactions, where or not they appear to be exceptional, against internal norms
    front-end verification of all transactions, whether or not they appear to be exceptional against data relevant to the matter at hand, as sought from other internal databases or from third parties.
    front-end audit of individuals, whether or not they appear to be exceptional against data relevant to the matter at hand, as sought from other internal databases or from third parties.
    single-factor file analysis of all data held or able to be acquired, whether or not they appear to be exceptional, variously involving transaction data compared against a norm, permanent data or other transaction data.
    profiling or multi-factor file analysis of all data held or able to acquire, whether or not they appear to be exceptional, variously involving singular profiling of data held at a point in time, or aggregative profiling of transaction trails over time.

    Facilitative mechanisms could be:

    computer data matching, in which personal data records relating to many people are compared in order to identify cases of interest
    data concentration, homely the combination of personal data interchange networks and hub systems.

    Risks inherent in Data Surveillance

    Data surveillance’s broader social impacts can be grouped as follows:
    In personal dataveillance

    low data quickly decisions [sic]
    lack of subject knowledge of, and consent to, data flows
    blacklisting
    denial of redemsion [sic]

    In mass surveillance
    a. Risks to the individuals:

    arbitrariness
    a contextual data merger
    complexity and incomprehensibility of data
    witch hunts
    ex-ante discrimination and guilt prediction
    selective advertising
    inversion of the onus of proof
    covert operations
    unknown accusations and accusers
    denial of due process

    b. Risks to society:

    prevailing climate of suspicion
    adversarial relationships
    focus of law enforcement on easily detectable and provable offences
    inequitable application of the law
    decreased respect for the law and low enforcers
    reduction in the meaningfulness of individual actions
    reduction in self-reliance and self-determination
    stultification of originality
    increased tendency to opt out of the official level of society
    weakening of society’s moral fibre and cohesion
    destabilization of the strategic balance of
    power repressive potential for the totalitarian government.

    By way of example, individuals can suffer as a result of misunderstandings about the meaning of data on the file, or because the file contains erroneous data, which the individual does not understand and against which he / she has little or not chance of arguing without the help of a specialized lawyer.

    Such seemingly small, but potentially very frustrating and infuriating personal problems can escalate into widespread distrust by people of government agencies and the legal system as a whole

    Of course, many of the risks referred are diffuse. On the other hand, there is a critical economic difference between conventional forms of surveillance and Dataveillance.

    Physical surveillance is expensive because it requires the application of considerable resources. Although (with few exceptions), this expense has been sufficient to restrict the use of surveillance. Admittedly the selection criteria used by the surveillance agencies have not always accorded with what the citizenry might have preferred, but at least its extent was limited. The effect was that in most countries the abuses affected particular individuals who had attracted the attention of the state, but were not so pervasive that artistic and potential freedoms were widely constrained.

    Dataveillance changes all that. Dataveillance is relatively very cheap and getting cheaper all the time, thanks to progress in information technology. The economic limitations are overcome and the digital persona can be monitored with thoroughness and frequency and surveillance extended to whole populations. Nowadays, a number of particular populations have attracted the bulk of the attention, because the state already processed substantial data – holdings about them. There are social welfare recipients and employers of the state. Now that techniques have been refined, they are being pressed into more general usage, in the private as well in the public sector.

    Controls

    If dataveillance is burgeoning, controls are needed to ensure that its use is not excessive or unfair. There is a variety of natural or intrinsic controls, such as self-restraint and morality. Unfortunately morality has been shown many times to be an entirely inadequate influence over people’s behaviour. There is also the economic constraint, whereby work that isn’t worth doing tends not to get done, because people perceive better things to do with the same scarce resources. Regrettably this too is largely ineffective. Cost/benefit analysis of dataveillance measures is seldom performed, and when it has been the quality has generally been appalling. This reflects the dominance of political over economic considerations — both politicians and public servants want action to be seen to be being taken, and are less concerned about its effectiveness than its visibility.

    If intrinsic controls are inadequate, extrinsic measures are vital. For example, the codes of ethics of professional bodies and industry associations could be of assistance. Regrettably, these are generally years behind the problems, and largely statements of aspiration rather than operational guidelines and actionable statements of what is and is not acceptable behaviour. Over twenty years after the information privacy movement gathered steam, there are few and very limited laws which make dataveillance activities illegal, or which enable regulatory agencies or the public to sue transgressing organisations. A (limited) statute exists at national level, but none at all at the level of State Governments. In any case, statutory regimes are often weak due to the power of data-using lobbies, the lack of organisation of the public, and the lack of comprehension and interest by politicians. The public has demonstrated itself as being unable to focus on complex issues; public apathy is only overcome when a proposal is presented simply and starkly, such as ’the State is proposing to issue you with a plastic card. You will need to produce it whenever anyone asks you to demonstrate that you have Permission to breathe’.

    There is a tendency for dataveillance tools to be developed in advanced nations, which have democratic traditions and processes (however imperfect). There is a further tendency for the technology to be exported to less developed countries.

    Many of these have less well-developed democratic traditions, more authoritarian and even repressive regimes. The control mechanisms in advanced western democracies are inadequate to cope with sophisticated dataveillance technologies; in third world countries there is very little chance indeed of new extrinsic controls being established to ensure balance in their application. It appears that some third-world countries may be being used as test-beds for new dataveillance technologies.

    2. SURVEILLANCE: TOOLS AND TECHNIQUES – Current technologies

    Surveillance is using some of the most advanced and sophisticated technology to keep track of individuals; where they go, what they do and even what they say.

    Visual and audio surveillance are almost everywhere, and, modern electronic technology gives the possibility of keeping track of individual’s moments without cameras or microphones, just with surveillance of their data (Dataveillance )

    1. Visual Surveillance

    Closed-circuit TV (CCTV) is the most common electronic visual surveillance technique.

    Recording can be in two modes: real-time or time-lapse. Real-time is regular TV (at 30 frames (second) showing full motion). Time-lapse selects only a few frames per time period, perhaps one or two per second, to record. The advantage of time-lapse is that it allows one tape to record for a much longer time than real time recording

    Video electronics can be very sophisticated indeed and the recent trend is digital video. This allows using the QUAD recording system, a method of compressing four separate camera images into a single frame, so that the guard could see all four views on the monitor screen and record them on a VCR (Video Cassette Recorder) at the same time. These systems allow detailed surveillance and plant monitoring, so that responsibles can observe everything happening within the facility.

    In the previous years may be, only the entrance (or specific spaces) would be under video surveillance. Now it is possible to have surveillance everywhere. Using hard disks instead of videotape allows keeping a record of several month’s worth of time-lapse video.

    Cameras also are much more sophisticated today than years ago. New circuits allow the camera to ignore bright, light-emitting objects within their fields of view. Miniaturization allows easier concealment, infra-red cameras allow surveillance in darkness. Video surveillance is portable as well. The old days of concealing a camcorder in a briefcase or duffel bag have given way to subminiature cameras concealed in neckties and other items. Decoy items (items containing the surveillance equipment) include baseball caps, belt buckles, briefcases, eyeglasses and wristwatches.

    CCTV is very quickly becoming an internal part of crime control policy, social control theory and Community consciousness. It is promoted by police and politicians as primary solution for urban dysfunction.

    They are now used in many areas, including roads, trains, railway platforms, car parks, loading docks, shopping centers, individual retail stores, banks, automatic teller machines, petrol stations, lifts, lobby areas, cash handling and storage areas and employee recreation rooms.

    Within the aims of the contract, this study looks at its usage in five main industrial contexts: retail stores, financial services, manufacturing, warehousing and distribution, larger office buildings and leisure and entertainment complexes.

    Video surveillance is used in these industries for several reasons:

    to minimize the risk of theft, especially in the retail industry for purposes of deterring and detecting crime
    protect premises from threats to property such as sabotage, arson and vandalism
    to monitor individual employee work performance
    to improve customer service by observing peak periods and planning the allocation of staff throughout the day
    to assist in staff training
    to enhance health and safety standards
    to ensure that employees comply with legal obligations
    to protect employers from liability claims
    to monitor production processes.

    Most surveillance systems are being installed to prevent theft, either by outsiders or employees, but, video surveillance systems often are used for a range of purposes beyond what was originally intended. Surveillance systems which are initially installed for the purpose of protecting property against an external security threat can be used for other purposes, such as to monitor employees’ productivity and work behavior.

    The routine use of video surveillance has the potential to undermine employees’ sense of privacy and dignity in the workplace. Surveillance is associated with increased levels of stress, undermining morale and creating distrust and suspicion between employees and management. While it may be an effective instrument to protect an employer from external security threats, it is not appropriate as a means of monitoring individual employee performance.

    Covert surveillance with a smaller number of hidden cameras may in fact be a much popular and at the same time cheaper option than a general security system.

    Some of the justifications offered for covert video surveillance are:

    employers have a right to protect their business interests
    covert surveillance affect fewer employees than overt surveillance and is much cheaper
    if employees are unaware of surveillance, there is less risk of individual disputation
    covert surveillance is often the most effective means of detecting unlawful activity.

    2. Audio Surveillance

    Audio surveillance is no longer merely an arcane art practiced by spies and private detectives. Today, it’s common place and spreading. Tape recorders are a fact of life, and they’re often used to document a transaction. Trying to telephone some companies and some government agencies there is a recording sign says: “This transaction is being recorded to help us assure …”.

    In some companies the real purpose of tape recording conversation is to check how may the handle an hour, and to have evidence in case the customer says something that can used against him.

    In prisons, officials often use electronic equipment to record all telephone conversations. Some of these are between lawyer and client, but all they go onto tape. It depends on the ethics of the guards whether they listen or not.

    They are “high tech voice recorders” that put every conversation on a CD disk. A model made for correctional use is the “Laser voice”, using optional disk voice recording.

    “Tube mike” is an electric device for “bugging” a room, motor vehicle, or other premises. It is a plastic tube passed through a small hole in a wall to conduct sound from the room to a small microphone at the other end.

    This could be characterized as “non- access surveillance”.

    “Tube microphones” come in all sizes. Some are relatively large plastic tubes (about 1/2” in diameter), but for tight spaces or maximum concealment there are “needle microphones” pressed against a wall to hear sounds in the next room.

    If there is access to a room, a bug could be planted almost anywhere, even in the subject’s clothing. “Radio mikes” transmit whatever they pick up to a nearby receiver eliminating the need for tell-tale wires. Their only drawback, if they’re totally self-contained, is battery life. Other models fit into wall plugs, and take their power from the house current

    One type of portable radio mike is the size and shape of a credit card, with a range of several hundred feet and a 30-hour battery life. Placed into the beast pocket of the subjects jacket, it permits monitoring a conversation held outdoors. The value of this is that many people think its possible to overhear a conversation held on the street or in a park, and that walking will defeat any prospect of a bug planted nearby.

    In the open market there are several models of “gimmicked telephones” that use in the built in microphone to pick up any conversation in the room even when the telephone is not in use.

    All the types of audio surveillance with miscellaneous bugging devices described before, are used today mainly in police and internal security agencies (such as FBI, NSA etc) or in companies security departments.

    Telephone tapping still exists, but with today’s Electronic Switching System (ESS) its no longer necessary to go out and physically tap a person’s telephone line.

    3. Phone Tapping and Encryption

    Whenever a telephone line is tapped the privacy of the persons at both ends of the line is invaded and all conversations between them upon any subject and although proper, confidential and privileged ma be overheard.

    The phone tapping normally used for surveillance of communications to combat “serious crime” and to protect “national security”.

    On the other hand often companies keep records of phone numbers calls and the duration of such calls. In some companies these records are used to gauge job performance, while in others it simply allows employees to review calls and reimburse the employer for calls of a purely personal nature.

    4. Voice and Word Pattern Recognition

    Since it is no possible for an Agency or organization to employ a staff large enough to listen to all telephone conversations, read all faxes, etc, word recognition has to be computerized.

    In this case a central computer could monitor all (or a group) of telephone conversations and recognize those in which the agency had an interest by using voice patterns and key words.

    A wide variety of techniques are used to perform speech recognition. Typically speech recognition starts with the digital sampling of speech. The next stage is acoustic signal processing. Most techniques include spectral analysis e.g. LPC (Linear Predictive Coding), MFCC (Mel Frequency Cepstral Coefficients) cochlea modeling and many more.

    The next stage is recognition of phonemes, groups of phonemes and words. This stage can be achieved by many processes such as DTW (Dynamic Time Warping), HMM (Hidden Markov modeling), expert systems and combination of techniques.

    Most systems utilize some knowledge of the language to aid the recognition process. Some systems try to “understand” speech. That is try to convert the words into a representation of what the speaker intended to mean or achieve by what they said.

    Voice and pattern recognition used as an advanced tool and a helpful technique (thanks to the IT) for surveillance of communications to combat “serious crime” or to protect “national security”

    5. Proximity Smart Cards

    Originally, electronic cards were substitutes for keys, which were too easy to reproduce. A metal key blank and a file where all that were necessary to duplicate a key, but more sophisticated equipment is necessary to duplicate even the simplest sort of electronic card.

    The first type of electronic card used barium ferrite as magnetic dots embedded in the magnetic layer. This was a significant advance over punched cards, that were relatively easy to duplicate.

    In the early 1970s, magnetic stripe cards were produced (by IBM), which are still used in credit cards and are somewhat more secure. However, they’re still too easy to forge and should pass through a magnetic stripe reader.

    In the early 1980s, the advent of Application Specific Integrated Circuit (ASIC) technology, resulted in what quickly become known as “smart card” which could hold a variety of codes and information to make misuse or duplication almost impossible. This was the first “proximity card”, which did not require direct contact through a card recorder.

    The proximity card is basically a “transponder” an electronic device that replies to a radio signal that “interrogates” it. The extended range model doesn’t require even placing it near the card reader, as it transmits to a receiver several feet away.

    Use of proximity smart card as Transport card / E-purse

    Transportation companies use the proximity smart cards to replace metro, bus, train tickets and boarding cards, etc.
    The proximity smart card results in considerable time saving by greatly increasing passenger flow without diminishing security
    With the contact part of the card, the proximity smart card is perfectly suited to financial transactions involving small amounts of money: automatic vending cafeterias, local shops, parking fees, cinemas, recreation / amusement parks, cultural and sports centers etc.

    Use of proximity smart card as Access control / ID card

    The company Proximity smart card contains data used to identify cardholders, as well as his own different access rights. The contactless part of the card is used to access building and other protected areas.
    The contact portion can be used for network access, such as the Internet. With the electronic purse function it can be used in the company restaurant, at automatic vending machines, just like a traditional multi-service card.

    One application, although, extends the proximity card’s usefulness by turning it into a tracking device. Proximity readers installed along the walls of a building allow tracking each card within the facility. If somebody is carrying one of these cards within a building so equipped, the central computer can sense exactly where he (she is at all times). There is a record of which area the employee (or visitor) is in, when he leaves, and where else within the building he may go. If the employee goes to the cafeteria, the computer will log when he lefts his work station, how long it took him to get to the cafeteria, which root he took, how long he remained in the cafeteria, when he started back and by which route, and when he arrived back in his work area. Likewise if he went to the bathroom. The computer can record whether he/she went to the men’s room or the ladies’ room.

    Many countries are actively considering adopting national ID cards for the variety of functions. These include the United States, United Kingdom and Canada.

    There are ID cards (credit cards) used for digital cash service which is supposed to be “anonymous”. But, it appears that the bank and the merchants could find the identity of the users.

    The customer is identified to the trader and ultimate to the bank by the 300 previous transactions. Each of these will soon be superseded by further transactions and drop off end of the list.

    These can be monitored by the bank and could be used for marketing purposes. This is the audit trail and could be sold to business users for third party marketing.

    6. Transmitter Location

    When a telephone or mobile phone used, the location of the user could be identified. The science of location radio uses three methods of finding a transmitter. The oldest is triangulation, in which several receiving stations with directional antennas take bearing on a transmission and communicate the bearing to a central plotting room.

    Technicians trace each bearing on a map of the area and the intersection of the bearing pinpoints the location of the transmitter.

    The second method requires several receives as well, and works by measuring the relative strengths of signals received. A computer analyses the strengths and determines the location of the transmitter

    The third method also requires a computer-controlled chain of receives and measures the minute differences in the time the signal arrives at each receiver.

    Formerly classified, these techniques are now available on the civilian market for law enforcement and private security. One application is locating stolen cars by pinpointing radio transmitters installed in the vehicle for this purpose.

    Location of cellular phones in another application. Police today are using (in some countries) this application to pinpoint the location of cellphone users. Purportedly, this is to speed emergency response when a citizen calls for help (at home or in the road). Once the equipment is in place, it can, and must, serve other purposes. Criminal investigators will be able to pinpoint a specific cellphone each time the caller uses it, this will help an investigation into a stolen cellphone, or help locate wanted persons unwise enough to use cellphone or mobile phone.

    Another device, sold only to police, is the “cellphone ESN Reader”, which reads the numbers of the targeted cellphone. This detects and records the cellular phone number, called number and ESN of the target phone of a ranges of up to two miles.

    Theoretically, the technology can locate every cellphone and every mobile phone in the country every time someone makes a call on it (for cellphones) or just open it (for mobile phones).

    7. E-mail at workplace

    Personal messages the employee sent over his company’s e-mail are not private. They are not, and court decisions have held that they’re not.

    It is a safe assumption that companies will keep an increasingly watchful eye on their internal email, and scrutinize what employees are saying to each other. It is easy to see that some companies may find that scrutinising staff e-mail can have more than one advantage for a company management. Originally instigated to avoid liability, reading employee’s e-mail can also serve to alert management of dishonesty, disloyalty or even matters like union activity.

    8. Electronic Databases

    The computer age has brought surveillance into a new era in which information about almost anybody is available to almost anybody.

    Databases from Human Identification

    There are a lot of government databases containing information about almost every resident in United States and in many European Countries as well.

    A variety of person identification techniques are available, which can assist in associating data with them. Important examples of these techniques are:

    names (what the person is called by other people)
    codes (what the person is called by the organization)
    knowledge (what the person knows)
    biometrics (what the person is, does, or looks like e.g. appearance, natural physiography, etc.)

    Data bases for financial surveillance

    Financial records are gathered privately by several giant companies that specialize in this sort of information. These “credit reporting bureaus” purportedly maintain credit records, but in fact keep far more than credit information in their databases.

    Other databases for human identification

    There exist specialized databases available mainly to private investigators. These call information from telephone directories, city directories, voter registration records and many other public and private records to provide a profile of the person being investigated.

    9. The Internet

    The Internet, which began as a Computer communication network between Universities and laboratories decades ago, has turned into a vast public forum accessible to anyone with a computer.

    International organizations, Public authorities, Companies, Universities, Research centers and individuals have access and exploit the Internet.

    On the other hand Internet became:

    an entertainment tool
    a huge Information source
    an important marketing tool
    a big virtual electronic market with a considerable number of economic transactions every second

    IT technology at the same time, restricted the individuals’ right to privacy since they could be identified through their ID number or through their records or transactions.

    The growing rift between the needs of Internet Commerce and the individual’s right to privacy gave rise to the development of new tools.

    In January 1999 Intel announced its plans for the development of a microchip containing embedded electronic serial numbers that allow individual computers to be readily identified.

    The identities, similar to the unique vehicle identification numbers on cars and trucks would be a caller ID technology for computer.

    But critics see it is on an ominous development, ushering in a new period of electronic surveillance. Privacy experts fear the new Intel chip could mean the death of anonymity on the Internet.

    But this would appear to really variously endanger privacy on the Internet by creating a permanent ID number for every Intel user on the Net.

    3. THE USE OF SURVEILLANCE TECHNOLOGY SYSTEMS FOR THE TRANSMISSION AND COLLECTION OF ECONOMIC INFORMATION

    As the Internet and other communication systems reach further into the everyday lives, national security, low enforcement and individual privacy have become perilously intertwined. Governments want to restrict the free flow of information and software producers are seeking ways to ensure consumers are not bugged from the moment of purchases.

    All developing communication technologies, digital telephone switches cellular and satellite phones HAVE SURVEILLANCE CAPABILITIES. On the other hand the development of software that contains encryption, a telephone which allows people to scramble their communications and files to prevent others from reading them gourd earth [sic].

    3.1 CALEA system

    The first effort to heighten surveillance opportunities (made by USA) was to force telecommunication companies to use equipment desired to include enhanced wiretapping capabilities.

    In the late 1980s in a program known internally as “Operation Root Canal” US low enforcement officials demanded that telephone companies alter their equipment to facilitate the interception of messages. The companies refused but, after several years of lobbying, Congress enacted the Communications Assistance for Law Enforcement ACT (CALEA) in 1994.

    CALEA requires that terrestrial cellular phone services and other entities ensure that all their equipment, facilities or services are capable of expeditiously, enabling the government to intercept all wire and oral communications varied by the carrier concurrently with their transmission.

    Communications must be interceptable in such a form that they could be transmitted to a remote government facility. Manufactures must work with industry and low enforcement officials to ensure that their equipment meets federal standards.

    The passage of CALEA has been controversial, but its provisions have yet to be enforced due to FBI efforts to include even more rigorous regulations under the law. These include: the requirement, the cell phones allow for location – tracking on demand and that telephone companies provide capacity for up to 50.000 simultaneous wiretaps.

    CALEA finally has been accepted as an International standard in US. In 1991 the FBI contacted EU member states in order to propose to them do incorporate CALEA into European Law. This plan according to an EU report, was to call for the Western World (EU, US and allies) to agree to norms and procedures and then sell their products to Third World countries. There is a council resolution that was adopted on 17 January 1997 on the lawful interception of communications (961C329/a). The US government is now in negotiations with the International Telecommunications Unit (ITU) to adopt the standards globally.

    3.2 ECHELON Connection

    The previous STOA Interim Study (PE 166.499) entitled “An Appraisal of technologies of political control” made certain statements concerning the ECHELON global surveillance system. This is reported to be a world-wide surveillance system designed and coordinated by the US NSA (National Security Agency) that intercepts e-mail, fax, telex and international telephone communications carried via satellites and has been operating since the early 1980s – it is part of the post Cold War developments based on the UK-USA agreement signed between the UK, USA, Canada, Australia and New Zealand in 1948.

    The five agencies said to be involved are: the US National Security Agency (NSA), the Government Communications Security Bureau (GCSB) in New Zealand, Government Communications Headquarters Signals Directorate (DSD) in Australia. The system was brought to light by the author Nicky Hager in his 1996 book Secret Power: New Zealand’s role in the International Spy Network. For this, he interviewed more than 50 people who work or have worked in intelligence who are concerned at the uses of ECHELON. It is said that “The ECHELON system is not designed to eavesdrop on a particular individual’s e-mail or fax link. Rather, the system works by indiscriminately intercepting very large quantities of communications and using computers to identify and extract messages from the mass of unwanted ones”.

    According to Interim Study (PE 166.499) of 1998, there are reported to be three components to ECHELON:
    1. The monitoring of Intelsats, international telecommunications satellites used by phone companies In most countries. A key ECHELON station is at Morwenstow in Cornwall monitoring Europe, the Atlantic and the Indian Ocean.

    2. ECHELON interception of non-Intelsat regional communication satellites. Key monitoring stations are Menwith Hill in Yorkshire and Bad Aibling in Germany.

    3. The final element of the ECHELON system is the surveillance of land-based or under-sea systems, which use cables or microwave tower networks.

    At present it is thought ECHELON’s effort is primarily directed at the “written form” (e-mails, fixes, and telexes) but new satellite telephones system which take over from old land-based ones will be as vulnerable as the “written word”.

    Each of the five centres supply to the other four “Dictionaries” of keywords, phrases, people and places to ‘stag” and tagged intercept is forwarded straight to the requesting country.

    It is the interface of the ECHELON system and its potential development on phone calls combined with the standardisation of”tappable” telecommunications centres and equipment being sponsored by the EU and the USA which presents a truly global threat over which there are no legal or democratic controls.

    The earlier study (PE 166.499) identified a number of options for the European Union, centred round the proposition that:
    “All surveillance technologies, operations and practices should be subject to procedures to ensure democratic accountability and there should be proper codes of practice to ensure redress if malpractice or abuse takes place. Explicit criteria should be agreed for deciding who should be targeted for surveillance and who should not, how such data is stored, processed and shared. Such criteria and associated codes of practice should be made publicly available.”

    Other points included:
    – All requisite codes of practice should ensure that new surveillance technologies are brought within the appropriate data protection legislation.

    – Given that data from most digital monitoring systems can be seamlessly edited, new guidance should be provided on what constitutes admissible evidence. This concern is particularly relevant to automatic identification systems which will need to take cognizance of the provisions of Article 15, of the 1995 European Directive on the Protection of Individuals and Processing of Personal Data.

    – Regulations should be developed covering the provision of electronic bugging and tapping devices to private citizens and companies, so that their sale is governed by legal permission rather than self regulation.

    – Use of telephone interception by Member states should be subject to procedures of public accountability referred to in (1) above. Before any telephone interception takes place a warrant should be obtained in a manna prescribed by the relevant parliament. In most cases, law enforcement agencies will not be permitted to self-authorise interception except in the most unusual of circumstances which should be reported back to the authorising authority at the earliest opportunity.

    – Annual statistics on interception should be reported to each member states’ parliament. These statistics should provide comprehensive details of the actual number of communication devices intercepted and data should be not be aggregated. (This is to avoid the statistics only identifying the number of warrants, issued whereas organisations under surveillance may have many hundreds of members, all of whose phones may be subject to interception).

    – Technologies facilitating the automatic profiling and pattern analysis of telephone calls to establish friendship and contact networks should be subject to the same legal requirements as those for telephone interception and reported to the relevant member state parliament.

    – The European Parliament should reject proposals from the United States for making private messages via the global communications network (Internet) accessible to US Intelligence Agencies. Nor should the Parliament agree to new expensive encryption controls without a wide ranging debate within the EU on the implications of such measures. These encompass the civil and human rights of European citizens and the commercial rights of companies to operate within the law, without unwarranted surveillance by intelligence agencies operating in conjunction with multinational competitors.

    3. Inhabitant identification Schemes

    Inhabitant identification schemes are schemes, which provide all, or most people in the country with a unique code and a token (generally a card) containing the code.

    Such schemes are used in many European Countries for a defined set of purposes, typically the administration of taxation, natural superannuation and health insurance. In some countries, they are used for multiple additional purposes.

    4. THE NATURE OF ECONOMIC INFORMATION SELECTED BY SURVEILLANCE TECHNOLOGY SYSTEMS

    A. From telecommunication systems

    Concerning public authorities and organizations:

    secret telephone conversations, fax messages and electronic mail
    sensitive information concerning taxation
    information concerning various fund transfers especially from one service to the other and financial transactions
    data used in the critical banking infrastructure systems

    Concerning business:

    private business communication, including telephone conversations, fax messages and electronic mail
    order from fund transfers and other financial transactions (e.g. payments by credit cards by fax)
    sensitive business information and trade secrets

    Concerning individuals:

    private conversations, fax messages, e-mail
    payments by credit cards
    secret information concerning taxation

    B. From new information technologies (Internet)

    Concerning public authorities and organizations:

    sensitive information and state secrets
    tele-banking
    tax records and other financial information
    data used in the operation of critical infrastructure systems
    public contracts received by electronic mail

    Concerning business:

    contracts
    invoices and other official documents
    secret electronic transactions
    risk of international property and license in secret transactions
    payment orders by credit cards
    payments received on-line

    Concerning consumers and individuals:

    payment by credit cards
    payment on-line
    contracts and agreements
    electronic financial transactions (e.g. tele-banking).

    C. Some examples of data collection on tSe Internet

    Data can be collected over the Internet either directly or indirectly; in other words, it can be collected either at the time of contact with a correspondent or without the knowledge of the person concerned, often automatically. The nature of the data collected varies according to the protocol used on the network i.e. according to the type of service. In practice, different protocols are very often used in combination to augment the profitability or quality of exchanges. For example, a Web page may propose an exchange of correspondence or a transfer of documents via links with the e-mail protocol and the protocol used for transferring files, which is more powerful.

    When electronic messaging is used (Simple Mail Transfer Protocol — SMTP, and Network News Transfer Protocol — NNTP), communication is established from one personal mailbox to another, or between a personal mailbox and a mailbox common to a number of correspondents. The information transmitted consists of the name and e-mail address, the server address and the signature file (sig.file) if created by the user of the machine. If a communication is addressed to a joint mailbox, this information is given out to an indeterminate number of correspondents, participation in a discussion group being theoretically free. As a result, any person listed on a distribution list can at the very least obtain the e-mail addresses of all other listed parties, since this information is provided automatically for purposes of communication on a given topic.

    While most downloading (File Transfer Protocol — FTP) is done anonymously, with only the network’s Internet Protocol — IP — address being revealed, the same cannot be said for document presentation (World Wide Web — WWW, Hyper Text Transfer Protocol — HTTP). The minimum information revealed at each step in the Web is the name of the network machine making the request and the type of browser being used. Browsers contain an identification — ID — file which, is configured by the user or at the user’s request, stores various personal data such as the user’s name or e-mail address. If a Web server requests this information, it can be automatically given out.

    A Web server can also send out information, which is stored by the user’s navigator (so-called ‘cookies’) and retrieved at a subsequent connection to the server. This system indicates that a visitor has been there before, but without revealing his identity: identification requires matching with other information. As a result, when linked to the ID file incorporated into the browser and transmitted to a server, the information recorded in cookies c-an yield valuable user profiles. It can be noted, however, that some navigations — to a varying and often inadequate extent — allow use of these cookies to be blocked.

    5. PROTECTION FROM ELECTRONIC SURVEILLANCE

    A. Encryption (Cryptography)

    Finally, new information technologies include the privacy of individuals, the security of data in the computer or on the network, and the availability of encryption software to protect data in the event they are intercepted. In this context, privacy refers to controlling the dissemination and use of data, including information that are unintentionally revealed as a by-product of the use of the information technologies themselves.

    Security refers to the integrity of the data storage, processing, and transmitting systems and includes concerns about the reliability of the hardware and software, the protections against intrusion into the theft of the computer equipment, and the resistance of computer systems to infiltration by unpermitted users, that is, “hacking”. Encryption is the practice of encoding data so that even if a computer or network is compromised, the data’s content will remain secret. Security and encryption issues are important because they are central to public confidence in networks and to the use of the systems for the sensitive or secret data, such as the processing of information touching on national security. These issues are surpassingly controversial because of governments’ interest in preventing digital information from being impervious to official interception and decoding for low enforcement and other purposes.

    Private sector initiatives

    A large number of private sector interests, in the United States in particular, are attempting, a view to fostering electronic commerce, to promote technological solutions that will provide a a1 practical response to consumers concerns while still preserving business interests. In other words, they are starting to explore ways and means of making privacy work in communication networks. These initiatives go in the right direction and it would be worthwhile for governments to engage in a dialogue on the basis.

    As an example, Netscape joined by Microsoft, is leading an industry initiative (40 companies) to cope with privacy issues and proposes standard software intended to enable computer users to control what personal information is obtained when they visit Internet sites and how the information is used, as well as avoid unwanted e-mail. The proposal, called the OPS — Open Profiling Standard –, which has been submitted to the World Wide Web Consortium — W3C, provides the users with a way to pre-package the personal registration information Web sites may require. At the same time, OPS lets users control when and how much of their personal profiles can be passed to a third party. OPS would have users fill out profiles and preference information in a standard that could be identified by a digital certificate (that would give a guarantee from a trusted third party that the person is really who they say they are). The standardized format and brand names associated with the profile forms would be incorporated, in the case of Netscape, into the Communicator browser. According to some specialists, OPS is an addition to rather than replacement for the intrusive cookie method of tracking user information.

    Another project is the new W3C Platform for Privacy Preferences (P3) Project developed by the W3C. The P3 Project is a platform on which other technological, market and regulatory solutions can interoperate and build. The P3 prototype allows Web sites to easily describe their privacy practices as well as users to set policies about the collection and use of their personal data. A flexible ‘negotiation’ between the Web site’s practices and the user’s preferences allows service to offer the preferred level of service and data protection to the user. If there is a match, access to the site is seamless; otherwise the user is notified of the difference and is offered other access options to proceed. With P3, users can download ‘recommended’ settings established by organizations such as industry associations and consumer advocacy groups. According to some privacy specialists, P3 requires users to disclose privacy preferences when good privacy policies should provide meaningful information for users about Web site practices and not require users to disclose personal information.

    Techniques to provide users with more information about privacy practices are also being developed. For instance, a number of companies and service operators have a privacy Icon which appears either when the user enters a site, or when the user starts to provide information. The Icon can either lead by hyper-link to a sophisticated service providing details of the company’s (service operator) data protection policies and a tick box(es) allowing the user to opt out of having his/her data used foe specific purposes, or the icon can lead to page referring the user, for example, to an address from which further details are available.

    Another example is the development of services and branding techniques, which intend to provide, dear meaningful designations for privacy practices such as TRUSTe, formerly eTRUST.

    The TRUSTe program will focus on addressing privacy issues concerning data collection on the Internet. With an emphasis on analysing consumer fears surrounding electronic commerce, the program will utilise Web site icons (trustmarks) to alert online consumers to the uses of their personal information.

    To further consumer privacy the TRUSTe program will utilise a standardised method of informed consent. A branded system of ’trustmarks’ or logos, representing the Web site’s information privacy policy for users’ personal information, will alert consumers to how the information they reveal online will be used.

    The three trustmarks will be:

    No Exchange – no personally identifiable information is used by the site.
    One-to-one Exchange is collected only for the site owner’s use.
    Third Party Exchange – data is collected and provided to specified third parties but only with the user’s knowledge and consent.

    The TRUSTe initiative was launched in July 1996 by the Electronic Frontier Foundation (EFF) and a group of pioneering Internet companies. CommerceNet and the EFF then partnered in October 1996 to move forward in implementing the initiative.

    TRUSTe is a global, non-profit initiative to establish trust and confidence in electronic communication by creating an infrastructure to address online privacy issues. Comprised of premier members from the electronic commerce industry, the program assures consumer privacy through a progressive policy of informed consent utilising a branded system of ’trustmarks’, which represent a company’s online information privacy policy.

    Finally, systems for implementing on-line E-mail Preference Services (EPS) or ‘E-mail Robinson Lists’ are also under consideration (EPS allow consumers who do not wish to receive e-mails to be excluded from lists, the common database used to register opt out demands being then used to clean marketing lists). As an example, a software package is being developed in the USA which would allow consumers to register on-line; would be secure from intruders, and yet user-friendly for industry to clean their E-mail marketing lists; and which could be serviced easily by the operator (the Direct Marketing Association (DMA-US)). A similar system will be developed in the United Kingdom, and it is planned that these two countries would then spearhead a Global Convention on EPS inviting other DMSs to join. Another proposal, which has yet to be fully considered by industry, comes from the UK data protection Registrar, which has suggested a mechanism enabling the consumers to indicate if they do not wish to be contacted be e-mail in their e-mail address. A universally agreed character (a marker) would indicate that the user does not want to receive any marketing solicitations. The user would also be free to make different choices: i.e. to use the marker when visiting one site and not to use it when visiting another. This system should be combined with others, such as the proposed E-mail Preference Service.

    B. Key-recovery

    Cryptography is a complex area, with scientific, technical, political, social, business, and economic dimensions.

    For the purpose of this report, ‘key recovery’ systems are characterized by the presence of some mechanism for obtaining exceptional access to the plain text of encrypted traffic. Key recovery might serve a wide spectrum of access requirements, from a backup mechanism that ensures a business’ continued access to its own encrypted archive in the event keys are lost, to providing covert law enforcement access to wiretapped encrypted telephone conversations. Many of the costs, risks, and complexities inherent in the design, implementation, and operation of key recovery systems depend on the access requirements around which the system is designed.

    We focus specifically on key recovery systems designed to meet government access specifications. These specifications diverge in important ways from the needs of commercial or individual encryption users:

    Access without end-user knowledge or consent — Few commercial users need (or want) covert mechanisms to recover keys or plain text data they protect. On the contrary, business access rules are usually well known, and audit is a very important safeguard against fraud and error. Government specifications require mechanisms that circumvent this important security practice.

    Ubiquitous adoption — Government seeks the use of key recovery for all encryption, regardless of whether there is benefit to the end-user or whether it makes sense in context. In fact, there is little or no demand for key recovery for many applications and users. For example, the commercial demand for recovery of encrypted communications is extremely limited, and the design and analysis of key recovery for certain kinds of communications protocols is especially difficult.

    Fast paths to plain text — Law enforcement demands fast (near real-time), 24-hour-a-day, 365-day-a-year access to plain text, making it impossible to employ the full range of safeguards that could ameliorate some of the risks inherent in commercial key recovery systems.

    Encryption and the global information infrastructure

    The Global Information Infrastructure promises to revolutionize electronic commerce, reinvigorate government, and provide new and open access to the information society. Yet this promise cannot be achieved without information security and privacy. Without a secure and trusted infrastructure, companies and individuals will become increasingly reluctant to move their private business or personal information online.

    The need for information security is widespread and touches all of us, whether users of information technology or not. Sensitive information of all kinds is increasingly finding its way into electronic form. Examples include:

    Private personal and business communications, including telephone conversations, fax messages, and electronic mail;
    Electronic funds and other financial transactions;
    Sensitive business information and trade secrets;
    Data used in the operation of critical infrastructure systems such as air traffic control, the telephone network or the power grid; and
    Health records, personnel files, and other personal information.

    Electronically managed information touches almost every aspect of daily life in modern society. This rising tide of important yet unsecured electronic data leaves our society increasingly vulnerable to curious neighbors, industrial spies, rogue nations, organized crime, and terrorist organizations.

    Paradoxically, although the technology for managing and communicating electronic information is improving at a remarkable rate, this progress generally comes at the expense of intrinsic security. In general, as information technology improves and becomes faster, cheaper, and easier to use, it becomes less possible to control (or even identify) where sensitive data flows, where documents originated, or who is at the other end of the telephone. The basic communication infrastructure of our techniques more and more frequently will become the only visible approach to assuring the privacy and safety of sensitive information as these trends continue.

    Encryption is an essential tool in providing security in the information age. Encryption is based on the use of mathematical procedures to scramble data so that it is extremely difficult — if not virtually impossible — for anyone other than authorized recipients to recover the original ‘plain text’. Properly implemented encryption allows sensitive information to be stored on insecure computers or transmitted across insecure networks. Only parties with the correct decryption ‘key’ (or keys) are able to recover the plain text information.

    Highly secure encryption can be deployed relatively cheaply, and it is widely believed that encryption will be broad}y adopted and embedded in most electronic and communications products and applications for handling potentially valuable data. Applications of cryptography include protecting files from theft or unauthorized access, securing communications from interception, and enabling secure business transactions. Other cryptographic techniques can be used to guarantee that the contents of a file or message have not been altered (integrity), to establish the identity of a party (authentication), or to make legal commitments (non-repudiation).

    In making information secure from unwanted eavesdropping, interception, and theft, strong encryption has an ancillary effect: it becomes more difficult for law enforcement to conduct certain kinds of surreptitious electronic surveillance (particularly wiretapping) against suspected criminals without the knowledge and assistance of the target. This difficulty is at the core of the debate over key recovery.

    Key-Recovery: Requirements and proposals

    The United States and other national governments have sought to prevent widespread use of cryptography unless ‘key recovery’ mechanisms guaranteeing law enforcement access to plain text are built into these systems. The requirements imposed by such government-driven key recovery systems are different from the features sought by encryption users, and ultimately impose substantial new risks and costs.

    Key recovery encryption systems provide some form of access to plain text outside of the normal channel of encryption and decryption. Key recovery is sometimes also called ‘key escrow’. The term ‘escrow’ became popular in connection with the U.S. government’s Clipper Chip initiative, in which a master key to each encryption device was held ‘in escrow’ for release to law enforcement. Today the term ‘key recovery’ is used as generic term for these systems, encompassing the various ‘key escrow’, ’trusted third party’, ‘exceptional access’, ‘data recovery’, and ‘key recovery’ encryption systems introduced in recent years. Although there are differences between these systems, the distinctions are not critical for our purposes. In this report, the general term ‘key recovery’ is used in a broad sense, to refer to any system for assuring third-party (government) access to encrypted data.

    Key recovery encryption systems work in a variety of ways. Early ‘key escrow’ proposals relied on the storage of private keys by the U. S. government, and more recently by designated private entities .

    Other systems have ‘escrow agents’ or ‘key recovery agents’ that maintain the ability to recover the keys for a particular encrypted communication session or stored file; these systems require that such ‘session keys’ be encrypted with the key known by a recovery agent and included with the data. Some systems split the ability to recover keys among several agents.

    Many interested parties have sought to draw sharp distinctions among the various key recovery proposals. It is certainly true that several new key recovery systems have emerged that they can be distinguished from the original ‘Clipper’ proposal by their methods of storing and recovering keys. However, our discussion takes a higher-level view of the basic requirements of the problem rather than the details of any particular scheme; it does not require a distinction between ‘key escrow’, ’trusted third-party’, and ‘key recovery’. All these systems share the essential elements that concern us for the purposes of this study:

    A mechanism, external to the primary means of encryption and decryption, by which a third party can obtain covert access to the plain text of encrypted data.
    The existence of a highly sensitive secret key (or collection of keys) that must be secured for an extended period of time.

    Taken together, these elements encompass a system of ‘ubiquitous key recovery’ designed to meet law enforcement specifications. While some specific details may change, the basic requirements most likely will not: they are the essential requirements for any system that meets the stated objective of guaranteeing law enforcement agencies timely access, without user notice, to the plain text of encrypted communications traffic.

    6. SURVEILLANCE TECHNOLOGY SYSTEMS IN LEGAL AND REGULATORY CONTEXT

    As a conclusion from this present Interim Study is the principle that WE HAVE TO CONSIDER PRIVACY PROTECTION IN THE CONTEXT OF A GLOBAL NETWORKED SOCIETY. And when we speak about electronic privacy in the exchange of economic information, we are speaking about one single thing above all others: Electronic Commerce over the Internet.

    A. Privacy regulation

    Multinational data protection measures

    Enactment of data protection laws by individual European nations has been paralleled and, in some cases anticipated, by multinational actions. In 1980 the Committee of Ministers of the Organization for Economic Cooperation and Development (OECD) issued Guidelines on the Protection of Privacy and Transborder Flows of Personal Data (guidelines). The guidelines outline basic principles for both data protection and the free flow of information among countries that have laws conforming with the protection principles. The guidelines, however, have no blinding force and permit broad variation in national implementation.

    One year after the OECD issued its guidelines, the Council of Europe promulgated a convention, For the Protection of Individuals with Regard to Automatic Processing of Personal Data. The convention, which took effect in 1985, is similar to the guidelines, although it focuses more on the importance of data protection to protect personal privacy. The convention specifies that data must be obtained and processed fairly; used and stored only for legal purposes; adequate, relevant, and not excessive in relation to the purpose for which they are processed; accurate and up-to-date; and stored no longer than necessary. The document gives individuals the right to inquire about the existence of data files concerning them; obtain a copy of that data; and have false or improperly processed data corrected or erased.

    The convention requires each of the member countries (now twenty-six) to enact conforming national laws. By 1992, however, when debate over the more detailed European Union data protection directive, discussed below, overtook the convention, only ten countries — Austria, Denmark France, Germany, Ireland, Luxembourg, Norway, Spain Sweden and the United Kingdom — had ratified the convention, while eight — Belgium, Cyprus, Greece, Island, Italy, Netherlands, Portugal and Turkey — had signed without ratification. The Council of Europe subsequently urged all European Union member states to ratify and implement the convention when it endorsed the European Commission’s proposal for a data protection directive. By 1997, all of the fifteen EU member states (except Greece, which is currently considering a privacy bill) and Switzerland have national legislation consistent with the convention.

    Nevertheless, the resulting protection for personal privacy is far from uniform, for at least three reasons. First, some of the national data protection legislation existed before the adoption of the convention. Second, the convention was not self-executing and therefore permitted each country to implement its national laws conforming to the government’s terms in very different ways. Finally, the convention did not include definitions for important terms, such as what constitutes an ‘adequate’ level of data protection; as result, member countries were left free to adopt their own, inconsistent definitions in their national legislation.

    Data protection directive in Europe

    Although, legal protection for a ‘right of privacy’ originated in the United States, Europe was the site of the first privacy legislation and has been the source of most comprehensive privacy regulation.

    Europe is the site of the first privacy legislation, the earliest national privacy statute, and now the most comprehensive protection for information privacy in the world. That protection reflects on apparent consensus within Europe that privacy is a fundamental human right which few in any other rights equal. In the context of European history and civil law culture, that consensus makes possible extensive, detailed regulation of virtually all activities concerning ‘any information relating to an identified or identifiable natural person’. It is difficult to imagine a regulatory regime offering any greater protection to information privacy, or greater contrast to U.S. law.

    As a result of the variation and uneven application among national laws permitted by both the guidelines and the convention, in July 1990 the commission of the then-European Community (EC) published a draft Council Directive on the Protection of Individuals with Regard to the Processing of Personal Data and on Free Movement of Such Data The draft directive was part of the ambitious program by the countries of the European Union to create not merely the ‘common market’ and ‘economic and monetary union’ contemplated by the Treaty of Rome, but also the potential union embodied in the Treaty on European Union signed in 1992 in Maastricht.

    The shift from economic to broad-based political union brought with it new attention to the protection of information privacy. On March 1 1, 1992, the European Parliament amended the commission’s proposal to eliminate the distinction in the 1990 draft between public and private sector data protection and then overwhelmingly approved the draft directive. On October 15, 1992, the commission issued its amended proposal; on February 20, 1995, the Council of Ministers adopted a Common Position with a View to Adopting Directive 95/46/EC of the European Parliament and of the Council on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data. The directive was formally approved on October 24, 1995, and took effect three years later.

    Privacy regulation in the United States

    The protection for the information privacy in the United States is disjoined, inconsistent, and limited by conflicting interests. There is no explicit constitutional guarantee of a right to privacy in the United States. Although the Supreme Court has fashioned a variety of rights out of the Bill of Rights and the Fourteenth Amendment, ‘information privacy’ has received little protection, primarily based on the Fourth and Fourteenth Amendments. In the Fourth Amendment arena, the Court has found constitutional violations when the police have searched for or seized records without a warrant or meeting one of the exceptions to the warrant requirement. The Court, however, has written that the Fourth Amendment privacy right has little application outside of the context of the investigation and prosecution of criminal activity. Moreover, this protection against such searches does not extend to information controlled by a third person. Under the Fourteenth Amendment, the Court has recognized a constitutional right restricting the government from compelling individuals to disclose certain personal information. This right protects only the interest of an individual in not disclosing certain information, and that right is evaluated under intermediate scrutiny, as opposed to the strict scrutiny required when fundamental rights are at stake

    As with all constitutional rights, these apply only against the government, not private actors. The requirement for state action and the ‘negative’ nature of constitutional rights require only that the government refrain from taking actions that impermissibly invaded individuals’ information privacy rights, not that the government take steps to affirmatively protect those rights. The Constitution also requires, however, that the government avoid actions that infringe other rights enumerated therein, such as the protection for expression in the Fifth Amendment, the government cannot take private property, whether by physical occupation or extensive regulation, without according due process and paying just compensation to the owner.

    Outside of the constitutional arena, protection for information privacy relies on hundreds of federal and state laws and regulations, each of which applies only to a specific category of information user (such as the government or retailers of videotapes), context (applying for credit or subscribing to cable television), type of information (criminal records or financial information), or use for that information (computer matching or impermissible discrimination). PrivacY laws in 49 the United States most often prohibit certain disclosures, rather than collection, use, or storage, of personal information. When those protections extend to the use of personal information, it is often as a by-product of legislative commitment to another goal, such as eliminating discrimination. And the role provided for the government in most U. S. privacy laws is often limited to providing a judicial form for resolving disputes.

    Passage of the privacy provisions in the Cable Communications Policy Act, and recent passage of the Consumer Credit Reporting Reform Act and the CPNI provision of the Telecommunications Act, demonstrate that Congress can enact serious privacy protection, even if limited to narrow sectoral environments. The later two acts and the expanding debate in Washington over the privacy evince the growing attention to the development of laws and regulations to protect privacy.

    However, as the limits and exceptions within existing privacy laws indicate, privacy protection in the United States is fundamentally in tension with other cherished values. The legal regulation of privacy is significantly influenced by the importance placed by society on the prevention of crime and prosecution of criminals, free expression and an investigatory press, the acquisition and use of property, and a limited role for government involvement in daily life. A comparison of the legal regimes of the EU and the United States suggests that the Europe privacy is more valued and less in conflict with other widely shared values.

    B. Protection of Privacy in the telecommunications sector

    Directive 97/66/EC of the European Parliament and the Council of the 15 December 1997 concerns the processing of personal data and the protection of privacy in the telecommunications sector.

    This directive provides for the harmonisation of the provisions of the member states required to ensure an equivalent level of protection of fundamental rights and freedom, and in particular the right to privacy, with respect to the processing of personal data in the telecommunications sector and to ensure the free movement of such data and telecommunications equipment and services in the Community.

    The provision of this directive particularises and complements the directive 95/46/EC for the purpose mentioned above. Moreover they provide for protection and legitimate interests of subscribers who are legal persons.

    This directive shall not apply to the activities which fall outside the scope of Community law, such as those provided for by titles V and VI of the treaty on European Union, and in any case to activities concerning public security, defence, state security (including the economic well being of the state when the activities relate to state security matters) and the activities of the state in areas of criminal law.

    C. Cryptography

    Cryptography policy in USA

    It is part of the strategy to ensure that police and intelligence agencies could understand every communication they intercepted.

    They attempted to impede the development of cryptography and other security measures, fearing that these technologies would reduce their ability to monitor the emissions of foreign governments and to investigate crime.

    A survey by the Global Internet Liberty Campaign (GILC) found that most countries either rejected domestic controls or not addressed the issue at all. The GILC found that many countries, large and small, industrialised and developing, seem to be ambivalent about the need to control encryption technology.

    The FBI and the National Security Agency (NSA) have instigated efforts to restrict the availability of encryption world-wide, in the early 1970s, the NSA’s pretext was that encryption technology was ‘born classified’ and, therefore, it dissemination fell into the same category as the diffusion of A-bomb materials. The debate went underground until 1993 when the US launched the Clipper Chip, an encryption device designed for inclusion in consumer products. The Clipper Chip offered the required privacy, but the government would remain a ‘pass- key’ — anything encrypted with the chip could be read by government agencies.

    Behind the scenes, law enforcement and intelligence agencies were pushing hard for a ban on other forms of encryption. In a February 1993 document, obtained by the Electronic Privacy Information Centre (EPIC), recommended ‘Technical solutions, such as they are, will only work if they are incorporated into all encryption products. To ensure that this occurs, legislation mandating the use of government-approved encryption products, or adherence to government encryption criteria’. The Clipper Chip was widely criticised by industry, public interest groups, scientific societies and the public and, though it was officially adopted, only a few were ever sold or used.

    From 1994 onwards, USA began to woo private companies to develop an encryption system that would provide access to keys by government agencies. Under the proposals — variously known as ‘key recovery’ or ’trusted third parties’ — the key would be held by a corporation, not a government agency, and would be designed by the private sector, not the NSA. The systems, however, still entitled the assumption of guaranteed access to the intelligence community and so proved as controversial used export incentives to encourage companies to adopt key escrow products: they could export stronger encryptions but only if they ensured that intelligence agencies had access to the keys.

    Under US law, computer software and hardware cannot be exported if it contains encryption that the NSA cannot break. The regulations stymie the availability of encryption in the USA because companies are reluctant to develop two separate product lines – one, with strong encryption, for domestic use and another, with weak encryption, for the international market. Several cases are pending in the US courts on the constitutionality of export controls; a federal court recently ruled that they violate free speech rights under the First Amendment.

    The FBI has not let up on efforts to ban products on which it cannot eavesdrop. In mid-1997, it introduced legislation to mandate that key-recovery systems be built into all computer systems. Several congressional committees adopted the amendment but the Senate preferred a weaker variant. A concerted campaign by computer, telephone and privacy groups finally stopped the proposal; it now appears that no legislation will be enacted in the current Congress.

    Cryptography policy guidelines from OECD

    The organisation for Economic Co-operation and Development in 1997 issued a report on cryptography policy entitled: CRYPTOGRAPHY POLICY: THE GUIDELINES AND THE ISSUES (OCOE / GD (97) 204). The basic principles (each of which addresses an important policy concern) are independent and should be considered as a whole so as to balance the various interests. The principles are:

    Trust in cryptographic methods: Users should be trustworthy in order to generate confidence in the use of information and commercial data.
    Choice of Cryptographic methods: Users should have a right to choose any cryptographic method, subject to applicable law.
    Market driven development of cryptographic methods: Cryptographic methods should be developed in response to the needs, demands and responsibilities of individuals, business and governments.
    Standards for cryptographic methods: Technical standards, criteria and protocols for cryptographic methods should be developed and promulgated at the national and international law.
    Protection of privacy and Personal data: the fundamental rights of individuals, to privacy, including secrecy of communications and protection of personal data, should be respected in national cryptography policies and in the implementation and use of cryptographic methods.
    Lawful access: National cryptography policies may allow lawful access to plain text, or cryptographic keys, of encrypted data. These policies must respect the other principles contained in the guidelines to the greatest extent possible.
    Liability: whether established by contract on legislation, the liability of individuals and entities that offer cryptographic services or hold or access cryptographic keys should be clearly stated.
    International co-operation: Governments should cooperate to coordinate cryptography policies. As part of this effort, governments should remove, or avoid creating in the name of cryptography policy, unjustified obstacles to trade.

    Given the role of cryptography in the information and communications infrastructure and in developing electronic commerce, cryptography policy has the broader perspective to overlap with economic, legal and political aspects of a number of information systems, protection of privacy and personal data and intellectual property protection.

    E.U. cryptography policy

    Led by the Germany and the Scandinavians, the EU has been generally distrustful of key escrow technology. In October 1997, the European Commission released a report entitled: ‘Towards a European Framework of Digital Signatures and Encryption’, ensuring security and trust in electronic communications (COM (97)503 final) which advised: ‘Restricting the use of encryption could well prevent law-abiding companies and citizens from protecting themselves against criminal attacks. It would not, however, totally prevent criminals from using these technologies’. The report noted that ‘privacy considerations suggest limit the use of cryptography as a means to ensure data security and confidentiality’.

    Some European countries have or are contemplating independent restrictions. France had a longstanding ban on the use of any cryptography to which the government does not have access. However, a 1996 law, modifying the existing system, allows a system of tiers du confidence, although it has not been implemented because of EU opposition. In 1997, the Conservative government in the UK introduced a proposal creating a system of trusted third parties. It was severely criticised at the time and by the new Labour government, which has not yet acted upon its predecessor’s recommendations.

    0 The debate over encryption and the conflicting demands of security and privacy are bound to continue. The commercial future of the Internet depends on a universally-accepted and foolproof method of on-line identifications; as of now, the only means of providing it is through strong encryption. This put the US government and some of the world’s largest corporations, notably Microsoft, on a collision course.

    Other national and international activities related to cryptography policy

    Cryptographic products and technologies have historically been subject to export controls. The current basis for export controls in the Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies (agreed on 13 July 1996), which includes cryptography products on its control lists for export. The Agreement is implemented in national regulations. Regulation [(EC) 3381/94] and Decision [94/942/PESC] of the Council of the European Union of 19 December 1994 on the control of the export of dual-use goods are also applicable to the export of cryptographic products.

    The Council of Europe has developed considerable resources to studying the subject of computer-related crime, issuing the Recommendation [R(95)13] of the Council of Europe of 11 September 1995 concerning problems of criminal procedural law connected with information technology, and is considering suggesting an international convention to address the issue. Such a convention could address matters such as exchange of information among government agencies in case involving the use of cryptography.

    At the G7 Summit meeting on anti-terrorism in July 1996, G7 governments announced that consultations would be accelerated, ‘in appropriate bilateral or multilateral for a, on the use of encryption that allows, when necessary, lawful government access to data and communication in order, inter alia, to prevent or investigate acts of terrorism, while protecting the privacy of legitimate communications’.

    In May 1996 the US National Research Council’s Computer Science and Telecommunications Board published the report ‘Cryptography’s Role in Securing the Information Society’. This interagency study assesses the effect of cryptographic technologies on US national security, law enforcement, commercial and privacy interests, and reviews the impact of export controls on cryptographic technologies. This authoritative report provides a comprehensive review of the cryptography policy issues faced by the US Government.

    C. Key recovery

    As of mid-1998 a wide range of government, industry, and academic efforts toward specifying, prototyping, and standardising key recovery system that meet government specifications have been implemented. Some of industry’s efforts were stimulated by U.S. government policies that offer more favorable export treatment to companies that commit to designing key recovery features into the future products, and by U.K. government moves to link the licensing of certification authorities to the use of key recovery software.

    Yet despite these incentives, and the intense interest and effort by research and development teams, neither industry nor government has yet produced a key recovery architecture that universally satisfies both the demands of government and the security and cost requirements of encryption users.

    The commercial key recovery products in existence today do not reconcile the conflict between commercial requirements and government specifications. In the absence of government pressure, commercial key recovery features are by their nature of interest primarily to business operations willing to pay a significant premium to ensure continued access to stored data maintained only in applications of encryption (such as communication traffic) are known in advance not to require recoverability and therefore would not be designed to use a key recovery system.

    Another problem is that the most secure and economical commercial key recovery do not support the real-time, third-party, covert access sought by governments in order to support surveillance. In particular, ‘self-escrow’ by an individual does not meet government access demands. The third-party nature and global reach implied by these government demands make key recovery systems a much more difficult, expensive, and risky proposition than a facility for internal, off-line recovery in business enterprise. For example, most organizations keep backups in the form of plain text on magnetic media in physically protected premises. Similarly, organizations that keep encrypted data might naturally be best served by storing backup keys in a bank safe deposit box. A requirement for near-real-time access would preclude this approach, however prudent or appropriate.

    Any access-time requirement carries with it special risks. In particular, some sort of network technology will generally be required. Such a network, which must link a large number of law enforcement agencies with different key recovery centers, would be extraordinarily difficult to secure. The current attention in the U.S. on the problem of securing critical infrastructure, such as telephone networks, power grids, national banking networks and air traffic control systems, underscores the problem of managing risk in key recovery. The system that support critical infrastructure, which are increasingly reliant on open networks and information systems, are among the most important current and future applications of cryptography. The complexity and increased risk introduced with key recovery would make critical infrastructure protected by cryptography more vulnerable to the kinds of sophisticated attackers that pose the most serious threats to these systems.

    Government specifications for key recovery systems for export approval are focused on the easier problem of ensuring that keys are recoverable when authorized. They do not address or give techniques for the far harder problem of ensuring against unauthorized disclosure of data. The design and construction of prototype key recovery systems that satisfy government specifications for export, therefore, are not sufficient to demonstrate that these systems can be operated securely, in an economical manner, on a large scale, or without introducing unacceptable new risks. Any assessment of a proposed system must take into account a broad range of design, implementation, operation, and policy considerations.

    As of mid-1998, we are aware of no key recovery proposals that have undergone analysis of the kind required. On the other hand, as our report notes, there are compelling reasons to believe that, given the state of the art in cryptography and secure systems engineering, government-access key recovery is not compatible with large scale, economical, secure cryptography systems.

    D. European Initiatives

    DLM-FORUM — Electronic Records

    The first multidisciplinary European DLM-Forum (DLM-Forum’96) on electronic records which took place in Brussels between the 18th and 20th December 1996 was a major event in the investigation of possibilities for wider co-operation in this area both between Member States and at Community level. It was initiated by the experts’ report Archives in the European Union (Report of the Group of Experts on the Coordination of Archives. Brussels – Luxembourg: OPOCE 1994) and confirmed by the EU-Council Conclusions of June 1994 (94/C 235/03).

    Organised by the European Commission in close co-operation with the EU member states it hosted more than 300 experts and decision-makers from public administration, archives, industry (hard- and software suppliers) and research. The multidisciplinary approach and the aim to publish guidelines on machine readable data as a concrete result as well as the high quality of the presentations were the attractions that turned this inaugural event into a European forum of international interest in the field of electronic records administration and storage. Participants came from all the EU member states, from other European countries (including the Russian Federation and Poland), as well as from Canada and the USA.

    First reviews that have been published by specialised journals are unanimously enthusiastic. The forum’s success owed a lot to the Programme Committee’s preparations and should also be attributed to the undivided and continuous support of the Irish and Dutch presidencies of the EU-Council.

    The forum was opened by the Secretary General of the European Commission, David Williamson who emphasised that archives, including increasingly electronic documents, are our collective memory and how important it is to retain that memory and to insure that it remains accessible in the future. In their keynote addresses the Deputy Director General of the Directorate General for Science, Research and Development, Hendrik Tent and the Permanent Representative of Ireland to the European Union, H.E. Ambassador Denis O’Leary laid out the political and technical framework of the DLM-Forum’96. Mr Tent described the importance of the forum with respect to innovation in the digital era and the Commission’s approach towards this challenge. Mr O’Leary stressed the role of archives in our society and the citizens’ right of access to information. In his closing speech the Head of Commissioner Bangemann’s Cabinet, Paul Weissenberg, pointed to the importance of electronic archives in the European Union’s concept of the Information Society as set out in the Bangemann report and subsequent documents. He stressed the necessity of concrete measures as an immediate consequence to the DLM-Forum.

    The ‘life-cycle’-concept of electronic records guided the three parallel sessions. Thus the speakers in those sessions reflected on electronic documents in the different phases of their administrative life. The multitude of topics ranged from discussions of norms and standards for data interchange to the presentation of new electronic storage material. Surveys on the ‘state of the art’ in Europe completed this first interdisciplinary approach to retaining the collective memory of the Information Society.

    It was the balance between working sessions and spontaneous and informal discussions outside those sessions that produced a most agreeable working atmosphere in which experts’ debates led to the kind of mutual understanding and the establishment of personal ties and relations needed to solve problems that concern all the disciplines represented at the forum. Thus the catalyst effect, which was hoped for, was achieved: experts from industry and research became sensitive to the concerns of archives and administrations.

    The forum will lead, as foreseen, to amendments to the first draft of multidisciplinary guidelines Best practices for using Machine Readable Data which had been distributed to the participants.

    Furthermore a document for follow-up measures, the so-called ’10 points’, was agreed on by the participants. One major topic for follow-up activities is the establishment of national focal points to improve co-ordination and networking and to establish functional requirements for electronic records management in the public and private sectors. Another topic concerns the urge for establishing training programmes for archivists and administrators.

    In a world of continuous and rapid change modern archives services are an element of continuity, stability and a solid base for essential information and indispensable records. Modern management in public and private institutions has to be dynamic, active and innovative, and above all has to cover the entire continuum of the life of documents. ‘The DLM-Forum’96 demonstrated that the issues posed by the preservation and re-use of electronic records are central not only to the work of archivists, but also form the cornerstone of future economic growth and development within the European Union.’ as Seamus Ross points out in his presentation. In short: the problem of preserving electronic records concerns even more people and areas than have been covered by the forum’s participants. Further activities should include among others legal advisors, system designers and application developers, auditors and insurance providers. Contacts with existing working groups (e.g. the European Commission’s Legal Advisory Board for the information market) have to be established or intensified. A first step to co-ordinate these activities is the installation of the DLM-Monitoring Committee in April 1997.

    Promoting safe Use of Internet

    To prevent illegal and harmful content being distributed on the Internet the European Commission is promoting initiatives which are aimed at increasing the general awareness among parents, teachers, public sector and the information industry about how to deal with the issue in practical terms.

    This action accompanies the Green Paper on Protection of Minors and Human Dignity in Audiovisual and Information Services, the Communication on Illegal and Harmful Content on the Internet, and the Action plan on promoting safe use of the Internet.

    REFERENCES

    1. STOA, PE 166499: “An appraisal of technologies of political control”, 1998.

    2. R. Clarke: Dataveillance: Delivering “1984”, Xamax Consultancy Pty Ltd, February 1993.

    3. R. Clarke: Introduction to Dataveillance and Information Privacy and Definitions of Terms, Xamax Consultancy Pty Ltd, October 1998.

    4. R. Clarke: A Future Trace on Dataveillance: Trends in the Anti-Utopial Science Fiction Genre, Xamax Consultancy Pty Ltd. March 1993.

    5. T. Dixon: Workplace video surveillance – controls sought, Privacy law and Policy Reporter, 2 PLPR 141, l995.

    6. T. Dixon: Privacy charter sets new benchmark in privacy protection, Privacy law and Policy Reporter, 2 PLPR 41. 1995.

    7. D. Banisar and S. Davies: The code war, Index online, News Analysis, issue 1998.

    8. T. Lesce: They’re Watching You! The Age of Surveillance, Breakout Productions, 1998.

    9. W.G. Staples: The Culture of Surveillance, St. Martin’s Press, 1997.

    10. D. Lyon and E. Zureik: Computers, Surveillance and privacy, University of Minnesota Press, 1996.

    11. D. Lyon: The Electronic Eye – The rise of Surveillance Society, University of Minnesota Press. 1994.

    12. F.H. Cate: privacy in the Information Age, Brookings Institution Press, 1997.

    13. P. Brookes: Electronic Surveillance Devices, Newnes, 1998.

    14. O.E.C.D.: Privacy Protection in a Global Networked Society, DSTI/ICCPAREG(98)5/FINAL, July 1998.

    15. O.E.C.D.: Implementing the OECD “Privacy Guidelines” in the Electronic Environment: Focus on the Internet, DSTI/ICCP/REG(97)6/FINAL, September 1998.

    16. O.E.C.D.: Cryptography policy: The Guidelines and the issues, OCDE/GD(97)204, 1997.

    17. Report By an Ad Hoc Group of Cryptographers and Computer Scientists: The Risks of Key Recovery, Key Escrow, and Trusted Third Party Encryption, 1998.

    18. COM(98) 586 final: Legal framework for the Development of electronic Commerce.

    19. COM(98) 297 final: Proposal for a European Parliament and Council Directive on a common framework for electronic signatures, OJ C325, 23/10/98.

    20. A. Troye-Walker, European Commission: Electronic Commerce: EU policies and SMEs, August 1998.

    21. COM(97) 503 final: Ensuring security and trust in electronic communications – Towards a European Framework for Digital Signatures and Encryption.

    22. Directive 97/7/EC of the European Parliament and the Council of May 1997 on the protection of Consumers in respect of Distance Contracts. OJ L 144. 14/6/1997.

    23. ISPO: Electronic Commerce – Legal Aspects. http://www.ispo.cec.be .

    24. Privacy International: http://www.privacy.org .

    25. Newton and Mike: Picturing the future of CCTV, Security Management, November 1994.

    26. Gips and A. Michael: Tie Spy, Security Management, November 1996.

    27. Clarke and Barry: Get Carded With Confidence, Security Management, November 1994.

    28. Horowitz and Richard: The Low Down on Dirty Money, Security Management, October 1997.

    29. Cellular E-911 Technology Gets Passing Grade in NJ Tests, Law Enforcement News, July – August 1997.

    30. Shannon and Elaine: Reach Out and Waste Someone, Time Digital, July August 1997.

    31. Thompson, Army, Harowitz, and Sherry: Taking a Reading on E-mail Policy, Security Management, November 1996.

    32. Trickey and L. Fried: E-mail Policy by the Letter, Security Management, April 1996.

    33. Net Proceeds, Law Enforcement News, January 1997.

    34. Burrell, and Cassandra: Lawmen Seek Key to Computer Criminals, Associated Press, July 10, 1997, Albuquerque Journal.

    35. Gips and A. Michael: Security Anchors CNN, Security Management, September 1996.

    36. Bowman and J. Eric: Security Tools up for the Future, Security Management, January 1996.

    37. E. Alderman and C. Kennedy: The right to Privacy, Knopf 1995.

    38. Bennet and J. Colin: Regulating Privacy — Data protection and public Policy in Europe and the United States, Cornell University Press, 1992

    39. BeVier and R Lillian: Information about Individuals in the Hands of Government — Some reflections on Mechanisms for Privacy Protection, William and Mary Bill of Rights Journal 4, Winter 1995.

    40. Branscomb and A. Well: Who owns Information? From Privacy to Public Access, Basic Books 1994

    41. Branscomp: Global Governance of Global Networks, Indiana Journal of Global Legal studies, Spring 1994.

    42. Network Wizards, Internet Domain Survey, January 1997, http://www.nw.com/zone/WWW/report.html .

    43. Network Wizards, Internet Domain Survey, January 1997, http://nw.com/zone/WWW/lisybynum.html .

    44. Simon Davis: report, December 1997, http://www.telegraph.co.uk .

    45. Francis S. Chlapowski: The Constitutional Protection of Information Privacy: Boston University Law Review, January 1991.

    46. Ibid., p. 35.

    47. Ibid., p. 45.

    48. Ibid., p. 48.

    49. Ibid., p. 57

    50. Ibid., p. 82.

    51. Ibid., p. 276.

    52. Ibid., p. 267.

    53. J. Guisnel: Guerres dans le cyberspace, Editions la decouverte, 1995.

    54. http://www.dis.org .

    55. http://www.telegraph.co.uk .

    STOA PROGRAMME

    European Parliament
    Directorate-General for Research
    Directorate A
    SCH 4/61

    L-2929 Luxembourg

    Tel: +352 4300 22511
    Fax:+352 4300 22418
    rholdsworth@europarl.eu.int

    LEO 6 D46
    Rue Wiertz 60
    B-1047 Bruxelles

    Tel: +32 2 284 3962
    Fax:+32 2 284 9059
    msosa@europarl.eu.int

    Digitization and HTML by JYA/Urban Deadline.

    FORMER CIA DIRECTOR WOOLSEY DELIVERS REMARKS AT FOREIGN PRESS CENTER

    SPEAKER: JAMES WOOLSEY, FORMER DIRECTOR, CIA

    (+)

    WOOLSEY: Let me just informally say one or two things.

    First of all, I am five years out of office, and so much of what I say is — indeed virtually all of it is heavily governed by my views and practices when I was DCI. I do continue to hold security clearances and confer with the government from time to time, but I am not up to speed on things like current intelligence operations, and if I were, I wouldn’t talk to you about them anyway.

    I do have, however, a set of views about this set of issues and they were ones that I expressed in rather substantially the same terms when I was DCI that I’m going to express today. But in the context of the [European Parliament, Duncan] Campbell report and the current European interest, particularly in the overall subject of alleged American industrial espionage, I thought it was a perfectly reasonable thing to respond to the State Department’s request that I be available to answer your questions.

    If you look at the Aspin-Brown Commission report of some four years ago, chaired by the late former secretary of defense and chairman of the House Armed Services Committee, Les Aspin, it states quite clearly that the United States does not engage in industrial espionage in the sense of collecting or even sorting intelligence that it collects overseas for the benefit of and to be given to American corporations. And although he does so with a double negative, Mr. Campbell essentially confirms that in his report.

    In the Campbell report there are only two cases mentioned in which, allegedly, American intelligence some years — several years ago obtained information — secret information regarding foreign corporations. One deals with Thomson-CSF in Brazil, one deals with Airbus in Saudi Arabia.

    Mr. Campbell’s summation of those issues in one case is five lines long, in the other case it’s six lines long, and he is intellectually honest enough that in both cases he devotes one line in each to the fact that the subject of American intelligence collection was bribery. That’s correct. Not technological capabilities, not how to design wing struts, but bribery. And it is impossible to understand American intelligence collection, for my period of time anyway, with respect to foreign corporations and foreign government who sometimes assist them without realizing that that issue is front and center.

    Now, the Aspin-Brown Commission also said that approximately 95 percent of U.S. intelligence collection with respect to economic matters, which itself is only one of a reasonable number of U.S. intelligence targets — but with respect to economic matters, 95 percent of our intelligence collection is from open sources. Five percent is essentially secrets that we steal. We steal secrets with espionage, with communications, with reconnaissance satellites.

    Why do we focus, even to that 5 percent degree, on foreign corporations and foreign governments’ assistance to them in the economic area? It is not to provide secrets — technological secrets to American industry.

    In the first place, in a number of these areas, if I may be blunt, American industry is technologically the world leader. It is not universally true. There are some ares of technology where American industry is behind those of companies in other countries. But by and large American companies have no need nor interest in stealing foreign technology in order to stay ahead.

    Why then do we or have we in the past from time to time targeted foreign corporations and government assistance to them?

    WOOLSEY: There are really three main areas. One is that, with respect to countries that are under sanctions — Libya, Serbia, Iraq and the rest — important economic activity is sometimes hidden and it is important for the U.S. government to understand how sanctions are functioning, if they’re functioning successfully, whether Iraq is able to smuggle oil out and if so how much, how Mr. Milosevic does his country’s banking and so on.

    Those types of sanctions-related subjects and economics are the subject of efforts by the United States to steal secrets by various methods — have been in the past.

    Second, with respect to dual-use technology, there are some legitimate products, a number of types of chemicals that are useful in pharmaceuticals and in fertilizers and the like, super-computers are useful for predicting the weather and other purposes, that also have use in designing or producing weapons of mass destruction. So particularly where there are efforts around the world to hide the transportation and sale of certain types of materiel and products that can be used in the production of weapons of mass destruction, yes, there is a big incentive and an important reason why the United States government has in the past felt it important to steal secrets.

    The third area is bribery. We have the Foreign Corrupt Practices Act. It is a statute under which I have practiced as a lawyer. I have done investigations of major American companies on behalf of their boards of directors to detect Foreign Corrupt Practices Act violations. I have sat as a board member of American publicly owned corporations and questioned management about whether there had been any foreign corrupt practices.

    It is a vigorously enforced statute and an important one. And as a result of it, American industry is again not perfect, but as a general proposition it does not try and certainly does not succeed in winning contracts and international commerce by bribery.

    This is not true of the practices of some of our friends and allies and some of our adversaries around the world. Some of our oldest friends and allies have a national culture and a national practice such that bribery is an important part of the way they try to do business in international commerce.

    We have spied on that in the past. I hope, although I have no immediate verification, that the United States government continues to spy on bribery.

    But whether it does or not, it seems to me that it should be understandable to anyone who reads the Campbell report, to anyone who thinks at all about whether American corporations need to steal technological secrets from foreign corporations, and anyone who is at all sophisticated about the way international trade and commerce works, that bribery is — or should be in any case and certainly was in my time at the heart of U.S. intelligence’s need to collect secret intelligence regarding foreign corporations and foreign governments’ assistance to them.

    And with that I’m prepared to take your questions.

    MODERATOR: OK, it’s fairly crowded today. Please wait for the microphone, identify yourself and your news organization. We will go right up here in the front.

    Yes, we might as well start.

    QUESTION: Then I take it that all the hubbub from Brussels and the European parliament with accusations that the NSA is being fed this information, all that is false?

    WOOLSEY: Well, in far as the hubbub in Europe and in Brussels doesn’t mention that if there is any targeting of European corporations, if the past is any guide, it’s likely to be about bribery, then the journalists who are reporting it are hiding the ball. Because Mr. Campbell himself makes it quite clear, in both of the cases he mentions, that bribery is the issue.

    So if people are inventing out of whole cloth in spite of what’s said in the Aspin-Brown report, in spite of what I said when I was DCI, as far as I know, I believe what is being said publicly and officially on the record by the U.S. government today, that the United States does not conduct industrial espionage, it doesn’t steal secrets of foreign companies to give them to American companies for purposes of competitions and so forth — if the hubbub in Brussels ignores that, then those who are creating the hubbub are intentionally looking away from the major issue.

    WOOLSEY: If this were Shakespeare’s “Hamlet,” to discuss the issue without talking about bribery, is like talking about it without talking about the prince of Denmark. It’s the central thing.

    QUESTION: Mr. Woolsey, in spite of all that you said, it seems to me that espionage per se was two kinds — the Cold War kind, which you do against your political and ideological adversaries, and the industrial kind that you’re talking about.

    Now there’s a general feeling throughout the world, that this industrial espionage is sort of open house, and everybody does it to everybody else. And there have been some reports of American agents being expelled from Germany, or France, or somewhere.

    So in spite of all that, you’re saying except for bribery, the United States is not doing it at all.

    WOOLSEY: The other two areas — at least in my time — that we thought were quite important to follow, I did mention. One has to do with sanctions. If companies in countries that are friends and allies of the United States are busting sanctions by what they’re selling to a country like Libya or Iraq, that might be the subject of secret collection. If there are efforts to hide the sales of dual-use technology that can be used with respect to weapons of mass destruction.

    But I generally — and I think most of us who talk about this issue — reserve the term industrial espionage to mean espionage for the direct benefit of an industry. That is, I don’t call it industrial espionage if the United States spies on a European corporation to find out if it is bribing its way to contracts in Asia or Latin America that it can’t win honestly.

    I would — and especially when it is not the practice of the U.S. government — it certainly didn’t occur in my time, and I’m not aware that it ever has — that the U.S. government gives this information about bribery, when we find it, to an American company. That’s not what happens. The information about bribery is not given to the American corporation that may be the victim.

    What happens is that the State Department is informed, and then an ambassador, or in some substantial cases perhaps a very senior official in the State Department, goes to the country where the government official is being bribed, and says, You know, we really don’t — we know about this, and we really don’t think this is the way you ought to make decisions about awarding contracts.

    Now what then typically happens, is that the contract award either is made on the merits — sometimes an American company wins, sometimes not. Or sometimes the host government will split the contract. And the American company, if it wins all or a share of it, doesn’t know that the reason it won was because the U.S. government uncovered bribery and went to the host government, and said, We don’t think you should be engaged in awarding contracts this way. But I don’t call that industrial espionage.

    So in the post-Cold War era, how big a focus is this sort of thing for the United States? I’d say it’s rather modest, in the overall model — at least in my time as DCI — of our intelligence — of our secret intelligence collection.

    Economic intelligence is important, but as I said, it’s about 95 percent from open sources. What our major focus is, is on rogue states, weapons of mass destruction, whether Russia is going to turn into a non-democratic country. We focus on major issues that could directly affect the security of the whole country.

    But there is some increased emphasis on economics — 95 percent of it from open sources. The part that’s from covert sources is as I described.

    QUESTION: You answered part of my question with your statement just now that, if in fact, U.S. intelligence were to uncover attempts at bribery by a corporation from another country, they would not inform the U.S. corporation.

    But while we’re on, sort of the issue of process, presumably U.S. intelligence inadvertently perhaps, runs across technologically interesting information — technologically valuable information — even in the course of investigations predicated on the three areas that you laid out — technologically valuable information that would be commercially useful. What happens to that information? Does it sit mouldering on a shelf, or is there a means by which that information does wind up in the hands, either of U.S. government corporations, or U.S. corporations?

    WOOLSEY: I don’t think so, realistically. Given the fact that the problem for the U.S. intelligence community is that there’s a great deal of data that goes unanalyzed — the problem is sorting through all this material. It is a substantial commitment of time and effort to devote an able analyst to sorting something out. And in the important high-tech areas — computers, telecommunications, software, and the like — these are areas — again, I don’t want to sound nationalistic about this. But bluntly, these are areas in which the United States is the world leader.

    And it is — it would be a substantial misuse, I think, of the time of valuable analysts to go through technological analysis of material from other trading countries, you know, that we have cordial relations with, and deal with all the time, and where there’s a great deal out in the open anyway, in order to do an analytical piece that can’t be given to anybody. I mean, it could not be given to an American corporation.

    There’s a separate problem here, which is, what’s an American corporation? Is it a company that’s headquartered in New York, but does most of its manufacturing in Canada — an American corporation? Is it a Canadian corporation that manufactures largely in Kentucky? Who knows. We have a terrible time sorting this sort of thing out in trade issues, generally. And it’s just a morass that the U.S. intelligence community has no particular instinct or reason to get into.

    And so, can one absolutely guarantee that nothing is ever leaked, that shouldn’t have leaked? I suppose one can never absolutely guarantee anything. But would, in the normal routine business, somebody do a technological analysis of something from a friendly country, which had no importance, other than a commercial use, and then let it sit on the shelf because it couldn’t be given to the American company? I think that would be a misuse of the community’s resources. I don’t think it would be done.

    QUESTION: There was a specific case which involved a radar system that was installed in Brazil, and involving a European company and an American company. Both companies found out what the government had found out, that the European company was trying to bribe the Brazilian companies…

    WOOLSEY: Is this the Thompsen C.S.F. case…

    QUESTION: Yes.

    WOOLSEY: … in the report?

    QUESTION: Yes. I have two questions on that. One is, if you are spying on a company because you think it might be bribing its way to a contract, you can — in this case for example, everyone knew exactly what technology was being sold. So, it isn’t like that you have to get a special analyst to analyze the system, because everyone knew exactly it was radar system.

    So going back to Paul’s question. In the case — knowing that you’re analyzing radars, if you did have some information that, let’s say the European company had a special system, or something, would that just sit on a shelf? That’s one thing.

    And the other thing is, could you use that — if you pass some information to the State Department, but it could be used in commercial negotiations, like let’s say you’re spying on companies or something.

    QUESTION: And then you find out that in a WTO negotiation or a WTO panel something will come up related to that that still is information that can be used by the government commercially or not.

    WOOLSEY: I can’t exclude the possibility that at times in the past, information that would come to the attention of the U.S. intelligence community would be used in a circumstance like the second one you mentioned, for U.S. government purpose. Something like that would not be the focus of collection or the focus of even the sorting of intelligence. But it’s just too far down the food chain of interests, frankly.

    But I think the — you can’t exclude the possibility that if a report including information about something technological were disseminated inside the United States government, it would be used for a government-wide purpose by someone who knew about it in the State Department or elsewhere.

    What wouldn’t be done, is that it wouldn’t be given to the American company in question. But intelligence community’s main problem over the course of the last several years has been that as the Cold War has ended, it’s relatively speaking, its resources are insufficient in its eyes and in mine to do a lot of what is necessary. I’ve often said that it’s as if we were fighting with a dragon for some 45 years and slew the dragon and then found ourselves in a jungle full of a number of poisonous snakes. And that in many ways, the snakes are a lot harder to keep track of than the dragon ever was. The snakes are rogue states and terrorists and the like. We have now six or eight major issues we have to watch instead of just the workings of the Soviet Union and its various manifestations in the world.

    And that has meant that on these crucial issues for U.S. intelligence, rogue states, weapons of mass destruction, terrorism, narcotics smuggling, the community has found itself very strapped. And you know, to spend time trying to figure out whether some technological fact about some friendly country’s part of their technology is relevant to some trade negotiation is — got to be something — I can’t believe anybody would be focusing on or spending any time on.

    MODERATOR: OK, let’s start from the back and we’ll work our way forward.

    QUESTION: I have a question about a definition. If the American company hires a local consultant in China, or Brazil or Afghanistan, who bribes at his own expense and his own account with or without knowledge of the American company, and he pays bribes. Is that as far as you are concerned, is that bribery or it is not?

    WOOLSEY: It probably depends on the facts. But if the American employer had reason to believe from the past behavior of this individual or from the overall circumstances or from his expenses or from the fact that an award was given that didn’t seem understandable or justified by the bids, if for any reason, the American employer including a foreign individual who was directly employed by the United States, the gut (ph) company, had reason to believe that a bribe had occurred, it would be a violation of the Foreign Corrupt Practices Act. This is the sort of thing — there are things under the FCPA called red flags.

    There’s a rather long list of behavior and circumstances which should raise suspicions. And the American companies and their boards of directors, are charged not just to report to the SEC or the Justice Department when they clearly and definitely know that someone overseas has been bribed. They are charged with conducting investigations and being on top of what all of their commercial agents and the like are doing. It’s a very demanding statute.

    QUESTION: My question is not about industrial espionage specifically. I hope that’s all right. Sorry, Charlie.

    There was a report in the New York Times a few weeks ago that said the Jordanian secret service had surpassed the Mossad, the Israeli Mossad in terms of how much they helped the U.S. in fighting terrorists and things like that. And I’m wondering if you could speak at all about how much — and that in fact, even in Jordan that the U.S. identifies its spies to the Jordanian government, a practice it doesn’t do in other places. So I was wondering if you would comment on that.

    But also, if you could describe in any way how much the Israeli intelligence service and the U.S. intelligence service work together in terms of even finding out things about Iraq and weapons of mass destruction and those kinds of things.

    WOOLSEY: Even if I were current — and I have not been current on this subject for the last five years since I left the government — I wouldn’t answer that question. I will say this. Both Jordan and Israel have very fine intelligence services. Both countries are friends of the United States. The countries under a lot of circumstances today are friends of one another. And a number of friendly countries in the Mideast cooperate with intelligence and otherwise, in dealing with rogue states and aggressive states in the Mideast. And I would certainly count Iraq as first and foremost in that later category.

    MODERATOR: Far be it for me to ever try to control the topic of a conversation, but we are — I’ll go across the Sinai Peninsula to Thomas, if he’s on the economic topic?

    OK, Thomas?

    QUESTION: Trying to figure out what you said about (inaudible) and jungle of the snakes. Definitely, in the golden age of espionage there was spying and counter spying. And you cannot say that you are just a victim of the others and you don’t want to try to get information about the others. Definitely there is a kind of a spying, you know, to counter attack his espionage. This is my first question.

    My second question is…

    WOOLSEY: Let me see if I understand. Does the United States spy on countries that are trying to conduct industrial espionage against American corporations?

    QUESTION: Yes.

    WOOLSEY: In my time, yes. I don’t know whether we still do or not. But I would have considered it a useful, although not perhaps actually top priority for the United States to understand the workings of a foreign intelligence service that at the behest of its government was conducting espionage against American corporations to steal say technological secrets. What counter espionage it really is in the international context is essentially intelligence services spying abroad on foreign intelligence services that are in turn spying on their country.

    And that is part of the warp and woof of international intelligence collection for the United States, for Egypt and for the countries represented by essentially everybody in this room.

    QUESTION: My second part of the same question was that what about the privatized economic espionage?

    QUESTION: I mean which is more than related to the industries and the firms and the — in general because always even the regular espionage were asking, for all of the human factor of intelligence collected. It’s important or just…

    WOOLSEY: Well, with respect to some types of intelligence targets, particularly in the post-Cold War era — terrorism is one very good example — human intelligence, the human factor, espionage is distinct from technical intelligence collection, has really got to be first and foremost.

    Terrorism is not something you learn a lot about from plants, to the contrary, notwithstanding from looking at terrorist camps through reconnaissance satellites. You need spies.

    But with respect to you know economic espionage against the United States…

    QUESTION: I mean in general from your perspective, economic espionage doesn’t get more human intelligence or rely on…

    WOOLSEY: It’s hard to say. Again, these three areas that I mentioned that were salient in my time, again for this 5 percent of economic intelligence that’s secret, 95 percent being you pick up newspapers and surf the Web and whatever. But for the 5 percent that involves needing to steal secrets, I would say yes, that human intelligence if you’re talking about bribery, if you’re talking about finding out about companies that are shipping material around sanctions, if you’re talking about companies that are selling super computers to institutions in other countries, that can use them to design nuclear weapons, a lot of that, I would say a rather high proportion of it would typically have to come from human agents, from human sources.

    QUESTION: With all of the other sources can you state why you’re failing and as dragon you mention the snakes? Secondly, recently it was deserved (ph) by India and the United States to cooperate more on international terrorism? Do you expect the intelligence agencies of the two countries to cooperate in order to track international terrorism and cooperate (ph)?

    WOOLSEY: Well, the dragon was the Soviet Union and the last time I looked we won the Cold War. I don’t think we failed against the dragon. I would comment to your Mr. Matrokin (ph) and Mr. Andrews recent book, “The Sword and the Shield,” based on the KGB archives that Matrokin (ph) stole from essentially 1917 to 1985. And it’s a complicated story.

    There were some things the KGB were very successful at such as technical intelligence collection against American corporations actually. But after the demise essentially of the American communist party’s vibrant life, right after the end of World War II and after the end of the American Soviet Alliance in ’45, beginning in ’47 or ’48, the playing field tended to move in an American direction. And Matrokin (ph) and Andrew would say that particularly in the ’60s and ’70s and into the ’80s, probably American intelligence collection against the Soviet Union across the board particularly against the government, was substantially superior to a rather dismal KGB performance against the United States.

    QUESTION: (Inaudible) country?

    WOOLSEY: The dragon that we fought for 45 years and slew, was the Soviet empire in my analogy.

    QUESTION: That isn’t what I had in mind…

    WOOLSEY: Well, but you — it was my analogy so I get to say what I had in mind.

    (LAUGHTER)

    Now with respect to the United States and India, India is a friendly country and we cooperate on a number of things and we’re — both diplomatically and from time to time in intelligence areas, and I would hope that it would continue.

    At least that was true with I was DCI. For the last five years you would have to ask somebody else.

    QUESTION: I know it’s hard to quantify, but what region of the world, if you can break it down, is most afflicted by this — if I can use the word — by this U.S. espionage, especially bribery?

    Is it Middle East? Is it South Asia? Is it Europe? Is it…

    WOOLSEY: Well, you have the bribers and the bribees. OK. Now in a number of parts of the world although some are struggling against it, there has been a tradition of public officials accepting bribes and it occurs in a number of places.

    The part of the world that where this culture of getting contracts through bribery, that actually has a great deal of money, and is active in international contracting is to a first approximation Europe. And indeed if you look at the recent negotiations that deal with implementing the OECD convention on bribery that was signed, I think in late 1997, there have been a number of parliamentary acts passed.

    WOOLSEY: The Germans, for example, have gotten rid of the provision of German tax law that permitted bribes to be deducted from income taxes. France is debating it; hasn’t gotten rid of it yet.

    But there has been a general history — both because it’s been relatively prosperous, because it’s companies export — that I would say the principle offenders, from the point of view of paying bribes in major international contracts in the world, are Europe. And indeed, they are some of the very same companies — the companies are in some of the very same countries where the most recent flap has arisen about alleged American industrial espionage.

    It leads me to wonder whether the next major international investigation on this sort of subject coming from Europe is going to be charging that there needs to be a major look at the problem of rude American maitre d’s.

    I’ll leave it at that.

    QUESTION: I have two questions, the first one regarding the peace process. In case of the peace process in the Middle East, do you believe the CIA will be able to change the way handling the cases in the region? And the second question regarding how did you handle the espionage against you, United States, from your allies, like Israel and the other famous cases in that?

    WOOLSEY: Second one first. Certainly the United States, often for reasons for learning about technology, is the target of espionage from some very good friends and allies. It happens. Normally we try to work it out. We try not to make a major public fuss about it. But where prosecution is necessary and where it does occur, we are generally of the view that one should impose penalties consistent with the seriousness of the espionage and the amount of material that was turned over, not the degree of friendliness with the country.

    I’m going to use a clear example, one that I’ve spoken on publicly a number of times, Jonathan Pollard. The question has come up, since Israel is a friend of the United States, shouldn’t the United States pardon Mr. Pollard? Both I, and I think almost anybody connected with the American intelligence community and law enforcement community has said no, because of the volume and seriousness of what he stole.

    Now, you’re first question was about?

    QUESTION: It was about the peace process…

    (CROSSTALK).

    WOOLSEY: The peace process, yes. CIA officers in a number of negotiating situations — and here we’re largely talking about analysts — are extremely helpful. I was an ambassador and arms control negotiator for the United States. I negotiated the CFE Treaty in Vienna in 1989 to ’91. And I had several CIA analysts on my delegation and they functioned very much like other U.S. government officials.

    WOOLSEY: We didn’t formally call them CIA officials, but our Soviet and other counterparts knew that they worked for the CIA. And they chaired working groups for me on verification. They negotiated provisions with other countries, dealing with verification. They were valuable members of the team.

    And they had very cordial relations with Soviet counterparts. Sometimes we would even have parties with the American CIA people, and the Soviet KGB people, you know. It was an odd time.

    But nonetheless, this tradition of American intelligence officers being involved in negotiations is one that I think can be entirely positive. There is one aspect of the CIA officers’ involvement in the negotiations in the Mideast that I couldn’t tell from the public statements whether it was taking place or not, but I was concerned that it might, because it seemed to me it put the intelligence officers in the middle, between the negotiating parties, and led them to have to try to assess whether one party was violating the accords, and then explain it to the other party, going both ways. And I thought that was a bad position to put an intelligence officer in.

    I thought the U.S. intelligence officers should collect intelligence for the United States. And if an American official had to go to one party or the other in the negotiations, and say, “You haven’t turned in all your weapons, and we know it,” or, “You haven’t done this, and we know it.” It ought to be a diplomat. It ought to be an official from the State Department, not an intelligence officer.

    But with that footnote, with that, you know — and I can’t tell still, from the public statements, exactly what the role of the CIA officers in the Mid-Eastern — in the Palestinian-Israeli negotiations has been. With that footnote, I think that for the CIA, and for intelligence officers from other countries, there are a number of circumstances in which they can have a quasi-open, and professional, and very useful role on issues such as verifying agreements.

    QUESTION: Mr. Woolsey, I understand that the U.S. is for — to promote democracies around the world, compared to dictatorships — number one. Number two — how much — and also CIA briefs president on a regular basis — on a daily basis on intelligence matters. How much president listen to the CIA reports, or their advice, including now, this report here in India Globe, and around the world in newspapers that he should not visit Pakistan? That’s according to the CIA intelligence reports. Should he visit Pakistan or not, in your guess?

    WOOLSEY: Well, my — I’m not going to bite on that substantive recommendation. But I will say this. I think the CIA got a little bit spoiled in President Bush’s presidency, because having been a director of Central Intelligence himself, he was, and remains absolutely fascinated by intelligence, by the CIA. The CIA headquarters is now named after him. He had the intelligence briefer in every day, and so forth.

    President Clinton is a speed reader. And he rather frequently reads the morning intelligence briefing, and annotates it, and sends it back with questions, rather than having the CIA briefer in. And if you’ll pardon me a moment of humor, when in 1994, in the autumn, after I’d been in the CIA job for a little over a year and a half, a small plane crashed into the south front of the White House. The White House staff joke, at the time, was, That must be Woolsey still trying to get an appointment.

    (LAUGHTER)

    So, I may not be the best individual to ask with respect to daily interactions of that sort. But whether a president absorbs information by a daily meeting, or by reading — as at least in my time, was principally President Clinton’s method of absorbing intelligence — presidents normally pay a great deal of attention to what U.S. intelligence as a whole — not just the CIA — communicates to them. And sometimes they discount it and do something else. And sometimes they have a right to discount it. And sometimes they were wrong. But on that particular issue, I’m going to stay away from that with a 10-foot pole.

    QUESTION: Sir, you mentioned about the dual technology transfer. I believe, you know, that’s from the other side of the story. This is a — maybe that’s falling into the term of an FBI, but given your experience, I’d like to have your comment on that. That is, what are those countries involved the most, in terms of stealing U.S. industry secrets here?

    When you’re talking about rogue states, I consider that — do you consider China as a rogue state, or what? I mean, according to a lot of report that it is China, it is Japan, Korea, Taiwan and Israel involved most in those case.

    QUESTION: But maybe you can tell us what exactly…

    WOOLSEY: I’m not going to get in the business of talking about individual countries that way.

    I would say this. With respect to technology theft from American corporations especially, the Soviet Union and the KGB were very good at this. The Metrokin (ph) book explains how and why. Happily, the Soviet Union was unable to take advantage of much of the technology because of their incredibly decrepit and terribly inefficient economy. But they were very vigorously involved in this.

    It has also been the case, because of American technological leadership in a number of high-technology areas, that some of our old friends and allies are in this business as well, not only by putting microphones in the head rests of their airliners which cross the Atlantic, in first class seats, but in other ways as well.

    There are European countries where one wants to — if you leave your briefcase when you go to dinner, if you’re a businessman and there’s anything sensitive in it, you should have your head examined. There are a number of parts of the world where American companies and individuals when they travel where there’s intelligence collection against them. And there’s some in this country, including from some friends — old friends of the United States.

    We try to discourage this. We work hard at it. We talk privately with the countries and companies involved. We exert a good deal of effort to try to keep this from happening. But it is something that is rather substantially, in this country, principally on the mind of the FBI not the CIA. Because the only way it comes up for U.S. intelligence is if we learn overseas, in conducting an intelligence operation or collection, that that foreign country’s intelligence service is going to be doing something inside the U.S. Anything that actually takes place here, 99.9 percent of the time the relevant people are the FBI not the CIA.

    I don’t know what to say other than I don’t really want to get into accusing individual countries. This waxes and wanes. No one is as involved in it as deeply as the KGB used to be on the behalf of the Soviet Union. But a number of countries still do it.

    MODERATOR: And on that note, I’d like to say thank you. Thank you ladies and gentlemen.

    WOOLSEY: Thank you for having me.

    8 March 2000. Thanks to anonymous.

    TRANSCRIPT
    March 07, 2000
    NEWS BRIEFING
    JAMES WOOLSEY
    FORMER CIA DIRECTOR
    WASHINGTON, D.C.
    JAMES WOOLSEY HOLDS BRIEFING AT THE FOREIGN PRESS CENTER
    EVENT DATE: 03-07

    MARCH 7, 2000

    Find this story at 8 March 2000

    HTML by Cryptome.

    Wie Geheimdienste spionieren; Amerikas Top-Spion aus der Tiefe – das mysteriöse Atom-U-Boot „USS Jimmy Carter“

    Die jüngsten Enthüllungen zeigen, wie umfassend das weltweite Internet überwacht wird. Einer der erfolgreichsten Kundschafter soll ein geheimnisumwittertes Atom-U-Boot der US-Amerikaner sein – die „USS Jimmy Carter“.
    Am Meeresboden entlang sausen gigantische Datenmengen in Glasfaserkabeln um die Welt. Doch sicher sind sie dort keineswegs. Einer der Gründe dafür: das Atom-U-Boot „USS Jimmy Carter“. Der 138 Meter lange Koloss soll in der Lage sein, die Leitungen in der Tiefe anzuzapfen. In allen Ozeanen dieser Erde – und damit in Gebieten, die außerhalb der Hoheit der Vereinigten Staaten liegen.

    Das nach dem früheren US-Präsidenten Jimmy Carter benannte U-Boot unterliegt höchster Geheimhaltung. 140 Mann Besatzung steuern das Boot durch die Ozeane, daneben kann es noch bis zu 50 Spezialkräfte aufnehmen. Von einer Multi-Mission-Platform können Taucher und Mini-U-Boote starten. Seit Anfang 2005 ist die „USS Jimmy Carter“ in den Weltmeeren unterwegs.

    Angriffe auf Unterseekabel
    Wie aber kommt das U-Boot überhaupt an die Daten heran? Darüber gibt es nur Gerüchte, doch mehrere Szenarien sind denkbar. So könnten die Tiefseespione in Glasfaserleitungen so genannte „Splitter“ einklinken. Diese elektronischen Bauteile schicken Kopien aller erfassten Daten über eine eigene Leitung direkt zum US-Militärgeheimdienst NSA.

    Bei einer anderen möglichen Variante müssen die Unterseekabel nicht einmal aufgetrennt werden: „Es genügt, die Kabel leicht zu biegen, um an die Daten zu kommen“, erklärt der IT-Journalist Peter Welchering. Spezielle „Biegekoppler“ fangen die Lichtsignale ab und lesen sie aus. „Moderne Lauschgeräte benötigen weniger als nur zwei Prozent der optischen Leistung der Glasfaser, um dann das komplette Signal abzugreifen und in Bits umzuwandeln“, fügt Welchering hinzu.

    Radarkuppeln und Satellitenspäher
    Wirklich neu ist die Tatsache, dass Amerikaner, Engländer und andere Staaten internationale Kommunikationswege ausspähen, allerdings nicht. „Ich verstehe die ganze Aufregung nicht“, sagt Welchering. „Mit Echelon verhält es sich doch nicht anders, nur dass die jetzt in den Fokus geratenen Lauschangriffe in digitaler Form stattfinden.“

    „Echelon“ heißt ein weltweites Spionagenetz, das mutmaßlich weit in die Zeit des Kalten Krieges zurückreicht. Seit den 1970er-Jahren gab es Gerüchte über seine Existenz. Abhörstationen und Weltraumsatelliten überwachen angeblich Telefongespräche, Faxverbindungen und Internet-Daten, die über Satellit geleitet werden. Auch Handygespräche und Funkverbindungen sollen abgehört werden. Kugelförmige Radarkuppeln wölben sich über die Antennen, die die Signale erfassen. Eine wichtige Anlage stand im bayerischen Bad Aibling. 2004 wurde sie geschlossen, nachdem bekannt geworden war, dass sie nach Ende des Kalten Krieges vor allem europäische Unternehmen ausspioniert hatte.
    Betrieben wird „Echelon“ von Nachrichtendiensten der USA, Großbritanniens, Kanadas, Australiens und Neuseelands. Genau die fünf Staaten also, die auch bei der digitalen Datenspionage zusammenarbeiten.
    Feind und „Freund“ hören mit
    Auch Computer und Telefone anzuzapfen ist für Geheimdienste kein Problem. Um an die Daten zu kommen, bedarf es einfach einer entsprechenden Spionagesoftware. Zwar lassen sich nicht derartige Informationsmengen wie an Unterseekabeln abschöpfen, doch die Spione können gezielter attackieren. Und zum Beispiel ein bestimmtes Unternehmen ins Visier nehmen.

    Der volkswirtschaftliche Schaden durch Industriespionage lässt sich schwer schätzen, weil die Dunkelziffern hoch sind. Das Beratungsunternehmen Corporate Trust geht von mindestens 4,2 Milliarden Euro pro Jahr allein in Deutschland aus.

    Total verwanzt
    Unter Verbündeten sollte das eigentlich ein Tabu sein: Trotzdem spähen US-Geheimdienstler auch die Europäische Union aus. Das berichtet zumindest das Nachrichtenmagazin „Der Spiegel“. Die diplomatischen Vertretungen der EU in Washington und bei den Vereinten Nationen in New York seien verwanzt worden, heißt es in dem Blatt unter Berufung auf Geheimdokumente des NSA-Enthüllers Edward Snowden. Darin würden die Europäer als „Angriffsziel“ benannt.

    Die Methode, die Räume – angeblich oder tatsächlich – gegnerischer Nationen zu verwanzen, war schon im Kalten Krieg sehr beliebt. Der sowjetische Geheimdienst KGB entwickelte zum Beispiel so genannte passive Wanzen, die keine Batterie brauchten, sondern ihre Energie durch von außen eingestrahlte Mikrowellen erhielten. Die Sowjets konnten den US-Botschafter in Moskau auf diese Weise jahrelang abhören, ohne dass dies entdeckt wurde.

    Der Mann mit dem Schlapphut hat noch nicht ausgedient
    Trotz aller Hightech-Methoden, auf die Geheimdienste heute setzen: Nach wie vor ist der klassische Spion nicht aus der Mode gekommen. Für Aufsehen sorgt derzeit in Deutschland der Prozess gegen ein russisches Agentenehepaar, das 25 Jahre lang ein filmreifes Doppelleben geführt hatte. Jetzt müssen beide für mehrere Jahre hinter Gitter. Das Oberlandesgericht Stuttgart verurteilte den Ehemann zu sechseinhalb Jahren und seine Frau zu fünfeinhalb Jahren Haft.
    Auch im Bereich der Wirtschaftsspionage sind Informanten ein wesentlicher Faktor. Denn in vielen Fällen sind es die eigenen Mitarbeiter einer Firma, die Betriebsgeheimnisse verkaufen.

    Dienstag, 02.07.2013, 18:51 · von FOCUS-Online-Autor Harald Wiederschein

    Find this story at 2 July 2013

    © FOCUS Online 1996-2013

    NSA-Abhörskandal; Die Datenräuber von der USS “Jimmy Carter”

    Der US-Geheimdienst NSA überwacht den weltweiten Internetverkehr. Dafür zapfen die Schnüffler auch Glasfaserkabel an, die am Meeresboden zwischen den Kontinenten verlaufen. Eine Schlüsselrolle soll dabei das U-Boot “Jimmy Carter” spielen.

    Berlin – Jimmy Carter inszeniert sich gern als Freiheitskämpfer. Mit seinem Carter Center für Menschenrechte vermittelt der ehemalige US-Präsident in internationalen Konflikten, beobachtet Wahlen und setzt sich für transparente Regierungsführung in Entwicklungsländern ein. Für seine Arbeit wurde er mehrfach ausgezeichnet: Unter anderem erhielt er 1998 den Menschenrechtspreis der Vereinten Nationen und 2002 den Friedensnobelpreis.

    2005 wurde ihm eine besondere Ehre zuteil: Die US-Marine benannte ein U-Boot nach Carter. Es ist das erste amerikanische Militär-U-Boot, das nach einem lebenden Ex-Präsidenten benannt wurde – und es ist nicht irgendeines. Die 138 Meter lange “Jimmy Carter” ist für Spezialoperationen ausgerüstet und nach Einschätzung von Geheimdienstexperten in der Lage, Unterwasserkabel anzuzapfen. Ein Boot also, das ausgerechnet von Carter hochgehaltene bürgerliche Freiheiten wie das Post- und Fernmeldegeheimnis zu verletzen sucht.

    Bau und Ausrüstung des knapp 2,5 Milliarden Euro teuren U-Boots unterlagen strengster Geheimhaltung. “Sie werden niemanden finden, der mit Ihnen darüber spricht”, sagte Marinesprecher Kevin Sykes, als die “Jimmy Carter” Anfang 2005 in Dienst gestellt wurde.

    Nur wenige Monate zuvor, im August 2004, hatte das US-Militär die USS “Parche” eingemottet. Dieses U-Boot hatte während des Kalten Kriegs Unterseekabel angezapft und galt als eine der wichtigsten Waffen im Spionagekrieg. Die Besatzung des Boots ist bis heute die höchstdekorierte Einheit der Marine. Das Militär nimmt ein solches Schiff nur dauerhaft außer Betrieb, wenn ein Nachfolger bereitsteht.

    Das am stärksten bewaffnete U-Boot

    140 Mann Besatzung leisten auf der USS “Jimmy Carter” Dienst. Sie verfügt über eine sogenannte Multi-Missions-Plattform, die wie ein Unterwasser-Hangar funktioniert. Von dort aus können Mini-U-Boote und Kampftaucher ins Wasser gelassen werden. 50 Spezialkräfte, etwa Navy Seals, kann das Atom-U-Boot aufnehmen. Für feindliches Sonar ist es kaum zu orten, weil seine Motoren extrem leise sind und der Bootskörper kaum elektromagnetische Strahlung abgibt.

    Das Schiff ist mit Torpedos sowie Flugkörpern der Typen “Harpoon” und “Tomahawk” ausgerüstet, die feindliche Ziele sowohl zu Wasser als auch an Land ausschalten können – auch mit Nuklearsprengköpfen. Außerdem ist die Besatzung in der Lage, Seeminen zu legen. Damit sei die “Jimmy Carter” das am stärksten bewaffnete U-Boot, das jemals gebaut wurde, jubelte “Undersea Warfare”, das offizielle Magazin der amerikanischen U-Boot-Flotte.

    Seit die “Jimmy Carter” vom Stapel lief, haben US-Medien mehrfach darüber spekuliert, dass das Schiff Glasfaserkabel zwischen den Kontinenten anzapfen könnte. Das Pentagon hat diesen Berichten nie widersprochen. Im vom Whistleblower Edward Snowden enthüllten Prism-Spähprogramm bestätigt der US-Militärgeheimdienst NSA sogar die “Sammlung der Kommunikation über Glasfaserkabel, während die Daten hindurchfließen”. Die Marine teilt lediglich mit, dass das U-Boot mit “fortschrittlicher Technologie für spezielle Marinekriegsführung und taktische Überwachung” ausgestattet sei.

    Unklar ist bislang jedoch, wie die so abgefangenen Daten dann zu den Analysten des US-Militärgeheimdienstes gelangen. In den siebziger Jahren mussten regelmäßig U-Boote zu den Kabeln herabtauchen, um die Bänder einzusammeln. Diese Mission wurde schließlich von einem sowjetischen Spion verraten – das Aufnahmegerät befindet sich seither im Moskauer KGB-Museum. Sollten auch heutzutage die Kommunikationsdaten aus den Unterseekabeln nur zeitversetzt bei den Geheimdienstlern ankommen, wären akute Warnungen vor Terrorwarnungen kaum möglich.

    Wahrscheinlicher ist daher, dass die Besatzung der “Jimmy Carter” an den Glasfaserkabeln einen Splitter installiert und eine eigene Faserleitung in ein Rechenzentrum des Geheimdienstes gelegt hat. Peter Franck, Sprecher des Chaos Computer Clubs, hält es außerdem für möglich, dass IT-Experten an Bord des U-Boots die Daten bereits vor Ort vorfiltern und verdichten und über die normale Funkkommunikation zur Basisstation zurückfunken könnten.

    In beiden Fällen würden die NSA-Agenten praktisch in Echtzeit den Internetverkehr überwachen können.

    01. Juli 2013, 18:02 Uhr
    Von Christoph Sydow

    Find this story at 1 July 2013

    © SPIEGEL ONLINE 2013

    Interaktive Karte zum Überwachungsskandal; Kabel, die die Welt verbinden

    Über 200 Tiefseekabel verbinden die Kontinente und machen moderne Kommunikation erst möglich. stern.de zeigt, wo die wichtigsten Leitungen liegen – und welches deutsche Kabel angezapft wurde. Von Alexander Sturm

    Wenn Sie den Mauszeiger über die Kabel bewegen, öffnen sich Info-Kästen zu den jeweiligen Tiefseekabeln.

    Gäbe es die vielen tausend Kilometer Tiefseekabel nicht, die auf dem Grund der Weltmeere liegen, unser Alltag wäre ein anderer: All die Telefongespräche, E-Mails oder Online-Bankgeschäfte über Kontinente hinweg wären nicht vorstellbar. Knapp 20 der wichtigsten Kabel sind in der Grafik abgebildet. Moderne Leitungen können gut ein Terabit Daten pro Sekunde übertragen; das entspricht dem Inhalt von rund 120 Stunden Spielfilm. Das einzige transatlantische Kabel, das in Deutschland landet, das TAT-14 (im Bild gefettet), schafft laut dem US-Marktforscher Telegeography 1,87 Terabit pro Sekunde – und wurde vom britischen Geheimdienst abgehört.
    Verlegung dauert bis zu drei Jahren

    Eigentümer der Kabel sind Konsortien aus internationalen Telekommunikationsfirmen, die die Leitungen gemeinsam verlegen und betreiben. Staaten haben keinen Anteil, kaufen aber oft Datenkapazitäten, um Botschaften oder Militäreinrichtungen zu verknüpfen. Die Verlegung von Tiefseekabeln ist aufwendig: Je nach Länge, Zahl der Landungspunkte und Wetter dauert es bis zu drei Jahren (etwa für die Strecke Kalifornien-Japan und zurück über Hawaii), denn auf hoher See können nur zehn Kilometer Kabel pro Stunde ins Meer gelassen werden. Wartung ist dagegen kaum nötig: “Wenn die Kabel einmal im Wasser liegen, werden sie in der Regel nicht mehr angefasst”, sagt Alan Mauldin, Forschungsdirektor beim Marktforscher Telegeography.

    1858 gelang die Verlegung des ersten transatlantischen Kabels zwischen Großbritannien und Neufundland, damals ein Kupfer-Eisen-Draht. Moderne Seekabel aus Glasfasern gibt es erst seit 1988. Sie haben einen Durchmesser von rund sieben Zentimetern und bestehen aus Hunderttausenden hauchdünnen Fasern, die von einem Kupferrohr, Aluminium, Stahlseilen und mehreren Schichten Kunststoff geschützt werden. Viele Tiefseekabel enden an sechs großen Knotenpunkten: New York, Cornwall, Alexandria, Hongkong, Singapur und Tokio. Das längste Tiefseekabel der Welt könnte man übrigens beinahe um den Äquator legen. Das 36.500 Kilometer lange EAC-C2C verbindet China und Japan mit den Philippinen, Taiwan, Hongkong, Südkorea und Singapur.

    6. Juli 2013, 14:11 Uhr

    Find this story at 6 July 2013

    © stern.de

    Tapping the world’s fiber optic cables

    Data surveillance: how much is too much?

    Huge masses of data flash around the world along thousands of miles of fiber optic cables. They are regularly tapped – sometimes legally, mostly secretly. While this technology is simple, filtering is a huge challenge.

    Almost all the countries in the world expect their foreign intelligence services to tap and sift through international telecommunications. For that reason, network operators whose lines cross international borders are legally obliged to make certain intersection points available to the authorities. Britain’s Tempora program, for instance, had perfectly legal access to the information it obtained – at least when it passed through British territory.

    From electricity to light, and back

    But fiber-optic cables can also be tapped secretly, without the knowledge of the operators – though this is not exactly easy. To understand how it works, one has to look more closely at how the data actually passes through the cables.

    A standard fiber-optic cable laid across land consists of 144 individual glass fibers, while undersea cables consist of a maximum of eight individual fibers. Using laser technology, the electronic data is initially turned into ultra-short flashes of light. These flashes represent the zeros and ones that all digital information is comprised of. A photodiode at the end of the cable turns the light flashes back into electrical signals.

    Around 10 billion such flashes of light run through these cables every second, and each one can also transfer between 1.2 and 5 gigabytes of data per second. But since the capacity of fiber optics is never completely used up, in practice the data flow is usually equivalent to between one and five standard CDs.

    Fiber optics need amplifiers
    Thousands of miles of fiber optic cables are laid across the ocean floor

    But after a certain distance, the data signal drops. Every 80 kilometers or so, the signals have to be re-amplified, explained Klaus-Dieter Langer of the Fraunhofer Heinrich-Hertz-Institute in Berlin.

    This is done with the help of a “regenerator.” Undersea cables also have regenerators, which are supplied with electricity by copper cables laid across the ocean floor, together with the fiber optics.

    These regenerators are the system’s weak point. At these spots, the fiber optics can be more easily tapped, because they are no longer bundled together, rather laid out individually (since each fiber must be amplified separately). At these points, data piracy is not necessarily easy – but that, as Langer puts it, is “just a technical hurdle.”

    A vigilant network operator can spot such hacking attempts. “You need very sensitive measuring instruments,” said Langer, “then you can see when the signal strength suddenly dips.”

    Order in the data chaos

    Once a spy has succeeded in hacking into a cable, the bigger challenge emerges – sifting through the immense mass of data. This needs to be done quickly. Even if a single glass cable is operating only at 50 percent capacity, it can still deliver 10 terabytes of data in an hour. “Since storage capacity is finite, the trick is to analyze these 10 terabytes within an hour, and filter out what you’re looking for,” said Langer.

    A lot of the data needs to be decrypted – which also means being temporarily stored. At the same time, intelligence agencies must proceed very selectively so as not to get bogged down in the flood of data. Langer believes that agents probably concentrate on single fibers belonging to certain operators of particular interest. “It makes more sense to search for certain content, rather than, for example, email conversations, telephone connections and the like.

    Wire-tapping contest under the ocean
    Huge server capacity must be immediately available to sift data

    Hacking a cable only makes sense if you have large server capacity immediately available, which is why Langer is skeptical of recent media speculation about the USS Jimmy Carter, a nuclear submarine said to be on a mission to tap underwater cables. “It seems bizarre,” said Langer.

    But Peter Franck, spokesman for the Chaos Computer Club digital rights collective, considers the submarine reports “absolutely believable.” Though tapping underwater cables is so secret “that it would never be publicly talked about,” so far reports in the American media have not been denied by the government.

    Franck can imagine a number of ways in which data could be moved from the submarine to servers on shore. He speculates, for instance, that the data could be pre-filtered on board and then broadcast to a base via the normal radio communication. Or a device that records the data could be left on the ocean floor. “An extra vehicle could then come and pick it up,” Franck suggested.

    Such underwater cables are certainly of considerable interest to intelligence agencies, since a huge part of international communication travels through them. It could certainly be the case that a lot of the world’s fiber optic cables are being tapped – and not only in countries where respective intelligence agencies are based.

    Date 30.06.2013
    Author Fabian Schmidt / bk
    Editor Sonya Diehn

    Find this story at 30 June 2013

    © 2013 Deutsche Welle

    Germany fears NSA stole industrial secrets

    The NSA espionage scandal has unsettled German companies. They are concerned that industrial secrets may have been stolen by US intelligence agencies.

    Trust between Washington and Berlin has been shaken by the scandal over the alleged bugging of German government and EU buildings by US intelligence agencies. Reacting angrily to the apparent widespread surveillance of telephone and email communications, German politicians have demanded a speedy explanation from Washington. The EU and Germany do, after all, see themselves as partners of the US.

    While the outrage may be exaggerated, there are legitimate, unanswered questions. For example: Why is the National Security Agency (NSA) collecting such large amounts of data, and for what end is that data being used?

    The Trojan horse

    The chairman of the conservative Christian Social Union’s small business group, Hans Michelbach, sees the surveillance of EU institutions by US intelligence agencies as a cause for alarm.

    “The EU is not a supporter of terrorism, but is indeed a strong competitor in the global economy,” Michelbach said. He fears that not only European institutions, but also European and German firms may have been spied on, giving the US “dishonest advantages.”

    Germany’s consumer protection minister, Ilse Aigner, warns that the joint fight against terrorism could be turned into a “Trojan horse” that “covers up espionage against governments and companies.”

    Meanwhile, German companies have expressed both concern and astonishment at the extent of the spying.

    “There was speculation in the past that conversations and Internet activity were being recorded by foreign intelligence agencies,” Volker Wagner, chairman of the Working Group for Economic Security, told DW. “But if the media reports are true, then the dimensions are alarming.”

    Opportunity makes a thief

    Other economic and industrial groups have reacted in a similar fashion. They want to know what kind of data was recorded and how it was used. At the moment, the European business community only has suspicions that industrial secrets were stolen by US intelligence agencies. Typically, stolen technologies and products show up in the hands of competitors or foreign countries years after they were originally taken.

    But according to Wagner, the amount of data collected creates an incentive for abuse.

    “One has to consider that American security services employ many freelancers, contractors and consultants,” Wagner said. “It’s estimated that in Washington alone, up to 1.5 million contractors work for the security services.”
    Rösler said US espionage hurts prospects for a trade agreement

    It’s uncertain whether all of these contractors respect the law. Rainer Glatz of the German Engineering Federation calls for the creation of an international treaty that clearly regulates data protection and intellectual property. Glatz believes that the private sector has to become more proactive and avoid relying on the state to protect corporate secrets. Countermeasures, such as firewalls, are being implemented by the companies the federation represents.

    “In addition, we have to school the employees in the sales department and the service technicians on how to protect corporate information,” Glatz told DW.

    EU-US trade agreement jeopardized

    Germany’s IT small business association is pursuing a different approach. The group has suggested the creation of Europe-wide corporate consortiums as a counterbalance to the economic power of the US.

    But the American and European economies are supposed to become even more integrated in the future. The EU and US hope to implement a free trade agreement. German Economy Minister Philipp Rösler has said that while Berlin still has an interest in such a partnership with the US, the espionage scandal has negatively impacted the project.

    “The US now has to quickly clarify the allegations and provide transparency,” Rösler said.

    Industrial espionage causes billions of euros in economic damage in Germany. The security consultancy Corporate Trust estimates that it cost 4.2 billion euros ($5.4 billion) in 2012.

    Date 03.07.2013
    Author Jennifer Fraczek / slk
    Editor Andreas Illmer

    Find this story at 3 July 2013

    © 2013 Deutsche Welle

    << oudere artikelen  nieuwere artikelen >>