NSA’s Prism Could Cost American Businesses $180 Billion And Put Them At Competitive Disadvantage
Germany Thumbs Nose at the NSA
The global backlash against the National Security Agency’s cyber spying picked up a notch as Germany’s leading telecom company announced that all email flowing among three of the nation’s email services will remain on German servers at all times. The move reflects powerful differences in the way that Americans and Europeans view privacy—and just happens to coincide quite nicely with the commercial interests of European Internet companies, who have yet to achieve anything close to the scale of Google Inc. or Amazon.com Inc.
Lost in the political and economic battle, which President Obama addressed are the interests of corporations and other users, who will find that their enhanced privacy—whether they want it or not—will add complexity to their business. President Obama called for an overhaul of surveillance policy that would disclose more information about a secret national security court and disclose more information about the National Security Agency. He also acknowledged that the review was prompted by NSA leaker Edward Snowden.
“It is completely political,” David Horrigan, an analyst and attorney at 451 Research, said of the new policy in Germany. Announced by Deutsche Telekom AG, the new program, called “Email Made in Germany,” will encrypt German email and warn Internet users when they are sending email to a service that isn’t part of the program. The three participating companies are DT’s T Online, GMX and web.de. A government mandate of the same policy has been discussed, but not enacted.
If national security demanded it, German and French law would allow authorities to exercise the same sort of surveillance powers that their counterparts in the U.S. wield, according to Mr. Horrigan, who specializes in e-discovery and information governance. He said that he wasn’t making an assessment of the merits of the NSA program one way or the other.
But political gestures often have huge business consequences. Mr. Horrigan said U.S. Internet companies need to take the European objections to NSA spying seriously. “I think the U.S. companies really must address the issue,” he said. He said that they need to explain just how narrow the differences in the U.S. and European government spying powers really are. If they don’t, European rivals may well succeed in using the NSA spying issue as a competitive opening.
At the technological level, the new program adds complexity to networking and IT, but it is technologically feasible, according to Mr. Horrigan. Even in developed countries, “you can stipulate that certain kinds of information have to be on certain servers,” he said. That’s true even in the case of U.S. operations of German companies, he said. That does not mean, however, that it is easy to do.
“Although it’s feasible technically to limit data to non-US servers, from a practical standpoint, it’s a nightmare. For instance, most large German-based multinationals have U.S. operations. Keeping that data off U.S. servers presents substantial challenges,” he said.
Compliance would add costs to doing business, Mr. Horrigan said. “One way to comply with the new policy would be to have silos of computer operations, which is not particularly efficient,” Mr. Horrigan said. That would mean keeping U.S. computer operations on U.S. servers, German computer operations on German servers, and so forth—adding layers of infrastructure for no technological reason, at a time when most operators are reducing them.
It’s also unclear just how effective a defense email encryption will be. One such service shut down this week, as the Download reported on Friday. Jon Callas, co-founder of Silent Circle Inc., said on Twitter and in a blog post that Silent Circle had ended Silent Mail. Silent Circle will continue to offer secure texting and secure phone calls, but email is harder to keep truly private, Mr. Callas wrote.
It has recently been revealed that the National Security Agency's spying tools extend deep into the domestic U.S. telecommunications infrastructure, giving the agency a surveillance structure with the ability to cover the majority of Internet traffic in the country, according to current and former U.S. officials and other people familiar with the system.
The information here is based on interviews with current and former intelligence and government officials, as well as people familiar with the companies' systems.
The NSA's surveillance network covers more Americans' Internet communications than officials have publicly disclosed, reaching roughly 75 percent of all U.S. internet traffic. Siobhan Gorman reports on the News Hub.
Although the system is focused on collecting foreign communications, it includes content of Americans' emails and other electronic communications, as well as "metadata," which involves information such as the "to" or "from" lines of emails, or the IP addresses people are using.
At key points along the U.S. Internet infrastructure, the NSA has worked with telecommunications providers to install equipment that copies, scans and filters large amounts of the traffic that passes through.
This system had its genesis before the attacks of Sept. 11, 2001, and has expanded since then.
Updated: July 4, 2014
Germany Summons U.S. Ambassador Over Spy Allegations
Germany summoned the U.S. ambassador on Friday after allegations of American spying erupted anew, threatening to further damage one of Washington's most important alliances.
The German federal prosecutor announced that a 31-year-old German was arrested Wednesday on suspicion of working for foreign intelligence agencies. The arrested man was an employee of the German foreign-intelligence agency, known as the BND, according to two people familiar with the matter.
The worker initially raised suspicions because he apparently tried to contact Russian spies, but then told investigators he had been passing information to U.S. intelligence, one person said.
The people briefed on the investigation cautioned that the man's links to U.S. intelligence haven't been conclusively established.
But the suspicions were serious enough that Chancellor Angela Merkel was informed on Thursday and select members of parliament were briefed.
Outraged reactions in the media made clear the allegations were already dealing a new blow to the U.S.-German relationship—an alliance critical to matters as diverse as the Ukraine crisis and negotiations for a trans-Atlantic free-trade agreement.
"This is a very serious development," a spokesman for Ms. Merkel said. "The government will now await the conclusions of the federal prosecutor and federal criminal police's investigation."
Deputy Foreign Minister Stephan Steinlein urged U.S. Ambassador John B. Emerson in their Fourth of July meeting to help clear up the matter quickly, a ministry statement said.
U.S. officials in Washington and Berlin declined to comment.
Ties between the U.S. and Germany are still strained after last year's revelations of National Security Agency activities and U.S. monitoring of Ms. Merkel's cellphone. The leaks by former NSA contractor Edward Snowden struck a particular nerve in a country acutely sensitive to domestic spying because of its history with Communist and Nazi mass surveillance.
In one particularly explosive claim, several German media outlets reported that the arrested man may have sold information to the U.S. about a just-launched parliamentary inquiry of NSA surveillance programs.
"If the suspicion of a targeted attack on a German constitutional body is confirmed, just one year after the first Snowden disclosures, that would set the level of trust back to zero and result in political consequences," said Christian Flisek, a Social Democrat lawmaker and co-chairman of the NSA inquiry.
German authorities have increased their counterespionage efforts directed at friendly governments in the wake of the NSA disclosures.
But accusations of the U.S. working with double agents in Germany haven't come to light in recent memory. André Hahn, a top member of parliament for the opposition Left party, said such allegations would represent "one of the worst intelligence scandals in Germany in recent decades."
Investigators suspect he had financial motives in offering to leak documents, the two people familiar with the matter said.
Evidence suggests the man offered his services to the U.S. Embassy in Berlin, one person said. The U.S., rather than notifying the BND, may have taken him up on his offer, one person said.
The man was believed to have copied 218 BND documents on to a USB flash drive and sold them for €25,000 ($34,000), according to the newspaper Bild.
The evidence pointing to U.S. involvement was significant but not conclusive, and other intelligence agencies, particularly Russia's, could also be involved, those familiar with the case said.
Ms. Merkel's spokesman declined to say whether she brought up the matter with President Barack Obama in a phone call about the Ukraine crisis on Thursday.
The revelations spell fresh domestic political trouble for Ms. Merkel because of her pro-U.S. line.
The German chancellor has tried to quell public outrage over the NSA revelations. She has positioned Germany on the side of Washington in the Ukraine crisis, despite public skepticism, and joined Mr. Obama in threatening sanctions. And she continues to push for a trans-Atlantic free-trade agreement being negotiated this year, a deal that is important to American business but faces intense opposition in Germany.
"If the suspicion of spying on the parliamentary inquiry is confirmed, it will be a giant debacle for the BND and the federal government," said Katrin Göring-Eckardt, parliamentary leader of the opposition Greens.
What's New In This Report?
Previous reports have indicated that the NSA's surveillance of telecommunications lines in the U.S. focuses on international gateways and landing points. Other reports have indicated that surveillance of the U.S. telecom network was used to gather only metadata under a program that the NSA says ended in 2011.
This new report demonstrates that the NSA, in conjunction with telecommunications companies, has built a system that can reach deep into the U.S. Internet backbone and cover 75% of traffic in the country, including not only metadata but the content of online communications. The report also explains how the NSA relies on probabilities, algorithms and filtering techniques to sift through the data and find information related to foreign intelligence investigations.
What Is This Surveillance System?
NSA has worked with telecom companies to develop a surveillance system that covers roughly 75% of U.S. telecommunications. Armed with a court order, NSA can command that system to provide the information it asks for.
The telecoms have a system in place designed to do at least initial filtering and send streams of traffic most responsive to NSA's request to NSA machines, which then filter that stream of traffic for "selectors"—for instance, perhaps a set of IP addresses—and sift out the data that matches.
NSA can't reach in and touch the telecommunications company's, or anyone else's, unfiltered corporate system. But in general it can get what it needs from the system.
How Does This Work?
The exact technology used depends on the telecommunications carrier involved, when the equipment was installed and other factors.
In general, the system copies traffic flowing through the U.S. Internet system and then runs it through a series of filters. These filters are designed to sift out communications that involve at least one person outside the U.S. and that may be of foreign-intelligence value. The information that makes it through the filters goes to the NSA; the information that doesn't meet NSA's criteria is discarded.
More specifically, there are two common methods used, according to people familiar with the system.
In one, a fiber-optic line is split at a junction, and traffic is copied to a processing system that interacts with the NSA's systems, sifting through information based on NSA parameters.
In another, companies program their routers to do initial filtering based on metadata from Internet "packets" and send copied data along. This data flow goes to a processing system that uses NSA parameters to narrow down the data further.
What Kinds of Information Does The System Keep or Discard?
Initial filters might look at things such as the type of communication being sent. For example, videos downloaded from YouTube might not be of much interest, so they could be filtered out.
The filters also look at IP addresses in an effort to determine the geographic region involved in the transmission. This is done to focus on foreign communications.
The NSA ultimately decides what information to keep based on what it calls "strong selectors," such as specific email addresses or ranges of Internet addresses that belong to organizations. But it receives a broader stream of Internet traffic from which it picks out data that matches selectors.
Does This Mean NSA Analysts Are Reading All Your Emails And Watching You Surf The Web?
No. That would involve a tremendously large number of people and amount of time. However, the government is in some cases allowed to search Americans' information that is collected through this system.
How Much Internet Traffic Does The NSA Get?
The NSA-telecom surveillance system covers about 75% of U.S. communications, but the amount actually stored by the NSA is a small portion of that, current and former government officials say.
Why Does The NSA Have This System?
The NSA uses this system to help pursue foreign intelligence investigations.
Such investigations include those that aim to prevent attacks by international terrorist groups. Because the people involved in these groups can be within the U.S., investigators want to look at communications that involve people in America, particularly those who communicate with people outside the U.S.
In addition, a considerable amount of international traffic flows through the U.S. or to Internet services here, and national security investigators want to be able to monitor that information.
Why Can't They Just Focus On The International Undersea Cables?
The NSA began by focusing on cables that carry international traffic to and from the U.S. under the sea. But now the agency's reach covers a system that handles most domestic traffic as well.
Tapping only at cable landing points presents some logistical problems, says Jennifer Rexford, a computer science professor at Princeton University who studies Internet routing. First, those cables handle a huge amount of traffic at very high speeds, meaning that it is more likely for a tap there to drop or lose some of the data "packets" that make up Internet communications. Second, Internet routing is complicated: Not all parts of an Internet communication will flow over the same path, meaning it could be difficult to piece everything back together if taps are only on those lines.
The ability to access domestic communications networks means the system has redundancy and is better able to deliver the information the NSA needs.
In addition, many people overseas use Internet services located in the U.S., and the NSA wants to be able to access that traffic. For instance, one person overseas could log into a U.S.-based online email service and send an email to the account of another person who uses a different U.S. email. This email would actually travel from one server in the U.S. to another server in the U.S., even if the people communicating were outside it.
Is This Legal?
This system is currently conducted primarily under part of a law that was passed in 2008 amending the Foreign Intelligence Surveillance Act. Sometimes this part of the law is called "Section 702."
Section 702 allows the NSA and FBI to target surveillance of people "reasonably believed" to be located outside the U.S. Rules governing how the NSA collects data under this law are approved by the secret Foreign Intelligence Surveillance Court, or FISC, but after that, each instance of surveillance doesn't need a judge's approval.
The NSA and FBI must outline to the court the steps they take to help ensure the communications they gather are "reasonably believed" to have a foreign element, as well as the measures used to minimize Americans' communications that are collected inadvertently.
There Are Also a Few Other Legal Authorities Related To This Collection:
Before the 2008 law was passed, the system was allowed under a short-lived stopgap law that allowed largely the same thing. Before that stopgap measure, the system was part of President George W. Bush's warrantless surveillance program.
In addition, until the end of 2011, this same infrastructure allowed for a slightly different program that collected metadata from domestic U.S. communications in bulk. That program was possible under a part of the Foreign Intelligence Surveillance Act that allowed tools called "pen registers," which are used to collect metadata. U.S. officials say that particular program was canceled in part because it wasn't producing valuable information.
Some parts of the system are also carried out under foreign spying authorities. The intelligence community has long been able to apply for warrants under Title 1 of the Foreign Intelligence Surveillance Act. Those warrants are largely like warrants used in law enforcement, except that they are approved by the FISC because of their secret nature. In some cases, taps on Internet networks could be used to fulfill these warrants.
What Limitations Are There On This Program?
The NSA must follow procedures approved by the secret FISA court to narrow its targets and to "minimize," or discard, information collected about Americans. Documents leaked by former NSA contractor Edward Snowden outlined the procedures as they stood in 2009.
One paragraph in these documents is particularly relevant to domestic Internet collection. In that paragraph, marked Top Secret, the government says that it will "employ an Internet Protocol filter" "or it will target Internet links that terminate in a foreign country." This indicates that the rules allow the government either to rely on the fact that the cable runs to a foreign country or to rely on its IP filters, in order to provide reasonable assurances that the communication involves a foreigner.
The NSA also vets targets using more traditional methods, such as data it already has—and information from other agencies like human intelligence or contacts with foreign law enforcement—to decide whether they are "reasonably believed" to be outside the U.S.
In addition, people familiar with the legal process say lawyers at the telecommunications providers can serve as a check on the system.
After information is collected, the NSA has rules to minimize information about people in the U.S.
There are several exceptions to these minimization rules, though. The NSA is allowed to keep Americans' information and turn it over to the FBI if it is "reasonably believed to contain significant foreign intelligence information," "evidence of a crime" or information about communications security vulnerabilities, the documents say. Americans' communications also can be kept if they are encrypted, according to the documents.
How Does This System Fit In With Prism?
The Prism program collects stored Internet communications based on demands made to Internet companies such as Google Inc. under Section 702. Several companies have said the requests under this program don't result in bulk collection, meaning they are narrower than the filtering system on the domestic Internet backbone.
The NSA can use these Prism requests to target communications that were encrypted when they traveled across the Internet backbone, to focus on stored data that the filtering systems discarded earlier, and to get data that is easier to handle, among other things.
What Privacy Issues Does This System Raise?
One involves the reliance on algorithmic filtering to sift out domestic communications. Such algorithms can be complicated, and computer IP addresses don't always provide a good gauge of where the person is geographically.
Small changes in the algorithms can result in overcollection of Americans' data, which can then be stored by the NSA, say former U.S. officials, and current officials say it has stored some purely domestic communications within its systems.
Documents revealed by Mr. Snowden and disclosed recently indicate that the NSA has made mistakes because of technical error. Some people familiar with the systems say they are concerned that the huge amount of U.S. information accessible by these filtering systems, combined with the complicated nature of the filters, means it could be easy to sweep in domestic communications.
In 2011, the FISA court found part of the domestic NSA-telecom system unconstitutional, officials say. They say the NSA set the filters on the programs inappropriately in 2008, and the problem was discovered by the NSA in 2011 and reported.
"NSA's foreign intelligence collection activities are continually audited and overseen internally and externally," says NSA spokeswoman Vanee Vines. "When we make a mistake in carrying out our foreign intelligence mission, we report the issue internally and to federal overseers and aggressively get to the bottom of it."
Another possible concern is the ability of overseers, including the secret FISA court, to adequately police such technical systems. The court was created in the 1970s to oversee warrants on targets in national security investigations, not "to be in the business of approving very technical collection procedures," said one former government official who is familiar with the legal process.
President Obama and other supporters of the programs have said the NSA programs face careful oversight from all three branches of government. "We've got congressional oversight and judicial oversight," Mr. Obama has said. "And if people can't trust not only the executive branch but also don't trust Congress and don't trust federal judges to make sure that we're abiding by the Constitution, due process and rule of law, then we're going to have some problems here."
A person familiar with the legal process reported to us that the system relies in part on the telecom companies themselves to push back against what they see as problematic surveillance. This person said the appropriate rules aren't always clear, because of the complexities of Internet routing and surveillance.
A U.S. official said lawyers at these companies serve as an independent check on what the NSA receives.
Finally, the exceptions to minimization requirements mean information gathered on Americans could be used in ordinary criminal investigations, according to rules approved by the FISA court. NSA officials have said they are careful to use the information in accordance with the rules.
DPL-Surveillance-Equipment.com's Secure Messaging Address:
Send Us A Test Message Just To Say Hello.
Next-Generation Bug / Microwave / ELF / Spy Phone / GSM And Camera Detectors (Buy, Rent, Layaway) tinyurl.com/2eo8mlz Open...
— Spy Store Rentals (@MontyHenry1)
Nanny IP (Internet) Cameras, GPS Trackers, Bug Detectors and Listening Devices, etc, (Buy / Rent / Layaway): tinyurl.com/396jlw6...
— Spy Store Rentals (@MontyHenry1)
• Video is Recorded Locally To An Installed SD Card (2GB SD Card included)
• Email Notifications (Motion Alerts, Camera Failure, IP Address Change, SD Card Full)
• Live Monitoring, Recording And Event Playback Via Internet
• Back-up SD Storage Up To 32GB (SD Not Included)
• Digital Wireless Transmission (No Camera Interference)
• View LIVE On Your SmartPhone!
* Nanny Cameras w/ Remote View
* Wireless IP Receiver
* Remote Control
* A/C Adaptor
* 2GB SD Card
* USB Receiver
FACT SHEET: HIDDEN NANNY-SPY (VIEW VIA THE INTERNET) CAMERAS
* Transmission Range of 500 ft Line Of Sight
* Uses 53 Channels Resulting In No Interference
* 12V Power Consumption
* RCA Output
* Supports up to 32gig SD
* 640x480 / 320x240 up to 30fps
* Image Sensor: 1/4" Micron Sensor
* Resolution: 720x480 Pixels
* S/N Ratio: 45 db
* Sensitivity: 11.5V/lux-s @ 550nm
* Video System: NTSC
* White Balance: Auto Tracking
* You Buy Our DVR Boards And We'll Build Your Products! (Optional)
Our New Layaway Plan Adds Convenience For Online Shoppers
Phone: (1888) 344-3742 Toll Free USA
Local: (818) 344-3742
Fax (775) 249-9320
Google+ and Gmail
AOL Instant Messenger
Yahoo Instant Messenger
Alternate Email Address
Join my Yahoo Group!
My RSS Feed