Massive FBI Data-Mining Project/NSA Facility

[Ed Jewett]

Sunday, October 4, 2009

FBI Data-Mining Programs Resurrect "Total Information Awareness"

Like a vampire rising from it's grave each night to feed on the privacy rights of Americans, the Federal Bureau of Investigation is moving forward with programs that drain the life blood from our constitutional liberties.

From the wholesale use of informants and provocateurs to stifle political dissent, to Wi-Fi hacking and viral computer spyware to follow our every move, the FBI has turned massive data-mining of personal information into a growth industry. In the process they are building the surveillance state long been dreamed of by American securocrats.

A chilling new report by investigative journalist Ryan Singel provides startling details of how the FBI's National Security Branch Analysis Center (NSAC) is quietly morphing into the Total Information Awareness (TIA) system of convicted Iran-Contra felon, Admiral John M. Poindexter. According to documents obtained by Wired:

A fast-growing FBI data-mining system billed as a tool for hunting terrorists is being used in hacker and domestic criminal investigations, and now contains tens of thousands of records from private corporate databases, including car-rental companies, large hotel chains and at least one national department store. (Ryan Singel, "FBI's Data-Mining System Sifts Airline, Hotel, Car-Rental Records," Wired, September 23, 2009)

Among the latest revelations of out-of-control secret state spookery, Wired disclosed that personal details on customers have been provided to the Bureau by the Wyndham Worldwide hotel chain "which includes Ramada Inn, Days Inn, Super 8, Howard Johnson and Hawthorn Suites." Additional records were obtained from the Avis rental car company and Sears department stores.

Singel reports that the Bureau is planning a massive expansion of NSAC, one that would enlarge the scope, and mission, of the Foreign Terrorist Tracking Task Force (FTTTF) and the file-crunching, privacy-killing Investigative Data Warehouse (IDW).

"Among the items on its wish list," Singel writes, "is the database of the Airlines Reporting Corporation--a company that runs a backend system for travel agencies and airlines." If federal snoops should obtain ARC's data-sets, the FBI would have unlimited access to "billions of American's itineraries, as well as the information they give to travel agencies, such as date of birth, credit card numbers, names of friends and family, e-mail addresses, meal preferences and health information."

The publication reports that the system "is both a meta-search engine--querying many data sources at once--and a tool that performs pattern and link analysis." Internal FBI documents reveal that despite growing criticism of the alleged "science" of data-mining, including a stinging 2008 report by the prestigious National Research Council, for all intents and purposes the Bureau will transform NSAC into a low-key version of Adm. Poindexter's Information Awareness Office. An internal FBI document provides a preview of the direction NSAC will take.

According to the General Accounting Office (GAO) May 2004 report on federal data mining efforts, the GAO defined data mining as "the application of database technology--to uncover hidden patterns and subtle relationships in data and to infer rules that allow for the prediction of future results" (GAO-05-866, Data Mining p. 4). There are a number of security and privacy issues that government and private industry must address when contemplating the use of technology and data in these ways. While the current activities and efforts of the IDW and FTTTF programs do not provide NSB [National Security Branch] users with the full level of data mining services as defined above it is the intention of the NSAC to pursue and refine these capabilities where permitted by statute and policy. The implementation and responsible utilization of these services will advance the FBI's ability to address national security threats in a timely fashion, uncover previously unknown patterns and trends and empower agents and analysts to better "hunt between the cases" to find those persons, places or things of investigative and intelligence interest. (Federal Bureau of Investigation, "Fiscal Year (FY) 2008, Internal Planning & Budget Review, Program Narrative for Enhancements/Increases," p. 5, emphasis added)

Unsurprisingly, in their quest for increased funding FBI officials failed to mention that the 2004 GAO report raised significant and troubling questions glossed over by securocrats. To wit, GAO investigators averred:

Privacy concerns about mined or analyzed personal data also include concerns about the quality and accuracy of the mined data; the use of the data for other than the original purpose for which the data were collected without the consent of the individual; the protection of the data against unauthorized access, modification, or disclosure; and the right of individuals to know about the collection of personal information, how to access that information, and how to request a correction of inaccurate information. (General Accounting Office, Data Mining: Federal Efforts Cover a Wide Range of Uses, GAO-04-548, May 2004)

Despite these concerns, an FBI budget document released to Wired baldly states:

The NSAC will provide subject-based "link analysis" through utilization of the FBI's collection data sets, combined with public records on predicated subjects. Link analysis uses these data sets to find links between subjects, suspects, and addresses or other pieces of relevant information, and other persons, places, and things. This technique is currently being used on a limited basis by the FBI; the NSAC will provide improved processes and greater access to this technique to all NSB components. The NSAC will also pursue "pattern analysis" as part of its service to the NSB. "Pattern analysis" queries take a predictive model or pattern of behavior and search for that pattern in data sets. The FBI's efforts to define predictive models and patterns of behavior should improve efforts to identify "sleeper cells." Information produced through data exploitation will be processed by analysts who are experts in the use of this information and used to produce products that comply with requirements for the proper handling of the information. (Federal Bureau of Investigation, "National Security Branch Analytical Capabilities," November 12, 2008)

Four years after the GAO report cited the potential for abuse inherent in such techniques, The National Research Council's exhaustive study criticized the alleged ability of data-miners to discover hidden "patterns" and "trends" among disparate data-sets "precisely because so little is known about what patterns indicate terrorist activity; as a result, they are likely to generate huge numbers of false leads."

False leads that may very well land an innocent person on a terrorist watch-list or as a subject of a wide-ranging and unwarranted national security investigation. But as with all things relating to "counterterrorism," the guilt or innocence of the average citizen is a trifling matter while moves to "empower agents" to "find those persons, places or things of investigative and intelligence interest," is the paramount goal. "Justice" under such a system becomes another preemptive "tool" subject to the whims of our political masters.

The use of federal dollars for such a dubious and questionable enterprise has already had real-world consequences for political activists. Just ask RNC Welcoming Committee activists currently under indictment in Minnesota for their role in organizing legal protests against the far-right Republican National Convention last year in St. Paul.

As Antifascist Calling revealed earlier this year, one private security outfit, the now-defunct Highway Watch which worked closely with the FBI, used "social network theory" and "link analysis," and cited the group's legal political organizing, including "increased membership via the internet" and "public appearances at various locations across the US," as a significant factor that rendered the group a "legitimate" target for heightened surveillance and COINTELPRO-style disruption.

Singel also disclosed that NSAC shared data "with the Pentagon's controversial Counter-Intelligence Field Activity office, a secretive domestic-spying unit which collected data on peace groups, including the Quakers, until it was shut down in 2008. But the FBI told lawmakers it would be careful in its interactions with that group."

As journalists and congressional investigators subsequently revealed however, CIFA's dark heart--the office's mammoth databases--were off-loaded to other secret state security agencies, including the FBI.

CIFA: Closed Down or Farmed Out?

When CIFA ran aground after a series of media disclosures beginning in 2004, some critics believed that was the end of that. "From the beginning of its existence," investigative journalist Tim Shorrock revealed in Spies For Hire, "CIFA had extensive authority to conduct domestic counterintelligence."

Indeed, one CIFA official "was the deputy director of the FBI's multiagency Foreign Terrorist Tracking Task Force," Shorrock wrote, "and other CIFA officials were assigned to more than one hundred regional Joint Terrorism Task Forces where they served with other personnel from the Pentagon, as well as the FBI, state and local police, and the Department of Homeland Security."

Several investigative reports in Antifascist Calling have documented the close interconnections among Pentagon spy agencies, the FBI, DHS, private contractors, local and state police in what have come to be known as fusion centers, which rely heavily on extensive data-mining operations.

Their role as clearinghouses for domestic intelligence will expand even further under President Obama's purported "change" administration.

Federal Computer Week revealed September 30, that DHS "is establishing a new office to coordinate its intelligence-sharing efforts in state and local intelligence fusion centers."

According to the publication, a "new Joint Fusion Center Program Management Office will be part of DHS' Office of Intelligence and Analysis, [DHS Secretary Janet] Napolitano told the Senate Homeland Security and Governmental Affairs Committee. Napolitano said she strongly supports the centers."

Though little reported by the corporate media, domestic spying had become big business with some very powerful constituencies.

Take CIFA, for example. Ostensibly a Defense Department agency, the secretive office which once had a multi-billion dollar budget at its disposal, was a veritable cash cow for enterprising security grifters. Much has been made of the corrupt contracts forged by disgraced Pentagon contractor Mitchell Wade and his MZM corporation, caught up in the "Duke" Cunningham scandal that landed the San Diego Republican congressman an eight-year federal prison term in 2006. Untouched however, by the outcry over domestic Pentagon spying were top-flight defense and security firms who lent their considerable resources--at a steep price--to the office.

Among the corporations who contracted out analysts and operatives to CIFA were heavy hitters such as Lockheed Martin, Carlyle Group subsidiary U.S. Investigations Services, Analex, Inc., an intelligence contractor owned by the U.K.'s QinetiQ, ManTech International, the Harris Corporation, SRA International, as well as General Dynamics, CACI International and the Science Applications International Corporation (SAIC). All told, these corporations reap tens of billions of dollars annually in federal largesse.

As Shorrock revealed, by 2006 CIFA "had four hundred full-time employees and eight hundred to nine hundred contractors working for it." Many were military intelligence and security analysts who jumped ship to land lucrative six-figure contracts in the burgeoning homeland security market, as the whistleblowing web site Wikileaks revealed in July when they published a massive 1525-page file on just one fusion center.

Information illegally obtained on American citizens by CIFA came to reside in the office's Threat And Local Observation Notice (TALON) system and a related database known as CORNERSTONE.

In 2007, the National Security Archive published Pentagon documents outlining U.S. Northern Command's (USNORTHCOM) extensive surveillance activities that targeted legal political protests organized by antiwar activists. In April 2007, Undersecretary of Defense for Intelligence, Lt. General James Clapper, "reviewed the results of the TALON program" and concluded "he did not believe they merit continuing the program as currently constituted."

Despite revelations that CIFA and USNORTHCOM had illegally conducted prohibited activities in violation of the Posse Comitatus Act, which restricts the military from carrying out domestic law enforcement, not a single operative or program manager was brought to book. According to The National Security Archive:

In June 2007, the Department of Defense Inspector General released the results of his review of the TALON reporting program. Its findings included the observation that CIFA and the Northern Command "legally gathered and maintained U.S. person information on individuals or organizations involved in domestic protests and demonstrations against DOD"--information gathered for law enforcement and force protection purposes as permitted by Defense Department directive (5200.27) on the "Acquisition of Information Concerning Persons and Organizations Not Affiliated with the Department of Defense." However, CIFA did not comply with the 90-day retention review policy specified by that directive and the CORNERSTONE database did not have the capability to identify TALON reports with U.S. person information, to identify reports requiring a 90-day retention review, or allow analysts to edit or delete the TALON reports.

In August the Defense Department announced that it would shut down the CORNERSTONE database on September 17, with information subsequently collected on potential terror or security threats to Defense Department facilities or personnel being sent to an FBI data base known as GUARDIAN. A department spokesman said the database was being terminated because "the analytical value had declined," not due to public criticism, and that the Pentagon was hoping to establish a new system--not necessarily a database--to "streamline" threat reporting, according to a statement released by the Department's public affairs office. (Jeffrey Richelson, "The Pentagon's Counterspies: The Counterintelligence Field Activity," The National Security Archive, September 17, 2007)

Last year Antifascist Calling reported that when CIFA was shut down, that organization's TALON database was off-loaded to the Defense Intelligence Agency's Defense Counterintelligence and Human Intelligence Center and the FBI's GUARDIAN database that resides in the Bureau's Investigative Data Warehouse (IDW).

The IDW is a massive repository for data-mining. As I reported in May, citing the Electronic Frontier Foundation's revelations, the IDW possesses something on the order of 1.5 billion searchable files. In comparison, the entire Library of Congress contains 138 million unique documents.

EFF has called the IDW "the FBI's single largest repository of operational and intelligence information."

In 2005, FBI Section Chief Michael Morehart said that "IDW is a centralized, web-enabled, closed system repository for intelligence and investigative data." Unidentified FBI agents have described it as "one-stop shopping" for FBI agents and an "uber-Google." According to the Bureau, "[t]he IDW system provides data storage, database management, search, information presentation, and security services."

As the Wired investigation reveals, NSAC intends to expand these data-mining capabilities. Currently, NSAC employs "103 full-time employees and contractors, and the FBI was seeking budget approval for another 71 employees, plus more than $8 million for outside contractors to help analyze its growing pool of private and public data." Long-term, according to a planning document, the FBI "wants to expand the center to 439 people."

While John Poindexter's Total Information Awareness program may have disappeared along with the Bush administration, it's toxic heart lives on in the National Security Branch Analysis Center.

TIA, IDW, NSAC: What's in an Acronym? Plenty!

When the Pentagon's Defense Advanced Research Project Agency (DARPA) stood up the Information Awareness Office in 2002, the office's stated mission was to gather as much information on American citizens as possible and store it in a centralized, meta-database for perusal by secret state agencies.

Information included in the massive data-sets by IAO included internet activity, credit card purchase histories, airline ticket purchases and travel itineraries, rental car records, medical histories, educational transcripts, driver's licenses, social security numbers, utility bills, tax returns, indeed any searchable record imaginable.

As Wired reported, these are the data-sets that NSAC plans to exploit.

When Congress killed the DARPA program in 2004, most critics believed that was the end of the Pentagon's leap back into domestic intelligence. However, as we have since learned, the data-mining portion of the program was farmed out to a host of state agencies, including the National Security Agency, the Defense Intelligence Agency and the FBI.

Needless to say, private sector involvement--and lucrative contracts--for TIA projects included usual suspects such as Booz Allen Hamilton, Lockheed Martin, Raytheon, The Analysis Group and SAIC, as well as a number of low-key firms such as 21st Century Technologies, Inc., Evolving Logic, Global InfoTech, Inc., and the Orwellian-sounding Fund For Peace.

These firms, and many more, are current NSAC contractors; to all intents and purposes TIA now resides deep inside the Bureau's Investigative Data Warehouse and NSAC's Foreign Terrorist Tracking Task Force.

While the FBI claims that unlike TIA, NSAC is not "open-ended" and that a "mission is usually begun with a list of names or personal identifiers that have arisen during a threat assessment, preliminary or full investigation," Wired reports that "the FBI's pre-crime intentions are much wider that the bureau acknowledged."

This will inevitably change--and not for the better--as NSAC expands its brief and secures an ever-growing mountain of data at an exponential rate. In this endeavor, they will be aided by the U.S. Senate.

With three provisions of the draconian Patriot Act set to expire at years' end, the Senate Judiciary Committee, chaired by Sen. Patrick Leahy (D-VI) and Sen. Dianne Feinstein (D-CA), a member of the committee and chairwoman of the powerful Senate Intelligence Committee, stripped-away privacy protections to proposed legislation that would extend the provisions.

Caving-in to pressure from the FBI which claims that protecting Americans' privacy rights from out-of-control spooks would jeopardize "ongoing" terror investigations, Leahy gutted the safeguards he had espoused just last week!

Claiming that his own proposal might hinder open-ended "terror" investigations Leahy said at the hearing, "I'm trying to introduce balances on both sides." The original amendment would have curtailed Bureau fishing expeditions and would have required an actual connection of investigated parties to terrorism or foreign espionage.

Leahy was referring to Section 215 of the Patriot Act that allows the secretive Foreign Intelligence Surveillance Court (FISC) to authorize broad warrants for nearly any type of record, including those held by banks, libraries, internet service providers, credit card companies, even doctors of "persons of interest."

An amendment offered by Sen. Richard Durbin (D-IL) to repeal the Leahy-Feinstein amendment was defeated in committee by a 4-15 vote. As the Senator from the FBI, Feinstein said that the Bureau did not support Durbin's amendment. "It would end several classified and critical investigations," she said. Or perhaps Durbin's amendment would have lowered the boom on a host of illegal programs across the 16-agency U.S. "Intelligence Community."

As Antifascist Calling reported in July, a 38-page declassified report by inspectors general of the CIA, NSA, Department of Justice, Department of Defense and the Office of National Intelligence collectively called the acknowledged "Terrorist Surveillance Program" and cross-agency top secret "Other Intelligence Activities" the "President's Surveillance Program," PSP.

The IG's report failed to disclose what these programs actually did, and probably still do today under the Obama administration. Shrouded beneath impenetrable layers of secrecy and deceit, these undisclosed programs lie at the dark heart of the state's war against the American people.

The Department of Justice's Office of Inspector General (OIG) described FBI participation in the PSP as that of a passive "recipient of intelligence collected under the program" and efforts by the Bureau "to improve cooperation with the NSA to enhance the usefulness of PSP-derived information to FBI agents."

The OIG goes on to state that "further details about these topics are classified and therefore cannot be discussed here." As The New York Times revealed earlier this year in April and June, the NSA's STELLAR WIND and PINWALE internet and email text intercept programs are giant data-mining meta-databases that sift emails, faxes, and text messages of millions of people in the United States.

Far from being mere passive spectators, the FBI's Investigative Data Warehouse continues to be a major recipient of NSA's STELLAR WIND and PINWALE programs. As Marc Ambinder reported in The Atlantic PINWALE is "an unclassified proprietary term used to refer to advanced data-mining software that the government uses. Contractors who do SIGINT mining work often include a familiarity with Pinwale as a prerequisite for certain jobs."

As the Electronic Frontier Foundation's report on the IDW revealed, the FBI closely worked with SAIC, Convera and Chiliad to develop the project. Indeed, as EFF discovered "The FBI set up an Information Sharing Policy Group (ISPG), chaired by the Executive Assistant Directors of Administration and Intelligence, to review requests to ingest additional datasets into the IDW, in response to Congressional 'privacy concerns that may arise from FBI engaging in 'data mining.' In February 2005, the Counterterrorism Division asked for 8 more data sources." The names of the data sources were redacted in three of the eight datasets reviewed by EFF while three came from the Department of Homeland Security.

All of which begs the question: what is the FBI hiding behind it's reorganization of the FTTTF and IDW into the National Security Branch Analysis Center? What role does the National Security Agency and private contractors play in standing-up NSAC? And why, as EFF disclosed, is the Bureau fearful of including Privacy Impact Assessments (PIAs) that might raise "congressional consciousness levels and expectations" in the context of Bureau "national security systems"?

Indeed, as the American Civil Liberties Union stated, "once again, the FBI has been found to be using invasive 'counterterrorism' tools to collect personal information about innocent Americans," and it "appears that the FBI has continued its habit of gathering bulk amounts of personal information with little or no oversight."

Not that congressional grifters and their corporate cronies, who have much to gain from billions of federal dollars pumped into these intrusive programs, actually care to explore what becomes of data illegally collected on innocent Americans by NSAC.

The civil liberties watchdog concludes they have "long suspected that the congressional dissent over and public demise of the Pentagon's TIA program would result in a concealed and more invasive version of the program."

Plus ça change, plus c'est la même chose. Somewhere near Washington Admiral Poindexter is leaning back in his chair, filling his pipe and smiling...
Posted by Antifascist at 9:15 AM

[Keith Millea]

http://www.informationclearinghouse.info...e23768.htm

Exclusive: U.S. Spies Buy Stake in Firm That Monitors Blogs, Tweets

By Noah Shachtman

October 19, 2009 "Wired" -- America’s spy agencies want to read your blog posts, keep track of your Twitter updates — even check out your book reviews on Amazon. In-Q-Tel, the investment arm of the CIA and the wider intelligence community, is putting cash into Visible Technologies, a software firm that specializes in monitoring social media. It’s part of a larger movement within the spy services to get better at using ”open source intelligence” — information that’s publicly available, but often hidden in the flood of TV shows, newspaper articles, blog posts, online videos and radio reports generated every day. Visible crawls over half a million web 2.0 sites a day, scraping more than a million posts and conversations taking place on blogs, online forums, Flickr, YouTube, Twitter and Amazon. (It doesn’t touch closed social networks, like Facebook, at the moment.) Customers get customized, real-time feeds of what’s being said on these sites, based on a series of keywords.
“That’s kind of the basic step — get in and monitor,” says company senior vice president Blake Cahill.
Then Visible “scores” each post, labeling it as positive or negative, mixed or neutral. It examines how influential a conversation or an author is. (”Trying to determine who really matters,” as Cahill puts it.) Finally, Visible gives users a chance to tag posts, forward them to colleagues and allow them to response through a web interface.
In-Q-Tel says it wants Visible to keep track of foreign social media, and give spooks “early-warning detection on how issues are playing internationally,” spokesperson Donald Tighe tells Danger Room.
Of course, such a tool can also be pointed inward, at domestic bloggers or tweeters. Visible already keeps tabs on web 2.0 sites for Dell, AT&T and Verizon. For Microsoft, the company is monitoring the buzz on its Windows 7 rollout. For Spam-maker Hormel, Visible is tracking animal-right activists’ online campaigns against the company.
“Anything that is out in the open is fair game for collection,” says Steven Aftergood, who tracks intelligence issues at the Federation of American Scientists. But “even if information is openly gathered by intelligence agencies it would still be problematic if it were used for unauthorized domestic investigations or operations. Intelligence agencies or employees might be tempted to use the tools at their disposal to compile information on political figures, critics, journalists or others, and to exploit such information for political advantage. That is not permissible even if all of the information in question is technically ‘open source."
Visible chief executive officer Dan Vetras says the CIA is now an “end customer,” thanks to the In-Q-Tel investment. And more government clients are now on the horizon. “We just got awarded another one in the last few days,” Vetras adds.

Tighe disputes this — sort of. “This contract, this deal, this investment has nothing to do with any agency of government and this company,” he says. But Tighe quickly notes that In-Q-Tel does have “an interested end customer” in the intelligence community for Visibile. And if all goes well, the company’s software will be used in pilot programs at that agency. “In pilots, we use real data. And during the adoption phase, we use it real missions.”

Neither party would disclose the size of In-Q-Tel’s investment in Visible, a 90-person company with expected revenues of about $20 million in 2010. But a source familiar with the deal says the In-Q-Tel cash will be used to boost Visible’s foreign languages capabilities, which already include Arabic, French, Spanish and nine other languages.

trupulse2Visible has been trying for nearly a year to break into the government field. In late 2008, the company teamed up with the Washington, DC, consulting firm Concepts & Strategies, which has handled media monitoring and translation services for U.S. Strategic Command and the Joint Chiefs of Staff, among others. On its website, Concepts & Strategies is recruiting “social media engagement specialists” with Defense Department experience and a high proficiency in Arabic, Farsi, French, Urdu or Russian. The company is also looking for an “information system security engineer” who already has a “Top Secret SCI [Sensitive Compartmentalized Information] with NSA Full Scope Polygraph” security clearance.

The intelligence community has been interested in social media for years. In-Q-Tel has sunk money into companies like Attensity, which recently announced its own web 2.0-monitoring service. The agencies have their own, password-protected blogs and wikis — even a MySpace for spooks. The Office of the Director of National Intelligence maintains an Open Source Center, which combs publicly available information, including web 2.0 sites. Doug Naquin, the Center’s Director, told an audience of intelligence professionals in October 2007 that “we’re looking now at YouTube, which carries some unique and honest-to-goodness intelligence…. We have groups looking at what they call ‘citizens media’: people taking pictures with their cell phones and posting them on the internet. Then there’s social media, phenomena like MySpace and blogs.”

But, “the CIA specifically needs the help of innovative tech firms to keep up with the pace of innovation in social media. Experienced IC [intelligence community] analysts may not be the best at detecting the incessant shift in popularity of social-networking sites. They need help in following young international internet user-herds as they move their allegiance from one site to another,” Lewis Shepherd, the former senior technology officer at the Defense Intelligence Agency, says in an e-mail. “Facebook says that more than 70 percent of its users are outside the U.S., in more than 180 countries. There are more than 200 non-U.S., non-English-language microblogging Twitter-clone sites today. If the intelligence community ignored that tsunami of real-time information, we’d call them incompetent.”
Wired.com © 2009 Condé Nast Digital. All rights reserved.

















:thefinger:

[Ed Jewett]

Following the Money Trail: Telecoms and ISPs Feed the Secret State’s Surveillance Machine

http://dissidentvoice.org/2009/12/follow...e-machine/

by Tom Burghardt / December 11th, 2009
“Follow the money.”
And why not. As the interface between state and private criminality, following the money trail is oxygen and combustible fuel for rooting out corruption in high places: indelible signs left behind like toxic tracks by our sociopathic masters.
After all, there’s nothing quite like exposing an exchange of cold, hard cash from one greedy fist to another to focus one’s attention on the business at hand.
And when that dirty business is the subversion of the American people’s right to privacy, there’s also nothing quite like economic self-interest for ensuring that a cone of silence descends over matters best left to the experts; a veritable army of specialists squeezing singular advantage out of any circumstance, regardless of how dire the implications for our democracy.
In light of this recommendation researcher Christopher Soghoian, deploying the tools of statistical analysis and a keen sense of outrage, reaffirmed that “Internet service providers and telecommunications companies play a significant, yet little known role in law enforcement and intelligence gathering.”
That the American people have been kept in the dark when it comes to this and other affairs of state, remain among the most closely-guarded open secrets of what has euphemistically been called the “NSA spying scandal.”
And when the Electronic Frontier Foundation (EFF) posted thousands of pages of documents “detailing behind-the-scenes negotiations between government agencies and Congress about providing immunity for telecoms involved in illegal government surveillance” last month, they lifted the lid on what should be a major scandal, not that corporate media paid the least attention.
A lid that Obama’s “change” regime hopes to slam back down as expeditiously as possible.
Hoping to forestall public suspicions of how things actually work in Washington, the administration has declared that “it will continue to block the release of additional documents, including communications within the Executive Branch and records reflecting the identities of telecoms involved in lobbying for immunity,” according to EFF’s Senior Staff Attorney Kurt Opsahl.
No small matter, considering that should a court ever find avaricious telecoms and ISPs liable for violating the rights of their customers, fines could mount into the billions. Even in today’s climate of corporate bailouts and “too big to fail” cash gifts to executive suite fraudsters, damages, both in monetary terms and adverse publicity, would hardly be chump change.
Hence, last year’s mad scramble for the retroactive immunity avidly sought by these grifters and granted by congressional con men on both sides of the aisle when they passed the despicable FISA Amendments Act, hastily signed into law by our former “war president.”
Without belaboring the point that corporate media largely failed to expose the extent of the dirty deals struck amongst these scofflaws, Soghoian, a graduate student no less, stepped into the breech and filled some necessary gaps in the surveillance story.
Believing, naïvely perhaps, that numbers don’t lie and that laying out the facts might just wake us from our deadly slumber, Soghoian writes: “If you were to believe the public surveillance statistics, you might come away with the idea that government surveillance is exceedingly rare in the United States.”
Indeed, “the vast majority of … [court] intercept orders are for phone wiretaps. Thus, for example, of the 1891 intercept orders granted in 2008, all but 134 of them were issued for phone taps.”
Which begs the question: “How often are Internet communications being monitored, and what kind of orders are required in order to do so.”
Unsurprisingly, the threshold for obtaining personal records is exceedingly low and “very few of these methods require an intercept order.”
All the government need do to obtain a pen register or trap and trace order, which examine to/from/subject lines of email messages, URLs of viewed web pages, search terms, telephone numbers dialed and the like, is to unilaterally declare that information obtained via this backdoor route is “relevant” to an ongoing criminal or counterterrorist investigation.
In other words, give us everything we want and move along!
The nation’s telecoms and ISPs have been very accommodating in this regard. And, as with other recent historical examples that come to mind such as the rush by U.S. firms to “rebuild” Iraq, Afghanistan and other benighted nations “liberated” by that “shining city upon a hill” that bombs, maims and generally does what it pleases because it can, servicing the secret state’s limitless appetite for “actionable intelligence” has proven to be a very lucrative cash cow indeed.
Open a Can of Worms and Blood-Sucking Night Crawlers Slither Out
Deciding to “follow the money,” Soghoian hoped “to determine how often Internet firms were disclosing their customers’ private information to the government.” As often as possible as it turns out. Describing the nexus between Sprint Nextel and the secret state, Soghoian discloses:

Sprint Nextel provided law enforcement agencies with its customers’ (GPS) location information over 8 million times between September 2008 and October 2009. This massive disclosure of sensitive customer information was made possible due to the roll-out by Sprint of a new, special web portal for law enforcement officers.
The evidence documenting this surveillance program comes in the form of an audio recording of Sprint’s Manager of Electronic Surveillance, who described it during a panel discussion at a wiretapping and interception industry conference, held in Washington DC in October of 2009.
It is unclear if Federal law enforcement agencies’ extensive collection of geolocation data should have been disclosed to Congress pursuant to a 1999 law that requires the publication of certain surveillance statistics–since the Department of Justice simply ignores the law, and has not provided the legally mandated reports to Congress since 2004. (Christopher Soghoian, “8 Million Reasons for Real Surveillance Oversight,” Slight Paranoia, December 1, 2009)

A web portal I might add, equipped with a built-in price list ready-made for charging securocrats who spy on our blog posts, emails, web searches, mobile phone pings; indeed, any data the government might deem worthy of an “investigation.” Call it a PayPal for spooks; now how’s that for convenience!
How did Soghoian dig up the facts on the firm’s lucrative arrangement with the government? In October, he attended the ISS World 2009 conference, Intelligence Support Systems for Lawful Interception, Criminal Investigations and Intelligence Gathering (ISS), described by Wired as “a surveillance industry gathering for law enforcement and intelligence agencies and the companies that provide them with the technologies and capabilities to conduct surveillance.”
Closed to the media and the public, the enterprising researcher obtained entry as a graduate student and recorded several sessions, since taken down at the insistence of ISS’s corporate master TeleStrategies, who hosted the conference.
Describing itself as “the leading producer of telecommunications conference events in the United States,” the firm claimed that Soghoian’s recordings “violated copyright law.” But not having deep pockets to weather a Digital Millennium Copyright Act (DMCA) takedown fight, he removed the files from his blog.
Inquiring minds can’t help but wonder what was so threatening to the corporatist apple cart that they threatened to bring their thumb down, on a student no less? Let’s take a look!
Among the sponsors of this year’s ISS confab, one finds the usual low-key suspects manning the exhibits, hawking their wares and delivering learned presentations to their “partners” in the intelligence and security “community.”
Leading the pack is ETI Group, self-described as “a leading management consulting firm specializing in Process Management and Improvement.” As a “leading provider” of so-called “lawful interception solutions” for security agencies, telecoms and ISPs, ETI Group provide “future proof and scalable platforms” for the acquisition of information from “multiple sources.”
NICE Systems, another “leading provider” of what it calls “Insight from Interactions solutions” derived from the “the convergence of advanced analytics of unstructured multimedia content and transactional data–from telephony, web, email, radio, video and other data sources.” Partners in the “Security Sector” include, among others, Raytheon, Honeywell, Siemens, Lockheed Martin, HP, Tyco and Motorola, all of whom are heavy-hitters in the Military-Industrial-Intelligence Complex and niche players in the burgeoning electronic surveillance industry in their own right.
Next up is SAP, a firm whose Government Support & Services division provide “a comprehensive range” of “enterprise software applications” to “help the analysts of the Intelligence Community” obtain “timely, accurate, objective and relevant intelligence.” One can only wonder whether Doug Feith’s shop over at the Pentagon deployed SAP “solutions” to find Saddam’s “weapons of mass destruction” during the run-up to the Iraq invasion!
Taking their turn on the dais is Spectronic Systems, a Danish firm that is “100% privately owned.” Little however, could be gleaned from a perusal of their web site since the company kindly informs us that it “is strictly for the benefit of Government Agencies, Law Enforcement Agencies, Intelligence Agencies and Government Approved companies.” However, ISS World was good enough to disclose that Spectronic activities include “the development and manufacturing of monitoring systems and monitoring centres” for telephone, internet, fax and modem traffic. Their systems are designed to “handle–i.e. retrieve, collect, decode, store and present–bulk data,” that can double as “data retention systems” for “bulk monitoring of SMS, MMS, e-mails or other means of data communication.” But how beneficial is it to the bottom line? Alas, a diligent search of the business press by this writer hit a veritable blank wall.
SS8 on the other hand is more forthcoming, claiming that their “products” allow intelligence agencies to “visualize and analyze a target’s internet session” and to “recognize, monitor, investigate and prevent criminal activity.” Proud that they have a “global reach,” SS8 broadcasts that their “electronic surveillance solutions” are “deployed in over 25 countries” and that their data installations “can intercept more than 100 million subscribers.” The firm’s platform for internet, WiFi, broadband and satellite interception claims to be capable of ferreting out “hidden relationships” while identifying “trends” (code for data mining and social network analysis) that “meet the functional needs” of the secret state.
Telesoft Technologies, produce “monitoring probes” that “allow data extraction” from “cellular and fixed networks.” This can be done for “fixed, 2/3G mobile and packet networks.” According to the firm, their “universal passive probes extract call content, signalling [sic] and location information for use by monitoring applications,” ensuring a seamless connection” of applications to “real world systems.”
True Position; this firm’s national security brief involves the identification and tracking of any mobile device in “real time” and offer “insightful intelligence” while “delivering powerful solutions” that “enable private enterprises and government agencies” the capability “to protect people, combat crime, and save lives like never before.” According to the company’s web site, the firm deploys data mining technologies that “monitor activity and behavior over time in order to build detailed profiles and identify others that they associate with.”
Last, but certainly not least, is the ultra-spooky Israeli firm, Verint (formerly Comverse Infosys). Billing itself as the world leader in “actionable intelligence,” readers are well-advised to peruse the documents on Verint products such as Reliant and Star Gate generously posted by our good friends over at the whistleblowing web site Quintessenz. And while your at it, why not check out AFC’s piece, “Thick as Thieves: The Private (and very profitable) World of Corporate Spying,” where information on the shady activities of the firm’s founder, Kobi Alexander, can be found. Currently holed-up in Windhoek, Namibia after becoming the recipient of a 2006 thirty-two count indictment by the Justice Department that charged the ex-Israeli intelligence officer and entrepreneur with backdating millions of stock options worth $138 million, Alexander is a sterling representative of an industry dedicated to “lawful interception” of our electronic communications to “prevent criminal activity.”
Amongst the exhibitors at ISS World, one finds (yet another) spooky Israeli firm Narus, whose hardware was a permanent “guest” in ATT/NSA “secret rooms” scattered around the country for surveillance of the entire Internet. First disclosed by ATT whistleblower Mark Klein in his sworn affidavit on behalf of EFF’s lawsuit, Hepting v. ATT, the firm’s STA 6400 traffic analyzer can monitor traffic equal to 39,000 DSL lines at 10 Gbit/s, or in practical terms, a single Narus machine can surveil several million broadband users at any given time. In 2004, the former Deputy Director of NSA, William Crowell joined the firm’s board of directors. As a result of FAA’s retroactive immunity provision, Hepting v. ATT was dismissed in 2009.
Which brings us full-circle to Sprint Nextel’s spiffy new web portal that enables the secret state to “ping” their customers’ GPS locations eight million times in the space of a year.
Tip of the Proverbial Iceberg
Hoping to learn more, Soghoian filed multiple Freedom of Information Act (FOIA) requests with the Department of Justice, seeking relevant details on just how much these corporate grifters charge our silent guardians for their electronic spying.
It was at that point that Soghoian ran into a brick wall. When he uncovered evidence that the illicit surveillance compact amongst federal security agencies, telecoms and ISPs was a limitless gold mine enriching shareholders at the expense of our constitutional rights, the firms struck back.
“Verizon and Yahoo intervened and filed an objection on grounds that, among other things, they would be ridiculed and publicly shamed were their surveillance price sheets made public,” Wired reported December 1.
What do these firms have to hide? Apparently, quite a lot.
Yahoo and Verizon weren’t about to release the data and filed a 12-page objection letter with the Justice Department, claiming that if their pricing information were disclosed to Soghoian he would use it for nefarious ends “to ’shame’ Yahoo and other companies–and to ’shock’ their customers.”
Cryptome Delivers the Goods, Again
Despite their whining, the indefatigable John Young, webmaster of the intelligence and security whistleblowing web site Cryptome, has published the Yahoo! Compliance Guide for Law Enforcement.
The 17-page handy guide for spooks and cops provides information on what the firm can and will provide the secret state (everything) and what it will cost.
Cryptome, never a site to run from a fight, has also posted the compliance guides of AT&T, Verizon, Sprint, Voicestream, Cox, Cingular, SBC, and Pacific Telesis.
As Antifascist Calling has averred many times, since the business of America’s security is, after all, business, let’s just say the “service” Yahoo provides our nation’s spooks doesn’t come cheap.
For his sterling efforts to inform the public, Young has been threatened by Yahoo attorneys with the tony Washington law firm Steptoe & Johnson.
In a series of communications with Young, Yahoo’s lawyers are threatening legal action in the form of a Digital Millennium Copyright Act (DMCA) takedown notice, claiming that “the unauthorized use and distribution of this document … infringes Yahoo’s intellectual property rights and constitutes a violation of U.S. copyright law.”
Attorney Michael T. Gershberg’s tersely worded missive, alleges that the posted spy guide “also infringes Yahoo’s trade secrets and constitutes business interference.”
Young fired back December 2: “The Yahoo document hosted on Cryptome was found on the Internet at a publicly accessible site.
“There is no copyright notice on the document. Would you please provide substantiation that the document is copyrighted or otherwise protected by DMCA? Your letter does not provide more than assertion without evidence.”
Gershberg countered: “On behalf of our client, Yahoo! Inc., attached please find a notice of copyright infringement pursuant to Section 512 of the Digital Millennium Copyright Act. Thank you for your cooperation in this matter.”
Undeterred, Young shot back: “I cannot find at the Copyright Office a grant of copyright for the Yahoo spying document hosted on Cryptome. To assure readers Yahoo’s copyright claim is valid and not another hoary bluff without substantiation so common under DMCA bombast please send a copy of the copyright grant for publication on Cryptome.”
Continuing, Young wrote: “Until Yahoo provides proof of copyright, the document will remain available to the public for it provides information that is in the public interest about Yahoo’s contradictory privacy policy and should remain a topic of public debate on ISP unacknowledged spying complicity with officials for lucrative fees.”
According to Cryptome, “The information in the document which counters Yahoo’s customer privacy policy suggests a clearing of the air is in order to assure customer reliance on Yahoo’s published promises of trust. A rewrite of Yahoo’s spying guide to replace the villainous one would be a positive step, advice of an unpaid, non-lawyerly independent panel could be sought to avoid the stigma associated with DMCA coercion.
“Note: Yahoo’s exclamation point is surely trademarked so omitted here.”
Commenting on the spy guide, Wired reported,

The Compliance Guide reveals, for example, that Yahoo does not retain a copy of e-mails that an account holder sends unless that customer sets up the account to store those e-mails. Yahoo also cannot search for or produce deleted e-mails once they’ve been removed from a user’s trash file.
The guide also reveals that the company retains the IP addresses from which a user logs in for just one year. But the company’s logs of IP addresses used to register new accounts for the first time go back to 1999. The contents of accounts on Flickr, which Yahoo also owns, are purged as soon as a user deactivates the account.
Chats conducted through the company’s Web Messenger service may be saved on Yahoo’s server if one of the parties in the correspondence set up their account to archive chats. This pertains to the web-based version of the chat service, however. Yahoo does not have the content of chats for consumers who use the downloadable Web Messenger client on their computer.
Instant message logs are retained 45 to 60 days and includes an account holder’s friends list, and the date and times the user communicated with them. (Kim Zetter, “Yahoo Issues Takedown Notice for Spying Price List,” Wired, December 4, 2009)

Well, just how much does Yahoo charge for their dubious shenanigans with the secret state? Wired reports: “According to this list, Yahoo charges the government about $30 to $40 for the contents, including e-mail, of a subscriber’s account. It charges $40 to $80 for the contents of a Yahoo group.”
Do the math for millions of customers whose rights have been abused and violated and pretty soon we’re talking serious money!
Is this what Yahoo and Verizon mean when they claim that should their surveillance price lists be publicly disclosed to they would be used “to ’shame’ Yahoo! and other companies–and to ’shock’ their customers.”
“Therefore,” the company avers, “release of Yahoo’s information is reasonably likely to lead to impairment of its reputation for protection of user privacy and security, which is a competitive disadvantage for technology companies.”
Well guess what, guilty as charged! Now that the information has been widely posted and mirrored by the global whistleblowers Wikileaks and countless other web sites, we should consider the alarming implications of Christopher Soghoian’s essential research to our privacy and democratic rights and act accordingly.
Barring a mechanism that guarantees public accountability from the secret state and their grifting corporate partners, we are left with no alternative but to name and shame. After all, democracy is not a spectator sport!
Tom Burghardt is a researcher and activist based in the San Francisco Bay Area. In addition to publishing in Covert Action Quarterly and Global Research, an independent research and media group of writers, scholars, journalists and activists based in Montreal, his articles can be read on Dissident Voice, The Intelligence Daily and Pacific Free Press. He is the editor of Police State America: U.S. Military "Civil Disturbance" Planning, distributed by AK Press. Read other articles by Tom, or visit Tom's website.
This article was posted on Friday, December 11th, 2009 at 9:00am and is filed under Capitalism, Civil Liberties, Corruption, Democracy, Espionage, Freedom of Speech, Legal/Constitutional, Privacy, Security.