I. ‘Oops, we did it again!’ NSA caught illegally collecting Americans’ phone data

Published time: 27 Jun, 2019 00:22 Edited time: 27 Jun, 2019 08:16
Get short URL

‘Oops, we did it again!’ NSA caught illegally collecting Americans’ phone data
Former NSA “listening station” © Reuters / Hannibal Hanschke 1984

The NSA has been caught improperly collecting Americans’ phone data yet again, just months after a similar incident forced them to (supposedly) purge hundreds of millions of records captured without FISA authorization.

The agency unlawfully slurped up a “larger than expected” volume of call and text records from one US telecom provider under the metadata-collection program known as Section 215, according to a document obtained by the American Civil Liberties Union as part of its ongoing lawsuit against the agency. The heavily redacted file does not reveal which company was affected, or how many of its “call detail records” were illegally collected between October 3 and 12, 2018.
Also on rt.com NSA ‘unmasking’ of American surveillance targets peaked in 2018, new report says

“These documents further confirm that this surveillance program is beyond redemption and a privacy and civil liberties disaster,” ACLU National Security Project staff attorney Patrick Toomey told the AP. “There is no justification for leaving this surveillance power in the NSA’s hands.”

Revealingly, the NSA in its own internal documents assesses the blunder’s “impact on national security or international relations” to be “none.” Critics of the program, formerly known as StellarWind, have pointed to its acknowledged failure to stop a single terror event – the agency’s official rationale for eavesdropping on 3 billion phone calls every day – as one of many reasons it should be scrapped.

The agency “will assess the scope of the civil liberties and privacy impact of this incident upon completion of the investigation,” the report promises, though an “initial assessment is that the impact was limited given the quick identification, purge processes, and lack of reporting.”

“Why is there no penalty? Why is there no consequence for doing this? This is illegal behavior – if it is illegal, what is the accountability for those who are collecting it?” journalist Ben Swann asked, referring to both the telecoms providing excess information and the government agency that has made at least three such “mistakes” in the last year.

“The NSA never outs themselves and admits ‘We made a mistake’ – it only comes to light when the ACLU or some group sues,” Swann told RT.

“If there is no accountability for those who continue to break the law – because that’s what they’re doing – then why would they ever stop doing that?”

The NSA is reportedly in favor of discontinuing Section 215 altogether, allowing congressional authorization to lapse when it expires at the end of 2019, though President Donald Trump has declared he wants to keep it running indefinitely.
Also on rt.com NSA wants to drop mass surveillance program revealed by Snowden – report

While the documents received by the ACLU suggest previous rumors about the agency’s use of the program – a security adviser to House Minority Leader Kevin McCarthy claimed the NSA hadn’t used it since June, the last time it was forced to purge millions of improperly-collected records – were false, former NSA chief William Binney confirms the agency is only letting it go because they have something much more sinister going on.

“There is no oversight of the upstream program,” Binney told RT, referring to an NSA program that collects not only phone records but emails, “chatter,” and “everything on the fiber optic network.” Upstream is “the major program that’s copying the collection of bulk data on everybody, not just in the United States but on the planet.”

The Ending Mass Collection of Americans’ Phone Records Act, a bipartisan bill to end NSA bulk collection of US phone data and prevent the agency from restarting it which was introduced in the Senate earlier this year, appears to have come a bit too late.

II. The Wiretap Rooms: The NSA’s Hidden Spy Hubs in Eight U.S. Cities

Photo: Steven Day
Ryan Gallagher, Henrik Moltke

June 25 2018, 6:00 a.m.

The secrets are hidden behind fortified walls in cities across the United States, inside towering, windowless skyscrapers and fortress-like concrete structures that were built to withstand earthquakes and even nuclear attack. Thousands of people pass by the buildings each day and rarely give them a second glance, because their function is not publicly known. They are an integral part of one of the world’s largest telecommunications networks – and they are also linked to a controversial National Security Agency surveillance program.

Atlanta, Chicago, Dallas, Los Angeles, New York City, San Francisco, Seattle, and Washington, D.C. In each of these cities, The Intercept has identified an AT&T facility containing networking equipment that transports large quantities of internet traffic across the United States and the world. A body of evidence – including classified NSA documents, public records, and interviews with several former AT&T employees – indicates that the buildings are central to an NSA spying initiative that has for years monitored billions of emails, phone calls, and online chats passing across U.S. territory.

The NSA considers AT&T to be one of its most trusted partners and has lauded the company’s “extreme willingness to help.” It is a collaboration that dates back decades. Little known, however, is that its scope is not restricted to AT&T’s customers. According to the NSA’s documents, it values AT&T not only because it “has access to information that transits the nation,” but also because it maintains unique relationships with other phone and internet providers. The NSA exploits these relationships for surveillance purposes, commandeering AT&T’s massive infrastructure and using it as a platform to covertly tap into communications processed by other companies.

Much has previously been reported about the NSA’s surveillance programs. But few details have been disclosed about the physical infrastructure that enables the spying. Last year, The Intercept highlighted a likely NSA facility in New York City’s Lower Manhattan. Now, we are revealing for the first time a series of other buildings across the U.S. that appear to serve a similar function, as critical parts of one of the world’s most powerful electronic eavesdropping systems, hidden in plain sight.

“It’s eye-opening and ominous the extent to which this is happening right here on American soil,” said Elizabeth Goitein, co-director of the Liberty and National Security Program at the Brennan Center for Justice. “It puts a face on surveillance that we could never think of before in terms of actual buildings and actual facilities in our own cities, in our own backyards.”

There are hundreds of AT&T-owned properties scattered across the U.S. The eight identified by The Intercept serve a specific function, processing AT&T customers’ data and also carrying large quantities of data from other internet providers. They are known as “backbone” and “peering” facilities.

While network operators would usually prefer to send data through their own networks, often a more direct and cost-efficient path is provided by other providers’ infrastructure. If one network in a specific area of the country is overloaded with data traffic, another operator with capacity to spare can sell or exchange bandwidth, reducing the strain on the congested region. This exchange of traffic is called “peering” and is an essential feature of the internet.

Because of AT&T’s position as one of the U.S.’s leading telecommunications companies, it has a large network that is frequently used by other providers to transport their customers’ data. Companies that “peer” with AT&T include the American telecommunications giants Sprint, Cogent Communications, and Level 3, as well as foreign companies such as Sweden’s Telia, India’s Tata Communications, Italy’s Telecom Italia, and Germany’s Deutsche Telekom.

AT&T currently boasts 19,500 “points of presence” in 149 countries where internet traffic is exchanged. But only eight of the company’s facilities in the U.S. offer direct access to its “common backbone” – key data routes that carry vast amounts of emails, internet chats, social media updates, and internet browsing sessions. These eight locations are among the most important in AT&T’s global network. They are also highly valued by the NSA, documents indicate.

The data exchange between AT&T and other networks initially takes place outside AT&T’s control, sources said, at third-party data centers that are owned and operated by companies such as California’s Equinix. But the data is then routed – in whole or in part – through the eight AT&T buildings, where the NSA taps into it. By monitoring what it calls the “peering circuits” at the eight sites, the spy agency can collect “not only AT&T’s data, they get all the data that’s interchanged between AT&T’s network and other companies,” according to Mark Klein, a former AT&T technician who worked with the company for 22 years. It is an efficient point to conduct internet surveillance, Klein said, “because the peering links, by the nature of the connections, are liable to carry everybody’s traffic at one point or another during the day, or the week, or the year.”

Christopher Augustine, a spokesperson for the NSA, said in a statement that the agency could “neither confirm nor deny its role in alleged classified intelligence activities.” Augustine declined to answer questions about the AT&T facilities, but said that the NSA “conducts its foreign signals intelligence mission under the legal authorities established by Congress and is bound by both policy and law to protect U.S. persons’ privacy and civil liberties.”

Jim Greer, an AT&T spokesperson, said that AT&T was “required by law to provide information to government and law enforcement entities by complying with court orders, subpoenas, lawful discovery requests, and other legal requirements.” He added that the company provides “voluntary assistance to law enforcement when a person’s life is in danger and in other immediate, emergency situations. In all cases, we ensure that requests for assistance are valid and that we act in compliance with the law.”

Dave Schaeffer, CEO of Cogent Communications, told The Intercept that he had no knowledge of the surveillance at the eight AT&T buildings, but said he believed “the core premise that the NSA or some other agency would like to look at traffic … at an AT&T facility.” He said he suspected that the surveillance is likely carried out on “a limited basis,” due to technical and cost constraints. If the NSA were trying to “ubiquitously monitor” data passing across AT&T’s networks, Schaeffer added, he would be “extremely concerned.”

Sprint, Telia, Tata Communications, Telecom Italia, and Deutsche Telekom did not respond to requests for comment. CenturyLink, which owns Level 3, said it would not discuss “matters of national security.”
map-gifs-4-1529435205

The maps The Intercept used to identify the internet surveillance hubs.

Maps: NSA/AT&T

The eight locations are featured on a top-secret NSA map, which depicts U.S. facilities that the agency relies upon for one of its largest surveillance programs, code-named FAIRVIEW. AT&T is the only company involved in FAIRVIEW, which was first established in 1985, according to NSA documents, and involves tapping into international telecommunications cables, routers, and switches.

In 2003, the NSA launched new internet mass surveillance methods, which were pioneered under the FAIRVIEW program. The methods were used by the agency to collect – within a few months – some 400 billion records about people’s internet communications and activity, the New York Times previously reported. FAIRVIEW was also forwarding more than 1 million emails every day to a “keyword selection system” at the NSA’s Fort Meade headquarters.

Central to the internet spying are eight “peering link router complex” sites, which are pinpointed on the top-secret NSA map. The locations of the sites mirror maps of AT&T’s networks, obtained by The Intercept from public records, which show “backbone node with peering” facilities in Atlanta, Chicago, Dallas, Los Angeles, New York City, San Francisco, Seattle, and Washington, D.C.

One of the AT&T maps contains unique codes individually identifying the addresses of the facilities in each of the cities.

Among the pinpointed buildings, there is a nuclear blast-resistant, windowless facility in New York City’s Hell’s Kitchen neighborhood; in Washington, D.C., a fortress-like, concrete structure less than half a mile south of the U.S. Capitol; in Chicago, an earthquake-resistant skyscraper in the West Loop Gate area; in Atlanta, a 429-foot art deco structure in the heart of the city’s downtown district; and in Dallas, a cube-like building with narrow windows and large vents on its exterior, located in the Old East district.

Elsewhere, on the west coast of the U.S., there are three more facilities: in downtown Los Angeles, a striking concrete tower near the Walt Disney Concert Hall and the Staples Center, two blocks from the most important internet exchange in the region; in Seattle, a 15-story building with blacked-out windows and reinforced concrete foundations, near the city’s waterfront; and in San Francisco’s South of Market neighborhood, a building where it was previously claimed that the NSA was monitoring internet traffic from a secure room on the sixth floor.

The peering sites – otherwise known in AT&T parlance as “Service Node Routing Complexes,” or SNRCs – were developed following the internet boom in the mid- to late 1990s. By March 2009, the NSA’s documents say it was tapping into “peering circuits at the eight SNRCs.”

The facilities’ purpose was to bolster AT&T’s network, improving its reliability and enabling future growth. They were developed under the leadership of an Iranian-American innovator and engineer named Hossein Eslambolchi, who was formerly AT&T’s chief technology officer and president of AT&T Labs, a division of the company that focuses on research and development.

Eslambolchi told The Intercept that the project to set up the facilities began after AT&T asked him to help create “the largest internet protocol network in the world.” He obliged and began implementing his network design by placing large Cisco routers inside former AT&T phone switching facilities across the U.S. When planning the project, he said he divided AT&T’s network into different regions, “and in every quadrant I will have what I will call an SNRC.”

During his employment with AT&T, Eslambolchi said he had to take a polygraph test, and he obtained a government security clearance. “I was involved in very, very top, heavy-duty projects for a few of these three-letter agencies,” he said, in an apparent reference to U.S. intelligence agencies. “They all loved me.”

He would not confirm or deny the exact locations of the eight peering sites identified by The Intercept or discuss the classified work he carried out while with the company. “You put a gun to my head,” he said, “I’m not going to tell you.”

Other former AT&T employees, however, were more forthcoming.

A former senior member of AT&T’s technical staff, who spoke on condition of anonymity due to the sensitivity of the subject, confirmed with “100 percent” certainty the locations of six of the eight peering facilities identified by The Intercept. The source, citing direct knowledge of the facilities and their function, verified the addresses of the buildings in Atlanta, Dallas, Los Angeles, New York City, Seattle, and Washington, D.C.

A second former AT&T employee confirmed the locations of the remaining two sites, in Chicago and San Francisco. “I worked with all of them,” said Philip Long, who was employed by AT&T for more than two decades as a technician servicing its networks. Long’s work with AT&T was carried out mostly in California, but he said his job required him to be in contact with the company’s other facilities across the U.S. In about 2005, Long recalled, he received orders to move “every internet backbone circuit I had in northern California” through the San Francisco AT&T building identified by The Intercept as one of the eight NSA spy hubs. Long said that, at the time, he felt suspicious of the changes, because they were unusual and unnecessary. “We thought we were routing our circuits so that they could grab all the data,” he said. “We thought it was the government listening.” He retired from his job with AT&T in 2014.

A third former AT&T employee reviewed The Intercept’s research and said he believed it accurately identified all eight of the facilities. “The site data certainly seems correct,” said Thomas Saunders, who worked as a data networking consultant for AT&T in New York City between 1995 and 2004. “Those nodes aren’t going to move.”

building-5-1528987907

Photo: Henrik Moltke

An estimated 99 percent of the world’s intercontinental internet traffic is transported through hundreds of giant fiber optic cables hidden beneath the world’s oceans. A large portion of the data and communications that pass across the cables is routed at one point through the U.S., partly because of the country’s location – situated between Europe, the Middle East, and Asia – and partly because of the pre-eminence of American internet companies, which provide services to people globally.

The NSA calls this predicament “home field advantage” – a kind of geographic good fortune. “A target’s phone call, email, or chat will take the cheapest path, not the physically most direct path,” one agency document explains. “Your target’s communications could easily be flowing into and through the U.S.”

Once the internet traffic arrives on U.S. soil, it is processed by American companies. And that is why, for the NSA, AT&T is so indispensable. The company claims it has one of the world’s most powerful networks, the largest of its kind in the U.S. AT&T routinely handles masses of emails, phone calls, and internet chats. As of March 2018, some 197 petabytes of data – the equivalent of more than 49 trillion pages of text, or 60 billion average-sized mp3 files – traveled across its networks every business day.

The NSA documents, which come from the trove provided to The Intercept by the whistleblower Edward Snowden, describe AT&T as having been “aggressively involved” in aiding the agency’s surveillance programs. One example of this appears to have taken place at the eight facilities under a classified initiative called SAGUARO.

As part of SAGUARO, AT&T developed a strategy to help the NSA electronically eavesdrop on internet data from the “peering circuits” at the eight sites, which were said to connect to the “common backbone,” major data routes carrying internet traffic.

The company worked with the NSA to rank communications flowing through its networks on the basis of intelligence value, prioritizing data depending on which country it was derived from, according to a top-secret agency document.

diagram-5-1528310650

Graphic: NSA

NSA diagrams reveal that after it collects data from AT&T’s “access links” and “peering partners,” it is sent to a “centralized processing facility” code-named PINECONE, located somewhere in New Jersey. Inside the PINECONE facility, there is a secure space in which there is both NSA-controlled and AT&T-controlled equipment. Internet traffic passes through an AT&T “distribution box” to two NSA systems. From there, the data is then transferred about 200 miles southwest to its final destination: NSA headquarters at Fort Meade in Maryland.

At the Maryland compound, the communications collected from AT&T’s networks are integrated into powerful systems called MAINWAY and MARINA, which the NSA uses to analyze metadata – such as the “to” and “from” parts of emails, and the times and dates they were sent. The communications obtained from AT&T are also made accessible through a tool named XKEYSCORE, which NSA employees use to search through the full contents of emails, instant messenger chats, web-browsing histories, webcam photos, information about downloads from online services, and Skype sessions.
grid-combine-01-1529695390

Top left / right: Mike Osborne. Bottom left: Henrik Moltke. Bottom right: Frank Heath.

The NSA’s primary mission is to gather foreign intelligence. The agency has broad legal powers to monitor emails, phone calls, and other forms of correspondence as they are being transported across the U.S., and it can compel companies such as AT&T to install surveillance equipment within their networks.

Under a Ronald Reagan-era presidential directive – Executive Order 12333 – the NSA has what it calls “transit authority,” which it says enables it to eavesdrop on “communications which originate and terminate in foreign countries, but traverse U.S. territory.” That could include, for example, an email sent by a person in France to a person in Mexico, which on its way to its destination was routed through a server in California. According to the NSA’s documents, it was using AT&T’s networks as of March 2013 to gather some 60 million foreign-to-foreign emails every day, 1.8 billion per month.

Without an individualized court order, it is illegal for the NSA to spy on communications that are wholly domestic, such as emails sent back and forth between two Americans living in Texas. However, in the aftermath of the 9/11 attacks, the agency began eavesdropping on Americans’ international calls and emails that were passing between the U.S. and other countries. That practice was exposed by the New York Times in 2005 and triggered what became known as the “warrantless wiretapping” scandal.

Critics argued that the surveillance of Americans’ international communications was illegal, because the NSA had carried it out without obtaining warrants from a judge and had instead acted on the orders of President George W. Bush. In 2008, Congress weighed into the dispute and controversially authorized elements of the warrantless wiretapping program by enacting Section 702 of the Foreign Intelligence and Surveillance Act, or FISA. The new law allowed the NSA to continue sweeping up Americans’ international communications without a warrant, so long as it did so “incidentally” while it was targeting foreigners overseas – for instance, if it was monitoring people in Pakistan, and they were talking with Americans in the U.S. by phone, email, or through an internet chat service.

Within AT&T’s networks, there is filtering equipment designed to separate foreign and domestic internet data before it is passed to the NSA, the agency’s documents show. Filtering technology is often used by internet providers for security reasons, enabling them to keep tabs on problems with their networks, block out spam, or monitor hacking attacks. But the same tools can be used for government surveillance.

“You can essentially trick the routers into redirecting a small subset of traffic you really care about, which you can monitor in more detail,” said Jennifer Rexford, a computer scientist who worked for AT&T Labs between 1996 and 2005.

According to the NSA’s documents, it programs its surveillance systems to focus on particular IP addresses – a set of numbers that identify a computer – associated with foreign countries. A classified 2012 memo describes the agency’s efforts to use IP addresses to home in on internet data passing between the U.S. and particular “regions of interest,” including Iran, Afghanistan, Israel, Nigeria, Pakistan, Yemen, Sudan, Tunisia, Libya, and Egypt. But this process is not an exact science, as people can use privacy or anonymity tools to change or spoof their IP addresses. A person in Israel could use privacy software to masquerade as if they were accessing the internet in the U.S. Likewise, an internet user in the U.S. could make it appear as if they were online in Israel. It is unclear how effective the NSA’s systems are at detecting such anomalies.

In October 2011, the Foreign Intelligence Surveillance Court, which approves the surveillance operations carried out under Section 702 of FISA, found that there were “technological limitations” with the agency’s internet eavesdropping equipment. It was “generally incapable of distinguishing” between some kinds of data, the court stated. As a consequence, Judge John D. Bates ruled, the NSA had been intercepting the communications of “non-target United States persons and persons in the United States,” violating Fourth Amendment protections against unreasonable searches and seizures. The ruling, which was declassified in August 2013, concluded that the agency had acquired some 13 million “internet transactions” during one six-month period, and had unlawfully gathered “tens of thousands of wholly domestic communications” each year.

The root of the issue was that the NSA’s technology was not only targeting communications sent to and from specific surveillance targets. Instead, the agency was sweeping up people’s emails if they had merely mentioned particular information about surveillance targets.

A top-secret NSA memo about the court’s ruling, which has not been disclosed before, explained that the agency was collecting people’s messages en masse if a single one were found to contain a “selector” – like an email address or phone number – that featured on a target list.

“One example of this is when a user of a webmail service accesses her inbox; if the inbox contains one email message that contains an NSA tasked selector, NSA will acquire a copy of the entire inbox, not just the individual email message that contains the tasked selector,” the memo stated.

The court’s ruling left the agency with two options: shut down the spying based on mentions of targets completely, or ensure that protections were put in place to stop the unlawfully collected communications from being reviewed. The NSA chose the latter option, and created a “cautionary banner” that warned its analysts not to read particular messages unless they could confirm that they had been lawfully obtained.

But the cautionary banner did not solve the problem. The NSA’s analysts continued to access the same data repositories to search, unlawfully, for information on Americans. In April 2017, the agency publicly acknowledged these violations, which it described as “inadvertent compliance incidents.” It said that it would no longer use surveillance programs authorized under Section 702 of FISA to harvest messages that mentioned its targets, citing “technological constraints, United States person privacy interests, and certain difficulties in implementation.”

The messages that the NSA had unlawfully collected were swept up using a method of surveillance known as “upstream,” which the agency still deploys for other surveillance programs authorized under both Section 702 of FISA and Executive Order 12333. The upstream method involves tapping into communications as they are passing across internet networks – precisely the kind of electronic eavesdropping that appears to have taken place at the eight locations identified by The Intercept.

DSC5709-SH-edit-1529525114

Photo: Frank Heath

Atlanta
51 Peachtree Center Avenue

The AT&T building in Atlanta was originally constructed in the 1920s as the main telephone exchange for the city’s downtown area. The art deco structure, made of limestone, was designed to be the largest in the city at the time at 25 stories tall. However, due to the Great Depression, plans were scaled back and at first, it only had six stories. Between 1947 and 1963, the building was upgraded to host 14 stories, and a large brown microwave tower – visible for miles – was also added. A profile of the building on the History Atlanta website notes that it contains “operations, phone exchanges and other communications equipment for AT&T.”

building-2-1528303742

Photo: Frank Heath

NSA and AT&T maps point to the Atlanta facility as being one of eight “peering” hubs that process internet traffic as part of the NSA surveillance program code-named FAIRVIEW. One former AT&T employee – who spoke on condition of anonymity – confirmed that the site was one of eight primary AT&T “Service Node Routing Complexes,” or SNRCs, in the U.S. NSA documents explicitly describe tapping into flows of data at all eight of these sites.

Information provided by a second former AT&T employee adds to the evidence linking the Atlanta building to NSA surveillance. Mark Klein, a former AT&T technician, alleged in 2006 that the company had allowed the NSA to install surveillance equipment in some of its network hubs. An AT&T facility in Atlanta was one of the spy sites, according to documents Klein presented in a court case over the alleged spying. The Atlanta facility was equipped with “splitter” equipment, which was used to make copies of internet traffic as AT&T’s networks processed it. The copied data would then be diverted to “SG3” equipment – a reference to “Study Group 3” – which was a code name AT&T used for activities related to NSA surveillance, according to evidence in the Klein case.

The Atlanta facility is likely of strategic importance for the NSA. The site is the closest major AT&T internet routing center to Miami, according to the NSA and AT&T maps. From undersea cables that come aground at Miami, huge flows of data pass between the U.S. and South America. It is probable that much of that data is routed through the Atlanta facility as it is being sent to and from the U.S. In recent years, the NSA has extensively targeted several Latin American countries – such as Mexico, Brazil, and Venezuela – for surveillance.

026V2098-1529092644

Photo: Henrik Moltke

Chicago
10 South Canal Street

Like many other major telecommunications hubs built during the late 1960s and early 1970s, the Chicago AT&T building was designed amid the Cold War to withstand a nuclear attack. The 538-foot skyscraper, located in the West Loop Gate area of the city, was completed in 1971. There are windows at both the top and bottom of the vast concrete structure, but 18 of its 28 floors are windowless.

According to the Chicago Sun-Times, the facility handles much of the city’s phone and internet traffic and is equipped with banks of routers, servers, and switching systems. “This building touches every single resident of the city,” Jim Wilson, an AT&T area manager, told the newspaper in 2016.

Photo: Henrik Moltke

One of the building’s architects, John Augur Holabird, said in a 1998 interview that it housed “a big switchboard.” He added: “In case the atomic bomb hits Milwaukee, you’ll be happy to know your telephone line will still go through even though the rest of us are wiped out. And that’s what that building was for.”

10 South Canal Street originally contained a million-gallon oil tank, turbine generators, and a water well, so that it could continue to function for more than two weeks without electricity or water from the city, according to Illinois broadcaster WBEZ. The building is “anchored in bedrock, which helps support the weight of the equipment inside, and gives it extra resistance to bomb blasts or earthquakes,” WBEZ reported.

Today, the facility contains six large V-16 yellow Caterpillar generators that can provide backup electricity in the event of a power failure, according to the Chicago Sun Times. Inside the skyscraper, AT&T stores some 200,000 gallons of diesel fuel, enough to run the generators for 40 days.

NSA and AT&T maps point to the Chicago facility as being one of the “peering” hubs, which process internet traffic as part of the NSA surveillance program code-named FAIRVIEW. Philip Long, who was employed by AT&T for more than two decades as a technician servicing its networks, confirmed that the Chicago site was one of eight primary AT&T “Service Node Routing Complexes,” or SNRCs, in the U.S. NSA documents explicitly describe tapping into flows of data at all eight of these sites.

building-6-1528303991

Photo: Mike Osborne

Dallas
4211 Bryan Street

This AT&T building is a fortified, cube-like structure, located in the Old East area of Dallas, not far from Baylor University Medical Center. Built in 1961, it is a light yellow-brown color with a granite foundation. Large vents are visible on the exterior of the building, as are several narrow windows, many of which appear to have been blacked out or covered in a reflective privacy glass.

The 4211 Bryan Street facility is located next to other AT&T-owned buildings, including a towering telephone routing complex that was first built in 1904. A piece about the telephone hub in the Dallas Observer described it as “an imposing, creepy building” that is “known in some circles as The Great Wall of Beige.”

building-7-1528304068

Photo: Mike Osborne

According to the Central Office website, which profiles telecommunications buildings across the U.S., the Dallas telephone hub is “the main regional tandem and AT&T for long distance and toll services in the Dallas Texas region.” Today, the building also has “major fiber connections to Plano, Irving, Tulsa, Oklahoma City, Ft. Worth, Abilene, Houston and Austin,” the website adds.

NSA and AT&T maps point to the 4211 Bryan Street facility as being one of the “peering” hubs, which process internet traffic as part of the NSA surveillance program code-named FAIRVIEW. A former AT&T employee confirmed that the site was one of eight primary AT&T “Service Node Routing Complexes,” or SNRCs, in the U.S. NSA documents explicitly describe tapping into flows of data at all eight of these sites.

building-8-1528304243

Photo: Henrik Moltke

Los Angeles
420 South Grand Avenue

At the time of its construction in 1961, the AT&T building known as the Madison Complex was the tallest building in downtown Los Angeles. It has since been dwarfed by a number of corporate office skyscrapers in the surrounding Financial District.

Located between Chinatown and the Staples Center, the fortress-like structure is one of the largest telephone central offices in the U.S. “The theoretical number of telephone lines that can be served from this office are 1.3 million and this office also serves as a foreign exchange carrier to neighboring area codes,” according to the Central Office, a website that profiles U.S. telecommunications hubs.

building-9-1528304318

“Untitled, or Bell Communications Around the Globe”. Mural by Anthony Heinsbergen (1961) on the West side of 420 South Grand Ave, La.

Photo: Henrik Moltke

The 448-foot, 17-story building is beige, rectangular, and mostly windowless. On its roof, there is a large microwave tower, which was originally used to transmit phone calls across a network of antennae. The tower’s technology became obsolete in the early 1990s, and it ceased to operate. It remains in place today as a sort of monument to outdated methods of communication and stands in contrast to the more modern buildings in the vicinity, many of them owned by banks.

The Madison Complex is located just two blocks from One Wilshire, which houses what is reportedly the most important internet exchange on the U.S. west coast. “Billions of phone calls, emails and internet pages pass through One Wilshire every week,” the Los Angeles Times reported in 2013, “because it is the primary terminus for major fiber-optic cable routes between Asia and North America.”

Due to the close proximity of the Madison Complex and One Wilshire, and their shared role as telecommunications hubs, it is likely that the buildings process some of the same data as it is being routed across U.S. networks.

NSA and AT&T maps point to the Madison Complex facility as being one of the “peering” hubs, which process internet traffic as part of the NSA surveillance program code-named FAIRVIEW. A former AT&T employee confirmed that the site was one of eight primary AT&T “Service Node Routing Complexes,” or SNRCs, in the U.S. NSA documents explicitly describe tapping into flows of data at all eight of these sites.

building-10-1528304345

Photo: Henrik Moltke

New York City
811 10th Avenue

It was built in 1964 as New York City’s first major telecommunications fortress. The striking concrete and granite AT&T building – located in the Hell’s Kitchen area about a 15-minute walk from Central Park – is 134 meters tall, with 21 floors, each one of them windowless and built to resist a nuclear blast.

A New York Times article published in 1975 noted that 811 10th Avenue was “the first of several windowless equipment buildings to be constructed” in the city, and added that its design initially “caused considerable controversy.”

building-11-1528304373

Aerial shot of 811 10th street, NYC, ca. 1965.

Photo: courtesy of Avery Architectural & Fine Arts Library, Columbia University

According to AT&T records, the building is a “hardened telco data center” and was upgraded in 2000 to become an internet data center. Thomas Saunders, a former AT&T engineer, told The Intercept that, in the 1970s, the building was considered to be “the biggest hub for transmission [of communications] in the country.” Saunders also claimed that, had Bush been in Manhattan during the 9/11 attacks, the Secret Service would have taken him to safety inside the AT&T facility. “It’s the strongest building in town,” he said.

026V2356-1529093799

Photo: Henrik Moltke

NSA and AT&T maps indicate that the 10th Avenue facility is one of eight “peering” hubs that process internet traffic as part of the NSA surveillance program code-named FAIRVIEW. Two former AT&T employees confirmed that the site was one of eight primary AT&T “Service Node Routing Complexes,” or SNRCs, in the U.S. NSA documents explicitly describe tapping into flows of data at all eight of these sites.

The design of the building bears some resemblance to another windowless building in New York City – AT&T’s towering skyscraper at 33 Thomas Street in lower Manhattan. As The Intercept reported in 2016, 33 Thomas Street is a major hub for routing international phone calls and appears to contain a secure NSA surveillance room – code-named TITANPOINTE – that has been used to tap into faxes and phone calls.

NSA and AT&T documents indicate that 10th Avenue building serves as the NSA’s internet equivalent of 33 Thomas Street. While the NSA’s surveillance at 33 Thomas Street mainly targets phone calls that pass through the building’s international switching points, at the 10th Avenue site the agency appears to primarily collect emails, online chats, and data from internet browsing sessions.

building-13-1528304435

Photo: Henrik Moltke

San Francisco
611 Folsom Street

This San Francisco AT&T building has been described as the city’s telecommunications “nerve center.” It is about 256 feet tall, has nine floors, and its exterior is covered in silver-colored panels; there are a series of vents that can be seen at street level, but there are few windows.

NSA and AT&T maps obtained by The Intercept indicate that 611 Folsom Street is one of the eight “peering” hubs in the U.S. that process internet traffic as part of the NSA surveillance program code-named FAIRVIEW. Philip Long, who was employed by AT&T for more than two decades as a technician servicing its networks, confirmed that the San Francisco site is one of eight primary AT&T “Service Node Routing Complexes,” or SNRCs, in the U.S. NSA documents explicitly describe tapping into flows of data at all eight of these sites.

building-14-1528304462

Photo: Henrik Moltke

Long recalled that, in the early 2000s, he “moved every internet backbone circuit I had in northern California” through the Folsom Street office. At the time, he said, he and his colleagues found it strange that they were asked to suddenly reroute all of the traffic, because “there was nothing wrong with the services, no facility problems.”

“We were getting orders to move backbones … and it just grabbed me,” said Long. “We thought it was government stuff and that they were being intrusive. We thought we were routing our circuits so that they could grab all the data.”

It is not the first time the building has been implicated in revelations about electronic eavesdropping. In 2006, an AT&T technician named Mark Klein alleged in a sworn court declaration that the NSA was tapping into internet traffic from a secure room on the sixth floor of the facility.

Klein, who worked at 611 Folsom Street between October 2003 and May 2004, stated that employees from the agency had visited the building and recruited one of AT&T’s management level technicians to carry out a “special job.” The job involved installing a “splitter cabinet” that copied internet data as it was flowing into the building, before diverting it into the secure room.

building-15-1528304523

The room at AT&T’s Folsom St. facility that allegedly contained NSA surveillance equipment.

Photo: Mark Klein

He said equipment in the secure room included a “semantic traffic analyzer” – a tool that can be used to search large quantities of data for particular words or phrases contained in emails or online chats. Notably, Klein discovered that the NSA appeared to be specifically targeting internet “peering links,” which is corroborated by the NSA and AT&T documents obtained by The Intercept.

“By cutting into the peering links, they get not only AT&T’s data, they get all the data that’s interchanged between AT&T’s network and other companies,” Klein told The Intercept in a recent interview.

According to documents provided by Klein, AT&T’s network at Folsom Street “peered” with other companies like Sprint, Cable & Wireless, and Qwest. It was also linked, he said, to an internet exchange named MAE West, a major data hub in San Jose, California, where other companies connect their networks together.

Sprint did not respond to a request for comment. A spokesperson for Cable & Wireless said the company only discloses data “when legally required to do so as a result of a valid warrant or other legal process.” In 2011, CenturyLink acquired Qwest as part of a $12.2 billion merger deal. A CenturyLink spokesperson said he could not discuss “matters of national security.”
The National Security Agency’s Seattle facility, located in the city’s downtown area, photographed on Wednesday, May 2, 2018, in Seattle, Wash. The 15-story gray building hosts the NSA, AT&T and Qwest Corporation communications. NSA and AT&T maps point to the Seattle facility as being of eight peering hubs that process internet traffic as part of the NSA surveillance program code-named FAIRVIEW. (Jovelle Tamayo for The Intercept)

Photo: Jovelle Tamayo for The Intercept

Seattle
1122 3rd Avenue

The Seattle facility is located in the city’s downtown area, not far from the waterfront. The gray building is 15 stories tall, with a dozen rows of narrow, blacked-out windows and vents that rise to its peak. According to public records, it was first constructed in 1955 and has reinforced concrete foundations and exterior walls that are supported by a steel frame.

Historically, the facility was an important communications switching point in the northwest of the U.S., routing calls between places like Bellingham, Spokane, Yakima, and north to Canada and Alaska. Today, the building appears to be primarily owned by the Qwest Corporation – a subsidiary of CenturyLink – but AT&T has a presence within it. AT&T’s logo is emblazoned on a plaque outside the building’s entrance.

Twenty-five miles north of Seattle, there is a major intercontinental undersea cable called Pacific Crossing-1, which routes communications between the U.S. and Japan; it is possible that the Seattle building processes some of these communications and others that pass between the U.S. west coast and Asia.

The National Security Agency’s Seattle facility, located in the city’s downtown area, photographed on Wednesday, May 2, 2018, in Seattle, Wash. The 15-story gray building hosts the NSA, AT&T and Qwest Corporation communications. NSA and AT&T maps point to the Seattle facility as being of eight peering hubs that process internet traffic as part of the NSA surveillance program code-named FAIRVIEW. (Jovelle Tamayo for The Intercept)

Photo: Jovelle Tamayo for The Intercept

NSA and AT&T maps point to the Seattle facility as being of eight “peering” hubs that process internet traffic as part of the NSA surveillance program code-named FAIRVIEW. A former AT&T employee confirmed that the site was one of eight primary AT&T “Service Node Routing Complexes,” or SNRCs, in the U.S. NSA documents explicitly describe tapping into flows of data at all eight of these sites.

building-18-1528304953

Photo: Henrik Moltke

Washington, D.C.
30 E Street Southwest

The building is a large, concrete, rectangular-shaped facility with few windows, located less than a mile south of the U.S. Capitol. Property tax records show that Verizon owns the majority of the property (worth $26 million), while AT&T owns a smaller part (worth $8.8 million). Plans of the building’s internal layout show that AT&T has space on the fourth, fifth, and sixth floors.

Central Office Buildings, a website that profiles telecommunications hubs in North America, describes the 30 E Street South West facility as “the granddaddy HQ of Verizon landline in Washington, DC.” It adds that the building contains a “a slew of switches of various types,” including AT&T equipment for routing long distance phone calls across networks.

building-19-1528305177

Photo: Mike Osborne

Capitol Police has an office located opposite the telecommunications hub, and a large number of police vehicles are usually located around the site. When The Intercept visited the facility to take photographs earlier this year, within a few minutes, several armed police officers arrived on the scene with dogs. They questioned our reporter, searched his car, and said that the building was considered critical infrastructure.

NSA and AT&T maps point to the Washington, D.C. facility as being one of eight “peering” hubs that process internet traffic as part of the NSA surveillance program code-named FAIRVIEW. A former AT&T employee confirmed that the site was one of eight primary AT&T “Service Node Routing Complexes,” or SNRCs, in the U.S. NSA documents explicitly describe tapping into flows of data at all eight of these sites.

Documents

Documents published with this article:

FAA702 comms memo
FAIRVIEW brief overview
FAIRVIEW overview with notes
SSO dictionary relevant entries
SSO news relevant entries
NSA’s SIDtoday on Executive Order 12333

We depend on the support of readers like you to help keep our nonprofit newsroom strong and independent. Join Us
Related
The NSA’s Spy Hub in New York, Hidden in Plain Sight
Source map blah blah
NSA’s Google for the World’s Private Communications
From left, FBI Director James Comey, Director of National Intelligence James Clapper, CIA Director John Brennan, and National Security Agency Director Adm. Michael Rogers, testify to Senate Intelligence Committee on Russia’s intelligence activities, at Dirksen Senate Office Building in Washington on Jan. 10, 2017. Photo: Riccardo Savi/Sipa via AP
Obama Opens NSA’s Vast Trove of Warrantless Data to Entire Intelligence Community, Just in Time for Trump
Ronald Reagan
The Ghost of Ronald Reagan Authorizes Most NSA Spying
Contact the author:

Ryan Gallagher
ryan.gallagher@​theintercept.com
@rj_gallagher

Henrik Moltke
moltke@​theintercept.com
@moltke
246 Comments (closed)
Join Our Newsletter
Original reporting. Fearless journalism. Delivered to you.
Weekly editor’s picks
Breaking stories and exclusives
2020 election coverage

Email list managed by MailChimp

III. AT&T collaborates on NSA spying through a web of secretive buildings in the US

Taylor Hatmaker@tayhatmaker / 1 year ago

FILE PHOTO NSA Compiles Massive Database Of Private Phone Calls

A new report from The Intercept sheds light on the NSA’s close relationship with communications provider AT&T.

The Intercept identified eight facilities across the U.S. that function as hubs for AT&T’s efforts to collaborate with the intelligence agency. The site first identified one potential hub of this kind in 2017 in lower Manhattan.

The report reveals that eight AT&T data facilities in the U.S. are regarded as high-value sites to the NSA for giving the agency direct “backbone” access to raw data that passes through, including emails, web browsing, social media and any other form of unencrypted online activity. The NSA uses the web of eight AT&T hubs for a surveillance operation code-named FAIRVIEW, a program previously reported by The New York Times. The program, first established in 1985, “involves tapping into international telecommunications cables, routers, and switches” and only coordinates directly with AT&T and not the other major U.S. mobile carriers.

AT&T’s deep involvement with the NSA monitoring program operated under the code name SAGUARO. Messaging, email and other web traffic accessed through the program was made searchable through XKEYSCORE, one of the NSA’s more infamous search-powered surveillance tools.

The Intercept explains how those sites give the NSA access to data beyond just AT&T subscribers:

The data exchange between AT&T and other networks initially takes place outside AT&T’s control, sources said, at third-party data centers that are owned and operated by companies such as California’s Equinix. But the data is then routed – in whole or in part – through the eight AT&T buildings, where the NSA taps into it. By monitoring what it calls the “peering circuits” at the eight sites, the spy agency can collect “not only AT&T’s data, they get all the data that’s interchanged between AT&T’s network and other companies,” according to Mark Klein, a former AT&T technician who worked with the company for 22 years.

The NSA describes these locations as “peering link router complex” sites while AT&T calls them “Service Node Routing Complexes” (SNRCs). The eight complexes are spread across the nation’s major cities, with locations in Chicago, Dallas, Atlanta, Los Angeles, New York City, San Francisco, Seattle and Washington, D.C. The Intercept report identifies these facilities:

Among the pinpointed buildings, there is a nuclear blast-resistant, windowless facility in New York City’s Hell’s Kitchen neighborhood; in Washington, D.C., a fortress-like, concrete structure less than half a mile south of the U.S. Capitol; in Chicago, an earthquake-resistant skyscraper in the West Loop Gate area; in Atlanta, a 429-foot art deco structure in the heart of the city’s downtown district; and in Dallas, a cube-like building with narrow windows and large vents on its exterior, located in the Old East district.

… in downtown Los Angeles, a striking concrete tower near the Walt Disney Concert Hall and the Staples Center, two blocks from the most important internet exchange in the region; in Seattle, a 15-story building with blacked-out windows and reinforced concrete foundations, near the city’s waterfront; and in San Francisco’s South of Market neighborhood, a building where it was previously claimed that the NSA was monitoring internet traffic from a secure room on the sixth floor.

While these facilities could allow for the monitoring of domestic U.S. traffic, they also process vast quantities of international traffic as it moves across the globe — a fact that likely explains why the NSA would view these AT&T nodes as such high-value sites. The original documents, part of the leaked files provided by Edward Snowden, are available in the original report.

Update: A representative from AT&T provided TechCrunch with the following comment.

“Like all companies, we are required by law to provide information to government and law enforcement entities by complying with court orders, subpoenas, lawful discovery requests and other legal requirements. And, we provide voluntary assistance to law enforcement when a person’s life is in danger and in other immediate, emergency situations. In all cases, we ensure that requests for assistance are valid and that we act in compliance with the law.

IV. NSA Spying

FAQ
How It Works
Key Officials
NSA Primary Sources
State Secrets Privilege
NSA Timeline 1791–2015
Word Games

NSA Spying

The US government, with assistance from major telecommunications carriers including AT&T, has engaged in massive, illegal dragnet surveillance of the domestic communications and communications records of millions of ordinary Americans since at least 2001. Since this was first reported on by the press and discovered by the public in late 2005, EFF has been at the forefront of the effort to stop it and bring government surveillance programs back within the law and the Constitution.

History of NSA Spying Information since 2005 (See EFF’s full timeline of events here)

News reports in December 2005 first revealed that the National Security Agency (NSA) has been intercepting Americans’ phone calls and Internet communications. Those news reports, combined with a USA Today story in May 2006 and the statements of several members of Congress, revealed that the NSA is also receiving wholesale copies of American’s telephone and other communications records. All of these surveillance activities are in violation of the privacy safeguards established by Congress and the US Constitution.

In early 2006, EFF obtained whistleblower evidence (.pdf) from former AT&T technician Mark Klein showing that AT&T is cooperating with the illegal surveillance. The undisputed documents show that AT&T installed a fiberoptic splitter at its facility at 611 Folsom Street in San Francisco that makes copies of all emails web browsing and other Internet traffic to and from AT&T customers and provides those copies to the NSA. This copying includes both domestic and international Internet activities of AT&T customers. As one expert observed, “this isn’t a wiretap, it’s a country-tap.”

Secret government documents, published by the media in 2013, confirm the NSA obtains full copies of everything that is carried along major domestic fiber optic cable networks. In June 2013, the media, led by the Guardian and Washington Post started publishing a series of articles, along with full government documents, that have confirmed much of what was reported in 2005 and 2006 and then some. The reports showed-and the government later admitted—that the government is mass collecting phone metadata of all US customers under the guise of the Patriot Act. Moreover, the media reports confirm that the government is collecting and analyzing the content of communications of foreigners talking to persons inside the United States, as well as collecting much more, without a probable cause warrant. Finally, the media reports confirm the “upstream” collection off of the fiberoptic cables that Mr. Klein first revealed in 2006. (See EFF’s How It Works page here for more)

EFF Fights Back in the Courts

EFF is fighting these illegal activities in the courts. Currently, EFF is representing victims of the illegal surveillance program in Jewel v. NSA, a lawsuit filed in September 2008 seeking to stop the warrantless wiretapping and hold the government and government officials behind the program accountable. In July 2013, a federal judge ruled that the government could not rely on the controversial “state secrets” privilege to block our challenge to the constitutionality of the program. On February 10, 2015, however, the court granted summary judgment to the government on the Plaintiffs’ allegations of Fourth Amendment violations based on the NSA’s copying of Internet traffic from the Internet backbone. The court ruled that the publicly available information did not paint a complete picture of how the NSA collects Internet traffic, so the court could not rule on the program without looking at information that could constitute “state secrets.” The court did not rule that the NSA’s activities are legal, nor did it rule on the other claims in Jewel, and the case will go forward on those claims.This case is being heard in conjunction with Shubert v. Obama, which raises similar claims.

In July, 2013, EFF filed another lawsuit, First Unitarian v. NSA, based on the recently published FISA court order demanding Verizon turn over all customer phone records including who is talking to whom, when and for how long—to the NSA. This so-called “metadata,” especially when collected in bulk and aggregated, allows the government to track the associations of various political and religious organizations. The Director of National Intelligence has since confirmed that the collection of Verizon call records is part of a broader program.

In addition to making the same arguments we made in Jewel, we argue in First Unitarian that this type of collection violates the First Amendment right to association. Previously, in Hepting v. AT&T, EFF filed the first case against a cooperating telecom for violating its customers’ privacy. After Congress expressly intervened and passed the FISA Amendments Act to allow the Executive to require dismissal of the case, Hepting was ultimately dismissed by the US Supreme Court.

In September of 2014, EFF, along with the American Civil Liberties Union (ACLU) and the American Civil Liberties Union of Idaho, joined the legal team for Anna Smith, an Idaho emergency neonatal nurse, in her challenge of the government’s bulk collection of the telephone records of millions of innocent Americans. In Smith v. Obama, we are arguing the program violated her Fourth Amendment rights by collecting a wealth of detail about her familial, political, professional, religious and intimate associations. In particular, we focus on challenging the applicability of the so-called “third party doctrine,” the idea that people have no expectation of privacy in information they entrust to others.

First Unitarian v. NSA: EFF’s case challenging the NSA’s phone metadata surveillance

Jewel v. NSA: EFF’s case challenging the NSA’s dragnet surveillance

Hepting v. AT&T: EFF’s case that challenged AT&T’s complicity in illegal NSA spying

Smith v. Obama: EFF’s appeal with the ACLU of an Idaho nurse’s challenge to the NSA’s phone metadata surveillance.
Protect digital privacy and free expression. EFF’s public interest legal work, activism, and software development preserve fundamental rights. DONATE TO EFF
EFF Related Content: NSA Spying

V. These towering, windowless, bomb-proof buildings in major US cities are reportedly part of an under-the-radar partnership between AT&T and the NSA

Sinéad Baker

Jun. 26, 2018, 12:10 PM

AT&T New York NSAA 21-story building in New York City that can survive a nuclear blast. Google Maps

T AT&T

AT&T has been helping the NSA with its mass surveillance programme, according to documents and sources obtained by The Intercept.

Eight AT&T buildings around the US, many fortified, are used as sites where the NSA can tap into phone, text, and browsing records from around the world, documents suggest.

A nuclear bomb-proof building in New York and a mostly windowless building in Los Angeles are among these sites.

AT&T did not address the claim, but said it fulfils its legal obligations. The NSA declined to comment.

AT&T has reportedly been collaborating with the National Security Agency (NSA) to allow it to review people’s texts, phone calls, and browsing data through eight fortress-like buildings across major US cities.

Online news site The Intercept has obtained documents and interviews suggesting the telecommunications company’s facilities in Atlanta, Chicago, Dallas, Los Angeles, New York City, San Francisco, Seattle, and Washington, DC, are central to an NSA initiative that has reviewed billions of emails, phone calls and online conversations from the US and around the world.

nsa AT&T mapA map of all eight AT&T facilities used by the NSA. Google Maps/Business Insider

While the eight buildings are known publicly as AT&T facilities, Monday’s report suggests that they are also used by the NSA for one of the agency’s largest surveillance programs, codenamed Fairview.

Known as “backbone” facilities, they process user data including emails, phone calls, online chats, social media updates, and browsing history of AT&T customers as well as other phone and internet providers.

When a network is overloaded with data, another operator can provide bandwidth in a process known as “peering.” AT&T is so large that it often does this, and transports the data from other companies’ users.

The NSA uses this large pool of data for Fairview, The Intercept said.
The facilities

Many of the the buildings are windowless, and constructed to withstand earthquakes and nuclear blasts. Here’s what we know about them:

51 Peachtree Center Avenue, Atlanta: This 14-story, art deco limestone structure was first built in the 1920s, and expanded between the 1947 and 1963. Documents and interviews have linked the building to NSA surveillance.

10 South Canal Street, Chicago: This facility was designed during the Cold War to survive a nuclear attack. Eighteen out of its 28 floors have no windows.

4211 Bryan Street, Dallas: This is also fortified with few windows, many of which appear to have been blacked out or covered in reflective glass.

420 South Grand Avenue, Los Angeles: This 17-story building is mostly windowless. A large tower on top was once used to transmit phone calls, though its technology is now obsolete and it is no longer used. It is one of the largest telephone central offices in the country.
AT&T Texas NSAOne of AT&T’s buildings in Dallas, Texas. Google Maps

811 10th Avenue, New York City: This windowless 24-story building, located 15 minutes from Central Park, was designed to withstand a nuclear blast. It appears to primarily collect online communications, such as emails and browsing data.

30 E Street Southwest, Washington, DC: This property, located less than a mile from the US Capitol, has few windows. Verizon owns a majority of this concrete building, while AT&T owns a smaller part and occupies the fourth, fifth, and sixth floors, property tax records indicated.

1122 3rd Avenue, Seattle: This 15-story building has blacked-out windows. It is in the city’s downtown area. The building appears to be primarily owned by the Qwest Corporation, according to The Intercept, but AT&T has a presence inside.

611 Folsom Street, San Francisco: This nine-story building is covered with silver-colored paneling on the outside, and there are few windows. A former AT&T employee told The Intercept of a room in the facility that allegedly contained NSA surveillance equipment.
Screen Shot 2018 06 26 at 13.49.59AT&T’s facility in San Francisco, which is reportedly used by the NSA. Google Maps
“Information that transits the nation”

AT&T, the world’s largest telecommunications company, is identified as the only company involved in Fairview. NSA documents state that the agency values AT&T because it “has access to information that transits the nation.”

AT&T processes data from other telecommunications companies such as Sprint and Cogent Communications in the US, and Telecom Italia in Italy and Deutsche Telekom in Germany.

Internet data and communications from around the world is processed by American companies if it arrives on US soil. A large portion of the world’s internet traffic, which passes through undersea cables, goes through the US due to the country’s geographical location and partly because of the popularity of American internet companies around the world.
Telegeography internet cables mapA map showing internet traffic around the world, as transported by undersea cables. Telegeography

Christopher Augustine, a spokesperson for the NSA, told The Intercept that the NSA could “neither confirm nor deny its role in alleged classified intelligence activities.”

The agency “conducts its foreign signals intelligence mission under the legal authorities established by Congress and is bound by both policy and law to protect US persons’ privacy and civil liberties,” he added.

AT&T Director of Corporate Communications Jim Greer told Business Insider in a statement:

“Like all companies, we are required by law to provide information to government and law enforcement entities by complying with court orders, subpoenas, lawful discovery requests and other legal requirements.

“And, we provide voluntary assistance to law enforcement when a person’s life is in danger and in other immediate, emergency situations. In all cases, we ensure that requests for assistance are valid and that we act in compliance with the law.”

The NSA has appeared to amp up its information collection. The agency said it collected more than 534 million records of phone calls and text messages from American providers in 2017 — more than three times what it collected the year before.

Business Insider has also contacted the NSA, Sprint, Telecom Italia, Deutsche Telekom, and Cogent Communications for comment.
Read The Intercept’s story here.
NOW WATCH: How to hack an election, according to a former NSA hacker

VI. AT&T Spies On Americans For Profit

In some unsettling news, AT&T was found to be colluding with law enforcement to spy on American citizens. If that wasn’t enough, the company apparently makes a profit from doing this.

Further Reading

EU Law Now Protects Dynamic IP Addresses

9 Ways to Boost Your Wi-Fi Signal
I, Spy

The Daily Beast reports that in 2013, officers working on a homicide case were trying to find a way to link a particular suspect to the crime. Even with DNA evidence, the law enforcement team just didn’t have enough to go on. But then they used Project Hemisphere.

Hemisphere is a secret project run by AT&T. It searches trillions of phone call records and analyzes cellular data. With this information, law enforcement can find the location of a target, the people he/she communicates with, and possibly even figure out why.

In 2013 The New York Times described Hemisphere as a “partnership” between AT&T and the government. The Justice Department said the program was “an essential, and prudently deployed, counter-narcotics tool.”

“an essential, and prudently deployed, counter-narcotics tool.”

But documentation by AT&T itself revealed that Hemisphere had far more uses besides drugs, such as homicide investigations and even Medicaid fraud. The project isn’t technically a partnership. Rather, it’s a product – one that AT&T developed, marketed and sold at the expense of taxpayers. Police and sheriff departments pay anywhere from $100,000 to $1 million for Hemisphere access.

Government agents don’t need a warrant to use this massive database of personal information. AT&T’s only requirement is that law enforcement must promise not to disclose Hemisphere if an investigation that makes use of it becomes public.

Although the US government requires telecommunications companies to share phone records, AT&T goes above and beyond with Hemisphere. Christopher Soghoian, a technology policy analyst at ACLU, said

“Companies have to give this data to law enforcement upon request, if they have it. AT&T doesn’t have to data-mine its database to help police come up with new numbers to investigate.”

I Spy For Profit

AT&T is in a unique position when it comes to customer data. The company owns more than 75% of U.S. landline switches. It also owns the second biggest wireless network infrastructure after Verizon. AT&T retains data from its cell towers going all the way back to July 2008. Far longer than other carriers. Verizon keeps records for a year, while Sprint keeps them for 18 months.

This isn’t even the first time that AT&T helped the government spy on its customers. In 2003, AT&T ordered Mark Klein – a technician for the company – to help the NSA install a bug into the carrier’s internet exchange point in San Francisco: Room 641A.
Image credit: Wired

Image credit: Wired

AT&T even invented a new programming language to efficiently mine its customer records for surveillance. In 2007 the carrier was criticized for handing documents over to the FBI. This was the same year that AT&T created Project Hemisphere.

By 2013 Hemisphere was deployed to three DEA High-Intensity Drug Trafficking Area (HIDTA) Investigative Support Centers. Today, the project is used in at least 28 of these centers all around the country. Federal agents and local law enforcement staff these areas.

AT&T employees are the ones that mine Hemisphere for data on behalf of law enforcement clients. Law enforcement never directly access the data. In a 2014 statement, AT&T wants Hemisphere to be as secretive as possible:

“The Government agency agrees not to use the data as evidence in any judicial or administrative proceedings unless there is no other available and admissible probative evidence…”

The Law

According to American law, people charged with a crime have the right to know the evidence against them during the trial. But Adam Schwartz, staff attorney for the Electronic Frontier Foundation, says AT&T’s statement means that the carrier leaves law enforcement no choice but to create a false story to cover up the fact that they used Hemisphere.

After AT&T gives officers a lead in an investigation using Hemisphere, it’s up to the investigators to use regular police work, like getting a court order for a wiretap or trailing a suspect. This is to come up with the same evidence that Hemisphere provided in order to prosecute. This process is called “parallel construction.”

Schwartz told The Daily Beast,

“This document here is striking. I’ve seen documents produced by the government regarding Hemisphere, but this is the first time I’ve seen an AT&T document which requires parallel construction in a service to government. It’s very troubling and not the way law enforcement should work in this country.”

The EFF, ACLU and Electronic Privacy Information Center have all expressed concern that Hemisphere surveillance is overly invasive and unconstitutional. Right now the EFF is waiting for a judge to rule on the Freedom of Information Act suit against the Department of Justice for Hemisphere documents.
Conclusion

Does this kind of behavior concern you? Does it even surprise you? Is this enough to make you leave AT&T? With AT&T’s monopoly on our communications is leaving them even feasable? Let us know what you think in the comments.

VII. I. ‘Oops, we did it again!’ NSA caught illegally collecting Americans’ phone data

Published time: 27 Jun, 2019 00:22 Edited time: 27 Jun, 2019 08:16
Get short URL

‘Oops, we did it again!’ NSA caught illegally collecting Americans’ phone data
Former NSA “listening station” © Reuters / Hannibal Hanschke 1984

The NSA has been caught improperly collecting Americans’ phone data yet again, just months after a similar incident forced them to (supposedly) purge hundreds of millions of records captured without FISA authorization.

The agency unlawfully slurped up a “larger than expected” volume of call and text records from one US telecom provider under the metadata-collection program known as Section 215, according to a document obtained by the American Civil Liberties Union as part of its ongoing lawsuit against the agency. The heavily redacted file does not reveal which company was affected, or how many of its “call detail records” were illegally collected between October 3 and 12, 2018.
Also on rt.com NSA ‘unmasking’ of American surveillance targets peaked in 2018, new report says

“These documents further confirm that this surveillance program is beyond redemption and a privacy and civil liberties disaster,” ACLU National Security Project staff attorney Patrick Toomey told the AP. “There is no justification for leaving this surveillance power in the NSA’s hands.”

Revealingly, the NSA in its own internal documents assesses the blunder’s “impact on national security or international relations” to be “none.” Critics of the program, formerly known as StellarWind, have pointed to its acknowledged failure to stop a single terror event – the agency’s official rationale for eavesdropping on 3 billion phone calls every day – as one of many reasons it should be scrapped.

The agency “will assess the scope of the civil liberties and privacy impact of this incident upon completion of the investigation,” the report promises, though an “initial assessment is that the impact was limited given the quick identification, purge processes, and lack of reporting.”

“Why is there no penalty? Why is there no consequence for doing this? This is illegal behavior – if it is illegal, what is the accountability for those who are collecting it?” journalist Ben Swann asked, referring to both the telecoms providing excess information and the government agency that has made at least three such “mistakes” in the last year.

“The NSA never outs themselves and admits ‘We made a mistake’ – it only comes to light when the ACLU or some group sues,” Swann told RT.

“If there is no accountability for those who continue to break the law – because that’s what they’re doing – then why would they ever stop doing that?”

The NSA is reportedly in favor of discontinuing Section 215 altogether, allowing congressional authorization to lapse when it expires at the end of 2019, though President Donald Trump has declared he wants to keep it running indefinitely.
Also on rt.com NSA wants to drop mass surveillance program revealed by Snowden – report

While the documents received by the ACLU suggest previous rumors about the agency’s use of the program – a security adviser to House Minority Leader Kevin McCarthy claimed the NSA hadn’t used it since June, the last time it was forced to purge millions of improperly-collected records – were false, former NSA chief William Binney confirms the agency is only letting it go because they have something much more sinister going on.

“There is no oversight of the upstream program,” Binney told RT, referring to an NSA program that collects not only phone records but emails, “chatter,” and “everything on the fiber optic network.” Upstream is “the major program that’s copying the collection of bulk data on everybody, not just in the United States but on the planet.”

The Ending Mass Collection of Americans’ Phone Records Act, a bipartisan bill to end NSA bulk collection of US phone data and prevent the agency from restarting it which was introduced in the Senate earlier this year, appears to have come a bit too late.

II. The Wiretap Rooms: The NSA’s Hidden Spy Hubs in Eight U.S. Cities

Photo: Steven Day
Ryan Gallagher, Henrik Moltke

June 25 2018, 6:00 a.m.

The secrets are hidden behind fortified walls in cities across the United States, inside towering, windowless skyscrapers and fortress-like concrete structures that were built to withstand earthquakes and even nuclear attack. Thousands of people pass by the buildings each day and rarely give them a second glance, because their function is not publicly known. They are an integral part of one of the world’s largest telecommunications networks – and they are also linked to a controversial National Security Agency surveillance program.

Atlanta, Chicago, Dallas, Los Angeles, New York City, San Francisco, Seattle, and Washington, D.C. In each of these cities, The Intercept has identified an AT&T facility containing networking equipment that transports large quantities of internet traffic across the United States and the world. A body of evidence – including classified NSA documents, public records, and interviews with several former AT&T employees – indicates that the buildings are central to an NSA spying initiative that has for years monitored billions of emails, phone calls, and online chats passing across U.S. territory.

The NSA considers AT&T to be one of its most trusted partners and has lauded the company’s “extreme willingness to help.” It is a collaboration that dates back decades. Little known, however, is that its scope is not restricted to AT&T’s customers. According to the NSA’s documents, it values AT&T not only because it “has access to information that transits the nation,” but also because it maintains unique relationships with other phone and internet providers. The NSA exploits these relationships for surveillance purposes, commandeering AT&T’s massive infrastructure and using it as a platform to covertly tap into communications processed by other companies.

Much has previously been reported about the NSA’s surveillance programs. But few details have been disclosed about the physical infrastructure that enables the spying. Last year, The Intercept highlighted a likely NSA facility in New York City’s Lower Manhattan. Now, we are revealing for the first time a series of other buildings across the U.S. that appear to serve a similar function, as critical parts of one of the world’s most powerful electronic eavesdropping systems, hidden in plain sight.

“It’s eye-opening and ominous the extent to which this is happening right here on American soil,” said Elizabeth Goitein, co-director of the Liberty and National Security Program at the Brennan Center for Justice. “It puts a face on surveillance that we could never think of before in terms of actual buildings and actual facilities in our own cities, in our own backyards.”

There are hundreds of AT&T-owned properties scattered across the U.S. The eight identified by The Intercept serve a specific function, processing AT&T customers’ data and also carrying large quantities of data from other internet providers. They are known as “backbone” and “peering” facilities.

While network operators would usually prefer to send data through their own networks, often a more direct and cost-efficient path is provided by other providers’ infrastructure. If one network in a specific area of the country is overloaded with data traffic, another operator with capacity to spare can sell or exchange bandwidth, reducing the strain on the congested region. This exchange of traffic is called “peering” and is an essential feature of the internet.

Because of AT&T’s position as one of the U.S.’s leading telecommunications companies, it has a large network that is frequently used by other providers to transport their customers’ data. Companies that “peer” with AT&T include the American telecommunications giants Sprint, Cogent Communications, and Level 3, as well as foreign companies such as Sweden’s Telia, India’s Tata Communications, Italy’s Telecom Italia, and Germany’s Deutsche Telekom.

AT&T currently boasts 19,500 “points of presence” in 149 countries where internet traffic is exchanged. But only eight of the company’s facilities in the U.S. offer direct access to its “common backbone” – key data routes that carry vast amounts of emails, internet chats, social media updates, and internet browsing sessions. These eight locations are among the most important in AT&T’s global network. They are also highly valued by the NSA, documents indicate.

The data exchange between AT&T and other networks initially takes place outside AT&T’s control, sources said, at third-party data centers that are owned and operated by companies such as California’s Equinix. But the data is then routed – in whole or in part – through the eight AT&T buildings, where the NSA taps into it. By monitoring what it calls the “peering circuits” at the eight sites, the spy agency can collect “not only AT&T’s data, they get all the data that’s interchanged between AT&T’s network and other companies,” according to Mark Klein, a former AT&T technician who worked with the company for 22 years. It is an efficient point to conduct internet surveillance, Klein said, “because the peering links, by the nature of the connections, are liable to carry everybody’s traffic at one point or another during the day, or the week, or the year.”

Christopher Augustine, a spokesperson for the NSA, said in a statement that the agency could “neither confirm nor deny its role in alleged classified intelligence activities.” Augustine declined to answer questions about the AT&T facilities, but said that the NSA “conducts its foreign signals intelligence mission under the legal authorities established by Congress and is bound by both policy and law to protect U.S. persons’ privacy and civil liberties.”

Jim Greer, an AT&T spokesperson, said that AT&T was “required by law to provide information to government and law enforcement entities by complying with court orders, subpoenas, lawful discovery requests, and other legal requirements.” He added that the company provides “voluntary assistance to law enforcement when a person’s life is in danger and in other immediate, emergency situations. In all cases, we ensure that requests for assistance are valid and that we act in compliance with the law.”

Dave Schaeffer, CEO of Cogent Communications, told The Intercept that he had no knowledge of the surveillance at the eight AT&T buildings, but said he believed “the core premise that the NSA or some other agency would like to look at traffic … at an AT&T facility.” He said he suspected that the surveillance is likely carried out on “a limited basis,” due to technical and cost constraints. If the NSA were trying to “ubiquitously monitor” data passing across AT&T’s networks, Schaeffer added, he would be “extremely concerned.”

Sprint, Telia, Tata Communications, Telecom Italia, and Deutsche Telekom did not respond to requests for comment. CenturyLink, which owns Level 3, said it would not discuss “matters of national security.”
map-gifs-4-1529435205

The maps The Intercept used to identify the internet surveillance hubs.

Maps: NSA/AT&T

The eight locations are featured on a top-secret NSA map, which depicts U.S. facilities that the agency relies upon for one of its largest surveillance programs, code-named FAIRVIEW. AT&T is the only company involved in FAIRVIEW, which was first established in 1985, according to NSA documents, and involves tapping into international telecommunications cables, routers, and switches.

In 2003, the NSA launched new internet mass surveillance methods, which were pioneered under the FAIRVIEW program. The methods were used by the agency to collect – within a few months – some 400 billion records about people’s internet communications and activity, the New York Times previously reported. FAIRVIEW was also forwarding more than 1 million emails every day to a “keyword selection system” at the NSA’s Fort Meade headquarters.

Central to the internet spying are eight “peering link router complex” sites, which are pinpointed on the top-secret NSA map. The locations of the sites mirror maps of AT&T’s networks, obtained by The Intercept from public records, which show “backbone node with peering” facilities in Atlanta, Chicago, Dallas, Los Angeles, New York City, San Francisco, Seattle, and Washington, D.C.

One of the AT&T maps contains unique codes individually identifying the addresses of the facilities in each of the cities.

Among the pinpointed buildings, there is a nuclear blast-resistant, windowless facility in New York City’s Hell’s Kitchen neighborhood; in Washington, D.C., a fortress-like, concrete structure less than half a mile south of the U.S. Capitol; in Chicago, an earthquake-resistant skyscraper in the West Loop Gate area; in Atlanta, a 429-foot art deco structure in the heart of the city’s downtown district; and in Dallas, a cube-like building with narrow windows and large vents on its exterior, located in the Old East district.

Elsewhere, on the west coast of the U.S., there are three more facilities: in downtown Los Angeles, a striking concrete tower near the Walt Disney Concert Hall and the Staples Center, two blocks from the most important internet exchange in the region; in Seattle, a 15-story building with blacked-out windows and reinforced concrete foundations, near the city’s waterfront; and in San Francisco’s South of Market neighborhood, a building where it was previously claimed that the NSA was monitoring internet traffic from a secure room on the sixth floor.

The peering sites – otherwise known in AT&T parlance as “Service Node Routing Complexes,” or SNRCs – were developed following the internet boom in the mid- to late 1990s. By March 2009, the NSA’s documents say it was tapping into “peering circuits at the eight SNRCs.”

The facilities’ purpose was to bolster AT&T’s network, improving its reliability and enabling future growth. They were developed under the leadership of an Iranian-American innovator and engineer named Hossein Eslambolchi, who was formerly AT&T’s chief technology officer and president of AT&T Labs, a division of the company that focuses on research and development.

Eslambolchi told The Intercept that the project to set up the facilities began after AT&T asked him to help create “the largest internet protocol network in the world.” He obliged and began implementing his network design by placing large Cisco routers inside former AT&T phone switching facilities across the U.S. When planning the project, he said he divided AT&T’s network into different regions, “and in every quadrant I will have what I will call an SNRC.”

During his employment with AT&T, Eslambolchi said he had to take a polygraph test, and he obtained a government security clearance. “I was involved in very, very top, heavy-duty projects for a few of these three-letter agencies,” he said, in an apparent reference to U.S. intelligence agencies. “They all loved me.”

He would not confirm or deny the exact locations of the eight peering sites identified by The Intercept or discuss the classified work he carried out while with the company. “You put a gun to my head,” he said, “I’m not going to tell you.”

Other former AT&T employees, however, were more forthcoming.

A former senior member of AT&T’s technical staff, who spoke on condition of anonymity due to the sensitivity of the subject, confirmed with “100 percent” certainty the locations of six of the eight peering facilities identified by The Intercept. The source, citing direct knowledge of the facilities and their function, verified the addresses of the buildings in Atlanta, Dallas, Los Angeles, New York City, Seattle, and Washington, D.C.

A second former AT&T employee confirmed the locations of the remaining two sites, in Chicago and San Francisco. “I worked with all of them,” said Philip Long, who was employed by AT&T for more than two decades as a technician servicing its networks. Long’s work with AT&T was carried out mostly in California, but he said his job required him to be in contact with the company’s other facilities across the U.S. In about 2005, Long recalled, he received orders to move “every internet backbone circuit I had in northern California” through the San Francisco AT&T building identified by The Intercept as one of the eight NSA spy hubs. Long said that, at the time, he felt suspicious of the changes, because they were unusual and unnecessary. “We thought we were routing our circuits so that they could grab all the data,” he said. “We thought it was the government listening.” He retired from his job with AT&T in 2014.

A third former AT&T employee reviewed The Intercept’s research and said he believed it accurately identified all eight of the facilities. “The site data certainly seems correct,” said Thomas Saunders, who worked as a data networking consultant for AT&T in New York City between 1995 and 2004. “Those nodes aren’t going to move.”

building-5-1528987907

Photo: Henrik Moltke

An estimated 99 percent of the world’s intercontinental internet traffic is transported through hundreds of giant fiber optic cables hidden beneath the world’s oceans. A large portion of the data and communications that pass across the cables is routed at one point through the U.S., partly because of the country’s location – situated between Europe, the Middle East, and Asia – and partly because of the pre-eminence of American internet companies, which provide services to people globally.

The NSA calls this predicament “home field advantage” – a kind of geographic good fortune. “A target’s phone call, email, or chat will take the cheapest path, not the physically most direct path,” one agency document explains. “Your target’s communications could easily be flowing into and through the U.S.”

Once the internet traffic arrives on U.S. soil, it is processed by American companies. And that is why, for the NSA, AT&T is so indispensable. The company claims it has one of the world’s most powerful networks, the largest of its kind in the U.S. AT&T routinely handles masses of emails, phone calls, and internet chats. As of March 2018, some 197 petabytes of data – the equivalent of more than 49 trillion pages of text, or 60 billion average-sized mp3 files – traveled across its networks every business day.

The NSA documents, which come from the trove provided to The Intercept by the whistleblower Edward Snowden, describe AT&T as having been “aggressively involved” in aiding the agency’s surveillance programs. One example of this appears to have taken place at the eight facilities under a classified initiative called SAGUARO.

As part of SAGUARO, AT&T developed a strategy to help the NSA electronically eavesdrop on internet data from the “peering circuits” at the eight sites, which were said to connect to the “common backbone,” major data routes carrying internet traffic.

The company worked with the NSA to rank communications flowing through its networks on the basis of intelligence value, prioritizing data depending on which country it was derived from, according to a top-secret agency document.

diagram-5-1528310650

Graphic: NSA

NSA diagrams reveal that after it collects data from AT&T’s “access links” and “peering partners,” it is sent to a “centralized processing facility” code-named PINECONE, located somewhere in New Jersey. Inside the PINECONE facility, there is a secure space in which there is both NSA-controlled and AT&T-controlled equipment. Internet traffic passes through an AT&T “distribution box” to two NSA systems. From there, the data is then transferred about 200 miles southwest to its final destination: NSA headquarters at Fort Meade in Maryland.

At the Maryland compound, the communications collected from AT&T’s networks are integrated into powerful systems called MAINWAY and MARINA, which the NSA uses to analyze metadata – such as the “to” and “from” parts of emails, and the times and dates they were sent. The communications obtained from AT&T are also made accessible through a tool named XKEYSCORE, which NSA employees use to search through the full contents of emails, instant messenger chats, web-browsing histories, webcam photos, information about downloads from online services, and Skype sessions.
grid-combine-01-1529695390

Top left / right: Mike Osborne. Bottom left: Henrik Moltke. Bottom right: Frank Heath.

The NSA’s primary mission is to gather foreign intelligence. The agency has broad legal powers to monitor emails, phone calls, and other forms of correspondence as they are being transported across the U.S., and it can compel companies such as AT&T to install surveillance equipment within their networks.

Under a Ronald Reagan-era presidential directive – Executive Order 12333 – the NSA has what it calls “transit authority,” which it says enables it to eavesdrop on “communications which originate and terminate in foreign countries, but traverse U.S. territory.” That could include, for example, an email sent by a person in France to a person in Mexico, which on its way to its destination was routed through a server in California. According to the NSA’s documents, it was using AT&T’s networks as of March 2013 to gather some 60 million foreign-to-foreign emails every day, 1.8 billion per month.

Without an individualized court order, it is illegal for the NSA to spy on communications that are wholly domestic, such as emails sent back and forth between two Americans living in Texas. However, in the aftermath of the 9/11 attacks, the agency began eavesdropping on Americans’ international calls and emails that were passing between the U.S. and other countries. That practice was exposed by the New York Times in 2005 and triggered what became known as the “warrantless wiretapping” scandal.

Critics argued that the surveillance of Americans’ international communications was illegal, because the NSA had carried it out without obtaining warrants from a judge and had instead acted on the orders of President George W. Bush. In 2008, Congress weighed into the dispute and controversially authorized elements of the warrantless wiretapping program by enacting Section 702 of the Foreign Intelligence and Surveillance Act, or FISA. The new law allowed the NSA to continue sweeping up Americans’ international communications without a warrant, so long as it did so “incidentally” while it was targeting foreigners overseas – for instance, if it was monitoring people in Pakistan, and they were talking with Americans in the U.S. by phone, email, or through an internet chat service.

Within AT&T’s networks, there is filtering equipment designed to separate foreign and domestic internet data before it is passed to the NSA, the agency’s documents show. Filtering technology is often used by internet providers for security reasons, enabling them to keep tabs on problems with their networks, block out spam, or monitor hacking attacks. But the same tools can be used for government surveillance.

“You can essentially trick the routers into redirecting a small subset of traffic you really care about, which you can monitor in more detail,” said Jennifer Rexford, a computer scientist who worked for AT&T Labs between 1996 and 2005.

According to the NSA’s documents, it programs its surveillance systems to focus on particular IP addresses – a set of numbers that identify a computer – associated with foreign countries. A classified 2012 memo describes the agency’s efforts to use IP addresses to home in on internet data passing between the U.S. and particular “regions of interest,” including Iran, Afghanistan, Israel, Nigeria, Pakistan, Yemen, Sudan, Tunisia, Libya, and Egypt. But this process is not an exact science, as people can use privacy or anonymity tools to change or spoof their IP addresses. A person in Israel could use privacy software to masquerade as if they were accessing the internet in the U.S. Likewise, an internet user in the U.S. could make it appear as if they were online in Israel. It is unclear how effective the NSA’s systems are at detecting such anomalies.

In October 2011, the Foreign Intelligence Surveillance Court, which approves the surveillance operations carried out under Section 702 of FISA, found that there were “technological limitations” with the agency’s internet eavesdropping equipment. It was “generally incapable of distinguishing” between some kinds of data, the court stated. As a consequence, Judge John D. Bates ruled, the NSA had been intercepting the communications of “non-target United States persons and persons in the United States,” violating Fourth Amendment protections against unreasonable searches and seizures. The ruling, which was declassified in August 2013, concluded that the agency had acquired some 13 million “internet transactions” during one six-month period, and had unlawfully gathered “tens of thousands of wholly domestic communications” each year.

The root of the issue was that the NSA’s technology was not only targeting communications sent to and from specific surveillance targets. Instead, the agency was sweeping up people’s emails if they had merely mentioned particular information about surveillance targets.

A top-secret NSA memo about the court’s ruling, which has not been disclosed before, explained that the agency was collecting people’s messages en masse if a single one were found to contain a “selector” – like an email address or phone number – that featured on a target list.

“One example of this is when a user of a webmail service accesses her inbox; if the inbox contains one email message that contains an NSA tasked selector, NSA will acquire a copy of the entire inbox, not just the individual email message that contains the tasked selector,” the memo stated.

The court’s ruling left the agency with two options: shut down the spying based on mentions of targets completely, or ensure that protections were put in place to stop the unlawfully collected communications from being reviewed. The NSA chose the latter option, and created a “cautionary banner” that warned its analysts not to read particular messages unless they could confirm that they had been lawfully obtained.

But the cautionary banner did not solve the problem. The NSA’s analysts continued to access the same data repositories to search, unlawfully, for information on Americans. In April 2017, the agency publicly acknowledged these violations, which it described as “inadvertent compliance incidents.” It said that it would no longer use surveillance programs authorized under Section 702 of FISA to harvest messages that mentioned its targets, citing “technological constraints, United States person privacy interests, and certain difficulties in implementation.”

The messages that the NSA had unlawfully collected were swept up using a method of surveillance known as “upstream,” which the agency still deploys for other surveillance programs authorized under both Section 702 of FISA and Executive Order 12333. The upstream method involves tapping into communications as they are passing across internet networks – precisely the kind of electronic eavesdropping that appears to have taken place at the eight locations identified by The Intercept.

DSC5709-SH-edit-1529525114

Photo: Frank Heath

Atlanta
51 Peachtree Center Avenue

The AT&T building in Atlanta was originally constructed in the 1920s as the main telephone exchange for the city’s downtown area. The art deco structure, made of limestone, was designed to be the largest in the city at the time at 25 stories tall. However, due to the Great Depression, plans were scaled back and at first, it only had six stories. Between 1947 and 1963, the building was upgraded to host 14 stories, and a large brown microwave tower – visible for miles – was also added. A profile of the building on the History Atlanta website notes that it contains “operations, phone exchanges and other communications equipment for AT&T.”

building-2-1528303742

Photo: Frank Heath

NSA and AT&T maps point to the Atlanta facility as being one of eight “peering” hubs that process internet traffic as part of the NSA surveillance program code-named FAIRVIEW. One former AT&T employee – who spoke on condition of anonymity – confirmed that the site was one of eight primary AT&T “Service Node Routing Complexes,” or SNRCs, in the U.S. NSA documents explicitly describe tapping into flows of data at all eight of these sites.

Information provided by a second former AT&T employee adds to the evidence linking the Atlanta building to NSA surveillance. Mark Klein, a former AT&T technician, alleged in 2006 that the company had allowed the NSA to install surveillance equipment in some of its network hubs. An AT&T facility in Atlanta was one of the spy sites, according to documents Klein presented in a court case over the alleged spying. The Atlanta facility was equipped with “splitter” equipment, which was used to make copies of internet traffic as AT&T’s networks processed it. The copied data would then be diverted to “SG3” equipment – a reference to “Study Group 3” – which was a code name AT&T used for activities related to NSA surveillance, according to evidence in the Klein case.

The Atlanta facility is likely of strategic importance for the NSA. The site is the closest major AT&T internet routing center to Miami, according to the NSA and AT&T maps. From undersea cables that come aground at Miami, huge flows of data pass between the U.S. and South America. It is probable that much of that data is routed through the Atlanta facility as it is being sent to and from the U.S. In recent years, the NSA has extensively targeted several Latin American countries – such as Mexico, Brazil, and Venezuela – for surveillance.

026V2098-1529092644

Photo: Henrik Moltke

Chicago
10 South Canal Street

Like many other major telecommunications hubs built during the late 1960s and early 1970s, the Chicago AT&T building was designed amid the Cold War to withstand a nuclear attack. The 538-foot skyscraper, located in the West Loop Gate area of the city, was completed in 1971. There are windows at both the top and bottom of the vast concrete structure, but 18 of its 28 floors are windowless.

According to the Chicago Sun-Times, the facility handles much of the city’s phone and internet traffic and is equipped with banks of routers, servers, and switching systems. “This building touches every single resident of the city,” Jim Wilson, an AT&T area manager, told the newspaper in 2016.

Photo: Henrik Moltke

One of the building’s architects, John Augur Holabird, said in a 1998 interview that it housed “a big switchboard.” He added: “In case the atomic bomb hits Milwaukee, you’ll be happy to know your telephone line will still go through even though the rest of us are wiped out. And that’s what that building was for.”

10 South Canal Street originally contained a million-gallon oil tank, turbine generators, and a water well, so that it could continue to function for more than two weeks without electricity or water from the city, according to Illinois broadcaster WBEZ. The building is “anchored in bedrock, which helps support the weight of the equipment inside, and gives it extra resistance to bomb blasts or earthquakes,” WBEZ reported.

Today, the facility contains six large V-16 yellow Caterpillar generators that can provide backup electricity in the event of a power failure, according to the Chicago Sun Times. Inside the skyscraper, AT&T stores some 200,000 gallons of diesel fuel, enough to run the generators for 40 days.

NSA and AT&T maps point to the Chicago facility as being one of the “peering” hubs, which process internet traffic as part of the NSA surveillance program code-named FAIRVIEW. Philip Long, who was employed by AT&T for more than two decades as a technician servicing its networks, confirmed that the Chicago site was one of eight primary AT&T “Service Node Routing Complexes,” or SNRCs, in the U.S. NSA documents explicitly describe tapping into flows of data at all eight of these sites.

building-6-1528303991

Photo: Mike Osborne

Dallas
4211 Bryan Street

This AT&T building is a fortified, cube-like structure, located in the Old East area of Dallas, not far from Baylor University Medical Center. Built in 1961, it is a light yellow-brown color with a granite foundation. Large vents are visible on the exterior of the building, as are several narrow windows, many of which appear to have been blacked out or covered in a reflective privacy glass.

The 4211 Bryan Street facility is located next to other AT&T-owned buildings, including a towering telephone routing complex that was first built in 1904. A piece about the telephone hub in the Dallas Observer described it as “an imposing, creepy building” that is “known in some circles as The Great Wall of Beige.”

building-7-1528304068

Photo: Mike Osborne

According to the Central Office website, which profiles telecommunications buildings across the U.S., the Dallas telephone hub is “the main regional tandem and AT&T for long distance and toll services in the Dallas Texas region.” Today, the building also has “major fiber connections to Plano, Irving, Tulsa, Oklahoma City, Ft. Worth, Abilene, Houston and Austin,” the website adds.

NSA and AT&T maps point to the 4211 Bryan Street facility as being one of the “peering” hubs, which process internet traffic as part of the NSA surveillance program code-named FAIRVIEW. A former AT&T employee confirmed that the site was one of eight primary AT&T “Service Node Routing Complexes,” or SNRCs, in the U.S. NSA documents explicitly describe tapping into flows of data at all eight of these sites.

building-8-1528304243

Photo: Henrik Moltke

Los Angeles
420 South Grand Avenue

At the time of its construction in 1961, the AT&T building known as the Madison Complex was the tallest building in downtown Los Angeles. It has since been dwarfed by a number of corporate office skyscrapers in the surrounding Financial District.

Located between Chinatown and the Staples Center, the fortress-like structure is one of the largest telephone central offices in the U.S. “The theoretical number of telephone lines that can be served from this office are 1.3 million and this office also serves as a foreign exchange carrier to neighboring area codes,” according to the Central Office, a website that profiles U.S. telecommunications hubs.

building-9-1528304318

“Untitled, or Bell Communications Around the Globe”. Mural by Anthony Heinsbergen (1961) on the West side of 420 South Grand Ave, La.

Photo: Henrik Moltke

The 448-foot, 17-story building is beige, rectangular, and mostly windowless. On its roof, there is a large microwave tower, which was originally used to transmit phone calls across a network of antennae. The tower’s technology became obsolete in the early 1990s, and it ceased to operate. It remains in place today as a sort of monument to outdated methods of communication and stands in contrast to the more modern buildings in the vicinity, many of them owned by banks.

The Madison Complex is located just two blocks from One Wilshire, which houses what is reportedly the most important internet exchange on the U.S. west coast. “Billions of phone calls, emails and internet pages pass through One Wilshire every week,” the Los Angeles Times reported in 2013, “because it is the primary terminus for major fiber-optic cable routes between Asia and North America.”

Due to the close proximity of the Madison Complex and One Wilshire, and their shared role as telecommunications hubs, it is likely that the buildings process some of the same data as it is being routed across U.S. networks.

NSA and AT&T maps point to the Madison Complex facility as being one of the “peering” hubs, which process internet traffic as part of the NSA surveillance program code-named FAIRVIEW. A former AT&T employee confirmed that the site was one of eight primary AT&T “Service Node Routing Complexes,” or SNRCs, in the U.S. NSA documents explicitly describe tapping into flows of data at all eight of these sites.

building-10-1528304345

Photo: Henrik Moltke

New York City
811 10th Avenue

It was built in 1964 as New York City’s first major telecommunications fortress. The striking concrete and granite AT&T building – located in the Hell’s Kitchen area about a 15-minute walk from Central Park – is 134 meters tall, with 21 floors, each one of them windowless and built to resist a nuclear blast.

A New York Times article published in 1975 noted that 811 10th Avenue was “the first of several windowless equipment buildings to be constructed” in the city, and added that its design initially “caused considerable controversy.”

building-11-1528304373

Aerial shot of 811 10th street, NYC, ca. 1965.

Photo: courtesy of Avery Architectural & Fine Arts Library, Columbia University

According to AT&T records, the building is a “hardened telco data center” and was upgraded in 2000 to become an internet data center. Thomas Saunders, a former AT&T engineer, told The Intercept that, in the 1970s, the building was considered to be “the biggest hub for transmission [of communications] in the country.” Saunders also claimed that, had Bush been in Manhattan during the 9/11 attacks, the Secret Service would have taken him to safety inside the AT&T facility. “It’s the strongest building in town,” he said.

026V2356-1529093799

Photo: Henrik Moltke

NSA and AT&T maps indicate that the 10th Avenue facility is one of eight “peering” hubs that process internet traffic as part of the NSA surveillance program code-named FAIRVIEW. Two former AT&T employees confirmed that the site was one of eight primary AT&T “Service Node Routing Complexes,” or SNRCs, in the U.S. NSA documents explicitly describe tapping into flows of data at all eight of these sites.

The design of the building bears some resemblance to another windowless building in New York City – AT&T’s towering skyscraper at 33 Thomas Street in lower Manhattan. As The Intercept reported in 2016, 33 Thomas Street is a major hub for routing international phone calls and appears to contain a secure NSA surveillance room – code-named TITANPOINTE – that has been used to tap into faxes and phone calls.

NSA and AT&T documents indicate that 10th Avenue building serves as the NSA’s internet equivalent of 33 Thomas Street. While the NSA’s surveillance at 33 Thomas Street mainly targets phone calls that pass through the building’s international switching points, at the 10th Avenue site the agency appears to primarily collect emails, online chats, and data from internet browsing sessions.

building-13-1528304435

Photo: Henrik Moltke

San Francisco
611 Folsom Street

This San Francisco AT&T building has been described as the city’s telecommunications “nerve center.” It is about 256 feet tall, has nine floors, and its exterior is covered in silver-colored panels; there are a series of vents that can be seen at street level, but there are few windows.

NSA and AT&T maps obtained by The Intercept indicate that 611 Folsom Street is one of the eight “peering” hubs in the U.S. that process internet traffic as part of the NSA surveillance program code-named FAIRVIEW. Philip Long, who was employed by AT&T for more than two decades as a technician servicing its networks, confirmed that the San Francisco site is one of eight primary AT&T “Service Node Routing Complexes,” or SNRCs, in the U.S. NSA documents explicitly describe tapping into flows of data at all eight of these sites.

building-14-1528304462

Photo: Henrik Moltke

Long recalled that, in the early 2000s, he “moved every internet backbone circuit I had in northern California” through the Folsom Street office. At the time, he said, he and his colleagues found it strange that they were asked to suddenly reroute all of the traffic, because “there was nothing wrong with the services, no facility problems.”

“We were getting orders to move backbones … and it just grabbed me,” said Long. “We thought it was government stuff and that they were being intrusive. We thought we were routing our circuits so that they could grab all the data.”

It is not the first time the building has been implicated in revelations about electronic eavesdropping. In 2006, an AT&T technician named Mark Klein alleged in a sworn court declaration that the NSA was tapping into internet traffic from a secure room on the sixth floor of the facility.

Klein, who worked at 611 Folsom Street between October 2003 and May 2004, stated that employees from the agency had visited the building and recruited one of AT&T’s management level technicians to carry out a “special job.” The job involved installing a “splitter cabinet” that copied internet data as it was flowing into the building, before diverting it into the secure room.

building-15-1528304523

The room at AT&T’s Folsom St. facility that allegedly contained NSA surveillance equipment.

Photo: Mark Klein

He said equipment in the secure room included a “semantic traffic analyzer” – a tool that can be used to search large quantities of data for particular words or phrases contained in emails or online chats. Notably, Klein discovered that the NSA appeared to be specifically targeting internet “peering links,” which is corroborated by the NSA and AT&T documents obtained by The Intercept.

“By cutting into the peering links, they get not only AT&T’s data, they get all the data that’s interchanged between AT&T’s network and other companies,” Klein told The Intercept in a recent interview.

According to documents provided by Klein, AT&T’s network at Folsom Street “peered” with other companies like Sprint, Cable & Wireless, and Qwest. It was also linked, he said, to an internet exchange named MAE West, a major data hub in San Jose, California, where other companies connect their networks together.

Sprint did not respond to a request for comment. A spokesperson for Cable & Wireless said the company only discloses data “when legally required to do so as a result of a valid warrant or other legal process.” In 2011, CenturyLink acquired Qwest as part of a $12.2 billion merger deal. A CenturyLink spokesperson said he could not discuss “matters of national security.”
The National Security Agency’s Seattle facility, located in the city’s downtown area, photographed on Wednesday, May 2, 2018, in Seattle, Wash. The 15-story gray building hosts the NSA, AT&T and Qwest Corporation communications. NSA and AT&T maps point to the Seattle facility as being of eight peering hubs that process internet traffic as part of the NSA surveillance program code-named FAIRVIEW. (Jovelle Tamayo for The Intercept)

Photo: Jovelle Tamayo for The Intercept

Seattle
1122 3rd Avenue

The Seattle facility is located in the city’s downtown area, not far from the waterfront. The gray building is 15 stories tall, with a dozen rows of narrow, blacked-out windows and vents that rise to its peak. According to public records, it was first constructed in 1955 and has reinforced concrete foundations and exterior walls that are supported by a steel frame.

Historically, the facility was an important communications switching point in the northwest of the U.S., routing calls between places like Bellingham, Spokane, Yakima, and north to Canada and Alaska. Today, the building appears to be primarily owned by the Qwest Corporation – a subsidiary of CenturyLink – but AT&T has a presence within it. AT&T’s logo is emblazoned on a plaque outside the building’s entrance.

Twenty-five miles north of Seattle, there is a major intercontinental undersea cable called Pacific Crossing-1, which routes communications between the U.S. and Japan; it is possible that the Seattle building processes some of these communications and others that pass between the U.S. west coast and Asia.

The National Security Agency’s Seattle facility, located in the city’s downtown area, photographed on Wednesday, May 2, 2018, in Seattle, Wash. The 15-story gray building hosts the NSA, AT&T and Qwest Corporation communications. NSA and AT&T maps point to the Seattle facility as being of eight peering hubs that process internet traffic as part of the NSA surveillance program code-named FAIRVIEW. (Jovelle Tamayo for The Intercept)

Photo: Jovelle Tamayo for The Intercept

NSA and AT&T maps point to the Seattle facility as being of eight “peering” hubs that process internet traffic as part of the NSA surveillance program code-named FAIRVIEW. A former AT&T employee confirmed that the site was one of eight primary AT&T “Service Node Routing Complexes,” or SNRCs, in the U.S. NSA documents explicitly describe tapping into flows of data at all eight of these sites.

building-18-1528304953

Photo: Henrik Moltke

Washington, D.C.
30 E Street Southwest

The building is a large, concrete, rectangular-shaped facility with few windows, located less than a mile south of the U.S. Capitol. Property tax records show that Verizon owns the majority of the property (worth $26 million), while AT&T owns a smaller part (worth $8.8 million). Plans of the building’s internal layout show that AT&T has space on the fourth, fifth, and sixth floors.

Central Office Buildings, a website that profiles telecommunications hubs in North America, describes the 30 E Street South West facility as “the granddaddy HQ of Verizon landline in Washington, DC.” It adds that the building contains a “a slew of switches of various types,” including AT&T equipment for routing long distance phone calls across networks.

building-19-1528305177

Photo: Mike Osborne

Capitol Police has an office located opposite the telecommunications hub, and a large number of police vehicles are usually located around the site. When The Intercept visited the facility to take photographs earlier this year, within a few minutes, several armed police officers arrived on the scene with dogs. They questioned our reporter, searched his car, and said that the building was considered critical infrastructure.

NSA and AT&T maps point to the Washington, D.C. facility as being one of eight “peering” hubs that process internet traffic as part of the NSA surveillance program code-named FAIRVIEW. A former AT&T employee confirmed that the site was one of eight primary AT&T “Service Node Routing Complexes,” or SNRCs, in the U.S. NSA documents explicitly describe tapping into flows of data at all eight of these sites.

Documents

Documents published with this article:

FAA702 comms memo
FAIRVIEW brief overview
FAIRVIEW overview with notes
SSO dictionary relevant entries
SSO news relevant entries
NSA’s SIDtoday on Executive Order 12333

We depend on the support of readers like you to help keep our nonprofit newsroom strong and independent. Join Us
Related
The NSA’s Spy Hub in New York, Hidden in Plain Sight
Source map blah blah
NSA’s Google for the World’s Private Communications
From left, FBI Director James Comey, Director of National Intelligence James Clapper, CIA Director John Brennan, and National Security Agency Director Adm. Michael Rogers, testify to Senate Intelligence Committee on Russia’s intelligence activities, at Dirksen Senate Office Building in Washington on Jan. 10, 2017. Photo: Riccardo Savi/Sipa via AP
Obama Opens NSA’s Vast Trove of Warrantless Data to Entire Intelligence Community, Just in Time for Trump
Ronald Reagan
The Ghost of Ronald Reagan Authorizes Most NSA Spying
Contact the author:

Ryan Gallagher
ryan.gallagher@​theintercept.com
@rj_gallagher

Henrik Moltke
moltke@​theintercept.com
@moltke
246 Comments (closed)
Join Our Newsletter
Original reporting. Fearless journalism. Delivered to you.
Weekly editor’s picks
Breaking stories and exclusives
2020 election coverage

Email list managed by MailChimp

III. AT&T collaborates on NSA spying through a web of secretive buildings in the US

Taylor Hatmaker@tayhatmaker / 1 year ago

FILE PHOTO NSA Compiles Massive Database Of Private Phone Calls

A new report from The Intercept sheds light on the NSA’s close relationship with communications provider AT&T.

The Intercept identified eight facilities across the U.S. that function as hubs for AT&T’s efforts to collaborate with the intelligence agency. The site first identified one potential hub of this kind in 2017 in lower Manhattan.

The report reveals that eight AT&T data facilities in the U.S. are regarded as high-value sites to the NSA for giving the agency direct “backbone” access to raw data that passes through, including emails, web browsing, social media and any other form of unencrypted online activity. The NSA uses the web of eight AT&T hubs for a surveillance operation code-named FAIRVIEW, a program previously reported by The New York Times. The program, first established in 1985, “involves tapping into international telecommunications cables, routers, and switches” and only coordinates directly with AT&T and not the other major U.S. mobile carriers.

AT&T’s deep involvement with the NSA monitoring program operated under the code name SAGUARO. Messaging, email and other web traffic accessed through the program was made searchable through XKEYSCORE, one of the NSA’s more infamous search-powered surveillance tools.

The Intercept explains how those sites give the NSA access to data beyond just AT&T subscribers:

The data exchange between AT&T and other networks initially takes place outside AT&T’s control, sources said, at third-party data centers that are owned and operated by companies such as California’s Equinix. But the data is then routed – in whole or in part – through the eight AT&T buildings, where the NSA taps into it. By monitoring what it calls the “peering circuits” at the eight sites, the spy agency can collect “not only AT&T’s data, they get all the data that’s interchanged between AT&T’s network and other companies,” according to Mark Klein, a former AT&T technician who worked with the company for 22 years.

The NSA describes these locations as “peering link router complex” sites while AT&T calls them “Service Node Routing Complexes” (SNRCs). The eight complexes are spread across the nation’s major cities, with locations in Chicago, Dallas, Atlanta, Los Angeles, New York City, San Francisco, Seattle and Washington, D.C. The Intercept report identifies these facilities:

Among the pinpointed buildings, there is a nuclear blast-resistant, windowless facility in New York City’s Hell’s Kitchen neighborhood; in Washington, D.C., a fortress-like, concrete structure less than half a mile south of the U.S. Capitol; in Chicago, an earthquake-resistant skyscraper in the West Loop Gate area; in Atlanta, a 429-foot art deco structure in the heart of the city’s downtown district; and in Dallas, a cube-like building with narrow windows and large vents on its exterior, located in the Old East district.

… in downtown Los Angeles, a striking concrete tower near the Walt Disney Concert Hall and the Staples Center, two blocks from the most important internet exchange in the region; in Seattle, a 15-story building with blacked-out windows and reinforced concrete foundations, near the city’s waterfront; and in San Francisco’s South of Market neighborhood, a building where it was previously claimed that the NSA was monitoring internet traffic from a secure room on the sixth floor.

While these facilities could allow for the monitoring of domestic U.S. traffic, they also process vast quantities of international traffic as it moves across the globe — a fact that likely explains why the NSA would view these AT&T nodes as such high-value sites. The original documents, part of the leaked files provided by Edward Snowden, are available in the original report.

Update: A representative from AT&T provided TechCrunch with the following comment.

“Like all companies, we are required by law to provide information to government and law enforcement entities by complying with court orders, subpoenas, lawful discovery requests and other legal requirements. And, we provide voluntary assistance to law enforcement when a person’s life is in danger and in other immediate, emergency situations. In all cases, we ensure that requests for assistance are valid and that we act in compliance with the law.

IV. NSA Spying

FAQ
How It Works
Key Officials
NSA Primary Sources
State Secrets Privilege
NSA Timeline 1791–2015
Word Games

NSA Spying

The US government, with assistance from major telecommunications carriers including AT&T, has engaged in massive, illegal dragnet surveillance of the domestic communications and communications records of millions of ordinary Americans since at least 2001. Since this was first reported on by the press and discovered by the public in late 2005, EFF has been at the forefront of the effort to stop it and bring government surveillance programs back within the law and the Constitution.

History of NSA Spying Information since 2005 (See EFF’s full timeline of events here)

News reports in December 2005 first revealed that the National Security Agency (NSA) has been intercepting Americans’ phone calls and Internet communications. Those news reports, combined with a USA Today story in May 2006 and the statements of several members of Congress, revealed that the NSA is also receiving wholesale copies of American’s telephone and other communications records. All of these surveillance activities are in violation of the privacy safeguards established by Congress and the US Constitution.

In early 2006, EFF obtained whistleblower evidence (.pdf) from former AT&T technician Mark Klein showing that AT&T is cooperating with the illegal surveillance. The undisputed documents show that AT&T installed a fiberoptic splitter at its facility at 611 Folsom Street in San Francisco that makes copies of all emails web browsing and other Internet traffic to and from AT&T customers and provides those copies to the NSA. This copying includes both domestic and international Internet activities of AT&T customers. As one expert observed, “this isn’t a wiretap, it’s a country-tap.”

Secret government documents, published by the media in 2013, confirm the NSA obtains full copies of everything that is carried along major domestic fiber optic cable networks. In June 2013, the media, led by the Guardian and Washington Post started publishing a series of articles, along with full government documents, that have confirmed much of what was reported in 2005 and 2006 and then some. The reports showed-and the government later admitted—that the government is mass collecting phone metadata of all US customers under the guise of the Patriot Act. Moreover, the media reports confirm that the government is collecting and analyzing the content of communications of foreigners talking to persons inside the United States, as well as collecting much more, without a probable cause warrant. Finally, the media reports confirm the “upstream” collection off of the fiberoptic cables that Mr. Klein first revealed in 2006. (See EFF’s How It Works page here for more)

EFF Fights Back in the Courts

EFF is fighting these illegal activities in the courts. Currently, EFF is representing victims of the illegal surveillance program in Jewel v. NSA, a lawsuit filed in September 2008 seeking to stop the warrantless wiretapping and hold the government and government officials behind the program accountable. In July 2013, a federal judge ruled that the government could not rely on the controversial “state secrets” privilege to block our challenge to the constitutionality of the program. On February 10, 2015, however, the court granted summary judgment to the government on the Plaintiffs’ allegations of Fourth Amendment violations based on the NSA’s copying of Internet traffic from the Internet backbone. The court ruled that the publicly available information did not paint a complete picture of how the NSA collects Internet traffic, so the court could not rule on the program without looking at information that could constitute “state secrets.” The court did not rule that the NSA’s activities are legal, nor did it rule on the other claims in Jewel, and the case will go forward on those claims.This case is being heard in conjunction with Shubert v. Obama, which raises similar claims.

In July, 2013, EFF filed another lawsuit, First Unitarian v. NSA, based on the recently published FISA court order demanding Verizon turn over all customer phone records including who is talking to whom, when and for how long—to the NSA. This so-called “metadata,” especially when collected in bulk and aggregated, allows the government to track the associations of various political and religious organizations. The Director of National Intelligence has since confirmed that the collection of Verizon call records is part of a broader program.

In addition to making the same arguments we made in Jewel, we argue in First Unitarian that this type of collection violates the First Amendment right to association. Previously, in Hepting v. AT&T, EFF filed the first case against a cooperating telecom for violating its customers’ privacy. After Congress expressly intervened and passed the FISA Amendments Act to allow the Executive to require dismissal of the case, Hepting was ultimately dismissed by the US Supreme Court.

In September of 2014, EFF, along with the American Civil Liberties Union (ACLU) and the American Civil Liberties Union of Idaho, joined the legal team for Anna Smith, an Idaho emergency neonatal nurse, in her challenge of the government’s bulk collection of the telephone records of millions of innocent Americans. In Smith v. Obama, we are arguing the program violated her Fourth Amendment rights by collecting a wealth of detail about her familial, political, professional, religious and intimate associations. In particular, we focus on challenging the applicability of the so-called “third party doctrine,” the idea that people have no expectation of privacy in information they entrust to others.

First Unitarian v. NSA: EFF’s case challenging the NSA’s phone metadata surveillance

Jewel v. NSA: EFF’s case challenging the NSA’s dragnet surveillance

Hepting v. AT&T: EFF’s case that challenged AT&T’s complicity in illegal NSA spying

Smith v. Obama: EFF’s appeal with the ACLU of an Idaho nurse’s challenge to the NSA’s phone metadata surveillance.
Protect digital privacy and free expression. EFF’s public interest legal work, activism, and software development preserve fundamental rights. DONATE TO EFF
EFF Related Content: NSA Spying

V. These towering, windowless, bomb-proof buildings in major US cities are reportedly part of an under-the-radar partnership between AT&T and the NSA

Sinéad Baker

Jun. 26, 2018, 12:10 PM

AT&T New York NSAA 21-story building in New York City that can survive a nuclear blast. Google Maps

T AT&T

AT&T has been helping the NSA with its mass surveillance programme, according to documents and sources obtained by The Intercept.

Eight AT&T buildings around the US, many fortified, are used as sites where the NSA can tap into phone, text, and browsing records from around the world, documents suggest.

A nuclear bomb-proof building in New York and a mostly windowless building in Los Angeles are among these sites.

AT&T did not address the claim, but said it fulfils its legal obligations. The NSA declined to comment.

AT&T has reportedly been collaborating with the National Security Agency (NSA) to allow it to review people’s texts, phone calls, and browsing data through eight fortress-like buildings across major US cities.

Online news site The Intercept has obtained documents and interviews suggesting the telecommunications company’s facilities in Atlanta, Chicago, Dallas, Los Angeles, New York City, San Francisco, Seattle, and Washington, DC, are central to an NSA initiative that has reviewed billions of emails, phone calls and online conversations from the US and around the world.

nsa AT&T mapA map of all eight AT&T facilities used by the NSA. Google Maps/Business Insider

While the eight buildings are known publicly as AT&T facilities, Monday’s report suggests that they are also used by the NSA for one of the agency’s largest surveillance programs, codenamed Fairview.

Known as “backbone” facilities, they process user data including emails, phone calls, online chats, social media updates, and browsing history of AT&T customers as well as other phone and internet providers.

When a network is overloaded with data, another operator can provide bandwidth in a process known as “peering.” AT&T is so large that it often does this, and transports the data from other companies’ users.

The NSA uses this large pool of data for Fairview, The Intercept said.
The facilities

Many of the the buildings are windowless, and constructed to withstand earthquakes and nuclear blasts. Here’s what we know about them:

51 Peachtree Center Avenue, Atlanta: This 14-story, art deco limestone structure was first built in the 1920s, and expanded between the 1947 and 1963. Documents and interviews have linked the building to NSA surveillance.

10 South Canal Street, Chicago: This facility was designed during the Cold War to survive a nuclear attack. Eighteen out of its 28 floors have no windows.

4211 Bryan Street, Dallas: This is also fortified with few windows, many of which appear to have been blacked out or covered in reflective glass.

420 South Grand Avenue, Los Angeles: This 17-story building is mostly windowless. A large tower on top was once used to transmit phone calls, though its technology is now obsolete and it is no longer used. It is one of the largest telephone central offices in the country.
AT&T Texas NSAOne of AT&T’s buildings in Dallas, Texas. Google Maps

811 10th Avenue, New York City: This windowless 24-story building, located 15 minutes from Central Park, was designed to withstand a nuclear blast. It appears to primarily collect online communications, such as emails and browsing data.

30 E Street Southwest, Washington, DC: This property, located less than a mile from the US Capitol, has few windows. Verizon owns a majority of this concrete building, while AT&T owns a smaller part and occupies the fourth, fifth, and sixth floors, property tax records indicated.

1122 3rd Avenue, Seattle: This 15-story building has blacked-out windows. It is in the city’s downtown area. The building appears to be primarily owned by the Qwest Corporation, according to The Intercept, but AT&T has a presence inside.

611 Folsom Street, San Francisco: This nine-story building is covered with silver-colored paneling on the outside, and there are few windows. A former AT&T employee told The Intercept of a room in the facility that allegedly contained NSA surveillance equipment.
Screen Shot 2018 06 26 at 13.49.59AT&T’s facility in San Francisco, which is reportedly used by the NSA. Google Maps
“Information that transits the nation”

AT&T, the world’s largest telecommunications company, is identified as the only company involved in Fairview. NSA documents state that the agency values AT&T because it “has access to information that transits the nation.”

AT&T processes data from other telecommunications companies such as Sprint and Cogent Communications in the US, and Telecom Italia in Italy and Deutsche Telekom in Germany.

Internet data and communications from around the world is processed by American companies if it arrives on US soil. A large portion of the world’s internet traffic, which passes through undersea cables, goes through the US due to the country’s geographical location and partly because of the popularity of American internet companies around the world.
Telegeography internet cables mapA map showing internet traffic around the world, as transported by undersea cables. Telegeography

Christopher Augustine, a spokesperson for the NSA, told The Intercept that the NSA could “neither confirm nor deny its role in alleged classified intelligence activities.”

The agency “conducts its foreign signals intelligence mission under the legal authorities established by Congress and is bound by both policy and law to protect US persons’ privacy and civil liberties,” he added.

AT&T Director of Corporate Communications Jim Greer told Business Insider in a statement:

“Like all companies, we are required by law to provide information to government and law enforcement entities by complying with court orders, subpoenas, lawful discovery requests and other legal requirements.

“And, we provide voluntary assistance to law enforcement when a person’s life is in danger and in other immediate, emergency situations. In all cases, we ensure that requests for assistance are valid and that we act in compliance with the law.”

The NSA has appeared to amp up its information collection. The agency said it collected more than 534 million records of phone calls and text messages from American providers in 2017 — more than three times what it collected the year before.

Business Insider has also contacted the NSA, Sprint, Telecom Italia, Deutsche Telekom, and Cogent Communications for comment.
Read The Intercept’s story here.
NOW WATCH: How to hack an election, according to a former NSA hacker

VI. AT&T Spies On Americans For Profit

In some unsettling news, AT&T was found to be colluding with law enforcement to spy on American citizens. If that wasn’t enough, the company apparently makes a profit from doing this.

Further Reading

EU Law Now Protects Dynamic IP Addresses

9 Ways to Boost Your Wi-Fi Signal
I, Spy

The Daily Beast reports that in 2013, officers working on a homicide case were trying to find a way to link a particular suspect to the crime. Even with DNA evidence, the law enforcement team just didn’t have enough to go on. But then they used Project Hemisphere.

Hemisphere is a secret project run by AT&T. It searches trillions of phone call records and analyzes cellular data. With this information, law enforcement can find the location of a target, the people he/she communicates with, and possibly even figure out why.

In 2013 The New York Times described Hemisphere as a “partnership” between AT&T and the government. The Justice Department said the program was “an essential, and prudently deployed, counter-narcotics tool.”

“an essential, and prudently deployed, counter-narcotics tool.”

But documentation by AT&T itself revealed that Hemisphere had far more uses besides drugs, such as homicide investigations and even Medicaid fraud. The project isn’t technically a partnership. Rather, it’s a product – one that AT&T developed, marketed and sold at the expense of taxpayers. Police and sheriff departments pay anywhere from $100,000 to $1 million for Hemisphere access.

Government agents don’t need a warrant to use this massive database of personal information. AT&T’s only requirement is that law enforcement must promise not to disclose Hemisphere if an investigation that makes use of it becomes public.

Although the US government requires telecommunications companies to share phone records, AT&T goes above and beyond with Hemisphere. Christopher Soghoian, a technology policy analyst at ACLU, said

“Companies have to give this data to law enforcement upon request, if they have it. AT&T doesn’t have to data-mine its database to help police come up with new numbers to investigate.”

I Spy For Profit

AT&T is in a unique position when it comes to customer data. The company owns more than 75% of U.S. landline switches. It also owns the second biggest wireless network infrastructure after Verizon. AT&T retains data from its cell towers going all the way back to July 2008. Far longer than other carriers. Verizon keeps records for a year, while Sprint keeps them for 18 months.

This isn’t even the first time that AT&T helped the government spy on its customers. In 2003, AT&T ordered Mark Klein – a technician for the company – to help the NSA install a bug into the carrier’s internet exchange point in San Francisco: Room 641A.
Image credit: Wired

Image credit: Wired

AT&T even invented a new programming language to efficiently mine its customer records for surveillance. In 2007 the carrier was criticized for handing documents over to the FBI. This was the same year that AT&T created Project Hemisphere.

By 2013 Hemisphere was deployed to three DEA High-Intensity Drug Trafficking Area (HIDTA) Investigative Support Centers. Today, the project is used in at least 28 of these centers all around the country. Federal agents and local law enforcement staff these areas.

AT&T employees are the ones that mine Hemisphere for data on behalf of law enforcement clients. Law enforcement never directly access the data. In a 2014 statement, AT&T wants Hemisphere to be as secretive as possible:

“The Government agency agrees not to use the data as evidence in any judicial or administrative proceedings unless there is no other available and admissible probative evidence…”

The Law

According to American law, people charged with a crime have the right to know the evidence against them during the trial. But Adam Schwartz, staff attorney for the Electronic Frontier Foundation, says AT&T’s statement means that the carrier leaves law enforcement no choice but to create a false story to cover up the fact that they used Hemisphere.

After AT&T gives officers a lead in an investigation using Hemisphere, it’s up to the investigators to use regular police work, like getting a court order for a wiretap or trailing a suspect. This is to come up with the same evidence that Hemisphere provided in order to prosecute. This process is called “parallel construction.”

Schwartz told The Daily Beast,

“This document here is striking. I’ve seen documents produced by the government regarding Hemisphere, but this is the first time I’ve seen an AT&T document which requires parallel construction in a service to government. It’s very troubling and not the way law enforcement should work in this country.”

The EFF, ACLU and Electronic Privacy Information Center have all expressed concern that Hemisphere surveillance is overly invasive and unconstitutional. Right now the EFF is waiting for a judge to rule on the Freedom of Information Act suit against the Department of Justice for Hemisphere documents.
Conclusion

Does this kind of behavior concern you? Does it even surprise you? Is this enough to make you leave AT&T? With AT&T’s monopoly on our communications is leaving them even feasable? Let us know what you think in the comments.

VII. AT&T Helped U.S. Spy on Internet on a Vast Scale

The National Security Agency’s headquarters in Fort Meade, Md. The agency has gotten access to billions of emails with the cooperation of AT&T.CreditSaul Loeb/Agence France-Presse — Getty Images

ImageThe National Security Agency’s headquarters in Fort Meade, Md. The agency has gotten access to billions of emails with the cooperation of AT&T.
The National Security Agency’s headquarters in Fort Meade, Md. The agency has gotten access to billions of emails with the cooperation of AT&T.CreditCreditSaul Loeb/Agence France-Presse — Getty Images

By Julia Angwin, Charlie Savage, Jeff Larson, Henrik Moltke, Laura Poitras and James Risen

Aug. 15, 2015

The National Security Agency’s ability to spy on vast quantities of Internet traffic passing through the United States has relied on its extraordinary, decades-long partnership with a single company: the telecom giant AT&T.

While it has been long known that American telecommunications companies worked closely with the spy agency, newly disclosed N.S.A. documents show that the relationship with AT&T has been considered unique and especially productive. One document described it as “highly collaborative,” while another lauded the company’s “extreme willingness to help.”

AT&T’s cooperation has involved a broad range of classified activities, according to the documents, which date from 2003 to 2013. AT&T has given the N.S.A. access, through several methods covered under different legal rules, to billions of emails as they have flowed across its domestic networks. It provided technical assistance in carrying out a secret court order permitting the wiretapping of all Internet communications at the United Nations headquarters, a customer of AT&T.
Sign Up for On Politics With Lisa Lerer

A spotlight on the people reshaping our politics. A conversation with voters across the country. And a guiding hand through the endless news cycle, telling you what you really need to know.

The N.S.A.’s top-secret budget in 2013 for the AT&T partnership was more than twice that of the next-largest such program, according to the documents. The company installed surveillance equipment in at least 17 of its Internet hubs on American soil, far more than its similarly sized competitor, Verizon. And its engineers were the first to try out new surveillance technologies invented by the eavesdropping agency.

Advertisement

One document reminds N.S.A. officials to be polite when visiting AT&T facilities, noting, “This is a partnership, not a contractual relationship.”
Newly Disclosed N.S.A. Files Detail Partnerships With AT&T and Verizon

These National Security Agency documents shed new light on the agency’s relationship through the years with American telecommunications companies. They show how the agency’s partnership with AT&T has been particularly important, enabling it to conduct surveillance, under several different legal rules, of international and foreign-to-foreign Internet communications that passed through network hubs on American soil.

The documents, provided by the former agency contractor Edward J. Snowden, were jointly reviewed by The New York Times and ProPublica. The N.S.A., AT&T and Verizon declined to discuss the findings from the files. “We don’t comment on matters of national security,” an AT&T spokesman said.

It is not clear if the programs still operate in the same way today. Since the Snowden revelations set off a global debate over surveillance two years ago, some Silicon Valley technology companies have expressed anger at what they characterize as N.S.A. intrusions and have rolled out new encryption to thwart them. The telecommunications companies have been quieter, though Verizon unsuccessfully challenged a court order for bulk phone records in 2014.

Advertisement

At the same time, the government has been fighting in court to keep the identities of its telecom partners hidden. In a recent case, a group of AT&T customers claimed that the N.S.A.’s tapping of the Internet violated the Fourth Amendment protection against unreasonable searches. This year, a federal judge dismissed key portions of the lawsuit after the Obama administration argued that public discussion of its telecom surveillance efforts would reveal state secrets, damaging national security.

The N.S.A. documents do not identify AT&T or other companies by name. Instead, they refer to corporate partnerships run by the agency’s Special Source Operations division using code names. The division is responsible for more than 80 percent of the information the N.S.A. collects, one document states.

Fairview is one of its oldest programs. It began in 1985, the year after antitrust regulators broke up the Ma Bell telephone monopoly and its long-distance division became AT&T Communications. An analysis of the Fairview documents by The Times and ProPublica reveals a constellation of evidence that points to AT&T as that program’s partner. Several former intelligence officials confirmed that finding.

A Fairview fiber-optic cable, damaged in the 2011 earthquake in Japan, was repaired on the same date as a Japanese-American cable operated by AT&T. Fairview documents use technical jargon specific to AT&T. And in 2012, the Fairview program carried out the court order for surveillance on the Internet line, which AT&T provides, serving the United Nations headquarters. (N.S.A. spying on United Nations diplomats has previously been reported, but not the court order or AT&T’s involvement. In October 2013, the United States told the United Nations that it would not monitor its communications.)

The documents also show that another program, code-named Stormbrew, has included Verizon and the former MCI, which Verizon purchased in 2006. One describes a Stormbrew cable landing that is identifiable as one that Verizon operates. Another names a contact person whose LinkedIn profile says he is a longtime Verizon employee with a top-secret clearance.

After the terrorist attacks of Sept. 11, 2001, AT&T and MCI were instrumental in the Bush administration’s warrantless wiretapping programs, according to a draft report by the N.S.A.’s inspector general. The report, disclosed by Mr. Snowden and previously published by The Guardian, does not identify the companies by name but describes their market share in numbers that correspond to those two businesses, according to Federal Communications Commission reports.

AT&T began turning over emails and phone calls “within days” after the warrantless surveillance began in October 2001, the report indicated. By contrast, the other company did not start until February 2002, the draft report said.

Advertisement

In September 2003, according to the previously undisclosed N.S.A. documents, AT&T was the first partner to turn on a new collection capability that the N.S.A. said amounted to a “ ‘live’ presence on the global net.” In one of its first months of operation, the Fairview program forwarded to the agency 400 billion Internet metadata records — which include who contacted whom and other details, but not what they said — and was “forwarding more than one million emails a day to the keyword selection system” at the agency’s headquarters in Fort Meade, Md. Stormbrew was still gearing up to use the new technology, which appeared to process foreign-to-foreign traffic separate from the post-9/11 program.

In 2011, AT&T began handing over 1.1 billion domestic cellphone calling records a day to the N.S.A. after “a push to get this flow operational prior to the 10th anniversary of 9/11,” according to an internal agency newsletter. This revelation is striking because after Mr. Snowden disclosed the program of collecting the records of Americans’ phone calls, intelligence officials told reporters that, for technical reasons, it consisted mostly of landline phone records.

That year, one slide presentation shows, the N.S.A. spent $188.9 million on the Fairview program, twice the amount spent on Stormbrew, its second-largest corporate program.

After The Times disclosed the Bush administration’s warrantless wiretapping program in December 2005, plaintiffs began trying to sue AT&T and the N.S.A. In a 2006 lawsuit, a retired AT&T technician named Mark Klein claimed that three years earlier, he had seen a secret room in a company building in San Francisco where the N.S.A. had installed equipment.

Mr. Klein claimed that AT&T was providing the N.S.A. with access to Internet traffic that AT&T transmits for other telecom companies. Such cooperative arrangements, known in the industry as “peering,” mean that communications from customers of other companies could end up on AT&T’s network.

After Congress passed a 2008 law legalizing the Bush program and immunizing the telecom companies for their cooperation with it, that lawsuit was thrown out. But the newly disclosed documents show that AT&T has provided access to peering traffic from other companies’ networks.

AT&T’s “corporate relationships provide unique accesses to other telecoms and I.S.P.s,” or Internet service providers, one 2013 N.S.A. document states.

Advertisement

Because of the way the Internet works, intercepting a targeted person’s email requires copying pieces of many other people’s emails, too, and sifting through those pieces. Plaintiffs have been trying without success to get courts to address whether copying and sifting pieces of all those emails violates the Fourth Amendment.

Many privacy advocates have suspected that AT&T was giving the N.S.A. a copy of all Internet data to sift for itself. But one 2012 presentation says the spy agency does not “typically” have “direct access” to telecoms’ hubs. Instead, the telecoms have done the sifting and forwarded messages the government believes it may legally collect.

“Corporate sites are often controlled by the partner, who filters the communications before sending to N.S.A.,” according to the presentation. This system sometimes leads to “delays” when the government sends new instructions, it added.

The companies’ sorting of data has allowed the N.S.A. to bring different surveillance powers to bear. Targeting someone on American soil requires a court order under the Foreign Intelligence Surveillance Act. When a foreigner abroad is communicating with an American, that law permits the government to target that foreigner without a warrant. When foreigners are messaging other foreigners, that law does not apply and the government can collect such emails in bulk without targeting anyone.

AT&T’s provision of foreign-to-foreign traffic has been particularly important to the N.S.A. because large amounts of the world’s Internet communications travel across American cables. AT&T provided access to the contents of transiting email traffic for years before Verizon began doing so in March 2013, the documents show. They say AT&T gave the N.S.A. access to “massive amounts of data,” and by 2013 the program was processing 60 million foreign-to-foreign emails a day.

Because domestic wiretapping laws do not cover foreign-to-foreign emails, the companies have provided them voluntarily, not in response to court orders, intelligence officials said. But it is not clear whether that remains the case after the post-Snowden upheavals.

“We do not voluntarily provide information to any investigating authorities other than if a person’s life is in danger and time is of the essence,” Brad Burns, an AT&T spokesman, said. He declined to elaborate.
Correction: Aug. 15, 2015

An earlier version of a picture caption with this article misstated the number of emails the National Security Agency has gotten access to with the cooperation of AT&T. As the article correctly noted, it is in the billions, not trillions.

A version of this article appears in print on Aug. 15, 2015, on Page A1 of the New York edition with the headline: AT&T Helped U.S. Spy on Internet on a Vast Scale. Order Reprints | Today’s Paper | Subscribe

VIII. 8 AT&T buildings that are ‘central to NSA spying’

Here are eight AT&T-owned locations, buildings that are reportedly central to the NSA’s internet spying purposes.

Have you ever wondered what locations on American soil serve as backbone or “peering” facilities that the NSA might secretly be using for eavesdropping purposes?

The Intercept revealed eight such AT&T-owned locations: two in California, one in Washington, another in Washington, D.C., one in New York, one in Texas, one in Illinois, and one in Georgia. You might pass by these AT&T buildings having no idea that they are “central to an NSA spying initiative that has for years monitored billions of emails, phone calls, and online chats passing across U.S. territory.”

While neither AT&T nor NSA spokespeople would confirm that the NSA has tapped into data at these eight locations that normally route telecom companies’ data traffic, former AT&T employees did confirm the locations of the “backbone node with peering” facilities. AT&T refers to the peering sites as “Service Node Routing Complexes.”

[ Read also: Russian hackers used leaked NSA hacking tool to spy on hotel guests. | Get the latest from CSO: Sign up for our newsletters. ]

The Intercept explained various code-named NSA surveillance programs, previously made public thanks to Edward Snowden, which seem to have taken place at these eight AT&T facilities.

ADVERTISING

In addition, the Intercept article cites “a top-secret NSA memo” that “has not been disclosed before;” the memo “explained that the agency was collecting people’s messages en masse if a single one were found to contain a ‘selector’ – like an email address or phone number – that featured on a target list.”

“One example of this is when a user of a webmail service accesses her inbox; if the inbox contains one email message that contains an NSA tasked selector, NSA will acquire a copy of the entire inbox, not just the individual email message that contains the tasked selector,” the memo stated.

The NSA’s past activity

There’s a bit of a history lesson included in the article, going over how the NSA was hoovering emails if they mentioned information about surveillance targets, including domestic communications that violated citizens’ Fourth Amendment right to be protected against unreasonable searches and seizures.

The NSA moved to using a cautionary banner that warned analysts not to read the communication unless it had been lawfully obtained. The NSA acknowledged the violations in April 2017. The messages had reportedly been part of upstream surveillance allowed under Executive Order 12333. After receiving a NSA memo via Freedom Of Information Act (FOIA) request, the ACLU previously warned that NSA analysts might even be “laughing at your sex tape” thanks to surveillance under EO 12333.

[ Prepare to become a Certified Information Security Systems Professional with this comprehensive online course from PluralSight. Now offering a 10-day free trial! ]

At any rate, according to The Intercept, the eight AT&T buildings that have secretly served as NSA spying hubs for monitoring “billions of emails, phone calls, and online chats” – codenamed FAIRVIEW for NSA surveillance – are located at:
First Gartner Market Guide for Network Traffic Analysis

SponsoredPost Sponsored by ExtraHop

First Gartner Market Guide for Network Traffic Analysis

Download a complimentary copy of Gartner’s first NTA Market Guide and get our top three takeaways including how security leaders should evaluate vendors and where the most exciting innovations are.

30 E Street Southwest in Washington, D.C.
1122 3rd Avenue in Seattle, Washington
611 Folsom Street in San Francisco, California
811 10th Avenue in New York City
420 South Grand Avenue in Los Angeles, California
4211 Bryan Street in Dallas, Texas
10 South Canal Street in Chicago, Illinois
51 Peachtree Center Avenue in Atlanta, Georgia

Next read this

The new CISO’s playbook: 5 rules to follow
12 tips for effectively presenting cybersecurity to the board
Top cyber security certifications: Who they’re for, what they cost, and which you need
6 steps for building a robust incident response plan
8 cheap or free cybersecurity training resources
Whip your information security into shape with ISO 27001
Securing risky network ports
Top 9 cybersecurity M&A deals of 2018 and 2019 (so far)

Related:

Security Privacy

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues.
Follow

Get the best of CSO … delivered. Sign up for our FREE email newsletters!