TR Member Perks!

Yesterday, The New York Times and ProPublica jointly revealed some NSA documents that were provided to them by Edward Snowden. These documents show AT&T had an extremely close relationship with the NSA. Although bulk collection of phone records by the NSA is well known, telecommunications companies are legally obligated to cooperate with the NSA in that case thanks to The Patriot Act (at least the most common interpretation of The Patriot Act, some argue it doesn’t actually justify bulk collection of phone records). However, it appears AT&T was unique among telecommunications companies and had an especially close relationship with the NSA, which is described in the documents as “highly collaborative” as well as praising the company’s “extreme willingness to help.”

The numerous documents that were released are from a decade-long period from 2003 to 2013, and reveal a wide range of activities. AT&T has given the NSA access to billions of emails that have traveled across its network. AT&T also cooperated with the NSA in wiretapping the United Nations headquarters, and turning over all of its Internet communications. The NSA has installed surveillance equipment at 17 of AT&T’s Internet hubs in America, and AT&T engineers are the first to test out new surveillance technologies developed by the NSA.

AT&T is not mentioned by name in the document, but is referred to by the code name Fairview. There is strong evidence throughout the documents that makes it clear the Fairview is AT&T, such as references to a Fairview trans-pacific fiber optic cable that was damaged in the Japanese earthquake in 2011 and later repaired, which has details that match up with a cable operated by AT&T. The Fairview program is one of the NSA’s oldest operations, dating back to 1985. According to one document, the Fairview division is responsible for more than 80% of the information collected by the NSA.

Another program mentioned in the documents is Stormbrew, which evidence indicates that it refers to Verizon and the former company MCI which was purchased by Verizon. The documents show AT&T’s eagerness to assist the NSA compared to MCI. AT&T began turning over phone calls and emails within days of the NSA request when warrantless surveillance began in October 2001, while MCI didn’t turn any over until February 2002. In 2003 AT&T was the first company to turn on a new collection capability which the documents claim “amounted to a live presence on the global net” for the NSA. It was also revealed that in 2011, AT&T was giving 1.1 billion domestic cellphone record a day to the NSA, which may come as a surprise to some. At the time of the initial Snowden leaks, it was believed that most collected records came from landlines because of technical reasons.

These documents may not be entirely shocking, many have already speculated on the collaboration between the NSA and AT&T. The EFF has an ongoing lawsuit against the NSA. The lawsuit was filed in 2008, and claims that the NSA and AT&T are working together to violate 4th amendment rights of Americans. The lawsuit was based on documents provided by a former AT&T technician that indicate that the AT&T routed copies of Internet traffic to a room in San Francisco controlled by the NSA. The EFF is hoping these newly released documents will further bolster their case, which is currently under appeal in the Ninth Circuit.

Is anyone really surprised by this revelation? Leave your comments below.

Max Michael

Senior Writer

I’m a technology reporter located near the Innovation District of Kitchener-Waterloo, Ontario.

  • braneman

    I can see why we don’t write about dysotopian surveillance futures anymore, I mean in order for it to be a dysotopian future it has to actually be worse than the present we already live in.

  • Haze

    they suck

  • moose

    Its getting to the point where I am considering just writing letters with pen and paper to people who I don’t need a response from that minute. I also have no interest in replacing my years old smartphone as many new ones have fingerprint reading capabilities, and collection of biometric data is in a whole other league of wrong compared to what we know about. I don’t know whether its collected or not but I’m not taking that risk. Even when I went to the opticians they wanted to know what felt like everything about me. When he asked whether I had any hobbies I just said “no”.

  • Niwjere

    You should feel comfortable sharing information with your healthcare providers. I work for one of the world’s biggest medical records software developers, and I can tell you from experience that everything is locked down to such a degree that an entire boatload of paranoid pirates wouldn’t have dreamed up the security restrictions on your medical record.

    That said, communications technology is and always has been a trade-off: security for convenience. Whispering a secret to a friend while on a remote, unsurveilled island is about as secure as you’re going to get. You don’t go to a remote island because that’s inconvenient; you just whisper the secret to him wherever you might be at the time and assume that that’s good enough. You could take another step down the road of convenience and send him a letter with your secret, thus running the risk of the letter being lost and/or read by someone else. You could go still further and transmit your secret electronically, resulting in its being present on multiple servers in multiple locations simultaneously.

    The more convenient your communications method is, the less control you have over it (almost by definition) and the less secure it therefore is. This isn’t something the law can do anything about; we can’t legislate reality. The only relevant question here is just how far you’re willing to go — how much security are you willing to potentially sacrifice for your own convenience?

  • moose

    its not the healthcare providers I have a problem with. in the UK at least the information I share with my doctor is being shared with more and more people with varying degrees of confidentiality, with varying track records of honouring that confidentiality. even a minor data breach could see my GP struck off the register and never doing their high five/low six figure job again, so I trust them because the risk isn’t worth it to them. but some of the third party international companies which have access to it I wouldn’t trust with my car keys. if my private and sensitive information stayed within a publicly owned health service I would have no problem sharing it with the people highly paid to help me.
    And as for security vs convenience, your right. unfortunately a majority of people are a bad mixture of lazy and oblivious to what has happened in the past when we have had this level of spying.