Internet surveillance:past, present and future

Ian Brown

UKUSA alliance•Based on US-UK cooperation during

Second World War•Canada, Australia and New Zealand

have also become “second parties”•UK handles Europe, Africa and

European CIS; US Asian CIS; Australia South Pacific and South-East Asia

•Cooperates with Germany, Japan, China…

• Echelon

• Frenchelon

• Multinationals

“We steal secrets with espionage, with communications, with reconnaissance satellites” –James Woolsey

Source: Campbell (1999)

Menwith HillOfficially RAF base; is run by NSA

Source: Campbell (1999)

Radio interception

High frequency radio interception antenna (AN/FLR9)

Source: Campbell (1999)

Microwave interception• Microwave links carry signals between cities, but spill out into space

• CANYON and CHALET US satellites collect signals from Soviet Union, Middle East

Source: Campbell (1999)

Submarine interception• Underwater cable interception in Okhotsk Sea (1971) and Barents Sea (1979)

• USS Jimmy Carter specially designed with “ocean interface” for underwater divers (2005)

Source: US Department of Defense

Source: TeleGeography

Hepting v. AT&T and Jewel v. NSA plaintiffs alleged Narus DPI equipment (monitors OC-192 link in real-time) installed in San Francisco, Seattle, San Jose, Los Angeles and San Diego, and NSA given access to Daytona 300+ terabyte database of comms data

Communications exchange interception 1995

Internet site Location Operator Designation

FIX East College Park, MD US government FIX

FIX West Mountain View US government FIX

MAE East Washington, DC MCI MAN

New York NAP Pennsauken, NJ Sprintlink NAP

SWAB Washington, DC PSInet / Bell Atlantic

SMDS DC Area Bypass

Chicago NAP Chicago Ameritech / Bellcorp

NAP

San Francisco NAP San Francisco Pacific Bell NAP

MAE West San Jose MCI MAN

CIX Santa Clara CIX CIX

Comms data requests/m people

Data: European Commission review of Data Retention Directive; IMF World Economic Outlook

What the watchers want• “advance passenger information, airline

bookings and other travel data, passport and biometric data, immigration, identity and border records, criminal records, and other governmental and private sector data, including financial and telephone and other communication records… and in some cases the ability to apply data mining and pattern recognition software to databases, might well be the key to effective pre-emption in future terrorist cases.”

• “Finding out other people’s secrets is going to involve breaking everyday moral rules. So public trust in the essential reasonableness of UK police, security and intelligence agency activity will continue to be essential.” –Sir David Omand (2009) p.9

Efficacy of data mining

•~5000 Americans surveilled over 4 years; led to <10 warrants per year

•“[T]here is not a consensus within the relevant scientific community nor on the committee regarding whether any behavioral surveillance … techniques are ready for use at all in the counterterrorist context" –US National Research Council (2008) p.4

What the watchers want 2.0•“social media intelligence … could contribute

decisively to public safety: identifying criminal activity; giving early warning of disorder and threats to the public; or building situational awareness in rapidly changing situations”

•“information can also be identified and extracted regarding when a group is planning demonstrations or flashmobs, which could lead to violence or increasing community tensions” (Omand, Bartlett and Miller 2012)

1 Visitor control center2 Administration3 Data halls: Four 25,000-square-foot server halls4 Backup generators and fuel tanks5 Water storage and pumpingAble to pump 1.7 million gallons of liquid per day.6 Chiller plant: About 60,000 tons of cooling equipment7 Power substation: estimated 65-megawatt demand8 Security: Video surveillance, intrusion detection, and other protection will cost more than $10 million.Source: Wired, U.S. Army Corps of Engineers Conceptual Site plan

Source: The Guardian, 16 January 2011

Insider threatsInformation required Price paid to ‘blagger’ Price

charged

Occupant search not known £17.50

Telephone reverse trace £40 £75

Friends and Family £60 – £80 not known

Vehicle check at DVLA £70 £150 – £200

Criminal records check not known £500

Locating a named person not known £60

Ex-directory search £40 £65 – £75

Mobile phone account not known £750

Licence check not known £250

Source: What price privacy? UK Information Commissioner’s Office (2006)

Conclusion

•UKUSA allies spend many billions of dollars per year on COMINT

•Internet and fibre optics initially proved challenging; now main problem is dealing with the mountains of data captured inc. “SOCMINT”

•HTTPS may speed transition from COMINT to access to data at rest

•Intelligence agencies are not the only watchers

References• Duncan Campbell (1999) The state of the art in

communications Intelligence. Working document for European Parliament DG Research, PE 168. 184 Vol 2/5

• US National Research Council (2008) Protecting Individual Privacy in the Struggle Against Terrorists: A Framework for Program Assessment, National Academies Press

• I. Brown & D. Korff (2009) Terrorism and the Proportionality of Internet Surveillance, European Journal of Criminology, 6(2) pp.119-134

• D. Omand (2009) The National Security Strategy: Implications for the UK intelligence community, Institute for Public Policy Research

• D. Omand, J. Bartlett & C. Miller (2012) #Intelligence, Demos