One slide emphasised the dates when Silicon Valley’s technology companies apparently signed up and become corporate partners of the spy agency. The first to provide PRISM material was Microsoft. The date was 11 September 2007. This was six years after 9/11. Next came Yahoo (March 2008) and Google (January 2009). Then Facebook (June 2009), PalTalk (December 2009), YouTube (September 2010), Skype (February 2011) and AOL (March 2011). For reasons unknown, Apple held out for five years. It was the last major tech company to sign up. It joined in October 2012 – exactly a year after Jobs’s death.
The top-secret PRISM program allows the US intelligence community to gain access to a large amount of digital information – emails, Facebook posts and instant messages. The rationale is that PRISM is needed to track foreign terrorists living outside the US. The data-collection program does not apparently require individual warrants. Rather, federal judges give their broad approval to PRISM under the FISA. By the time Snowden revealed PRISM, at least nine technology companies were on board. (The slides show Dropbox was slated to join; Twitter was missing.)
The most bitter and contentious question is how the NSA accesses this personal data. The key slide claims the data is collected ‘directly from the servers’ of the nine ‘US service providers’, Google, Yahoo and the rest.
Speaking in Hong Kong, Snowden was adamant this ‘direct access’ was indeed how PRISM worked. He told Greenwald: ‘The US government co-opts US corporate power to its own ends. Companies such as Google, Facebook, Apple and Microsoft all get together with the NSA. [They] provide the NSA direct access to the backends of all of the systems you use to communicate, to store data, to put things in the cloud, and even just to send birthday wishes and keep a record of your life. They give [the] NSA direct access, so that they don’t need to oversee, so they can’t be held liable for it.’
The leaked PRISM documents come from a training manual for NSA staff. It sets out several steps. First, a complex ‘tasking’ process. Analysts use or ‘task’ PRISM to find a new surveillance target. Next, a supervisor reviews the analyst’s search terms, known as selectors. After that the supervisor then has to agree with the analyst’s ‘reasonable belief’ the target lives outside the US. (This bar is pretty low, and defined as ‘51 per cent confidence’.)
Once the target has been agreed, PRISM gets to work. Sophisticated FBI equipment at the tech companies extracts matching information. The FBI has its own database to weed out – or ‘research and validate’, as the slide puts it – US persons whose data may have been sucked up by mistake. (This system, however, isn’t foolproof.) The FBI then gives this data to the NSA. An array of NSA analytical tools processes it. These include MARINA, which sifts and stores internet records, MAINWAY for call records, PINWALE which does video, and NUCLEON, voice.
Another slide says that the NSA has ‘real-time reporting capability’. In other words, the agency is notified each time a target sends an email, writes a text, begins a chat, or even fires up their computer.
Snowden’s slide gives some sense of just how important PRISM has become to US intelligence efforts. As of 5 April 2013, the US had 117,675 active surveillance targets in its PRISM database. According to the Washington Post, much PRISM-derived intelligence ends up on President Obama’s desk; it accounts for one in seven intelligence reports. British spies get to read it too.
The training manual gives the impression that Silicon Valley is actively collaborating with the NSA, albeit with varying degrees of enthusiasm. The corporate logos of all of nine tech companies appear on the top of each PRISM slide. Jobs’s Apple is among them. The logos look like shiny, colourful butterflies.
Snowden says it was his concerns over PRISM that pushed him towards whistleblowing. It was one of the first documents he leaked to Greenwald and Poitras. But PRISM was only one important element in a troubling picture. Over the last decade the US had been secretly working to gather practically all communications entering and leaving the US.
The NSA’s original mission was to collect foreign intelligence. But it appears to have drifted away from its original goal, like a vast supertanker floating away from its anchor. It is now sucking in a lot of domestic communications. In this new era of Big Data, the agency moved from the specific to the general; from foreign targeting to what Snowden called ‘omniscient, automatic, mass surveillance’.
The agency’s other big operation, its highly sensitive cable-tapping program, ran parallel to GCHQ’S British TEMPORA project and was codenamed UPSTREAM. It gives the NSA direct access to the fibre-optic cables carrying internet and telephone data into, out of and around the US.
UPSTREAM is explained in one slide ‘as the collection of communications on fibre cables and infrastructure as data flows past’. The slide shows a map of the US with brown cables extending in both directions across the Pacific and Atlantic oceans. The diagram looks like the thick tentacles of an enormous sea creature. Seemingly, the US has international cable taps in South America, East Africa and the Indian Ocean. There are green loops around the cables. They link to a box marked UPSTREAM. Below is a second box labelled PRISM. Linking both boxes is an instruction to the agency’s data collectors: ‘You should use both.’
According to author James Bamford, citing earlier NSA whistleblower William Binney, UPSTREAM captures 80 per cent of communications. PRISM scoops up anything that UPSTREAM may have missed.
Snowden referred to UPSTREAM when he told Greenwald: ‘The NSA doesn’t limit itself to foreign intelligence. It collects all communications that transit the US. There are literally no ingress or egress points anywhere in the continental US where communications can enter or exit without being monitored and collected and analysed.’
Since a large amount of the world’s internet traffic travels through the US and 25 per cent of it also crosses Britain, the two spy agencies between them have the ability to hack most of the globe’s key communications. A 2009 report by the NSA’s inspector general, leaked by Snowden, acknowledges this. It says: ‘The United States carries out foreign intelligence activities through a variety of means. One of the most effective means is to partner with commercial entities to obtain access to information that otherwise would not be available.’
The report refers to ‘America’s homefield advantage as the primary hub for worldwide telecommunications’. It says that the NSA currently has relationships with over ‘100 US companies’. This private sector/spy agency collaboration stretches ‘as far back as World War Two’.
Thanks to ties to two unnamed companies in particular, the NSA is able to eavesdrop on the world, or as the inspector general puts it, access ‘large volumes of foreign-to-foreign communications transiting the United States through fibre-optic cables, gateway switches and data networks’.
The US has the same ‘advantage’ when it comes to international telephone calls. Most international calls are routed through a small number of switches or ‘choke-points’ in the international telephone system, en route to their final destination. Many are in the US. The country is a ‘major crossroads for international switched telephone traffic’, the report says. It gives striking figures: of the 180 billion minutes of telephone communications in 2003, 20 per cent came from or terminated in the US, and 13 per cent transited the US. The internet numbers are bigger. In 2002 only a small fraction of international internet traffic went via non-US routes.