Edward Snowden: An A-Z of surveillance
- Published
What we've learned about electronic eavesdropping from the Edward Snowden situation - in a handy print-out-and-keep lexicon of state surveillance.
APPLE: Computer behemoth and partner in US government surveillance programs. It revealed it had received between 4,000 and 5,000 US government requests for access to user accounts in six months starting 1 December 2012. Many would relate to criminal inquiries rather than intelligence work.
BLARNEY: Collection of surveillance information by tapping choke points on the information superhighway. (Fairview is another project doing the same, but the precise differentiation between these methods is not yet clear.)
BOUNDLESS INFORMANT: National Security Agency (NSA) tool measuring the total volume of communications "metadata" (see below for definition) gathered globally in order to analyse its flows, and the agency's tasking.
COMINT: COMmunications INTelligence, in the jargon of the community. This once applied simply to phone and radio traffic between people, but today it includes the full gamut of internet-based options too. The flag COMINT attached to a security classification, as on some of the documents released by Edward Snowden, means that those handling the traffic need to be trained or "indoctrinated" in the special security procedures relating to this material, and subject to special security clearances.
DPI or DEEP PACKET INSPECTION: A method of scanning passing data such as emails. It is used by operators both to provide protection against viruses and to discover more about a subscriber's interests or habits. In a national security context, it eases the bulk filtering of data as it passes certain choke points.
ECUADOR: Considering Edward Snowden's application for asylum and also harbouring Wikileaks founder Julian Assange at its London embassy, to which he fled to avoid extradition to Sweden, where he has been accused of sex crimes.
FACEBOOK: The social media giant has revealed that during the second half of 2012 it had received between 9,000 to 10,000 US government requests to access its users' data (presumably under PRISM, although the company said it had not heard of the term - unsurprising since the codewords are themselves classified). Many of the requests to Facebook would relate to criminal rather than national security enquiries.
FISA: US Foreign Intelligence Surveillance Act of 1978, gives its name to the court that authorises eavesdropping operations. It is meant to give specific authorisation to any interception of communications by an American citizen. The act was amended in 2008 in the light of legal battles over President Bush's post-9/11 surveillance. Its sessions are secret and it refuses government applications in less than 1% of cases.
GCHQ: Government Communications Headquarters, Britain's secret eavesdropping organisation.
GOOGLE: Participated in the Prism programme and says it now wants to release figures for the numbers of requests it received for data, but has been blocked from doing so by the US authorities.
HAWAII STATION: The NSA facility where Edward Snowden worked when he decided to turn whistleblower. The Regional Operations Security Centre there was subject of a $310m investment and expansion project concluded in 2010. Its position in the mid-Pacific near numerous telecoms hubs make it an ideal place for espionage on the Far East.
INTELLIGENCE SERVICES ACT 1994: Regulates UK intelligence gathering by GCHQ and SIS (Secret Intelligence Service, or MI6), and puts in place methods for authorising broad categories of information subject to approval by government ministers.
JOINT APPS: Eavesdropping organisation, the logo of which appears on the top of one of the leaked Snowden slide presentations. It is so secret that its existence was not previously in the public domain. Some experts have speculated that it may be the successor to the Special Collection Service, a joint CIA/NSA department responsible for covertly planting bugging equipment.
KEYHOLE: Codeword for imagery coming from satellites.
LINK ANALYSIS: A key technique in interpreting metadata. Performed by computer at high speed, it can flag up phone numbers or email addresses for further attention because of the pattern of others they have been used to contact.
MAINWAY: NSA database of phone metadata.
MARINA: NSA database of internet metadata.
METADATA: Literally data about data. In the sigint context, with email, it is generally used to mean the sender and recipient email addresses, their IP addresses, the message file size, and sometimes the top or subject line of the message. With phones it means the numbers of the two parties to the call and its duration. Phone companies often also keep geo-locational information too, the location of the nearest cell phone antenna to each of the callers - however, the Director of the NSA, responding to the Snowden revelations, has suggested that his organisation does not usually store the geo-locational information for mobile phone calls. Authorities in the US and elsewhere have sought to justify their wholesale collection of metadata by pointing to laws that exclude this information from the definition of "communication" between individuals, ie the content of messages, the interception of which would require specific authorisation under warrant.
NOFORN: "Not for foreign distribution" - a US security term used on the classification of some of the Snowden slides.
NUCLEON: NSA project for global interception of telephone call content.
OVERSIGHT: Applied by the intelligence committees of Congress in the US, or the intelligence service commissioners as well as the parliamentary intelligence and security committee in the UK. The Snowden disclosures have shown up the limitations of these arrangements in which legislators or judges are briefed by the agencies under circumstances of strict secrecy, making it very hard to relay their concerns to the wider public.
PRISM: Interception of internet content under warrant and with the cooperation of service providers. Snowden argues he has proof it can be done without legal safeguard, but has not yet furnished it.
QUINTILLION: a measure in the US numeric system of 10 to the power of 18. It has been used to express the mind-boggling data storage requirements of the NSA's global harvesting of metadata. Its new $2bn Utah Data Center is estimated by experts to be capable of storing up to 500 quintillion pages of data.
RIPA: Regulation of Investigatory Powers Act 2000, the legal basis for UK surveillance of individuals including the content of their phone and internet communications. The intelligence services or police must apply for a warrant under this legislation.
STELLARWIND: Term for broad US surveillance encompassing phone and internet use that ran between the 9/11 attacks and March 2004.
TEMPORA: GCHQ project for the bulk collection of phone and internet traffic from tapped fibre-optic cables entering the UK. Content is kept for three days, metadata for 30 days.
UPSTREAM: Term used in one of Snowden's NSA slides to differentiate the agency's activities for taking data from internet and communications backbone facilities rather than the servers of partner companies.
UK/USA AGREEMENT: Signed in 1946 and subsequently extended to include Australia, Canada and New Zealand, it forms the legal basis for extensive signals intelligence cooperation between the English-speaking powers. It is also sometimes referred to as the Five Eyes partnership.
VERIZON: US cellular phone operator, and subject of a FISA court order to reveal the metadata of its subscribers' accounts that Snowden allegedly copied while on a training course at NSA headquarters.
WIKILEAKS: Campaigning group initially shunned by Edward Snowden when making his disclosures, he embraced Wikileaks when planning his escape from Hong Kong.
X STATION: Actually the Roman numeral 10, original codename for the Government Code and Cypher School that later became GCHQ.
YAHOO: Internet firm that cooperated under the Prism project, it revealed that it had answered 12,000 to 13,000 requests for access to its users' information during the past 18 months.
ZIRCON: Plan for a British COMINT satellite that was abandoned in 1987 as part of a long-term deal to secure access to US signals intelligence. Although this happened long ago, it is still referred to in UK intelligence circles as a shorthand for the long-term arrangement on COMINT access.