13 Comments

Summary:

Many names have popped up in the long-running scandal, so we thought it would be a good idea to bring them together in one handy resource.

Hiding

The global surveillance scandal involves many players in the corporate world and — thanks to Edward Snowden — details of their identities and relationships with the NSA and other intelligence agencies continue to dribble out.

Many publications are doing fine work carrying these stories, but the information is a tad scattered. So I thought it might be useful to compile a list of the companies that are thought to be involved in Prism, Tempora, Blarney and all the other mysteriously codenamed sub-programs that add up to a near-global surveillance network.

This list will be updated as and when new information comes in (please do note omissions in the comments below).

Web/mobile firms

The companies named in the original Prism scandal are as follows:

  • Microsoft
  • Apple
  • Facebook
  • Google
  • Paltalk
  • AOL
  • Yahoo

All have denied giving the NSA “direct access” to their servers, but Snowden has maintained that they do so, and the roles played by these companies are part of the focus of French prosecutors looking into the affair.

Microsoft and many other U.S. tech firms are also alleged to disclose security flaws in their products to U.S. intelligence services before they inform other customers around the world. This would give the NSA and other agencies a headstart on patching their own systems, but it could also give them a window of opportunity to exploit the flaws in order to attack others. Microsoft is also alleged to have given the NSA early access to products such as Outlook.com, so encryption could be circumvented before users even come online.

Internet backbone providers and other telcos

The Washington Post published a scoop on Thursday that gave some insight into the budget enjoyed by the NSA, CIA and other U.S. intelligence agencies. One of the most interesting allegations there was that the agencies not only reimburse their partners in the telecoms industry for the costs incurred in accessing data from their systems — which is to be expected — but that some of the telcos also make a profit on the deal.

Which ones? We don’t know, but these are the companies known to be working with British intelligence agency GCHQ (with codenames as listed by Germany’s Süddeutsche Zeitung):

  • BT (Remedy)
  • Verizon (Dacron)
  • Vodafone (Gerontic)
  • Level 3 (Little) and Level 3-owned Global Crossing (Pinnage)
  • Viatel (Vitreous)
  • Interoute (Streetcar)

Level 3 has also been highlighted because it runs the cables connecting Google and Yahoo’s data centers — connections that have likely been tapped by the NSA.

AT&T has also been named by the Wall Street Journal as being associated with the Blarney program (2013 fiscal year budget, according to WaPo: $65.96 million). Like AT&T, Verizon is also apparently collaborating with U.S. intelligence on American soil.

(UPDATE, 2 September: AT&T has also been implicated in a massive phone record collection scheme that involves the Drug Enforcement Agency.)

The Sydney Morning Herald has reported that Australia’s Telstra works closely with U.S. intelligence – a condition it had to meet in order to get an FCC licence for its Reach business in Asia, which also involves Hong Kong-based PCCW. (NOTE, 31 August: It appears Crikey broke this story.)

Such conditions appear to be a recurring theme when it comes to international firms merging or going into partnership with U.S. operators, or operators with cables in the U.S. The WSJ suggested this week that Japan’s SoftBank had to agree to honor U.S. authorities’ requests for access to some of its systems, because of its purchase of Sprint. Ditto Deutsche Telekom (2001′s VoiceStream Wireless takeover and the recent T-Mobile USA-MetroPCS merger) and Vodafone (the Verizon partnership).

The Sydney Morning Herald has also pointed a finger at Singapore’s government-owned SingTel. SingTel, which owns Australia’s Optus telco, is in a consortium with BT, Telstra and others to run the hugely important SeaMeWe-3 undersea cable, which connects Germany, the U.K., the Middle East, Singapore, China, Australia and Japan.

Equipment vendors

The U.S. CALEA law of 1994 is pretty crucial — it compels not only telcos to make sure law enforcement agencies can tap into communications in the U.S., but their equipment vendors too. So, any telecoms kit-maker who is sited in the U.S. or wants to sell its equipment to American telcos will need to play nice.

That’s a long list, but let’s highlight the name of Cisco, because it’s one of the U.S. tech vendors that is now being scrutinized by the Chinese authorities over fears of hidden security backdoors (yes, it’s Huawei in reverse).

The WSJ has also noted that — as with telcos merging with or taking over U.S. firms — some international vendors have also had to promise to give access to systems when asked. The article named Alcatel-Lucent (France’s Alcatel, merged with America’s Lucent), Nokia Solutions & Networks (which bought Motorola’s network assets) and Ericsson (which bought Nortel's wireless equipment assets).

(UPDATE, 9 September: No names have been named yet, but the NSA’s apparent breaking or weakening of many current cryptographic implementations likely involves security companies from around the world, on both software and hardware fronts.

  1. Thankfully I’m a Sprint customer…

    Share
  2. LOL, and the US gov’t was giving Huawei a hard time..

    Share
    1. That was probably because Huawei refused to work wiith them?

      Share
  3. I remember the time when ‘evil’ Huawei was the only company doing the dity work.

    Share
  4. I wonder if the much stricter privacy laws in Germany have impact on its ability to comply with American intelligence laws. It would be interesting if by complying with American intelligence laws, Deutsche Telecom (through T-mobile / metropcs) is forced to violate Germany law somehow.

    Share
  5. GBPackerfaninKC Friday, August 30, 2013

    @Jordan O
    Did you not read the article? It said Soft Bank is participating in the party of backstabbers. Soft Bank now owns Sprint.

    Share
  6. This is the list of shame.

    Share
  7. Where’s Yahoo?

    Share
    1. Good spot! Not sure how they dropped off the list, but that’s fixed now. Thanks for that.

      Share
  8. Rodolfo Rosini Monday, September 9, 2013

    There is somehow a flaw in your article. “NSA links” for a telco is a given. The requirement of every telco license in the world is to allow the local gov to snoop on the traffic (without having to ask). The network equipment vendors comply with this. There is no other state of affairs worldwide. So why is this news?

    Share
  9. You aren’t putting together 1+1. Why was the government so against Huawei? Maybe because they were selling like hot cakes and DIDn’T have a back door. Thus threatening the NSA’s activities.

    Share
  10. What about BlackBerry? I didn’t see them on any of the lists, even though they are a Canadian company, I wouldn’t be surprised if they were playing ball too

    Share

Comments have been disabled for this post