The Snowden leaks are still telling us things we need to know about mass surveillance. The newer revelations may no longer feel as shocking as those that sent the tech world reeling last year but, for example, a few fairly damning articles taught us a lot this week about how closely certain non-U.S. governments are working with the Americans on their spying endeavors.
The broader story came from The Intercept and Denmark’s Dagbladet Information, which on Thursday revealed how some foreign governments that aren’t in the Anglophone “Five Eyes” club allowed the NSA to tap the core fiberoptic cables running through their territory. This is apparently in addition to NSA tapping operations that rely only on cable companies’ connivance, without the knowledge of local authorities.
We already knew the tapping was going on with the cooperation of select, security-cleared individuals within the telecommunications companies that run the cables — this interception of traffic is fundamental to the NSA’s global surveillance activities. We also knew that the U.K. NSA partner, GCHQ, had advised intelligence agencies in Germany, France, Sweden and Spain how to tweak or work around their own privacy laws, to allow such tapping.
The NSA slides reported on by The Intercept and Dagbladet tie all that together, referring to an “unconventional special access” program called RAMPART-A, through which foreign partners allow the NSA to put its equipment on their cables. The underlying agreement ensures that the U.S. can’t collect host country data and the host country can’t collect U.S. data, though “there are exceptions” – and in any case, if the U.S. has agreements with all those countries, the resulting patchwork is comprehensive.
In the slides’ own phrasing:
RAMPART-A has access to international communications from anywhere around the world. SSO/RAMPART-A stands ready to support your intelligence gathering needs.
Who’s in? Some of these “third-party”, non-Five Eyes partners, as listed in other Snowden documents: Algeria, Austria, Belgium, Croatia, the Czech Republic, Denmark, Ethiopia, Finland, France, Germany, Greece, Hungary, India, Israel, Italy, Japan, Jordan, Macedonia, the Netherlands, Norway, Pakistan, Poland, Romania, Saudi Arabia, Singapore, South Korea, Spain, Sweden, Taiwan, Thailand, Tunisia, Turkey and the United Arab Emirates.
According to Thursday’s stories, RAMPART-A, which cost around $170 million between 2011 and 2013, involves at least 13 sites, three of which touch roughly 70 cables. The Snowden documents apparently don’t say where these sites are, but suggest Germany and Denmark are involved. The inability to match codenames to places is frustrating – for example, we know a site called TRANQUIL “shut down in June 2010” (a fact accompanies by a sad face on the presentation slides) and there was some “issue” with FIREBIRD and FLASHMARK.
Interestingly, the documents say that “most RAMPART-A Third-party partners work the fiber projects under the cover of an overt Comsat effort.” The Intercept reckons this suggests the tapping “takes place at Cold War-era eavesdropping stations in the host countries, usually identifiable by their large white satellite dishes and radomes.”
Which brings us to Germany, a country that is due to its history full of old U.S. army compounds and spy stations – I took the picture at the top of this piece at Teufelsberg, a very atmospheric abandoned NSA station in a forest in west Berlin. Many of those facilities remain in use, most importantly the “Dagger Complex” listening station at Griesheim, south of Frankfurt, but also in Berlin, Frankfurt, Stuttgart, Bad Aibling and Wiesbaden.
This week Der Spiegel published a trove of Snowden documents that showed close cooperation between the NSA and its German equivalent, the BND. In one incident, the BND apparently helped the NSA avoid disaster after “commercial consortium personnel” discovered the secret “Wharpdrive” cable-tapping operation – indeed, the documents suggest the BND ran Wharpdrive.
Der Spiegel expressed concern that the cooperation between the agencies meant Germany may be aiding drone strikes, for example. In an editorial, it said either the NSA was using German soil to carry out mass monitoring without the German government’s knowledge, or it had the government’s cooperation. “If that’s the case, the chancellor and her interior minister need to inform the public, because it means they share blame for the actions of the Americans — and for the Americans’ apparent use of data acquired in Germany to kill suspected terrorists,” the magazine said.
Yet again, fresh revelations are confirming the fact that many governments are in this mass surveillance thing together. That’s depressing because it means that, even where U.S. lawmakers try to rein the NSA in – for example, by voting to defund some of its programs, as representatives did late Thursday – there’s this huge partnership framework that means the dirty work can always be passed around as expediency dictates.
Legislative change is obviously worth pursuing, but in the meantime companies and individuals should do what they can to make it harder for prying eyes to see. Spies will always spy.