Top image: Slide showing companies participating in the PRISM program and the types of data they provide. (Source: NSA, via Wikimedia)
More historical context to the Prism and Verizon telephone metadata programs revealed by Edward Snowden
From the Washington Post
(bring up the article in a new window)
------------------------------------------------------------------------------------------
Discussed in this article:
- STELLARWIND - Set of intelligence programs authorized by George W. Bush, superceded by four new programs:
- MAINWAY- Telephone metadata (call records from Verizon, AT&T, Bell South, etc.)
- MARINA - Internet metadata (siphoned from data links owned by AT&T, Sprint and MCI/Verizon
- NUCLEON - Telephone content (interception of spoken words)
- PRISM - Internet content (access of data "held by Google, Yahoo, Microsoft, other Silicon Valley giants, collectively the richest depositories of personal information in history")
On March 12, 2004, acting attorney general James B. Comey and the Justice Department’s top leadership reached the brink of resignation over electronic surveillance orders that they believed to be illegal.
President George W. Bush backed down, halting secret foreign-intelligence-gathering operations that had crossed into domestic terrain. That morning marked the beginning of the end of STELLARWIND, the cover name for a set of four surveillance programs that brought Americans and American territory within the domain of the National Security Agency for the first time in decades. It was also a prelude to new legal structures that allowed Bush and then President Obama to reproduce each of those programs and expand their reach.
Former NSA contractor Edward Snowden, 29, who unmasked himself as the source behind the PRISM and Verizon revelations, said he hoped for a systematic debate about the “danger to our freedom and way of life” posed by a surveillance apparatus “kept in check by nothing more than policy.”
When the New York Times revealed the warrantless surveillance of voice calls, in December 2005, the telephone companies got nervous. One of them, unnamed in the report, approached the NSA with a request. Rather than volunteer the data, at a price, the “provider preferred to be compelled to do so by a court order,” the report said. Other companies followed suit. The surveillance court order that recast the meaning of business records “essentially gave NSA the same authority to collect bulk telephony metadata from business records that it had” under Bush’s asserted authority alone.
MARINA and the collection tools that feed it are probably the least known of the NSA’s domestic operations, even among experts who follow the subject closely. Yet they probably capture information about more American citizens than any other, because the volume of e-mail, chats and other Internet communications far exceeds the volume of standard telephone calls.
The NSA calls Internet metadata “digital network information.” Sophisticated analysis of those records can reveal unknown associates of known terrorism suspects. Depending on the methods applied, it can also expose medical conditions, political or religious affiliations, confidential business negotiations and extramarital affairs.
What permits the former and prevents the latter is a complex set of policies that the public is not permitted to see. “You could do analyses that give you more information, but the law and procedures don’t allow that,” a senior U.S. intelligence lawyer said.
When the NSA aims for foreign targets whose communications cross U.S. infrastructure, it expects to sweep in some American content “incidentally” or “inadvertently,” which are terms of art in regulations governing the NSA. Contact chaining, because it extends to the contacts of contacts of targets, inevitably collects even more American data.
When asked why the NSA could not release an unclassified copy of its “minimization procedures,” which are supposed to strip accidentally collected records of their identifying details, the official suggested a reporter submit a freedom-of-information request.
As for bulk collection of Internet metadata, the question that triggered the crisis of 2004, another official said the NSA is no longer doing it. When pressed on that question, he said he was speaking only of collections under authority of the surveillance court.
“I’m not going to say we’re not collecting any Internet metadata,” he added. “We’re not using this program and these kinds of accesses to collect Internet metadata in bulk.”