Last week I posted a short summary of developments in the EFF case against AT&T for its complicity in the NSA's illegal warrantless spying program. Two weeks ago EFF filed papers containing a bombshell: the accusation that AT&T installed or helped the government install equipment in its main facilities to intercept almost all communications that move through AT&T's circuits. The evidence -- 140 pages of AT&T internal documents -- supposedly proved that, inside one of AT&T's central switching stations in San Francisco, a giant bug is delivering every phone call and email of every AT&T subscriber to the NSA. But at the time I wrote that posting, the content of the documents was a mystery -- EFF had filed them under seal, for the court's eyes only, until the court decided whether to approve release of the documents in the face of claims by AT&T that the documents contained trade secrets and other sensitive information.
The documents themselves are still sealed. Late last week, however, the AT&T whistleblower who gave them to EFF -- a retired technician named Mark Klein -- decided to go public, releasing a two-page statement that contains a wealth of new information on what AT&T was up to.
In January 2003 Klein learned that, deep inside AT&T's central San Francisco office building, "a new room [was] being built adjacent to the ... switch room where the public's phone calls are routed." The special room (let's call it the "Unconstitutional Room") was off-limits to AT&T employees except for one who was working with an NSA agent (Klein knew this because he had met the agent by chance in AT&T's offices the year before).
"I learned that fiber optic cables from the secret room were tapping into the [AT&T] WorldNet circuits," Klein said. After seeing several documents describing the design of the circuit splits, he realized the circuits tapped into included the ones that "connect Worldnet with other networks and hence the whole country, as well as the rest of the world."
"One of the documents listed the equipment installed in the secret room, and this list included a Narus STA 6400, which is a 'Semantic Traffic Analyzer.' The Narus STA technology is known to be used particularly by government intelligence agencies because of its ability to sift through large amounts of data looking for preprogrammed targets."
"My job required me to connect new circuits to the 'splitter' cabinet and get them up and running. While working on a particularly difficult one with a technician back East, I learned that other such 'splitter' cabinets were being installed in other cities, including Seattle, San Jose, Los Angeles and San Diego."
"Based on my understanding of the connections and equipment at issue, it appears the NSA is capable of conducting what amounts to vacuum-cleaner surveillance of all the data crossing the internet -- whether that be peoples' e-mail, web surfing or any other data."
This "other data" includes, presumably, phone calls carried on a digital network.
The fact that the so-called "Terrorist Surveillance Program" may be more of a "vacuum cleaner" than a "targeted" program directed at individual terrorist suspects was suggested in my first posting on this site, where I speculated that one reason the administration chose not to seek wiretap warrants under the FISA statute was that it was running a data-mining program so broad (seeking to search every international phone call and email) that it could never fit into a conventional warrant process (the warrant process being designed to limit the scope of searches law enforcement can conduct). Klein also believes the Program involves data mining, but doubts it is limited to international communications:
"I simply do not believe their claims that the NSA's spying program is really limited to foreign communications.... And unlike the controversy over targeted wiretaps of individuals' phone calls, this potential spying appears to be applied wholesale to all sorts of internet communications of countless citizens."
Klein deserves a great deal of credit for coming forward, for he made these statements at great personal risk: AT&T will no doubt treat him like the government treats its own whistleblowers -- charging that he stole the documents, and claiming that he undermined the company's security against terrorists. One of AT&T's lawyers, Bruce Ericson, said in a filing on Monday that "I am informed and believe that [Klein's public] statement includes purported facts that would be of particular interest and use to would-be hackers." By "hackers" Mr. Ericson presumably means "computer network vandals," the pre-Osama bogeyman of the totalitarian right. (Those who would vandalize the English language, in contrast, need look no farther than Mr. Ericson's sentence: are "purported facts" useful to anyone?)
Speaking of hackers, interesting side note: the Guardian reports this week that an English hacker who accessed dozens of military and NASA computers, Gary McKinnon, is fighting extradition to the U.S. on the grounds that he may be sent to Guantánamo. Depending on how much of the government's network McKinnon got access to, maybe we should ask him whether the NSA eavesdropped upon our phone calls to our clients. The FBI denied our own Freedom of Information Act (FOIA) request asking for that information this week:
"As you may be aware, the President of the United States 'authorized the National Security Agency [(NSA)], consistent with U.S. law and the Constitution, to intercept the international communications of people with known links to al Qaeda and related terrorist organizations.' The President has also noted that '[t]his is a highly classified program that is crucial to our national security.' As a result, because of the highly classified nature of the program, we can neither confirm nor deny whether records related to any particular individual under this program exist. The fact of the existence or non-existence of responsive records is ... currently and properly classified.... Thus, that portion of your request which seeks access to records related to [surveillance of your staffers] is denied...."
Of course, if they're lying about the program being "targeted" -- if it's really a vacuum cleaner -- then their argument goes out the window.
In our own case, Center for Constitutional Rights v. Bush, the government has gotten a long extension to respond to our most recent filings, made in early March. We decided we would fill the time by announcing a contest to come up with the most amusing accurate name for the NSA program. (The administration has taken to calling it the "Terrorist Surveillance Program.") Grand prize: a CCR mug. Post your best shot in the comments!