In the first in-person interview Edward Snowden has conducted since his arrival in Moscow in June, Barton Gellman reports:
The documents leaked by Snowden compelled attention because they revealed to Americans a history they did not know they had.
Internal briefing documents reveled in the “Golden Age of Electronic Surveillance.” Brawny cover names such as MUSCULAR, TUMULT and TURMOIL boasted of the agency’s prowess.
With assistance from private communications firms, the NSA had learned to capture enormous flows of data at the speed of light from fiber-optic cables that carried Internet and telephone traffic over continents and under seas. According to one document in Snowden’s cache, the agency’s Special Source Operations group, which as early as 2006 was said to be ingesting “one Library of Congress every 14.4 seconds,” had an official seal that might have been parody: an eagle with all the world’s cables in its grasp.
Each year, NSA systems collected hundreds of millions of e-mail address books, hundreds of billions of cellphone location records and trillions of domestic call logs.
Most of that data, by definition and intent, belonged to ordinary people suspected of nothing. But vast new storage capacity and processing tools enabled the NSA to use the information to map human relationships on a planetary scale. Only this way, its leadership believed, could the NSA reach beyond its universe of known intelligence targets.
In the view of the NSA, signals intelligence, or electronic eavesdropping, was a matter of life and death, “without which America would cease to exist as we know it,” according to an internal presentation in the first week of October 2001 as the agency ramped up its response to the al-Qaeda attacks on the World Trade Center and the Pentagon.
With stakes such as those, there was no capability the NSA believed it should leave on the table. The agency followed orders from President George W. Bush to begin domestic collection without authority from Congress and the courts. When the NSA won those authorities later, some of them under secret interpretations of laws passed by Congress between 2007 and 2012, the Obama administration went further still.
Using PRISM, the cover name for collection of user data from Google, Yahoo, Microsoft, Apple and five other U.S.-based companies, the NSA could obtain all communications to or from any specified target. The companies had no choice but to comply with the government’s request for data.
But the NSA could not use PRISM, which was overseen once a year by the surveillance court, for the collection of virtually all data handled by those companies. To widen its access, it teamed up with its British counterpart, Government Communications Headquarters, or GCHQ, to break into the private fiber-optic links that connected Google and Yahoo data centers around the world.
That operation, which used the cover name MUSCULAR, tapped into U.S. company data from outside U.S. territory. The NSA, therefore, believed it did not need permission from Congress or judicial oversight. Data from hundreds of millions of U.S. accounts flowed over those Google and Yahoo links, but classified rules allowed the NSA to presume that data ingested overseas belonged to foreigners.
Disclosure of the MUSCULAR project enraged and galvanized U.S. technology executives. They believed the NSA had lawful access to their front doors — and had broken down the back doors anyway.
Microsoft general counsel Brad Smith took to his company’s blog and called the NSA an “advanced persistent threat” — the worst of all fighting words in U.S. cybersecurity circles, generally reserved for Chinese state-sponsored hackers and sophisticated criminal enterprises.
