The Olympics can’t disguise his quest for dominion
Russian President Vladimir Putin watches the cross country skiing men’s relay during the Sochi 2014 Winter Olympics on Feb. 16. (Mikhail Klimentyev/RIA Novosti/Kremlin )
With the Olympics in Sochi, Russian President Vladimir Putin hoped to rivet the world’s attention on the New and Improved Russia, a rising-again world power to be reckoned with, a country on the road to global glory.
And why not? Things have been going Putin’s way. His brinkmanship forestalled a U.S. strike on Russia’s man in Damascus, President Bashar Assad. National Security Agency leaker in chief Edward Snowden is safely ensconced in Moscow, thumbing his nose at Washington. And long-downtrodden Russia now hosts … an Olympiad!
Bard College professor Walter Russell Mead recently summed up Putin’s political prowess in The Wall Street Journal:
The most daring and acrobatic figure in Sochi this week isn’t a snowboarder; it is Vladimir Putin, whose death-defying geopolitical gamble is the hottest game in town. … Russian diplomacy is a dazzling spectacle these days — and despite his considerable handicaps, Mr. Putin is skating rings around his clumsy and clueless opponents in Washington and Brussels.
But Sochi isn’t a Russian triumph, and we’re not just talking about the Russian hockey team’s loss to the U.S.
The spectacle of Sochi’s ice dancers, skiers and snowboarders — the free world gathered in peaceful competition — now competes for headlines with increasingly bloody, fiery protests in Ukraine that Putin helped ignite.
In brief: Late last year, Ukraine was on the brink of signing a trade and integration deal with the European Union, and many Ukrainians hoped that westward tilt would boost the country’s economy and bring genuine democracy.
But such a deal also would have deep-sixed Putin’s hope to rebuild a Soviet-like sphere of power over neighboring countries. So Putin persuaded (ahem) Ukrainian President Viktor Yanukovych to snub the EU with a last-minute offer to buy $15 billion in Ukrainian debt and to slash the price of Russian natural gas supplies to Ukraine.
Protests erupted. The government cracked down. On Thursday, fighting between police and protesters intensified, triggering fears that Yanukovych would declare a state of emergency and call in the military. The death toll is mounting.
The Olympic spotlight dims Sunday when the Games close. And with that, no more distractions from the status quo ante: The corrosive reality of Vladimir Putin’s Russia will again take center stage.
Despite its oil and gas resources, Russia’s economy is wobbly, its growth rate last year an anemic 1.3 percent, down from 3.4 percent in 2012. Putin has failed to build a robust, free-market economy or anything close to a full-fledged democracy where dissent is tolerated if not somewhat encouraged. The Kremlin’s heavy-handed political, diplomatic and economic tactics spook many investors.
These days, Russians also are enduring the “most severe crackdown against human rights since the collapse of the Soviet Union,” says the pro-democracy organization Freedom House. Putin has harassed advocacy organizations under the pretense of shielding Russia from “foreign agents.” Many organizations have been subjected to “aggressive and intrusive” inspections, Human Rights Watch says.
One image from this week captures perfectly how Putin’s thin-skinned Russia handles criticism: Cossack militias apparently attacked the punk activist group Pussy Riot — young women in neon-colored balaclavas — with pepper spray and whips as they prepared to play a new song, “Putin Will Teach You to Love the Motherland.”
They were whipped for trying to sing a song.
Putin’s Iron Curtain has a zero-sum relationship with the West. If Russia reasserts dominance over parts of Europe, Asia and the Middle East, the U.S. and its allies lose. If Ukrainian protesters force a rapprochement between their country and the EU, it is Putin who loses.
Ukraine is on the brink now. It could again become a loyal client state of Russia, firmly under Putin’s iron thumb. Or … it could move closer to the West, spoiling Putin’s dream of greater regional and world influence.
That’s a competition the U.S. and its European allies must win.
Obama Learning Moscow Will Go to Great Lengths to Protect Interests in World Hot Spots
By Julian E. Barnes and Carol E. Lee
The Wall Street Journal
For the Obama administration, the fires burning in Ukraine represent a new international crisis, but one resulting from an all-too-familiar source of consternation: Vladimir Putin.In hot spots around the world, President Barack Obama repeatedly has encountered the sharp elbows of Mr. Putin: He has buttressed Syrian leader Bashar al-Assad, offered a lifeline to Iran and embraced a controversial Egyptian commander as the country’s future leader.Mr. Putin gave asylum to former U.S. intelligence contractor Edward Snowden, who has been leaking American surveillance secrets, and test-launched a new missile.
Similarly now in Ukraine, Washington is struggling to come to terms with the fact that Moscow under Mr. Putin is willing to spend a great deal to protect its interests and oppose U.S. goals. Mr. Putin pressured the Ukrainian government to abandon a free-trade deal with the European Union and forced President Viktor Yanukovych to choose aid from Russia over closer ties to the West.
Administration officials have defended their dealings with Mr. Putin, arguing that in some cases—such as international talks over the Syrian civil war and Iran’s nuclear program—Russia’s core interests have coincided at least partly with U.S. aims.
“American presidents, understandably for strategic reasons, want to forge a relationship with Russia that goes beyond Cold War paradigms,” said Damon Wilson, a former Bush administration official now at the Atlantic Council, a think tank.
During a day trip to Mexico, US President Barack Obama said “We hold the Ukrainian government primarily responsible in making sure it is dealing with peaceful protesters in an appropriate way,” Obama told reporters before a meeting with Mexican President Enrique Pena Nieto at a North American leaders summit in Toluca, Mexico. “That includes making sure the Ukrainian military does not step in to resolve issues that could be resolved by civilians.” Photo taken in Toluca, Mexico, on February 19, 2014 (AFP Photo/Jewel Samad)
“But inevitably, they are dragged back to the reality that they are dealing with an interlocutor that isn’t prepared to be a partner in that effort,” Mr. Wilson said.
The realization that Moscow views the world in terms of “us or them” has been slow to dawn on the Obama administration, but is becoming more apparent to White House and national security officials, foreign-policy experts say.
The administration gave Moscow “every favorable interpretation, every benefit of the doubt” in its first years, said Leon Aron, director of Russian studies at the conservative American Enterprise Institute.
But Mr. Obama has begun to change.
“Even in the administration, they are beginning to understand this is not a question of Putin’s mood,” Mr. Aron said. “This is the geostrategic framework that Putin operates. This is how he understands re-establishing Russian greatness.”
Rebuilding Russia’s position on the world stage and its dominance in countries formerly part of the Soviet Union have been a key part of Mr. Putin’s agenda. Despite U.S. insistence that geopolitics isn’t a “them-or-us,” zero-sum game, Mr. Putin has made it clear he doesn’t agree.
“If you look at Russian foreign policy it is a negative agenda,” said Mr. Wilson of the Atlantic Council.
“The issue is restoring Russian influence by checking American power,” Mr. Wilson said.
Asked to comment on the relationship between Mr. Putin and Mr. Obama, Russian officials pointed to an interview Mr. Putin gave to Russian media and the Associated Press in September.
“President Obama was not elected by the American people to be pleasant to Russia, neither was your humble servant elected by the people of Russia to be pleasant to someone,” Mr. Putin said in the interview.
“We work, we argue, we are humans, and sometimes someone can get irritated. But I would like to repeat myself: I believe that global common interests are a good foundation for finding solutions together,” Mr. Putin said.
Obama administration officials reject the idea that Mr. Putin is gaining the upper hand, noting the problems faced by the governments of Syria and Ukraine—both allies of Moscow.
“Neither of those situations advance Russia’s interests in any way,” a senior administration official said. “If anything, these and other events demonstrate that people want democracy, they reject corruption, and they want individual opportunity and integration into the global economy.”
Still, U.S. officials expressed dismay Wednesday that Moscow has operated in secret in Ukraine while accusing the U.S. of meddling there. “They have not been transparent about what they’ve been doing in the Ukraine,” a senior State Department official said. “And we would completely reject that it is we who have been interfering.”
The U.S. took its first concrete steps against 20 Ukrainian officials Wednesday by imposing visa bans.
However, U.S. options beyond diplomatic pressure are seen as strictly limited and some government officials caution against courses of action that may not resolve the crisis.
“All that does is make you look impotent,” said another U.S. official. “What can you do that will really make a difference in what is going on there? I am not sure anyone has identified anything.”
Since Mr. Putin resumed the Russian presidency in 2012, relations between the two nations have been tense.
That culminated in the summer with Mr. Obama’s decision to back out of a one-on-one meeting with Mr. Putin during a trip to Russia. The two instead met on the sidelines of an international summit, a meeting that came at the height of the dispute over Mr. Snowden and as Mr. Obama prepared for possible military strikes on Syria.
Still, some experts believe Mr. Obama must get more directly involved.
“The president has to be willing to get involved, get his hands dirty and be willing to engage with Vladimir Putin,” said Andrew Kuchins, the director of the Russia program at the Center for Strategic and International Studies.
Germany’s Chancellor Angela Merkel and France’s President Francois Hollande (R) (Reuters / Francois Lenoir)
Angela Merkel and Francois Hollande will review plans to build up a trustworthy data protection network in Europe. The challenge is to avoid data passing through the US after revelations of mass NSA spying in Germany and France.
Merkel has been one of the biggest supporters of greater data protection in Europe since the revelations that the US tapped her phone emerged in a Der Spiegel news report in October, based on information leaked by former NSA contractor Edward Snowden.
Earlier, France learned from reports in Le Monde that the NSA has also been recording dozens of millions of French phone calls, including those of the French authorities. According to the report, in just one month between December 10, 2012 and January 8, 2013, the NSA recorded a total of 70.3 million French phone calls.
Meanwhile, according to the Snowden revelations, the German Chancellor’s mobile phone has been on an NSA target list since 2002 and was codenamed “GE Chancellor Merkel.” The monitoring operation was allegedly still in force even a few weeks before US President Barack Obama’s visit to Berlin in June 2013.
Washington has denied it monitored Merkel’s personal phone, insisting that its surveillance practices are focused on threats to national security, namely terrorism. Merkel, who grew up in East Germany, where phone tapping was common practice, compared the NSA’s spying to that of the Stasi secret police in the former German Democratic Republic, and accused the US of a grave breach of trust. According to polls, the Germans have lost confidence in the US as a trustworthy partner, and a majority of Germans consider Edward Snowden a hero. It’s believed that his revelations have hit Berlin particularly hard since Germany is not a member of the so-called “Five Eyes’ intelligence alliance which includes NSA-equivalent agencies in the UK, Canada, Australia and New Zealand, exchanging intelligence with each other on a regular basis.
In the wake of the revelations about US global spying activities, the German government has made it mandatory for ministers to use encryption on their phones to secure their communications against intrusion. Berlin has also prohibited the use of iPhones for official business, as they are not compatible with encryption.
France and Germany have been seeking bilateral talks with the United States to discuss the issue of the snooping, with Merkel’s government pressing for a “no spying” agreement with Washington. Negotiations on an anti-spying agreement began in August 2013, but the US has been reluctant to sign such a deal, Süddeutsche Zeitung reported in mid-January, citing a Federal Intelligence Service (BND) employee as saying: “We’re getting nothing.”
Merkel, who is due to visit France on Wednesday, said in her weekly podcast that she disapproved of companies such as Google and Facebook, basing their operations in countries with low levels of data protection, while in reality being active in countries with high data protection.
“Above all, we’ll talk about European providers that offer security for our citizens, so that one shouldn’t have to send emails and other information across the Atlantic. Rather, one could build up a communication network inside Europe,” she said.
Hollande’s office said France agrees with Berlin’s proposals, Reuters reported, citing an official as saying: “Now that the German government is formed, it is important that we take up the initiative together.”
By James Risen and Laura Poitras
The New York Times
The list of those caught up in the global surveillance net cast by the National Security Agency and its overseas partners, from social media users to foreign heads of state, now includes another entry: American lawyers.
A top-secret document, obtained by the former N.S.A. contractor Edward J. Snowden, shows that an American law firm was monitored while representing a foreign government in trade disputes with the United States. The disclosure offers a rare glimpse of a specific instance in which Americans were ensnared by the eavesdroppers, and is of particular interest because lawyers in the United States with clients overseas have expressed growing concern that their confidential communications could be compromised by such surveillance.
The government of Indonesia had retained the law firm for help in trade talks, according to the February 2013 document. It reports that the N.S.A.’s Australian counterpart, the Australian Signals Directorate, notified the agency that it was conducting surveillance of the talks, including communications between Indonesian officials and the American law firm, and offered to share the information.
The Indonesian Embassy in Washington, left, and the building where Mayer Brown has an office. Indonesia retained the American law firm for help in trade talks. Stephen Crowley/The New York Times
The Australians told officials at an N.S.A. liaison office in Canberra, Australia, that “information covered by attorney-client privilege may be included” in the intelligence gathering, according to the document, a monthly bulletin from the Canberra office. The law firm was not identified, but Mayer Brown, a Chicago-based firm with a global practice, was then advising the Indonesian government on trade issues.
On behalf of the Australians, the liaison officials asked the N.S.A. general counsel’s office for guidance about the spying. The bulletin notes only that the counsel’s office “provided clear guidance” and that the Australian agency “has been able to continue to cover the talks, providing highly useful intelligence for interested US customers.”
The N.S.A. declined to answer questions about the reported surveillance, including whether information involving the American law firm was shared with United States trade officials or negotiators.
Duane Layton, a Mayer Brown lawyer involved in the trade talks, said he did not have any evidence that he or his firm had been under scrutiny by Australian or American intelligence agencies. “I always wonder if someone is listening, because you would have to be an idiot not to wonder in this day and age,” he said in an interview. “But I’ve never really thought I was being spied on.”
A Rising Concern for Lawyers
Most attorney-client conversations do not get special protections under American law from N.S.A. eavesdropping. Amid growing concerns about surveillance and hacking, the American Bar Association in 2012 revised its ethics rules to explicitly require lawyers to “make reasonable efforts” to protect confidential information from unauthorized disclosure to outsiders.
Last year, the Supreme Court, in a 5-to-4 decision, rebuffed a legal challenge to a 2008 law allowing warrantless wiretapping that was brought in part by lawyers with foreign clients they believed were likely targets of N.S.A. monitoring. The lawyers contended that the law raised risks that required them to take costly measures, like traveling overseas to meet clients, to protect sensitive communications. But the Supreme Court dismissed their fears as “speculative.”
The N.S.A. is prohibited from targeting Americans, including businesses, law firms and other organizations based in the United States, for surveillance without warrants, and intelligence officials have repeatedly said the N.S.A. does not use the spy services of its partners in the so-called Five Eyes alliance — Australia, Britain, Canada and New Zealand — to skirt the law.
Still, the N.S.A.can intercept the communications of Americans if they are in contact with a foreign intelligence target abroad, such as Indonesian officials. The N.S.A. is then required to follow so-called minimization rules to protect their privacy, such as deleting the identity of Americans or information that is not deemed necessary to understand or assess the foreign intelligence, before sharing it with other agencies.
An N.S.A. spokeswoman said the agency’s Office of the General Counsel was consulted when issues of potential attorney-client privilege arose and could recommend steps to protect such information.
“Such steps could include requesting that collection or reporting by a foreign partner be limited, that intelligence reports be written so as to limit the inclusion of privileged material and to exclude U.S. identities, and that dissemination of such reports be limited and subject to appropriate warnings or restrictions on their use,” said Vanee M. Vines, the spokeswoman.
The Australian government declined to comment about the surveillance. In a statement, the Australian Defense Force public affairs office said that in gathering information to support Australia’s national interests, its intelligence agencies adhered strictly to their legal obligations, including when they engaged with foreign counterparts.Several newly disclosed documents provide details of the cooperation between the United States and Australia, which share facilitiesand highly sensitive intelligence, including efforts to break encryption and collect phone call data in Indonesia. Both nations have trade and security interests in Indonesia, where Islamic terrorist groups that threaten the West have bases.
The 2013 N.S.A. bulletin did not identify which trade case was being monitored by Australian intelligence, but Indonesia has been embroiled in several disputes with the United States in recent years. One involves clove cigarettes, an Indonesian export. The Indonesian government has protested to the World Trade Organization a United States ban on their sale, arguing that similar menthol cigarettes have not been subject to the same restrictions under American antismoking laws. The trade organization, ruling that the United States prohibition violated international trade laws, referred the case to arbitration to determine potential remedies for Indonesia.
Another dispute involved Indonesia’s exports of shrimp, which the United States claimed were being sold at below-market prices.
The Indonesian government retained Mayer Brown to help in the cases concerning cigarettes and shrimp, said Ni Made Ayu Marthini, attaché for trade and industry at the Indonesian Embassy in Washington. She said no American law firm had been formally retained yet to help in a third case, involving horticultural and animal products.
Mr. Layton, a lawyer in the Washington office of Mayer Brown, said that since 2010 he had led a team from the firm in the clove cigarette dispute. He said Matthew McConkey, another lawyer in the firm’s Washington office, had taken the lead on the shrimp issue until the United States dropped its claims in August. Both cases were underway a year ago when the Australians reported that their surveillance included an American law firm.
Mr. Layton said that if his emails and calls with Indonesian officials had been monitored, the spies would have been bored. “None of this stuff is very sexy,” he said. “It’s just run of the mill.”
He and the other Mayer Brown lawyers do most of their work on the trade issues from Washington, he said. They also make occasional trips to Jakarta, Indonesia’s capital, and Geneva, where the World Trade Organization is based. Mr. Layton said most of his communications with officials in Jakarta had been done through email, while he also talked by phone with officials at the Indonesian Embassy in Washington.
The N.S.A.’s protections for attorney-client conversations are narrowly crafted, said Stephen Gillers, an expert on legal ethics at New York University’s School of Law. The agency is barred from sharing with prosecutors intercepted attorney-client communications involving someone under indictment in the United States, according to previously disclosed N.S.A. rules. But the agency may still use or share the information for intelligence purposes.
Andrew M. Perlman, a Suffolk University law professor who specializes in legal ethics and technology issues, said the growth of surveillance was troubling for lawyers. He helped create the bar association’s ethics code revisions that require lawyers to try to avoid being overheard by eavesdroppers.
“You run out of options very quickly to communicate with someone overseas,” he said. “Given the difficulty of finding anything that is 100 percent secure, lawyers are in a difficult spot to ensure that all of the information remains in confidence.”
In addition to its work on trade issues with the United States, Mr. Layton said, Mayer Brown was representing Indonesia in a dispute with Australia. He said Indonesia had been arguing that Australia’s requirements for plain packaging for tobacco products under its antismoking rules were excessive.
Even though the Indonesian issues were relatively modest for the United States — about $40 million in annual trade is related to the clove cigarette dispute and $1 billion annually to shrimp — the Australian surveillance of talks underscores the extent to which the N.S.A. and its close partners engage in economic espionage.
In justifying the agency’s sweeping powers, the Obama administration often emphasizes the N.S.A.’s role in fighting terrorism and cyberattacks, but disclosures in recent months from the documents leaked by Mr. Snowden show the agency routinely spies on trade negotiations, communications of economic officials in other countries and even foreign corporations.
American intelligence officials do not deny that they collect economic information from overseas, but argue that they do not engage in industrial espionage by sharing that information with American businesses. China, for example, is often accused of stealing business secrets from Western corporations and passing them to Chinese corporations.
The N.S.A. trade document — headlined “SUSLOC (Special US Liaison Office Canberra) Facilitates Sensitive DSD Reporting on Trade Talks”— does not say which “interested US customers” besides the N.S.A. might have received intelligence on the trade dispute.
Other documents obtained from Mr. Snowden reveal that the N.S.A. shares reports from its surveillance widely among civilian agencies. A 2004 N.S.A. document, for example, describes how the agency’s intelligence gathering was critical to the Agriculture Department in international trade negotiations.
“The U.S.D.A. is involved in trade operations to protect and secure a large segment of the U.S. economy,” that document states. Top agency officials “often rely on SIGINT” — short for the signals intelligence that the N.S.A. eavesdropping collects — “to support their negotiations.”
The Australians reported another instance to the N.S.A. — in addition to the one with the American law firm — in which their spying involved an American, according to the February 2013 document. They were conducting surveillance on a target who turned out to be an American working for the United States government in Afghanistan, the document said. It offered no details about what happened after the N.S.A. learned of the incident, and the agency declined to respond to questions about it.
In a statement, Ms. Vines, the agency spokeswoman, said: “N.S.A. works with a number of partners in meeting its foreign-intelligence mission goals, and those operations comply with U.S. law and with the applicable laws under which those partners operate. A key part of the protections that apply to both U.S. persons and citizens of other countries is the mandate that information be in support of a valid foreign-intelligence requirement, and comply with U.S. attorney general-approved procedures to protect privacy rights.”
The documents show that the N.S.A. and the Australians jointly run a large signals intelligence facility in Alice Springs, Australia, with half the personnel from the American agency. The N.S.A. and its Australian counterpart have also cooperated on efforts to defeat encryption. A 2003 memo describes how N.S.A. personnel sought to “mentor” the Australians while they tried to break the encryption used by the armed forces of nearby Papua New Guinea.
Most of the collaboration between the N.S.A. and the Australian eavesdropping service is focused on Asia, with China and Indonesia receiving special attention.
Australian intelligence has focused heavily on Indonesia since the Bali bombing of 2002. The attack, which killed 202 people, including 88 Australians, in a resort area popular with Australians, was blamed on the Southeast Asian Islamist group Jemaah Islamiyah.
The Americans and the Australians secretly share broad access to the Indonesian telecommunications system, the documents show. The N.S.A. has given the Australians access to bulk call data from Indosat, an Indonesian telecommunications provider, according to a 2012 agency document. That includes data on Indonesian government officials in various ministries, the document states.
The Australians have obtained nearly 1.8 million encrypted master keys, which are used to protect private communications, from the Telkomsel mobile telephone network in Indonesia, and developed a way to decrypt almost all of them, according to a 2013 N.S.A. document.
Press freedom in the United States has suffered “one of the most significant declines” in the last year after sacrificing information to national security, with the NSA surveillance scandal topping the list of wrongdoing.
That’s according to The World Press Freedom Index for 2014 from Reporters Without Borders (RWB), which put the US in 46th place out of 180 countries, a 13-place drop from last year.
This time American misdemeanors were in the report’s chapter on “Information sacrificed to national security and surveillance,” which says: “Countries that pride themselves on being democracies and respecting the rule of law” too often sacrifice the freedom of speech to “an overly broad and abusive interpretation of national security needs.”
“Investigative journalism often suffers as a result” of a “disturbing retreat from democratic practices,”the RWB report said.
The RWB recalled all recent major assaults on the freedom of press in the US, be it the conviction of US Army whistleblower Bradley (Chelsea) Manning or the manhunt for former NSA contractor Edward Snowden, whose revelations about pervasive worldwide surveillance conducted by the US intelligence’s made WikiLeaks publications of Manning’s files pale by comparison.
Another notorious attack on journalism mentioned by the RWB was the seizure of “thousands and thousands” of Associated Press phone calls by the US Justice Department, which was searching for a leak in the CIA.
The RWB recalled scandalous cases of freelance digital journalist Barrett Brown, who now faces 105 years in prison for sharing a link to stolen classified data, and New York Times reporter James Risen, who also faces a term in jail if he does not testify against CIA whistleblower Jeffrey Sterling.
Throughout 2013 a number of US journalists have been issued with subpoenas and pressured to reveal off-the-record sources they relied upon, which prompted some activists to call for a media shield law to protect journalists’ sources and thousands of internet-involved organizations to organize protest against massive electronic surveillance.
In 2012, the US fell even lower, to 47th position, after tumbling 27 positions – a result of a series of arrests of high-profile journalists during the Occupy Wall Street protests.
Freedom of speech in Britain, a close US ally, by comparison, was viewed as less restricted, with the country in 33rd place. The UK fell back three places after the exposure of deep collaboration between American and British security and intelligence services in suppressing the freedom of the press.
While UK’s Government Communications Headquarters (GCHQ) agency actually taught American NSA how to conduct online espionage, Britain has been evaluated quite mildly, only suffering a minor decline in the index. The only incident mentioned by the RWB was the detention of David Miranda, the partner of ex-Guardian journalist Glenn Greenwald who revealed NSA spy programs.
RWB did not considered the most recent revelation about British intelligence, found practicing not just spying but actively using cyber-attacks to deal with such information disseminators as Anonymous and LulzSec hacktivists, or that global media watchdogs are planning to investigate press freedom in the UK.
Also, Glenn Greenwald’s revelations about UK and US mainstream media being “devoted servants” of the intelligence agencies seemingly have not affected the rating.
Meanwhile WikiLeaks founder Julian Assange is still trapped in the Ecuadorian embassy in London, with the freedom of information campaigner still being pursued by UK and Swedish justice.
In the 2014 RWB index, Russia was placed 148th, the same as in last year’s ranking. Though praising “the resistance of civil society” in the country, the report still accuses Moscow of “using UN bodies and regional alliances such as the Shanghai Cooperation Organization in its efforts to undermine international standards on freedom of information.”
British spies employed ‘dirty tricks’ including ‘honey traps’ to trap nations, hackers, terror groups, suspected criminals and arms dealers, according to leaked documents.
The bombshell revelations have been made public through the release of documents taken from the National Security Agency by whistle-blower Edward Snowden.
The Powerpoint slides outline techniques apparently used by the Joint Threat Research and Intelligence Group (JTRIG), a British spy unit whose goal is to ‘destroy, deny, degrade [and] disrupt’ enemies.
British spies employed ‘dirty tricks’ including honey traps’ in a bid to trap nations, hackers, terror groups, suspected criminals and arms dealers
The slides from 2010 and 2012, published by NBC News show that the JTRIG completed their mission by ‘discrediting’ adversaries through misinformation and hacking their communications.
Two main methods of attack detailed in the ‘Effects’ campaigns are cyber operations and propaganda campaigns.
The bombshell revelations have been made public through the release of documents taken from the National Security Agency by whistleblower Edward Snowden
JTRIG, which is part of the NSA’s British counterpart, the cyber spy agency known as GCHQ, used Twitter, Flickr, Facebook and YouTube for deception, mass messaging and ‘pushing stories’.
Another strategy is ‘false flag’ operations – this is when British agents carry out online actions that are designed to look like they were performed by one of Britain’s adversaries.
The main cyber attack is the ‘distributed denial of service’ (DDoS) attack.
This is when computers are taken over by hackers and they bombard a website’s host computers with requests for information causing it to crash - this is a method successfully used by Wikileaks hackers.
Earlier this week it was revealed that JTRIG agents issued their DDoS on Anonymous chat rooms, preventing its users from communicating with one another.
In one case, reported the BBC, agents are said to have tricked a hacker nicknamed P0ke who claimed to have stolen data from the US government. They did this by sending him a link to a BBC article entitled: ‘Who loves the hacktivists?’
Eric King, an attorney who currently teaches IT law at the London School of Economics, told NBC it is ‘remarkable’ that the GCHQ has become so adept at launching DDoS attacks without ‘clear lawful authority,’ particularly because the British government has criticised similar strategies used by other governments.
‘GCHQ has no clear authority to send a virus or conduct cyber-attacks,’ he said. ‘Hacking is one of the most invasive methods of surveillance.’
According to notes on the 2012 documents, a computer virus called Ambassadors Reception was ‘used in a variety of different areas’ and was ‘very effective.’
When sent to adversaries, says the presentation, the virus will ‘encrypt itself, delete all emails, encrypt all files, make [the] screen shake’ and block the computer user from logging on.
One of the ways to block a target communicating reads: ‘Bombard their phone with text messages, bombard their phone with calls, delete their online presence, block up their fax machine.’
The slide details examples of how this was used in Afghanistan including significantly disrupting the Taliban, sending targets a text message ‘every 10 seconds or so’ and ‘calling targets on a regular basis’.
The British cyber spies also used blog posts and information spread via blogs in an operation against Iran.
One of the ways to stop a target communicating reads: ‘Bombard their phone with text messages, bombard their phone with calls, delete their online presence, block up their fax machine’
The same 2012 presentation describes the ‘honey trap’ method of discrediting a target commenting it is ‘very successful’ when it works.
The individual is lured ‘to go somewhere on the internet, or a physical location’ where they are then ‘met by a friendly face.’
It does not give any examples of when the honey trap has been used by British agents, but the same slide also details how ‘paranoia’ can be heightened by changing a target’s photo on a social networking website – the slide reads ‘You have been warned JTRIG is about!’
A programme called ‘Royal Concierge’ took advantage of hotel reservation systems to track the location of foreign diplomats and the slides encourage agents to monitor targets through ‘close access technical operations’.
It also suggests they question ‘Can we influence hotel choice? Can we cancel their visits?’
According to reports in Der Spiegel last year, British intelligence tapped the reservations systems of over 350 top hotels around the world for the past three years to set up the programme.
Using the GCHQ’s SIGINT (signal-intelligence) program it was used to spy on trade delegations, foreign diplomats, and other targets with a taste for the high life.
NBC news reported GCHQ would not comment on the newly published documents or on JTRIG’s operations.
In a statement it told them: ‘All of GCHQ’s work is carried out in accordance with a strict legal and policy framework,’ said the statement, ‘which ensure[s] that our activities are authorized, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee. All of our operational processes rigorously support this position.’
The NSA is preparing to seek court orders to compel wireless companies that currently do not hand over records to the government to do so, officials said. Patrick Semansky/AP
WASHINGTON (AP) — The National Security Agency collects less than 30 percent of calling data from Americans despite the agency’s massive daily efforts to sweep up the bulk of U.S. phone records, two U.S. newspapers reported Friday.
Citing anonymous officials and sources, The Washington Post and The Wall Street Journal both said the NSA’s phone data collection has had a steep drop-off since 2006. According to the newspapers, the government has been unable to keep pace since then with a national surge in cellphone usage and dwindling landline use by American consumers.
The Post said the NSA takes in less than 30 percent of all call data; the Journal said it is about or less than 20 percent. In either case, the figures are far below the amount of phone data collected in 2006, when the government extracted nearly all of U.S. calling records, both newspapers reported. NSA officials intend to press for court authorization to broaden their coverage of cellphone providers to return the government to near-total coverage of Americans’ calling data, the newspapers said.
The lowered estimates for the sweep of government surveillance would be significant because federal judges, members of government task forces and media accounts based on documents provided by NSA leaker Edward Snowden have all described the NSA’s bulk metadata collection as sweeping in millions of records from American phone users. Lowered estimates could be cited by officials to alleviate privacy and civil liberties fears, but they could also raise questions about the government’s rationale for the program — that the NSA’s use of all Americans’ phone records are critical in preventing potential terrorist plots.
National security officials have said that the collection of bulk data is essential to national security because it provides a massive pool of calling records and other metadata that NSA analysts can quickly search to pinpoint calling patterns showing evidence of potential terror threats. Congressional critics have pressed efforts to end the bulk phone data sweeps, and two panels of experts have urged President Barack Obama to end the program because they see little counter-terrorism value in the effort.
James Clapper, U.S. director of national intelligence. Photograph: Pablo Martinez Monsivais/AP
sm advantages and say the program intrudes on personal liberties.
Obama has committed to ending government storage of phone records but still wants the NSA to have full access to the data. NSA and DNI officials declined to confirm or discuss the reports.
Civil liberties groups said they were not reassured by the reports, saying the government still intends to gather phone records from all American users. ‘‘To accept their legal reasoning is to accept that they will eventually collect everything, even if they’re not doing so already,’’ said Jameel Jaffer, deputy legal director for the American Civil Liberties Union.
Verizon and AT&T said last December that they would provide figures this year on data requested by the government in law enforcement and intelligence investigations. But the Journal reported last year that several major cellphone entities including Verizon Wireless and T-Mobile were not part of the NSA’s bulk metadata collection. It is not clear why cellphone providers would not be covered by the NSA legal authority.
Intelligence officials are already moving to alter the structure of the phone surveillance program to conform to changes Obama ordered last month.
On Friday, Office of the Director of National Intelligence, or DNI, posted a government website appeal to private companies to develop ways for the government to continue its phone record searches without storing a massive inventory of phone data. The posting, on FedBizOpps.gov, said the DNI is ‘‘investigating whether existing commercially available capabilities can provide for a new approach to the government’s telephony metadata collection program.’’
The Associated Press reported last month that the DNI is already funding five research teams across the country in an effort to develop an encrypted search technique that could be used by the NSA to securely scan phone databanks held elsewhere.
In a related development, the secretive Foreign Intelligence Surveillance Court in Washington on Thursday authorized two major changes in the phone collection program that Obama committed to in January. The court agreed to require judicial approval for each internal NSA search of telephone data for terrorist connections and it will narrow the numbers of American phone users whose records can be scanned during each search, the DNI reported.
In the first instance, the NSA now must provide judges with ‘‘reasonable, articulable suspicion’’ for each search of phone data for terrorist connections. That hurdle can be lifted during national emergencies. And the court ruling now scales back the NSA’s use of a ‘‘three-hop’’ system in its searches — allowing the agency to scan the records of those in phone contact with a terror suspect and a second wave of people in touch with the first group, but no longer allowing searches of a third wave of phone contacts.
Chief Justice John Roberts on Friday named two new judges to the secret court. Roberts said that U.S. District Judges James E. Boasberg and Richard C. Tallman joined the court on Jan. 27. Boasberg was appointed by Obama, Tallman by President Bill Clinton. Their appointment will likely do little to dampen criticism that the majority of FISA judges picked by Roberts are Republicans.
Associated Press writer Frederic J. Frommer contributed to this report.
The Washington Post also reported heavily upon this story:
President continues to defend James Clapper in the face of calls for his resignation after ‘untruthful’ statement about bulk collection
By Spencer Ackerman
James Clapper, director of national intelligence, listens as he testifies on Capitol Hill in Washington this week. Photograph: Pablo Martinez Monsivais/AP
US president Barack Obama said his director of national intelligence James Clapper ought to have been “more careful” in Senate testimony about surveillance that Clapper later acknowledged was untruthful following disclosures by Edward Snowden.
But Obama signaled continued confidence in Clapper in the face of calls for the director to resign from members of Congress who warn of the dangerous precedent set by allowing an intelligence chief to lie to legislative bodies tasked with overseeing the powerful spy agencies.
“Jim Clapper himself would acknowledge, and has acknowledged, that he should have been more careful about how he responded,” Obama told CNN’s Jake Tapper in an interview that aired Friday.
Clapper has apologized to the Senate intelligence committee for testifying in March 2013 that the US government does “not wittingly” collect data on millions of Americans.
The answer was shown to have been untruthful when the Guardian published a top-secret court order from Snowden that showed the NSA was collecting the phone records of millions of US citizens.
In explaining his answer, the director first said he gave the “least untruthful” answer he could in an unclassified setting. Later he changed his story to say that he had forgotten about an authority claimed by the government under the Patriot Act to collect the records of every phone call sent and received in the United States.
But in his first iteration of his explanation, delivered to NBC’s Andrea Mitchell, Clapper suggested that he believed the question was an unfair “’when are you going to … stop beating your wife’ kind of question,” suggesting that he gave a deliberate answer to senator Ron Wyden.
Obama suggested he accepted Clapper’s initial explanation as an excuse for untruthful testimony.
“His concern was that he had a classified program that he couldn’t talk about and he was in an open hearing in which he was asked, he was prompted to disclose a program and so he felt that he was caught between a rock and a hard place,” Obama told Tapper.
“Subsequently, I think he’s acknowledged that he could have handled it better.”
Wyden has pushed back hard against the suggestion his question was unfair. His staff has pointed out that they informed Clapper’s office before the hearing that the senator would press the issue about bulk data collection, and asked afterward for Clapper’s staff to correct the record. No correction came.
Additionally, Wyden’s March 2013 question was spurred by a request from the senator for the NSA and Clapper’s office to publicly correct another misleading public statement in an unclassified setting, this one made by NSA director Keith Alexander in July 2012 to the Def Con hacker conference in Las Vegas.
“I will tell you that those who would want to weave the story that we have millions or hundreds of millions of dossiers on people is absolutely false,” Alexander said in response to a moderator question.
For months afterward, in letters to the NSA and to Clapper’s office, Wyden sought a public correction, since as a member of the Senate intelligence committee, Wyden was aware that the NSA was collecting the records of every domestic phone call on a daily basis. Members of the committee are prevented by classification rules from disclosing what they learn in closed session.
At the most recent Senate intelligence committee hearing this week, Wyden again pushed Clapper on the untruthful statements. He said Americans’ trust in the intelligence agencies “has been seriously undermined by senior officials’ reckless reliance on secret interpretations of the law and battered by years of misleading and deceptive statements that senior officials made to the American people. These statements did not protect sources and methods that were useful in fighting terror. Instead, they hid bad policy choices and violations of the liberties of the American people.”
Clapper’s lawyer, Robert Litt, wrote a letter to the New York Times editorial board earlier this month about the incident, denying that Clapper lied.
“I spoke with a staffer for Senator Wyden several days later and told him that although Mr Clapper recognized that his testimony was inaccurate, it could not be corrected publicly because the program involved was classified,” Litt wrote earlier this month.
Although Clapper’s defenders have said the director could not have requested to answer Wyden in closed session, lest he appear to tacitly confirm a classified program, that was the approach Clapper took during his testimony to the intelligence panel this week.
Clapper told Wyden that he would respond in closed session to questions on the NSA’s collection of data in transit across the global communications infrastructure and on whether the agency has ever exercised an authority it “sought and obtained” to conduct warrantless searches on “specific” Americans’ identifying information in its databases of foreign internet communications.
“I think at a threat hearing, I would prefer not to discuss this, and have this as a separate subject,” Clapper said.
“This committee can’t do oversight if we can’t get direct answers,” Wyden said, ultimately receiving a commitment for a public answer from Clapper within 30 days.
While Clapper’s job has been safe for months, six members of the House of Representatives wrote to Obama on Monday calling for the director’s resignation.
Clapper’s continued service is “incompatible with the goal of restoring trust in our security programs and ensuring the highest level of transparency,” wrote the congressmen led by Representative Darrell Issa, a California Republican who chairs the oversight and government reform committee, and who is a fervent administration critic.
“I am actually confident that we can continue to have the best intelligence service in the world, but win back the confidence of both the American people, as well as folks overseas,” Obama told Tapper.
US and UK spy agencies piggyback on commercial data
Details can include age, location and sexual orientation
Documents also reveal targeted tools against individual phones
By James Ball
GCHQ documents use Angry Birds – reportedly downloaded more than 1.7bn times – as a case study for app data collection.
The National Security Agency and its UK counterpart GCHQ have been developing capabilities to take advantage of “leaky” smartphone apps, such as the wildly popular Angry Birds game, that transmit users’ private information across the internet, according to top secret documents.
The data pouring onto communication networks from the new generation of iPhone and Android apps ranges from phone model and screen size to personal details such as age, gender and location. Some apps, the documents state, can share users’ most sensitive information such as sexual orientation – and one app recorded in the material even sends specific sexual preferences such as whether or not the user may be a swinger.
Many smartphone owners will be unaware of the full extent this information is being shared across the internet, and even the most sophisticated would be unlikely to realise that all of it is available for the spy agencies to collect.
Dozens of classified documents, provided to the Guardian by whistleblower Edward Snowden and reported in partnership with the New York Times and ProPublica, detail the NSA and GCHQ efforts to piggyback on this commercial data collection for their own purposes.
Scooping up information the apps are sending about their users allows the agencies to collect large quantities of mobile phone data from their existing mass surveillance tools – such as cable taps, or from international mobile networks – rather than solely from hacking into individual mobile handsets.
Exploiting phone information and location is a high-priority effort for the intelligence agencies, as terrorists and other intelligence targets make substantial use of phones in planning and carrying out their activities, for example by using phones as triggering devices in conflict zones. The NSA has cumulatively spent more than $1bn in its phone targeting efforts.
The disclosures also reveal how much the shift towards smartphone browsing could benefit spy agencies’ collection efforts.
One slide from a May 2010 NSA presentation on getting data from smartphones – breathlessly titled “Golden Nugget!” – sets out the agency’s “perfect scenario”: “Target uploading photo to a social media site taken with a mobile device. What can we get?”
The question is answered in the notes to the slide: from that event alone, the agency said it could obtain a “possible image”, email selector, phone, buddy lists, and “a host of other social working data as well as location”.
In practice, most major social media sites, such as Facebook and Twitter, strip photos of identifying location metadata (known as EXIF data) before publication. However, depending on when this is done during upload, such data may still, briefly, be available for collection by the agencies as it travels across the networks.
Depending on what profile information a user had supplied, the documents suggested, the agency would be able to collect almost every key detail of a user’s life: including home country, current location (through geolocation), age, gender, zip code, martial status – options included “single”, “married”, “divorced”, “swinger” and more – income, ethnicity, sexual orientation, education level, and number of children.
The agencies also made use of their mobile interception capabilities to collect location information in bulk, from Google and other mapping apps. One basic effort by GCHQ and the NSA was to build a database geolocating every mobile phone mast in the world – meaning that just by taking tower ID from a handset, location information could be gleaned.
A more sophisticated effort, though, relied on intercepting Google Maps queries made on smartphones, and using them to collect large volumes of location information.
So successful was this effort that one 2008 document noted that “[i]t effectively means that anyone using Google Maps on a smartphone is working in support of a GCHQ system.”
The information generated by each app is chosen by its developers, or by the company that delivers an app’s adverts. The documents do not detail whether the agencies actually collect the potentially sensitive details some apps are capable of storing or transmitting, but any such information would likely qualify as content, rather than metadata.
Data collected from smartphone apps is subject to the same laws and minimisation procedures as all other NSA activity – procedures that the US president, Barack Obama, suggested may be subject to reform in a speech 10 days ago. But the president focused largely on the NSA’s collection of the metadata from US phone calls and made no mention in his address of the large amounts of data the agency collects from smartphone apps.
The latest disclosures could also add to mounting public concern about how the technology sector collects and uses information, especially for those outside the US, who enjoy fewer privacy protections than Americans. A January poll for the Washington Post showed 69% of US adults were already concerned about how tech companies such as Google used and stored their information.
The documents do not make it clear how much of the information that can be taken from apps is routinely collected, stored or searched, nor how many users may be affected. The NSA says it does not target Americans and its capabilities are deployed only against “valid foreign intelligence targets”.
The documents do set out in great detail exactly how much information can be collected from widely popular apps. One document held on GCHQ’s internal Wikipedia-style guide for staff details what can be collected from different apps. Though it uses Android apps for most of its examples, it suggests much of the same data could be taken from equivalent apps on iPhone or other platforms.
The GCHQ documents set out examples of what information can be extracted from different ad platforms, using perhaps the most popular mobile phone game of all time, Angry Birds – which has reportedly been downloaded more than 1.7bn times – as a case study.
From some app platforms, relatively limited, but identifying, information such as exact handset model, the unique ID of the handset, software version, and similar details are all that are transmitted.
Other apps choose to transmit much more data, meaning the agency could potentially net far more. One mobile ad platform, Millennial Media, appeared to offer particularly rich information. Millennial Media’s website states it has partnered with Rovio on a special edition of Angry Birds; with Farmville maker Zynga; with Call of Duty developer Activision, and many other major franchises.
Rovio, the maker of Angry Birds, said it had no knowledge of any NSA or GCHQ programs looking to extract data from its apps users.
“Rovio doesn’t have any previous knowledge of this matter, and have not been aware of such activity in 3rd party advertising networks,” said Saara Bergström, Rovio’s VP of marketing and communications. “Nor do we have any involvement with the organizations you mentioned [NSA and GCHQ].”
Millennial Media did not respond to a request for comment.
In December, the Washington Post reported on how the NSA could make use of advertising tracking files generated through normal internet browsing – known as cookies – from Google and others to get information on potential targets.
However, the richer personal data available to many apps, coupled with real-time geolocation, and the uniquely identifying handset information many apps transmit give the agencies a far richer data source than conventional web-tracking cookies.
“They are gathered in bulk, and are currently our single largest type of events,” the document stated.
The ability to obtain targeted intelligence by hacking individual handsets has been well documented, both through several years of hacker conferences and previous NSA disclosures in Der Spiegel, and both the NSA and GCHQ have extensive tools ready to deploy against iPhone, Android and other phone platforms.
GCHQ’s targeted tools against individual smartphones are named after characters in the TV series The Smurfs. An ability to make the phone’s microphone ‘hot’, to listen in to conversations, is named “Nosey Smurf”. High-precision geolocation is called “Tracker Smurf”, power management – an ability to stealthily activate an a phone that is apparently turned off – is “Dreamy Smurf”, while the spyware’s self-hiding capabilities are codenamed “Paranoid Smurf”.
Those capability names are set out in a much broader 2010 presentation that sheds light on spy agencies’ aspirations for mobile phone interception, and that less-documented mass-collection abilities.
The cover sheet of the document sets out the team’s aspirations:
Another slide details weak spots in where data flows from mobile phone network providers to the wider internet, where the agency attempts to intercept communications. These are locations either within a particular network, or international roaming exchanges (known as GRXs), where data from travellers roaming outside their home country is routed.
These are particularly useful to the agency as data is often only weakly encrypted on such networks, and includes extra information such as handset ID or mobile number – much stronger target identifiers than usual IP addresses or similar information left behind when PCs and laptops browse the internet.
The NSA said its phone interception techniques are only used against valid targets, and are subject to stringent legal safeguards.
“The communications of people who are not valid foreign intelligence targets are not of interest to the National Security Agency,” said a spokeswoman in a statement.
“Any implication that NSA’s foreign intelligence collection is focused on the smartphone or social media communications of everyday Americans is not true. Moreover, NSA does not profile everyday Americans as it carries out its foreign intelligence mission. We collect only those communications that we are authorized by law to collect for valid foreign intelligence and counterintelligence purposes – regardless of the technical means used by the targets.
“Because some data of US persons may at times be incidentally collected in NSA’s lawful foreign intelligence mission, privacy protections for US persons exist across the entire process concerning the use, handling, retention, and dissemination of data. In addition, NSA actively works to remove extraneous data, to include that of innocent foreign citizens, as early as possible in the process.
“Continuous and selective publication of specific techniques and tools lawfully used by NSA to pursue legitimate foreign intelligence targets is detrimental to the security of the United States and our allies – and places at risk those we are sworn to protect.”
The NSA declined to respond to a series of queries on how routinely capabilities against apps were deployed, or on the specific minimisation procedures used to prevent US citizens’ information being stored through such measures.
GCHQ declined to comment on any of its specific programs, but stressed all of its activities were proportional and complied with UK law.
“It is a longstanding policy that we do not comment on intelligence matters,” said a spokesman.
“Furthermore, all of GCHQ’s work is carried out in accordance with a strict legal and policy framework that ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee. All our operational processes rigorously support this position.”
• A separate disclosure on Wednesday, published by Glenn Greenwald and NBC News, gave examples of how GCHQ was making use of its cable-tapping capabilities to monitor YouTube and social media traffic in real-time.
GCHQ’s cable-tapping and internet buffering capabilities , codenamed Tempora, were disclosed by the Guardian in June, but the new documents published by NBC from a GCHQ presentation titled “Psychology: A New Kind of SIGDEV” set out a program codenamed Squeaky Dolphin which gave the British spies “broad real-time monitoring” of “YouTube Video Views”, “URLs ‘Liked’ on Facebook” and “Blogspot/Blogger Visits”.
A further slide noted that “passive” – a term for large-scale surveillance through cable intercepts – give the agency “scalability”.
The means of interception mean GCHQ and NSA could obtain data without any knowledge or co-operation from the technology companies. Spokespeople for the NSA and GCHQ told NBC all programs were carried out in accordance with US and UK law.
When a smartphone user opens Angry Birds, the popular game application, and starts slinging birds at chortling green pigs, spies may be lurking in the background to snatch data revealing the player’s location, age, sex and other personal information, according to secret British intelligence documents.
In their globe-spanning surveillance for terrorism suspects and other targets, the National Security Agency and its British counterpart have been trying to exploit a basic byproduct of modern telecommunications: With each new generation of mobile phone technology, ever greater amounts of personal data pour onto networks where spies can pick it up.
According to dozens of previously undisclosed classified documents, among the most valuable of those unintended intelligence tools are so-called leaky apps that spew everything from users’ smartphone identification codes to where they have been that day.
The N.S.A. and Britain’s Government Communications Headquarters were working together on how to collect and store data from dozens of smartphone apps by 2007, according to the documents, provided by Edward J. Snowden, the former N.S.A. contractor. Since then, the agencies have traded recipes for grabbing location and planning data when a target uses Google Maps, and for vacuuming up address books, buddy lists, phone logs and the geographic data embedded in photos when someone sends a post to the mobile versions of Facebook, Flickr, LinkedIn, Twitter and other services.
The eavesdroppers’ pursuit of mobile networks has been outlined in earlier reports, but the secret documents, shared by The New York Times, The Guardian and ProPublica, offer far more details of their ambitions for smartphones and the apps that run on them. The efforts were part of an initiative called “the mobile surge,” according to a 2011 British document, an analogy to the troop surges in Iraq and Afghanistan. One N.S.A. analyst’s enthusiasm was evident in the breathless title — “Golden Nugget!” — given to one slide for a top-secret 2010 talk describing iPhones and Android phones as rich resources, one document notes.
The scale and the specifics of the data haul are not clear. The documents show that the N.S.A. and the British agency routinely obtain information from certain apps, particularly some of those introduced earliest to cellphones. With some newer apps, including Angry Birds, the agencies have a similar capability, the documents show, but they do not make explicit whether the spies have put that into practice. Some personal data, developed in profiles by advertising companies, could be particularly sensitive: A secret 2012 British intelligence document says that spies can scrub smartphone apps that contain details like a user’s “political alignment” and sexual orientation.
President Obama announced new restrictions this month to better protect the privacy of ordinary Americans and foreigners from government surveillance, including limits on how the N.S.A. can view “metadata” of Americans’ phone calls — the routing information, time stamps and other data associated with calls. But he did not address the avalanche of information that the intelligence agencies get from leaky apps and other smartphone functions.
And while he expressed concern about advertising companies that collect information on people to send tailored ads to their mobile phones, he offered no hint that American spies routinely seize that data. Nothing in the secret reports indicates that the companies cooperate with the spy agencies to share the information; the topic is not addressed.
The agencies have long been intercepting earlier generations of cellphone traffic like text messages and metadata from nearly every segment of the mobile network — and, more recently, computer traffic running on Internet pipelines. Because those same networks carry the rush of data from leaky apps, the agencies have a ready-made way to collect and store this new resource. The documents do not address how many users might be affected, whether they include Americans, or how often, with so much information collected automatically, analysts would see personal data.
“N.S.A. does not profile everyday Americans as it carries out its foreign intelligence mission,” the agency said in a written response to questions about the program. “Because some data of U.S. persons may at times be incidentally collected in N.S.A.’s lawful foreign intelligence mission, privacy protections for U.S. persons exist across the entire process.” Similar protections, the agency said, are in place for “innocent foreign citizens.”
The British spy agency declined to comment on any specific program, but said all its activities complied with British law.
Two top-secret flow charts produced by the British agency in 2012 show incoming streams of information skimmed from smartphone traffic by the Americans and the British. The streams are divided into “traditional telephony” — metadata — and others marked “social apps,” “geo apps,” “http linking,” webmail, MMS and traffic associated with mobile ads, among others. (MMS refers to the mobile system for sending pictures and other multimedia, and http is the protocol for linking to websites.)
In charts showing how information flows from smartphones into the agency’s computers, analysts included questions to be answered by the data, including “Where was my target when they did this?” and “Where is my target going?”
As the program accelerated, the N.S.A. nearly quadrupled its budget in a single year, to $767 million in 2007 from $204 million, according to a top-secret Canadian analysis written around the same time.
Even sophisticated users are often unaware of how smartphones offer a unique opportunity for one-stop shopping for information about them. “By having these devices in our pockets and using them more and more,” said Philippe Langlois, who has studied the vulnerabilities of mobile phone networks and is the founder of the Paris-based company Priority One Security, “you’re somehow becoming a sensor for the world intelligence community.”
Smartphones almost seem to make things too easy. Functioning as phones — making calls and sending texts — and as computers — surfing the web and sending emails — they generate and also rely on data. One secret report shows that just by updating Android software, a user sent more than 500 lines of data about the phone’s history and use onto the network.
Such information helps mobile ad companies, for example, create detailed profiles of people based on how they use their mobile device, where they travel, what apps and websites they open, and other factors. Advertising firms might triangulate web shopping data and browsing history to guess whether someone is wealthy or has children, for example.
The N.S.A. and the British agency busily scoop up this data, mining it for new information and comparing it with their lists of intelligence targets.
One secret 2010 British document suggests that the agencies collect such a huge volume of “cookies” — the digital traces left on a mobile device or a computer when a target visits a website — that classified computers were having trouble storing it all.
“They are gathered in bulk, and are currently our single largest type of events,” the document says.
The two agencies displayed a particular interest in Google Maps, which is accurate to within a few yards or better in some locations. Intelligence agencies collect so much data from the app that “you’ll be able to clone Google’s database” of global searches for directions, according to a top-secret N.S.A. report from 2007.
“It effectively means that anyone using Google Maps on a smartphone is working in support of a G.C.H.Q. system,” a secret 2008 report by the British agency says.
(In December, The Washington Post, citing the Snowden documents, reported that the N.S.A. was using metadata to track cellphone locations outside the United States and was using ad cookies to connect Internet addresses with physical locations.)
In another example, a secret 20-page British report dated 2012 includes the computer code needed for plucking the profiles generated when Android users play Angry Birds. The app was created by Rovio Entertainment, of Finland, and has been downloaded more than a billion times, the company has said.
Rovio drew public criticism in 2012 when researchers claimed that the app was tracking users’ locations and gathering other data and passing it to mobile ad companies. In a statement on its website, Rovio says that it may collect its users’ personal data, but that it abides by some restrictions. For example, the statement says, “Rovio does not knowingly collect personal information from children under 13 years of age.”
The secret report noted that the profiles vary depending on which of the ad companies — which include Burstly and Google’s ad services, two of the largest online advertising businesses — compiles them. Most profiles contain a string of characters that identifies the phone, along with basic data on the user like age, sex and location. One profile notes whether the user is currently listening to music or making a call, and another has an entry for household income.
Google declined to comment for this article, and Burstly did not respond to multiple requests for comment. Saara Bergstrom, a Rovio spokeswoman, said that the company had no knowledge of the intelligence programs. “Nor do we have any involvement with the organizations you mentioned,” Ms. Bergstrom said, referring to the N.S.A. and the British spy agency.
Another ad company creates far more intrusive profiles that the agencies can retrieve, the report says. The apps that generate those profiles are not identified, but the company is named as Millennial Media, which has its headquarters in Baltimore.
In securities filings, Millennial documented how it began working with Rovio in 2011 to embed ad services in Angry Birds apps running on iPhones, Android phones and other devices.
According to the report, the Millennial profiles contain much of the same information as the others, but several categories listed as “optional,” including ethnicity, marital status and sexual orientation, suggest that much wider sweeps of personal data may take place.
Millennial Media declined to comment for this article.
Possible categories for marital status, the secret report says, include single, married, divorced, engaged and “swinger”; those for sexual orientation are straight, gay, bisexual and “not sure.” It is unclear whether the “not sure” category exists because so many phone apps are used by children, or because insufficient data may be available.
There is no explanation of precisely how the ad company defined the categories, whether users volunteered the information, or whether the company inferred it by other means. Nor is there any discussion of why all that information would be useful for marketing — or intelligence.
The agencies have had occasional success — at least by their own reckoning — when they start with something closer to a traditional investigative tip or lead. The spies say that tracking smartphone traffic helped break up a bomb plot by Al Qaeda in Germany in 2007, and the N.S.A. bragged that to crack the plot, it wove together mobile data with emails, log-ins and web traffic. Similarly, mining smartphone data helped lead to arrests of members of a drug cartel hit squad for the 2010 murder of an employee of an American Consulate in Mexico.
But the data, whose volume is soaring as mobile devices have begun to dominate the technological landscape, is a crushing amount of information for the spies to sift through. As smartphone data builds up in N.S.A. and British databases, the agencies sometimes seem a bit at a loss on what to do with it all, the documents show. A few isolated experiments provide hints as to how unwieldy it can be.
In 2009, the American and British spy agencies each undertook a brute-force analysis of a tiny sliver of their cellphone databases. Crunching just one month of N.S.A. cellphone data, a secret report said, required 120 computers and turned up 8,615,650 “actors” — apparently callers of interest. A similar run using three months of British data came up with 24,760,289 actors.
“Not necessarily straightforward,” the report said of the analysis. The agencies’ extensive computer operations had trouble sorting through the slice of data. Analysts were “dealing with immaturity,” the report said, encountering computer memory and processing problems. The report made no mention of anything suspicious in the enormous lumps of data.