The NSA is on the line -- all of them
An intelligence expert predicts we'll soon learn that cellphone and Internet companies also cooperated with the National Security Agency to eavesdrop on us.

By Kim Zetter

May 15, 2006 | When intelligence historian Matthew Aid read the USA Today story last Thursday about how the National Security Agency was collecting millions of phone call records from AT&T, Bell South and Verizon for a widespread domestic surveillance program designed to root out possible terrorist activity in the United States, he had to wonder whether the date on the newspaper wasn't 1976 instead of 2006.

Aid, a visiting fellow at George Washington University's National Security Archive, who has just completed the first book of a three-volume history of the NSA, knew the nation's bicentennial marked the year when secrets surrounding another NSA domestic surveillance program, code-named Project Shamrock, were exposed. As fireworks showered New York Harbor that year, the country was debating a three-decades-long agreement between Western Union and other telecommunications companies to surreptitiously supply the NSA, on a daily basis, with all telegrams sent to and from the United States. The similarity between that earlier program and the most recent one is remarkable, with one exception -- the NSA now owns vastly improved technology to sift through and mine massive amounts of data it has collected in what is being described as the world's single largest database of personal information. And, according to Aid, the mining goes far beyond our phone lines.

The controversy over Project Shamrock in 1976 ultimately led Congress to pass the 1978 Foreign Intelligence Surveillance Act and other privacy and communication laws designed to prevent commercial companies from working in cahoots with the government to conduct wholesale secret surveillance on their customers. But as stories revealed last week, those safeguards had little effect in preventing at least three telecommunications companies from repeating history.

Aid, who co-edited a book in 2001 on signals intelligence during the Cold War, spent a decade conducting more than 300 interviews with former and current NSA employees for his new history of the agency, the first volume of which will be published next year. Jeffrey Richelson, a senior fellow at the National Security Archive, calls Aid the top authority on the NSA, alongside author James Bamford.

Aid spoke with Salon about how the NSA has learned to maneuver around Congress and the Department of Justice to get what it wants. He compared the agency's current data mining to Project Shamrock and Echelon, the code name for an NSA computer system that for many years analyzed satellite communication signals outside the U.S., and generated its own controversy when critics claimed that in addition to eavesdropping on enemy communication, the satellites were eavesdropping on allies' domestic phone and e-mail conversations. Aid also spoke about the FBI's Carnivore program, designed to "sniff" e-mail traveling through Internet service providers for communication sent to and from criminal suspects, and how the NSA replaced the FBI as the nation's domestic surveillance agency after 9/11.

Having studied the NSA and its history extensively, were you surprised and concerned to discover that, since 2001, the agency has been amassing a database of phone records, and possibly other information, on U.S. citizens?

The fact that the federal government has my phone records scares the living daylights out of me. They won't learn much from them other than I like ordering pizza on Friday night and I don't call my mother as often as I should. But it should scare the living daylights out of everybody, even if you're willing to permit the government certain leeways to conduct the war on terrorism.

We should be terrified that Congress has not been doing its job and because all of the checks and balances put in place to prevent this have been deliberately obviated. In order to get this done, the NSA and White House went around all of the checks and balances. I'm convinced that 20 years from now we, as historians, will be looking back at this as one of the darkest eras in American history. And we're just beginning to sort of peel back the first layers of the onion. We're hoping against hope that it's not as bad as I suspect it will be, but reality sets in every time a new article is published and the first thing the Bush administration tries to do is quash the story. It's like the lawsuit brought by EFF [Electronic Frontier Foundation] against AT&T -- the government's first reaction was to try to quash the lawsuit. That ought to be a warning sign that they're on to something.

I'll tell you where this story probably will go next. Notice the USA Today article doesn't mention whether the Internet service providers or cellphone providers or companies operating transatlantic cables like Global Crossing cooperated with the NSA. That's the next round of revelations. The real vulnerabilities for the NSA are the companies. Sooner or later one of these companies, fearing the inevitable lawsuit from the ACLU, is going to admit what it did, and the whole thing is going to come tumbling down. If you want some historical perspective look at Operation Shamrock, which collapsed in 1975 because [Rep.] Bella Abzug [D-NY] subpoenaed the heads of Western Union and the other telecommunications giants and put them in witness chairs, and they all admitted that they had cooperated with the NSA for the better part of 40 years by supplying cables and telegrams.

The newest system being added to the NSA infrastructure, by the way, is called Project Trailblazer, which was initiated in 2002 and which was supposed to go online about now but is fantastically over budget and way behind schedule. Trailblazer is designed to copy the new forms of telecommunications -- fiber optic cable traffic, cellphone communication, BlackBerry and Internet e-mail traffic.

Were you really surprised to learn recently that the NSA was eavesdropping on phone calls, as the New York Times reported last December? I think most people assumed, or at least suspected, that the government had been monitoring some domestic conversations for years after the Echelon program was revealed. Echelon, though never confirmed by the government, was described as a global surveillance system that had the ability to intercept every phone, fax and e-mail conversation around the world.

I think it was generally assumed that when I heard breathing on the other end of the phone, it was the FBI and not the NSA listening in.

Since [the movie] "Enemy of the State" came out, everybody has assumed that the NSA had the ability to turn its antennas around and monitor us in the U.S. as much as they did anybody else. But I honestly believe that prior to 9/11, the NSA was not engaged in any domestic work at all. Then 9/11 changed the entire equation, and Congress, in its rush to prove how patriotic it was, passed the Patriot Act, which gave the government unlimited powers to conduct surveillance in the US. Basic freedoms were abridged.

Echelon, in fact, is nothing more than a VAX microcomputer that was manufactured in the early 1970s by Control Data Corp. in St. Paul, Minn., and was used at six satellite intercept stations [to filter and sort data collected from the satellites and distribute it to analysts]. The computer has long since been obsolete. Since 9/11, whatever plans in place to modernize Echelon have been put on hold. The NSA does in fact have a global intercept network, but they just call it the intercept collection infrastructure. They don't have a code name or anything sexy to describe it, and it didn't do domestic spying.

In 1988 Duncan Campbell, a U.K. journalist, wrote an article for the New Statesman based on an interview with a Lockheed Martin employee named Margaret Newsham, who had worked at an NSA satellite listening station in England. She claimed the NSA was eavesdropping on U.S. phone conversations back then and that she herself had eavesdropped on a conversation involving Senator Strom Thurmond. The stories reported then were that the NSA did have the ability to eavesdrop globally on conversations and was doing so domestically.

I'm not sure what she heard, but I can tell you the NSA was not listening to domestic calls -- they were testing the system at the time that [Newsham] was in England, so while playing with the receiver they may have scrolled over some signals, but the system was not yet operational. Lockheed was in the process of installing the brand new processing stations and Newsham was sent to help put it in place. I asked a number of NSA people about this and they said their main focus at the time was the Soviet Union, with a minor focus on the Middle East. They had no U.S. intercept function whatsoever. If there was domestic work being done in the U.S., it was mostly being done by the FBI and not the NSA.

It's true that some elements in the NSA really wanted to loosen the restrictions imposed by FISA but were told it's the law of the land. And we can't go to Congress and ask that the FISA statute be modified to allow the NSA to engage in domestic work. The assumption was that the Justice Department would never agree to it.

Judging by the USA Today article last week they found a way to get around those FISA restrictions and the Justice Department.

The USA Today article doesn't cover how the NSA convinced all of the phone companies to cooperate. Did General Hayden [former NSA director and current nominee to run the CIA] pick up the phone and call the CEOs? Or were they presented with National Security letters saying you will turn over all your records to us and keep it quiet within your organization? But it does seem clear that the Justice Department was excluded from all of this, or at least the parts of the Justice Department that would normally have some oversight over this. For example, they didn't refer the case down to the Civil Rights Division for their approval. They kept the number of people within the Justice Department who had knowledge of the program to a small number of people. I think they feared that if they passed it down to other departments that might have some purview over the program they might have encountered a stream of objections.

It's all coming out now in dribs and drabs, but when it all becomes clear, we'll find out that the key oversight functions -- those functions that were put in place to protect the rights of Americans -- were deliberately circumvented. Key components of the Justice Department that would have rightly objected to this were never consulted or told about the program. Alberto Gonzales when he was the White House counsel knew about it, as did Attorney General Ashcroft and his deputy, but outside of that I don't think there were many others who knew all the details.

According to President Bush, there were apparently some members of Congress who knew about the program.

They can claim that they briefed individual members of Congress but there's a difference between briefing a few members of Congress and briefing a full committee. Only a few members of the intelligence committee were told and they were told in a way in which they couldn't do anything about it. And the briefings were very general and lacking in specifics, as I understand.

What happens is that you're [privately] briefed about the program, and then even if you object to the program, you can't do anything about it because you can't tell the whole committee. Our system only works when information is given to the full committee. But the way they did it effectively handcuffed any opposition because you can't go to the full committee and say I object to this program and we ought to call some hearings and examine the legalistic background and justification for the program. Even if Senator Rockefeller or Congresswoman Pelosi had some issues with it, they couldn't even tell their own staff, much less other members of the committee. They deliberately did it this way so the intelligence committees couldn’t do anything about it.

Who's the person running the NSA's data collection program?

James M. Cusick, assistant deputy director of the NSA for data acquisition. He's Mr. Data Acquisition. He's the specialist in charge of building collection systems that can acquire vast amounts of data, and his unit is the one that is running this program.

Do you think such a program could be effective at catching terrorists?

To the best of my knowledge, in the five years in which the program has been running, it has not caught a single person.

How did we go from having the FBI doing domestic surveillance to having the NSA serve that function? How was the decision made?

The FBI is in a state of shell shock after 9/11. They've become so risk-averse. They've been criticized so many times, for the right reasons, that they're terrified of doing their job anymore. So the White House felt they'd become rather leaky and creaky.

Also, the FBI had to get approval from the attorney general for every tap it used. I've been told on fairly good authority that the reason the FBI's Carnivore telecommunications surveillance program was not used in the fashion that the NSA system has been after 9/11 was because it would require the written consent of the attorney general and the Civil Rights and Criminal Divisions of the Justice Department, any one of which could have scuttled the program. That's a prospect worse than the FISA court, as far as the White House is concerned. So the White House decided to abandon the FBI in favor of an agency that had not done any domestic work since 1975. As a result, the NSA had to spend billions of dollars constructing a system that it didn't have the capability to construct prior to 2001, which may explain why some NSA veterans I talked to say that some parts of the NSA are now short of money.

Do you know how much the NSA has spent on its phone record data collection project?

No. I don't even think the people who have been briefed on the program on Capitol Hill know how the money is being used. Each year the House and Senate intelligence committees pass, by oral vote, the money for the entire intelligence community. Then they pray like the dickens that these people are spending it wisely and properly. It will come as no surprise to anyone that Congress has basically abrogated its responsibility for overseeing the national security establishment of the NSA. And you can't blame one party over the other. It's my experience that many senior ranking Democrats on these committees are also not doing their job for one reason or another.