SlashGear 101: PRISM, FISA, and the modern NSA

Jun 16, 2013
11

Since the beginning of June, the public has been privy to an ever-expanding flower of information springing from the NSA tagged with the code name PRISM. This keyword is attached to a program that whistleblower Edward Snowden is said to have been the sole leaker of for reports leading to the Guardian story on the GCHQ and the Washington Post story on the NSA. What lies beneath is a story on the expanding abilities of the NSA beyond their original bounds in international surveillance.

NSA origins: Foreign Intelligence Surveillance Act (FISA) 1978

According to a report posted by the Associated Press, PRISM (aka code-name US-98XN) can be traced back to the "Protect America Act" of 2007, the "Terrorist Surveillance Program" (initiated soon after September 11th, 2001) before that, and the NSA'a ability to tap foreign cables - phone and internet traffic - since its inception in 1952.

The letters NSA stand for National Security Agency, a group formed to be a cryptologic intelligence agency for the USA's defense department aimed at collecting intelligence on foreign entities. Since the undersea internet cables that connect the world were installed, the NSA has been monitoring internet activity going in and out of the USA (as long as it didn't involve US citizens) as well as phone signals.

Logo-580x2901

The NSA's ability to conduct foreign intelligence surveillance begins with the Foreign Intelligence Surveillance Act of 1978. Especially and specifically with the segment titled "ELECTRONIC SURVEILLANCE", aka Section 702, the NSA's road to both international and national surveillance begins.

"Notwithstanding any other law, the President, through the Attorney General, may authorize electronic surveillance without a court order under this subchapter to acquire foreign intelligence information for periods of up to one year if the Attorney General certifies in writing under oath that ... there is no substantial likelihood that the surveillance will acquire the contents of any communication to which a United States person is a party." - FISA

You'll also want to see the section regarding targets outside the USA. "Procedures for targeting certain persons outside the United States other than United States persons."

"The Attorney General and the Director of National Intelligence may authorize jointly, for a period of up to 1 year from the effective date of the authorization, the targeting of persons reasonably believed to be located outside the United States to acquire foreign intelligence information." - FISA

This bit is joined by several limitations, one of which is:

"... may not intentionally acquire any communication as to which the sender and all intended recipients are known at the time of the acquisition to be located in the United States" - FISA

September 11, 2001 and the Terrorist Surveillance Program

Until 2001, the NSA was not allowed to run surveillance on domestic phone signals or internet signals. According to a document titled Prepared Satement of Hon. Alberto R. Golzales, Attorney General of the United States, released February 6th, 2006, it was not long after September 11th, 2001, that what was generally referred to as "the terrorist surveillance program" was in place.

Gonzales notes that this program was put in place as early as September 20th, 2001 as then-President George W. Bush addressed a Joint Session of Congress, speaking the following:

“[W]e will direct every resource at our command—every means of diplomacy, every tool of intelligence, every tool of law enforcement, every financial influence, and every weapon of war—to the disruption of and to the defeat of the global terror network.” - George W Bush

Gonzales made clear that Bush was not just referring to the expansion of the abilities of the US governments' intelligence agencies with this new terrorist surveillance program, but that it was just one of a series of the possibilities the President listed.

"The terrorist surveillance program described by the President is one such tool and one indispensable aspect of this defense of our Nation." - Gonzales

This same report suggests that because the attackers running the September 11th, 2001 terrorist attacks were "in our country, living in our communities", the President's "constitutional powers", even in "ordinary times", include "the authority to conduct warrantless surveillance aimed at detecting and preventing armed attacks on the United States."

September 18th, 2001: Authorization for Use of Military Force

In addition, September the 18th saw congress enact "Authorization for Use of Military Force" (Pub. L. No. 107-40, 115 Stat. 224) also known as AUMF. The NSA uses the language “use all necessary and appropriate force against those nations, organizations, or persons he [the President] determines planned, authorized, committed, or aided the terrorist attacks” to push past FISA limits which expressly forbid surveillance without court order of any communication inside the United States.

Again according to Gonzales, the terrorist surveillance program does not limit itself to communications outside the United States. Instead it's fully aware of its ability to monitor any communication just so long as one side or the other is outside of the USA and one side or the other - or both - are part of al Qaeda or "an affiliated terrorist organization."

"The terrorist surveillance program targets communications where one party to the communication is outside the U.S. and the government has “reasonable grounds to believe” that at least one party to the communication is a member or agent of al Qaeda, or an affiliated terrorist organization." - Gonzales

Protect America Act of 2007: warrantless wiretapping made public

Fast forward to 2007 where President George W Bush supposedly did away with its wiretapping program through the so-called terrorist surveillance program in favor of the Protect America Act. This act is - in writing - an amendment to FISA to "provide additional procedures for authorizing certain acquisitions of foreign intelligence information." It essentially allowed the NSA to continue warrantless intelligence gathering to continue - both outside of the USA and with one half of a malicious conversation being inside the USA - while the NSA would have to speak with a secret court in Washington as they continued their wiretapping action into the future.

The Protect America Act took what was a secret bolstering of the abilities of the NSA during what was back in 2001 a bit more of a "wartime" situation and gave them a completely out-in-the-open legal standing signed into law by congress.

According to The Washington Post, President George W. Bush also signed a directive in January of 2008 that expanded the intelligence agency community's ability to monitor internet traffic. This classified directive was, as editor Ellen Nakashima put it, "to protect against a rising number of attacks on federal agencies' computer systems."

"The directive, whose content is classified, authorizes the intelligence agencies, in particular the National Security Agency, to monitor the computer networks of all federal agencies -- including ones they have not previously monitored." - Nakashima

Edward Snowden and PRISM

It was June 6th, 2013 that the two PRISM-related leaks first appeared in the press (as mentioned at the head of this article). On June 15th, 2013, the Associated Press released a story quoting

They're also suggesting that two of the most recently popular data-collection programs run by the NSA have "thwarted potential terrorist plots in the U.S. and more than 20 other countries." They've tipped the idea that "gathered data" is broken apart and destroyed after being archived for five years.

As mentioned and sourced earlier in this article, the AP suggests the code "US-98XN" to be attached to the program we're understanding to be called PRISM. The name "PRISM" quite likely truly hasn't appeared in any public documents attached to government data demands (or requests) as mentioned by groups like Google.

*NOTE: Google more recently spoke on the difference between government requests for information based on type - the kind they release per the link in the previous paragraph is entirely criminal based, not FISA-based.

"First, we have not joined any program that would give the U.S. government—or any other government—direct access to our servers. Indeed, the U.S. government does not have direct access or a “back door” to the information stored in our data centers. We had not heard of a program called PRISM until yesterday." - Google CEO Larry Page and Google Chief Legal Officer David Drummond

Instead of the rush of information suggesting a list of companies were giving over complete access to their servers to the government, it seemed more likely - far more likely - that what we already knew to be going on was, in fact, going on. Transparency in government data requests shown by Google made clear the fact that the US Intelligence Community did, indeed, ask Google for data - and for quite some time had they been doing this, too.

The FBI (Federal Bureau of Investigation) here in the United States is supposed to take care of domestic intelligence. One of the most important distinctions that need to be made in this amalgamation of ideas is that the NSA was originally envisioned as taking care of international affairs while the FBI was supposed to stick with affairs inside our borders.

The term "directly from the servers" comes from a presentation slide that leaked via Edward Snowden. If what web companies across the board dealing with government data requests are saying is true, there is no "direct access" to be had, and the term itself was likely a gross exaggeration put in place on the presentation slide to emphasize the relatively direct route the data takes from the companies in question to the NSA or FBI - generally with one secure intermediary, of course.

Again according to the AP, PRISM allows the NSA to request an entire email box. With an email box - if a company decides they're willing to send it over, can turn over a massive number of email addresses. These email addresses can, by default, be investigated for communicating with the primary user.

NSA investigators are - according to the details leaked earlier this month - starting with information collected from the undersea cables that connect the USA to much of the rest of the world, identifying terrorists (and the like) sending messages in to the United States (or out from it), targeting then the other end of the conversation. From there, a spider-web can coalesce, with hundreds or thousands of email addresses tagged for access, allowed to be searched by the NSA without court-ordered warrant.

The step-by-step process the NSA must work through is outlined in a recently declassified document by the name of “Facts on the Collection of Intelligence Pursuant to Section 702 of the Foreign Intelligence Surveillance Act”. This document comes courtesy of James R. Clapper, Director of National Intelligence, who declassified information as such to keep facts straight rather than see the citizens of the USA baffled as they've been with conflicting media reports.

"PRISM is not an undisclosed collection or data mining program. It is an internal government computer system used to facilitate the government’s statutorily authorized collection of foreign intelligence information from electronic communication service providers under court supervision, as authorized by Section 702 of the Foreign Intelligence Surveillance Act (FISA) (50 U.S.C. § 1881a). This authority was created by the Congress and has been widely known and publicly discussed since its inception in 2008" - Director of National Intelligence, USA, Washington DC, June 8th, 2013

Though we've had a couple splinters of this protection built-in for US Citizens in FISA mentioned earlier in this article, the specific segment called upon by the Director of National Intelligence is of particular importance here: Section 702 of the Foreign Intelligence Surveillance Act (FISA) (50 U.S.C. § 1881a).

"Notwithstanding any other provision of law ... the Attorney General and the Director of National Intelligence may authorize jointly, for a period of up to 1 year from the effective date of the authorization, the targeting of persons reasonably believed to be located outside the United States to acquire foreign intelligence information." - FISA

Public Response

On June 14th, 2013, several companies joined in on the fun with FISA and NSA data request numbers. It's at this point that Google speaks up about the difference between publishing numbers on government requested data based on criminal cases and those coming directly from the NSA. Google also issued a request of their own to the government asking that they might publish FISA-based requests separate from requests for criminal-related activities.

Meanwhile the until-recently NSA employee Edward Snowden is holed up in Hong Kong due to his fears for his safety from those whose secrets he's spilled. Hong Kong, in return, started a relatively large rally and protest (of unknown numbers) with Snowden-themed signs and demands to keep Snowden safe and extradition-free, as it were.

PSkmHEh

Finally - or most recently, perhaps - the NSA made an effort to explain their situation to the Senate. A total of 47 of the full 100 senators attended a meeting this past Friday (the 14th of June, 2013) held by James Clapper, the Director of National Intelligence, Keith Alexander, the head of the National Security Agency (NSA), and a few other officials. This meeting was supposed to inform the whole Senate about what the NSA actually has in place and what FISA, the NSA, and PRISM means to these senators' constituents. Instead, 53 senators have gone home without answers.


Must Read Bits & Bytes