Snowden’s Spiegel Files, Working Thread
I’ve decided the best way to digest the collection of documents released by Spiegel this week is to do a working thread. You can find links to the individual files here, or a very big PDF of all files here.
Note they describe using XKeyscore for “behavior detection techniques.” Even in physical space, it’s not clear current science supports the validity of such behavior detection. But this involves using someone’s online behavior to translate “behavior” into suspicion.
In the list of topics they share on, there’s Der Spiegel has redacted the place in “Europeans traveling to [redacted] to fight.” That’s presumably Syria (though could be Somalia). It’d be interesting to see the lead time on this international sharing and the time it shows up in news articles.
Note the reference to using XKeyscore for (German) domestic warranted content.
In October 2011, SSG partnered with SUSLAG and BND to conduct a demonstration of XKEYSCORE to the BfV using BfV domestic warranted collection. The BND XKEYSCORE system successfully processed DSL wiretap collection belonging to a German domestic CT target.
I’ve long wondered whether they can use XKS for US domestic content. This would seem to suggest they can. It sort of makes you wonder whether they’d give XKS to telecoms under USA Freedumber?
Comprehensive internal summary of history
Note the other documents describe the partnership primarily in terms of CT, but this document makes it clear it also includes transnational crime and counternarcotics, Afghan support, and one redacted topic.
Note cyber is something that is later described as something NSA is pushing (in January 2013) to get BND to partner on. This document describes IAD as leading discussions at this point (January 2013); but described a follow-up meeting with NTOC and FAD that same month.
Note Germany’s role in translating Igbo, left unredacted. This, and a number of other redacted references, seems to suggest the Germans play a key role in our collection and analysis of intelligence from Nigeria. Note, that might support the notion that one of the redacted sharing purposes is energy-related.
Germany appears to play a key role in our GSM collection. Note they also play a key role in VoIP, which may be why they were so interested in accessing Skype. Germany has already changed its privacy law to help us, but NSA isn’t satisfied. I’m reminded of US Ambassador to Germany Philip Murphy’s bitching about Germans not understanding the need to share information in the Internet era.
In 2012, Boundless Informant was going to soon roll out a “if you like this you’ll like this” query suggestion mode.
Boundless Informant data does not include FISA or ECI (telecom partner) collection. So Boundless Informant is missing a lot.
Muscular, where NSA steals from Google overseas (as well as Terrestrial RF) do not send their data back to NSA-W. I wonder if there are legal reasons for that.
The explanation for showing metadata rather than content is not included. I wonder why?
Remember that AFRICOM was based in Europe before it moved. While this was before that time, EUROCOM had much of the continent at that point. So we should assume a lot of the NSA cooperation focuses on that.
Keith Alexander had been in charge of INSCOM during the years before this relationship was set up.
This lists additional missions including Nigerian Energy Security (which would explain the focus on Igbo). I’m guessing that one of the redacted topics elsewhere is energy.
This also added Morocco, Algeria, Tunisia, and Libya as targets. I wonder if this location retained that role up to and through the Arab Spring?
NSA apparently used ESOC to track the 2006 Israeli assault on Lebanon.
I wonder whether the Pan Sahel movement missed a lot of the development of AQIM in the region?
“Before the training, I was just happy to use it and not go to jail.” [Um, hello.]
The redacted topics are, per William Arkin, S2A: South Asia, S2B: China and Korea, S2H: Russia
I’ll come back to what these data show later.
Tech Surveillance in Europe Africa
The Analytics for Identity Intelligence talks about metadata for geolocation, content for confirmation. Interesting relationship if you’re not supposed to get content to ID, as with US metadata.
Surveillance of African countries by JSA
This explains why US is willing to partner with Germany on Africa: They’re advanced enough the US can share technology with them without giving them freebies. So they can pick up the Africa slack while the US is distracted in Afghanistan and Iraq.
This describes how, because JSA is not permitted to target EU countries or economic spying, the Germans presented a list of 31 companies that could not be targeted.
This is a May 2006 discussion of the difference in processing between BND and NSA. The former does more human analysis to pick what’s important; the latter does more automatic processing at the packet level. The whole point of this is that NSA will pressure/impress BND to alter their approach, at least at the Joint effort.
Full use of current NSA DNI processing systems and analysis methodologies at JSA will be key to influencing the BND to alter their strategic DNI processing approach.
Note, however, that the NSA approach involves more minimization based privacy, whereas the Germans use some kind of filter for privacy (I wonder if it’s like ThinThread?). And they’re forcing German to that approach.
Nymrod for matching name transcriptions
Russian names are not a priority–Arabic and Chinese are. And it’s based off commercial software.
Note the discussion of co-representation at 2
Cover name for CSC is FIFTYEXCLAIM
Note that Muscular is one of the British collections that goes to Stage 2 XKS, which is intended for very high volumes. That’s the collection that steals from Google and Yahoo.
Note the reference to “leveraging language resources in UT,” written well before the Data Center was started.