Late on the evening of 29 May 1999, as Indian soldiers were clawing their way up the Kargil heights, General Pervez Musharraf reached out to the especially-secured phone in his Beijing hotel suite, and dialled his chief of staff. General Muhammad Aziz provided Pakistan’s military ruler with a detailed update on operations. He believed success was imminent. “The entire reason for the success of this operation,” Aziz told his boss, “was this total secrecy.”
Inside a less-generously furnished room at a Research and Analysis Wing communications intelligence station in western India, an officer also made a call. RAW’s tape of the Musharraf-Aziz call was to change the course of the war.
It’s become clear in the years since that governments across the world are—quite literally—listening to us a lot harder than we think, and perhaps a good bit more than we’d like.
Earlier today, The Guardian revealed an order by a secret court operating under the Federal Intelligence Surveillance Act, FISA, obliging telecom giant Verizon to hand over all details on every single call made through it to countries overseas. The order requires Verizon to share call metadata—numbers; calling card details, subscriber information. The data is given to National Security Agency, or NSA—the super-secret intelligence service which is the principal supplier of communications intelligence to United States covert services like the CIA.
There’s somewhat less gasp-factor to this than it might seem. Following 9/11, the NSA was authorised to intercept the communications of people within the United States, when the agency believed those communications were linked to Al Qaeda. In December, 2005, the New York Times broke the story—and in 2009, held it to be legal. FISA’s court has since granted thousands of authorisations to monitor individuals and entities in the United States—holding only once that the government used the power illegally.
Intelligence services in the United States say they need this power to monitor communications traffic between terrorism suspects overseas and potential operatives or financiers in the United States. Privacy advocates argue this gives the state unacceptable powers to spy on everyone.
The debate involves difficult questions: even though the technology serves vital national-security functions, it also gives governments unprecedented powers.
Ever since the 1970s, satellites and earth-based monitoring stations operated by the NSA have been sucking up virtually every byte of global communications traffic—microwave signals that leak into the atmosphere; satellite signals; traffic through undersea fiber-optic lines. Harvested at stations in the United States, United Kingdom, New Zealand and Australia, the digital traffic is processed by a giant system of computers called ECHELON. Less than 1 percent of the terabytes of data the NSA harvests every hour is ever processed—but even that has proved enough to monitor Soviet ballistic missiles, middle-east military movements and, famously, the phone calls which eventually led to Osama bin-Laden at his safehouse in Abbotabad.
The technology is becoming increasingly commonplace—though on a smaller scale. South Africa’s Vastech, among others, offers equipment that can capture data flowing across telecommunications and internet networks in multiples of ten gigabites, and scan it for pre-determined parameters—the voice of an individual; a particular language; a phone number; an e-mail address. Indian companies Shoghi and Clear Trail also market similar equipment. India is scheduled, next year, to launch CCISAT, its first spy satellite, joining an élite league of nations.
Last year, the government of India said that it was listening in to some 10,000 phones and monitoring about 1,000 e-mail accounts—but that’s a small fraction of what the National Technical Reconnaissance Agency picks up, in its operations against strategic adversaries and terrorists.
In India, the United States, and pretty much everywhere else, privacy advocates worry what happens when the antennas are turned inwards—against opposition politicians, dissidents or business rivals. There’s already allegations that mobile phone interception equipment used by the NTRO has been misused for political intelligence-gathering. There have also been fears about what uses the state-of-the-art COMINT equipment being bought by state police forces is being put to. Technology that can be used to fight terrorists can also be used by the ruling party.
Even in the West, there’s plenty of suspicion of wrong doing. Margaret Newsham, who worked at ECHELON’s Menwith Hill facility from 1977 to 1981, testified that conversations involving a senator had been intercepted by United States authorities—but using the United Kingdom as a base, to bypass the law. The technology to target conversations involving particular people, she said, had existed from 1978. Fred Stock, a former Canadian intelligence officer, said he expelled from his service in 1993 for criticising ECHELON’s use to target civilians and businesses.
In 2000-2001, the European Parliament held official investigations, because of concerns the United States was using ECHELON against its members.
Even though the risks of abuse are large, rulers have long known COMINT is a key tool of survival. Julius Caesar, the imperial historian Suetonius recorded, was concerned enough about the prospect of his military communications being intercepted to use what cryptographers call a substitution cipher—replacing, for example, the letter A with D, B with E and so on.
In the twentieth century, wireless made it possible to communicate over great distances—and possible for those communications to be intercepted at equally great distances.
Famous, history-shaping battles followed. From 1925, Germany began deploying a path-breaking mechanical encrypted-communication system code-named Enigma. In 1939, the Polish mathematician, Marian Rejewski, led a team that made some breakthroughs against Enigma, based on studies of a machine stolen by the country’s spies. It wasn’t until 1943, though a top-secret British team led by the mercurial Alan Turing, used electromechanical devices—the first computers—to crack the Enigma code. Even then, full penetration of Enigma’s naval variant needed a daring raid that allowed code-books to be salvaged from the submarine U559, without allowing Germany to suspect the vital information had not gone to the sea-bed.
Winston Churchill, the United Kingdom’s wartime prime minister, described the work of the code-breakers as a “secret war, whose battles were lost or won unknown to the public, and only with difficulty comprehended, even now, by those outside the small, high scientific circles concerned”.
For aspiring cryptanalysts, there’s the science writer Simon Singh’s Virtual Black Chamber—so named for the rooms espionage agencies used to crack enemy codes—to test their skills
It isn’t that communications intelligence is a fix-all. Forty-eight hours before 9/11, the NSA heard Al Qaeda operatives warning of an imminent, spectacular attack. They had no idea, though, where that attack would come—and, moreover, the conversations were only decrypted after the strikes. In recent years, moreover, terrorists have become increasingly adroit at going under the radar—using old-fashioned human couriers instead of potentially-vulnerable electronic communications, for example. They’re also technologically savvy. Osama bin Laden’s courier, Ahmad al-Kuwaiti, made sure the battery in his cellphone stayed out of the instrument until he was a 90-minute drive from his master’s safehouse—knowing it made location possible.
For certain, though, new, more secure technologies will again allow terrorists and hostile states to communicate—and intelligence services will find means to break into those communications.
The real question arising from The Guardian’s FISA papers is as old as this battle: how do we ensure that technologies meant to make us safer don’t end up destroying the freedoms we’re seeking to protect? The answers, we all know, lie in robust regulation and sound oversight—but reconciling these aims with the very real imperatives of national security is easier said than done.
No comments:
Post a Comment