Always Outmanned, Always Outgunned

We were warned. Over and over again. Not just by privacy advocates and by security experts and by civil liberties organizations and by the guy on the corner in the tin foil hat shouting about the government intercepting his brain waves. We were warned by some of the very people charged with overseeing the administration’s efforts to expand its domestic intelligence gathering capabilities. We were warned by politicians.

We were warned. Over and over again. Not just by privacy advocates and by security experts and by civil liberties organizations and by the guy on the corner in the tin foil hat shouting about the government intercepting his brain waves. We were warned by some of the very people charged with overseeing the administration’s efforts to expand its domestic intelligence gathering capabilities. We were warned by politicians.

For many observers of the privacy and surveillance landscape, the revelation by The Guardian that the FBI received a warrant from the secretive Foreign Intelligence Surveillance Court to require Verizon to turn over to the National Security Agency piles of call metadata on all calls on its network probably felt like someone telling them that water is wet. There have been any number of signals in the last few years that this kind of surveillance and data collection was going on, little indications that the United States government was not just spying on its own citizens, but doing so on a scale that would dwarf anything that all but the most paranoid would imagine.

There have been reports in the press for nearly a decade about NSA domestic surveillance activities. More than seven years ago, USA Today published a detailed account of some of the same kinds of allegations about the NSA building a massive database of consumer and business call records. And the EFF and other groups have been warning about such activities–and suing for details of them–for many years, with limited success. The order that the FISC issued to Verizon essentially requires the carrier to give the NSA data on every single call on its network, to include the numbers on both ends of a call, the IMSI (International Mobile Subscriber Identifier) number, duration of the call and call routing data. The order does not require the company to turn over the contents of the calls.

While the Verizon order is the first to be exposed to the light of the day, it likely isn’t the only one that’s been issued. There’s nothing in the text of the order to make it seem so, and if the FBI was successful in getting an order for Verizon, there’s no reason to think it wouldn’t seek the same for other carriers.

“There is no indication that this order to Verizon was unique or novel. It is very likely that business records orders like this exist for every major American telecommunication company, meaning that, if you make calls in the United States, the NSA has those records,” Cindy Cohn and Mark Rumold of the EFF wrote in their analysis of the order.

The authority for this extraordinary data collection comes from the FISC, the court that interprets the Foreign Intelligence Surveillance Act and issues rulings on how the U.S. government can use the act to spy on Americans. FISA has been used as the basis for the drastic expansion of domestic electronic surveillance over the last decade, and much of that has been done through classified orders such as the one uncovered by The Guardian. By design, Americans have little to no visibility into this process. But there are some people who do get information on a regular basis on what’s going on in this murky world: the members of Congress tasked with overseeing the intelligence community.

Two of the members of the Senate Select Committee on Intelligence, Sen. Ron Wyden (D-Ore.) and Mark Udall (D-Col.), have been speaking out about what they see as the dangerous expansion of the use of secret law for several years, and they have warned repeatedly about domestic surveillance. Their remarks have necessarily been vague and circumspect in many cases, as they’re bound by secrecy laws, but they have made it clear that the kind of surveillance happening in the U.S. now is something that would shock most Americans. In a 2011 letter to Attorney General Eric Holder, Wyden and Udall said that they think the government is interpreting secret law regarding surveillance in a radically different way than what most Americans would expect.

“As you know, we have been concerned for some time that the U.S. is relying on secret interpretations of surveillance authorities that–in our judgment–differ significantly from the public’s understanding of what is permitted under U.S. law,” they wrote.

“Americans will eventually and inevitably come to learn about the gap that currently exists between the public’s understanding of government surveillance authorities and the official, classified interpretation of these authorities.”

And now Americans know just how large that gap is.

A year later, in a letter to James Clapper, the director of national intelligence, in 2012, Wyden and Udall again warned that the kind of surveillance being done domestically is well beyond the scope of what U.S. citizens think is happening. If Americans think about it all.

“We are concerned that Congress and the public do not currently have a full understanding of the impact that this law has had on the privacy of law-abiding Americans,” the senators wrote in the letter. “In particular, we are alarmed that the intelligence community has stated that ‘it is not reasonably possible to identify the number of people located inside the United States whose communications may have been reviewed’ under the FISA Amendments Act.”

We were warned.

Image from Flickr photostream of Matthew Peoples.

Suggested articles


  • Matt on

    Welcome to the United States of AmeriSIEM!
  • Matt on

    Here at the National SIEM Agency (NSA), we take your security very seriously. We strive for equality, from citizen to terrorist, nothing is left unsaid.
  • Johannes Rexx on

    Amerika, One Nation Under Surveillance.
  • Ralph on

    None of these new details should come as a surprise to anyone who has been even casually paying attention to security-related issues over the past ten to twenty years.
  • MannyC on

    I have had the sheriff and FBI together come with their guns drawn and scared the hell out of my wife looking for a person they admitted they knew was not here and took my PC and CD's and flash drives. They had been looking at the activity on my PC for over one year according to them. They brought the PC and storage media back in a few days with the comment "they're clean" and never any apology. I had to reconnect everything myself. I trust that with this post I should be hearing from them soon (no, I have no criminal record but I did get a ticket for a moving violation a few days ago). Go figure.
    • Tish on

      I sure hope you wiped your systems after getting them back...
  • Mike G on

    I totally agree with each of you. If they do release anything, it will be harmless, unimportant, and will give the sheep something to sleep on.
  • dos on

    The over-reaction based on misinformation being presented here is abundant.
  • BMG 442 on

    And just wait until a contractor leaks information about the NARUS software in use. Search: Narus Wiki Boeing And just wait until another contractor blows up a leak on the NSA's use of NARUS insight software. search wiki narus boeing [use the wiki references to visit their homepage to view all the product features] "That is it can track individual users, monitor which applications they are using (e.g., web browsers, instant messaging applications, e-mail) and what they are doing with those applications (e.g., which web sites they have visited, what they have written in their emails/IM conversations), and see how users' activities are connected to each other (e.g., compiling lists of people who visit a certain type of web site or use certain words or phrases in their e-mail messages)." "A single NarusInsight machine can monitor traffic equal to the maximum capacity (10 Gbit/s) of around 39,000 256k DSL lines or 195,000 56k telephone modems. But, in practical terms, since individual internet connections are not continually filled to capacity, the 10 Gbit/s capacity of one NarusInsight installation enables it to monitor the combined traffic of several million broadband users."
  • dan on

    They are also acually watching you through your x-box kinnect and your camera on your laptop as well. If you think the buck stops at cell phone calls your wrong.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.