Leaked: NSA Documents 6/18 – 6/19/2014 New Edward Snowden Slides, PDFs, News

Leaked: NSA's RAMPART-A, SMOKYSINK, AZUREPHOENIX, SPINNERET, TRANQUIL, MOONLIGHTPATH, FIREBIRD, FLASHMARK, FALCONSTRIKE, DULCIMER, REDHARVES, CONDORSPEAK,XKEYSCORE; ACRIDMINI; LUTEUSICARUS; HEADMOVIES; APERTURESCIENCE; CROSSEYEDSLOTH; KOALAPUNCH; BALLOONKNOT; MAGNUMOPUS; WAXTITAN; WILDCOUGAR; MURPHYSLAW; DARKFIRE; CHOCOLATESHIP; SCREAMINGHARPY; WILDCHOCOBO; WHISTLINGDIXIE; CHAOSOVERLORD; SHAREDTAFFY; POTBED; DARKTHUNDER; JEEPFLEA; SHARPSHADOW; HIGHCASTLE; TROJAN CLASSIC XXI; CADENCE; PINWALE, BLACKPEARL; ROADBED; GODLIKELESION; BOTANICREALTY; LADYLOVE; UNCANNY; SALTYDOGS; TROPICPUMA; GRANDMASTER; WEALTHYCLUSTER; DISHFIRE; JUGGERNAUT; TURMOIL; BLACKNIGHT; CYBERTRANS; PAINTBALL; SYNAPSE; JOURNEYMAN; GOLDENRETRIEVER; SOCIOPATH; TEMPORA; GENESIS; NYMROD; ANCHORY; INTERQUAKE; PANOPLY; MIRROR; DARKQUEST; BIRDWATCHER; WHARPDRIVE - Edward SnowdenLeaked: NSA’s RAMPART-A, SMOKYSINK, AZUREPHOENIX, Leaked: NSA Documents 6/18 – 6/19/2014 New Edward Snowden Slides, PDFs, News  – Edward Snowden – More countries than previously known involved in the NSA’s global mass surveillance & More

 

June 18 – 19, 2014

 Denmark and Germany are apparently among the countries participating in an unprecedented program of cooperation on the supervision of the NSA and a number of so-called third-party countries. By providing access to fiber cables are these countries to enable the worldwide U.S. espionage

Under the code name Rampart-A, the NSA has established an extensive and previously kept secret program of cooperation with a number of so-called third countries to tap into the fiber optic cables carrying the bulk of the world’s electronic communications. It can reveal information today.

It has previously been revealed that there is close cooperation on cable access between the NSA and the U.S. closest allies in the intelligence field, the so-called party countries, UK, Canada, Australia and New Zealand.

But now it turns out, then, that a number of allied countries whose intelligence services have a less close cooperation with the NSA, represent important part of the infrastructure that NSA to spy on citizens, businesses, organizations and public institutions worldwide.

The eagle and the golden cables

“NSA’s crown jewels’ Edward Snowden called the Special Department, Special Source Operations (SSO), which handles accesses to fiber cables, which is characterized by its logo: an eagle with the American flag in the background has claws grasped the golden fiber cables, which wind around the globe.

The department specializes in tapping data from the gigantic flow of information in the cables. This NSA crucial access to fiber cables have SSO built through contracts with U.S. telecoms and Internet companies, but so also through partnerships with allied intelligence services.

“There are relatively few of the cables. Most data flowing through a small number of nodes. To access them, you have access to it all, “says IT security expert Bruce Schneier, which information has been shown documents on Rampart-A. “The goal should be to cover as much as possible of the world with as few entries as possible. Much Internet traffic flows through the United States, but some do not. So you’re looking for places in the world where data is if it is not in the United States. “

Under the guise of radomes

Charts for two classified PowerPoint presentations from NSA shows how cooperation on a ‘typical rampart-A operation’ works.

NSA’s partner country brave an ‘international cable “at an access point somewhere within the country and sends it to a facility that processes data with equipment provided by the NSA. Here analysts from the partner country treat data also from here are sent via a secure connection to the NSA.

The surgery is typically set up in such a way that the partner country ‘working on the fiber under the guise of a visible satellite operation’. The processing of data from the cables going into hiding all of that kind of listening stations with their distinctive dome-shaped radomes in Denmark dominate the landscape at Aflandshage in Amager and Skibsbylejren near Hjørring. Presumably this is due to set-up, listening stations still are clear to everyone. No wonder, therefore, that the intelligence agencies have facilities and plenty of staff at stations.

The processing of data from the cables going into hiding on the kind of listening stations with their distinctive dome-shaped radomes in Denmark dominate the landscape at Aflandshage on Amager – as can be seen in the picture here – and in Skibsbylejren near Hjørring.

Jakob Dall

The U.S. government’s so-called black budget provides an insight into the importance of these cable entries are for the NSA. The classified budget provides funding for secret intelligence projects that the government does not want public knowledge.

An extract that information in its possession show that Rampart-A is by far the most expensive of the NSA’s programs on cable access in partnership with foreign intelligence services. In 2011, for instance, used a total of 91 million. dollars on programs and resulting amounted Rampart-A 76.5 million. dollars, or 84 percent, while the rest was spent on other’s program WIND STOP. The following year expenditure amounted to Rampart-A, 62 percent of the total budget allocated to cooperation programs on cable access, and in 2013 accounted Rampart-A for 82 percent of spending in the budget that the NSA set for the U.S. government.

Everything can be tapped

A project budget also shows that the Rampart-A total gives’ access to over 3 terabits of data per second worldwide. “

This corresponds according to an analysis by the international telecommunications traffic analysis firm TeleGeography has done for information, to almost five times the traffic that average left Denmark every second in 2013, or on a daily basis: the contents of more than 362 million regular data CDs .

The latest review document on SSO’s cable programs show 13 code names for different Rampart-A facilities. Of these, 9 listed as active in 2013, and from one of them emerges only metadata that is not content.
The three main rampart-A facilities – which have code names AZUREPHOENIX, spinneret and MOONLIGHTPATH ​​and whose locations are unknown – provides access to a total of 70 different cables and network and appears in several documents from the NSA’s most productive. The large number kabeltap set according to the leaked documents NSA to intercept ‘international communications from anywhere in the world’ and ‘covers all communication technologies’, including among others ‘voice, fax, telex, modem, email, web chat’.

The extensive data collection gives good results. It is used by all the NSA’s Research Departments, and in 2009 alone it has cast over 9,000 finished intelligence reports of itself, over half of which are based exclusively on intelligence from Rampart-A program, according to a project presentation from October 2010.

Above top secret

Information on which countries’ intelligence agencies involved in cooperation with the NSA, does not appear explicitly in the documents as information access. The reason is that this information is considered so sensitive that they are extra protected beyond ‘tophemmelig’ classification, which is the highest overall classification level in the United States.

A special system thus ensures that only the individual, certain employees have access to the information.

Nevertheless, it is possible to appoint Denmark and Germany as two countries that appear to be among the NSA’s partners in Rampart-A program.

When it is possible to identify Denmark as a likely Rampart A partner is due to Rampart-A has the unique characteristic that the NSA’s SSO department cooperates with third countries on handling access – in contrast to the entries that SSO has established in a number of countries outside the countries concerned to know it, and unlike the accesses which SSO cooperate with telecom companies and not with states. This is consistent with the information in the NSA Director Keith Alexander’s speech paper for a Danish-American meeting, quoted in today’s information. The paper describes an “NSA-FE partnership to work with cable access,” and it appears that the NSA is committed to ‘assist’ FE to manage access.

Furthermore, it is stated in a top secret t document the relationship between the NSA and FE, the NSA provide its Danish sister organization, among other things ‘collection and treatment equipment’.

It is closely aligned with the NSA’s Rampart-A project, which, with almost identical wording be specified that the NSA’s’ collection and treatment equipment “is located on the partner country’s soil.

The German access

Germany’s participation in Rampart-A can be derived from NSA documents by the German news magazine Der Spiegel referred Monday of this week, in conjunction with the documents that information in its possession.

Spiegel could be based on a document reporting that “not in the know ’employees in a German telecommunications company in March 2013 discovered a kabeltap that the NSA is referred to as’ Wharpdrive’. And just Wharpdrive appear in the documents that information in its possession, as part of the Rampart-A program.

The paper on the discovery of Wharpdrive-access shows, according to Spiegel that “Initiates forces of the partner ‘has’ removed the tracks and established a credible cover story,” and it appears that the partner has offered discreetly to reinstall the equipment.

In another document about a meeting between NSA and the German intelligence service BND dolls term Wharpdrive also up. It describes access as “a trilateral program ‘, between the NSA, BND and an unknown third party, possibly the aforementioned telecommunications company. It is also clear from the document that the BND manages access and NSA assists with technical assistance.

‘Strengths everyone’s safety’

Information accuses NSA information about Rampart-A and the documents about the program, which is published in the newspaper. NSA wrote in an email to Information:

“We do not intend to comment on the specific alleged foreign intelligence activities. But the U.S. government cooperates with other nations, under specific and controlled conditions, reinforce everyone’s safety. NSA’s efforts are focused on ensuring the protection of U.S. national security, its citizens and our allies by pursuing legitimate foreign efterretningsmål alone. In January, issued by President Obama U.S. Presidential Policy Directive 28, which affirms that all people – regardless of nationality – have legitimate privacy interests in the handling of their personal information and privacy and civil liberties must be a regular part of the considerations in the planning of U.S. signals intelligence activities. All NSA’s efforts are carried out strictly within the law, including the President’s new directive. The service collects data to meet specific security intelligence requirements such as protecting U.S. troops and allies, counterintelligence, counterterrorism, non-proliferation and the fight against transnational crime. “

Snowden documents reveal Danish partnership with NSA

Defence Intelligence working in partnership with the NSA to tap Danish fiber cables with telephone and internet traffic, according to top-secret NSA documents. Apparently, Denmark is part of a novel program, which can lead to the Danes also become targets for U.S. intelligence

According to documents on Rampart-A program, many of NSA’s partner countries with data from fiber cables under the guise of satellite operations, yet it is evident in the landscape. In Denmark, FE, among other satellite operations in southern point of Amager, Aflandshage

Defence Intelligence Service (FE) participation by all accounts in the previously kept secret collaboration with the National Security Agency (NSA) to tap fiber cables carrying Internet and telecommunications traffic through Denmark. Thus, Denmark appears to be among the countries that contributes to the NSA’s goal of being able to pick up any electronic communications anywhere in the world.

The Danish-American cooperation to tap cables mentioned in a speech paper prepared for the then Director of the NSA, the four-star General Keith Alexander, in a meeting between officials from the NSA and their Danish colleagues from FE in the summer of 2012.

»Emphasize the NSA’s involvement in the special access and to assist FE to manage access. Remind Danes on the long-term NSA FE partnership to work with cable access with. “, It says in the speech paper.

The last sentence is incomplete and the like that can be a simple mistake, it can not be excluded that something active has been omitted, for example, information about a third actor in addition to the NSA and FE. There remains, however, that the NSA and FE seems to have cooperation on cable access.

Speaking paper is stamped ‘top secret’, the highest classification level in the United States. Information gained access to it and a number of other classified NSA documents by the whistleblower Edward Snowden.

The information in Keith Alexander’s speech paper on a Danish-American cable access consistent with information in another top-secret document on NSA’s relationship with FE. The paper writes NSA that the service provide its Danish sister organization of the ‘collection and treatment equipment’, and as evidenced by today’s information, is precisely this sort of assistance from the NSA’s page set procedure for the partnerships on cable access with so-called third countries such as Denmark.

Willing to take risks for the U.S.

Access to fiber is a cornerstone of the NSA’s global mass surveillance and helps to enable the intelligence ‘golden age’, which refers to the NSA present in a strategy statement. “Internet backbone” called cables carrying telephone calls and Internet traffic, it will, among other things, emails, Skype calls and Facebook messages.

Apparently, the cooperation between the NSA and FE part of a comprehensive, internationally NSA program on cable access codenamed Rampart-A, Information Today can reveal. The program assumes that the NSA works with a number of the 33 so-called third countries with which Denmark is among, the cable entries on partner countries’ territory.

The fact that Denmark thus appears to be among the third countries which play a key role in enabling the NSA’s surveillance of global electronic communications, consistent with the NSA in several documents describing the FE as a particularly important partner.

The document on the relationship between FE and NSA refers to the Danish intelligence service, for example, as’ one of the NSA’s trusted and reliable SIGINT (electronic retrieval of communication, ed.) Partners’ and as’ one of the NSA’s top anti-terror partners’, often as the first ‘ offers assistance ‘and’ willingness to take risks on behalf of the United States. “

The Russian connection

A country’s value as a partner for NSA collaborate on cable access is determined by the traffic that flows through fiber cables on its territory.

“If your country is an important place in the network is a key partner for NSA,” says Mikko Hyppönen, chief scientist at Finnish F-Secure and one of the world’s leading experts in data security. “Denmark is one of the countries. A lot of international traffic from Scandinavia and Russia goes through the Danish network, and the reasons for the interest in cooperation with the Danish authorities, “assesses Hyppönen.

He adds that even large amounts of traffic from Germany passes Denmark: “It is not something the general network user think about, but many Germans associate example. Facebook and Google services via Denmark because both Google and Facebook have large data centers in the North, and the traffic is predominantly through Denmark. ‘

Research Director of the international telecommunications traffic analysis firm TeleGeography, Alan Mauldin, also highlights Denmark’s Russian connection as a possible reason for the NSA’s interest in the Danish cable access.

“There are four main routes linking Russia with Europe. One of them is through Scandinavia. If you are interested to intercept Russian international communication, so be Denmark’s physical location as a transit point linking Russia with other countries, be a reason. ‘

A mutual agreement

In fiber cables crossing Denmark, passing both international and Danish traffic. NSA has thus access to cables with Danish data, although it is clear that the American service does not stop at nothing to spy against his allies among third-party countries. About relations with third countries are thus in an NSA document, the German news magazine Der Spiegel has provided previously: “We can capture electronic signals from most foreign third-party partners and do it often.”

NSA documents about the Rampart-A program suggests, however, that certain guidelines to prevent the U.S. intelligence from taking advantage of the availability of a partner country to spy directly against its citizens.

It thus appears that each partner country can follow the general categories, the NSA collects data from in case of a cable access. It is also mentioned in the document that there are lists of topics and objectives that the NSA for the sake of the partner countries are not looking for the huge amounts of data, which the service is accessed by a wired access. Moreover, it says in a Rampart-A-presentation: “Partner not collect against the United States, the United States does not collect against the host country.”

The same may be repeated in a general presentation of the NSA’s fiber applications, but here is added a small but notable modification of the NSA’s side, “there ARE exceptions’.

Remarkable is that the rule not to spy on partner countries stated in a document classified in such a way that the information therein must be shared with the allied intelligence services of other party states, while the exception to the rule stated in a document specifically not to be shared with nationals of any country other than the United States.

What are the exceptions to the rule not to utilize a cable access to spy on a partner country does not appear like it is unanswered, the potential for retaliation partner have if the NSA violates the agreement.

Filtering data

Previously, FE-chief Thomas Ahrenkiel told Politiken that the Danish intelligence sharing data collected ‘in a conflict zone abroad’ with NSA. In this regard, said Thomas Ahrenkiel: “If there is a Danish-related data, so we have some filters that cleanse them from Danish information before they handed over to partners.”

According to a source with knowledge of the FE filtering data from a conflict zone will something similar be the case with data collected by kabeltap in Denmark. There are, however, a relatively coarse filtration, for example discards. Dk-mail addresses, but did not pick up, for example Danes with gmail.com addresses. It is probably due to precise filtering of so-called raw data is actually impossible, and as evidenced by the daily newspaper, the FE apparently not legally required to clean the raw data for residents’ data before handing over to a service such as the NSA.

Thomas Ahrenkiel did not want to neither confirm nor deny the existence of a Danish-American cooperation on cable access to information, and he has not wanted to comment on whether, if applicable filters on raw data collected from cables in Denmark .

Jakob Dall

Nothing magical about Danish data

In any event, Denmark will hardly get much out of trying to guard against disclosure of Danes data from a Danish-American cable access. It assesses the U.S. computer security expert Bruce Schneier, who has a thorough knowledge of the NSA.

He points out that the NSA could tap into residents’ data through other entries in other countries where the Danish data passing through. By entering into agreements with several countries to receive data from common cable entries with one limitation that the NSA does not have to collect data from those countries’ citizens, the NSA may thus build a system to ensure that data from all countries can be collected, assess Schneier, who has seen a lot of Information documents on Rampart-A.

“There is nothing magical about Danish data, which makes it immune from being intercepted elsewhere,” he said.

Bruce Schneier adds: “NSA is trying to collect everything, and by giving them access to the Internet hubs in Denmark, I help to enable them to do so. It is here that the NSA plays all of you against each other. I certainly get access to the part, I even provide the NSA with. But that part is only of limited value. The actual value is all packed and it gets NSA. This will give them more than you get in return. It’s actually a bad deal for you. “

Also Edward Snowden warned earlier this year about the disadvantages of the partner countries by participating in the NSA’s kabeladgangs programs. It came in a statement to a committee of the European Parliament, where Snowden said just Denmark as an example, just as he said Germany, which, as described in today’s information apparently also part of the Rampart-A program.

“The result is a European bazaar where an EU Member State which Denmark might give the NSA access to a collection center at the (unenforceable) condition that the NSA not looking for Danes and Germany may give the NSA access to another on the condition that the service not looking for Germans. But the two collection sites are perhaps two points on the same cable, so that the NSA simply intercepts communications from German citizens when crossing Denmark, and the Danish citizens when crossing Germany, while they consider it to be complete in accordance with their agreements, “wrote Snowden statement said, adding that the national intelligence agencies may not be aware of ‘how their individual contribution enables the greater patchwork of mass surveillance against ordinary citizens.”

In the same statement gave Snowden also an indication of the effectiveness of the NSA surveillance is, “I can tell you that without having to get up from my chair, I could have read the private messages from every member of this committee as well as any ordinary citizen. ‘

This is the Kingdom

Information criticizes the FE information on cooperation between FE and NSA on cable access. The service did not wish to comment, referring to Defense Minister Nicolai Wammen.

Defense Minister Nicolai Wammen says to Information:

“I can not comment on the issue of the Defence Intelligence any specific activities. I think that everyone would understand. In general I can say that FE cooperate with other countries’ intelligence services, and you do that to protect Denmark and the Danes as possible. We are a country that is targeted by terrorists and also from others who do not have a positive agenda when it comes to the kingdom. Therefore, it is in Denmark’s interest that our intelligence services cooperate with other countries ‘intelligence services, but it is obviously important to emphasize that it must be done within Danish law, and it does it well.’

NSA does not want to comment, but wrote in an email to Information, “The fact that the U.S. government cooperates with other nations, under specific and controlled conditions, reinforce everyone’s safety.”

NSA documents from whistleblower Edward Snowden provide insight into a new and controversial chapter in the NSA’s global mass surveillance plot. Under the codename RAMPART-A, ‘third party’ countries tap fiber optic cables carrying the majority of the world’s electronic communications in collaboration with the NSA. These partnerships are among the NSAs closest-guarded secrets, and play a central role in the NSA’s ambition to be able to intercept any electronic communication, anywhere in the world.

It has previously been revealed that the UK monitors, records, and shares large volumes of data intercepted from the Internet backbone, which carries everything from emails to Skype calls across the globe at the speed of light. But the new documents show that a number of nations with weaker ties to the NSA – so-called “third party” partners – are more deeply involved in the NSAs global mass surveillance of individuals and organizations than previously known.

According to the Snowden documents, there are 33 third party countries. While the documents do not explicitly state which countries participate in the RAMPART-A program, details in the documents and extensive reporting points to Denmark and Germany being partners.

Access to everything

Special Source Operations (SSO), a top-secret NSA division, referred to by Snowden as the NSA’s »crown jewel« oversees the corporate and foreign intelligence partnerships that make the NSA’s vital cable access programs possible. Its logo, an eagle clasping trunks of brightly lit fiber crisscrossing the globe, leaves little room for interpretation: The SSO’s mission is to intercept and extract large data volumes from cables and networks worldwide.

»If you look at a map of the Internet, there are surprisingly few trunks. Most data flows through a surprisingly small number of choke points. If you get access to them, you get access to everything« says security expert and technologist Bruce Schneier whom Dagbladet Information has shown RAMPART-A documents: »The goal must be to cover the most of the world with as few access points as possible. A lot of Internet traffic flows through the US but a bunch doesn’t. So you’re going to look in places in the world where the data is, if not in the US«.

Cold war cover

Diagrams in two classified SSO PowerPoint presentations illustrate how a »Typical RAMPART-A Operation» works. Partner country »X« taps an international cable at an access point somewhere in country »X«, and forwards the data to a processing center. Equipment provided by the NSA processes the data intercepted at the access point, before the data is forwarded to an NSA site located, according to the diagram, in the US.

According to a presentation slide describing »Sensitivity Factors«, »Most RAMPART-A Third-party partners work the fiber projects under the cover of an overt Comsat effort.« This suggests that the sophisticated data processing operation happens concealed by the characteristic satellite dishes and radomes typically constructed during the cold war era. Presumably the cover would work because intelligence activities carried out inside existing listening stations would surprise few outsiders, even if the physical facility, collection methods and staffing change.

All communication technologies

An excerpt from the US Intelligence »Black Budget« detailing the »Foreign Partner Access Project« provides insight into how important RAMPART-A is to the US government. In 2011, the NSA spent a total of $91 million on foreign cable access programs, out of which RAMPART-A accounted for $76.55 million, or 84 per cent. Second party cable access programs, codenamed WINDSTOP, make up the rest. The fiscal year 2013 requested spending for RAMPART-A was down to $46.2 million but still accounts for 82 per cent of the total requested spending on foreign access projects.

The »Black Budget« also provides details about the volume of data collected by the NSA via third party cable taps. The introductory project description states that »RAMPART-A has access to over 3 Terabits per second of data streaming world-wide«. According to analysis provided by TeleGeography this was more than five times the average international traffic from Denmark in 2013, or 362 million ordinary CD-ROMs if stored on a daily basis.

The most recent SSO overview lists thirteen secret RAMPART-A sites out of which nine were active in April 2013. One site only provided metadata. The three largest sites – codenamed AZUREPHOENIX, SPINNERET and MOONLIGHTPATH, the locations of which are unknown – tap a total of seventy different cables or networks and figure in several documents among the NSAs most productive sources. The large amount of RAMPART-A cable taps, according to the leaked documents, gives access to »international communications from anywhere around the world«, and »all communications technologies« including »Digital Network Intelligence, voice, fax, telex, e-mail, internet chat, VPN and VoIP communications«.

The efforts pay off. According to a 2010 briefing intelligence collected via RAMPART-A was used across all NSA Analysis and Production centers, and yielded over 9000 intelligence reports the previous year, out of which half was based solely on intelligence intercepted through RAMPART-A.

Denmark’s cable access partnership

Details about which countries participate in RAMPART-A and where a given access is located are extremely sensitive, the documents show, and no identifying information can be found in the RAMPART-A documentation. In addition to the top-secret classification, a unique access control system dubbed REDHARVEST ensures that only a limited number of cleared personnel can access this information.

Based on the documents and extensive reporting, however, Dagbladet Information can identify Germany as among the NSA’s partners in the RAMPART-A-program. Denmark, most likely, is a partner too. The Danish participation seems to follow from the fact that RAMPART-A is the only program, in which the cable access is managed in collaboration with NSAs third party intelligence partners. This is consistent with information from a document containing former NSA Director Keith Alexander’s talking points for a 2012 strategic meeting between the NSA and the Danish Defense Intelligence Service (DDIS). A key passage reads:

»Emphasize NSA’s commitment to the special access and assisting DDIS in managing the access. Remind the Danes of the long NSA-DDIS partnership working cable access with.«

The sentence is incomplete. It may be a simple mistake, but it’s possible that one or several words have been removed in order to protect a third partner. It does, however, indicate that the Danish Defense Intelligence Service has a cable access partnership with the NSA.

This is further supported by the fact that the NSA, according to a top-secret »Information Paper« describing relations with Denmark, provides its Danish sister agency with »collection and processing equipment». This corresponds to a RAMPART-A briefing which specifies, with near-identical wording, that NSA »Collection and Processing assets« are hosted on partner soil.

Legal in Denmark?

Denmark has never had a public debate about cable access programs and very little is known about DDIS’ operations. Presented with the documentation for this article, DDIS Director Thomas Ahrenkiel would neither confirm nor deny a NSA/DDIS cable access partnership, and referred to Minister of Defense Nicolai Wammen, who told Dagbladet Information:

»I cannot comment on the question regarding any of DDIS’ possible, concrete activities. In general, I can say that the DDIS cooperates with foreign intelligence services in order to protect Denmark and the Danes in the best possible way.« Wammen adds that »this happens within Danish law.«

Three legal experts tell Dagbladet Information that DDIS could legally tap cables in Denmark. Similarly, an NSA/DDIS cable access partnership could be within the law, as long as the NSA does not operate in ways that would be illegal for the DDIS. But the law is not clear on this point, experts point out.

DDIS has broad powers and can obtain information both within Denmark and abroad, as long as it is »targeting conditions abroad«, according to the law governing DDIS. The only real limitation is that DDIS is not allowed to target Danes, but information about Danes happened upon by coincidence, when collecting against foreign targets, is not off limits. And raw data can be shared with foreign intelligence partners almost without limitations.

The largest Danish telecommunications companies, when asked by Dagbladet Information, would neither confirm nor deny giving cable access to DDIS. A spokesperson from TDC, Denmark’s largest telecommunications company, said: »We are subject to certain obligations under the law governing the police and military intelligence services, and of course we abide by them«. The law does not, however, oblige telecommunications companies to assist DDIS in their collection, but TDC declined to comment further.

The Russian connection

Denmark’s value as a cable access partner depends on which traffic flows through its cables. According to data provided by TeleGeography, Denmark has the best connectivity, in terms of bandwidth, to Germany, followed by Sweden and Norway. »If your country is in a key location, and if a lot of interesting traffic happens to flow through it, that makes you an important partner«, says Mikko Hyppönen, who has worked with Internet security since 1991 at Helsinki-based F-Secure: »A large part of the Internet traffic from Russia and the rest of Scandinavia flows through Danish networks, which justifies the US interest in working together with the authorities« says Hyppönen. He adds that a lot of German traffic transits through Denmark:

“It might not be obvious to casual surfers, but for example a lot of German users will connect to Facebook and Google services via Denmark. This is because Facebook and Google have large datacenters in the Nordics and traffic is predominantly routed via Denmark.”

Germany a partner too

German participation in RAMPART-A can be inferred from NSA documents reported by Der Spiegel earlier this week in combination with documents seen by Dagbladet Information. In March 2013, Spiegel reports, »unwitting« employees at a telecommunications facility discovered a cable tap, referred to as »Wharpdrive«. The same WHARPDRIVE figures in documents seen by Dagbladet Information, listed as a RAMPART-A project.

According to the document reported by Der Spiegel »witting partner personnel« removed the evidence »a plausible cover story was created«, and the partner offered to discreetly reinstall the equipment. WHARPDRIVE appears in another document about a meeting between the NSA and the German intelligence service BND. Here the operation is described as a trilateral program between NSA, BND, and an unknown third partner, possibly the above mentioned telecommunications company.

A European bazaar

The documents specify that in a typical operation partner countries and the NSA share »tasking and collection« i.e. the targets selected for surveillance and data intercepted from the cables. At the same time, the partner country and the US agree not to use the access to spy on each other: »No U.S. collection by Partner and No Host Country collection by U.S.«. The same point is repeated in an SSO presentation marked NOFORN, which means it cannot be seen by non-US nationals. Here a small, but not insignificant modification, is added to the same sentence: » – there ARE exceptions«.

Which exceptions there are is not clear. It is also an open question whether there would be any repercussions should the NSA violate the agreement. The documents indicate that partners retain some control over which data the NSA can access through partner sites, and that the NSA tries to avoid political conflicts based on lists of topics and targets that would potentially offend the partner.  However, according to Bruce Schneier, these agreements will not protect citizens in partner countries from being monitored by the NSA:

»Remember, if there’s an intercept in Denmark, and the NSA has agreed to spy on the Danes, and there’s one in Germany, and the NSA has an agreement not to spy on the Germans there, they can spy on the Germans from Denmark, and the Danes from Germany«, Schneier says.

Edward Snowden made the same argument earlier this year. In a statement to a European Parliament committee, he mentioned Denmark and Germany as examples of how this could be carried out:

»The result is a European bazaar, where an EU member state like Denmark may give the NSA access to a tapping center on the (unenforceable) condition that NSA doesn’t search it for Danes, and Germany may give the NSA access to another on the condition that it doesn’t search for Germans. Yet the two tapping sites may be two points on the same cable, so the NSA simply captures the communications of the German citizens as they transit Denmark, and the Danish citizens as they transit Germany, all the while considering it entirely in accordance with their agreements.

Ultimately, each EU national government’s spy services are independently hawking domestic accesses to the NSA, GCHQ, FRA, and the like without having any awareness of how their individual contribution is enabling the greater patchwork of mass surveillance against ordinary citizens as a whole». In the same statement Snowden also gave an impression of how effective the NSA’s surveillance programs are: »I am telling you that without getting out of my chair, I could have read the private communications of any member of this committee, as well as any ordinary citizen«.

‘Strengthens the security of all’

Dagbladet Information has asked the NSA to comment on RAMPART-A. Spokesperson Vanee´ Vines responded: »We are not going to comment on specific, alleged foreign intelligence activities. However, the fact that the U.S. government works with other nations, under specific and regulated conditions, mutually strengthens the security of all. NSA’s efforts are focused on ensuring the protection of the national security of the United States, its citizens, and our allies through the pursuit of valid foreign intelligence targets only.

In January, President Obama issued U.S. Presidential Policy Directive 28, which affirms that all persons – regardless of nationality – have legitimate privacy interests in the handling of their personal information, and that privacy and civil liberties shall be integral considerations in the planning of U.S. signals intelligence activities.  All of NSA’s efforts are strictly conducted under the rule of law, including the President’s new directive. The agency collects data to meet specific security and intelligence requirements, such as force protection for U.S. troops and allies, counterintelligence, counterterrorism, counterproliferation, and combating transnational crime.«

Just before Christmas 2005, an unexpected event disrupted the work of American spies in the south-central German city of Wiesbaden. During the installation of a fiber-optic cable near the Rhine River, local workers encountered a suspicious metal object, possibly an undetonated World War II explosive. It was certainly possible: Adolf Hitler’s military had once maintained a tank repair yard in the Wiesbaden neighborhood of Mainz-Kastel.

Americans — who maintained what was officially known as a “Storage Station” on Ludwig Wolker Street — prepared an evacuation plan. And on Jan. 24, 2006, analysts with the National Security Agency (NSA) cleared out their offices, cutting off the intelligence agency’s access to important European data streams for an entire day, a painfully long time. The all-clear only came that night: The potential ordinance turned out to be nothing more than a pile of junk.

Residents in Mainz-Kastel knew nothing of the incident.

Of course, everybody living there knows of the 20-hectare (49-acre) US army compound. A beige wall topped with barbed wire protects the site from the outside world; a sign outside warns, “Beware, Firearms in Use!”

Americans in uniform have been part of the cityscape in Wiesbaden for decades, and local businesses have learned to cater to their customers from abroad. Used-car dealerships post their prices in dollars and many Americans are regulars at the local brewery. “It is a peaceful coexistence,” says Christa Gabriel, head of the Mainz-Kastel district council.

But until now, almost nobody in Wiesbaden knew that Building 4009 of the “Storage Station” houses one of the NSA’s most important European data collection centers. Its official name is the European Technical Center (ETC), and, as documents from the archive of whistleblower Edward Snowden show, it has been expanded in recent years. From an American perspective, the program to improve the center — which was known by the strange code name “GODLIKELESION” — was badly needed. In early 2010, for example, the NSA branch office lost power 150 times within the space just a few months — a serious handicap for a service that strives to monitor all of the world’s data traffic.

NSA Sites in Germany

On Sept. 19, 2011, the Americans celebrated the reopening of the refurbished ETC, and since then, the building has been the NSA’s “primary communications hub” in Europe. From here, a Snowden document outlines, huge amounts of data are intercepted and forwarded to “NSAers, warfighters and foreign partners in Europe, Africa and the Middle East.” The hub, the document notes, ensures the reliable transfer of data for “the foreseeable future.”

Soon the NSA will have an even more powerful and modern facility at their disposal: Just five kilometers away, in the Clay Kaserne, a US military complex located in the Erbenheim district of Wiesbaden, the “Consolidated Intelligence Center” is under construction. It will house data-monitoring specialists from Mainz-Kastel. The project in southern Hesse comes with a price tag of $124 million (€91 million). When finished, the US government will be even better equipped to satisfy its vast hunger for data.

One year after Edward Snowden made the breadth of the NSA’s global data monitoring public, much remains unknown about the full scope of the intelligence service’s activities in Germany. We know that the Americans monitored the mobile phone of German Chancellor Angela Merkel and we know that there are listening posts in the US Embassy in Berlin and in the Consulate General in Frankfurt.

But much remains in the dark. The German government has sent lists of questions to the US government on several occasions, and a parliamentary investigative committee has begun looking into the subject in Berlin. Furthermore, Germany’s chief public prosecutor has initiated an investigation into the NSA — albeit one currently limited to its monitoring of the chancellor’s cell phone and not the broader allegation that it spied on the communications of the German public. Neither the government nor German lawmakers nor prosecutors believe they will receive answers from officials in the United States.

German Left Party politician Jan Korte recently asked just how much the German government knows about American spying activities in Germany. The answer: Nothing. The NSA’s promise to send a package including all relevant documents to re-establish transparency between the two governments has been quietly forgotten by the Americans.

In response, SPIEGEL has again reviewed the Snowden documents relating to Germany and compiled a Germany File of original documents pertaining to the NSA’s activities in the country that are now available for download here. SPIEGEL has reported on the contents of some of the documents over the course of the past year. The content of others is now being written about for the first time. Some passages of the documents have been redacted in order to remove sensitive information like the names of NSA employees or those of the German foreign intelligence service, the Bundesnachrichtendienst (BND). This week’s reports are also based on documents and information from other sources.

An Omnipotent American Authority

The German publichas a right to know exactly what the NSA is doing in Germany, and should be given the ability to draw its own conclusions about the extent of the US intelligence agency’s activities in the country and the scope of its cooperation with German agencies when it comes to, for example, the monitoring of fiber-optic cables.

The German archive provides the basis for a critical discussion on the necessity and limits of secret service work as well as on the protection of privacy in the age of digital communication. The documents complement the debate over a trans-Atlantic relationship that has been severely damaged by the NSA affair.

They paint a picture of an all-powerful American intelligence agency that has developed an increasingly intimate relationship with Germany over the past 13 years while massively expanding its presence. No other country in Europe plays host to a secret NSA surveillance architecture comparable to the one in Germany. It is a web of sites defined as much by a thirst for total control as by the desire for security. In 2007, the NSA claimed to have at least a dozen active collection sites in Germany.

The documents indicate that the NSA uses its German sites to search for a potential target by analyzing a “Pattern of Life,” in the words of one Snowden file. And one classified report suggests that information collected in Germany is used for the “capture or kill” of alleged terrorists.

According to Paragraph 99 of Germany’s criminal code, spying is illegal on German territory, yet German officials would seem to know next to nothing about the NSA’s activity in their country. For quite some time, it appears, they didn’t even want to know. It wasn’t until Snowden went public with his knowledge that the German government became active.

On June 11, August 26 and October 24 of last year, Berlin sent a catalogue of questions to the US government. During a visit to NSA headquarters at Fort Meade, Maryland at the beginning of November, German intelligence heads Gerhard Schindler (of the BND) and Hans-Georg Maassen (of the domestic intelligence agency, known as the Office for the Protection of the Constitution or BfV) asked the most important questions in person and, for good measure, handed over a written list. No answers have been forthcoming. This leaves the Snowden documents as the best source for describing how the NSA has turned Germany into its most important base in Europe in the wake of the terrorist attacks of Sept. 11, 2001.

The NSA’s European Headquarters

On March 10, 2004, two US generals — Richard J. Quirk III of the NSA and John Kimmons, who was the US Army’s deputy chief of staff for intelligence — finalized an agreement to establish an operations center in Germany, the European Security Center (ESC), to be located on US Army property in the town of Griesheim near Darmstadt, Germany. That center is now the NSA’s most important listening station in Europe.

The NSA had already dispatched an initial team to southern Germany in early 2003. The agency stationed a half-dozen analysts at the its European headquarters in Stuttgart’s Vaihingen neighborhood, where their work focused largely on North Africa. The analysts’ aims, according to internal documents, included providing support to African governments in securing borders and ensuring that they didn’t offer safe havens to terrorist organizations or their accomplices.

The work quickly bore fruit. It became increasingly easy to track the movements of suspicious persons in Mali, Mauritania and Algeria through the surveillance of satellite telephones. NSA workers passed information on to the US military’s European Command, with some also being shared with individual governments in Africa. A US government document states that the intelligence insights have “been responsible for the capture or kill of over 40 terrorists and has helped achieve GWOT (Global War on Terror) and regional policy successes in Africa.”

Is Germany an NSA Beachhead?

The documents in Snowden’s archive raise the question of whether Germany has become a beachhead for America’s deadly operations against suspected terrorists — and whether the CIA and the American military use data collected in Germany in the deployment of its combat drones. When asked about this by SPIEGEL, the NSA declined to respond.

The operations of the NSA’s analysts in Stuttgart were so successful that the intelligence agency quickly moved to expand its presence. In 2004, the Americans obtained approximately 1,000 square meters (10,750 square feet) of office space in Griesheim to host 59 workers who monitored communications in an effort to “optimize support to Theater operations” of the US Armed Forces. Ten years later, the center, although largely used by the military, has become the NSA’s most important outpost in Europe — with a mandate that goes far beyond providing support for the US military.

In 2011, around 240 intelligence service analysts were working at the Griesheim facility, known as the Dagger Complex. It was a “diverse mix of military service members, Department of the Army civilians, NSA civilians, and contractors,” an internal document states. They were responsible for both collecting and analyzing international communication streams. One member of the NSA pointed out proudly that they were responsible for every step in the process: collection, processing, analyzing and distribution.

In May 2011, the installation was renamed the European Center for Cryptology (ECC) and the NSA integrated its Threat Operations Center, responsible for early danger identification, into the site. A total of 26 reconnaissance missions are managed from the Griesheim complex, which has since become the center of the “largest Analysis and Production activity in Europe,” with satellite stations in Mons, Belgium, and in Great Britain. Internal documents indicate that the ECC is the operative intelligence arm of the NSA’s European leadership in Stuttgart.

Much of what happens in Griesheim is classic intelligence work and threat identification, but a presentation dating from 2012 suggests that European data streams are also monitored on a broad scale. One internal document states there are targets in Africa as well as targets in Europe. The reason being that “most terrorists stop thru Europe.” For reconnaissance, the document mentions, the ECC relies on its own intelligence gathering as well as data and assistance from Britain’s Government Communications Headquarters (GCHQ) intelligence service.

The latter is likely a reference to the Tempora program, located in the British town of Bude, which collects all Internet data passing through several major fiber-optic cables. GCHQ, working together with the NSA, saves the data that travels through these major European network connections for at least three days. The ECC claims to have access to at least part of the GCHQ data.

NSA staff in Griesheim use the most modern equipment available for the analysis of the data streams, using programs like XKeyscore, which allows for the deep penetration of Internet traffic. Xkeyscore’s sheer power even awakened the interest of Germany’s BND foreign intelligence service as well as that of the Federal Office for the Protection of the Constitution, which is responsible for monitoring extremists and possible terrorists within Germany.

An internal NSA report suggests that XKeyscore was being used at Griesheim not only to collect metadata — e.g. the who, what, where, with whom and at what time — but also the content of actual communications. “Raw content” is saved for a period of between “3 days to a couple of weeks,” an ECC slide states. The metadata are stored for more than 90 days. The document states that XKeyscore also makes “complex analytics like ‘Pattern of Life'” possible.

The NSA said in a statement that XKeyscore is an element of its foreign intelligence gathering activities, but it was using the program lawfully and that it allows the agency to help “defend the nation and protect US and allied troops abroad.” The statement said it engages in “extensive, close consultations” with the German government. In a statement provided to SPIEGEL, NSA officials pointed to a policy directive Barack Obama issued in January in which the US president affirmed that all persons, regardless of nationality, have legitimate privacy interests, and that privacy and civil liberties “shall be integral considerations in the planning of US signals intelligence activities.”

The statement reveals the significant gap between Germany’s understanding of what surveillance means and that of the Americans. In overseas operations, the NSA does not consider searching through emails to be surveillance as long as they are only stored temporarily. It is only considered to be a deeper encroachment on privacy when this data is transferred to the agency’s databases and saved for a longer period of time. The US doesn’t see it as a contradiction when Obama ensures that people won’t be spied upon, even as the NSA continues monitoring email traffic. The NSA did not respond to SPIEGEL’s more detailed questions about the agency’s outposts in Germany.

‘The Endangered Habitat of the NSA Spies’

The bustling activity inside the Dagger Complex listening station at Griesheim stands in stark contrast to its outward appearance. Only a few buildings can be recognized above ground, secured by two fences and a gate made of steel girders and topped by barbed wire.

Activist Daniel Bangart would love to see what is on the other side of that fence. He’s rattled the fence a number of times over the past year, but so far no one has let him in. Instead, he’s often been visited by police.

When Bangert first began inviting people to take a “walk” at Griesheim to “explore together the endangered habitat of the NSA spies,” he intended it as a kind of subversive satirical act. But with each new revelation from the Snowden archive, the 29-year-old has taken the issue more seriously. These days, the heating engineer — who often wears a T-shirt emblazoned with “Team Edward” — and a small group of campaigners regularly attempt to provoke employees at the Dagger Complex. He has developed his own method of counter-espionage: He writes down the license plate numbers of suspected spies from Wiesbaden and Stuttgart.

At one point, the anti-surveillance activist even tried to initiate a dialogue with a few of the Americans. At a street fair in Griesheim, he convinced one to join him for a beer, but the man only answered Bangert’s questions with queries of his own. Bangert says another American told him: “What is your problem? We are watching you!”

Spying as They Please

It’s possible Bangert has also attracted the attention of another NSA site, located in the US Consulate General in Frankfurt, not far from Griesheim. The “Special Collection Service” (SCS) is a listening station that German public prosecutors have taken a particular interest in since announcing earlier this month that it was launching an investigation into the spying on Angela Merkel’s mobile phone. The trail leads from the Chancellery in Berlin via the US Embassy next to the Brandenburg Gate and continues all the way to Laurel, Maryland, north of Washington DC.

That’s where the SCS is headquartered. The service is operated together by the NSA and the CIA and has agents spread out across the globe. They are the eyes and ears of the US and, as one internal document notes, establish a “Home field advantage in adversary’s space.”

The SCS is like a two-parent household, says Ron Moultrie, formerly the service’s vice president. “We must be mindful of both ‘parents’.” Every two years, leadership is swapped between the NSA and the CIA. The SCS, says Moultrie, is “truly a hybrid.” It is divided into four departments, including the “Mission Support Office” and the “Field Operations Office,” which is made up of a Special Operations unit and a center for signal development. In Laurel, according to internal documents, the NSA has established a relay station for communications intercepted overseas and a site for training.

Employees are stationed in US embassies and consulates in crisis regions, but are also active in countries that are considered neutral, like Austria. The agents are protected by diplomatic accreditation, even though their job isn’t covered by the international agreements guaranteeing diplomatic immunity: They spy pretty much as they please. For many years, SCS agents claimed to be working for the ominous-sounding “Defense Communications Support Group.” Sometimes, they said they worked for something called the “Defense Information Systems Agency.”

Spying Stations, from Athens the Zagreb

According to an internal document from 2011, information related to the SCS and the sites it maintains was to be kept classified for at least 75 years. It argued that if the agency’s activities were ever revealed, it would hamper the “effectiveness of intelligence methods currently in use” and result in “serious harm” to relations between the US and foreign governments.

In 1979, there were just over 40 such SCS branch offices. During the chilliest days of the Cold War, the number reached a high point of 88 only to drop significantly after the fall of the Berlin Wall and the collapse of communism in Eastern Europe. But following the Sept. 11, 2001 terror attacks, the government established additional sites, bringing the number of SCS spy stations around the world up to a total of around 80 today. The documents indicate that the SCS maintains two sites in Germany: in the US Consulate General in Frankfurt and the US Embassy in Berlin, just a few hundred meters away from the Chancellery.

The German agencies responsible for defending against and pursuing espionage — the Office for the Protection of the Constitution and the office of the chief federal prosecutor — are particularly interested in the technology deployed by the SCS. The database entry relating to Merkel’s cell phone, which SPIEGEL first reported on in October 2013, shows that the SCS was responsible for its surveillance.

According to an internal presentation about the work done by the SCS, equipment includes an antenna rotator known as “Einstein,” a database for analysis of microwaves called “Interquake” and a program called “Sciatica” that allows for the collection of signals transmitted in gigahertz frequencies. A program called “Birdwatcher,” which intercepts encrypted signals and prepares them for analysis, can be remotely controlled from the SCS headquarters in Maryland. The tool allows the NSA to identify protected “Virtual Private Networks” or VPNs that might be of interest. VPNs are used by many companies and embassies for internal communication.

200 American Intelligence Workers in Germany

Following the revelations that Merkel’s mobile phone had been monitored, Hans-Georg Maassen of the domestic intelligence agency BfV, turned to US Ambassador to Germany John Emerson to learn more about the technology and the people behind it. Maassen also wanted to know what private contractors the NSA was working with in Germany. When Emerson said during a visit to the Chancellery that he assumed the questions had been straightened out, Maassen countered, in writing, that they remained pertinent.

Maassen says he received a “satisfactory” answer from Emerson about intelligence employees. But that could be because the US government has officially accredited a number of the intelligence workers it has stationed in Germany. SPIEGEL research indicates more than 200 Americans are registered as diplomats in Germany. There are also employees with private firms who are contracted by the NSA but are not officially accredited.

The list of questions the German government sent to the US Embassy makes it clear that German intelligence badly needs help. “Are there Special Collection Services in Germany?” reads one question. “Do you conduct surveillance in Germany?” And: “Is this reconnaissance targeted against German interests? ” There are many questions, but no answers.

Ultimately, Maassen will have to explain to the parliamentary investigative committee what he has learned about US spying in Germany and how he intends to fulfill his legally mandated task of preventing espionage. The explanation provided by the BfV thus far — that it is uncertain whether the chancellor was spied on from the US Embassy in Berlin or remotely from the headquarters in Maryland, making it unclear whether German anti-espionage officials should get involved — is certainly an odd one. Germany’s domestic intelligence agency is responsible for every act of espionage targeting the country, no matter where it originates. Cyber-attacks from China are also viewed by the BfV as espionage, even if they are launched from Shanghai.

The order to monitor the chancellor was issued by the department S2C32, the NSA unit responsible for Europe. In 2009, Merkel was included in a list of 122 heads of state and government being spied on by the NSA. The NSA collects all citations relating to a specific person, including the different ways of referring to them, in a database called “Nymrod.”

The NSA introduced Nymrod in January 2008 and the entries refer to a kind of register of “intelligence reports from NSA, CIA, and DoD (Department of Defense) databases.” In Merkel’s case, there are more than 300 reports from the year 2009 in which the chancellor is mentioned. The content of these reports is not included in the documents, but according to a Nymrod description from 2008, the database is a collection of “SIGINT-Targets.” SIGINT stands for signals intelligence.

Is it possible that the German government really knew nothing about all of these NSA activities within Germany? Are they really — as they claimed in August 2013 in response to a query from the center-left Social Democratic Party (SPD) — “unaware of the surveillance stations used by the NSA in Germany”?

That is difficult to believe, especially given that the NSA has been active in Germany for decades and has cooperated closely with the country’s foreign intelligence agency, the BND, which is overseen by the Chancellery. A top-secret NSA paper from January 2013 notes: “NSA established a relationship with its SIGINT counterpart in Germany, the BND-TA, in 1962, which includes extensive analytical, operational, and technical exchanges.”

When the cooperation with its junior partner from West Germany began, the NSA was just 10 years old and maintained stations in Augsburg and West Berlin in addition to its European headquarters in Stuttgart-Vaihingen.

American intelligence agencies, like those of the three other World War II victors, immediately began to monitor Germans within their zones of occupation, as confirmed by internal guidelines relating to the evaluation of reports stemming from the years 1946 to 1967.

In 1955, the British and French reduced their surveillance of Germans and focused on operations further to the east. The Americans, however, did not and continued to monitor telephone and other transmissions both within Germany and between the country and others in Western Europe. By the mid 1950s, US spies may have been listening in on some 5 million telephone conversations per year in Germany.

The easternmost NSA surveillance post in Europe during the Cold War was the Field Station Berlin, located on Teufelsberg (Devil’s Mountain) in West Berlin. The hill is made from the rubble left over from World War II — and the agents operating from its top were apparently extremely competent. They won the coveted Travis Trophy, awarded by the NSA each year to the best surveillance post worldwide, four times.

‘A Perpetual State of Domination’

Josef Foschepoth, a German historian, refers to German-American relations as “a perpetual state of domination.” He speaks of a “common law developed over the course of 60 years” allowing for uncontrolled US surveillance in Germany. Just how comprehensive this surveillance was — and remains — can be seen from the so-called SIGAD lists, which are part of the Snowden archive. SIGAD stands for “Signal Intelligence Activity Designator” and refers to intelligence sources that intercept radio or telephone signals. Every US monitoring facility carries a code name made up of letters and numbers.

Documents indicate that the Americans often opened new SIGAD facilities and closed old ones over the decades, with a total of around 150 prior to the fall of the Wall. The technology used for such surveillance operations has advanced tremendously since then, with modern fiber-optic cables largely supplanting satellite communications. Data has become digital, making the capture of large quantities of it far easier.

The Snowden documents include a 2007 list that goes all the way back to 1917 and includes the names of many former and still active US military installations as well as other US facilities that are indicated as sites of data collection. It notes that a number of the codes listed are no longer in operation, and a deactivation date is included for at least a dozen. In other instances, the document states that the closing date is either unknown or that the SIGADs in question are still in operation. These latter codes include sites in Frankfurt, Berlin, Bad Aibling and Stuttgart — all places still known to have an active NSA presence.

Because Americans tended to monitor their targets themselves, Germany’s BND long had little to offer, creating a largely one-sided relationship in which the Germans played the subservient role. Only at the beginning of the last decade did the nature of the cooperation begin to change, partially as a result of the BND’s successful effort to massively upgrade its technical abilities, as an internal NSA document notes approvingly. But the pecking order in the relationship has remained constant.

The former East Germany appears to have beenbetter informed about the NSA’s spying activities than Berlin currently claims to be. The NSA’s work was known to the Hauptverwaltung Aufklärung (HVA), East Germany’s foreign intelligence agency, a unit of the Ministry for State Security, the secret police more commonly known as the “Stasi.” One internal Stasi document noted of the NSA: “This secret intelligence service of the USA saves all radio signals, conversations, etc., around the globe from friends and foes.”

At the beginning of 1990, right after the Berlin Wall fell, HVA officers delivered around 40 binders with copies of NSA documents — obtained by two spies — to the Stasi’s central archive. The HVA officers wanted to preserve the highly controversial material for historians and others who might be interested in it.

After US diplomats were informed by the German Federal Prosecutor of the documents’ existence, Washington began applying pressure on the German government to hand over the NSA files. Finally, in July 1992, employees of the German agency responsible for executing the Stasi archive handed “two sealed containers with US documents” over to the German Federal Border Guard, which in turn delivered them to the Interior Ministry. Once in possession of them, the Americans used the files as evidence in the trial against a former NSA employee who had spied for East Germany.

Apparently the first haul of documents wasn’t enough for the NSA. In 2008, during Merkel’s first term in office, several NSA employees visited the Stasi archives to view all the remaining documents — from the Stasi’s Main Department III, which was responsible for signals intelligence — containing information about US facilities.

The German Interior Ministry classified and blocked access to most of the material and they are no longer viewable by journalists or researchers. By the time Edward Snowden began publishing the NSA documents last year, only two files pertaining to the NSA remained available for viewing, and both were filled with harmless material. It is unlikely the remaining historical documents will be much help to the federal prosecutors now investigating the NSA.

But one person who could potentially contribute to clarifying the NSA’s role in Germany was in Munich this week. General Keith Alexander, who recently left his position as NSA chief, spoke at a conference organized by Deutsche Telekom on Monday night. When officials at the Federal Prosecutor’s Office were asked days before his keynote speech whether they would try to question Alexander as a witness, they, responded by saying, “We do not conduct criminal investigative proceedings publicly.”

It seems Germany’s chief federal investigator may ultimately follow the dictum given by Foschepoth: “The German government is more concerned about keeping the Americans happy than it is about our constitution.”

Featured photo - How Secret Partners Expand NSA’s Surveillance Dragnet Top-secret documents reveal how the NSA has established secret partnerships to spy on huge flows of private data.

Huge volumes of private emails, phone calls, and internet chats are being intercepted by the National Security Agency with the secret cooperation of more foreign governments than previously known, according to newly disclosed documents from whistleblower Edward Snowden.

The classified files, revealed today by the Danish newspaper Dagbladet Information in a reporting collaboration with The Intercept, shed light on how the NSA’s surveillance of global communications has expanded under a clandestine program, known as RAMPART-A, that depends on the participation of a growing network of intelligence agencies.

It has already been widely reported that the NSA works closely with eavesdropping agencies in the United Kingdom, Canada, New Zealand, and Australia as part of the so-called Five Eyes surveillance alliance. But the latest Snowden documents show that a number of other countries, described by the NSA as “third-party partners,” are playing an increasingly important role – by secretly allowing the NSA to install surveillance equipment on their fiber-optic cables.

The NSA documents state that under RAMPART-A, foreign partners “provide access to cables and host U.S. equipment.” This allows the agency to covertly tap into “congestion points around the world” where it says it can intercept the content of phone calls, faxes, e-mails, internet chats, data from virtual private networks, and calls made using Voice over IP software like Skype.

The program, which the secret files show cost U.S. taxpayers about $170 million between 2011 and 2013, sweeps up a vast amount of communications at lightning speed. According to the intelligence community’s classified “Black Budget” for 2013, RAMPART-A enables the NSA to tap into three terabits of data every second as the data flows across the compromised cables – the equivalent of being able to download about 5,400 uncompressed high-definition movies every minute.

In an emailed statement, the NSA declined to comment on the RAMPART-A program. “The fact that the U.S. government works with other nations, under specific and regulated conditions, mutually strengthens the security of all,” said NSA spokeswoman Vanee’ Vines. “NSA’s efforts are focused on ensuring the protection of the national security of the United States, its citizens, and our allies through the pursuit of valid foreign intelligence targets only.”

The secret documents reveal that the NSA has set up at least 13 RAMPART-A sites, nine of which were active in 2013. Three of the largest – codenamed AZUREPHOENIX, SPINNERET and MOONLIGHTPATH – mine data from some 70 different cables or networks. The precise geographic locations of the sites and the countries cooperating with the program are among the most carefully guarded of the NSA’s secrets, and these details are not contained in the Snowden files. However, the documents point towards some of the countries involved – Denmark and Germany among them.

An NSA memo prepared for a 2012 meeting between the then-NSA director, Gen. Keith Alexander, and his Danish counterpart noted that the NSA had a longstanding partnership with the country’s intelligence service on a special “cable access” program. Another document, dated from 2013 and first published by Der Spiegel on Wednesday, describes a German cable access point under a program that was operated by the NSA, the German intelligence service BND, and an unnamed third partner.

The Danish and German operations appear to be associated with RAMPART-A because it is the only NSA cable-access initiative that depends on the cooperation of third-party partners. Other NSA operations tap cables without the consent or knowledge of the countries that host the cables, or are operated from within the United States with the assistance of American telecommunications companies that have international links. One secret NSA document notes that most of the RAMPART-A projects are operated by the partners “under the cover of an overt comsat effort,” suggesting that the tapping of the fiber-optic cables takes place at Cold War-era eavesdropping stations in the host countries, usually identifiable by their large white satellite dishes and radomes.

A shortlist of other countries potentially involved in the RAMPART-A operation is contained in the Snowden archive. A classified presentation dated 2013, published recently in Intercept editor Glenn Greenwald’s book No Place To Hide, revealed that the NSA had top-secret spying agreements with 33 third-party countries, including Denmark, Germany, and 15 other European Union member states:

For any foreign government, allowing the NSA to secretly tap private communications is politically explosive, hence the extreme secrecy shrouding the names of those involved. But governments that participate in RAMPART-A get something in return: access to the NSA’s sophisticated surveillance equipment, so they too can spy on the mass of data that flows in and out of their territory.

The partnership deals operate on the condition that the host country will not use the NSA’s spy technology to collect any data on U.S. citizens. The NSA also agrees that it will not use the access it has been granted to collect data on the host countries’ citizens. One NSA document notes that “there ARE exceptions” to this rule – though does not state what those exceptions may be.

According to Snowden, the agreements that the NSA has in place with its partners are lax and easily circumvented. In a statement to the European parliament in March, he used Denmark and Germany as examples to describe how the NSA had effectively established what he called a “European bazaar” for surveillance.

“An EU member state like Denmark may give the NSA access to a tapping center on the (unenforceable) condition that NSA doesn’t search it for Danes, and Germany may give the NSA access to another on the condition that it doesn’t search for Germans,” Snowden said.

“Yet the two tapping sites may be two points on the same cable, so the NSA simply captures the communications of the German citizens as they transit Denmark, and the Danish citizens as they transit Germany, all the while considering it entirely in accordance with their agreements.”

Among the trove is a report that sheds new light on how the U.S. government may be using games to motivate analysts using XKeyscore, a tool for searching through online data that the agency collects that was revealed last year by former NSA contractor Edward Snowden.

XKeyscore allows analysts to “search with no prior authorization through vast databases containing emails, online chats and the browsing histories of millions of individuals” around the world according to a Guardian story published last summer. A document published by Der Spiegel describes an XKeyscore training at the NSA’s European Cryptologic Center, revealing that analysts may also be rewarded for their exploration within the system with something called “Skilz points.”


(Der Spiegel)

It’s unclear from the report exactly how the Skilz points system works, but from these snippets it sounds pretty similar to the reward systems found in many video gaming platforms — earning points and leveling up.

The NSA declined to comment specifically on Skilz points or the agency’s use of gamification.

Leaked: NSA’s RAMPART-A, SMOKYSINK, AZUREPHOENIX, SPINNERET, TRANQUIL, MOONLIGHTPATH, FIREBIRD, FLASHMARK, FALCONSTRIKE, DULCIMER, REDHARVES, CONDORSPEAK,XKEYSCORE; ACRIDMINI; LUTEUSICARUS; HEADMOVIES; APERTURESCIENCE; CROSSEYEDSLOTH; KOALAPUNCH; BALLOONKNOT; MAGNUMOPUS; WAXTITAN; WILDCOUGAR; MURPHYSLAW; DARKFIRE; CHOCOLATESHIP; SCREAMINGHARPY; WILDCHOCOBO; WHISTLINGDIXIE; CHAOSOVERLORD; SHAREDTAFFY; POTBED; DARKTHUNDER; JEEPFLEA; SHARPSHADOW; HIGHCASTLE; TROJAN CLASSIC XXI; CADENCE; PINWALE, BLACKPEARL; ROADBED; GODLIKELESION; BOTANICREALTY; LADYLOVE; UNCANNY; SALTYDOGS; TROPICPUMA; GRANDMASTER; WEALTHYCLUSTER; DISHFIRE; JUGGERNAUT; TURMOIL; BLACKNIGHT; CYBERTRANS; PAINTBALL; SYNAPSE; JOURNEYMAN; GOLDENRETRIEVER; SOCIOPATH; TEMPORA; GENESIS; NYMROD; ANCHORY; INTERQUAKE; PANOPLY; MIRROR; DARKQUEST; BIRDWATCHER; WHARPDRIVE – Edward Snowden

Most Recent Edward Snowden NSA LEAKS Access Here

 


Sources:  http://www.spiegel.de/international/germany/new-snowden-revelations-on-nsa-spying-in-germany-a-975441-3.html , https://firstlook.org/theintercept/article/2014/06/18/nsa-surveillance-secret-cable-partners-revealed-rampart-a/ , http://www.information.dk/501259 , http://www.information.dk/501256 , http://www.washingtonpost.com/blogs/the-switch/wp/2014/06/18/how-the-nsa-may-have-used-games-to-encourage-digital-snooping/

Keith Alexander’s speech points to the Defence Intelligence

Excerpt from Black Budget: Foreign Partner Access

Rampart-A Project Overview October 2010

Special Source Operations (8 slides)

Special Source Operations (3 additional RAMPART-A slides)

More NSA Documents – New Edward Snowden News

Advertisements

2 thoughts on “Leaked: NSA Documents 6/18 – 6/19/2014 New Edward Snowden Slides, PDFs, News

  1. Pingback: Edward Snowden NSA Leaks News | PicNews

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s