The NSA’s spying operations on regular Americans are the unwanted, terrible gift that just keeps on giving. Although most telecom and internet companies have cooperated with the surveillance efforts to one degree or another, at least some of them have the decency to act mildly chagrined about it. But not AT&T.
The New York Times and Pro Publica have jointly reported on newly confirmed findings from leaked NSA documents. While the NSA’s bulk, wide-reaching phone data collection program has gained the most notoriety and pushback, it’s not just phone data that big telecom companies are collecting. It’s internet traffic, too.
AT&T has been generally unrepentant in the past about how it handles law enforcement requests for consumers’ data. And perhaps the reason the inheritor of Ma Bell didn’t want to talk about its work with the NSA is because it likes that work a little too much.
Here are three key findings from the new trove of data.
1.) The documents don’t say, “Hey, this is AT&T,” but… it’s AT&T.
The files from the NSA consistently use the name “Fairview” for a single corporate partnership. But there are enough commonalities between Fairview and AT&T that it’s pretty clear just what business is being talked about. Apart from the main report, Pro Publica also ran a story explaining how they used several points of evidence from the NSA methodically to match AT&T to Fairview’s descriptions.
A second NSA/corporate partnership, Stormbrew, includes Verizon. However, AT&T’s work with the NSA has been considered “highly collaborative,” with AT&T displaying an “extreme willingness to help” above and beyond the cooperation from other telecom companies.
2.) This affects basically everyone, not just AT&T customers.
You don’t have to be (or be communicating with) an AT&T customer for your messages to be affected.
AT&T is one of a handful of backbone systems owners, known as Tier 1 providers, that provides the routes through which basically all internet traffic eventually flows. (Others based in the U.S. include Sprint, Verizon, Cogent, Level 3, and CenturyLink.) That means AT&T is selling, trading, or otherwise providing access over wires they own to all the ISPs you and I are using.
Meanwhile, the internet works by breaking up transmitted information into packets of data and zipping them around in pieces. It’s not as if an email goes directly, whole and untouched, to from Sender A to Recipient B. Instead, it travels in chunks with lots of other messages, too. And so, as Pro Publica explains, that means taking a look at any one person’s stuff going over AT&T’s wires in practical, realistic terms actually means taking a a look at lots of people’s stuff going over AT&T’s wires. As in, tens or possibly hundreds of millions of people.
3.) This has been going on for a long, long time.
The Fairview documents, as well as previously leaked items, show that AT&T began turning over data about emails to the NSA in October, 2001. By September, 2003 AT&T had become the “first partner to turn on a new collection capability that the NSA said amounted to ‘a live presence on the global net,'” the NYT and Pro Publica report. In one of the program’s first months up and running, the NSA received over 400 billion internet metadata records as well as over one million emails per day.
In 2006, an AT&T whistleblower leaked documents showing that AT&T had cooperated with the NSA to install devices that would allow surveillance on their fiber optic internet cables.
The EFF sued AT&T that same year for letting the NSA have warrantless access to internet records. Other related lawsuits were combined into a single proceeding, which was dismissed in 2009 after Congress retroactively made the program legal and granted telecom companies immunity for compliance.
However, the EFF filed another lawsuit in 2008, this time against the NSA directly, and that is the lawsuit the EFF hopes these newly-confirmed documents will bolster.
NSA Spying Relies on AT&T’s ‘Extreme Willingness to Help’ [Pro Publica]
AT&T Helped U.S. Spy on Internet on a Vast Scale [New York Times]
