Who’s eavesdropping on your data? Photo doug Olson

In 2005, the New York Times reported that the Bush Administration and the National Security Agency (NSA) had been conducting warrant less wiretapping on American citizens since 2002.

The implication is that the NSA has been violating the Fourth Amendment, which protects Americans from warrant less searches and seizures.

But what is most intriguing is the private involvement in eavesdropping on your data.

A document written by Mark Klein, former technician for AT&T, documents what could be the tip of the iceberg in the case of citizens’ privacy. In 2003, Klein alleges, AT&T built a “secret room” in their San Francisco technology hub. Plans he obtained showed cables tapping into 16 trunks lines of AT&T’s domestic and international traffic.

This allows all of that information to be copied to a room “full of cabinets”. Access to the room is suspiciously granted only to those with a security clearance from the NSA.

Klein’s document is currently part of the testimony in a class-action lawsuit against AT&T, but it’s suspected that many other major carriers were involved.

The NSA wasn’t sitting in a white van outside of potential a terrorist’s home. They were–and possibly still are–monitoring everyone from the comfort of their D.C. offices.

Then And Now

Traditional phone taps could occur anywhere, from the telephone itself, to a device placed on the wiring from your home to the utility pole.

However, these had to tap into the specific line being monitored. Modern digital communications make it possible to tap into any line and filter the necessary information.

If you think that sounds paranoid, consider the Communications Assistance for Law Enforcement Act (CALEA).

Enacted by congress in 1994, the law required every phone company, internet service provider (ISP) and Voice over IP companies (e.g.: Vonage) to ensure all of their facilities maintain easy access for surveillance by the FBI and other investigative bodies.

The deadline for every company to be ready and waiting for surveillance has passed–February 12, 2007.

Further legislation provides additional wiretapping capabilities for special circumstances. Long before we heard the words “sleeper cells”, the government was already considering wiretaps with regards to “foreign” entities within the U.S.

Spy versus Spy

In 1978 the passage of the Foreign Intelligence Surveillance Act (FISA) developed a court that would oversee and issue warrants on matters of national security, while not compromising their covert nature.

AT&T in bed with the NSA / Illustration EFF doug Olson

This private court skirts the fourth amendment by ensuring secret wiretaps receive proper judicial authorization, while not revealing sensitive facts about national security.

The act created a middle ground–foreign entities could be spied upon while citizens’ rights were closely guarded. FISA establishes penalties not less than $1,000 or $100 per day for citizens who communications were unlawfully monitored.

The implication that the NSA has spied on all of us is far reaching. The magnitude of such a project is staggering.

Is it really as serious as it sounds?

Enter Terrorist Information Awareness (TIA). Formerly called “Total Information Awareness,” TIA is an experiment plucked straight from an Orwellian police state.

TIA was a project put forth to mine massive amounts of private data and sort it into “information signatures”.

This data analysis project would look for patterns and associations that signaled criminal or terrorist activity. The project and the Information Awareness Office (IAO) were shut down in 2003 in a hail of legal concerns.

These 16 trunks that were diverted to an NSA room carried everything that passed on AT&T’s networks in that region. Cell and regular phone calls; web pages visits; emails (whether your account is hosted through AT&T/ComCast or not)–everything.

Such rooms are also generally hubs for interstate and international communications.

Who’s the Patriot?

The timing of construction on these rooms corresponded suspiciously to the bidding of various TIA contracts. The office of the Inspector General wrote off implications of wiretapping in these secret rooms, saying the purpose was “research” using “artificial synthetic data”.

The implications are staggering \ Photo Vaguely Artistic

But the class-action lawsuit, filed by the Electronic Frontier Foundation against AT&T for violating FISA, was put on hold following an invocation of the “executive state secrets privilege.”

The testimony in the lawsuit could “cause exceptionally grave damage to the national security of the United States,” according to Direction of National Intelligence John Negroponte.

Plans for this room labeled it “#3″, suggesting it was the third of its kind. Other “secret rooms” were suspected to have been installed in AT&T’s other major switching facilities throughout the U.S.

Was AT&T simply performing their patriotic duty?

Under FISA, AT&T’s participation in this act makes them liable to at least everyone in their 70 million subscriber base. At $100 a day per subscriber for over four years, AT&T is liable for two and a half trillion dollars; an amount that can sink even the mightiest corporate giant.

The Bush administration has argued that telecommunication companies should not be punished for cooperating with the government in good faith. To this, retroactive immunity for all companies was included in a bill that would amend the 2008 “Protect America Act”.

This amendment was subsequently shot down by the House of Representatives.

A Sinister Setback

On March 14th, the U.S. House of Representatives did approve a bittersweet amendment to FISA. The amendment legalizes domestic surveillance without a warrant, provided no single person is “targeted”.

The bill does not provide retroactive immunity to telecoms. The Bush administration has promised to veto any amendment that does not provide this immunity.

What does it take to protect America, or any other nation, for that matter? While we cannot deny the need for law enforcement to foresee trouble, how can a project such as TIA provide a guarantee that it will not later serve a more sinister purpose?

When the fourth amendment was drawn up, the U.S. didn’t have telephones, much less the concepts of Internet Relay Chat (IRC). When Thomas Jefferson tried to mitigate the Barbary threat, he didn’t have to worry about agents of Tripoli being supplanted within the populace.

Benedict Arnold fought numerous successful campaigns for the United States’ revolution, yet he is forever known for his attempt to hand the fort at West Point over to the British.

We have marred traitors before and sent them peaceably on their way. Is AT&T that different?

If we say that it’s ok to perform these kind of data-mining experiments, are we leaving the door open for another system similar to TIA?

The ongoing democratic experiment continues to drive across uncharted territory, producing–like forks in the road–a plethora of questions that need to be answered.

The turns we take here–whether or not to forgive AT&T, Verizon, MCI, etc., and to what degree we hold the NSA and the office of the President responsible–will affect the way our privacy is handled for generations.

What do you think of the wiretapping fiasco? Share your thoughts in the comments!