Internet surveillance: past, present and future


Published on

Latest version presented at Share conference, Belgrade, 26 April 2012

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Intelligence authority for economic well-being
  • See also
  • Data: European Commission evaluation of data retention directive p.33; IMF World Economic Outlook 2009 population figures for 2008
  • Surveillance Net Yields Few Suspects. NSA's Hunt for Terrorists Scrutinizes Thousands of Americans, but Most Are Later Cleared. By Barton Gellman, Dafna Linzer and Carol D. Leonnig Washington Post Staff Writers
Sunday, February 5, 2006; Page A01
  • Internet surveillance: past, present and future

    1. 1. Internet surveillance:past, present and future Ian Brown
    2. 2. UKUSA alliance • Based on US-UK cooperation during Second World War • Canada, Australia and New Zealand have also become “second parties” • UK handles Europe, Africa and European CIS; US Asian CIS; Australia South Pacific and South-East Asia • Cooperates with Germany, Japan, China…
    3. 3. • Echelon• Frenchelon• Multinationals“We steal secrets withespionage, withcommunications, withreconnaissance satellites”–James Woolsey Source: Campbell (1999)
    4. 4. Menwith Hill Officially RAF base; is run by NSA Source: Campbell (1999)
    5. 5. Radio interception Source: Campbell (1999) High frequency radio interception antenna (AN/FLR9)
    6. 6. Microwave interception • Microwave links carry signals between cities, but spill out into space • CANYON and CHALET US satellites collect signals from Soviet Union, Middle East Source: Campbell (1999)
    7. 7. Submarine interception • Underwater cable interception in Okhotsk Sea (1971) and Barents Sea (1979) • USS Jimmy Carter specially designed with “ocean interface” for underwater divers Source: US Department of Defense (2005)
    8. 8. Source: TeleGeography
    9. 9. Hepting v. AT&T and Jewel v. NSA plaintiffs alleged NarusDPI equipment (monitors OC-192 link in real-time)installed in San Francisco, Seattle, San Jose, Los Angelesand San Diego, and NSA given access to Daytona 300+terabyte database of comms data
    10. 10. Communications exchangeinterception 1995Internet site Location Operator DesignationFIX East College Park, MD US government FIXFIX West Mountain View US government FIXMAE East Washington, DC MCI MANNew York NAP Pennsauken, NJ Sprintlink NAPSWAB Washington, DC PSInet / Bell SMDS DC Area Atlantic BypassChicago NAP Chicago Ameritech / NAP BellcorpSan Francisco NAP San Francisco Pacific Bell NAPMAE West San Jose MCI MANCIX Santa Clara CIX CIX
    11. 11. Comms data requests/m people Data: European Commission review of Data Retention Directive; IMF World Economic Outlook
    12. 12. What the watchers want• “advance passenger information, airline bookings and other travel data, passport and biometric data, immigration, identity and border records, criminal records, and other governmental and private sector data, including financial and telephone and other communication records… and in some cases the ability to apply data mining and pattern recognition software to databases, might well be the key to effective pre-emption in future terrorist cases.”• “Finding out other people’s secrets is going to involve breaking everyday moral rules. So public trust in the essential reasonableness of UK police, security and intelligence agency activity will continue to be essential.” –Sir David Omand (2009) p.9
    13. 13. Efficacy of data mining• ~5000 Americans surveilled over 4 years; led to <10 warrants per year• “[T]here is not a consensus within the relevant scientific community nor on the committee regarding whether any behavioral surveillance … techniques are ready for use at all in the counterterrorist context" –US National Research Council (2008) p.4
    14. 14. What the watchers want 2.0• “social media intelligence … could contribute decisively to public safety: identifying criminal activity; giving early warning of disorder and threats to the public; or building situational awareness in rapidly changing situations”• “information can also be identified and extracted regarding when a group is planning demonstrations or flashmobs, which could lead to violence or increasing community tensions” (Omand, Bartlett and Miller 2012)
    15. 15. 1 Visitor control center2 Administration3 Data halls: Four 25,000-square-foot server halls4 Backup generators and fuel tanks5 Water storage and pumpingAble to pump 1.7 million gallons of liquid per day.6 Chiller plant: About 60,000 tons of cooling equipment7 Power substation: estimated 65-megawatt demand8 Security: Video surveillance, intrusion detection, and otherprotection will cost more than $10 million.Source: Wired, U.S. Army Corps of Engineers Conceptual Site plan
    16. 16. Source: The Guardian, 16 January 2011
    17. 17. Insider threats Information required Price paid to ‘blagger’ Price charged Occupant search not known £17.50 Telephone reverse trace £40 £75 Friends and Family £60 – £80 not known Vehicle check at DVLA £70 £150 – £200 Criminal records check not known £500 Locating a named person not known £60 Ex-directory search £40 £65 – £75 Mobile phone account not known £750 Licence check not known £250 Source: What price privacy? UK Information Commissioner’s Office (2006)
    18. 18. Conclusion• UKUSA allies spend many billions of dollars per year on COMINT• Internet and fibre optics initially proved challenging; now main problem is dealing with the mountains of data captured inc. “SOCMINT”• HTTPS may speed transition from COMINT to access to data at rest• Intelligence agencies are not the only watchers
    19. 19. References• Duncan Campbell (1999) The state of the art in communications Intelligence. Working document for European Parliament DG Research, PE 168. 184 Vol 2/5• US National Research Council (2008) Protecting Individual Privacy in the Struggle Against Terrorists: A Framework for Program Assessment, National Academies Press• I. Brown & D. Korff (2009) Terrorism and the Proportionality of Internet Surveillance, European Journal of Criminology, 6(2) pp.119-134• D. Omand (2009) The National Security Strategy: Implications for the UK intelligence community, Institute for Public Policy Research• D. Omand, J. Bartlett & C. Miller (2012) #Intelligence, Demos