AT&T, the weakest link

In the throng of American companies and their confused compliance with the National Security Agency’s controversial decade-long snooping on internal and international communications, The New York Times and ProPublica have unravelled one that actually bent over backwards to please the NSA: AT&T. The basis of their allegations is a tranche of NSA documents detailing the features and scope of AT&T’s compliance with the agency’s ‘requests’, dating from 2003 to 2013.

The standout feature of the partnership is that, according to a note from AT&T, it wasn’t contractual, implying the ISP hadn’t been coerced into snooping and sharing data on the traffic that passed through its domestic servers. As ProPublica writes, “its engineers were the first to try out new surveillance technologies invented by the eavesdropping agency”. One of the documents even goes as far as to “highlight the Partner’s extreme willingness to help with NSA’s SIGINT and Cyber missions”.

The documents were part of those released by whistleblower Edward Snowden in 2013. According to the reporters, the three entities implicated in them – NSA, AT&T and Verizon – refused to discuss the findings, in keeping with what has become a tradition of various ISPs refusing to reveal the terms of their ‘collaborations’ and the NSA refusing to reveal the ISPs it did work with. Since Snowden released the documents in 2013, public ire against the government’s intrusive snooping programmes have increased even as President Barack Obama as well as the judiciary have been in agreement that revealing any more details than Snowden already had would threaten national security.

As a result, the news that AT&T didn’t bother challenging the NSA throws valuable light on how the agency was able to eavesdrop on foreign governments and international organisations.

The ISPs aren’t named but are referred to by code names, but their real identities were given away when the dates of some of their surveillance ops coincided, sometimes too perfectly, with dates on which some fibre optic cables were ‘repaired’. For example, a document dated August 5, 2011, talks about Fairview’s data-logging resuming over a cable damaged by the earthquake near Japan in the same year – while, ProPublic states, a “Fairview fiber-optic cable … was repaired on the same date as a Japanese-American cable operated by AT&T”. So, the Fairview programme was found to be NSA + AT&T and the Stormbrew programme, NSA + Verizon/MCI.

However, AT&T got more attention than Stormbrew. In 2011, the NSA spent $188.9 million on AT&T and less than half that on Verizon, possibly because the former also practiced peering, a technique in networking where one company relays data through the network on behalf of other companies. As a result, users’ data from other ISPs and TSPs also ended up going through the wired AT&T servers.

AT&T’s complicity dates back to the mid-1980s, when antitrust regulators broke up the monopolistic Ma Bell telephone company, a fragment of which was AT&T. Its formation roughly coincided with NSA’s launching the Fairview program into which the TSP got subsumed. Following the 9/11 attacks, both Fairview and Stormbrew assumed centre-stage in the agency’s anti-terrorism programmes, with Fairview being especially effective. As the Times writes, “AT&T began turning over emails and phone calls ‘within days’ after the warrantless surveillance began in October 2001”.

All the documents disclosed by the publications in the latest release are available here.

The Wire
August 16, 2015