Last Updated: 01 Oct 2015

This is the 4th blog of the MyShadow series: "Why shrugging at the Snowden revelations is a bad idea"

Author: Maria Xynou, Researcher at Tactical Tech

The attack on the satire magazine Charlie Hebdo in Paris this Wednesday fuels a long-standing argument that increased surveillance is required for citizen safety and national security. Law enforcement agencies are already using this incident as justification for increased surveillance. Such calls to increase the powers of surveillance agencies are being aided by the news that the two alleged suspects have been on the U.S. terrorist watch list for years. The attack gives freedom of the press and free speech advocates troubling and complex new challenges in discussions about security, what constitutes freedom of expression, the right to privacy and surveillance.

Over the past few weeks, we have been researching and writing a blog series about the Snowden leaks. This blog focuses on why mass surveillance is not just about catching the "bad guys". This is a challenging topic to write about today considering that people in Europe are still emotional and are trying to make sense of how these attacks affect fundamental freedoms. Nonetheless, we publish in the hope that it will contribute to debates and discussions. This post highlights how surveillance has been used for a variety of issues other than just counter-terrorism, particularly political and economic espionage.

Lies in the name of surveillance

In response to the Snowden revelations, many governments have argued that we need surveillance to safeguard national security – and this is not a new rhetoric. Ever since 9/11, governments across the globe which have, directly or indirectly, aligned with U.S foreign policy have argued that there is a trade-off between civil liberties and security. This implies that it is acceptable for intelligence agencies to spy on our communications so that they can detect criminals and terrorists – otherwise known as the "bad guys".

However, if we look a bit closer at the classified documents leaked by Snowden, it is evident that targeted surveillance is largely used to enhance the political and economic advantage of those in power, while mass surveillance is directed at spying on almost everyone – regardless of whether they have engaged in criminal activity or not.

Following the first Snowden revelations in 2013, General Keith B. Alexander – the (now former) Director of the NSA – testified to Congress:

In recent years, these programs, together with other intelligence, have protected the U.S and our allies from terrorist threats across the globe to include helping prevent the potential terrorist events over 50 times since 9/11.

This is just one quote through which a representative of law enforcement justifies mass surveillance in the name of national security. In June 2013, the NSA stated that it had successfully thwarted at least 50 potential terrorist attacks – which may or may not have occurred – through its bulk surveillance programmes. General Keith Alexander subsequently defended his agency's mass surveillance systems by arguing that he saw no effective alternative to the bulk collection of telephone and other electronic metadata to prevent terrorist attacks.

However, General Keith Alexander later admitted in October 2013 that he had lied about at least 50 terrorist plots having being thwarted through mass surveillance and that actually only one or two potential terrorist plots had been prevented as a result of his agency's operations.

Surveillance in the name of national security

Interestingly enough, a relatively recent study by the New America Foundation suggests that we are likely giving up the control of our private communications with no real security in return. By compiling and examining a database of 225 individuals in the United States, as well as of U.S persons abroad, who have been indicted, convicted or killed since September 11, 2001, the study found that NSA metadata collection programmes have not prevented terrorism. In fact, the study shows that only 4 cases out of 225 were investigated through the NSA's bulk collection of Americans' phone metadata – none of which lead to the detection and prevention of terrorist attacks.

Some of the core findings of this study suggest the following:

Traditional investigative methods have actually initiated the investigation of the majority of terrorism cases. In other words, relying on communities, families and informants to tip off investigators, as well as collecting information from other agencies - such as the FBI and the CIA which played much larger roles than metadata collection in the 225 cases of this study. Surveillance of American phone metadata has no significant impact on preventing acts of terrorism. It might, however, potentially have a marginal impact on preventing terrorist-related activity, such as fundraising for a terrorist group. The U.S government exaggerated the role of the NSA in key terrorism cases it cited. Better information-sharing through already existing intelligence would have been far more effective in preventing the 9/11 attacks.

If traditional investigative methods have been more succeful, then why do law enforcement agencies around the world continue to invest billions of dollars in surveillance systems? Perhaps surveillance has not only been used for national security in terms of crime and terrorism?

The politics of spying

Spying on the private communications of foreign political leaders can provide intelligence agencies and their governments with an unfair political advantage – especially when it comes to negotiations. When representatives of a government are aware of the positions of other delegates prior to a negotiation, they can form allies accordingly and influence the debate to their advantage.

This, however, creates an imbalance between already imbalanced political relations.

And in some cases, this can lead to an unfair advantage to an already weaker party within negotiations. Documents leaked by Snowden, for example, reveal that the NSA intercepted the communications of EU officials during negotiations about the trans-Atlantic free trade agreement. EU representatives reacted to these revelations by arguing that the interception of their negotiating positions could endanger the free trade deal.

Countless other political leaders around the world have also been targeted by intelligence agencies. The table at the end of this post illustrates some of the political figures around the world which have been targeted by intelligence agencies, according to the documents leaked by Snowden.

In 2009, the NSA and GCHQ monitored the phone calls and emails of delegates attending the G20 Summit in London. The same year, the NSA also intercepted the communications of delegates attending the Copenhagen Climate Summit and the Fifth Summit of Americas. The following year, the NSA and its Canadian counterpart, the CSRC, monitored the phone calls and emails of delegates attending the G8 and G20 Summits in Toronto. And the NSA has even gone as far as intercepting the communications of Security Council delegates at the United Nations to enhance its government's negotiating position.

While a certain level of spying within politics might not necessarily come as a huge surprise, targeted surveillance doesn't end there.

Spying on corporations

By intercepting the communications of corporations, intelligence agencies can potentially enhance the competitive advantage of their country's corporations. The private networks of Brazil's largest oil company and one of the 30 biggest businesses in the world, Petrobras, were targeted under the NSA's "Blackpearl" programme.

In response to these revelations, James Clapper – the US director of national intelligence – stated that such surveillance of companies was restricted to monitoring financial crises which could have a negative impact on the global economy, rather than for the purpose of enhancing the international competitiveness of U.S corporations. However, Snowden later revealed a 2009 report from the Office of the Director of National Intelligence which shows that the U.S actually considered engaging in industrial espionage to improve the competitive advantage of U.S corporations.

Numerous other corporations have been targeted by U.S and UK intelligence agencies as well, including Belgacom – Belgium's largest telecommunications company which supports the communications of EU officials – and the OPEC oil cartel, which illustrates intelligence agencies' interest in the global energy supply. Other leaked documents reveal that the NSA even created backdoors in Huawei's networks, which allowed the intelligence agency to monitor the company's emails, to collect its internal operating information and customer lists and to gain access to the source code of its products.

Another alarming revelation is the fact that the NSA also intercepted and created backdoors in Cisco routers and servers which were shipped overseas and which make up a large part of the backbone of the Internet, thus allowing the agency to secretly spy on individuals worldwide.

Spying on groups and individuals within civil society

In addition to spying on political leaders and corporations around the world, the documents leaked by Snowden also reveal that intelligence agencies have targeted the communications of various non-governmental organisations (NGOs), such as Amnesty International and Doctors without Borders. This raises serious concerns as human rights defenders are often vulnerable to abuse and the secret interception of their private communications widens the power imbalance between them and governments.

Other groups which have been targeted by intelligence agencies within civil society include hacktivists, such as Anonymous, WikiLeaks and Pirate Bay website staff and visitors and privacy and anonymity software users. Such groups often challenge the status quo and by gaining access to their private communications, intelligence agencies can potentially influence their activities. But the documents leaked by Snowden show that intelligence agencies even target system administrators. According to the NSA:

Who better to target than the person that already has the 'keys to the kingdom'?

If intelligence agencies are interested in getting access to all the communications that flow in a particular network, one way to do that is to infiltrate the computer used by its system administrator. And according to the leaked documents, data acquired through the computers of system administrators includes network maps, passwords, customer lists and business correspondence.

Spying on us all

Unfortunately, "ordinary" law-abiding citizens around the world are not immune to intelligence agencies' prying eyes either.

Through mass surveillance, intelligence agencies use algorithms to match patterns and to identify "abnormal" behaviour. Imagine having access to almost everything everyone says and does. And now imagine having access to the technologies which can analyze all such data in real time. It's extremely empowering, right? This is something that intelligence agencies have probably figured out.

Almost all communications around the world are routinely being collected by the NSA and GCHQ in bulk, indiscriminately – regardless of whether we are criminals or not. This can include our webcam images on Yahoo, our embarrassing photos on Facebook, our personal emails, our phone calls and even the weird videos we watch on YouTube.

As part of mass surveillance, pretty much everything we do online is constantly being monitored, collected, analyzed, aggregated and stored. Through the collection of our data, data analysts use algorithms to match patterns and create profiles about us - without our knowledge or consent. If such profiles include data which is interesting and/or concerning for intelligence agencies, the communications that match those profiles might be subjected to targeted surveillance.

And what does any of the above have to do with crime and terrorism?

The deadly attack in Paris on Charlie Hebdo is already triggering more rhetoric about trading-off our civil liberties in the name of national security. As part of this discussion, it is important to remember that in the past intelligence agencies have gone way beyond their 'official' mandate by spying on the private communications of international political leaders, companies, NGOs and "ordinary" law-abiding citizens. The Snowden revelations illustrate that the current oversight mechanisms of surveillance are inadequate and it remains unclear how and if this will change.

-------------------------------------------------------------------------------------------------

Appendix: Table which illustrates some cases of targeted surveillance against political figures around the world:

Intelligence agencies Targeted political figures Targeted countries Type of surveillance NSA Diplomats France Wiretapping NSA President Brazil Phone monitoring NSA and CSRC Ministry Brazil Cracking encryption, phone monitoring and email monitoring NSA President Mexico Email hacking NSA Diplomats France Wiretapping NSA Leadership Germany Phone monitoring and wiretapping NSA Ministry Venezuela Email monitoring ASD President Indonesia Phone monitoring ASD Public officials Indonesia Phone monitoring NSA and FRA Leadership Russia Signals intelligence NSA and CIA Leadership Italy Signals intelligence GCHQ Leadership Rwanda Phone monitoring GCHQ Leadership Israel Email monitoring NSA Ministry Germany Phone monitoring NSA Ministry Philippines Signals intelligence NSA Leadership Philippines Signals intelligence NSA Public officials China Phone monitoring NSA Diplomats Brazil Phone monitoring NSA Diplomats Bulgaria Phone monitoring NSA Diplomats Colombia Phone monitoring NSA Diplomats Georgia Phone monitoring NSA Diplomats Greece Phone monitoring NSA Diplomats India Phone monitoring NSA Diplomats Italy Phone monitoring NSA Diplomats Japan Phone monitoring NSA Diplomats Slovakia Phone monitoring NSA Diplomats South Africa Phone monitoring NSA Diplomats South Korea Phone monitoring NSA Diplomats Taiwan Phone monitoring NSA Diplomats Vietnam Phone monitoring

Resource: The Courage Foundation

NSA: National Security Agency (United States of America)

GCHQ: Government Communications Headquarter (United Kingdom)

ASD: Australian Signals Directorate

CSRC: Canadian Security Intelligence Service

FRA: National Defense Radio Establishment (Sweden)

CIA: Central Intelligence Agency (United States of America)

View the rest of the blog series here and/or check out our blog series timeline.