Snowden’s files show billions of pieces of phone & internet data plucked

Among the BRICS group of emerging nations, which featured quite high on the list of countries targeted by the secret surveillance programs of the U.S. National Security Agency (NSA) for collecting telephone data and internet records, India was the number one target of snooping by the American agency.

In the overall list of countries spied on by NSA programs, India stands at fifth place, with billions of pieces of information plucked from its telephone and internet networks just in 30 days.

According to top-secret documents provided to The Hindu by NSA whistleblower Edward Snowden, the American agency carried out intelligence gathering activities in India using at least two major programs: the first one is Boundless Informant, a data-mining system which keeps track of how many calls and emails are collected by the security agency; and the second one is PRISM, a program which intercepts and collects actual content from the networks. While Boundless Informant was used for monitoring telephone calls and access to the internet in India, PRISM collected information about certain specific issues — not related to terrorism — through Google, Microsoft, Facebook, Yahoo, Apple, YouTube and several other web-based services.

Asked by The Hindu why a friendly country like India was subjected to so much surveillance by the U.S., a spokesman of the U.S. government’s Office of the Director of National Intelligence said: “The U.S. government will respond through diplomatic channels to our partners and allies. While we are not going to comment publicly on every specific alleged intelligence activity, as a matter of policy we have made clear that the United States gathers foreign intelligence of the type gathered by all nations. We value our cooperation with all countries on issues of mutual concern.”The DNI spokesman chose not to respond to questions about how the NSA managed to pick so much data from India — 13.5 billion pieces of information in just one month — especially from its telephone networks, and about whether it had received the cooperation of Indian telecom companies.

Though top Indian officials have been rather dismissive of the disclosures, with Minister for External Affairs Salman Khurshid even defending the U.S. surveillance program by saying that “it is not… actually snooping,” the NSA documents obtained by The Hindu show that Boundless Informant not only keeps track of emails and calls collected by the NSA, it is also used by the agency to give its managers summaries of the intelligence it gathers worldwide, thus making it the foundation of the global surveillance programs created by the world’s biggest and most secretive intelligence agency.

This SIGINT (signal intelligence) system collects electronic surveillance program records or internet data (DNI) and telephone call metadata records (DNR), which is all stored in an NSA archive called GM-PLACE.

Boundless Informant summarises data records from 504 separate DNR and DNI collection sources called SIGADs, the documents show.

Collection of metadata is serious business. Several Information Technology experts The Hindu spoke to said a detailed account of an individual’s private and professional life can be constructed from metadata, which is actually the record of phone number of every caller and recipient; the unique serial number of the phones involved; the time and duration of each phone call; and potentially the location of each caller and recipient at the time of the call. The same applies to e-mails and other Internet activities of an individual. The high volume of metadata taken from India — 6.2 billion in just one month — means that the U.S. agency collected information on millions of calls, messages and emails every day within India, or between India and a foreign country.

The information collected is part of a bigger surveillance system.

According to a Frequently Asked Questions (FAQs) memo, an “Unclassified” and “For Official Use Only” document which has been obtained by The Hindu, Boundless Informant is a tool of the NSA’s Global Access Operations (GAO), whose motto is “The Mission Never Sleeps,” for a self-documenting SIGINT system. The tool, says the FAQs memo, “provides the ability to dynamically describe GAO’s collection capabilities (through metadata record counts) with no human intervention and graphically display the information in a map view, bar chart, or simple table”. The memo even describes how “by extracting information from every DNI and DNR metadata record, the tool is able to create a near real-time snapshot of GAO’s collection capability at any given moment.”

It’s the maps, which provide snapshots of the Boundless Informant data that actually show how intensely India was targeted by the NSA. As per one “global heat map” seen by The Hindu, just in March 2013, the U.S. agency collected 6.3 billion pieces of information from the Internet network in India. Another NSA heat map shows that the American agency collected 6.2 billion pieces of information from the country’s telephone networks during the same period.

Three “global heat maps,” which give each country a colour code based on how extensively it was subjected to NSA surveillance, clearly show that India was one of the hottest targets for U.S. intelligence. With the colour scheme ranging from green (least subjected to surveillance) through yellow and orange to red (most surveillance), the heat maps show India in the shades of deep orange and red even as fellow BRICS nations like Brazil, Russia and China — all monitored extensively — sit in green or yellow zones.

In the first heat map, showing the aggregate of data tracked by Boundless Informant in March 2013, with 14 billion reports, Iran was the country where the largest amount of intelligence was gathered. It’s followed by 13.5 billion from Pakistan. Jordan came third with 12.7 billion, Egypt fourth with 7.6 billion, and India fifth with 6.3 billion.

In the heat map that gives the overview of internet surveillance (DNI), with 6.3 billion pieces of intelligence taken from its networks, India is placed between Iran and Pakistan (both red) and China and the U.S. (both light orange). Both Brazil and Russia are coded in light green in this map, while China is shown in light orange.

In the third heat map, depicting collection of telephone records (DNR), India is shown in deep orange, with 6.2 billion pieces of information plucked from its telephone networks. In the case of DNR collection, India is the only BRICS country to share the same colour as the other highly-monitored countries like Saudi Arabia, Iraq and Venezuela; the other four emerging nations are in the green zone in this map.

Though India raised the issue of NSA surveillance when U.S. Secretary of State John Kerry visited New Delhi on June 24 to take part in the India-U.S. Strategic Dialogue, New Delhi seemed to have bought the official American version of the story. “We had an issue, which was discussed when Secretary Kerry was in India,” Mr. Khurshid had said on July 2. “He [Mr. Kerry] made a very clear explanation that no content has been sought or received of any email… So, I think as far as we are concerned, there is no issue today,” the Indian minister had said.

It’s true that Boundless Informant doesn’t intercept content, but the top-secret documents obtained by The Hindu show that this internal NSA tool focusses on counting and categorising the telephone calls and Internet records as well as on storing and retrieving it, which could give intelligence-gathering agents the records of calls and message times, identities, addresses and other information needed to track people or pick content.

Because this metadata is machine-readable, and therefore searchable, it makes intensive surveillance possible as the record of a person’s email logs, phone records and clickstream — all the websites visited ever — are available to NSA agents, without a warrant or court order. Citizen’s rights groups see it as a serious violation of people’s privacy and personal data. “By accessing metadata, you can learn an awful lot about an individual. With mobile phones, location data has now been added to metadata. With the Internet, you can in addition understand someone’s location in a social network in much more detail, as well as understand how that network relates to other networks. If you put all of this together, you get quite a detailed map of someone’s movements, who they hang out and what drives their lives,” said Anja Kovacs, project director at Internet Democracy Project, a New Delhi-based group working for online freedom of speech.

In a recent example of how metadata can be misused by the government, a couple of Associated Press reporters were subpoenaed by the U.S. Justice Department in a case involving a national security issue. The journalists were sent notices after the department procured the details of their calls with their sources, sparking a conflict between the media and the White House over press freedom.