By Raïssa Robles

Do you think that text messages through Globe and Smart Telecom were spy-proof? Did you believe the explanation that mobile phone text messages are next to impossible to intercept because one message is relayed in several packets? Did you imagine the leaks of Edward Snowden have nothing to do with the Philippines?

Time to reconsider all of those things. According to Cory Doctorow, a Canadian journalist and Internet freedom fighter, he pointed out in a post yesterday in popular site Boing Boing that a spy inside one of the Philippine telecom firms has been collecting and forwarding our mobile phone traffic to the US National Security Agency. A voice interpretation program called “Mystic” is being secretly used to collect phone data from the Philippines, thanks to a well-placed spy in one of our telecom firms. The unnamed spy was allegedly placed there by Australian intelligence.

Doctorow wrote:

According to the NSA documents, MYSTIC targets calls and other data transmitted on Global System for Mobile Communications networks – the primary framework used for cell phone calls worldwide. In the Philippines, MYSTIC collects “GSM, Short Message Service (SMS) and Call Detail Records” via access provided by a “DSD asset in a Philippine provider site.” (The DSD refers to the Defence Signals Directorate, an arm of Australian intelligence. The Australian consulate in New York declined to comment.)

You can read more about Doctorow’s article here.

As usual, it was my hubby Alan who alerted me to this news. Alan specializes on the Internet and lives there most of the time.

We don’t exactly know how extensive the spying is in our country. Or if our top Philippine government officials have been targeted.

So far, none of the publications has named the Philippine telecom provider where the spy works.

UPDATE: as of 6:15 PM May 20, 2014 South China Morning Post which I write for published today an article saying it was the online website The Intercept which first named the countries where the US was using MYSTIC. Among those behind the online website is investigative journalist Glen Greenwald, who broke the Snowden NSAleaks in The Guardian when Greenwald was writing a column there. US spying in the Philippines through MYSTIC “has been in operation since last year,” the SCMP said quoting The Intercept. The SCMP also said that in 72 hours, Wikileaks will identify the country that has not been named to this day – where secret US spying has been going on. Greenwald himself has warned that naming the country could “lead to deaths.” In this article, I identified The Intercept as firstlook.org. I am correcting this now.

Another website, The Intercept of firstlook.org also mentions the spying going on in the Philippines and even includes the graphic below:

The Intercept explains that –

In March (2014), The Washington Post revealed that the NSA had developed the capability to record and store an entire nation’s phone traffic for 30 days. The Post reported that the capacity was a feature of MYSTIC, which it described as a “voice interception program” that is fully operational in one country and proposed for activation in six others. (The Post also referred to NSA documents suggesting that MYSTIC was pulling metadata in some of those countries.) Citing government requests, the paper declined to name any of those countries.

The Washington Post article mentioned by The Intercept gives us an idea of how powerful the “Mystic” program is. The Post said:

“The National Security Agency has built a surveillance system capable of recording ‘100 percent’ of a foreign country’s telephone calls, enabling the agency to rewind and review conversations as long as a month after they take place, according to people with direct knowledge of the effort and documents supplied by former contractor Edward Snowden.”

Here’s a link to the Washington Post article.

Recall that German Prime Minister Angela Merkel complained about her mobile phone being tapped and it turned out that no less than the President of the United States had authorized it. Hmmmm.

There are a thousand and one reasons nowadays to have President Benigno Aquino’s phone tapped. Or the phones of Defense Secretary Voltaire Gazmin, Foreign Secretary Albert del Rosario and Armed Forces Chief of Staff General Emmanuel Bautista.

Department of Justice Assistant Secretary Geronomo Sy successfully sneaked into the Philippine Cybercrime Law a section that allowed “Real-Time Collection of Traffic Data.” This is the same section that the Supreme Court struck down as unconstitutional last February 18, 2014.

This is the same thing that the NSA has been secretly doing to us. I wonder if Assec Geronimo Sy was aware of the NSA activities in the Philippines.

But what’s a phone tap between friends? Between non-NATO allies?

Plenty. It strikes at the very heart of national sovereignty and our Bill of Rights. It allows strangers to sift through your most private moments.

But what the hell is metadata?

US authorities have tried to downplay the widespread spying by saying that only “meta data” is being collected. Recall that the Department of Jusice tried to use the same argument that it’s only meta data being collected through “real time collection of traffic data”.

The Guardian publication, which was at the forefront of leaking Snowden’s NSA files explained that metadata includes:

the phone number of every caller and recipient the unique serial number of the phones involved (the caller and the recipient) the time and duration of each phone call and potentially the location of each of the participants when the call happened.

The US government poo-pooed this saying it’s just like collecting the address on a letter being mailed through the post office.

However, the Guardian said:

But that is not a view shared by privacy advocates. Groups such as the Electronic Frontier Foundation say that by knowing who an individual speaks to, and when, and for how long, intelligence agencies can build up a detailed picture of that person, their social network, and more. Collecting information on where people are during the calls colours in that picture even further. One recent case that highlights this tension is the recent subpoenas of the call records of Associated Press journalists, which led to clashes between the media and the White House over what was widely seen as intrusion into a free press. The information collected on the AP was telephony metadata: precisely what the court order against Verizon shows is being collected by the NSA on millions of Americans every day. Gary Pruitt, the president of the Associated Press, set forth how monitoring even these “envelopes” could become a serious intrusion: “These records potentially reveal communications with confidential sources across all of the newsgathering activities undertaken by the AP during a two-month period, provide a road map to AP’s newsgathering operations, and disclose information about AP’s activities and operations that the government has no conceivable right to know.” The view on whether such “transactional” data is personal, and how intrusive it can be, is also being tested in the appellate courts, and the supreme court is likely to see more cases on the issue in the near future.

You can read more about this by clicking here.

Here is more explanation from The Guardian about metadata attached to e-mail, mobile phone, camera, Facebook, Twitter, Google Search, and even the pages you visit on the web.

Some of you might say that you are not journalists and therefore you really don’t have a need to protect your metadata.

Right.

But in the Philippines, who’s to say how the metadata will be used? Who’s to say – when such metadata collecting becomes so routine – that someone will have the bright idea of selling it to someone else? An angry spouse, perhaps? A rival businessman? Or even a kidnapper or extortionist?

Or how about some corrupt and/or authoritarian politician or military officer getting his hands on the data? Is there any accountability?

I have become cynical about these things because of my years as a journalist. Consider, for instance, the “watchlist order” that the Department of Justice Secretary can apparently issue without a court order. In one of my interviews with Raul Gonzalez, the former Justice Secretary of President Gloria Macapagal-Arroyo, he told me of the wide discretion the DOJ secretary has:

You see, a watchlist may be the result of a rumor. There are people who may be envious of somebody. Let’s take the case of the husband – who wants to leave (the country)– the wife asked for him to be on the watch list because the husband is taking all his children, things like that.

Filipinos might think that the metadata in the hands of the US government are in safe hands.

It is safe for as long as the US government does not use it against you. But what if you are a high Philippine government official who likes to engage in sexting? Or a businessman with shady deals applying for a US visa? Or a top businessman diagnosed with stage 4 cancer?

A New Yorker magazine article WHAT’S THE MATTER WITH METADATA? written by Jane Mayer interviewed mathematician and former Sun Microsystems engineer Susan Landau to explain how much confidential information can be obtained using just metadata. Landau authored a book called “Surveillance or Security?.”

Here’s an excerpt:

“The public doesn’t understand,” she (Landau) told me, speaking about so-called metadata. “It’s much more intrusive than content.” She explained that the government can learn immense amounts of proprietary information by studying “who you call, and who they call. If you can track that, you know exactly what is happening—you don’t need the content.” For example, she said, in the world of business, a pattern of phone calls from key executives can reveal impending corporate takeovers. Personal phone calls can also reveal sensitive medical information: “You can see a call to a gynecologist, and then a call to an oncologist, and then a call to close family members.” And information from cell-phone towers can reveal the caller’s location. Metadata, she pointed out, can be so revelatory about whom reporters talk to in order to get sensitive stories that it can make more traditional tools in leak investigations, like search warrants and subpoenas, look quaint. “You can see the sources,” she said. When the F.B.I. obtains such records from news agencies, the Attorney General is required to sign off on each invasion of privacy. When the N.S.A. sweeps up millions of records a minute, it’s unclear if any such brakes are applied. Metadata, Landau noted, can also reveal sensitive political information, showing, for instance, if opposition leaders are meeting, who is involved, where they gather, and for how long. Such data can reveal, too, who is romantically involved with whom, by tracking the locations of cell phones at night.

To read the rest of the article, click here.

Oh, and by the way, under the newly-signed US-Philippine Enhanced Defense Cooperation Agreement (EDCA), President Aquino’s administration has just given the US government the right to “use all necessary radio spectrum” for its telecommunications needs. Maybe they’ll no longer need that spy inside the telco anymore.