Member log in

NSA’s mass surveillance of NZers online

Part of my TEDx Queenstown talk next week is about mass surveillance online. How governments are building the modern Panopticon.

I was therefore quite surprised yesterday when Prime Minister John Key said he has no reason to believe the NSA has undertaken mass surveillance on New Zealanders. To help the prime minister, let’s look at what we know about it and whether an objective person should come to the same conclusion.

At the same time, let’s not overlook the FBI’s (NarusInsight) and GCHQ’s (Tempora) sterling efforts in collecting and making the data available to the NSA. In fact, the GCHQ collects even more metadata off international cables than the NSA.

I’ll cover both the direct and indirect ways known to be used (thanks Edward Snowden and other whistleblowers). By way of context, note that it is entirely legal for the NSA to undertake mass (and targeted) surveillance of New Zealanders. There are virtually no limits on the NSA’s surveillance of non-Americans in the US "national interest."

And, no, being part of the Five Eyes does not buy us immunity from being spied on by the NSA and GCHQ.

Southern Cross Cable primary means

Almost all of New Zealanders’ international Internet traffic travels on the Southern Cross Cable system. Some of it goes via Australia but the bulk of it is to or via US. This includes all data on the internet- web, emails, IP voice/video, apps, etc.

The quickest way to understand the significance of this is the superb NZ Herald article that David Fisher reminded me of yesterday. It demonstrates how the Southern Cross Cable folks tried to take commercial advantage of NSA mass surveillance.

Note: I do accept their defence that they are merely complying with legal obligations placed on them. That doesn’t, however, stop them or others in seeking commercial advantage from doing so.

Another angle is the Snowden documents.

The main NSA program for bulk surveillance of fibre optic international cables is Fairview. Fairview’s goal is to “own the Internet” and is an ‘umbrella program’ that refers to individual efforts including BLARNEY, OAKSTAR, and STORMBREW.

But does Fairview cover the Southern Cross Cable? Absolutely. Have a look a this and you’ll quickly see it at the far right:

Fairview

Note that FAA702 in the slide refers to operations under section 702 of the FISA Amendment Act (FAA) of 2008. Section 702 is the one that authorises foreign surveillance programs by the NSA.

Under the various Fairview programs, the NSA works with international partners, including telcos. There has been some speculation about the role of New Zealand telcos (with Telstra’s role now public knowledge) but that might have to wait for Snowden’s New Zealand documents expected to be made public this year.

These programs are ‘full take’- they collect all the data passing through for analysis, both metadata and content. Data is not collected based on selectors or targeting or any suspicion whatsoever.

Everything flowing through the Southern Cross Cable system at the US landing points is passed on to the NSA. That’s mass surveillance of New Zealanders. Whether our prime minister considers that to be sufficient reason to believe it is happening or not, the fact is that it is.

Indirect Mass Surveillance

In addition to direct, legal mass surveillance of New Zealanders, the NSA also has several indirect means. These are mass global surveillance programs in which New Zealanders’ data is hoovered up as a part of their indiscriminate global scope.

Chief among these is PRISM. The NSA always uses multiple ways to get the same information, even if one is working well. This slide shows how the direct surveillance above (upstream collection as data flows past) combines with indirect means to provide comprehensive mass surveillance:

Upstream-slide

It’s not news to anyone that New Zealanders are extensively using online services from the US-based companies named above. All of that’s available to the NSA. Documents indicate that PRISM is “the number one source of raw intelligence used for NSA analytic reports” and it accounts for 91% of the NSA’s Internet traffic acquired under FISA Section 702.

In addition to PRISM which is like knocking on the front door of these online service providers, the NSA in keeping with its use of multiple paths to get the same information, also works with the GCHQ at the back end to scoop up data on the connections between Google’s and Yahoo’s global data centres under a program called MUSCULAR.

Other Mass Surveillance of New Zealanders

In addition to Internet mass surveillance, there are NSA spying programs that involve phones (including text messages via Dishfire), financial transactions, and travel data. There are also various additional GCHQ programs, including the wonderfully named Squeaky Dolphin aimed at social media networks.

The bottomline is that the NSA would be failing in its stated mission if it wasn’t putting New Zealanders under mass (and targeted) surveillance. If it makes us feel better, New Zealand is amongst the countries least under surveillance by the NSA according to their global heatmap Boundless Informant.

I firmly believe that, contrary to the prime minister’s statement, we have every reason to believe that New Zealanders are indeed subject to mass surveillance by the NSA on the basis of known programs alone.

And that’s before we’ve even got Snowden’s New Zealand specific disclosures.

Former State Services Commission strategy & innovation manager and InternetNZ chief executive Vikram Kumar is the former CEO of Mega. He posts at Internet Ganesha.

Comments and questions
16

I want to live in a world where the governments are total transparent and the citizens have total privacy...

Are spies taught its ok to lie?
Standard operating procedure for spies is to deny everything and because the prime minister heads the spy agencies doesnt this mean he also has to deny everything.

I've seen a Snowden/NSA world map with red dots on it showing where the NSA has servers.
I saw a red dot on the South Island which to me means that the NSA spies on internal NZ communications.

*yawn* Vikram, seriously, do you really think people don't see this "article" as an anti-American loon out out from the Kim Dotcon organised crime camp?

You must be part of the fascist regime of american lobby groups?

I'd rather sit in a Kumar camp than share space with a bunch of blowhard whale watchers.
Joe Publics excellent comment above is worth repeating "I want to live in a world where the governments are total transparent and the citizens have total privacy..."

No "Anonymous", it's only you.

It's kindof bewildering - how deep the stupid goes. What would it actually take to make you wake up?

Previously, when a UN agency, the International Telecommunication Union, came up with detailed proposals on more diversified global internet control, the US, the UK, Canada and Australia rejected the plan. The four governments – allies under the so-called Five Eyes intelligence sharing group – claimed that internationalization of internet governance would lead to internet censorship in some countries. Kroes also appeared to be skeptical of the UN’s proposal, calling it a “top-down approach.” A multi-polar internet should be the world’s aim, she believes. “We must strengthen the multi-stakeholder model to preserve the Internet as a fast engine for innovation,” the EC official said. Kroes’ words came as European Parliament lawmakers were preparing a response to US snooping activities. The MEPs are keen to demand that virtual data be stored on computer servers in Europe to improve oversight, Reuters reported. http://rt.com/news/eu-internet-control-us-755/ EU body calls for US to give up internet control, pushes for international governance .

Research a bit more and you will find all the major countries in the world are at it, with China being one of the worst. Then if you take into account all the major corporates, every single thing you do on line is being analysed in depth by not one but many organisations. The USA government organisations are in there as well but are probably not the worst. To a degree they do have a responsibility to protect, where others do so just to make money from us, to steal from us or to look to harm us. So this commentator is right but is selectively right to suit his own issues or the issues of his master.

I think the NSA is the worst because they have set up relationships with many of the large telco operations in the world to help with the spying.
Other opposing countries do not have these relationships.
NSA also has access to most of the undersea fibre optics around the world. See graphic in the above article for this info.
The NSA also has relationships with American tech companies like Cisco which I think makes it easier for them when it comes to hacking into equipment(routers) abroad. Cisco do not open source their code(unlike Huawei) which makes NSA hacking hard to detect and stop. This is why American tech companies like Cisco and IBM currently have falling sales in many developing countries(eg China).

Without doubt NSA has by far the greatest budget and resources. And undoubtedly uses these to further US commercial advantages as shown by the latest Snowden revelations. This is pure and simple corruption.

As per usual John Key will be "comfortable with that".

As a National/ACT voter all my life I am simply unwilling to extend my vote any further to John Key based on his nonchalant view on privacy issues. Notwithstanding all the good work he has done on economic matters.

Countries like Brazil, Germany etc are at least having a national debate on the issue and trying to do something about it. John Key on the other hand thinks a public hearing on the GCSB in which the GCSB doesn't even have to appear is sufficient before ramming through some new legislation.

When asked about the golf match with Obama, Key said he didn't ask about the NSA, but is comfortable with everything the agency does.
I mean seriously, without even discussing the issue and the evidence how can he reach such a conclusion.

Good to see the Orwellian Super-State laid bare in all it's horror, as it applies to New Zealanders.

Wonder what the Diggers would think of this? Not much freedom without privacy.

and tell me, in which way has this had a negative effect on your life? still comes back to the same point, if your not doing anything bad, what is there to worry about?

are you going to complain to Auckland council that they "spy" on you because you are recorded on CCTV walking downtown, or complain to NZTA because your car is recorded driving down the motorway? Unless you do something wrong, you are unnoticed.

"Unless you do something wrong, you are unnoticed."

How ignorant of history you are. Who determines if what you are doing is 'wrong', - the very same powers that are doing the spying. Hence the opportunity for abuse of those powers.

Watch very carefully..
https://www.youtube.com/watch?v=5yB3n9fu-rM

- Although I suspect you're one of those guys who is happy to just get home and watch his shows without thinking too much.

"So long as the people do not care to exercise their freedom,
those who wish to tyrannize will do so; for tyrants are active
and ardent, and will devote themselves in the name of any
number of gods, religious and otherwise, to put shackles upon
sleeping men."
-- Voltaire, 1764