Does the NSA Tap That? What We Still Don't Know About the Agency's Internet Surveillance
By Justin Elliott, ProPublica
Among the snooping revelations of recent weeks, there have been tantalizing bits of evidence that the NSA is tapping fiber-optic cables that carry nearly all international phone and Internet data.
The idea that the NSA is sweeping up vast data streams via cables and other infrastructure — often described as the "backbone of the Internet" — is not new. In late 2005, the New York Times first described the tapping, which began after the Sept. 11, 2001 attacks. More details emerged in early 2006 when an AT&T whistleblower came forward.
But like other aspects of NSA surveillance, virtually everything about this kind of NSA surveillance is highly secret and we're left with far from a full picture.
Is the NSA really sucking up everything?
It's not clear.
The most detailed, though now dated, information on the topic comes from Mark Klein. He's the former AT&T technician who went public in 2006 describing the installation in 2002-03 of a secret room in an AT&T building in San Francisco. The equipment, detailed in technical documents, allowed the NSA to conduct what Klein described as "vacuum-cleaner surveillance of all the data crossing the internet -- whether that be peoples' e-mail, web surfing or any other data."
Klein said he was told there was similar equipment installed at AT&T facilities in San Diego, Seattle, and San Jose.
There is also evidence that the vacuuming has continued in some form right up to the present.
A draft NSA inspector's general report from 2009, recently published by the Washington Post, refers to access via two companies "to large volumes of foreign-to-foreign communications transiting the United States through fiberoptic cables, gateway switches, and data networks."
A recently published NSA slide, dated April 2013, refers to so-called "Upstream" "collection" of "communications on fiber cables and infrastructure as data flows past."
These cables carry vast quantities of information, including 99 percent of international phone and Internet data, according to research firm TeleGeography.
This upstream surveillance is in contrast to another method of NSA snooping, Prism, in which the NSA isn't tapping anything. Instead, the agency gets users' data with the cooperation of tech companies like Facebook and Google.
Other documents leaked by Edward Snowden to the Guardian provide much more detail about the upstream surveillance by the British Government Communications Headquarters (GCHQ), the NSA's U.K. counterpart.
GCHQ taps cables where they land in the United Kingdom carrying Internet and, phone data. According to the Guardian, unnamed companies serve as "intercept partners" in the effort.
The NSA is listening in on those taps too. By May 2012, 250 NSA analysts along with 300 GCHQ analysts were sifting through the data from the British taps.
Is purely domestic communication being swept up in the NSA's upstream surveillance?
It's not at all clear.
Going back to the revelations of former AT&T technician Mark Klein — which, again, date back a decade — a detailed expert analysis concluded that the secret NSA equipment installed at an AT&T building was capable of collecting information "not only for communications to overseas locations, but for purely domestic communications as well."
On the other hand, the 2009 NSA inspector general report refers specifically to collecting "foreign-to-foreign communications" that are "transiting the United States through fiber-optic cables, gateway switches, and data networks"
But even if the NSA is tapping only international fiber optic cables, it could still pick up communications between Americans in the U.S.
That's because data flowing over the Internet does not always take the most efficient geographic route to its destination.
Instead, says Tim Stronge of the telecom consulting firm TeleGeography, data takes "the least congested route that is available to their providers."