Group items tagged

In addition to analyzing the content of their internet activities, the NSA also examined the targets' contact lists. The NSA accuses two of the targets of promoting al Qaeda propaganda, but states that surveillance of the three English-speakers’ communications revealed that they have "minimal terrorist contacts." In particular, “only seven (1 percent) of the contacts in the study of the three English-speaking radicalizers were characterized in SIGINT as affiliated with an extremist group or a Pakistani militant group. An earlier communications profile of [one of the targets] reveals that 3 of the 213 distinct individuals he was in contact with between 4 August and 2 November 2010 were known or suspected of being associated with terrorism," the document reads. The document contends that the three Arabic-speaking targets have more contacts with affiliates of extremist groups, but does not suggest they themselves are involved in any terror plots. Instead, the NSA believes the targeted individuals radicalize people through the expression of controversial ideas via YouTube, Facebook and other social media websites. Their audience, both English and Arabic speakers, "includes individuals who do not yet hold extremist views but who are susceptible to the extremist message,” the document states. The NSA says the speeches and writings of the six individuals resonate most in countries including the United Kingdom, Germany, Sweden, Kenya, Pakistan, India and Saudi Arabia.

The NSA possesses embarrassing sexually explicit information about at least two of the targets by virtue of electronic surveillance of their online activity. The report states that some of the data was gleaned through FBI surveillance programs carried out under the Foreign Intelligence and Surveillance Act. The document adds, "Information herein is based largely on Sunni extremist communications." It further states that "the SIGINT information is from primary sources with direct access and is generally considered reliable." According to the document, the NSA believes that exploiting electronic surveillance to publicly reveal online sexual activities can make it harder for these “radicalizers” to maintain their credibility. "Focusing on access reveals potential vulnerabilities that could be even more effectively exploited when used in combination with vulnerabilities of character or credibility, or both, of the message in order to shape the perception of the messenger as well as that of his followers," the document argues. An attached appendix lists the "argument" each surveillance target has made that the NSA says constitutes radicalism, as well the personal "vulnerabilities" the agency believes would leave the targets "open to credibility challenges" if exposed.

One target's offending argument is that "Non-Muslims are a threat to Islam," and a vulnerability listed against him is "online promiscuity." Another target, a foreign citizen the NSA describes as a "respected academic," holds the offending view that "offensive jihad is justified," and his vulnerabilities are listed as "online promiscuity" and "publishes articles without checking facts." A third targeted radical is described as a "well-known media celebrity" based in the Middle East who argues that "the U.S perpetrated the 9/11 attack." Under vulnerabilities, he is said to lead "a glamorous lifestyle." A fourth target, who argues that "the U.S. brought the 9/11 attacks on itself" is said to be vulnerable to accusations of “deceitful use of funds." The document expresses the hope that revealing damaging information about the individuals could undermine their perceived "devotion to the jihadist cause." The Huffington Post is withholding the names and locations of the six targeted individuals; the allegations made by the NSA about their online activities in this document cannot be verified. The document does not indicate whether the NSA carried out its plan to discredit these six individuals, either by communicating with them privately about the acquired information or leaking it publicly. There is also no discussion in the document of any legal or ethical constraints on exploiting electronic surveillance in this manner.

While Baker and others support using surveillance to tarnish the reputation of people the NSA considers "radicalizers," U.S. officials have in the past used similar tactics against civil rights leaders, labor movement activists and others. Under J. Edgar Hoover, the FBI harassed activists and compiled secret files on political leaders, most notably Martin Luther King, Jr. The extent of the FBI's surveillance of political figures is still being revealed to this day, as the bureau releases the long dossiers it compiled on certain people in response to Freedom of Information Act requests following their deaths. The information collected by the FBI often centered on sex -- homosexuality was an ongoing obsession on Hoover's watch -- and information about extramarital affairs was reportedly used to blackmail politicians into fulfilling the bureau's needs. Current FBI Director James Comey recently ordered new FBI agents to visit the Martin Luther King, Jr. Memorial in Washington to understand "the dangers in becoming untethered to oversight and accountability."

James Bamford, a journalist who has been covering the NSA since the early 1980s, said the use of surveillance to exploit embarrassing private behavior is precisely what led to past U.S. surveillance scandals. "The NSA's operation is eerily similar to the FBI's operations under J. Edgar Hoover in the 1960s where the bureau used wiretapping to discover vulnerabilities, such as sexual activity, to 'neutralize' their targets," he said. "Back then, the idea was developed by the longest serving FBI chief in U.S. history, today it was suggested by the longest serving NSA chief in U.S. history." That controversy, Bamford said, also involved the NSA. "And back then, the NSA was also used to do the eavesdropping on King and others through its Operation Minaret. A later review declared the NSA’s program 'disreputable if not outright illegal,'" he said. Baker said that until there is evidence the tactic is being abused, the NSA should be trusted to use its discretion. "The abuses that involved Martin Luther King occurred before Edward Snowden was born," he said. "I think we can describe them as historical rather than current scandals. Before I say, 'Yeah, we've gotta worry about that,' I'd like to see evidence of that happening, or is even contemplated today, and I don't see it."

Jaffer, however, warned that the lessons of history ought to compel serious concern that a "president will ask the NSA to use the fruits of surveillance to discredit a political opponent, journalist or human rights activist." "The NSA has used its power that way in the past and it would be naïve to think it couldn't use its power that way in the future," he said.

As the gap has grown between Washington’s global reach and its shrinking mailed fist, as it struggles to maintain 40% of world armaments (the 2012 figure) with only 23% of global gross economic output, the U.S. will need to find new ways to exercise its power far more economically. As the Cold War took off, a heavy-metal U.S. military -- with 500 bases worldwide circa 1950 -- was sustainable because the country controlled some 50% of the global gross product. But as its share of world output falls -- to an estimated 17% by 2016 -- and its social welfare costs climb relentlessly from 4% of gross domestic product in 2010 to a projected 18% by 2050, cost-cutting becomes imperative if Washington is to survive as anything like the planet’s “sole superpower.” Compared to the $3 trillion cost of the U.S. invasion and occupation of Iraq, the NSA’s 2012 budget of just $11 billion for worldwide surveillance and cyberwarfare looks like cost saving the Pentagon can ill-afford to forego. Yet this seeming “bargain” comes at what turns out to be an almost incalculable cost. The sheer scale of such surveillance leaves it open to countless points of penetration, whether by a handful of anti-war activists breaking into an FBI field office in Media, Pennsylvania, back in 1971 or Edward Snowden downloading NSA documents at a Hawaiian outpost in 2012.

In October 2001, not satisfied with the sweeping and extraordinary powers of the newly passed Patriot Act, President Bush ordered the National Security Agency to commence covert monitoring of private communications through the nation's telephone companies without the requisite FISA warrants. Somewhat later, the agency began sweeping the Internet for emails, financial data, and voice messaging on the tenuous theory that such “metadata” was “not constitutionally protected.” In effect, by penetrating the Internet for text and the parallel Public Switched Telephone Network (PSTN) for voice, the NSA had gained access to much of the world’s telecommunications. By the end of Bush’s term in 2008, Congress had enacted laws that not only retrospectively legalized these illegal programs, but also prepared the way for NSA surveillance to grow unchecked. Rather than restrain the agency, President Obama oversaw the expansion of its operations in ways remarkable for both the sheer scale of the billions of messages collected globally and for the selective monitoring of world leaders.

By 2012, the centralization via digitization of all voice, video, textual, and financial communications into a worldwide network of fiber optic cables allowed the NSA to monitor the globe by penetrating just 190 data hubs -- an extraordinary economy of force for both political surveillance and cyberwarfare.

With a few hundred cable probes and computerized decryption, the NSA can now capture the kind of gritty details of private life that J. Edgar Hoover so treasured and provide the sort of comprehensive coverage of populations once epitomized by secret police like East Germany’s Stasi. And yet, such comparisons only go so far. After all, once FBI agents had tapped thousands of phones, stenographers had typed up countless transcripts, and clerks had stored this salacious paper harvest in floor-to-ceiling filing cabinets, J. Edgar Hoover still only knew about the inner-workings of the elite in one city: Washington, D.C.  To gain the same intimate detail for an entire country, the Stasi had to employ one police informer for every six East Germans -- an unsustainable allocation of human resources. By contrast, the marriage of the NSA’s technology to the Internet’s data hubs now allows the agency’s 37,000 employees a similarly close coverage of the entire globe with just one operative for every 200,000 people on the planet

Through the expenditure of $250 million annually under its Sigint Enabling Project, the NSA has stealthily penetrated all encryption designed to protect privacy. “In the future, superpowers will be made or broken based on the strength of their cryptanalytic programs,” reads a 2007 NSA document. “It is the price of admission for the U.S. to maintain unrestricted access to and use of cyberspace.” By collecting knowledge -- routine, intimate, or scandalous -- about foreign leaders, imperial proconsuls from ancient Rome to modern America have gained both the intelligence and aura of authority necessary for dominion over alien societies. The importance, and challenge, of controlling these local elites cannot be overstated. During its pacification of the Philippines after 1898, for instance, the U.S. colonial regime subdued contentious Filipino leaders via pervasive policing that swept up both political intelligence and personal scandal. And that, of course, was just what J. Edgar Hoover was doing in Washington during the 1950s and 1960s.

Indeed, the mighty British Empire, like all empires, was a global tapestry woven out of political ties to local leaders or “subordinate elites” -- from Malay sultans and Indian maharajas to Gulf sheiks and West African tribal chiefs. As historian Ronald Robinson once observed, the British Empire spread around the globe for two centuries through the collaboration of these local leaders and then unraveled, in just two decades, when that collaboration turned to “non-cooperation.” After rapid decolonization during the 1960s transformed half-a-dozen European empires into 100 new nations, their national leaders soon found themselves the subordinate elites of a spreading American global imperium. Washington suddenly needed the sort of private information that could keep such figures in line. Surveillance of foreign leaders provides world powers -- Britain then, America now -- with critical information for the exercise of global hegemony. Such spying gave special penetrating power to the imperial gaze, to that sense of superiority necessary for dominion over others.  It also provided operational information on dissidents who might need to be countered with covert action or military force; political and economic intelligence so useful for getting the jump on allies in negotiations of all sorts; and, perhaps most important of all, scurrilous information about the derelictions of leaders useful in coercing their compliance.

In late 2013, the New York Times reported that, when it came to spying on global elites, there were “more than 1,000 targets of American and British surveillance in recent years,” reaching down to mid-level political actors in the international arena. Revelations from Edward Snowden’s cache of leaked documents indicate that the NSA has monitored leaders in some 35 nations worldwide -- including Brazilian president Dilma Rousseff, Mexican presidents Felipe Calderón and Enrique Peña Nieto, German Chancellor Angela Merkel, and Indonesia’s president Susilo Bambang Yudhoyono.  Count in as well, among so many other operations, the monitoring of “French diplomatic interests” during the June 2010 U.N. vote on Iran sanctions and “widespread surveillance” of world leaders during the Group 20 summit meeting at Ottawa in June 2010. Apparently, only members of the historic “Five Eyes” signals-intelligence alliance (Australia, Canada, New Zealand, and Great Britain) remain exempt -- at least theoretically -- from NSA surveillance. Such secret intelligence about allies can obviously give Washington a significant diplomatic advantage. During U.N. wrangling over the U.S. invasion of Iraq in 2002-2003, for example, the NSA intercepted Secretary-General Kofi Anan’s conversations and monitored the “Middle Six” -- Third World nations on the Security Council -- offering what were, in essence, well-timed bribes to win votes. The NSA’s deputy chief for regional targets sent a memo to the agency’s Five Eyes allies asking “for insights as to how membership is reacting to on-going debate regarding Iraq, plans to vote on any related resolutions [..., and] the whole gamut of information that could give U.S. policymakers an edge in obtaining results favorable to U.S. goals.”

Indicating Washington’s need for incriminating information in bilateral negotiations, the State Department pressed its Bahrain embassy in 2009 for details, damaging in an Islamic society, on the crown princes, asking: “Is there any derogatory information on either prince? Does either prince drink alcohol? Does either one use drugs?” Indeed, in October 2012, an NSA official identified as “DIRNSA,” or Director General Keith Alexander, proposed the following for countering Muslim radicals: “[Their] vulnerabilities, if exposed, would likely call into question a radicalizer’s devotion to the jihadist cause, leading to the degradation or loss of his authority.” The agency suggested that such vulnerabilities could include “viewing sexually explicit material online” or “using a portion of the donations they are receiving… to defray personal expenses.” The NSA document identified one potential target as a “respected academic” whose “vulnerabilities” are “online promiscuity.”

Just as the Internet has centralized communications, so it has moved most commercial sex into cyberspace. With an estimated 25 million salacious sites worldwide and a combined 10.6 billion page views per month in 2013 at the five top sex sites, online pornography has become a global business; by 2006, in fact, it generated $97 billion in revenue. With countless Internet viewers visiting porn sites and almost nobody admitting it, the NSA has easy access to the embarrassing habits of targets worldwide, whether Muslim militants or European leaders. According to James Bamford, author of two authoritative books on the agency, “The NSA's operation is eerily similar to the FBI's operations under J. Edgar Hoover in the 1960s where the bureau used wiretapping to discover vulnerabilities, such as sexual activity, to ‘neutralize’ their targets.”

Indeed, whistleblower Edward Snowden has accused the NSA of actually conducting such surveillance.  In a December 2013 letter to the Brazilian people, he wrote, “They even keep track of who is having an affair or looking at pornography, in case they need to damage their target's reputation.” If Snowden is right, then one key goal of NSA surveillance of world leaders is not U.S. national security but political blackmail -- as it has been since 1898. Such digital surveillance has tremendous potential for scandal, as anyone who remembers New York Governor Eliot Spitzer’s forced resignation in 2008 after routine phone taps revealed his use of escort services; or, to take another obvious example, the ouster of France’s budget minister Jérôme Cahuzac in 2013 following wire taps that exposed his secret Swiss bank account. As always, the source of political scandal remains sex or money, both of which the NSA can track with remarkable ease.

By starting a swelling river of NSA documents flowing into public view, Edward Snowden has given us a glimpse of the changing architecture of U.S. global power. At the broadest level, Obama’s digital “pivot” complements his overall defense strategy, announced in 2012, of reducing conventional forces while expanding into the new, cost-effective domains of space and cyberspace. While cutting back modestly on costly armaments and the size of the military, President Obama has invested billions in the building of a new architecture for global information control. If we add the $791 billion expended to build the Department of Homeland Security bureaucracy to the $500 billion spent on an increasingly para-militarized version of global intelligence in the dozen years since 9/11, then Washington has made a $1.2 trillion investment in a new apparatus of world power.

So formidable is this security bureaucracy that Obama’s recent executive review recommended the regularization, not reform, of current NSA practices, allowing the agency to continue collecting American phone calls and monitoring foreign leaders into the foreseeable future. Cyberspace offers Washington an austerity-linked arena for the exercise of global power, albeit at the cost of trust by its closest allies -- a contradiction that will bedevil America’s global leadership for years to come. To update Henry Stimson: in the age of the Internet, gentlemen don't just read each other’s mail, they watch each other’s porn. Even if we think we have nothing to hide, all of us, whether world leaders or ordinary citizens, have good reason to be concerned.

NSA may intentionally collect US person content (including Internet metadata that legally qualifies as content) overseas (it won’t count this data, so we don’t know how systematic it is). If it does, it may be a violation of Section 703 of FISA. Rather than discussing any of these violations, the NSA has waved around a few cases of LOVEINT (most, if not all, of which have not been prosecuted) as part of a successful ploy to distract from much more systemic abuses of its authority, affecting far more Americans. But there has been abuse, even beyond practices (like back door searches) that gut the Fourth Amendment or (like NSA’s approach to encryption) that hurt Americans’ security. President Obama will spend a lot of time saying there have been no abuses. He’s wrong.

A huge volume of the Internet data GCHQ collects flows directly into a massive repository named Black Hole, which is at the core of the agency’s online spying operations, storing raw logs of intercepted material before it has been subject to analysis. Black Hole contains data collected by GCHQ as part of bulk “unselected” surveillance, meaning it is not focused on particular “selected” targets and instead includes troves of data indiscriminately swept up about ordinary people’s online activities. Between August 2007 and March 2009, GCHQ documents say that Black Hole was used to store more than 1.1 trillion “events” — a term the agency uses to refer to metadata records — with about 10 billion new entries added every day. As of March 2009, the largest slice of data Black Hole held — 41 percent — was about people’s Internet browsing histories. The rest included a combination of email and instant messenger records, details about search engine queries, information about social media activity, logs related to hacking operations, and data on people’s use of tools to browse the Internet anonymously.

Throughout this period, as smartphone sales started to boom, the frequency of people’s Internet use was steadily increasing. In tandem, British spies were working frantically to bolster their spying capabilities, with plans afoot to expand the size of Black Hole and other repositories to handle an avalanche of new data. By 2010, according to the documents, GCHQ was logging 30 billion metadata records per day. By 2012, collection had increased to 50 billion per day, and work was underway to double capacity to 100 billion. The agency was developing “unprecedented” techniques to perform what it called “population-scale” data mining, monitoring all communications across entire countries in an effort to detect patterns or behaviors deemed suspicious. It was creating what it said would be, by 2013, “the world’s biggest” surveillance engine “to run cyber operations and to access better, more valued data for customers to make a real world difference.”

A document from the GCHQ target analysis center (GTAC) shows the Black Hole repository’s structure.

The data is searched by GCHQ analysts in a hunt for behavior online that could be connected to terrorism or other criminal activity. But it has also served a broader and more controversial purpose — helping the agency hack into European companies’ computer networks. In the lead up to its secret mission targeting Netherlands-based Gemalto, the largest SIM card manufacturer in the world, GCHQ used MUTANT BROTH in an effort to identify the company’s employees so it could hack into their computers. The system helped the agency analyze intercepted Facebook cookies it believed were associated with Gemalto staff located at offices in France and Poland. GCHQ later successfully infiltrated Gemalto’s internal networks, stealing encryption keys produced by the company that protect the privacy of cell phone communications.

Similarly, MUTANT BROTH proved integral to GCHQ’s hack of Belgian telecommunications provider Belgacom. The agency entered IP addresses associated with Belgacom into MUTANT BROTH to uncover information about the company’s employees. Cookies associated with the IPs revealed the Google, Yahoo, and LinkedIn accounts of three Belgacom engineers, whose computers were then targeted by the agency and infected with malware. The hacking operation resulted in GCHQ gaining deep access into the most sensitive parts of Belgacom’s internal systems, granting British spies the ability to intercept communications passing through the company’s networks.

In March, a U.K. parliamentary committee published the findings of an 18-month review of GCHQ’s operations and called for an overhaul of the laws that regulate the spying. The committee raised concerns about the agency gathering what it described as “bulk personal datasets” being held about “a wide range of people.” However, it censored the section of the report describing what these “datasets” contained, despite acknowledging that they “may be highly intrusive.” The Snowden documents shine light on some of the core GCHQ bulk data-gathering programs that the committee was likely referring to — pulling back the veil of secrecy that has shielded some of the agency’s most controversial surveillance operations from public scrutiny. KARMA POLICE and MUTANT BROTH are among the key bulk collection systems. But they do not operate in isolation — and the scope of GCHQ’s spying extends far beyond them.

The agency operates a bewildering array of other eavesdropping systems, each serving its own specific purpose and designated a unique code name, such as: SOCIAL ANTHROPOID, which is used to analyze metadata on emails, instant messenger chats, social media connections and conversations, plus “telephony” metadata about phone calls, cell phone locations, text and multimedia messages; MEMORY HOLE, which logs queries entered into search engines and associates each search with an IP address; MARBLED GECKO, which sifts through details about searches people have entered into Google Maps and Google Earth; and INFINITE MONKEYS, which analyzes data about the usage of online bulletin boards and forums. GCHQ has other programs that it uses to analyze the content of intercepted communications, such as the full written body of emails and the audio of phone calls. One of the most important content collection capabilities is TEMPORA, which mines vast amounts of emails, instant messages, voice calls and other communications and makes them accessible through a Google-style search tool named XKEYSCORE.

As of September 2012, TEMPORA was collecting “more than 40 billion pieces of content a day” and it was being used to spy on people across Europe, the Middle East, and North Africa, according to a top-secret memo outlining the scope of the program. The existence of TEMPORA was first revealed by The Guardian in June 2013. To analyze all of the communications it intercepts and to build a profile of the individuals it is monitoring, GCHQ uses a variety of different tools that can pull together all of the relevant information and make it accessible through a single interface. SAMUEL PEPYS is one such tool, built by the British spies to analyze both the content and metadata of emails, browsing sessions, and instant messages as they are being intercepted in real time. One screenshot of SAMUEL PEPYS in action shows the agency using it to monitor an individual in Sweden who visited a page about GCHQ on the U.S.-based anti-secrecy website Cryptome.

Partly due to the U.K.’s geographic location — situated between the United States and the western edge of continental Europe — a large amount of the world’s Internet traffic passes through its territory across international data cables. In 2010, GCHQ noted that what amounted to “25 percent of all Internet traffic” was transiting the U.K. through some 1,600 different cables. The agency said that it could “survey the majority of the 1,600” and “select the most valuable to switch into our processing systems.”

According to Joss Wright, a research fellow at the University of Oxford’s Internet Institute, tapping into the cables allows GCHQ to monitor a large portion of foreign communications. But the cables also transport masses of wholly domestic British emails and online chats, because when anyone in the U.K. sends an email or visits a website, their computer will routinely send and receive data from servers that are located overseas. “I could send a message from my computer here [in England] to my wife’s computer in the next room and on its way it could go through the U.S., France, and other countries,” Wright says. “That’s just the way the Internet is designed.” In other words, Wright adds, that means “a lot” of British data and communications transit across international cables daily, and are liable to be swept into GCHQ’s databases.

A map from a classified GCHQ presentation about intercepting communications from undersea cables. GCHQ is authorized to conduct dragnet surveillance of the international data cables through so-called external warrants that are signed off by a government minister. The external warrants permit the agency to monitor communications in foreign countries as well as British citizens’ international calls and emails — for example, a call from Islamabad to London. They prohibit GCHQ from reading or listening to the content of “internal” U.K. to U.K. emails and phone calls, which are supposed to be filtered out from GCHQ’s systems if they are inadvertently intercepted unless additional authorization is granted to scrutinize them. However, the same rules do not apply to metadata. A little-known loophole in the law allows GCHQ to use external warrants to collect and analyze bulk metadata about the emails, phone calls, and Internet browsing activities of British people, citizens of closely allied countries, and others, regardless of whether the data is derived from domestic U.K. to U.K. communications and browsing sessions or otherwise. In March, the existence of this loophole was quietly acknowledged by the U.K. parliamentary committee’s surveillance review, which stated in a section of its report that “special protection and additional safeguards” did not apply to metadata swept up using external warrants and that domestic British metadata could therefore be lawfully “returned as a result of searches” conducted by GCHQ.

Perhaps unsurprisingly, GCHQ appears to have readily exploited this obscure legal technicality. Secret policy guidance papers issued to the agency’s analysts instruct them that they can sift through huge troves of indiscriminately collected metadata records to spy on anyone regardless of their nationality. The guidance makes clear that there is no exemption or extra privacy protection for British people or citizens from countries that are members of the Five Eyes, a surveillance alliance that the U.K. is part of alongside the U.S., Canada, Australia, and New Zealand. “If you are searching a purely Events only database such as MUTANT BROTH, the issue of location does not occur,” states one internal GCHQ policy document, which is marked with a “last modified” date of July 2012. The document adds that analysts are free to search the databases for British metadata “without further authorization” by inputing a U.K. “selector,” meaning a unique identifier such as a person’s email or IP address, username, or phone number. Authorization is “not needed for individuals in the U.K.,” another GCHQ document explains, because metadata has been judged “less intrusive than communications content.” All the spies are required to do to mine the metadata troves is write a short “justification” or “reason” for each search they conduct and then click a button on their computer screen.

Intelligence GCHQ collects on British persons of interest is shared with domestic security agency MI5, which usually takes the lead on spying operations within the U.K. MI5 conducts its own extensive domestic surveillance as part of a program called DIGINT (digital intelligence).

GCHQ’s documents suggest that it typically retains metadata for periods of between 30 days to six months. It stores the content of communications for a shorter period of time, varying between three to 30 days. The retention periods can be extended if deemed necessary for “cyber defense.” One secret policy paper dated from January 2010 lists the wide range of information the agency classes as metadata — including location data that could be used to track your movements, your email, instant messenger, and social networking “buddy lists,” logs showing who you have communicated with by phone or email, the passwords you use to access “communications services” (such as an email account), and information about websites you have viewed.

Records showing the full website addresses you have visited — for instance, www.gchq.gov.uk/what_we_do — are treated as content. But the first part of an address you have visited — for instance, www.gchq.gov.uk — is treated as metadata. In isolation, a single metadata record of a phone call, email, or website visit may not reveal much about a person’s private life, according to Ethan Zuckerman, director of Massachusetts Institute of Technology’s Center for Civic Media. But if accumulated and analyzed over a period of weeks or months, these details would be “extremely personal,” he told The Intercept, because they could reveal a person’s movements, habits, religious beliefs, political views, relationships, and even sexual preferences. For Zuckerman, who has studied the social and political ramifications of surveillance, the most concerning aspect of large-scale government data collection is that it can be “corrosive towards democracy” — leading to a chilling effect on freedom of expression and communication. “Once we know there’s a reasonable chance that we are being watched in one fashion or another it’s hard for that not to have a ‘panopticon effect,’” he said, “where we think and behave differently based on the assumption that people may be watching and paying attention to what we are doing.”

When compared to surveillance rules in place in the U.S., GCHQ notes in one document that the U.K. has “a light oversight regime.” The more lax British spying regulations are reflected in secret internal rules that highlight greater restrictions on how NSA databases can be accessed. The NSA’s troves can be searched for data on British citizens, one document states, but they cannot be mined for information about Americans or other citizens from countries in the Five Eyes alliance. No such constraints are placed on GCHQ’s own databases, which can be sifted for records on the phone calls, emails, and Internet usage of Brits, Americans, and citizens from any other country. The scope of GCHQ’s surveillance powers explain in part why Snowden told The Guardian in June 2013 that U.K. surveillance is “worse than the U.S.” In an interview with Der Spiegel in July 2013, Snowden added that British Internet cables were “radioactive” and joked: “Even the Queen’s selfies to the pool boy get logged.”

In recent years, the biggest barrier to GCHQ’s mass collection of data does not appear to have come in the form of legal or policy restrictions. Rather, it is the increased use of encryption technology that protects the privacy of communications that has posed the biggest potential hindrance to the agency’s activities. “The spread of encryption … threatens our ability to do effective target discovery/development,” says a top-secret report co-authored by an official from the British agency and an NSA employee in 2011. “Pertinent metadata events will be locked within the encrypted channels and difficult, if not impossible, to prise out,” the report says, adding that the agencies were working on a plan that would “(hopefully) allow our Internet Exploitation strategy to prevail.”

Perhaps the strongest evidence that the attack was a law enforcement or intelligence operation was the limited functionality of the malware. The heart of the malicious Javascript was a tiny Windows executable hidden in a variable named “Magneto.” A traditional virus would use that executable to download and install a full-featured backdoor, so the hacker could come in later and steal passwords, enlist the computer in a DDoS botnet, and generally do all the other nasty things that happen to a hacked Windows box. But the Magneto code didn’t download anything. It looked up the victim’s MAC address — a unique hardware identifier for the computer’s network or Wi-Fi card — and the victim’s Windows hostname. Then it sent it to a server in Northern Virginia server, bypassing Tor, to expose the user’s real IP address, coding the transmission as a standard HTTP web request.

The official IP allocation records maintained by the American Registry for Internet Numbers show the two Magneto-related IP addresses were part of a ghost block of eight addresses that have no organization listed. Those addresses trace no further than the Verizon Business data center in Ashburn, Virginia, 20 miles northwest of the Capital Beltway. The code’s behavior, and the command-and-control server’s Virginia placement, is also consistent with what’s known about the FBI’s “computer and internet protocol address verifier,” or CIPAV, the law enforcement spyware first reported by WIRED in 2007. Court documents and FBI files released under the FOIA have described the CIPAV as software the FBI can deliver through a browser exploit to gather information from the target’s machine and send it to an FBI server in Virginia. The FBI has been using the CIPAV since 2002 against hackers, online sexual predators, extortionists, and others, primarily to identify suspects who are disguising their location using proxy servers or anonymity services, like Tor. Prior to the Freedom Hosting attack, the code had been used sparingly, which kept it from leaking out and being analyzed.

The Reserve Bank also said its website was "the subject of a denial of service attack". "The bank has protections for its website, so the bank website remains secure," a spokesman added. Australian media identified a Twitter user who described herself as a member of Anonymous Indonesia and appeared to claim responsibility for the attack. The user wrote: "I am ready for this war!" and said she would conduct further attacks unless there was an apology from the Australian government for the alleged spying. Twitter outburst

Meanwhile, Mark Textor, a campaign strategist who advised Australian Prime Minister Tony Abbott's Liberal Party came under fire for a series of provocative tweets that criticised Indonesia's handling of the spying row. Mr Textor wrote in a Twitter post: "Apology demanded from Australia by a bloke who looks like a 1970's Pilipino [sic] porn star and has ethics to match". The tweet has since been deleted. Australian media widely reported that he was referring to Indonesian Foreign Minister Marty Natalegawa, who has called for an apology from Australia over the spying claims.