NEW EDWARD SNOWDEN documents revealed on Saturday in the New York Times detail a decade-long secret partnership between the NSA and AT&T, which provided the spy agency with metadata on billions of emails. Although the Times story has garnered a lot of attention, it offers few details about how the telecom conducted the siphoning and spying for the NSA.
But two stories published almost decade ago by WIRED and Salon provide in-depth details about the secret rooms at AT&T facilities in San Francisco, Missouri, and other areas across the US that the NSA used to siphon internet data.
AT&T isn’t identified by name in the Snowden documents, but the Times notes that “a constellation of evidence” points to AT&T as the primary company mentioned in them, which several intelligence officials have confirmed to the paper.
According to the Times piece, the siphoning of internet data from AT&T began in 2003 and continued for a decade in a relationship that the NSA called “highly collaborative.” The telecom giant, according to one Snowden document, was extremely willing to help out the spy agency, and its engineers “were the first to try out new surveillance technologies invented by the eavesdropping agency.”
WIRED and Salon exposed that willingness back in 2006, when Mark Klein, a former technician with AT&T in San Francisco, and two other former AT&T technicians who worked at other facilities, provided information about secret rooms the telecom had built in Bridgeton, Missouri and San Francisco.
According to them, AT&T first built the highly secured room in Bridgeton, outside St. Louis, in 2002. The telecom outfitted the room with a biometric “mantrap” that was secured with retinal and fingerprint scanners, and only workers with a TS/SCI security clearance were allowed inside. The facility, local workers were told, was being used for “monitoring network traffic” for “a government agency.”
The Bridgeton facility was a significant jewel in the NSA’s crown, because it was AT&T’s technical command center, the place from which the telecom managed all of the routers and circuits carrying its domestic and international Internet traffic. At the time, AT&T controlled about one-third of all bandwidth carrying Internet traffic to homes and businesses across the country, which essentially gave the NSA access to an enormous amount of data through its partnership with the telecom.
Although the Bridgeton room was likely one of the most important secret rooms AT&T established for the NSA, it wasn’t the only one. AT&T also hid “secret rooms” deep in the bowels of other facilities in several US cities. The Snowden documents the Times obtained say the company installed surveillance equipment in at least 17 of its Internet hubs, but doesn’t identify the cities. Documents shown to WIRED in 2006, however, indicate that in addition to San Francisco and Bridgeton, secret rooms were built at AT&T facilities in Seattle, San Jose, Los Angeles, and San Diego. “These installations enable the government to look at every individual message on the internet and analyze exactly what people are doing,” WIRED wrote in 2006.
Documents that Klein provided WIRED at the time offer technical details about how it was done. High-speed fiber-optic circuits entered Room 641A at an AT&T facility on Folsom Street in San Francisco and were connected to routers for the telecom’s WorldNet service, part of the internet’s common backbone. Only one management-level technician with a security clearance from the NSA could enter the room.
Plans for the secret room, drawn up in 2002, discussed the difficulties of trying to spy on fiber-optic circuits. Unlike copper wire circuits that emit electromagnetic fields that can be tapped without disturbing the circuits, fiber-optic circuits don’t leak their light signals. In order to monitor communications crossing them, technicians have to physically cut the fiber and divert a portion of the light signal to siphon data, using splitters. AT&T diverted the split signal to a special cabinet in its secret room. There, a device made by Narus analyzed the traffic and presumably filtered it to provide the NSA with the data it wanted. This included giving the NSA access to metadata from billions of emails as they flowed across the telecom’s domestic networks.
According to the Times, AT&T began turning over emails and other internet data to the spy agency around October 2001, even before the secret rooms were built, in a program dubbed “Fairview.” The program forwarded 400 billion Internet metadata records to the NSA’s headquarters at Ft. Meade in Maryland—which included the senders and recipients of emails and other details, but not the content of the correspondence. AT&T also forwarded more than one million emails a day to be run through the NSA’s keyword selection system. In September 2003, AT&T apparently enabled a new collection capability for the spy agency, which amounted to a “‘live’ presence on the global net.” The Times doesn’t elaborate on what this involved.
In 2011, AT&T also began handing over phone metadata to the NSA, including call records for 1.1 billion domestic cellphone calls a day.
Documents leaked by Snowden in 2013 provided stark evidence in support of the claims made in 2006 by Klein and the two other anonymous AT&T technicians. But according to the Times, it’s unclear if the program for siphoning Internet data still exists in its original form today. In the last two years, revelations exposing the breadth of the NSA’s surveillance, as well as the cooperation of technology companies in helping the NSA spy, have forced the agency to curtail some of its activity. Some companies have also begun to push back against the agency’s requests for data in the wake of the public’s anger about their duplicity in helping the agency spy.