I never believed that the Electronic Frontier Foundation's lawsuit against AT&T, alleging that the company helped the National Security Agency coduct illegal spy operations, had much of a future.

InformationWeek Staff, Contributor

April 13, 2006

5 Min Read

I never believed that the Electronic Frontier Foundation's lawsuit against AT&T, alleging that the company helped the National Security Agency coduct illegal spy operations, had much of a future.

Consider the EFF's central claim in the case -- that AT&T and NSA collaborated to spy upon tens of millions of American citizens, including both domestic and overseas phone calls. EFF isn't just looking for the proverbial smoking gun; it needs to find a smoking howitzer to prove such a dramatic, and politically explosive, charge.

Boom. Meet Mark Klein, an AT&T engineer who spent 22 years working for the company's New York and San Francisco switching centers. His appearance as an EFF witness in the case -- with documents supporting many of his claims -- could change everything. His statements, assuming their veracity, are nothing short of infuriating.While on assignment in AT&T's San Francisco switching center during late 2002 and early 2003, Klein claims that he saw and heard about the NSA engaging, with AT&T's full support, in some profoundly disturbing activities:

AT&T provided National Security Agency eavesdroppers with full access to its customers' phone calls, and shunted its customers' internet traffic to data-mining equipment installed in a secret room in its San Francisco switching center, according to a former AT&T worker cooperating in the Electronic Frontier Foundation's lawsuit against the company.

Mark Klein, a retired AT&T communications technician, submitted an affidavit in support of the EFF's lawsuit this week. That class action lawsuit, filed in federal court in San Francisco last January, alleges that AT&T violated federal and state laws by surreptitiously allowing the government to monitor phone and internet communications of AT&T customers without warrants.

On Wednesday, the EFF asked the court to issue an injunction prohibiting AT&T from continuing the alleged wiretapping, and filed a number of documents under seal, including three AT&T documents that purportedly explain how the wiretapping system works.

A copy of Klein's full statement is available at Wired News. The following excerpt details how he discovered AT&T wasn't just diverting its own traffic through the NSA's traffic-analysis hardware, but was also giving the agency access to its peering partners' packet-switched traffic:

While doing my job, I learned that fiber optic cables from the secret room were tapping into the Worldnet circuits by splitting off a portion of the light signal. I saw this in a design document available to me, entitled "Study Group 3, LGX/Splitter Wiring, San Francisco" dated Dec. 10, 2002. I also saw design documents dated Jan. 13, 2004 and Jan. 24, 2003, which instructed technicians on connecting some of the already in-service circuits to the "splitter" cabinet, which diverts some of the light signal to the secret room. The circuits listed were the Peering Links, which connect Worldnet with other networks and hence the whole country, as well as the rest of the world.

One of the documents listed the equipment installed in the secret room, and this list included a Narus STA 6400, which is a "Semantic Traffic Analyzer". The Narus STA technology is known to be used particularly by government intelligence agencies because of its ability to sift through large amounts of data looking for preprogrammed targets. The company's advertising boasts that its technology "captures comprehensive customer usage data ... and transforms it into actionable information.... (It) provides complete visibility for all internet applications."

My job required me to connect new circuits to the "splitter" cabinet and get them up and running. While working on a particularly difficult one with a technician back East, I learned that other such "splitter" cabinets were being installed in other cities, including Seattle, San Jose, Los Angeles and San Diego.

Could the NSA possibly, by any stretch of a sane, sober observer'simagination, have required such a massive, geograhically distributed surveillance apparatus -- what one watchdog group describes (with the assistance of a diagram that will make your blood run cold when you realize the implications) as the "NSA Surveillance Octopus?"

"Based on my understanding of the connections and equipment at issue," Klein wrote in his statement, "it appears the NSA is capable of conducting what amounts to vacuum-cleaner surveillance of all the data crossing the internet -- whether that be peoples' e-mail, web surfing or any other data.

"And unlike the controversy over targeted wiretaps of individuals' phone calls," he concludes, "this potential spying appears to be applied wholesale to all sorts of internet communications of countless citizens"

President Bush has acknowledged that he repeatedly approved the NSA surveillance operations, in spite of the fact that conducting such operations within the United States is, at best, a legal gray area. Yet he also maintains that in rare cases when NSA wanted access to domestic communications, it would seek a search warrant to do so.

If Mark Klein does, indeed, represent the smoking gun in this case, then it looks to me like he's aimed not at AT&T or even the NSA, but rather at the Bush Administration itself. Indeed, this is the system whose existence the President says he personally approved on at least 30 occasions over the past year. If Klein's testimony holds up in court, it will fall upon the President to explain why this "limited" operation required a surveillance infrastructure capable of spying upon a substantial percentage of the American population.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights