From Newsgroup: alt.privacy

An unexpected visitor gave my team the evidence we needed to prove that
the government was secretly wiretapping Americans.

On January 20, 2006, the front doorbell rang at the Electronic Frontier FoundationAs offices on Shotwell Street in the Mission District of San Francisco. At the time, Shotwell Street wasnAt the glamorous part of the Mission. Our offices sat between two auto repair shops, across the
street from a utility substation. The sidewalk was often dotted with
homeless peopleAs tents. At one point, San Francisco did a survey, and
our block of Shotwell Street had the highest reported amount of human
feces in the whole city.

We had many people down on their luck ring that doorbell. Some were just
lost. Others sought us out because they believed, quite sincerely, that
the government or aliens had put a chip or magnet in their brains. We
tried to be sympathetic and point them to other resources, but generally
we had to turn them away.

Because of this, it was with friendliness but some caution that our
executive director, Shari Steele, answered the bell.

oDo you folks care about privacy?o the guy asked. He was in a tan trench
coat, looked to be in his early 60s, with gray hair, intense eyes, and a
raspy voice.

oWhy yes, we do,o Shari answered.

oThen I have some information for you. I am a retired AT&T technician. I
know how the NSA is tapping into the internet at an AT&T facility
downtown.o

oWell, come on in.o

Shari found EFF attorney Kevin Bankston in his tiny office. They talked
for a long time. After the man left, Kevin and Lee Tien, another EFF
attorney, burst into my office.

oThis guy named Mark Klein, who just came to the door, has something,o
Kevin said, with more excitement than I had seen from him in a long
time. I was immediately intrigued, but what they told me blew past my
highest expectations. Mark had presented us with unequivocal evidence
that the National Security Agency was engaged in mass, untargeted spying
in the U.S. by tapping into the internet backbone. And it was doing this
from an AT&T building just a short distance from our offices.

The backstory to Mark knocking on EFFAs door starts in 2001 with the governmentAs response to the horrific 9/11 attacks. The first of these
was the Patriot Act.

In the seven weeks between its introduction and passage in 2001, Lee and
I stayed up countless nights trying to parse the three-inch-thick
printout of the proposed legislation to identify the sections that
affected the internet. We needed to understand what laws the government
wanted to change, spot overreach and unconstitutionality, and marshal appropriate support or resistance where necessary.

The draft legislation had been rolled out so quickly that we had the
impression it was just sitting in an envelope on someoneAs desk, with a
note that read, oOpen at the next crisis.o Our theory was confirmed when
we saw that a good chunk of the proposed law was nearly the same package
of legal changes that the FBI had tried u and failed u to push after the Oklahoma City bombing in 1995.

One big change impacting surveillance was clear: Prior to September 11,
the U.S. had what could reasonably be called a owallo separating foreign surveillance for national security purposes done by the NSA from
domestic surveillance for law enforcement purposes done by the FBI. The
theory was that those powers would never be turned on in the U.S. and
used against its own people. The Patriot Act, however, helped erode that
wall.

oDo you folks care about privacy?o

Soon, folks at EFF started to hear whispers of mass domestic
surveillance programs. We were told confidentially that the NSA was
gathering all the telephone records from AmericaAs leading
telecommunications companies. We separately heard that the NSA was now
sitting on the wire in the U.S. We even heard that the agency was
collecting metadata on our online activities from both
telecommunications companies and some internet companies. Friends in the industry would say things like, oYou wouldnAt believe what the NSA is
doing in the United States now,o and oI canAt tell you anything without
getting in trouble, but itAs massive.o

All sounded wildly illegal under the Foreign Intelligence Surveillance
Act (FISA) and the Patriot Act. Several people reached out to us, and
each time we sat down with them to see if we had enough provable facts
to bring a case. But no one who reached out to talk to us was willing to
go on the record, much less provide documentary evidence we could use in
court.

The information Mark gave us made the whispers we had heard over the
years from our friends at telecommunication companies make more sense.
By his account, mass spying involved the internetAs deepest layer, known
as the obackbone.o A set of large providers u big companies, academic institutions, and governments u operate a series of powerful computers
that provide the backboneAs main data routes.

AT&T operated part of the internet backbone from the Folsom Street
facility. One component of MarkAs job was to maintain the section of the
AT&T system that routed traffic from AT&TAs internal networks to the
internet backbone via a set of connections called opeering links.o What
Mark was telling us, and what his documents were showing, was that the
NSA was now tapping in at these junctures.

Mark had been a technician at AT&T for many years. In mid-2003, he was transferred to the Folsom Street building and charged with maintaining
the room where AT&TAs own fiber-optic network connected to the rest of
the internet.

Mark told us that the fiber-optic cables carrying traffic to and from
AT&TAs portion of the backbone converged on the seventh floor of the
Folsom Street building. This was reasonable. But he showed us that those
cables also connected down to the sixth floor of the building. The sixth
floor was where the weirdness happened. Sometime in 2002, a osecret
roomo (designated 641A) had been built on that level of the building, accessible only to workers with NSA clearances. Mark didnAt have
clearance himself, but he knew and worked with the person who did and
had access to that room.

Next to the secret room was a osplitter cabinet.o On one side, the internet-connecting fiber-optic cables that came down from the seventh
floor fed into it. On the other side, two sets of fiber-optic cables
came out. One set snaked back up to the seventh floor to carry traffic
onto the wider internet. But a second set of cables went into the secret
room.

Outside the room, the splitter cabinet and newly installed wiring meant
that when the communications came down from the seventh floor, they were osplito there. One copy of the communication went into the secret room,
while the other went to the intended recipient. In this way, the NSA
could be sitting oon the wireo inside the U.S., the fiber-optic cables
that carry everyoneAs communications, since it could make and capture a
copy of all the traffic passing through the juncture. The NSA could then
review the traffic separately, without slowing it down or leaving any
trace of what it was actually doing on the public network. Mark called
it the oBig Brother machine.o

I tried hard to keep my jaw from dropping as Mark explained both the
banality of the technical infrastructure u so clear that I could easily understand how it worked u and the audacity of what the NSA and AT&T had
built together to undermine the privacy of likely hundreds of millions
of innocent people, including millions of AT&TAs own customers. His
revelation was not entirely unexpected; what was unexpected was someone knocking on our front door and handing us the actual schematics.

We talked with several telecommunications experts, and they confirmed
that this setup was a reasonable method for the NSA to osit on the wireo
in a way that would allow it to operate surreptitiously while remaining effective. One expert we talked to, who had been involved in the
development of several critical internet technologies, including email,
web, and document representation and transmission, said, oThis isnAt a
wiretap, itAs a country tap.o

We had our evidence. This was that crucial confirmation, in a form
admissible in court, that we had been hoping for. We knew, and could now
prove, that AT&T had facilitated illegal domestic surveillance of
internet communications. As part of the legal strategy we had been
crafting, this evidence would help us bring a lawsuit against mass surveillance.

It was nearing the end of January. With Mark KleinAs direct evidence
about AT&T in hand, the next thing to do was to get him his own lawyers.
We needed him as a star witness, so we couldnAt have him be our client.
The risk of conflicts of interest between Mark and AT&T customers wasnAt
great, but it was real, especially if Mark faced prosecution or a civil
claim from AT&T. We all knew u as did Mark u that he had serious legal
risk. We made some calls and were overjoyed when an all-star team
readily signed on.

On March 31, we filed our motion for a preliminary injunction, including
MarkAs declaration and the AT&T documents he had provided. As a
courtesy, I also called the Department of Justice and left a message
informing them of MarkAs declaration and the evidence.

The person who returned my call was DOJ attorney Tony Coppolino. Tony
and I had actually become friendly over the years. He was a nice guy and
a smart and fair-minded opponent. IAll never forget the first voicemail
I got from him after we filed MarkAs evidence.

oHi Cindy, itAs Tony Coppolino calling about your Hepting case. IAm
baaaack. Call me.o

I did, on a Friday afternoon. oHi Tony, are you handling this case? This
will be fun.o

oYes, it looks like it. But this is serious; we need to see the
documents you filed right away to see if they are classified. If so, it
is illegal for you to even have them.o

oI donAt think they are classified, Tony. They arenAt marked as
aclassifiedA or anything like that. IAm happy to show them to you. CanAt
you get them directly from the court?o

oThis isnAt a wiretap, itAs a country tap.o

oWith all due respect, Cindy, you donAt know if they are classified
since they donAt have to have markings and can still be classified. Only
we can tell. We also canAt get them from the court if they are
classified. Can you have someone bring another copy down to the SCIF
[sensitive compartmentalized information facility] in the federal
building so that they can be sent to us in DC?o

oSure. WeAll do that right away. How will you get them?o

oWell, there is a very slow but very secure fax machine in the San
Francisco SCIF that will get them to us in DC, page by page.o

oWell, OK, but I could FedEx them, or fax or even email them . . .o

oNo. None of those ways are secure enough. This is the only way. And if
they are classified, you are likely in trouble.o

After I got off the phone, we quickly arranged for another set of the
documents to be delivered to the federal building. After we sent off the documents, we all started to get a little nervous. We looked up, again,
the potential prison sentence for illegal possession of classified
information. We reminded ourselves that we didnAt think the documents
were classified, and even if they were, they revealed a flatly illegal
and unconstitutional program. The classification system is not supposed
to be used to hide illegal government actions. After all, we were only
showing them to a federal court, under seal, to try to get the law
applied to have the program stopped. That couldnAt get us in trouble,
right?

The truth was, we were all a little worried.

Cindy Cohn is Executive Director of the Electronic Frontier Foundation.

From 2000 to 2015, she served as EFFAs Legal Director and General

Counsel. Today, she leads a team of more than 120 lawyers, activists,
and technologists dedicated to ensuring that technology supports speech, privacy, and innovation for all people around the world. Cindy is the
author of oPrivacyAs Defender,o from which this article is adapted.

https://thereader.mitpress.mit.edu/the-whistleblower-who-uncovered-the-ns as-big-brother-machine/

--- Synchronet 3.21f-Linux NewsLink 1.2