Echelon is a NSA communications intercept system which has hit the news again recently, in spite of the US being very coy about admitting to its existence. The main difference between it and other electronic signals intelligence systems is its automation Ã¢â‚¬â€ it works by using voice recognition of key words and phrases, then passing on to human translators only those conversations and messages which are of interest. This allows it to start from an interception of potentially all communications worldwide.
- The facts drawn out by these sources reveal ECHELON as a powerful electronic net–a net that snags from the millions of phone, fax, and modem signals traversing the globe at any moment selected communications of interest to a five-nation intelligence alliance. Once intercepted (based on the use of key words in exchanges), those communiquÃƒÂ©s are sent in real time to a central computer system run by the NSA; round-the-clock shifts of American, British, Australian, Canadian, and New Zealand analysts pour over them in search of . . . what?
- Originally a Cold War tool aimed at the Soviets, ECHELON has been redirected at civilian targets worldwide. In fact, as the European Parliament report noted, political advocacy groups like Amnesty International and Greenpeace were amongst ECHELON’s targets.
There is renewed interest in it simply because, although no one in the administration is admitting it, George Bush’s order in 2001 to allow tapping of domestic US communications was effectively a warrant to start using Echelon within the US, not just for international and foreign domestic communications. Which means that the nation which has been listening in on everyone else for years must now face up to the civil liberties and privacy implications of its own policies.
There’s a lot of noise from some quarters about the inability of Echelon to monitor more than a limited portion of the world’s communications traffic, but that’s based entirely on the idea that the filtering process would not be efficient enough to limit the volume of traffic which humans had to monitor. It’s certainly not clear that this is the case, and in fact the opposite seems to be true. Storage systems have become orders of magnitude cheaper, and database systems orders of magnitude more effective in the last twenty years. This allows a degree of cross referencing which makes Echelon an extremely flexible and effective tool.
The EU and Industrial Espionage
Meanwhile the EU has had serious concerns with Echelon since 2001. It presented a paper on the matter Ã¢â‚¬â€ interestingly from the first draft to the second draft most of the material about industrial espionage was dropped.
- It says:
- whereas the situation becomes intolerable when intelligence services allow themselves to be used for purposes of gathering competitive intelligence by spying on foreign firms with the aim of securing a competitive advantage for firms in the home country, and whereas it is frequently maintained that the global interception system has been used in this way, although no such case has been substantiated.
- and, further on explains in more detail:
- Criticism is levelled when state intelligence services are misused to put firms within their territory at an advantage in international competition through espionage. A distinction has to be made here between two cases (Confidential statement to the rapporteur by a counter-intelligence service, source protected.)
- 10.5.2. 1. High-tech states
- Highly-developed industrial states can indeed gain advantage from industrial espionage. By spying on the stage of development reached in a specific sector, it is possible to take foreign trade and subsidy measures either to make domestic industry more competitive or to save subsidies. Another focus of such activities may be efforts to obtain details of particularly valuable contracts (see 10.6).
The report specifies a large number of cases of industrial espionage by security services (all removed in final draft), which is at odds with its statement further on that “Any state caught red-handed comes under massive political pressure.”
The whole document was in fact an effort to put pressure on the US to desist from spying on EU firms which were competing with US firms for contracts. In many cases this spying resulted in the exposure of bribery and shady practises by the EU corporations, in a situation in which the US firms were ostensibly prevented by law from engaging in similar tactics. But in fact what was widely suspected was that the EU firms bids were passed on to US firms who could then bid slightly lower and get the contracts.
Much of the deleted part of the document constitutes a call on EU states to encourage the development of open source cryptography programs which can be used to protect private commercial communications from espionage by Echelon, and a call on EU companies and individuals to make use of cryptography in their private transactions. It’s a very interesting document if only because, in it’s early version at least, it doesn’t pull any punches.
State terrorism and other applications
When teamed with US cooperation with doubtful foreign regimes, and US military adventurism abroad, there are some frightening implications. Here is the Village Voice again:
- On April 21, 1996, Chechnyen rebel leader Dzokhar Dudayev was killed when a Russian fighter fired two missiles into his headquarters. At the time of the attack, Dudayev had been talking on his cellular phone to Russian officials in Moscow about possible peace negotiations. According to electronics experts, getting a lock on Dudayev’s cell phone signal would not have been difficult, but as Martin Streetly, editor of Jane’s Radar and Electronic Warfare Systems, noted at the time, the Russian military was so under-equipped and poorly maintained, it was doubtful a radar intercept plane could have honed in on the signal without help.
- Speaking at a conference on Information Warfare a month later, Madsen, one of the world’s leading SIGINT and computer security experts, explained that it was both politically and technically possible that the NSA helped the Russians kill Dudayev. Noting the West’s interest in preserving the Yeltsin presidency and in ensuring the safety of an oil consortium’s pipeline running through Chechnya, Madsen explained which NSA satellites could have been used to intercept Dudayev’s call and directionally locate its signal.
- This wasn’t exactly a stunning revelation: Not only had reports recently been released in Australia and Switzerland about police tracking suspects by their cell phone signatures, but Reuters and Agence France-Press had written about the Dudayev scenario as technically plausible. Still, after his talk, Madsen was approached by an Air Force officer assigned to the NSA, who tore into him. “Don’t you realize that we have people on the ground over there?” Madsen recalled the officer seething. “You’re talking about things that could put them in harm’s way.” Asks Madsen, “If this was how Dudayev died, do you think it’s unreasonable the American people know about the technical aspects behind this kind of diplomacy?”
Given that Bin Laden had been of considerable interest to the US ever since before Clinton tried hit him with missiles in the 1990s, it begs the question exactly how much Echelon had been able to learn of his intentions before September 11 2001. It seems unreasonable to expect that Arabic would be a more difficult application of speech recognition algorithms than other languages, and we know he made extensive use of mobile phones and email even up to the time when the US invaded Afghanistan. Clearly there was no understanding on the part of Al Quaeda as to the effectiveness of Echelon even up to the point when a top lieutenant was nearly caught after tracking of his phone only a year ago.
If you’d like to encrypt your communications, by the way, I’d encourage you to take a look at OpenSSL (maintained in the EU and illegal in the US), or PGP (likewise). This will protect you until the development of quantum computers, which is perhaps 5 to 10 years away. Beyond that there is nothing which can even effectively slow the spooks down. But in the mean time, if you need to encrypt anything to send to me, my public key is:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.1 (Darwin)
-----END PGP PUBLIC KEY BLOCK-----