AT&T is the NSA’s lap dog

The New York Times and Pro Publica have each published detailed reports describing massive, voluntary cooperation between the NSA and AT&T.

New York Times

Pro Publica

Excerpt from the New York Times reporting:

The National Security Agency’s ability to spy on vast quantities of Internet traffic passing through the United States has relied on its extraordinary, decades-long partnership with a single company: the telecom giant AT&T.

While it has been long known that American telecommunications companies worked closely with the spy agency, newly disclosed N.S.A. documents show that the relationship with AT&T has been considered unique and especially productive. One document described it as “highly collaborative,” while another lauded the company’s “extreme willingness to help.”

AT&T’s cooperation has involved a broad range of classified activities, according to the documents, which date from 2003 to 2013. AT&T has given the N.S.A. access, through several methods covered under different legal rules, to billions of emails as they have flowed across its domestic networks. It provided technical assistance in carrying out a secret court order permitting the wiretapping of all Internet communications at the United Nations headquarters, a customer of AT&T.

* * *

After the terrorist attacks of Sept. 11, 2001, AT&T and MCI were instrumental in the Bush administration’s warrantless wiretapping programs, according to a draft report by the N.S.A.’s inspector general. The report, disclosed by Mr. Snowden and previously published by The Guardian, does not identify the companies by name but describes their market share in numbers that correspond to those two businesses, according to Federal Communications Commission reports.

AT&T began turning over emails and phone calls “within days” after the warrantless surveillance began in October 2001, the report indicated. By contrast, the other company did not start until February 2002, the draft report said.

In September 2003, according to the previously undisclosed N.S.A. documents, AT&T was the first partner to turn on a new collection capability that the N.S.A. said amounted to a “ ‘live’ presence on the global net.” In one of its first months of operation, the Fairview program forwarded to the agency 400 billion Internet metadata records — which include who contacted whom and other details, but not what they said — and was “forwarding more than one million emails a day to the keyword selection system” at the agency’s headquarters in Fort Meade, Md. Stormbrew was still gearing up to use the new technology, which appeared to process foreign-to-foreign traffic separate from the post-9/11 program.

I think this tweet summarizes the relationship rather well:

The arrangement between the two entities should be carefully examined for constitutional violations. The report was based in part on files provided by whistleblower Edward Snowden.

Net neutrality victory

Tim Wu, a professor at Columbia Law School and the director of the Poliak Center for the First Amendment at the Columbia Journalism School, writing in The New Yorker, has penned one of the best takes on the likely implementation of network neutrality. He explains why he thinks most people believed that it would never be approved.

Here is an excerpt:

The theory of the wisdom of crowds suggests that the markets have noticed something: the broadband industry hates net neutrality, but its existence has always had a huge and unnoticed upside. Selling broadband is a great business: Moffet has pointed out that the margins are north of ninety-seven per cent. Stated simply, a strong net-neutrality rule locks in the status quo for the most profitable part of the cable industry’s business.

Looking to the future, there’s one last thing that everyone might be wrong about. The general assumption is that the new rules will be met with fierce and protracted litigation (perhaps decades of it, warn the greatest doomsdayers). I’ve said myself that there will be litigation, and it is true that, in our times, most serious regulation is immediately challenged in court, almost as a kind of corporate reflex. Verizon and A.T. & T. have both already threatened to sue. But maybe this prediction is wrong, too.

For one thing, given the jump in stock prices, filing a lawsuit will technically be suing to invalidate rules that seem to have created billions of dollars of shareholder value for the broadband providers. For another, suing the F.C.C. tends to annoy the agency, meaning that you might count out A.T. & T. and Comcast, both of whom have pending mergers before the commission. Sprint has already said that it doesn’t mind net-neutrality regulation, and it is hard to imagine a smaller company really wanting to bother. So it probably comes down to whether Verizon or a trade group like the National Cable & Telecommunications Association thinks that it is worth the time, money, and continued uncertainty inherent in trying to knock out the new rules.

A suit becomes less likely because any such challenge is likely to fail. Unlike in 2010, the F.C.C. has written an exceptionally well-defended rule that depends on its broadest grants of authority to regulate “communications by wire.” Predicting the outcome of an unfiled suit is hazardous business; but it is fair to say that knocking out the rules will be rather hard.

Major tech firms sign on to support Microsoft’s claims

Previously I mentioned that Microsoft had challenged, in open court, a warrant issued in the United States that purported to require Microsoft to provide data housed in its Irish servers.

Now, according to Tech Crunch, a number of other tech giants and civil liberties groups have joined the effort:

Microsoft’s case to prevent the United States government from using search warrants to demand data that is not stored in the United States has picked up a number of high-profile backers, including the Electronic Frontier Foundation, Verizon, AT&T, and, recently, Apple and Cisco.

The final two filed a joint amicus brief, which details their protest of the practice. Microsoft lost its initial suit, as it expected, and has refiled the case. I reached out to both Apple and Cisco for additional comment.

The United States government had issued a warrant for data stored on the company’s servers in Ireland. Microsoft didn’t think that it was reasonable for a United States-specific warrant to apply to overseas and extra-national data.

These companies are clearly at risk if the US is successful, given that those outside the US will not trust US tech firms if the outside users are hung out to dry. The industry has a clear self-interest in these challenges, but the more they make the better even for US citizens.

DEA / AT&T tweets of the day

DEA and AT&T work together

The New York Times is reporting that the Drug Enforcement Administration has been accessing a massive telephone call database created and maintained by AT&T.

The scale and longevity of the data storage appears to be unmatched by other government programs, including the N.S.A.’s gathering of phone call logs under the Patriot Act. The N.S.A. stores the data for nearly all calls in the United States, including phone numbers and time and duration of calls, for five years.

[The] Hemisphere [Project] covers every call that passes through an AT&T switch — not just those made by AT&T customers — and includes calls dating back 26 years, according to Hemisphere training slides bearing the logo of the White House Office of National Drug Control Policy. Some four billion call records are added to the database every day, the slides say; technical specialists say a single call may generate more than one record. Unlike the N.S.A. data, the Hemisphere data includes information on the locations of callers.

You can access a set of slides describing the program here.

This is just what we need, another massive database designed to “get it all.” Congress should hold hearings to review exactly how this operates and how much it has cost to date. And an end to the “war on drugs” would presumably eliminate the need for such a spying tool.

WSJ releases details on additional NSA spying programs

Joining the Washington Post and The Guardian in outing programs operated by the NSA,  the Wall Street Journal is reporting numerous addition programs that collectively 75% of the nation’s data traffic, including domestic emails.

The National Security Agency—which possesses only limited legal authority to spy on U.S. citizens—has built a surveillance network that covers more Americans’ Internet communications than officials have publicly disclosed, current and former officials say.

The system has the capacity to reach roughly 75% of all U.S. Internet traffic in the hunt for foreign intelligence, including a wide array of communications by foreigners and Americans. In some cases, it retains the written content of emails sent between citizens within the U.S. and also filters domestic phone calls made with Internet technology, these people say.

The NSA’s filtering, carried out with telecom companies, is designed to look for communications that either originate or end abroad, or are entirely foreign but happen to be passing through the U.S. But officials say the system’s broad reach makes it more likely that purely domestic communications will be incidentally intercepted and collected in the hunt for foreign ones.

The programs, code-named Blarney, Fairview, Oakstar, Lithium and Stormbrew, among others, filter and gather information at major telecommunications companies. Blarney, for instance, was established with AT&T Inc., T +0.24% former officials say. AT&T declined to comment.

This filtering takes place at more than a dozen locations at major Internet junctions in the U.S., officials say. Previously, any NSA filtering of this kind was largely believed to be happening near points where undersea or other foreign cables enter the country.

* * *

The NSA’s U.S. programs have been described in narrower terms in the documents released by former NSA contractor Edward Snowden. One, for instance, acquires Americans’ phone records; another, called Prism, makes requests for stored data to Internet companies. By contrast, this set of programs shows the NSA has the capability to track almost anything that happens online, so long as it is covered by a broad court order.

Inevitably, officials say, some U.S. Internet communications are scanned and intercepted, including both “metadata” about communications, such as the “to” and “from” lines in an email, and the contents of the communications themselves.

The Journal also has produced a graphic showing visually how the newly known programs actually work. If this isn’t a surveillance state, it is hard to understand what else could be so classified.

Six strikes program begins

Starting now, a so-called “six strikes” program has begun with at least the following Internet providers: AT&T, Cablevision, Comcast, Time Warner Cable and Verizon. It appears that these five ISPs are the only companies implementing the program negotiated with the MPAA and the RIAA Under the program, users will be monitored ad if they are detected downloading copyrighted material, they will be notified by their ISP and become subject to increasing levels of punishment. So much for privacy. Can you imagine the phone company scanning your calls looking for prohibited content or behaviour? Can you trust your ISP with the sort of deep scanning that is required?

If a customer believes he or she is innocent, they can file an appeal (which costs $35, refundable if the customer wins). I would expect a large number of “false positive” claims to be made by the carriers. And I would switch away from these five carriers if you possibly can.

More details here and here.

Tech quote of the day

You lie awake at night worrying about what is that which will disrupt your business model. Apple iMessage is a classic example. If you’re using iMessage, you’re not using one of our messaging services, right? That’s disruptive to our messaging revenue stream.

— AT&T CEO Randall Stephenson, regretting that the telco carriers’ massively over-priced text messaging plans are under serious assault.

I think this Tweet expresses my view quite ably:

FCC releases analysis of proposed AT&T/T-Mobile merger (updated x2)

The FCC has released its report on the likely impact of AT&T’s proposed merger with T-Mobile.  It isn’t pretty. Among other conclusions, the report determines that if the merger were to occur, there would be a no significant wireless competition in any major US city (with the sole exception of Omaha).

Update: The FCC report was originally at the link shown above, but has been removed from that location. Currently, a copy of the report is available here.  However, the new version of the report is heavily redacted. What the heck is going on here?

Update 2: Via Lauren Weinstein, the original version of the FCC report is available here.

How big are iPhone 4S sales?

Well, here are two interesting datapoints: both Sprint and AT&T set one day activation records on Friday.  Not surprising for Sprint, given that the iPhone is new to that carrier. But AT&T has offered the iPhone from day one, and they say that they activated more than twice their previous record.

As of 4:30 pm ET [Friday], AT&T had already activated a record number of iPhones on our network – and is on-track to double our previous record for activations on a single day. These record volumes may produce slower activations for some customers, though our systems continue to run at record levels.

Disclsoure: I am long APPL.

One carrier, one phone

AT&T has announced that it sold more than 200,000 iPhone 4S models in the first 12 hours the phone was on sale yesterday. This is a new record for the company for any phone.

No word yet from Verizon or Sprint.

How long does your mobile carrier keep your data?

Sometimes indefinitely. Check out the details from this formerly secret Justice Department memo.

The nation’s major mobile-phone providers are keeping a treasure trove of sensitive data on their customers, according to newly-released Justice Department internal memo that for the first time reveals the data retention policies of America’s largest telecoms.

The single-page Department of Justice document, “Retention Periods of Major Cellular Service Providers,” (.pdf) is a guide for law enforcement agencies looking to get information — like customer IP addresses, call logs, text messages and web surfing habits – out of U.S. telecom companies, including AT&T, Sprint, T-Mobile and Verizon.

Economics quote of the day

We believe the combination of AT&T and T-Mobile would result in tens of millions of consumers all across the United States facing higher prices, fewer choices and lower-quality products for their mobile wireless services.

James M. Cole, deputy Attorney General, announcing that the DOJ will seek to prohibit the merger of the second and third largest US mobile telecom operators. Leaving only two significant operators absolutely would be against the interest of consumers.