Upstream collection

Last updated September 09, 2023

Upstream collection is a term used by the National Security Agency (NSA) of the United States for intercepting telephone and Internet traffic from the Internet backbone, meaning major Internet cables and switches, both domestic and foreign. Besides the Upstream collection, NSA also gathers information from Internet communications through arrangements with Internet companies under the program codenamed PRISM.^[1] Both the Upstream programs and PRISM are part of the Special Source Operations (SSO) division, which is responsible for collection in cooperation with corporate partners.

Programs

One of the slides of a presentation about the PRISM-program describes Upstream as "collection of communications on fiber cables and infrastructure as data flows past" and says the Upstream collection is conducted under the following four major surveillance programs:^[2]

The FAIRVIEW, BLARNEY and STORMBREW programs are for collecting data at facilities in the United States, whereas OAKSTAR is an umbrella for eight different programs used for collection outside the US. Under all four programs, the collection takes place in cooperation with commercial telecommunication companies, both inside and outside the US.^[3]

Upstream collection programs allow access to very high volumes of data. According to one anonymous official speaking to a Wall Street Journal reporter, first, a pre-selection is done by the telecommunication providers themselves, who select traffic (including the text of emails and the audio of telephone calls) that most likely contains foreign communications. Then the data is passed on to the NSA, where a second selection is made by briefly copying the traffic and filtering it by using so-called "strong selectors" like phone numbers, e-mail or IP addresses of people and organizations in which NSA is interested.^[4] However, William Binney, a former high-ranking NSA official who is now a whistleblower, publicly maintains that the NSA seeks to "collect it all" with minimal filtering.^[5] Internet data collected by Upstream programs can be processed and searched through the XKEYSCORE indexing and analysing system.

Operational details

According to former and current US government officials, there are more than a dozen major US based Internet switching stations where this kind of filtering takes place, which is not only near the sites where the main undersea Internet cables enter the US.^[4] An actual example of a facility where NSA taps Internet backbone cables is Room 641A in the San Francisco switching station of AT&T, which was revealed in 2006. One of the devices used to filter the Internet traffic is the Semantic Traffic Analyzer or STA 6400 made by Boeing subsidiary Narus.

For collection of data from Internet cables and switches outside the United States, the NSA also has secret agreements with foreign Internet providers, especially in Europe and the Middle East. The costs for this cooperation made by these companies are paid by NSA under its Corporate Partner Access program, just like the expenses of the American telecommunication companies. The total costs for this program were estimated at 278 million US dollar for the fiscal year 2013.^[4]^[6]

Upstream collection is conducted under four different legal authorizations:

In a Foreign Intelligence Surveillance Court (FISC) order from October 3, 2011, it was said that the Upstream collection accounts for approximately 9% of the total number of 250 million Internet communications which NSA collects under the authority of section 702 FAA every year. During the first half of 2011, NSA acquired some 13.25 million Internet communications through Upstream collection. Although this is a relatively small amount, the order says Upstream collection is significant because it contains certain types of valuable foreign intelligence information, it still involves the collection of millions of Internet communications each year, and it is impossible for NSA to exclude domestic communications being collected due to technical difficulties.^[1]

Legal claims

On March 10, 2015, the American Civil Liberties Union sued the United States Department of Justice and the National Security Agency (NSA) against the NSA massive online surveillance, claiming that "the surveillance exceeds the scope of the authority that Congress provided in the FISA Amendments Act of 2008 (“FAA”) and violates the First and Fourth Amendments." The lawsuit was not heard, like other previous analogue complaints, and the first debate was postponed to October due to lack of standing. The decision was appealed by the Wikimedia Foundation who leaded other eight organizations.^[7]^[8]

As of February 14, 2020, the legal case wasn't yet concluded.

Related media

Upstream: Map of International Cables
Upstream: Transit Authority
Upstream: Map of Transit Authority
Upstream: Unique Aspects
Upstream: Corporate Portfolio

Related Research Articles

Project SHAMROCK was the sister project to Project MINARET, an espionage exercise started in August 1945. Project MINARET involved the accumulation of all telegraphic data that entered or exited the United States. The Armed Forces Security Agency (AFSA) and its successor, the National Security Agency (NSA), were given direct access to daily microfilm copies of all incoming, outgoing, and transiting telegrams via the Western Union and its associates RCA and ITT. NSA did the operational interception, and, if there was information that would be of interest to other intelligence agencies, the material was passed to them. Intercepted messages were disseminated to the FBI, CIA, Secret Service, Bureau of Narcotics and Dangerous Drugs (BNDD), and the Department of Defense. No court authorized the operation and there were no warrants.

The FISA Amendments Act of 2008, also called the FAA and Foreign Intelligence Surveillance Act of 1978 Amendments Act of 2008, is an Act of Congress that amended the Foreign Intelligence Surveillance Act. It has been used as the legal basis for surveillance programs disclosed by Edward Snowden in 2013, including PRISM.

PRISM is a code name for a program under which the United States National Security Agency (NSA) collects internet communications from various U.S. internet companies. The program is also known by the SIGAD US-984XN. PRISM collects stored internet communications based on demands made to internet companies such as Google LLC and Apple under Section 702 of the FISA Amendments Act of 2008 to turn over any data that match court-approved search terms. Among other things, the NSA can use these PRISM requests to target communications that were encrypted when they traveled across the internet backbone, to focus on stored data that telecommunication filtering systems discarded earlier, and to get data that is easier to handle.

Boundless Informant is a big data analysis and data visualization tool used by the United States National Security Agency (NSA). It gives NSA managers summaries of the NSA's worldwide data collection activities by counting metadata. The existence of this tool was disclosed by documents leaked by Edward Snowden, who worked at the NSA for the defense contractor Booz Allen Hamilton. Those disclosed documents were in a direct contradiction to the NSA's assurance to United States Congress that it does not collect any type of data on millions of Americans.

Special Source Operations (SSO) is a division in the US National Security Agency (NSA) which is responsible for all programs aimed at collecting data from major fiber-optic cables and switches, both inside the US and abroad, and also through corporate partnerships. Its existence was revealed through documents provided by Edward Snowden to media outlets in 2013 and, according to him, it is the "crown jewel" of the NSA.

Fairview is a secret program under which the National Security Agency cooperates with the American telecommunications company AT&T in order to collect phone, internet and e-mail data mainly of foreign countries' citizens at major cable landing stations and switching stations inside the United States. The FAIRVIEW program started in 1985, one year after the Bell breakup.

XKeyscore is a secret computer system used by the United States National Security Agency (NSA) for searching and analyzing global Internet data, which it collects in real time. The NSA has shared XKeyscore with other intelligence agencies, including the Australian Signals Directorate, Canada's Communications Security Establishment, New Zealand's Government Communications Security Bureau, Britain's Government Communications Headquarters, Japan's Defense Intelligence Headquarters, and Germany's Bundesnachrichtendienst.

BLARNEY is a communications surveillance program of the National Security Agency (NSA) of the United States. It started in 1978, operated under the Foreign Intelligence Surveillance Act and was expanded after the September 11 attacks.

The practice of mass surveillance in the United States dates back to wartime monitoring and censorship of international communications from, to, or which passed through the United States. After the First and Second World Wars, mass surveillance continued throughout the Cold War period, via programs such as the Black Chamber and Project SHAMROCK. The formation and growth of federal law-enforcement and intelligence agencies such as the FBI, CIA, and NSA institutionalized surveillance used to also silence political dissent, as evidenced by COINTELPRO projects which targeted various organizations and individuals. During the Civil Rights Movement era, many individuals put under surveillance orders were first labelled as integrationists, then deemed subversive, and sometimes suspected to be supportive of the communist model of the United States' rival at the time, the Soviet Union. Other targeted individuals and groups included Native American activists, African American and Chicano liberation movement activists, and anti-war protesters.

OAKSTAR is a secret internet surveillance program of the National Security Agency (NSA) of the United States. It was disclosed in 2013 as part of the leaks by former NSA contractor Edward Snowden.

STORMBREW is a secret internet surveillance program of the National Security Agency (NSA) of the United States. It was disclosed in the summer of 2013 as part of the leaks by former NSA contractor Edward Snowden.

Digital Network Intelligence or DNI is a term used in the United States Intelligence Community that refers to "intelligence from intercepted digital data communications transmitted between, or resident on, networked computers."

Ongoing news reports in the international media have revealed operational details about the Anglophone cryptographic agencies' global surveillance of both foreign and domestic nationals. The reports mostly emanate from a cache of top secret documents leaked by ex-NSA contractor Edward Snowden, which he obtained whilst working for Booz Allen Hamilton, one of the largest contractors for defense and intelligence in the United States. In addition to a trove of U.S. federal documents, Snowden's cache reportedly contains thousands of Australian, British, Canadian and New Zealand intelligence files that he had accessed via the exclusive "Five Eyes" network. In June 2013, the first of Snowden's documents were published simultaneously by The Washington Post and The Guardian, attracting considerable public attention. The disclosure continued throughout 2013, and a small portion of the estimated full cache of documents was later published by other media outlets worldwide, most notably The New York Times, the Canadian Broadcasting Corporation, the Australian Broadcasting Corporation, Der Spiegel (Germany), O Globo (Brazil), Le Monde (France), L'espresso (Italy), NRC Handelsblad, Dagbladet (Norway), El País (Spain), and Sveriges Television (Sweden).

This is a category of disclosures related to global surveillance.

Global mass surveillance can be defined as the mass surveillance of entire populations across national borders.

The FISA Improvements Act is a proposed act by Senator Dianne Feinstein, Chair of the Senate Intelligence Committee. Prompted by the disclosure of NSA surveillance by Edward Snowden, it would establish the surveillance program as legal, but impose some limitations on availability of the data. Opponents say the bill would codify warrantless access to many communications of American citizens for use by domestic law enforcement.

The Data Intercept Technology Unit is a unit of the Federal Bureau of Investigation (FBI) of the United States, which is responsible for intercepting telephone calls and e-mail messages of terrorists and foreign intelligence targets inside the US. It is not known when DITU was established, but the unit already existed in 1997.

This timeline of global surveillance disclosures from 2013 to the present day is a chronological list of the global surveillance disclosures that began in 2013. The disclosures have been largely instigated by revelations from the former American National Security Agency contractor Edward Snowden.

References

1 2 "Foreign Intelligence Surveillance Court order" (PDF). October 3, 2011. pp. 29–32.
↑ Timberg, Craig (2013-07-10). "NSA slide shows surveillance of undersea cables". Washington Post. ISSN 0190-8286 . Retrieved 2023-02-20.
↑ P/K, Geplaatst door. "Slides about NSA's Upstream collection" . Retrieved 2023-02-20.
1 2 3 "Matthew M. Aid". kafila.org. 2019-11-07. Retrieved 2023-02-20.
↑ Whittaker, Zack. "NSA is so overwhelmed with data, it's no longer effective, says whistleblower" . Retrieved 10 January 2018.
↑ P/K, Geplaatst door. "NSA also has arrangements with foreign internet providers" . Retrieved 2023-02-20.
↑ W. Penney, Jonathon (2016). "Chilling effects: online surveillance and Wikipedia use" (PDF). Berkeley Technology Law Journal. 31 (1): 119–20. doi:10.15779/Z38SS13. ISSN 1086-3818. JSTOR 43917620. OCLC 8512541087 . Retrieved March 29, 2021– via digitalcommons.schulichlaw.dal.ca.{{cite journal}}: External link in |via= (help)
↑ Pprindle, Drew (October 26, 2015). "Judge dismisses Wikimedia v. NSA lawsuit, says plaintiff arguments are based on speculation". Archived from the original on March 11, 2015.

External links

Top Level Telecommunications: Slides about NSA's Upstream collection

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[fisc2011-1] 1 2 "Foreign Intelligence Surveillance Court order" (PDF). October 3, 2011. pp. 29–32.

[2] Timberg, Craig (2013-07-10). "NSA slide shows surveillance of undersea cables". Washington Post. ISSN 0190-8286 . Retrieved 2023-02-20.

[slides-3] P/K, Geplaatst door. "Slides about NSA's Upstream collection" . Retrieved 2023-02-20.

[wsj2013-4] 1 2 3 "Matthew M. Aid". kafila.org. 2019-11-07. Retrieved 2023-02-20.

[5] Whittaker, Zack. "NSA is so overwhelmed with data, it's no longer effective, says whistleblower" . Retrieved 10 January 2018.

[6] P/K, Geplaatst door. "NSA also has arrangements with foreign internet providers" . Retrieved 2023-02-20.

[7] W. Penney, Jonathon (2016). "Chilling effects: online surveillance and Wikipedia use" (PDF). Berkeley Technology Law Journal. 31 (1): 119–20. doi:10.15779/Z38SS13. ISSN 1086-3818. JSTOR 43917620. OCLC 8512541087 . Retrieved March 29, 2021– via digitalcommons.schulichlaw.dal.ca.{{cite journal}}: External link in |via= (help)

[8] Pprindle, Drew (October 26, 2015). "Judge dismisses Wikimedia v. NSA lawsuit, says plaintiff arguments are based on speculation". Archived from the original on March 11, 2015.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

v t e National Security Agency
Locations	Alaska Mission Operations Center Colorado Cryptologic Center Consolidated Intelligence Center CSSG Dorsey Road European Cryptologic Center European Technical Center Fort Meade Friendship Annex Georgia Cryptologic Center Hawaii Cryptologic Center Interagency Training Center Kent Island Misawa Security Operations Center Multiprogram Research Facility Pine Gap RAF Menwith Hill Roaring Creek Room 641A Salt Creek Sugar Grove Texas Cryptologic Center Utah Data Center Pacific Technical Center
Leaders	Ralph Canine John A. Samford Laurence Hugh Frost Gordon Blake Marshall Carter Noel Gayler Samuel C. Phillips Lew Allen Bobby Ray Inman Lincoln D. Faurer William Eldridge Odom Bill Studeman John Michael McConnell Kenneth Minihan Michael Hayden Keith B. Alexander Michael S. Rogers Paul Nakasone
Divisions	CSS Information Warfare Support Center ROC Special Collection Service SSO TAO NTOC NSOC
Technology	ANT catalog FROSTBURG HARVEST Secure Terminal Equipment (STE) STU-I STU-II STU-III WARRIOR PRIDE
Controversy	Global surveillance disclosures (2013–present) Church Committee Edward Snowden LOVEINT James Bamford NSA warrantless surveillance controversy Pike Committee Russ Tice Thomas Andrews Drake Thomas Tamm Matthew Aid
Programs	Boundless Informant Dropmire ECHELON Fairview Insider Threat Program MUSCULAR MYSTIC PRISM Real Time Regional Gateway Stellar Wind TRAILBLAZER Turbulence Upstream XKeyscore Epic Shelter
Databases	DISHFIRE Interquake Main Core MAINWAY MARINA Nymrod PINWALE
Other	Dundee Society Institute for Defense Analyses National Cryptologic Museum National Cryptologic School National Vigilance Park NSA Hall of Honor VENONA Vulnerabilities Equities Process Zendian Problem