A new report by The Intercept revealed more details about the decade-long relationship between AT&T and the NSA. It also uncovered eight “NSA fortresses” that are actually AT&T buildings enabling the agency to spy on Americans and people from many other countries with which AT&T has peering partnerships.
AT&T’s "Spy Room” (Room 641A)
Back in 2003, the NSA started a project called “Room 641A” at one of AT&T’s headquarters in San Francisco at the time, where the agency would tap into AT&T’s internet cables in order to siphon everyone’s unencrypted web traffic data and communications.
An AT&T technician discovered what was happening in that room and came forward in 2007 with this information, after the New York Times presented information about related and illegal mass surveillance operations authorized by President Bush, in 2005.
As a response to all of these revelations, Congress passed FISA in 2008 not to punish the NSA or AT&T for their illegal activities, but to grant all carriers that may have aided the NSA in such operations retroactive immunity against lawsuits.
AT&T’s “Extreme Willingness To Help” The NSA
In 2015, ProPublica published a report in which it revealed documents that showed AT&T’s “extreme willingness to help” U.S. intelligence agencies spy on Americans and foreigners.
According to the documents, the portion of the NSA’s top-secret budget in 2013 assigned to the deal it made with the AT&T was twice that assigned to the next-largest program. A year later it was also revealed that AT&T was enabling other such warrantless surveillance programs against its own customers on behalf of law enforcement, which were quite profitable for the company.
One documented obtained by ProPublica reminded NSA officials to be polite when visiting AT&T because “This is a partnership, not a contractual relationship.” What this implied was that the AT&T was going far and beyond what the law required of companies that had to cooperate with intelligence or civil law enforcement agencies.
NSA Expands AT&T “Spy Room” To Eight Spy “Fortresses”
According to the new report by The Intercept, not only has the NSA not “shut down” the Room 641A program, but it has greatly expanded it to eight AT&T spy “fortresses.” The Intercept’s documents show a top-secret NSA map that points to eight AT&T “backbone node with peering” facilities in Atlanta, Chicago, Dallas, Los Angeles, New York City, San Francisco, Seattle, and Washington, D.C.
The reason The Intercept called these facilities spy “fortresses” is because they seem to be facilities that are heavily protected either against nuclear blasts, earthquakes, or other such phenomena.
All eight facilities are also entire large buildings, unlike the single room the NSA had at the AT&T headquarters 15 years ago, which shows us just how much AT&T’s relationship with the NSA has improved as well as how much the NSA’s mass surveillance operations have expanded.
Officially, the eight buildings’ purpose is to improve AT&T’s network and enable future growth. Their real purpose is to help the NSA collect all of the data not just from AT&T’s customers but also from the customers of other ISPs, both domestic and foreign, with which AT&T has peering deals.
Spying Programs Enabled By Executive Order 12333
Foreign internet traffic is often run through the U.S., mainly because many American companies provide online services to a large population of foreign users, but also because the U.S. can connect Europe and Asia through its cables.
The fact that the NSA has this kind of programs in place is precisely why the Court of Justice of the European Union has said in the past that Safe Harbor was invalid. The U.S. government can’t be trusted not to spy on European citizens as the European citizens’ data is processed on American soil, which means EU privacy rights can’t be guaranteed as well as they need to be under the Charter of Fundamental Rights.
NSA’s mass surveillance powers that prevent American companies from guaranteeing EU citizens their privacy rights are given by the Reagan-era Executive Order 12333, which enables the agency to spy on “communications which originate and terminate in foreign countries, but traverse U.S. territory.”
Using this program, the NSA can spy on EU citizens emailing Latin-Americans, for instance. This is precisely why following Snowden’s revelations, the EU and Brazil started discussions about connecting their own direct internet lines to each other. However, for this not to be a pointless exercise, the EU would also need to ensure that its own member states don’t hand over that data to the U.S. on a silver platter, as they’ve done in the past.
So far, AT&T hasn’t been too impacted by these revelations about its joint mass surveillance operations with the NSA, but one way to impact these activities would be for other domestic or foreign ISPs that have peering partnerships with AT&T to end those contracts and choose a competitor instead. AT&T’s direct customers could also switch to carriers that have less of such a cozy relationship with the U.S. intelligence agencies. Otherwise, AT&T and NSA's partnership could not just continue unfettered but also expand further.