PRISM, "Five Eyes" and Kim Dotcom

The PRISM story keeps growing -- now there are reports the NSA has shared data on Kim Dotcom obtained via PRISM with the international spy group "Five Eyes," (background here -- it includes representatives from the U.S., U.K., New Zealand, Canada and Australia,) and that Five Eyes may have given the intercepted data on Kim Dotcom to New Zealand's GSB, which in turn gave it to a specialized New Zealand police group, that used the information to assist the FBI and facilitate his arrest on U.S. charges.

"Five Eyes" met in New Zealand just 2 days before the Prime Minister announced the illegal interception of Kim Dotcom's communications on Sept. 17. Who was at the meeting? Reportedly, Intelligence Co-ordination Group director Roy Ferguson, a former ambassador to the US,along with representatives from the US Central Intelligence Agency, National Security Agency, Britain's Communications Headquarters, Canada's Communications Security Establishment and the Australian Secret Intelligence Service. [More...]

It was just revealed in New Zealand that Kim DotCom's intercepted data allegedly shared with Five Eyes may have emanated from PRISM:

Documents show strings of data being fed into a spying system which has links to the Five Eyes network, of which New Zealand's GCSB is a member with Australian, Canadian, UK and US partners.

It is the same information used to match personal detail harvested by the Prism system, revealed in the Guardian newspaper as being set up in 2007 to monitor people outside the US by sifting through massive amounts of data collected from Apple, Facebook, Google, Microsoft and other internet giants. The revelation rocked the US, forcing President Barack Obama to defend the system as a "modest encroachments on privacy", and then the UK, after it emerged its partner in the Five Eyes network had access to the Prism scheme for at least three years.

Dotcom is certain of the PRISM link:

Mr Dotcom, who faces extradition to the US on charges of copyright violation, said he believed the GCSB sifted through Prism data with his details prior to the arrest. "It certainly did involve Prism. GCSB relies heavily on US spy technology. The Five Eyes have one brain and it sits in the US."

Papers released in the Dotcom court case support the links to the Five Eyes network but crucially have the name of the intelligence system doing the actual spying deleted.

What the documents show:

Documents show analysts tasked with organising the spying marked it as associated with the Five Eyes network. One document, classifying it as "Secret", listed the five member nations and stated: "Please enter into [name of system redacted] and mark as priority." The accompanying list is called "Selectors of Interest" and details a long string of information similar to that used in Prism. It includes cellphone numbers, driver licence details, email addresses, passport numbers, internet protocol and real world addresses.

Another document was headed up "Top Secret" and "rel to NZL/FVEY" (New Zealand/Five Eyes). It referred to "traffic volume from these selectors", showing information was intercepted.

Then there's this European report by the Centre for the Study of Conflicts, Liberty and Security that I wrote about in January. The report says that FISA allows “purely political surveillance on foreigners' data” if it is stored using U.S. cloud services like those provided by Google, Microsoft and Facebook." Via Slate:

According to [report co-author Caspar]Bowden, the 2008 FISA amendment created a power of “mass surveillance” specifically targeted at the data of non-U.S. persons located outside America, which applies to cloud computing. This means that U.S. companies with a presence in the EU can be compelled under a secret surveillance order, issued by a secret court, to hand over data on Europeans. Because non-American citizens outside the United States have been deemed by the court not to fall under the search and seizure protections of the Fourth Amendment, it opens the door to an unprecedented kind of snooping.

William E. Kennard, United States Ambassador to the European Union, denied the U.S. was engaging in mass snooping of Europeans at the 2012 European Cloud Computing Conference:

While some cloud providers here in Europe have recently made the fear of unlimited U.S. Government access to data a selling point for their services, this is an inaccurate assessment and completely ignores the facts. As many of you know, all law enforcement and national security investigations in the United States are subject to a careful set of legal and judicial constraints to protect individual privacy. While our systems may differ in approach, let me assure you that we have in place protections that are fundamentally similar to those in Europe. In a number of critical areas, the U.S. provides more restrictions to the access of personal data than do European Member States. 

Caspar Bowden, who previously served as the chief privacy adviser to Microsoft Europe, says differently. He says the new FISA extensions are worse than the Patriot Act:

Bowden says FISA is effectively “a carte blanche for anything that furthers U.S. foreign policy interests” and legalizes the monitoring of European journalists, activists, and politicians who are engaged in any issue in which the United States has a stake. FISA, according to Bowden, expressly makes it lawful for the United States to do “continuous mass-surveillance of ordinary lawful democratic political activities,” and could even go as far as to force U.S. cloud providers like Google to provide a live “wiretap” of European users’ data.

The report says the 2008 FISA Amendments extended snooping on foreigners to data stored in the cloud.

[A] test case at the Foreign Intelligence Surveillance Court of Review... held definitively that the Fourth Amendment requirement for a specific warrant only applied to surveillance directed at US persons. This opened the door for Congress to enact FISAA §1881a in 2008, which authorized mass- surveillance of foreigners (outside US territory), but whose data was within range of US jurisdiction.

However, the most significant change escaped any comment or public debate altogether. The scope of surveillance was extended beyond interception of communications, to include any data in public cloud computing as well. This change occurred merely by incorporating “remote computing services” into the definition of an “electronic communication service provider.”

As a result of the way FISA defines “foreign intelligence information”, "which includes information with respect to a foreign-based political organization or foreign territory that relates to the conduct of the foreign affairs of the United States," (which was accomplished by truncating and substituting limbs of clauses §1801e and §1801a)the report says:

In other words, it is lawful in the US to conduct purely political surveillance on foreigners' data accessible in US Clouds .... FISAAA 1881a means that any data-at-rest formerly processed “on premise” within the EU, which becomes migrated into Clouds, becomes liable to mass-surveillance – for purposes of furthering the foreign affairs of the US (as well as the expected purposes of terrorism, money-laundering etc.).

Then the report discusses the threat caused by "new NSA data centres constructed for storage and analysis on an unprecedented scale," citing the March, 2012 WIRED article, exposed by NSA Whistleblower William Binney and James Banford (more about that and PRISM and Stellar Wind here.) The report says:

The EP should ask for further enquiries into the US FISA Amendments Act, the status of the 4th Amendment with respect to NONUSPERS, and the USA PATRIOT Act (especially s.215). The EP should consider amending the DP Regulation to require prominent warnings to individual data subjects (of vulnerability to political surveillance) before EU Cloud data is exported to US jurisdiction. No data subject should be left unaware if sensitive data about them is exposed to a 3rd country's surveillance apparatus.

Prime Minister John Keys of course denies New Zealand is getting information from U.S. spies. But he also says he doesn't know the details of how information is gathered that is shared between the two nations.

The strings of data obtained illegally under New Zealand law on Kim DotCom match the strings of data PRISM obtains. This is all cloud data, like that described in the European report, warnings about which were published by WIRED and NSA Whistleblower William Binney in 2012.

It sure sounds like the NSA gave Kim Dotcom's data, obtained via PRISM, to Five Eyes, which in turn gave it to New Zealand's Government Communications Security Bureau (GCSB), which illegally gave it to the New Zealand police who were providing assistance to the U.S. in its efforts to have Dotcom arrested. According to the Prime Minister:

A specialist group of New Zealand Police Officers has been involved in assisting the United States authorities and investigating a couple of related New Zealand matters. As part of the New Zealand Police assistance, communications passed between the Police group and GCSB. Those communications were related to a proposal to arrest Kim Dotcom and associated persons.

...The documents show that information was collected about Dotcom and his associates by the Bureau (largely about their movements or possible movements at relevant times) and passed on to the Police.

Is there anything positive to take from this? Maybe it means the wall between the FBI and intelligence isn't completely demolished. If it were, why wouldn't the NSA have given the intercepted information directly to the FBI to assist in its operation to take down Kim Dotcom and associates in the New Zealand raid, instead of using Five Eyes as the go-between?

Kim Dotcom's extradition has now been postponed from August, 2013 to November, 2013 at the earliest, and probably April 2014, as a recent order by the High court about whether Dotcom can see the evidence seized by local police during the illegal raid goes to the New Zealand Supreme Court. (Court ruling here.)According to Dotcom lawyer Ira Rothken:

"The extradition hearing schedule was changed to allow time for appeals to take place and to get more clarity on the disclosure of the Government's evidence and other pending issues that could impact the integrity of the process.

The High Court also ruled that New Zealand had to return the data seized on Kim Dotcom's hard drives that it shipped to the FBI.

In yet another action, the New Zealand Supreme Court is set to rule in August 2013 on whether Dotcom should be provided access to the American evidence (in the form of documents, rather than seized data) against him in the extradition proceeding.

< Monday Open Thread | Tuesday PRISM News >
  • The Online Magazine with Liberal coverage of crime-related political and injustice news

  • Contribute To TalkLeft

  • Display: Sort:
    this just keeps getting better and better. (none / 0) (#1)
    by cpinva on Mon Jun 10, 2013 at 07:27:51 PM EST
    FISA may make it legal in the US, to spy on foreigners, in their home countries, it doesn't make it legal in the foreign country. I believe that's called spying, and most companies have laws against it. it would be interesting to see how US authorities would react, if the executives of the foreign divisions of US companies were arrested, and charged with spying, or invasion of privacy. i'm guessing the US would squawk, loudly.

    Most countries are effectively US satellites... (none / 0) (#3)
    by redwolf on Mon Jun 10, 2013 at 07:37:49 PM EST
    They either take money from us or their elites are carbon copies of our elites.  Would truly independent nations do things like the Kim Dotcom raid?  Only in the outer fringe of US control (Venezuela, Russia, ect) would anything like that happen.

    "most countries", not companies. (none / 0) (#2)
    by cpinva on Mon Jun 10, 2013 at 07:28:44 PM EST
    edit function!

    And here we thought (none / 0) (#4)
    by jimakaPPJ on Mon Jun 10, 2013 at 10:22:33 PM EST
    "24" was fiction.

    Armaprism (none / 0) (#6)
    by koshembos on Mon Jun 10, 2013 at 11:07:03 PM EST
    Any attempt to claim that intelligence services are collecting meta data in pursuit of terrorists is downright ridiculous. In the end, they spy on each and every individual still breathing.  

    I see that Greenwald tweeted that (none / 0) (#7)
    by Militarytracy on Mon Jun 10, 2013 at 11:57:45 PM EST
    Clapper needs to save some of his melodrama and rhetoric for the upcoming revelations because he's going to need them.

    What could those revelations be? (5.00 / 1) (#8)
    by caseyOR on Tue Jun 11, 2013 at 01:18:08 AM EST
    A list of names of people who have been specifically targeted, but are not terrorists? That would be big, especially if some of them were members of Congress or foreign politicians or captains of industry.

    Or could it be that NSA staffers and Booz Allen executives have used the info from these intercepts to make profitable investments? Boy howdy, talk about your insider insider trading.

    I wonder what the dropping of the other shoe will reveal. I do hope all is revealed very soon.


    I'm almost afraid to know all they have done (5.00 / 1) (#9)
    by Militarytracy on Tue Jun 11, 2013 at 01:23:02 AM EST
    Reading tonight, and it just gets creepier and creepier.

    I seem to recall that the patriot act provided (none / 0) (#10)
    by Mr Natural on Tue Jun 11, 2013 at 10:11:57 AM EST
    for this type of inter-TLA (three letter agency) information sharing.  In other words, what the NSA scoops up is fair game for every jackbooted agency, black budget or otherwise, on the American taxpayer's payroll.

    Well at least... (none / 0) (#11)
    by kdog on Tue Jun 11, 2013 at 02:50:49 PM EST
    they're only using the sterouid spy powers going after the real blood-thirty murderous terrorists like...Kim Dotcom????

    Terrrrrrrrrorism is in the eyes... (none / 0) (#13)
    by Mr Natural on Wed Jun 12, 2013 at 09:06:33 AM EST
    ... of the copyright holders.

    LOL... (none / 0) (#14)
    by kdog on Wed Jun 12, 2013 at 09:54:17 AM EST
    if economic terrorism is on the table, I hope the NSA is all up in the big banks and Wall St's bidness.

    Oops, silly me, same team!


    Treacherous Gang of Five Eyes (none / 0) (#12)
    by VisGuyFawkes on Tue Jun 11, 2013 at 10:40:47 PM EST
    Gangs come in fives.  This Five eyes network of mutualism is in essence, co-operative treason.  each of the Gang of Five permits and encourages collusive espionage and therefore, treason. (In Canada, a person who aids or abets in the commission of a crime is treated the same as a principal offender under the criminal law. Section 21(1) of the Criminal Code provides that:
    Every one is a party to an offence who (a) actually commits it;(b) does or omits to do anything for the purpose of aiding any person to commit it; or(c) abets any person in committing it.
    To show that an accused aided or abetted in the commission of a crime, the Crown does not need to prove the guilt of a specific principal offender.

    The Crown must show something more than mere presence to prove the act of aiding or abetting. Presence in the commission of a crime might be evidence of aiding and abetting if the accused had prior knowledge of the crime, or if the accused had legal duty or control over the principal offender. For example, the owner of a car who lets another person drive dangerously without taking steps to prevent it may be guilty because of their control over the driver's use of the vehicle.[1]

    Further, the Crown must show that the accused had prior knowledge that "an offence of the type committed was planned", but it is not necessary that the accused desired the result or had the motive of assisting the crime. Intention to assist the crime is sufficient. [2]

    The Five Eyes agreement therefore aids or abets domestic espionage in each of the participants respective countries.