Interception Capabilities 2000

 
Contents

1. Organisations and methods

 
What is communications intelligence?  
UKUSA alliance

Other Comint organisations


How intelligence works  
Planning

Access and collection

Processing

Production and dissemination
 
  2. Intercepting international communications  
International Leased Carrier (ILC) communications  
High frequency radio

Microwave radio relay

Subsea cables

Communications satellites

Communications techniques


ILC communications collection  
Access

Operation SHAMROCK

High frequency radio interception

Space interception of inter-city networks

Sigint satellites

COMSAT ILC collection

Submarine cable interception

Intercepting the Internet

Covert collection of high capacity signals

New satellite networks
 
  3. ECHELON and Comint production  
The "Watch List"   New information about ECHELON sites and systems  
Westminster, London : Dictionary computer

Sugar Grove, Virginia : COMSAT interception at ECHELON site

Sabana Seca, Puerto Rico and Leitrim, Canada : COMSAT interception sites

Waihopai, New Zealand : Intelsat interception at ECHELON site
  ILC processing techniques
  4. Comint and Law Enforcement  
Misrepresentation of law enforcement interception requirements

Law enforcement communications interception - policy development in Europe
 
  5. Comint and economic intelligence  
Tasking economic intelligence

Disseminating economic intelligence

The use of Comint economic intelligence product  
Panavia European Fighter Aircraft consortium and Saudi Arabia

Thomson CSF and Brazil

Airbus Industrie and Saudi Arabia

International trade negotiations

Targeting host nations
 
  6. Comint capabilities after 2000  
Developments in technology Policy issues for the European Parliament
 

Technical annexe  
Broadband (high capacity multi-channel) communications

Communications intelligence equipment  
Wideband extraction and signal analysis

Filtering, data processing, and facsimile analysis

Traffic analysis, keyword recognition, text retrieval, and topic analysis

Speech recognition systems

Continuous speech recognition

Speaker identification and other voice message selection techniques
  "Workfactor reduction"; the subversion of cryptographic systems
  Glossary and definitions
 

Footnotes
   


Summary

• Comprehensive systems exist to access, intercept and process every important modern form of communications, with few exceptions (section 2, technical annexe);
• Contrary to reports in the press, effective "word spotting" search systems automatically to select telephone calls of intelligence interest are not yet available, despite 30 years of research. However, speaker recognition systems - in effect, "voiceprints" - have been developed and are deployed to recognise the speech of targeted individuals making international telephone calls;
• Recent diplomatic initiatives by the United States government seeking European agreement to the "key escrow" system of cryptography masked intelligence collection requirements, and formed part of a long-term program which has undermined and continues to undermine the communications privacy of non-US nationals, including European governments, companies and citizens;
• There is wide-ranging evidence indicating that major governments are routinely utilising communications intelligence to provide commercial advantage to companies and trade.

14. Processing is the conversion of collected information into a form suitable for analysis or the production of intelligence, either automatically or under human supervision. Incoming communications are normally converted into standard formats identifying their technical characteristics, together with message (or signal) related information (such as the telephone numbers of the parties to a telephone conversation).

15. At an early stage, if it is not inherent in the selection of the message or conversation, each intercepted signal or channel will be described in standard "case notation". Case notation first identifies the countries whose communications have been intercepted, usually by two letters. A third letter designates the general class of communications: C for commercial carrier intercepts, D for diplomatic messages, P for police channels, etc. A fourth letter designates the type of communications system (such as S for multi-channel). Numbers then designate particular links or networks. Thus for example, during the 1980s NSA intercepted and processed traffic designated as "FRD" (French diplomatic) from Chicksands, England, while the British Comint agency GCHQ deciphered "ITD" (Italian diplomatic) messages at its Cheltenham headquarters. (9)

16. Processing may also involve translation or "gisting" (replacing a verbatim text with the sense or main points of a communication). Translation and gisting can to some degree be automated.

Production and dissemination

17. Comint production involves analysis, evaluation, translation and interpretation of raw data into finished intelligence. The final step of the intelligence cycle is dissemination, meaning the passing of reports to the intelligence consumers. Such reports can consist of raw (but decrypted and/or translated) messages, gists, commentary, or extensive analyses. The quality and relevance of the disseminated reports lead in turn to the re-specification of intelligence collection priorities, thereby completing the intelligence cycle.

18. The nature of dissemination is highly significant to questions of how Comint is exploited to obtain economic advantage. Comint activities everywhere are highly classified because, it is argued, knowledge of the success of interception would be likely to lead targets to change their communications methods to defeat future interception. Within the UKUSA system, the dissemination of Comint reports is limited to individuals holding high-level security "SCI" clearances.(10) Further, because only cleared officials can see Comint reports, only they can set requirements and thus control tasking. Officials of commercial companies normally neither have clearance nor routine access to Comint, and may therefore only benefit from commercially relevant Comint information to the extent that senior, cleared government officials permit. The ways in which this takes place is described in Section 5, below.

19. Dissemination is further restricted within the UKUSA organisation by national and international rules generally stipulating that the Sigint agencies of each nation may not normally collect or (if inadvertently collected) record or disseminate information about citizens of, or companies registered in, any other UKUSA nation. Citizens and companies are collectively known as "legal persons". The opposite procedure is followed if the person concerned has been targeted by their national Comint organisation.

20. For example, Hager has described (11) how New Zealand officials were instructed to remove the names of identifiable UKUSA citizens or companies from their reports, inserting instead words such as "a Canadian citizen" or "a US company". British Comint staff have described following similar procedures in respect of US citizens following the introduction of legislation to limit NSA's domestic intelligence activities in 1978.(12) The Australian government says that "DSD and its counterparts operate internal procedures to satisfy themselves that their national interests and policies are respected by the others ... the Rules [on Sigint and Australian persons] prohibit the dissemination of information relating to Australian persons gained accidentally during the course of routine collection of foreign communications; or the reporting or recording of the names of Australian persons mentioned in foreign communications".(13) The corollary is also true; UKUSA nations place no restrictions on intelligence gathering affecting either citizens or companies of any non-UKUSA nation, including member states of the European Union (except the UK).
 

"was obtained incidentally in the course of NSA's interception of aural and non-aural (e.g., telex) international communications and the receipt of GCHQ-acquired telex and ILC (International Leased Carrier) cable traffic (SHAMROCK)^" (emphasis in original).(15)  

High frequency radio interception antenna (AN/FLR9)	DODJOCC sign at NSA station, Chicksands

High frequency radio interception

Comint satellites in geostationary orbits, such as VORTEX, intercept terrestial microwave spillage	Inter-city microwave radio relay tower pills" signals into space

Satellite ground terminal at Etam, West Virginia  connecting Europe and the US via Intelsat IV	GCHQ constructed an identical "shadow" station in 1972 to intercept Intelsat messages for UKUSA

51. During 1985, cable-tapping operations were extended into the Mediterranean, to intercept cables linking Europe to West Africa. (30) After the cold war ended, the USS Parche was refitted with an extended section to accommodate larger cable tapping equipment and pods. Cable taps could be laid by remote control, using drones. USS Parche continues in operation to the present day, but the precise targets of its missions remain unknown. The Clinton administration evidently places high value on its achievements, Every year from 1994 to 1997, the submarine crew has been highly commended.(31) Likely targets may include the Middle East, Mediterranean, eastern Asia, and South America. The United States is the only naval power known to have deployed deep-sea technology for this purpose.

52. Miniaturised inductive taps recorders have also been used to intercept underground cables. (32) Optical fibre cables, however, do not leak radio frequency signals and cannot be tapped using inductive loops. NSA and other Comint agencies have spent a great deal of money on research into tapping optical fibres, reportedly with little success. But long distance optical fibre cables are not invulnerable. The key means of access is by tampering with optoelectronic "repeaters" which boost signal levels over long distances. It follows that any submarine cable system using submerged optoelectronic repeaters cannot be considered secure from interception and communications intelligence activity.
 

USS halibut with disguised chamber for diving	Cable tapping pod laid by USsubmarine off Khamchatka

54. Since the early 1990s, fast and sophisticated Comint systems have been developed to collect, filter and analyse the forms of fast digital communications used by the Internet. Because most of the world's Internet capacity lies within the United States or connects to the United States, many communications in "cyberspace" will pass through intermediate sites within the United States. Communications from Europe to and from Asia, Oceania, Africa or South America normally travel via the United States.

55. Routes taken by Internet "packets" depend on the origin and destination of the data, the systems through which they enter and leaves the Internet, and a myriad of other factors including time of day. Thus, routers within the western United States are at their most idle at the time when central European traffic is reaching peak usage. It is thus possible (and reasonable) for messages travelling a short distance in a busy European network to travel instead, for example, via Internet exchanges in California. It follows that a large proportion of international communications on the Internet will by the nature of the system pass through the United States and thus be readily accessible to NSA.

56.Standard Internet messages are composed of packets called "datagrams" . Datagrams include numbers representing both their origin and their destination, called "IP addresses". The addresses are unique to each computer connected to the Internet. They are inherently easy to identify as to country and site of origin and destination. Handling, sorting and routing millions of such packets each second is fundamental to the operation of major Internet centres. The same process facilitates extraction of traffic for Comint purposes.

57. Internet traffic can be accessed either from international communications links entering the United States, or when it reaches major Internet exchanges. Both methods have advantages. Access to communications systems is likely to be remain clandestine - whereas access to Internet exchanges might be more detectable but provides easier access to more data and simpler sorting methods. Although the quantities of data involved are immense, NSA is normally legally restricted to looking only at communications that start or finish in a foreign country. Unless special warrants are issued, all other data should normally be thrown away by machine before it can be examined or recorded.

58. Much other Internet traffic (whether foreign to the US or not) is of trivial intelligence interest or can be handled in other ways. For example, messages sent to "Usenet" discussion groups amounts to about 15 Gigabytes (GB) of data per day; the rough equivalent of 10,000 books. All this data is broadcast to anyone wanting (or willing) to have it. Like other Internet users, intelligence agencies have open source access to this data and store and analyse it. In the UK, the Defence Evaluation and Research Agency maintains a 1 Terabyte database containing the previous 90 days of Usenet messages. (35) A similar service, called "Deja News", is available to users of the World Wide Web (WWW). Messages for Usenet are readily distinguishable. It is pointless to collect them clandestinely.

59. Similar considerations affect the World Wide Web, most of which is openly accessible. Web sites are examined continuously by "search engines" which generate catalogues of their contents. "Alta Vista" and "Hotbot" are prominent public sites of this kind. NSA similarly employs computer "bots" (robots) to collect data of interest. For example, a New York web site known as JYA.COM (http://www.jya.com/crypto.htm) offers extensive public information on Sigint, Comint and cryptography. The site is frequently updated. Records of access to the site show that every morning it is visited by a "bot" from NSA's National Computer Security Centre, which looks for new files and makes copies of any that it finds. (36)

60. It follows that foreign Internet traffic of communications intelligence interest - consisting of e-mail, file transfers, "virtual private networks" operated over the internet, and some other messages - will form at best a few per cent of the traffic on most US Internet exchanges or backbone links. According to a former employee, NSA had by 1995 installed "sniffer" software to collect such traffic at nine major Internet exchange points (IXPs). (37) The first two such sites identified, FIX East and FIX West, are operated by US government agencies. They are closely linked to nearby commercial locations, MAE East and MAE West (see table). Three other sites listed were Network Access Points originally developed by the US National Science Foundation to provide the US Internet with its initial "backbone".
 

63. A joint NSA/CIA "Special CollectionService" manufactures equipment and trains personnel for covert collectionactivities One major device is a suitcase-sized computer processing system.ORATORY. ORATORY is in effect a miniaturised version of the Dictionarycomputers described in the next section, capable of selecting non-verbalcommunications of interest from a wide range of inputs, according to pre-programmedselection criteria. One major NSA supplier ("The IDEAS Operation") nowoffers micro-miniature digital receivers which can simultaneously processSigint data from 8 independent channels. This radio receiver is the sizeof a credit card. It fits in a standard laptop computer. IDEAS claim, reasonably,that their tiny card "performs functions that would have taken a rack fullof equipment not long ago".

     The "Watch List"

66. After the public revelation ofthe SHAMROCK interception programme, NSA Director Lt General Lew Allendescribed how NSA used "'watch lists" as an aid to watch for foreign activityof reportable intelligence interest".(41)"We have been providing details ... of any messages contained in the foreigncommunications we intercept that bear on named individuals or organisations.These compilations of names are commonly referred to as 'Watch Lists'",he said.(42)Until the 1970s, Watch List processing was manual. Analysts examined interceptedILC communications, reporting, "gisting" or analysing those which appearedto cover names or topics on the Watch List.

      New information about ECHELON sites and systems

67. It now appears that the systemidentified as ECHELON has been in existence for more than 20 years. Theneed for such a system was foreseen in the late 1960s, when NSA and GCHQplanned ILC satellite interception stations at Mowenstow and Yakima. Itwas expected that the quantity of messages intercepted from the new satelliteswould be too great for individual examination. According to former NSAstaff, the first ECHELON computers automated Comint processing at thesesites.(43)

68. NSA and CIA then discovered thatSigint collection from space was more effective than had been anticipated,resulting in accumulations of recordings that outstripped the availablesupply of linguists and analysts. Documents show that when the SILKWORTHprocessing systems was installed at Menwith Hill for the new satellites,it was supported by ECHELON 2 and other databanks (see illustration).

69. By the mid 1980s, communicationsintercepted at these major stations were heavily sifted, with a wide varietyof specifications available for non-verbal traffic. Extensive further automationwas planned in the mid 1980s as NSA Project P-415. Implementation of thisproject completed the automation of the previous Watch List activity. From1987 onwards, staff from international Comint agencies travelled to theUS to attended training courses for the new computer systems.

70. Project P-415/ECHELON made heavyuse of NSA and GCHQ's global Internet-like communication network to enableremote intelligence customers to task computers at each collection site,and receive the results automatically. The key component of the systemare local "Dictionary" computers, which store an extensive database onspecified targets, including names, topics of interest, addresses, telephonenumbers and other selection criteria. Incoming messages are compared tothese criteria; if a match is found, the raw intelligence is forwardedautomatically. Dictionary computers are tasked with many thousands of differentcollection requirements, described as "numbers" (four digit codes).

71. Tasking and receiving intelligencefrom the Dictionaries involves processes familiar to anyone who has usedthe Internet. Dictionary sorting and selection can be compared to usingsearch engines, which select web pages containing key words or terms andspecifying relationships. The forwarding function of the Dictionary computersmay be compared to e-mail. When requested, the system will provide listsof communications matching each criterion for review, analysis, "gisting"or forwarding. An important point about the new system is that before ECHELON,different countries and different stations knew what was being interceptedand to whom it was sent. Now, all but a fraction of the messages selectedby Dictionary computers at remote sites are forwarded to NSA or other customerswithout being read locally.
 

List of intelligence databanks operating at ECHELON Menwith Hill in 1979 included the second generation of ECHELON	Satellite interception site at Sugar Grove, West Virginia, showing six antennae targeted on European and Atlantic Ocean regional communications satellites

74. An upgraded system called TIMBERLINEII, was installed at Sugar Grove in the summer of 1990. At the same time,according to official US documents, an "ECHELON training department" wasestablished.(47)With training complete, the task of the station in 1991 became "to maintainand operate an ECHELON site".(48)

75. The US Air Force has publicly identifiedthe intelligence activity at Sugar Grove: its "mission is to direct satellitecommunications equipment [in support of] consumers of COMSAT information... This is achieved by providing a trained cadre of collection systemoperators, analysts and managers".(49)In 1990, satellite photographs showed that there were 4 satellite antennaeat Sugar Grove. By November 1998, ground inspection revealed that thishad expanded to a group of 9.

77. Canadian Defence Forces have publisheddetails about staff functions at the Leitrim field station of the CanadianSigint agency CSE. The station, near Ottawa, Ontario has four satelliteterminals, erected since 1984. The staff roster includes seven CommunicationsSatellite Analysts, Supervisors and Instructors.(51)

78. In a publicly available resume,a former Communication Satellite Analyst employed at Leitrim describeshis job as having required expertise in the "operation and analysis ofnumerous Comsat computer systems and associated subsystems ... [utilising]computer assisted analysis systems ... [and] a broad range of sophisticatedelectronic equipment to intercept and study foreign communications andelectronic transmissions.(52)Financial reports from CSE also indicate that in 1995/96, the agency plannedpayments of $7 million to ECHELON and $6 million to Cray (computers). Therewere no further details about ECHELON.(53)

81. Fax messages and computer data(from modems) are given priority in processing because of the ease withwhich they are understood and analysed. The main method of filtering andanalysing non-verbal traffic, the Dictionary computers, utilise traditionalinformation retrieval techniques, including keywords. Fast special purposechips enable vast quantities of data to be processed in this way. The newesttechnique is "topic spotting". The processing of telephone calls is mainlylimited to identifying call-related information, and traffic analysis.Effective voice "wordspotting" systems do not exist are not in use, despitereports to the contrary. But "voiceprint" type speaker identification systemshave been in use since at least 1995. The use of strong cryptography isslowly impinging on Comint agencies' capabilities. This difficulty forComint agencies has been offset by covert and overt activities which havesubverted the effectiveness of cryptographic systems supplied from and/orused in Europe.

82. The conclusions drawn in the annexeare that Comint equipment currently available has the capability, as tasked,to intercept, process and analyse every modern type of high capacity communicationssystem to which access is obtained, including the highest levels of theInternet. There are few gaps in coverage. The scale, capacity and speedof some systems is difficult fully to comprehend. Special purpose systemshave been built to process pager messages, cellular mobile radio and newsatellites.
 

85. Since 1993, unknown to Europeanparliamentary bodies and their electors, law enforcement officials frommany EU countries and most of the UKUSA nations have been meeting annuallyin a separate forum to discuss their requirements for intercepting communications.These officials met under the auspices of a hitherto unknown organisation,ILETS (International Law Enforcement Telecommunications Seminar). ILETSwas initiated and founded by the FBI. Table 2 lists ILETS meetings heldbetween 1993 and 1997.

86. At their 1993 and 1994 meetings,ILETS participants specified law enforcement user requirements for communicationsinterception. These appear in a 1974 ILETS document called "IUR 1.0". Thisdocument was based on an earlier FBI report on "Law Enforcement Requirementsfor the Surveillance of Electronic Communications", first issued in July1992 and revised in June 1994. The IUR requirement differed little in substancefrom the FBI's requirements but was enlarged, containing ten requirementsrather than nine. IUR did not specify any law enforcement need for "keyescrow" or "key recovery". Cryptography was mentioned solely in the contextof network security arrangements.

87. Between 1993 and 1997 police representativesfrom ILETS were not involved in the NSA-led policy making process for "keyrecovery", nor did ILETS advance any such proposal, even as late as 1997.Despite this, during the same period the US government repeatedly presentedits policy as being motivated by the stated needs of law enforcement agencies.At their 1997 meeting in Dublin, ILETS did not alter the IUR. It was notuntil 1998 that a revised IUR was prepared containing requirements in respectof cryptography. It follows from this that the US government misled EUand OECD states about the true intention of its policy.

88. This US deception was, however,clear to the senior Commission official responsible for information security.In September 1996, David Herson, head of the EU Senior Officers' Groupon Information Security, stated his assessment of the US "key recovery"project :

91. Following the third ILETS meetingin Canberra in 1995, the Australian government was asked to present theIUR to International Telecommunications Union (ITU). Noting that "law enforcementand national security agencies of a significant number of ITU member stateshave agreed on a generic set of requirements for legal interception", theAustralian government asked the ITU to advise its standards bodies to incorporatethe IUR requirements into future telecommunications systems on the basisthat the "costs of [providing] legal interception capability and associateddisruptions can be lessened by providing for that capability at the designstage".(58)

92. It appears that ILETS met againin 1998 and revised and extended its terms to cover the Internet and SatellitePersonal Communications Systems such as Iridium. The new IUR also specified"additional security requirements for network operators and service providers",extensive new requirements for personal information about subscribers,and provisions to deal with cryptography.

93. On 3 September 1998, the revisedIUR was presented to the Police Co-operation Working Group as ENFOPOL 98.The Austrian Presidency proposed that, as in 1994, the new IUR be adoptedverbatim as a Council Resolution on interception "in respect of new technology".(59)The group did not agree. After repeated redrafting, a fresh paper has beenprepared by the German Presidency, for the eventual consideration of CouncilHome and Justice ministers.(60)
 

98. The nature of this intelligencesupport has been widely reported. "Former intelligence officials and otherexperts say tips based on spying ... regularly flow from the Commerce Departmentto U.S. companies to help them win contracts overseas.(65)The Office of Executive Support provides classified weekly briefings tosecurity officials. One US newspaper obtained reports from the CommerceDepartment demonstrating intelligence support to US companies:

100. In Australia, commercially relevantComint is passed by DSD to the Office of National Assessments, who considerwhether, and if so where, to disseminate it. Staff there may pass informationto Australian companies if they believe that an overseas nation has orseeks an unfair trade advantage. Targets of such activity have includedThomson-CSF, and trade negotiations with Japanese purchasers of coal andiron ore. Similar systems operate in the other UKUSA nations, Canada andNew Zealand.

107. Even where access is readily available(such as to COMSATs), the proliferation of new systems will limit collectionactivities, partly because budgetary constraint will restrict new deployments,and partly because some systems (for example, Iridium) cannot be accessedby presently available systems.

108. In the past 15 years the substantialtechnological lead in computers and information technology once enjoyedby Comint organisations has all but disappeared. Their principal computersystems are bought "off the shelf" and are the equal of or even inferiorto those used by first rank industrial and academic organisations. Theydiffer only in being "TEMPEST shielded", preventing them emitting radiosignals which could be used to analyse Sigint activity.

109. Communications intelligence organisationsrecognise that the long war against civil and commercial cryptography hasbeen lost. A thriving academic and industrial community is skilled in cryptographyand cryptology. The Internet and the global marketplace have created afree flow in information, systems and software. NSA has failed in its missionto perpetuate access by pretending that that "key escrow" and like systemswere intended to support law enforcement (as opposed to Comint) requirements.

110. Future trends in Comint are likelyto include limits on investment in Comint collection from space; greateruse of human agents to plant collection devices or obtain codes than inthe past; and an intensified effort to attack foreign computer systems,using the Internet and other means (in particular, to gain access to protectedfiles or communications before they are encrypted).

111. Attempts to restrict cryptographyhave nevertheless delayed the large-scale introduction of effective cryptographicsecurity systems. The reduced cost of computational power has also enabledComint agencies to deploy fast and sophisticated processing and sortingtools.

112. Recent remarks to CIA veteransby the head of staff of the US House of Representatives Permanent SelectCommittee on Intelligence, ex CIA officer John Millis illustrate how NSAviews the same issues:

"Signals intelligence is in acrisis. ... Over the last fifty years ... In the past, technology has beenthe friend of NSA, but in the last four or five years technology has movedfrom being the friend to being the enemy of Sigint.

The media of telecommunicationsis no longer Sigint-friendly. It used to be. When you were doing RF signals,anybody within range of that RF signal could receive it just as clearlyas the intended recipient. We moved from that to microwaves, and peoplefigured out a great way to harness that as well. Well, we're moving tomedia that are very difficult to get to.

Encryption is here and it's goingto grow very rapidly. That is bad news for Sigint ... It is going to takea huge amount of money invested in new technologies to get access and tobe able to break out the information that we still need to get from Sigint".

1.  The 1998 Parliamentary resolutionon "Transatlantic relations/ECHELON system"(73)called for "protective measures concerning economic information and effectiveencryption". Providing such measures may be facilitated by developing anin-depth understanding of present and future Comint capabilities.

2.  At the technical level, protectivemeasures may best be focused on defeating hostile Comint activity by denyingaccess or, where this is impractical or impossible, preventing processingof message content and associated traffic information by general use ofcryptography.

3.  As the SOGIS group withinthe Commission has recognised,(74)the contrasting interests of states is a complex issue. Larger states havemade substantial investments in Comint capabilities. One member state isactive in the UKUSA alliance, whilst others are either "third parties"to UKUSA or have made bilateral arrangements with NSA. Some of these arrangementswere a legacy of the cold war; others are enduring. These issues createinternal and international conflicts of interest. Technical solutions arenot obvious. It should be possible to define a shared interest in implementingmeasures to defeat future external Comint activities directed against Europeanstates, their citizens and commercial activities.

4.  A second area of apparentconflict concerns states' desires to provide communications interceptionfor legitimate law enforcement purposes. The technical and legal processesinvolved in providing interception for law enforcement purpose differ fundamentallyfrom those used in communications intelligence. Partly because of the lackof parliamentary and public awareness of Comint activities, this distinctionis often glossed over, particularly by states that invest heavily in Comint.Any failure to distinguish between legitimate law enforcement interceptionrequirements and interception for clandestine intelligence purposes raisesgrave issues for civil liberties. A clear boundary between law enforcementand "national security" interception activity is essential to the protectionof human rights and fundamental freedoms.

5.  At the present time, Internetbrowsers and other software used in almost every personal computer in Europeis deliberately disabled such that "secure" communications they send can,if collected, be read without difficulty by NSA. US manufacturers are compelledto make these arrangements under US export rules. A level playing fieldis important. Consideration could be given to a countermeasure whereby,if systems with disabled cryptographic systems are sold outside the UnitedStates, they should be required to conform to an "open standard" such thatthird parties and other nations may provide additional applications whichrestore the level of security to at least enjoyed by domestic US customers.

6.  The work of ILETS has proceededfor 6 years without the involvement of parliaments, and in the absenceof consultation with the industrial organisations whose vital intereststheir work affects. It is regrettable that, prior to the publication ofthis report, public information has not been available in states aboutthe scope of the policy-making processes, inside and outside the EU, whichhave led to the formulation of existing and new law enforcement "user requirements".As a matter of urgency, the current policy-making process should be madeopen to public and parliamentary discussion in member states and in theEP, so that a proper balance may be struck between the security and privacyrights of citizens and commercial enterprises, the financial and technicalinterests of communications network operators and service providers, andthe need to support law enforcement activities intended to suppress seriouscrime and terrorism.
 

Technical annexe

Broadband (high capacity multi-channel) communications

2. Digital communications have almostuniversally taken over from analogue methods. The basic system of digitalmulti-channel communications is time division multiplexing (TDM). In aTDM telephony system, the individual conversational channels are firstdigitised. Information concerning each channel is then transmitted sequentiallyrather than simultaneously, with each link occupying successive time "slots".

3. Standards for digital communicationsevolved separately within Europe and North America. In the United States,the then dominant public network carrier (the Bell system, run by AT&T)established digital data standards. The basic building block, a T-1 link,carries the equivalent of 24 telephone channels at a rate of 1.544 Mbps.Higher capacity systems operate at greater data transmission rates Thus,the highest transmission rate, T-5, carries the equivalent of 8,000 speechchannels at a data rate of 560 Mbps.

4. Europe adopted a different frameworkfor digital communications, based on standards originally agreed by theCEPT. The basic European standard digital link, E-1, carries 30 telephonechannels at a data rate of 2 Mbps. Most European telecommunications systemsare based on E-1 links or (as in North America), multiples thereof. Thedistinction is significant because most Comint processing equipment manufacturedin the United States is designed to handle intercepted communications workingto the European forms of digital communications.

5. Recent digital systems utilise synchronisedsignals carried by very high capacity optical fibres. Synchronising signalsenables single channels to be easily extracted from high capacity links.The new system is known in the US as the synchronous optical network (SONET),although three equivalent definitions and labels are in use.(75)

7. Both companies include senior ex-NSAstaff as directors. When not explicitly stated, their products can be identifiedas intended for Sigint by virtue of being "TEMPEST screened". AST statesgenerally that its "equipment is used for signal reconnaissance of foreigntelecommunications by the United States government". One leading cryptographerhas aptly and and engagingly described AST as a "one-stop ECHELON shop".

9. A newly intercepted communicationssatellite or data link can be analysed using the AST Model 196 "Transpondercharacterisation system". Once its basic communications structure has beenanalysed, the Model 195 "Wideband snapshot analyser", also known as SNAPPER,can record sample data from even the highest capacity systems, sufficientto analyse communications in minute detail. By the start of 1999, operatingin conjunction with the Model 990 "Flexible Data Acquisition Unit", thissystems was able to record, playback and analyse at data rates up to 2.488Gbps (SONET OC-48). This is 16 times faster than the largest backbone linksin general use on the Internet; larger than the telephony capacity of anycurrent communications satellite; and equivalent to 40,000 simultaneoustelephone calls. It can be fitted with 48 Gbyte of memory (500-1000 timeslarger than found in an average personal computer), enabling relativelylengthy recordings of high-speed data links. The 2.5 Gbps capacity of asingle SNAPPER unit exceeds the current daily maximum data rate found ona typical large Internet exchange.(77)

10. Both AST and IDEAS offer a widerange of recorders, demultiplexers, scanners and processors, mostly designedto process European type (CEPT) E-1, E-3 (etc) signals at data rates ofup to 160 Mbps. Signals may be recorded to banks of high-speed tape recorders,or into high capacity "RAID"(78)hard disk networks. Intercepted optical signals can be examined with theAST Model 257E "SONET analyser".

11. Once communications links havebeen analysed and broken down to their constituent parts, the next stageof Comint collection involves multi-channel processors which extract andfilter messages and signals from the desired channels. There are threebroad categories of interest: "voice grade channels", normally carryingtelephony; fax communications; and analogue data modems. A wide selectionof multi-channel Comint processors are available. Almost all of them separatevoice, fax and data messages into distinct "streams" for downstream processingand analysis.

12. The AST Model 120 multi-channelprocessor - used by NSA in different configurations known as STARQUAKE,COBRA and COPPERHEAD - can handle 1,000 simultaneous voice channels andautomatically extract fax, data and voice traffic. Model 128, larger still,can process 16 European E-3 channels (a data rate of 500 Mbps) and extract480 channels of interest. The 1999 giant of AST's range, the Model 132"Voice Channel Demultiplexer", can scan up to 56,700 communications channels,extracting more than 3,000 voice channels of interest. AST also providesSigint equipment to intercept low capacity VSAT(79)satellite services used by smaller businesses and domestic users. Thesesystems can be intercepted by the AST Model 285 SCPS processor, which identifiesand extracts up to 48 channels of interest, distinguished between voice,fax and data.

13. According to US government publications,an early Wideband Extraction system was installed at NSA's Vint Hill Farmsfield station in 1970, about the time that systematic COMSAT interceptioncollection began. That station is now closed. US publications identifythe NSA/CSS Regional Sigint Operations Centre at San Antonio, Texas, asa site currently providing a multi-channel Wideband Extraction service.

15. High-speed data systems can alsobe passed to AST's TRAILMAPPER software system, which works at a data rateof up to 2.5 Gbps. It can interpret and analyse every type of telecommunicationssystem, including European, American and optical standards. TRAILMAPPERappears to have been designed with a view to analysing ATM (asynchronoustransfer mode) communications. ATM is a modern, high-capacity digital communicationssystem. It is better suited than standard Internet connections to carryingmultimedia traffic and to providing business with private networks (VPN,LAN or WAN). TRAILMAPPER will identify and characterise such business networks.

16. In the next stage downstream, interceptedsignals are processed according to whether they are voice, fax or data.AST's "Data Workstation" is designed to categorise all aspects of datacommunications, including systems for handling e-mail or sending fileson the Internet.(81)Although the very latest modem systems (other than ISDN) are not includedin its advertised specification, it is clear from published research thatAST has developed the technology to intercept and process the latest datacommunications systems used by individuals and business to access the Internet.(82)The Data Workstation can stored and automatically process 10,000 differentrecorded signals.

17. Fax messages are processed by AST's Fax Image Workstation. This is described as a "user friendly, interactive analysis tool for rapid examination images stored on disk. Although not mentioned in AST's literature, standard fax pre-processing for Dictionary computers involves automatic "optical character recognition" (OCR) software. This turns the typescript into computer readable (and processable) text. The effectiveness of these systems makes fax-derived Comint an important collection subsystem. It has one drawback. OCR computer systems that can reliably recognise handwriting do not exist. No one knows how to design such a system. It follows that, perversely, hand-written fax messages may be a secure form of communication that can evade Dictionary surveillance criteria, provided always that the associated "signal related information" (calling and receiving fax numbers) have not been recognised as being of interest and directed to a Fax Image Workstation.

18. AST also make a "Pager Identificationand Message Extraction" system which automatically collects and processesdata from commercial paging systems. IDEAS offer a Video TeleconferencingProcessor that can simultaneously view or record two simultaneous teleconferencingsessions. Sigint systems to intercept cellular mobile phone networks suchas GSM are not advertised by AST or IDEAS, but are available from otherUS contractors. The specifications and ready availability of such systemsindicate how industrialised and pervasive Comint has became. It has movedfar from the era when (albeit erroneously), it was publicly associatedonly with monitoring diplomatic or military messages.

20. Whenever machine readable communicationsare available, keyword recognition is fundamental to Dictionary computers,and to the ECHELON system. The Dictionary function is straightforward.Its basic mode of operation is akin to web search engines. The differencesare of substance and of scale. Dictionaries implement the tasking of theirhost station against the entire mass of collected communications, and automatethe distribution of selected raw product.

21. Advanced systems have been developedto perform very high speed sorting of large volumes of intercepted information.In the late 1980s, the manufacturers of the RHYOLITE Sigint satellites,TRW, designed and manufactured a Fast Data Finder (FDF) microchip for NSA.The FDF chip was declassified in 1972 and made available for commercialuse by a spin-off company, Paracel. Since then Paracel has sold over 150information filtering systems, many of them to the US government. Paraceldescribes its current FDF technology as the "fastest, most accurate adaptivefiltering system in the world":

22. A lower capacity system, the PRP-9800 Pattern Recognition Processor, is manufactured by IDEAS. This is a computer card which can be fitted to a standard PC. It can analyse data streams at up to 34 Mbps (the European E-3 standard), matching every single bit to more than 1000 pre-selected patterns.

23. Powerful though Dictionary methods and keyword search engines may be, however, they and their giant associated intelligence databases may soon seem archaic. Topic analysis is a more powerful and intuitive technique, and one that NSA is developing and promoting with confidence. Topic analysis enables Comint customers to ask their computers to "find me documents about subject X". X might be "Shakespeare in love" or "Arms to Iran".

24. In a standard US test used to evaluate topic analysis systems, (83) one task the analysis program is given is to find information about "Airbus subsidies". The traditional approach involves supplying the computer with the key terms, other relevant data, and synonyms. In this example, the designations A-300 or A-320 might be synonymous with "Airbus". The disadvantage of this approach is that it may find irrelevant intelligence (for example, reports about export subsidies to goods flown on an Airbus) and miss relevant material (for example a financial analysis of a company in the consortium which does not mention the Airbus product by name). Topic analysis overcomes this and is better matched to human intelligence.

25. The main detectable thrust of NSA research on topic analysis centres on a method called N-gram analysis. Developed inside NSA's Research group - responsible for Sigint automation - N-gram analysis is a fast, general method of sorting and retrieving machine-readable text according to language and/or topic. The N-gram system is claimed to work independently of the language used or the topic studied. NSA patented the method in 1995.(84)

26. To use N-gram analysis, the operator ignores keywords and defines the enquiry by providing the system with selected written documents concerning the topic of interest. The system determines what the topic is from the seed group of documents, and then calculates the probability that other documents cover the same topic. In 1994, NSA made its N-gram system available for commercial exploitation. NSA's research group claimed that it could be used on "very large data sets (millions of documents)", could be quickly implemented on any computer system and that it could operate effectively "in text containing a great many errors (typically 10-15% of all characters)".

27. According to former NSA Director William Studeman, "information management will be the single most important problem for the (US) Intelligence Community" in the future. (85) Explaining this point in 1992, he described the type of filtering involved in systems like ECHELON:

The "Data Workstation" Comint software system analyses up to 10,000 recorded messages, identifying Internet traffic, e-mail messages and attachments

29. The problem is that for Comint applications, unlike personal computer dictation products, speech recognition systems have to operate in a multi-speaker, multi-language environment where numerous previously never heard speakers may each feature physiological differences, dialect variations, and speech traits. Commercial PC systems usually require one or more hours of training in order reliably to recognise a single speaker. Even then, such systems may mistranscribe 10% or more of the words spoken.

30. In PC dictation applications, the speaker can correct mistranscriptions and continually retrain the recognition system, making a moderate error rate acceptable. For use in Comint, where the interception system has no prior knowledge of what has been said (or even the language in use), and has to operate in the poorer signal environment of a telephone speech channel, such error rates are unachievable. Worse still, even moderate error rates can make a keyword recognition system worthless by generating both false positive outputs (words wrongly identified as keywords) and false negative outputs (missing genuine keywords).

31. This study has found no evidence that voice keyword recognition systems are currently operationally deployed, nor that they are yet sufficiently accurate to be worth using for intelligence purposes.

33. At about the same time, (February 1990), the Canadian Sigint organisation CSE awarded a Montreal-based computer research consultancy the first of a series of contracts to develop a Comint wordspotting system. (88) The goal of the project was to build a word-spotter that worked well even for noisy calls. Three years later, CRIM reported that "our experience has taught us that, regardless of the environmental conditions, wordspotting remains a difficult problem". The key problem, which is familiar to human listeners, is that a single word heard on its own can easily be misinterpreted, whereas in continuous speech the meaning may be deduced from surrounding words. CRIM concluded in 1993 that "it is probable that the most effective way of building a reliable wordspotter is to build a large vocabulary continuous speech recognition (CSR) system".

34. Continuous speech recognition softwareworking in real time needs a powerful fast, processor. Because of the lackof training and the complex signal environment found in intercepted telephonecalls, it is likely that even faster processors and better software thanused in modern PCs would yield poorer results than are now provided bywell-trained commercial systems. Significantly, an underlying problem isthat voice keyword recognition is, as with machine-readable messages, animperfect means to the more useful intelligence goal - topic spotting.

35. In 1993, having failed to builda workable wordspotter, CRIM suggesting "bypassing" the problem and attemptinginstead to develop a voice topic spotter. CRIM reported that "preliminaryexperiments reported at a recent meeting of American defense contractors... indicate that this may in fact be an excellent approach to the problem".They offered to produce an "operational topic spotting" system by 1995.They did not succeed. Four years later, they were still experimenting onhow to built a voice topic spotter.(89)They received a further research contract. One method CRIM proposed wasNSA's N-gram technique.

37. In 1995, widely quoted reportssuggested that NSA speaker identification had been used to help capturethe drug cartel leader Pablo Escobar. The reports bore strong resemblanceto a novel by Tom Clancy, suggesting that the story may have owed moreto Hollywood than high tech. In 1997, the Canadian CRE awarded a contractto another researcher to develop "new retrieval algorithms for speech characteristicsused for speaker identification", suggesting this method was not by thena fully mature technology. According to Sigint staff familiar with thecurrent use of Dictionary, it can be programmed to search to identify particularspeakers on telephone channels. But speaker identification is still nota particularly reliablr or effective Comint technique.(90)

38. In the absence of effective wordspottingor speaker identification techniques, NSA has sought alternative meansof automatically analysing telephone communications. According NSA's classificationguide, other techniques examined include Speech detection - detecting thepresence or absence of speech activity; Speaker discrimination - techniquesto distinguish between the speech of two or more speakers; and Readabilityestimation - techniques to determine the quality of speech signals. Systemdescriptions must be classified "secret" if NSA "determines that they representmajor advances over techniques known in the research community".(91)

40. NSA arranged to rig encryptionsystems sold by Crypto AG, enabling UKUSA agencies to read the coded diplomaticand military traffic of more than 130 countries. NSA's covert interventionwas arranged through the company's owner and founder Boris Hagelin, andinvolved periodic visits to Switzerland by US "consultants" working forNSA. One was Nora L MacKabee, a career NSA employee. A US newspaper obtainedcopies of confidential Crypto AG documents recording Ms Mackebee's attendanceat discussion meetings in 1975 to design a new Crypto AG machine".(92)

41. The purpose of NSA's interventionswere to ensure that while its coding systems should appear secure to othercryptologists, it was not secure. Each time a machine was used, its userswould select a long numerical key, changed periodically. Naturally userswished to selected their own keys, unknown to NSA. If Crypto AG's machineswere to appear strong to outside testers, then its coding system shouldwork, and actually be strong. NSA's solution to this apparent condundrumwas to design the machine so that it broadcast the key it was using tolisteners. To prevent other listeners recognising what was happening, thekey too had also to be sent in code - a different code, known only to NSA.Thus, every time NSA or GCHQ intercepted a message sent using these machines,they would first read their own coded part of the message, called the "hilfsinformationen"(help information field) and extract the key the target was using. Theycould then read the message itself as fast or even faster than the intendedrecipient(93)

42. The same technique was re-usedin 1995, when NSA became concerned about cryptographic security systemsbeing built into Internet and E-mail software by Microsoft, Netscape andLotus. The companies agreed to adapt their software to reduce the levelof security provided to users outside the United States. In the case ofLotus Notes, which includes a secure e-mail system, the built-in cryptographicsystem uses a 64 bit encryption key. This provides a medium level of security,which might at present only be broken by NSA in months or years.

43. Lotus built in an NSA "help information"trapdoor to its Notes system, as the Swedish government discovered to itsembarrassment in 1997. By then, the system was in daily use for confidentialmail by Swedish MPs, 15,000 tax agency staff and 400,000 to 500,000 citizens.Lotus Notes incorporates a "workfactor reduction field" (WRF) into alle-mails sent by non US users of the system. Like its predecessor the CryptoAG "help information field" this device reduces NSA's difficulty in readingEuropean and other e-mail from an almost intractable problem to a few secondswork. The WRF broadcasts 24 of the 64 bits of the key used for each communication.The WRF is encoded, using a "public key" system which can only be readby NSA. Lotus, a subsidiary of IBM, admits this. The company told SvenskaDagbladet:

45. The use of powerful and effectiveencryption systems will increasingly restrict the ability of Comint agenciesto process collected intelligence. "Moore's law" asserts that the costof computational power halves every 18 months. This affects both the agenciesand their targets. Cheap PCs can now efficiently perform complex mathematicalcalculations need for effective cryptography. In the absence of new discoveriesin physics or mathematics Moore's law favours codemakers, not codebreakers.
 
 

Illustrations : D Campbell; US Air Force; IPTV Ltd; Stephen King; Charles V Pick; IPTV Ltd; Jim Bamford, GCHQ; US Navy; KGB/Russian Security Service; D Campbell.

Glossary and definitions
 

2."An appraisal of the Technologies of Political Control", Steve Wright, Omega Foundation, European Parliament (STOA), 6 January 1998.

3."They've got it taped", Duncan Campbell, New Statesman, 12 August 1988. "Secret Power : New Zealand's Role in the International Spy Network", Nicky Hager, Craig Potton Publishing, PO Box 555, Nelson, New Zealand, 1996.

4.National Security Council Intelligence Directive No 6, National Security Council of the United States, 17 February 1972 (first issued in 1952).

5.SIGINT is currently defined as consisting of COMINT, ELINT (electronic or non-communications intelligence and FISINT (Foreign Instrumentation Signals Intelligence).

6.Statement by Martin Brady, Director of DSD, 16 March 1999. To be broadcast on the Sunday Programme, Channel 9 TV (Australia), May 1999.

7."Farewell", despatch to all NSA staff, William Studeman, 8 April 1992. The two business areas to which Studeman referred were "increased global access" and "SMO" (support to military operations).

8.Federalnoe Agenstvo Pravitelstvennoi Svyazi i Informatsii, the (Russian) Federal Agency for Government Communications and Information. FAPSI's functions extend beyond Comint and include providing government and commercial communications systems.

9.Private communications from former NSA and GCHQ employees.

10.Sensitive Compartmented Intelligence.

11.See note 1.

12. Private communications from former GCHQ employees; the US Act is the Foreign Intelligence Surveillance Act (FISA).

13. See note 6.

14. In 1919, US commercial cable companies attempted to resist British government demands for access to all cables sent overseas. Three cable companies testified to the US Senate about these practices in December 1920. In the same year, the British Government introduced legislation (the Official Secrets Act, 1920, section 4) providing access to all or any specified class of communications. The same power was recodified in 1985, providing lawful access for Comint purposes to all "external communications", defines as any communications which are sent from or received outside the UK (Interception of Communication Act 1984, Section 3(2)). Similar requirements on telecommunications operators are made in the laws of the other UKUSA countries. See also "Operation SHAMROCK", (section 3).

15."The Puzzle Palace", James Bamford, Houghton Mifflin, Boston, 1982, p331.

16.Personal communications from former NSA and GCHQ employees.

17."Dispatches : The Hill", transmitted by Channel 4 Television (UK), 6 October 1993. DODJOCC stood for Department of Defense Joint Operations Centre Chicksands.

18."The Justice Game", Geoffrey Robertson, Chapter 5, Chatto and Windus, London, 1998

19.Fink report to the House Committee on Government Operations, 1975, quoted in "NSA spies on the British government", New Statesman, 25 July 1980

20."Amerikanskiye sputniki radioelektronnoy razvedki na Geosynchronnykh orbitakh" ("American Geosynchronous SIGINT Satellites"), Major A Andronov, Zarubezhnoye Voyennoye Obozreniye, No.12, 1993, pps 37-43.

21."Space collection", in The US Intelligence Community (fourth edition), Jeffrey Richelson, Westview, Boulder, Colorado, 1999, pages 185-191.

22.See note 18.

23.Richelson, op cit.

24."UK Eyes Alpha", Mark Urban, Faber and Faber, London, 1996, pps 56-65.

25.Besides the stations mentioned, a major ground station whose targets formerly included Soviet COMSATs is at Misawa, Japan. Smaller ground stations are located at Cheltenham, England; Shoal Bay, Australia.

26."Sword and Shield : The Soviet Intelligence and Security Apparatus", Jeffrey Richelson, Ballinger, Cambridge, Massachusetts, 1986.

27."Les Français aussi écoutent leurs allies", Jean Guisnel, Le Point, 6 June 1998.

28.Intelligence (Paris), 93, 15 February 1999, p3.

29."Blind mans Bluff : the untold story of American submarine espionage", Sherry Sontag and Christopher Drew, Public Affairs, New York, 1998.

30.Ibid.

31.Ibid

32.A specimen of the IVY BELLS tapping equipment is held in the former KGB museum in Moscow. It was used on a cable running from Moscow to a nearby scientific and technical institution.

33.TCP/IP. TCP/IP stands for Terminal Control Protocol/Internet Protocol. IP is the basic network layer of the Internet.

34. GCHQ website at http://www.gchq.gov.uk/technol.html

35.Personal communication from DERA. A Terabyte is one thousand Gigabytes, i.e., 1012 bytes.

36.Personal communication from John Young.

37."Puzzle palace conducting internet surveillance", Wayne Madsen, Computer Fraud and Security Bulletin, June 1995.

38.Ibid.

39."More Naked Gun than Top Gun", Duncan Campbell, Guardian, 26 November 1997.

40."Spyworld", Mike Frost and Michel Gratton, Doubleday Canada, Toronto, 1994.

41.The National Security Agency and Fourth Amendment Rights, Hearings before the Select Committee to Study Government Operations with Respect to Intelligence Activitities, US Senate, Washington, 1976.

42.Letter from, Lt Gen Lew Allen, Director of NSA to US Attorney General Elliot Richardson, 4 October 1973; contained in the previous document.

43.Private communication.

44.World in Action, Granada TV.

45.This arrangements appears to be an attempt to comply with legal restrictions in the Interception of Communications Act 1985, which prohibit GCHQ from handling messages except those identified in government "certificates" which "describe the intercepted material which should be examined". The Act specifies that "so much of the intercepted material as is not certified by the certificate is not [to be] read, looked at or listened to by any person". It appears from this that, although all messages passing through the United Kingdom are intercepted and sent to GCHQ's London office, the organisation considers that by having British Telecom staff operate the Dictionary computer, it is still under the control of the telecommunications network operator unless and until it is selected by the Dictionary and passes from BT to GCHQ.

46.Private communications.

47."Naval Security Group Detachment, Sugar Grove History for 1990", US Navy, 1 April 1991.

48.Missions, functions and tasks of Naval Security Group Activity (NAVSECGRUACT) Sugar Grove, West Virginia", NAVSECGRU INSTRUCTION C5450.48A, 3 September 1991.

49.Report on tasks of Detachment 3 , 544 Air Intelligence Group, Air Intelligence Agency Almanac, US Air Force, 1998-99.

50.Ibid, Detachment 2, 544 Air Intelligence Group.

51.Information obtained by Bill Robinson, Conrad Grebel College, Waterloo, Ontario. CDF and CFS documents were obtained under the Freedom of Information Act, or published on the World Wide Web.

52.Career resume of Patrick D Duguay, published at: http://home.istar.ca/~pdduguay/resume.htm

53.CSE Financial Status Report, 1 March 1996, released under the Freedom of Information Act. Further details about "ECHELON" were not provided. It is therefore ambiguous as to whether the expenditure was intended for the ECHELON computer system, or for different functions (for example telecommunications or power services).

54."Secret Power", op cit.

55.Twenty/Twenty, TV3 (New Zealand), October 1999.

56.Interview with David Herson, Head of Senior Officers' Group on Information Security, EU, by staff of Engineering Weekly (Denmark), 25 September 1996. Published at http://www.ing.dk/arkiv/herson.htm

57.Council Resolution on the Lawful Interception of Telecommunications, 17 January 1995, (96C_329/01)

58."International Harmonisation of Technical Requirements for Legal Interception of Telecommunications", Resolution 1115, Tenth Plenary meeting of the ITU Council, Geneva, 27 June 1997.

59.ENFOPOL 98, Draft Resolution of the Council on Telecommunications Interception in respect of New Technology. Submitted by the Austrian Presidency. Brussels, 3 September 1998.

60.ENFOPOL 19, 13 March 1999.

61.European Parliament, 14 September 1998.

62."Uncle Sam's Eavesdroppers", Close Up North, BBC North, 3 December 1998; reported in "Star Wars strikes back", Guardian, 3 December 1998

63."Dispatches : The Hill", Channel 4 Television (UK), 6 October 1993

64.Ibid.

65."Mixing business with spying; secret information is passed routinely to U.S.", Scott Shane, Baltimore Sun, 1 November 1996.

66."UK Eyes Alpha", op cit, p235.

67.Private communication.

68.See note 62.

69.Raytheon Corp press release: published at: http://www.raytheon.com/sivam/contract.html

70."America's Fortress of Spies", Scott Shane and Tom Bowman, Baltimore Sun 3 December 1995.

71."Company Spies", Robert Dreyfuss, Mother Jones, May/June 1994.

72.Financial Post, Canada, 28 February 1998.

73.European Parliament, 16 September 1998.

74.See note 56.

75.Equivalent communications may be known as Synchronous Transport Module (STM) signals within the Synchronous Digital Hierarchy (ITU standard); Synchronous Transport Signals (STS) within the US SONET system; or as Optical Carrier signals (OC).

76.The information about these Sigint systems has been drawn from open sources (only).

77.In April 199, the peak data rate at MAE West was less than 1.9 Gbps.

78.Redundant Arrays of Inexpensive Disks.

79.Very Small Aperture Terminal; SCPC is Single Channel Per Carrier.

80."Collected Signals Data Format"; defined in US Signals Intelligence Directive 126 and in NSA's CSDF manual. Two associated NSA publications providing further guidance are the Voice Processing Systems Data Element Dictionary and the Facsimile Data Element Dictionary, both issued in March 1997.

81.The Data Workstation processes TCP/IP, PP, SMTP, POP3, MIME, HDLC, X.25, V.100, and modem protocols up to and including V.42 (see glossary).

82."Practical Blind Demodulators for high-order QAM signals", J R Treichler, M G Larimore and J C Harp, Proc IEEE, 86, 10, 1998, p1907. Mr Treichler is technical director of AST. The paper describes a system used to intercept multiple V.34 signals, extendable to the more recent protocols.

83.The tasks were set in the second Text Retrieval conference(TREC) organised by the ARPA and the US National Institute of Science and Technology (NIST), Gaithersburg, Maryland. The 7th annual TREC conference took place in Maryland in 1999.

84."Method of retrieving documents that concern the same topic"; US Patent number 5418951, issued 23 May 1995; inventor, Marc Damashek; rights assigned to NSA.

85.Address to the Symposium on "National Security and National Competitiveness : Open Source Solutions" by Vice Admiral William Studeman, Deputy Director of Central Intelligence and former director of NSA, 1 December 1992, McLean, Virginia.

86.For example, IBM Via Voice, Dragon Naturally Speaking, Lemout and Hauspe Voice Xpress.

87."A Hidden Markov Model based keyword recognition system", R.C.Rose and D.B.Paul, Proceedings of the International Conference on Accoustics, Speech and Signal processing, April 1990.

88.Centre de Recherche Informatique de Montreal.

89."Projet detection des Themes", CRIM, 1997; published at http://www.crim.ca/adi/projet2.html.

90.Private communication.

91.NSA/CSS Classification Guide, NSA, revised 1 April 1983.

92."Rigging the game: Spy Sting", Tom Bowman, Scott Shane, Baltimore Sun, 10 December 1995.

93."Wer ist der Befugte Vierte?", Der Spiegel, 36, 1996, pp. 206-7.

94."Secret Swedish E-Mail Can Be Read by the U.S.A", Fredrik Laurin, Calle Froste, Svenska Dagbladet, 18 November 1997.