NSA ‘Time Machine’ Can Spy on Phone Conversations of Americans Abroad

Jacquelyn Martin/AP

AA Font size + Print

A newly disclosed NSA program can collect ‘100 percent’ of a foreign country’s calls, including from Americans living and working there. Dustin Volz

A top-secret surveillance program housed at the National Security Agency allows agents to listen in to the entirety of an unnamed foreign country’s telephone conversations that have taken place within the past month, including those for people not suspected of any wrongdoing, according to new documents from Edward Snowden published Tuesday.

The program, known as MYSTIC, was formed in 2009 and deploys a “retrospective retrieval” tool that allows agents to rewind and play back phone conversations that occurred in the past 30 days, according to a new report in The Washington Post. One official described this “RETRO” tool—for “retrospective retrieval”—as a “time machine” that opens a door “into the past,” allowing a replay of the voices on any given call, without the need for prior identification of the person on the line.

Though the program is used in an unknown foreign country (which The Post has refrained from identifying at the request of U.S. officials) and not domestically, the NSA has considered expanding it to other countries—and U.S. citizens are not exempt from the data collection. 

Ubiquitous voice surveillance, even overseas, pulls in a great deal of content from Americans who telephone, visit, and work in the target country,” The Post reports. “Present and former U.S. officials … acknowledged that large numbers of conversations involving Americans would be gathered from the country where RETRO operates.”

This is the first known NSA program to capture an entire nation’s telephone network, a new revelation that will likely surprise some spying experts and further stoke the roiling international debate over the proper role of government surveillance, which first ignited after Snowden’s initial disclosures last June.

In a statement to National Journal, the NSA said it “does not conduct signals intelligence collection in any country, or anywhere in the world, unless it is necessary to advance U.S. national security and foreign policy interests.”

As the president affirmed on 17 January, all persons—regardless of nationality—have legitimate privacy interests in the handling of their personal information,” an agency spokesperson said. “Accordingly, all of NSA’s operations must be strictly conducted under the rule of law with respect for the fact that routine communications and communications of national security interest increasingly transit the same networks.”

But the MYSTIC program, which is depicted in an internal agency slide by a cartoon wizard wielding a phone-topped staff, may be seen as violating President Obama’s promise that the government is “not spying on ordinary people who don’t threaten our national security,” as the surveillance does not require advance identification of the callers.

This type of indiscriminate collection of “every single” phone conversation could soon expand to a number of other foreign countries, if it hasn’t already, according to The Post. Last year’s secret “black budget” for the intelligence community named five additional countries in which the MYSTIC program provides “comprehensive metadata access and content.” A sixth was expected to be added in October.

The NSA’s phone-surveillance programs disclosed thus far have typically involved the bulk collection of metadata—that is, the phone numbers, call times, and call durations—and not the content of the conversation itself. The MYSTIC program’s ability to listen in on what is actually being said during a phone call appears to be unique.

Of the billions of calls recorded in the foreign country, less than one percent are analyzed, The Post reports. A “rolling buffer” is used to clear out calls more than 30 days old to make room for more recent conversations.

Close [ x ] More from DefenseOne
 
 

Thank you for subscribing to newsletters from DefenseOne.com.
We think these reports might interest you:

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    Download
  • Military Readiness: Ensuring Readiness with Analytic Insight

    To determine military readiness, decision makers in defense organizations must develop an understanding of complex inter-relationships among readiness variables. For example, how will an anticipated change in a readiness input really impact readiness at the unit level and, equally important, how will it impact readiness outside of the unit? Learn how to form a more sophisticated and accurate understanding of readiness and make decisions in a timely and cost-effective manner.

    Download
  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

    Download
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    Download
  • Information Operations: Retaking the High Ground

    Today's threats are fluent in rapidly evolving areas of the Internet, especially social media. Learn how military organizations can secure an advantage in this developing arena.

    Download

When you download a report, your information may be shared with the underwriters of that document.