By John Helmer, Moscow
It has been known for a long time that the British Government Communications Headquarters (GCHQ) has been intercepting millions of Russian telephone calls, SMS texts and internet traffic, along with the communications of other target nationals, including Americans and the British themselves. Older eavesdropping operations, such as ECHELON, have been documented by European Parliament investigations. More recent operations, such as PRISM and TEMPORA, have been confirmed by the former National Security Agency (NSA) contract agent, Edward Snowden, whose disclosures substantiate the methodology of surveillance, the range of data produced, targeting, sorting, and purported value.
ECHELON snooped on satellite traffic; PRISM on internet data from server companies; and TEMPORA, a telephone surveillance operation, tapped international fibre-optic cables. The signal collection stations are in all sorts of places, including the US, Puerto Rico, Cyprus, Japan, Germany, Canada, UK, and Australia. The Snowden material is up to two years old; the operations he has documented date from about 2007.
The Russian services, including FAPSI (the Federal Agency of Government Communications and Information), do much the same thing. The European Parliament report of July 2001 concluded: “Together with the stations available in Russia itself, global coverage is theoretically possible. However, here too, the information available is insufficient to draw any firm conclusions.” About China’s capabilities, the now 12-year old report knew even less.
So far Snowden has revealed nothing of novelty about Russia, although President Vladimir Putin’s spokesman implied earlier this month that he may know something of value yet to be disclosed about the Anglo-American targeting of Russian business, banking and military operations. Whether there will have been time for Snowden to discuss that on board Aeroflot, during his Sunday and Monday flights, or overnight in Moscow, is a secret that isn’t likely to leak.
If you are a Russian on a watch list because you are an oligarch; an officer or official of sensitive rank or expertise; a businessman in competition with British or American commercial interests; an inventor with something someone else wants; a suspected hitman, gangster, money launderer, or terrorist, your communications are tapped, probably by several domestic and foreign agencies all at once. According to the Guardian’s reporting, “the GCHQ mass tapping operation has been built up over five years …GCHQ and the NSA are consequently able to access and process vast quantities of communications between entirely innocent people, as well as targeted suspects. This includes recordings of phone calls, the content of email messages, entries on Facebook and the history of any internet user’s access to websites – all of which is deemed legal, even though the warrant system was supposed to limit interception to a specified range of targets.”
The Guardian has published excerpts of a presentation showing a colour-coded map of the world indicating which countries are least to most heavily targeted by the surveillance and interception programme called BOUNDLESS INFORMANT. The date of the map is March 2013.
Top of the pops (red) are Iran, Pakistan, Jordan, Egypt and India. The US and China are comparably coded orange. Russia appears to be between yellow and green. This still means that a lot of what the Guardian refers to as entirely innocent Russians are under foreign surveillance.
The Guardian refuses to reveal the volume of data interceptions reported for Russia, compared to the other countries on the map. The colour coding suggests that Russia is less intensively monitored by GCHQ and NSA than the US itself. But this measure is an outcome of Snowden’s selection of what to take and what to leak, so far. There is no telling what Snowden and the Guardian are holding back; nor what other GCHQ and NSA programmes have been designed to analyse Russia and Russians. According to the unclassified paper describing Boundless Informant, “the tool allows users to select a country on the map and view the metadata volume and select details about the collection against that country. The tool also allows users to view high level metrics by organization and then drill down to a more actionable level – down to the program and cover term.” Metadata include identification of sender and receiver, time, date, channel, and duration of communication. The actionable level is what exactly is said, written, messaged.
As the intelligence analysts “drill down”, they can use another program, code-name FLAWMILL, “to accept user requests for additional functionality or enhancements.”
Before the Snowden materials were released, there was evidence of how those programmes work; that is, after the targets have been registered, communication channels identified, intercepts extracted from the database, texts logged, and alerts despatched by low-level analysts to their supervisors and action managers. If you are Russian national Oleg Deripaska, for example, here are your rights, according to the NSA targeting procedures. And if you are a US citizen like John Helmer, here are the NSA guidelines.
What happens if — perish the thought! – Deripaska, speaking over the telephone, were to discuss a hypothetical plan – Heaven forfend! — to investigate, attack, possibly hurt Helmer. According to the NSA, the priority for the retrieval of the telephone call, its subsequent analysis and action is to “protect against an immediate threat to human life (e.g., force prevention or hostage situations)” (Section 1). For records of communications containing “foreign intelligence information” and “evidence of a crime” aimed at “a United States person”, the NSA says the storage period may be “no longer than five years” (Section 3(b)(1). What happens to the telephone record is spelled out in Section 3(b)(4): “As a communication is reviewed, NSA analyst(s) will determine whether it is a domestic or foreign communication to, from, or about a target and is reasonably believed to contain foreign intelligence information or evidence of a crime. Only such communications can be processed.”
If in this hypothetical example, Deripaska were talking about what was to be done to Helmer in conversation with a Russian lawyer, or with a US or UK lawyer working for Deripaska – pull the other leg! — the monitoring may have to stop. Section 4 of the NSA targeting procedures refers to attorney-client privilege blocking such surveillance for people under criminal indictment in the US. It isn’t clear what attorney-client privilege might apply to foreign nationals who are under investigation by the Federal Bureau of Investigation (FBI), but not under indictment. According to the Snowden disclosures and subsequent reporting in the UK, if the GCHQ is the agency which monitored the hypothetical call, it wouldn’t be restricted by the US rules, and it could store and share the information with other intelligence agencies, including the US.
Dissemination of a telephone intercept about a hypothetical plan of attack by Russians on a hypothetical US national is allowable, according to the NSA rules and Section 6(b), if “the communication or information is reasonably believed to contain evidence that a crime has been, is being, or is about to be committed.” Section 8 allows such a record to be despatched to “certain foreign governments”. Once the record has been sent, the foreign government is not allowed to disseminate “this unminimized data” (Section 8(b)(2)
At least, these were the NSA procedural guidelines when US Attorney-General Eric Holder signed them on July 28, 2009. They may be different now. Also, GCHQ and the Australian government, one of those permitted under section 8, may have different rules.
That Deripaska has been a target of Anglo-American interest, FBI investigation and intelligence analysis has been known for a long time. Deripaska admitted this in Rusal’s December 2009 prospectus for the initial public offering (IPO) on the Hong Kong Stock Exchange, adding his explicit denial that he was then under criminal investigation in the US. Most recently, Deripaska was in New York City and then Washington, DC, for meetings on Friday and Saturday, May 31 and June 1. The special visa arrangements have been reported here.
As the monopolist of Russian aluminium, Deripaska and Rusal were identifiable by the US Director of National Intelligence (DNI), Admiral Dennis Blair, in his annual threat assessment for the US Senate Select Committee on Intelligence in February 2010. According to Blair, there is “a growing nexus in Russian and Eurasian states among government, organized crime, intelligence services, and big business figures. An increasing risk from Russian organized crime is that criminals and criminally linked oligarchs will enhance the ability of state or state-allied actors to undermine competition in gas, oil, aluminum, and precious metals markets…IOC [International Organized Crime] penetration of governments is exacerbating corruption and undermining rule of law, democratic institution-building, and transparent business practices.”
Blair’s successor as DNI, Lieutenant-General James Clapper, reported a year later that monitoring the telephone and internet communications of the oligarchs might be a source of useful intelligence. “International organized crime (IOC) quickly has taken advantage of the Internet, cellular telephones, and other forms of rapid communication that have revolutionized commerce. Many of the Soviet successor states have serious organized crime problems. Elsewhere, the nexus between weak and failing states and organized crime is growing….IOC penetration of governments is undermining the rule of law, democratic institutions, and transparent business practices. The growing reach of IOC networks is pushing them to seek strategic alliances with state leaders and foreign intelligence services, threatening stability and undermining free markets. The nexus in Russian and Eurasian states among some government officials, organized crime, intelligence services, and big business figures enhances the ability of state or state-allied actors to undermine competition in gas, oil, aluminum, and precious metals markets.”
That Deripaska and Rusal have been a target of the GCHQ and NSA surveillance operations is a likelihood; the official answer is classified; Snowden may not know it. But the Snowden materials help elucidate how records by one agency on one side of the Atlantic are shared by intelligence analysts on the other side, as well as in other countries. That there was at least one telephone intercept operation, the record of which made its way through the analysis and dissemination process, is certain because it was logged by the Australian Government in December 2009 and then investigated by the Federal Security Service (FSB) and Moscow police. That’s the story of Rusal’s plan of attack against Helmer, revealed in detail after the Moscow police had arrested three gunmen, seized documentary evidence and weapons they were carrying, and obtained their admissions under interrogation.
Here is how the story started, with the record of the intercept — described by sources as a telephone call involving three Russians — as it first moved from the initiating intelligence agency to the Australian Department of Foreign Affairs:
The pencilled notations following the blanks and the redacted text, refer to sections of Australia’s Freedom of Information Act, which permit keeping the secrets from disclosure.
And here is the track of how the intercept report was processed by Australian officials before they issued their Russian security warning. The references in the exemptions column refer to sections of the statute which help pinpoint the Russian names in each of the documents.
As the Guardian has reported in relation to the Snowden materials, the GCHQ and the NSA wiretaps and internet records are between entirely innocent people, as well as targeted suspects. This is no less true of Russians, as of other nationals. Whenever Deripaska is asked about what was uncovered in Canberra and Moscow in December 2009, he or his lawyers respond that he is entirely innocent.
Reports of the interception of the December 2009 conversation, the evidence gathered by the Moscow police, the nature of the Russian security warning issued by Australian government officials, and the identification of the names in the intercept record by US sources have been described by Rusal and its lawyers as a fantasy. According to one Rusal response to a US Government inquiry in Moscow, “what Helmer needs is a psychiatrist.”