Posts
Published: October 12, 2012 23:25 IST | Updated: October 12, 2012 23:32 IST
10,000 phones, 1,000 e-mail IDs under the scanner
Sandeep Joshi
The Hindu Alarmed by the leak in the phone tapping case of corporate lobbyist Niira Radia, the Centre decided to set up a “Central Monitoring System” (CMS) to assist intelligence and security agencies to tap calls without the interference of service providers.
Today, various law enforcement agencies are tapping almost 10,000 phones across India, while over 1,000 e-mail accounts are under the scanner, after clearance from the Union Home Secretary.
According to an internal note, the committee, formed following orders from the Supreme Court to review orders passed by the Home Secretary for interception of calls and e-mails under the Indian Telegraph Act, said 10,648 orders had been passed for interception of phones and e-mails in August this year.
The three-member committee, which includes Cabinet Secretary Ajit Seth, Telecom Secretary R. Chandrasekhar and Legal Affairs Secretary B.A. Agrawal, noted that “4,360 orders were for fresh telephone interception.”
“Further, 5,729 orders were for continuation of existing interception orders for both telephone and e-mail.”
The committee found that as many as 559 fresh sanction orders were taken for interception of e-mail accounts, while 869 orders were passed in respect of overseas phones and 315 orders under Rule 419 A (of the Indian Telegraph Act that related to interception in emergency cases).
IB on top
In August this year, the maximum number of phones were being tapped by the Intelligence Bureau (5,966) of which 2,135 were fresh interceptions, while 3,831 were in continuation. Similarly, the State Intelligence units were tapping 1,104 phones (577 fresh and 527 in continuation) followed by the Andhra Pradesh Police with 863 phone interceptions (399 fresh and 464 in continuation) and the Delhi Police with 757 phones (738 fresh and 19 in continuation).
Among the other central agencies — the Directorate of Revenue Intelligence (DRI) were tapping 519 phones in August, while the Narcotics Control Bureau had 165 under surveillance. Interestingly, the Central Bureau of Investigation had just 39 phones under surveillance while the National Investigation Agency was tapping just 8 lines.
In the case of e-mails, the IB was snooping on 1,043 IDs in August — 460 under fresh sanction and 583 in continuation, while the State Intelligence units were tracking 136 (94 fresh and 42 in continuation); the DRI took permission from the Union Home Secretary to track 5 accounts.
Notably, to avoid any leaks, the Department of Telecommunications (DoT) has developed capabilities to intercept phones without keeping telephone operators in the loop.
Called the “Central Monitoring System”, its trials are currently on and the system is likely to be in place early next year.
Skirting service providers
Alarmed by the leak in the phone tapping case of corporate lobbyist Niira Radia, the Centre at the highest level decided to set up a CMS to assist intelligence and security agencies to tap calls without the interference of telecom service providers.
Rs. 170-crore project
Subsequently, the DoT’s Telecom Enforcement, Resource and Monitoring (TREM) Cell, along with the Centre for Development of Telematics (C-DoT) was asked to develop the project for which Rs.170 crore was earmarked.
http://www.thehindu.com/news/n
Published: December 1, 2011 23:17 IST | Updated: February 28, 2012 09:40 IST
The government's listening to us
Praveen Swami
Ever since 26/11, India has made massive purchases of communications intelligence equipment from secretive companies from India and abroad. In the absence of effective legal oversight, it threatens the democracy it was bought to defend.
In the summer of 1999, an officer at a Research and Analysis Wing communications station in western India flipped a switch, and helped change the course of the Kargil conflict. RAW's equipment had picked up Pakistan's army chief and later military ruler, Pervez Musharraf, speaking to his chief of staff, General Muhammad Aziz, from a hotel room in Beijing. “The entire reason for the success of this operation,” the RAW officer heard General Aziz saying on May 29, 1999, “was this total secrecy.” He probably smiled.
For the first time, India had hard evidence that Pakistan's army, not jihadists, had planned and executed a war that had brought two nuclear-armed states to the edge of a catastrophic confrontation. RAW's computers established that the voices were indeed those of Generals Musharraf and Aziz, pinpointed their locations – and undermined Pakistan's diplomatic position beyond redemption.
India's strategic community finally awoke to the possibilities of modern communications intelligence, and unleashed a massive effort to upgrade the country's technical capabilities. A new organisation, the National Technical Research Organisation (NTRO), was set up; scientists in the Indian Institutes of Technology were tapped, and quiet efforts to acquire technology worldwide were initiated.
Late into the night the 26/11 attacks began in Mumbai, that investment paid off: equipment flown in from New Delhi by the Intelligence Bureau allowed investigators to intercept the assault team's communications with the Lashkar-e-Taiba's headquarters in Pakistan. Police forces across the country have since scrambled to purchase similar equipment, making India one of the largest markets for global vendors.
But this isn't good news: India has no appropriate legal framework to regulate its vast, and growing, communications intelligence capabilities. There is almost no real institutional oversight by political institutions like Parliament — which means there is a clear and imminent danger that the technology could undermine the very democracy it was purchased to defend.
Who is selling?
From a trove of documents obtained by The Hindu, working in collaboration with WikiLeaks and an international consortium of media and privacy organisations monitoring the communications intelligence industry, it is evident Indian companies are already offering technologies very similar to the most formidable available in the world.
Himachal Pradesh-based Shoghi — once blacklisted by the government pending investigation of its relationship with corruption-linked former telecommunications Minister Sukh Ram — has become one of the largest suppliers to the Indian armed forces and RAW. It offers a range of equipment to monitor satellite, mobile phone, and strategic military communications.
Shoghi's SCL-3412 satellite communications link monitoring system can, its literature says, even “passively monitor C and Ku-band satellite compressed and non-compressed telecom carriers from Intelsat, Eutelsat, Arabsat, Turksat.” The company also claims its equipment can automatically analyse “bulk speech data” — in other words, listen in and pick particular languages, words, or even voices out of millions of simultaneous conversations taking place across the world.
India's other large communications intelligence firm, Indore-headquartered ClearTrail, says its products “help communication service providers, law enforcement, and government agencies worldwide to counteract the exploitation of today's communication networks, fight terrorism and organised crime.” The company's brochures say it has portable equipment that can pluck mobile phone voice and text messages off the air, without the support of service providers — service providers who must, by law, be served with legal authorisation to allow monitoring.
The Hindu telephoned officials at both companies, and then e-mailed them requesting meetings to discuss issues raised in its investigation. Neither company responded; one said it was barred from discussing technical questions with the media by its terms of contract with its military clients.
Large parts of the most sophisticated equipment, defence sources told The Hindu, come in from Israel — itself a beneficiary of a special relationship with the United States. “Israeli vendors often tell us that they're charging extraordinarily high prices in return for breaking embargos on sharing these technologies,” one officer said, “but there's no way of knowing this is the case.”
“If we get what we need,” he said, “we're willing to pay — there's no point quibbling over a few million dollars.”
Ever since 26/11, companies like Shoghi and ClearTrail haven't been short of customers: police forces have queued up to purchase passive interception technologies, which allow them to maintain surveillance not just on phone numbers specified in legally-mandatory warrants from the Home Secretary, but on all conversations in an area, or region. There are even cases of out-of-state operations: the Delhi Police have periodically maintained a passive interception capability at the Awantipora military station in Jammu and Kashmir, an act with no basis in law. The Army also has significant passive interception capabilities along the Line of Control (LoC) — which also pick up civilian communication.
Computers at key net hubs
India's National Technical Research Organisation (NTRO) has also deployed computers fitted at key internet hubs — the junction boxes, as it were, through which all of the country's internet traffic must pass. Police forces in several States, among them Uttar Pradesh, Maharashtra, and Andhra Pradesh, have followed suit, with smaller variants of the same technology.
The risks of this proliferation of technology have become evident over the last two years. In Punjab, one of four passive interception units is reported to be missing, feared to have been lost to a political party or corporate institution. Andhra Pradesh actually shut down its passive interception capabilities after it accidentally intercepted sensitive conversations between high officials. Karnataka officials also accidentally intercepted conversations involving a romantic relationship between a leading politician and a movie star — while Mumbai has had several scandals involving unauthorised listening-in to phones owned by corporate figures and movie stars.
Intelligence Bureau sources told The Hindu they had been working, for the past several months, to get States to shut down the 33 passive interception units in their possession — but with little success. The pervasive attitude in a federal or quasi-federal polity seems to be: if the Centre can do it, why can't we?
Police do require warrants to tap individual phones, but in practice authorisations are handed out with little thought. In one notorious case, the politician Amar Singh's phone conversations were recorded with the consent of his service provider on the basis of what turned out to be a faked government e-mail. Mr. Singh's personal life became a subject of public discussion, but no one has yet been held accountable for the outrageously unlawful intrusion into his privacy.
Last year, journalist Saikat Datta authored a disturbing exposé, alleging the NTRO's passive interception capabilities were being misused for political purposes — and even activities closely resembling blackmail. Union Home Minister P. Chidambaram denied such activities were taking place, although he has no supervisory power over the NTRO — but there has been no investigation.
The fact is that the government has no real interest in rigorous oversight. The Intelligence Bureau, for example, has long been summoning call data records for individuals from service providers with no legal cause, allowing it to maintain a watch on behalf of the Union Home Ministry of contacts maintained among journalists, politicians, corporate figures, and government.
In the absence of a full investigation into malpractices, and proper oversight, there is simply no way of knowing who might, and in what circumstances, have been targeted through passive interception means — and that's the whole problem.
“When an officer on a salary of Rs.8,000 a month has pretty much unrestricted access to this kind of technology,” a senior Maharashtra Police officer admitted, “things will go wrong, and have gone wrong.”
Earlier this year, Congress spokesperson and Member of Parliament, Manish Tewari, introduced a private member's bill that would enable Parliamentary oversight over the intelligence services — the worldwide pattern in democracies. “The advancement of communications interception warrants that a very robust legal architecture to protect the privacy of individuals needs to be put in place,” he says. “The intrusive power of the state has to be counter-balanced with the civil liberties guaranteed by the Constitution.”
In his case, no one seems to have been listening.
Ever-larger investments
India is set to make ever-larger investments in these technologies, making the case for oversight ever more urgent. In 2014, the Defence Research and Development Organisation (DRDO), aided by the Indian Space Research Organisation (ISRO), is scheduled to launch India's first dedicated spy satellite, the Rs.100-crore communications intelligence satellite, tentatively named CCISat. Like similar systems operated by the United States, Russia, and Japan, among others, CCISat will suck up gigabites of electronic information from its orbital position 500 kilometres above the earth, passing it on to military supercomputers that will scan it for information of military and intelligence value.
From the public sector giant, Bharat Electronics, India's principal electronics intelligence manufacturer, we know that CCISat is just a small part of the country's overall spy technology programme: in 2009-2010, it supplied some Rs.700 crore worth of electronic warfare equipment, and was scheduled to make deliveries worth Rs.900 crore in 2010-2011. Electronic warfare systems, both offensive and defensive, were reported to make up over half its order book of Rs.15,000 crore last year.
Larsen & Toubro, as well as the Tatas' Strategic Electronics Division, have also expanded their capacities to meet an acquisitions drive that Indian military officials estimate will cost the country Rs.22,500 crore (about $4.5 billion) before the end of the decade.
This may be money well spent: there can be little doubt that communication intelligence has contributed significantly to defending India. However, the failure to regulate the technology will have far-reaching consequences for our democracy — and could even mean its subversion.
http://www.thehindu.com/news/n
Published: December 1, 2011 23:15 IST | Updated: February 28, 2012 09:39 IST
The art and science of communications intelligence
Praveen Swami
Ever since World War II, technology has allowed nations unprecedented — and potentially dangerous — access into our lives. After 9/11, the risks of abuse have grown exponentially.
In March 1950, the National Security Council of the United States of America issued a top-secret directive that, in ways few people fully understood then or since, transformed our world. “The special nature of Communications Intelligence activities,” it reads, “requires that they be treated in all respects as being outside the framework of other or general intelligence activities. Orders, directives, policies or recommendations of the Executive Branch relating to the collection, production, security, handling, dissemination or utilisation of intelligence and/or classified material shall not be applicable to Communications Intelligence activities.”
Less than two decades after that directive was signed, the U.S. controlled the most formidable system of surveillance the world has ever seen: satellites and listening posts strung across the planet picked up everything from radio-telephone conversations from cars in Moscow to transatlantic telephone conversations and data on India's nuclear programme. Known as Echelon, the system provided the western powers with an unprecedented information edge over their adversaries.
From data obtained by WikiLeaks, working with an international consortium of media organisations, including The Hindu, and other partners, we have the first real public domain insights into how much more advanced — and how much more widely available — this surveillance system has become.
The South African firm Vastech, for example, offers systems that can capture data flowing across telecommunications and internet networks in multiples of ten gigabites, and scan it for pre-determined parameters — the voice of an individual; a particular language; a phone number; an e-mail address. The Indian companies, Shoghi and ClearTrail, The Hindu found, market systems that can capture giant volumes of traffic from mobile phone and satellite networks and subject it to similar analysis. France's Amesys is among several companies to have provided equipment like this to states like Libya — enabling their parent state access to the buyer's own communications, through electronic back-doors, but at the price of allowing them to spy on dissidents, with often horrific consequences.
In coming days, The Hindu will report on the consequences of the proliferation of surveillance technology — but it is important, first, to understand the state of the science of communications espionage.
Evolving technology
Interception technologies are as old as communications. Julius Caesar, the imperial historian Suetonius recorded, was concerned enough about the prospect of his military communications being intercepted — in general, by the simple expedient of corrupting or capturing his messengers — to use what cryptographers call a substitution cipher — replacing the letter A with D, B with E and so on. Had one of Caesar's military messages contained a reference to The Hindu, it would have read Wkh Klqgx. Elizabeth I's spymaster, Robert Walsingham, excelled in using spies to capture information on Spain's military ambitions, and plots against his queen.
Early ciphers were easy to crack with techniques like frequency analysis, leading intelligence services to design ever more complex codes. The eminent science journalist Simon Singh's Virtual Black Chamber — so named for the rooms espionage agencies used to crack enemy codes — has a fascinating historical account of the never-ending battle between cryptographers and cryptanalysts (as well as online tools for aspiring amateur code-makers and code-breakers).
The rise of wireless communication in the early decades of the twentieth century, though, made it possible for information to be passed instantly across great distances — and for states to begin intercepting it. From 1925, Germany began deploying a path-breaking mechanical encrypted-communication system code-named Enigma, which resisted the combined efforts of cryptanalysts — thus allowing the Nazi military machine an unprecedented degree of secrecy in its military communications, and facilitating its new strategy of high-speed mechanised war.
In 1939, the Polish mathematician, Marian Rejewski, led a team that made some breakthroughs against Enigma, based on studies of a machine stolen by the country's spies. Then, in 1943, a top-secret British team, made up of an eclectic collection of scholars, technicians, and scientists led by the mercurial Alan Turing, used electromechanical devices — the first computers — to finally crack the Enigma code. Even then, full penetration of Enigma's naval variant needed a daring raid that allowed code-books to be salvaged from the submarine U559, without allowing Germany to suspect the vital information had not gone to the sea-bed.
Experts have claimed that breaking Enigma hastened the end of the war by two years. Winston Churchill, the United Kingdom's wartime Prime Minister, described the work of the code-breakers as a “secret war, whose battles were lost or won unknown to the public, and only with difficulty comprehended, even now, by those outside the small, high scientific circles concerned.” “No such warfare had ever been waged by mortal men,” he said. The secret war involved hideous choices — for instance, allowing German air and naval attacks to kill allied soldiers when they could have been pre-empted, in order not to raise suspicions that Enigma had been compromised.
Big Brother Science
Learning from their experience, the allied powers invested heavily in communications intelligence after the end of World War II. In 1947, the four English-speaking powers — the United States, United Kingdom, Australia, and New Zealand — signed a treaty allowing for the sharing of intelligence. Listening stations run by the four countries across the world, supplemented from the 1970s by satellites, allowed a new software system — known as Echelon — to suck up virtually all electronic communication from around the planet. For example, part of the inter-city microwave signals carrying phone traffic went into space, because of the curvature of the earth. The NSA's satellites would pick up the data—and Echelon would mine it for useful data.
In the 1990s, a steady flow of information in Echelon came into the public domain, based on disclosures by the former Canadian spy Mike Frost, New Zealand's Nicky Hager, American James Bamford, and British journalist Duncan Campbell. India itself was using some Echelon-like signals intelligence technologies by this time. The United States had begun to supply the Research and Analysis Wing's Aviation Research Centre equipment to spy on China's nuclear programme and naval assets from 1962; acquisitions were also made from the Soviet Union.
Public disclosure of Echelon raised growing concerns that it might be misused for states to conduct espionage against their own citizens, as well as to further their commercial interests. In 2000 and 2001, the European Parliament released reports addressing these issues.
The furore forced former CIA director James Woolsey to admit, at a press conference held in 2000, that the United States did conduct espionage in Europe. Mr Woolsey said, however, that just 5 per cent of his country's economic intelligence was derived from stolen secrets — and used to target states or corporations that were either violating international sanctions or paying bribes to gain contracts. He said intelligence of this kind was not passed on to companies in the United States — adding that to harvest usable commercial information would mean resources were sucked away from the core national-security mandate of his organisation.
Fred Stock, a former Canadian intelligence officer, earlier gave testimony that suggested Mr. Woolsey's claims were, at best, a part of the truth. Mr. Stock said he had been expelled from his service in 1993 for criticising its targeting of economic and civilian targets — among them, information on negotiations of the North American Free Trade Agreement, Chinese grain purchases, and French weapons sales. He claimed Canada's spies also routinely monitored high-seas protests by the environmental organisation, Greenpeace.
Evidence also exists that the NSA spied on U.S. targets — though not on U.S. soil, thus bypassing national legislation. Margaret Newsham, who worked at Echelon's Menwith Hill facility from 1977 to 1981, testified that conversations involving the late Senator Strom Thurmond had been intercepted. The technology to target conversations involving particular people, she said, had existed from 1978. Ms Newsham's revelations seemed to buttress what many had long suspected — which is that the 1947 agreement allowed the U.S. and the U.K. to spy on their own citizens, by the simple expedient of subcontracting the task to their alliance partner.
Few people, however, remained willing to deal with these concerns after 9/11: increasingly, western governments allowed enhanced surveillance against their citizens, as part of the so-called war against terror. The data gathered by WikiLeaks and its partners graphically demonstrate that almost every aspect of our everyday lives — everything from the hubs of the fibre-optic cables which carry the world's e-mail and internet traffic to mobile and landline phone conversations — can, and are, scanned by intelligence services. The odds are that when you read this article, replete with words like “terrorism,” a computer somewhere is recording your activity, automatically recording your computer's precise geographical location, and matching all this against public records that contain your details.
In most democracies, there are stringent legislative safeguards against the abuse of these capabilities: the United States Senate maintains a relatively tight leash on the country's intelligence services; in Australia, a commissioner can even conduct raids at the offices of its spies without a warrant. India, however, has only a rudimentary legal infrastructure — and no worthwhile legislative oversight, raising concerns described in a story in The Hindu.
Few people, as Churchill pointed out so many decades ago, fully understand the consequences the capacities of states to monitor our wired world — but it is time citizens started marking the effort, for the alternative is to lose the rights these technologies were created to defend.
http://www.thehindu.com/opinio
Published: December 31, 2011 04:23 IST | Updated: December 31, 2011 04:23 IST
Security agencies plan complete tab on mobile, Internet communication
Sandeep Joshi
Rs.900-crore corpus proposed for setting up a centre
The next five years could change the way how security agencies keep a tab on your phone calls and flow of content on the Internet as the government has proposed a Rs.900-crore corpus for setting up a ‘Centre for Communication Security Research and Monitoring' to give law enforcement agencies a free hand to intercept calls and monitor the worldwide web.
While Rs.800 crore would be invested in setting up a “Centralised Monitoring System” for interception of all types of communications through phones as well as Internet, a ‘Telecom Testing and Security Certification Centre' worth Rs.100 crore would come up for testing of all kinds of equipment, says a Department of Telecommunications report. It has been prepared by the working group on the telecom sector for the 12 Five-Year Plan (2012-17).
“For the assistance of the law enforcement [agencies], in the 11th Five-Year Plan, a Centralised Monitoring System (CMS) was envisioned. A proposal for the setting up of a Centre for Communication Security Research and Monitoring has already been approved by the Cabinet Committee on Security with a government funding of Rs.450 crore…a good amount of research work on CMS has already been done and rollout has begun during 2011-12,” the report says.
Explaining how the system would be upgraded and strengthened in the next five years, the report points out that a facility for centralised monitoring will be created throughout the country across different telecom and broadband technologies and services at a cost of Rs.350 crore. The system would be further upscaled to take care of an expanded network by creating more facilities at an estimated cost of Rs.150 crore. A sum of Rs.300 crore would be kept aside for operation and maintenance of the mammoth infrastructure.
At present, the entire monitoring of phone calls and Internet content is done, after manually taking authorisation at multiple places on the premises of the telecom service providers (those giving phone and Internet services).
But this system is “time consuming and fraught with dangers of loss of secrecy” and “there is hardly any analytical capability in the system” to assist law enforcement agencies, says the report.
Anti-social activities
While building the case for the new monitoring paraphernalia, the report says: “Exponential growth and quick technological development in the telecom sector further compound the security challenges, because the expanding reach of the sophisticated telecom networks has also led to the communications systems being used by however a small number, individuals, clans and groups, from within the country and outside, for anti-social and criminal activities.”
http://www.thehindu.com/news/n
Published: February 22, 2012 23:52 IST | Updated: February 23, 2012 02:36 IST
Centre can directly access your phone chat soon
Sandeep Joshi
The Hindu
Secure tapping mechanism ready; sequel to Radia tape leak
Soon the Centre would have direct access to all your telephone conversations as the Department of Telecommunications (DoT) has developed capabilities to intercept phones without keeping your operator in the loop. Currently, trials are on in Delhi and Haryana through a main server established in the national capital. It would take another 12 months before the system is officially operational.
Alarmed by the leak in the corporate lobbyist Niira Radia phone-tapping case, the Centre at the highest level decided to set up a Central Monitoring System (CMS) to tap calls without the interference of telecom service providers. Subsequently, the DoT's Telecom Enforcement, Resource and Monitoring (TREM) Cell along with the Centre for Development of Telematics (C-DoT) was asked to develop the project for which Rs.170 crore was earmarked. After almost one year, the CMS is ready and being tested.
Exclusive facility
“This is the DoT's exclusive facility that would assist intelligence and security agencies, besides strategic government departments in phone-tapping,” a senior DoT official said. The DoT would be required to set up separate servers in each State, depending upon the requirements and the number of subscribers. While the facility in Delhi and adjoining States are likely to be ready by year-end, it might take at least another couple of years before servers are established across India.
Complex system
The present system of phone-tapping is a complex one as eight intelligence and investigating agencies wanting to snoop on anybody's phone are required to approach the Union Home Ministry for clearance with specific reasons. Armed with necessary clearances, the department officials would then approach the telecom operators for tapping phones. It is feared that the loopholes in the current process led to the leakage of the Radia tapes.
Total control
However, in the new mechanism, the DoT will have total control of a tapped line, giving telecom firms no access to the intercepted line. Another important aspect of the new centralised system is that irrespective of operators, lines would be tapped at one location, which will be manned round-the-clock by officials of the government agencies.
http://www.thehindu.com/news/n
Published: December 3, 2011 00:48 IST | Updated: February 28, 2012 09:39 IST
How technology helped build a dystopia
Praveen Swami
In this Oct. 6, 2009 photo, Libya’s intelligence chief Abdullah al-Senoussi, right, whispers to Muammar Qadhafi in Sabha, Libya. New insights have emerged into how Qadhafi's regime used state-of-the-art communications intelligence equipment to shore up the murderous dystopia he had built. Photo: AP
Libya used state-of-the-art communications intelligence equipment to prop up Colonel Qadhafi's regime: this disclosure raises complex ethical questions
Earlier this year, as Islamist-led Libyan insurgents swept into Tripoli, fascinating new insights emerged into how Muammar Qadhafi's regime had used state-of-the-art communications intelligence equipment to shore up the murderous dystopia he had built.
The French firm Amesys, documents first reported by The Wall Street Journal showed, had supplied the regime with capabilities to intercept electronic traffic involving Libyan dissidents half-way across the world. The documents — in essence, operator training manuals — contained a list of targets, which had been redacted. But Owni, a, a French media group that partnered with The Hindu in the WikiLeaks-Spy Files investigation, succeeded in using electronic means to recover the data.
Libya's intelligence services were targeting the e-mail and phone communications of several Libyan dissidents in the United Kingdom and the United States — as well as, in a bizarre twist, the respected lawyer Jeffrey Smele who represents, among others, a key Spy Files partner, the London-based Bureau of Investigative Journalism.
Indians have a special reason to pay attention to the Amesys story: there is reason to believe that its employees may have been used to manufacture equipment supplied to India — or, worse, to hostile states targeting the nation's communications infra structure. Hindi and Tamil are among the 38 languages which the brochure says the technology can automatically recognise in intercepted conversations, and turn from voices captured on hard disk into transcribed text.
Amesys has no office in India, though its Singapore operations, The Hindu has learnt, employs several Indian nationals. In just the last six months, internet searches show, three technology jobs with Amesys' Singapore office were advertised in the Indian media; e-mail addresses for two Indian-origin employees also surfaced.
But the story is important, mainly, for the insight it provides into just how far-reaching modern communi cations intelligence is — and raises disturbing ethical questions about its use.
From the Amesys documents obtained by a WikiLeaks-led international media consortium, which includes The Hindu, we have a good idea of just what the technology allowed Libya to do. Eagle, Amesys' core technology, consists of four elements: passive, undetectable probes which can be plugged in to capture internet and voice traffic; a data-system built around multi-core processors to analyse it;
A monitoring centre with an easy-to-use graphical user interface that allows operators to search through the data; and, finally, modules that allow for automatic identification of particular speakers, and even transcription or translation from multiple languages.
Eagle's portable version is designed for tactical use — for example, to target a particular neighbourhood or village, or search for individuals or groups of people. It can, the company says, handle up to 10 mbps of data traffic in real time. This is about five times that of a typical mid-size office.
The massive interception version, Amesys' corporate literature says candidly, “is designed to answer to the need of interception and surveillance on a scale of nation.” Its data centre can handle up to “tens of petabytes” aggregated from all sources of voice and data communication, and has the computing resources needed to “analyse nationwide data flow in real time.” “The central database,” it says, “is able to aggregate information coming from different type of sensors and also to be connected to external database to cross reference information.”
Amesys' electronic Panopticon has a large variety of plug-ins to cater to every need: information can be time-stamped and digitally signed, where it is intended for legal use; it can be subjected, automatically, to “semantic analysis, topic spotting [and the] geo-localisation” of intelligence targets.
Even though these technologies seem almost magical, it is important to remember that we encounter them all in our everyday lives: plain-vanilla Google, for example, has tools to translate and transcribe text. Airlines and banks routinely use voice-recognition software to deal with clients.
Amesys' brochure promotes the massive interception product, possibly because it is substantially more expensive: “completely and easily connectable to existing system, the massive products designed by Amesys are the best answers to your needs.”
In a statement issued earlier this year, after news of Amesys' involvement in Libya first broke, the company sought to play down claims that its equipment had allowed massive monitoring of internet traffic. “Amesys,” it said, “signed a contract with the Libyan authorities in 2007. The relevant hardware was delivered in 2008. The contract was related to the making available of analysis hardware concerning a small fraction of the internet lines installed at that time [a few thousand].”
The operator manuals revealed by Owni, though, are marked Eagle — which makes the claim that the surveillance technology sold to Libya was small-scale, irreconcilable with the Amesys brochure.
Leaving aside these details, though, there are two large questions: why did France sell the equipment to a dysfunctional dictatorship such as the one in Libya? And was it even minimally responsible in ethical terms, in doing so?
Hard questions
Libya's French-made Panopticon has been read, in the media and by privacy advocates, as a classic example of the perils of handing over technology to rogue Third World regimes: a trope much used in western human rights discourse. The argument has several variants — for example, that China (or Iran or Syria) ought be denied military high-technology because of the nature of its regime; that India's missile programme (or that of Pakistan or China) poses a regional threat; that Pakistan (or Iran, or India) cannot be trusted with nuclear weapons.
Noman Benotman was a target of Eagle surveillance in Libya. As a member of the respected think tank Quilliam, which focusses on fighting Islamism and promoting moderate threads of Islamic thought, he was once a member of a jihadist terror group. In one interview, Mr. Benotman said that he fought alongside Jalaluddin Haqqani —the Al-Qaeda-affiliated warlord now spearheading much of the terrorist violence in Afghanistan — from 1989. He said he had “been trained by Pakistani Special Forces, the CIA and the [British] SAS.”
Libya had good reason to be concerned about Mr. Benotman, even after he broke ranks with the Afghan jihadists. He had been a member of the Libyan Islamic Fighting Group (LIFG) — one of several Islamist terror organisations, the scholar and researcher Mark Curtis has shown in his book Secret Affairs: Britain's Collusion With Radical Islam — which was backed by western intelligence services before 9/11. Britain's Home Office later said the LIFG's aim had been to “overthrow the Qaddhafi regime and replace it with an Islamic state”; it did not mention that MI6, the country's external espionage agency, had supported that objective.
Based on testimony, among others, from the former MI6 officer David Shayler, Mr. Curtis uncovered evidence that Britain paid, among other things, for a terrorist attack in which six people were killed. This was a bombing in February 1996 in Colonel Qadhafi's home town of Sirte.
From late in the decade, the Libyan regime — which, it bears noting, was the first to seek Osama bin Laden's arrest through Interpol, back in 1998 — began seeking a rapprochement with the jihadists. Libyan exiles living in London, where they had been granted asylum by a state which had paid for their war, played a key role in the effort. That effort was spearheaded by Qadhafi's U.K.-educated son, Saif-al-Islam.
Mr. Benotman, and other Libyan dissidents with a jihadist background, clearly constituted a matter of legitimate concern to Qadhafi's intelligence services — as did the human rights lawyers and activists who supported them. So did Ashur Shamis, a dissident who ran a Libyan human rights group. Mahmud Nacua, another target in London, is the new Libyan government's Ambassador to the United Kingdom. He had often called for the overthrow of the Qadhafi regime.
France, it seems probable, made surveillance equipment available to Libya with full knowledge of what it would be used for: unlike the U.K., it had reason to fear the LIFG. In the wake of the Afghan jihad, LIFG cadre had fought in alliance with Algerian jihadists, who also targeted France. Paris had little patience with the U.K.'s opportunistic love affair with Islamism which, French intelligence used to say, had turned one of the world's great cities into a hub for religious extremists they called “Londonistan.”
More likely than not, France also benefited from Amesys' equipment — almost certainly using it to penetrate Libya's own communications, through electronic back-doors, and harvesting intelligence of commercial use. In this sense, Amesys was an agent of the French state intimately enmeshed with its geostrategic objectives, not a rogue actor callously peddling dangerous technology to all comers.
In recent weeks, respected newspapers like the Wall Street Journal and the Washington Post have criticised the U.S. for allowing its corporations to sell communications-intelligence technologies around the world. In reality, the U.S. encourages them, for wholly hard-headed reasons.
The Libyan state tortured and killed opponents — but for decades it was evident that every other nation-state of consequence has done exactly the same things where its strategic interests and security were imperilled. Like every other nation in the world, Libya understood that power and information were intimately enmeshed — perhaps more so in this digital age than ever before.
http://www.thehindu.com/news/h
Sandeep Joshi
The Hindu Alarmed by the leak in the phone tapping case of corporate lobbyist Niira Radia, the Centre decided to set up a “Central Monitoring System” (CMS) to assist intelligence and security agencies to tap calls without the interference of service providers.
Today, various law enforcement agencies are tapping almost 10,000 phones across India, while over 1,000 e-mail accounts are under the scanner, after clearance from the Union Home Secretary.
According to an internal note, the committee, formed following orders from the Supreme Court to review orders passed by the Home Secretary for interception of calls and e-mails under the Indian Telegraph Act, said 10,648 orders had been passed for interception of phones and e-mails in August this year.
The three-member committee, which includes Cabinet Secretary Ajit Seth, Telecom Secretary R. Chandrasekhar and Legal Affairs Secretary B.A. Agrawal, noted that “4,360 orders were for fresh telephone interception.”
“Further, 5,729 orders were for continuation of existing interception orders for both telephone and e-mail.”
The committee found that as many as 559 fresh sanction orders were taken for interception of e-mail accounts, while 869 orders were passed in respect of overseas phones and 315 orders under Rule 419 A (of the Indian Telegraph Act that related to interception in emergency cases).
IB on top
In August this year, the maximum number of phones were being tapped by the Intelligence Bureau (5,966) of which 2,135 were fresh interceptions, while 3,831 were in continuation. Similarly, the State Intelligence units were tapping 1,104 phones (577 fresh and 527 in continuation) followed by the Andhra Pradesh Police with 863 phone interceptions (399 fresh and 464 in continuation) and the Delhi Police with 757 phones (738 fresh and 19 in continuation).
Among the other central agencies — the Directorate of Revenue Intelligence (DRI) were tapping 519 phones in August, while the Narcotics Control Bureau had 165 under surveillance. Interestingly, the Central Bureau of Investigation had just 39 phones under surveillance while the National Investigation Agency was tapping just 8 lines.
In the case of e-mails, the IB was snooping on 1,043 IDs in August — 460 under fresh sanction and 583 in continuation, while the State Intelligence units were tracking 136 (94 fresh and 42 in continuation); the DRI took permission from the Union Home Secretary to track 5 accounts.
Notably, to avoid any leaks, the Department of Telecommunications (DoT) has developed capabilities to intercept phones without keeping telephone operators in the loop.
Called the “Central Monitoring System”, its trials are currently on and the system is likely to be in place early next year.
Skirting service providers
Alarmed by the leak in the phone tapping case of corporate lobbyist Niira Radia, the Centre at the highest level decided to set up a CMS to assist intelligence and security agencies to tap calls without the interference of telecom service providers.
Rs. 170-crore project
Subsequently, the DoT’s Telecom Enforcement, Resource and Monitoring (TREM) Cell, along with the Centre for Development of Telematics (C-DoT) was asked to develop the project for which Rs.170 crore was earmarked.
http://www.thehindu.com/news/n
Published: December 1, 2011 23:17 IST | Updated: February 28, 2012 09:40 IST
The government's listening to us
Praveen Swami
Ever since 26/11, India has made massive purchases of communications intelligence equipment from secretive companies from India and abroad. In the absence of effective legal oversight, it threatens the democracy it was bought to defend.
In the summer of 1999, an officer at a Research and Analysis Wing communications station in western India flipped a switch, and helped change the course of the Kargil conflict. RAW's equipment had picked up Pakistan's army chief and later military ruler, Pervez Musharraf, speaking to his chief of staff, General Muhammad Aziz, from a hotel room in Beijing. “The entire reason for the success of this operation,” the RAW officer heard General Aziz saying on May 29, 1999, “was this total secrecy.” He probably smiled.
For the first time, India had hard evidence that Pakistan's army, not jihadists, had planned and executed a war that had brought two nuclear-armed states to the edge of a catastrophic confrontation. RAW's computers established that the voices were indeed those of Generals Musharraf and Aziz, pinpointed their locations – and undermined Pakistan's diplomatic position beyond redemption.
India's strategic community finally awoke to the possibilities of modern communications intelligence, and unleashed a massive effort to upgrade the country's technical capabilities. A new organisation, the National Technical Research Organisation (NTRO), was set up; scientists in the Indian Institutes of Technology were tapped, and quiet efforts to acquire technology worldwide were initiated.
Late into the night the 26/11 attacks began in Mumbai, that investment paid off: equipment flown in from New Delhi by the Intelligence Bureau allowed investigators to intercept the assault team's communications with the Lashkar-e-Taiba's headquarters in Pakistan. Police forces across the country have since scrambled to purchase similar equipment, making India one of the largest markets for global vendors.
But this isn't good news: India has no appropriate legal framework to regulate its vast, and growing, communications intelligence capabilities. There is almost no real institutional oversight by political institutions like Parliament — which means there is a clear and imminent danger that the technology could undermine the very democracy it was purchased to defend.
Who is selling?
From a trove of documents obtained by The Hindu, working in collaboration with WikiLeaks and an international consortium of media and privacy organisations monitoring the communications intelligence industry, it is evident Indian companies are already offering technologies very similar to the most formidable available in the world.
Himachal Pradesh-based Shoghi — once blacklisted by the government pending investigation of its relationship with corruption-linked former telecommunications Minister Sukh Ram — has become one of the largest suppliers to the Indian armed forces and RAW. It offers a range of equipment to monitor satellite, mobile phone, and strategic military communications.
Shoghi's SCL-3412 satellite communications link monitoring system can, its literature says, even “passively monitor C and Ku-band satellite compressed and non-compressed telecom carriers from Intelsat, Eutelsat, Arabsat, Turksat.” The company also claims its equipment can automatically analyse “bulk speech data” — in other words, listen in and pick particular languages, words, or even voices out of millions of simultaneous conversations taking place across the world.
India's other large communications intelligence firm, Indore-headquartered ClearTrail, says its products “help communication service providers, law enforcement, and government agencies worldwide to counteract the exploitation of today's communication networks, fight terrorism and organised crime.” The company's brochures say it has portable equipment that can pluck mobile phone voice and text messages off the air, without the support of service providers — service providers who must, by law, be served with legal authorisation to allow monitoring.
The Hindu telephoned officials at both companies, and then e-mailed them requesting meetings to discuss issues raised in its investigation. Neither company responded; one said it was barred from discussing technical questions with the media by its terms of contract with its military clients.
Large parts of the most sophisticated equipment, defence sources told The Hindu, come in from Israel — itself a beneficiary of a special relationship with the United States. “Israeli vendors often tell us that they're charging extraordinarily high prices in return for breaking embargos on sharing these technologies,” one officer said, “but there's no way of knowing this is the case.”
“If we get what we need,” he said, “we're willing to pay — there's no point quibbling over a few million dollars.”
Ever since 26/11, companies like Shoghi and ClearTrail haven't been short of customers: police forces have queued up to purchase passive interception technologies, which allow them to maintain surveillance not just on phone numbers specified in legally-mandatory warrants from the Home Secretary, but on all conversations in an area, or region. There are even cases of out-of-state operations: the Delhi Police have periodically maintained a passive interception capability at the Awantipora military station in Jammu and Kashmir, an act with no basis in law. The Army also has significant passive interception capabilities along the Line of Control (LoC) — which also pick up civilian communication.
Computers at key net hubs
India's National Technical Research Organisation (NTRO) has also deployed computers fitted at key internet hubs — the junction boxes, as it were, through which all of the country's internet traffic must pass. Police forces in several States, among them Uttar Pradesh, Maharashtra, and Andhra Pradesh, have followed suit, with smaller variants of the same technology.
The risks of this proliferation of technology have become evident over the last two years. In Punjab, one of four passive interception units is reported to be missing, feared to have been lost to a political party or corporate institution. Andhra Pradesh actually shut down its passive interception capabilities after it accidentally intercepted sensitive conversations between high officials. Karnataka officials also accidentally intercepted conversations involving a romantic relationship between a leading politician and a movie star — while Mumbai has had several scandals involving unauthorised listening-in to phones owned by corporate figures and movie stars.
Intelligence Bureau sources told The Hindu they had been working, for the past several months, to get States to shut down the 33 passive interception units in their possession — but with little success. The pervasive attitude in a federal or quasi-federal polity seems to be: if the Centre can do it, why can't we?
Police do require warrants to tap individual phones, but in practice authorisations are handed out with little thought. In one notorious case, the politician Amar Singh's phone conversations were recorded with the consent of his service provider on the basis of what turned out to be a faked government e-mail. Mr. Singh's personal life became a subject of public discussion, but no one has yet been held accountable for the outrageously unlawful intrusion into his privacy.
Last year, journalist Saikat Datta authored a disturbing exposé, alleging the NTRO's passive interception capabilities were being misused for political purposes — and even activities closely resembling blackmail. Union Home Minister P. Chidambaram denied such activities were taking place, although he has no supervisory power over the NTRO — but there has been no investigation.
The fact is that the government has no real interest in rigorous oversight. The Intelligence Bureau, for example, has long been summoning call data records for individuals from service providers with no legal cause, allowing it to maintain a watch on behalf of the Union Home Ministry of contacts maintained among journalists, politicians, corporate figures, and government.
In the absence of a full investigation into malpractices, and proper oversight, there is simply no way of knowing who might, and in what circumstances, have been targeted through passive interception means — and that's the whole problem.
“When an officer on a salary of Rs.8,000 a month has pretty much unrestricted access to this kind of technology,” a senior Maharashtra Police officer admitted, “things will go wrong, and have gone wrong.”
Earlier this year, Congress spokesperson and Member of Parliament, Manish Tewari, introduced a private member's bill that would enable Parliamentary oversight over the intelligence services — the worldwide pattern in democracies. “The advancement of communications interception warrants that a very robust legal architecture to protect the privacy of individuals needs to be put in place,” he says. “The intrusive power of the state has to be counter-balanced with the civil liberties guaranteed by the Constitution.”
In his case, no one seems to have been listening.
Ever-larger investments
India is set to make ever-larger investments in these technologies, making the case for oversight ever more urgent. In 2014, the Defence Research and Development Organisation (DRDO), aided by the Indian Space Research Organisation (ISRO), is scheduled to launch India's first dedicated spy satellite, the Rs.100-crore communications intelligence satellite, tentatively named CCISat. Like similar systems operated by the United States, Russia, and Japan, among others, CCISat will suck up gigabites of electronic information from its orbital position 500 kilometres above the earth, passing it on to military supercomputers that will scan it for information of military and intelligence value.
From the public sector giant, Bharat Electronics, India's principal electronics intelligence manufacturer, we know that CCISat is just a small part of the country's overall spy technology programme: in 2009-2010, it supplied some Rs.700 crore worth of electronic warfare equipment, and was scheduled to make deliveries worth Rs.900 crore in 2010-2011. Electronic warfare systems, both offensive and defensive, were reported to make up over half its order book of Rs.15,000 crore last year.
Larsen & Toubro, as well as the Tatas' Strategic Electronics Division, have also expanded their capacities to meet an acquisitions drive that Indian military officials estimate will cost the country Rs.22,500 crore (about $4.5 billion) before the end of the decade.
This may be money well spent: there can be little doubt that communication intelligence has contributed significantly to defending India. However, the failure to regulate the technology will have far-reaching consequences for our democracy — and could even mean its subversion.
http://www.thehindu.com/news/n
Published: December 1, 2011 23:15 IST | Updated: February 28, 2012 09:39 IST
The art and science of communications intelligence
Praveen Swami
Ever since World War II, technology has allowed nations unprecedented — and potentially dangerous — access into our lives. After 9/11, the risks of abuse have grown exponentially.
In March 1950, the National Security Council of the United States of America issued a top-secret directive that, in ways few people fully understood then or since, transformed our world. “The special nature of Communications Intelligence activities,” it reads, “requires that they be treated in all respects as being outside the framework of other or general intelligence activities. Orders, directives, policies or recommendations of the Executive Branch relating to the collection, production, security, handling, dissemination or utilisation of intelligence and/or classified material shall not be applicable to Communications Intelligence activities.”
Less than two decades after that directive was signed, the U.S. controlled the most formidable system of surveillance the world has ever seen: satellites and listening posts strung across the planet picked up everything from radio-telephone conversations from cars in Moscow to transatlantic telephone conversations and data on India's nuclear programme. Known as Echelon, the system provided the western powers with an unprecedented information edge over their adversaries.
From data obtained by WikiLeaks, working with an international consortium of media organisations, including The Hindu, and other partners, we have the first real public domain insights into how much more advanced — and how much more widely available — this surveillance system has become.
The South African firm Vastech, for example, offers systems that can capture data flowing across telecommunications and internet networks in multiples of ten gigabites, and scan it for pre-determined parameters — the voice of an individual; a particular language; a phone number; an e-mail address. The Indian companies, Shoghi and ClearTrail, The Hindu found, market systems that can capture giant volumes of traffic from mobile phone and satellite networks and subject it to similar analysis. France's Amesys is among several companies to have provided equipment like this to states like Libya — enabling their parent state access to the buyer's own communications, through electronic back-doors, but at the price of allowing them to spy on dissidents, with often horrific consequences.
In coming days, The Hindu will report on the consequences of the proliferation of surveillance technology — but it is important, first, to understand the state of the science of communications espionage.
Evolving technology
Interception technologies are as old as communications. Julius Caesar, the imperial historian Suetonius recorded, was concerned enough about the prospect of his military communications being intercepted — in general, by the simple expedient of corrupting or capturing his messengers — to use what cryptographers call a substitution cipher — replacing the letter A with D, B with E and so on. Had one of Caesar's military messages contained a reference to The Hindu, it would have read Wkh Klqgx. Elizabeth I's spymaster, Robert Walsingham, excelled in using spies to capture information on Spain's military ambitions, and plots against his queen.
Early ciphers were easy to crack with techniques like frequency analysis, leading intelligence services to design ever more complex codes. The eminent science journalist Simon Singh's Virtual Black Chamber — so named for the rooms espionage agencies used to crack enemy codes — has a fascinating historical account of the never-ending battle between cryptographers and cryptanalysts (as well as online tools for aspiring amateur code-makers and code-breakers).
The rise of wireless communication in the early decades of the twentieth century, though, made it possible for information to be passed instantly across great distances — and for states to begin intercepting it. From 1925, Germany began deploying a path-breaking mechanical encrypted-communication system code-named Enigma, which resisted the combined efforts of cryptanalysts — thus allowing the Nazi military machine an unprecedented degree of secrecy in its military communications, and facilitating its new strategy of high-speed mechanised war.
In 1939, the Polish mathematician, Marian Rejewski, led a team that made some breakthroughs against Enigma, based on studies of a machine stolen by the country's spies. Then, in 1943, a top-secret British team, made up of an eclectic collection of scholars, technicians, and scientists led by the mercurial Alan Turing, used electromechanical devices — the first computers — to finally crack the Enigma code. Even then, full penetration of Enigma's naval variant needed a daring raid that allowed code-books to be salvaged from the submarine U559, without allowing Germany to suspect the vital information had not gone to the sea-bed.
Experts have claimed that breaking Enigma hastened the end of the war by two years. Winston Churchill, the United Kingdom's wartime Prime Minister, described the work of the code-breakers as a “secret war, whose battles were lost or won unknown to the public, and only with difficulty comprehended, even now, by those outside the small, high scientific circles concerned.” “No such warfare had ever been waged by mortal men,” he said. The secret war involved hideous choices — for instance, allowing German air and naval attacks to kill allied soldiers when they could have been pre-empted, in order not to raise suspicions that Enigma had been compromised.
Big Brother Science
Learning from their experience, the allied powers invested heavily in communications intelligence after the end of World War II. In 1947, the four English-speaking powers — the United States, United Kingdom, Australia, and New Zealand — signed a treaty allowing for the sharing of intelligence. Listening stations run by the four countries across the world, supplemented from the 1970s by satellites, allowed a new software system — known as Echelon — to suck up virtually all electronic communication from around the planet. For example, part of the inter-city microwave signals carrying phone traffic went into space, because of the curvature of the earth. The NSA's satellites would pick up the data—and Echelon would mine it for useful data.
In the 1990s, a steady flow of information in Echelon came into the public domain, based on disclosures by the former Canadian spy Mike Frost, New Zealand's Nicky Hager, American James Bamford, and British journalist Duncan Campbell. India itself was using some Echelon-like signals intelligence technologies by this time. The United States had begun to supply the Research and Analysis Wing's Aviation Research Centre equipment to spy on China's nuclear programme and naval assets from 1962; acquisitions were also made from the Soviet Union.
Public disclosure of Echelon raised growing concerns that it might be misused for states to conduct espionage against their own citizens, as well as to further their commercial interests. In 2000 and 2001, the European Parliament released reports addressing these issues.
The furore forced former CIA director James Woolsey to admit, at a press conference held in 2000, that the United States did conduct espionage in Europe. Mr Woolsey said, however, that just 5 per cent of his country's economic intelligence was derived from stolen secrets — and used to target states or corporations that were either violating international sanctions or paying bribes to gain contracts. He said intelligence of this kind was not passed on to companies in the United States — adding that to harvest usable commercial information would mean resources were sucked away from the core national-security mandate of his organisation.
Fred Stock, a former Canadian intelligence officer, earlier gave testimony that suggested Mr. Woolsey's claims were, at best, a part of the truth. Mr. Stock said he had been expelled from his service in 1993 for criticising its targeting of economic and civilian targets — among them, information on negotiations of the North American Free Trade Agreement, Chinese grain purchases, and French weapons sales. He claimed Canada's spies also routinely monitored high-seas protests by the environmental organisation, Greenpeace.
Evidence also exists that the NSA spied on U.S. targets — though not on U.S. soil, thus bypassing national legislation. Margaret Newsham, who worked at Echelon's Menwith Hill facility from 1977 to 1981, testified that conversations involving the late Senator Strom Thurmond had been intercepted. The technology to target conversations involving particular people, she said, had existed from 1978. Ms Newsham's revelations seemed to buttress what many had long suspected — which is that the 1947 agreement allowed the U.S. and the U.K. to spy on their own citizens, by the simple expedient of subcontracting the task to their alliance partner.
Few people, however, remained willing to deal with these concerns after 9/11: increasingly, western governments allowed enhanced surveillance against their citizens, as part of the so-called war against terror. The data gathered by WikiLeaks and its partners graphically demonstrate that almost every aspect of our everyday lives — everything from the hubs of the fibre-optic cables which carry the world's e-mail and internet traffic to mobile and landline phone conversations — can, and are, scanned by intelligence services. The odds are that when you read this article, replete with words like “terrorism,” a computer somewhere is recording your activity, automatically recording your computer's precise geographical location, and matching all this against public records that contain your details.
In most democracies, there are stringent legislative safeguards against the abuse of these capabilities: the United States Senate maintains a relatively tight leash on the country's intelligence services; in Australia, a commissioner can even conduct raids at the offices of its spies without a warrant. India, however, has only a rudimentary legal infrastructure — and no worthwhile legislative oversight, raising concerns described in a story in The Hindu.
Few people, as Churchill pointed out so many decades ago, fully understand the consequences the capacities of states to monitor our wired world — but it is time citizens started marking the effort, for the alternative is to lose the rights these technologies were created to defend.
http://www.thehindu.com/opinio
Published: December 31, 2011 04:23 IST | Updated: December 31, 2011 04:23 IST
Security agencies plan complete tab on mobile, Internet communication
Sandeep Joshi
Rs.900-crore corpus proposed for setting up a centre
The next five years could change the way how security agencies keep a tab on your phone calls and flow of content on the Internet as the government has proposed a Rs.900-crore corpus for setting up a ‘Centre for Communication Security Research and Monitoring' to give law enforcement agencies a free hand to intercept calls and monitor the worldwide web.
While Rs.800 crore would be invested in setting up a “Centralised Monitoring System” for interception of all types of communications through phones as well as Internet, a ‘Telecom Testing and Security Certification Centre' worth Rs.100 crore would come up for testing of all kinds of equipment, says a Department of Telecommunications report. It has been prepared by the working group on the telecom sector for the 12 Five-Year Plan (2012-17).
“For the assistance of the law enforcement [agencies], in the 11th Five-Year Plan, a Centralised Monitoring System (CMS) was envisioned. A proposal for the setting up of a Centre for Communication Security Research and Monitoring has already been approved by the Cabinet Committee on Security with a government funding of Rs.450 crore…a good amount of research work on CMS has already been done and rollout has begun during 2011-12,” the report says.
Explaining how the system would be upgraded and strengthened in the next five years, the report points out that a facility for centralised monitoring will be created throughout the country across different telecom and broadband technologies and services at a cost of Rs.350 crore. The system would be further upscaled to take care of an expanded network by creating more facilities at an estimated cost of Rs.150 crore. A sum of Rs.300 crore would be kept aside for operation and maintenance of the mammoth infrastructure.
At present, the entire monitoring of phone calls and Internet content is done, after manually taking authorisation at multiple places on the premises of the telecom service providers (those giving phone and Internet services).
But this system is “time consuming and fraught with dangers of loss of secrecy” and “there is hardly any analytical capability in the system” to assist law enforcement agencies, says the report.
Anti-social activities
While building the case for the new monitoring paraphernalia, the report says: “Exponential growth and quick technological development in the telecom sector further compound the security challenges, because the expanding reach of the sophisticated telecom networks has also led to the communications systems being used by however a small number, individuals, clans and groups, from within the country and outside, for anti-social and criminal activities.”
http://www.thehindu.com/news/n
Published: February 22, 2012 23:52 IST | Updated: February 23, 2012 02:36 IST
Centre can directly access your phone chat soon
Sandeep Joshi
The Hindu
Secure tapping mechanism ready; sequel to Radia tape leak
Soon the Centre would have direct access to all your telephone conversations as the Department of Telecommunications (DoT) has developed capabilities to intercept phones without keeping your operator in the loop. Currently, trials are on in Delhi and Haryana through a main server established in the national capital. It would take another 12 months before the system is officially operational.
Alarmed by the leak in the corporate lobbyist Niira Radia phone-tapping case, the Centre at the highest level decided to set up a Central Monitoring System (CMS) to tap calls without the interference of telecom service providers. Subsequently, the DoT's Telecom Enforcement, Resource and Monitoring (TREM) Cell along with the Centre for Development of Telematics (C-DoT) was asked to develop the project for which Rs.170 crore was earmarked. After almost one year, the CMS is ready and being tested.
Exclusive facility
“This is the DoT's exclusive facility that would assist intelligence and security agencies, besides strategic government departments in phone-tapping,” a senior DoT official said. The DoT would be required to set up separate servers in each State, depending upon the requirements and the number of subscribers. While the facility in Delhi and adjoining States are likely to be ready by year-end, it might take at least another couple of years before servers are established across India.
Complex system
The present system of phone-tapping is a complex one as eight intelligence and investigating agencies wanting to snoop on anybody's phone are required to approach the Union Home Ministry for clearance with specific reasons. Armed with necessary clearances, the department officials would then approach the telecom operators for tapping phones. It is feared that the loopholes in the current process led to the leakage of the Radia tapes.
Total control
However, in the new mechanism, the DoT will have total control of a tapped line, giving telecom firms no access to the intercepted line. Another important aspect of the new centralised system is that irrespective of operators, lines would be tapped at one location, which will be manned round-the-clock by officials of the government agencies.
http://www.thehindu.com/news/n
Published: December 3, 2011 00:48 IST | Updated: February 28, 2012 09:39 IST
How technology helped build a dystopia
Praveen Swami
In this Oct. 6, 2009 photo, Libya’s intelligence chief Abdullah al-Senoussi, right, whispers to Muammar Qadhafi in Sabha, Libya. New insights have emerged into how Qadhafi's regime used state-of-the-art communications intelligence equipment to shore up the murderous dystopia he had built. Photo: APLibya used state-of-the-art communications intelligence equipment to prop up Colonel Qadhafi's regime: this disclosure raises complex ethical questions
Earlier this year, as Islamist-led Libyan insurgents swept into Tripoli, fascinating new insights emerged into how Muammar Qadhafi's regime had used state-of-the-art communications intelligence equipment to shore up the murderous dystopia he had built.
The French firm Amesys, documents first reported by The Wall Street Journal showed, had supplied the regime with capabilities to intercept electronic traffic involving Libyan dissidents half-way across the world. The documents — in essence, operator training manuals — contained a list of targets, which had been redacted. But Owni, a, a French media group that partnered with The Hindu in the WikiLeaks-Spy Files investigation, succeeded in using electronic means to recover the data.
Libya's intelligence services were targeting the e-mail and phone communications of several Libyan dissidents in the United Kingdom and the United States — as well as, in a bizarre twist, the respected lawyer Jeffrey Smele who represents, among others, a key Spy Files partner, the London-based Bureau of Investigative Journalism.
Indians have a special reason to pay attention to the Amesys story: there is reason to believe that its employees may have been used to manufacture equipment supplied to India — or, worse, to hostile states targeting the nation's communications infra structure. Hindi and Tamil are among the 38 languages which the brochure says the technology can automatically recognise in intercepted conversations, and turn from voices captured on hard disk into transcribed text.
Amesys has no office in India, though its Singapore operations, The Hindu has learnt, employs several Indian nationals. In just the last six months, internet searches show, three technology jobs with Amesys' Singapore office were advertised in the Indian media; e-mail addresses for two Indian-origin employees also surfaced.
But the story is important, mainly, for the insight it provides into just how far-reaching modern communi cations intelligence is — and raises disturbing ethical questions about its use.
From the Amesys documents obtained by a WikiLeaks-led international media consortium, which includes The Hindu, we have a good idea of just what the technology allowed Libya to do. Eagle, Amesys' core technology, consists of four elements: passive, undetectable probes which can be plugged in to capture internet and voice traffic; a data-system built around multi-core processors to analyse it;
A monitoring centre with an easy-to-use graphical user interface that allows operators to search through the data; and, finally, modules that allow for automatic identification of particular speakers, and even transcription or translation from multiple languages.
Eagle's portable version is designed for tactical use — for example, to target a particular neighbourhood or village, or search for individuals or groups of people. It can, the company says, handle up to 10 mbps of data traffic in real time. This is about five times that of a typical mid-size office.
The massive interception version, Amesys' corporate literature says candidly, “is designed to answer to the need of interception and surveillance on a scale of nation.” Its data centre can handle up to “tens of petabytes” aggregated from all sources of voice and data communication, and has the computing resources needed to “analyse nationwide data flow in real time.” “The central database,” it says, “is able to aggregate information coming from different type of sensors and also to be connected to external database to cross reference information.”
Amesys' electronic Panopticon has a large variety of plug-ins to cater to every need: information can be time-stamped and digitally signed, where it is intended for legal use; it can be subjected, automatically, to “semantic analysis, topic spotting [and the] geo-localisation” of intelligence targets.
Even though these technologies seem almost magical, it is important to remember that we encounter them all in our everyday lives: plain-vanilla Google, for example, has tools to translate and transcribe text. Airlines and banks routinely use voice-recognition software to deal with clients.
Amesys' brochure promotes the massive interception product, possibly because it is substantially more expensive: “completely and easily connectable to existing system, the massive products designed by Amesys are the best answers to your needs.”
In a statement issued earlier this year, after news of Amesys' involvement in Libya first broke, the company sought to play down claims that its equipment had allowed massive monitoring of internet traffic. “Amesys,” it said, “signed a contract with the Libyan authorities in 2007. The relevant hardware was delivered in 2008. The contract was related to the making available of analysis hardware concerning a small fraction of the internet lines installed at that time [a few thousand].”
The operator manuals revealed by Owni, though, are marked Eagle — which makes the claim that the surveillance technology sold to Libya was small-scale, irreconcilable with the Amesys brochure.
Leaving aside these details, though, there are two large questions: why did France sell the equipment to a dysfunctional dictatorship such as the one in Libya? And was it even minimally responsible in ethical terms, in doing so?
Hard questions
Libya's French-made Panopticon has been read, in the media and by privacy advocates, as a classic example of the perils of handing over technology to rogue Third World regimes: a trope much used in western human rights discourse. The argument has several variants — for example, that China (or Iran or Syria) ought be denied military high-technology because of the nature of its regime; that India's missile programme (or that of Pakistan or China) poses a regional threat; that Pakistan (or Iran, or India) cannot be trusted with nuclear weapons.
Noman Benotman was a target of Eagle surveillance in Libya. As a member of the respected think tank Quilliam, which focusses on fighting Islamism and promoting moderate threads of Islamic thought, he was once a member of a jihadist terror group. In one interview, Mr. Benotman said that he fought alongside Jalaluddin Haqqani —the Al-Qaeda-affiliated warlord now spearheading much of the terrorist violence in Afghanistan — from 1989. He said he had “been trained by Pakistani Special Forces, the CIA and the [British] SAS.”
Libya had good reason to be concerned about Mr. Benotman, even after he broke ranks with the Afghan jihadists. He had been a member of the Libyan Islamic Fighting Group (LIFG) — one of several Islamist terror organisations, the scholar and researcher Mark Curtis has shown in his book Secret Affairs: Britain's Collusion With Radical Islam — which was backed by western intelligence services before 9/11. Britain's Home Office later said the LIFG's aim had been to “overthrow the Qaddhafi regime and replace it with an Islamic state”; it did not mention that MI6, the country's external espionage agency, had supported that objective.
Based on testimony, among others, from the former MI6 officer David Shayler, Mr. Curtis uncovered evidence that Britain paid, among other things, for a terrorist attack in which six people were killed. This was a bombing in February 1996 in Colonel Qadhafi's home town of Sirte.
From late in the decade, the Libyan regime — which, it bears noting, was the first to seek Osama bin Laden's arrest through Interpol, back in 1998 — began seeking a rapprochement with the jihadists. Libyan exiles living in London, where they had been granted asylum by a state which had paid for their war, played a key role in the effort. That effort was spearheaded by Qadhafi's U.K.-educated son, Saif-al-Islam.
Mr. Benotman, and other Libyan dissidents with a jihadist background, clearly constituted a matter of legitimate concern to Qadhafi's intelligence services — as did the human rights lawyers and activists who supported them. So did Ashur Shamis, a dissident who ran a Libyan human rights group. Mahmud Nacua, another target in London, is the new Libyan government's Ambassador to the United Kingdom. He had often called for the overthrow of the Qadhafi regime.
France, it seems probable, made surveillance equipment available to Libya with full knowledge of what it would be used for: unlike the U.K., it had reason to fear the LIFG. In the wake of the Afghan jihad, LIFG cadre had fought in alliance with Algerian jihadists, who also targeted France. Paris had little patience with the U.K.'s opportunistic love affair with Islamism which, French intelligence used to say, had turned one of the world's great cities into a hub for religious extremists they called “Londonistan.”
More likely than not, France also benefited from Amesys' equipment — almost certainly using it to penetrate Libya's own communications, through electronic back-doors, and harvesting intelligence of commercial use. In this sense, Amesys was an agent of the French state intimately enmeshed with its geostrategic objectives, not a rogue actor callously peddling dangerous technology to all comers.
In recent weeks, respected newspapers like the Wall Street Journal and the Washington Post have criticised the U.S. for allowing its corporations to sell communications-intelligence technologies around the world. In reality, the U.S. encourages them, for wholly hard-headed reasons.
The Libyan state tortured and killed opponents — but for decades it was evident that every other nation-state of consequence has done exactly the same things where its strategic interests and security were imperilled. Like every other nation in the world, Libya understood that power and information were intimately enmeshed — perhaps more so in this digital age than ever before.
http://www.thehindu.com/news/h