AMPP front page - The Architecture of Modern Political Power
main chapter here

 

Erosion of Individual Privacy - Echelon Subchapter


Here is the European Parliament's final report on Echelon.

by Jason Vest, The Village Voice, August 11, 1998, http://www.villagevoice.com/ink/news/33vest.shtml

Listening In

The U.S.-led echelon spy network is eavesdropping on the whole world

Suppose, this past weekend, you sent an e-mail to a friend overseas. There's a reasonable possibility your communication was intercepted by a global surveillance system--especially if you happened to discuss last week's bombings in East Africa.

Or suppose you're stuck in traffic and in your road rage you whip out a cell phone and angrily call your congressman's office in Washington. There's a chance the government is listening in on that conversation, too (but only for the purposes of "training" new eavesdroppers).

Or suppose you're on a foreign trip--vacation, business, relief work--and you send off a fax to some folks that Washington doesn't view too keenly. Your message could be taken down and analyzed by the very same system.

That system is called ECHELON and it is controlled by the U.S. National Security Agency (NSA). In America, it is the Intelligence Network That Dare Not Be Acknowledged. Questions about it at Defense Department briefings are deftly deflected. Requests for information about it under the Freedom of Information Act linger in bureaucratic limbo. Researchers who mention possible uses of it in the presence of intelligence officials are castigated. Members of Congress--theoretically, the people's representatives who provide oversight of the intelligence community--betray no interest in helping anyone find out anything about it. Media outlets (save the award-winning but low-circulation Covert Action Quarterly) ignore it. In the official view of the U.S. Government, it doesn't exist.

But according to current and former intelligence officials, espionage scholars, Australian and British investigative reporters, and a dogged New Zealand researcher, it is all too real. Indeed, a soon-to-be finalized European Parliament report on ECHELON has created quite a stir on the other side of the Atlantic. The report's revelations are so serious that it strongly recommends an intensive investigation of NSA operations.

The facts drawn out by these sources reveal ECHELON as a powerful electronic net--a net that snags from the millions of phone, fax, and modem signals traversing the globe at any moment selected communications of interest to a five-nation intelligence alliance. Once intercepted (based on the use of key words in exchanges), those communiqués are sent in real time to a central computer system run by the NSA; round-the-clock shifts of American, British, Australian, Canadian, and New Zealand analysts pour over them in search of . . . what?

Originally a Cold War tool aimed at the Soviets, ECHELON has been redirected at civilian targetsworldwide. In fact, as the European Parliament report noted, political advocacy groups like Amnesty International and Greenpeace were amongst ECHELON's targets. The system's awesome potential (and potential for abuse) has spurred some traditional watchdogs to delve deep in search of its secrets, and even prompted some of its minders within the intelligence community to come forward. "In some ways," says Reg Whittaker, a professor and intelligence scholar at Canada's York University, "it's probably the most useful means of getting at the Cold War intelligence-sharing relationship that still continues."

While the Central Intelligence Agency--responsible for covert operations and human-gathered intelligence, or HUMINT--is the spy agency most people think of, the NSA is, in many respects, the more powerful and important of the U.S. intelligence organizations. Though its most egregious excesses of 20 years ago are believed to have been curbed, in addition to monitoring all foreign communications, it still has the legal authority to intercept any communication that begins or ends in the U.S., as well as use American citizens' private communications as fodder for trainee spies. Charged with the gathering of signals intelligence, or SIGINT--which encompasses all electronic communications transmissions--the NSA is larger, better funded, and infinitely more secretive than the CIA. Indeed, the key document that articulates its international role has never seen the light of day.

That document, known as the UKUSA Agreement, forged an alliance in 1948 among five countries--the U.S., Britain, Australia, Canada, and New Zealand--to geographically divvy up SIGINT-gathering responsibilities, with the U.S. as director and main underwriter. Like the NSA--hardly known until the Pike and Church congressional investigations of the '70s--the other four countries' SIGINT agencies remain largely unknown and practically free of public oversight. While other member nations conduct their own operations, there has "never been any misunderstanding that we're NSA subsidiaries," according to Mike Frost, an ex-officer in Canada's SIGINT service, the Communications Security Establishment (CSE). Moreover, all the signatory countries have NSA listening posts within their borders that operate with little or no input from the local agency.

Like nature, however, journalism abhors a vacuum, and the dearth of easily accessible data has inspired a cadre of researchers around the world to monitor the SIGINT community as zealously as possible. It is not, says David Banisar of the Electronic Privacy Information Center (EPIC), an easy task. Getting raw data is difficult enough. Figuring out what it means even more so, he says, thanks in part to the otherwise conservative NSA's very liberal use of code names--many of which regularly change--for everything from devices to operations. One that appears to have remained constant, however, is ECHELON.

In 1988, Margaret Newsham, a contract employee from Lockheed posted at Menwith Hill, the NSA's enormous listening post in Yorkshire, England, filed a whistleblower suit against Lockheed, charging the company with waste and mismanagement (the case is currently being appealed after an initial dismissal). At the same time, Newsham told Congressional investigators that she had knowledge of illegal eavesdropping on American citizens by NSA personnel. While a committee began investigating, it never released a report. Nonetheless, British investigative reporter Duncan Campbell managed to get hold of some of the committee's findings, including a slew of Menwith Hill operations. Among them was a project described as the latest installment of a system code named ECHELON that would enable the five SIGINT agencies "to monitor and analyze civilian communications into the 21st century."

To SIGINT watchers, the concept wasn't unfamiliar. In the early '80s, while working on his celebrated study of the NSA, The Puzzle Palace, James Bamford discovered that the agency was developing a system called PLATFORM, which would integrate at least 52 separate SIGINT agency computer systems into one central network run out of Fort Meade, Maryland. Then in 1991, an anonymous British SIGINT officer told the TV media about an ongoing operation that intercepted civilian telexes and ran them through computers loaded with a program called "the Dictionary"--a description that jibed with both Bamford and Campbell's gleanings.

In 1996, however, intelligence watchdogs and scholars got an avalanche of answers about ECHELON, upon the publication of Secret Power: New Zealand's Role in the International Spy Network,written by Nicky Hager. A New Zealand activist turned investigative author, Hager spent 12 years digging into the ties between his country's SIGINT agency, the Government Communications Security Bureau (GCSB), and the NSA. Utilizing leaked material and scores of interviews with GCSB officers, Hager not only presented a revealing look at the previously unknown machinations of the GCSB (even New Zealand's Prime Minister was kept in the dark about its full scope) but also produced a highly detailed description of ECHELON.

According to Hager's information--which leading SIGINT scholar and National Security Archive analyst Jeffrey Richelson calls "excellent"--ECHELON functions as a real-time intercept and processing operation geared toward civilian communications. Its first component targets international phone company telecommunications satellites (or Intelsats) from a series of five ground intercept stations located at Yakima, Washington; Sugar Grove, West Virginia; Morwenstow in Cornwall, England; Waihopai, New Zealand; and Geraldton, Australia.

The next component targets other civilian communications satellites, from a similar array of bases, while the final group of facilities intercept international communications as they're relayed from undersea cables to microwave transmitters. According to Hager's sources, each country devises categories of intercept interest. Then a list of key words or phrases (anything from personal, business, and organization names to e-mail addresses to phone and fax numbers) is devised for each category. The categories and keywords are entered by each country into its "Dictionary" computer, which, after recognizing keywords, intercepts full transmissions, and sends them to the terminals of analysts in each of the UKUSA countries.

To the layperson, ECHELON may sound like something out of the X-Files. But the National Security Archives's Richelson and others maintain that not only is this not the stuff of science fiction, but is, in some respects, old hat. More than 20 years ago, then CIA director William Colby matter-of-factly told congressional investigators that the NSA monitored every overseas call made from the United States. Two years ago, British Telecom accidentally disclosed in a court case that it had provided the Menwith Hill station with equipment potentially allowing it access to hundreds of thousands of European calls a day. "Let me put it this way," says a former NSA officer. "Consider that anyone can type a keyword into a Net search engine and get back tens of thousands of hits in a few seconds." A pause. "Assume that people working on the outer edges have capabilities far in excess of what you do."

Since earlier this year, ECHELON has caused something of a panic in Europe, following the disclosure of an official European Parliament report entitled "In Appraisal of Technologies of Political Control." While the report did draw needed attention to ECHELON, it--and subsequent European press coverage--says Richelson, "built ECHELON up into some super-elaborate system that can listen in on everyone at any time, which goes beyond what Nicky Hager wrote." Richelson, along with other SIGINT experts, emphasizes that, despite ECHELON's apparent considerable capabilities, it isn't omniscient.

EPIC's David Banisar points out that despite the high volume of communications signals relayed by satellite and microwave, a great many fiber-optic communications--both local and domestic long distance--can't be intercepted without a direct wiretap. And, adds Canadian ex-spook Mike Frost, there's a real problem sorting and reading all the data; while ECHELON can potentially intercept millions of communications, there simply aren't enough analysts to sort through everything. "Personally, I'm not losing any sleep over this," says Richelson, "because most of the stuff probably sits stored and unused at [NSA headquarters in] Fort Meade."

Richelson's position is echoed by some in the intelligence business ("Sure, there's potential for abuse," says one insider, "but who would you rather have this--us or Saddam Hussein?"). But others don't take such a benign view. "ECHELON has a huge potential for violating privacy and for abuses of democracy," says Hager. "Because it's so powerful and its operations are so secret that there are no real constraints on agencies using it against any target the government chooses. The excessive secrecy built up in the Cold War removes any threat of accountability."

The only time the public gets anything resembling oversight, Hager contends, is when intelligence officials have a crisis of conscience, as several British spooks did in 1992. In a statement to the London Observer, the spies said they felt they could "no longer remain silent regarding that which we regard to be gross malpractice and negligence within the establishment we operate"--the establishment in question being the Government Communications Headquarters (GCHQ), Britain's version of the NSA. The operatives said that an intercept system based on keyword recognition (sound familiar?) was routinely targeting the communications of Amnesty International and Christian Aid.

Adds Hager, "The use of intelligence services in these cases had nothing to do with national security, but everything to do with keeping tabs on critics. The British government frequently finds itself in political conflict with Amnesty over countries it is supplying arms to or governments with bad human rights records. ECHELON provides the government with a way to gain advantage over Amnesty by eavesdropping on their operations."

Hager and others also argue that potential for abuse lies in the hierarchical and reciprocal nature of the UKUSA alliance. According to data gathered by congressional committees in the '70s, and accounts of former SIGINT officers like Frost, UKUSA partners have, from time to time, used each other to circumvent prohibitions on spying on their own citizens. Frost, for example, directed Canadian eavesdropping operations against both Americans and Britons--at the request of both countries' intelligence services, to whom the surveillance data was subsequently passed.

And British Members of Parliament have raised concerns for years about the lack of oversight at the NSA's Menwith Hill facility--a base on British soil with access to British communications yet run by the NSA, which works closely with the GCHQ. "Given that both the U.S. and Britain turn their electronic spying systems against many other friendly and allied nations," says Hager, "the British would be naive not to assume it is happening to them."

David Banisar, the electronic privacy advocate, says that apparently just asking about ECHELON, or mentioning anything like it, is considered unreasonable. Since earlier this year, Banisar has been trying to get information on ECHELON from the NSA under the Freedom of Information Act. "They're not exactly forthcoming," he says, explaining that he only recently got a response in which he was in effect told the European Parliament report "didn't provide enough information" for the NSA to locate the requested information. However, Wayne Madsen, co-author with Bamford of the most recent edition of The Puzzle Palace, was more directly discouraged from investigating ECHELON's possibly dubious applications, as the following story makes clear.

On April 21, 1996, Chechnyen rebel leader Dzokhar Dudayev was killed when a Russian fighter fired two missiles into his headquarters. At the time of the attack, Dudayev had been talking on his cellular phone to Russian officials in Moscow about possible peace negotiations. According to electronics experts, getting a lock on Dudayev's cell phone signal would not have been difficult, but as Martin Streetly, editor of Jane's Radar and Electronic Warfare Systems, noted at the time, the Russian military was so under-equipped and poorly maintained, it was doubtful a radar intercept plane could have honed in on the signal without help.

Speaking at a conference on Information Warfare a month later, Madsen, one of the world's leading SIGINT and computer security experts, explained that it was both politically and technically possible that the NSA helped the Russians kill Dudayev. Noting the West's interest in preserving the Yeltsin presidency and in ensuring the safety of an oil consortium's pipeline running through Chechnya, Madsen explained which NSA satellites could have been used to intercept Dudayev's call and directionally locate its signal.

This wasn't exactly a stunning revelation: Not only had reports recently been released in Australia and Switzerland about police tracking suspects by their cell phone signatures, but Reuters and Agence France-Press had written about the Dudayev scenario as technically plausible. Still, after his talk, Madsen was approached by an Air Force officer assigned to the NSA, who tore into him. "Don't you realize that we have people on the ground over there?" Madsen recalled the officer seething. "You're talking about things that could put them in harm's way." Asks Madsen, "If this was how Dudayev died, do you think it's unreasonable the American people know about the technical aspects behind this kind of diplomacy?"

Nicky Hager says that the New Zealand intelligence officers who talked to him did so out of a growing disillusionment with the importance to New Zealand of access to ECHELON information. In some cases, they said, they had been so busy listening in on targets of interest to other countries, they altogether missed opportunities to gather intelligence in New Zealand's national interest. Ross Coulthart, an investigative reporter with Australia's Nine Network, says intelligence sources of his have reported similar feelings. "In the UKUSA intelligence community, there appear, roughly, to be two camps: those who believe that it's best to fall in line behind the U.S., because the U.S. has acted as protector and funder and gives us resources and limited participation in a system we couldn't support ourselves, and those who think the whole thing is somewhat overrated and sometimes contrary to national interests."

In 1995, for example, Australian intelligence officials leaked a story to the Australian Broadcasting Company that was, at first blush, damaging to themselves: Australian intelligence had bugged the Chinese Embassy in Canberra. However, the Australians had no access to the actual transmissions; they had merely planted the bugs at the behest of the NSA, which was getting the raw feed. "Given that both Australian and American companies were bidding for Chinese wheat contracts at the time," says Coulthart, "it didn't seem like Australia was getting anything out of this arrangement, so they put the story out there."

Indeed, says York University's Whittaker, "there's a really important degree of [economic] tension that wasn't there during the Cold War. On the other hand, most of the threats perceived as common and borderless--terrorism, nuclear proliferation, weapons of mass destruction, and global crime--inspire more cooperation between the UKUSA partners." Hager thinks such cooperation is certainly merited, but what ECHELON to some extent reflects, he believes, is the continued erosion of civil liberties and the notion of sovereignty in the name of security. "Some people I interviewed told me repeatedly, 'It's a good thing for us to be part of this strong alliance,' " he says. "What it amounts to, in the end, is an argument for being a cog in a big intelligence machine."


The Community Open Source Program

Robert David Steele, the leading proponent of the open source intelligence paradigm and founder of Open Source Solutions, represents the extreme anti-privacy stance when he asks, rhetorically, "Would corporations and individuals cheat on their taxes if they were certain they would be caught?" (in his 1993 presentation, God, Man, & INFORMATION: Comments to INTERVAL In-House)

Sidebar from NameBase NewsLine, No. 6, July-September 1994, by Daniel Brandt:

Cyberspace Cowboy with CIA Credentials:
Robert Steele and his Open Source Solutions, Inc.

      Whenever history is stranded between two epochs, those few who recognize the shifting paradigms are usually voices in the wilderness. Robert David Steele spent the 80s fighting the Cold War for the CIA in Latin America, but now he writes for Whole Earth Review, invites Mitch Kapor and John Barlow to speak at the symposiums he organizes, and jets around the globe to swap impressions with unkempt hackers. Back at the ranch, he keeps up a steady diet of schmoozing with Washington intelligence professionals, testifying for Congressional committees, and consulting with corporate information experts. He's a man on a mission.

      Steele believes that U.S. intelligence, with its cumbersome classification system, is like a dinosaur in a tar pit. He likes to tell the story of his "$10 million mistake." In 1988 Steele was responsible for spending this amount to help the Marine Corps set up a new intelligence facility. He acquired a system of workstations to handle Top Secret information, which also meant that they could not be connected to any unclassified systems. Meanwhile, a little personal computer in the next room was the only station with external unclassified access. After the system was built, they discovered that virtually everything the Marine Corps needed -- from bridge loading capabilities to the depth of water in ports around the world -- was available on the little PC through the Internet. But none of it was found on the classified systems, which tended to be filled with data on Soviet strategic capabilities.

      U.S. intelligence was destined for major budget cuts and restructuring, even before the latest embarrassment of the Aldrich Ames case. The CIA's mole problems are merely the last nails in the coffin, and lead to cover stories such as the "U.S. News & World Report" of July 4, 1994, which declares that the CIA is "plagued by incompetence and fraud." But Robert Steele has a fix. All that's required is for U.S. intelligence to abandon its obsession with secrecy and find the nearest on-ramp to the information superhighway. He and his Open Source Solutions, Inc. will be happy to give directions (11005 Langton Arms Court, Oakton VA 22124-1807, Tel: 703-242-1700, Fax: 703-242-1711, Internet: pres@oss.net). Yes, they even have their own Internet node.

      Steele's articulation of the shortcomings of U.S. intelligence, along with other expert sources such as former Senate intelligence committee staffer Angelo Codevilla's "Informing Statecraft" (1992), make a powerful case that something has to change. The total intelligence budget is just over $37 billion, with the major portion going for technical collection -- mostly satellites and related processing systems. But these systems are narrowly focused, and encourage narrow policies designed to justify the expense. The CIA's portion of this budget is about $3.5 billion, and the NSA's is roughly $4 billion.

      Steele points out that the cost-benefit ratio of open source intelligence (OSCINT) is so productive that nothing else even comes close. But U.S. intelligence is steeped in its old ways. He hears stories of agencies that refuse to cite information in their reports unless it comes from classified sources, or of CIA analysts who wanted to travel to Moscow to take advantage of newly-opened resources but were threatened with loss of their clearances if they made the trip. In other words, U.S. intelligence is doing everything backwards. No one disputes the fact that 80 percent of all the information worth analyzing is publicly available, and of the remaining 20 percent, much of it is made useless by a classification system that delays delivery and frequently restricts access to those who are not inclined to use it. In a rational world, OSCINT would be the "source of first resort."

      Open Source Solutions, Inc., of which Steele is president, sponsors annual symposiums that draw a range of professionals: government intelligence analysts, corporate competitor intelligence departments, Beltway-Bandit think tanks that churn out classified studies for government clients, and various on-line ferrets, hackers, and futurists from around the world. They expected 200 for their 1992 symposium and got over 600. In 1993 they had over 800 from 32 countries, including some retired KGB colonels that made a few officials at CIA headquarters extremely nervous. The next symposium, scheduled for November 8-10 in Washington, will focus less on the U.S. intelligence community itself and more on the intelligence consumer in the global private and public sectors. These symposiums are financed by fees from those who attend ($500 unless you get an academic rate or "hacker scholarship"), and also from corporations and organizations that pay for exhibit space. OSS is nonprofit, but Steele also spun off a for-profit corporation that offers consulting services and "best of class" referrals for $750 a day or $200 an hour.

      Steele's voice is one that needs to be heard in Washington. He's strongest when he criticizes U.S. intelligence, and he's excellent for those who are trying to keep up with cyberspace trends and information resources. But when he presents open source intelligence as an elixir for America's problems, from intelligence to competitiveness to ecology, his reach exceeds his grasp. For example, Steele's assurances that competitiveness and OSCINT are mutually compatible are unconvincing: it seems reasonable that at some point, what I know becomes more valuable to me by virtue of the fact that you DON'T have the same information. Human nature being what it is, secrecy is not something that can be restricted only to executive action and diplomacy, as Steele maintains. It is here to stay, on every level of society. Steele's unreal optimism is a religious conviction that's not uncommon among cyberspace cadets.

      Ironically, the same technology that efficiently delivers Steel's open source intelligence has also given us the ability to keep digital data very secret. There is no guarantee that the mountains of public data won't someday become a Tower of Encrypted Babel. Steele's most glaring omission is his lack of comment on public encryption technology and the Clipper Chip -- the issue that has caused cypherpunks and some corporations to declare war on the U.S. intelligence community. It seems that if Steele took a strong position on this issue, he might lose half of his support in a cyberspace nanosecond.

Leaf through Open Source Solutions' web site at www.oss.net.

The Intelligence Community consists formally of (from the CIA's directory):

Director of Central Intelligence
Central Intelligence Agency
Community Management Staff
National Intelligence Council

Department of Defense
Defense Intelligence Agency
National Security Agency
National Imagery & Mapping Agency
National Reconnaissance Office
Air Force Intelligence
Army Intelligence
Marine Corps Intelligence
Navy Intelligence

Departmental Intelligence
Elements (non-DoD)
Department of State
Department of Energy
Department of the Treasury
Federal Bureau of Investigation

The actual Intelligence Community organization of the open source effort is collected under COSPO and the osis.gov domain.

-* whois -h whois.nic.gov osis.gov Community Open Source Program Office (OSIS-DOM) Community Management Staff Washington, DC 20505

"The Community Open Source Program Office (COSPO) and the Community Management Staff (CMS) have joined in developing a World Basic Information Library which will ultimately contain the basic open source information the IC needs to know about any country in the world - before it becomes a crisis area."

Domains within osis.gov (participants in the Open Source Program):

Closely related to OSIS activities is the CIA National Resources Division, covered in the following article.

from TPDL 1999-Apr-19, from the Washington Post, by the CIA and Vernon Loeb:

Gathering Intelligence Nuggets One by One

As they fathom the depths of Chinese nuclear weapons design, trying to figure out whether stolen U.S. secrets helped China test a miniaturized warhead, CIA analysts are finding espionage Beijing- style to be maddeningly diffuse--but not altogether foreign.

Beijing's spy masters are said to gather secrets brought home by thousands of traveling government officials, students and businessmen. Well, the Central Intelligence Agency has its own operation, the National Resources Division, for collecting nuggets of information and bits of insight from American tourists, scholars and executives returning from overseas.

"Even during the Cold War, by far the most useful source of information about the details of matters in the U.S.S.R. was the interagency emigre exploitation program coordinated by the CIA's Domestic Collection division, later called the National Resources Division," according to Allen Thomson, a retired CIA scientist. "Overhead photography was wonderful for some things, but there's a limit to what you can tell by looking down from several hundred miles up. . . . And classical espionage, despite its theoretical promise, came in a dead and distant last in terms of actual performance."

One irony, as a House select committee headed by Rep. Christopher Cox (R-Calif.) prepares to release an unclassified version of its report on technology transfers to China and Chinese espionage, is that the NRD has been busy debriefing executives from U.S. satellite companies as they return from China about Beijing's missile capabilities and satellite needs.

During the Cold War, Thomson recalled, Soviet emigres rarely provided intelligence blockbusters. "But the little bits and pieces, patiently collected and collated," Thomson said, "were of enormous value in understanding the Soviet Union."

A New Wizard at Langley

Gary L. Smith, director of the Applied Physics Laboratory at Johns Hopkins University, is the newest "wizard" of Langley, set to take over the CIA's Directorate of Science and Technology this month. The DS&T is the agency's "Q branch," the place that dreams up, disguises and invents gadgets for far-flung spies. But it's hardly the empire it once was in the 1960s and early 1970s, when CIA scientists designed the agency's own spy satellites and CIA pilots flew U-2 reconnaissance missions.

"For a very significant period of time during the Cold War, it was really the most significant component of the intelligence community," said Jeffrey T. Richelson, an intelligence expert and author now hard at work on "The Wizards of Langley," a book about the DS&T.

But the directorate's mission has dwindled as other parts of the intelligence community more closely controlled by the Pentagon have grabbed pieces of the DS&T empire.

The U-2 program went to the Air Force in 1974 and the National Reconnaissance Office (NRO) got rid of "Program B," a CIA management component, in 1992. Four years later, the Pentagon created the National Imagery and Mapping Agency (NIMA), taking control of the CIA's National Photographic Interpretation Center, the agency responsible for analyzing aerial imagery.

Richelson called the CIA's removal from imagery analysis "a very unfortunate move--the whole intelligence community, and country, is worse off because of that."

Keeping Budget Secrets Too

Director of Central Intelligence George J. Tenet, continuing to fight further disclosure of CIA budget information, asked a federal judge last week to dismiss a lawsuit filed by the Federation of American Scientists seeking the fiscal 1999 budget request and Congress's appropriation for intelligence.

Having previously disclosed overall intelligence spending of $26.6 billion in fiscal 1997 and $26.7 billion in fiscal 1998, Tenet has refused further disclosure for the past year and now argues that releasing the 1999 total would damage national security by revealing spending trends of interest to foreign spies.

"Now is an especially critical and turbulent period for the intelligence budget," Tenet said, "and the continued secrecy of the fiscal year 1999 budget request and total appropriation is necessary for the protection of vulnerable intelligence capabilities."

Steven Aftergood, director of the federation's project on government secrecy, called Tenet's argument "silly and infuriating." He has also filed a Freedom of Information Act request for the fiscal 2000 budget request and, if denied, promises to make that part of the lawsuit.

Vernon Loeb's e-mail address is loebv@washpost.com

It appears that OSIS/CIA has been here. Judge for yourself. Researching the IP address of the query, I discovered a wide array of very creepy companies sharing a Reston facility, and some companies that though innocuous on their face are quite possibly in fact CIA operations.

Here's the basic research: the initiating query (a google search for osis.gov, and the DNS and whois database info for the querying IP address.

207.27.2.170 - - [21/Mar/2000:16:43:09 -0500] "GET /ampp/privacy.html HTTP/1.0" 200 220408 "http://www.google.com/search?q=osis.gov&start=10&sa=N" "Mozilla/4.7 [en] (WinNT; U)"
207.27.2.170 - - [21/Mar/2000:16:46:27 -0500] "GET /ampp/echelon.html HTTP/1.0" 200 188280 "http://www.mega.nu:8080/ampp/privacy.html" "Mozilla/4.7 [en] (WinNT; U)"

-* host 207.27.2.170
Host not found.
-* dnsquery 2.27.207.in-addr.arpa.
Query failed (h_errno = 4) : No address associated with name
-* dnsquery 27.207.in-addr.arpa.
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54960
;; flags: qr rd ra; Ques: 1, Ans: 3, Auth: 2, Addit: 2
;; QUESTIONS:
;;      27.207.in-addr.arpa, type = ANY, class = IN

;; ANSWERS:
27.207.in-addr.arpa.    492309  IN      NS      NS.ANS.NET.
27.207.in-addr.arpa.    492309  IN      NS      NIS.ANS.NET.
27.207.in-addr.arpa.    41036   IN      SOA     NIS.ANS.NET. hostmaster.ANS.NET. (
                        199912488       ; serial
                        3600    ; refresh (1 hour)
                        300     ; retry (5 mins)
                        172800  ; expire (2 days)
                        43200 ) ; minimum (12 hours)

-* whois -h whois.arin.net. 207.27.2.170
ANS CO+RE Systems, Inc. (NETBLK-ANS-C-BLOCK4) ANS-C-BLOCK4
                                                   207.24.0.0 - 207.27.255.255
Dulles Communications Services (NETBLK-ANS-207-27-2-144) ANS-207-27-2-144
                                                   207.27.2.144 - 207.27.2.191

-* whois -h whois.arin.net. NETBLK-ANS-207-27-2-144
Dulles Communications Services (NETBLK-ANS-207-27-2-144)
   11654 Plaza America Drive #323
   Reston, VA 20190-4700
   US

   Netname: ANS-207-27-2-144
   Netblock: 207.27.2.144 - 207.27.2.191

   Coordinator:
      ANS Network Operations Center  (ANS-NOC-ARIN)  noc@ANS.NET
      1-800-456-6300

   Record last updated on 04-Sep-1998.
   Database last updated on 21-Mar-2000 05:48:56 EDT.

Here's a catalogue of companies at this facility:

http://www.tempest-inc.com/ "Publications Dept. TEMPEST INC."
(also a representative of Westbay Technology Limited, http://www.westbay.ndirect.co.uk/)
http://www.adonix-inc.com/
"Transforming business data into business intelligence"
"Adonix is a leading provider of middle-market accounting systems and business intelligence systems solutions. We deliver innovative departmental and enterprise-wide solutions to commercial businesses, non-profit organizations and Federal Government Agencies. "
"We are pleased to have provided successful technology solutions that have helped clients including Geico Insurance, Network Solutions, Storage USA, Medimmune, the US Senate, the US Central Intelligence Agency, and many others to "transform business data into business intelligence." "
http://www.global-reports.com/
"An International Financial Information Firm providing the global business world with U.S. and international annual reports, interim/quarterly reports, 10-Ks, IPOs, Eurobond prospectuses, and other financial research materials."
http://hometown.aol.com/cfinews/index.htm
"Cruelty-Free Investment News is published by Business Analysis Group, Inc., P.O. Box 3534, Reston, Virginia, 20190-1534 USA"
http://www.turtletrader.com/
"TurtleTrader's trading instruction teaches you to participate in unforeseen major trends in either rising or declining markets, to maximize profits to their fullest. We supply the Turtle techniques, a precise strategy used by some of today's largest and most successful hedge funds."
How Much Money Do Turtles Make?
    Today, sound methodologies along with a little legend have enabled Turtles to collectively manage US$2 billion+ for customers. Annual returns over 50% and even over 100% have resulted from the use of Turtle techniques. Some Turtles have had returns exceed 100% in a single month.
The Turtle Techniques
    The Turtle trading approach is set forward in an algorithmic or mechanical manner. The techniques are not based on the analysis of fundamental supply or demand factors. Price and time are pivotal at all times. The Turtle techniques are nearly 100% systematic. Some advocate the use of over 60% discretion in trading. That type of trading is not long term and is not systematic Turtle trading. Turtle trading does not involve seasonals, Market Profile, triangles or day trading.
    Turtle trading is rooted in a system of risk control and money management. All math involved is straight-forward easily-learned. In times of higher market volatility, trading size is reduced. In losing periods, positions are reduced and trade size is cut back. The central objective is always to preserve capital until more favorable price trends reappear."
http://www.ctp-inc.com/
"Commonwealth Trading Partners, Inc. (CTP) is a consulting firm that works primarily in the areas of international trade and international project development. CTP provides expert assistance to the U.S. Government as well as U.S. exporters in the areas of export licensing, commodity classification, export control training. and export management systems. CTP also matches foreign entities with U.S. technical partners and provides management and financial support to a number of international development projects. "
"Northern Virginia Fortune Seekers" fortuneseekers@pobox.com
http://www.luminant.com/
"Luminant Worldwide Corporation is a leading provider of Internet and electronic commerce professional services to Fortune 1000 companies, Internet-based companies and other organizations. We focus on enabling businesses to develop and expand Internet and electronic commerce business models"
http://www.optimum.org/
"Optimum Solutions, Inc. has been providing consulting and contracting services in distributed systems, client/server systems, and distributed objects since 1990. We provide application development services in Java, Corba, and Forte. We have teams of Java Certified Developers and Senior Object Architects. "
(domain name registered through upstart alabanza.com with anonymized contact info through noname.com)
http://freeback.com/
"FreeBack is a powerful, easy to use and FREE web-based backup service that allows you to save and restore your important data files (documents) without requiring any special backup devices such as a tape or Zip drive because your files are stored securely on our server, in your private folders. Since the FreeBack software is a 100% Pure Java(tm) applet, it can run in web browsers such as Microsoft Internet Explorer 4.0x or Netscape Navigator 4.0x. Additionally, it runs on many platforms such as Microsoft Windows, Unix, IBM OS/2, and more."
Freeback is an initiative of of divya.com: "Divya Incorporated provides Professional Services to Fortune 1000 and leading companies for cutting edge, standards based, technologies. Since our inception in 1996, we have focused entirely on standards based Java and Internet technologies."
http://www.intraware.com/
"Intraware, Inc. is committed to being "The Resource" for corporate customers in search of enterprise-wide intranet software solutions. As specialists in intranet technology, Intraware enables IT and supply managers to quickly and cost-effectively evaluate, procure, electronically deploy, install and manage "best of breed" intranet software and upgrades on-line. Additionally, Intraware performs comprehensive analysis, evaluation and testing of intranet software prior to making recommendations to customers. The company also delivers software maintenance and product information to customers electronically. "
http://www.medicinebox.com/
"MedicineBox.com is for you, the patient, or the friend or family of the patient to learn more about particular diseases and available treatment options. MedicineBox.com will be expanding to offer more information to help you understand more about keeping healthy."
http://www.diversitytg.com/
"Diversity Training Group" (previous or no longer advertised physical address)
http://www.tlc-nv.com/
"The Learning Community of Virginia is a small tutoring firm that specializes in alternative education for the gifted wanting to complete high school early or to do this while doing college courses, the learning disabled needing to learn on the computer, the ill or homebound students requiring specialized instruction, and for all others (i.e., athletes, musicians, artists, and computer prodigies) still in high school wanting to spend focused time developing their abilities (and resumes) without having to attend structured high school. Because we are a tutoring firm and not a school, we help all students achieve the highest grades they are capable of, according to ability, not according to arbitrary grade requirements of public and private schools."
http://www.tenerus.com/
"Located in Northern Virginia's High-Tech Corridor, Tenerus Corporation provides software and services to organizations that design, develop, and test, data-driven software. " "Loading your database with useful test data can be a difficult and time-consuming task. TestBase makes it easy. With just a few clicks of the mouse, TestBase can generate millions of rows of meaningful, syntactically correct test data. "
There is also a Mailboxes Etc. retail storefront in the complex.

Read here the Employee's Handbook (O) for the US National Security Agency/Central Security Service.

from the San Francisco Examiner, ca. 1994-Apr-15, by Keay Davidson, Examiner science writer:

NSA form A-1 Semiconfidential rules circulate

      It arrived mysteriously at an Austin, Texas, post office box by ``snail mail'' - computerese for the Postal Service.

      But once the National Security Agency's employee handbook was translated into bits and bytes, it took only minutes to circulate across the country.

      Thus did a computer hacker in Texas display his disdain for government secrecy last week - by feeding into public computer networks the semiconfidential document, which describes an agency that, during the darkest days of the Cold War, didn't officially ``exist.''

      Now, anyone with a computer, telephone, modem and basic computer skills can read the 36-page manual, which is stamped ``FOR OFFICIAL USE ONLY'' and offers a glimpse of the shadowy world of U.S. intelligence - and the personal price its inhabitants pay.

      New NSA employees are warned:

      ``Your home, car pool, and public places are not authorized areas to conduct classified discussions - even if everyone involved in the discussion possesses a proper clearance and "need-to-know.' The possibility that a conversation could be overheard by unauthorized persons dictates the need to guard against classified discussions in non-secure areas.''

      The manual includes a list of telephone numbers for NSA offices including the cryptically named ``Agency Anonymity'' and ``Cipher Lock Repair,'' and the not-so-cryptic ``Alcohol Rehabilitation Program'' and ``Disposal of Classified Waste.'' "Anal retentive and paranoid'

       The manual is ``so anal retentive and paranoid. This gives you some insight into how they think,'' said Chris Goggans, the Austin hacker who unleashed it on the computer world. His on-line nom de plume is ``Erik Bloodaxe'' because ``when I was about 11, I read a book on Vikings, and that name really struck me.''

      NSA spokeswoman Judi Emmel said Tuesday that ``apparently this document is an (NSA) employee handbook, and it is not classified.'' Rather, it is an official NSA employee manual and falls into a twilight zone of secrecy. On one hand, it's ``unclassified.'' On the other hand, it's ``FOR OFFICIAL USE ONLY'' and can be obtained only by filing a formal request under the U.S. Freedom of Information Act, Emmel said.

      ``While you may take this handbook home for further study, remember that it does contain "FOR OFFICIAL USE ONLY' information which should be protected,'' the manual warns. Unauthorized release of such information could result in ``appropriate administrative action ... (and) corrective and/or disciplinary measures.''

      Goggans, 25, runs an on-line electronic ``magazine'' for computer hackers called Phrack, which caters to what he calls the ``computer underground.'' He is also a computer engineer at an Austin firm, which he refuses to name.

      The manual recently arrived at Goggans' post office box in a white envelope with no return address, save a postmark from a Silicon Valley location, he says. Convinced it was authentic, he typed it into his computer, then copied it into the latest issue of Phrack. Private life not private

       Other hackers, like Grady Ward of Arcata, Humboldt County, and Jeff Leroy Davis of Laramie, Wyo., redistributed the electronic files to computer users' groups. These included one run by the Cambridge, Mass.-based Electronic Frontier Foundation, which fights to protect free speech on computer networks.

       Ward said he helped redistribute the NSA manual ``to embarrass the NSA'' and prove that even the U.S. government's most covert agency can't keep documents secret.

      The action also was aimed at undermining a federal push for data-encryption regulations that would let the government tap into computer networks, Ward said.

       In the NSA, one's private life ceases to be private: A ``waiver must be granted in advance of a marriage to or cohabitation with a foreign national in order to retain one's access to NSA information ...'' the manual says. ``The marriage or intended marriage of an immediate family member (parents, siblings, children) to a foreign national must also be reported. ... All personnel, either employed by or assigned to NSA, must advise the Office of Security of any changes in their marital status (either marriage or divorce), cohabitation arrangements, or legal name changes.''

      There's nothing wrong with ``casual social associations with foreign nationals,'' but during such associations ``you are encouraged to extend the usual social amenities. Do not act mysteriously or draw attention to yourself (and possibly to NSA) by displaying an unusually wary attitude.''

      None of the hackers thought he or she had done anything unpatriotic.

      ``The cloak of secrecy that the intelligence communities operate behind is an archaic paradigm of global warfare,'' said Davis, whose business card identifies him as an ``Outlaw Transcendentalist.''

      ``The Cold War's over ...'' Davis said. ``What, is a terrorist group going to call the National Security Agency alcoholism hot line and say, "Hey, I have a drinking problem, can I come in?'''

from The Times of India, 2000-Feb-15, by PTI:

US-led spy web used to swing business deals

WASHINGTON: In what may turn out to be the biggest spy scandal since World War II, the Pentagon has admitted the existence of a spy network, jointly operated by the US, the UK, Canada, Australia and New Zealand, capable of tapping every telephone, fax and e-mail communication in the world.

Britain's Sunday Telegraph reported that the communication was passed on to US firms to secure contracts against competition from French, Japanese and other firms of the non-English speaking world. The information was allegedly used even against Airbus to favour Boeing though the UK has a share in Airbus.

The project, called ``Echelon'', has been in operation since 1947 and operates from the highly secretive US National Security Agency's (NSA) Meredith Hill [correction, Menwith Hill -compilation editor] listening station in north Yorkshire. The US and the UK were the only two original members of the group which was later expanded.

The UK's role has come under fire, said the paper whose despatch has made the front page of the Washington Times, as it is the only European participant in the US-led global electronic espionage. European countries say that US espionage chiefs abuse `Echelon' to spy on individuals and pass on commercial secrets to US businesses, the Washington Times said.

The paper said Thomson CSF of France is among the other reported losers as a result of exploitation of the information for commercial purposes.

The US admitted the existence of NSA only recently. Congress votes billions of dollars for it every year but the amounts are hidden under different heads.

In Asia, it said, the US used information gathered from its bases in Australia to win a half of Indonesia's trade contracts for AT&T that intercepts showed were initially going to NRC of Japan, Wayne Madsen, a former NSA agent, told Australian TV.

NSA's activities are one reason why delegations from developing countries are at a disadvantage at international conferences, observers here said. Even before they open their mouths, the Americans will have intercepted their instructions so that they know in advance how far they can push them.

from TPDL 2000-Mar-17, from the Wall Street Journal, by R. James Woolsey (former Director of Central Intelligence):

Why We Spy on Our Allies

What is the recent flap regarding Echelon and U.S. spying on European industries all about? We'll begin with some candor from the American side. Yes, my continental European friends, we have spied on you. And it's true that we use computers to sort through data by using keywords. Have you stopped to ask yourselves what we're looking for?

The European Parliament's recent report on Echelon, written by British journalist Duncan Campbell, has sparked angry accusations from continental Europe that U.S. intelligence is stealing advanced technology from European companies so that we can -- get this -- give it to American companies and help them compete. My European friends, get real. True, in a handful of areas European technology surpasses American, but, to say this as gently as I can, the number of such areas is very, very, very small. Most European technology just isn't worth our stealing.

Why, then, have we spied on you? The answer is quite apparent from the Campbell report -- in the discussion of the only two cases in which European companies have allegedly been targets of American secret intelligence collection. Of Thomson-CSF, the report says: "The company was alleged to have bribed members of the Brazilian government selection panel." Of Airbus, it says that we found that "Airbus agents were offering bribes to a Saudi official." These facts are inevitably left out of European press reports.

That's right, my continental friends, we have spied on you because you bribe. Your companies' products are often more costly, less technically advanced or both, than your American competitors'. As a result you bribe a lot. So complicit are your governments that in several European countries bribes still are tax-deductible.

When we have caught you at it, you might be interested, we haven't said a word to the U.S. companies in the competition. Instead we go to the government you're bribing and tell its officials that we don't take kindly to such corruption. They often respond by giving the most meritorious bid (sometimes American, sometimes not) all or part of the contract. This upsets you, and sometimes creates recriminations between your bribers and the other country's bribees, and this occasionally becomes a public scandal. We love it.

Why do you bribe? It's not because your companies are inherently more corrupt. Nor is it because you are inherently less talented at technology. It is because your economic patron saint is still Jean Baptiste Colbert, whereas ours is Adam Smith. In spite of a few recent reforms, your governments largely still dominate your economies, so you have much greater difficulty than we in innovating, encouraging labor mobility, reducing costs, attracting capital to fast-moving young businesses and adapting quickly to changing economic circumstances. You'd rather not go through the hassle of moving toward less dirigisme. It's so much easier to keep paying bribes.

The Central Intelligence Agency collects other economic intelligence, but the vast majority of it is not stolen secrets. The Aspin-Brown Commission four years ago found that about 95% of U.S. economic intelligence comes from open sources.

The Campbell report describes a sinister-sounding U.S. meeting in Washington where -- shudder! -- CIA personnel are present and the participants -- brace yourself -- "identify major contracts open for bid" in Indonesia. Mr. Campbell, I suppose, imagines something like this: A crafty CIA spy steals stealthily out of a safe house, changes disguises, checks to make sure he's not under surveillance, coordinates with a spy satellite and . . . buys an Indonesian newspaper. If you Europeans really think we go to such absurd lengths to obtain publicly available information, why don't you just laugh at us instead of getting in high dudgeon?

What are the economic secrets, in addition to bribery attempts, that we have conducted espionage to obtain? One example is some companies' efforts to conceal the transfer of dual-use technology. We follow sales of supercomputers and certain chemicals closely, because they can be used not only for commercial purposes but for the production of weapons of mass destruction. Another is economic activity in countries subject to sanctions -- Serbian banking, Iraqi oil smuggling.

But do we collect or even sort secret intelligence for the benefit of specific American companies? Even Mr. Campbell admits that we don't, although he can't bring himself to say so except with a double negative: "In general this is not incorrect." The Aspin-Brown Commission was more explicit: "U.S. Intelligence Agencies are not tasked to engage in 'industrial espionage' -- i.e. obtaining trade secrets for the benefit of a U.S. company or companies."

The French government is forming a commission to look into all this. I hope the commissioners come to Washington. We should organize two seminars for them. One would cover our Foreign Corrupt Practices Act, and how we use it, quite effectively, to discourage U.S. companies from bribing foreign governments. A second would cover why Adam Smith is a better guide than Colbert for 21st-century economies. Then we could move on to industrial espionage, and our visitors could explain, if they can keep straight faces, that they don't engage in it. Will the next commission pursue the issue of rude American maitre d's?

Get serious, Europeans. Stop blaming us and reform your own statist economic policies. Then your companies can become more efficient and innovative, and they won't need to resort to bribery to compete.

And then we won't need to spy on you.

from TPDL 2000-Feb-29, from NewsMax 2000-Feb-28, by Diane Alden:

S.L.E.E.P.

The question was: "Why was a nice girl like you working in a place like that?" Former Lockheed-NSA employee and member of the team that developed Echelon, Margaret Newsham, had quite an answer.

Her life history is similar to that of other nice women who came to adulthood in the fifties and early sixties. Marriage, kids, divorce, finding a good job and remarriage. However, in Newsham's case a series of life's twists found her sucked into the gothic ``black world'' of intelligence.

For Margaret "Peg" Newsham the twist of fate, which led her to Building 19 in Ford Aero's Sunnyvale, California plant, was only the beginning of a long road that ended in a sense of betrayal by her government and her employers.

Peg doesn't complain much and she has a marvelous self-deprecating sense of humor, telling stories on herself and her family. Faced with a series of serious physical problems, including a stroke in 1986 and cancer presently, she persists in challenging the tangled world of the intelligence system. Additionally, she endures the trials and tribulations of all whistleblowers.

Appearing in a recent 60 Minutes special she talked about her experience with Echelon, the super-secret spy project which is alleged to have the capability to intercept data on a massive scale.

The CBS series flew her to Menwith Hill, Yorkshire, England, which journalist and expert Duncan Campbell describes as "the largest electronic spy center in the world." Newsham maintains that when she was there in the 80s there were only 3 "domes"; now there are about 25. These domes are alleged to house the vacuum cleaner like equipment that monitors data flowing in and out of Europe.

Newsham has related her experiences few times. First at closed door, top-secret congressional hearings in 1988; to Danish journalists Bo Elkjaer and Kenan Seberg; to 60 Minutes; and to me.

For ten years, Newsham worked for the US munitions and computer firms Signal Science, Ford Aerospace and Lockheed Martin. They had contracts for the development and upgrading of Echelon satellites and computers, which the companies designed for the intelligence agency NSA. The NSA cooperates closely with the CIA and NRO (National Reconnaissance Organization).

It all began in Building 19 at the Sunnyvale plant where a job opportunity ushered her into the world of NSA and Echelon. After an interview and a clearance process, Newsham received her final clearance. " I was briefed by Tom Akashi the security officer for the Project Silkworth, Sire Moonpenny and another that I have not seen in print anywhere.

``As far as the job and projects go I can only tell you what I have seen in print and have all the necessary document to verify everything that I tell you. After the briefing I was shocked, stunned and said I need to think about this for a while. Went home and was told that I could NEVER tell anyone what I did, where I went etc. But the project was on the cutting edge of technology and so intriguing that I agreed to stay with the project only if I could advance to another position with the computers."

From 1974 to 1984 Peg Newsham worked on the satellites and the computer programs developed at Lockheed's headquarters in Sunnyvale, and in 1977, she was stationed at the largest listening post in the world at Menwith Hill, England.

"On the day at Menwith Hill when I realized in earnest how utterly wrong it was, I was sitting with one of the many "translators". He was an expert in languages like Russian, Chinese and Japanese. Suddenly he asked me if I wanted to listen in on a conversation taking place in the US at an office in the US Senate Building. Then I clearly heard a southern American dialect I thought I had heard before."

"Who is that?" I asked the translator who told me that it was Republican senator Strom Thurmond. 'Oh my gosh!' I thought. We're not only spying on other countries, but also on our own citizens."

American Gothic

Study the ``black world'' of intelligence gathering and you will find it littered with so much information and disinformation that it tends to put one in a semi-hypnotic state -- overwhelmed by the amount and complexity of the data.

In this secret world, words mean more than one thing. Technology is or is not state of the art, people lie without blinking because it is part of the job, and no one seems to be in charge. The mix of corporate and government back scratching offers too many opportunities for corruption and the rationale seems to be that everyone does it and it is in the name of "national security."

In this world of high tech espionage it is also a realm where the Constitution of the United States seems to be less important than maintaining bureaucracies and keeping them supplied with top of the line high tech toys. Last but not least there is no accountability to speak of.

Recently, the Congress passed Public Law #105-272 and it was signed into law by President Clinton. One of the few protesting this new law was Georgia Representative Bob Barr. What the new law does is make it possible for the FBI to have basically unrestricted wiretapping ability. At one time each wiretap had to be approved by a court order: No more.

The new wiretap laws allow the government carte blanche under some perceived "emergency" as determined by the Attorney General without a court order. This has effectively shifted the power from the judiciary to the executive branch thus profoundly damaging what used to be called the "separation of powers."

''Roving wiretaps are a major expansion of current government surveillance power,'' said Alan Davidson, staff counsel at the Center for Democracy and Technology in Washington. ``To take a controversial provision that affects the fundamental constitutional liberties of the people and pass it behind closed doors shows a shocking disregard for our democratic process.''

Add that to the growing controversy surrounding the National Security Agency and the surveillance web known as Echelon. Echelon is not some fantasy in the minds of crazy conspiracy buffs. Echelon is real and in declassified documents we know it exists.

At a recent meeting of the European Parliament an uproar began when investigator Duncan Campbell's report on NSA spying via Echelon alleged that a great deal of information was nothing more than economic and political espionage. Allegedly, economic data is routinely handed over to the Commerce Department, which in turn hands it over to American Fortune 500 companies.

Nonetheless, analysts indicate that the Europeans are doing it too. The French are considered the worst offenders. With the alleged backing of the German government, there is system in place euphemistically known as "Frenchelon."

According to Kenneth Cukier, senior editor and Paris correspondent for Communications Week International, the French project is run under the Direction Generale de la Securite Exterieure, similar to the CIA. Commercial information is sent directly to the presidents of large French companies as well as to government officials.

Since the demise of the Soviet Union, economic espionage along with spying on private citizens deemed "dangerous" or unfriendly to government, has been offered as a reason for continued bureaucratic intrusion and expanding budgets and power. Every time the BATF, FBI, CIA or NSA, have gotten into serious trouble it has been as a result of a pervasive medieval mentality that views Americans and others as folks who can't be trusted. Yet the Congress has oversight of these alphabet agencies, but continues to hand out blank checks whenever anyone screams "national security."

This is not to say that agencies are not doing a good job overseeing legitimate intelligence concerns that have to do with terrorism and international skullduggery. In addition, fair is fair, and governments being what they are, economic espionage is part of the expected game.

The problem exists when intelligence gathering crosses the line and becomes unconstitutional eavesdropping against companies or citizens. Most importantly, at what level should the alleged incestuous relationship between corporate America and government exist-- if at all. It was Dwight Eisenhower who warned Americans about the dangers of the `military-industrial complex'.

Patrick S. Poole, formerly with Free Congress, is an independent researcher and is recognized as an expert on Echelon and NSA. Poole maintains that Echelon is purely a product of 20th Century statism.

The modern drive toward the assumption of state power has turned legitimate national security agencies into pawns in a manipulative game where the stakes are no less than the survival of the Constitution. There is an incestuous relationship that exists between the intelligence community and US corporations that develop the technology that fuels their spy systems.

He alleges that many of the companies that receive the most important commercial intercepts are Lockheed, Boeing, Loral, TRW, and Raytheon, who are actively involved in the development of Echelon. ``The collusion between the intelligence agencies and their contractors is frightening...it is a gross misuse of taxpayer resources and the intelligence agencies."

As the recent Chinese security scandal indicates, companies such as Loral seem to have no qualms about "sharing" sensitive information, which have dual, uses - one military and one economic technology intelligence - with sworn enemies of the United States.

To accommodate the need for economic intelligence, the Office of Intelligence Liaison was set up in the Commerce Department. Shortly after taking office in 1993, Bill Clinton ratcheted up the corporate espionage by funding the National Economic Council which Poole alleges, "feeds intelligence" to "select" companies friendly to the administration.

In an extensive investigation, Poole cites numerous egregious cases of intelligence being turned over to corporations. The intelligence community denies it and often times hides behind a shadow of the truth better known as plausible deniability. They stretch the truth or bend the truth through manipulation and channeling their information through international allies or non-intelligence government agencies such as the Commerce Department.

Administrations since Truman have used NSA for other than straight up intelligence gathering. That includes Truman, Eisenhower, Kennedy, Johnson, Nixon, Reagan and Bush. It was at the end of the Bush administration that mission creep for all alphabet agencies began. (At the time of the collapse of the Soviet Union) But Poole states that the Clinton administration has raised commercial intelligence gathering to "a high art form."

He also maintains that, "No free society has ever been able to survive the rapid expansion of government power seen in our current political atmosphere...the pattern of secret power...quickly finds replication as can be seen the 1995 establishment of another secret court by Congress and the Clinton administration - the Alien Terrorist Removal Court. Just like it's brother court the Foreign Intelligence Surveillance Court it is based on a statist political philosophy, which creates the climate for secret courts, illegal surveillance, and prosecution flying in the face of the 4th Amendment. Part of the Bill of Rights, which guarantees that citizens will not be subject to government abuse even in the name of a cause deemed worthy by said government.''

Poole said in an interview that what is needed is another Church Committee investigation. Following the use by the Nixon White House of federal agencies to spy on or harass political enemies, Senator Frank Church, (D-Idaho) headed the committee that brought a modicum of oversight to the intelligence process. Since that time there has been precious little oversight by congress.

The only stick congress has to wield against over-zealous agencies is funding. In an aside, Poole related that money for the ``black world'' of intelligence gathering often comes from so called over spending on $600 hammers and $12,000 toilet seats.

In other words, NSA may scream and tell the mainstream press, like the Wall Street Journal and the New Yorker, that they are under funded and technologically behind the times, but that isn't the whole truth. People who have studied the problem for years, including, Poole, former NSA employee Mike Frost, physicist and journalist Duncan Campbell, expert and author Nicky Hager, the Danish journalists, as well as Margaret Newsham maintain that is utter "nonsense."

When asked about NSA's General Michael Hayden's statement that the agency was under funded and in need of funds for upgrading equipment, Poole exclaimed in no uncertain terms, "that is BS.'' Furthermore, "If they have the money they will continue to do it (questionable intelligence gathering.) "Without strict congressional oversight... privacy and 4th Amendment rights are in danger."

Allegedly, money is squirreled away in so many places in the defense or ``black world'' budgets that Hayden is either playing the usual agency poor mouth game-or he is in the dark due to bureaucratic obfuscation.

A Gathering of Spooks

Recently, former DCIs of the Central Intelligence Agencies gathered in a panel discussion about intelligence collection before the Council on Foreign Relations.

In an amusing slip of the tongue, former director Richard Helms appeared to corroborate the economic espionage charges. Helms, Schlesinger, Webster, Deutch and Woolsey, all former DCIs, discussed the problems of intelligence acquisition in the 21st century. The major intelligence "problem" they fixated on was the apparent inability of the agency to hire foreign nationals who have broken American or international law.

They complained vociferously about not being able to adequately spy for the US because they were prohibited from hiring lawbreakers to gather intelligence. In their world it seems no laws are ever broken while gathering intelligence.

With big innocent eyes all around the DCIs nearly chimed in unison that America's intelligence agencies would never break the law or bend the Constitution.

Nevertheless, Helms must not have gotten the word on the official story. When questions were raised about the use of intelligence gathering for economic espionage he implied that it had been done on occasion in the past. He maintained that the question really was one of choosing which company to turn the information over to - General Motors or someone else.

Woolsey later tried to cover this faux pas by repeating the mantra that the US would never be involved in economic espionage, except as it relates to the political well being of the United States. Or maybe at the very most, a need to know what is happening economically in developing countries in order to anticipate political or social unrest.

In regard to economic espionage he stated "There lies madness." Right - and butter wouldn't melt in his mouth. The creaky old CFR audience sat rapt, apparently missing the whole point or overlooking the divergence of opinion and the accidental slip by Helms. The aging dean of spooks most likely told the truth in spite of himself.

Blowing the Whistle

There are many good people in government service and they exist in the intelligence gathering field as well. Good people caught up in a system, where bureaucratic inertia is the pattern and the need to survive as a bureaucracy is the main occupation. Come funding time, intelligence agencies seem to become poor and clueless. Offering the next crisis as a reason for more money and expanded operations.

Those who work for spy agencies usually do so under the impression that they are serving the United States in a worthwhile way. However, just as in the private sector, it may also only mean a paycheck, a nice retirement, and all the attendant power and perks of government service.

When corruption is prevalent it is only a courageous few who go beyond self-interest and blow the whistle on debased government programs and activities. Because of their honesty and the need to shut them up they are shunned, fired, harassed, demoted or worse.

A case in point: Bill Johnston, US Attorney in Waco who blew the whistle on the machinations of the Reno Justice Department regarding the massacre of the Branch Davidians. Johnston recently quit because of the treatment he was receiving and because of the apparent stone walling by the Justice Department.

In another case, Marine Major Scott Ritter called attention to the Clinton administration's inept weapons inspection policies in Iraq and suffered humiliation before a congressional committee. He was subjected to democratic Senator Joseph Biden's autocratic verbal abuse. Linda Tripp, Charles LaBella, and others who have blown the whistle on government shenanigans have been marginalized and demonized.

In the case of NSA and Echelon, the whistleblower was Margaret Newsham. Currently, in the middle of a lawsuit with her former employer Lockheed Martin, and still under the dark cloud of keeping silence with what she knows, Peg can't say too much. If she did she could go to jail - with no trial in the "secret court" reserved for national security cases. Her civil rights would be moot.

Hoping that her lawsuit will succeed, Margaret Newsham is more concerned about informing the American public that their Constitutional guarantees under the Bill of Rights are in danger. Especially if the press continues to fall for the "official story." She hopes that in the upcoming congressional investigation she will have a chance to tell her story and shine a light on the eroding rights to privacy still available to American citizens.

Congressman Bob Barr to Hold Hearings

Congressman Bob Barr of Georgia was kind enough to answer questions about his upcoming hearings on NSA and Echelon. The following is a Q and A:

1. When do you and Burton plan on having an investigation into NSA and Echelon? Do you have dates yet?

Barr: Hopefully, we will hold hearings in late spring or early summer on this matter.

2. There are claims that much of what NSA does currently has nothing to do with intelligence gathering on bad guys. That much of what goes on currently is economic information turned over to Fortune 500 companies. Will your investigation look into this aspect? As you may know, Lockheed, Loral, Ford and others are accused of accepting this economic information to give them a competitive edge against European or international business counterparts. If this is the case would there be any legislation forthcoming to stop this?

Barr: Foreign intelligence surveillance programs should not be used for the collection of economic information that has no national security, diplomatic or military value. I hope we do not uncover proof classified information collected by intelligence agencies has been used for purely economic purposes by or for any private companies.

3. The current head of NSA, General Michael Hayden claims they are not doing "illegal" spying on individuals or companies. He claims NSA is too poor for this and behind technologically. Is there any way to verify this and at the same time let NSA know what its limits are? Is General Hayden out of the loop as far as what is actually going on at NSA?

Barr: The NSA receives funding, has a large workforce, and employs some of the brightest scientists and engineers in the world. We need to make sure the NSA has the resources it needs to keep up with technological changes. However, we must make sure the rights of American citizens are protected in the process.

By all accounts, General Hayden is a skilled administrator who realizes NSA is in need of reform. However, he faces an entrenched bureaucracy and is not a permanent NSA employee. All of this can and should be remedied through comprehensive, regular oversight.

4. The 60 Minutes special featured Margaret Newsham, a former Lockheed and NSA employee who was a whistle blower, as well as Mike Frost --another prominent whistle blower. Ms. Newsham has informed me she has been harassed by Lockheed and NSA since she left the ``black world'' of intelligence gathering. If that is the case will you look into it? What can be done legislatively to prevent this in the future, without harming the "system" of intelligence gathering? Is that possible?

Barr: Legitimate whistleblowers should always be protected from retaliation. In the past, our government has not always done so. We may well need legislative changes in this area. Of course, we must always remain mindful of the need to protect classified information and intelligence sources and methods.

5. Menwith Hill, England seems to be a focus of a lot of spying on Europeans. Europeans claim this spying has nothing to do with keeping track of Osama Bin Laden or other international bad guys. They also claim NSA is using Canada and the UK as guinea pigs for the use of surveillance technology. This claim was also made in the Discovery Channel special. Do you have information, which would support their concerns?

Barr: The problem with Echelon is that we know very little, and most of what we know originates from a handful of media sources. The best solution to this problem is for NSA to come forward with enough basic information, and answer questions necessary to ensure the privacy of American citizens is being protected.

6. Do you feel that oversight of NSA and such spooky issues as Echelon or "Magistrand" as Duncan Campbell claims it is now called --are in need of the $2 billion dollars, which the Clinton Administration has asked for to upgrade intelligence capability?

Barr: Historically, Congress has had a bad habit of writing blank checks to government agencies, especially when they make omnibus "national security" claims. I believe we should be more careful with public monies, and work to ensure new funding and authority are truly necessary before appropriating them.

7. Since the end of the Cold War has the mission of the various intelligence organizations such as NSA and CIA been clouded by allowing the system to be corrupted into intelligence gathering of private citizens and corporations? Or has this type of intelligence gathering been going on all along?

Barr: The NSA has violated the privacy of American citizens in the past, most notably during the Nixon presidency. We must always remain vigilant to ensure we are properly balancing national security and privacy.

8. What will be the focus of your upcoming hearings into NSA and Echelon?

Barr: Our goal will be to ensure the public has basic assurances from the NSA that personal privacy is not being violated on a mass scale by foreign intelligence surveillance. Our existing legal structure in this area was fashioned in the 1970s, and may well require updates in light of recent technological changes.

A Profile in Courage

Peg sleeps with a gun under her pillow and her companion is a beloved 125 pound German Shepherd named Gunther. She says her children have been harassed and stalked and she doesn't feel safe in her own country anymore. Her allegations against the government and corporate America relationship, if proved true, will once more frame the notion that America is becoming a corporate state with police powers - a country which may be losing its soul. Perhaps more probably selling its soul.

Even so, "Peg" Newsham has perspective on it all. She is a courageous lady. It is refreshing to know that valiant and noble people still live in the United States of America. That there are those who have not adopted the mantra "what have you done for me lately." Margaret gave me her outlook over the weekend. Good advice for Bob Barr as he investigates, the press as it does or does not investigate other than the official story, and the American people who need to recover a sense of outrage and priorities.

"My feeling is life goes on and this is part of the ride. I have to keep everything in the right prospective. I am praying big time.... I am a fighter and will NEVER GIVE UP! We all have to do what we know is right!''

Diane Alden is a research analyst and writer for numerous online publications. She also writes for the western journal, Range Magazine, and does commentaries for Georgia Radio, Inc. Reach her at Wulfric8@aol.com.

from TPDL 2000-Feb-26, from the Drudge Report 2000-Feb-24, by Matt Drudge:

ECHELON BOMBSHELL:
NSA ACCUSED OF SPYING ON US POLITICIANS

The National Security Agency may be using the Echelon network to eavesdrop on US politicians, says a shock report set for broadcast this weekend!

Everywhere in the world, everyday, peoples phone calls, emails and faxes are monitored by Echelon, a secret government surveillance network. Former spy Mike Frost cracks Echelon wide open, in an interview with Steve Kroft on CBS' 60 MINUTES.

American politicians have been eavesdropped on, says Margaret Newsham, a woman who worked at Menwith Hill in England, the NSA's largest spy station. She says she was shocked to hear the voice of Senator Strom Thurmond (Rep. S.C.) on a surveillance headset.

The exposing of such possible abuses of Echelon will surely add to the growing firestorm in Europe over the system. Earlier this week the European Parliament issued a report accusing the U.S. of using Echelon for commercial spying to help American companies win lucrative contracts over European competitors on two separate occasions. The U.S. State Department denies such spying took place and will not even acknowledge the existence of the top secret Echelon project.

Rep. Porter Goss (Rep.- Fla), chairman of the House Intelligence Committee, which has oversight of the NSA, does acknowledge that the U.S. has the capability to pick up any phone call and that even his own conversations could have been monitored. But Goss says there are methods to prevent the abuse of that information. I cannot stop the dust in the ether but what I can make sure, is that the capability is not abused, he tells Kroft.

The NSA runs Echelon with Canada, Britain, Australia and New Zealand as a series of listening posts around the world that eavesdrop on terrorists, drug lords and hostile foreign governments. But to find out what the bad guys are up to, all electronic communications, including those of the good guys, must be captured and analyzed for key words by super computers, a fact that makes Former spy Mike Frost uncomfortable.

"My concern is no accountability and nothing, no safety net in place for the innocent people who fall through the cracks," he tells Kroft.

As an example of those innocent people, Frost cites a woman whose name and telephone number went into the Echelon database as a possible terrorist simply because she told a friend on the phone that her son had bombed in a school play.

"The computer spit that conversation out. The analystwas not too sure what the conversation was referring to, so, erring on the side of caution, he listed that lady," Frost recalls.

Democracies usually have laws against spying on citizens, but Frost says Echelon members could ask another member to spy for them in an end run around those laws. Frost tells Kroft that his Canadian intelligence boss spied on British government officials for Prime Minister Margaret Thatcher.

from Agence France-Press via The Age, 2000-Feb-18:

US secret agents work at Microsoft: French intelligence

A French intelligence report today accused US secret agents of working with computer giant Microsoft to develop software allowing Washington to spy on communications around the world.

The report, drawn up by the Strategic Affairs Delegation (DAS), the intelligence arm of the French Defence Ministry, was quoted in today's edition of the news-letter Le Monde du Renseignement (Intelligence World).

Written by a senior officer at the DAS, the report claims agents from the National Security Agency (NSA) helped install secret programmes on Microsoft software, currently in use in 90 per cent of computers.

According to the report there was a 'strong suspicion' of a lack of security fed by insistent rumours about the existence of spy programs on Microsoft, and by the presence of NSA personnel in Bill Gates' development teams.

The NSA protects communications for the US government, and also intercepts electronic messages for the Defence Department and other US intelligence agencies, the newsletter said.

According to the report, 'it would seem that the creation of Microsoft was largely supported, not least financially, by the NSA, and that IBM was made to accept the (Microsoft) MS-DOS operating system by the same administration.'

The report claimed the Pentagon was Microsoft's biggest client in the world.

from The Express, 2000-Feb-23, by Nic Fleming and Jack Gee:

How US spies opened Windows on the world

COMPUTER documents written in Microsoft Windows and sent over the Internet can be intercepted and read by American spies, it was claimed yesterday.

Bill Gates's empire has been accused of putting a hidden code in the best-selling word processing program to give US intelligence services access to foreign military and business secrets.

The computer giant denied any such arrangement, and experts expressed scepticism at the claim.

A report by the French defence ministry claimed that "back-door technology" had been included in Windows software after a deal between Microsoft and the US National Security Agency.

The report said: "The security agency has got Microsoft to hire a number of its own agents to ensure that Windows can be used to burglarise these messages. The Americans are not just spying on us but on all their allies, including Britain, as well as countries like China and Russia whom they regard as potential foes."

After learning of the leaked report, Microsoft's headquarters in France vigorously denied the allegations. "We have certainly not introduced any back-door or dirty tricks code into any of our programs," said a spokesman.

"After all, French government departments use our software on a big scale. If there were something fishy about any of our products they would have found out during trials before placing orders with Microsoft."

Daniel Martin, the former head of computer systems at the Department for National Surveillance - France's MI5 - said: "French business lags behind most other countries in protecting its business secrets.

"The Japanese spend three times as much as France on safeguarding industrial and commercial know-how. Vigilance must be stepped up as a matter of urgency. In industry, the companies that are most exposed to computer snooping are the smaller firms. The bigger fellows are already spending a lot of time and effort on protecting themselves.

"The government can help too, just like that of the US which is very much involved in ensuring that its own industry's secrets are not at risk from snoopers."

John Lettice, an editor with on-line news publication The Register, said: "I can't see why it would make any sense for Microsoft to do it.

"I'm also not sure they could do it. Even if they could manage it, I'm not sure how they'd be able to keep it hidden." Tim Clark, assistant director of information technology at Warwick University, said: "I'm sceptical of these claims. Perhaps it could be done but I doubt that it would be possible to hide it.

"Maybe the average home user would not notice but I'm sure experienced operators in IT departments would spot something sooner or later."

Earlier this month the British Government published details of its controversial plan to allow law enforcement and intelligence agencies to hack into private e-mails. The Regulation of Investigatory Powers Bill, which received its first reading in Parliament two weeks ago, will allow the authorities to demand the codes to allow them to read encrypted information sent via the Internet.

While Government officials claim they need the powers to fight paedophiles and terrorist activity, campaigners have called the measures a draconian infringement of civil liberties.Under the proposed legislation, failure to allow the police access to the encryption key which translates coded e-mails could result in a two-year prison sentence.

from CNN, 1999-Sep-3 17:33EDT:

NSA key to Windows: an open question

(CNN) - Microsoft operating systems have a back door that allows the entry of the National Security Agency, a cryptography expert said Friday.

However, Microsoft denied the report and other experts differed on the magnitude of the alleged problem.

The chief scientist at an Internet security company said Microsoft built in a "key" for the nation's most powerful intelligence agency to the cryptographic standard used in Microsoft Windows 95, Windows 98, Windows NT4 and Windows2000.

To use cryptographic applications in Windows, users must load its cryptography architecture in a standard called CryptoAPI.

A year ago, researchers discovered there were two keys, or digital signatures, that allowed the loading of CryptoAPI -- Microsoft had one but the identity of the other keyholder was a mystery.

Andrew Fernandes of Ontario-based Cryptonym and his colleagues now say the NSA holds the second key because they found that a recent service pack for Windows NT failed to cloak the second key, revealing it as "_NSAKEY."

"In the data security profession, those three initials only mean one thing: National Security Agency," Fernandes said.

Microsoft denied that the key belongs to the NSA, saying instead that the "_NSAKEY" label simply means the cryptography architecture meets the NSA's standards for export.

"These reports are completely false," said Microsoft spokesman Dan Leach.

"The key does not allow any other party to start or stop cryptographic services on anyone's computers.

"So no, the government cannot spy on your computer using Microsoft software. We don't intentionally leave backdoors. Microsoft has consistently opposed key escrow because we feel it is no good for the consumer, for Microsoft and no good for the government. These reports are entirely false!"

Fernandes said the NSA key would allow the intelligence agency to load services on users' machines without their authorization, an option it more likely would use against a corporation than an individual.

Fernandes posted a "fix" to the key on his Web site Friday, along with a press release announcing his report on the second key. The NSA failed to return comment on the key.

The alleged NSA key came to light just days after Microsoft squelched a breach to its Web-based e-mail service, Hotmail.

Computer expert: 'a small deal'

UC Berkeley's David Wagner, a computer security expert, said the "does not open a massive back door allowing NSA to spy on your computer."

The statement by Cryptonym Corporation is "a small deal at least." The only problem he found with the CryptoAPI architecture is that if a Windows systems has a virus, it may make the virus more destructive.

It could be that NSA is making it easier to manage their own computers, Wagner said. Users of Windows 95/98/NT systems should not infer that the NSA is able to spy on any computer using a Windows operating system.

Report shocked crypto experts

Fernandes initially gave his report at a cryptography conference in Santa Barbara last month, during a late-night session where a few dozen experts in the audience were "shocked" by the alleged security flaw, said Ian Goldberg.

The discovery "highly suggests" that the NSA has a key it could use to enter encrypted items on anybody's Windows operating system, said Ian Goldberg, chief scientist at Zero-Knowledge Systems.

Zero-Knowledge Systems is about to release a security product built specially to make such security flaws impossible, he said.

Fernandes said the evidence shows that the NSA is involved in the key but it fails to indicate who owns the key. Even if Microsoft claims the key is its own, Fernandes said he believes the key was put in the Windows products at the request of the NSA.

"They've got their hand in the cookie jar and they're trying to convince you they aren't taking a cookie, they're checking to make sure there's lots of cookies left for you," Fernandes said.

Fernandes, who came up with his results in collaboration with the Berlin-based Chaos Computer Club, said it comes down to an issue of trusting Microsoft.

The security flaw does not give hackers an entrance to Windows-based cryptography services, Fernandes said, because hackers lack the private key.

He called for Microsoft to be more honest about its security infrastructure and the "deal they had to cut with the government to allow the exportation of cryptography in Windows."

Open-source versus 'shrink-wrapped' crypto

Alec Muffett, a security consultant for Sun Microsystems' Professional Services, said his operation uses open source cryptography and internal software and that many international companies have decided not to trust Microsoft.

"Any company worth its salt would demand using an open source cryptography as opposed to a shrink-wrapped product which this is," Muffett said.

Open-source code is thought by its adherents to be more secure and a better product since it has been tweaked by many more programmers than a product put out by a single company.

The United States limits the exportation of "strong" cryptography, mainly to make it easier for its intelligence agencies to do its work. For the NSA, that means listening in via its Echelon project to the telephone, fax, cable and other electronic communications of other nations.

It is illegal for the agency to eavesdrop on American citizens, meaning that if the NSA key exists, international businesses are most at risk, Fernandes said.

Still, Muffett said the NSA would be unlikely to conduct massive snooping on businesses outside the United States via a key on Microsoft Windows products -- if it exists. That would take too much work.

Instead, the agency could use a key to obtain a targeted piece of evidence or to trade information with other security agencies outside the United States.

"It's a bit of a conundrum from a political strategy point of view," Muffett said.

from Infoworld 1999-Mar-15, by Nicholas Petreley's "Down to the Wire" column, from http://www.infoworld.com/cgi-bin/displayNew.pl?/petrel/petrel.htm:

Wear clean underwear, because you never know when Microsoft is looking

You've seen it in countless movies. An innocent fugitive is traveling across the country incognito. Naturally, an evil government agency is trying to track him down. Suddenly, a government nerd points to a computer screen and says, "We've got him. He just used his Visa card to purchase size 38 Fruit of the Looms at Macy's in Trenton, N.J."

I find the above scenario to be somewhat frustrating. It is common knowledge that movie-land government agencies can trace every credit card transaction at a moment's notice. Therefore, it is hard to feel sorry for the idiot fugitive who should have known he was putting himself in jeopardy.

Outside of the movie world, however, there is only one guilty party: the government agency. In the real world, you should be able to charge a pair of underwear without the CIA being able to find out which brand you use. In fact, I can think of only one thing that would be more outrageous: If your underwear sent personal information about you back to Fruit of the Loom.

Well, surprise. That is exactly what Windows does if your computer is connected to the Internet. Windows sends your user profile and hardware configuration -- right down to the Ethernet address of your network card -- to Microsoft. And it does so without informing you or asking for your consent.

Don't flame me for being paranoid; Microsoft admits it. (In what may be a first for Microsoft, the company calls it a bug, not a feature.) What's more, Microsoft admits that its Office suite embeds your Ethernet address into your Office documents.

Microsoft plans to fix the "bug" in future versions of Windows, and promises to release a utility that removes the ID from Office documents.

Privacy advocates have complained about several issues lately. It all started with the uproar over Intel's decision to embed a unique ID in each Pentium III chip. But personally, I wasn't alarmed until now. I don't have a problem with Intel branding each Pentium III.

Why? It isn't the unique ID that matters. What matters is whether software vendors use the ID to identify you or your system without your consent. Most vendors beside Microsoft probably wouldn't take the risk. It would be a PR disaster to be counted among those who abuse personal information for copy protection, especially when other vendors give away their software free for personal use.

In addition, IT wouldn't stand still for copy protection these days, especially if it complicated installation procedures. Finally, I'm sure someone out there would write a crack program for every copy-protected software package that emerges. It would hardly be worth the effort after that.

Like the Pentium III ID, Microsoft's use of the Ethernet MAC (Media Access Control) address as part of a user ID doesn't tie up my underwear in a knot. What bothers me is that it is being sent to Microsoft without my permission.

Yes, it is true that a MAC address can be put to more insidious use than a digital signature on a Pentium III. If I know your Ethernet address, have direct access to an Internet backbone, and am lucky, I could gather a lot of information. I might not see everything you do, but I'm sure I would see more than you'd like. Depending on where I tap into the network, I could even monitor your incoming and outgoing mail.

I sincerely doubt that Microsoft is dispatching secret agents packing network sniffers (although I must admit that guy working on my network the other day did look an awful lot like Steve Ballmer). Nevertheless, I think it is time we gave serious thought to Internet privacy issues. Perhaps we need legislation that would forbid any software vendor from sending information over the Internet without a customer's permission.

from EE Times, 1997-Jul-28, by lwirbel@aol.com:

NSA Moves Into Marketing Commercial ASICS, Design Services

Snowmass, Colo. -- The National Security Agency is expanding its marketing of ASICs and design services this summer, even offering commercial semiconductor designs for selected space-based and terrestrial applications. The new commercial efforts, the first by a government intelligence agency, involve both the Special Processing Lab at NSA headquarters in Fort Meade, Md., operated by National Semiconductor Corp., as well as a Microelectronics Research Lab run by NSA at an undisclosed Maryland location.

Ever since National Semiconductor helped NSA open a six-inch CMOS fab at Fort Meade in the late 1980s, the agency had developed special ASICs for a limited range of customers. Some were partners in cryptography chips, such as the Mykotronx division of Rainbow Technologies Inc., while others sought out NSA's expertise in radiation-hardness for classified space applications.

But the new effort by NSA vastly expands this customer base. The agency has appointed its first director of marketing for microelectronics, Leland Miller (one of the first NSA employees to distribute public business cards). At last week's IEEE Nuclear and Space Radiation Effects Conference here, the NSA had a large trade booth advertising the capabilities of "NSA Microelectronics."

Miller said that customers will contract with NSA through a dedicated design engineer on the agency staff called a Program Manager. Whether the end product is a standard CMOS device from the Fort Meade fab, or a special-processing bipolar, silicon-on-insulator, or other device from the research lab, the chip design services will be offered directly by NSA, not by National Semiconductor.

Terry Brown, deputy chief of microelectronics at NSA, said that the customer list will still be specialized enough so that the government agency won't compete directly against developers of military ASICs and rad-hard devices. But representatives from companies like Harris Semiconductor and UTMC Microelectronic Systems were scratching their heads during the IEEE conference last week, wondering how and why a highly-secret government intelligence agency would compete against them.

"Any customer of ours would still require a government sponsor at some level," Brown said. "But we're very serious about expanding the availability of chips to a wider group of customers. For instance, where we used to do only rad-hard designs, we now will be moving into rad-tolerant ASICs as well."

Brown said that NSA had a special talent in datapath designs, used heavily in signal and image processing, but ignored by many ASIC vendors who work with register-intensive standard CPU cores. NSA has developed its own design suite based on Cadence Design Systems Inc. tools, called R One Automated Design System, or ROADS. Brown was careful to add that "we can work with Mentor Graphics module generators as well. We want to have open interfaces to many EDA tools."

NSA has a library of more than 100 standard cells for its Fort Meade fab, optimized for CMOS feature sizes from 0.5 to 1.2 microns. The fab can handle both double-metal and triple-metal designs, and is just beginning to add nonvolatile EPROM and E2PROM cell capabilities. For special processing or special substrate designs produced in the external research fab, processes are more common to full-custom designs.

Brown said that NSA has the capability to adopt the same core design to both standard CMOS and rad-hard CMOS cells. The agency was demonstrating a signal-processing design called Armageddon2, which NSA fabricated using common cells, in both a standard and rad-hard version. "We have to be sure we're not competing against commercial suppliers, but this new effort goes far beyond simple CRADAs (Commercial Research and Development Agreements)," Brown said. "We intend to really broaden our partnerships in ASIC design this year."

from TPD 1999-Oct-8, from Scripps Howard News Service, by Dale McFeatters:

Caught in the Web of the CIA

(October 7, 1999 12:02 p.m. EDT http://www.nandotimes.com) - Feeling as if it is being left behind in the age of information technology - and being the last to know about the collapse of the Iron Curtain is a pretty good indication - the CIA has decided to start its own dot.com company.

The company will be headed by a 39-year-old named Louie who got his start doing computer games and whose most recent job was with a toy company.

No, really. His name is Gilman Louie. His most recent job was with Hasbro toys. And he has Silicon Valley's equivalent distinction to a president having been born in a log cabin: He started his own business in his mother's garage.

In keeping with the trend that the name should reveal as little as possible about what it is the company actually does, the new firm is called In-Q-It. The "In' stands for intelligence, the "It" for information technology and the "Q" for the guy in the James Bond movies who provides 007 with all those really neat gadgets. Maybe the company car will be an Aston-Martin with retractable machine guns.

Here's more: The dot.com was the brainchild of a guy named Buzzy. Actually, A.B. "Buzzy" Krongard, a CIA official and former investment banker with a background in bankrolling high- tech startups. But, still, Louie and Buzzy? Truly, the evil empire has fallen.

In-Q-It will have investment capital of $150 million, which suggests it isn't exactly going to go head-to-head with Microsoft or Sun Systems. This is an arena, after all, where companies only 10 minutes old with no assets and no earnings are capitalized at billions.

Spook.com will have its headquarters in pricey Palo Alto, Calif., and, with the modest down payment the agency is giving it to get started, may be looking at rental space in Mrs. Louie's garage.

The idea is that In-Q-It will keep the CIA wired into cutting-edge technologies. Supposedly, everything In-Q-It does will be open and unclassified, but if that's true, nobody will tell it anything because Silicon Valley companies are even more secretive and suspicious than the CIA itself. Real money, not just national security, is at stake.

The CIA probably made a mistake in being so open about In-Q-It. The agency should have given it an unlisted listing on the New York Stock Exchange, a transparently pseudonymous board of directors and a fake address. Once the geeks figured out the truth, the new company would have had much more credibility.

Considering how paranoid West Coast intellectuals once were about the CIA, it's astounding how little attention In-Q-It has attracted. Not too long ago protesters from Berkeley would have doused themselves in fake blood and chained themselves to the company bicycle rack. Now if In-Q-It hears from the Berkeley campus, it's likely to be an inquiry about stock options.

In-Q-It is intended to be nonprofit - now there's a surprise coming from the government - but can reap the rewards of its investments and own and license technologies. Presumably, if it's profitable enough, In-Q-It can behave like any other technology company and begin buying up Internet, cable, fiber optic, phone and broadcast companies.

When that happens, the CIA won't have to bother reading minds since it's already told them what to think. I made up that last part. I think.

from TPD 1999-Oct-21, from the New York Post, by Rod Dreher:

IS BIG BROTHER READING YOUR E-MAIL?

WANT to give a big, fat finger to Big Brother today? Fax or e-mail this column to a friend. Be sure to include the following words:

Unabomber. Anthrax. Fissionable plutonium. North Korea. Militia. Delta Force. Ruby Ridge.

If the suspicions of Rep. Bob Barr (R-Ga.), the American Civil Liberties Union and cyber-libertarian "hacktivists" are correct, your fax or e-mail containing those words will have been intercepted by a sophisticated official electronic monitoring system called "Echelon."

Echelon is a supersecret global surveillance network, run by the U.S. National Security Agency, in conjunction with the governments of Britain, Canada, Australia and New Zealand.

Echelon is said to intercept and sift through countless electronic transmissions daily, filtering out those with particular "keywords" that could signal a security threat. The purloined posts are later analyzed.

Hacktivists around the world have scheduled today as "Jam Echelon Day." They're encouraging computer users to flood the Internet with e-mails containing suspected keywords, hoping the deluge will short-circuit Echelon's computers and satellites.

The public will never know if they succeed, but crashing Echelon is not really the point. The protest is meant to raise public awareness about the threat to privacy and civil liberties purportedly posed by the security network, which sounds like something out of the movie "Enemy of the State."

Although the NSA will neither confirm nor deny Echelon's existence, too much information has leaked out (through official statements and partially declassified government documents) or has been uncovered by journalists and investigators to allow for plausible deniability.

If reports, including a study by the European Parliament, are correct, Echelon was organized after World War II, chiefly as a way for participating countries to intercept Soviet communications.

With the Russian threat gone, there is growing evidence and concern that Echelon is being used around the world for commercial espionage and keeping tabs on non-military targets - such as me and thee.

Groups on both sides of the American political debate, from the ACLU on the left to the Free Congress Foundation on the right, allege that Echelon's technology and structure makes the unregulated monitoring of e-mails, faxes and phone calls possible - this despite laws requiring court permission to eavesdrop on private citizens.

"The NSA does not have jurisdiction in the U.S., but the way the electronic-communications system is set up, I could send an e-mail to you, and it could be routed through Canada," explains Free Congress' Lisa Dean. "This puts the e-mail under NSA's jurisdiction."

The potential for Echelon's abuse has so bothered Barr, a former CIA analyst, that he's pushing for congressional hearings.

"My concern is that they are sweeping far too broadly," Barr tells me. "I believe that the rights of American citizens are being infringed.

"The danger is that we have no privacy whatsoever. Whenever you pick up an instrument of communication, you run the risk of the government listening in to you."

That claim is too far out for Steve Aftergood, who runs the Federation of American Scientists' government-secrecy research project. However overblown he considers the claims of Echelon alarmists, Aftergood supports Barr's call for hearings to establish oversight.

"Unchecked monitoring and surveillance by the government poses a threat to freedom of dissent," he said. "Even if the whole Echelon story is a hallucination or a hoax, it is nevertheless the responsibility of Congress to get to the bottom of it."

from WorldNetDaily 1999-Oct-27, by Joseph Farah:

The Echelon attack

Internet activists last week tried to overwhelm National Security Agency eavesdroppers by flooding the Echelon spy system with fabricated messages about terrorist plots and bombs.

The idea never posed a real threat to the NSA, but the electronic protest helped raise awareness of the fact that the government is snooping on every man, woman and child in the country through this system.

Organizers urged Internet users to send millions of e-mails with NSA "keywords" designed to trigger eavesdropping programs and analysis. The idea was to flood the powerful NSA computers with enough suspicious traffic to crash them and disrupt the mysterious high-tech listening system.

How serious is the threat to civil liberties posed by Echelon? A 1997 report commissioned by the European Parliament described "routine and indiscriminate" monitoring of faxes, e-mails and telephone messages in Europe by the global spy network, which it said was coordinated by the NSA with the help of other nations' security organizations. Rep. Bob Barr, R-Ga., has said he supports congressional hearings to determine the scope of the spy network's capabilities and to prevent abuses.

Dozens of websites promoted the protest by listing some of the keywords believed to set off the Echelon trackers. But my sources tell me the spy network is far more sophisticated than the web protesters anticipated. It can easily filter out communications specifically designed to set it off with random keywords. Screening software helps the NSA ignore communications written or spoken as "bait."

Want to see a longer list than you have ever seen before? Here it is:

Explosives, guns, assassination, conspiracy, primers, detonators, initiators, main charge, nuclear charges, ambush, sniping, motorcade, IRS, BATF, jtf-6, mjtf, hrt, srt, hostages, munitions, weapons, TNT, rdx, amfo, hmtd, picric acid, silver nitrite, mercury fulminate, presidential motorcade, salt peter, charcoal, sulfur, c4, composition b, amatol, petn, lead azide, lead styphante, ddnp, tetryl, nitrocellulose, nitrostarch, mines, grenades, rockets, fuses, delay mechanism, mortars, rpg7, propellants, incendiaries, incendiary device, thermite, security forces, intelligence, agencies, hrt, resistance, psyops, infiltration, assault team, defensive elements, evasion, detection, mission, communications, the football, platter charge, shaped charges, m118, claymore, body armor, charges, shrapnel, timers, timing devices, boobytraps, detcord, pmk 40, silencers, Uzi, HK-MP5, AK-47, FAL, Jatti, Skorpion MP, teflon bullets, cordite, napalm, law, Stingers, RPK, SOCIMI 821 SMG, STEN, BAR, MP40, HK-G3,FN-MAG, RPD,PzB39, Air Force One, M60, RPK74, SG530, SG540, Galil arm, Walther WA2000, HK33KE, Parker-Hale MOD. 82, AKR, Ingram MAC10, M3, L34A1, Walther MPL, AKS-74, HK-GR6, subsonic rounds, ballistic media, special forces, JFKSWC, SFOD-D, SRT, Rewson, SAFE, Waihopai, INFOSEC, ASPIC, Information Security, SAI, Information Warfare, IW, IS, Privacy, Information Terrorism, Kenya, Terrorism Defensive Information, Defense Information Warfare, Offensive Information, Offensive Information Warfare, NAIA, SAPM, ASU, ECHELON ASTS, National Information Infrastructure, InfoSec, SAO, Reno, Compsec, JICS, Computer Terrorism, Firewalls, Secure Internet Connections, RSP, ISS, JDF, Passwords, NAAP, DefCon V, RSO, Hackers, Encryption, ASWS, Espionage, USDOJ, NSA, CIA, S/Key, SSL, FBI, Secret Service, USSS, Defcon, Military, White House, Undercover, NCCS, Mayfly, PGP, SALDV, PEM, resta, RSA, Perl-RSA, MSNBC, bet, AOL, AOL TOS, CIS, CBOT, AIMSX, STARLAN, 3B2, BITNET, Tanzania, SAMU, COSMOS, DATTA, E911, FCIC, HTCIA, IACIS, UT/RUS, JANET, ram, JICC, ReMOB, LEETAC, UTU, VNET, BRLO, SADCC, NSLEP, SACLANTCEN, FALN, 877, NAVELEXSYSSECENGCEN, BZ, CANSLO, CBNRC, CIDA, JAVA, rsta, Active X, Compsec 97, RENS, LLC, DERA, JIC, rip, rb, Wu, RDI, Mavricks, BIOL, Meta-hackers, ^?, SADT, Steve Case, Tools, RECCEX, Telex, OTAN, monarchist, NMIC, NIOG, IDB, MID/KL, NADIS, NMI, SEIDM, BNC, CNCIS, STEEPLEBUSH, RG, BSS, DDIS, mixmaster, BCCI, BRGE, SARL, Military Intelligence, JICA, Scully, recondo, Flame, Infowar, Bubba, Freeh, Archives, ISADC, CISSP, Sundevil, jack, Investigation, JOTS, ISACA, NCSA, ASVC, spook words, RRF, 1071, Bugs Bunny, Verisign, Secure, ASIO, Lebed, ICE, NRO, Lexis-Nexis, NSCT, SCIF, FLiR, JIC, bce, Lacrosse, Flashbangs, HRT, IRA, EODG, DIA, USCOI, CID, BOP, FINCEN, FLETC, NIJ, ACC, AFSPC, BMDO, site, SASSTIXS, NAVWAN, NRL, RL, NAVWCWPNS, NSWC, USAFA, AHPCRC, ARPA, SARD, LABLINK, USACIL, SAPT, USCG, NRC, ~, O, NSA/CSS, CDC, DOE, SAAM, FMS, HPCC, NTIS, SEL, USCODE, CISE, SIRC, CIM, ISN, DJC, bemd, SGC, UNCPCJ, CFC, SABENA, DREO, CDA, SADRS, DRA, SHAPE, bird dog, SACLANT, BECCA, DCJFTF, HALO, SC, TA SAS, Lander, GSM, T Branch, AST, SAMCOMM, HAHO, FKS, 868, GCHQ, DITSA, SORT, AMEMB, NSG, HIC, EDI, benelux, SAS, SBS, SAW, UDT, EODC, GOE, DOE, SAMF, GEO, JRB, 3P-HV, Masuda, Forte, AT, GIGN, Exon Shell, radint, MB, CQB, CONUS, CTU, RCMP, GRU, SASR, GSG-9, 22nd SAS, GEOS, EADA, SART, BBE, STEP, Echelon, Dictionary, MD2, MD4, MDA, diwn, 747, ASIC, 777, RDI, 767, MI5, 737, MI6, 757, Kh-11, EODN, SHS, ^X, Shayet-13, SADMS, Spetznaz, Recce, 707, CIO, NOCS, Halcon, NSS, Duress, RAID, Uziel, wojo, Psyops, SASCOM, grom, NSIRL, D-11, SERT, VIP, ARC, S.E.T. Team, NSWG, MP5k, SATKA, DREC, DEVGRP, DF, DSD, FDM, GRU, LRTS, SIGDEV, NACSI, MEU/SOC,PSAC, PTT, RFI, ZL31, SIGDASYS, TDM, SUKLO, SUSLO, TELINT, fake, TEXTA, ELF, LF, MF, SIGS, VHF, Recon, peapod, PA598D28, Spall, dort, 50MZ, 11Emc Choe, SATCOMA, UHF, SHF, ASIO, SASP, WANK, Colonel, domestic disruption, 5ESS, smuggle, Z-200, 15kg, DUVDEVAN, RFX, nitrate, OIR, Pretoria, M-14, enigma, Bletchley Park, Clandestine, NSO, nkvd, argus, afsatcom, CQB, NVD, Counter Terrorism Security, SARA, Rapid Reaction, JSOFC3IP, Corporate Security, Police, sniper, PPS, ASIS, ASLET, TSCM, Security Consulting, M-x spook, Z-150T, High Security, Security Evaluation, Electronic Surveillance, MI-17, ISR, NSAS, Counterterrorism, real, spies, IWO, eavesdropping, debugging, CCSS, interception, COCOT, NACSI, rhost, rhosts, ASO, SETA, Amherst, Broadside, Capricorn, NAVCM, Gamma, Gorizont, Guppy, NSS, rita, ISSO, submiss, ASDIC, .tc, 2EME REP, FID, 7NL SBS, tekka, captain, 226, .45, nonac, .li, Ionosphere, Mole, Keyhole, NABS, Kilderkin, Artichoke, Badger, Emerson, Tzvrif, SDIS, T2S2, STTC, DNR, NADDIS, NFLIS, CFD, quarter, Cornflower, Daisy, Egret, Iris, JSOTF, Hollyhock, Jasmine, Juile, Vinnell, B.D.M., Sphinx, Stephanie, Reflection, Spoke, Talent, Trump, FX, FXR, IMF, POCSAG, rusers, Covert Video, Intiso, r00t, lock picking, Beyond Hope, LASINT, csystems, .tm, passwd, 2600 Magazine, JUWTF, Competitor, EO, Chan, Pathfinders, SEAL Team 3, JTF, Nash, ISSAA, B61-11, Alouette, executive, Event Security, Mace, Cap-Stun, stakeout, ninja, ASIS, ISA, EOD, Oscor, Merlin, NTT, SL-1, Rolm, TIE, Tie-fighter, PBX, SLI, NTT, MSCJ, MIT, 69, RIT, Time, MSEE, Cable & Wireless, CSE, SUW, J2, Embassy, ETA, Fax, finks, Fax encryption, white noise, Fernspah, MYK, GAFE, forcast, import, rain, tiger, buzzer, N9, pink noise, CRA, M.P.R.I., top secret, Mossberg, 50BMG, Macintosh Security, Macintosh Internet Security, OC3, Macintosh Firewalls, Unix Security, VIP Protection, SIG, sweep, Medco, TRD, TDR, Z, sweeping, SURSAT, 5926, TELINT, Audiotel, Harvard, 1080H, SWS, Asset, Satellite imagery, force, NAIAG, Cypherpunks, NARF, 127, Coderpunks, TRW, remailers, replay, redheads, RX-7, explicit, FLAME, JTF-6, AVN, ISSSP, Anonymous, W, Sex, chaining, codes, Nuclear, 20, subversives, SLIP, toad, fish, data havens, unix, c, a, b, d, SUBACS, the, Elvis, quiche, DES, 1*, NATIA, NATOA, sneakers, UXO, (), OC-12, counterintelligence, Shaldag, sport, NASA, TWA, DT, gtegsc, owhere, .ch, hope, emc, industrial espionage, SUPIR, PI, TSCI, spookwords, industrial intelligence, H.N.P., SUAEWICS, Juiliett Class Submarine, Locks, qrss, loch, 64 Vauxhall Cross, Ingram Mac-10, wwics, sigvoice, ssa, E.O.D., SEMTEX, penrep, racal, OTP, OSS, Siemens, RPC, Met, CIA-DST, INI, watchers, keebler, contacts, Blowpipe, BTM, CCS, GSA, Kilo Class, squib, primacord, RSP, Z7, Becker, Nerd, fangs, Austin, no|d, Comirex, GPMG, Speakeasy, humint, GEODSS, SORO, M5, BROMURE, ANC, zone, SBI, DSS, S.A.I.C., Minox, Keyhole, SAR, Rand Corporation, Starr, Wackenhutt, EO, burhop, Wackendude, mol, Shelton, 2E781, F-22, 2010, JCET, cocaine, Vale, IG, Kosovo, Dake, 36,800, Hillal, Pesec, Hindawi, GGL, NAICC, CTU, botux, Virii, CCC, ISPE, CCSC, Scud, SecDef, Magdeyev, VOA, Kosiura, Small Pox, Tajik, +=, Blacklisted 411, TRDL, Internet Underground, BX, XS4ALL, wetsu, muezzin, Retinal Fetish, WIR, Fetish, FCA, Yobie, forschung, emm, ANZUS, Reprieve, NZC-332, edition, cards, mania, 701, CTP, CATO, Phon-e, Chicago Posse, NSDM, l0ck, spook, keywords, QRR, PLA, TDYC, W3, CUD, CdC, Weekly World News, Zen, World Domination, Dead, GRU, M72750, Salsa, 7, Blowfish, Gorelick, Glock, Ft. Meade, NSWT, press-release, WISDIM, burned, Indigo, wire transfer, e-cash, Bubba the Love Sponge, Enforcers, Digicash, zip, SWAT, Ortega, PPP, NACSE, crypto-anarchy, AT&T, SGI, SUN, MCI, Blacknet, ISM, JCE, Middleman, KLM, Blackbird, NSV, GQ360, X400, Texas, jihad, SDI, BRIGAND, Uzi, Fort Meade, *&, gchq.gov.uk, supercomputer, bullion, 3, NTTC, Blackmednet, :, Propaganda, ABC, Satellite phones, IWIS, Planet-1, ISTA, rs9512c, South Africa, Sergeyev, Montenegro, Toeffler, Rebollo, sorot, cryptanalysis, nuclear, 52 52 N - 03 03 W, Morgan, Canine, GEBA, INSCOM, MEMEX, Stanley, FBI, Panama, fissionable, Sears Tower, NORAD, Delta Force, SEAL, virtual, WASS, WID, Dolch, secure shell, screws, Black-Ops, O/S, Area51, SABC, basement, ISWG, $ @, data-haven, NSDD, black-bag, rack, TEMPEST, Goodwin, rebels, ID, MD5, IDEA, garbage, market, beef, Stego, ISAF, unclassified, Sayeret Tzanhanim, PARASAR, Gripan, pirg, curly, Taiwan, guest, utopia, NSG, orthodox, CCSQ, Alica, SHA, Global, gorilla, Bob, UNSCOM, Fukuyama, Manfurov, Kvashnin, Marx, Abdurahmon, snullen, Pseudonyms, MITM, NARF, Gray Data, VLSI, mega, Leitrim, Yakima, NSES, Sugar Grove, WAS, Cowboy, Gist, 8182, Gatt, Platform, 1911, Geraldton, UKUSA, veggie, XM, Parvus, NAVSVS, 3848, Morwenstow, Consul, Oratory, Pine Gap, Menwith, Mantis, DSD, BVD, 1984, blow out, BUDS, WQC, Flintlock, PABX, Electron, Chicago Crust, e95, DDR&E, 3M, KEDO, iButton, R1, erco, Toffler, FAS, RHL, K3, Visa/BCC, SNT, Ceridian, STE, condor, CipherTAC-2000, Etacs, Shipiro, ssor, piz, fritz, KY, 32, Edens, Kiwis, Kamumaruha, DODIG, Firefly, HRM, Albright, Bellcore, rail, csim, NMS, 2c, FIPS140-1, CAVE, E-Bomb, CDMA, Fortezza, 355ml, ISSC, cybercash, NAWAS, government, NSY, hate, speedbump, joe, illuminati, BOSS, Kourou, Misawa, Morse, HF, P415, ladylove, filofax, Gulf, lamma, Unit 5707, Sayeret Mat'Kal, Unit 669, Sayeret Golani, Lanceros, Summercon, NSADS, president, ISFR, freedom, ISSO, walburn, Defcon VI, DC6, Larson, P99, HERF pipe-bomb, 2.3 Oz., cocaine, $, impact, Roswell, ESN, COS, E.T., credit card, b9, fraud, ST1, assassinate, virus, ISCS, ISPR, anarchy, rogue, mailbomb, 888, Chelsea, 1997, Whitewater, MOD, York, plutonium, William Gates, clone, BATF, SGDN, Nike, WWSV, Atlas, IWWSVCS, Delta, TWA, Kiwi, PGP 2.6.2., PGP 5.0i, PGP 5.1, siliconpimp, SASSTIXS, IWG, Lynch, 414, Face, Pixar, IRIDF, NSRB, eternity server, Skytel, Yukon, Templeton, Johohonbu, LUK, Cohiba, Soros, Standford, niche, ISEP, ISEC, 51, H&K, USP, ^, sardine, bank, EUB, USP, PCS, NRO, Red Cell, NSOF, Glock 26, snuffle, Patel, package, ISI, INR, INS, IRS, GRU, RUOP, GSS, NSP, SRI, Ronco, Armani, BOSS, Chobetsu, FBIS, BND, SISDE, FSB, BfV, IB, froglegs, JITEM, SADF, advise, TUSA, LITE, PKK, HoHoCon, SISMI, ISG, FIS, MSW, Spyderco, UOP, SSCI, NIMA, HAMASMOIS, SVR, SIN, advisors, SAP, Monica, OAU, PFS, Aladdin, AG, chameleon man, Hutsul, CESID, Bess, rail gun, .375, Peering, CSC, Tangimoana Beach, Commecen, Vanuatu, Kwajalein, LHI, DRM, GSGI, DST, MITI, JERTO, SDF, Koancho, Blenheim, Rivera, Kyudanki, varon, 310, 17, 312, NB, CBM, CTP, Sardine, SBIRS, jaws, SGDN, ADIU, DEADBEEF, IDP, IDF, Halibut, SONANGOL, Flu, &, Loin, PGP 5.53, meta, Faber, SFPD, EG&G, ISEP, blackjack, Fox, Aum, AIEWS, AMW, RHL, Baranyi, WORM, MP5K-SD, 1071, WINGS, cdi, VIA, DynCorp, UXO, Ti, WWSP, WID, osco, Mary, honor, Templar, THAAD, package, CISD, ISG, BIOLWPN, JRA, ISB, ISDS, chosen, LBSD, van, schloss, secops, DCSS, DPSD, LIF, PRIME, SURVIAC, telex, SP4, Analyzer, embassy, Golf, B61-7, Maple, Tokyo, ERR, SBU, Threat, JPL, Tess, SE, EPL, SPINTCOM, ISS-ADP, Merv, Mexico, SUR, SO13, Rojdykarna, airframe, 510, EuroFed, Avi, shelter, Crypto AG.

I know, I know. Hard to believe that such a list could be real? I mean, if words like "Rivera" are included, every Yankee box score would trigger an NSA alert. But, nevertheless, this is much closer to the keyword list actually used by NSA. So, don't ask your wife to take out the "garbage" over the phone. Don't discuss "Whitewater" with your e-mail buddies -- unless you don't mind Big Brother listening in. And, please, don't ask me what half this stuff means. All I know is that it irritates the gods of government. So be careful out there.

from The Age, 1999-May-23, by Duncan Campbell, from http://www.theage.com.au/daily/990523/news/news3.html:

Careful, they might hear you

Australia has become the first country openly to admit that it takes part in a global electronic surveillance system that intercepts the private and commercial international communications of citizens and companies from its own and other countries. The disclosure is made today in Channel 9's Sunday program by Martin Brady, director of the Defence Signals Directorate in Canberra.

Mr Brady's decision to break ranks and officially admit the existence of a hitherto unacknowledged spying organisation called UKUSA is likely to irritate his British and American counterparts, who have spent the past 50 years trying to prevent their own citizens from learning anything about them or their business of ``signals intelligence'' - ``sigint'' for short.

In his letter to Channel 9 published today, Mr Brady states that the Defence Signals Directorate (DSD) ``does cooperate with counterpart signals intelligence organisations overseas under the UKUSA relationship".

In other statements which have now been made publicly available on the Internet (www.dsd.gov.au), he also says that DSD's purpose ``is to support Australian Government decision-makers and the Australian Defence Force with high-quality foreign signals intelligence products and services. DSD (provides) important information that is not available from open sources".

Together with the giant American National Security Agency (NSA) and its Canadian, British, and New Zealand counterparts, DSD operates a network of giant, highly automated tracking stations that illicitly pick up commercial satellite communications and examine every fax, telex, e-mail, phone call, or computer data message that the satellites carry.

The five signals intelligence agencies form the UKUSA pact. They are bound together by a secret agreement signed in 1947 or 1948. Although its precise terms have never been revealed, the UKUSA agreement provides for sharing facilities, staff, methods, tasks and product between the participating governments.

Now, due to a fast-growing UKUSA system called Echelon, millions of messages are automatically intercepted every hour, and checked according to criteria supplied by intelligence agencies and governments in all five UKUSA countries. The intercepted signals are passed through a computer system called the Dictionary, which checks each new message or call against thousands of ``collection'' requirements. The Dictionaries then send the messages into the spy agencies' equivalent of the Internet, making them accessible all over the world.

Australia's main contribution to this system is an ultra-modern intelligence base at Kojarena, near Geraldton in Western Australia. The station was built in the early 1990s. At Kojarena, four satellite tracking dishes intercept Indian and Pacific Ocean communications satellites. The exact target of each dish is concealed by placing them inside golfball like ``radomes''.

About 80 per cent of the messages intercepted at Kojarena are sent automatically from its Dictionary computer to the CIA or the NSA, without ever being seen or read in Australia. Although it is under Australian command, the station - like its controversial counterpart at Pine Gap - employs American and British staff in key posts.

Among the ``collection requirements" that the Kojarena Dictionary is told to look for are North Korean economic, diplomatic and military messages and data, Japanese trade ministry plans, and Pakistani developments in nuclear weapons technology and testing. In return, Australia can ask for information collected at other Echelon stations to be sent to Canberra.

A second and larger, although not so technologically sophisticated DSD satellite station, has been built at Shoal Bay, Northern Territory. At Shoal Bay, nine satellite tracking dishes are locked into regional communications satellites, including systems covering Indonesia and south-west Asia.

International and governmental concern about the UKUSA Echelon system has grown dramatically since 1996, when New Zealand writer Nicky Hager revealed intimate details of how it operated. New Zealand runs an Echelon satellite interception site at Waihopai, near Blenheim, South Island. Codenamed ``Flintlock", the Waihopai station is half the size of Kojarena and its sister NSA base at Yakima, Washington, which also covers Pacific rim states. Waihopai's task is to monitor two Pacific communications satellites, and intercept all communications from and between the South Pacific islands.

Like other Echelon stations, the Waihopai installation is protected by electrified fences, intruder detectors and infra-red cameras. A year after publishing his book, Hager and New Zealand TV reporter John Campbell mounted a daring raid on Waihopai, carrying a TV camera and a stepladder. From open, high windows, they then filmed into and inside its operations centre.

They were astonished to see that it operated completely automatically.

Although Australia's DSD does not use the term ``Echelon'', Government sources have confirmed to Channel 9 that Hager's description of the system is correct, and that the Australia's Dictionary computer at Kojarena works in the same way as the one in New Zealand.

Until this year, the US Government has tried to ignore the row over Echelon by refusing to admit its existence. The Australian disclosures today make this position untenable. US intelligence writer Dr Jeff Richelson has also obtained documents under the US Freedom of Information Act, showing that a US Navy-run satellite receiving station at Sugar Grove, West Virginia, is an Echelon site, and that it collects intelligence from civilian satellites.

The station, south-west of Washington, lies in a remote area of the Shenandoah Mountains. According to the released US documents, the station's job is ``to maintain and operate an Echelon site''. Other Echelon stations are at Sabana Seca, Puerto Rico, Leitrim, Canada and at Morwenstow and London in Britain.

Information is also fed into the Echelon system from taps on the Internet, and by means of monitoring pods which are placed on undersea cables. Since 1971, the US has used specially converted nuclear submarines to attach tapping pods to deep underwater cables around the world.

The Australian Government's decision to be open about the UKUSA pact and the Echelon spy system has been motivated partly by the need to respond to the growing international concern about economic intelligence gathering, and partly by DSD's desire to reassure Australians that its domestic spying activity is strictly limited and tightly supervised.

According to DSD director Martin Brady, ``to ensure that (our) activities do not impinge on the privacy of Australians, DSD operates under a detailed classified directive approved by Cabinet and known as the Rules on Sigint and Australian Persons".

Compliance with this Cabinet directive is monitored by the inspector-general of security and intelligence, Mr Bill Blick. He says that ``Australian citizens can complain to my office about the actions of DSD. And if they do so then I have the right to conduct an inquiry."

But the Cabinet has ruled that Australians' international calls, faxes or e-mails can be monitored by NSA or DSD in specified circumstances. These include ``the commission of a serious criminal offence; a threat to the life or safety of an Australian; or where an Australian is acting as the agent of a foreign power". Mr Brady says that he must be given specific approval in every case. But deliberate interception of domestic calls in Australia should be left to the police or ASIO.

Mr Brady claims that other UKUSA nations have to follow Australia's lead, and not record their communications unless Australia has decided that this is required. ``Both DSD and its counterparts operate internal procedures to satisfy themselves that their national interests and policies are respected by the others," he says.

So if NSA happens to intercept a message from an Australian citizen or company whom DSD has decided to leave alone, they are supposed to strike out the name and insert ``Australian national'' or ``Australian corporation'' instead. Or they must destroy the intercept.

That's the theory, but specialists differ. According to Mr Hager, junior members of UKUSA just can't say ``no''. ``... When you're a junior ally like Australia or New Zealand, you never refuse what they ask for.''

There are also worries about what allies might get up to with information that Australia gives them. When Britain was trying to see through its highly controversial deal to sell Hawk fighters and other arms to Indonesia, staff at the Office of National Assessments feared that the British would pass DSD intelligence on East Timor to President Soeharto in order to win the lucrative contract.

The Australian Government does not deny that DSD and its UKUSA partners are told to collect economic and commercial intelligence. Australia, like the US, thinks this is especially justified if other countries or their exporters are perceived to be behaving unfairly. Britain recognises no restraint on economic intelligence gathering. Neither does France.

According to the former Canadian agent Mike Frost, it would be ``nave" [naïve -Ed.] for Australians to think that the Americans were not exploiting stations like Kojarena for economic intelligence purposes. ``They have been doing it for years," he says. ``Now that the Cold War is over, the focus is towards economic intelligence. Never ever over-exaggerate the power that these organisations have to abuse a system such as Echelon. Don't think it can't happen in Australia. It does.''

from The American Reporter, 1999-Oct-8, by Eric Mankin, American Reporter College Correspondent:

MACHINE DEMONSTRATES SUPERHUMAN SPEECH RECOGNITION

LOS ANGELES -- An extraordinary new speech recognition system that "hears" words otherwise drowned out by vast amounts of static or background chatter is far more sensitive than the human ear and may quickly revolutionize the science that allows many kinds of machines to be operated by voice commands, say engineers at the University of Southern California (USC) in Los Angeles.

Biomedical engineers at USC have created the world's first machine system that can recognize spoken words better than humans can. A fundamental rethinking of a long-underperforming computer architecture led to their achievement.

The system might soon facilitate voice control of computers and other machines, help the deaf, aid air traffic controllers and others who must understand speech in noisy environments, and instantly produce clean transcripts of conversations, identifying each of the speakers. The U.S. Navy, which listens for the sounds of submarines in the hubbub of the open seas, is another possible user.

Potentially, the system's novel underlying principles could have applications in such medical areas as patient monitoring and the reading of electrocardiograms.

In benchmark testing using just a few spoken words, USC's Berger-Liaw Neural Network Speaker Independent Speech Recognition System not only bested all existing computer speech recognition systems but outperformed the keenest human ears.

Neural nets are computing devices that mimic the way brains process information. Speaker-independent systems can recognize a word no matter who or what pronounces it.

No previous speaker-independent computer system has ever outperformed humans in recognizing spoken language, even in very small test bases, says system co- designer Theodore W. Berger, Ph.D., a professor of biomedical engineering in the USC School of Engineering.

The system can distinguished words in vast amounts of random "white" noise -- noise with amplitude 1,000 times the strength of the target auditory signal. Human listeners can deal with only a fraction as much.

And the system can pluck words from the background clutter of other voices -- the hubbub heard in bus stations, theater lobbies and cocktail parties, for example.

Even the best existing systems fail completely when as little as 10 percent of hubbub masks a speaker's voice. At slightly higher noise levels, the likelihood that a human listener can identify spoken test words is mere chance. By contrast, Berger and Liaw's system functions at 60 percent recognition with a hubbub level 560 times the strength of the target stimulus.

With just a minor adjustment, the system can identify different speakers of the same word with superhuman acuity.

Berger and system co-designer Jim-Shih Liaw, Ph.D., achieved this improved performance by paying closer attention to the signal characteristics used by real flesh- and-blood brains in processing information.

First proposed in the 1940's and the subject of intensive research in the '80s and early '90s, neural nets are computers configured to imitate the brain's system of information processing, wherein data are structured not by a central processing unit but by an interlinked network of simple units called neurons. Rather than being programmed, neural nets learn to do tasks through a training regimen in which desired responses to stimuli are reinforced and unwanted ones are not.

"Though mathematical theorists demonstrated that nets should be highly effective for certain kinds of computation (particularly pattern recognition), it has been difficult for artificial neural networks even to approach the power of biological systems," said Liaw, director of the Laboratory for Neural Dynamics and a research assistant professor of biomedical engineering at the USC School of Engineering.

"Even large nets with more than 1,000 neurons and 10,000 interconnections have shown lackluster results compared with theoretical capabilities. Deficiencies were often laid to the fact that even 1,000-neuron networks are tiny, compared with the millions or billions of neurons in biological systems."

Remarkably, USC's neural net system uses an architecture consisting of just 11 neurons connected by a mere 30 links.

According to Berger, who has spent years studying biological data-processing systems, previous computer neural nets went wrong by oversimplifying their biological models, omitting a crucial dimension.

"Neurons process information structured in time," he explained. "They communicate with one another in a 'language' whereby the 'meaning' imparted to the receiving neuron is coded into the signal's timing. A pair of pulses separated by a certain time interval excites a certain neuron, while a pair of pulses separated by a shorter or longer interval inhibits it.

"So far," Berger continued, "efforts to create neural networks have had silicon neurons transmitting only discreet signals of varying intensity, all clocked the way a computer is clocked, in beats of unvarying duration. But in living cells, the temporal dimension, both in the exciting signal and in the response, is as important as the intensity."

Berger and Liaw created computer chip neurons that closely mimic the signaling behavior of living cells -- those of the hippocampus, the brain structure involved in associative learning.

"You might say, we let our cells hear the music," Berger said.

Berger and Liaw's computer chip neurons were combined into a small neural network using standard architecture. While all the neurons shared the same hippocampus- mimicking general characteristics, each was randomly given slightly different individual characteristics, in much the same way that individual hippocampus neurons would have slightly different individual characteristics.

The network created was then trained, using a procedure as unique as the neurons -- again taken from the biological model, a learning rule that allows the temporal properties of the net connections to change.

The USC research was funded by the Office of Naval Research; the Defense Department's Advanced Research Projects Agency; the National Centers for Research Resources, and the National Institute of Mental Health. The university has applied for a patent on the system and the architectural concepts on which it is based.

A demonstration of the Berger-Liaw Neural Network Speaker-Independent Speech Recognition System can be found on line at:
http://www.usc.edu/ext-relations/news_service/real/real_video.html

Eric Mankin is a science writer for USC and was a longtime contributing editor of the Los Angeles Reader.

from Mother Jones News Wire, 2000-Feb-4, by Jen Tracy:

New KGB Takes Internet by SORM

The Russian government has just authorized itself to spy on everything its citizens do on the Net -- and to punish ISPs that won't help. So much for post-Soviet civil rights.

MOSCOW -- Human rights activists were outraged when Russia's KGB successor agency, the FSB, launched a grand project -- code-named SORM -- to spy on its citizens' Internet transmissions. But as if that weren't disturbing enough, last month acting President and ex-KGB agent Vladimir Putin gave the Orwellian project a momentous but little-noticed power boost: Now, not only is the long-feared FSB allowed to implement the spy technology and use it at will, but so are seven other federal security agencies, including the tax police and interior ministry police.

The new SORM technology, opponents charge, allows security agencies to bypass the legal requirement to obtain a warrant before monitoring private correspondence, and will put an end to privacy and to the Internet as an instrument of democracy.

It was a significant decision for an acting president's first week in office, and one that may be a sign of where Putin is taking Russia's fledgling democracy.

"This means Russia has officially become a police state," said Yelena Bonner, human rights activist and wife of the late Soviet dissident Andrei Sakharov, in a telephone interview from Boston.

The chairman of Citizens' Watch human rights group in St. Petersburg, Boris Pustintsev, called the move "the end of all email privacy."

"It was bad enough that the FSB had unlimited control over confidential correspondence, and now it is multiplied seven times," Pustintsev said. "You can't fight a monster with eight heads."

The 1995 Law on Operational Investigations gave the FSB the authority to monitor all private communications, from postal correspondence to cell-phone calls and electronic mail, provided the security service first obtained a warrant from the court.

SORM, which in Russian stands for System for Operational-Investigative Activities, is a regulation intended to provide the FSB with the technical means to put these monitoring powers into action. According to original drafts of the SORM regulation, Internet service providers themselves are required to foot the bill for the expensive technology and even train FSB officers to use the equipment to spy on their clients.

The regulation requires all ISPs to install a little "black box" rerouting device, and to build a high-speed communications line, which would hot-wire the provider -- and necessarily, all Internet users -- to FSB headquarters.

By rerouting all transmissions in real time to FSB offices, the agency can readily skip the legal obstacle of first obtaining a warrant and gain unfettered access to all communications conducted by clients of Russian ISPs.

In theory, a warrant would be needed to actually read any of the documentation piling up in the FSB's hands. But in practice, critics say, the FSB is unlikely to worry about such legal niceties when the information it wants is just a mouse-click away.

On Jan. 5, after only five days in office, Putin signed an amendment to the Law on Operational Investigations, which gave the tax police, the interior ministry police, Kremlin, parliamentary and presidential security guards, border patrol and customs the same rights as the FSB to monitor, at will, the private correspondence of any and every person residing in Russia's 11 time zones. There are currently some 1.5 million Internet users in Russia.

According to Nailj Murzakhanov, director of Bayard-Slavia Internet provider in Volgograd, the FSB can use SORM to do everything from retrieving and altering email communications to selling company-to-company information to fill the agency's coffers, which haven't prospered under post-Soviet leaders.

Russian special forces have a nasty habit of selling information gathered electronically to the highest bidder, and the information ends up serving political ends. As the Russian daily newspaper Noviye Izvestia noted recently, Internet users are already ironically referring to SORM as "System for Scandalously Unveiling Investigative Materials."

On May 17, 1999, the FSB pulled the plug on Bayard-Slavia's Internet operations because of its director's open refusal to cooperate with SORM. Murzahanov has, to this day, remained the lone provider willing to take a stance against the security service. He is also the only provider to have been shut down over SORM.

The memory of the state's powerful control over the population is still fresh in most minds.

"You remember the KGB, don't you?" said Yury Vdovin, deputy chairman of Citizens' Watch. "They're used to collecting dossiers on citizens, just in case. They collected, collect and will continue to collect information on us," he said.

The same lament over Russia's lack of conscientious objectors comes from Yevgeny Prygov of Krasnodar, who worked for a short time as the coordinator of an official anti-SORM movement with its own web site .

Thanks largely to fear of the FSB, "the movement has been broken," Prygov said in an email interview.

"The crisis in Russia has redefined some of the priorities and the Anti-SORM movement is one of the victims of this process," Prygov continued. "People are thinking about how to stay alive and they forget the value of freedom."

The costs to the Internet service provider are estimated from $10,000 to $30,000, not including any future upgrades. That's enough to shut down some smaller providers, and some SORM-watchers argue that the big Internet players actually welcome SORM as it helps them shore up their market-shares.

The FSB says SORM will help law enforcement track and capture criminals ranging from "tax evaders to pedophiles" because such people may conduct or discuss their business electronically.

"SORM is a normal system for locating criminals and tax evaders. The United States has such a system -- every country does," said Yelena Volchinskaya, a consultant for the State Duma Security Council, which is charged with evaluating the progress of SORM.

The US government does indeed have an email=monitoring program -- and one that also circumvents the courts. The US National Security Agency's Echelon project, though still highly secretive, is reportedly used to monitor and store email and other electronic communications around the world.

Nonetheless, some US Internet and privacy experts find SORM-2 more disquieting than Echelon.

"Echelon and its allied systems in the UK, Canada, Australia and New Zealand take the technology as it finds it -- that is, Echelon is not coercive. It does not rely upon government-mandated surveillance features being built into telecom systems, " said Jim Dempsey, senior counsel at the Center for Democracy and Technology in Washington.

"With SORM-2, Russia is going farther than any other democratic country in controlling the design of private-sector communications systems for surveillance purposes."

Note: the following item represents an ostensible major backpedal on apparatus strategy. Because the new policy is set to activate in December 1999, it is likely a straw man concession - that is, a preface to draconian measures (including unapproved crypto possession criminalization) following Y2K. If this latter does not materialize, then the apparatus has simply lost its edge and has likely begun a gradual and organized rollback as I recommend on the front page of this compilation.

from TPDL 1999-Sep-17, from the Washington Post p.A1, by Peter S. Goodman and John Schwartz:

U.S. to End Curb On Export of Secrecy Software
White House Also Drops Plan To Permit Computer Searches

The Clinton administration yesterday handed the nation's technology industry the long-sought right to freely export software that cloaks electronic communications, setting aside years of warnings from law enforcement and defense officials that such a step would endanger national security.

With such worries in mind, the administration also announced legislation that would give law enforcement greater resources to combat the use of computers by criminals and terrorists, creating a new FBI unit to focus on cracking codes.

But the administration dropped the most controversial element of that effort -- a provision, included in earlier drafts, that would have allowed law enforcement officers to secretly search computers and disable secrecy codes as a prelude to wiretapping.

The new policy, announced in an afternoon briefing at the White House, delighted the high-tech industry, particularly those companies that sell "encryption software," as the codes are known. Such software is seen as critical to the continued growth of electronic commerce, fostering security as more people send their credit card numbers over the Internet.

For two decades, software companies have fought in vain for the right to export encryption products free of stringent licensing requirements. That aim has taken a back seat to worries that the codes could be used by terrorists and other criminal elements to hide their communications.

Such worries were decidedly muted at yesterday's briefing. After a beaming Commerce Secretary William Daley declared that the new policy will "basically open the entire commercial sector as a market for strong U.S. encryption products," Attorney General Janet Reno said she, too, was pleased.

"Today's announcement substantially relaxes export controls, allowing American industry to compete fairly in the international marketplace," Reno said. "Law enforcement maintains its ability to protect public safety."

Deputy Secretary of Defense John Hamre, long an opponent of relaxing the export ban, took the podium to declare that "the national security establishment -- the Department of Defense, the intelligence community -- strongly supports this strategy."

Pressed to explain the turnabout, Reno and Hamre said their concerns were assuaged by the administration's pending introduction of legislation called the Cyberspace Electronic Security Act of 1999, which would give the FBI $80 million over the next four years to establish the new code-cracking unit.

Reno acknowledged in her statement that "this legislation does not provide any new authority for law enforcement to be able to obtain usable evidence from criminals," though she later added that the measure will shield law enforcement from having to disclose its means of cracking codes.

Privacy advocates praised the administration's decision to abandon the push for secret searches of computers. But some worried that even within the new policy, the government would have room to weaken constitutional protections against unreasonable searches.

"The question is, how should the Fourth Amendment protect my information when it moves out of my desk drawer and out into the network?" said Alan Davidson, staff counsel for the Center for Democracy and Technology, a high-tech civil-liberties group based in Washington.

At the briefing, Reno was asked the degree to which Vice President Gore was involved in drafting the new policy. In seeking the presidency, Gore is hoping for strong support from the high-tech world. Tonight he is set to hold a fund-raiser in Los Altos, Calif., near Silicon Valley. Reno declined to characterize Gore's level of interest, though she said she recalled two meetings with the vice president to discuss the new policy.

High-tech leaders have long argued that efforts to deny terrorists encryption tools are futile, given that such software is readily available over the Internet.

In years past, individual shipments of encryption products required federal licenses before export. Under the new policy, companies will need one-time certification for their products. Then they will be free to export as many shipments as they like.

"It's certainly a heck of a marketing opportunity for us," said Art Coviello, who heads RSA Security, the company that owns the rights to a widely used form of encryption.

Some analysts said the administration's previous stance endangered one of the most promising high-tech sectors. The new policy prevents "a slow, grinding disappearance of the U.S. crypto industry," said Stewart Baker, who served as general counsel to the National Security Agency and now represents high-tech companies. "In the end, I think everybody realized that."

The administration's shift may also be attributed to the momentum that has developed for industry-backed legislation that would have gone even further to remove export limits -- a fact noted yesterday by Rep. Robert W. Goodlatte (R-Va.), sponsor of the Security and Freedom Through Encryption Act (SAFE).

Goodlatte praised the new policy, calling it "huge." Still, he said he will not withdraw his bill because the regulations spawned by yesterday's announcement will not be released until December. "There have been incidents where the regulations that have been implemented haven't lived up to the billing," he said.

The administration promised to veto Goodlatte's bill, should it pass, portraying it as a dangerous rollback of law enforcement authority.

"The only person who'd be safe if the SAFE bill were to pass," Hamre said, "would be spies."

How it sifted out:

from Electronic Privacy Information Center, 2000-Jan-13:

Civil Liberties Groups Say New Encryption Export Regulations Still Have Serious Constitutional Deficiencies

Washington, DC -- Leading Internet civil liberties groups said today that new encryption export regulations released by the U.S. Commerce Department fall short of the Clinton Administration's promise to deregulate the privacy-enhancing technology. The American Civil Liberties Union (ACLU), Electronic Frontier Foundation (EFF) and Electronic Privacy Information Center (EPIC) will continue to press their Constitutional cases. These court cases seek to eliminate U.S. government regulations that make Internet encryption software and technology more cumbersome to publish or send than the same items when published in other media.

While the Administration has taken a step in the right direction with its latest revisions, the fundamental constitutional defects of the encryption export regime have not been remedied. Specifically:

- The new regulations, like the old ones, impose special requirements on Internet speech, contrary to the Supreme Court's 1997 ruling in Reno v. ACLU. The regulations require that the government be notified of any electronic "export" of publicly available encryption source code, and prohibit electronic "export" to certain countries. Yet people may freely send the same information anywhere on paper.

- The export regulations are still a completely discretionary licensing scheme. They continue to require licenses for a large amount of communication protected by the First Amendment, including transmitting source code that is not "publicly available," source code that is "restricted," source code forming an "open cryptographic interface," and various forms of object code.

- While the new regulations appear to permit free posting of encryption source code to Internet discussion lists, such posting may be illegal if the poster has 'reason to know' that it will be read by a person in one of the seven regulated countries (such as Cuba).

- The new regulations still ban providing information on how to create or use some encryption technology as prohibited "technical assistance." Software publishers can be fined or imprisoned for helping people to use their code. These same limitations do not apply to non-encryption source code.

The U.S. export control laws on encryption have been the source of much legal wrangling for the past several years. Encryption is a method for scrambling data in order to make electronic communications more secure.

As more computer users employ encryption to protect the privacy of their e-messages and documents, the U.S. government has until now demanded guaranteed easy access to the content of Internet communications.

In a well-publicized court case, mathematician Daniel J. Bernstein has challenged the export control laws on encryption on First Amendment grounds. Professor Bernstein claims that his right to publish his own encryption software and share his research results with others over the Internet is being unconstitutionally restricted by the government's controls. Bernstein won his case at the trial level, and won an appeal in the Ninth Circuit Court of Appeals. The government asked that the appeal be reconsidered in light of the new regulations, and a larger "en banc" panel of Ninth Circuit judges will reconsider the case this spring.

A similar case challenging the constitutionality of the export rules was brought by the ACLU of Ohio on behalf of Ohio law professor Peter Junger, who wished to publish an electronic version of an encryption program he wrote. The case is pending in the Sixth Circuit Federal Court of Appeals.

Barry Steinhardt, Associate Director for the ACLU, said, "The rules are a step forward, but they are still too complex and leave too many questions unanswered. Now that the Administration has tacitly admitted that it can't and shouldn't control the use of encryption, it should have announced a simple deregulation, rather than regulatory maze."

"These First Amendment problems need to be fixed before we can support the government here," commented EFF attorney Shari Steele. "The government has made some concessions, but they are not enough to make the regulations constitutional. EFF will continue to support Professor Bernstein as he presses on with his litigation."

According to EPIC General Counsel David Sobel, "The revised rules will make it easier for commercial firms to export and sell encryption products. While that is a positive development, the government will still retain significant control over this technology, to the detriment of efforts to create a truly secure Internet. It's time to remove the bureaucratic requirements and permit the free exchange of encryption"

from http://www.cdt.org/crypto/CESA/CESArevfactsheet3.shtml:

The WHITE HOUSE

Office of the Press Secretary

For Immediate Release September 16, 1999

FACT SHEET

Administration Updates Encryption Export Policy

Today, the Clinton Administration announced a new approach to encryption policy that includes updates and simplifies export controls. The major components of this update are as follows:

Global exports to individuals, commercial firms or other non-governmental entities

Any encryption commodity or software of any key length can now be exported under a license exception (i.e., without a license) after a technical review, to commercial firms and other non-government end users in any country except for the seven state supporters of terrorism. Exports previously allowed only for a company's internal use can now be used for communication with other firms, supply chains and customers. Additionally, telecommunication and Internet service providers may use any encryption commodity or software to provide services to commercial firms and non-government end users. Previous liberalizations for banks, financial institutions and other approved sectors are subsumed under this Update. Exports to governments can be approved under a license.

Global exports of retail products

Retail encryption commodities and software of any key length may be exported under a license exception (i.e., without a license) after a technical review, to any recipient in any country except to the seven state supporters of terrorism. Retail encryption commodities and software are those products which do not require substantial support for installation and use and which are sold in tangible form through independent retail outlets, or products in tangible or intangible form, which have been specifically designed for individual consumer use. There is no restriction on the use of these products. Additionally, telecommunication and Internet service providers may use retail encryption commodities and software to provide services to any recipient.

Implementation of the December 1998 Wassenaar Arrangement Revisions

Last year, the Wassenaar Arrangement (33 countries which have common controls on exports, including encryption) made a number of changes to modernize multilateral encryption controls. As part of this update, the U.S. will allow exports without a license of 56 bits DES and equivalent products, including toolkits and chips, to all users and destinations (except the seven state supporters of terrorism) after a technical review. Encryption commodities and software with key lengths of 64-bits or less which meet the mass market requirements of Wassenaar's new cryptographic note will also be eligible for export without a license after a technical review.

U.S. Subsidiaries

Foreign nationals working in the United States no longer need an export license to work for U.S. firms on encryption. This extends the policy adopted in last year's update, which allowed foreign nationals to work for foreign subsidiaries of U.S. firms under a license exception (i.e., without a license).

Export Reporting

Post-export reporting will now be required for any export to a non-U.S. entity of any product above 64 bits. Reporting helps ensure compliance with our regulations and allows us to reduce licensing requirements. The reporting requirements will be streamlined to reflect business models and practices, and will be based on what companies normally collect. We intend to consult with industry on how best to implement this part of the Update.

from the Associated Press, 1999-May-6, by Bob Egelko:

Appeals court decides U.S. encryption rules are unconstitutional

SAN FRANCISCO (AP) - Government limits on the export of computer encryption codes, which scramble data to prevent eavesdropping, is a violation of freedom of expression, a federal appeals court ruled Thursday.

The ruling is a blow to the Clinton administration, which limits exports of the most powerful encryption technology because it fears law enforcement agencies won't be able to read the messages of criminals or terrorists.

But the high-tech industry wants relaxed restrictions so it can take full advantage of the booming market for encryption programs as Internet commerce increases.

The 9th U.S. Circuit Court of Appeals, upholding a lower-court ruling, said encryption codes contain expressions of ideas and cannot be suppressed indefinitely by government officials.

``Cryptographers use source code to express their scientific ideas in much the same way that mathematicians use equations or economists use graphs,'' Judge Betty Fletcher wrote in the 2-1 ruling.

An industry group applauded the ruling.

``It's a giant step forward in bringing down export controls,'' said Tara Lemmey, president of the Electronic Frontier Foundation in San Francisco.

The decision upheld the 1996 ruling in the case of Daniel Bernstein, an Illinois mathematics professor who wanted to post his encryption formula on the Internet.

Fletcher wrote that Bernstein and other scientists ``have been effectively chilled from engaging in valuable scientific expression.''

A dissenting judge said computer code is more like conduct than speech. It was not clear whether the ruling would permit the dissemination of all encryption codes.

The ruling declares the regulations invalid in the nation's largest federal appellate circuit, which covers nine Western states. The 6th U.S. Circuit Court of Appeals in Cincinnati is preparing to review another judge's ruling upholding the same regulations.

The departments of Justice and Commerce, which reviews encryption licenses, had no comment.

``I do not expect that this battle is over,'' said Bernstein's lawyer, Cindy Cohn. But she said the ruling was ``a huge, giant step along the road so that the government can't prevent people from developing this tool, this science.''

Bernstein, now at the University of Illinois at Chicago, developed an encryption program called Snuffle as an undergraduate at the University of California at Berkeley in 1990.

Two years later, the State Department, which then ran the regulatory program, told him he could not post his code on the Internet without an export license, which he has been unable to get.

The Clinton administration recently liberalized its rules to allow encryption of some electronically posted credit card information. But in most cases, the regulations still treat encryption codes like military weapons and forbid their export without a license.

from PDL 1999-Mar-6, from the Evening/Electronic Telegraph, by Robert Uhlig, Technology Correspondent:

Police want keys to decode private e-mail

THE Government was accused yesterday of rushing through legislation that could allow it unprecedented powers to access and decrypt any person's private e-mail, inspect digital communications, and investigate data stored on their computers.

Stephen Byers, the Trade Secretary, and Jack Straw, the Home Secretary, proposed legislation that will make it an offence not to decipher confidential material on demand during a police inquiry.

Industry has three weeks to respond to their proposals, published as part of a consultation document on electronic commerce, which asks for help from industry in setting up a secure legal framework for trading on the Internet and via electronic links. Mr Byers said a Bill on electronic commerce, encompassing new encryption and data-policing proposals, will be published after Easter.

In the hope of making Britain the world centre for electronic commerce, the Department of Trade and Industry wants to introduce legislation that will end the days of people using pen and paper to make contracts.

"Developing trust on-line, building public confidence in electronic signatures and clarifying their legal status are essential if we are to promote electronic commerce," Mr Byers said. "Encryption is vital to this way of supporting electronic signatures as well as protecting the confidentiality of documents."

However, the Home Office is concerned that encryption poses a serious threat to the police's ability to intercept and read stored and communicated communications sent between criminals and terrorists.

"As, increasingly, such data becomes encrypted, agencies need access to the keys to unlock any material they lawfully obtain," Mr Byers said. "We therefore intend to give those agencies legal powers to obtain encryption keys, under properly authorised procedures and on a case by case basis, wherever they are held."

The Government has faced an uphill battle with proposals for laws to govern digital signatures and the use of encryption software to keep digital data confidential.

Other countries, notably America and France, have backed down on proposals that would allow them access to their citizens' private communications. Soon after the election, the Government rescinded a manifesto pledge not to require companies and individuals to use key-escrow, a system requiring decryption keys to be deposited with a third party.

The consultation paper proposes a voluntary licensing scheme for businesses which provide electronic signature services, but industry and academia are concerned that any attempt to force individuals and companies to deposit their encryption keys with the authorities will undermine public confidence in electronic commerce.

Yesterday Michael Wills, a trade minister responsible for key-escrow policy, said the idea was on hold, but "not dead and buried". He added that it was up to industry, which has lobbied hard against key-escrow, to come up with alternatives.

John Wadham, the director of the human rights group Liberty, said: "I'm glad the Prime Minister realises that compulsory key-escrow is not an acceptable solution. It's like suggesting that the police should be able to steam open your mail after you've put it in the post box."

The law at present allows the police or other authorities to intercept telephone calls or other digital transmissions. But any digital data can be encrypted using computer software, making it almost impossible to read without the correct key, which will be known only to the sender or recipient of the message.

The Government wants to secure the right to demand someone's key, if it intercepts an encrypted message that it thinks is illegal or is being used for illegal purposes.

Responding to the paper, the Law Society warned the Government not to regulate electronic transactions differently from the rest of business.

from the New York Times 1999-Jan-16:

U.S. Officials Try to Sell Encryption Policy in Valley

By PETER WAYNER
CUPERTINO, Calif. -- The Clinton Administration's campaign against exporting strong secret computer codes took to the road on Friday as the President's Export Council Subcommittee on Encryption held a meeting in Silicon Valley to try and build bridges between the computer industry and the government.

Little harmony emerged, however, as the industry representatives turned a cold eye to the Administration's recent proposals and complained that increased foreign competition was in danger of surpassing American companies.

The Administration's campaign to restrict cryptography seemed to lose momentum this week as some foreign executives suggested that changes in a new international agreement announced last year might have little effect in practice. The new rules, which are in a diplomatic agreement between the United States and 32 other Western countries, would require each country to require special permits before allowing the export of mass-market software containing encryption. Some executives now suggest that some countries may simply satisfy this requirement by issuing blanket permits that do little to contain encryption technology.

The Administration's position was further complicated by an announcement by Representative Zoe Lofgren, a California Democrat, who told the attendees at the meeting on Friday that she would plan to re-introduce legislation to liberalize export controls. Earlier versions of the bill were the basis of a strong battle in Congress that ended in a stalemate. She suggested that she would push for liberalization of export rules once Congress finishes determining the fate of President Clinton's impeachment.

"I frankly think that all of this mess in Washington heightens people awareness," she said. "Grandma and grandpa are e-mailing their grandkids. They're not hiding anything."

The committee itself is made up of representatives from the major government bodies like that National Security Agency, major corporations like Motorola and IBM, universities and the legal profession. The first discussions of the morning centered on identifying which tasks the committee would undertake given that most admitted that little agreement was likely.

The battle over the United States' control over the export of encryption software has always been between the arms of the government associated with defending national security and the computer industry. The government agencies like the National Security Agency and the Federal Bureau of Investigation feel that strong secret codes make it possible for terrorists, criminals and foreign countries to shield their actions from scrutiny. The computer industry suggests that average people also need codes to protect the confidentiality of their personal and financial information.

In recent years, the Clinton Administration has turned to a relatively informal mechanism for trying to convince the outside countries to adopt U.S.-style rules intended to stem the flow of secret code software. The new international pact on encryption, called the Wassenaar agreement, is not a treaty, but a diplomatic arrangement binding many of the Western countries that once united to fight the Soviet Union. It sets goals for restricting all sorts of weaponry like armored cars and includes software under this umbrella.

The first major speaker of the meeting was William A. Reinsch, the official responsible for leading the Commerce Department's Bureau of Export Affairs. He began by announcing that he had little to say, in part because his bureau was "in a cleanup period right now" trying to solve unintended problems caused by the new regulations issued in December. He promised that his bureau was also working on more new regulations that would bring the U.S. regulations in compliance with the Wassenaar agreement.

The new version of the Wassenaar agreement states that there would be no need for regulation of software that protected information with encryption algorithms with no more than 64 bits. This was portrayed as a liberalization because previous U.S. rules drew the line at 56 bits. Ira Rubenstein, a senior corporate lawyer from Microsoft, who attended the meeting, suggested that this was not really liberalization since the mass-market software was not controlled at all by the Wassenaar agreement.

In fact, this lack of control was cited by Canada last year when it decided to let the Canadian subsidiary of Entrust Technologies freely export its full-strength security software throughout the world. The Wassenaar agreement was expected to hamper this push by a Canadian company because the company would be required to get a permit.

There are new indications that the Canadians may simply issue blanket permits. John Ryan, the president of Entrust Technologies, said in a telephone interview earlier this week that the Canadian government was very pro-industry and he expected little real problem. "When you net it all out, we don't think there will be a significant change," he said. "We actually believe that most countries will just issue blanket permits." He added, "The effect of the change will be very modest, if any."

In fact, the effects may even be more liberal. France, one of the few European countries with stiff regulations on encryption, may be loosening its grip in order to foster electronic commerce. The French publication Liberation on Thursday reported that the Finance Minister, Dominique Strauss-Khan, said that the French were at the mercy of "large ears" who did not care about personal privacy. This may simply be a reference to credit card thieves who snag account numbers through illicit wiretaps or it could be a veiled reference to United States spy agencies, which are often believed to eavesdrop on a significant fraction of the telephone and Internet traffic in Europe. The article reported that she said, "I want to make cryptography widely available."

Several people at the meeting suggested that the Clinton Administration often stretched and even violated the spirit of the Wassenaar by permitting the export of high quality encryption devices to countries like China. When this happens, other countries sometimes view the regulations as just a cynical ploy to help U.S. industry instead of a sincere effort.

The Clinton Administration faces further problems convincing non-Western countries to follow its lead. This week in India, the Defense Research and Development Organization warned Indians to avoid American-made encryption software, saying that the U.S. government only allowed the export of software that was easy to break in order to facilitate espionage.

Ryan contends that this worry is often a problem for Entrust's sales force. He said, "The No. 1 pitch of our competitors is 'The cryptographic work was done in Europe so you can trust it.'"

In fact, many other countries are quickly becoming centers of cryptographic excellence. The American company RSA Data Security based in San Mateo, Calif., recently hired two Australian programmers to help solidify its offerings in Web security. The two programmers had gained notice for distribution one of the most widely used versions of SSL, one of the most common forms of security used to protect credit card purchases on the Internet. All purchases at Amazon.com, for instance, are shielded by SSL-based technology.

The meeting on Friday itself just marks the beginning of many security-related events in the San Fransisco Bay Area. Next week, the annual RSA Data Security conference will begin in San Jose and many companies will be announcing new products and initiatives.


Related Sites
These sites are not part of The New York Times on the Web, and The Times has no control over their content or availability.

from TechWeb, 1999-May-18, by Madeleine Acey:

Report: U.S. Uses Key Escrow To Steal Secrets

European plans for controlling encryption software are nothing to do with law enforcement and everything to do with U.S. industrial espionage, according to a report released by the European Parliament on Friday.

The working document for the Scientific and Technological Options Assessment panel said the United States has tried to persuade European Union countries to adopt its key escrow or key recovery policies -- allowing backdoor access to encryption programs -- saying this was necessary to read messages exchanged by criminals.

But the report details how the UKUSA alliance -- made up of the United Kingdom, United States, Canada, Australia, and New Zealand -- has used its secret Echelon global spying network to intercept confidential company communications and give them to favored competitors. Thomson S.A., located in Paris, and Airbus Industrie, based in Blagnac Cedex, France, are said to have lost contracts as a result of information passed to rivals.

"The U.S. government misled states in the EU and [Organization for Economic Cooperation and Development] about the true intention of its policy," the report adds.

"Between 1993 and 1997 police representatives were not involved in the NSA [National Security Agency]-led policy-making process for key recovery. Despite this, during the same period the U.S. government repeatedly presented its policy as being motivated by the stated needs of law-enforcement agencies."

The document went on to detail how the agencies specifically studied Internet data. Apart from scanning all international communications lines -- using 120 satellites, microwave listening stations, and an adapted submarine -- it said they stored and analyzed Usenet discussions. "In the U.K., the Defence Evaluation and Research Agency maintains a 1-terabyte database containing the previous 90 days of Usenet messages."

The "NSA employs computer 'bots' (robots) to collect data of interest," the report adds. "For example, a New York website known as JYA.COM offers extensive information on cryptography and government communications interception activities. Records of access to the site show that every morning it is visited by a bot from NSA's National Computer Security Center, which looks for new files and makes copies of any that it finds."

According to a former employee, NSA had by 1995 installed "sniffer" software to collect traffic at nine major Internet exchange points.

The report offered evidence that a leading U.S. Internet and telecommunications company had contracted with the NSA to develop software to capture Internet data of interest, and that deals had been struck with Microsoft, Lotus, and Netscape to alter their products for foreign use.

"There can't be any doubt any longer that there's an economic imperative to these policies," said Simon Davies, director of Privacy International. "We have been lied to for years. But it will be up to companies like Airbus to take legal action to force a definition of national security in the context of the European Union. Then we can establish a legal framework and appeals process."

Meanwhile, the Financial Times reported on Monday that the U.K. government had agreed to take key escrow "off the agenda" and had accepted industry proposals for a "largely voluntary program of co-operation with the security services".

Government officials could not confirm the report.

But Caspar Bowden, director of the Foundation for Information Policy Research, questioned how far any compromise would go. "Will they persist with statutory licensing [of trusted third parties]and criminal legislation on decryption warrants?" he asked.

Andrew Dornan of Data Communications International contributed to this report.

from TPDL 1999-Apr-11, from the Evening Telegraph, by Tony Paterson in Berlin:

US spy satellites 'raiding German firms' secrets'

SECURITY experts in Germany have uncovered new evidence of a big American industrial espionage operation in Europe using satellite listening posts in Britain and Germany.

German business is thought to suffer annual losses of at least £7 billion through stolen inventions and development projects. With Europe already locked in a trade war with its American ally over bananas, Germany's high-tech industry wants its government to back a counter-offensive.

The main centres used for satellite tapping of millions of confidential company telephone calls, fax and e-mail messages are believed to be terrestrial listening posts run by the American National Security Agency (NSA) at Menwith Hill, near Harrogate, North Yorkshire, and Bad Aibling, Bavaria, with the backing of the American government.

"Industrial espionage is becoming increasingly aggressive. Secrets are being siphoned off to an extent never experienced until now," said Horst Teltschik, a senior BMW board member and a former security adviser to Helmut Kohl. He is trying to co-ordinate a German business response to the spying problem.

The practice of lifting industrial secrets via satellite listening posts has grown steadily in central Europe since the decline in political espionage that followed the collapse of communism. But it has been further encouraged by advances in communications technology.

Victims have included such German firms as the wind generator manufacturer Enercon. Last year it developed what it thought was a secret invention enabling it to generate electricity from wind power at a far cheaper rate than before.

However, when the company tried to market its invention in the United States, it was confronted by its American rival, Kenetech, which announced that it had already patented a near-identical development. Kenetech then brought a court order against Enercon banning the sale of its equipment in the US.

In a rare public disclosure, a NSA employee, who refused to be named, agreed to appear in silhouette on German television last August to reveal how he had stolen Enercon's secrets. He said he used satellite information to tap the telephone and computer link lines that ran between Enercon's research laboratory near the North Sea and its production unit some 12 miles away. Detailed plans of the company's allegedly secret invention were then passed on to Kenetech.

"The theft of the secrets was a severe blow amounting to the loss of several millions," an Enercon spokesman, Carlo Reeker, said last week. "Nowadays we never talk about confidential projects on the phone, nor are the details transmitted anywhere by computer. Secret business is dealt with purely on a face-to-face basis."

Similar fears are voiced at Mannheim University where scientists are developing a system enabling computer data to be stored on household adhesive tape instead of conventional CDs. Last month researchers on the project noticed that their computers had been electronically raided by hackers. Since then the project's scientists have had to resort to the Cold War ruse of walking in the woods to discuss confidential subjects. "We just don't know how much of our research work has gone elsewhere. We are just hoping that our patent comes through as soon as possible," said one research physicist, Steffen Noehte.

The headquarters of the firm working on the project, the European Media Laboratory in Heidelberg, has fitted special fire-walls in sensitive areas to guard against electronic spying. Security services in Baden-Wörttemberg, the Silicon Valley of German states where the laboratory is located, say that since the early Nineties industrial espionage has burgeoned.

Experts have little doubt that the NSA is at the forefront of the European industrial espionage war, not least because Washington has instructed its security services to collect information for the benefit of American industry. Early in his presidency, Bill Clinton decreed that industrial espionage should be one of the main tasks of the CIA. "What is good for Boeing is good for America," he was quoted as saying. The NSA operates a global data surveillance network involving 52 super computers.

Specialists in European industrial espionage, such as the journalist Udo Ulfkotte who is to publish a book on the subject, entitled Market for Thieves, later this year, say there is strong evidence that Britain's Menwith Hill is at the forefront of the offensive. "My research suggests that 70 per cent of the spying is done in Yorkshire," Mr Ulfkotte said.

From both the Yorkshire and Bavarian sites, data is transferred to the NSA's headquarters at Fort Meade, Maryland where 10,000 military personnel and 30,000 civilian employees trawl the information with the help of the British Memex computer identification system.

German industry complains that it is in a particularly vulnerable position because the Bonn government forbids its security services from conducting similar industrial espionage. "German politicians still support the rather naive idea that political allies should not spy on each other's businesses. The Americans and the British do not have such illusions," Mr Ulfkotte said.

But for Germany's Association for Industrial Security, which backs the idea of a counter-industrial espionage drive, the situation has become intolerable. "We will have to get used to the fact that industry is a part of our national security," said the association's president Wolfgang Hoffman.