Edward Snowden Interview The NSA and Its Willing Helpers
Part 2: 'US Multinationals Should Not Be Trusted'
Interviewer: The NSA is building a massive new data center in Utah. What is its purpose?
Snowden: The massive data repositories.
Interviewer: How long is the collected data being stored for?
Snowden: As of right now, full-take collection ages off quickly ( a few days) due to its size unless an analyst has "tasked" 7 a target or communication, in which the tasked communications get stored "forever and ever," regardless of policy, because you can always get a waiver. The metadata 8 also ages off, though less quickly. The NSA wants to be at the point where at least all of the metadata is permanently stored. In most cases, content isn't as valuable as metadata because you can either re-fetch content based on the metadata or, if not, simply task all future communications of interest for permanent collection since the metadata tells you what out of their data stream you actually want.
Interviewer: Do private companies help the NSA?
Snowden: Yes. Definitive proof of this is the hard part because the NSA considers the identities of telecom collaborators to be the jewels in their crown of omniscience. As a general rule, US-based multinationals should not be trusted until they prove otherwise. This is sad, because they have the capability to provide the best and most trusted services in the world if they actually desire to do so. To facilitate this, civil liberties organizations should use this disclosure to push them to update their contracts to include enforceable clauses indicating they aren't spying on you, and they need to implement technical changes. If they can get even one company to play ball, it will change the security of global communications forever. If they won't, consider starting that company.
Interviewer: Are there companies that refuse to cooperate with the NSA?
Snowden: Also yes, but I'm not aware of any list. This category will get a lot larger if the collaborators are punished by consumers in the market, which should be considered Priority One for anyone who believes in freedom of thought.
Interviewer: What websites should a person avoid if they don't want to get targeted by the NSA?
Snowden: Normally you'd be specifically selected for targeting based on, for example, your Facebook or webmail content. The only one I personally know of that might get you hit untargeted are jihadi forums.
Interviewer: What happens after the NSA targets a user?
Snowden: They're just owned. An analyst will get a daily (or scheduled based on exfiltration summary) report on what changed on the system, PCAPS 9 of leftover data that wasn't understood by the automated dissectors, and so forth. It's up to the analyst to do whatever they want at that point -- the target's machine doesn't belong to them anymore, it belongs to the US government.
1 "We're" refers to the NSA.
2 "We" refers to the US intelligence service apparatus
3 "They" refers to the other authorities.
4 The "Five Eye Partners" is a reference to the intelligence services of United States, Britain, Australia, New Zealand and Canada.
5 "ICMP" is a reference to Internet Control Message Protocol. The answer provided here by Snowden was highly technical, but it was clear that he was referring to all data packets sent to or from Britain.
6 "Domestic" is a reference to the United States.
7 In this context, "tasked" refers to the full collection and storage of metadata and content for any matched identifiers by the NSA or its partners.
8 "Metadata" can include telephone numbers, IP addresses and connection times, among other things. Wired Magazine offers a solid primer on metadata.
9 "PCAPS" is an abbreviation of the term "packet capture".
Interview conducted by Jacob Appelbaum and Laura Poitras
- Part 1: The NSA and Its Willing Helpers
- Part 2: 'US Multinationals Should Not Be Trusted'