Thursday, November 8, 2007
AT&T gave feds access to all Web, phone traffic, ex-tech says
By Ellen Nakashima
The Washington Post
WASHINGTON — His first inkling that something was amiss came in summer 2002, when he opened the door to admit a visitor from the National Security Agency (NSA) to an AT&T office in San Francisco.
"What the heck is the NSA doing here?" Mark Klein, a former AT&T technician, said he asked himself.
A year or so later, he stumbled upon documents that, he said, show the agency gained access to massive amounts of e-mail, Web search and other Internet records of more than a dozen global and regional telecom providers. AT&T allowed the agency to hook into its network and, according to Klein, many of the other telecom companies probably knew nothing about it.
Klein will be on Capitol Hill today to share his story in the hope it will persuade Congress not to grant legal immunity to telecommunications firms that helped the government in its warrantless anti-terrorism efforts.
Klein, 62, said he may be the only person in a position to discuss firsthand knowledge of an important aspect of the Bush administration's domestic surveillance. He is retired, so he isn't worried about losing his job. He carried no security clearance, and the documents in his possession were not classified, he said. He has no qualms about "turning in," as he put it, the company where he worked for 22 years until he retired in 2004.
"If they've done something massively illegal and unconstitutional — well, they should suffer the consequences," Klein said.
In an interview this week, he alleged that the NSA set up a system that vacuumed up Internet and phone-call data from ordinary Americans with the help of AT&T and without obtaining a court order. Contrary to the government's depiction of its surveillance program as aimed at overseas terrorists, Klein said, much of the data sent through AT&T to the NSA was purely domestic. Klein said he thinks the NSA was analyzing the records for usage patterns and for content.
He said the NSA built a special room in San Francisco to receive data streamed through an AT&T Internet room containing "peering links," or major connections to other telecom providers. Other so-called secret rooms reportedly were constructed at AT&T sites in Seattle, Los Angeles, San Diego and San Jose, Calif.
Klein's documents and his account form the basis of one of the first lawsuits filed against the telecom companies after the government's warrantless-surveillance program was disclosed by The New York Times in December 2005.
Claudia Jones, an AT&T spokeswoman, said she had no comment on Klein's allegations. "AT&T is fully committed to protecting our customers' privacy. We do not comment on matters of national security," she said.
The NSA and the White House also declined to comment.
Klein is urging Congress not to block Hepting v. AT&T, a class-action suit pending in federal court in San Francisco, and 37 other lawsuits charging carriers with illegally collaborating with the NSA program. He and the Electronic Frontier Foundation, which filed Hepting v. AT&T in 2006, are urging key lawmakers to oppose a pending White House-endorsed immunity provision that effectively would wipe out the lawsuits. The Senate Judiciary Committee is expected to take up the measure today.
In summer 2002, Klein was working in an office responsible for Internet equipment when an NSA representative arrived to interview a management-level technician for a special, secret job.
The job entailed building a "secret room" in another AT&T office 10 blocks away, he said. By coincidence, in October 2003, Klein was transferred to that office. He asked a technician about the secret room on the sixth floor, and the technician told him it was connected to the Internet room a floor above. The technician handed him wiring diagrams.
"That was my 'aha' moment," Klein said. "They're sending the entire Internet to the secret room."
The diagram showed splitters glass prisms that split signals from each network into two identical copies. One copy fed into the secret room. The other proceeded to its destination, he said.
"This splitter was sweeping up everything, vacuum-cleaner-style," he said. "The NSA is getting everything. These are major pipes that carry not just AT&T's customers but everybody's."
One of Klein's documents listed links to 16 entities, including Global Crossing, a large provider of voice and data services in the United States and abroad; UUNet, a large Internet provider now owned by Verizon; Level 3 Communications, which provides local, long-distance and data transmission in the United States and overseas; and more familiar names, such as Sprint and Qwest. It also included data exchanges MAE-West and PAIX, or Palo Alto Internet Exchange, facilities where telecom carriers hand off Internet traffic to each other.
"I flipped out," he said. "They're copying the whole Internet. There's no selection going on here. Maybe they select out later, but at the point of handoff to the government, they get everything."
Qwest has not been sued because of media reports last year that said the company declined to participate in an NSA program to build a database of domestic phone-call records out of concern that it may have been illegal. What the documents show, Klein said, is that the NSA apparently was collecting several carriers' communications, probably without their consent.
Another document showed that the NSA installed in the room a Narus semantic traffic analyzer, which Klein said indicated the NSA was doing content analysis.
Steve Bannerman, Narus' marketing vice president, said the NarusInsight system can track a communication's origin and destination, as well as its content. He declined to comment on AT&T's use of the system.
Klein said he went public after President Bush defended the NSA's surveillance program as limited to collecting phone calls between suspected terrorists overseas and people in the United States. Klein said the documents show that the scope was much broader.
Details on other secret sites were provided by The Seattle Times archives.