Skip to main content

FISA’s Section 702 & the Privacy Conundrum: Surveillance in the U.S and Globally

October 25, 2017

Authors:

Sneha Indrajit, Celia Louie, Jessica L. Beyer, Julia Summers

“Big Brother is always watching” does not seem so far-fetched given the extensive cyber-surveillance powers in the world today. In response, privacy concerns have mounted both in the U.S and across the world. In the U.S. in particular, Section 702 of the Foreign Intelligence Surveillance Act (FISA) has been a point of contention given its far reaching capacity to conduct surveillance. The surveillance under 702 is intended to be restricted to non-U.S. citizens, but has been criticized for its backdoor access to information on U.S. citizens through incidental collection. Section 702 is set to sunset on December 31, 2017, and its reauthorization is currently in the midst of deliberations.

This piece seeks to explore the significance of 702, its threat to privacy, as well as how U.S. allies and competitors have approached the issue of surveillance.

Brief History of 702

The Foreign Intelligence Surveillance Act (FISA) of 1978 “prescribes procedures for requesting judicial authorization for electronic surveillance and physical search of persons engaged in espionage or international terrorism.”[1] Congress established the Foreign Intelligence Surveillance Court (FISC) in 1978 to allow law enforcement and intelligence agencies to request for foreign intelligence surveillance. FISA was created to approve legitimate surveillance requests asking to surveil agents of foreign powers rather than allowing uncontrolled domestic spying by the NSA, the CIA, and the FBI.[2] Following the 9/11 attacks, the terrorist surveillance program – a President George W. Bush implemented program – and the Patriot Act both expanded FISA.[3] FISA saw further expansion when Congress adopted the Protect America Act in 2007 and the FISA Amendments Act in 2008.

The FISA Amendment Act in 2008 allowed additional procedures for obtaining communications of persons outside of the U.S., including using Section 702 as a tool for intelligence gathering. Section 702 permits overseas collection and warrantless surveillance with the approval of the FISC and according to The Heritage Foundation, “knowledgeable officials note that more than 25 percent of all current U.S. intelligence is based on information collected under Section 702.”[4] Under specific conditions, Section 702 allows the FISC to approve and supervise individuals in foreign countries who use American communication services and Internet technology.[5] Adopted in 2008, FISA Section 702 was renewed in 2012 and is set to expire in December 31, 2017.[6]

Section 702 is used to seize private communication through two large programs: downstream collection (formerly referred to as PRISM) and upstream collection. Downstream collection involves NSA collecting communications “to” or “from” a target whereas upstream collection involves the NSA collecting communications “to,” “from,” and “about” the target.[7] Downstream collection focuses on Internet Service Providers while upstream collection looks at the telecommunications infrastructure. However, earlier this year the NSA announced that it ended one aspect of the warrantless-surveillance program – the “about” surveillance on a foreign intelligence targets. Originally, telecommunication companies gave the NSA copies of Internet messages that contained search terms and crossed international borders.[8]

702 Controversy

While federal courts have found FISA Section 702 to be constitutional, controversy remains largely about the extent of foreign intelligence surveillance, the possibility of incidental data collection, and FISC’s limited oversight.

In 2005, the Terror Surveillance Program was exposed and it was found that the U.S. government was eavesdropping on electronic communications of Americans believed to be interacting with individuals overseas linked to terrorism.[9] Subsequently, following the 2013 Edward Snowden leaks, it was discovered that Section 702 was being used more widely than expected to collect telephone records of U.S. customers of Verizon.[10] Furthermore, the leaks revealed that the NSA is able to search for names, emails, and other personal information through databases.

Even with 702, FISC still needs to approve government requests to monitor suspected individuals, theoretically creating safeguards against civil rights abuses. However, in 2011 it was found that FISC did not deny any of its 1,506 applications, which has raised concerns of rubber-stamping where the court’s approval is merely a formality.[11] A report in 2015 indicates that FISC had approved all electronic wiretap requests made.[12] 32 FISC annual reports to Congress are available on the FISA website and in the 2016 report it said that 1,141 out of 1,485 applications were granted, with the rest being modified, denied in part, or denied in full.[13] While there has been a difference in approval rates, this difference is because reporting includes first time statistics published to report the proposed applications instead of just the number of final filed applications.[14]

Incidental Collection and Minimization Procedures

Under 702, the U.S. government is not allowed to collect information on U.S. citizens or foreign persons who are located in the United States at the time communications were made. However, while the government has targeting procedures, it still leaves room for large amounts of communication to be incidentally swept up. Once incidental surveillance is gathered, the FBI can use it to search for any criminal offense. Known as “backdoor searches,” most believe these searches violate the Fourth Amendment.[15] Thus, the incidental collection of U.S. citizens’ data is inevitable and a central point of controversy about 702.

To prevent, and minimize the incidental collection of data pertaining to U.S. citizens in the collection of foreign intelligence information, there are targeting and minimization procedures set in place. These targeting procedures are intended to limit the acquisition of information concerning U.S. citizens and those located on U.S. soil. Minimization procedures are similarly designed to minimize the “acquisition and retention, and prohibit the dissemination of information concerning non-consenting U.S. persons that are not publicly available.”[16] In essence, minimization procedures regulate information that may be incidentally collected on U.S. citizens. Incidental collection of information pertaining to U.S. citizens is permitted if it is “consistent with the need of the U.S. to obtain, produce and disseminate foreign intelligence information.”[17] The permissibility of incidental collection of U.S. citizens’ information, thus, rests on whether it aids the U.S. government in its collection of foreign intelligence information.

While on the surface minimization procedures may seem adequate, there are weaknesses in the capability of the minimization procedures to prevent excessive incidental collection of U.S citizens’ information. The first weakness can be identified in the vague definition of “foreign intelligence information” – allowing for broad interpretation. The definition of foreign intelligence information pursuant to FISA includes information regarding a foreign power that relates to “the conduct of the foreign affairs of the U.S.”[18] This casts a wide net for what is considered foreign intelligence information, beyond merely the perception of a possible threat by a foreign power, to include almost anything else as long as it is related to the conduct of the foreign affairs of the U.S.

Along with the broad interpretation that the definition of foreign intelligence information allows, there is additional cause for concern in that under the Patriot Act foreign intelligence information can be acquired without a warrant as long as it is a significant purpose of the surveillance.[19] This means that the primary purpose of foreign intelligence collected need not be for surveillance, which is in stark contrast to historical limitations that were put in place for warrantless surveillance of foreign persons. That both the broad interpretation of foreign intelligence information and the fact the acquisition of this intelligence need not be primarily for surveillance purposes diminishes the effectiveness of minimization procedures in place. Since the definition of what is considered permissible foreign intelligence information is so broad, and this definition is applied to how minimization procedures are carried out, incidental collection of information on U.S. citizens is similarly given a broad scope. The primary concern is that foreign intelligence collected under 702 is used as a pretext for warrantless searches in domestic criminal cases, and that 702 creates a backdoor for authorities to conduct surveillance on U.S. citizens.[20]

Given that the breadth of information collected under 702 is wide, intelligence agencies tend to query information which means using identifiers such as a name, phone number, or email to filter searches and find specific data.[21] When querying information collected under 702, intelligence agencies are allowed to use U.S. person identifiers.[22] This does not allow for the additional collection of information, but the search results from queries are likely to contain information pertaining to U.S. citizens.

There are certain oversight mechanisms in place to prevent the abuse of 702, such as the FISA court. Acquisition of foreign intelligence information also has to be approved by the Attorney General and the Director of National Intelligence annually.[23] Targets are not approved individually however, which gives rise to the concern that there is not sufficient judicial oversight on the foreign intelligence information collected under 702.

Upstream Collection

A second highly controversial aspect of 702 is upstream collection. Upstream collection allows the NSA to intercept and acquire information from the backbone of the Internet, which results in massive data collection. According to a Memorandum Opinion generated on October 3, 2011, it accounted for 9% of NSA’s Internet data collection.[24] Upstream collection is unique in that it can acquire entire Multiple Communication Transactions (bundles of messages) that are not about the target. This makes is more likely than other forms of 702 collection to contain information about U.S. citizens with no foreign intelligence value.[25] There are minimization procedures in place with regards to Multiple Communication Transactions and, since 2017, Multiple Communication Transactions that contain any communication from a domestic recipient to only domestic recipients are to be destroyed in its entirety, unless individually waived by the FISA court.[26]

Upstream collection can contain data “to,” “from,” or “about” a tasked selector (a reference used to filter through data). Of these functions, “about” collection is the most controversial as the target need not be the sender or the recipient of communications but need only be mentioned in the communications for the communications to be collected. However, since 2017 the FISA court determined that “about” collection is no longer permitted and that communications obtained after March 2017 that are merely about a target are to be destroyed.[27]

Reauthorization of 702

Controversies surrounding Section 702 highlight the lack of effective oversight for collecting foreign intelligence. It also raises concern for the privacy of U.S.-persons with incidental collection of information or warrantless domestic spying. There continues to be no consensus on whether Section 702 is government overreach or if it is crucial to U.S. national security. As the FISA Amendment Act’s December 31, 2017 expiration date approaches, the heat of the discussion about the reauthorization of Section 702 has increased between lawmakers, civil society, and businesses. The current debate has gained more momentum from proponents for and against the reauthorization, especially since the last reauthorization and the 2013 Snowden leaks.

In September, Attorney General Jefferson B. Sessions and Director of National Intelligence Daniel R. Coats sent a letter to the House of Representatives and Senate urging Congress to reauthorize Title VII of FISA, including Section 702. There has been a recent bipartisan bloc of House Judiciary Committee leaders as there are demands for new limits on surveillance if it were to be reauthorized. Representatives Robert W. Goodlatte, Jim Sensenbrenner, and John Conyers have supported extending the law to 2023, while pushing restrictions on warrantless surveillance.[28] A bill introduced from Senator Tom Cotton looks to make Section 702’s warrantless surveillance permanent and several Republicans in the Senate support this bill (S.1297).[29]

However, there has already been opposition to making Section 702 permanent, especially from civil society groups. Civil society groups have voiced concerns over the warrantless surveillance, especially the incidental collection. Organizations such as Human Rights Watch oppose the renewal of Section 702 because of the extensive executive means of surveillance and the lack of judicial oversight of its usage.[30] The Electronic Frontier Foundation (EFF) has advocated for ending warrantless spying rather than making it permanent. The EFF see Section 702 as violating the privacy rights of millions and disapprove of the lack of review of the law if it becomes permanent.[31] The ACLU earlier this year released new documents underscoring concerns with warrantless surveillance including incidental collection and the “backdoor search” loophole.[32]

Companies including Amazon, Cisco, Microsoft, LinkedIn, Facebook, Google, Twitter, and Uber have asked lawmakers to reform the surveillance law by increasing transparency and oversight while decreasing the amount of information collected.[33] These companies have voiced support of Section 702 if reforms were made.

Technology companies, in particular, insist that Congress should outlaw the “about” collection permanently and ask for more transparency for their customers about government surveillance requests.[34] International response to Snowden’s revelations was profoundly negative and technology companies remain concerned about the international perception that they are active collaborators with the U.S. government in surveillance. Companies have responded in a variety of ways, including engaging in public battles with U.S. law enforcement – as seen with the San Bernardino shooter’s iPhone.[35] They have also responded by moving data centers to other localities with stricter privacy laws – as Microsoft did when it built a data center in Germany.[36]

Upstream Collection Around the World

The U.S. is not distinct in its use of upstream collection for intelligence purposes. However, finding information about upstream collection around the world is difficult for two reasons. First, countries do not advertise their abilities in this arena, particularly democracies where such data collection may be controversial. Second, in non-democracies, upstream data collection can be a “non-issue” in relation to broader, normalized data gathering on both citizens and non-citizens alike.

For instance, Snowden’s data illustrated that the so-called “Five Eyes” (U.S., U.K., Canada, Australia, New Zealand) all engage in upstream data collection. These countries then share data on each other’s citizens, circumventing strict national laws around this type of surveillance.[37] The need to use such tactics to evade national law is because the Five Eyes’ are all liberal democracies. In contrast, citizens in countries such as China and Russia have no expectations that they are not being surveilled. Thus, upstream collection there would not be considered noteworthy – except to geopolitical adversaries that might object to the practice.

However, awareness of U.S. upstream surveillance has caused rivals such as China and Russia to think about the centrality of the U.S. in the international Internet infrastructure. In response to Snowden, the BRICS began an unsuccessful collaborative effort to create an Internet infrastructure independent of U.S. control.[38] While that effort failed, China has become one of the most active investors and builders of undersea cables in the world.[39]

United Kingdom

The United Kingdom actively engages in upstream collection. The U.K.’s equivalent of upstream collection is captured in Project Tempora – which intercepts fiber optic cables that transmit data in and out of the U.K.[40] It employs a “full take” system which means it records and collects every packet of data on the network regardless of content.[41] The U.K. has placed interceptors on 200 fiber optic cables [42]and it obtains data from Asia through Incenser which is a part of GCHQ’s bulk collection program.[43] Incenser utilizes NIGELLA – which is the intersection of two fiber optic cables connecting the Atlantic with Europe and Asia to obtain its data from Asia.[44]

Data collected by Project Tempora is stored for three days and the meta data (information about that data, such as locations of the individuals within the communications) is kept for 30 days.[45] It also uses Massive Volume Reduction to filter traffic and narrow down searches[46].

Intelligence collected through Project Tempora and by U.K.’s intelligence agency GCHQ is shared with the NSA, with Tempora providing the NSA with approximately 10% of its collection.[47] This is notable, as data collected by GCHQ is not constrained by U.S. restrictions, and, thus, includes data on U.S. citizens.

Canada

Canada also engages in active upstream collection. Canada’s intelligence agency is the Communications Security Establishment and its equivalent of 702 Collection is named “Eon Blue.” Eon Blue similar to the U.K.’s Tempora, as it allows Canada to collect “full-take” data.[48] On the whole, Eon Blue serves to monitor all traffic coming into and exiting Canadian Internet space.

In total, Canada’s Communications Security Establishment has 200 censors around the world which are used to intercept Internet traffic.[49] The Communications Security Establishment also uses Deep Packet Inspection,[50] which has the capacity to execute a host of functions such as recording the IP addresses of all users connecting to a website, identifying encrypted traffic and modifying traffic in real time without the knowledge of the sender and recipient.[51] Like the U.K.’s efforts in this area, it is possible that Canada’s efforts have swept up U.S. citizen data.

 New Zealand

Like the other “Five Eyes,” New Zealand also actively engages in upstream collection. New Zealand’s cyber-intelligence agency is the Government Communications Security Bureau and its equivalent of 702 Collection is codenamed “Speargun.”[52] It is capable of conducting mass metadata surveillance via the Southern Cross undersea cable network.[53] The Southern Cross undersea cable network connects, Australia, New Zealand, Fiji and Hawaii to the Internet backbone on the west coast of the U.S.[54]

China

China’s collection of upstream data would be framed differently in relation to Chinese state-society relations as China is not a democracy and its citizens do not have any real expectation of data privacy. Within China, Unit 61398 engages in cyber surveillance and monitoring of foreign electronic communications. Unit 61398 operates under the PLA’s Second Bureau of the General Staff Department’s Third Department.[55]

The Chinese government does intercept traffic in and out of the country through its Internet backbone for the purposes of filtering content. It is uncertain whether this data is only in relation to their citizens for the purposes of social control or also for foreign intelligence information. China would be capable of gathering foreign intelligence data,[56] especially since China has an Internet backbone that is connected to the U.S.[57]

In addition, China is also currently in the process of launching a secure quantum communications network between Shanghai and Beijing.[58] It will be a 2,000 kilometer backbone that will be used for military communications, as well as for commercial purposes. Quantum computing is exceptional in its ability to protect encryption keys from being intercepted while in transit as well as for the ability to allow for the use of symmetric keys which are more secure than traditional asymmetric keys.[59] A quantum network would be nearly impossible to intercept compared to conventional networks, given that quantum keys are not constant and can change.[60]

Russia

Like China, Russia’s citizens would not have any expectation of data privacy, and so upstream collection would be considered differently within the Russian context. Russia is active in upstream collection and also exports this technology.

Russia’s surveillance system is called the System for Operative Investigative Measures (SORM) and it dates back to the 1990s. However, it has been updated since to reflect technological advances today. Today, this legislation known as SORM-1, SORM-2, and SORM-3.[61] The latest SORM-3 system is all encompassing surveillance system that collects and stores information from all electronic communication, including the Internet and phones.[62]

Effectively under the command and control of the FSB – Russia’s Security Service and successor of the KGB – the SORM-3 system analyzes every single bit of information that is transferred over Russia’s communication networks by employing Deep Packet Inspection methods to monitor Internet traffic.[63] While a few agencies are legally authorized to intercept communications in Russia, the FSB sets the procedures.[64] FSB officers, although required in most cases to obtain a court order to eavesdrop, are not obliged to show the court order to anyone but their superiors in command.

Since 2010, Russia exports its surveillance equipment abroad, particularly to CIS states, which, in addition to granting technological access, also means that there are Russian technological advisors present in those countries.[65] In addition to SORM procedures and equipment, Russia’s near abroad states import the Russia Semantic Archive, the technology that monitors and analyses any type of open data online, such as social networks, media archives, blogs, etc.[66] The Semantic Archive, social networking monitoring technology, was adopted by Ukraine, Belarus and Kazakhstan.[67]

Endnotes

[1] Foreign Intelligence Surveillance Act. Accessed October 2, 2017. https://fas.org/irp/agency/doj/fisa/

[2] Abramson, Larry. “The History Behind America’s Most Secretive Court.” NPR. June 07, 2013.  Accessed October 02, 2017. http://www.npr.org/2013/06/07/189430580/the-history-behind-americas-most-secretive-court

[3] “The Foreign Intelligence Surveillance Act – News and Resources.” American Civil Liberties Union.  Accessed October 02, 2017. https://www.aclu.org/other/foreign-intelligence-surveillance-act-news-and-resources

[4] Rosenzweig, Paul. “Maintaining America’s Ability to Collect Foreign Intelligence: The Section 702 Program.” The Heritage Foundation. Accessed October 02, 2017. http://www.heritage.org/defense/report/maintaining-americas-ability-collect-foreign-intelligence-the-section-702-program

[5] Bossert, Thomas P. “Opinion | Congress Must Reauthorize Foreign Surveillance.” The New York Times. June 07, 2017. Accessed October 02, 2017. https://www.nytimes.com/2017/06/07/opinion/congress-reauthorize-foreign-surveillance.html

[6] “Q&A: US Warrantless Surveillance Under Section 702 of the Foreign Intelligence Surveillance Act.” Human Rights Watch. Accessed October 02, 2017. https://www.hrw.org/news/2017/09/14/q-us-warrantless-surveillance-under-section-702-foreign-intelligence-surveillance

[7] “Section 702’s Excessive Scope Yields Mass Surveillance.” New America Open Technology Institute. Accessed October 02, 2017. https://na-production.s3.amazonaws.com/documents/Section702_Scope.pdf.

[8] Savage, Charlie. “NSA Ends Controversial Part of Warrantless-Surveillance Program.” The Seattle Times. April 28, 2017.  Accessed October 02, 2017. http://www.seattletimes.com/nation-world/nsa-halts-collection-of-americans-emails-about-foreign-surveillance-targets

[9] Kravets, David. “Domestic Surveillance Court Approved All 1,506 Warrant Applications in 2010.” Wired. May 06, 2011.  Accessed October 2, 2017. https://www.wired.com/2011/05/domestic-surveillance/

[10] Ewen MacAskill et al., “NSA Files Decoded: Edward Snowden’s Surveillance Revelations Explained, “The Guardian, November 01, 2013. Accessed October 18th, 2017. https://www.theguardian.com/world/interactive/2013/nov/01/snowden-nsa-files-surveillance-revelations-decoded#section/2

[11] Kravets, 2011.

[12] Geller, Eric. “FISC approved all 2015 Surveillance Requests But Required More Wiretap Modifications.” The Daily Dot. May 02, 2016. Accessed October 02, 2017. https://www.dailydot.com/layer8/foreign-intelligence-surveillance-court-2015-approval-rate-doj-memo/

[13] Foreign Intelligence Surveillance Act.  Accessed October 02, 2017.  https://fas.org/irp/agency/doj/fisa/2016rept.pdf

[14] Ibid.

[15] “Q&A: US Warrantless Surveillance Under Section 702 of the Foreign Intelligence Surveillance Act.”

[16] Foreign Intelligence Surveillance Court. 2017. Memorandum Opinion and Order.

https://www.dni.gov/files/documents/icotr/51117/2016_Cert_FISC_Memo_Opin_Order_Apr_2017.pdf

[17] Ibid.

[18] Ibid.

[19] Goitein Elizabeth, and Patel, Faiza. 2015. What Went Wrong With The FISA Court. Brenner Center for Justice. New York, NY: New York University School for Law.

[20] Ibid.

[21] Kolt, Alexander. Wang, Cliff., Erbacher, Robert. 2014. Cyber Defense and Situational Awareness. Springer International Publishing.

[22] Memorandum Opinion and Order. 2017.

[23] Ibid.

[24] Ibid.

[25] Ibid.

[26] Ibid.

[27] Ibid.

[28] Savage, 2017.

[29] Tummarello, 2017.

[30] “Q&A: US Warrantless Surveillance Under Section 702 of the Foreign Intelligence Surveillance Act.”

[31] Tummarello, 2017.

[32] Gorski, Ashley. “In Time for the Reform Debate, New Documents Shed Light on Government’s Surveillance of Americans.” American Civil Liberties  Union. April 21 2017. Accessed October 02, 2017. https://www.aclu.org/blog/national-security/privacy-and-surveillance/time-reform-debate-new-documents-shed-light

[33] Lecher, Colin. “Facebook, Google, and Other Tech Companies Ask Lawmakers to Reform NSA Surveillance Law.” The Verge. May 26, 2017. Accessed October 02, 2017. https://www.theverge.com/2017/5/26/15700924/facebook-google-amazon-fisa-702-nsa

[34] Romm, Tony. “The Nation’s Top Tech Companies are Asking Congress to Reform a Key NSA Surveillance Program.” Recode. May 26, 2017. Accessed October 02, 2017. https://www.recode.net/2017/5/26/15697736/tech-companies-facebook-google-microsoft-congress-nsa-surveillance-section-702

[35] Cook, Tim. “Customer Letter.” February 16, 2016. Accessed October 18, 2017.  https://www.apple.com/customer-letter/

[36] Moody, Glyn. “Microsoft Building Data Centers in Germany that US Government Can’t Touch.” Ars Technica. November 11, 2015. Accessed October 18, 2017. https://arstechnica.com/information-technology/2015/11/microsoft-is-building-data-centres-in-germany-that-the-us-government-cant-touch/

[37] Reuters. “British Spy Agency Taps Cables, Shares with U.S. NSA – Guardian.” Reuters. June 21, 2013. Accessed October 18, 2017. http://uk.reuters.com/article/uk-usa-security-britain/british-spy-agency-taps-cables-shares-with-u-s-nsa-guardian-idUKBRE95K10620130621

[38] Lee, Stacia. “International Reactions to U.S. Cybersecurity Policy: The BRICS Undersea Cable.” Jackson School of International Studies. January 8, 2016. Accessed October 18, 2017. https://jsis.washington.edu/news/reactions-u-s-cybersecurity-policy-bric-undersea-cable/

[39] Lee, Stacia. “The Cybersecurity Implications of Chinese Undersea Cable Investment.” Jackson School of International Studies. January 25, 2017. Accessed October 18, 2017. https://jsis.washington.edu/news/cybersecurity-implications-chinese-undersea-cable-investment/

[40] Eden, Grace. 2015. “Tempora”. Digital Citizenship and Surveillance Society.

http://www.dcssproject.net/tempora/.

[41] Khazan, Olga. 2013. “The Creepy Long-Standing Practice Of Undersea Cable Tapping.” The Atlantic. https://www.theatlantic.com/international/archive/2013/07/the-creepy-long-standing-practice-of-undersea-cable-tapping/277855/

[42] Grace. 2017

[43] Ibid.

[44] Shubber, Kadhim. 2013. “A simple guide to GCHQ’s internet surveillance program Tempora”. Wired. http://www.wired.co.uk/article/gchq-tempora-101

[45] Ibid.

[46] Ibid.

[47] “Collect it all: everyday lives turned into passive signals intelligence”. OpenRightsGroup. Accessed October 1, 2017. https://www.openrightsgroup.org/assets/files/pdfs/reports/gchq/01-Part_One_Chapter_One-Passive_Collection.pdf

[48] Parsons, Christopher.2015. “Defending the core of the network: Canadian vs. American Approaches.” Technology, Thoughts and Trinkets. https://christopher-parsons.com/defending-the-core-of-the-network-canadian-vs-american-approaches/.

[49] Ibid.

[50] Braga, Matthew. 2015. “How Canadian Spies Infiltrated the Internet’s Core to Watch What You Do Online.” Motherboard. https://motherboard.vice.com/en_us/article/9ak8qa/how-canadian-spies-infiltrated-the-internets-core-to-watch-what-you-do-online.

[51] Ibid.

[52] Greenwald, Glenn and Gallagher, Ryan.2014. “New Zealand launched mass surveillance project while publicly denying it”. The Intercept. https://theintercept.com/2014/09/15/new-zealand-gcsb-speargun-mass-surveillance/

[53] Ibid.

[54] Darling, Philip. 2015. “Edward Snowden reveals tapping of major Australia-New Zealand undersea telecommunications cable.” The Sydney Morning Herald. http://www.smh.com.au/it-pro/security-it/edward-snowden-reveals-tapping-of-major-australianew-zealand-undersea-telecommunications-cable-20140915-10h96v.html.

[55] Green, Marcel. 2015. “China’s Growing Cyberwar Capabilities”. The Diplomat. https://thediplomat.com/2015/04/chinas-growing-cyberwar-capabilities/

[56] Xu, Xueyang, Mao, Morley, and Halderman, Alex. 2011. “Internet censorship in China: Where does the filtering Occur.” Department of Computer Science and Engineering. University of Michigan. https://web.eecs.umich.edu/~zmao/Papers/china-censorship-pam11.pdf

[57] “China Unicom Global Network Map”. China Unicom. Accessed 5 October 2017. http://www.chinaunicom.com.sg/network-map

[58] Korolov, Maria. 2017. “China’s Quantum Net Advance Offers a Glimpse into the Future of Enterprise Security”. DataCenter Knowledge. http://www.datacenterknowledge.com/security/china-s-quantum-net-advance-offers-glimpse-future-enterprise-security

[59] Ibid.

[60] Silver, Andrew. 2017. “China’s ‘future-proof’ crypto: We talk to firm behind crazy quantum key distribution network.” The Register. https://www.theregister.co.uk/2017/07/19/cryptography_quantum_key_distribution_china/

[61] Soldatov, Andrei and Irina Borogan. Russia’s Surveillance State. World Policy Institute. 2013. Accessed 20 October 2017. http://www.worldpolicy.org/journal/fall2013/Russia-surveillance

[62] Paganini, Pierluigi. How Russia Controls the Internet. INFOSEC Institute. July1, 2014. Accessed 20 October 2017. http://resources.infosecinstitute.com/russia-controls-internet/#gref

[63] Soldatov, Andrei and Irina Borogan. The Russian state and surveillance technology. Open Democracy. October 25, 2011. Accessed 20 October 2017. https://www.opendemocracy.net/od-russia/andrei-soldatov-irina-borogan/russian-state-and-surveillance-technology

[64] Soldatov and Borogan, 2013.

[65] Ibid.

[66] Semantic Archive. Analytical Business Solutions. Accessed 20 October 2017. http://old.anbr.ru/en/products/semarchive/

[67] Soldatov and Borogan, 2013.

Bibliography

Abramson, Larry. “The History Behind America’s Most Secretive Court.” NPR. June 7, 2013.  Accessed October 2, 2017. http://www.npr.org/2013/06/07/189430580/the-history-behind-americas-most-secretive-court.

Bossert, Thomas P. “Opinion | Congress Must Reauthorize Foreign Surveillance.” The New York Times. June 7, 2017. Accessed October 2, 2017. https://www.nytimes.com/2017/06/07/opinion/congress-reauthorize-foreign-surveillance.html.

Braga, Matthew. 2015. “How Canadian Spies Infiltrated the Internet’s Core to Watch What You Do Online.” Motherboard. https://motherboard.vice.com/en_us/article/9ak8qa/how-canadian-spies-infiltrated-the-internets-core-to-watch-what-you-do-online.

“China Unicom Global Network Map”. China Unicom. Accessed October 5, 2017. http://www.chinaunicom.com.sg/network-map

“Collect it all: everyday lives turned into passive signals intelligence”. OpenRightsGroup. Accessed October 1, 2017. https://www.openrightsgroup.org/assets/files/pdfs/reports/gchq/01-Part_One_Chapter_One-Passive_Collection.pdf.

Cook, Tim. “Customer Letter.” February 16, 2016. Accessed October 18, 2017.  https://www.apple.com/customer-letter/.

Darling, Philip. 2015. “Edward Snowden reveals tapping of major Australia-New Zealand undersea telecommunications cable.” The Sydney Morning Herald. http://www.smh.com.au/it-pro/security-it/edward-snowden-reveals-tapping-of-major-australianew-zealand-undersea-telecommunications-cable-20140915-10h96v.html.

Eden, Grace. 2015. “Tempora”. Digital Citizenship and Surveillance Society. http://www.dcssproject.net/tempora/.

Ewen MacAskill et al., “NSA Files Decoded: Edward Snowden’s Surveillance Revelations Explained.” The Guardian. November 1, 2013. Accessed October 18, 2017. https://www.theguardian.com/world/interactive/2013/nov/01/snowden-nsa-files-surveillance-revelations-decoded#section/2

Foreign Intelligence Surveillance Act. Accessed October 2, 2017. https://fas.org/irp/agency/doj/fisa/.

Foreign Intelligence Surveillance Court. 2017. Accessed October 1, 2017 Memorandum Opinion and Order. https://www.dni.gov/files/documents/icotr/51117/2016_Cert_FISC_Memo_Opin_Order_Apr_2017.pdf.

Geller, Eric. “FISC approved all 2015 Surveillance Requests But Required More Wiretap Modifications.” The Daily Dot. May 2, 2016. Accessed October 2, 2017. https://www.dailydot.com/layer8/foreign-intelligence-surveillance-court-2015-approval-rate-doj-memo/

Goitein Elizabeth.,Patel, Faiza. 2015. What Went Wrong with The FISA Court. Brenner Center for Justice. New York, NY: New York University School for Law. https://www.brennancenter.org/sites/default/files/analysis/What_Went_%20Wrong_With_The_FISA_Court.pdf.

Gorski, Ashley. “In Time for the Reform Debate, New Documents Shed Light on Government’s Surveillance of Americans.” American Civil Liberties Union. April 21, 2017. Accessed October 2, 2017. https://www.aclu.org/blog/national-security/privacy-and-surveillance/time-reform-debate-new-documents-shed-light.

Green, Marcel. “China’s Growing Cyberwar Capabilities.” The Diplomat. April 2015. Accessed October 1, 2017. https://thediplomat.com/2015/04/chinas-growing-cyberwar-capabilities/.

Greenwald, Glenn and Gallagher, Ryan. “New Zealand launched mass surveillance project while publicly denying it.” The Intercept. September 15, 2014. Accessed October 1, 2017. https://theintercept.com/2014/09/15/new-zealand-gcsb-speargun-mass-surveillance/.

Khazan, Olga. 2013. “The Creepy Long-Standing Practice Of Undersea Cable Tapping.” The Atlantic. https://www.theatlantic.com/international/archive/2013/07/the-creepy-long-standing-practice-of-undersea-cable-tapping/277855/.

Kolt, Alexander., Wang, Cliff., Erbacher, Robert. 2014. Cyber Defense and Situational Awareness. Springer International Publishing.

Korolov, Maria. 2017. “China’s Quantum Net Advance Offers a Glimpse into the Future of Enterprise Security”. DataCenter Knowledge. http://www.datacenterknowledge.com/security/china-s-quantum-net-advance-offers-glimpse-future-enterprise-security.

Kravets, David. “Domestic Surveillance Court Approved All 1,506 Warrant Applications in 2010.” Wired. May 06, 2011.  Accessed October 2, 2017. https://www.wired.com/2011/05/domestic-surveillance/.

Lecher, Colin. “Facebook, Google, and Other Tech Companies Ask Lawmakers to Reform NSA Surveillance Law.” The Verge. May 26, 2017. Accessed October 02, 2017. https://www.theverge.com/2017/5/26/15700924/facebook-google-amazon-fisa-702-nsa.

Lee, Stacia. “International Reactions to U.S. Cybersecurity Policy: The BRICS Undersea Cable.” Jackson School of International Studies. January 8, 2016. Accessed October 18, 2017. https://jsis.washington.edu/news/reactions-u-s-cybersecurity-policy-bric-undersea-cable/.

Lee, Stacia. “The Cybersecurity Implications of Chinese Undersea Cable Investment.” Jackson School of International Studies. January 25, 2017. Accessed October 18, 2017. https://jsis.washington.edu/news/cybersecurity-implications-chinese-undersea-cable-investment/.

Moody, Glyn. “Microsoft Building Data Centers in Germany that US Government Can’t Touch.” Ars Technica. November 11, 2015. Accessed October 18, 2017. https://arstechnica.com/information-technology/2015/11/microsoft-is-building-data-centres-in-germany-that-the-us-government-cant-touch/.

Paganini, Pierluigi. How Russia Controls the Internet. INFOSEC Institute. July1, 2014.

Accessed 20 October 2017. http://resources.infosecinstitute.com/russia-controls-internet/#gref

Parsons, Christopher.2015. “Defending the core of the network: Canadian vs. American Approaches.” Technology, Thoughts and Trinkets. https://christopher-parsons.com/defending-the-core-of-the-network-canadian-vs-american-approaches/.

“Q&A: US Warrantless Surveillance Under Section 702 of the Foreign Intelligence Surveillance Act.” Human Rights Watch. Accessed October 02, 2017. https://www.hrw.org/news/2017/09/14/q-us-warrantless-surveillance-under-section-702-foreign-intelligence-surveillance.

Reuters. “British Spy Agency Taps Cables, Shares with U.S. NSA – Guardian.” Reuters. June 21, 2013. Accessed October 18, 2017. http://uk.reuters.com/article/uk-usa-security-britain/british-spy-agency-taps-cables-shares-with-u-s-nsa-guardian-idUKBRE95K10620130621.

Romm, Tony. “The Nation’s Top Tech Companies are Asking Congress to Reform a Key NSA Surveillance Program.” Recode. May 26, 2017. Accessed October 02, 2017. https://www.recode.net/2017/5/26/15697736/tech-companies-facebook-google-microsoft-congress-nsa-surveillance-section-702.

Rosenzweig, Paul. “Maintaining America’s Ability to Collect Foreign Intelligence: The Section 702 Program.”  Accessed October 02, 2017. http://www.heritage.org/defense/report/maintaining-americas-ability-collect-foreign-intelligence-the-section-702-program.

Savage, Charlie. “NSA Ends Controversial Part of Warrantless-Surveillance Program.” The Seattle Times. April 28, 2017.  Accessed October 02, 2017. http://www.seattletimes.com/nation-world/nsa-halts-collection-of-americans-emails-about-foreign-surveillance-targets.

Semantic Archive. Analytical Business Solutions. Accessed 20 October 2017. http://old.anbr.ru/en/products/semarchive/

Silver, Andrew. 2017. “China’s ‘future-proof’ crypto: We talk to firm behind crazy quantum key distribution network.” The Register. https://www.theregister.co.uk/2017/07/19/cryptography_quantum_key_distribution_china/.

Section 702’s Excessive Scope Yields Mass Surveillance. Accessed October 2, 2017. https://na-production.s3.amazonaws.com/documents/Section702_Scope.pdf.

Shubber, Kadhim. 2013. “A simple guide to GCHQ’s internet surveillance program Tempora.” Wired. http://www.wired.co.uk/article/gchq-tempora-101

Soldatov, Andrei and Irina Borogan. The Russian state and surveillance technology. Open Democracy. October 25, 2011. Accessed 20 October 2017. https://www.opendemocracy.net/od-russia/andrei-soldatov-irina-borogan/russian-state-and-surveillance-technology

Soldatov, Andrei and Irina Borogan. Russia’s Surveillance State. World Policy Institute. 2013. Accessed 20 October 2017. http://www.worldpolicy.org/journal/fall2013/Russia-surveillance

“The Foreign Intelligence Surveillance Act – News and Resources.” American Civil Liberties Union.  Accessed October 2, 2017. https://www.aclu.org/other/foreign-intelligence-surveillance-act-news-and-resources.

Tummarello, Kate. “Congress Needs to End Warrantless Spying, Not Make It Permanent.” Electronic Frontier Foundation. July 1, 2017. Accessed October 2, 2017. https://www.eff.org/deeplinks/2017/06/congress-needs-end-warrantless-spying-not-make-it-permanent.

Xu, Xueyang.,Mao, Morley., Halderman, Alex. 2011. “Internet censorship in China: Where does the filtering Occur.” Department of Computer Science and Engineering. University of Michigan. https://web.eecs.umich.edu/~zmao/Papers/china-censorship-pam11.pdf

This publication was made possible in part by a grant from Carnegie Corporation of New York. The statements made and views expressed are solely the responsibility of the author.