It was bad enough the when it was revealed the US National Security Agency (NSA) wanted to hack information on smartphones but now reports this week it wants to record the phone calls of an entire country.
Which country (or countries) are not revealed in the report by The Washington Post as it agreed to the "request of US officials" to withhold any details that could potentially identify any target country.
A months of calls
The information, said to be contained in the leaked documents obtained former contractor Edward Snowdon, say the NSA has built a surveillance system (MYSTIC) that can record and 100% of all telephone calls carried out in a country over 30 days.
Another system (RETRO) – short for "retrospective retrieval" – manages and allows replay of the calls. The number of calls that can be recorded is supposed to be in the billions.
The technical challenges in managing such huge volumes of data are immense. But we have known that the NSA is an organisation of tremendous technical capability. So, although impressive, learning that the NSA has developed such a system is not surprising.
What is extraordinary though are the claims that the NSA has actually deployed MYSTIC in an unnamed country. That is, it has been used to collect all telephone calls made within the unnamed country.
If correct then it either points to acquiesence of the country being spied upon or that the NSA has even more impressive technology at its disposal than we know of.
How is it done?
Interception and collection of telephone calls is difficult enough when the host country attempts to do it. It needs the agreement of the telecommunications company to carry out interceptions. Interceptions require the company to install quite sophisticated equipment and employ highly skilled people to operate it.
What makes interception particularly challenging is that there is no single point through which all calls must pass, so interception has to be carried out at multiple points within the network.
In the best of circumstances interception is a challenging undertaking. That the NSA could collect all the calls of a foreign country without the agreement and active assistance of that country and the telephone companies in that country beggars belief.
So perhaps the Washington Post has misunderstood the leaked documents. Perhaps a more plausible interpretation is that the system simply collect calls between the United States and the unnamed country. That in itself is sufficiently impressive but much more believeable.
We know from previous leaks that the NSA have "choke points" where calls into and out of the United States can be collected. If MYSTIC and RETRO are simply systems that operate at these points it becomes much more believable.
Nevertheless, one of the leaked documents talks about the system sending data "home" suggesting that it is resident in a foreign country. Also, the whole project was carried out under a presidential order usually used for intelligence operations outside the United States.
If it is a system installed in a foreign country, retrieving all phone calls in that country, it raises many questions.
- How could it be installed? It is hard to imagine it being installed without the active acquiescence of the country.
- Which countries would allow the United States to carry out mass surveillance of its citizenry?
- How is it transmitted back to the United States?
Billions of phone calls would require enormous transmission capacity, which is certainly possible. But requiring such a large amount of installed infrastructure, it is hard to believe that we would not have heard of it before.
The story implies so many unlikely capabilities of the NSA that the misunderstanding-theory is the more tempting, and surveillance is most likely limited to calls into and out of the United States.
Previous leaks have shown that the NSA has extraordinary capabilities. But to collect all calls within a country would be beyond extraordinary.
Explore further: Mumblehard targets servers running Linux and BSD