Documents Show Link Between AT&T and Agency in Eavesdropping Case
SAN FRANCISCO, April 12 * Mark Klein was a veteran AT&T technician in
2002 when he began to see what he thought were suspicious connections
between that telecommunications giant and the National Security Agency.
But he kept quiet about it until news broke late last year that
President Bush had approved an N.S.A. program to eavesdrop without
court warrants on Americans suspected of ties to Al Qaeda.
Now Mr. Klein and a few company documents he saved have emerged as key
elements in a class-action lawsuit filed against AT&T on Jan. 31 by a
civil liberties group, the Electronic Frontier Foundation. The suit
accuses the company of helping the security agency invade its
customers' privacy.
Mr. Klein's account and the documents provide new details about how the
agency works with the private sector in intercepting communications for
intelligence purposes.
The documents, some of which Mr. Klein had earlier provided to
reporters, describe a mysterious room at the AT&T Internet and
telephone hub in San Francisco where he worked.
The documents, which were examined by four independent
telecommunications and computer security experts at the request of The
New York Times, describe equipment capable of monitoring a large
quantity of e-mail messages, Internet phone calls, and other Internet
traffic.
The equipment, which Mr. Klein said was installed by AT&T in 2003, was
able to select messages that could be identified by keywords, Internet
or e-mail addresses or country of origin and divert copies to another
location for further analysis.
The security agency began eavesdropping without warrants on
international phone calls and e-mail messages of people inside the
United States suspected of terrorist links soon after the Sept. 11
attacks.
After disclosing the program last December, The New York Times also
reported that the agency had gathered data from phone and e-mail
traffic with the cooperation of several major telecommunications
companies.
The technical experts all said that the documents showed that AT&T had
an agreement with the federal government to systematically gather
information flowing on the Internet through the company's network.
The gathering of such information, known as data mining, involves the
use of sophisticated computer programs to detect patterns or glean
useful intelligence from masses of information.
"This took expert planning and hundreds of millions of dollars to
build," said Brian Reid, director of engineering at the Internet
Systems Consortium in Redwood City, Calif. "This is the correct way to
do high volume Internet snooping."
Another expert, who had designed large federal and commercial data
networks, said that the documents were consistent with administration
assertions that the N.S.A. monitored only foreign communications and
communications between foreign and United States locations, partly
because of the location of the monitoring sites. The network designer
was granted anonymity because he believed that commenting on the
operation could affect his ability to work as a consultant.
The documents referred to a second location, in Atlanta, and suggested
similar rooms might exist at other AT&T switching sites.
Mr. Klein said other AT&T technicians had told him of such
installations in San Jose, Calif.; Los Angeles; San Diego; and Seattle.
The Internet hubs there carry a significant amount of international
traffic. The network designer and other experts said it would be a
simple technical matter to reprogram the equipment to intercept purely
domestic Internet traffic.
The Department of Justice initially asked the Electronic Frontier
Foundation not to file Mr. Klein's documents in court, but a review
determined that they were not classified and the government dropped its
objection. The foundation filed the documents under seal because of
concern about releasing proprietary information.
On Monday, AT&T filed a motion with a federal judge in San Francisco
asking the court to order the foundation to return the documents
because they were proprietary.
The documents showed that the room in San Francisco, which Mr. Klein
says was off-limits to most employees but serviced by a company
technician working with the security agency, contained computerized
equipment that could sift through immense volumes of traffic as it
passed through the cables of AT&T's WorldNet Internet service.
According to the documents, e-mail messages and other data carried by
16 other commercial Internet providers reached AT&T customers through
the San Francisco hub.
One piece of filtering equipment described in the documents was
manufactured by Narus, based in Mountain View, Calif.
The equipment could be programmed to identify and intercept voice or
data conversations between e-mail, telephone or Internet addresses,
said Steve Bannerman, the company's vice president for marketing.
Buyers included companies trying to comply with the Communications
Assistance for Law Enforcement Act of 1994, which requires that
communications systems have a wiretapping capability built in.
Typically, law enforcement interceptions are done on a case by case
basis and require warrants.
Mr. Bannerman said he could not comment further because Narus had not
announced any sales to the federal government. William P. Crowell, a
former deputy director of the N.S.A, is on the Narus board.
In an interview, Mr. Klein said he did not have a security clearance
but had witnessed interactions between colleagues who did have
clearances and the highly secretive N.S.A. "It was strange and sort of
suspicious," he said.
Mr. Klein said he learned of an agency connection to the mysterious
room in 2002 when a company manager told him to expect a visit from an
N.S.A. official who wanted to speak with another senior company
technician about "a special job." That technician later installed the
equipment in the room, he said.
Based on his observations and technical knowledge, Mr. Klein concluded
that the equipment permitted "vacuum-cleaner surveillance" of Internet
traffic. Mr. Klein, 60, who retired in 2004 after 23 years with AT&T
and lives near Oakland, Calif., said he decided to make his
observations known because he believed the government's monitoring was
violating Americans' civil liberties.
An AT&T spokesman at the company's corporate headquarters in San
Antonio declined to comment on Mr. Klein's statements.
"AT&T does follow all laws with respect to assistance offered to
government agencies," said Walt Sharp, the AT&T spokesman. "However, we
are not in a position to comment on matters of national security."
Asked to comment, Don Weber, a spokesman for the N.S.A., said, "It
would be irresponsible of us to discuss actual or alleged operational
issues as it would give those wishing to do harm to the United States
the ability to adjust and potentially inflict harm."
John Markoff reported from San Francisco for this article, and Scott
Shane from Washington.
|