The National Security Agency is paying hundreds of millions of dollars a year to U.S. companies for clandestine access to their communications networks, filtering vast traffic flows for foreign targets in a process that also sweeps in large volumes of American telephone calls, e-mails and instant messages.
The bulk of the spending, detailed in a multi-volume intelligence budget obtained by The Washington Post, goes to participants in a Corporate Partner Access Project for major U.S. telecommunications providers. The documents open an important window into surveillance operations on U.S. territory that have been the subject of debate since they were revealed by The Post and Britain’s Guardian newspaper in June.
New details of the corporate-partner project, which falls under the NSA’s Special Source Operations, confirm that the agency taps into “high volume circuit and packet-switched networks,” according to the spending blueprint for fiscal 2013. The program was expected to cost $278 million in the current fiscal year, down nearly one-third from its peak of $394 million in 2011.
Voluntary cooperation from the “backbone” providers of global communications dates to the 1970s under the cover name BLARNEY, according to documents provided by former NSA contractor Edward Snowden. These relationships long predate the PRISM program disclosed in June, under which American technology companies hand over customer data after receiving orders from the Foreign Intelligence Surveillance Court.
In briefing slides, the NSA described BLARNEY and three other corporate projects — OAKSTAR, FAIRVIEW and STORMBREW — under the heading of “passive” or “upstream” collection. They capture data as they move across fiber-optic cables and the gateways that direct global communications traffic.
The documents offer a rare view of a secret surveillance economy in which government officials set financial terms for programs capable of peering into the lives of almost anyone who uses a phone, computer or other device connected to the Internet.
Although the companies are required to comply with lawful surveillance orders, privacy advocates say the multimillion-dollar payments could create a profit motive to offer more than the required assistance.
“It turns surveillance into a revenue stream, and that’s not the way it’s supposed to work,” said Marc Rotenberg, executive director of the Electronic Privacy Information Center, a Washington-based research and advocacy group. “The fact that the government is paying money to telephone companies to turn over information that they are compelled to turn over is very troubling.”
Verizon, AT&T and other major telecommunications companies declined to comment for this article, although several industry officials noted that government surveillance laws explicitly call for companies to receive reasonable reimbursement for their costs.
Previous news reports have made clear that companies frequently seek such payments, but never before has their overall scale been disclosed.
The budget documents do not list individual companies, although they do break down spending among several NSA programs, listed by their code names.
There is no record in the documents obtained by The Post of money set aside to pay technology companies that provide information to the NSA’s PRISM program. That program is the source of 91 percent of the 250 million Internet communications collected through Section 702 of the FISA Amendments Act, which authorizes PRISM and the upstream programs, according to an 2011 opinion and order by the Foreign Intelligence Surveillance Court.
Several of the companies that provide information to PRISM, including Apple, Facebook and Google, say they take no payments from the government when they comply with national security requests. Others say they do take payments in some circumstances. The Guardian reported last week that the NSA had covered “millions of dollars” in costs that some technology companies incurred to comply with government demands for information.
Telecommunications companies generally do charge to comply with surveillance requests, which come from state, local and federal law enforcement officials as well as intelligence agencies.
Former telecommunications executive Paul Kouroupas, a security officer who worked at Global Crossing for 12 years, said that some companies welcome the revenue and enter into contracts in which the government makes higher payments than otherwise available to firms receiving reimbursement for complying with surveillance orders.
These contractual payments, he said, could cover the cost of buying and installing new equipment, along with a reasonable profit. These voluntary agreements simplify the government’s access to surveillance, he said.