Geheimer PrŸfbericht:

Der BND bricht dutzendfach Gesetz und Verfassung Ð allein in Bad Aibling (Updates)

(im Cache)


Meine Bewertung



Die fŸr mich wichtigsten Ergebnisse:Ê

  1. BND benutzt XKeyscore (gesteuert durch einen Strom von tŠglich zugelieferten NSA-Selektoren) als Front-End fŸr seine strategische †berwachung.Ê
  2. ZusŠtzlich wird mit einem technisch unvollkommenen Datenfiltersystem (DaFiS) aus dem Datenfluss herausgefiltert, was gespeichert wird.
  3. In einem von derÊBfDIÊkontrollierten Fall existierte ein VerhŠltnis von 1:15, d.h. zu 1 Zielperson wurden personenbezogene Daten von 15 unbescholtenen Personen erfasst und gespeichert, die fŸr die AufgabenerfŸllung des BND - unstreitig - nicht erforderlich waren.Ê[siehe auch hier]
  4. Die gespeicherten Daten werden nicht (oder unzureichend) anonymisiert, d.h. der Personenbezug aller Daten bleibt erhalten.
  5. Der BND verweigert die Herausgabe der Selektoren, weshalb er von der G-10-Kommission und vom NSA-Untersuchungsausschutz beim Bundesverfassungsgericht verklagt wird.


Fazit:

Inhaltlich stellt die Bundesdatenschutzbeauftragte mit ihrem Bericht fest:

Weil es in Deutschland nicht ausreichend Whistleblower gibt, kann man nicht prŸfen, ob der Umfang der †berwachung deutscher BŸrger durch den BND ebenso gro§ ist wie der Umfang der †berwachung amerikanischer BŸrger durch die NSA.


Interpretation: Die G-10-Kommission entspricht dem FISA Court, d.h. sie erfŸllt die Aufgaben in Deutschland, welche der FISA Court in den USA erfŸllt

Gesetz zur BeschrŠnkung des Brief-, Post- und Fernmeldegeheimnisses (Artikel 10-Gesetz - G 10)

§ 12 Mitteilungen an Betroffene
(1) BeschrŠnkungsma§nahmen nach § 3 sind dem Betroffenen nach ihrer Einstellung mitzuteilen. Die Mitteilung unterbleibt, solange eine GefŠhrdung des Zwecks der BeschrŠnkung nicht ausgeschlossen werden kann oder solange der Eintritt Ÿbergreifender Nachteile fŸr das Wohl des Bundes oder eines Landes absehbar ist. Erfolgt die nach Satz 2 zurŸckgestellte Mitteilung nicht binnen 12 Monaten nach Beendigung der Ma§nahme, bedarf die weitere ZurŸckstellung der Zustimmung der G10-Kommission. Die G10-Kommission bestimmt die Dauer der weiteren ZurŸckstellung. Einer Mitteilung bedarf es nicht, wenn die G10-Kommission einstimmig festgestellt hat, dass

  1. eine der Voraussetzungen in Satz 2 auch nach fŸnf Jahren nach Beendigung der Ma§nahme noch vorliegt,
  2. sie mit an Sicherheit grenzender Wahrscheinlichkeit auch in Zukunft vorliegt und
  3. die Voraussetzungen fŸr eine Lšschung sowohl bei der erhebenden Stelle als auch beim EmpfŠnger vorliegen.

(2) Absatz 1 gilt entsprechend fŸr BeschrŠnkungsma§nahmen nach den §5 und 8, sofern die personenbezogenen Daten nicht unverzŸglich gelšscht wurden. Die Frist von fŸnf Jahren beginnt mit der Erhebung der personenbezogenen Daten.

(3) Die Mitteilung obliegt der Behšrde, auf deren Antrag die Anordnung ergangen ist. Wurden personenbezogene Daten Ÿbermittelt, erfolgt die Mitteilung im Benehmen mit dem EmpfŠnger.

§ 15 G 10-Kommission
... (4) Die G 10-Kommission tritt mindestens einmal im Monat zusammen. Sie gibt sich eine GeschŠftsordnung, die der Zustimmung des Parlamentarischen Kontrollgremiums bedarf. Vor der Zustimmung ist die Bundesregierung zu hšren.

(5) Die G 10-Kommission entscheidet von Amts wegen oder auf Grund von Beschwerden Ÿber die ZulŠssigkeit und Notwendigkeit von BeschrŠnkungsma§nahmen. Die Kontrollbefugnis der Kommission erstreckt sich auf die gesamte Erhebung, Verarbeitung und Nutzung der nach diesem Gesetz erlangten personenbezogenen Daten durch Nachrichtendienste des Bundes einschlie§lich der Entscheidung Ÿber die Mitteilung an Betroffene. Der Kommission und ihren Mitarbeitern ist dabei insbesondere

  1. Auskunft zu ihren Fragen zu erteilen,
  2. Einsicht in alle Unterlagen, insbesondere in die gespeicherten Daten und in die Datenverarbeitungsprogramme, zu gewŠhren, die im Zusammenhang mit der BeschrŠnkungsma§nahme stehen, und
  3. jederzeit Zutritt in alle DienstrŠume zu gewŠhren.

Die Kommission kann dem Bundesbeauftragten fŸr den Datenschutz Gelegenheit zur Stellungnahme in Fragen des Datenschutzes geben.

(6) Das zustŠndige Bundesministerium unterrichtet monatlich die G 10-Kommission Ÿber die von ihm angeordneten BeschrŠnkungsma§nahmen vor deren Vollzug. Bei Gefahr im Verzuge kann es den Vollzug der BeschrŠnkungsma§nahmen auch bereits vor der Unterrichtung der Kommission anordnen. Bei Gefahr im Verzug darf am Tag der Beantragung bereits vor der Anordnung der BeschrŠnkungsma§nahme mit der Datenerhebung begonnen werden. Die bereits erhobenen Daten dŸrfen erst nach der Anordnung genutzt werden. Erfolgt die Anordnung nicht binnen 24 Stunden nach Beantragung, sind die erhobenen Daten unverzŸglich automatisiert und unwiederbringlich zu lšschen. Anordnungen, die die Kommission fŸr unzulŠssig oder nicht notwendig erklŠrt, hat das zustŠndige Bundesministerium unverzŸglich aufzuheben. In den FŠllen des § 8 tritt die Anordnung au§er Kraft, wenn sie nicht binnen 3 Tagen vom Vorsitzenden oder seinem Stellvertreter bestŠtigt wird. Die BestŠtigung der Kommission ist unverzŸglich nachzuholen.

(7) Das zustŠndige Bundesministerium unterrichtet monatlich die G 10-Kommission Ÿber Mitteilungen von Bundesbehšrden nach § 12 Abs. 1 und 2 oder Ÿber die GrŸnde, die einer Mitteilung entgegenstehen. HŠlt die Kommission eine Mitteilung fŸr geboten, ist diese unverzŸglich vorzunehmen. § 12 Abs. 3 Satz 2 bleibt unberŸhrt, soweit das Benehmen einer Landesbehšrde erforderlich ist.


HintergrŸnde zur †berwachung durch die NSA

William Binney und Mitarbeiter hatten in der NSA schon vor 2001 den Code ThinThread entwickelt [HistoryCommons - im Cache], derÊ


"I found out later that NSA had approached the telecommunication companies in February 2001, this is 8 months before 9/11, asking for all the customer data, i.e. the billing data on phone calls made by US citizens to other US citizens, in fact the entire customer set. Here they were asking 8 months before 9/11. What that meant to me was: this was the design from the beginning. ... They made the plan to spy on the people of the United States even before 9/11. Then, when 9/11 occurred, that was the pure excuse for them to go in and say 'ok, now, telecoms, we really need the data now to be able to protect the United States from terrorism'. And that was simply false to begin with. We had no problem at all identifying these people from the beginning - that's absolutely false. But that was the pretext they used to get that process running. They used that program that we'd set up to do foreign intelligence and turned that around on everybody in the country. That was simply another input, that's all. It was the same kind of data for a different input." (William Binney in William Binney - The Government is Profiling You (The NSA is Spying on You)) @ time 12:05.

Die NSA richtete nach dem 9. September 2001 ein Programm (Stellar Wind) auf die BŸrger der USA, das unter Verwendung (des back ends) von ThinThread entwickelt worden war, aber nicht ThinThreads Anonymisierung verwendete.Ê

"Binney became aware of the program when members of his ThinThread team were drafted to work on it and, alarmed by its violations of the law, immediately approached Binney about it. Hearing their descriptions, Binney knew that Stellar Wind was based on a component of the ThinThread capability, without the built-in privacy protections. Without BinneyÕs protections, any American could be targeted by name, phone number, or other attribute. Not only did Stellar Wind include collecting information on domestic phone calls, but also the inspection of domestic email." Quelle: Bio: William Binney and J. Kirk Wiebe (im Cache)

Weitere Details zum Versagen der NSA: Bio: William Binney and J. Kirk Wiebe, Government Accountability Project.



Literatur, Einzelnachweise und weiterfŸhrende Links

  1. Im Snowden-Archive findet man einen aktuelleren Stand (2013) der †berwachung.
  2. GLOSSAR ZUR NSA-AFF€RE, Marina, Prism, Noforn, Scissors, Pinwale, Sigad US-984XN, 6. Februar 2014
  3. snowdenarchive.cife.org, "PRISM/US-984XN Overview OR The SIGAD Used Most in NSA Reporting Overview", April 2013
  4. Barton Gellman, Julie Tate and Ashkan Soltani, In NSA-intercepted data, those not targeted far outnumber the foreigners who are
  5. Files provided by Snowden show extent to which ordinary Web users are caught in the net, July 5, 2014 (in cache)

    "9 of 10 account holders found in a large cache of intercepted conversations, which former NSA contractor Edward Snowden provided in full to The Post, were not the intended surveillance targets but were caught in a net the agency had cast for somebody else. Many of them were Americans. Nearly half of the surveillance files, a strikingly high proportion, contained names, e-mail addresses or other details that the NSA marked as belonging to U.S. citizens or residents. NSA analysts masked, or Òminimized,Ó more than 65,000 such references to protect AmericansÕ privacy, but The Post found nearly 900 additional e-mail addresses, unmasked in the files, that could be strongly linked to U.S. citizens or U.S.residents.


    (How 160,000 intercepted conversations led to The PostÕs latest NSA story)


    Among the most valuable contents Ñ which The Post will not describe in detail, to avoid interfering with ongoing operations Ñ are fresh revelations about a secret overseas nuclear project, double-dealing by an ostensible ally, a military calamity that befell an unfriendly power, and the identities of aggressive intruders into U.S. computer networks.

    ... The daily lives of more than 10,000 account holders who were not targeted are catalogued and recorded nevertheless.


    The surveillance files highlight a policy dilemma that has been aired only abstractly in public. There are discoveries of considerable intelligence value in the intercepted messages Ñ and collateral harm to privacy on a scale that the Obama administration has not been willing to address.


    ... The Post reviewed roughly 160,000 intercepted e-mail and instant-message conversations, some of them hundreds of pages long, and 7,900 documents taken from more than 11,000 online accounts.The material spans President ObamaÕs first term, from 2009 to 2012, a period of exponential growth for the NSAÕs domestic collection. Taken together, the files offer an unprecedented vantage point on the changes wrought by Section 702 of the FISA amendments, which enabled the NSA to make freer use of methods that for 30 years had required probable cause and a warrant from a judge. One program, code-named PRISM, extracts content stored in user accounts at Yahoo, Microsoft, Facebook, Google and five other leading Internet companies. Another, known inside the NSA as Upstream, intercepts data on the move as it crosses the U.S. junctions of global voice and data networks."


  6. Trailblazer, Wikipedia
  7. William Binney, "Aussagen vor dem NSA-Untersuchungsausschuss", 3. Juli 2014.
  8. Jennifer Briney, Congressional Dish CD021: Trailblazer vs. ThinThread, *Forward video to 28:20 to hear the Trailblazer vs. ThinThread (NSA spying) story*, April 6, 2013.
  9. Tim Shorrock, "ObamaÕs Crackdown on Whistleblowers - The NSA Four reveal how a toxic mix of cronyism and fraud blinded the agency before 9/11.", The Nation, MARCH 26, 2013, April 15 Issue, 2013 (im Cache) AuszŸge mit in [] hinzugefŸgtem Text von J. Gruber, siehe auch OFFICE OF THE INSPECTOR GENERAL OF THE DEPARTMENT OF DEFENSE, DEPUTY INSPECTOR GENERAL FOR INTELLIGENCE, Requirements for the TRAILBLAZER And THINTHREAD Systems, Report OS-INTEL-03, December 15, 2004, Audit Report (im Cache).
  10. "... That program [ThinThread] was invented by Loomis, one of the NSAÕs top software engineers, and Binney, a legendary crypto-scientist, both of whom began working for the NSA during the Vietnam War. But despite ThinThreadÕs proven capacity to collect actionable intelligence, agency director Gen. Michael Hayden vetoed the idea of deploying the system in August 2001, just three weeks before 9/11.


    HaydenÕs decisions, the whistleblowers told The Nation, left the NSA without a system to analyze the trillions of bits of foreign SIGINT flowing over the Internet at warp speed, as ThinThread could do. ... ÒNo NSA director did as much damage to the agency as Gen. Michael V. Hayden,Ó Binney told me.


    Trailblazer marked a dramatic shift for the agency, away from small, government-led research projects that hired contractors only for specific functions to huge projects run by contractors who answer only to the senior leadership of the NSA. ...


    ... If Trailblazer was a massive corporate boondoggle, ThinThread was the embodiment of the Òskunk teamÓ approach that had made the NSA the crown jewel of US intelligence. It cost less than $3 million, was small enough to be loaded onto a laptop, and included anonymization software that protected the privacy rights of US persons guaranteed in the 1978 Foreign Intelligence Surveillance Act (FISA). And while Trailblazer employed hundreds of contractors, ThinThread was the work of less than a dozen NSA employees and a handful of contractors.


    It came out of the NSAÕs SIGINT Automation Research Center, or SARC, where Loomis was director of R&D. In the late 1990s, he began working on tackling the Internet and the rapidly growing use of cellphones and e-mail. ÒI knew more and more intelligence and law enforcement targets would be making use of these cheap commodity electronics,Ó Loomis told me, sitting in the living room of his Baltimore home. ÒSo I jumped in with both feet.Ó


    The genius of the group was Bill Binney, LoomisÕs deputy at SARC. An amiable man who suffers from diabetes, Binney joined the NSA in 1966 while in the Army and began working as a civilian in 1970. In 1997, he was named technical director of SARCÕs World Geopolitical and Military Analysis Reporting Group. ÒThatÕs when I started looking at the world,Ó Binney told me.


    While the NSA brass and their corporate advisers believed the Internet could be tamed only by a massive corporate-run program, Binney found that cracking it was relatively simple. The secret was in the numbering system established by telecom providers: every phone has a number, every e-mail has an address, and every computer linked to the Internet has a unique identifier. The encryption systems from the past were Òso much more complex,Ó he says. ÒThis was simple shit.Ó


    ThinThread was basically 3 programs.

    1. The front end, analyzing incoming streams of Internet traffic, had been developed by Loomis. ÒIt could take massive amounts of input and reassemble it in a sensible order,Ó he says. ÒAnd then, with a minimum amount of bandwidth requirements, could provide it to whoever was interested in a particular topic and do it while accommodating all privacy concerns that are required by FISA.Ó
    2. The middle portion was the anonymization software that hid the identities of US persons until there was sufficient evidence to obtain a warrant (Trailblazer had no built-in FISA protections).
    3. The back end, built by Binney, was the most powerful element of the system. It translated the data to create graphs showing relationships and patterns that could tell analysts which targets they should look at and which calls should be listened to. Best of all, Òit was fully automated, and could even be remotely controlled,Ó Binney says.


    But there was another crucial difference with the Trailblazer model:

    • ThinThread did its automated analysis at the point of interception;
    • Trailblazer downloaded everything flowing over the Internet and analyzed it after the fact with key words and phrases.

    ÒTrailblazer made no distinction up front,Ó says Binney. ÒThey didnÕt try to determine ahead of the interception what to listen to. They just took it all.Ó This model of "taking it all" remains the NSAÕs modus operandi, and it is why, Binney and Wiebe say, the agency is building a massive data center in Utah.


    The ThinThread prototype went live in the fall of 2000 and, according to my sources, was deployed at two top-secret NSA listening posts.

    • One was the Yakima Research Station in Washington State, which gathers electronic communications from the Asia-Pacific region and the Middle East.
    • The other was in Germany and focused primarily on Europe.
    • It was also installed at Fort Meade.
    • In addition, several allied foreign intelligence agencies were given the program to conduct lawful surveillance in their own corners of the world. Those recipients included
        • Canada,
        • Germany,
        • Britain,
        • Australia and
        • New Zealand. Ò

    ThinThread was basically operational,Ó says Binney. ÒThatÕs why we proposed early deployment in January 2001.Ó


    As ThinThread was being tested, word spread throughout the intelligence community that the NSA had a Òcheap TrailblazerÓ that could help with surveillance. One day, Charlie Allen, a legendary figure who was head of collections for the entire intelligence community under George Tenet, came to see it. Black, Baginski and Visner (cached) were given demonstrations as well. ÒBut Hayden never visited the SARC,Ó says Binney. ÒNot once.Ó Yet on August 20, 2001ÑÒat 4:30 in the afternoon,Ó Loomis says, reading from his notes of the meetingÑBaginski informed him that ThinThread would not become operational. Why? ÒIt would have made Trailblazer meaningless,Ó says Binney.


    During this time, Binney and Wiebe, who was working on the ThinThread team as a SIGINT analyst, were called in to describe their system to congressional oversight committee staff, in particular a GOP staffer named Diane Roark. Long concerned about the NSAÕs technical problems, she demanded that it keep ThinThread alive and provided funds to keep it going (she declined to be interviewed). [Dateline Wednesday June 4, 2014: Diane Roark provided a 60 minute chilling speech to Portland's Executive Club which met at the Airport Shilo Inn.]


    According to the whistleblowers, the 2002 intelligence budget, which was signed by President Bush, included

    • $9 million for ThinThread and
    • an order to Hayden to install it at eighteen sites around the world considered the most critical for counterterrorism.


    But the NSA, they say, defied the spending directive (ironically, considering what happened after 9/11, HaydenÕs general counsel told Loomis that ThinThread did not meet the agencyÕs FISA requirements).


    Then came the shock of 9/11. With the entire intelligence community frantically working to find who was responsible, the SARC team tried to persuade Baginski to put ThinThread into operation. ÒWith each passing day,Ó Wiebe e-mailed her on October 8, Òmore and more information is coming out regarding the facts re what Al Qaeda is using for communications, yet the only relevant weapon in your arsenal continues to sit on the sidelines 27 days after the events of September 11.Ó Baginski, who is now the CEO of Summit Solutions, a contractor specializing in SIGINT interception, told me, ÒIÕm not going to talk about it.Ó


    But she did take action. According to Drake, Baginski approved a plan to plug ThinThreadÕs automated analysis system into an enormous NSA database called PINWALE that included records of thousands of cellphone calls and e-mails. They found actionable intelligenceÑlinks between individuals and organizationsÑthat had not previously been discovered or had not been shared before 9/11. Drake, who was ThinThreadÕs program manager by this time, still canÕt talk specifics because the information remains classified; but he insists it could have alerted US intelligence to the 9/11 plot. ÒAnd thatÕs what caused them to finally shut ThinThread down, because of the severe embarrassment it could have caused,Ó he told me. ..."

  11. Dokumentation in ZDF-Mediathek Ÿber NSA-Skandal: ãDie geheimen Staaten von AmerikaÒ
    Die Dokumentation beleuchtet die Snowden-EnthŸllungen und lŠsst viele Akteure zu Wort kommen. Die Dokumentation ist aber aus dem Jahre 2014, das Ausma§ der EnthŸllungen ist noch viel grš§er als damals bekannt.

    Hier sind Teil 1, Teil 2 und Teil 3.
    Originalversion in Englisch: Part 1, Part 2 (Part 2 schlie§t den in der deutschen Version "Teil 3" genannten Teil ein). Details dazu.

  12. William Binney, Top Whistle Blower William Binney: Fake Cell Towers Will Be Used To Track American Citizens.
  13. Reality Asserts Itself with Paul Jay (Host): William Binney (2014), John Kiriakou (2015), Thomas Drake (2015), The Real News Network.

Version: 4. Dezember 2017

Adresse dieser Seite

Home

Joachim Gruber