[CTRL] [2] STOA Report: Interception Capabilities 2000

[Kris Millegan]

 -Caveat Lector-

from:
http://www.aci.net/kalliste/echelon/ic2000.htm
<A HREF="http://www.aci.net/kalliste/echelon/ic2000.htm">STOA Report:
Interception Capabilities 2000
</A>
-----
Awesome report. Site has oodles pix and drawings.
Om
K
--[2]--
�3. ECHELON and Comint production


65. The ECHELON system became well known following publication of the
previous STOA report. Since then, new evidence shows that ECHELON has
existed since the 1970s, and was greatly enlarged between 1975 and 1995.
Like ILC interception, ECHELON has developed from earlier methods. This
section includes new information and documentary evidence about ECHELON
and satellite interception.

     The "Watch List"

66. After the public revelation of the SHAMROCK interception programme,
NSA Director Lt General Lew Allen described how NSA used "'watch lists"
as an aid to watch for foreign activity of reportable intelligence
interest".(41) "We have been providing details ... of any messages
contained in the foreign communications we intercept that bear on named
individuals or organisations. These compilations of names are commonly
referred to as 'Watch Lists'", he said.(42) Until the 1970s, Watch List
processing was manual. Analysts examined intercepted ILC communications,
reporting, "gisting" or analysing those which appeared to cover names or
topics on the Watch List.

     New information about ECHELON sites and systems

67. It now appears that the system identified as ECHELON has been in
existence for more than 20 years. The need for such a system was
foreseen in the late 1960s, when NSA and GCHQ planned ILC satellite
interception stations at Mowenstow and Yakima. It was expected that the
quantity of messages intercepted from the new satellites would be too
great for individual examination. According to former NSA staff, the
first ECHELON computers automated Comint processing at these sites.(43)

68. NSA and CIA then discovered that Sigint collection from space was
more effective than had been anticipated, resulting in accumulations of
recordings that outstripped the available supply of linguists and
analysts. Documents show that when the SILKWORTH processing systems was
installed at Menwith Hill for the new satellites, it was supported by
ECHELON 2 and other databanks (see illustration).

69. By the mid 1980s, communications intercepted at these major stations
were heavily sifted, with a wide variety of specifications available for
non-verbal traffic. Extensive further automation was planned in the mid
1980s as NSA Project P-415. Implementation of this project completed the
automation of the previous Watch List activity. From 1987 onwards, staff
from international Comint agencies travelled to the US to attended
training courses for the new computer systems.

70. Project P-415/ECHELON made heavy use of NSA and GCHQ's global
Internet-like communication network to enable remote intelligence
customers to task computers at each collection site, and receive the
results automatically. The key component of the system are local
"Dictionary" computers, which store an extensive database on specified
targets, including names, topics of interest, addresses, telephone
numbers and other selection criteria. Incoming messages are compared to
these criteria; if a match is found, the raw intelligence is forwarded
automatically. Dictionary computers are tasked with many thousands of
different collection requirements, described as "numbers" (four digit
codes).

71. Tasking and receiving intelligence from the Dictionaries involves
processes familiar to anyone who has used the Internet. Dictionary
sorting and selection can be compared to using search engines, which
select web pages containing key words or terms and specifying
relationships. The forwarding function of the Dictionary computers may
be compared to e-mail. When requested, the system will provide lists of
communications matching each criterion for review, analysis, "gisting"
or forwarding. An important point about the new system is that before
ECHELON, different countries and different stations knew what was being
intercepted and to whom it was sent. Now, all but a fraction of the
messages selected by Dictionary computers at remote sites are forwarded
to NSA or other customers without being read locally.

List of intelligence databanks operating at ECHELON Menwith Hill in 1979
included the second generation of ECHELON
Satellite interception site at Sugar Grove, West Virginia, showing six
antennae targeted on European and Atlantic
Ocean regional communications satellites
�Westminster, London - Dictionary computer


72. In 1991, a British television programme reported on the operations
of the Dictionary computer at GCHQ's Westminster, London office. The
system "secretly intercepts every single telex which passes into, out of
or through London; thousands of diplomatic, business and personal
messages every day. These are fed into a programme known as
`Dictionary'. It picks out keywords from the mass of Sigint, and hunts
out hundreds of individuals and corporations".(44) The programme pointed
out that the Dictionary computers, although controlled and tasked by
GCHQ, were operated by security vetted staff employed by British Telecom
(BT), Britain's dominant telecommunications operator.(45) The presence
of Dictionary computers has also been confirmed at Kojarena, Australia;
and at GCHQ Cheltenham, England.(46)
�Sugar Grove, Virginia - COMSAT interception at ECHELON site


73. US government documents confirm that the satellite receiving station
at Sugar Grove, West Virginia is an ECHELON site, and that collects
intelligence from COMSATs. The station is about 250 miles south-west of
Washington, in a remote area of the Shenandoah Mountains. It is operated
by the US Naval Security Group and the US Air Force Intelligence Agency.


74. An upgraded system called TIMBERLINE II, was installed at Sugar
Grove in the summer of 1990. At the same time, according to official US
documents, an "ECHELON training department" was established.(47) With
training complete, the task of the station in 1991 became "to maintain
and operate an ECHELON site".(48)

75. The US Air Force has publicly identified the intelligence activity
at Sugar Grove: its "mission is to direct satellite communications
equipment [in support of] consumers of COMSAT information ... This is
achieved by providing a trained cadre of collection system operators,
analysts and managers".(49) In 1990, satellite photographs showed that
there were 4 satellite antennae at Sugar Grove. By November 1998, ground
inspection revealed that this had expanded to a group of 9.
�Sabana Seca, Puerto Rico and Leitrim, Canada - COMSAT interception
sites


76. Further information published by the US Air Force identifies the US
Naval Security Group Station at Sabana Seca, Puerto Rico as a COMSAT
interception site. Its mission is "to become the premier satellite
communications processing and analysis field station".(50)

77. Canadian Defence Forces have published details about staff functions
at the Leitrim field station of the Canadian Sigint agency CSE. The
station, near Ottawa, Ontario has four satellite terminals, erected
since 1984. The staff roster includes seven Communications Satellite
Analysts, Supervisors and Instructors.(51)

78. In a publicly available resume, a former Communication Satellite
Analyst employed at Leitrim describes his job as having required
expertise in the "operation and analysis of numerous Comsat computer
systems and associated subsystems ... [utilising] computer assisted
analysis systems ... [and] a broad range of sophisticated electronic
equipment to intercept and study foreign communications and electronic
transmissions.(52) Financial reports from CSE also indicate that in
1995/96, the agency planned payments of $7 million to ECHELON and $6
million to Cray (computers). There were no further details about
ECHELON.(53)
�Waihopai, New Zealand - Intelsat interception at ECHELON site


79. New Zealand's Sigint agency GCSB operates two satellite interception
terminals at Waihopai, tasked on Intelsat satellites covering the
Pacific Ocean. Extensive details have already been published about the
station's Dictionary computers and its role in the ECHELON network.(54)
 After the book was published, a New Zealand TV station obtained images
of the inside of the station operations centre. The pictures were
obtained clandestinely by filming through partially curtained windows at
night. The TV reporter was able to film close-ups of technical manuals
held in the control centre. These were Intelsat technical manuals,
providing confirmation that the station targeted these satellites
Strikingly, the station was seen to be virtually empty, operating fully
automatically. One guard was inside, but was unaware he was being
filmed.(55)
�ILC processing techniques


80. The technical annexe describes the main systems used to extract and
process communications intelligence. The detailed explanations given
about processing methods are not essential to understanding the core of
this report, but are provided so that readers knowledgeable about
telecommunications may fully evaluate the state of the art.

81. Fax messages and computer data (from modems) are given priority in
processing because of the ease with which they are understood and
analysed. The main method of filtering and analysing non-verbal traffic,
the Dictionary computers, utilise traditional information retrieval
techniques, including keywords. Fast special purpose chips enable vast
quantities of data to be processed in this way. The newest technique is
"topic spotting". The processing of telephone calls is mainly limited to
identifying call-related information, and traffic analysis. Effective
voice "wordspotting" systems do not exist are not in use, despite
reports to the contrary. But "voiceprint" type speaker identification
systems have been in use since at least 1995. The use of strong cryptog
raphy is slowly impinging on Comint agencies' capabilities. This
difficulty for Comint agencies has been offset by covert and overt
activities which have subverted the effectiveness of cryptographic
systems supplied from and/or used in Europe.

82. The conclusions drawn in the annexe are that Comint equipment
currently available has the capability, as tasked, to intercept, process
and analyse every modern type of high capacity communications system to
which access is obtained, including the highest levels of the Internet.
There are few gaps in coverage. The scale, capacity and speed of some
systems is difficult fully to comprehend. Special purpose systems have
been built to process pager messages, cellular mobile radio and new
satellites.


��4. Comint and Law Enforcement


83. In 1990 and 1991, the US government became concerned that the
marketing of a secure telephone system by AT&T could curtail Comint
activity. AT&T was persuaded to withdraw its product. In its place the
US government offered NSA "Clipper" chips for incorporation in secure
phones. The chips would be manufactured by NSA, which would also record
built-in keys and pass this information to other government agencies for
storage and, if required, retrieval. This proposal proved extremely
unpopular, and was abandoned. In its place, the US government proposed
that non government agencies should be required to keep copies of every
user's keys, a system called "key escrow" and, later, "key recovery".
Viewed in retrospect, the actual purpose of these proposals was to pro
vide NSA with a single (or very few) point(s) of access to keys,
enabling them to continue to access private and commercial
communications.
�Misrepresentation of law enforcement interception requirements


84. Between 1993 to 1998, the United States conducted sustained
diplomatic activity seeking to persuade EU nations and the OECD to adopt
their "key recovery" system. Throughout this period, the US government
insisted that the purpose of the initiative was to assist law
enforcement agencies. Documents obtained for this study suggest that
these claims wilfully misrepresented the true intention of US policy.
Documents obtained under the US Freedom of Information Act indicate that
policymaking was led exclusively by NSA officials, sometimes to the
complete exclusion of police or judicial officials. For example, when
the specially appointed US "Ambassador for Cryptography", David Aaron,
visited Britain on 25 November 1996, he was accompanied and briefed by
NSA's most senior representative in Britain, Dr James J Hearn, formerly
Deputy Director of NSA. Mr Aaron had did not meet or consult FBI
officials attached to his Embassy. His meeting with British Cabinet
officials included NSA's representative and staff from Britain's GCHQ,
but police officers or justice officials from both nations were
excluded.

85. Since 1993, unknown to European parliamentary bodies and their
electors, law enforcement officials from many EU countries and most of
the UKUSA nations have been meeting annually in a separate forum to
discuss their requirements for intercepting communications. These
officials met under the auspices of a hitherto unknown organisation,
ILETS (International Law Enforcement Telecommunications Seminar). ILETS
was initiated and founded by the FBI. Table 2 lists ILETS meetings held
between 1993 and 1997.

86. At their 1993 and 1994 meetings, ILETS participants specified law
enforcement user requirements for communications interception. These
appear in a 1974 ILETS document called "IUR 1.0". This document was
based on an earlier FBI report on "Law Enforcement Requirements for the
Surveillance of Electronic Communications", first issued in July 1992
and revised in June 1994. The IUR requirement differed little in
substance from the FBI's requirements but was enlarged, containing ten
requirements rather than nine. IUR did not specify any law enforcement
need for "key escrow" or "key recovery". Cryptography was mentioned
solely in the context of network security arrangements.

87. Between 1993 and 1997 police representatives from ILETS were not
involved in the NSA-led policy making process for "key recovery", nor
did ILETS advance any such proposal, even as late as 1997. Despite this,
during the same period the US government repeatedly presented its policy
as being motivated by the stated needs of law enforcement agencies. At
their 1997 meeting in Dublin, ILETS did not alter the IUR. It was not
until 1998 that a revised IUR was prepared containing requirements in
respect of cryptography. It follows from this that the US government
misled EU and OECD states about the true intention of its policy.

88. This US deception was, however, clear to the senior Commission
official responsible for information security. In September 1996, David
Herson, head of the EU Senior Officers' Group on Information Security,
stated his assessment of the US "key recovery" project :
����"'Law Enforcement' is a protective shield for all the other
governmental activities ... We're talking about foreign intelligence,
that's what all this is about. There is no question [that] 'law
enforcement' is a smoke screen".(56)


89. It should be noted that technically, legally and organisationally,
law enforcement requirements for communications interception differ
fundamentally from communications intelligence. Law enforcement agencies
(LEAs) will normally wish to intercept a specific line or group of
lines, and must normally justify their requests to a judicial or
administrative authority before proceeding. In contract, Comint agencies
conduct broad international communications "trawling" activities, and
operate under general warrants. Such operations do not require or even
suppose that the parties they intercept are criminals. Such distinctions
are vital to civil liberty, but risk being eroded it the boundaries
between law enforcement and communications intelligence interception bec
omes blurred in future.

YearVenueNon-EU participantsEU participants1993Quantico, Virginia, USA
Australia, Canada, Hong Kong, Norway United StatesDenmark, France,
Germany, Netherlands, Spain, Sweden, United Kingdom1994Bonn, Germany
Australia, Canada, Hong Kong, Norway, United StatesAustria, Belgium,
Denmark, Finland, France, Germany, Greece, Ireland, Luxembourg,
Netherlands, Portugal, Spain, Sweden, United Kingdom1995Canberra,
AustraliaAustralia, Canada, Hong Kong, New Zealand, Norway, United
StatesBelgium, France, Germany, Greece, Ireland, Italy, Netherlands,
Spain, Sweden, United Kingdom1997Dublin, IrelandAustralia, Canada, Hong
Kong, New Zealand, Norway, United StatesAustria, Belgium, Denmark,
Finland, France, Germany, Ireland, Italy, Luxembourg, Netherlands,
Portugal, Spain, Sweden, United Kingdom
������Table 2 ILETS meetings, 1993-1997 ���
Law enforcement communications interception - policy development in
Europe



90. Following the second ILETS meeting in Bonn in 1994, IUR 1.0 was
presented to the Council of Ministers and was passed without a single
word being altered on 17January 1995.(57) During 1995, several non EU
members of the ILETS group wrote to the Council to endorse the
(unpublished) Council resolution. The resolution was not published in
the Official Journal for nearly two years, on 4 November 1996.

91. Following the third ILETS meeting in Canberra in 1995, the
Australian government was asked to present the IUR to International
Telecommunications Union (ITU). Noting that "law enforcement and
national security agencies of a significant number of ITU member states
have agreed on a generic set of requirements for legal interception",
the Australian government asked the ITU to advise its standards bodies
to incorporate the IUR requirements into future telecommunications
systems on the basis that the "costs of [providing] legal interception
capability and associated disruptions can be lessened by providing for
that capability at the design stage".(58)

92. It appears that ILETS met again in 1998 and revised and extended its
terms to cover the Internet and Satellite Personal Communications
Systems such as Iridium. The new IUR also specified "additional security
requirements for network operators and service providers", extensive new
requirements for personal information about subscribers, and provisions
to deal with cryptography.

93. On 3 September 1998, the revised IUR was presented to the Police
Co-operation Working Group as ENFOPOL 98. The Austrian Presidency
proposed that, as in 1994, the new IUR be adopted verbatim as a Council
Resolution on interception "in respect of new technology".(59) The group
did not agree. After repeated redrafting, a fresh paper has been
prepared by the German Presidency, for the eventual consideration of
Council Home and Justice ministers.(60)

��5. Comint and economic intelligence


94. During the 1998 EP debate on "Transatlantic relations/ECHELON
system" Commissioner Bangeman observed on behalf of the Commission that
"If this system were to exist, it would be an intolerable attack against
individual liberties, competition and the security of the states".(61)
 The existence of ECHELON was described in section 3, above. This
section describes the organisational and reporting frameworks within
which economically sensitive information collected by ECHELON and
related systems is disseminated, summarising examples where European
organisations have been the subject of surveillance.
�Tasking economic intelligence


95. US officials acknowledge that NSA collects economic information,
whether intentionally or otherwise. Former military intelligence attach�
Colonel Dan Smith worked at the US Embassy, London until 1993. He
regularly received Comint product from Menwith Hill. In 1998, he told
the BBC that at Menwith Hill:
����"In terms of scooping up communications, inevitably since their take
is broadband, there will be conversations or communications which are
intercepted which have nothing to do with the military, and probably
within those there will be some information about commercial dealings"
"Anything would be possible technically. Technically they can scoop all
this information up, sort through it and find out what it is that might
be asked for . . . But there is not policy to do this specifically in
response to a particular company's interest(62)



96. In general, this statement is not incorrect. But it overlooks
fundamental distinctions between tasking and dissemination, and between
commercial and economic intelligence. There is no evidence that
companies in any of the UKUSA countries are able to task Comint
collection to suit their private purposes. They do not have to. Each
UKUSA country authorises national level intelligence assessment
organisations and relevant individual ministries to task and receive
economic intelligence from Comint. Such information may be collected for
myriad purposes, such as: estimation of future essential commodity
prices; determining other nation's private positions in trade
negotiations; monitoring international trading in arms; tracking
sensitive technology; or evaluating the political stability and/or
economic strength of a target country. Any of these targets and many
others may produce intelligence of direct commercial relevance. The
decision as to whether it should be disseminated or exploited is taken
not by Comint agencies but by national government organisation(s).
�Disseminating economic intelligence


97. In 1970, according to its former Executive Director, the US Foreign
Intelligence Advisory Board recommended that "henceforth economic
intelligence be considered a function of the national security, enjoying
a priority equivalent to diplomatic, military, technological
intelligence".(63) On 5 May 1977, a meeting between NSA, CIA and the
Department of Commerce authorised the creation of secret new department,
the "Office of Intelligence Liaison". Its task was to handle "foreign
intelligence" of interest to the Department of Commerce. Its standing
orders show that it was authorised to receive and handle SCI
intelligence - Comint and Sigint from NSA. The creation of this office
THUS provided a formal mechanism whereby NSA data could be used to
support commercial and economic interests. After this system was
highlighted in a British TV programme in 1993, its name was changed to
the "Office of Executive Support".(64) Also in 1993, President Clinton
extended US intelligence support to commercial organisations by creating
a new National Economic Council, paralleling the National Security
Council.

98. The nature of this intelligence support has been widely reported.
"Former intelligence officials and other experts say tips based on
spying ... regularly flow from the Commerce Department to U.S. companies
to help them win contracts overseas.(65) The Office of Executive Support
provides classified weekly briefings to security officials. One US
newspaper obtained reports from the Commerce Department demonstrating
intelligence support to US companies:
����One such document consists of minutes from an August 1994 Commerce
Department meeting [intended] to identify major contracts open for bid
in Indonesia in order to help U.S. companies win the work. A CIA
employee ... spoke at the meeting; five of the 16 people on the routine
distribution list for the minutes were from the CIA.


99. In the United Kingdom, GCHQ is specifically required by law (and as
and when tasked by the British government) to intercept foreign
communications "in the interests of the economic well-being of the
United Kingdom ...in relation to the actions or intentions of persons
outside the British Islands". Commercial interception is tasked and
analysed by GCHQ's K Division. Commercial and economic targets can be
specified by the government's Overseas Economic Intelligence Committee,
the Economic Staff of the Joint Intelligence Committee, the Treasury, or
the Bank of England.(66) According to a former senior JIC official, the
Comint take routinely includes "company plans, telexes, faxes, and
transcribed phone calls. Many were calls between Europe and the
South[ern Hemisphere]".(67)

100. In Australia, commercially relevant Comint is passed by DSD to the
Office of National Assessments, who consider whether, and if so where,
to disseminate it. Staff there may pass information to Australian
companies if they believe that an overseas nation has or seeks an unfair
trade advantage. Targets of such activity have included Thomson-CSF, and
trade negotiations with Japanese purchasers of coal and iron ore.
Similar systems operate in the other UKUSA nations, Canada and New
Zealand.
�The use of Comint economic intelligence product
Panavia European Fighter Aircraft consortium and Saudi Arabia



101. In 1993, former National Security Council official Howard Teicher
described in a programme about Menwith Hill how the European Panavia
company was specifically targeted over sales to the Middle East. "I
recall that the words 'Tornado' or 'Panavia' - information related to
the specific aircraft - would have been priority targets that we would
have wanted information about".(68)
�Thomson CSF and Brazil


102. In 1994, NSA intercepted phone calls between Thomson-CSF and Brazil
concerning SIVAM, a $1.3 billion surveillance system for the Amazon rain
forest. The company was alleged to have bribed members of the Brazilian
government selection panel. The contract was awarded to the US Raytheon
Corporation - who announced afterwards that "the Department of Commerce
worked very hard in support of U.S. industry on this project".(69)
 Raytheon also provide maintenance and engineering services to NSA's
ECHELON satellite interception station at Sugar Grove.
�Airbus Industrie and Saudi Arabia


103. According to a well-informed 1995 press report :"from a commercial
communications satellite, NSA lifted all the faxes and phone calls
between the European consortium Airbus, the Saudi national airline and
the Saudi government. The agency found that Airbus agents were offering
bribes to a Saudi official. It passed the information to U.S. officials
pressing the bid of Boeing Co and McDonnell Douglas Corp., which
triumphed last year in the $6 billion competition." (70)
�International trade negotiations


104. Many other accounts have been published by reputable journalists
and some firsthand witnesses citing frequent occasions on which the US
government has utlitised Comint for national commercial purposes. These
include targeting data about the emission standards of Japanese
vehicles;(71) 1995 trade negotiations the import of Japanese luxury
cars;(72) French participation in the GATT trade negotiations in 1993;
the Asian-Pacific Economic Conference (APEC), 1997.
�Targeting host nations


105. The issue of whether the United States utilises communications
intelligence facilities such as Menwith Hilll or Bad Aibling to attack
host nations' communications also arises. The available evidence
suggests that such conduct may normally be avoided. According to former
National Security Council official Howard Teicher, the US government
would not direct NSA to spy on a host governments such as Britain:
����" [But] I would never say never in this business because, at the end
of the day, national interests are national interests ... sometimes our
interests diverge. So never say never - especially in this business"
.
6. Comint capabilities after 2000

Developments in technology



106. Since the mid-1990s, communications intelligence agencies have
faced substantial difficulties in maintaining global access to
communications systems. These difficulties will increase during and
after 2000. The major reason is the shift in telecommunications to high
capacity optical fibre networks. Physical access to cables is required
for interception. Unless a fibre network lies within or passes through a
collaborating state, effective interception is practical only by
tampering with optoelectronic repeaters (when installed). This
limitation is likely to place many foreign land-based high capacity
optical fibre networks beyond reach. The physical size of equipment
needed to process traffic, together with power, communications and
recording systems, makes clandestine activity impractical and risky.

107. Even where access is readily available (such as to COMSATs), the
proliferation of new systems will limit collection activities, partly
because budgetary constraint will restrict new deployments, and partly
because some systems (for example, Iridium) cannot be accessed by
presently available systems.

108. In the past 15 years the substantial technological lead in
computers and information technology once enjoyed by Comint
organisations has all but disappeared. Their principal computer systems
are bought "off the shelf" and are the equal of or even inferior to
those used by first rank industrial and academic organisations. They
differ only in being "TEMPEST shielded", preventing them emitting radio
signals which could be used to analyse Sigint activity.

109. Communications intelligence organisations recognise that the long
war against civil and commercial cryptography has been lost. A thriving
academic and industrial community is skilled in cryptography and
cryptology. The Internet and the global marketplace have created a free
flow in information, systems and software. NSA has failed in its mission
to perpetuate access by pretending that that "key escrow" and like
systems were intended to support law enforcement (as opposed to Comint)
requirements.

110. Future trends in Comint are likely to include limits on investment
in Comint collection from space; greater use of human agents to plant
collection devices or obtain codes than in the past; and an intensified
effort to attack foreign computer systems, using the Internet and other
means (in particular, to gain access to protected files or
communications before they are encrypted).

111. Attempts to restrict cryptography have nevertheless delayed the
large-scale introduction of effective cryptographic security systems.
The reduced cost of computational power has also enabled Comint agencies
to deploy fast and sophisticated processing and sorting tools.

112. Recent remarks to CIA veterans by the head of staff of the US House
of Representatives Permanent Select Committee on Intelligence, ex CIA
officer John Millis illustrate how NSA views the same issues:
1.���"Signals intelligence is in a crisis. ... Over the last fifty years
... In the past, technology has been the friend of NSA, but in the last
four or five years technology has moved from being the friend to being
the enemy of Sigint.
The media of telecommunications is no longer Sigint-friendly. It used to
be. When you were doing RF signals, anybody within range of that RF
signal could receive it just as clearly as the intended recipient. We
moved from that to microwaves, and people figured out a great way to
harness that as well. Well, we're moving to media that are very
difficult to get to.

Encryption is here and it's going to grow very rapidly. That is bad news
for Sigint ... It is going to take a huge amount of money invested in
new technologies to get access and to be able to break out the
information that we still need to get from Sigint".




       Policy issues for the European Parliament

1. The 1998 Parliamentary resolution on "Transatlantic relations/ECHELON
system"(73) called for "protective measures concerning economic
information and effective encryption". Providing such measures may be
facilitated by developing an in-depth understanding of present and
future Comint capabilities.

2. At the technical level, protective measures may best be focused on
defeating hostile Comint activity by denying access or, where this is
impractical or impossible, preventing processing of message content and
associated traffic information by general use of cryptography.

3. As the SOGIS group within the Commission has recognised,(74) the
contrasting interests of states is a complex issue. Larger states have
made substantial investments in Comint capabilities. One member state is
active in the UKUSA alliance, whilst others are either "third parties"
to UKUSA or have made bilateral arrangements with NSA. Some of these
arrangements were a legacy of the cold war; others are enduring. These
issues create internal and international conflicts of interest.
Technical solutions are not obvious. It should be possible to define a
shared interest in implementing measures to defeat future external
Comint activities directed against European states, their citizens and
commercial activities.

4. A second area of apparent conflict concerns states' desires to
provide communications interception for legitimate law enforcement
purposes. The technical and legal processes involved in providing
interception for law enforcement purpose differ fundamentally from those
used in communications intelligence. Partly because of the lack of
parliamentary and public awareness of Comint activities, this
distinction is often glossed over, particularly by states that invest
heavily in Comint. Any failure to distinguish between legitimate law
enforcement interception requirements and interception for clandestine
intelligence purposes raises grave issues for civil liberties. A clear
boundary between law enforcement and "national security" interception
activity is essential to the protection of human rights and fundamental
freedoms.

5. At the present time, Internet browsers and other software used in
almost every personal computer in Europe is deliberately disabled such
that "secure" communications they send can, if collected, be read
without difficulty by NSA. US manufacturers are compelled to make these
arrangements under US export rules. A level playing field is important.
Consideration could be given to a countermeasure whereby, if systems
with disabled cryptographic systems are sold outside the United States,
they should be required to conform to an "open standard" such that third
parties and other nations may provide additional applications which
restore the level of security to at least enjoyed by domestic US
customers.

6. The work of ILETS has proceeded for 6 years without the involvement
of parliaments, and in the absence of consultation with the industrial
organisations whose vital interests their work affects. It is
regrettable that, prior to the publication of this report, public
information has not been available in states about the scope of the
policy-making processes, inside and outside the EU, which have led to
the formulation of existing and new law enforcement "user requirements".
As a matter of urgency, the current policy-making process should be made
open to public and parliamentary discussion in member states and in the
EP, so that a proper balance may be struck between the security and
privacy rights of citizens and commercial enterprises, the financial and
technical interests of communications network operators and service
providers, and the need to support law enforcement activities intended
to suppress serious crime and terrorism.
--[cont]--
Aloha, He'Ping,
Om, Shalom, Salaam.
Em Hotep, Peace Be,
Omnia Bona Bonis,
All My Relations.
Adieu, Adios, Aloha.
Amen.
Roads End
Kris

DECLARATION & DISCLAIMER
==========
CTRL is a discussion and informational exchange list. Proselyzting propagandic
screeds are not allowed. Substance�not soapboxing!  These are sordid matters
and 'conspiracy theory', with its many half-truths, misdirections and outright
frauds is used politically  by different groups with major and minor effects
spread throughout the spectrum of time and thought. That being said, CTRL
gives no endorsement to the validity of posts, and always suggests to readers;
be wary of what you read. CTRL gives no credeence to Holocaust denial and
nazi's need not apply.

Let us please be civil and as always, Caveat Lector.
========================================================================
Archives Available at:
http://home.ease.lsoft.com/archives/CTRL.html

http:[EMAIL PROTECTED]/
========================================================================
To subscribe to Conspiracy Theory Research List[CTRL] send email:
SUBSCRIBE CTRL [to:] [EMAIL PROTECTED]

To UNsubscribe to Conspiracy Theory Research List[CTRL] send email:
SIGNOFF CTRL [to:] [EMAIL PROTECTED]

Om