Kevin Poulsen at Threat Level reports on yet another disturbing instance of a telecom company partnering with the federal government to allow unfettered access to their customers voice and data traffic:
A U.S. government office in Quantico, Virginia, has direct, high-speed access to a major wireless carrier’s systems, exposing customers’ voice calls, data packets and physical movements to uncontrolled surveillance, according to a computer security consultant who says he worked for the carrier in late 2003.
“What I thought was alarming is how this carrier ended up essentially allowing a third party outside their organization to have unfettered access to their environment,” Babak Pasdar, now CEO of New York-based Bat Blue told Threat Level. “I wanted to put some access controls around it; they vehemently denied it. And when I wanted to put some logging around it, they denied that.”
Pasdar won’t name the wireless carrier in question, but his claims are nearly identical to unsourced allegations made in a federal lawsuit filed in 2006 against four phone companies and the U.S. government for alleged privacy violations. That suit names Verizon Wireless as the culprit.
According to his affidavit, Pasdar tumbled to the surveillance superhighway in September 2003, when he led a “Rapid Deployment” team hired to revamp security on the carrier’s internal network. He noticed that the carrier’s officials got squirrelly when he asked about a mysterious “Quantico Circuit” — a 45 megabit/second DS-3 line linking its most sensitive network to an unnamed third party.
Quantico, Virginia, is home to a Marine base. But perhaps more relevantly, it’s also the center of the FBI’s electronic surveillance operations.
“The circuit was tied to the organization’s core network,” Pasdar writes in his affidavit. “It had access to the billing system, text messaging, fraud detection, web site, and pretty much all the systems in the data center without apparent restrictions.” [Emphasis added]
This is as frightening a development as any other in the already widespread documentation of telecom companies partnering with the Bush administration to give intelligence and military agencies unprecedented, unregulated access to information about Americans. The surveillance described above is not regulated by warrant. It is not targeted. There is no indication that it is minimized. And the nature of the circuit means that the government has the ability to track the physical location of this telecom company’s customers, as well as their financial records, voice, text, and data transmissions.
Equally troubling is that this telecom resisted all efforts by Pasdar to not only limit the government’s access to this massive stream of information, but keep track of what is being transmitted through the circuit.
Two general principles make themselves crystal clear in this story. The Bush administration has sought and achieved unprecedented capacities to spy on Americans without warrant and without regard to duly passed, long standing laws regarding domestic surveillance. The big telecom companies have been willing partners in this process at almost every step. The big telecom companies have been willing partners in this process at almost every step. These companies and this administration must be held accountable for their lawlessness and their repeated, systemic violations of Americans’ civil liberties.
Cross posted at the CREDO Action Blog.