German BND Intelligence Cooperation with NSA has Actually Expanded.

Uploaded on 2015-05-22 in NEWS-Cybersecurity News, INTELLIGENCE--Europe, FREE TO VIEW

apes.png

Late last month Der Spiegel reported that the Bundesnachrichtendienst (BND), Germany’s foreign intelligence agency, participated in and directly supported the National Security Agency’s efforts much more broadly than originally revealed by the Snowden documents. 

The Der Spiegel story revealed that nearly five percent of the searches conducted according to NSA requests were violations of German intelligence policies, which, among other things, prohibit spying on European targets. On a daily basis, the NSA requested that the BND run searches on specific selectors (like phone numbers, IP addresses, and email addresses) and share the information with the US agency. These revelations are important on at least two fronts. First, the sheer quantity of selectors that the NSA sent to the BND raises questions about the level of cooperation between German and American spy agencies. Second, the degree to which the NSA’s requests were driven by economic interests rather than terrorism concerns may undercut the agency’s claims that it doesn’t engage in forms of economic espionage.

Before delving into these developments, it is important to consider them in light of the background history of relations between the US intelligence community and the BND. A Just Security post by Prof. Jefferson Adams traced some of the rocky relationship over time and the different institutional cultures today surrounding state surveillance. He called for a high-level review of US policies toward Germany and other NATO countries. 

According to the news from a few days ago, the relationship may have also borne fruit in the form of the BND played a fundamental role in tracking down Osama bin Laden before his death. So what do the new revelations about NSA and BND cooperation tell us?

Between 2002 and 2013, the NSA sent the BND roughly 800,000 selectors to run searches against, which averages out to nearly 200 per day, according to Zeit Online. By 2008, analysts at the BND started to worry that some of the selectors were targeting German and European individuals and companies, but it wasn’t until the Snowden revelations that the German public was made aware of the NSA’s requests or that the fulfillment of those requests included a number of violations of the country’s intelligence policies. 

Indeed, according to Der Spiegel, neither the leadership of the BND nor the Chancellery, the body charged with monitoring the BND, were made aware of the violations before 2013. In October of that year, the BND estimated that it had run searches on approximately 2,000 selectors that were aimed at information about European (including even German) individuals and companies. However, Der Spiegel’s recent report indicates that the number of violations committed by the BND at the request of the NSA was 40,000, not 2,000. (These “violations” are distinct from the NSA’s violations of the countries’ intelligence agreement — which bars spying on each other’s citizens — by, for example, directly monitoring Angela Merkel’s phone.)

The NSA maintains that it has broad authority to collect information on non-US persons abroad, whether pursuant to Section 702 of the FISA Amendments Act or under other authorities like Executive Order 12,333. Why did the NSA need to ask the Germans to run the searches in the first place? Were there restrictions under American law that would prevent the NSA from conducting those queries on its own?

There are longstanding concerns that the United States and its allies rely on each other to gather and share information that they cannot obtain under their own domestic laws. Many countries place significant restrictions on spy agencies gathering intelligence information about their own citizens, but the rules for spying on allies’ citizens are often looser. Intelligence agreements like the one between the US and Germany dictate what sorts of information can be collected and shared. 

Experts have long worried that, for example, if a search can legally be conducted under German law by the BND (but not under American law by the NSA), the Germans will run the search and share the results with the US, thereby allowing the NSA to gain access to information it may not lawfully have been able to get on its own.

Until now, stories of such practices have largely been confined to the Five Eyes community and haven’t extended to the US’s broader intelligence coalitions (see here, here, and here for examples). Der Spiegel’s report may indicate that the practice is far more widespread than previously known considering the fact that Germany enters the NSA’s intelligence coalition at the Fourteen Eyes level. There may well be valid reasons for the NSA requesting the BND to run so many searches, but the fact that none are particularly evident is concerning in-and-of itself.

Reports indicate that various European politicians and EADS, the European defense company, now known as the Airbus Group, were among the NSA’s targets. So while the US may not be stealing trade secrets, some of the selectors, sent to the BND, were apparently, driven by economic interests rather than counterterrorism efforts. 

The drama over these surveillance activities and Germany’s complicity is just starting to heat up. Austria filed a legal complaint two weeks ago so it could begin its own investigation into the extent of Germany spying on Austrian targets on behalf of the NSA. And Airbus is preparing to file a criminal complaint over the disclosures. This is to say nothing of last week’s revelations that, in addition to assisting the NSA with searches of particular selectors, the BND also sends the NSA roughly 1.3 billion metadata records every month.

Clearly, German and US intelligence agencies are cooperating on a scale and in ways that we are just now finding out about. It’s worth noting that in the wake of all of these new public revelations, the BND has suspended the online surveillance activities it was conducting for the NSA and has otherwise reduced its cooperation while the investigations are pending. Needless to say, it will be worth watching this space and to see whether and how these types of events undermine US-German cooperation on actual counterterrorism efforts.
Just Security:  http://bit.ly/1PAF4fl

« Nine Strange Flying Robots from the 2015 Drone Show
Snowden Sees Victory – But it’s From a Distance »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CyTech Services

CyTech Services

CyTech provides Forensics Incident Response, Cyber Security and Training services.

Center for a New American Security (CNAS)

Center for a New American Security (CNAS)

CNAS is the nation's leading research institution focused on defense and national security policy. Cyber security issues are an intrinsic element of the national security debate.

CEPS

CEPS

CEPS is a leading think tank and forum for debate on EU affairs, ranking among the top think tanks in Europe. Topic areas include Innovation, Digital economy and Cyber-security.

Quantivate

Quantivate

Quantivate is a provider of web-based Governance, Risk, and Compliance (GRC) software and service solutions.

CERT-UG/CC

CERT-UG/CC

CERT-UG/CC is the national Computer Emergency Response Team for Uganda, operating under the National Information Technology Authority (NITA-U)

SparkCognition

SparkCognition

SparkCognition’s AI-powered solutions enhance cybersecurity, identify and prevent equipment failures before they happen, and provide prescriptive intelligence for maintaining your most critical assets

Assured Enterprises

Assured Enterprises

Assured Enterprises provides comprehensive cyber risk identification, management and mitigation across all platforms.

Blaick Technologies

Blaick Technologies

Blaick is an Israeli cyber-security company which deploys proprietary Artificial Intelligence threats detection technology for early prevention of online cyber crime.

Baxter Clewis Consulting

Baxter Clewis Consulting

Baxter Clewis are cyber security and compliance experts. We provide Security Consulting, IT Assurance, and Technical Security services.

Pacific Global Security Group

Pacific Global Security Group

Pacific Global Security Group offers an intelligence-driven focus on all aspects of cybersecurity for IT/ICS/OT.

Asimily

Asimily

Asimily’s IoMT risk remediation platform holistically secures the mission-critical healthcare devices that deliver safe and reliable care.

Green Radar

Green Radar

Green Radar is a next generation cybersecurity company which combines technologies and services together to deliver Threat Detection for Emails and Deep Threat Analytics and Response.

Oman Technology Fund (OTF)

Oman Technology Fund (OTF)

Oman Technology Fund aims to make Oman the preferred destination for emerging tech companies in the region, and an attractive and stimulating destination for venture capital.

Wadilona Cyber Securities

Wadilona Cyber Securities

Wadilona Cyber Securities' sole aim is to bring and secure Information and Communications Technology (ICT) to and work for humans in its simplest terms.

Togggle

Togggle

Togggle offers seamless identity verification solutions and distributed infrastructure, enabling organizations to combat fraud and ensure compliance with data protection regulations.

Cyber Guards

Cyber Guards

Cyber Guards provide comprehensive, turn-key cyber security programs for small and mid-size business for about the cost of one full-time cybersecurity hire.