German BND Intelligence Cooperation with NSA has Actually Expanded.

Uploaded on 2015-05-22 in NEWS-News Analysis, INTELLIGENCE--Europe, FREE TO VIEW

apes.png

Late last month Der Spiegel reported that the Bundesnachrichtendienst (BND), Germany’s foreign intelligence agency, participated in and directly supported the National Security Agency’s efforts much more broadly than originally revealed by the Snowden documents. 

The Der Spiegel story revealed that nearly five percent of the searches conducted according to NSA requests were violations of German intelligence policies, which, among other things, prohibit spying on European targets. On a daily basis, the NSA requested that the BND run searches on specific selectors (like phone numbers, IP addresses, and email addresses) and share the information with the US agency. These revelations are important on at least two fronts. First, the sheer quantity of selectors that the NSA sent to the BND raises questions about the level of cooperation between German and American spy agencies. Second, the degree to which the NSA’s requests were driven by economic interests rather than terrorism concerns may undercut the agency’s claims that it doesn’t engage in forms of economic espionage.

Before delving into these developments, it is important to consider them in light of the background history of relations between the US intelligence community and the BND. A Just Security post by Prof. Jefferson Adams traced some of the rocky relationship over time and the different institutional cultures today surrounding state surveillance. He called for a high-level review of US policies toward Germany and other NATO countries. 

According to the news from a few days ago, the relationship may have also borne fruit in the form of the BND played a fundamental role in tracking down Osama bin Laden before his death. So what do the new revelations about NSA and BND cooperation tell us?

Between 2002 and 2013, the NSA sent the BND roughly 800,000 selectors to run searches against, which averages out to nearly 200 per day, according to Zeit Online. By 2008, analysts at the BND started to worry that some of the selectors were targeting German and European individuals and companies, but it wasn’t until the Snowden revelations that the German public was made aware of the NSA’s requests or that the fulfillment of those requests included a number of violations of the country’s intelligence policies. 

Indeed, according to Der Spiegel, neither the leadership of the BND nor the Chancellery, the body charged with monitoring the BND, were made aware of the violations before 2013. In October of that year, the BND estimated that it had run searches on approximately 2,000 selectors that were aimed at information about European (including even German) individuals and companies. However, Der Spiegel’s recent report indicates that the number of violations committed by the BND at the request of the NSA was 40,000, not 2,000. (These “violations” are distinct from the NSA’s violations of the countries’ intelligence agreement — which bars spying on each other’s citizens — by, for example, directly monitoring Angela Merkel’s phone.)

The NSA maintains that it has broad authority to collect information on non-US persons abroad, whether pursuant to Section 702 of the FISA Amendments Act or under other authorities like Executive Order 12,333. Why did the NSA need to ask the Germans to run the searches in the first place? Were there restrictions under American law that would prevent the NSA from conducting those queries on its own?

There are longstanding concerns that the United States and its allies rely on each other to gather and share information that they cannot obtain under their own domestic laws. Many countries place significant restrictions on spy agencies gathering intelligence information about their own citizens, but the rules for spying on allies’ citizens are often looser. Intelligence agreements like the one between the US and Germany dictate what sorts of information can be collected and shared. 

Experts have long worried that, for example, if a search can legally be conducted under German law by the BND (but not under American law by the NSA), the Germans will run the search and share the results with the US, thereby allowing the NSA to gain access to information it may not lawfully have been able to get on its own.

Until now, stories of such practices have largely been confined to the Five Eyes community and haven’t extended to the US’s broader intelligence coalitions (see here, here, and here for examples). Der Spiegel’s report may indicate that the practice is far more widespread than previously known considering the fact that Germany enters the NSA’s intelligence coalition at the Fourteen Eyes level. There may well be valid reasons for the NSA requesting the BND to run so many searches, but the fact that none are particularly evident is concerning in-and-of itself.

Reports indicate that various European politicians and EADS, the European defense company, now known as the Airbus Group, were among the NSA’s targets. So while the US may not be stealing trade secrets, some of the selectors, sent to the BND, were apparently, driven by economic interests rather than counterterrorism efforts. 

The drama over these surveillance activities and Germany’s complicity is just starting to heat up. Austria filed a legal complaint two weeks ago so it could begin its own investigation into the extent of Germany spying on Austrian targets on behalf of the NSA. And Airbus is preparing to file a criminal complaint over the disclosures. This is to say nothing of last week’s revelations that, in addition to assisting the NSA with searches of particular selectors, the BND also sends the NSA roughly 1.3 billion metadata records every month.

Clearly, German and US intelligence agencies are cooperating on a scale and in ways that we are just now finding out about. It’s worth noting that in the wake of all of these new public revelations, the BND has suspended the online surveillance activities it was conducting for the NSA and has otherwise reduced its cooperation while the investigations are pending. Needless to say, it will be worth watching this space and to see whether and how these types of events undermine US-German cooperation on actual counterterrorism efforts.
Just Security:  http://bit.ly/1PAF4fl

« Nine Strange Flying Robots from the 2015 Drone Show
Snowden Sees Victory – But it’s From a Distance »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CERT.hr

CERT.hr

CERT.hr is the national authority competent for prevention and protection from computer threats to public information systems in the Republic of Croatia.

Bechtel

Bechtel

Bechtel’s Industrial Control Systems Cyber Security Laboratory focuses on protecting large-scale industrial and infrastructure systems that support critical infrastructure.

Venrock

Venrock

Venrock helps entrepreneurs build some of the world's most disruptive, successful companies. We invest in technology: Security, Cloud Services, Big Data, Healthcare IT, AdTech.

SyferLock Technology Corp.

SyferLock Technology Corp.

SyferLock is an innovative provider of next-generation authentication and security solutions.

EVOKE

EVOKE

EVOKE is an award-winning Digital Transformation company that partners with its clients to build digital workplace solutions for organizational challenges.

Rede Nacional CSIRT

Rede Nacional CSIRT

Rede Nacional CSIRT is a national network of CSIRTs in Portugal aimed at cooperation and mutual assistance in the handling of incidents and in the sharing of good security practices.

SAM Seamless Network

SAM Seamless Network

SAM Seamless Network is a cybersecurity technology platform that protects the connected home, by tackling cyber security threats at the source.

NACVIEW

NACVIEW

NACVIEW is a Network Access Control solution. It allows to control endpoints and identities that try to access the network - wired and wireless, including VPN connections.

Zuul IoT

Zuul IoT

Zuul take an asset-centric approach to OT security, enabling security teams to protect the critical IIoT/IoT devices that are at the foundation of critical business functions.

Insight Enterprises

Insight Enterprises

Insight is a leading solutions integrator, helping you navigate today’s ever-changing business environment with teams of technical experts and decades of industry experience.

Eleos Labs

Eleos Labs

Eleos Labs' suite of security tools prevent Web3 cyber attacks, reduce economic risks, and protect digital assets.

Cyber Risk International

Cyber Risk International

Cyber Risk International offer CyberPrism, a B2B SaaS solution that empowers businesses to perform a self-assessment of their cyber security program.

Castlepoint Systems

Castlepoint Systems

Castlepoint Systems is a pioneer in information governance, risk and compliance as a service. An all-in-one solution offering powerful risk management, built in compliance, cybersecurity and audit.

Chugach Government Solutions (CGS)

Chugach Government Solutions (CGS)

CGS performs work for the Federal Government across 4 unique core lines of business, including: Facilities Management and Maintenance, Construction, Technical IT and Cyber Services, and Educational Se

Aardwolf Security

Aardwolf Security

Aardwolf Security specialise in penetration testing to the highest standards set out by OWASP. We ensure complete client satisfaction and aftercare.

Klarytee

Klarytee

Protect your data wherever it goes. Klarytee is a SaaS platform that builds security into sensitive content to enable granular control in AI, public cloud and SaaS.