The
world has grown quiet on the Snowden affair, but it is also fair to say that legislation
is working its way forward and new tools are been deployed, all driven by the
clear light of what is clearly full disclosure.
I
also know how to end the whole problem and that insight driven through others will
slowly slam the surveillance door shut. It
will still take most of five years of course.
In
the meantime here is the story of the early days of Snowden setting up key
reporters to receive his data dump. He
was not making silly mistakes while he did this either.
Good
Germans and Good Americans always face a special hell when they do what they
and we know is right. Let us struggle to
be kinder and forgiving when this happens.
Sometimes motives are less clear, but here they are unassailable. It was F**k you, you are not going down this
road because it is wrong.
The Snowden Saga Begins: “I Have Been to the Darkest Corners of
Government, and What They Fear Is Light”
Published on Tuesday, May 13,
2014 by TomDispatch
[This essay is a shortened and adapted version of
Chapter 1 of Glenn Greenwald’s new book,No Place to Hide: Edward
Snowden, the NSA, and the U.S. Security State, and appears atTomDispatch.com with
the kind permission of Metropolitan Books.]
On December 1, 2012, I
received my first communication from Edward Snowden, although I had no idea at
the time that it was from him.
The contact came in the
form of an email from someone calling himself Cincinnatus, a reference to
Lucius Quinctius Cincinnatus, the Roman farmer who, in the fifth century BC,
was appointed dictator of Rome to defend the city against attack. He is most remembered
for what he did after vanquishing Rome’s enemies: he immediately and
voluntarily gave up political power and returned to farming life. Hailed as a
“model of civic virtue,” Cincinnatus has become a symbol of the use of
political power in the public interest and the worth of limiting or even
relinquishing individual power for the greater good.
The email began: “The
security of people’s communications is very important to me,” and its stated
purpose was to urge me to begin using PGP encryption so that “Cincinnatus”
could communicate things in which, he said, he was certain I would be
interested. Invented in 1991, PGP stands for “pretty good privacy.” It has been
developed into a sophisticated tool to shield email and other forms of online
communications from surveillance and hacking.
In this email,
“Cincinnatus” said he had searched everywhere for my PGP “public key,” a unique
code set that allows people to receive encrypted email, but could not find it.
From this, he concluded that I was not using the program and told me, “That
puts anyone who communicates with you at risk. I’m not arguing that every
communication you are involved in be encrypted, but you should at least provide
communicants with that option.”
“Cincinnatus” then
referenced the sex scandal of General David Petraeus, whose career-ending
extramarital affair with journalist Paula Broadwell was discovered when
investigators found Google emails between the two. Had Petraeus encrypted his
messages before handing them over to Gmail or storing them in his drafts
folder, he wrote, investigators would not have been able to read them.
“Encryption matters, and it is not just for spies and philanderers.”
“There are people out
there you would like to hear from,” he added, “but they will never be able to
contact you without knowing their messages cannot be read in transit.” Then he
offered to help me install the program. He signed off: “Thank you. C.”
Using encryption software
was something I had long intended to do. I had been writing for years about
WikiLeaks, whistleblowers, the hacktivist collective known as Anonymous, and
had also communicated with people inside the U.S. national security
establishment. Most of them are concerned about the security of their
communications and preventing unwanted monitoring. But the program is
complicated, especially for someone who had very little skill in programming
and computers, like me. So it was one of those things I had never gotten around
to doing.
C.’s email did not move
me to action. Because I had become known for covering stories the rest of the
media often ignores, I frequently hear from all sorts of people offering me a
“huge story,” and it usually turns out to be nothing. And at any given moment I
am usually working on more stories than I can handle. So I need something
concrete to make me drop what I’m doing in order to pursue a new lead.
Three days later, I heard
from C. again, asking me to confirm receipt of the first email. This time I
replied quickly. “I got this and am going to work on it. I don’t have a PGP
code, and don’t know how to do that, but I will try to find someone who can
help me.”
C. replied later that day
with a clear, step-by-step guide to PGP: Encryption for Dummies, in essence. At
the end of the instructions, he said these were just “the barest basics.” If I
couldn’t find anyone to walk me through the system, he added, “let me know. I
can facilitate contact with people who understand crypto almost anywhere in the
world.”
This email ended with
more a pointed sign-off: “Cryptographically yours, Cincinnatus.”
Despite my intentions, I
did nothing, consumed as I was at the time with other stories, and still
unconvinced that C. had anything worthwhile to say.
In the face of my
inaction, C. stepped up his efforts. He produced a 10-minute video entitledPGP for Journalists.
It was at that point that
C., as he later told me, became frustrated. “Here am I,” he thought, “ready to
risk my liberty, perhaps even my life, to hand this guy thousands of Top Secret
documents from the nation’s most secretive agency -- a leak that will produce
dozens if not hundreds of huge journalistic scoops. And he can’t even be
bothered to install an encryption program.”
That’s how close I came
to blowing off one of the largest and most consequential national security
leaks in U.S. history.
“He’s Real”
The next I heard of any
of this was 10 weeks later. On April 18th, I flew from my home in Rio de
Janeiro to New York, and saw on landing at JFK Airport, that I had an email
from Laura Poitras, the documentary filmmaker. “Any chance you’ll be in the
U.S. this coming week?” she wrote. “I’d love to touch base about something,
though best to do in person.”
I take seriously any
message from Laura Poitras. I replied immediately: “Actually, just got to the
U.S. this morning... Where are you?” We arranged a meeting for the next day in
the lobby at my hotel and found seats in the restaurant. At Laura’s insistence,
we moved tables twice before beginning our conversation to be sure that nobody
could hear us. Laura then got down to business. She had an “extremely important
and sensitive matter” to discuss, she said, and security was critical.
First, though, Laura
asked that I either remove the battery from my cell phone or leave it in my
hotel room. “It sounds paranoid,” she said, but the government has the
capability to activate cell phones and laptops remotely as eavesdropping
devices. I’d heard this before from transparency activists and hackers but
tended to write it off as excess caution. After discovering that the
battery on my cell phone could not be removed, I took it back to my room, then
returned to the restaurant.
Now Laura began to talk.
She had received a series of anonymous emails from someone who seemed both
honest and serious. He claimed to have access to some extremely secret and
incriminating documents about the U.S. government spying on its own citizens and
on the rest of the world. He was determined to leak these documents to her and
had specifically requested that she work with me on releasing and reporting on
them.
Laura then pulled several
pages out of her purse from two of the emails sent by the anonymous leaker, and
I read them at the table from start to finish. In the second of the emails, the
leaker got to the crux of what he viewed as his mission:
The shock of this initial
period [after the first revelations] will provide the support needed to build a
more equal internet, but this will not work to the advantage of the average
person unless science outpaces law. By understanding the mechanisms through
which our privacy is violated, we can win here. We can guarantee for all people
equal protection against unreasonable search through universal laws, but only
if the technical community is willing to face the threat and commit to
implementing over-engineered solutions. In the end, we must enforce a principle
whereby the only way the powerful may enjoy privacy is when it is the same kind
shared by the ordinary: one enforced by the laws of nature, rather than the
policies of man.
“He’s real,” I said when
I finished reading. “I can’t explain exactly why, but I just feel intuitively
that this is serious, that he’s exactly who he says he is.”
“So do I,” Laura replied.
“I have very little doubt.”
I instinctively
recognized the author’s political passion. I felt a kinship with our
correspondent, with his worldview, and with the sense of urgency that was
clearly consuming him.
In one of the last
passages, Laura’s correspondent wrote that he was completing the final steps
necessary to provide us with the documents. He needed another four to six
weeks, and we should wait to hear from him.
Three days later, Laura
and I met again, and with another email from the anonymous leaker, in which he
explained why he was willing to risk his liberty, to subject himself to the
high likelihood of a very lengthy prison term, in order to disclose these
documents. Now I was even more convinced: our source was for real, but as I
told my partner, David Miranda, on the flight home to Brazil, I was determined
to put the whole thing out of my mind. “It may not happen. He could change his
mind. He could get caught.” David is a person of powerful intuition, and he was
weirdly certain. “It’s real. He’s real. It’s going to happen,” he declared.
“And it’s going to be huge.”
“I Have Only One Fear”
A message from Laura told
me we needed to speak urgently, but only through OTR (off-the-record) chat, an
encrypted instrument for talking online securely.
Her news was startling:
we might have to travel to Hong Kong immediately to meet our source. I had
assumed that our anonymous source was in Maryland or northern Virginia. What
was someone with access to top-secret U.S. government documents doing in Hong
Kong? What did Hong Kong have to do with any of this?
Answers would only come
from the source himself. He was upset by the pace of things thus far, and it
was critical that I speak to him directly, to assure him and placate his
growing concerns. Within an hour, I received an email from Verax@******. Verax means “truth teller”
in Latin. The subject line read, “Need to talk.”
“I’ve been working on a
major project with a mutual friend of ours,” the email began. “You recently had
to decline short-term travel to meet with me. You need to be involved in this
story,” he wrote. “Is there any way we can talk on short notice? I understand
you don’t have much in the way of secure infrastructure, but I’ll work around what
you have.” He suggested that we speak via OTR and provided his user name.
My computer sounded a
bell-like chime, signaling that the source had signed on. Slightly nervous, I
clicked on his name and typed “hello.” He answered, and I found myself speaking
directly to someone who I assumed had, at that point, revealed a number of
secret documents about U.S. surveillance programs and who wanted to reveal
more.
“I’m willing to do what I
have to do to report this,” I said. The source -- whose name, place of employment,
age, and all other attributes were still unknown to me -- asked if I would come
to Hong Kong to meet him. I did not ask why he was there; I wanted to avoid
appearing to be fishing for information and I assumed his situation was
delicate. Whatever else was true, I knew that this person had resolved to carry
out what the U.S. government would consider a very serious crime.
“Of course I’ll come to
Hong Kong,” I said.
We spoke online that day
for two hours, talking at length about his goal. I knew from the emails Laura
had shown me that he felt compelled to tell the world about the massive spying
apparatus the U.S. government was secretly building. But what did he hope to
achieve?
“I want to spark a
worldwide debate about privacy, Internet freedom, and the dangers of state
surveillance,” he said. “I’m not afraid of what will happen to me. I’ve
accepted that my life will likely be over from my doing this. I’m at peace with
that. I know it’s the right thing to do.” He then said something startling: “I
want to identify myself as the person behind these disclosures. I believe I
have an obligation to explain why I’m doing this and what I hope to achieve.”
He told me he had written a document that he wanted to post on the Internet
when he outed himself as the source, a pro-privacy, anti-surveillance manifesto
for people around the world to sign, showing that there was global support for
protecting privacy.
“I only have one fear in
doing all of this,” he said, which is “that people will see these documents and
shrug, that they’ll say, ‘We assumed this was happening and don’t care.’ The
only thing I’m worried about is that I’ll do all this to my life for nothing.”
“I seriously doubt that
will happen,” I assured him, but I wasn’t convinced I really believed that. I
knew from my years of writing about NSA abuses that it can be hard to generate
serious concern about secret state surveillance.
This felt different, but
before I took off for Hong Kong, I wanted to see some documents so that I
understood the types of disclosures the source was prepared to make.
I then spent a couple of
days online as the source walked me through, step by step, how to install and
use the programs I would need to see the documents.
I kept apologizing for my
lack of proficiency, for having to take hours of his time to teach me the most
basic aspects of secure communication. “No worries,” he said, “most of this
makes little sense. And I have a lot of free time right now.”
Once the programs were
all in place, I received a file containing roughly twenty-five documents: “Just
a very small taste: the tip of the tip of the iceberg,” he tantalizingly
explained.
I unzipped the file, saw
the list of documents, and randomly clicked on one of them. At the top of the
page in red letters, a code appeared: “TOP SECRET//COMINT/NO FORN/.”
This meant the document
had been legally designated top secret, pertained to communications
intelligence (COMINT), and was not for distribution to foreign nationals,
including international organizations or coalition partners (NO FORN). There it
was with incontrovertible clarity: a highly confidential communication from the
NSA, one of the most secretive agencies in the world’s most powerful
government. Nothing of this significance had ever been leaked from the NSA, not
in all the six-decade history of the agency. I now had a couple dozen such
items in my possession. And the person I had spent hours chatting with over the
last two days had many, many more to give me.
As Laura and I arrived at
JFK Airport to board a Cathay Pacific flight to Hong Kong, Laura pulled a thumb
drive out of her backpack. “Guess what this is?” she asked with a look of
intense seriousness.
“What?”
“The documents,” she
said. “All of them.”
“README_FIRST”
No comments:
Post a Comment