Secret documents newly disclosed by the German news magazine Der Spiegel on Saturday shed more light on how aggressively the National Security Agency and its British counterpart have targeted Germany for surveillance.
A series of classified files from the archive provided to reporters by NSA whistleblower Edward Snowden, also seen by The Intercept, reveal that the NSA appears to have included Merkel in a surveillance database alongside more than 100 others foreign leaders. The documents also confirm for the first time that, in March 2013, the NSA obtained a top-secret court order against Germany as part of U.S. government efforts to monitor communications related to the country. Meanwhile, the British spy agency Government Communications Headquarters targeted three German companies in a clandestine operation that involved infiltrating the companies’ computer servers and eavesdropping on the communications of their staff.
Der Spiegel, which has already sketched out over several stories the vast extent of American and British targeting of German people and institutions, broke the news last October that Merkel’s cellphone calls were being tapped by the NSA – sparking a diplomatic backlash that strained US-Germany relations. Now a new document, dated 2009, indicates that Merkel was targeted in a broader NSA surveillance effort. She appears to have been placed in the NSA’s so-called “Target Knowledge Base“ (TKB), which Der Spiegel described as the central agency database of individual targets. An internal NSA description states that employees can use it to analyze “complete profiles“ of targeted people.
A classified file demonstrating an NSA search system named Nymrod shows Merkel listed alongside other heads of state. Only 11 names are shown on the document, including Syria’s Bashar al-Assad, Belarus’s Alexander Lukashenko, and Colombia’s Alvaro Uribe – the list is in alphabetical order by first name – but it indicates that the full list contains 122 names. The NSA uses the Nymrod system to “find information relating to targets that would otherwise be tough to track down,” according to internal NSA documents. Nymrod sifts through secret reports based on intercepted communications as well as full transcripts of faxes, phone calls, and communications collected from computer systems. More than 300 “cites” for Merkel are listed as available in intelligence reports and transcripts for NSA operatives to read.
But the NSA’s surveillance of Germany has extended far beyond its leader. Der Spiegel reporters Marcel Rosenbach and Holger Stark – together with The Intercept’s Laura Poitras – described a separate document from the NSA’s Special Source Operations unit, which shows that the Obama administration obtained a top-secret court order specifically permitting it to monitor communications related to Germany. Special Source Operations is the NSA department that manages what the agency describes as its “corporate partnerships” with major US companies, including AT&T, Verizon, Microsoft, and Google. The order on Germany was issued by the Foreign Intelligence Surveillance Court on March 7, 2013. The court issues annual certifications to the NSA that authorize the agency to intercept communications related to named countries or groups; it has provided similar authorization, Der Spiegel reported, for measures targeting China, Mexico, Japan, Venezuela, Yemen, Brazil, Sudan, Guatemala, Bosnia and Russia.
The NSA on Friday declined to comment to The Intercept about its role in conducting surveillance of Germany and deferred questions to the National Security Council and the Justice Department. The DOJ had not responded at the time of publication. National Security Council spokeswoman Caitlin Hayden told The Intercept that the Obama administration was “not monitoring and will not monitor the communications of Chancellor Merkel.” However, Hayden did not deny that the surveillance had occurred in the past – and declined to rule out spying on other senior German officials going forward. “We have made clear that the United States gathers foreign intelligence of the type gathered by all nations,” she said.
The secret files reveal some specific German targets – none of whom appear to have been suspected of any wrongdoing. One undated document shows how British GCHQ operatives hacked into the computer servers of the German satellite communications providers Stellar and Cetel, and also targeted IABG, a security contractor and communications equipment provider with close ties to the German government. The document outlines how GCHQ identified these companies’ employees and customers, making lists of emails that identified network engineers and chief executives. It also suggests that IABG’s networks may have been “looked at” by the NSA’s Network Analysis Center.
GCHQ’s aim was to obtain information that could help the spies infiltrate “teleport” satellites sold by these companies that send and receive data over the Internet. The document notes that GCHQ hoped to identify “access chokepoints” as part of a wider effort alongside partner spy agencies to “look at developing possible access opportunities” for surveillance.
In other words, infiltrating these companies was viewed as a means to an end for the British agents. Their ultimate targets were likely the customers. Cetel’s customers, for instance, include governments that use its communications systems to connect to the Internet in Africa and the Middle East. Stellar provides its communications systems to a diverse range of customers that could potentially be of interest to the spies – including multinational corporations, international organizations, refugee camps, and oil drilling platforms.
The chief executives of Cetel and Stellar both told Der Spiegel they were surprised that their companies had been targeted by GCHQ. Christian Steffen, the Stellar CEO, was himself named on GCHQ’s list of targets. “I am shocked,” he told the magazine. IABG did not respond to a request for comment.
GCHQ issued a standard response when contacted about its targeting of the German companies, insisting that its work “is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate.”
But German authorities may take a different view on the legalities of the clandestine intrusions. Earlier this month – prior to the latest revelations – German Federal Public Prosecutor Harald Range told the newspaper Die Tageszeitung he was already conducting a probe into possible “espionage offenses” related to the targeting of the country. “I am currently reviewing whether reasonable suspicion exists,” Range said, “for an actionable criminal offense.”