Encryption and Anonymity Services May Draw NSA Attention

Liz Woolery, June 25, 2013

Abstract: A secret government memo reveals that use of encryption or anonymity services may permit the NSA to retain user communications.

As the fallout from revelations about the NSA's PRISM program continues, on Thursday of last week The Guardian (UK) newspaper reported on a memo detailing the "top secret rules that allow NSA to use US data without a warrant." Tech website ArsTechnica pointed out out that among the memo's revelations is the suggestion that the use of anonymity or encryption services may open up U.S. internet users to NSA surveillance.

Before digging into ArsTechnica's findings, here is a little background on why someone might use an anonymity or encryption service in the first place, and how this type of service works. Tor, arguably the most well-known anonymity service, provides a good example. An overview of Tor offers this explanation of the program:

Tor is free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security known as traffic analysis.

In short, Tor "prevents anyone from learning your location or browsing habits." Tor effectively conceals a user's location by relaying a user's internet data and traffic through a worldwide "network of virtual tunnels." (Tor is short for The Onion Router and it is these tunnels or layers that gave the program its name -- hence "onion.") Tor operates under a decentralized architecture, which is how the program is able to ensure anonymity. The program relies on volunteer operators to route the data from one operator to the next, with each operator only knowledgeable of a given segment of the transmission. The result is that Tor users are guaranteed anonymity because no one -- whether law enforcement personnel or Tor staff -- can ever see the full transmission of data from point of origin to destination. The information simply does not exist other than in bits and pieces scattered across a global network of relay operators. Ultimately, such guarantees of anonymity are a safeguard against censorship, but, as has been discussed, they also open up Tor to legal action, including the threat of legislation that could force encryption and anonymity services to implement "backdoor access to encrypted data" for law enforcement officials.

For now, however, those "bits and pieces" of data remain scattered and no backdoor access exists. However, the anonymous data can still be captured by law enforcement agencies like the NSA under a program like PRISM. The primary worry with this type of program is how the NSA approaches dealing with the encrypted and anonymous internet information, including efforts to de-encrypt the data or determine its point of origin. Also of interest is how the agency determines a user's location, since the PRISM program is aimed at "non-United States persons," and an anonymity service could successfully make a U.S.-based user's communications appear to originate elsewhere in the world.

Determining Location
A secret government memo obtained by The Guardian newspaper details the NSA's policies in the event that the agency determines a target is within the United States; the memo explains that "a communication identified as a domestic communication will be promptly destroyed." But how the NSA determines that a communication is foreign (and therefore not subject to "prompt destr[uction]") may leave U.S. users of anonymity services a little uneasy. If the NSA is unable to determine the location of a user, that individual "will not be treated as a United States person unless such person can be positively identified as such, or the nature or circumstances of the person's give rise to a reasonable belief that such person is a United States person."

This policy is an example of what the Electronic Frontier Foundation has called the government's practice of "resolv[ing] doubt in favor of collection." If the government is uncertain about the origin of a communication -- that is, the government cannot determine "with reasonable belief" that the communication is domestic -- it will be subject to NSA retention. This means that if anonymity services do their jobs, communications originating within the United States may be retained by the NSA under the policies outlined in the memo.

Encrypted Communications
The use of encryption services may also draw the attention of the NSA. In that same memo obtained by The Guardian, the agency details its process for dealing with encrypted foreign communications:

In the context of a cryptanalytic effort, maintenance of technical data bases requires retention of all communications that are enciphered or reasonably believed to contain secret meaning, and sufficient duration may consist of any period of time during which encrypted material is subject to, or of use in, cryptanalysis.

In other words, encrypted foreign communications are retained if the NSA believes they might have "secret meaning" (a phrase for which the meaning itself seems to be a secret).

What If I Have Nothing To Hide?
How the NSA policy actually applies to users of anonymity and encryption services is unclear. But consider the fact that while Tor is used by individuals who may have "nothing to hide" from the NSA, these individuals still are justifiably interested in the privacy of their communications. Even if you have "nothing to hide," once that data is out of your hands in the hands of someone else -- in this case, the U.S. government -- you no longer retain control of the information or how it is used. Additionally, while Tor may sound like a great option for criminals and others eager to hide their tracks for nefarious purposes, the service is intended to cater to more legitimate uses for which privacy of communications is a priority. According to Tor, those uses include:

• Individuals concerned about online tracking by family members
  
• Individuals unable to connect to certain services blocked by local ISPs
  
• Individuals seeking privacy in intimate matters such as disease, sexual assault, or abuse.
  
• Journalists seeking ways to "communicate more safely with whistleblowers and dissidents."

Readers familiar with Chilling Effects know that one issue with which the project is concerned is transparency online. We believe you -- the public -- should know the types of information law enforcement has access to and with what restrictions. Calling attention to the NSA policy's on encrypted and anonymous communications is by no means a Chicken-Little-"the-sky-is-falling" effort. However, knowing the extent of the NSA's surveillance capabilities is important because it allows us to ask the right questions. For example, if the NSA has access to your encrypted or anonymous communications, who else might have access? If you are a journalist pursuing a story and using a government whistleblower as a source, what happens if the NSA gets that information? As more details about PRISM emerge, we are sure to have even more questions. In the meantime though, we can only hope to get some answers as well.

Chilling Effects Clearinghouse - www.chillingeffects.org

Chilling Effects Clearinghouse page printed from: https://www.chillingeffects.org/johndoe/weather.cgi?WeatherID=770