Another day, another news flash about the National Security Agency’s global surveillance program.
Over the past 10 days, the Intercept has published reports on the NSA’s ability to infect computers with malware and to hack into computers of system administrators to gain access to their networks. On Tuesday, it was a Washington Post article about an NSA program known as MYSTIC that can collect and record every phone call in an unidentified country for up to 30 days.
The articles are just the most recent in the long drip of NSA revelations. The string dates back to early June, when Britain’s Guardian newspaper and The Post began breaking story after story based on documents leaked weeks earlier by Edward Snowden, the fugitive former government contractor.
Why, given that Snowden’s leak occurred about 10 months ago, are revelations still emerging?
The short answer, according to the journalists behind the articles, is that the documents don’t give up the NSA’s secrets clearly or cleanly. Their technical, and often cryptic, references to NSA programs require painstaking reporting and consultations with national-security and technical experts to unravel.
“It takes a long time to go through tens of thousands of complex surveillance documents,” said Glenn Greenwald, who has written dozens of stories about the NSA since last year, mostly for the Guardian and lately for the Intercept, a start-up backed by First Look Media. “It takes an even longer time to process and understand them sufficiently to report them accurately and to make informed decisions about what should be disclosed in accordance with our agreement with our source,” who is Snowden.
Martin Baron, The Post’s executive editor, said the Snowden documents are filled with “hints and clues and fragments. These are pieces of a puzzle that you have to put together,” a time-consuming process.
The documents, for example, use cover names, abbreviations and operational concepts familiar to government security officials — their intended readers — but not to the average reader or journalist, said Barton Gellman, The Post’s principal reporter on the story.
“A bunch of them require a foundation in computer science or network technologies,” Gellman said. “The documents we’ve published required a lot of annotation for general readers, and we chose them because they were among the clearest.”
Greenwald and Gellman declined to reveal many details about their reporting methods. Neither would disclose how many pages of documents Snowden turned over to them and documentary filmmaker Laura Poitras last year before fleeing the United States. Snowden now resides in Moscow under temporary asylum from the Russian government.
Gellman said the reporting has been complicated by gaps in the Snowden trove. Also, he said, its archive is not easily searchable.
At one point last year, Gellman came across a hand-drawn smiley-face cartoon in one of the archive’s PowerPoint slides. He figured the cartoon and slide referred to an NSA operation, but which one exactly? Working with Ashkan Soltani, an independent researcher and security expert who has co-written several of The Post’s NSA articles, Gellman spent more than a month vetting theories about the meaning of the slide and icon. “All of them [were] wrong,” Gellman said.
Gellman and Soltani eventually were able to find people who helped them solve the mystery of the smiley-face slide. In crude form, it described how the NSA had broken into links that connect data centers operated by Google and Yahoo, enabling the agency to collect data from millions of user accounts stored in the “cloud.”
As Gellman’s and Soltani’s story documented, an unidentified artist had added the smiley face to the “Google Cloud Exploitation” slide to emphasize how the agency had defeated Google’s security measures.
With the NSA articles, the reporting process doesn’t just involve the usual steps of verifying the authenticity and accuracy of the information. The reporters also hold discussions with their publication’s lawyers and consult government officials about security concerns. Gellman said the process is slowed further by internal security measures meant to protect documents from electronic theft and protect sources’ anonymity.
Greenwald and Gellman say there are more articles to come.
“I believe many of the most recent articles have been among the most important,” said Greenwald, “and I truly believe that the most significant stories are ones that we are still working on reporting.”