The New York Times, the Guardian and ProPublica all reported on Thursday that newly released Snowden documents expose the great lengths that the National Security Agency and Britain’s Government Communications Headquarters, or GCHQ, have gone to in order to eavesdrop on encrypted Internet communications.
According to the latest Snowden leak, the NSA and its British counterpart have circumvented the encryption methods used to secure emails, chats and essentially most Internet traffic that was previously thought to be protected from prying eyes.
The price tag for such an endeavor, the Guardian reported, is around a quarter-of-a-billion dollars each year for just the US, and involves not just intricate code-breaking, but maintaining partnerships with the tech companies that provide seemingly secure online communication outlets.
“The files show that the National Security Agency and its UK counterpart GCHQ have broadly compromised the guarantees that Internet companies have given consumers to reassure them that their communications, online banking and medical records would be indecipherable to criminals or governments,” James Ball, Julian Borger and Glenn Greenwald reported for the Guardian.
Outside of the shadowy collaboration with Silicon Valley companies, the governments have also reportedly employed supercomputers capable of decrypting codes commonly used by the most popular online protocols, including HTTPS, voice-over-IP and Secure Sockets Layer (SSL).
“For the past decade, NSA has lead [sic] an aggressive, multi-pronged effort to break widely used Internet encryption technologies,” a 2010 GCHQ document referenced by the Guardian reads. “Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable.”
With regards to reaching that goal through private-sector cooperation, the Guardian reported that the NSA works with tech companies to “covertly influence” their products.
So significant is the leak, the Times and ProPublica reported, that intelligence officials asked that the documents not be published in fear that the disclosures would prompt surveillance targets, such as terrorist organization, to alter the way they communicate online.
In an editorial published alongside the scoop this week by ProPublica, reporters Stephen Engelberg and Richard Tofel said the outlet decided to go ahead with the story because “It shows that the expectations of millions of Internet users regarding the privacy of their electronic communications are mistaken.”
News of the agency’s vast code-breaking capabilities comes just weeks following the shuttering of no fewer than two Internet services that provided encrypted email for paying customers.
Last month, the founder of email provider Lavabit announced that he was shutting down his company because staying in business would likely force him “to become complicit in crimes against the American people.”