A top-secret document, obtained by the former N.S.A. contractor Edward J. Snowden, shows that an American law firm was monitored while representing a foreign government in trade disputes with the United States. The disclosure offers a rare glimpse of a specific instance in which Americans were ensnared by the eavesdroppers, and is of particular interest because lawyers in the United States with clients overseas have expressed growing concern that their confidential communications could be compromised by such surveillance.The BBC reports on the story here. The NSA "provided clear guidance," says the Times, but nothing more is specified. Orin Kerr notes that this story does not appear to implicate the NSA in any notably invasive behavior:
The government of Indonesia had retained the law firm for help in trade talks, according to the February 2013 document. It reports that the N.S.A.’s Australian counterpart, the Australian Signals Directorate, notified the agency that it was conducting surveillance of the talks, including communications between Indonesian officials and the American law firm, and offered to share the information.
As I understand it, the Times story is based on a short entry in an NSA internal bulletin celebrating the liaison office’s accomplishment. It reports that the liaison helped clear up a legal issue, and that it all ended well, as the Australians ended up giving useful intel to the U.S. But because it’s just an internal bulletin, it doesn’t tell us what we want to know: What advice was provided, and whether the intel was related to the legal issue. Without that information, it’s hard to know if there’s a significant story here.
The story is still interesting, given the implications for attorneys who are dealing with foreign clients. The Times reports:
Andrew M. Perlman, a Suffolk University law professor who specializes in legal ethics and technology issues, said the growth of surveillance was troubling for lawyers. He helped create the bar association’s ethics code revisions that require lawyers to try to avoid being overheard by eavesdroppers.
“You run out of options very quickly to communicate with someone overseas,” he said. “Given the difficulty of finding anything that is 100 percent secure, lawyers are in a difficult spot to ensure that all of the information remains in confidence.”While the story does not reveal very much about the NSA's role in this chain of events, or the particular information that was being monitored, it is a good reminder that attorneys who are working with foreign clients should be aware that their conversations may not be completely private.
Christopher Soghoian notes that there is something notable in this story, albeit, something that is buried and not necessarily related to invasive NSA behavior:
Last para of NYT story is nuts: Australian intel agency "obtained" crypto keys (Ki) for 1.8 mil Indonesian SIM cards. http://t.co/a2MHr4CXaD
— Christopher Soghoian (@csoghoian) February 16, 2014
Here are the last two paragraphs from the Times' story:
The Americans and the Australians secretly share broad access to the Indonesian telecommunications system, the documents show. The N.S.A. has given the Australians access to bulk call data from Indosat, an Indonesian telecommunications provider, according to a 2012 agency document. That includes data on Indonesian government officials in various ministries, the document states.
The Australians have obtained nearly 1.8 million encrypted master keys, which are used to protect private communications, from the Telkomsel mobile telephone network in Indonesia, and developed a way to decrypt almost all of them, according to a 2013 N.S.A. document.Soghoian is correct to point out that these final paragraphs indicate that there is a lot going on behind the scenes that this story does not explicitly illustrate. It will be interesting to see if more information is released regarding how the NSA obtained access to the data from Indosat and how the Australians obtained the keys to the Telkomsel network.