US government collects Verizon customers' phone metadata ... So what?

Why is anyone surprised?! The strangest thing about the recent revelation by The Guardian newspaper in the UK of how the US government allowed secret monitoring of the phone calls of Verizon customers is how anyone could be surprised that this kind of thing is going on.

Behind the top secret collection program is one of the most secretive of the TLA (Three Letter Acronym) agencies, the NSA (the National Security Agency). The program was authorized by a literally top secret order of the very secret Foreign Intelligence Surveillance Court (FISA) on a top secret request from the FBI.

Why did the FBI make the top secret request rather than the NSA? That's not clear (it's probably a top secret), but I suspect it's because the NSA was setup to only deal with foreign intelligence so the FBI had to end run that little jurisdictional problem.


The now no longer top secret order can be read on The Guardian's web site and was leaked to the paper by an undisclosed source who is probably going to wind up in big trouble if he's ever identified.

The top secret order signed in April required Verizon to hand over tangible things, specifically, metadata which the order defines as:

" ... comprehensive communications routing information, including but not limited to session identifying information (e.g., originating and terminating telephone number, International Mobile Subscriber Identity (IMSI) number, International Mobile station Equipment Identity (IMEI) number, etc.), trunk identifier, telephone calling card numbers, and time and duration of call."

This was for all national and international calls for the three months ending on the forthcoming July 19. Whether that includes text messages isn't clear, but I'd secretly bet it does.

But why is everyone so surprised? The Free Press described the revelation as "the government's shocking mass surveillance program," but this is old news. Not only has warrantless wiretapping been an open secret since the Bush era, but we also know the NSA has been up to this kind of intelligence gathering for years.  Moreover, we know that since 9/11 the NSA has been expanding its facilities and abilities at a rapid pace.

According to a Wired article, "[The NSA Is Building the Country's Biggest Spy Center (Watch What You Say)][]", the agency "has transformed itself into the largest, most covert, and potentially most intrusive intelligence agency ever created," and "the agency has undergone the largest building boom in its history, including installing secret electronic monitoring rooms in major US telecom facilities."

To see a prime example of the NSA's building boom you should go to Utah where that spy center is located. Just travel north on Interstate15 through Provo (waving to Novell as you pass) heading towards Salt Lake City, you'll come to the city of American Fork. Take Exit 278 for Main Street and at the end of the ramp turn left on the 145 and when you get to Redwood Road, take a right. There on the left, about 4 miles up the road, you'll see a huge building project underway. What you're looking at is the NSA's top secret Utah Data Center in Bluffdale (you can also see it from the I15 ... it's massive).

The Utah Data Center, according to Wikipedia, will be between 1 million and 1.5 million square feet (this depends on who you believe) and will cost between $1.5 billion and $2 billion when finished in September 2013. Also, "[one] report suggested that it will cost another $2 billion for hardware, software, and maintenance. The completed facility is expected to have a power demand of 65 megawatts, costing about $40 million per year."

The Wired article claims the Utah Data Center will have four computer halls of 25,000 square feet each (that's just under five  American football fields apiece). You can get a lot of supercomputers and a biblical amount of storage in that much space, which they'll need because, according to William Binney, a retired senior NSA crypto-mathematician interviewed in the Wired article, the agency has intercepted between 15 and 20 trillion communications in the last 11 years and it plans to capture even more with next to no front-end filtering.

So, what is the point of a top secret FISA order for collecting a mere three months' worth of data if the NSA has top secret intercept stations in every service provider and has secretly been collecting intelligence data on a massive scale for over a decade?

I wonder if this top secret order could be just the tip of a top secret bureaucratic iceberg of top secret orders that include all of the service providers and also covers the calendar in nice, bite-sized, top secret, three month chunks? I wouldn't be surprised, would you?

Gibbs is anything but surprised in Ventura, Calif. Amaze him at and follow him on Twitter and (@quistuipater) and on Facebook (quistuipater).

Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.

Tags National Security AgencysecurityNVintelfbiWide Area Network

More about BushFacebookFBIIMSIMCINational Security AgencyNovellNSAVerizonVerizonWikipedia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Mark Gibbs

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place