Permanent Record

by Edward Snowden

Network Time Server run by or referenced against the atomic clocks kept at places like the National Institute of Standards and Technology in the United States, the Federal Institute of Meteorology and Climatology in Switzerland, and the National Institute of Information and Communications Technology in Japan.

Super Mario Bros., the 1.0 edition, is perhaps the all-time masterpiece of side-scrolling games. When the game begins, Mario is standing all the way to the left of the legendary opening screen, and he can only go in one direction: He can only move to the right, as new scenery and enemies scroll in from that side. He progresses through eight worlds of four levels each, all of them governed by time constraints, until he reaches the evil Bowser and frees the captive Princess Toadstool. Throughout all thirty-two levels, Mario exists in front of what in gaming parlance is called “an invisible wall,” which doesn’t allow him to go backward. There is no turning back, only going forward—for Mario and Luigi, for me, and for you. Life only scrolls in one direction, which is the direction of time, and no matter how far we might manage to go, that invisible wall will always be just behind us, cutting us off from the past, compelling us on into the unknown.

computer would wait forever to receive my command but would process it the very moment I hit Enter, no questions asked. No teacher had ever been so patient, yet so responsive.

For a while, nearly every girl at school on whom I had a crush had a father in the FBI.

I should add that both my parents had top secret clearances, but my mother also had a full-scope polygraph—a higher-level security check that members of the military aren’t subject to. The funny thing is, my mother was the farthest thing from a spy. She was a clerk at an independent insurance and benefits association that serviced employees of the NSA—essentially, providing spies with retirement plans.

I’ve had friends tell me that you aren’t really an adult until you bury a parent or become one yourself.

I mean, I grew up on the Internet, for Christ’s sake. If you haven’t entered something shameful or gross into that search box, then you haven’t been online very long—

I’m sure everyone who had an Internet connection before they had a job can sympathize with this—surely everyone has that one post that embarrasses them, or that text or email that could get them fired.

Those contractors are never counted by the government, not even in the Black Budget, because to add their ranks to the contracting total would make one disturbing fact extraordinarily clear: the work of American Intelligence is done as frequently by private employees as it is by government servants.

position. After all, it’s rarely worth the expense for a private company to sponsor your clearance application and then pay you to wait around for a year for the government’s approval. It makes more financial sense for a company to just hire an already-cleared government employee. The situation created by this economy is one in which government bears all the burdens of background checks but reaps few of the benefits. It must do all of the work and assume all of the expense of clearing a candidate, who, the moment they have their clearance, more often than not bolts for the door, exchanging the blue badge of the government employee for the green badge of the contractor.

At CASL I’d been making around $30K/year, but that job didn’t have anything to do with technology, so I felt comfortable asking COMSO for $50K. When I named that figure to the guy behind the desk, he said, “What about $60K?”

COMSO and BAE and others handled were of the type that’s called “cost-plus.” This meant that the middlemen contractors billed the agencies for whatever an employee got paid, plus a fee of 3 to 5 percent of that every year. Bumping up salaries was in everyone’s interest—everyone’s, that is, except the taxpayer’s. The COMSO guy eventually

But al-Qaeda did maintain unusually close ties with our allies the Saudis, a fact that the Bush White House worked suspiciously hard to suppress as we went to war with two other countries.

it was rather disconcerting to find out that the NSA was so far ahead of the game in terms of cyberintelligence yet so far behind it in terms of cybersecurity, including the most basic: disaster recovery, or backup.

NSA could collect whatever communications records it wanted to, without having to get a warrant, because it could only be said to have acquired or obtained them, in the legal sense, if and when the agency “searched for and retrieved” them from its database.

agency’s goal was to be able to retain as much data as it could for as long as it could—for perpetuity. If communications records would only be considered definitively “obtained” once they were used, they could remain “unobtained” but collected in storage forever, raw data awaiting its future manipulation.

Put simply, a world in which every law is always enforced would be a world in which everyone was a criminal.

Authoritarian states are typically not governments of laws, but governments of leaders, who demand loyalty from their subjects and are hostile to dissent. Liberal-democratic states, by contrast, make no or few such demands, but depend almost solely on each citizen voluntarily assuming the responsibility of protecting the freedoms of everyone else around them, regardless of their race, ethnicity, creed, ability, sexuality, or gender. Any

In contemporary life, we have a single concept that encompasses all this negative or potential space that’s off-limits to the government. That concept is “privacy.” It is an empty zone that lies beyond the reach of the state, a void into which the law is only permitted to venture with a warrant—and not a warrant “for everybody,” such as the one the US government has arrogated to itself in pursuit of mass surveillance, but a warrant for a specific person or purpose supported by a specific probable cause.

They were protesting Egypt’s president, Hosni Mubarak, who’d cut off Internet access for his whole country—which had merely succeeded in making every young person in the country even more furious and bored, luring them out into the streets.

Specifically, your request passes through a few black servers stacked on top of one another, together about the size of a four-shelf bookcase. These are installed in special rooms at major private telecommunications buildings throughout allied countries, as well as in US embassies and on US military bases, and contain two critical tools. The first, TURMOIL, handles “passive collection,” making a copy of the data coming through. The second, TURBINE, is in charge of “active collection”—that is, actively tampering with the users. You can think of TURMOIL as a guard positioned at an invisible firewall through which Internet traffic must pass. Seeing your request, it checks its metadata for selectors, or criteria, that mark it as deserving of more scrutiny. Those selectors can be whatever the NSA chooses, whatever the NSA finds suspicious: a particular email address, credit card, or phone number; the geographic origin or destination of your Internet activity; or just certain keywords such as “anonymous Internet proxy” or “protest.”

If TURMOIL flags your traffic as suspicious, it tips it over to TURBINE, which diverts your request to the NSA’s servers. There, algorithms decide which of the agency’s exploits—malware programs—to use against you. This choice is based on the type of website you’re trying to visit as much as on your computer’s software and Internet connection. These chosen exploits are sent back to TURBINE (by programs of the QUANTUM suite, if you’re wondering), which injects them into the traffic channel and delivers them to you along with whatever website you requested. The end result: you get all the content you want, along with all the surveillance you don’t, and it all happens in less than 686 milliseconds. Completely unbeknownst to you.

NSA maintained that because you had already “shared” your phone records with a “third party”—your telephone service provider—you had forfeited any constitutional privacy interest you may once have had.

And it insisted that “search” and “seizure” occurred only when its analysts, not its algorithms, actively queried what had already been automatically collected.

took along a cheap laptop running TAILS, which is a Linux-based “amnesiac” operating system—meaning it forgets everything when you turn it off, and starts fresh when you boot it up again, with no logs or memory traces of anything ever done on it. TAILS allowed me to easily “spoof,” or disguise, the laptop’s MAC: whenever it connected to a network it left behind the record of some other machine, in no way associable with mine. Usefully enough, TAILS also had built-in support for connecting to the anonymizing Tor network.

Some of the networks required more sophisticated hacking. I’d briefly jam a network, causing its legitimate users to be booted off-line; in their attempt to reconnect, they’d automatically rebroadcast their “authentication packets,” which I could intercept and effectively decipher into passwords that would let me log on just like any other “authorized” user.

Next time you copy a file, ask yourself why it takes so long when compared with the instantaneous act of deletion. The answer is that deletion doesn’t really do anything to a file besides conceal it. Put simply, computers were not designed to correct mistakes, but to hide them—and to hide them only from those parties who don’t know where to look.

encryption is, or should be, a reality for all. It is the only true protection against surveillance. If the whole of your storage drive is encrypted to begin with, your adversaries can’t rummage through it for deleted files, or for anything else—unless they have the encryption key. If all the emails in your inbox are encrypted, Google can’t read them to profile you—unless they have the encryption key. If all your communications that pass through hostile Australian or British or American or Chinese or Russian networks are encrypted, spies can’t read them—unless they have the encryption key. This is the ordering principle of encryption: all power to the key holder.

With my government having decided to charge me under the Espionage Act, I stood accused of a political crime, meaning a crime whose victim is the state itself rather than a person. Under international humanitarian law, those accused in this way are generally exempt from extradition, because the charge of political criminality is more often than not an authoritarian attempt at quashing legitimate dissent. In theory, this means that government whistleblowers should be protected against extradition almost everywhere. In practice, of course, this is rarely the case,

I knew I had to cut him off. If you don’t cut off a foreign intelligence officer right away, it might not matter whether you ultimately reject their offer, because they can destroy your reputation simply by leaking a recording of you considering it. So as the man apologized for inconveniencing us, I imagined the hidden devices recording us, and tried to choose my words carefully.

when you’re trying to catch a fugitive, putting out an Interpol alert and canceling their passport is just standard operating procedure.

In response, Apple adopted strong default encryption for its iPhones and iPads, and Google followed suit for its Android products and Chromebooks. But perhaps the most important private-sector change occurred when businesses throughout the world set about switching their website platforms, replacing http (Hypertext Transfer Protocol) with the encrypted https (the S signifies security), which helps prevent third-party interception of Web traffic. The year 2016 was a landmark in tech history, the first year since the invention of the Internet that more Web traffic was encrypted than unencrypted.

The GDPR treats the citizens of the European Union, whom it calls “natural persons,” as also being “data subjects”—that is, people who generate personally identifiable data. In the US, data is usually regarded as the property of whoever collects it.