Tag Archives: CBC News

CSEC used airport Wi-Fi to track Canadian travellers: Edward Snowden documents - CBC News 20140130

Original: CSEC used airport Wi-Fi to track Canadian travellers: Edward Snowden documents - CBC News 20140130

Electronic snooping was part of a trial run for U.S. NSA and other foreign services  - by Greg Weston, Glenn Greenwald, Ryan Gallagher, CBC News

A top secret document retrieved by U.S. whistleblower Edward Snowdenand obtained by CBC News shows that Canada's electronic spy agency used information from the free internet service at a major Canadian airport to track the wireless devices of thousands of ordinary airline passengers for days after they left the terminal.

After reviewing the document, one of Canada's foremost authorities on cyber-security says the clandestine operation by the Communications Security Establishment Canada (CSEC) was almost certainly illegal.

Ronald Deibert told CBC News: "I can't see any circumstance in which this would not be unlawful, under current Canadian law, under our Charter, under CSEC's mandates."

The spy agency is supposed to be collecting primarily foreign intelligence by intercepting overseas phone and internet traffic, and is prohibited by law from targeting Canadians or anyone in Canada without a judicial warrant.

As CSEC chief John Forster recently stated: "I can tell you that we do not target Canadians at home or abroad in our foreign intelligence activities, nor do we target anyone in Canada.

"In fact, it's prohibited by law. Protecting the privacy of Canadians is our most important principle."

But security experts who have been apprised of the document point out the airline passengers in a Canadian airport were clearly in Canada.

CSEC said in a written statement to CBC News that it is "mandated to collect foreign signals intelligence to protect Canada and Canadians. And in order to fulfill that key foreign intelligence role for the country, CSEC is legally authorized to collect and analyze metadata."

Metadata reveals a trove of information including, for example, the location and telephone numbers of all calls a person makes and receives — but not the content of the call, which would legally be considered a private communication and cannot be intercepted without a warrant.

"No Canadian communications were (or are) targeted, collected or used," the agency says.

In the case of the airport tracking operation, the metadata apparently identified travelers' wireless devices, but not the content of calls made or emails sent from them.

Black Code

Deibert is author of the book Black Code: Inside the Battle for Cyberspace, which is about internet surveillance, and he heads the world-renowned Citizen Lab cyber research program at the University of Toronto's Munk School of Global Affairs.

He says that whatever CSEC calls it, the tracking of those passengers was nothing less than an "indiscriminate collection and analysis of Canadians' communications data," and he could not imagine any circumstances that would have convinced a judge to authorize it.

Cellphone-travel

A passenger checks his cellphone while boarding a flight in Boston in October. The U.S. Federal Aviation Administration issued new guidelines under which passengers will be able to use electronic devices from the time they board to the time they leave the plane, which will also help electronic spies to keep tabs on them. (Associated Press)

The latest Snowden document indicates the spy service was provided with information captured from unsuspecting travellers' wireless devices by the airport's free Wi-Fi system over a two-week period.

Experts say that probably included many Canadians whose smartphone and laptop signals were intercepted without their knowledge as they passed through the terminal.

The document shows the federal intelligence agency was then able to track the travellers for a week or more as they — and their wireless devices — showed up in other Wi-Fi "hot spots" in cities across Canada and even at U.S. airports.

That included people visiting other airports, hotels, coffee shops and restaurants, libraries, ground transportation hubs, and any number of places among the literally thousands with public wireless internet access.

The document shows CSEC had so much data it could even track the travellers back in time through the days leading up to their arrival at the airport, these experts say.

While the documents make no mention of specific individuals, Deibert and other cyber experts say it would be simple for the spy agency to have put names to all the Canadians swept up in the operation.

All Canadians with a smartphone, tablet or laptop are "essentially carrying around digital dog tags as we go about our daily lives," Deibertsays.

Anyone able to access the data that those devices leave behind on wireless hotspots, he says, can obtain "extraordinarily precise information about our movements and social relationships."

Trial run for NSA

The document indicates the passenger tracking operation was a trial run of a powerful new software program CSEC was developing with help from its U.S. counterpart, the National Security Agency.

In the document, CSEC called the new technologies "game-changing," and said they could be used for tracking "any target that makes occasional forays into other cities/regions."

Sources tell CBC News the technologies tested on Canadians in 2012 have since become fully operational.

CSEC claims "no Canadian or foreign travellers' movements were 'tracked,'" although it does not explain why it put the word "tracked" in quotation marks.

Deibert says metadata is "way more powerful than the content of communications. You can tell a lot more about people, their habits, their relationships, their friendships, even their political preferences, based on that type of metadata."

The document does not say exactly how the Canadian spy service managed to get its hands on two weeks' of travellers' wireless data from the airport Wi-Fi system, although there are indications it was provided voluntarily by a "special source."

The country's two largest airports — Toronto and Vancouver — both say they have never supplied CSEC or other Canadian intelligence agency with information on passengers' Wi-Fi use.

Alana Lawrence, a spokesperson for the Vancouver Airport Authority, says it operates the free Wi-Fi there, but does "not in any way store any personal data associated with it," and has never received a request from any Canadian intelligence agency for it.

A U.S.-based company, Boingo, is the largest independent supplier of Wi-Fi services at other Canadian airports, including Pearson International in Toronto.

Spokesperson Katie O'Neill tells CBC News: "To the best of our knowledge, [Boingo] has not provided any information about any of our users to the Canadian government, law enforcement or intelligence agencies."

It is also unclear from the document how CSEC managed to penetrate so many wireless systems to see who was using them — specifically, to know every time someone targeted at the airport showed up on one of those other Wi-Fi networks elsewhere.

Deibert and other experts say the federal intelligence agency must have gained direct access to at least some of the country's main telephone and internet pipelines, allowing the mass-surveillance of Canadian emails and phone calls.

'Blown away'

Ontario's privacy commissioner Ann Cavoukian says she is "blown away" by the revelations.

"It is really unbelievable that CSEC would engage in that kind of surveillance of Canadians. Of us.

"I mean that could have been me at the airport walking around… This resembles the activities of a totalitarian state, not a free and open society."

 Ann Cavoukian

Privacy commissioner Ann Cavoukian. (Colin Perkel/Canadian Press)

Experts say the document makes clear CSEC intended to share both the technologies and future information generated by it with Canada's official spying partners — the U.S., Britain, New Zealand and Australia, the so-called Five Eyes intelligence network.

Indeed, the spy agency boasts in its leaked document that, in an apparently separate pilot project, it obtained access to two communications systems with more than 300,000 users, and was then able to "sweep" an entire mid-sized Canadian city to pinpoint a specific imaginary target in a fictional kidnapping.

The document dated May 2012 is a 27-page power-point presentation by CSEC describing its airport tracking operation.

While the document was in the trove of secret NSA files retrieved by Snowden, it bears CSEC's logo and clearly originated with the Canadian spy service.

Wesley Wark, a renowned authority on international security and intelligence, agrees with Deibert.

"I cannot see any way in which it fits CSEC's legal mandate."

Wark says the document suggests CSEC was "trying to push the technological boundaries" in part to impress its other international counterparts in the Five-Eyes intelligence network.

"This document is kind of suffused with the language of technological gee-whiz."

Wark says if CSEC's use of "very powerful and intrusive technological tools" puts it outside its mandate and even the law, "then you are in a situation for democracy where you simply don't want to be."

Like Wark and other experts interviewed for this story, Deibert says there's no question Canada needs CSEC to be gathering foreign intelligence, "but they must do it within a framework of proper checks and balances so their formidable powers can never be abused. And that's the missing ingredient right now in Canada."

The only official oversight of CSEC's spying operations is a retired judge appointed by the prime minister, and reporting to the minister of defence who is also responsible for the intelligence agency.

"Here we clearly have an agency of the state collecting in an indiscriminate and bulk fashion all of Canadian communications and the oversight mechanism is flimsy at best," Deibert says.

"Those to me are circumstances ripe for potential abuse."

CSEC spends over $400 million a year, and employs about 2,000 people, almost half of whom are involved in intercepting phone conversations, and hacking into computer systems supposedly in other countries.

It has long been Canada's most secretive spy agency, responding to almost all questions about its operations with reassurances it is doing nothing wrong.

Privacy watchdog Cavoukian says there has to be "greater openness and transparency because without that there can be no accountability.

"This trust-me model that the government is advancing and CSEC is advancing – 'Oh just trust us, we're doing the right thing, don't worry' — yes, worry! We have very good reason to worry."

In the U.S., Snowden exposed massive metadata collection by the National Security Agency, which is said to have scooped up private phone and internet records of more than 100 million Americans.

A U.S. judge recently called the NSA's metadata collection an Orwellian surveillance program that is likely unconstitutional.

The public furor over NSA snooping prompted a White House review of the American spy agency's operations, and President Barack Obama recently vowed to clamp down on the collection and use of metadata.

Cavoukian says Canadians deserve nothing less.

"Look at the U.S. — they've been talking about these matters involving national security for months now very publicly because the public deserves answers.

"And that's what I would tell our government, our minister of national defence and our prime minister: We demand some answers to this."

CSE's Levitation project: Expert says spy agencies 'drowning in data' and unable to follow leads - CBC News 20150129

Original: CSE's Levitation project: Expert says spy agencies 'drowning in data' and unable to follow leads - CBC News 20150129

U.S. reports question effectiveness of bulk collection in hunt for terrorists - by Amber Hildebrandt, Michael Pereira and Dave Seglins, CBC News

CBC News revealed a mass surveillance program by Canada's electronic spy agency that involves sifting through millions of file downloads to find terrorists.
CBC News revealed a mass surveillance program by Canada's electronic spy agency that involves sifting through millions of file downloads to find terrorists. (Shutterstock)

Mass trawling of internet data — as done by Canada's electronic spy agency in a project dubbed Levitation — can impede cyber spies in the hunt for extremists more than it helps, some security experts argue.

"We've focused too much on bulk collection just because there's a capacity to survey broad swaths of digital communication and collect it and store it, potentially indefinitely," says Adam Molnar, a Canadian security expert teaching at an Australian university.

But that collection may not only be harmful to privacy and civil liberties concerns, but ineffective as well, the Deakin University lecturer argues.

"Even in instances where we see an attack occur, these agencies are drowning in data and they're not even able to follow up on specific leads."

Molnar cites the 2013 Boston Marathon bombing and the recent Paris attacks as cases where information was gathered on suspects, "but it made very little difference."

In light of Canada's own attacks on soldiers, U.S. journalist Glenn Greenwald said Canadians should be asking tough questions.

"It raises a real question about why these Western intelligence agencies that are spending so much money on these very sophisticated means of surveillance can't find individuals who are planning attacks like that?" asks Greenwald.

The constitutional lawyer and author is famous for helping publish a trove of top-secret documents obtained by U.S. whistleblower Edward Snowden over the past two years. Revelations from the Snowden files have prompted debates about privacy and security around the world.

Greenwald was part of a team from the U.S.-based news site The Intercept who worked in collaboration with CBC News to analyze Canada-related Snowden files.

Those files included a 2012 presentation by a team at Canada's Communications Security Establishment (CSE), which is taxed with electronically monitoring security threats abroad. The presentation revealed CSE's sweeping access to videos, music and documents shared on free file-hosting websites through a project it codenamed Levitation.

CSE presentation: Levitation

The way the program worked was that the CSE tapped into collected metadata on those downloads. It then used the  computer's IP addresses to cross-reference that through at least two wide-reaching databases of metadata held by Canada's spying partners to try to figure out a suspect's identity and to further monitor that person's online activity.

New legislation coming

Questions about the effectiveness of mass surveillance are being raised as the Canadian government plans to introduce new legislation Friday to give security agencies broader powers. The new rules come in the wake of two attacks on Canadian soldiers last year as well as a growing number of extremist incidents around the world.

Wesley Wark, a national security expert, says that no matter how many "interesting needles" come out of the haystack of online data, spy agencies still need to translate that to "usable intelligence" – meaning something they can act on.

"At the end of the day, one piece of good intelligence might be worth it all," says Wark, who is currently at the University of Ottawa.

In its 2012 presentation to its "Five Eyes" spying partners — the group that includes the U.S., U.K., New Zealand and Australia — the CSE mentioned two important successes from the Levitation project.

The first involved the discovery of an uploaded document that outlined the hostage strategy of AQIM, the North African branch of al-Qaeda. That strategy was "disseminated widely," including by the CIA to its overseas counterparts, the CSE presentation says.

glenn greenwald

U.S. journalist Glenn Greenwald says Canadians need to ask tough questions about how effective mass surveillance is in light of two attacks on soldiers. (Evan Mitsui/CBC)

Cyber analysts also unearthed a video of a German hostage from a previously unknown target. That hostage died in late May 2012, months after spies came across the video.

Edgar Fritz Raupach, an engineer working in Nigeria, was killed by his hostage-takers when local soldiers — who were unaware of Raupach's presence — attacked the captors' hideout in an unrelated operation.

Wark cautions that the document — as a presentation by CSE to its spying partners — is inevitably biased toward touting the most favourable results. Ultimately, he says, success in this business depends on whether the findings were timely, didn't consume too many resources and were useful.

"These Canadian documents suggest it can pay off," says Wark. "So, does it pay off? Is it proportionate to the resources we're putting into it? Are there different ways to do it?"

Vital role

It is not known whether the Levitation project is still ongoing. CSE says it can't comment on details of the program, citing the Security of Information Act.

Julian Fantino, the associate minister of national defence, told CBC News in a statement that CSE's foreign signals intelligence have "played a vital role in uncovering foreign-based extremists' efforts to attract, radicalize and train individuals to carry out attacks in Canada and abroad."

"Our government will not sit idly by while terrorists use websites to attract, radicalize and train individuals who threaten our values and freedom."

Veterans Affairs Minister Julian Fantino

Julian Fantino, the associate minister of national defence, says the government will "not sit idly by while terrorists use websites to attract, radicalize and train individuals who threaten our values and freedom." (Adrian Wyld/The Canadian Press)

As for the new bill coming Friday, Employment Minister Jason Kenney said the objective is to stop attacks before they happen by targeting what's being called incitement to terrorism.

Sources told CBC News that the legislation will give security agencies the ability to obtain and share information now subject to privacy limits, and make it easier for police to detain suspected extremists.

However, Liberal MP Joyce Murray says while there's been calls for the government to tighten up security, privacy concerns must not be forgotten.

"They need to also look at the provisions to protect individual privacy," said Murray. "And the government has failed to do that."

Murray says laws governing the CSE are 14 years out of date and don't touch on metadata.

The so-called data about data — which for email can include information such as recipients, subject lines and dates — falls outside the old laws because it isn't considered "private communication." Only the contents of an email or a conversation during a phone call are considered a communication.

Big topic in U.S.

While there has been relatively little debate in Canada weighing privacy concerns in the face of security fears, it's been a hot topic in the U.S. since most of the Snowden revelations involve CSE's counterpart, the National Security Agency.

Last year, a Washington-based non-profit analyzed 225 terrorism cases inside the U.S. since the Sept. 11, 2001 attacks and found that bulk collection of phone records by NSA had "no discernible impact" on preventing acts of terrorism.

The non-profit New America Foundation said the bulk collection of phone metadata — which includes phones called and call duration — had, in its view, only marginal impacts on preventing terrorist-related activities.

The organization said in most cases it was traditional law enforcement and investigative methods involving a tip or evidence that resulted in initiating action against an individual or group.

That finding came on the heels of a White House-appointed review committee that drew a similar conclusion. It said that much of the evidence that NSA turned up from tracking phone calls could have "readily been obtained" using standard court orders. It found that the phone metadata collection program was "not essential to preventing attacks."

For Molnar, the lessons from the U.S. are clear. "It tells us that [bulk collection] actually does very little in terms of identifying unknown suspects or actually detecting and preventing attacks before they occur."

Similar analyses on the effectiveness of gathering so much online metadata haven't been done since much less is known about the programs collecting them, says Tamir Israel, a lawyer with the University of Ottawa's Canadian Internet Policy and Public Interest Clinic.

Ultimately, the invasion of privacy is disproportionate to the benefit, he says.

Earlier this week, a report by Europe's top rights body said that mass surveillance programs are endangering fundamental human rights, including the rights to privacy, freedom of expression and freedom of religion.

The Parliamentary Assembly of the Council of Europe said it is"deeply worried" about the use of secrecy laws and secrecy courts — all of which is "very poorly scrutinized."

"In the long term, this type of unfettered surveillance is a really insidious thing that can really have very serious negative impacts on the way democratic institutions work," says Israel.


CBC is working with U.S. news site The Intercept to shed light on Canada-related files in the cache of documents obtained by U.S. whistleblower Edward Snowden. The CBC News team —  Dave SeglinsAmber Hildebrandt and Michael Pereira — collaborated with The Intercept’s Glenn Greenwald and Ryan Gallagher to analyze the documents. For a complete list of the past stories done by CBC on the Snowden revelations, see our topics page. Contact us by email by clicking on our respective names or search for our PGP keys here.

CSE tracks millions of downloads daily - Snowden documents - CBC News 20150127

Original: CSE tracks millions of downloads daily - Snowden documents - CBC News 20150127

Global sites for sharing movies, photos, music targeted in mass anti-terror surveillance - by Amber Hildebrandt, Michael Pereira, Dave Seglins, CBC News

Canada's electronic spy agency sifts through millions of videos and documents downloaded online every day by people around the world, as part of a sweeping bid to find extremist plots and suspects, CBC News has learned.

Details of the Communications Security Establishment project dubbed "Levitation" are revealed in a document obtained by U.S. whistleblower Edward Snowden and recently released to CBC News.

rapidshare cse

​Under Levitation, analysts with the electronic eavesdropping service can access information on about 10 to 15 million uploads and downloads of files from free websites each day, the document says.

"Every single thing that you do — in this case uploading/downloading files to these sites — that act is being archived, collected and analyzed," says Ron Deibert, director of the University of Toronto-based internet security think-tank Citizen Lab, who reviewed the document.

In the document, a PowerPoint presentation written in 2012, the CSE analyst who wrote it jokes about being overloaded with innocuous files such as episodes of the musical TV series Glee in their hunt for terrorists.

CBC analyzed the document in collaboration with the U.S. news websiteThe Intercept, which obtained it from Snowden.

The presentation provides a rare glimpse into Canada's cyber-sleuthing capabilities and its use of its spy partners' immense databases to track the online traffic of millions of people around the world, including Canadians.

That glimpse may be of even greater interest now that the Harper government plans to introduce new legislation increasing the powers of Canada's security agencies.

Though Canada's always been described as a junior partner in the Five Eyes spying partnership, which includes the U.S., Britain, New Zealand and Australia, this document shows it led the way in developing this new extremist-tracking tool.

"It's really the first time that a story has been reported that involves [CSE] as the lead agency in a program of pure mass surveillance," said Glenn Greenwald, a constitutional lawyer and journalist with The Intercept, and who has been instrumental in bringing Snowden's information to public attention.

Canada's electronic surveillance service said it cannot comment on the specific program, but added that some of its metadata analysis is designed to identify foreign terrorists who use the internet for activities threatening the security of Canada and Canadians.

Deibert, at the Citizen Lab, says that on the surface the Levitation program is reassuring, indicating Canada's spies are doing their job, but he adds that the mass surveillance nature of it raises questions.

'A giant X-ray machine'

According to the document, Canada can access data from 102 free file upload sites, though only three file-host companies are named: Sendspace, Rapidshare and the now-defunct Megaupload.

Sendspace told CBC News that "no organization has the ability/permission to trawl/search Sendspace for data," and its policy states it won't disclose user identities unless legally required.

Tamir Israel CIPPIC

Tamir Israel, an internet policy lawyer, says the program raises questions because it's "completely at the discretion of CSE essentially what documents to pick." (Amber Hildebrandt/CBC News)​

No other file-sharing company responded to CBC requests for comment.

However, the Levitation document says that access to the data comes from unnamed "special sources," a term that in previous Snowden documents seemed to refer to telecommunications companies or cable operators.

It is also unclear which, or how many, of the Five Eyes access information on these uploaded files and whether the companies involved know the spy agencies have this access.

Many people use file-sharing websites to share photos, videos, music and documents, but these cyber-lockers have also been accused of being havens for illegally sharing copyrighted content.

Not surprisingly, extremists also use the online storage hubs to share propaganda and training materials.

To find those files, the document says Canada's spy agency must first weed out the so-called Glee episodes as well as pictures of cars on fire and vast amounts of other content unrelated to terrorism.

Analysts find 350 "interesting download events" each month, less than 0.0001 per cent of the total collected traffic, according to the top-secret presentation.

Surveillance specialists can then retrieve the metadata on a suspicious file, and use it to map out a day's worth of that file user's online activity.

By inputting other bits of information into at least two databases created by the spying partners, analysts can discover the identity and online behaviour of those uploading or downloading these files, as well as, potentially, new suspicious documents.

The Levitation project illustrates the "giant X-ray machine over all our digital lives," says Deibert.

From IP to ID

Once a suspicious file-downloader is identified, analysts can plug that IP address into Mutant Broth, a database run by the British electronic spy agency Government Communications Headquarters (GCHQ), to see five hours of that computer's online traffic before and after the download occurred.

That can sometimes lead them to a Facebook profile page and to a string of Google and other cookies used to track online users' activities for advertising purposes. This can help identify an individual.

In one example in the top-secret document, analysts also used the U.S. National Security Agency's powerful Marina database, which keeps online metadata on people for up to a year, to search for further information about a target's Facebook profile. It helped them find an email address.

After doing its research, the Levitation team then passes on a list of suspects to CSE's Office of Counter Terrorism.

The agency cites two successes as of 2012: the discovery of a German hostage video through a previously unknown target, and an uploaded document that gave it the hostage strategy of a terrorist organization.

It's unclear from the leaked document how long Levitation was operational and whether it is still in use.

CSE says its foreign signals intelligence has "played a vital role in uncovering foreign-based extremists' efforts to attract, radicalize and train individuals to carry out attacks in Canada and abroad." But it offered no specifics about Levitation.

'What else can they do?'

Back in 2012, the spy agency appeared to be assessing the power and accuracy of the Levitation project as compared to other tools in its counterterrorism arsenal.

'The specific uses that they talk about in this context may not be the problem, but it's what else they can do.'- Tech lawyer Tamir Israel

Though the presentation jokes about filtering outGlee episodes, the issue underscores an increasing problem for spy agencies around the world: how the massive haystack of internet traffic they are collecting is straining spy agency resources.

Projects like Levitation aim to automate part of the process.

But it also causes some people to worry about what these powerful and secretive agencies can do with such an immense store of data at their fingertips.

"The specific uses that they talk about in this context may not be the problem, but it's what else they can do," says Tamir Israel, a lawyer with the University of Ottawa's Canadian Internet Policy and Public Interest Clinic.

National security expert Wesley Wark says the Levitation documents clearly demonstrate the CSE's abilities. But he also warns the tool has the potential to be "hugely intrusive."

A recent story by The Guardian illustrates that potential. The British newspaper revealed that that the GCHQ scooped up emails to and from journalists working for some of the largest American and British media outlets, as part of a test exercise.

The story, based on Snowden documents, says GCHQ has also listed investigative journalists as a "threat" who rank somewhere between terrorists and hackers.

A similar issue could arise here, with the eavesdropping service choosing targets outside the terrorism realm, says Israel.

Academics, lawyers, journalists, activists and business people commonly use file-hosting sites as part of their jobs.

"It's completely at the discretion of CSE essentially what documents to pick," Israel says.

The mass surveillance by Canada's signals intelligence agency also raises questions about the number of Canadians inadvertently caught up in it.

In the Levitation presentation, two anonymous Canadian IP addresses from a Montreal-based data server appear on a list of suspicious downloads around the world. The list also included several from allies and trading partners, including the U.K., U.S., Spain, Brazil, Germany and Portugal.

By law, CSE isn't allowed to target Canadians. Canada's commissioner charged with reviewing the secretive group found it unintentionally swept up private communications of 66 Canadians while monitoring signals intelligence abroad, but concluded there was no sign of unlawful practice.

Canada is supposed to mask the identities of untargeted Canadians scooped up in its surveillance before passing information to its Five Eyes partners and law enforcement agencies.

Deibert says there are "all sorts of grey areas" in how CSE operates, including how long they can retain the data they collect, the volume of the mass collection, the rules around metadata and how this data is shared with spying partners.

"The mission is appropriate," he says. "But is engaging in wholesale mass surveillance the appropriate means to that end? Especially in the context where, in this country, you have very little oversight in any meaningful sense."


CBC is working with U.S. news site The Intercept to shed light on Canada-related files in the cache of documents obtained by U.S.whistleblower Edward Snowden. The CBC News team — Dave Seglins,Amber Hildebrandt and Michael Pereira — collaborated with The Intercept's Glenn Greenwald and Ryan Gallagher to analyze the documents. For a complete list of the past stories done by CBC on theSnowden revelations, see our topics page. Contact us by email by clicking on our respective names or search for our PGP keys here.

With files from The Intercept's Ryan Gallagher and Glenn Greenwald