NSA Sought Data Before 9/11

Beginning in February 2001, almost seven months before the 9/11 terrorist attacks, the government’s top electronic eavesdropping organization, the National Security Agency, asked a major U.S. telecommunications carrier for information about its customers and the flow of electronic traffic across its network, according to sources familiar with the request. The carrier, Qwest Communications, refused, believing that the request was illegal unless accompanied by a court order.

After terrorists attacked the United States on September 11, the NSA again asked Qwest, as well as other telecom companies, for similar information to help the agency track suspects with the aim of preventing future attacks, current and former officials have said. The companies responded in various ways, with Qwest being the most reluctant to cooperate. However, in February 2001, the NSA’s primary purpose in seeking access to Qwest’s network apparently was not to search for terrorists but to watch for computer hackers and foreign-government forces trying to penetrate and compromise U.S. government information systems, particularly within the Defense Department, sources said. Government officials have long feared a “digital Pearl Harbor” if intruders were to seize control of these systems or other key U.S. infrastructures through the Internet.

A former White House official, who at the time was involved in network defense and other intelligence programs, said that the early 2001 NSA proposal to Qwest was, “Can you build a private version of Echelon and tell us what you see?” Echelon refers to a signals intelligence network operated by the NSA and its official counterparts in Australia, Canada, New Zealand, and the United Kingdom.

The NSA realized that it was blind to many of the new online threats and to who was using the privately owned telecom networks, and it thought that Qwest was in a position to help. The agency needed better intelligence in the face of a burgeoning Internet, and Qwest was then building a high-speed network for phone and Internet traffic that had caught the attention of senior intelligence officials. The NSA, in effect, wanted Qwest to be the agency’s online eyes and ears.

Another source said that the NSA wanted to analyze the calls, e-mails, and other transmissions crossing Qwest’s lines, to detect patterns of suspicious activity. Telecom carriers routinely monitor their networks for fraudulent activity, the former White House official noted, and so the companies “have an enormous amount of intelligence-gathering” capability. They don’t have to target individual customers to “look for wacky behavior,” or “groups communicating with each other in strange patterns.” That information could augment intelligence that the NSA and other agencies were gathering from other sources, the former official said.

Qwest’s then-chief executive officer, Joseph Nacchio, rejected the NSA’s request. “He didn’t want to go along with that,” and his refusal was not greeted warmly in the intelligence community, the former White House official said. Another source, a former high-ranking intelligence official, said that other companies, both before and after 9/11, had less of a problem complying with government requests if they were accompanied by a legal order. The ex-official added that some companies were willing to offer data and to assist the government “as necessary” on a voluntary basis, without a court order.

Nacchio has said publicly that the NSA asked Qwest for customer records after the 2001 terrorist attacks. But the nature of the agency’s request before 9/11 has not been disclosed previously. Sources familiar with the activities spoke to National Journal on the condition of anonymity, because the work is still classified.

By early 2001, the NSA was aware of the growing threat of terrorism and was monitoring communications among Al Qaeda members overseas. But the agency, the Defense Department, and the White House also feared Internet-based attacks on U.S. government installations, and they believed that other countries were increasingly interested in cyberspace as a battlefield.

At the same time, the NSA was hesitant to conduct any surveillance activities that might violate long-standing prohibitions on domestic intelligence-gathering without court orders. One way to get the information that the agency and others deemed necessary for network defense was from the telecom carriers.

Nacchio, it appears, believed that the NSA’s pre-9/11 request for access to Qwest’s network was illegal. The former White House official said that the intelligence-gathering was not targeted at Qwest’s U.S. customers, but he acknowledged that handing over customer information without a lawful order could violate the Electronic Communications Privacy Act, a 1986 law that extended wiretapping restrictions on phone calls to include electronic information transmitted by and stored in a computer.

After 9/11, that law was amended by the USA PATRIOT Act, and it became easier for the government to obtain certain private communications. When reports surfaced last year that telecom carriers were participating in a post-9/11 NSA program to analyze customer calling patterns for terrorism indicators, Nacchio’s attorney stated publicly that Qwest had refused “to make private telephone records of Qwest customers available to the NSA immediately following [enactment of] the Patriot Act.” Nacchio had concluded that the NSA’s requests violated the privacy requirements of another law, the Telecommunications Act, his attorney said.

The question of Qwest’s involvement with the NSA before 9/11 has surfaced in recent weeks because of Nacchio’s appeal of his criminal conviction on 19 counts of insider trading. Nacchio was sentenced to six years in prison in July, but he remains free pending his appeal. He contends that the NSA retaliated against Qwest for not complying with its request by denying the company work under a multibillion-dollar program called Groundbreaker, which outsourced the NSA’s unclassified information-technology systems. Federal prosecutors deny that allegation, noting that Qwest was a member of the team that ultimately won the Groundbreaker deal in August 2001.

Nacchio wasn’t allowed to use his retaliation argument at his trial. But details of Qwest’s interactions with the NSA, as well as years of work that the company performed for the Defense Department and the intelligence community, are contained in legal documents filed by his defense team and made public three weeks ago. Although the documents are partially redacted, they reveal that Qwest aggressively pursued business with the NSA while trying to put off officials’ entreaties for more access to the company’s network, requests that persisted for years.

The documents state that Nacchio and another senior Qwest executive met with NSA officials at their headquarters at Fort Meade, Md., on February 27, 2001. At this meeting, the agency proposed Qwest’s participation in certain activities whose details are redacted from the court documents.

“Nacchio said it was a legal issue, and they should not do something their general counsel told them not to do,” according to federal investigators who interviewed the former head of Qwest’s government business unit, James F.X. Payne. “Nacchio projected that he might do it if they could find a way to do it legally.”

Payne told investigators that the NSA requests came up “in meetings after meetings.” Investigators quoted Payne as saying, “There was a feeling also that the NSA acted as agents for other government agencies.” Payne could not be reached for comment.

Although the NSA’s specific request for an Echelon-like program may have worried Qwest’s attorneys, it appears that the company was sharing other kinds of proprietary information about its network with the Pentagon in the months before 9/11.

In May 2001, then-Commerce Secretary Donald Evans told the Senate Appropriations Committee that his department had helped to persuade Qwest to “share proprietary information with the Defense Department to evaluate the vulnerability of its network.” (The Commerce Department includes an agency that is responsible for telecom policy.) Qwest, Evans noted, was the largest carrier in the Rocky Mountain corridor. That area is home to some of the military’s most important command-and-control facilities, including the U.S. Strategic Command, which oversees nuclear weapons.

By the time the NSA asked for Qwest’s assistance in February 2001, the company had become a darling of the Internet Age. Founded in 1988 by Philip Anschutz, who owned the Southern Pacific Railroad, Qwest built the first all-digital, fiber-optic network by laying lines alongside railroad tracks, then linking to terminals in key locations to provide high-speed Internet and data connections.

The Defense Department operates its own classified networks, which are more resistant to attack, but Qwest’s network was faster, more expansive, and more technologically advanced. Nacchio’s legal documents show that from the late 1990s and into the new century, Qwest was chasing at least two lucrative deals to build private, secure networks for defense and intelligence agencies.

Qwest’s first high-level contact with the NSA may have occurred as early as 1997. Late that year, according to Nacchio’s legal briefs, Qwest was informed that a military “general officer wanted to meet with Mr. Nacchio.” Two weeks later, a three-star (lieutenant) general and his aide showed up at Nacchio’s Denver office and told him that they had “heard about Qwest’s new network.” Nacchio described the operation and “talked about his background at AT&T, with which they were already familiar,” the documents state. Nacchio had spent more than a quarter-century with AT&T before taking over at Qwest in 1997.

At some point, the general — whose name and affiliation are omitted from the documents — asked to speak privately with Dean Wandry, who led Qwest’s government business unit at the time. “The general told Mr. Wandry that he ran the largest telecom operation in the world, he had looked at Qwest’s network, and he wanted to use it for government purposes,” the documents state. By law, the head of the NSA must be at least a three-star general or a vice admiral. In 1997, Lt. Gen. Kenneth Minihan was the director. He was replaced in 1999 by Lt. Gen. Michael Hayden, who is now a four-star general and the director of the CIA. Hayden declined to be interviewed for this story. An assistant to Minihan, who is now a managing director with Paladin Capital Group, a private equity firm in Washington, said he was unavailable for comment.

A number of former intelligence officials said that the description of a three-star general running the “largest telecom operation in the world” seemed to fit the NSA. In 1997, the Defense Information Systems Agency, which manages a large telecom enterprise, was also run by a lieutenant general. But that agency’s operations are smaller than the NSA’s. Also, Qwest’s first contact with DISA occurred after the 1997 meeting with the unnamed military officer, according to Nacchio’s legal filings. Qwest has done unclassified work for DISA, and it received a large contract from the agency as recently as last year.

After the Denver meeting, Wandry told Nacchio “that there was a big opportunity here for Qwest,” the court filings state. Nacchio received a security clearance “a short time later.” Qwest then received a contract from the agency, which Nacchio wanted to announce publicly. He was “refused permission,” the briefs state, but he “understood at the time this was the beginning of a relationship which had enormous potential for future work. This proved increasingly true as time went on.”

Qwest certainly worked for the NSA beginning at least in 1999. A search of Internet number registration files shows that the company allocated a portion of its network that year to the Maryland Procurement Office at Fort Meade, which is the NSA’s contracting unit. An e-mail from employees in Qwest’s government business group, sent in December 1999, requested a meeting with senior executives “to discuss the potential opportunity with the Maryland customer.” (DISA, it should be noted, is headquartered in Virginia.) By 2001, the company was pursuing the NSA’s Groundbreaker contract. And in March of that year, Payne, who by then was running the company’s federal business, wrote in an e-mail to colleagues that Qwest was already a “provider” of telecom services to the NSA through existing contracts.

Meanwhile, concern was rising at the NSA that the proliferating global Internet might become a weapon for U.S. adversaries. As early as June 1998, then-NSA Director Minihan testified before the Senate Governmental Affairs Committee about “a wide array of malicious actors — including hackers, terrorists, and nation-states,” all of whom threatened “users of networked information systems.”

Minihan singled out Russia and China; the latter, he said, had already incorporated cyber-warfare into its military training. He also pointed to the emergence of “transnational security challenges,” including terrorism, drug trafficking, and international organized crime. “These opportunists, enabled by the explosion of technology and the availability of inexpensive, secure means of communication, pose a significant threat to the interests of the United States and its allies,” Minihan said.

A former senior NSA official said that the agency also worried that because these groups understood privacy laws so well, they knew how to avoid detection and could predict what the NSA would, and wouldn’t, do to track them. “There was such a nuanced understanding of how to tie us in knots and use American law against us, that there were certainly pockets of people saying, ‘We’ve got to be assertive; we’ve got to be more aggressive on this,’ ” the former official said.

Hayden, who ran the NSA from 1999 to 2005, was well known for his willingness to push operations to the legal edge. “We’re pretty aggressive within the law,” Hayden said in public remarks after 9/11. “As a professional, I’m troubled if I’m not using the full authority allowed by law.”

Hayden has repeated that refrain since the attacks. But former intelligence officials doubted that he would have authorized any request to Qwest, or other companies, that he believed violated the law. They noted, however, that many in the agency had long thought that monitoring “metadata,” such as a phone number, the length of a call, or a series of calls placed from a particular phone, didn’t implicate privacy because such information didn’t constitute the “content” of a message — its written or spoken words.

Published in National Journal