by Ryan Gallagher and Henrik Moltke, The Intercept:
THE SECRETS ARE hidden behind fortified walls in cities across the United States, inside towering, windowless skyscrapers and fortress-like concrete structures that were built to withstand earthquakes and even nuclear attack. Thousands of people pass by the buildings each day and rarely give them a second glance, because their function is not publicly known. They are an integral part of one of the world’s largest telecommunications networks – and they are also linked to a controversial National Security Agency surveillance program.
Atlanta, Chicago, Dallas, Los Angeles, New York City, San Francisco, Seattle, and Washington, D.C. In each of these cities, The Intercept has identified an AT&T facility containing networking equipment that transports large quantities of internet traffic across the United States and the world. A body of evidence – including classified NSA documents, public records, and interviews with several former AT&T employees – indicates that the buildings are central to an NSA spying initiative that has for years monitored billions of emails, phone calls, and online chats passing across U.S. territory.
The NSA considers AT&T to be one of its most trusted partners and has lauded the company’s “extreme willingness to help.” It is a collaboration that dates back decades. Little known, however, is that its scope is not restricted to AT&T’s customers. According to the NSA’s documents, it values AT&T not only because it “has access to information that transits the nation,” but also because it maintains unique relationships with other phone and internet providers. The NSA exploits these relationships for surveillance purposes, commandeering AT&T’s massive infrastructure and using it as a platform to covertly tap into communications processed by other companies.
Much has previously been reported about the NSA’s surveillance programs. But few details have been disclosed about the physical infrastructure that enables the spying. Last year, The Intercept highlighted a likely NSA facility in New York City’s Lower Manhattan. Now, we are revealing for the first time a series of other buildings across the U.S. that appear to serve a similar function, as critical parts of one of the world’s most powerful electronic eavesdropping systems, hidden in plain sight.
“It’s eye-opening and ominous the extent to which this is happening right here on American soil,” said Elizabeth Goitein, co-director of the Liberty and National Security Program at the Brennan Center for Justice. “It puts a face on surveillance that we could never think of before in terms of actual buildings and actual facilities in our own cities, in our own backyards.”
There are hundreds of AT&T-owned properties scattered across the U.S. The eight identified by The Intercept serve a specific function, processing AT&T customers’ data and also carrying large quantities of data from other internet providers. They are known as “backbone” and “peering” facilities.
While network operators would usually prefer to send data through their own networks, often a more direct and cost-efficient path is provided by other providers’ infrastructure. If one network in a specific area of the country is overloaded with data traffic, another operator with capacity to spare can sell or exchange bandwidth, reducing the strain on the congested region. This exchange of traffic is called “peering” and is an essential feature of the internet.
Because of AT&T’s position as one of the U.S.’s leading telecommunications companies, it has a large network that is frequently used by other providers to transport their customers’ data. Companies that “peer” with AT&T include the American telecommunications giants Sprint, Cogent Communications, and Level 3, as well as foreign companies such as Sweden’s Telia, India’s Tata Communications, Italy’s Telecom Italia, and Germany’s Deutsche Telekom.
AT&T currently boasts 19,500 “points of presence” in 149 countries where internet traffic is exchanged. But only eight of the company’s facilities in the U.S. offer direct access to its “common backbone” – key data routes that carry vast amounts of emails, internet chats, social media updates, and internet browsing sessions. These eight locations are among the most important in AT&T’s global network. They are also highly valued by the NSA, documents indicate.
The data exchange between AT&T and other networks initially takes place outside AT&T’s control, sources said, at third-party data centers that are owned and operated by companies such as California’s Equinix. But the data is then routed – in whole or in part – through the eight AT&T buildings, where the NSA taps into it. By monitoring what it calls the “peering circuits” at the eight sites, the spy agency can collect “not only AT&T’s data, they get all the data that’s interchanged between AT&T’s network and other companies,” according to Mark Klein, a former AT&T technician who worked with the company for 22 years. It is an efficient point to conduct internet surveillance, Klein said, “because the peering links, by the nature of the connections, are liable to carry everybody’s traffic at one point or another during the day, or the week, or the year.”
Christopher Augustine, a spokesperson for the NSA, said in a statement that the agency could “neither confirm nor deny its role in alleged classified intelligence activities.” Augustine declined to answer questions about the AT&T facilities, but said that the NSA “conducts its foreign signals intelligence mission under the legal authorities established by Congress and is bound by both policy and law to protect U.S. persons’ privacy and civil liberties.”
Jim Greer, an AT&T spokesperson, said that AT&T was “required by law to provide information to government and law enforcement entities by complying with court orders, subpoenas, lawful discovery requests, and other legal requirements.” He added that the company provides “voluntary assistance to law enforcement when a person’s life is in danger and in other immediate, emergency situations. In all cases, we ensure that requests for assistance are valid and that we act in compliance with the law.”
Dave Schaeffer, CEO of Cogent Communications, told The Intercept that he had no knowledge of the surveillance at the eight AT&T buildings, but said he believed “the core premise that the NSA or some other agency would like to look at traffic … at an AT&T facility.” He said he suspected that the surveillance is likely carried out on “a limited basis,” due to technical and cost constraints. If the NSA were trying to “ubiquitously monitor” data passing across AT&T’s networks, Schaeffer added, he would be “extremely concerned.”
Sprint, Telia, Tata Communications, Telecom Italia, and Deutsche Telekom did not respond to requests for comment. CenturyLink, which owns Level 3, said it would not discuss “matters of national security.”
THE EIGHT LOCATIONS are featured on a top-secret NSA map, which depicts U.S. facilities that the agency relies upon for one of its largest surveillance programs, code-named FAIRVIEW. AT&T is the only company involved in FAIRVIEW, which was first established in 1985, according to NSA documents, and involves tapping into international telecommunications cables, routers, and switches.
In 2003, the NSA launched new internet mass surveillance methods, which were pioneered under the FAIRVIEW program. The methods were used by the agency to collect – within a few months – some 400 billion records about people’s internet communications and activity, the New York Times previously reported. FAIRVIEW was also forwarding more than 1 million emails every day to a “keyword selection system” at the NSA’s Fort Meade headquarters.
Central to the internet spying are eight “peering link router complex” sites, which are pinpointed on the top-secret NSA map. The locations of the sites mirror maps of AT&T’s networks, obtained by The Intercept from public records, which show “backbone node with peering” facilities in Atlanta, Chicago, Dallas, Los Angeles, New York City, San Francisco, Seattle, and Washington, D.C.
One of the AT&T maps contains unique codes individually identifying the addresses of the facilities in each of the cities.
Among the pinpointed buildings, there is a nuclear blast-resistant, windowless facility in New York City’s Hell’s Kitchen neighborhood; in Washington, D.C., a fortress-like, concrete structure less than half a mile south of the U.S. Capitol; in Chicago, an earthquake-resistant skyscraper in the West Loop Gate area; in Atlanta, a 429-foot art deco structure in the heart of the city’s downtown district; and in Dallas, a cube-like building with narrow windows and large vents on its exterior, located in the Old East district.
Elsewhere, on the west coast of the U.S., there are three more facilities: in downtown Los Angeles, a striking concrete tower near the Walt Disney Concert Hall and the Staples Center, two blocks from the most important internet exchange in the region; in Seattle, a 15-story building with blacked-out windows and reinforced concrete foundations, near the city’s waterfront; and in San Francisco’s South of Market neighborhood, a building where it was previously claimed that the NSA was monitoring internet traffic from a secure room on the sixth floor.
The peering sites – otherwise known in AT&T parlance as “Service Node Routing Complexes,” or SNRCs – were developed following the internet boom in the mid- to late 1990s. By March 2009, the NSA’s documents say it was tapping into “peering circuits at the eight SNRCs.”