 to present you Bill Binney on this stage and he will be telling us the perspective from the inside of the NSA because he was a technical director of the NSA for many years and worked in the intelligence services for more than 37 years. He is a child of the Cold War and worked throughout the Cold War decrypting and breaking ciphers from the adversaries of the US and back then he used to call himself the technical director of the world in a sense. So please give it away for how the NSA attracts you with Bill Binney. Thank you. Thank you. I'd like to say it's nice to be back in a large with large numbers of people with character and integrity which when I worked at NSA not too many people had and I can get into some of that story. Mostly I worked I didn't work on the programs that Phil Zimmerman was talking about the commercially available stuff I was all looking at military and governmental encryptions and codes and activity so but the same techniques apply to any crypt system I mean it's not something that and I was on the offensive side not the defensive side and I know I knew Snow and the defensive people and I went to talk to them once about saying here I had all these solutions on the offensive side and can you tell me how you're designing the defensive side because I thought that they should be parallel you know we what what we were doing they were doing and they wouldn't tell me so that shows you the same kind of there's that kind of communications now like for example for cybersecurity all the attacks that have come out of Vault 7 and the NSA exposures hundreds of millions of lines of source code on attacks on you know firewalls switches servers operating systems all of that that's thousands of attacks and we've only seen a few of them so far used to in the world and you can just be ready for a much rougher ride because the offensive side knew all these things were weak and existing the defensive died didn't and they never fixed anything so we were all vulnerable so we all got attacked and so now they say every time you get attacked we need more money more people more empire you know so it's a swindle we're all being swindled by our governments if they if they would only fix the things they knew that were wrong we might have some security you know so but instead they don't so at any rate I didn't when I left NSA I did that then at the end of October 2001 because they started spying on individuals and not groups of bad guys okay so that meant they were scooping up everything from everybody in the world and it's much more extensive than anybody thought it's more extensive than even the slideshow but because and in order to store all this material they had to build the bluff they'll want one million square foot facility for storing data and last year they broke ground for a now a 2.8 million square foot facility on Fort Maid it took out a 36 hole golf course to do it so I mean the point is if you collect everything as a lot in ever increasing amount of data year after year which means you need ever increasing data storage facilities to store it all so all you have to do is watch and the way we the way we found out about this was to look at the every time the government wants to build something they have to file an environmental study so when they when they want to put in this very large building they had to also submit an environmental impact statement and study to do it before they did so we're looking at those and seeing what they're building so when they do that we know well this is on Fort Maid and it's the it's NSA doing it so you know everything on virtually everything on Fort Maid is NSA anyway so that that gave us the knowledge of the scale of what they're collecting and what they're assembling for example in Cisco who sold them the routers to route data to the Utah facility estimated there was a small article they wrote years ago that estimated that by 2015 the amount of data going into the Utah facility it would be 966 exabytes a year that's about a zeta bite so that's why originally years ago I estimated that the capacity of Utah was about five zeta bites I mean it's my guess you know it's a lot of bites anyway so any rate I felt I didn't have to take anything with me because everybody in Congress when I left you know they all knew me they knew what I was doing most of what they're doing to spy on everybody I designed anyway or had a hand in it so they knew all that so I felt I didn't have to to to bring any material out to to validate anything I was saying because they all knew I did it so I I naively thought that I could do that and go complain through the channels the intelligence committees and the inspector generals and they would all take some action on it well and what it really meant was when it came time to actually hearing what I had to say Congress never invited me and I mean I testified in the Bundestag I testified in the House of Lords in the UK but the Congress would never hear me because then they'd lose plausible deniability that was really their key they needed to have plausible deniability so they can continue this massive spying program because it gave them power over everybody everybody in the world even the members of Congress had power against others they had power on the judges in the Supreme Court the the federal judges all of them that's why they're so afraid everybody's afraid because all this data they had that's about them the the central agencies the intelligence agencies they have it and that's why Senator Schumer warmed President Trump earlier a few few months ago that he shouldn't attack the intelligence community because they've got you know six ways to Sunday to come at you that's because it's like J. Edgar Hoover on super steroids they have they have the same kind of data that J. Edgar Hoover had on everybody so it's leverage against every member of Parliament and every government of the world that's that's what I thought was the problem so I I thought I when when Edward Snowden came out he came out with material and slides and publications by the government about the programs they were running that gave me and that was the stuff I left them so it gave me all the opportunity to pull it together and say this is what they're doing this is how they're doing this is what it means and that's what I've been trying to do so I assembled some slides here to give you some idea hopefully a better idea of what's going on and I also assembled some slides to show you what they should be doing I have one only one case of an unclassified version of big data analysis which is what they should be doing and they aren't that's why people are getting killed that's why I said in the UK that bulk data kills people because all the analysts in the UK and in MI5 and in GCHQ similarly in the FBI and NSA they're buried in data and they can't see what's happening because there's just too much data and they're using the old techniques of word searches and stuff like that that's not the way to do it at all it's social networking is the key to solving all of these problems solving them quickly and making all the data content problem a manageable thing now I'll take you into that so here these are the these are the ways that they basically collect data first it's they use the corporations that run the fiber optic lines and they get them to allow them to put taps on them and I'll show you some of the taps where they are and and if that doesn't work they use the foreign government to go at their own telecommunications companies to do the similar thing and if that doesn't work they'll tap the line anywhere they can get to it and they won't even know it you know the governments know that communications companies will even know they're tapped so that's how they get into it then they get into fiber lines and this is this is the prison program is really where they have the the the companies involved that's down there and a list of them this came out was one of the first first things that was published out of this node material and they were all focused on prism well prism is really the the minor program I mean the major program is upstream that's where they have the fiber optic taps on hundreds of places around in the world that's where they're collecting off the fiber line all the data and storing it but prism was simply their their way of putting out something where Congress and the courts could look at it and say well we're abiding by the law see here we ask these companies for this data and we have a warrant for that to do it so you see we're abiding by law when in upstream they were and they were taking everything off the line also there the muscular program was a parallel one which basically did the for you know Yahoo and Google and a couple others they unilateral they unilaterally tapped lines between their data centers when they transferred data to back it up and so on they got everything they had and they didn't know it okay so that was their main the muscular program from those companies plus the upstream is really the main one and prism was only one small input to the data that NSA was collecting worldwide these are the kinds of things they have I mean it's satellites all kinds of collection the real big one is over there at C&E computer network exploitation that's where they're implanting either with hardware or software both into switches and servers around the world and they can make them do anything they want because they own them so if you send data anywhere through those switches or servers and there's tens of thousands of them in the world they basically own the network they they have access to it and they get it so all of that is feeding another program that they call treasure map and this one just says well we want to know where everything is in the world every minute of the day so it's not just collecting what you're saying encrypted or not but it's also monitoring where you are when you do it and that's basically done by this is a kind of the the geography of the world and there's the physical layout of the fibers and the microwaves and the satellite towers and everything and then that maps to a physical network and then logical networks who's communicating across them that maps to equipment which in turn maps to people and that's how they follow everybody this is also when you have cell phones for example how they take GPS and use the drone's target to target people so I think Jacob Applebaum was one who said the CIA or NSA watches them or tracks them NSA tracks them and CIA wax them right that and the way they do that and there's 1.2 million people on the drone list according to last number I saw I mean that's crazy I mean you know they aren't even they aren't making they aren't verifying who's who they're hitting they're not I mean they just want to kill people all the time this is insane and I keep telling I call that program random slaughter because that's about what it is and this is why I get in their face every time I possibly can in the US because they're doing stupid stuff it's hurting a lot of people but anyway that's that's the treasure map all the material they collect from all the sources goes back into these programs back inside NSA over here on that rectangle over there or this basically a square fundamentally this was the entire design these programs made main way and Marina are basically the graphs of social networks that map into the databases in pinwheel the internet and nucleon the voice there are basically two systems are falling public switch telephone network which is all of phones fixed mobile satellite all kind of any kind of phone and the input of that into the that all all the content data then goes into nucleon and it's indexed up there by the Marina program so that when they want to see who did what they have an index all to everything they ever said in their database so this was the whole design I left them and they haven't changed the damn thing in 15 years 16 years so that's real progress for you but anyway one of the things to look over here in a side is that both CIA and the FBI through the FBI Center in Quantico, Virginia have a direct access into these databases and and the entire graph not only did that but they also use that for police around the world so it's a straight violation of everything all this data is collected without warrants so you know it's a basic violation of the rights of every human in a court of law and that's what they're using they're using it to arrest people and then they pull the substitution I've got some slides on that too and these are other people who have access to it the the Five Eyes group over here they have direct access into the into the NSA database right here and so do the Drug Enforcement Administration, Defense Intelligence, FBI, CIA all these people have direct access to all this data and it's children's data as well it's everybody on the line because they take it all so it's nothing there's no distinction they don't filter anything it's just capture everything this is what a general like Xander said in men with hill station a few years ago he said all we have to do is collect it all and that's what they're doing the problem is once you collect it all and they have the impression or they give the impression that data is intelligence right when you collect more data more intelligence it's not the point is you have intelligence when you understand the meaning of what you've collected if you can't do that I mean you have nothing but a bunch of data and that for unfortunately that's that's the perspective they have so they think collecting more is better instead what happens is it buries their analysts and buries the both the police and the and the intelligence people they can't figure anything out so you know what the consequences of planned attacks happen because they don't see them coming and they can't prevent them and so that's why I said when I went to the UK to try to stir them up you know I wanted to get them a upset I said the bulk date because they were getting ready to pass the investigative powers bill the bulk acquisition of data on everybody in the UK as well as everything everybody they can possibly get in the world I said bulk data kills people and the reason I said that is because of the inability to stop terrorist attacks for example I mean we continue to see these things today I mean nothing has changed they're still going after more more data more you know more people more of an empire and they still can't figure out what they've got but they're really good after the fact after the fact once they know who did it they've got all the data on them they could go directly at them the other thing it does give them though is the power to to manipulate anybody they want or do industrial espionage or or if if somebody is getting a political group together or getting politically active and they don't want them they have the ability to target them here you using this data I mean it's just it's just there all they have to do is go out it so they can target people and use it against them but they can't look at all of it to figure out who out there is planning an attack on us or is going to smuggle weapons or smuggle dope or and if that they can't do that because they've they've got too much data and they're using stupid searches like word searches well you know if they use the word bomb you know if they're looking somebody planning a bomb or building a bomb we could say if you say in an email to anybody well you know the quarterback through a bomb at the last to win the game you know what your email is going to be picked up by that word search and it's absolutely irrelevant to anything they're looking for that's the point that's why social networking of focusing in on those networks that are involved in terrorism or the ones you know of the siege you have you can focus in on them and all I would point out that all of the terrorist attacks that have ever happened before or after 9 11 have been by people who were known by either the intelligence and the police or both so why weren't they focusing on them if they were they may have a chance to prevent the attack instead they're looking at this bulk stuff I mean it does it does spend a lot of money it employs a lot of people so it's a what I call a happiness management program but the point is that to keep it going sometimes people have to die and that's that's that's just on on on it's on American first of all you know no American would do that no one would sacrifice the lodge of anybody for this crap but they do and they do it because there's a big empire behind this I mean to collect all this data the intelligence community mostly NSA has spent somewhere close to two hundred billion dollars since 9 11 just to get the data I mean they and they built an empire worldwide to do it and they've got all these all these countries come that are participating in that so and and the big the closest are of course these here I should point out that you see this date over here down at the bottom right 2032 0 1 8 that's the 8th day of January of 2032 that means it's the first review classification review for this slide 25 years so if you subtract 25 years from that it's the 8th of January of 2007 2007 that was the date the slide was created so this was a state of things in 2007 right if you look at all these slides you'll see many times of a date there and you can figure out well this is the data that of that program you know so any rate this is where they use the things for the rule of the for the sod that's the special operations division of the Drug Enforcement Administration the police they they have also the FBI CIA NSA the DHS the IRS all have representatives on the sod and they all look into the NSA data the IRS is supposed to be there for fraud you know and things like that but they use the data against the Tea Party and the and the FBI is against the Occupy Group and other political parties were attacked by similarly and of course they of course people looking to unmask information about individuals that's done through these kinds of organizations you know or they can request that through directly to NSA so all of that's done by see the problem is is a human failing here is that the people given the power over others eventually they use it you know that's historically true it's a weakness in humanity you know that's that's the real problem here there's no way of checking there's no checks and balances at all involved in this at all the Congress says and the courts say they have oversight that's a joke okay they don't have any oversight even in even after the snowed material came out at the head judge Reggie Walton on the FISA court the foreign intelligence relation court said he came out and said try to make an excuse for his court and the judges on it that they really didn't have a lot of the capability of verifying anything that NSA CIA or FBI were telling them in fact he doesn't have very little he is none he's totally dependent on them telling the truth and they only tell him what they want to tell him as same as true with the intelligence eight committees in Congress and the same is true in every country of the world no country in the world no government of any country in the world has any control of their intelligence they do not know what they're doing and they have no control of really of any of them they can't stop it they they would say they go to oversight but when they go in all they're told is is what the agency wants them to hear so they get the the story du jour the story of the day from from that agency that's the problem I see but so in order to do this you see they don't tell any of the attorneys the judges or anything you never sign anything never put it in affidavits there's no documentation that they used NSA data or NSA collected data from all their collaborators to do any of this and so what that means is they have to do a parallel construction they reconstruct data or go out and get data that would they could substitute the court of law for for the NSA data because then they could use that as a justification for the warrant which they didn't get in first place so but so that basically means they're perjuring themselves in a court of law now this is not just for us in the United States anybody who has a who has any relationship with the FBI the DEA worldwide they're all getting insight through these programs and so whatever actions they take are based on the unconstitutional collection of data by the NSA and the CIA but they're still using it we in fact one of the one of the federal agents using this data said commented to a Reuters reporter this is a Reuters slide he said you know this is such a great program I just hope we can keep it secret well what does that mean that means we have a secret government right when you marry when you marry the intelligence agencies with the police you have a secret police now in Germany they call that the Gestapo or the Stasi so I refer to NSA as the new Stasi agency and unfortunately that's you know we haven't been able to do anything I I am attempting to do everything I possibly can against these people I have four I'm supporting four separate lawsuits against the president Trump previously against President Obama and the intelligence agencies of the United States for unconstitutional collection of data we have to do it for our laws with our Constitution governs violation of privacy rights of U.S. citizens so we're attacking them that way in a court of law and I just got my first chance with the third circuit court of appeals to submit some of this NSA data about their own programs into the court of law now it's going to be tough for NSA to deny it because now it's in the federal courts these this is the court that's one one level down from the Supreme Court in the United States and it's at four separate circuit courts one in the second one in the third one in the ninth one of the 11th so I'm coming at them as many from as many directions as I possibly can and hopefully one of them will get through to the Supreme Court and when it does we'll get to them and if we fix it I mean and if we fix it why hopefully that'll spread around the world to the rest of the countries who've adopted this from because we started it okay you know we started it we Americans were the first one in the bulk collection pit the rest of you came along a little later that's only because we were close in and it was convenient no so we got it first any rate the point is they're all doing the wrong thing for two basic reasons number one it buries their analysts with the with too much data so it makes them totally dysfunctional they can't figure out anything and they're just losing it and I by the way I I provided from Edward Snowden's material copies of memos written by internal analysts in NSA and MI5 and various other places saying that they are buried in data they just can't figure out anything they've got too much data well and I gave that to all the to the House of Lords as documentation of what I was saying was true and they'd simply ignored it so but but the main problem I had from the very beginning was it was a total invasion of the privacy rights of everybody on the planet starting with us in the US but to me that was the I mean it took me one week to get out of NSA once I found that out I mean they were using the programs we you know were that were developed in the SIG and Automation Research Center which I was founder of and the people I had building those things were the ones they had to depend on to implement them worldwide on a scale that is still growing there was no limitation to the scale I mean we did B plus three type flat threat file indexing schemes with which meant if you if you needed more or more space you simply add in another service spread out the graph you know and so it didn't there was no we saw no limit to anything we could do I mean we'd already taken in trillions of transactions and that wasn't a problem at all so once I found out that they started taking in everything that the intel at the telecommunications companies were having in terms of US communications principally in the starting with the public switch telephone network and then starting very later very shortly after that the internet and the and the basically the worldwide web it took me I found that out in the second week of October 2001 and it took me the week and a half to get out of the place so I got out the hollow way holla Halloween day 31st of October 2001 and since then I've been I've been trying to advocate internally in the NS and the intelligence committees and the inspector generals of the post department of justice and department of defense to have them I mean this is obviously this is totally unconstitutional it's a violation of the Penn Registered Law electronic Privacy Act electronic security act any of the laws in place to cover FCC regulations covering any of the telecoms that's why the telecommunications companies had to get retroactive immunity in 2008 because they had so many laws that they were violating every day and you know they're still doing that so so the point was that they they were all in it together and each one of the committees and the and the and the courts had to protect one another that was a cover-up because they were all involved in this in the White House was the starter it was actually started by Darth Cheney I call him Darth Cheney because he went to the dark side what he said anyway sorry right in the meantime we had been advocating for a targeted approach where you went after groups of people that were doing bad things and you could easily define it by social networks in the in the world either in the public switch telephone and or even in the internet we had no difficulty doing that at line speeds fiber optic rates we are able to sessionize fiber optic rates at STEM level transmissions in 1998 so from there on we were able to do deep packet inspection on all that stuff reconstruct everything on the lines and so we we were we were able to see networks and we built all these social networks using the transmitting the routing data the IPs and the and the addressing schemes of the internet as well as the phone network and we had no difficulty doing a targeted approach then of using that data to filter out what was relevant to targets we were interested in or should be interested in out of the out of the flow of information around the world at whatever rate they were doing it was simply subdivided and conquered it by by divide and conquer approach so that that was our way of doing it then our targeting approach we even took the customs and border protection after we left the NSA and one of the ways we did that I mean this is the only unclassified version I can take a big data okay it's the only thing I have so we went down there and we had a Bureau of Industrial Security up there of the Commerce Department published this alert because some military in Iraq overran a bomb-making factory and they found some some parts in there and it looked at parts they saw the part numbers and I think they traced the part numbers back to companies in the US selling them to Iranian companies in Dubai now the reason they located in Dubai because it's outside of Iran it's outside of the exclusion for a trade and so the the operating out of Dubai they could order these parts you know so the Bureau of Industrial Security had to alert everybody in the world that this was going on so we took that and used Google and went on the web this was some more of the data they had so but but we used it and went on to the web and googled all the things and started looking at at the data this was also given continued now oops where where did that go wait did I do another one here I lost a slide in the middle perhaps that's what the screws were why the screws were removed okay but this was on our Arian's computer today rate we found I can't see it here so it's missing yeah it's missing okay that's what they were doing okay we know what they were doing any rate what we did was we went out we added all kinds of information to that looking at that we added fax numbers phone numbers addresses more data on people involved and more company names involved and then at the end of it just before after the BIS report came out they once that was out they took all their names of the companies they had off the web and and then put put other put I kept that data out of the way because then they thought that this the BIS and customer border protection were still we're still looking for the old data they didn't didn't have to confirm so they removed it and they changed the names but in the process of changing it they they used one of the new numbers phone numbers with some of the old data so that gave us the end and we then traced all to the new data they went and as they went we followed them and we didn't lose the thing of course the customer border protection and the Pentagon and various other people in intelligence they did lose it but we use Google and follow them so we provided all that data to them and since we didn't trust the US government to do the right thing we also gave it to our counterparts in Canada because they were using losing people from IED attacks too so we didn't trust our government to do the right thing so we passed it up there too they of course did the right thing we didn't of course but the whole idea was you we compiled all this list of information that we got from them and from those approaches and gave it to gave it to Colonel Woody the Pentagon his he was the group that was looking at the IED you know prevention of IED attacks and so on so we passed all this data down to try to cut the supply of the parts going into them the reason they used different multiple company names to to do the construction of the IEDs is because each company would order a different part and the idea was that if the customs of border protection looked at a given company which is the way they do it they would only see one part of an IED and never deduce that they were putting together an IED so unless you collapse them down by a common attribute like they're all sharing the same phone number they're all sharing the in the same address or something like that to put these multiple companies into one place where you see the whole activity then you sum it all together by their names and you see the IEDs so you can see what they're doing when you do that and so we proposed the custom of the border protection that we do this for them they had a small data set of about a half a billion records over ten years of imports and and exports that was like one import could be a thousand cars on a ship you know so it was like half a billion records that and they said it was a real mess because the data was dirty and all that we looked at that was a gold mine there's all kinds of information here phone numbers on addresses so we could lay out the entire all the entire world's phone numbering schemes and how they change as they change since they put these things out there so we proposed them that we scraped the entire world's websites and pulled together a consolidated list of however many million companies there were in the world one of 200 million something like that and be able to do a collapse on this and study all those and find those who were doing or showing attributes of doing something illegal which is what this multi addressing scheme implies so that would define a set of suspicion zones of suspicion for companies and involved in the world trade and we estimated that from our study of that we scraped the entire website the PARS guide was the website in Iran in Dubai yet listing all the Iranian companies in Dubai there were 5032 of them and when we did that we found 222 different company names that subgrouped into 55 different groups that were doing different nefarious things for the Iranian government like smuggling dope weapons that kind of thing like getting buying equipment for IEDs and looking around for things like that would help them with triggers and nuclear stuff and so we needed we passed all that along too and of course our government is too dense to to really do anything so once we did that we said we'd estimated that the entire world would produce perhaps 40,000 targets for you to do targeted selection of searching of incoming crates and imports and and don't do exports of these companies so we thought we could do that in the first run of our data and it would take us six months to correct all the data and make that happen with Kirk Webe and myself and two programmers but that was too cheap you see that was they wanted to let a $1.2 billion contract to IBM to do it so they fired us and brought in IBM so and they still haven't done this by the way and so anyhow oh here is that this is the old the ultimately thing thing that came out was they they indicted everybody was involved in all this they arrested a few of them in Florida but some of them were back in Iran so they couldn't get to them but they left the indictment out there but it took them two years to do the indictment from the fact from the time that we found all the data that's a really fast judicial process right so but this was something they could do worldwide on everything every possible criminal activity in the world by looking at that social networks looking at targeting approach which would give everybody privacy views that as a filter right up front nobody's data gets taken in unless they are a part of a criminal activity or falling into a zone of suspicion around that activity so it would give everybody in the world privacy and but that's not what they wanted they didn't want privacy they first removed our filter up front so they could take in everything and they took away all the encryption we used to give privacy to people once we took the data in until we had a warrant and they removed that and then they removed the auditing routine in the back but looked at everybody that came in and what they did when they came there where they went what data they looked at what they did with the data and they removed that because they didn't want anybody to know what they're going to do they didn't even want internally anybody to know so it's not just that they're keeping secrets from us they're keeping secrets from Congress and everybody else even people inside their agency because the vast majority don't know I think there's only about 3,000 people now inside NSA that really are involved in one way or another or no direct evidence about this this program so that's the that's the sick part of it you know this is like a secret democracy that's not not a real democracy I mean the Gerta said it pretty well you know he said no one is more hopelessly enslaved than those who falsely believe they're free and that's us so I'm ready with this little thing here I try to get out of the way hope you can see it I can't see it what's this thing doing here well we have more details about a startup soon we Kirk and I here in in in Europe because we can't get anything done in the US so we're gonna get done we're gonna advise anybody any organization or government on ways you can do privacy and security by design and we're going to help get one of those capabilities up and running here in the in the Europe somewhere because obviously the US and the UK are too dense to realize it can be done actually it's their their agenda is the one that's driving them that's one that means money power and control and the way you get that is to take in data on everybody in the planet and that gives you that power then you can swindle money because you can let things happen because of the way you're doing business things happen and that's more justification to get more money to it's like a swindle I called the terrorism thing of trading privacy for security a lie from the beginning and that's just the way they swindled everybody because when the way they took in all the data that made they couldn't stop anything I mean more people get killed they say they need more money more people maybe bureaucracy to stop it they get that and more people get killed by another attack because they get too much data and they keep dumping more and more on people just to they're perpetuating the same problem they're not facing the issues they don't realize what the problem really is and and people are dying as a result so we're over here to try to do something about that and hopefully we will get there see I have another slide here right no thank you yeah thanks okay I guess now we could take some questions anybody have any questions you want to ask yes if you have questions please line up at the two microphones at the front and at the center there and I'll gladly yes please just go ahead hey thank you so much one question comes to mind being the technical director that you were how did you end up noticing this rather than approving that or knowing of all that from the very beginning well see as the technical director I was looking at the what is the main what is the biggest problem that the analysts in the in the NSA had it to solving problems and predicting the intentions and capabilities of people are going to hurt people or criminal activity and it turned out to be the digital explosion of communications cell phones the internet and so on and so I had to design a way of getting into it but but I it was parrot it was pretty clear that in order to do that we we would be violating everybody's privacy unless we did something to eliminate that so that's why I built in a social targeting and pulling out only that information letting everything else go by and that design was one of the things they didn't want they wanted to take in everything so they wanted to get rid of that filter but you see in order for NSA to put that into place and get it running they had to use the same contractors that I did to have my program built because they're the only ones who knew how to put it together and get it up and running no one else in NSA did and they had no other programs that could handle the massive amounts of data so they had to use my programs when they did that some of them came to me and said you know what they're doing and he said they're taking in all this data on us citizens down the hall from us and and building these graphs and everything and just doing analyzing all and violating the privacy of everybody in the United States then of course after that spread to everybody in the world but but that that's how I found out about it and once I did that that was first time to me I had to get out of here I knew no one would do that in NSA without approval from above and that came directly out of Darth Cheney's office yeah question the filtering and targeting of social networks needs a lot of data and then you can extract patterns and then you can throw away the data because you don't need it anymore is that right well you can you see if you there's a couple ways to do it you know one if you have a seed that is you know a bad guy you could look at his social network and build from that and then you could say one degree beyond that is as far as I'll go to pull data in it really ends up two degrees from the bad guy but you only pull data in from one degree from him and so that means that you're focused all the rest of the world's data goes right by and that's what you pull and the metadata is the way you pull it out because that gives you the ability to I mean you're looking at the data that's required for the network to route data and if you do that then it's easy to pull all that data out and that's all you really get and it gives people privacy and you get a rich environment for your analysts to succeed that's what they don't understand I'm still curious how can you get patterns from things you have never seen before because we expect the unexpected yeah we used actually two approaches out of three but it was deductive inductive an ad abductive approach the deductive approach simply said it's good dealing with the graph if you're in the graph and you're close to within proximity of two hops of a known terrace then you're going to be in a zone of suspicion you'll be looked at it doesn't mean you're guilty it just means you're going to be looked at and then a decision will be made yes or no if yes then what's the reason you know and if you didn't include it then the entire graph will shift if you become a target at that point you see so it's and that was done by software the other was the inductive approach so that was the main one that is if you are looking at sites advocating pedophilia or sites advocating jihad or terrorist activities or violence against the West and you keep repeatedly looking at them or look at multiple sites advocating that then that gives you the idea that you are a potential zone of sin the fall into zone of suspicion and that means you get looked at so at so at that point you get the data coming in but you can do it all having all their attributes encrypted until you can prove that they are in fact a part of the illegal activity last question is isn't it handy that they do have a lot of data about the White House the people who are now in the White House yeah they do yeah they have everything they do including including the codes to decrypt their communications thanks a lot for these questions please next question hello you mentioned the the immense capacity to store all this data from everyone and I was wondering what companies and did they cooperate willingly to create such a capacity to store all the data and in particular IBM and so can we still trust our servers and no every one of them and no because in the United States if you're a company United States they can force you by law to give them their data it's only now coming out I mean the the business they call it the business records requisition the first first thing from Edward Stoden was the general warrant issued by the FISA court to the Verizon company to turn over all the information about their customers over 110 million US citizens you know and that was a violation of the Constitution a direct violation that's why the judge Reggie Walton came out and tried to defend the court because of that but they had the power to do that with all of the companies and I would point out that that was BR 13-80 which meant it's the 80th order of 2013 to companies to give business records which is the second quarter and it's issued every 90 days so every quarter the order comes out to each individual company so and the way I reckoned in the public switch telephone network the first two companies in line in the network providing data where AT&T and Verizon so Verizon would get AT&T would get order one and quarter one Verizon gets order two and quarter one and then it gets order 80 and quarter two that means there's 78 companies participating so that 78 companies participating banks you know telecommies communication companies ISPs on the internet and so on and in exchange they received more funding to continue their efforts could you repeat that please so did they get anything in exchange for all the information they passed on to the NSA yeah money they get paid for this they get paid for it yeah there's a whole schedule on a whole schedule on the rate of how much they get paid thanks a lot next question please hello thank you for being here and everything you've done for basically all of us and my question is when you see these testimonies from for example James Clapper Keith Alexander when they're being asked directly are you monitoring you can kind of see in their eyes and when you read other press that monitoring means a completely different thing for people within the NSA so my question is how do we make questions more relevant to level the playing fields to make sure that we're all talking about the same thing well it's hard especially when they lie to you I mean you know yes okay not winning Lee but you know how do we how how do we make the questions sharper when we say okay we know we say monitoring them yeah here's here's so senator Wyden phrased the question properly I think is what you're getting he asked General Alexander how many how many US citizens does he have in his databases that's the right question it's not you know if you talk about collection well to Alexander you know he uses a word game collection means somebody looking at it at NSA so it's not collected till somebody looks at it well that's a that's horseshit you know if I collect all your data I've got it in my database so he asked the right question how many do you have in your databases well it came back he said he couldn't answer him so he came back in writing this is on the web if you want to go look at it's really a joke he says we eat we cannot tell you that because it would be a violation of the privacy rights of US citizens this is it's on the web if you Google LA NSA answer to Wyden's question you know you should get it you could probably get multiple ones but it should be in there okay hi as an American I'd like to say thank you for your service and I also wanted to ask as a citizen if there's anything we can do to make it easier for agents to blow the whistle or to encourage them to become whistleblowers well I always advocate the squeaky wheel gets the oil so complain bitch moan bright grown if you're if you're congressman or senator comes out for a town meeting confront them with it why are you backing this is obviously unconstitutional you're violating your oath of office to protect and defend the Constitution and what are you going to do about it or should I work for somebody else and if you aren't going to stop this I'm going to work against you give my money to somebody else and vote to fire you you know and the otherwise sue the bastard that's what I'm doing so we do have some more time for questions so please go ahead yeah I was wondering in the NSA there have been several leaks to the public which have helped us a great deal know more about the inner workings do you see a cultural change within the NSA that there may be more people who stand up and well choose different paths to choose to reform the NSA from inside so or is that yeah I think I think that's probably happening especially with the younger generation going into NSA the older generation I mean we did a Myers-Briggs study of personal traits of people at working at NSA in 1992 or something like that and it turned out that 85% of them were eight ISTJs so they're all introverts you know it's like these are the people who like to work in their desks you know I mean mathematicians are that way they're very quiet people look give me a pencil I'll figure it out you know going to court here's the answer you know that's all they do but they're very easy to threaten those are the kind of people you can easily threaten and so that's what really what's been going on inside NSA I mean they have a program now called see something say something about your fellow workers well I mean that's what the Stasi did you know that's why I call them the Stasi new Stasi you know they're they're picking up all the techniques from the Stasi and the KGB and the Gestapo and the SS they just aren't getting violent yet that we know of okay internally in the US outside is another story yeah now we know something about the US programs but do we know something about the other nation like Russia we know that China has some internal spying program but do they have capabilities of like external spying yes I had a slide there I think they deleted that I couldn't it wasn't there and listing all of the countries cooperating with NSA let's see if I can get back to it there they are yeah these are the countries participating with NSA of course the the rest of the the five eyes up there and then everybody else classified as third parties except for fourth parties which we don't talk about because we don't want anybody know we have relations with them so you know they're off the board but these are countries and each country has a different relationship with NSA so I mean I think eight or nine of these countries in the third-party category are cooperating in the bulk acquisition of data on the internet with NSA and GCHQ and the rest of the five eyes so is that the answer your question yes but we a big one missing there is Russia so we should suppose that Russia has some similar secret programs or we don't know about which one are you talking about Russia Russia yes well Russia does the same thing in reverse you know they're looking at us the same way yeah everybody's doing this it to the to the ability and the capabilities that they have it's a standard spying I mean that's why diplomacy was created so we could spy on people you know thanks yeah so it looks like no more question oh yes there is one more question great please go ahead would you say that the way that they are doing the wrong thing is in capability or not willing to do the right you mean the other countries no the NSA the US the US organizations are they not capable of doing the right thing or are they purposefully not doing the right yeah it's they are capable I mean you could see some of these whistleblowers still coming out that so they they are there are people who understand they're doing the wrong thing and they could create a way to do it like I did internally the trouble is you we have people managing these agencies who are fundamentally corrupt because there's so much money involved in this you know money corrupts and it's just I mean the budget for NSA is like 16 billion a year and if you for the entire intelligence community it's been close to a trillion dollars since 9-11 so that's a lot of money and and there's a whole empire intelligence empire that's built up over the over the years in the United States and also in the UK and it's spreading I mean some of the testimony from BND and what they're doing with NSA the Bundestag has found out recently about many of the things they're doing so they're all doing the wrong thing in terms of looking to stop things really they're not taking a targeted approach that's a professional disciplined look at your at your job and the target you're supposed to be looking at and watching instead of looking at everybody spreading your effort across the entire planet you know so they have to they have to learn how to do the right thing too so there we have time left for about two short questions or one long question about question I don't know if that's what's long you just said that they are able to look at the right target but like they collect information on everything everywhere anytime it's like little kids they were distracted I'm a little curious all that information that is not related to the correct target is related to a lot of other targets and power is to control what is outside of your personal space so the question is very big I'll try to ask about a specific point of view and maybe you can elaborate on that how is it possible that we still have organized crime on a global scale some of this outside of the power of the United States of the direct influence at least I would imagine organized crime from foreign countries should be the subject of this kind of information is it used and we don't know or is it not used and why thank you I would say the attempt to use it but if you look at if you Google X key score which is the query routine going into the daily basis for most of the people or I see reach I don't know that most of that's out there yet but if you looked at that and you could see the way they asked the queries it's about putting in words and phrases and just like you do on a Google search so in a Google search you get tons of material back so that approach gives you tons of material which means you've got to go through all the items try to find it and where is it in this list of say you get 100,000 items back where is it is it 90,000 80 can you get there no answers no that's why they were failing so you're saying they're failing because they're not able to interpret the data that's exactly right they can't figure out what they've got because they're taking the wrong approach I'm so I was wondering someone like you or for example Mike please can you someone like you or for example Thomas Drake who was a previous version of this event like came from the inside of the NSA and now standing here you told about the NSA having a lot of data to use as leverage against people so how come you are able to be here yeah yeah why aren't you dead or at least in jail for something wrong you said or if they've got so much power over it well as I said in the movie about me a good American I said you know if they ever do it if they ever do anything like that everyone will know who did it and why so they don't want to expose themselves to that kind of political and you know reaction by the public in the United States because that and now I'm I'm basically well known around the world so they I don't think they I want to get them in court anyway I can if they want to do that that's a that's one of the ways at least if they don't terminate me I'll be able to do that basically by making it obvious dare your enemy yeah public exposure to a degree is security you know okay thanks thanks for this last question please give a warm round of applause thank you thank you