Even before the Snowden case broke, Gen. Keith Alexander, 61, had just a few months to go at the helm of the National Security Agency (NSA), which he has been leading since 2005. But the scandal could make it earlier. Last week the general broke an unwritten rule among the world’s secret services: you never reveal relations with your foreign counterparts, much less pass responsibility on to them.
Gen. Alexander said that the millions of “metadata” — records of telephone calls, SMS, emails, WhatsApp messages, internet searches and social networking — that show up in the documents disclosed by Edward Snowden, the whistleblowing former NSA contractor now living in Russia, were not in fact collected by the NSA but by intelligence services in allied countries. That is to say in the case of Spain, that 60.5 million communications were collected by the National Intelligence Center (CNI) and turned over to the NSA.
These communications were allegedly intercepted in conflict areas, meaning that Spanish services did not break the law. Sources familiar with the situation said that General Alexander is telling only part of the truth. “What General Alexander doesn’t say is that besides the information it gets from the CNI, the NSA collects its own information in Spain,” said a former high-ranking CNI official.
The existence of a communications surveillance unit is as old as the Spanish secret services themselves. Former agency director Emilio Alonso Manglano was twice put on trial for following the conversations of many public figures (including King Juan Carlos) between 1983 and 1991. That system, based on “slaves” (employees who were permanently assigned to listening duty) is a museum piece compared with the kind of equipment used by the CNI today, and which allows the agency to keep tabs on millions of communications in an automated manner.
Those charges, which Manglano was eventually acquitted of, and the discovery of microphones at the headquarters of Herri Batasuna, the political wing of Basque terrorist group ETA, led the government to regulate judicial oversight of the secret services in 2002 through a Supreme Court judge who would be dedicated to helping the agency stay within legal bounds.
A former high-ranking espionage official says that, given past experience, no head of the CNI would risk breaking the law. Besides, it is not even necessary. The first person who was appointed to the task of authorizing the agency’s searches and surveillance, Ramón Trillo, had a very close relationship with the CNI, to the extent that his own daughter was hired by the agency he was supposed to monitor. His successor, Pablo Lucas, keeps more of a distance.
But there are still gray areas. “Is it the same to search a hotel room and a home?” one expert muses. “Spies work on the shadowy borderline between what is legal and illegal. You may think that what’s not forbidden is allowed. Or the other way around.”
Spanish legislation is clear about the fact that telephone and internet operators cannot hand over metadata to third parties without court authorization, and that doing so is a crime. That means they cannot turn the information over to the CNI without a judge’s permission.
So how many authorizations does the CNI’s oversight judge grant each year? The agency will not reveal this figure, alleging that it is classified material, but sources in the know said that it could be anywhere between several hundred and one thousand. There are a few “permanent” targets of surveillance, where authorizations are extended every three months — this is the case of some radical Basque separatist leaders, for example. Other targets get extensive but time-limited authorizations, such as the Pakistani community in Barcelona. But it is impossible for a judge to authorize thousands of cases, when this tracing is meant to be specifically motivated and, where possible, individualized.
On Wednesday current CNI chief Félix Sanz Roldán is due to explain the Spanish intelligence agency’s spying activities to members of a congressional committee — behind closed doors.