From UK-USA alliance and ECHELON to Five Eyes and TICKETWINDOW

Although only a small portion of NSA whistleblower Edward Snowden’s purloined National Security Agency data files have seen the light of day, thanks mostly to the redaction deal journalist/lawyer Glenn Greenwald worked out with high-tech billionaire Pierre Omidyar, the recent trickle of documents has yielded some important information about the NSA’s pre-9/11 surveillance operations.

After the media disclosures of ECHELON in the late 1990s, NSA’s initial intercept-sharing operation with its UK-USA signals intelligence alliance partners—the United Kingdom, Canada, Australia, and New Zealand—was modernized. What was known as ECHELON was renamed TICKETWINDOW. According to an article in an NSA internal newsletter called “SID Today,” cumbersome security access restrictions imposed by TICKETWINDOW’s predecessor were eliminated. Instead, NSA permitted the “sharing of sensitive-source collection with partners.” The “partners” were renamed the “Five Eyes,” which included the above-mentioned UK-USA alliance nations plus the United States. TICKETWINDOW also permitted “the exchange of sensitive source data that had not been shared with Partners under normal circumstances.”

The media exposure of ECHELON, including a report by CBS News’s “60 Minutes,” resulted in calls by the European Parliament to curb NSA’s interception of the private communications of European citizens. However, 9/11 brought an end to those calls as NSA’s cooperation with the Five Eyes countries was expanded to include every signals intelligence agency within the EU, including those of Germany, France, Belgium, Turkey, Greece, Sweden, Finland, Italy, Austria, and others.

The November 7, 2003, issue of SID Today describes how TICKETWINDOW changed intelligence sharing operations that had existed under ECHELON: “This project has made excellent SIGINT available to the International Intelligence Community, enabling many product reports to be written that would not have been otherwise available.”

The newsletter reveals that some NSA partners were initially reluctant to share “much” of their intercepts with NSA but that situation apparently changed with the sharing of SIGINT intercepts bilaterally between the other Five Eyes nations, minus the United States. Eventually, intercepts coordinated by the UK and Canada, Australia and New Zealand, and the UK and Australia, made their way into the TICKETWINDOW shared database:

“[NSA] Data Acquisition established TICKETWINDOW in 1999 to enable reciprocal data sharing with our Second Party partners without revealing sensitive collection sources and methods. In August of that year, NSAW [NSA Washington-Fort Meade] began sharing sensitive source voice data with GCHQ [Government Communications Headquarters, Cheltenham, England] and has since expanded the sharing to all Second Party Partners and increased the data types exchanged. NSA also receives TICKETWINDOW collection from Second Parties that are able to participate at this time. (Each partner has indicated a willingness to participate once capabilities are developed.) All Second Party Partners are not sharing as much with NSA, but the exchanges continue to expand. Many Partners also have bi-lateral agreements with other Partners for mutual exchanges, making TICKETWINDOW truly an international effort!”

An example of one such non-NSA bi-lateral Second Party intelligence arrangement in 2002 was the sharing of intercepts between Australia and New Zealand on Bangladesh and Burma, both charged with “harboring terrorists,” and the encrypted Very Small Aperature Terminal (VSAT) network used by the Papua New Guinea Defense Force.

“TICKETWINDOW is a data sharing success story. Each Second Party Partner has been able to increase the number of intelligence products written each month because of TICKETWINDOW traffic. New sources from our Partners have helped NSA be more productive, while DSD [Australian Defense Signals Directorate in Canberra] reports that more than 40% of their product reporting is now from TICKETWINDOW collection, particularly from NSA collection. Both GCHQ and CSE [Communications Security Establishment of Canada in Ottawa] have doubled their output of TICKETWINDOW-based reports in the last year. This increased production is the result of improved tasking awareness made possible through the TICKETWINDOW[formerly ECHELON] partnerships. Continued sharing will yield even greater rewards.”

“New sources” from partners included the expansion of Five Eyes surveillance to the Internet and cellular communications.

A December 1, 2003, SID Today article describes the expansion of NSA’s intelligence sharing activities to include Third Party Partners. The Partnership Dissemination Cell (PDC) was created to share specific SIGINT intercepts with Third Party SIGINT agencies. The newsletter item states that the PDC “processes information-sharing requests generated by NSA representatives such as Senior Liaison Officers (SLOs), Country Desk Officers (CDOs), and National Cryptologic Representatives (NCRs). Most requests are for permission to share information from E-GRAM end-product reports—up to the TOP SECRET COMINT 5-EYES classification level—with specific Third Party Partners. Current requests pertain to the global war on terrorism, Iraq, and proliferation/arms control. The bulk of the sharing is done with our European partners, along with Turkey (terrorism), Japan (terrorism), South Korea (Iraq), and Jordan (Iraq).

In 2003, sensitive SIGINT on “terrorism” shared with Turkey under then-Prime Minister Recep Tayyip Erdogan was problematic, considering that the Justice and Development Party (AKP) in Ankara then maintained and continues to maintain close links with the Muslim Brotherhood, which supported Salafist Sunni terrorist groups in post-Saddam Hussein Iraq, Chechnya in Russia, and elsewhere. By providing Ankara with sensitive NSA intercepts, the Bush administration and NSA director General Michael Hayden were compromising sensitive sources and methods to the Turks, who were providing covert support to Sunni jihadists in Iraq targeting U.S. and allied troops.

Although NSA prided itself on its Third Party Partnership links, an SID Today news item on October 30, 2003, states that thanks to the efforts of NSA’s France and Germany SIGINT “shops,” French and German opposition in the UN Security Council to Security Council Resolution 1511 was “isolated.” That, and the “peeling off” of other Security Council opposition to the U.S.-backed resolution, “provided a UN mandate for Iraq reconstruction and peacekeeping and opened the way for UN member countries to contribute troops and money to the effort.” France and Germany were also Third Party Partners of NSA, as was Security Council member Mexico. They were subjected to surge surveillance operations by NSA’s “France shop,” “Germany shop,” and “Mexico shop.”

Previously published in the Wayne Madsen Report.

Copyright © 2016

Wayne Madsen is a Washington, DC-based investigative journalist and nationally-distributed columnist. He is the editor and publisher of the Wayne Madsen Report (subscription required).

Comments are closed.