The growth of technology and Internet-connected devices has made the surveillance of individuals increasingly possible and common. Governments use surveillance to track individuals for a variety of concerns related to national security. Many, such as the United States and Russia have systematized structures for doing so – with PRISM and SORM being the best-known respective examples.
Although relatively well-known, these surveillance systems are not widely understood. It is thus difficult to recognize their symmetry, or what they have in common. How do US capabilities stack up against Russian, and vise-versa? A better understanding of how these systems work can help us understand the symmetry in surveillance between Russia and the US.
Russian Surveillance under SORM
SORM is an acronym for the Russian phrase “Система оперативно-разыскных мероприятий,” which is usually rendered in English as “System for Operative Investigative Activities.” It refers to the legal structures for state-run digital surveillance in Russia. Unlike US surveillance specifications, SORM specifications are not secretive nor have they been heavily scrutinized for illegality within domestic law. The first SORM legislation was implemented in 1995 and required telecommunication operators to install hardware that allowed the FSB, Russia’s agency that is focused on domestic national security, to monitor user data.
In 1998, SORM was expanded to require Russian Internet service providers to install hardware to allow the FSB to monitor and track web usage, including email correspondence and credit card transactions. By the end of 2000, legislative amendments were enacted that removed requirements for the FSB to present warrants before accessing target data. Further, other Russian security agencies such as the Federal Protective Service, Presidential Security service, and Ministry of Internal Affairs were also granted legal access to the data collected by the SORM program. Later in 2014, these specifications were expanded again to include monitoring of social networks, chats, and forums.
The third major SORM legislation was introduced and passed in 2014. It required telecommunication operators install equipment for deep packet inspection, which is notable for its increased scope of data monitoring and filtering.
Most Internet communication happens via packet delivery. Packets have two main components – a header (includes technical information like the internet protocol, size of the data unit, and source and destination IP address) and a payload (includes the actual information being delivered.) When packets pass through a checkpoint, it is typical for the header to be scanned and processed while the payload remains unscanned and, in theory, confidential. Deep packet inspection, however, looks beyond the header, into the payload of the packet. This means the actual information or data being delivered is scanned and processed according to the algorithms used by a checkpoint. In the case at hand, the Russian government designed the algorithm and required telecommunication operators to implement it.
The Yarovaya Law amended SORM in 2016, requiring telecommunication companies to store user data for at least six months and to disclose that data to specified agencies on request, without legal documentation.
American Surveillance under PRISM, etc.
PRISM is the code name for a state-run US surveillance program revealed in 2013 by former NSA contractor Edward Snowden. The program collects Internet communications data from US-based technology companies. It began in 2007 after the passage of the Protect America Act, which also removed the warrant requirement for government surveillance of foreign intelligence targets if those targets were reasonably believed to be located outside the US.
Although it is the best known part, PRISM is only one program within America’s state-run surveillance programs. More broadly, Signals Intelligence Activity Designators (SIGADs) are the primary tool used in these programs. Because of their secretive nature, it is unknown how many currently exist or what data they have access too. However, a screenshot leaked when PRISM was revealed in 2013 showed that there were 504 SIGADs that year.
A SIGAD is an alphanumerical code that identifies a signals-intelligence collection site. PRISM’s SIGAD, for example, is US-984XN. The first two letters of the code indicate the country – the United States, United Kingdom, Canada, Australia, or New Zealand. All these countries use SIGADs and have a well-established alliance for sharing signals-intelligence. The set of numbers in a code is unique to the site where it is in operation. When intelligence personnel want to access the data intercepted by one of these sites, they use the SIGAD to retrieve it.
Sites identified can be physical or virtual and are typically operated by a signals-intelligence specialist. They gather intelligence by intercepting signals from a wide variety of sources and each have their own set of targets and software.
Several other SIGADs were revealed alongside PRISM in 2013. For example, STORMBREW is a SIGAD that uses upstream collection, where massive amounts of data are pulled directly from fiber-optic cables and top-level infrastructure.
These sites have legal authority to collect information on foreigners or those believed to be a threat to national security because of foreign contacts or foreign intelligence.
Comparing US and Russian Surveillance States
Critics and whistleblowers of US surveillance have claimed that this foreign connection stipulation is obsolete because the interconnectedness of the Internet allows any US citizen to be targeted for even the weakest connection to a foreign threat. SORM, on the other hand, has the legal authority to collect information on Russian citizens without the existence of a foreign threat.
The surveillance states in the US and Russia are at least somewhat constrained by public consent. Domestic backlash against data collection and monitoring in the wake of Snowden’s claims in 2013 demonstrate this in the US. Likewise, the Russian government’s failed attempt to ban the popular messaging app Telegram because it refused to comply with SORM specifications led to demonstrations and backlash in Russia.
Both surveillance states have proven themselves to be susceptible to the use of Internet data by non-state actors. Russian state secrets such as the presence of Russian troops in Crimea were exposed by non-state actors using open-source analytics software with publicly available data. Similarly, in 2018 secret US military and intelligence bases around the world were at risk of being discovered through public user data on a popular mobile app.
Outside of the SORM and PRISM programs, Russia and the US also force technology companies to build backdoors in their products. These backdoors allow intelligence personnel to bypass encryption and user passwords to access certain information at will. This is important because it adds to scope of state surveillance in each country.
As technology continues to evolve, so will surveillance states around the world and the conversations concerning them. Western media and attitudes often portray the state-run surveillance in the US and Russia as not capable of comparison. A more nuanced look at each country’s surveillance shows that symmetry does, in fact, exist.
Because the US and Russia are both leaders in digital surveillance, it is important to understand their similarities. This will be especially true in future dialogue on concerns like global Internet governance and human rights on the Internet.
You Might Also Like
Technology is constantly evolving, utilizing ever more bandwidth and making ever more connections between people and devices. Because of this, new cellular networks are needed…
Artificial intelligence has been rising in practical uses for the past several decades. From smart devices to automated weapons, it has changed the way humans…
The growth of technology and Internet-connected devices has made the surveillance of individuals increasingly possible and common. Governments use surveillance to track individuals for a…
The rapid development of Internet technology has and will continue to generate unforeseen threats and opportunities. From unprecedented interconnectedness on social media to attacks on…
The Azov movement has gained in reputation and power, not only in their home country of Ukraine, but across the world. The group, which began…