Sophos Cloud Optix
According to a new report, referencing leaks from Edward Snowden, the National Security Agency (NSA) has been widely monitoring international banking and credit card transactions. The agency allegedly targeted customers of Visa Inc. as well as the Society for Worldwide Interbank Financial Telecommunication (SWIFT).
According to Germany’s Der Spiegel newspaper, information leaked by former NSA contractor Snowden shows that surveillance of financial transactions was carried out by a branch of the security agency known as “Follow The Money” (FTM).
The details of all the monitored transactions were then transferred to an NSA database called “Tracfin.” Snowden claims that in 2011 that database held 180 million records of which 84% were related to credit card transactions.
Der Spiegel alleges that the NSA targeted transactions in Europe, the Middle East and Africa to:
collect, parse and ingest transactional data for priority credit card associations, focusing on priority geographic regions.
In response to that allegation the newspaper quotes a Visa spokesperson who, “ruled out the possibility that data could be taken from company-run networks,” whilst Mashable has a quote from Visa security and privacy representative Rosetta Jones:
With respect to the claims in the Der Spiegel article, we are not aware of any unauthorized access into our network. Visa takes data security seriously and, in response to any attempted intrusion, we would pursue all available remedies to the fullest extent of the law. Further, it’s Visa’s policy to only provide transaction information in response to a subpoena or other valid legal process.
The NSA also spied on SWIFT, a network used by more than 10,000 banking institutions in over 200 countries. The system, used by the banks for sending transaction data in a secure manner, was spied upon on many levels according to the Der Spiegel report. One such way in which the NSA was accessing the information was described as reading “SWIFT printer traffic from numerous banks.”
“A deep invasion of privacy”
According to the documents there seemed to be at least some concern over the collection of such financial data.
The UK’s intelligence agency, GCHQ, queried the legal issues surrounding “financial data” and its own involvement in the program saying that, “The collection, storage and sharing of politically sensitive data is a deep invasion of privacy”, and involved “bulk data” full of “rich personal information,” much of which “is not about our targets.”
Whilst this news may be further confirmation that the NSA is involved in widespread spying, it is probably not a huge revelation to many.
In fact the real surprise may be that the Tracfin database ‘only’ stored 180 million records, considering that SWIFT itself processes over 15 million transactions every day.
The whole point of having an intelligence agency is to monitor the actions of potential enemies and the money trail is often a very good starting point for any investigation. It appears that this financial monitoring was almost exclusively targeting non-US citizens anyway so few, if any, domestic laws would have been broken.
Furthermore, the US Treasury already has an agreement with SWIFT which affords it consensual access to international transaction records, as confirmed by former Homeland Security chief Juan Zarate and SWIFT’s own CEO Leornard Schrank just a couple of months ago. This agreement is further backed up by a European treaty which came into effect on August 1, 2010.
The only question that’ important here is whether this further revelation of spying on US citizens on US soil is yet another treasonous violation of the 4th Amendment to the US Constitution. If it is, it is required to come to a dead stop and the violators are required to be brought to justice in court. It really is that simple. There is no excuse for giving up our rights as US citizens, including our privacy. I’ve got a great Benjamin Franklin quote to hand people who believe otherwise, IOW shame on them.
Are marketing/advertising purposes included as part of “spying?”
I don’t have a marketing personality and don’t know what you’re talking about. Sorry.
WELL SAID Derek Currie.
collecting peoples financial data is so wrong of you NSA . It seems to me you are more of a terrorist group than the terrorists you are trying to capture.
I find it stunning to note that the author obviously only looks at the entire NSA-issue from an American perspective (It appears that this financial monitoring was almost exclusively targeting non-US citizens anyway so few, if any, domestic laws would have been broken). In Europe we worry a lot about losing our freedom as a result of NSA (and GCHQ) activity.
"In fact the real surprise may be that the Tracfin database 'only' stored 180 million records, considering that SWIFT itself processes over 15 million transactions every day."
But the 180 million refers to "records", not "transactions". If Mr. Snowden defined what he meant by "records", the article doesn't provide that information. A "record" could cover a single transaction, or it could cover a date range that contains millions of transactions. Until "records" is defined, we have no way to know how extensive this particular aspect of NSA's surveillance actually is.
So, are you telling us that the bank records of transactions is ok? I guess so, at least for American citizens. I can understand them tracking money as it's probably a good indicator of where we may have problems from a foreign influence.
However I don't quite understand how we can substantiate spying on our political friends citizens. Such as the British, who have been with us for a long time.
I think Snowden was a bit deluded about what he could accomplish and how much effect he could have on the system compared to his personal freedoms.
As far as the US is concerned, I still believe that the phone records are a violation, if they will be prosecuted, I doubt it.
Most of the misinformation that our government feeds us makes that next to impossible. When we look back at the flat lies that they have feed us and the iron hand they have with drug use and it's abuse is rather astounding. They are also targeting pain doctors as a probable are of drug abuse (prescription drugs, that is). It's becoming a real problem to just get the drugs I need and when they consider the abused drugs, they are eliminating them from the people that need them. I doubt they are making any real dent in the abuse angle. Just like the phone records…
Jack
How do Visa scratch their heads going, umm I’m not aware of any security breaches, we take data protection seriously when we all know Visa has had data breaches. one perfect example among other articles.
http://nakedsecurity.sophos.com/2011/12/17/visa-looks-into-eastern-european-security-breach/
If someone has gotten into Visa and other records, playstation network, target etc for example then who’s to say the NSA can’t get into that information too.