Operation Eikonal is a collaboration between the National Security Agency (NSA) and Bundesnachrichtendienst (BND) for the sharing of telephony and Internet data captured in Germany.[3] It is based on an agreement that dates to 2002,[4] and is part of the NSA operation "RAMPART-A".[5] Surveillance started in 2003, telephony data was collected from 2004 onwards, and all Internet traffic from the Deutsche Telekom (DT) switching center in Frankfurt was captured starting in 2005.[6]
To obtain the data, the BND and DT worked together. The agents rented two rooms in the DT data center in Frankfurt where the fiber optic data cable owned by DT was spliced into, and a copy of the data was captured.[7] DT received 6000 euros monthly for its role in giving access to data.[8]
A filtering program named Dafis was used to prevent the sharing of data from German citizens; however, that filter was estimated to be only 95% effective, meaning that 5% of data was obtained in breach of Germany's constitution (Grundgesetz).[8] Later, during parliamentary hearings conducted on November 6, 2014, one witness claimed that the 95% figure was only correct for the initial testing and that during operation, 99% of data from German citizens was filtered out.[9]
In January 2006, the Bad Aibling branch of the BND reported to its headquarters in Pullach that the "selectors" (search terms) used by the NSA under the programme included some terms targeting the European Aeronautic Defence and Space Company (EADS) and the Eurocopter project[10] as well as French administration.[11] These selectors were first noticed by BND employees in 2005.[10] Other selectors were found to target the administration of Austria.[12] After the revelations made by whistleblower Edward Snowden the BND decided to investigate the issue; their October 2013 conclusion was that at least 2,000 of these selectors were aimed at Western European or even German interests which has been a violation of the Memorandum of Agreement that the US and Germany signed in 2002 in the wake of the 9/11 terror attacks.[13] After reports emerged in 2014 that EADS and Eurocopter had been surveillance targets the Left Party and the Greens filed an official request to obtain evidence of the violations.[13][14]
The BND's project group charged with supporting the NSA investigative committee in German parliament set up in spring 2014, reviewed the selectors and discovered 40,000 suspicious search parameters, including espionage targets in Western European governments and numerous companies. The group also confirmed suspicions that the NSA had systematically violated German interests and concluded that the Americans could have perpetrated economic espionage directly under the Germans' noses.[13][15] The investigative parliamentary committee was not granted access to the NSA's selectors list as an appeal led by opposition politicians failed at Germany's top court – instead the ruling coalition appointed an administrative judge, Kurt Graulich, as a "person of trust" who was granted access to the list and briefed the investigative commission on its contents after analyzing the 40,000 parameters.[16][17] In his almost 300-page report[18] Graulich concluded that European government agencies were targeted massively and that Americans hence broke contractual agreements. He also found that German targets which received special protection from surveillance of domestic intelligence agencies by Germany's Basic Law (Grundgesetz) – including numerous enterprises based in Germany − were featured in the NSA's wishlist in a surprising plenitude.[19] While the magnitude differs, there have also been problematic BND-internal selectors which have been used until end of 2013 - around two thirds of 3300 targets were related to EU and NATO states.[20][21][22]Klaus Landefeld, member of the board at the Internet industry association Eco International, has met intelligence officials and legislators to present suggestions for improvement, like streamlining the selector system.[23]
Information on Operation Eikonal was first unveiled by Süddeutsche Zeitung, Norddeutscher Rundfunk and Westdeutscher Rundfunk on October 3, 2014.[24] Although some documents suggested that the operation had been completed in 2008,[25] it was revealed that in December 2012, there were still transfers of 500 million metadata per month being made.[26][27] Of these 500 million datasets, 180 million were captured using XKeyscore.[28]
Austrian member of parliament Peter Pilz described the operation as "the first successful attempt at mass surveillance of European telecommunications".[4]