The Internet is vast in ways no country’s clandestine security apparatuses could have anticipated: there’s simply no way to police it all. But that hasn’t stopped the NSA and CIA from poking around in interactive entertainment back corners and alleyways, trawling games like World of Warcraft and Second Life for cyber-ne’er-do-wells, according to a new report jointly published by the New York Times, the Guardian and ProPublica.
In a report titled “World of Spycraft: NSA and CIA Spied in Online Games,” ProPublica lays out the framework by which the NSA and CIA allegedly worked to snoop in online games, attempting to zero in on terrorists or criminals who might try to use the hypothetically anonymous virtual environments to communicate, move money or plot attacks.
As such, says ProPublica:
The spies have created make-believe characters to snoop and to try to recruit informers, while also collecting data and contents of communications between players, according to the documents, disclosed by the former National Security Agency contractor Edward J. Snowden. Because militants often rely on features common to video games — fake identities, voice and text chats, a way to conduct financial transactions — American and British intelligence agencies worried that they might be operating there, according to the papers.
The findings stem from the trove of classified information released by former NSA contractor Edward Snowden. Information from that stack has been released intermittently since June 2013.
It sounds like the intelligence effort in this instance was a little overzealous, to the point that the CIA, FBI and Pentagon had to create a “deconfliction” group to mitigate unintended agency run-ins. The documents also suggest the program wasn’t terribly successful: ProPublica reports that in interviews with intelligence officials, those in the games industry and “outside experts,” the general sense was that terrorist groups don’t view online games as sanctums for plotting or discussing nefarious activity.
The reason for the latter seems obvious enough: game companies track and log all activity, monitoring it to a significantly higher degree than, say, Microsoft does a service like Skype or Apple FaceTime. Online games require greater surveillance to mitigate player griefing (harassment) and game exploitation. Games by definition invite exploitation, and safeguarding against experience-wrecking exploits, to say nothing of staving off armies of white, gray and black hat hackers looking to access private information, requires meticulous log-keeping and cross-relational activity indexing. You could argue the least innocuous place for terrorists or cyber-criminals — unless they’re of the “hide in plain sight” mentality — is to confab in a virtual environment.
The more salient question is whether these multinational intelligence agencies were (or still are) themselves acting illicitly (or simply flushing tax dollars down the toilet) by “gaming on the clock,” operating without permission and outside the bounds of ethicality. ProPublica reports that at least one of the publishers, Blizzard, whose popular online game World of Warcraft was allegedly infiltrated by the agencies, says it hadn’t given permission to either the NSA or Government Communications Headquarters (the NSA’s British counterpart) to surveil the game: “We are unaware of any surveillance taking place,” a Blizzard spokesperson told ProPublica, adding “If it was, it would have been done without our knowledge or permission.” (By contrast, Microsoft, whose Xbox Live has some 50 million members, and Linden Labs, which publishes Second Life, declined to comment.)