This weblog first reported about the joint NSA-BND operation Eikonal on October 15, 2014, but meanwhile interesting new details became available from the hearings of the German parliamentary inquiry, and from recent disclosures by a politician from Austria.
Here follows an overview of what is known about Eikonal so far. New information may be added as it comes available.
Operation Eikonal was revealed by the regional German paper Süddeutsche Zeitung and the regional broadcasters NDR and WDR on October 4, 2014. They reported that between 2004 and 2008, the German foreign intelligence service BND had tapped into the Frankfurt internet exchange DE-CIX and shared the intercepted data with the NSA.
For this operation, NSA provided sophisticated interception equipment, which the Germans didn't had but were eager to use. Interception of telephone traffic started in 2004, internet data were captured since 2005. Reportedly, NSA was especially interested in communications from Russia.
To prevent communications of German citizens being passed on to NSA, BND installed a special program (codenamed DAFIS) to filter these out. But according to the reporting, this filter didn't work properly from the beginning. An initial test in 2003 showed the BND that 5% of the data of German citizens could not be filtered out, which was considered a violation of the constitution..
Süddeutsche Zeitung reported that it was Deutsche Telekom that provided BND the access to the Frankfurt internet exchange, and in return was paid 6000,- euro a month. But as some people noticed, Deutsche Telekom was not connected to DE-CIX when operation Eikonal took place, so something didn't add up.
As we will see, this was right, and the actual cable tap was not at DE-CIX, but took place at Deutsche Telekom. Nonetheless, many press reports still link Eikonal to the DE-CIX internet exchange.