In February 2006, Mark Klein, a recently retired AT&T technician, provided the Electronic Frontier Foundation with technical documents describing a secret room at the company's San Francisco facility. Room 641A contained equipment that physically split fiber optic cables carrying internet traffic, duplicating data flows and routing copies to equipment installed by the National Security Agency. Klein's disclosure, corroborated by network diagrams and equipment specifications, revealed the physical infrastructure of warrantless mass surveillance that had operated since at least 2003.
On a day in late 2002, Mark Klein arrived for his shift as a network technician at AT&T's facility at 611 Folsom Street in San Francisco and noticed construction activity he had not been briefed about. Workers were building a room within the secure area of the building where AT&T's internet backbone equipment operated. Klein, who had worked for AT&T for over two decades, knew the facility's layout intimately. This new construction was unusual.
Klein asked his supervisor about the project. He was told that the room, designated 641A, was being built for "a special purpose" and that only certain employees with security clearances could access it. Klein would not be one of them. Over the following weeks, Klein observed specialized equipment being installed. He noticed that fiber optic cables carrying internet traffic were being redirected through what appeared to be a splitter device before the duplicate signal was routed into Room 641A. The original traffic continued on its normal path.
Klein grew increasingly concerned about what he was observing. His technical knowledge told him that the splitter configuration would duplicate 100% of traffic on the circuits it monitored—not just metadata like source and destination addresses, but the actual content of communications. Every email, web session, file transfer, and voice call passing through those circuits would be copied in its entirety. The split traffic was going into a room he could not access, controlled by people who did not work for AT&T.
In 2004, Klein retired from AT&T after 22 years of service. He took with him memories of Room 641A and a growing sense that what he had witnessed might be constitutionally problematic. For more than a year, he kept his knowledge to himself. Then, in December 2005, the New York Times published a story revealing that the National Security Agency had been conducting warrantless surveillance of Americans' phone calls and emails since shortly after September 11, 2001.
Klein immediately recognized the connection between the Times story and what he had observed at Folsom Street. In January 2006, the Electronic Frontier Foundation filed a lawsuit against AT&T, alleging that the company had violated federal wiretapping laws by providing customer communications to the NSA without warrants. Klein contacted EFF's legal team.
What Klein provided to EFF was remarkable in its technical specificity. He had retained copies of internal AT&T documents including network diagrams showing the physical layout of equipment at Folsom Street, cable routing schedules identifying which circuits were connected to the splitter, and equipment lists specifying the models and capabilities of devices installed in Room 641A. The documentation showed that Room 641A contained a Narus STA 6400—a semantic traffic analyzer designed to perform deep packet inspection of internet communications at backbone network speeds.
"The physical arrangement, the timing of its construction, the coincidence of it following the aftermath of the attacks, and the equipment used all indicate that the NSA is receiving all traffic through AT&T's Folsom Street facility."
Mark Klein — Declaration in Hepting v. AT&T, April 2006Klein's documents revealed technical details that would have been nearly impossible to fabricate. The network diagrams showed precise cable routing between AT&T's internet backbone equipment and the splitter device, then from the splitter to Room 641A. The equipment specifications matched publicly available technical data about Narus systems, including processing capacity and analytical capabilities. Klein included photographs of the secure room's entrance and descriptions of the security procedures controlling access.
The Narus STA 6400 was significant. According to technical specifications Klein obtained, the device was capable of processing 10 gigabits per second of traffic—sufficient to handle the complete data flow from multiple internet backbone connections. The system performed real-time deep packet inspection, examining not just the addressing information in network packets but the content payload. It could reconstruct emails, web sessions, and file transfers from raw network data. It could search for keywords, filter by communication type, and extract targeted traffic for detailed analysis.
The surveillance system Klein documented was elegant in its simplicity. Fiber optic cables carrying internet traffic from AT&T's backbone network were physically interrupted and routed through a passive optical splitter. This device divided the light signal traveling through the fiber into two identical copies. One copy continued on the original cable path to its intended destination. The other copy was sent on a new cable route directly into Room 641A.
Because the splitter was a passive optical device—it simply divided light without any electronic processing—it could not be detected through normal network monitoring. There was no latency introduced into communications, no packet loss, no anomalous behavior that would alert network administrators or users that their traffic was being duplicated. The splitting occurred at the physical layer of the network, below the level where encryption or other security measures could protect data.
Klein's documentation showed that the splitter was positioned to capture traffic from AT&T's peering connections with other internet service providers. When a user in California sent an email to someone in New York, the traffic might traverse AT&T's network even if neither sender nor recipient was an AT&T customer. When a European user visited a website hosted in Asia, portions of that traffic might transit AT&T's U.S. backbone. The positioning of the splitter meant the NSA was capturing not just AT&T customer communications but a significant fraction of internet traffic flowing through the United States.
In April 2006, EFF filed Klein's documentation under seal with the U.S. District Court in San Francisco as part of the Hepting v. AT&T litigation. The evidence transformed the case from one based on news reports and circumstantial evidence to one supported by detailed technical proof from an insider witness. AT&T and the government moved aggressively to suppress Klein's disclosure.
The government invoked the state secrets privilege, arguing that any litigation about Room 641A would necessarily reveal classified information about intelligence methods and compromise national security. The Department of Justice filed declarations from senior intelligence officials asserting that confirming or denying the existence of surveillance relationships with telecommunications companies would cause "exceptionally grave damage" to national security. The government sought dismissal of the entire case without any judicial review of the underlying surveillance.
Judge Vaughn Walker rejected this argument. In a July 2006 ruling, Walker wrote that the existence of the surveillance program was already public knowledge through government statements and press reports. The question before the court was not whether surveillance existed but whether it was legal—a question that could be answered using publicly available information about statutory requirements and constitutional limits without requiring disclosure of additional classified details.
Walker's ruling was a significant judicial pushback against expansive state secrets claims. The judge acknowledged the government's legitimate need to protect intelligence methods but held that the state secrets privilege could not be used as a blanket shield against accountability when the basic facts were already public. The case could proceed to discovery and potentially trial.
The government appealed to the Ninth Circuit Court of Appeals. While that appeal was pending, AT&T and other telecommunications companies facing similar lawsuits launched an intensive lobbying campaign. The companies argued to Congress that they had cooperated with government surveillance requests in good faith based on representations that the activities were legal and authorized. They faced potential liability for billions of dollars in statutory damages if found to have violated federal wiretapping laws. The solution they sought was retroactive immunity—legislation that would terminate all pending lawsuits and prevent future liability for past surveillance assistance.
The lobbying campaign succeeded. In July 2008, Congress passed the FISA Amendments Act. The legislation accomplished two objectives: it created a new legal framework prospectively authorizing certain types of surveillance that had previously operated without clear statutory authority, and it granted retroactive immunity to telecommunications companies that had participated in warrantless surveillance between September 11, 2001 and January 17, 2007.
The immunity provision required the Attorney General to certify to the district court that a telecommunications company had received written requests from the government stating that the surveillance was authorized and legal. Once that certification was provided, the court was required to dismiss all claims against the company. No judicial determination of whether the surveillance actually was legal would occur. The immunity was absolute and unreviewable.
"Congress has covered the eyes of the courts and eliminated any judicial review of telecommunication companies' involvement in the president's secret wiretapping program."
Cindy Cohn, EFF Legal Director — Statement on FISA Amendments Act, July 2008The Senate voted 69-28 in favor of the legislation. The House approved it 293-129. Senator Barack Obama, then the presumptive Democratic presidential nominee, voted for the bill despite having previously stated his opposition to immunity. President Bush signed the FISA Amendments Act into law on July 10, 2008. Attorney General Michael Mukasey promptly filed the required certifications with the district court. Judge Walker had no discretion; he dismissed Hepting v. AT&T and all related cases on November 17, 2008.
AT&T never admitted that Room 641A existed or that it provided the NSA with access to customer communications. The company paid no penalty. Klein's documentation entered the historical record through court filings and public reporting, but no court ever determined whether the surveillance infrastructure he revealed was legal or constitutional. Congress had effectively overridden the judicial process.
Room 641A was not an isolated facility. Klein's documentation identified at least seven other AT&T locations where similar installations existed. Subsequent reporting and litigation revealed that other major telecommunications carriers including Verizon and Sprint also provided the NSA with access to communications networks. The surveillance infrastructure Klein exposed was part of a broader program, codenamed Stellar Wind, that President Bush had authorized in October 2001.
Stellar Wind included multiple surveillance components. One involved warrantless interception of phone calls and emails where one party was outside the United States. Another involved bulk collection of domestic telephone call records—not the content of calls, but metadata showing who called whom, when, and for how long. A third component involved bulk collection of internet metadata. All of these activities operated without the court orders required by the Foreign Intelligence Surveillance Act.
The program was so sensitive that even within the executive branch, access was severely restricted. Congressional leaders were briefed in limited fashion, but the full intelligence committees were not informed. In 2004, senior Justice Department officials concluded that certain Stellar Wind components could not be legally justified under any statutory or constitutional theory. Deputy Attorney General James Comey, acting as Attorney General while John Ashcroft was hospitalized, refused to reauthorize these components. Comey and FBI Director Robert Mueller prepared resignation letters. President Bush modified the program to address the Justice Department's concerns, but the bulk collection activities continued under revised legal theories.
In 2013, documents disclosed by NSA contractor Edward Snowden revealed that surveillance programs similar to those Room 641A had supported continued operating under authorities created by the FISA Amendments Act. The PRISM program allowed the NSA to collect internet communications from major technology companies including Google, Facebook, Apple, Microsoft, and Yahoo. The upstream collection program intercepted communications directly from internet backbone infrastructure—essentially a continuation of the Room 641A model under new legal authority.
Klein's disclosure revealed a surveillance architecture with profound technical implications. By positioning splitters at backbone network facilities, the NSA could capture traffic that never touched traditional telecommunications infrastructure like telephone switches that were already subject to lawful intercept capabilities required by the Communications Assistance for Law Enforcement Act. Internet communications were supposed to be protected by the Electronic Communications Privacy Act, which required warrants based on probable cause. The Room 641A architecture bypassed these protections through bulk collection at the physical layer.
The system made no distinction between domestic and international communications, between Americans and foreigners, between suspected criminals and ordinary citizens. The splitter duplicated everything. Filtering and selection occurred downstream in the NSA's analytical systems, not at the point of collection. This meant that even if analysts ultimately looked at only a small fraction of collected communications, the NSA possessed complete copies of vast quantities of innocent Americans' private communications and could search them at any time.
The deep packet inspection capabilities of the Narus equipment meant the surveillance was not limited to metadata. The systems could reconstruct email content, web browsing sessions, file downloads, and voice calls. Encryption could protect some of this data, but in 2003 when Room 641A became operational, many internet communications were unencrypted. Even today, various technical vulnerabilities and legal requirements can compromise encryption protections.
Klein's disclosure created a detailed public record of surveillance infrastructure, but it did not produce accountability. No government official was prosecuted for authorizing or operating surveillance that violated FISA. No telecommunications executive faced charges for providing customer communications to the government without legal authority. No court issued a definitive ruling on whether the program violated the Fourth Amendment's prohibition on unreasonable searches.
Instead, Congress retroactively legalized the activities and immunized the participants. The FISA Amendments Act created prospective authority for surveillance that had previously occurred without clear statutory authorization. The legislation's immunity provisions terminated litigation before courts could determine whether past surveillance was legal. This legislative resolution meant the legal questions Klein's disclosure raised remained unresolved as matters of constitutional law.
The political dynamics that produced this outcome reflected the persistent tension between security and liberty in counterterrorism policy. After September 11, 2001, there was broad bipartisan support for aggressive surveillance to prevent future attacks. Telecommunications companies argued they had cooperated with government requests believing they were legally authorized and necessary for national security. Many members of Congress, even those troubled by warrantless surveillance, were reluctant to impose penalties on companies that had acted at the government's request. The immunity legislation passed with support from both political parties.
Klein paid a personal price for his disclosure. AT&T never rehired him. Some former colleagues criticized him for violating company confidentiality. The government considered prosecuting him for unauthorized disclosure of classified information but ultimately declined. Klein maintained that his disclosure was an act of citizenship, that when he saw evidence of what he believed was illegal surveillance, he had an obligation to bring it to light through proper legal channels.
Room 641A remains a landmark in surveillance history because Klein provided detailed technical documentation of the physical infrastructure enabling mass surveillance. Previous disclosures about NSA activities relied on anonymous sources, leaked documents of uncertain provenance, or circumstantial evidence. Klein put his name on a declaration, provided specific equipment models and network diagrams, and testified about what he personally observed during his employment. His evidence was concrete, detailed, and credible.
The disclosure also demonstrated the extent to which surveillance had become embedded in the privatized internet infrastructure. The NSA could not build its own parallel internet to monitor communications. It needed cooperation from the telecommunications companies that owned and operated the physical networks. Room 641A exemplified this public-private surveillance partnership—government equipment installed in corporate facilities, operating on corporate networks, capturing data from corporate customers, with corporate employees prohibited from accessing the surveillance rooms in their own buildings.
Klein's documentation showed that telecommunications companies were not passive recipients of government surveillance demands. AT&T constructed Room 641A, installed the splitters, routed the traffic, and maintained the systems. The company created the infrastructure that made bulk surveillance technically possible. When Klein's disclosure threatened to expose this collaboration, AT&T and other carriers lobbied successfully for legal protection. The immunity legislation ensured they would face no consequences for their participation.
"The evidence from Mr. Klein establishes a credible, coherent, and detailed basis for believing that AT&T is allowing the NSA to conduct surveillance of internet traffic by means of a physical connection to AT&T's facilities in San Francisco."
Expert Declaration of J. Scott Marcus, Former Senior FCC Official — Hepting v. AT&T, April 2006The constitutional questions Room 641A raised about bulk surveillance remain contested. The Fourth Amendment requires that searches be "reasonable" and, in most contexts, supported by warrants based on probable cause. Bulk collection systems like Room 641A capture communications of millions of people not suspected of any wrongdoing. Supporters argue this is constitutional because the initial collection is not a "search" until humans or algorithms examine specific communications, and because foreign intelligence collection has historically received more permissive treatment than criminal investigation. Critics argue that bulk collection itself violates the Fourth Amendment's particularity requirement and that surveillance of Americans' communications requires individualized suspicion regardless of the foreign intelligence purpose.
These arguments have continued through subsequent surveillance controversies. In 2013, the disclosure of NSA bulk telephone metadata collection under Section 215 of the Patriot Act produced renewed litigation. In 2015, the Second Circuit Court of Appeals ruled that Section 215 did not authorize bulk collection, though it did not reach the constitutional question. Congress then passed the USA Freedom Act, ending bulk telephone metadata collection by the NSA but preserving the government's ability to obtain specific records from carriers. The upstream collection program that Room 641A exemplified continues operating under FISA Amendments Act authority.
Twenty years after Room 641A became operational, significant questions remain unanswered. How many communications were collected through the Room 641A infrastructure? How many Americans' private emails, web sessions, and phone calls were captured? What legal standards governed which communications NSA analysts were permitted to search? How were the communications stored, and for how long? What happened to data collected on people never suspected of any wrongdoing?
The government has never provided comprehensive answers to these questions. Some information emerged through subsequent litigation and declassification, but the full scope of the Room 641A program remains classified. The FISA Amendments Act created a framework requiring the government to submit targeting procedures and minimization procedures to the Foreign Intelligence Surveillance Court for approval, but these procedures and the court's evaluation of them remain secret.
Klein's disclosure demonstrated that mass surveillance was not a theoretical possibility but an operational reality implemented through specific technical systems in identifiable locations. The documentation showed exactly how internet traffic was diverted, what equipment processed it, and where that equipment was installed. This specificity made the surveillance program tangible and concrete in a way that abstract policy debates about security and privacy often are not.
The case also illustrated the limits of whistleblowing and investigative disclosure as mechanisms for accountability. Klein provided detailed evidence of surveillance infrastructure to civil liberties lawyers who filed suit in federal court. A federal judge ruled the case could proceed despite government secrecy claims. Yet ultimately, Congress intervened to terminate the litigation and immunize the participants. Legal disclosure through proper channels produced a historical record but not legal accountability or policy change. The surveillance programs Klein revealed continued operating under new statutory authority that Congress created after the disclosure.
For historians and researchers studying surveillance, Room 641A represents a rare case where detailed technical documentation of classified programs entered the public domain through a named source. Klein's willingness to attach his identity to his disclosure, provide sworn testimony, and submit to cross-examination gave his evidence credibility that anonymous leaks typically lack. The network diagrams, equipment specifications, and photographs he provided enable technical analysis of the surveillance architecture in ways that would be impossible with only narrative descriptions. Room 641A is not just a story about surveillance; it is a documented case study with specific technical details preserved in court records and journalistic archives.