Stay on Top of Enterprise Technology Trends
Get updates impacting your industry from our GigaOm Research Community
It’s been a number of months since there were any new revelations based on the massive trove of top-secret NSA surveillance documents that former security contractor Edward Snowden took with him when he left the service, but the Washington Post came out with a big one on Saturday: according to files that Snowden provided to the newspaper, NSA agents recorded and retained the private information of tens of thousands of ordinary Americans — including online chats and emails — even though they were not the target of an official investigation.
According to the Post‘s story, nine out of 10 account holders who were found in a large cache of intercepted conversations were not the actual surveillance target sought by the NSA, but in effect were electronic bystanders caught in a net that the agency had cast in an attempt to catch someone else. Many were Americans, the newspaper said, and nearly half of the files contained names, email addresses and other details. Although many had been redacted or “minimized,” almost 900 files still contained unmasked email addresses.
“Many other files, described as useless by the analysts but nonetheless retained, have a startlingly intimate, even voyeuristic quality. They tell stories of love and heartbreak, illicit sexual liaisons, mental-health crises, political and religious conversions, financial anxieties and disappointed hopes. The daily lives of more than 10,000 account holders who were not targeted are catalogued and recorded nevertheless.”
As the paper explains, the NSA is only legally allowed to target foreign nationals located overseas unless it obtains a warrant from a special surveillance court — a warrant that must be based on a reasonable belief that the target has information about a foreign government or terrorist operations. The government has admitted that American citizens are often swept up in these dragnets, but the scale with which ordinary people are included was not known until now. The NSA also appears to keep this information even though it has little strategic value and compromises the privacy of the users whose data is kept on file.
The Post story describes how loosely NSA agents seem to treat the theoretical restriction on collecting information about American citizens: participants in email threads and chat conversations are considered foreign if they use a language other than English, or if they appear to be using an IP address that is located outside the U.S. And there is little to no attempt to minimize the number of unrelated individuals who have their information collected:
“If a target entered an online chat room, the NSA collected the words and identities of every person who posted there, regardless of subject, as well as every person who simply ‘lurked,’ reading passively what other people wrote. In other cases, the NSA designated as its target the Internet protocol, or IP, address of a computer server used by hundreds of people. The NSA treats all content intercepted incidentally from third parties as permissible to retain, store, search and distribute to its government customers.”
The Snowden documents come from a cache of retained information that was gathered under the Foreign Intelligence Surveillance Act — despite the fact that for more than a year, government officials have stated that FISA records were beyond the reach of the rogue NSA contractor, according to the Post. The paper said it reviewed about 160,000 intercepted e-mail and instant-message conversations, some of them hundreds of pages long, and 7,900 documents taken from more than 11,000 online accounts.
[tweet 485602315223564289 hide_thread=’true’]
Post and thumbnail images courtesy of Flickr user Thomas Leuthard