Bypassing oversight, NSA collects details on American connections
New York Times reports that NSA has complex maps of social ties based on metadata.
The New York Times reported
on Saturday that the National Security Agency has been collecting
social data pertaining to Americans for the past three years, using 94
different “entity types” of metadata, “including phone numbers, e-mail
addresses, and IP addresses.” With this, the agency has been able to
construct maps of an individual's personal associations “for foreign
intelligence purposes,” even if that person is a US citizen.
This latest news is based on former NSA contractor Edward Snowden's leaked documents, one of which is a January 2011 memorandum from the NSA. That memo addressed a November 2010 policy shift that allowed the agency to conduct “large-scale graph analysis on very large sets of communications metadata without having to check foreignness,” the memo said. Prior to that change in policy, such analysis was permitted only for foreigners.
"[T]he decision to revise the limits concerning Americans was made in secret, without review by the nation’s intelligence court or any public debate,” wrote NYT reporters James Risen and Laura Poitras.
An NSA spokeswoman told the NYT that “all data queries must include a foreign intelligence justification, period,” and that “our activities are centered on counterterrorism, counterproliferation, and cybersecurity.” The spokeswoman went on to cite a 1979 Supreme Court ruling, which stated that Americans could not expect privacy regarding which phone numbers they had dialed, as justification of the policy shift. Because of that ruling, the NSA decided that any vast collection of metadata on an American person was permitted. As long as the content of communications is not included, “the agency is not required to seek warrants for the analyses from the Foreign Intelligence Surveillance Court.”
Documents viewed by the NYT show that the NSA asked for such power as early as 1999, but the request was rejected due to privacy concerns. The agency asked again in 2006, and in 2008 the Bush administration approved the policy shift. The NSA then performed a year-and-a-half long pilot program before making the policy shift official in November 2010 as “Sigint [Signals Intelligence] Management Directive 424.”
The NSA did tell the NYT that its database of domestic phone call records, which was revealed in the first Snowden leak back in June, was not used in mapping social connections. Still, former officials who spoke on anonymity due to the classified nature of the information, told the NYT that the “social networking analyses relied on both domestic and international metadata” from “multiple collection programs and databases.” These databases include a tool called “Mainway” which chains phone numbers and e-mail addresses in a repository populated by “the agency’s fiber-optic cables, corporate partners, and foreign computer networks that have been hacked.”
In August 2011, Mainway was receiving up to 1.8 billion cellphone records daily under “Section 702 of the 2008 FISA Amendments Act, which allows for the collection of the data of Americans if at least one end of the communication is believed to be foreign.”
The social graphs also include a vast amount of publicly available and commercial information, as the NYT describes:
This latest news is based on former NSA contractor Edward Snowden's leaked documents, one of which is a January 2011 memorandum from the NSA. That memo addressed a November 2010 policy shift that allowed the agency to conduct “large-scale graph analysis on very large sets of communications metadata without having to check foreignness,” the memo said. Prior to that change in policy, such analysis was permitted only for foreigners.
"[T]he decision to revise the limits concerning Americans was made in secret, without review by the nation’s intelligence court or any public debate,” wrote NYT reporters James Risen and Laura Poitras.
An NSA spokeswoman told the NYT that “all data queries must include a foreign intelligence justification, period,” and that “our activities are centered on counterterrorism, counterproliferation, and cybersecurity.” The spokeswoman went on to cite a 1979 Supreme Court ruling, which stated that Americans could not expect privacy regarding which phone numbers they had dialed, as justification of the policy shift. Because of that ruling, the NSA decided that any vast collection of metadata on an American person was permitted. As long as the content of communications is not included, “the agency is not required to seek warrants for the analyses from the Foreign Intelligence Surveillance Court.”
Documents viewed by the NYT show that the NSA asked for such power as early as 1999, but the request was rejected due to privacy concerns. The agency asked again in 2006, and in 2008 the Bush administration approved the policy shift. The NSA then performed a year-and-a-half long pilot program before making the policy shift official in November 2010 as “Sigint [Signals Intelligence] Management Directive 424.”
The NSA did tell the NYT that its database of domestic phone call records, which was revealed in the first Snowden leak back in June, was not used in mapping social connections. Still, former officials who spoke on anonymity due to the classified nature of the information, told the NYT that the “social networking analyses relied on both domestic and international metadata” from “multiple collection programs and databases.” These databases include a tool called “Mainway” which chains phone numbers and e-mail addresses in a repository populated by “the agency’s fiber-optic cables, corporate partners, and foreign computer networks that have been hacked.”
In August 2011, Mainway was receiving up to 1.8 billion cellphone records daily under “Section 702 of the 2008 FISA Amendments Act, which allows for the collection of the data of Americans if at least one end of the communication is believed to be foreign.”
The social graphs also include a vast amount of publicly available and commercial information, as the NYT describes:
The agency can augment the communications data with material from public, commercial and other sources, including bank codes, insurance information, Facebook profiles, passenger manifests, voter registration rolls and GPS location information, as well as property records and unspecified tax data, according to the documents. They do not indicate any restrictions on the use of such “enrichment” data, and several former senior Obama administration officials said the agency drew on it for both Americans and foreigners.A top secret document obtained by the NYT explains that the agency looks for 94 different "entity types" of metadata and “correlates 164 'relationship types' to build social networks and what the agency calls 'community of interest' profiles, using queries like 'travelsWith, hasFather, sentForumMessage, employs.'” With such vast connection terms, it seems like it would be easy to end up three hops away from a person pertaining to foreign intelligence.
No comments:
Post a Comment