"They" are casing a wide drag-net utilizing massive scale data mining to catch "terrorists."
See my previous diary entry.
This is a very powerful tool they can use against terrorism. However, the problem is that there is virtually no way to ensure how this is being used. Consider for a moment what sort of information flows through the internet: passwords, credit card numbers, bank account numbers, business information, corporate secrets, insider information. The opportunity to use this capability to illegally make money is vast and undetectable. (No need to worry, its not like there is any corruption in our government..;-) )
So what can you do, while you're waiting for justice against these illegal invasions of privacy? Read more.
Their process is based off a level of suspicion triggered by their drag-net. If you can slip through the drag net, then they have no reason to scrutinize you further. (Unless you give them other reason to do so.)
Their detection is basically a 3 level process:
1) Wide area drag-net targeting by way of keywords, telephone numbers and IP addresses. In other words, if you call the wrong number, connect to the wrong computer or send the wrong words in an email, IM or chat, you get flagged.
2) If you get flagged in the right way, then an analyst looks over whatever records they have of what you've been doing, which may be cross checked against other databases probably employing link analysis.
Link analysis is particularly scary, because you don't have to be doing anything wrong to be included in link analysis. You just may happen to live next to the wrong person or share any number of things in common which might lead an analyst to believe there might be an association between the two of you.
3) If they are suspicious enough, (and they only have to have suspicion because they don't need a warrant), then they put you under full scrutiny, where by your phone could be tapped and presumably a host of other things such as sneak and peeks, financial records, etc.
What can we do to keep these nimble fingers out of our private parts?
Meet Tor.
Tor is an open source application which runs on your computer that will not only encrypt the communication, but bounce it through several layers of Tor servers before contacting the computer you intend.
Not only are Tor servers located all over the world, the Tor system was designed to account for situations where some of the servers become compromised. (by say some nefarious government.)
The end result is this allows you to browse the internet with quite a bit of anonymity. It's not foolproof, but it won't set off alarms of people who are looking for particular keywords or terror-words (or bank accounts and passwords), from sifting through your web-browsing.
"They" could look for connections to Tor servers, but that is as far as they could trace it. Once the communication has entered the Tor network, it is indistinguishable from all other Tor traffic.
I have installed it and have been using it for a couple of weeks now. Sometimes it's a bit slow as it routes your information through the layers of Tor servers, but all in all its pretty easy to use.
Here is the link to the Tor web-page:
http://tor.eff.org/