The Guardian has another bombshell report on the NSA, based on the documents leaked by Edward Snowden. The headline says it all: XKeyscore: NSA tool collects 'nearly everything a user does on the internet'
Please click over and read the whole thing (the article includes images of the referenced documents), but in the interests of driving discussion here, below the fold I will share some of the highlights.
The article, authored by Guardian journalist and commentator Glenn Greenwald, begins:
A top secret National Security Agency program allows analysts to search with no prior authorization through vast databases containing emails, online chats and the browsing histories of millions of individuals, according to documents provided by whistleblower Edward Snowden.
The NSA boasts in training materials that the program, called XKeyscore, is its "widest-reaching" system for developing intelligence from the internet.
The article goes on to explain that this Xkeyscore program makes possible one of Edward Snowden's most controversial claims: that he, as an NSA analyst, had the capability to "wiretap" anyone from his desk. Indeed, the article explains how an NSA analyst had a relatively simple interface with which to interact with the database, and they only have to type in a simple justification in order to access a huge array of information:
The purpose of XKeyscore is to allow analysts to search the metadata as well as the content of emails and other internet activity, such as browser history, even when there is no known email account (a "selector" in NSA parlance) associated with the individual being targeted.
Analysts can also search by name, telephone number, IP address, keywords, the language in which the internet activity was conducted or the type of browser used.
In order to search through all of this information, the NSA first has to store it. The article explains that the majority of information can only be stored for a short time, since the volume is so vast:
The XKeyscore system is continuously collecting so much internet data that it can be stored only for short periods of time. Content remains on the system for only three to five days, while metadata is stored for 30 days. One document explains: "At some sites, the amount of data we receive per day (20+ terabytes) can only be stored for as little as 24 hours."
To solve this problem, the NSA has created a multi-tiered system that allows analysts to store "interesting" content in other databases, such as one named Pinwale which can store material for up to five years.
The use of Xkeyscore is subject to the Fisa Amendments Act of 2008, which requires a Fisa warrant for specifically targeted US persons, but as we already know, this law has massive loopholes that make the online surveillance of US persons without a warrant rather easy:
While the Fisa Amendments Act of 2008 requires an individualized warrant for the targeting of US persons, NSA analysts are permitted to intercept the communications of such individuals without a warrant if they are in contact with one of the NSA's foreign targets.
The ACLU's deputy legal director, Jameel Jaffer, told the Guardian last month that national security officials expressly said that a primary purpose of the new law was to enable them to collect large amounts of Americans' communications without individualized warrants.
"The government doesn't need to 'target' Americans in order to collect huge volumes of their communications," said Jaffer. "The government inevitably sweeps up the communications of many Americans" when targeting foreign nationals for surveillance.
For its part, the NSA says that there are "multiple technical, manual, and supervisory checks to prevent deliberate misuse (of Xkeyscore) from occurring", and that it is only deployed against legitimate foreign intelligence targets.
But by now we know better: these tools allow the NSA to sweep up as much of the Internet as they can, and not a single thing that you do online is safe from being swept up and potentially analyzed by the NSA.
Please go read the whole article.