Latest Leak: NSA Collects Bulk Email Metadata On Americans
from the so-there's-that... dept
The NSA leaks just keep on coming, and the latest one is a big one. It's concerning the NSA is about the Stellar Wind program -- which had been revealed before, and which former NSA whistleblower Bill Binney has discussed in the past -- but Binney left the NSA in 2001. The latest document is a report from the Inspector General that confirms some of the claims Binney has made in the past, showing that the NSA collected "bulk metadata" on emails of US persons. The program started as only being about non-US persons, but was later expanded by the DOJ in 2007 to cover US persons as well.According to a top-secret draft report by the NSA's inspector general – published for the first time today by the Guardian – the agency began "collection of bulk internet metadata" involving "communications with at least one communicant outside the United States or for which no communicant was known to be a citizen of the United States".So, remember all that stuff the NSA and the President and various elected officials were saying about how they're not collecting internet data on Americans? And how they have minimization procedures and all of that? Yeah. So, that was -- yet again -- less than 100% accurate. Or, as Director of National Intelligence James Clapper likes to say, it was, perhaps, the "least untruthful" version of the events, meaning that it wasn't truthful.
Eventually, the NSA gained authority to "analyze communications metadata associated with United States persons and persons believed to be in the United States", according to a 2007 Justice Department memo, which is marked secret.
Of course, the defenders of the program will say that this is okay because it was "just metadata," rather than the contents of email, but that's a huge cop out, since metadata can tell you an awful lot:
The internet metadata of the sort NSA collected for at least a decade details the accounts to which Americans sent emails and from which they received emails. It also details the internet protocol addresses (IP) used by people inside the United States when sending emails – information which can reflect their physical location. It did not include the content of emails.On top of that, defenders of the metadata collection of phone records claimed that there was no privacy in the phone numbers you called and the duration of calls, because that information was clearly on your phone bill that the company sent to you each month. But that's not the case with email metadata.
For what it's worth, the administration shutdown this particular program in 2011, but that was after it had gone on for 10 years, with the last four involving collecting bulk metadata on Americans.
"The internet metadata collection program authorized by the Fisa court was discontinued in 2011 for operational and resource reasons and has not been restarted," Shawn Turner, the Obama administration's director of communications for National Intelligence, said in a statement to the Guardian.However, as Glenn Greenwald and Spencer Ackerman at the Guardian (who broke this story as well) have noted, they have evidence that at least a similar program continues today:
"The program was discontinued by the executive branch as the result of an interagency review," Turner continued. He would not elaborate further.
In December 2012, for example, the NSA launched one new program allowing it to analyze communications with one end inside the US, leading to a doubling of the amount of data passing through its filters.Some of the report actually helps to confirm a Washington Post story from last week about how this bulk metadata collection was initially done under no authority, but when various DOJ officials threatened to resign, they quickly got the FISA court to pull out its trusty giant rubber stamp to allow bulk data collection on emails.
The expansion of metadata collection and analysis to cover Americans came about as the NSA insisted this would help them better find foreign threats:
Wainstein told Mukasey that giving NSA broader leeway to study Americans' online habits would give the surveillance agency, ironically, greater visibility into the online habits of foreigners – NSA's original mandate.Basically this pretty much confirms my earlier post about how the NSA (and the DOJ) are carefully defining "target" in their mandate. Most people believe that since the NSA can only target persons outside the US that they cannot collect data on US persons. However, if (as may be the case) they claim that the overall investigation is "targeting" non-US persons, it appears they believe they can collect and analyze data on US persons, meaning that they've effectively justified bulk spying on Americans if it might possibly bring to light a foreign threat.
"NSA believes that it is over-identifying numbers and addresses that belong to United States persons and that modifying its practice to chain through all telephone numbers and addresses, including those reasonably believed to be used by a United States person," Wainstein wrote, "will yield valuable foreign intelligence information primarily concerning non-United States persons outside the United States."
One thing that is not clearly described is exactly how the NSA is getting access to this data, but from previous leaks, it appears that the data almost certainly comes from working with telcos to install systems that scoop up all data going through major ISPs/backbones. Either way, it seems abundantly clear, yet again, that the NSA surveillance, contrary to statements from the NSA and its defenders, included a ton of information on Americans.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: doj, email, metadata, nsa, nsa surveillance, stellar wind
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re: Newest NSA leak
[ link to this | view in chronology ]
Re:
Ethics.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
Unemployment. Let's hope that changes soon.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
I notice that all has been quiet on the denial front for the last few days as they try various methods of damage control through character assassination.
What I am not hearing is anything involving any sort of public apology, any sort of rectifying of the laws with serious intent to fix this mess, nor any sort of address to the public over the massacring of The Declaration of Independence or the Constitution in the process and what will be done to fix it. Not change the process, not moving things so they are again hidden, but address this run-a-way Stazi police state mentality. All seems quiet on that front, indicating that damage control is still deemed the way forward.
This government in my opinion is rapidly loosing it's consent to govern.
[ link to this | view in chronology ]
Re:
The image of the US is greatly damaged and the leaks originated much more cracks where bad smell is coming out as some sort of fetid pestilence.
The question is: how much more will the Americans need to burst out in protests? When are they going to move their asses?
[ link to this | view in chronology ]
Re:
Force of movement from the populace might stand a chance but surely you can see that the idiots feel safer. Much the way a dog feels safer when crated.
Empire.
[ link to this | view in chronology ]
"Latest leak ... which had been revealed before"...
We already KNOW the problem. Some may not yet be ready to admit the full extent of the spying, of which Google is a giant part, but everyone KNOWS the basics and that it's WRONG. At least try to take another slant on it, college boy, such as asking what the next step is. -- I'll help you out: So far, this limited hangout has only served the NSA. Now they're ready to move to a higher level of tyranny.
[ link to this | view in chronology ]
Re: "Latest leak ... which had been revealed before"...
[ link to this | view in chronology ]
Who would have seen this coming?!?
Except me, I remember being called a tinfoiler using the slippery slope fallacy way back when I was arguing that the only difference between using this on "terrorists" and US citizens is a single press of a button.
I think we need to stop classifying slippery slope as a fallacy.
[ link to this | view in chronology ]
Changing its name != shutting it down
This reminds me of the whole TIA fiasco. When TIA got explicitly unfunded, they just changed it's name and carried on.
[ link to this | view in chronology ]
Public shaming is not enough
The only things that matter are if a court says stop it, or if congress passes a law to stop it (and they'll probably need 2/3 to overcome a veto).
And even, then it only matters if there is an independent group that has full access to monitor compliance. All the FISA courts, and intelligence committees in the world are no good if all they have to go on is the least untruthful answers fed to them.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
I can't help but wonder,
[ link to this | view in chronology ]
Spam
Wouldn't it be satisfying if the next 'release' of NSA data confirms that the NSA's servers are 3/4's full of spam. Yeah, we got you terrorists.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
but isn't the metadeta and content on the same file?
[ link to this | view in chronology ]
Re: but isn't the metadeta and content on the same file?
They'd probably argue that it's not really spying because it's done by a computer.
[ link to this | view in chronology ]
Re: Re: but isn't the metadeta and content on the same file?
[ link to this | view in chronology ]
Re: Re: Re: but isn't the metadeta and content on the same file?
[ link to this | view in chronology ]
As long as they're doing all that collecting,
[ link to this | view in chronology ]
Define "rubber stamp"
[ link to this | view in chronology ]
Re: Define "rubber stamp"
Note that most wiretaps are not reported ("roving" and FISA wiretaps are specifically excluded).
Yes. The courts have long been accused of rubberstamping wiretap requests, even before FISA existed, so this wouldn't be a new accusation at all.
Personally, although the approval rate can be an indicator, it isn't proof of rubberstamping. The only way to be able to determine whether or not the whole thing is a joke is to actually review the court's actions, which is impossible (at least for the FISC).
I lean toward thinking such requests are rubberstamped on the theory that there's little reason to think that the FISC would behave substantially different than the other courts have in the past.
[ link to this | view in chronology ]
Meaning that they were caught lying for the umpteenth time.
As for the NSA collecting metadata, uh, sure thing. So they created a massive facility in Utah just to store IP addresses and NOT the contents of people's e-mails and other communications? I've got a bridge to sell you...
[ link to this | view in chronology ]
Emails have a header that includes the email addresses of the sender, receiver, reply-to and possibly other parties. It includes timestamps, subject lines, and other information. There are all part of the data content of an email message just as much as the actual words the sender typed in the body of the message.
Metadata would be data about the data--data element names, descriptions of what each data element means, data types and sizes, that kind of thing.
Put another way, would you say that the date and to/from addresses at the top of a business letter were not part of the letter? No.
[ link to this | view in chronology ]
Expectation of privacy
I wasn't aware that my phone bill was sent to anyone OTHER than me. Since, I believe, it's illegal for the postal service to knowingly deliver MY mail to anyone else and also for anyone to delibrately intercept my mail (except with a warrent, or course), why would I NOT have an expectation of privacy?
[ link to this | view in chronology ]
please
My name is Mrs Olayemi Mary Julianah, A United Kingdom citizen and I reside for almost 22 years now in Benin Republic for purely Gold Business. My company name is: (Berossy Gold Sarl).
Dearest, I am sharing this message to explain what I currently lives as tragedy and also the decision that I took presently.I have been a few months victim of an incurable disease that eats away at my health.
I am suffering because of a throat cancer. Everything inside of my throat has become a big wound that continues to rot and deteriorate more. The disease prevents me now to talk and even eat properly.today, I have no one because I am an orphan since I was born and grew up in an orphanage. Also, I lost my husband seven years ago, unfortunately, we could not have children because he was diagnose of low sperm count and we where on the treatment before he died. To top it all, all our friends and contacts have forsaken me since the death of my late husband, it was just''profiteers''.Today,
I am left to myself and am master of all I want to take but unfortunately my health prevents me from taking care of something arbitrary.
After several results and analysis in various European and American clinics and presently at London where i am now, The doctors, told me that my days are now numbered, that i am living the last moments of my life.I am therefore sentenced to 65years dying from this terrible disease because my doctor has just informed me there were only one month to live on this earth and that men can not do anything for me.
That is why I contacted you to ask you a great service as it would not be possible for me to do it myself because of my health.I deposited in September 2006 in financial institute, a large sum of money Four million euros ( 4,000,000€ ).
I will want to hand over this money to you as to enable you establish a charitable foundation in my memory so that God's grace be with me until my last home and I can enjoy an honorable place with the Lord our father.If you will be willing to assist me on this project, kindly reply (olayemimary101@yahoo.com) me and i will send you details with financial institute where I deposited the fund and I will also sworn an affidavit for change of ownership status that will officially and legally makes you the beneficiary to my funds, so that even if i die you will not have any confrontation from any body in receiving the funds. Please do reply me on my private email above because I don't always be on here.
I will wait your reply.
Please accept my best regards and God bless you.
Mrs. Olayemi Mary Julianah
[ link to this | view in chronology ]