NSA: Sure We Can Search Your Emails, But Not Ours

from the facepalm dept

Wed, Jul 24th 2013 7:22am — Timothy Geigner

The NSA. They're the no-such-agency with the time-honored tradition of looking through the metadata we all leave behind, like the scum-trail of a slug. Also, our emails, social media communications, recipe exchanges, and those obituaries we write up for our enemies in nearly-sexual anticipation of their demise (editor's note: damn it, Timothy, nobody does that but you!). They have the kind of technological hardware and software that would make an IT admin's pants explode. They can search through approximately all the stuff, ever, anywhere, to root out terrorist plots and reality TV spoilers.

But you want them to find one of their own internal emails? That's just crazy-talk, apparently. This, according to ProPublica's Justin Elliot:

I filed a request last week for emails between NSA employees and employees of the National Geographic Channel over a specific time period. The TV station had aired a friendly documentary on the NSA and I want to better understand the agency's public-relations efforts. A few days after filing the request, Blacker called, asking me to narrow my request since the FOIA office can search emails only “person by person," rather than in bulk. The NSA has more than 30,000 employees.

"There's no central method to search an email at this time with the way our records are set up, unfortunately," NSA Freedom of Information Act officer Cindy Blacker told me last week.

I know, I know. you're thinking, "Will my insurance cover a broken, face-palmed nose?" But surely there's an explanation for this. Let's think about it logically. The NSA is essentially a spy organization. They deal in lots of classified stuff and they probably send a lot of information that is classified to one another. After all, they don't have to worry about being spied on, since they're doing the spying, follow? So, they set up a system, something like an ultra-awesome Mission Impossible platform, where searching for emails between employees is impossible, because it's been designed to be impossible. Got it? This is all part of the system, a way to keep information privileged. It's not ineptitude, they're just guarding secrets, and that's why the FOIA request can't be fulfilled. Right, Cindy?

The system is “a little antiquated and archaic," she added.

Well, slap a puppy, that's just unbelievable. And I mean that in every sense of the word. I don't believe it. The NSA can likely tell me how many emails I've sent to whom and about what subjects, but it can't find any of its own internal emails via the kind of search any competent IT manager could do in his/her sleep? I literally don't believe that. Neither does anyone else concerned, apparently.

“It’s just baffling,” says Mark Caramanica of the Reporters Committee for Freedom of the Press. “This is an agency that’s charged with monitoring millions of communications globally and they can’t even track their own internal communications in response to a FOIA request.”

I think the truth is much closer to they won't rather than can't. But, hey, what do I know?

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: emails, foia, nsa, nsa surveillance

28 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Transmitte (profile), 24 Jul 2013 @ 7:29am

Lemme guess, they're still using Lotus notes?
[ link to this | view in chronology ]
- ChurchHatesTucker (profile), 24 Jul 2013 @ 7:56am
  
  Re:
  He should file a FOIA request to find out what system, exactly, they're using.
  [ link to this | view in chronology ]
- TheLastCzarnian (profile), 24 Jul 2013 @ 8:27am
  
  Re:
  I did some scratching around in Lotus Notes in '98, trying to figure out how to automate and/or migrate it with Exchange or even just a pop/smtp server, and I can sum it up in one word:inconcievable!
  
  And Gates thought Ray Ozzie was technical.
  [ link to this | view in chronology ]
  - Hephaestus (profile), 24 Jul 2013 @ 10:31am
    
    Re: Re:
    Transferring from Notes to Exchange is simple, it is 100 lines of code on each side.
    [ link to this | view in chronology ]
- Anonymous Coward, 24 Jul 2013 @ 8:55am
  
  Re:
  Telnet on port 25.
  [ link to this | view in chronology ]
Tim Griffiths (profile), 24 Jul 2013 @ 7:42am

You, I don't know...
As much as I agree that they wouldn't even if they could it really wouldn't surprise me if they can't. This kind of disparity between parts of the same organisation shouldn't be surprising even in actual companies let alone when it comes to government interstcutere. I mean Valve recently admitted that the process to put games on steam still uses faxes.
[ link to this | view in chronology ]
- Tim Griffiths (profile), 24 Jul 2013 @ 7:42am
  
  Re: You, I don't know...
  You know*
  [ link to this | view in chronology ]
- That One Guy (profile), 24 Jul 2013 @ 8:23am
  
  Re: You, I don't know...
  But see, here's the thing: if they can't search through their own emails for important data, how are people supposed to believe that they can do the same with the countless other emails/phone calls/data they've scooped up? And if they can't efficiently and effectively search through all that data, what exactly is their excuse for grabbing it all?
  [ link to this | view in chronology ]
  - Arthur Moore (profile), 24 Jul 2013 @ 9:15am
    
    Re: Re: You, I don't know...
    Like Tim Said. Different systems.
    
    It could be that they're either running an ultra secure system with per person encryption. What's more likely though, is they're running a POC custom system build by a government contractor twenty years ago for way too much money.
    
    On the bright side, if Nat Geo uses Gmail as their backed, they they could just use PRISM to find everything they're looking for. ;)
    [ link to this | view in chronology ]
    - Bergman (profile), 25 Jul 2013 @ 5:29am
      
      Re: Re: Re: You, I don't know...
      If NSA went to Google with a warrant, and Google replied "sorry, we deliberately designed our system so we can't comply," what would be the result?
      
      Grand juries, prosecution, possibly the RICO Act.
      
      NSA, like all other government agencies is legally required to be compliant with laws like the Freedom of Information Act. Deliberately designing their system to be incompatible (and 'accidentally' forgetting to put that in the specifications IS deliberate) is a criminal act. Probably a criminal conspiracy, given the number of people likely involved.
      [ link to this | view in chronology ]
- John Fenderson (profile), 24 Jul 2013 @ 9:00am
  
  Re: You, I don't know...
  I mean Valve recently admitted that the process to put games on steam still uses faxes.
  
  Yes, but Valve doesn't have a massive spying apparatus that is already collecting and indexing all the internet data.
  [ link to this | view in chronology ]
  - Anonymous Coward, 24 Jul 2013 @ 9:10am
    
    Re: Re: You, I don't know...
    I seem to recall seeing splinter cell for sale on steam some time ago. So, any time you want to admit you were wrong...
    
    /Sarcasm! Don't hit me!
    [ link to this | view in chronology ]
  - Tim Griffiths (profile), 25 Jul 2013 @ 12:57am
    
    Re: Re: You, I don't know...
    And that changes nothing about the idea that their e-mail systems could be a outdated junk box setup decades ago by a half arsed contractor.
    
    Now if you mean that they could find those e-mails by going through what they collected on the address they were being sent to? Sure, they could, but that's slightly above the paygrade of whatever poor sap is likely dealing with freedom of information requests.
    [ link to this | view in chronology ]
- Anonymous Coward, 24 Jul 2013 @ 2:10pm
  
  Re: You, I don't know...
  So how exactly are they supposed to ensure security, like finding leakers of classified information then? They just don't have anything in place, huh? Someone working there could just be all "I'm upset and going to email all these classified documents to some newspaper because it can't be traced back to me!" Makes total sense that the NSA would not have ANY WAY to investigate internal affairs. Total. Sense.
  [ link to this | view in chronology ]
  - Tim Griffiths (profile), 25 Jul 2013 @ 12:51am
    
    Re: Re: You, I don't know...
    So not being able to search e-mails equals those e-mails not coming from an account?
    [ link to this | view in chronology ]
Anonymous Coward, 24 Jul 2013 @ 7:42am

Insulting
If it isn't clear at this point that they're just thumbing their nose at us with all these bullshit, half-assed comments, then it never will be. What kind of arrogance do these shitholes have that they would just be so brazen about lying?

...and if it's the case that they really can't search their own emails, and instead put all that funding toward the ability to search OURS, then some asshole somewhere in that massive bureaucracy that APPROVED this (convenient lack of) "functionality" needs to be fired for nothing short of gross incompetence.

I said it yesterday, and seem to be finding myself saying it everyday - these bullshit excuses are really, really getting old.
[ link to this | view in chronology ]
Anonymous Coward, 24 Jul 2013 @ 7:42am

The system is �a little antiquated and archaic," she added.

If it's that out of date, that means it is at this point an insecure system, so even if I believed the government has the best of intentions (because long standing governments have historically "proven" how well they look after the real welfare of their citizens), they are still essentially admitting that all of this data is sitting unsafe and just ripe for some third party to come along and pluck it (after all nothing paints a bullseye like the largest datastore in the history of mankind).

Of course, as I've pointed out previously, while Snowden was the first to expose much of this data publicly, who is to say he is/was the first to actually gather all this information up (a point driven home when Putin made the statement a few weeks ago that Snowden couldn't tell him anything he didn't already know)
[ link to this | view in chronology ]
Richard (profile), 24 Jul 2013 @ 7:46am

No need to worry!
No need to worry then - if they don't have the technology to search through their own modest haystack how can they possibly search through all our stuff that they have collected??

(Of course I don't really believe that - but...)
[ link to this | view in chronology ]
Anonymous Coward, 24 Jul 2013 @ 8:16am

It's simple really why the NSA can't do that
It's simple why the NSA can't find the emails in question!

Obviously their 30,000 employees all have a SINGLE email address, where all 30,000 employees have access to the same email account. And rather than send emails out, they just write up an email and save it to the 'draft' folder for the correct person to find and read, and then delete the email.

That's just how terrorists and evil criminal organizations do things to leave no trail behind. So OBVIOUSLY the NSA considers themselves a part of a criminal organization that has to cover their own tracks.

Oh and for how they communicated with the National Geographic Channel? Obviously they set up another email address that someone at the NGC also had access to, and then they deleted all the draft messages once their business was concluded.
[ link to this | view in chronology ]
Brazilian Guy, 24 Jul 2013 @ 8:28am

"The NSA can likely tell me how many emails I've sent to whom and about what subjects, but it can't find any of its own internal emails via the kind of search any competent IT manager could do in his/her sleep? I literally don't believe that. Neither does anyone else concerned, apparently."

Well, i heard they used to have this really competent guy, a pretty decent chap, what was his name? Edward something or other...

But seriously, that reinforces the theory that their internal system archteture is somewhat weak at logging internal activity, specially if you are a privileged user. After all, the guy managing the IT would probably have to pass the most rigorous background checkings. So yeah, plenty of oportunities for internal leaks, information disclosed for profit for third parties, who are only valuable as inteligence as long as they remain at large classified.

Meanwhile, i've read at Reuters that Russia is about to grant Snowden ingress in the country as immigrant.
[ link to this | view in chronology ]
Adam (profile), 24 Jul 2013 @ 8:43am

Think outside the box
I know how this can be solved by the NSA, it's easy.

National Geographic is an outside group of people, so they are probably scooping up all the metadata on every National Geographic email address. All you have to do is 'query' the system for emails that were between National Geographic and NSA agents then search those individual email accounts.

(I can also guarantee you that if they thought somebody was leaking classified information to them they would know every employee that has ever emailed them ever within hours)
[ link to this | view in chronology ]
- Anonymous Coward, 24 Jul 2013 @ 9:08am
  
  Re: Think outside the box
  Make Blacker call NGC to get them to release the mails. It is easier and way more honest!
  [ link to this | view in chronology ]
Guardian, 24 Jul 2013 @ 9:22am

WHat evidence we are doing crime ( NSA ) we dont need no stinkin evidence
subject says what the real truth is
[ link to this | view in chronology ]
Matthew S (profile), 24 Jul 2013 @ 9:22am

Saturday Night Live
Anybody remember the SNL sketch from 1976 where Garrett Morris tries to get his CIA file and Dan Aykroyd pretends they're too disorganized to find it?
[ link to this | view in chronology ]
- Pat, 25 Feb 2019 @ 8:57am
  
  Re: Saturday Night Live
  I remember it but cannot find it anywhere! It was a great skit. I would like to show my students so they can get a clue about privacy.
  [ link to this | view in chronology ]
Michael, 24 Jul 2013 @ 10:07am

Narrow that down
between NSA employees and employees of the National Geographic Channel over a specific time period

They can get that information with a little narrowing of the request.

It is simple, ask for email to and from National Geographic Channel over a specific time period

You can then just look for all of the ones that went to and from NA employees.
[ link to this | view in chronology ]
Anonymous Coward, 24 Jul 2013 @ 10:14am

That they could not search internal Intelligence related emails on their private system is believable. That they cannot search Emails that they have sent over a publicly accessible system is unbelievable, as it is a facility they need when looking for security breaches and leaks.
[ link to this | view in chronology ]
Anonymous Coward, 24 Jul 2013 @ 11:59am

LOL
[ link to this | view in chronology ]