NSA Makes Metadata (Including Info On Americans) Available To Domestic Law Enforcement Via 'Google-Like' Search
from the easy-peasy dept
The latest report from The Intercept on documents obtained from Ed Snowden (and, yes, they make it clear that these are from Snowden, rather than the purported "second leaker") is about a "Google-like" search engine that the NSA built, called ICREACH, which lets the NSA share a massive trove (at least 850 billion) of "metadata" records not just with others in the NSA or CIA, but with domestic law enforcement and other government agencies including the FBI and the DEA. The database includes records collected via Executive Order 12333, which we recently noted a State Department official revealed as the main program via which the NSA collects its data (and which is not subject to oversight by Congress).While data collected under 12333 is supposed to be "minimized" to ditch information on "US Persons" we've already noted how backdoor searches get around that. Further, as this report reminds everyone, while "minimized" the NSA still keeps the data, and if someone (say, the DEA or FBI) wants to dig deeper, they can "un-minimize" the data.
However, the documents make clear that it is not only data about foreigners’ communications that are available on the system. Alexander’s memo states that “many millions of…minimized communications metadata records” would be available through ICREACH, a reference to the process of “minimization,” whereby identifying information—such as part of a phone number or email address—is removed so it is not visible to the analyst. NSA documents define minimization as “specific procedures to minimize the acquisition and retention [of] information concerning unconsenting U.S. persons”—making it a near certainty that ICREACH gives analysts access to millions of records about Americans. The “minimized” information can still be retained under NSA rules for up to five years and “unmasked” at any point during that period if it is ever deemed necessary for an investigation.In other words, there's a decent chance that the FBI and DEA can easily surf through these hundreds of billions of records, and "unmask" people if need be, and then make use of the infamous parallel construction to hide how they first decided to focus on a particular individual or group.
In practice, this could mean that a DEA agent identifies an individual he believes is involved in drug trafficking in the United States on the basis of information stored on ICREACH. The agent begins an investigation but pretends, in his records of the investigation, that the original tip did not come from the secret trove. Last year, Reuters first reported details of parallel construction based on NSA data, linking the practice to a unit known as the Special Operations Division, which Reuters said distributes tips from NSA intercepts and a DEA database known as DICE.And yes, this is "just metadata" but as the Intercept report notes, the NSA's own notes relating to this project reveal just how valuable metadata can be, including noting that it "has been a contribution to virtually every successful rendition of suspects and often, the deciding factor."
Tampa attorney James Felman, chair of the American Bar Association’s criminal justice section, told The Intercept that parallel construction is a “tremendously problematic” tactic because law enforcement agencies “must be honest with courts about where they are getting their information.” The ICREACH revelations, he said, “raise the question of whether parallel construction is present in more cases than we had thought. And if that’s true, it is deeply disturbing and disappointing.”
An NSA memo noted that PROTON could identify people based on whether they behaved in a “similar manner to a specific target.” The memo also said the system “identifies correspondents in common with two or more targets, identifies potential new phone numbers when a target switches phones, and identifies networks of organizations based on communications within the group.” In July 2006, the NSA estimated that it was storing 149 billion phone records on PROTON.Remember Michael Hayden gleefully admitting that the US kills people based on metadata? Well, now it turns out that we "rendition" them on metadata as well. Oh, and contrary to earlier claims about how just a few NSA analysts could examine the metadata, it now looks like tons of other government agencies, including the FBI and DEA have pretty free license to scour the data as well.According to the NSA documents, PROTON was used to track down “High Value Individuals” in the United States and Iraq, investigate front companies, and discover information about foreign government operatives. CRISSCROSS enabled major narcotics arrests and was integral to the CIA’s rendition program during the Bush Administration, which involved abducting terror suspects and flying them to secret “black site” prisons where they were brutally interrogated and sometimes tortured. One NSA document on the system, dated from July 2005, noted that the use of communications metadata “has been a contribution to virtually every successful rendition of suspects and often, the deciding factor.”
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: dea, fbi, icreach, metadata, nsa, parallel construction, search engine
Reader Comments
Subscribe: RSS
View by: Time | Thread
So this is a total outrage right?
Anyone?
Am I all alone here?
[ link to this | view in chronology ]
Re: So this is a total outrage right?
This train is off the rails.
If that wasn't official before then it's pretty fucking official now.
The law of the land is broke too, officially.
Fuck it. I'm going speeding.
[ link to this | view in chronology ]
Re: So this is a total outrage right?
The legislative branch enjoys their power too much to do anything.
The executive loves it too much to do anything about it.
That leaves the 2nd amendment but that too is useless.
With such pervasive surveillance anyone planning a revolution will be labeled a domestic terrorist and taken out before they can rally the troops.
There are too many people content with what the system provides, as long as they have a roof, food, and Facebook they are happy. As long as 'the man' can appease the majority there will never be enough collective will to fix these issues through voting or revolution.
Those with the gold make the rules....
[ link to this | view in chronology ]
[ link to this | view in chronology ]
another revelation
[ link to this | view in chronology ]
Re: another revelation
[ link to this | view in chronology ]
INCONCEIVABLE! Like that scene in The Princes Bride
I dont think that word, minimized, means what you think.
[ link to this | view in chronology ]
The Most Transparent Administration Ever
When it comes time to provide information to us via FOIA requests, lawsuits or just plain asking for it, they hide behind layers of red tape, contradictory reasons for not having the required data storage and backups that they have huge budgets set aside for, and purposefully avoiding accountability by using false account names and non secure government email for official business.
[ link to this | view in chronology ]
Re: The Most Transparent Administration Ever
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Decision Memorandum for DNI on ICREACH (PDF)
Sharing Communications Metadata Across the US (PDF)
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Super advanced security, no doubt
Agent: Find "Citizen Joe".
Computer: No matching records found for U.S. citizen.
Agent: Sudo find "Citizen Joe".
Computer: Found 13,914 records...
[ link to this | view in chronology ]
No "training and guidance" needed!
That would make metadata a contributing factor in more than 100 CIA kidnappings from EU countries before that date, plus Canadians and others from other Western countries. A contribution or deciding factor in a growing number of cases where the victims were shipped to other countries to be tortured for months or years - before being released with an "er, never mind."
Congratulations, America! Now you get to play at home. I'm sure that police forces will be as professional and responsible using this metadata as they have been with their fancy new military equipment.
[ link to this | view in chronology ]
Oh Well
In other words, "Too bad. Carry on."
[ link to this | view in chronology ]
[ link to this | view in chronology ]
@ICreach but it cant reach @stitme
StitMe offers unlimited connections and unlimited calling time at no charge. Further, the app provides users with a timer-based Auto Kill switch to kill chats from both ends. StitMe is the only app providing a comprehensive and complete tool to protect all communication with contacts (Talk and Text). Once the app is loaded it automatically assigns privacy protected one-on-one connections to each of the contacts, thus securing the entire address book with no loose ends. The Chat uses 512Bit AES Encryption (public and private key).
StitMe, a next generation mobile privacy platform, allows people to connect and speak via mobile telephone, all without revealing their actual telephone numbers to each other. With StitMe “Your Name is Your Mobile Number. How Awesome Is that!!” stated Gurtaj S. Padda creator of the StitMe platform and founder and chief executive officer of Boolean Tech. This one-of-a-kind product also protects its users from third-party intrusions, allowing people to connect instantaneously while maintaining control of their privacy. Registered users determine who may call them, when they may call and can even choose to ignore callers or ensure they never call back.
"With today's digitally-connected lifestyles, where much of our life takes place via our mobile handsets or online, our every movement is monitored and personal data collected. StitMe lets you reclaim your privacy, enabling you to speak with family, friends and business contacts with unmatched personal identity protection and control," stated Gurtaj S. Padda. "Even world leaders aren't safe from prying "ears". Boolean Tech believes personal privacy is a fundamental right. We therefore created the StitMe platform from the ground up with a focus on providing individuals with the peace of mind that comes from enjoying personal communication in a reliable and private manner. stitme.com
[ link to this | view in chronology ]
Parallel Construction? / Fitted up
It's falsification of evidence, perjury, perverting the court of justice.
You suspect person X has anti-American views. That's difficult to prosecute, but hey, plant some meth in his car, arrange for one of these police 'random' stops. Hey presto, problem solved.
The officer thinks he's party to just breaking the surveillance laws, but yet he might be the fall guy for a whole false prosecution.
They also get officers to break laws for some greater good. Getting them into the routine of lying in court and in depositions.
[ link to this | view in chronology ]
Re: Parallel Construction? / Fitted up
One would hope, considering that having anti-American views isn't illegal.
[ link to this | view in chronology ]
So I thought of a potential scenario...
SCENE 1: OUT ON PATROL
OFFICER SAFETY: [BLAM!-BLAM!-BLAM!-BLAM!-BLAM!] [poke-poke] [STOMP-KICK-STOMP] [BLAM!] Oh dear! I shot to death another unarmed black man trying to surrender to me! Whatever shall I do?
OFFICER HUNGRY: I dunno, man. Let's get lunch. I'm sure you'll think of something clever.
SCENE 2: BACK AT THE PRECINCT
OFFICER: [typitty-type-type-typitty-type]
NSA-DATABASE-TERMINAL: Boop-boop-baloolooloop. PING!
OFFICER: Here we go! Dead-black-guy was near reported incidents X, Y and Z and has been in frequent contact with known gang suspects A, B, and C and even orders pizzas from site J which serves all these people and locations. He's probably a thug. Retroactive justice prevails! (And saves my ass!)
OFFICER HUNGRY: Well that's fortunate. Also, chilidogs.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
The only real question is, who exactly did the USG declare war on.
[ link to this | view in chronology ]
Re:
There was also that little threatened war against a British dependency back in the Cold War, although I'm not sure if it was ever formally declared because the US doesn't usually bother when "restoring democracy" (and because if they had they'd have noticed how stupid they were being and who they were about to invade).
[ link to this | view in chronology ]
Re: Re:
Were they actually Formally Declared Wars??
[ link to this | view in chronology ]
[ link to this | view in chronology ]