Latest Leak: NSA Can Spy On Almost Anything, Gets To Set Its Own Filters
from the and-another-shoe-drops dept
The National Security Agency—which possesses only limited legal authority to spy on U.S. citizens—has built a surveillance network that covers more Americans' Internet communications than officials have publicly disclosed, current and former officials say.Basically, they're just revealing more details about the things that whistleblower Mark Klein revealed years ago: that the NSA has deals with the major telcos which scoop up a huge amount of internet traffic.
The system has the capacity to reach roughly 75% of all U.S. Internet traffic in the hunt for foreign intelligence, including a wide array of communications by foreigners and Americans. In some cases, it retains the written content of emails sent between citizens within the U.S. and also filters domestic phone calls made with Internet technology, these people say.
The programs, code-named Blarney, Fairview, Oakstar, Lithium and Stormbrew, among others, filter and gather information at major telecommunications companies. Blarney, for instance, was established with AT&T Inc., former officials say. AT&T declined to comment.The WSJ report is wrong on one account, though. It claims that people believed that the NSA's filtering actually happened "where undersea or other foreign cables enter the country" but that's not true. Mark Klein made it clear that the NSA had machines directly on AT&T's property.
This filtering takes place at more than a dozen locations at major Internet junctions in the U.S., officials say.
And, of course, it will come as no surprise that these programs that work directly with telcos to tap into full internet traffic aren't just about metadata:
...this set of programs shows the NSA has the capability to track almost anything that happens online, so long as it is covered by a broad court order.This also shouldn't be a surprise. For all the talk of "metadata" it was always clear that the surveillance defenders were talking about this program only, which was the Patriot Act Section 215 "business records" program. But other programs, such as these listed above, were clearly about actual content as well.
[....] Inevitably, officials say, some U.S. Internet communications are scanned and intercepted, including both "metadata" about communications, such as the "to" and "from" lines in an email, and the contents of the communications themselves.
While the report does note that some "minimization" happens, there is clearly widespread ability to abuse. The system works by having the NSA telling the telcos to only send over certain traffic covering "certain areas of interest" which the NSA then "briefly copies" and decides what to keep and what to dump. Again, this is consistent with earlier reports of the NSA searching all emails that go into and out of the US.
The latest report is, again, replete with NSA doublespeak. It claims that it's not "accessing" all of this traffic, because it asks the telcos to do some of the filtering for it. That's how it gets away with talking about "things we actually touch," even though its deals with the telcos basically mean they can access almost everything.
The WSJ further reports that, while most of the requests are targeted towards foreign communications, there are times when it's quite clear that requests are likely to cover domestic communications. Some telcos apparently push back, causing "friction", while others seem to comply with no qualms, though there is no indication of which telcos fall into which camp.
The report further confirms that this program is considered "legal" by the administration thanks to a broad interpretation of the FISA Amendments Act, giving the NSA the power to snoop on people "reasonably believed" to be outside the US, rather than requiring "probable cause" that they were "an agent of a foreign power." Also, there's this:
NSA has discretion on setting its filters, and the system relies significantly on self-policing. This can result in improper collection that continues for years.The report also claims that it was one of these "mistakes" that resulted in three years of illegal collections (much greater than the "few months" that were revealed in last week's Washington Post article).
And now we wait for another bunch of carefully worded statements from NSA defenders...