By now, these revelations shouldn’t surprise us. Yet, they still do.
The Washington Post reports Tuesday morning that the National Security Agency has been harvesting personal email and instant-messaging contact lists on a daily basis, to the tune of 250 million address books a year, through a previously unexposed program of an astoundingly broad sweep.
The collection points are overseas, but the Post reports that the NSA is able to harvest personal contact lists of Americans through a system that piggybacks on online chat programs. Every time you log on to an instant messaging service—such as Facebook—your contact list gets transmitted over the Internet. And NSA spies collect them. From the article:
Rather than targeting individual users, the NSA is gathering contact lists in large numbers that amount to a sizable fraction of the world’s e-mail and instant messaging accounts. Analysis of that data enables the agency to search for hidden connections and to map relationships within a much smaller universe of foreign intelligence targets.
During a single day last year, the NSA’s Special Source Operations branch collected 444,743 e-mail address books from Yahoo, 105,068 from Hotmail, 82,857 from Facebook, 33,697 from Gmail and 22,881 from unspecified other providers, according to an internal NSA PowerPoint presentation. Those figures, described as a typical daily intake in the document, correspond to a rate of more than 250 million a year.
Each day, the presentation said, the NSA collects contacts from an estimated 500,000 buddy lists on live-chat services as well as from the inbox displays of Web-based e-mail accounts.
Some of the information grows out of the material leaked by Edward Snowden, but the Post also got its hands on an internal NSA PowerPoint presentation, which is posted online here.
The NSA took significant heat when it was revealed this summer that it was collecting vast troves of phone call information from Americans. The information collected under the program revealed Tuesday morning is far broader, and more invasive, in that it sweeps up details on whom Americans are in contact with over the Internet. As the Post points out, “address books commonly include not only names and e-mail addresses, but also telephone numbers, street addresses, and business and family information. Inbox listings of e-mail accounts stored in the ‘cloud’ sometimes contain content, such as the first few lines of a message.”
So how is the NSA getting around the FISA court oversight that is supposed to keep it in check, and protect the civil liberties of Americans? By offshoring the information gathering. That has allowed it to create a bank of deeply personal data:
Taken together, the data would enable the NSA, if permitted, to draw detailed maps of a person’s life, as told by personal, professional, political and religious connections. The picture can also be misleading, creating false “associations” with ex-spouses or people with whom an account holder has had no contact in many years.
The NSA has not been authorized by Congress or the special intelligence court that oversees foreign surveillance to collect contact lists in bulk, and senior intelligence officials said it would be illegal to do so from facilities in the United States. The agency avoids the restrictions in the Foreign Intelligence Surveillance Act by intercepting contact lists from access points “all over the world,” one official said, speaking on the condition of anonymity to discuss the classified program. “None of those are on U.S. territory.”
Somewhat chillingly, when I message a link to this story later to friends on Facebook, some NSA computer somewhere in the world is likely stashing away my contacts list. That means no friendship, or professional contact, is safe from government snooping.
—Posted by Scott Martelle.
vince42 (CC BY-ND 2.0)