backtop


Print 115 comment(s) - last by Adonlude.. on Oct 23 at 12:32 PM


  (Source: AFP)
NSA says it's acting legally in seizing IM contacts lists, email address books, and even some email text

A new piece in The Washington Post reveals that the U.S. National Security Agency (NSA) seized the email and IM contacts lists of 700,000+ accounts daily in 2012, including Americans who paid for this surveillance.  Legally the NSA is explicitly verboten from spying against Americans, an activity which is supposedly antithetical to its nationalist mission statement.  But by creatively redefining its own rules, the NSA does not consider what it is doing illegal.

I. "The Assumption [on Foreign Networks] is You're Not an American"

The NSA is supposed to only spy on foreign citizens.

Hence the issue begins with the issue of who is an American.  If a person is an American, it is explicitly illegal to monitor them within the U.S., as that's forbidden under the laws that govern the NSA.  However, if you're an American overseas you enter a grey area of the law.  Technically it still seems against the spirit of the agency and similar to the explicitly forbidden spying within the U.S.; but overseas spying on American citizens isn't explicitly forbidden either.

The NSA has already made it clear that "accidentally" breaking the law thousands of times a year, by illegally spying on Americans who it has the data to know are within the U.S.

Now these fresh disclosures show what could be a mere tip of the iceberg.

Autonomy poster
Replace "80%" with "99%" and this graphic starts to describe the NSA's efforts to illegal spy on Americans. [Image Source: Autonomy]

Ideally, if Congress hasn't granted the power in such grey areas -- but also hasn't explicitly forbidden it -- the agency is left to weigh how critical such an effort is, versus potential ethical and Constitutional issues.

When it comes to overseas surveillance, the NSA is playing a clever game, conveniently saying that it can seizing much more data from Americans by simply claiming that it assumes you're a foreigner.


The Washington Post says that an official acknowledges that the NSA maintains a variety of overseas digital collection points, and asserts that if your data is intercepted there that "the assumption is you're not a U.S. person.”

II. Technically Flawed Argument Boosts Illegal Objectives

At this point you might think "okay, well that only applies to international travellers, and I mostly stay in the country, so my data is safe."

But there you would be wrong.  You see, the NSA not only applies it's guesswork logic to instances where a person is physically in a foreign country and utilizing digital infrastructure there (say a cell phone tower), they also apply it even if you're in the U.S. and merely communicating with foreign servers.

NSA
The NSA assumes if your data passes through foreign servers, that you're a foreigner and it can feast on it. [Image Source: KnowYourMeme]

The NSA is essentially claiming that Congress does tell it to collect data in this way, as it assumes any data in a foreign country is from foreigners.  The central premise here is that for the most part no foreign data exists on a nation's domestic network.

Many companies like Google Inc. (GOOG) mirror your domestic data on their secure global servers in order to provide consistent service.  In other words, you may be in a U.S. and you may be using a widely used U.S. service, but because of how that service is implemented, the NSA in its warped logic assumes you're not a citizen.

Yahoo!
Yahoo! proved the most vulnerable to spying, due to its large user base and historic lack of SSL encryption. [Image Source: Inquirer]

If the NSA can make the case that by mining a nation's networks it is monitoring "a valid foreign intelligence target in and of itself", it considers that enough to start interception.  Of the 700,000+ email contacts lists grabbed last year, Yahoo! Inc. (YHOO) accounted for the biggest share (444,743), with Facebook, Inc. (FB) (82,857), and Google's Gmail (33,697) somewhat farther back.

In addition to email contacts lists, for web clients like Gmail and Yahoo! Mail it can also collect the first few lines of email in some case, along with the email header which includes who sent and received the message.  And it collects 500,000+ IM contact lists, on average per day.

In total the documents indicate the NSA collects hundreds of millions of email contacts list, inbox scrapes, and IM lists.  This makes it highly probably that the NSA uses its "not an American" assumption to seize the personal information of a large percentage of Americans, particularly when you consider that some of the most popular services in regions like China and Europe aren't even mentioned in the report.

In fact, in a perhaps telling sign, the NSA's seizures primarily have targeted not foreigners, but the services that are most popular domestically (e.g. Gmail, Yahoo!).

III. NSA Accidentally Spams Itself

For beleaguered U.S. citizens, there may be silver lining to this part of the NSA's cloud spying scheme; spam email -- normally an annoyance-- may actually be welcome countermeasure against the NSA reading through your emails.  

Because the NSA grabs the such a significant chunk of text from Americans' and foreigners' unencrypted emails records the NSA is being smacked with storage shortfalls, as it can keep up with all the spam email that it's accidentally seized.  The volume of spam has forced the NSA to reportedly institute "emergency detasking" orders, where it wipes some of its data stockpile to allow more new data to come in.

Spam
The NSA has been accidentally seizing your spam. [Image Source: MSNBC]

Yahoo's higher interception rate is speculated to be possibly due to its late implementation of SSL, an encryption mechanism that makes it harder for the NSA to break into your email.  The NSA and criminals who engage in online theft bear certain similarities; for starters they both hate encryption.  The NSA has spent $250M USD reportedly in U.S. taxpayer money to try to weaken international encryption, which leaves you more vulnerable to identity theft and other forms of hacking, but makes it easier to spy on you.

The Gmail address books are particularly interesting as it's been widely publicized that Google mirrors your data, while it's less clear whether Yahoo! and Facebook are engaging in such activities.

Notably the NSA does not have to notify companies like Yahoo!, Facebook, or Google that it's seizing their data, nor does it have to get a warrant, court order, or other official legal mechanism, aside from its blanket self-authorization.  By seizing the data at a lower level (likely at regional data routing hubs) the NSA can feast on a buffet of data without ever having to pay a notice to the companies whose users are being targeted.
  

fiber optics
The NSA directly scrapes data off cable hubs. [Image Source: AP]

This obviously makes data seizure much easier, as companies are unable to fight against what they don't know.  Many companies like Google have successfully fought similar seizure attempts on Americans' data in either secret or public courts.

The NSA
The NSA cleverly realized that citizens and companies can't fight being spied upon if they don't know about it.  Unfortunately for it, they now know about it. [Image Source: NYPost]

As with past leaks, this leak came courtesy of Edward Snowden, the former NSA contractor who now faces criminal charges for revealing to Americans the extent they're being spied upon.  Despite these charges, Mr. Snowden has garnered a great deal of support, even winning an award from former CIA operatives.

His latest publication follows information published earlier this month, which revealed that the NSA was building databases to track the real world identities of Americans' friends along with their locations, this specialist system was estimated in internal documents to seize 20 billion metadata records a day, giving the NSA the power to know who your wife, girlfriend, mistress, etc. are.

Sources: The Washington Post, NSA via Intellipedia/The Washington Post



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: ROFL
By Master Kenobi (blog) on 10/15/2013 7:50:42 PM , Rating: 1
You've made my point for me. You like so many others are so dead set on everything being done illegally, that you can't and won't bother to look beyond your own biases. I'm sure you were screaming to high hell over Gitmo and Waterboarding too. It really doesn't matter what it is, the government is bad, always, no matter what. Feel free to leave the US and move to Russia, according to Snowden it's worlds better than the big bad USA.


RE: ROFL
By ritualm on 10/16/2013 12:24:49 AM , Rating: 3
Bias? Yours is in full, fervent, unquestioned support of what your government is doing against its own citizens and everyone else outside your country. Living in North Korea isn't so bad anymore, considering just how awful USA has become: the Land of the Free isn't a police state right now, but it's damned close to one.

Whatever al-Qaeda's motives were on September 11, 2001, it did accomplish its main objective: turn USA from a free state into a police state. The best part is they know just how godawful gullible and weak-willed USA really is when it comes to defending against imaginary danger. Plant a few false flags, then watch you go into extreme panic mode, in an attempt to defend against a mortal danger that never existed in the first place - worthy of ROFL.


RE: ROFL
By tamalero on 10/16/2013 12:56:00 AM , Rating: 2
Bias..?
Are you even reading what you're writing?
sorry man, but you're sounding like a epic hypocrite right now.


RE: ROFL
By Reclaimer77 on 10/16/2013 12:59:27 AM , Rating: 2
You're a trolling child. I don't even know how you got your "DT blog" credentials, but your poor attitude here and blatant lack of maturity has certainly done nothing to enhance Daily Tech's image or those of your peers.

I'm not even going to legitimize your straw man red herring put-words-in others mouths tactics by bothering to set you straight. Nobody else can get through to you either.

I sincerely hope you're a Government employee. At least then I could understand your fervent nonsense you spew at any challenge to the status quo, even intellectual ones in an online debate.

Because the only alternative is that you really are this ignorant and childish.


RE: ROFL
By Master Kenobi (blog) on 10/16/2013 4:41:11 AM , Rating: 2
Get over yourself. I, like many other Americans that have served this country past and present choose not to believe it is pure evil and out to get me all the time. You're nothing but a conspiracy lunatic, your post about the IRS proves that beyond doubt. There's no point debating law and merit with someone like you, you can't be reasoned with.


RE: ROFL
By tamalero on 10/16/2013 11:36:13 AM , Rating: 2
pot meet kettle again.

You're also sporting the "I AM RIGHT, THEREFORE EVERYONE IS WRONG BECAUSE I SAY SO" attitude while pulling almost every fallacy mentioned in the internet.


RE: ROFL
By Reclaimer77 on 10/16/2013 1:24:59 PM , Rating: 2
You really enjoy creating false arguments that nobody ever made, so you can rail against them, don't you?

I never said NSA data was used in the IRS intimidation scandal. But a scandal DID take place. Just because it's been swept under the rug and had excuses made for it that no rational person would believe, doesn't mean it didn't happen.

So we have clear cases where abuse of Government power has taken place. More specifically, Government abusing power aimed DIRECTLY at citizens of this country. It's happened before, it happened now, and it will happen again.

Yet here you are saying anyone with any scruples about it, is some nut job conspiracy theory looney-toon. That if anything really illegal took place, Congress or a court would rush it and make it all better. And you accuse others of being a lunatic!?

Not to mention your absurdly childish and ignorant reasoning. For example claiming that because the Constitution doesn't specifically mention an "internet", it's principles and protections just don't apply to it, thus the Government can do whatever it wants!

This not only demonstrates you have absolutely zero understanding of the Constitution, but that you're a moron too. I hate resorting to insults, believe it or not, but you've left me just no choice.

You're also a pretty bad troll, too.


RE: ROFL
By Master Kenobi (blog) on 10/16/2013 3:32:28 PM , Rating: 2
The troll here is you, but hey I'll bite. The supreme court is the body of government that makes official determination on if things are or are not legal according to the constitution and other laws on the books. The supreme court has made ZERO ruling that what is taking place is in fact illegal in regards to the NSA's programs. For you to stand here and rant and rave about the legality of if is asinine. You are declaring it to be illegal based on your beliefs, not on the laws as written. I find it disrespectful as hell for you to stand here and condemn anyone and everyone who has or does serve this country because you believe the government is out to get you. At the very least you've made it abundantly clear that you never served this country at any point in time and never will. I can thank god for small favors that I don't have you making decisions that affect this country.


RE: ROFL
By ebakke on 10/16/2013 4:56:26 PM , Rating: 2
quote:
The supreme court has made ZERO ruling that what is taking place is in fact illegal in regards to the NSA's programs.
In order to challenge the government, I must have standing. In order to have standing, I must provide evidence that I've been harmed. In order to do that, I must have access to the information collected on me. In order to do that, that information must be declassified. Not going to happen. A lack of a decision declaring the NSAs actions illegal is *not* the same as a decision declaring their actions legal.

quote:
find it disrespectful as hell for you to stand here and condemn anyone and everyone who has or does serve this country
Oh c'mon. Get off your high horse. You're a mercenary. That's fine if that's the way you choose to live your life, but you're not some saint for doing so.


RE: ROFL
By ritualm on 10/16/2013 4:56:31 PM , Rating: 2
Whose laws , Master Kenobi? Answer those questions you must - because you still haven't done so.

The elite creates one set of laws to impose on everyone else, while also creating a second set of laws to protect themselves from everyone else. The playing field is already uneven to start. How is any of this fair?

Oh right, because you are an active-duty sergeant in the armed forces, and that gives you the ability to check your values and beliefs at the door.

The troll here is you. You are asinine and disrespectful as hell. You've never served this country at any point in time and never will, despite your ill-gotten credentials in the armed forces. You are a retarded government shill to think we are all idiots to even attempt to save what little remains of the very Constitution of the United States of America, which ironically you have sworn on DAY ONE of your enlistment to the armed forces, to defend.

Worthless, pathetic troll of the highest order.


RE: ROFL
By Reclaimer77 on 10/16/2013 5:42:28 PM , Rating: 2
quote:
I find it disrespectful as hell for you to stand here and condemn anyone and everyone who has or does serve this country


Again, you need to put words in peoples mouths to argue against.

Where did I condemn anyone who serves this country? Where are you getting this nonsense!?

quote:
For you to stand here and rant and rave about the legality of if is asinine.


Dude the only one ranting and raving here is you. Have you read your posts? They're absolutely mental!

quote:
I can thank god for small favors that I don't have you making decisions that affect this country.


What hyperbole...


"This is about the Internet.  Everything on the Internet is encrypted. This is not a BlackBerry-only issue. If they can't deal with the Internet, they should shut it off." -- RIM co-CEO Michael Lazaridis














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki