NSA "Assumes" Americans Are Foreigners, Seizes Millions of Email Contacts Lists
October 15, 2013 3:16 PM
comment(s) - last by
NSA says it's acting legally in seizing IM contacts lists, email address books, and even some email text
A new piece in
The Washington Post
reveals that the
U.S. National Security Agency
(NSA) seized the email and IM contacts lists of 700,000+ accounts daily in 2012, including Americans who
paid for this surveillance
. Legally the NSA is explicitly verboten from spying against Americans, an activity which is supposedly antithetical to its nationalist mission statement. But by creatively redefining its own rules, the NSA does not consider what it is doing illegal.
I. "The Assumption [on Foreign Networks] is You're Not an American"
The NSA is supposed to
only spy on foreign citizens
Hence the issue begins with the issue of who is an American. If a person is an American, it is explicitly illegal to monitor them within the U.S., as that's forbidden under the laws that govern the NSA. However, if you're an American overseas you enter a
grey area of the law
. Technically it still seems against the spirit of the agency and similar to the explicitly forbidden spying within the U.S.; but overseas spying on American citizens isn't explicitly forbidden either.
The NSA has already made it clear that
"accidentally" breaking the law
thousands of times a year, by
illegally spying on Americans
who it has the data to know are within the U.S.
Now these fresh disclosures show what could be
a mere tip of the iceberg
Replace "80%" with "99%" and this graphic starts to describe the NSA's efforts to illegal spy on Americans. [Image Source: Autonomy]
Ideally, if Congress hasn't granted the power in such grey areas -- but also hasn't explicitly forbidden it -- the agency is left to weigh how critical such an effort is, versus potential ethical and Constitutional issues.
When it comes to overseas surveillance, the NSA is playing a clever game, conveniently saying that it can seizing much more data from Americans by simply claiming that it assumes you're a foreigner.
The Washington Post
says that an official acknowledges that the NSA maintains a variety of overseas digital collection points, and asserts that if your data is intercepted there that "the assumption is you're not a U.S. person.”
II. Technically Flawed Argument Boosts Illegal Objectives
At this point you might think "okay, well that only applies to international travellers, and I mostly stay in the country, so my data is safe."
you would be wrong
. You see, the NSA not only applies it's guesswork logic to instances where a person is physically in a foreign country and utilizing digital infrastructure there (say a cell phone tower), they also apply it even if you're in the U.S. and merely communicating with foreign servers.
The NSA assumes if your data passes through foreign servers, that you're a foreigner and it can feast on it. [Image Source: KnowYourMeme]
The NSA is essentially claiming that Congress
tell it to collect data in this way, as it assumes any data in a foreign country is from foreigners. The central premise here is that for the most part no foreign data exists on a nation's domestic network.
Many companies like Google Inc. (
) mirror your domestic data on their secure global servers in order to provide consistent service. In other words, you may be in a U.S. and you may be using a widely used U.S. service, but because of how that service is
, the NSA in its warped logic assumes you're not a citizen.
Yahoo! proved the most vulnerable to spying, due to its large user base and historic lack of SSL encryption. [Image Source: Inquirer]
If the NSA can make the case that by mining a nation's networks it is monitoring "a valid foreign intelligence target in and of itself", it considers that enough to start interception. Of the 700,000+ email contacts lists grabbed last year, Yahoo! Inc. (
) accounted for the biggest share (444,743), with Facebook, Inc. (
) (82,857), and Google's Gmail (33,697) somewhat farther back.
In addition to email contacts lists, for web clients like Gmail and Yahoo! Mail it can also
collect the first few lines of email
in some case, along with the email header which includes who sent and received the message. And it collects 500,000+ IM contact lists, on average per day.
In total the documents indicate the NSA collects hundreds of millions of email contacts list, inbox scrapes, and IM lists. This makes it highly probably that the NSA uses its "not an American" assumption to seize the personal information of a large percentage of Americans, particularly when you consider that some of the most popular services in regions like China and Europe aren't even mentioned in the report.
In fact, in a perhaps telling sign, the NSA's seizures primarily have targeted not foreigners, but the services that are most popular domestically (e.g. Gmail, Yahoo!).
III. NSA Accidentally Spams Itself
For beleaguered U.S. citizens, there may be silver lining to this part of the NSA's cloud spying scheme; spam email -- normally an annoyance-- may actually be welcome countermeasure against the NSA reading through your emails.
Because the NSA grabs the such a significant chunk of text from Americans' and foreigners' unencrypted emails records the NSA is being smacked with storage shortfalls, as it can keep up with all the spam email that it's accidentally seized. The volume of spam has forced the NSA to reportedly institute "emergency detasking" orders, where it wipes some of its data stockpile to allow more new data to come in.
The NSA has been accidentally seizing your spam. [Image Source: MSNBC]
Yahoo's higher interception rate
is speculated to be possibly due to its late implementation of SSL, an encryption mechanism that makes it harder for the NSA to break into your email. The NSA and criminals who engage in online theft bear certain similarities; for starters they both hate encryption. The NSA has
spent $250M USD
reportedly in U.S. taxpayer money to try to weaken international encryption, which leaves you more vulnerable to identity theft and other forms of hacking, but makes it easier to spy on you.
The Gmail address books are particularly interesting as it's been widely publicized that Google mirrors your data, while it's less clear whether Yahoo! and Facebook are engaging in such activities.
Notably the NSA does not have to notify companies like Yahoo!, Facebook, or Google that it's seizing their data, nor does it have to get a warrant, court order, or other official legal mechanism, aside from its blanket self-authorization. By seizing the data at a lower level (likely at regional data routing hubs) the NSA can feast on a buffet of data without ever having to pay a notice to the companies whose users are being targeted.
The NSA directly scrapes data off cable hubs. [Image Source: AP]
This obviously makes data seizure much easier, as companies are unable to fight against what they don't know. Many companies like Google have successfully fought similar seizure attempts on Americans' data in either secret or public courts.
The NSA cleverly realized that citizens and companies can't fight being spied upon if they don't know about it. Unfortunately for it, they now know about it. [Image Source: NYPost]
As with past leaks, this leak came courtesy of Edward Snowden, the former NSA contractor who now faces criminal charges for revealing to Americans the extent they're being spied upon. Despite these charges, Mr. Snowden has garnered a great deal of support, even
winning an award from former CIA operatives
His latest publication follows information published earlier this month, which revealed that the NSA was building databases to track the real world identities of Americans' friends along with their locations, this specialist system was estimated in internal documents to seize 20 billion metadata records a day, giving the NSA the power to know who your wife, girlfriend, mistress, etc. are.
The Washington Post
NSA via Intellipedia/The Washington Post
This article is over a month old, voting and posting comments is disabled
10/16/2013 3:37:58 PM
I can certainly agree that the DHS buying up lots of ammunition is a bit odd and deserves an explanation, but to connect the dots the way you just did is pretty far fetched.
Obama has only a few years left in the white house, then it's up to the next guy. I'll give you credit for finding a way to connect all of those dots, but I can't agree with your assessment. Having served in the military for a number of years, I don't believe for a second that the US government is adept enough to pull off something that long term and coordinated.
10/16/2013 5:05:15 PM
The next guy will merely continue what Obama left off.
I don't like troysavary's assessment, either, because it smacks of pessimist thinking. Unfortunately, what he said is every bit as accurate. Why 1.6 billion hollow point rounds when the most the DoHS goes through is maybe 5-6 million? We're headed in a direct collision course against the rich, where the playing field is excessively stacked against us - and the worst part is you have zero issues with any of that.
Blind, obedient sheep - you are full of it. All of your opinions are rendered null and void because you don't think any of these can ever happen. Save your petty insults and circular logic, Master Kenobi, because all the critical pieces of the tinder box are falling into place - all it takes is someone to light the match.
"We basically took a look at this situation and said, this is bullshit." -- Newegg Chief Legal Officer Lee Cheng's take on patent troll Soverain
Report: CIA Dismissed Snowden After Suspecting Him of Internal Hacking
October 14, 2013, 5:39 PM
NSA Chief Built "Starship Enterprise Bridge", Sat in Captain's Chair
September 17, 2013, 8:09 AM
NSA Bypasses Internet Encryption, Spends $250M to Weaken International Encryption
September 6, 2013, 3:05 PM
Snowden Leak: An Intelligence Contractor Costs Ten Times as Much as a Bureaucrat
August 30, 2013, 8:22 AM
NSA Surveillance Programs Reach 75 Percent of U.S. Internet Communications
August 21, 2013, 11:51 AM
Microsoft Expands Free Office 365 to All College Students
September 22, 2014, 3:21 PM
Apple Adds New Password Protection for Third Party iCloud Apps
September 17, 2014, 8:50 PM
Facebook Tests Moments App, Aims to Keep Your Private Memories Private
September 17, 2014, 5:46 PM
Russian Hackers Compile List of 10+ Million Stolen Gmail, Yandex, Mailru
September 11, 2014, 11:41 AM
House Minority Leader Pelosi Criticizes FCC's "Fast-Lane" Net Neutrality Plan
September 9, 2014, 4:15 PM
Smarter Than Siri? Cortana Adds Game NFL Game Winner Prediction
September 3, 2014, 4:12 PM
Most Popular Articles
HTC Preps Nexus 9 With Nvidia K1 64-Bit "Denver" SoC, Android L Onboard
September 10, 2014, 10:21 PM
Apple iPhone 6, iPhone 6 Plus Reviews Roll In
September 16, 2014, 9:13 PM
Big Media: If You Want Privacy, You're Probably a Pirate
September 18, 2014, 2:57 PM
Apple Cripples NFC in iPhone 6, 6+ With Developer Ban
September 17, 2014, 1:00 PM
"Decepticon" Driver Triumphs Over Cops in Massachusetts Court
September 5, 2014, 12:07 PM
Latest Blog Posts
ISIS Imposes Ban on Teaching Evolution in Iraq
Sep 17, 2014, 5:22 PM
Space Terrorism is a Looming Threat For the United States
Apr 23, 2014, 7:47 PM
Facebook Aims to Provide Internet to "Every Person in the World" with Drones, Satellites
Apr 1, 2014, 10:20 AM
Retail Mobile Sites Experience Outages in Light of Simplexity's Bankruptcy
Mar 14, 2014, 8:48 AM
Tesla vs. BMW: Who Has the Safer EV?
Feb 1, 2014, 2:56 PM
More Blog Posts
Copyright 2014 DailyTech LLC. -
Terms, Conditions & Privacy Information