backtop


Print

But agency claims to only review 0.00004 % (~77,000 GB) per day

Following the leaks of Edward Snowden, who revealed the U.S. National Security Agency (NSA) was storing the calling records of virtually all phone-using Americans via metadata grabs, President Barack Obama was backpedalling on Friday, trying to reassure Americans that he remained committed to his promises of "transparency."

I. President's Speech is Followed by NSA Doc Drop

In his speech he remarked:
 
As a senator, I expressed a healthy skepticism about these programs. And as president, I've taken steps to make sure that they have strong oversight by all three branches of government and clear safeguards to prevent abuse and protect the rights of the American people. But given the history of abuse by governments, it's right to ask questions about surveillance, particularly as technology is reshaping every aspect of our lives.

 


 


But the reporters' questions showed a bit of an edge.  One pool reporter at the press conference asked him if he could understand why Americans might not trust him after all the leaks of spying programs.  He attacked that comment stating, "No, I can't," and arguing that he was "comfortable" with the level of spying.


Obama spying
President Obama says he's "comfortable" with his spying on you, so you should be too.
[Image Source: AP]


The President did, however, promise to work with Congress to revise Section 215 (50 USC § 1861) of the USA PATRIOT (Uniting (and) Strengthening America (by) Providing Appropriate Tools Required (to) Intercept (and) Obstruct Terrorism) Act, legal language which in essence grants the U.S. Federal Bureau of Investigation (FBI) unchecked, unlimited powers of search and seizure.  Specifically, the language of the law states that it is legal for FBI agents to demand from any citizen "any tangible things," without producing a warrant so long as the agent(s) "specif[ies]" that the order is "for an authorized investigation . . . to protect against international terrorism or clandestine intelligence activities." 

And it appears that the NSA was nudged by the President to release a white paper [PDF] on its internet and telephone metadata surveillance operations, which spy on chats, emails, web traffic, and other information ostensibly with the goal of finding and tracking "terrorists".

Much of the document is largely just boilerplate.  The opening section thumps the rising threat of terrorism and the NSA's role in fighting it.  A subsequent section emphasizes that the intended purposes of the agency is to monitor foreign communications (which was apparently overlooked in the indiscriminate grab of U.S. cell phone users' metadata).  The backing legal authority-- Executive Order 12333 (President Ronald Reagan, 1981) and the Foreign Intelligence Surveillance Act of 1978 (FISA) (50 USC Chapter 36) -- is also noted.

II. NSA Appears to Filter After it Harvest Data, Overcollecting on a Massive Scale

Things start to get juicy on page 4.  The NSA writes:
 


The collection is acquired through compelled assistance from relevant electronic communications service providers.

In other words the NSA demands blanket dumps of data from internet service providers (e.g. Time Warner Inc. (TWX) and Comcast Corp. (CMCSA)), online service firms (e.g. Google Inc. (GOOG) and Microsoft Corp. (MSFT)), and cell phone carriers (e.g. Sprint Nextel Corp. (S) and AT&T, Inc. (T)).  It uses this data to purportedly "acquire foreign intelligence while protecting the civil liberties and privacy of Americans."

NSA spying
The NSA acknowledges it's not supposed to be collecting data on U.S. citizens, but it creatively redefines "collecting" to circumvent that restriction. [Image Source: Nation of Change]

The key is that the NSA's filtering -- "targeting and minimization procedures" -- occurs only after its grabbed, and likely stored.  Filtering up front -- logically akin to innocent until proven guilty -- would be much more difficult, but arguably would to a better job fulfilling the NSA's promise to "protect civil liberties and privacy of Americans" by ensuring that relatively few records regarding American citizens were captured.  While technically more difficult -- perhaps so much so that the NSA would be constrained to monitoring a few thousand individuals at a time -- the approach would also save U.S. taxpayers money by cutting both direct and contracted storage costs.

Unfortunately, the NSA is taking the opposite approach when it comes to data grabs -- guilty until proven innocent.  It first grabs the data, and only discards it after it determines it's not a foreign communication.  This approach represents serious ethical concerns, and also balloons the storage costs of the Agency.  Further exacerbating the issue is that the NSA paper is painfully light on details on how its discarded records are sanitized (they could easily linger in databases for months or even years until overwritten).

NSA Unchained
[Image Source: ACLU]

Even after filtering, some American citizens' communications still remain.  The NSA writes:

For a variety of reasons, including technical ones, the communications of U.S. persons are sometimes incidentally acquired in targeting the foreign entities. For example, a U.S. person might be courtesy copied on an e-mail to or from a legitimate foreign target, or a person in the U.S. might be in contact with a known terrorist target. In those cases, minimization procedures adopted by the Attorney General in consultation with the Director of National Intelligence and approved by the Foreign Intelligence Surveillance Court are used to protect the privacy of the U.S. person. These minimization procedures control the acquisition, retention, and dissemination of any U.S. person information incidentally acquired during operations conducted pursuant to Section 702.

The NSA says it takes additional steps to try to weed out false hits and not dig into innocent communications.

III. Metadata: Is the NSA Tracking Locations?  It Depends on Who You Ask

The paper goes on to discuss the harvesting of so-called "metadata" including location records.  The program -- dubbed the Business Records FISA program (BR FISA) -- launched under President Bush in 2006 and continued on under President Obama in years since.  The program was authorized by 14 separate federal judges.

Highly interesting is that the NSA claims:

The information is known as metadata, and consists of information such as the called and calling telephone numbers and the date, time, and duration of the call, but no user identification, content, or cell site locational data.

The latter denial -- that the NSA has data that allows it to track citizens -- contradicts testimony of both Ed Snowden and ex-NSA-analyst Russell Tice. Both claim the NSA did have that capability and did actively harvest those phone records.

Edward Snowden
Former NSA analyst Ed. Snowden walked away from a posh bureaucratic job spying on Americans to blow the whistle on NSA waste and overreaches. [Image Source: AP]

It also contradicts the filing of a suit [PDF] filed by the The American Civil Liberties Union (ACLU) in U.S. District Court for the Southern District of New York, alleging that the NSA was collecting location information.  Writes the ACLU attorneys:

The government has acknowledged that it is relying on Section 215 to collect “metadata” about every phone call made or received by residents of the United States. The practice is akin to snatching every American’s address book—with annotations detailing whom we spoke to, when we talked, for how long, and from where. It gives the government a comprehensive record of our associations and public movements, revealing a wealth of detail about our familial, political, professional, religious, and intimate associations.

It's impossible to tell who's telling the truth (ex-NSA agents and the ACLU, or current NSA agents actively involved in the spying) as for all its "openness", the data is only available to NSA agents.

phone metadata
Location metadata from your phone shows precisely where you've been and when.  The NSA claims it's not collecting these forms of metadata, but former agents say otherwise. [Image Source: Pete Warden and Alasdair Allan]

The NSA document describes a similar filtering practice applied to this data set.  An NSA agent must enter a "seed" (e.g. a phone number) to see associated metadata.  The NSA claims this prevents Americans' data from being "collected" (which the NSA defines as the act of retrieval by the analysis), but again it makes no promises that Americans data is not being actively grabbed in bulk and stored, untouched on federal or contractor servers.

IV. NSA Intercepts Upwards of 5-6 Percent of digital global communications

More interesting still, on the topic of exactly how much emails, video chats, etc. the NSA collects, it estimates:

According to figures published by a major tech provider, the Internet carries 1,826 Petabytes of information per day. In its foreign intelligence mission, NSA touches about 1.6% of that. However, of the 1.6% of the data, only 0.025% is actually selected for review. The net effect is that NSA analysts look at only 0.00004% of the world's traffic in conducting their mission -- that's less than one part in a million. Put another way, if a standard basketball court represented the global communications environment, NSA's total collection would be represented by an area smaller than a dime on that basketball court.

Still again, we must examine the staggering -- and costly -- amount of data the NSA is admitting to storing here.  The NSA is admitting that it grabs 29.22 petabytes of data a day, although it only reviews roughly 77,000 gigabytes of that daily.

Consider for a second that services like Netflix, Inc. (NFLX) account for about 1/3 of total internet traffic.  Another 10 to 15 percent of total traffic (based on search analyses) is for pornographic content.  Assuming the NSA is not interest in our Netflix queue or porn.  Then there’re gaming and app marketplaces.

Combine all this together and the things that might interest the NSA -- communications (~3% of aggregate N.A. traffic), filesharing (~12.0%), web browsing (12.7%), and you see that only a little over a quarter (27.7%) of traffic is likely targeted by the NSA in the first place.

Gmail 
The NSA is reading a lot of email, and collecting even more.

In that light the NSA is capturing possibly 6% or more of communications traffic.  

The fact that the NSA is presenting its data grab amount in terms of the total traffic -- most of which it doesn't care about (e.g. streaming entertainment) is pretty misleading, although it's at least a step forward in that you can squeeze the true figures out.

V. Doublespeak Can't Hide That the NSA is Spending Wastefully, Spying on Citizens

The NSA promises:

If NSA is not acting in accordance with law, policy, or procedure, NSA will report through its internal and external intelligence oversight channels, conduct reviews to understand the root cause, and make appropriate adjustments to constantly improve.

But despite its opening up a little after its hand was forced, at the end of the day, only the internal ranks of the NSA truly know what data agents are looking at on a daily basis.  The rest of us must rely on leaks from former agents or high placed government officials to try to gain some sort of perspective.

But from what is known at this point, it's clear the NSA realizes that it's not supposed to collect data on Americans, but has done some creative mind games to convince itself that it's not "collecting" Americans' records, despite harvesting millions of their phone records and thousands of gigabytes of communications on a daily basis.  

This is kind of like a stalker arguing that if they don't look at the person whose house they're camped outside, they're not really stalking them.

Stalker
The NSA claiming it isn't spying on you if it doesn't look at your data which it demanded from businesses, is kind of like a stalker arguing that he isn't really stalking you unless he looks at you from the bushes where he's hiding outside your house. [Image Source: SLC AD]

If there's one thing clear from the document it's that the NSA is spying on Americans, and that it is spying a lot.  

But the good news is that the Agency is starting to open up about its spying programs to a small degree, and that foothold can hopefully be leveraged to stoke further public awareness of the issue, once the NSA's codespeak is parsed and the true scope of the described spying is made clear to the public.  And hopefully that dialogue can in turn lead to a trimming of wasteful and Orwellian surveillance of law-abiding American citizens.

Sources: President Obama via The Washington Post [transcript], NSA [white paper]





"My sex life is pretty good" -- Steve Jobs' random musings during the 2010 D8 conference






Most Popular ArticlesThe Best 4K Monitors
July 15, 2017, 6:30 AM
HP 280 G2 MT Desktop PC
July 16, 2017, 6:47 AM
Dell XPS 27 – Large Screen PC AlO with High-End Performance
July 10, 2017, 7:22 AM
iPhone 8 – OLED Screen & 3D Laser Tech
July 14, 2017, 7:45 AM
Comparison: Rock64 vs Raspberry Pi 3
July 11, 2017, 6:53 AM

Latest Blog Posts






botimage
Copyright 2017 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki