NSA Illegally Scooped Up Thousands Of US Internet Communications

Tom Brewster is TechWeek Europe’s Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

NSA wasn’t honest about a snooping operation that scooped up rafts of US citizens’ Internet communications, documents released by the US reveal

The National Security Agency (NSA) was illegally collecting America citizens’ data through an Internet tapping programme and had misled the court overseeing its operations, according to documents released by the Obama government yesterday.

One of the files, dated December 2011, detailed the NSA’s “upstream acquisition of Internet communications”. The method is supposed to “screen out communications that are wholly domestic in nature”, but the tools used to do this were described as “not perfect”.

That led the Foreign Intelligence Surveillance Court (FISC) to determine that tens of thousands of communications between solely US persons, amounting to just .02 percent of communications scooped up by the agency, had been hoovered up by the NSA.

surveillance cyber crimeNSA misled FISC?

It also determined the US government “had not fully explored options regarding data retention that would be more protective of US persons”.

Another document, from October 2011, suggested 26.5 million Internet “transactions” were acquired every year through the upstream data acquisition. Overall it was collecting 250 million Internet communications annually. The court described the intrusion on US citizens through the tapping method as “very substantial”.

The judge writing in that same October 2011 opinion suggested the tapping operation was somewhat out of control. “The sheer volume of transactions acquired by the NSA through its upstream collection is such that any meaningful review of the entire body of the transactions is not feasible,” wrote FISC Judge John Bates.

He hinted the NSA had misled the court too. “The volume and nature of the information it had been collecting is fundamentally different than what the court had been led to believe.”

In a footnote he added: “The court is torubled that the government’s revelations regarding NSA’s acquisition of Internet transactions mark the third instance in less than three years in which the government has disclosed a substantial misrepresentation regarding the scope of a major collection program.

“Contrary to the government’s repeated assurances, NSA has been routinely running queries of the metadata using querying terms that did not meet the required standard for querying.”

The FISC said the NSA may have collected as many as 56,000 emails every year between 2008 and 2011, even though the parties involved had no collection.

Bates eventually ruled the programme was illegal and the NSA had to change its operation to ensure it wasn’t scooping up so many domestic communications.

Since the revelations of whistleblower Edward Snowden, the NSA has been heavily criticised, as has the FISC. The latest release of documents from the court were supposed to show how it had effectively scrutinised the agency, but it has also highlighted suspected illegal intrusions on privacy from the NSA.

Shhh! Do our whistleblowers quiz, but keep it quiet…