Subject: Privacy World's November 2013 Newsletter Issue
5Nov
> Privacy World - The WORLD'S SHREWDEST PRIVACY
NEWSLETTER
>
> N.S.A. Gathers Data on Social Connections of U.S.
Citizens
>
> WASHINGTON --- Since 2010, the National Security
Agency
> been exploiting its huge collections of data to
create sophisticated
> graphs of some Americans' social connections that
can identify their
> associates, their locations at certain times, their
traveling
> companions and other personal information, according
to newly
> disclosed documents and interviews with officials.
>
> The spy agency began allowing the analysis of phone
call and e-mail
> logs in November 2010 to examine Americans' networks
of associations
> for foreign intelligence purposes after N.S.A.
officials lifted
> restrictions on the practice, according to documents
provided by
> Edward J. Snowden, the former N.S.A. contractor.
>
> The policy shift was intended to help the agency
"discover and track"
> connections between intelligence targets overseas
and people in the
> United States, according to an N.S.A. memorandum
from January 2011.
> The agency was authorized to conduct
"large-scale graph analysis on
> very large sets of communications metadata without
having to check
> foreignness" of every e-mail address, phone
number or other
> identifier, the document said. Because of concerns
about infringing on
> the privacy of American citizens, the computer
analysis of such data
> had previously been permitted only for foreigners.
>
> The agency can augment the communications data with
material from
> public, commercial and other sources, including bank
codes, insurance
> information, Facebook profiles, passenger manifests,
voter
> registration rolls and GPS location information, as
well as property
> records and unspecified tax data, according to the
documents. They do
> not indicate any restrictions on the use of such
"enrichment" data,
> and several former senior Obama administration
officials said the
> agency drew on it for both Americans and foreigners.
>
> N.S.A. officials declined to say how many Americans
have been caught
> up in the effort, including people involved in no
wrongdoing. The
> documents do not describe what has resulted from the
scrutiny, which
> links phone numbers and e-mails in a "contact
chain" tied directly or
> indirectly to a person or organization overseas that
is of foreign
> intelligence interest.
>
> The new disclosures add to the growing body of
knowledge in recent
> months about the N.S.A.'s access to and use of
private information
> concerning Americans, prompting lawmakers in
Washington to call for
> reining in the agency and President Obama to order
an examination of
> its surveillance policies. Almost everything about
the agency's
> operations is hidden, and the decision to revise the
limits concerning
> Americans was made in secret, without review by the
nation's
> intelligence court or any public debate. As far back
as 2006, a
> Justice Department memo warned of the potential for
the "misuse" of
> such information without adequate safeguards.
>
> An agency spokeswoman, asked about the analyses of
Americans' data,
> said, "All data queries must include a foreign
intelligence
> justification, period."
>
> "All of N.S.A.'s work has a foreign
intelligence purpose," the
> spokeswoman added. "Our activities are centered
on counterterrorism,
> counterproliferation and cybersecurity."
>
> The legal underpinning of the policy change, she
said, was a 1979
> Supreme Court ruling that Americans could have no
expectation of
> privacy about what numbers they had called. Based on
that ruling, the
> Justice Department and the Pentagon decided that it
was permissible to
> create contact chains using Americans'
"metadata," which includes the
> timing, location and other details of calls and
e-mails, but not their
> content. The agency is not required to seek warrants
for the analyses
> from the Foreign Intelligence Surveillance Court.
>
> N.S.A. officials declined to identify which phone
and e-mail databases
> are used to create the social network diagrams, and
the documents
> provided by Mr. Snowden do not specify them. The
agency did say that
> the large database of Americans' domestic phone call
records, which
> was revealed by Mr. Snowden in June and caused
bipartisan alarm in
> Washington, was excluded. (N.S.A. officials have
previously
> acknowledged that the agency has done limited
analysis in that
> database, collected under provisions of thePatriot
Act
>
<http://topics.nytimes.com/top/reference/timestopics/subjects/u/usa_patriot_act/index.html?inline=nyt-classifier,
> exclusively for people who might be linked to
terrorism suspects.)
>
> But the agency has multiple collection programs and
databases, the
> former officials said, adding that the social
networking analyses
> relied on both domestic and international metadata.
They spoke only on
> the condition of anonymity because the information
was classified.
>
> The concerns in the United States since Mr.
Snowden's revelations have
> largely focused on the scope of the agency's
collection of the private
> data of Americans and the potential for abuse. But
the new documents
> provide a rare window into what the N.S.A. actually
does with the
> information it gathers.
>
> A series of agency PowerPoint presentations and
memos describe how the
> N.S.A. has been able to develop software and other
tools --- one
> document cited a new generation of programs that
"revolutionize" data
> collection and analysis --- to unlock as many
secrets about
> individuals as possible.
>
> The spy agency, led by Gen. Keith B. Alexander, an
unabashed advocate
> for more weapons in the hunt for information about
the nation's
> adversaries, clearly views its collections of
metadata as one of its
> most powerful resources. N.S.A. analysts can exploit
that information
> to develop a portrait of an individual, one that is
perhaps more
> complete and predictive of behavior than could be
obtained by
> listening to phone conversations or reading e-mails,
experts say.
>
> Phone and e-mail logs, for example, allow analysts
to identify
> people's friends and associates, detect where they
were at a certain
> time, acquire clues to religious or political
affiliations, and pick
> up sensitive information like regular calls to a
psychiatrist's
> office, late-night messages to an extramarital
partner or exchanges
> with a fellow plotter.
>
> "Metadata can be very revealing," said
Orin S. Kerr, a law professor
> at George Washington University. "Knowing
things like the number
> someone just dialed or the location of the person's
cellphone is going
> to allow them to assemble a picture of what someone
is up to. It's the
> digital equivalent of tailing a suspect."
>
> The N.S.A. had been pushing for more than a decade
to obtain the rule
> change allowing the analysis of Americans' phone and
e-mail data.
> Intelligence officials had been frustrated that they
had to stop when
> a contact chain hit a telephone number or e-mail
address believed to
> be used by an American, even though it might yield
valuable
> intelligence primarily concerning a foreigner who
was overseas,
> according to documents previously disclosed by Mr.
Snowden. N.S.A.
> officials also wanted to employ the agency's
advanced computer
> analysis tools to sift through its huge databases
with much greater
> efficiency.
>
> The agency had asked for the new power as early as
1999, the documents
> show, but had been initially rebuffed because it was
not permitted
> under rules of the Foreign Intelligence Surveillance
Court that were
> intended to protect the privacy of Americans.
>
> A 2009 draft of an N.S.A. inspector general's report
suggests that
> contact chaining and analysis may have been done on
Americans'
> communications data under the Bush administration's
program of
> wiretapping without warrants, which began after the
Sept. 11 attacks
> to detect terrorist activities and skirted the
existing laws governing
> electronic surveillance.
>
> In 2006, months after the wiretapping program was
disclosed by The New
> York Times
>
<http://www.nytimes.com/2005/12/16/politics/16program.html?pagewanted=all,
> the N.S.A.'s acting general counsel wrote a letter
to a senior Justice
> Department official, which was also leaked by Mr.
Snowden, formally
> asking for permission to perform the analysis on
American phone and
> e-mail data. A Justice Department memo to the
attorney general noted
> that the "misuse" of such information
"could raise serious concerns,"
> and said the N.S.A. promised to impose safeguards,
including regular
> audits, on the metadata program. In 2008, the Bush
administration gave
> its approval.
>
> A new policy that year, detailed in "Defense
Supplemental Procedures
> Governing Communications Metadata Analysis,"
authorized by Defense
> Secretary Robert M. Gates and Attorney General
Michael B. Mukasey,
> said that since the Supreme Court had ruled that
metadata was not
> constitutionally protected, N.S.A. analysts could
use such information
> "without regard to the nationality or location
of the communicants,"
> according to an internal N.S.A. description of the
policy.
>
> After that decision, which was previously reported
by The Guardian,
> the N.S.A. performed the social network graphing in
a pilot project
> for 1 ½ years "to great benefit,"
according to the 2011 memo. It was
> put in place in November 2010 in "Sigint
Management Directive 424"
> (sigint refers to signals intelligence).
>
> In the 2011 memo explaining the shift, N.S.A. analysts
were told that
> they could trace the contacts of Americans as long
as they cited a
> foreign intelligence justification. That could
include anything from
> ties to terrorism, weapons proliferation or
international drug
> smuggling to spying on conversations of foreign
politicians, business
> figures or activists.
>
> Analysts were warned to follow existing
"minimization rules," which
> prohibit the N.S.A. from sharing with other agencies
names and other
> details of Americans whose communications are
collected, unless they
> are necessary to understand foreign intelligence
reports or there is
> evidence of a crime. The agency is required to
obtain a warrant from
> the intelligence court to target a "U.S. person"
--- a citizen or
> legal resident --- for actual eavesdropping.
>
> The N.S.A. documents show that one of the main tools
used for chaining
> phone numbers and e-mail addresses has the code name
Mainway. It is a
> repository into which vast amounts of data flow
daily from the
> agency's fiber-optic cables, corporate partners and
foreign computer
> networks that have been hacked.
>
> The documents show that significant amounts of
information from the
> United States go into Mainway. An internal N.S.A.
bulletin, for
> example, noted that in 2011 Mainway was taking in
700 million phone
> records per day. In August 2011, it began receiving
an additional 1.1
> billion cellphone records daily from an unnamed
American service
> provider under Section 702 of the 2008 FISA
Amendments Act, which
> allows for the collection of the data of Americans
if at least one end
> of the communication is believed to be foreign.
>
> The overall volume of metadata collected by the
N.S.A. is reflected in
> the agency's secret 2013 budget request to Congress.
The budget
> document, disclosed by Mr. Snowden, shows that the
agency is pouring
> money and manpower into creating a metadata
repository capable of
> taking in 20 billion "record events" daily
and making them available
> to N.S.A. analysts within 60 minutes.
>
> The spending includes support for the
"Enterprise Knowledge System,"
> which has a $394 million multiyear budget and is
designed to "rapidly
> discover and correlate complex relationships and
patterns across
> diverse data sources on a massive scale,"
according to a 2008
> document. The data is automatically computed to
speed queries and
> discover new targets for surveillance.
>
> A top-secret document titled "Better Person
Centric Analysis"
> describes how the agency looks for 94 "entity
types," including phone
> numbers, e-mail addresses and IP addresses. In
addition, the N.S.A.
> correlates 164 "relationship types" to
build social networks and what
> the agency calls "community of interest"
profiles, using queries like
> "travelsWith, hasFather, sentForumMessage,
employs."
>
> A 2009 PowerPoint presentation provided more
examples of data sources
> available in the "enrichment" process,
including location-based
> services like GPS and TomTom, online social networks,
billing records
> and bank codes for transactions in the United States
and overseas.
>
> At a Senate Intelligence Committee hearing on
Thursday, General
> Alexander was asked if the agency ever collected or
planned to collect
> bulk records about Americans' locations based on
cellphone tower data.
> He replied that it was not doing so as part of the
call log program
> authorized by the Patriot Act, but said a fuller
response would be
> classified.
>
> If the N.S.A. does not immediately use the phone and
e-mail logging
> data of an American, it can be stored for later use,
at least under
> certain circumstances, according to several
documents.
>
> One 2011 memo, for example, said that after a court
ruling narrowed
> the scope of the agency's collection, the data in
question was "being
> buffered for possible ingest" later. A year
earlier, an internal
> briefing paper from the N.S.A. Office of Legal
Counsel showed that the
> agency was allowed to collect and retain raw
traffic, which includes
> both metadata and content, about "U.S.
persons" for up to five years
> online and for an additional 10 years offline for
"historical searches."
>
> The above article by James Risen
>
> Until next issue, stay cool and remain low profile!
>
> Privacy World
>
> A Note from your publisher: Sick and tired of your
government
> tricking you? Then "Get Your Money Out of Your
Country Before
> Your Country gets Your Money Out of You!" For
less than the
> cost of a couple of soda's per day, you can obtain a
totally
> anonymous bank account with an ATM card. Just e-mail
for details
> and place "Anonymous" bank account in the
> subject heading!
>
>
-----------------------------------------------------------------------------
> To subscribe,
send a blank message to PrivacyWorld-on@mail-list.com
> To unsubscribe, send a blank message to PrivacyWorld-off@mail-list.com
> To change your email address, send a message to
> with your
old address in the Subject: line
> To contact the list owner, send your message to
>
> Privacy World, 502 Hotta-kata, 3-6-10 Hirusaido,
Kagurazaka, Shinjyuku-ku,
> Tokyo Japan
>
No comments:
Post a Comment