cross-posted from: https://links.hackliberty.org/post/897256
The NSA’s long history of often legally sketchy mass surveillance continues, despite some of the agency’s activities getting exposed more than a decade ago by whistleblower Edward Snowden.
Now, the National Security Agency has had to reveal, in response to a senator’s questions, that it is, as one report put it, “sidestepping” obtaining warrants first before it buys people’s information, put on sale by data brokers.
This came to light in an exchange of letters between Senator Ron Wyden and several top security officials.
And this time – because of NSA’s own interest being at stake – he has been able to reveal the information he obtained.
Wyden’s January 25 letter to Director of National Intelligence Avril Haines contained a fairly straight-forward request: US intelligence agencies should only buy American’s data “that has been obtained in a lawful manner.”
We obtained a copy of the letter for you here.
With the implication that something entirely different is happening, the senator went on to explain what: if these agencies went to communications companies themselves for the data, that would require a court order.
Instead, Wyden continued, they go the roundabout way to get information (like location data) taken from people’s phones – collected via apps, and finally ending up with commercial brokers, who sell it to the likes of the NSA. And, this particular agency is also buying “Americans’ domestic internet metadata.”
In other words, a comprehensive, yet legally questionable mass surveillance scheme.
Wyden “reinforced” his letter to Haines by attaching NSA Director General Paul Nakasone’s December response to one of his earlier queries – a back-and-forth that has been going on for almost three years, he says, and concerned other agencies as well and their practice of data acquisition.
But now that he said he would block the Senate confirmation of Nakasone’s successor – the information he received finally “got cleared” for release and pretty quickly.
Nakasone confirmed the practice, and then went on to justify it by saying it only pertains to “records” of online traffic, rather than “emails and documents.” He said what the NSA purchases is “netflow data” that comes from devices where “one or both” ends of the connection is in the US.
And why? It is “critical,” wrote Nakasone, in “protecting US defense contractors from cyber threats.”