A Terrifying New Report Reveals Just How Much the NSA Invaded U.S. Citizens' Privacy

Impact

July 6, 2014

The news: A four-month investigation by the Washington Post concluded that as many as 90% of the users picked up by National Security Agency (NSA) surveillance software are domestic citizens and not legally targeted foreigners.

Nine out of 10 account holders found in a large cache of intercepted conversations given to the Post by Edward Snowden were caught in the crossfire when the NSA cast a wide net looking to find someone else. Quite a few were Americans and nearly half of the files contained personally identifiable information such as IP addresses, email addresses, phone numbers or even full names.

NSA analysts "minimized" more than 65,000 entries to protect the privacy of those Americans involved, but the Post was still able to find about 900 additional email addresses in the files. The Post also notes that some instances of minimization were patently absurd: "A 'minimized U.S. president-elect' begins to appear in the files in early 2009, and references to the current 'minimized U.S. president' appear 1,227 times in the following four years." The cache also included roughly 160,000 intercepted email and instant message conversations (some quite substantial) and 7,900 documents from more than 11,000 accounts.

Is it really that bad? Yes. Writes the Post:

"Among the most valuable contents — which the Post will not describe in detail, to avoid interfering with ongoing operations — are fresh revelations about a secret overseas nuclear project, double-dealing by an ostensible ally, a military calamity that befell an unfriendly power and the identities of aggressive intruders into U.S. computer networks...."Many other files, described as useless by the analysts but nonetheless retained, have a startlingly intimate, even voyeuristic quality. They tell stories of love and heartbreak, illicit sexual liaisons, mental-health crises, political and religious conversions, financial anxieties and disappointed hopes. The daily lives of more than 10,000 account holders who were not targeted are catalogued and recorded nevertheless."

If the documents are representative of the NSA's actual surveillance operations, the results are disconcerting. NSA analysts collected large swathes of sensitive personal data that was, in many cases, only tangentially related to a legitimate surveillance target. The 9 to 1 ratio also suggests that the number of surveillance targets is far larger than the agency has officially disclosed to the public.

Because the data was linked to actual surveillance targets, it was stored indefinitely. Gizmodo's Robert Sorokanich writes, "The NSA, it seems, is like a digital elephant: Its ears are huge, and it never forgets, even when it's overhearing innocent bystanders." Or, perhaps, an octopus.

This is fairly terrifying. The amount of personal information stored on NSA servers is startling, and if the leak is representative of general NSA operations, the implications are ominous. That Snowden had access to the data also directly contradicts official statements by NSA Director Gen. Keith Alexander, who told Congress that ordinary analysts weren't able to access the personal information of Americans. In other words, the NSA is actively misrepresenting the scale of their programs.

And even if you do trust the current administration's handling of the data, what happens when another Nixon gets into office? It's better to be safe than sorry, but we might not have that option.