NSA collecting phone records of millions daily, court order reveals

[Prince Myshkin]

http://www.guardian.co.uk/world/2013/jun/06/nsa-phone-records-verizon-court-order

 

NSA collecting phone records of millions daily, court order reveals

 

Exclusive: Top secret court order requiring Verizon to hand over all call data shows scale of domestic surveillance under Obama

 

Under the terms of the order, the numbers of both parties on a call are handed over, as is location data and the time and duration of all calls. Photograph: Matt Rourke/AP

 

The National Security Agency is currently collecting the telephone records of millions of US customers of Verizon, one of America's largest telecoms providers, under a top secret court order issued in April.

 

The order, a copy of which has been obtained by the Guardian, requires Verizon on an "ongoing, daily basis" to give the NSA information on all telephone calls in its systems, both within the US and between the US and other countries.

 

The document shows for the first time that under the Obama administration the communication records of millions of US citizens are being collected indiscriminately and in bulk – regardless of whether they are suspected of any wrongdoing.

 

The secret Foreign Intelligence Surveillance Court (Fisa) granted the order to the FBI on April 25, giving the government unlimited authority to obtain the data for a specified three-month period ending on July 19.

 

Under the terms of the blanket order, the numbers of both parties on a call are handed over, as is location data, call duration, unique identifiers, and the time and duration of all calls. The contents of the conversation itself are not covered.

 

The disclosure is likely to reignite longstanding debates in the US over the proper extent of the government's domestic spying powers.

 

Under the Bush administration, officials in security agencies had disclosed to reporters the large-scale collection of call records data by the NSA, but this is the first time significant and top-secret documents have revealed the continuation of the practice on a massive scale under President Obama.

 

The unlimited nature of the records being handed over to the NSA is extremely unusual. Fisa court orders typically direct the production of records pertaining to a specific named target who is suspected of being an agent of a terrorist group or foreign state, or a finite set of individually named targets.

 

The Guardian approached the National Security Agency, the White House and the Department of Justice for comment in advance of publication on Wednesday. All declined. The agencies were also offered the opportunity to raise specific security concerns regarding the publication of the court order.

 

The court order expressly bars Verizon from disclosing to the public either the existence of the FBI's request for its customers' records, or the court order itself.

 

"We decline comment," said Ed McFadden, a Washington-based Verizon spokesman.

 

The order, signed by Judge Roger Vinson, compels Verizon to produce to the NSA electronic copies of "all call detail records or 'telephony metadata' created by Verizon for communications between the United States and abroad" or "wholly within the United States, including local telephone calls".

 

The order directs Verizon to "continue production on an ongoing daily basis thereafter for the duration of this order". It specifies that the records to be produced include "session identifying information", such as "originating and terminating number", the duration of each call, telephone calling card numbers, trunk identifiers, International Mobile Subscriber Identity (IMSI) number, and "comprehensive communication routing information".

 

The information is classed as "metadata", or transactional information, rather than communications, and so does not require individual warrants to access. The document also specifies that such "metadata" is not limited to the aforementioned items. A 2005 court ruling judged that cell site location data – the nearest cell tower a phone was connected to – was also transactional data, and so could potentially fall under the scope of the order.

 

While the order itself does not include either the contents of messages or the personal information of the subscriber of any particular cell number, its collection would allow the NSA to build easily a comprehensive picture of who any individual contacted, how and when, and possibly from where, retrospectively.

 

It is not known whether Verizon is the only cell-phone provider to be targeted with such an order, although previous reporting has suggested the NSA has collected cell records from all major mobile networks. It is also unclear from the leaked document whether the three-month order was a one-off, or the latest in a series of similar orders.

 

The court order appears to explain the numerous cryptic public warnings by two US senators, Ron Wyden and Mark Udall, about the scope of the Obama administration's surveillance activities.

 

For roughly two years, the two Democrats have been stridently advising the public that the US government is relying on "secret legal interpretations" to claim surveillance powers so broad that the American public would be "stunned" to learn of the kind of domestic spying being conducted.

 

Because those activities are classified, the senators, both members of the Senate intelligence committee, have been prevented from specifying which domestic surveillance programs they find so alarming. But the information they have been able to disclose in their public warnings perfectly tracks both the specific law cited by the April 25 court order as well as the vast scope of record-gathering it authorized.

 

Julian Sanchez, a surveillance expert with the Cato Institute, explained: "We've certainly seen the government increasingly strain the bounds of 'relevance' to collect large numbers of records at once — everyone at one or two degrees of separation from a target — but vacuuming all metadata up indiscriminately would be an extraordinary repudiation of any pretence of constraint or particularized suspicion." The April order requested by the FBI and NSA does precisely that.

 

The law on which the order explicitly relies is the so-called "business records" provision of the Patriot Act, 50 USC section 1861. That is the provision which Wyden and Udall have repeatedly cited when warning the public of what they believe is the Obama administration's extreme interpretation of the law to engage in excessive domestic surveillance.

 

In a letter to attorney general Eric Holder last year, they argued that "there is now a significant gap between what most Americans think the law allows and what the government secretly claims the law allows."

 

"We believe," they wrote, "that most Americans would be stunned to learn the details of how these secret court opinions have interpreted" the "business records" provision of the Patriot Act.

 

Privacy advocates have long warned that allowing the government to collect and store unlimited "metadata" is a highly invasive form of surveillance of citizens' communications activities. Those records enable the government to know the identity of every person with whom an individual communicates electronically, how long they spoke, and their location at the time of the communication.

 

Such metadata is what the US government has long attempted to obtain in order to discover an individual's network of associations and communication patterns. The request for the bulk collection of all Verizon domestic telephone records indicates that the agency is continuing some version of the data-mining program begun by the Bush administration in the immediate aftermath of the 9/11 attack.

 

The NSA, as part of a program secretly authorized by President Bush on 4 October 2001, implemented a bulk collection program of domestic telephone, internet and email records. A furore erupted in 2006 when USA Today reported that the NSA had "been secretly collecting the phone call records of tens of millions of Americans, using data provided by AT&T, Verizon and BellSouth" and was "using the data to analyze calling patterns in an effort to detect terrorist activity." Until now, there has been no indication that the Obama administration implemented a similar program.

 

These recent events reflect how profoundly the NSA's mission has transformed from an agency exclusively devoted to foreign intelligence gathering, into one that focuses increasingly on domestic communications. A 30-year employee of the NSA, William Binney, resigned from the agency shortly after 9/11 in protest at the agency's focus on domestic activities.

 

In the mid-1970s, Congress, for the first time, investigated the surveillance activities of the US government. Back then, the mandate of the NSA was that it would never direct its surveillance apparatus domestically.

 

At the conclusion of that investigation, Frank Church, the Democratic senator from Idaho who chaired the investigative committee, warned: "The NSA's capability at any time could be turned around on the American people, and no American would have any privacy left, such is the capability to monitor everything: telephone conversations, telegrams, it doesn't matter."

[Reilly]

It's not just a bit frightening that they can do this, but worse is the idea of what they feel they can do.

[NumbersGirl]

On a personal level I'm not really up in arms about it (and yes I use Verizon). From a broader perspective I'm not entirely sure how I feel yet.

 

Many people are quick to spout off, "what about my right to privacy, omg this is so wrong"... but technically (in the U.S.) there isn't any explicit 'right to privacy' in the Constitution or the Bill of Rights. There are bits which essentially allude to its nebulous existence, but not verbatim. The following part in this article seems to refer to one of these bits.

The information is classed as "metadata", or transactional information, rather than communications, and so does not require individual warrants to access. The document also specifies that such "metadata" is not limited to the aforementioned items. A 2005 court ruling judged that cell site location data – the nearest cell tower a phone was connected to – was also transactional data, and so could potentially fall under the scope of the order.

Bill of Rights - Amendment IV: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

 

Regardless of the effect in the U.S. in terms of violating privacy that does/does not exist, considering part of the order is in regard to international information, could this potentially violate international law (if privacy laws are explicitly stated in said countries)? To me that would be more of an issue in terms of overstepping authority.

 

I wonder though why there is some magical 3-month period ending on July 19 for the unlimited access. They do mention in the article that it wasn't clear if it's for a specific reason or just a generalized random request. I'm going to guess the former, so that makes me curious about the reason.

[Black Rose]

Expect a 'we stopped a terrorist attack from happening' news story soon.

 

No way to disprove it, a perfect cover for hacking.

[NumbersGirl]

And it's not just phone records... http://www.guardian.co.uk/world/2013/jun/06/us-tech-giants-nsa-data

 

 

 

NSA PRISM program taps in to user data of Facebook, Yahoo and others

 

 

The National Security Agency has obtained direct access to the systems of Google, Facebook, Apple and other US internet giants, according to a top secret document obtained by the Guardian.

 

The NSA access is part of a previously undisclosed program called PRISM, which allows officials to collect material including search history, the content of emails, file transfers and live chats, the document says.

 

The Guardian has verified the authenticity of the document, a 41-slide PowerPoint presentation – classified as top secret with no distribution to foreign allies – which was apparently used to train intelligence operatives on the capabilities of the program. The document claims "collection directly from the servers" of major US service providers.

 

Although the presentation claims the program is run with the assistance of the companies, all those who responded to a Guardian request for comment on Thursday denied knowledge of any such program.

 

In a statement, Google said: "Google cares deeply about the security of our users' data. We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government 'back door' into our systems, but Google does not have a back door for the government to access private user data."

 

Several senior tech executives insisted that they had no knowledge of PRISM or of any similar scheme. They said they would never have been involved in such a program. "If they are doing this, they are doing it without our knowledge," one said.

 

An Apple spokesman said it had "never heard" of PRISM.

 

The NSA access was enabled by changes to US surveillance law introduced under President Bush and renewed under Obama in December 2012.

 

The program facilitates extensive, in-depth surveillance on live communications and stored information. The law allows for the targeting of any customers of participating firms who live outside the US, or those Americans whose communications include people outside the US.

 

It also opens the possibility of communications made entirely within the US being collected without warrants.

 

Disclosure of the PRISM program follows a leak to the Guardian on Wednesday of a top-secret court order compelling telecoms provider Verizon to turn over the telephone records of millions of US customers.

 

The participation of the internet companies in PRISM will add to the debate, ignited by the Verizon revelation, about the scale of surveillance by the intelligence services. Unlike the collection of those call records, this surveillance can include the content of communications and not just the metadata.

 

Some of the world's largest internet brands are claimed to be part of the information-sharing program since its introduction in 2007. Microsoft – which is currently running an advertising campaign with the slogan "Your privacy is our priority" – was the first, with collection beginning in December 2007.

 

It was followed by Yahoo in 2008; Google, Facebook and PalTalk in 2009; YouTube in 2010; Skype and AOL in 2011; and finally Apple, which joined the program in 2012. The program is continuing to expand, with other providers due to come online.

 

Collectively, the companies cover the vast majority of online email, search, video and communications networks.

 

The extent and nature of the data collected from each company varies.

 

Companies are legally obliged to comply with requests for users' communications under US law, but the PRISM program allows the intelligence services direct access to the companies' servers. The NSA document notes the operations have "assistance of communications providers in the US".

 

The revelation also supports concerns raised by several US senators during the renewal of the Fisa Amendments Act in December 2012, who warned about the scale of surveillance the law might enable, and shortcomings in the safeguards it introduces.

 

When the FAA was first enacted, defenders of the statute argued that a significant check on abuse would be the NSA's inability to obtain electronic communications without the consent of the telecom and internet companies that control the data. But the PRISM program renders that consent unnecessary, as it allows the agency to directly and unilaterally seize the communications off the companies' servers.

 

A chart prepared by the NSA, contained within the top-secret document obtained by the Guardian, underscores the breadth of the data it is able to obtain: email, video and voice chat, videos, photos, voice-over-IP (Skype, for example) chats, file transfers, social networking details, and more.

 

The document is recent, dating to April 2013. Such a leak is extremely rare in the history of the NSA, which prides itself on maintaining a high level of secrecy.

 

The PRISM program allows the NSA, the world's largest surveillance organisation, to obtain targeted communications without having to request them from the service providers and without having to obtain individual court orders.

 

With this program, the NSA is able to reach directly into the servers of the participating companies and obtain both stored communications as well as perform real-time collection on targeted users.

 

The presentation claims PRISM was introduced to overcome what the NSA regarded as shortcomings of Fisa warrants in tracking suspected foreign terrorists. It noted that the US has a "home-field advantage" due to housing much of the internet's architecture. But the presentation claimed "Fisa constraints restricted our home-field advantage" because Fisa required individual warrants and confirmations that both the sender and receiver of a communication were outside the US.

 

"Fisa was broken because it provided privacy protections to people who were not entitled to them," the presentation claimed. "It took a Fisa court order to collect on foreigners overseas who were communicating with other foreigners overseas simply because the government was collecting off a wire in the United States. There were too many email accounts to be practical to seek Fisas for all."

 

The new measures introduced in the FAA redefines "electronic surveillance" to exclude anyone "reasonably believed" to be outside the USA – a technical change which reduces the bar to initiating surveillance.

 

The act also gives the director of national intelligence and the attorney general power to permit obtaining intelligence information, and indemnifies internet companies against any actions arising as a result of co-operating with authorities' requests.

 

In short, where previously the NSA needed individual authorisations, and confirmation that all parties were outside the USA, they now need only reasonable suspicion that one of the parties was outside the country at the time of the records were collected by the NSA.

 

The document also shows the FBI acts as an intermediary between other agencies and the tech companies, and stresses its reliance on the participation of US internet firms, claiming "access is 100% dependent on ISP provisioning".

 

In the document, the NSA hails the PRISM program as "one of the most valuable, unique and productive accesses for NSA".

 

It boasts of what it calls "strong growth" in its use of the PRISM program to obtain communications. The document highlights the number of obtained communications increased in 2012 by 248% for Skype – leading the notes to remark there was "exponential growth in Skype reporting; looks like the word is getting out about our capability against Skype". There was also a 131% increase in requests for Facebook data, and 63% for Google.

 

The NSA document indicates that it is planning to add Dropbox as a PRISM provider. The agency also seeks, in its words, to "expand collection services from existing providers".

 

The revelations echo fears raised on the Senate floor last year during the expedited debate on the renewal of the FAA powers which underpin the PRISM program, which occurred just days before the act expired.

 

Senator Christopher Coons of Delaware specifically warned that the secrecy surrounding the various surveillance programs meant there was no way to know if safeguards within the act were working.

 

"The problem is: we here in the Senate and the citizens we represent don't know how well any of these safeguards actually work," he said.

 

"The law doesn't forbid purely domestic information from being collected. We know that at least one Fisa court has ruled that the surveillance program violated the law. Why? Those who know can't say and average Americans can't know."

 

Other senators also raised concerns. Senator Ron Wyden of Oregon attempted, without success, to find out any information on how many phone calls or emails had been intercepted under the program.

 

When the law was enacted, defenders of the FAA argued that a significant check on abuse would be the NSA's inability to obtain electronic communications without the consent of the telecom and internet companies that control the data. But the PRISM program renders that consent unnecessary, as it allows the agency to directly and unilaterally seize the communications off the companies' servers.

 

When the NSA reviews a communication it believes merits further investigation, it issues what it calls a "report". According to the NSA, "over 2,000 PRISM-based reports" are now issued every month. There were 24,005 in 2012, a 27% increase on the previous year.

 

In total, more than 77,000 intelligence reports have cited the PRISM program.

 

Jameel Jaffer, director of the ACLU's Center for Democracy, that it was astonishing the NSA would even ask technology companies to grant direct access to user data.

 

"It's shocking enough just that the NSA is asking companies to do this," he said. "The NSA is part of the military. The military has been granted unprecedented access to civilian communications.

 

"This is unprecedented militarisation of domestic communications infrastructure. That's profoundly troubling to anyone who is concerned about that separation."

 

A senior administration official said in a statement: "The Guardian and Washington Post articles refer to collection of communications pursuant to Section 702 of the Foreign Intelligence Surveillance Act. This law does not allow the targeting of any US citizen or of any person located within the United States.

 

"The program is subject to oversight by the Foreign Intelligence Surveillance Court, the Executive Branch, and Congress. It involves extensive procedures, specifically approved by the court, to ensure that only non-US persons outside the US are targeted, and that minimize the acquisition, retention and dissemination of incidentally acquired information about US persons.

 

"This program was recently reauthorized by Congress after extensive hearings and debate.

 

"Information collected under this program is among the most important and valuable intelligence information we collect, and is used to protect our nation from a wide variety of threats.

 

"The Government may only use Section 702 to acquire foreign intelligence information, which is specifically, and narrowly, defined in the Foreign Intelligence Surveillance Act. This requirement applies across the board, regardless of the nationality of the target."

[Reilly]

[ame=http://www.youtube.com/watch?v=5yB3n9fu-rM]NSA whistleblower Edward Snowden: 'I don't want to live in a society that does these sort of things' - YouTube[/ame]

[Megalomania]

You know what, call me crazy but personally I don't really care.

(I do use Verizon)

 

If the government snooping around in my cell phone prevents another Newtown shooting, or another Boston Marathon bombing, or another 9/11, then go for it. It's not like some guy is sitting at a desk, going "Wow! Christina seems to be having a good day today! She got a 97 on her English final!"

They're looking for terrorists, and it's not like I have anything to hide.

 

At the same time, it is rather worrying that it was kept secret from the public.

[Cobalt]

You know what, call me crazy but personally I don't really care.

(I do use Verizon)

 

If the government snooping around in my cell phone prevents another Newtown shooting, or another Boston Marathon bombing, or another 9/11, then go for it. It's not like some guy is sitting at a desk, going "Wow! Christina seems to be having a good day today! She got a 97 on her English final!"

They're looking for terrorists, and it's not like I have anything to hide.

 

At the same time, it is rather worrying that it was kept secret from the public.

 

...they're most likely also looking for whistle-blowers, monitoring activists as 'domestic terrorists' etc.

 

Also that's a big *if* on the preventative... they had these systems in place during Boston Marathon bombings and it still happened. To me it's really trading personal privacy and liberties for the illusion of extra security.

[Prince Myshkin]

Cue the 'if you've got nothing to hide, why does it matter?' argument.

 

(It does matter)

[Matter-Eater Lad]

You know what, call me crazy but personally I don't really care.

(I do use Verizon)

 

If the government snooping around in my cell phone prevents another Newtown shooting, or another Boston Marathon bombing, or another 9/11, then go for it. It's not like some guy is sitting at a desk, going "Wow! Christina seems to be having a good day today! She got a 97 on her English final!"

They're looking for terrorists, and it's not like I have anything to hide.

 

At the same time, it is rather worrying that it was kept secret from the public.

 

The government(s) never stop there. You give them an inch and they eventually take a mile. That has been how human history has played out for thousands of years. The ones in power, if unchecked almost always end up becoming worse than the people they're protecting their people from.

 

What are we protecting if we (it will eventually happen) give away all the things that make us free and life enjoyable?

 

And the "i'm not doing anything wrong so I shouldn't worry" is bullshit. Plenty of people who haven't broken the law have had their lives messed up by government programs even when they weren't doing anythign wrong. And, since humans are nasty fuckers, what's "wrong" changes overtime by those in power. It's dangerous business hiding behind not doing anything wrong at the current moment. Because power shifts happen, and what you're doing now, or for many people in the country, may at some point be "wrong" and this will make it easier for other rights in the future, maybe even basic rights, to be infringed upon.

[Prince Myshkin]

It's information warfare. The government are allowed to know everything and the people are allowed to know what the government want them to know, and have to work extremely hard to discover anything else. Just look at the war on whistleblowers. People releasing information about war crimes are under threat of potential death yet the government can tap your calls. This information is important, regardless of how trivial it seems. Governments change, society changes. What is acceptable and trivial now may not be acceptable and trivial in the future. Something that takes place in your youth could harm you for the rest of your life. It doesn't add up that there is such a contrast. Surely people would be more suspicious of those with power, given the effect that it has on people.

[Prince Myshkin]

As Voltaire said, it's dangerous to be right when the government is wrong.

[Tnspieler1012]

http://www.wired.com/opinion/2013/06/why-i-have-nothing-to-hide-is-the-wrong-way-to-think-about-surveillance/

[Tnspieler1012]

Passing out grains of salt beforehand, but quite eerie. Freelance Journalist Michael Hastings died in a fiery car crash this week, less than two weeks after posting this article (not his first regarding the NSA or current administration) http://www.buzzfeed.com/mhastings/why-democrats-love-to-spy-on-americans. Now wikileaks is saying that they were contacted by Hastings the same day, saying that he was being investigated by the CIA. Conspiracy paradise anyway, could very well be a tasteless stunt, or simply a coincidence.

 

http://blogs.telegraph.co.uk/news/timstanley/100222652/wikileaks-says-michael-hastings-contacted-it-just-before-his-death-are-they-implying-he-was-murdered/