For the National Security Agency, the documents taken by whistleblower Edward Snowden are the gift that keeps on giving-gifts-you-wish-you-could-return. The latest round of revelations by journalists working with Snowden shows that the NSA secretly collects millions of e-mail and IM contacts from around the world. Moreover, the e-mail surveillance program — which, according to some estimates, collects as many as 500,000 contact lists daily — is overseen only internally by the agency or by the executive branch, making it one of the least transparent programs.
The new revelations, which came out Monday in the Washington Post, say that many of the e-mail contacts and IM buddy lists are those of American citizens. The NSA "intercepts" them as they move across the web, and those collected add up to "a sizable fraction" of the world's accounts. The collected data is then apparently used to map relationships in order to isolate potentially dangerous ones.
The program might actually be illegal, even — if the surveillance was being done domestically. Instead, the NSA says it collects the information from different points "all over the world," which, if you think about it, may mean that it's time to reevaluate how we understand international boundaries in the age of the internet.
The NSA maintains that it "is focused on discovering and developing intelligence about valid foreign intelligence targets like terrorists, human traffickers and drug smugglers." Others are just collateral damage, swept up in the wide-scale surveillance efforts. "We are not interested in personal information about ordinary Americans," it says. (It's worth remembering that the NSA and the administration have repeatedly lied about the scope of domestic spying programs.)
"Today's revelation further confirms that the NSA has relied on the pretense of 'foreign intelligence gathering' to sweep up an extraordinary amount of information about everyday Americans," the American Civil Liberties Union's Alex Abdo wrote to USA Today. "The NSA's indiscriminate collection of information about innocent people can't be justified on security grounds, and it presents a serious threat to civil liberties."
According to the Post, online lists are much more useful for surveillance programs than phone call data collection like that which caused a big uproar earlier this year. More than just a collection of e-mails, the contacts are often paired in address books with other identifying information. Sometimes, apparently, the NSA is also able to scrape the first lines of e-mail messages. And, because it captures the lists when they are in transit, it does not even notify the companies that host these accounts. (Facebook, Google, and the like were quick to say that they had no knowledge of the government surveillance program.)
One of the most interesting revelations of the latest round of leaks was that the NSA collected more data from Yahoo! e-mail accounts than from all other sources combined. Unlike Gmail and other popular providers, Yahoo! still does not automatically provide SSL encryption to its users, although it says it will start doing so in January. Gmail's decision to provide the encryption, the Post reports, was motivated in part by an attempt to block government access.