Feeds

Leaked docs show NSA collects data on all Verizon customers

The Patriot Act strikes again

Application security programs and practises

The USA's National Security Agency (NSA) has harvested all the call data from US mobile provider Verizon since April, according to a secret court order leaked to The Guardian.

The order was granted by the Foreign Intelligence Surveillance Court on April 25 and instructs Verizon to hand over the "session identifying information (e.g., originating and terminating telephone number, International Mobile Subscriber Identity (IMSI) number, International Mobile station Equipment Identity (IMEI) number, etc.), trunk identifier, telephone calling card numbers, and time and duration of call."

The three month order is set to terminate on July 19 but it may be part of a rolling court requirement for Verizon and could be renewed. It is not known if other US telecommunication companies are operating under similar strictures and handing over their customer data, but such orders usually bar the recipient from discussing their imposition.

"We've certainly seen the government increasingly strain the bounds of 'relevance' to collect large numbers of records at once - everyone at one or two degrees of separation from a target - but vacuuming all metadata up indiscriminately would be an extraordinary repudiation of any pretence of constraint or particularized suspicion," said Julian Sanchez, a surveillance expert with the Cato Institute.

The month after the September 11 attacks then-President George W. Bush ordered the NSA to start surveillance of US phone records and phone companies like AT&T had uplinks installed at their exchanges to funnel data to the electronic spying agency. Bush also retroactively granted the telecommunications industry immunity from litigation after the news leaked out.

It now appears that the NSA is instead simply getting telecos to hand over the information wholesale, using the "business records" provision of the Patriot Act, 50 USC section 1861. This allows the seizure of "including books, records, papers, documents, and other items" without the authorities having to provide any evidence that the target is committing an offence, and was renewed by President Obama in 2011.

"Under Section 215 the FBI can investigate United States persons (citizens and legal residents) based at least in part on their exercise of First Amendment rights, and can investigate non-U.S. persons based solely on their free speech activities or religious practices," said the EFF.

"You could be investigated based on the political or religious meetings you attend, the websites you visit or even the books that you read. Already, attendance at and donations to mosques have dropped significantly, as many Muslims reasonably fear that they will be targeted for investigation based solely on their religious beliefs."

Verizon has said it has no comment on the matter, nor too does the White House, the Department of Justice, or the NSA itself. El Reg would suspect a fair few Americans will have plenty of comments, but sadly they won’t be printable. ®

Bootnote

If true, the recording of all calls makes the "Call Connected Through the NSA" ringtone created by New York–based pop group They Might Be Giants eerily prescient. You can hear the ringtone below, or download a free MP3 here and make it your own!

Watch Video

Designing a Defense for Mobile Applications

More from The Register

next story
Sit back down, Julian Assange™, you're not going anywhere just yet
Swedish court refuses to withdraw arrest warrant
UK Parliament rubber-stamps EMERGENCY data grab 'n' keep bill
Just 49 MPs oppose Drip's rushed timetable
MPs wave through Blighty's 'EMERGENCY' surveillance laws
Only 49 politcos voted against DRIP bill
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Delaware pair nabbed for getting saucy atop Mexican eatery
Burrito meets soft taco in alleged rooftop romp outrage
British cops cuff 660 suspected paedophiles
Arrests people allegedly accessing child abuse images online
LightSquared backer sues FCC over spectrum shindy
Why, we might as well have been buying AIR
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.