Feeds

NSA admits slurping thousands of domestic emails with no terror connection

Turns out, the innocent have everything to fear

Remote control for virtualized desktops

The analysts at the NSA spent years gathering tens of thousands of emails between US citizens in violation of the US constitution, as a component of a single (discontinued) data slurping program, the agency has revealed.

These emails were from people with no direct connection to terrorism, according to a secret opinion from the Foreign Intelligence Surveillance Act (FISC) court that was declassified by the NSA on Wednesday. The court found that this data gathering violated the Fourth Amendment of the constitution, which enshrines the right of people to be free of "unreasonable searches and seizures".

"Each year, NSA's upstream collection likely results in the acquisition of roughly two to ten thousand discrete wholly domestic communications that are neither to, from, nor about a targeted selector, as well as tens of thousands of other communications that are to or from a United States person or a person in the United States but that are neither to, from, nor about a targeted selector," according to the FISC court 2011 opinion.

The document was declassified after legal action by privacy activists the Electronic Frontier Foundation.

The opinion ultimately saw the court not authorize the continued data slurp due to worries over violation of the US constitution's Fourth Amendment, and makes for an interesting read. The document states that the NSA told the government in a letter that "NSA's "upstream collection" of Internet communications includes the acquisition of entire "transaction[s]"."

"Such transactions may contain data that is wholly unrelated to the tasked selector, including the full content of discrete communications that are not to, from, or about the facility tasked for collection."

The opinion stresses that the NSA performs this data slurp of US communications due to technical limitations in how it hoovers up the data.

"The court now understands, however, that NSA has acquired, is acquiring, and, if the certifications and procedures now before the Court are approved, will continue to acquire, "tens of thousands of wholly domestic communications", the court writes.

Although in this case the FISC application was not authorized, this will prove of little reassurance, as the verdict concludes that the government had not been truthful with the secret court.

"The government's submissions make clear not only that the NSA has been acquiring Internet transactions since before the Court's approval of the section 702 certification in 2008, but also that NSA seeks to continue the collection of Internet transactions."

In the past NSA bigwig Keith Alexander has sought to reassure the privacy-paranoid that "our people have to take courses and pass exams to use this data". ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
I'll be back (and forward): Hollywood's time travel tribulations
Quick, call the Time Cops to sort out this paradox!
Musicians sue UK.gov over 'zero pay' copyright fix
Everyone else in Europe compensates us - why can't you?
Megaupload overlord Kim Dotcom: The US HAS RADICALISED ME!
Now my lawyers have bailed 'cos I'm 'OFFICIALLY' BROKE
MI6 oversight report on Lee Rigby murder: US web giants offer 'safe haven for TERRORISM'
PM urged to 'prioritise issue' after Facebook hindsight find
BT said to have pulled patent-infringing boxes from DSL network
Take your license demand and stick it in your ASSIA
Right to be forgotten should apply to Google.com too: EU
And hey - no need to tell the website you've de-listed. That'll make it easier ...
prev story

Whitepapers

10 ways wire data helps conquer IT complexity
IT teams can automatically detect problems across the IT environment, spot data theft, select unique pieces of transaction payloads to send to a data source, and more.
The total economic impact of Druva inSync
Examining the ROI enterprises may realize by implementing inSync, as they look to improve backup and recovery of endpoint data in a cost-effective manner.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.