Feeds

NSA admits slurping thousands of domestic emails with no terror connection

Turns out, the innocent have everything to fear

Beginner's guide to SSL certificates

The analysts at the NSA spent years gathering tens of thousands of emails between US citizens in violation of the US constitution, as a component of a single (discontinued) data slurping program, the agency has revealed.

These emails were from people with no direct connection to terrorism, according to a secret opinion from the Foreign Intelligence Surveillance Act (FISC) court that was declassified by the NSA on Wednesday. The court found that this data gathering violated the Fourth Amendment of the constitution, which enshrines the right of people to be free of "unreasonable searches and seizures".

"Each year, NSA's upstream collection likely results in the acquisition of roughly two to ten thousand discrete wholly domestic communications that are neither to, from, nor about a targeted selector, as well as tens of thousands of other communications that are to or from a United States person or a person in the United States but that are neither to, from, nor about a targeted selector," according to the FISC court 2011 opinion.

The document was declassified after legal action by privacy activists the Electronic Frontier Foundation.

The opinion ultimately saw the court not authorize the continued data slurp due to worries over violation of the US constitution's Fourth Amendment, and makes for an interesting read. The document states that the NSA told the government in a letter that "NSA's "upstream collection" of Internet communications includes the acquisition of entire "transaction[s]"."

"Such transactions may contain data that is wholly unrelated to the tasked selector, including the full content of discrete communications that are not to, from, or about the facility tasked for collection."

The opinion stresses that the NSA performs this data slurp of US communications due to technical limitations in how it hoovers up the data.

"The court now understands, however, that NSA has acquired, is acquiring, and, if the certifications and procedures now before the Court are approved, will continue to acquire, "tens of thousands of wholly domestic communications", the court writes.

Although in this case the FISC application was not authorized, this will prove of little reassurance, as the verdict concludes that the government had not been truthful with the secret court.

"The government's submissions make clear not only that the NSA has been acquiring Internet transactions since before the Court's approval of the section 702 certification in 2008, but also that NSA seeks to continue the collection of Internet transactions."

In the past NSA bigwig Keith Alexander has sought to reassure the privacy-paranoid that "our people have to take courses and pass exams to use this data". ®

Protecting against web application threats using SSL

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Apple CEO Tim Cook: TV is TERRIBLE and stuck in the 1970s
The iKing thinks telly is far too fiddly and ugly – basically, iTunes
Huawei ditches new Windows Phone mobe plans, blames poor sales
Giganto mobe firm slams door shut on Microsoft. OH DEAR
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Show us your Five-Eyes SECRETS says Privacy International
Refusal to disclose GCHQ canteen menus and prices triggers Euro Human Rights Court action
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.