NSA collects significantly more data on non-targets than actual targets

A recent Washington Post investigation has made its rounds across major U.S. news outlets, revealing more information about the National Security Agency’s (NSA) massive surveillance efforts. Fears of privacy rights activists are further confirmed by the study, which used intercepted intelligence attained by whistleblower Edward Snowden to show that the NSA gathers significantly more data from non-targets than legitimately sanctioned national security targets:

Nine of 10 account holders found in a large cache of intercepted conversations, which former NSA contractor Edward Snowden provided in full to The Post, were not the intended surveillance targets but were caught in a net the agency had cast for somebody else.

Many of them were Americans. Nearly half of the surveillance files, a strikingly high proportion, contained names, e-mail addresses or other details that the NSA marked as belonging to U.S. citizens or residents. NSA analysts masked, or “minimized,” more than 65,000 such references to protect Americans’ privacy, but The Post found nearly 900 additional e-mail addresses, unmasked in the files, that could be strongly linked to U.S. citizens or U.S. residents.

Overall, the Post reviewed about 160,000 intercepted email and instant message conversations and 7,900 documents from 11,000 online accounts spanning from 2009-2012. This data confirms that Snowden did have access to and acquired actual intercepted materials, something that the NSA has denied since the earliest reports on mass surveillance. The Post noted the documents provide “an unprecedented vantage point” on section 702 of the FISA amendments, which gave the NSA more leeway in executing surveillance methods.

In an unsurprising development, the Obama administration downplayed the significance of the report. Robert Litt, the general counsel to the director of national intelligence, said, “These reports simply discuss the kind of incidental interception of communications that we have always said takes place under Section 702… We target only valid foreign intelligence targets under that authority, and the most that you could conclude from these news reports is that each valid foreign intelligence target talks to an average of nine people.” It is interesting to note the Obama administration’s interest and success in expanding the ability of the NSA to collect information without a warrant.

The data investigated by the Post contains highly personal information on average Americans caught up in “incidental collection” from foreign intelligence targets. These records "tell stories of love and heartbreak, illicit sexual liaisons, mental-health crises, political and religious conversions, financial anxieties and disappointed hopes.” The NSA also collected "medical records sent from one family member to another, résumés from job hunters and academic transcripts of schoolchildren… Scores of pictures show infants and toddlers in bathtubs, on swings, sprawled on their backs and kissed by their mothers. In some photos, men show off their physiques. In others, women model lingerie, leaning suggestively into a webcam …"

While ordinary Americans’ data may be swept up through incidental collection, the NSA must follow statutes in order to protect the identities of these non-targets. NSA agents are to redact, or “minimize” information that may be used to identify those incidentally targeted. The Washington Post identified hundreds of “unmasked” files. So,

“How might U.S. persons flow through the NSA systems without being minimized? Easily. The communication simply wasn’t looked at. No human being saw it. The Post’s reporters looked at every single line of 160,000 intercepts. The NSA analysts don’t do that/can’t do that because the SIGINT system would not function for a second if they did.”

This is a reasonable explanation as to how incidentally collected information is not properly safeguarded. However, justifying non-minimized information by saying the information simply was not reviewed does not properly address the issue at hand: the NSA stores collected data on Americans who are not targets of legitimate security and surveillance operations; further, some of this data is not guarded to protect the identities of these innocent Americans. Even Sen. Dianne Feinstein seems to question this. “It is of concern to me,” Feinstein said. “I want to look into a reason why instead of minimizing [information] we can’t just delete it. I haven’t finished doing that.”

As reported by the Daily Beast, other Senators seem less interested in what the Post had to report. Lindsey Graham only commented, “I don’t really know the details about what they’re saying in the paper. I know [NSA intelligence-gathering] is necessary. We’re at war with radical Islam.” Tom Coburn, who is on the Senate Intelligence Committee, denied the report’s accuracy, but refused to give more detail as to why; “If I could tell you in what way, I would,” he said. Saxby Chambliss refused to comment, and Carl Levin, James Inhofe, and Angus King were not up to date with the revelations.

The Washington Post report reveals the extent of how Americans’ data is incidentally collected and stored, and the general lack of attention or care from the executive and legislative branches over the NSA unjustly attaining and storing innocent Americans’ data.

If section 702 permits this sort of widespread “incidental” collection and retention of information of Americans, then these FISA provisions must be revised to protect the privacy and personal lives of Americans caught in the dragnet of NSA spies. The NSA must develop better methods to 1) seriously diminish the volume of Americans incidentally spied on, and 2) protect (preferably destroy) all information on innocent Americans that is unrelated to legitimate national security concerns, avoiding unjust storage of Americans’ personal information.