September 30, 2013
NSA Mapping Social Connections Of US Citizens
redOrbit Staff & Wire Reports - Your Universe Online
For the past three years, the National Security Agency (NSA) has been analyzing its vast repository of phone and e-mail logs, as well as other information, to create complex diagrams of the social connections of some US citizens, including their associates, travel companions and other personal interactions, The New York Times reported on Saturday.Citing newly-disclosed documents provided by former NSA contractor Edward Snowden, the Times said the spy agency’s practice was the result of a policy shift in November 2010 aimed at better discovering and tracking connections between intelligence targets overseas and people in the United States.
Under the new policy, the NSA has been authorized to conduct “large-scale graph analysis on very large sets of communications metadata without having to check foreignness” of every e-mail address, phone number or other identifier, according to an agency memorandum dated January 2011.
Computer analysis of such data had previously been permitted only for foreigners.
The communications information used for the analysis can be supplemented with content from public, commercial and other sources, including bank codes, insurance information, Facebook profiles, passenger manifests, voter registration rolls, GPS location information, property records and tax data, the Times said.
The documents do not indicate any restrictions on the use of such “enrichment” data, and several former senior Obama administration officials told the Times the NSA had accessed the data for both US citizens and non-US citizens.
An NSA spokeswoman said the legal basis of the 2010 policy change was a 1979 Supreme Court ruling that Americans could have no expectation of privacy about what phone numbers they called. Based on that ruling, the Justice Department and the Pentagon decided it could create contact chains using Americans’ metadata – location, timing and other details of calls and e-mails – but not their content.
While it may seem less intrusive to some Americans to have their metadata accessed rather than the actual content of their communications, experts say NSA analysts can exploit that information to create a profile of a person that is “perhaps more complete and predictive of behavior than could be obtained by listening to phone conversations or reading e-mails,” the Times said.
Previous documents disclosed by Snowden showed the NSA had been pushing for years to obtain the 2010 policy change allowing for the analysis of Americans’ phone and e-mail data. Officials within the agency had become frustrated that they had to stop whenever a contact chain hit a telephone number or e-mail address believed to belong to a US citizen, even though it might generate valuable intelligence. The NSA also wanted to use its sophisticated computer analysis tools to more efficiently sort through its enormous databases.
In the NSA’s 2011 memo explaining the policy shift, analysts were told that they could trace the contacts of Americans as long as they cited a foreign intelligence justification, such as ties to terrorism, drug smuggling or weapons proliferation. Spying on the conversations of foreign politicians, business personnel and are also acceptable justification, the Times reported.
According to the documents, one of the primary tools the NSA used for chaining phone numbers and e-mail addresses went by the code name Mainway – a repository into which huge amounts of data flow daily from the NSA’s fiber-optic cables, corporate partners and foreign networks that have been breached.
But the documents reveal that vast amounts of US data also go into Mainway. For instance, an internal NSA bulletin stated that in 2011 Mainway was receiving 700 million phone records per day. In August 2011, it was receiving an additional 1.1 billion mobile phone records per day from an unnamed US service provider under Section 702 of the 2008 FISA Amendments Act. That provision allows for the collection of the data of US citizens if at least one end of the communication is believed to be foreign.
The staggering amount of metadata collected by the NSA was revealed in the agency’s classified 2013 budget request to Congress, disclosed by Snowden, which showed the NSA is investing heavily to build a metadata repository capable of receiving 20 billion “record events” per day, which will be available to NSA analysts within an hour.
The budget also includes support for the “Enterprise Knowledge System,” which creates complex social graphs to "rapidly discover and correlate complex relationships and patterns across diverse data sources on a massive scale,” the Times reported, citing a 2008 document. That data is used to accelerate queries and identify new targets for surveillance.
A separate, top-secret document entitled "Better Person Centric Analysis" describes 94 "entity types," such as phone numbers, e-mail and IP addresses, which are searched by the NSA using queries like "travelsWith, hasFather, sentForumMessage, employs" to create "community of interest" profiles according to 164 “relation types.”
A 2009 PowerPoint presentation provided additional examples of data sources available in the NSA’s “enrichment” process, including online social networks, location-based services like GPS and TomTom, billing records and bank codes for transactions in the US and abroad.
Members of Congress from both sides of the political aisle have expressed growing concern in recent weeks following Snowden’s disclosure of documents revealing the NSA’s broad spying activities.
In a contentious exchange during a hearing of the Senate Intelligence Committee on Thursday, Senator Ron Wyden (D-OR) asked Gen. Alexander if the NSA had ever collected or made plans to collect Americans’ cellphone signals to gather information about their location that would allow tracking of the movements of individual callers.
Gen. Alexander said the agency had not done so as part of its call log program authorized under provisions of the Patriot Act, but that a more complete response would have to be classified.
"What I don't want to do … is put out in an unclassified forum anything that's classified,” he told the Committee.
Wyden was determined to get an answer.
"I believe this is something the American people have a right to know, whether NSA has ever collected or made plans to collect cell site information," he said.
Members of the bipartisan committee panel used the hearing to advance their respective versions of legislation to scale back the NSA's authority to access and analyze US phone records, and to strengthen privacy protections for Americans.
Committee chairwoman Senator Dianne Feinstein (D-CA) said new legislation would "strictly limit access to the … phone metadata records, expressly prohibit the collection of the content of phone calls," and limit the length of time US phone records, such as the date and length of calls and the number called, could be kept.
But Feinstein's proposed legislation stops short of prohibiting the bulk collection of phone and email records. A separate bipartisan group of four senators, including Wyden, unveiled legislation earlier this week that would end bulk collections.
Some lawmakers on the panel also sought to broaden the government's spying powers to allow monitoring of terror suspects who enter the US after being tracked abroad by the NSA.