NSA admits to second incident of unauthorized metadata collection

Posted:
in iPhone edited June 2019
The U.S. National Security Agency scooped up unauthorized call and text message data in October, representing the second such incident known to the public.

An NSA data center in Utah.
An NSA data center in Utah.


The violation was caught by the American Civil Liberties Union through a Freedom of Information Act lawsuit, according to the Wall Street Journal. Internal NSA memos on the matter are said to have been "heavily" redacted before publishing.

The documents don't indicate how many records were collected, but do say that they came from a telecoms firm who supplied information the NSA didn't ask for, and without sanction by the Foreign Intelligence Surveillance Court. The records began arriving on Oct. 3 but only stopped on Oct. 12, when the NSA asked the company to look into the "anomaly."

The ACLU said the documents suggest a person may have been targeted for surveillance as a result of the first violation, which led to the NSA deleting its existing database in June 2018.

The NSA has been collecting phone metadata for years, using it to track terrorism suspects and others. The program was exposed in 2013 by former NSA contractor Edward Snowden, showing that many innocent Americans were having data collected as well, potentially making the program a tool for mass surveillance.

Metadata consists of details like dates, times, phone numbers, and device identifiers. While nominally less invasive than message content, in reality metadata can be used to piece together many details about a person's life, such as daily habits and who their friends and family are.

One of the 2013 documents leaked by Edward Snowden.
One of the 2013 documents leaked by Edward Snowden.


2015's U.S.A. Freedom Act scaled back the program, keeping records in the hands of carriers except when requested through court orders. The NSA's internal records did drop dramatically, although as recently as 2017, it had 534 million records and just 40 targets.

That database was allegedly deleted in response to glitches causing carriers to send logs with both accurate and inaccurate information. That was blamed for gathering data on people unconnected to targets, at which point the NSA decided it would be easier to start over rather than do narrow scrubbing.

The Freedom Act is due to expire at the end of 2019, and the Trump administration will have to push for renewal legislation if it wants it. In March an advisor for Republican Rep. Kevin McCarthy of California claimed that the NSA hadn't been using the metadata collection system for six months, but that may conflict with news of the October incident.

Apple CEO Tim Cook became involved in the NSA controversy after Snowden's revelations, meeting with President Obama and putting pressure on Congress. The company eventually began disclosing government data requests, if only in the vague manner allowed by U.S. law.

Less is known about the state of PRISM, an NSA program collecting data from internet-based tech companies. Following the Snowden leaks, Apple insisted that it had "never heard of PRISM" and didn't "provide any government agency with direct access to our servers," despite that sort of access being mentioned in leaked NSA briefing documents.

Comments

  • Reply 1 of 13
    davgregdavgreg Posts: 1,046member
    Until irresponsible people in government are prosecuted for flouting the law this kind of thing will continue to be a problem.
    AppleExposedllamarazorpitktappeCarnagejony0
  • Reply 2 of 13
    DAalsethDAalseth Posts: 3,052member
    Okay yes I will m"believe" the NSA when they say this was an "accident". I will "trust" them to "never do it again".
    AppleExposedllamarazorpitCarnagechasmjony0
  • Reply 3 of 13
    flydogflydog Posts: 1,141member
    davgreg said:
    Until irresponsible people in government are prosecuted for flouting the law this kind of thing will continue to be a problem.
    Being irresponsible is not illegal.
    AppleExposedCarnage
  • Reply 4 of 13
    StrangeDaysStrangeDays Posts: 13,103member
    flydog said:
    davgreg said:
    Until irresponsible people in government are prosecuted for flouting the law this kind of thing will continue to be a problem.
    Being irresponsible is not illegal.
    It certainly can be. Never heard of vehicular manslaughter?
    edited June 2019 razorpitfastasleepktappechasm
  • Reply 5 of 13
    anonymouseanonymouse Posts: 6,975member
    DAalseth said:
    Okay yes I will m"believe" the NSA when they say this was an "accident". I will "trust" them to "never do it again".
    They've just taken a page from Google's playbook -- whenever Google gets caught doing something wrong, they always announce it was inadvertent and blame it on a contractor if they plausibly can. Just the other day Google apologized for Gmail, saying that it was inadvertent and created by foreign contractors.
    AppleExposedrazorpit
  • Reply 6 of 13
    sflocalsflocal Posts: 6,136member
    The documents don't indicate how many records were collected, but do say that they came from a telecoms firm who supplied information the NSA didn't ask for...
    Am I missing something?  It sounds like the telecom company messed up, not the NSA?
  • Reply 7 of 13
    A. Domestic bulk collection of metadata by the NSA was limited to landlines. Cell phone metadata was never bulk collected. All of the major U.S. telcos testified to that fact to Congress. B. Edward Snowden didn't expose much of anything. The Patriot Act was a publicly available legal document and contained all of the various expansion of powers for intelligence and law enforcement agencies in regards to telephony. For example, warrantless wiretapping was publicly known to be part of the Patriot Act and was highly controversial from the outset.
  • Reply 8 of 13
    DAalsethDAalseth Posts: 3,052member
    sflocal said:
    The documents don't indicate how many records were collected, but do say that they came from a telecoms firm who supplied information the NSA didn't ask for...
    Am I missing something?  It sounds like the telecom company messed up, not the NSA?
    And that's the story they're going to stick with.
    AppleExposedrazorpitCarnage
  • Reply 9 of 13
    DAalseth said: And that's the story they're going to stick with.
    That's the story that the ACLU uncovered with the FOIA.
  • Reply 10 of 13
    sdw2001sdw2001 Posts: 18,039member
    This entire thing is a dog and pony show.  It’s a red herring.  The NSA and intelligence agencies monitor ALL electronic and telephonic communication.   I’m sure it’s accurate they aren’t using the program anymore. They just have another program by another name.    This is been going on for decades. I’m not saying it’s right, I’m just acknowledging the truth.
    razorpit
  • Reply 11 of 13
    sdw2001 said: The NSA and intelligence agencies monitor ALL electronic and telephonic communication.
    No, they don't. This has already been proven through public testimony to Congress. As with Snowden, I guess people can believe it's something noteworthy if they've never paid attention before. All Snowden did is put a layer of goofball conspiracy theories derived from random NSA documents on top of the exact same concerns that people had with the Patriot Act since it was passed in 2001. It was only news to people that never paid attention previously.
  • Reply 12 of 13
    AppleExposedAppleExposed Posts: 1,805unconfirmed, member
    DAalseth said:
    Okay yes I will m"believe" the NSA when they say this was an "accident". I will "trust" them to "never do it again".
    They've just taken a page from Google's playbook -- whenever Google gets caught doing something wrong, they always announce it was inadvertent and blame it on a contractor if they plausibly can. Just the other day Google apologized for Gmail, saying that it was inadvertent and created by foreign contractors.
    NSA and Google were in bed with each other last I checked.

    Google allowed the NSA to contribute code on Android. Of course they later had excuses as to why.
  • Reply 13 of 13
    razorpitrazorpit Posts: 1,796member
    How do things like this get created; 

    Without programs like this?
Sign In or Register to comment.