We can't sensibly discuss this story here unless we know which definition of "collect" is being used in the story.
Normal definition: collect. For example: "Even collected all the data going to and from Bob's house by putting a splitter on the cable."
NSA's definition: not that, as cited in various stories sourced by the Snowden leaks from the Guardian.
I won't attempt to define exactly how the NSA defines "collect" because I don't have time to track down and read the relevant article. But the upshot is-- their definition is idiosyncratic and misleading for a piece that has a general audience like this one.
It's not only a matter of definitions. It's also a matter of belief. The head of the NSA has lied directly to congress about data collection activities. We have absolutely no reason to believe they will have actually stopped collecting data even if they say so.
Right. It's prudent to assume that the NSA intercepts all Internet traffic, and stores as much as they can, for as long as they can, focusing on what seems most important. Everything is retained for a few days. Then they triage, based on names, addresses, keywords, and so on. Metadata and encrypted stuff, they reportedly retain indefinitely.
According to Russ Tice, the NSA has been conducting full-take domestic content collection on everyone.
In other words, not only metadata but full recordings and content of anything they can feasibly store—phone calls, text messages, internet conversations, video chat.
Collecting on Americans in such a manner satisfies legal requirements because the very definition of collection has been twisted to effectively mean accessing intercepted content present in storage.
The term metadata in particular was intentionally bandied about as a means of distracting from the fact NSA is getting everything. The metadata programs killed by congress amounted to little more than a dog and pony show, sacrificing deprecated programs for political ends. Personally I think it was a brilliant damage control measure.
Snowden arguably didn't help matters either, constantly using the term himself. The content he leaked was largely from JWICS, which wouldn't contain documents outlining the gory details of full-take domestic surveillance. Those likely are heavily compartmented, and reside on much more secure networks.
EO12333 suspends the fourth amendment for everyone subject to a background investigation for clearance purposes. At the very minimum they will maintain their domestic collection ability just to exercise that power.
their definition (via secret interpretation of USSID 18, according to Bill Binney[1]) is roughly that it's only collected if they actually go back and look at it at some point down the line. your web browsing history (or whatever) sitting on a hard drive in utah doesn't fall under this definition until they look at it.
Ah so that lends credence to my rationale for scraping websites. Until I actually look at the scraped data no scraping has taken place so no terms of use have been violated. When I look at the scraped data the terms of use come into effect but now I'm personally present so no robotic scraping has taken place.
That's what I do! I just download and store (but not collect!!) all those stupid Marvel comic films, just to piss off the MPAA (and for security purposes / the children). And this is fine because I don't actually watch them. Or can stand them. It's the rules, and I don't wanna break them!
Well, scraping has taken place, so you've violated a eula and potentially committed theft. But you haven't violated copyright, as long as you do not distribute the data either, (through any means) pretty sure that's fair "use."
Ymmv, not a lawyer and this is internet bullshitting, not legal advice.
The government can exempt themselves from IP laws. For example, the government has exempted itself and defence contractors for violating patents (to build top secret devices) in the past.
...yes? Couldn't there be valid causes of action for government acts? Are we simply assuming bad faith on the part of the government for any possible scenarios?
This isn't really a secret interpretation, I and a lot of people I knew noticed the same thing over a decade ago by reading the privacy policies of tech companies. Reading the data requires a warrant. Recording the data doesn't.
The important aspect for the NSA's interpretation is that algorithms can look at and process the data and create metadata or synopsis information from it.
Having an intelligence system ingest this metadata and synopsis is not considered "collection".
Essentially, if it can be automated, it isn't collection. If a human gets pulled into the loop to look at data, that's when it's collected. However, a human could be shown a synopsis or an inference about an American target and this could still not be collection, as the summary information being viewed isn't considered the person's private records.
Basically a loophole in a loophole. I'll be happy to keep databases of, and run software over, our national security records. I won't collect any of it, though. I won't even look at it. I'll just get summaries of the information contained in it from my algorithms - and if I want to look at a specific document I'll punch a rubber stamp on it first.
Curiously, a fair amount of genetic research is done this way: the genetic info is PHI, but the covered entity holds the data and the computer capacity. The researcher just pushes an algorithm to the cluster and gets aggregate results back.
That's the idea, but in practice GA4GH is still working on the API's and protocols to make this work in an automated and containerised fashion for modern genetic data. We do often send the algorithm to the data but mostly by way of granting an account to collaborators and them sshing into a remote cluster because copying 120 terabyte datasets is no fun.
well, it's a secret interpretation of a particular executive order (EO 12333 signed by reagan, if you're curious), in the sense that it's not obvious on its face from reading the order that one should come to the same interpretation as they have, and that they don't officially divulge that interpretation.
prior to snowden, almost everybody (you and your clever colleagues excluded, obviously) would think it was paranoid to believe this was the case. at least, there's no way i could make the leap from:
'EULA's state that recording activity on a company's servers by that company [i assume this is what you mean?] doesn't require a warrant but the government reading it does'
to:
'the government records incomprehensible amounts of domestic traffic but it doesn't count as warrantless surveillance because they don't read most of it'
EO 12333 doesn't redefine collection. Data collected abroad under 12333 is still "acquired" according to the definition in the NSA's documents leaked by Snowden. Do you have any documents that you can point to that say otherwise?
i should have been less ambiguous, sorry -- USSID 18 is derived from EO 12333, and USSID 18 nominally provides protections to US citizens from being spied upon; USSID 18 also is what has a secret interpretation by NSA lawyers that most people would probably feel is not in the spirit of the EO. here's a very nice writeup:
Why don't any of Snowden's documents confirm that they're using this interpretation and instead show that they are interpreting it as everyone else does?
What bearing does a private company's privacy policy have on warrants? I think I see what you're getting at but what a private company consider warrant-worthy or not is irrelevant when discussing the governments position.
So they're taking a rather quantum take on this as a superposition of states that are unknown until measurement occurs and they collapse the wave function into being "collected". Cool.
Why are judges only focusing on the "search" part of the Fourth Amendment and not on the "seizure" part as well?
That kind of action should count as a seizure, no?
> The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
It is right out of a comedian sketch. Then govt massively penalizes citizens for doing a thing. Turn around with a straight face and tell you, in the name of National Security, that it is okay for them to do it.
So all it would take is for them to change their policy at any point in the future, even only for a few minutes, and instantly "collect" all current and historical emails from Americans.
No. Collection, unlike retention, of US Persons' data is governed via court decisions, not NSA policy.
If Congress doesn't like these retention / collection interpretation of their laws, they can clarify them in statute at any time. But they haven't and probably won't, because "retain everything for judicially approved retroactive collection" is incredibly useful e.g. when a bomb goes off at a marathon and a judge OKs the suspect's communications being reviewed.
So, they archive the data and promise not to collect it (look at it) unless they have a national security letter signed by a judge^H^H^H^H^H drinking buddy from the office.
Not only do they "promise" but they realize they'd be violating the legal boundaries placed on their organization if they do. Arguing they shouldn't have the capability for this is like arguing the army shouldn't be allowed to have tanks because then they have the capacity to perform a military coup.
No judge has ever signed an NSL. That's precisely the distinction between a "regular" judicial subpoena and an administrative subpoena [1].
Subpoenas have nothing to do with NSA interception, and everything to do with ordering businesses to produce evidence or individuals to testify pertaining to a crime. The case law setting the "expectation of privacy" test is from the 70s, and the electronic wiretapping laws from the 80's. The only recent development is that SCOTUS decided people don't have a reasonable expectation of privacy when their cell phone connects to cell towers because that's obviously how they work [2].
You don't need a law degree nor security clearance to understand this. Stop finding reasons to justify your anger and start getting informed.
Maybe I should have ended with a smiley, because I don't feeel tardy^H^H^H^H^H angry. I was just trying to point out that there is a way that "retroactive collection" can take place that isn't "judicially approved."
I do think the US could use some legislative work on privacy. I'm glad there are FISA courts issuing search warrants, but don't think national security letters should actually be a thing.
Yeah, and cops can murder people. The solution isn't to take away their guns.
Good call re: NSL. I don't quite understand why investigators need NSL instead of a court order. Avenues for abuse seem relatively clear with no obvious ways to recourse or even know when it occurs!
This seems like such an obvious violation of the fourth amendment to me.
> no warrants shall issue, but upon probable cause
When the data is retrieved and stored (note I did NOT say "collected") seems to me to be an important part of the fourth amendment. Under the NSA's definition of "collect", the police could -- without warrant -- come to your house every day to scan all documents and take pictures of everything and keep it as long as they "promise" to not review it until they do get a warrant. Does that sound like a reasonable interpretation of the fourth amendment to you?
There are so many laws that it's unknowable to be sure that you're not violating one at any moment, and in fact it's been estimated that you break three federal laws every day [1]. With the amount of information the NSA stores it's likely they could legally put away any citizen in the country. This gives them absolute power, since all they have to do is invent a story about how they legally "collected" the information, aka Parallel Construction [2].
Now lets add in arbitrary, secret laws (which completely undermine the purpose of laws and democratic/representative government, btw) and their necessary secret trials. This turns the "unknowable" in the previous paragraph from "practically true because it's untenable" to "literally true" because you're not allowed to know it. This means on top of all of the above, there can be no oversight or public accountability of the actions of the government against citizens.
This is a mindbogglingly omnipotent combination: Retroactive "Collection" + every citizen could be tried as a felon + Parallel Construction + no accountability.
No, because they'd be entering my house. If I send an SMS, however, it goes out of my house, you see?
Discretion of investigators, prosecutors, and judges means that the "you break federal laws every day" is a no-op argument, and repealing laws takes a lot of work. I'd rather Congress focused on e.g. fixing healthcare.
Parallel construction has existed at least as long as the USA, i.e. since there have been non-public data sources. Parents, do it too. If you're upset about it you're a child.
"Arbitrary, secret laws"? What a load of nonsense. Congress passes and debates every federal law in public (albeit sometimes a bit quickly). You mean secret interpretations of laws by FISA? Yeah, not exactly news and relatively public and subject to review by elected lawmakers. How, exactly, do you suggest counterintel should work, sans secret courts?
It doesn't concern me because this combination stems from ignorance and an overactive imagination that wants to see evil where there is no evidence of evil. I imagine the systems you mention has avenues for abuse and also checks to make sure they are not abused. We should absolutely be vigilant for signs of abuse and talk about them.
Given the concrete issues facing our society right now, abuse by lawless investigators colluding with a court appointed by SCOTUS to... do what, exactly?
I see, so you'd be fine with them scanning and storing a copy of every piece of mail that ever crossed your mailbox in the same fashion.
If you're ok with having to rely on their discretion we may already be talking past each other. A bedrock principle of the constitution and amendments are that the government's discretion can't be trusted, so discretion must be limited and controlled and standardized. My point is that discretion to use a power is no different from just having the power outright.
Appeal to tradition, a strawman, followed by an ad hominem. I hope you're saving a better counter for later. Parents don't need parallel construction, they already have absolute power and can investigate however they wish. Are you sure you understand what parallel construction is? A simplified example: A prosecutor wants to convict a citizen (for whatever reason) but they don't have any evidence, so they use illegal means to find evidence that they couldn't have practically found otherwise. But this is inadmissible in court, so they fabricate an "investigation" that -- through the prosecutor's superior "intuition" and uncannily accurate "hunches" -- ends up producing some of the same evidence, enough to make a conviction. I don't understand your goal here, are you saying that parallel construction is fine and the source of evidence doesn't matter? It sounds like you're trying to throw out the exclusionary rule altogether.
I'm sorry you're not aware about the existence of secret laws. Please read up on it [1], it may be enlightening. If you take issue with my use of the adjective "arbitrary", I'll give you that. (But if they're secret how is that really so different from arbitrary?) If you take issue with my colloquial use of "law" that includes regulations, executive branch pronouncements, and secret interpretations that fundamentally change the plain reading of statutes, I'm not sure what to tell you other than to stop being pedantic and think of the bigger picture. "Couterintel" is an overused excuse employed to dodge accountability, most of the time it doesn't need to be secret. "Subject to review". Yeah, sure [2].
What you see as "overactive imagination" I see as a healthy distrust of the government, because "all men having power ought to be distrusted to a certain degree" [James Madison, 3]. Yes the checks exist, but the systems I mention are the circumvention of these same checks. What I see from you is sticking your fingers in your ear, burying your head in the sand, and singing LALALA as loud as you can when presented with evidence of the very abuses for which you say we should stay vigilant.
The NSA calls getting the data "interception". It calls LOOKING AT THE DATA BY A HUMAN WHO IS AN NSA EMPLOYEE "collection". It considers there to be no limits whatsoever on "interception" and permanent storage of communications data. It considers there to be some minor legal limits on "collection".
We can assume the NSA will continue to intercept approximately 100% of the world's communications, and store them in Utah, and "collect" them when legally feasible or desirable.
This story is, at best, a trivial change in NSA operations, and more likely, zero change in NSA operations. (The NSA is permitted to lie to you or the press about its operations.)
I'd say his arguments appear clear and convincing, even to a skeptic like myself. I wonder what can be done to counter his seemingly perfect narrative so Americans can be rightfully concerned about what's happening.
To be clear, I don't believe Hayden, he is likely lying about aspects of it, these systems will inevitably be used in the future for regular law enforcement purposes and the previous abuses by NSA staff is understated. Plus, it is unequivocally illegal and a violation of natural rights. And just a bad idea which will lead to a dangerous future.
> I wonder what can be done to counter his seemingly perfect narrative so Americans can be rightfully concerned about what's happening.
I think that a) redefining common terms to mean idiosyncratic things and b) using the idiosyncratic terms in public to imply their original common meaning is enough to trigger a warning to the layperson against putting too much stock in a particular speaker's narrative. I can say from experience that people tend to perk up when you give them such a warning.
Also, Sam Harris isn't particularly well-versed in the issues surrounding wide-net surveillance. Add Bruce Schneier or Dan Bernstein to the discussion and that "seemingly perfect narrative" will start to look very different.
Good call. This is the country for which loopholes exist that basically allow any processed food product to claim being 'made with 100% chicken' [though not 100% of this product is that '100% chicken'] or 'Made with [a company called] 'Real'['s] cheese" or whatnot...
> 100% grated parmesan cheese. It's 100% grated. And there is parmesan cheese in it. Just not 100% cheese.
etc etc (via reddit this morning).
Can't really trust words that are picked to imply conclusions that are not legally being declared rigorously (and audited by some lawyer of an independent entity).
This isn't the only time something silly like that is in law. In New York, a loaded gun is any gun that you possess at the same time as ammunition suitable for it.
There were some conspiracy theories about the NSA's definition of "collect" around when the first Snowden documents were published, but those were never substantiated in the documents, while the normal definition was confirmed in Snowden's documents (above).
> For technical reasons, the agency ended up collecting messages sent and received domestically as a byproduct of such surveillance, the officials said.
"Oops didn't mean to."
Keep in mind that the NSA lied to Congress very recently. Thanks to Snowden they were caught in that lie. I don't believe anything they say.
The only credible way to trust that NSA had stopped wiretapping would be a drastic enough reduction of its finances (and no transfer to FBI/CIA for that purpose).
Does feel a bit like Abbot at the end of the first Bourne movie: "The Treadstone project has actually already been terminated. It was designed primarily as a sort of advanced game program. We'd hoped it might build into a good training platform, but quite honestly, for a strictly theoretical exercise, we thought it was far too expensive. The cost-benefit ratio was just too high. It's been all but decommissioned at this point."
Yeah, over as far as some bureaucracy is confirmed, but totally another 4 or more sequels coming.
Prior to World War II, the FBI began keeping a list of people to be rounded up "in the event of a national emergency" ( https://en.wikipedia.org/wiki/FBI_Index ). Some people on this index were put in concentration camps during World War II, notably people of Japanese heritage (and as Cygnus co-founder John Gilmore notes, some of these people were identified, via a legal fiction, by them filling out that they were of Japanese heritage on census forms http://www.toad.com/gnu/census.html)
World War II did not end the list, it grew. Finally, Watergate, the death of Hoover and exposure of programs like COINTELPRO led to the Church Committee and the supposed disabling of the list.
Since then, all information has been that the only thing that has changed is that the list is not officially for the detention of American citizens. Some of the people involved in Iran-Contra in the 1980s were also maneuvering for a US military invasion of Nicaragua, which they thought might necessitate putting anti-war protesters into concentration camps( https://en.wikipedia.org/wiki/Rex_84 ). Of course, that plan was so far out that the plan might be more nutty than scary, but then again, these are people who secretly broke the US's own arms embargo against Iran to sell Iran weapons, the money from which they used to fund a war against Nicaragua which Congress had banned.
It's kind of like that Utah Data Center ( https://en.wikipedia.org/wiki/Utah_Data_Center ) they're building to store what is probably permanent recordings of our phone calls, SMS messages, e-mails, web browsing history etc. They didn't spend $1.5 billion on it so far to not use it.
Remember in the 90s when reading your email was seen as a creepy deed done by greasy, social outcasts? Contrast that with our government, today, spending unholy amounts of money to do that while Americans go without clean water and healthcare.
(yeah, the Utah center is probably scarce in actual clean rooms... Maybe A "Homeland"-style sock puppet farm is more likely re-use: reduce unemployment, bolster support... /s)
I came here to say this, and I am glad there are about 50 other comments saying the same thing: We don't believe any of this. They are all liars. Don't trust liars.
The US is more and more reminding me of the old soviet line: "we pretend to work and they pretend to pay us". In this case, the NSA says things that everyone knows is not true, and the mainstream media prints it with complete seriousness, while I can't imagine they believe it is true.
It's pretty scary what the future holds for us if you stop and think.
You took the words right out of my head. The propaganda coming out of mainstream media (on all sides) is not even close to believable anymore. Nothing is true and everything is possible.
Huh? Yes, there's propaganda on all sides, and always has been, but the dystopian reality-surrender of NiT EiP does not immediately follow in the least. People paying attention have a very clear grasp on what is true and what is possible.
Exactly, you can't just blindly trust things people say without evidence. There is no way to prove the NSA doesn't do something, therefore I always assume the worst.
You can't generalize all agencies or all departments within an agency either. I'd be surprised if anyone working with Comey would give a damn based on what he tried to do to Apple, but I doubt everyone in our three letter agencies is going to violate the current system and read data without authorization and a warrant.
As pointed out above, they also use a different definition of "collect". In real terms, they collect everything, but they only claim to collect it when they access it on their own storage systems. It is utmost dishonesty, both by the government and this terrible excuse for a newspaper printing their lies.
How would we even know? No one can even go down in there. Congressional oversight is done by them coming up to Congress and saying "Nope, we're not breaking any laws. Not wittingly."
They're trying to get a PR win out of that fact that---for now---they're not continuing the program. Later, when they've refined their technical infrastructure in a way that makes it easy to comply with whatever new requirements the FISA judge(s) came up with, they'll resume the program but not tell a soul.
That's how I'm interpreting this, anyway. I hope I'm wrong.
And it may have been the only way to satisfy the court anyway, they had previously assured the court surrounding communications to these wouldn't be searched, and then they were searching them too (so even if you didn't mention a targeted email, if your email was in an internal email provider bundle (like a backup across data centers), it was getting searched too:
>But last year, officials said, the N.S.A. discovered that analysts were querying the bundled messages in a way that did not comply with those rules. The agency brought the matter to the court’s attention, resulting in a delay in reauthorizing the broader warrantless surveillance program until the agency proposed ceasing this collection practice.
> For technical reasons, the agency ended up collecting messages sent and received domestically as a byproduct of such surveillance, the officials said.
Yeah, sure. Maybe don't do mass surveillance then?
> The agency then proposed putting the bundled messages in a special repository to which analysts, searching through intercepts to write intelligence reports, would generally not have access. The court permitted that type of collection to continue with that restriction.
But last year, officials said, the N.S.A. discovered that analysts were querying the bundled messages in a way that did not comply with those rules.
This seems to happen Every.Single.Time. I wonder what really prompted the NSA to stop this collection. Maybe they just want to act all "We're good boys now" to convince Congress that they can be trusted with FISA Amendments' renewal, later this year?
We'll probably have to wait for the next Bamford book to find out what happened.
Given past performance, I would put money on this being replaced by a functionally identical program with a legal hack, and of course a new name. (The new name is vital so that "we no longer collect that data under that program" remains a technically-true statement.)
> I wonder what really prompted the NSA to stop this collection.
Rogue analyst finding damaging emails from some relevant politician? I.e. let's look at this Saudi Aramco chain mail because maybe extremist ties, but find email of Mr. Politician asking for donations bundled within the chain?
If they don't collect it under this program, they'll collect it under some other program. Or they'll just let one of the FIVE EYES partners spy on Americans. That's how they operate.
One of the main points of the Five Eyes agreement (originally BRUSA) is that the member states have a "no-spy agreement" with each other. That's why you see French leaders in the leaks but not heads of state of Canada or the UK. http://www.pbs.org/newshour/rundown/an-exclusive-club-the-fi...
The rumor that they spy on each other and share that data is not substantiated in any leaks and specifically goes against one of the main planks, making it an especially strange rumor.
>The rumor that they spy on each other and share that data is not substantiated in any leaks and specifically goes against one of the main planks, making it an especially strange rumor.
Huh? GCHQ has been spying on Americans for a long time. Here's the latest example: [0]
I don't like how this article implies that they aren't saving and storing all of your emails unless you are communicating with a surveillance target. In reality they are sucking up all data in transit and only looking at it when it involves a foreign target.
But technically they are storing it regardless if you do or not, and we are basically trusting them to not look at it.
This seems to be the biggest issue that is never addressed in these articles.
Not to mention the FISA court process being oddly rubber-stampy. Despite claims that they try really-really hard to get each one right, as an explanation why every single one gets approved.
> Not to mention the FISA court process being oddly rubber-stampy. Despite claims that they try really-really hard to get each one right, as an explanation why every single one gets approved.
What's wrong with those claims? If the guidelines are clear and their lawyers are competent, they can turn down a request without bothering the court. Surely you'll agree DoJ lawyers can tell whether a request meets the criteria for a legal intercept the vast majority of the time? "Probable cause" isn't exactly novel case law.
> we are basically trusting them to not look at it.
And trusting them not to lose control of the data. Given their inability to protect against Snowden, Shadow Brokers, etc. that is of course a reasonable possibility.
It's also a national security risk, imagine if an antagonistic foreign government had blackmail power over the US business elite, military officials, and politicians.
1) Security agencies are much more effective if they collect data before they know it's important. If they wait until Jane Doe blows up a building to start collecting intelligence on her, much of the evidence and other valuable information will be long gone.
2) Spying on innocent people violates their privacy, their legal rights, and is a tool for oppression. Warrants are required for a good reason.
One somewhat obvious solution is to store the data in escrow, available only with a warrant. Nobody would trust a private company with all that data (I hope, though I some countries require ISPs and other service providers to maintain some history), so who can we trust? I wonder if the courts are an answer. On one hand, it is not their role to provide investigative tools to the prosecution and could even violate their independence and neutrality. On the other, there would be little question about whether law enforcement had a valid warrant or whether the courts would respect by their own authority to issue warrants (and on the third hand, rather than the courts cleaning up the corruption, the corruption could spread to the courts too).
As another comment mentioned the NSA definition of collect seems to be (or was) only when they "look" at it, whatever that means exactly.
An interesting thing that I like to imagine happens with 1 (though I have no evidence) is that often Jane Doe does blow up a building, but then you see in the news over the next few weeks reports of rounding up terrorist cells related to Jane Doe. If they had to start fresh every time I don't think they could do that, they must have prior information, so I like to think it's the powers involved paying the Palantir tax. It's very reactive, which sucks for the people killed by Jane, but perhaps it's indicative that things haven't yet gone full Minority Report.
We had a good system in place in the Bill of Rights. Unfortunately, broad construction of this document in secret courts without an adversarial process has diminished it substantially. Your proposed system requires trust and goodwill, and that's in short supply.
It looks like this is likely a temporary cease & desist in order to get court authorization for their "broader warrantless surveillance program" while they figure out how to get those "bundled messages" into a separate repository.
I'd guess the NSA will eventually resume this massive email collection program once they can get it such that it's in compliance with the Court rules (which they seem to have been unable to do quickly right now hence ceasing it).
The good news, however slight it may be, is that the NSA may be at least obeying court orders somewhat rigorously.
Don't ever rely on email to be secure. It is an insecure medium despite all the bandaids on it. It's useful for sure, but assume it's being read by the government before you send a message.
This program likely started under Bush but was KEPT by Obama. It really upsets me that people give him a free pass for such an egregious violation of the Constitution.
Imho this has nothing to do with privacy or law. This is an operational decision. The bad guys aren't using email these days. I don't agree with much of the "going dark" narrative, but it is clear that bad guys are using IM services and other not-email means of communicating. So to hear NSA talk about not collecting email is like them saying they are going to stop monitoring library records: It sounds like a win for privacy but only on paper and we know that they will simply redeploy resources to the interception of other communication.
We'd need to understand what their definition of NSA, or collection, or emails are.
I think it's most likely they are saying that the entire NSA as a whole isn't doing collection, only some subset of the NSA is... and maybe they define collection as capturing and retaining information for 10 years, and now they are only doing it for 9 years 11 months... and emails mean everything you ever do online and SnapChat and Signal and Texts too.
This is hilarious. That someone in the government was paid to watch Barrens Chat full of Chuck Norris jokes, debates about if STR or AGI was better for Enhancements Shaman, and links to in-game items that would make funny dildos really amuses me.
/1 Anal [Thunderfury, Blessed Blade of the Windseeker]!
If you intercept traffic from gmail as a whole you would get messages from US citizens, not only from foreign people, not counting replies, fws, etc. That's my take from this excuse.
I don't know why Snowden is so quick to tweet that this is a victory. To me, it's a multivariate equation, and all they've done is made one of the variables smaller. They can sustain collection at the same amounts, by making another variable proportionally larger. For instance, what's changed is that they no longer collect signals that mention a target, only signals to or from a target. So all you need to do to keep collecting the same amount, is to make a lot more targets.
Err, the same emails that only a few years back they claimed they weren't 'collecting' anyway?[0] Totally believable. Yeah, totally — and I'm the King of England.
The filter on XKS that prevents US hits on selectors has been enhanced to satisfy ruling of the court.
Its still collected in perpetuity, but under the Schrödinger approach to surveillance it no longer exists.
Maybe nothing can truly change, just as one cannot uninvent a technology -- telephony, broadcasting or social media are with us forever. Maybe true to for global passive surveillance.
> give the N.S.A. copies of internet messages that cross the international border and contain a search term that identifies foreigners
That's a pretty misleading way to state the criteria. A reader that doesn't know any better would assume that a message that is sent from within the USA to somewhere else within the USA, would already have been exempt from this program.
But everybody with a little bit of background knowledge, including the author, knows that internet packets are routed, cached and stored all over the planet without regard to international borders. Even a packet or message that has both endpoints on US soil is very likely to cross international borders at some point in its route, because that's how the internet works and these services' infrastructure.
Just like calling this a "major development". I mean really, is this defeat? Sunk the bar that low? Call it "highly unlikely", "unprecedented" or something like that if you want to highlight the fact how unusual it is that the NSA gives up a tiny crumb of its capabilities. Call it "promising" maybe if you want to be really optimistic about it (hah).
But in what universe is this a "major development", instead of a tiny insignifant drop in the ocean of the NSAs vast and total surveillance capabilities? Does anybody believe that they are now in any way subject to less surveillance than before? It's like lowering the speed limit by 0.1mph and calling it a "major development" for the safety of kids playing on the streets.
Here's another nice one:
> The inquiries were conducted for legitimate intelligence purposes, the official said, but under rules imposed by the intelligence court, analysts were not supposed to search for Americans’ information within that data set
So ... the inquiries were conducted for legitimate purposes, it's just that they were against the rules, is all. I'm not sure I'm familiar with this new interpretation of the word "legitimate".
No but seriously can anyone explain this line? If I'm being as favourable as I can possibly manage, I suppose they mean this: The purpose of the inquiries was legitimate, it's just performing them is not. So what does it mean if merely the purpose is legitimate? Did this official just try to let off these NSA-analysts because "the ends justified the means" ??
Not that it matters that much to me any way, because I am one of those filthy foreigners that doesn't have any right to any privacy whatsoever in the eyes of the NSA and a worryingly large percentage of US citizens cheering them on for that, because it is not them--ehm I mean because it is their job (if you don't think too hard about it). There's so many people arguing, many people who are otherwise very reasonable, that it's somehow okay to utterly violate people's privacy (on an unprecedented global scale) for no other reason than they are foreigners. No other reason. Being foreign is enough that you decided my private life is somehow not my own. And of course that my government is doing it too! Except that they don't have the budget or the unique position in internet infrastructure to violate privacy on such a global scale. But they do still try. And I won't let that slide or cheer them on for it either, just because they're doing it to "other" people.
Normal definition: collect. For example: "Even collected all the data going to and from Bob's house by putting a splitter on the cable."
NSA's definition: not that, as cited in various stories sourced by the Snowden leaks from the Guardian.
I won't attempt to define exactly how the NSA defines "collect" because I don't have time to track down and read the relevant article. But the upshot is-- their definition is idiosyncratic and misleading for a piece that has a general audience like this one.