articles NSA surveillance
We all know that the NSA uses word games to hide and downplay its activities. Words like “collect,” “conversations,” “communications,” and even “surveillance” have suffered tortured definitions that create confusion rather than clarity.
There�s another one to watch: “targeted” v. “mass” surveillance.
Since 2008, the NSA has seized tens of billions of Internet communications. It uses the Upstream and PRISM programs�which the government claims are authorized under Section 702 of the FISA Amendments Act�to collect hundreds of millions of those communications each year. The scope is breathtaking, including the ongoing seizure and searching of communications flowing through key Internet backbone junctures, the searching of communications held by service providers like Google and Facebook, and, according to the government’s own investigators, the retention of significantly more than 250 million Internet communications per year.
Yet somehow, the NSA and its defenders still try to pass 702 surveillance off as “targeted surveillance,” asserting that it is incorrect when EFF and many others call it “mass surveillance.”
Our answer: if “mass surveillance” includes the collection of the content of hundreds of millions of communications annually and the real-time search of billions more, then the PRISM and Upstream programs under Section 702 fully satisfy that definition.
This word game is important because Section 702 is set to expire in December 2017. EFF and our colleagues who banded together to stop the Section 215 telephone records surveillance are gathering our strength for this next step in reining in the NSA. At the same time, the government spin doctors are trying to avoid careful examination by convincing Congress and the American people that this is just “targeted” surveillance and doesn�t impact innocent people.
Section 702 Surveillance: PRISM and Upstream
PRISM and Upstream surveillance are two types of surveillance that the government admits that it conducts under Section 702 of the FISA Amendments Act, passed in 2008. Each kind of surveillance gives the U.S. government access to vast quantities of Internet communications. Upstream gives the NSA access to communications flowing through the fiber-optic Internet backbone cables within the United States. This happens because the NSA, with the help of telecommunications companies like AT&T, makes wholesale copies of the communications streams passing through certain fiber-optic backbone cables. Upstream is at issue in EFF�s Jewel v. NSA case.
PRISM gives the government access to communications in the possession of third-party Internet service providers, such as Google, Yahoo, or Facebook. Less is known about how PRISM actually works, something Congress should shine some light on between now and December 2017. Note that those two programs existed prior to 2008�they were just done under a shifting set of legal theories and authorities. EFF has had evidence of the Upstream program from whistleblower Mark Klein since 2006, and we have been suing to stop it ever since. Why PRISM and Upstream are “Mass,” Not “Targeted,” Surveillance
Despite government claims to the contrary, here�s why PRISM and Upstream are “mass surveillance”:
(1) Breadth of acquisition: First, the scope of collection under both PRISM and Upstream surveillance is exceedingly broad. The NSA acquires hundreds of millions, if not billions, of communications under these programs annually.
Although, in the U.S. government�s view, the programs are nominally “targeted,” that targeting sweeps so broadly that the communications of innocent third parties are inevitably and intentionally vacuumed up in the process. For example, a review of a “large cache of intercepted conversations” provided by Edward Snowden and analyzed by the Washington Post revealed that 9 out of 10 account holders “were not the intended surveillance targets but were caught in a net the agency had cast for somebody else.” The material reviewed by the Post consisted of 160,000 intercepted e-mail and instant message conversations, 7,900 documents (including “medical records sent from one family member to another, resumes from job hunters and academic transcripts of schoolchildren”), and more than 5,000 private photos. In all, the cache revealed the “daily lives of more than 10,000 account holders who were not targeted [but were] catalogued and recorded nevertheless.” The Post estimated that, at the U.S. government�s annual rate of “targeting,” collection under Section 702 would encompass more than 900,000 user accounts annually. By any definition, this is “mass surveillance.”Even if the acquisition of communications containing information “about” a surveillance target could, somehow, still be considered “targeted,” the method for accomplishing that surveillance cannot be: “about” surveillance entails a content search of all, or substantially all, international Internet communications transiting the United States. Again, by any definition, Upstream surveillance is “mass surveillance.” For PRISM, while less is known, it seems the government is able to search through�or require the companies like Google and Facebook to search through�all the customer data stored by the corporations for communications to or from its targets.
(2) Indiscriminate full-content searching. Second, in the course of accomplishing its so-called "targeted" Upstream surveillance, the U.S. government, in part through its agent AT&T, indiscriminately searches the contents of billions of Internet communications as they flow through the nation�s domestic, fiber-optic Internet backbone. This type of surveillance, known as "about surveillance," involves the NSA's retention of communications that are neither to nor from a target of surveillance; rather, it authorizes the NSA to obtain any communications "about" the target.