September 29, 2013 - Since 2010, the National Security Agency
has been exploiting its huge collections of data to create sophisticated graphs of some Americansâ€™ social connections that can identify their associates, their locations at certain times, their traveling companions and other personal information, according to newly disclosed documents and interviews with officials.
The spy agency
began allowing the analysis of phone call and e-mail logs in November 2010 to examine Americansâ€™ networks of associations for foreign intelligence purposes after N.S.A. officials lifted restrictions on the practice, according to documents provided by Edward J. Snowden, the former N.S.A. contractor.
The policy shift was intended to help the agency â€śdiscover and trackâ€ť connections between intelligence targets overseas and people in the United States, according to an N.S.A. memorandum from January 2011. The agency was authorized to conduct â€ślarge-scale graph analysis on very large sets of communications metadata without having to check foreignnessâ€ť of every e-mail address, phone number or other identifier, the document said. Because of concerns about infringing on the privacy of American citizens, the computer analysis of such data had previously been permitted only for foreigners.
The agency can augment the communications data with material from public, commercial and other sources, including bank codes, insurance information, Facebook profiles, passenger manifests, voter registration rolls and GPS location information, as well as property records and unspecified tax data, according to the documents. They do not indicate any restrictions on the use of such â€śenrichmentâ€ť data, and several former senior Obama administration officials said the agency drew on it for both Americans
N.S.A. officials declined to say how many Americans have been caught up in the effort, including people involved in no wrongdoing. The documents do not describe what has resulted from the scrutiny, which links phone numbers and e-mails in a â€ścontact chainâ€ť tied directly or indirectly to a person or organization overseas that is of foreign intelligence interest.
The new disclosures add to the growing body of knowledge in recent months about the N.S.A.â€™s access to and use of private information concerning Americans, prompting lawmakers in Washington to call for reining in the agency and President Obama to order an examination of its surveillance policies. Almost everything about the agencyâ€™s operations is hidden, and the decision to revise the limits concerning Americans was made in secret, without review by the nationâ€™s intelligence court or any public debate. As far back as 2006, a Justice Department memo warned of the potential for the â€śmisuseâ€ť of such information without adequate safeguards.
An agency spokeswoman, asked about the analyses of Americansâ€™ data, said, â€śAll data queries must include a foreign intelligence justification, period.â€ť
â€śAll of N.S.A.â€™s work has a foreign intelligence purpose,â€ť the spokeswoman added. â€śOur activities are centered on counterterrorism, counterproliferation and cybersecurity.â€ť
The legal underpinning of the policy change, she said, was a 1979 Supreme Court ruling that Americans could have no expectation of privacy about what numbers they had called. Based on that ruling, the Justice Department and the Pentagon decided that it was permissible to create contact chains using Americansâ€™ â€śmetadata,â€ť which includes the timing, location and other details of calls and e-mails, but not their content. The agency is not required to seek warrants for the analyses from the Foreign Intelligence Surveillance Court.
N.S.A. officials declined to identify which phone and e-mail databases are used to create the social network diagrams, and the documents provided by Mr. Snowden do not specify them. The agency did say that the large database of Americansâ€™ domestic phone call records, which was revealed by Mr. Snowden in June and caused bipartisan alarm in Washington, was excluded. (N.S.A. officials have previously acknowledged that the agency has done limited analysis in that database, collected under provisions of the Patriot Act, exclusively for people who might be linked to terrorism suspects.)
But the agency has multiple collection programs and databases, the former officials said, adding that the social networking analyses relied on both domestic and international metadata. They spoke only on the condition of anonymity because the information was classified.U.S. Citizens.