NSA Internet Metadata Program Collected More Than Was Allowed, Shared Data Too Broadly


A now-defunct National Security Agency (NSA) bulk collection program that collected information about online communications exceeded its authority, collected too much, and shared that information too freely, recently declassified court documents show.

The program collected, according to the official IC On The Record Tumblr page, “certain electronic communications metadata such as the ‘to,’ ‘from,’ and ‘cc’ lines of an email and the email’s time and date.” The compliance issues detailed below are generally self-reported, and thus cannot be treated as the full extent of the NSA’s overreaches of its authority during the life of the particular program.

The government, the document indicates, “acknowledges that NSA exceeded the scope of authorized acquisition continuously during the more than [redacted] years of acquisition under [the] orders.”

According to the document, the Foreign Intelligence Surveillance Court (FISC, which in this post is referred to as the FISA court) authorized the NSA to “engage in the bulk acquisition of specified categories of metadata about Internet communications.” Queries were to be executed through the use of “seed” accounts, which the material defines as “Internet accounts for which there was a reasonable articulable suspicion (‘RAS’) that they were associated with a targeted international terrorist group.”

For United States persons, the FISA court document notes that RAS “could not be based solely on activities protected by the First Amendment.”

The document also notes that the “NSA could disseminate U.S. person information to other agencies only upon determination by a designated NSA official that it is related to counterterrorism and is necessary to understand the counterterrorism information or to asses its importance.”

Why did the NSA need to collect so much information? The document is at times heavily redacted, and so the reasoning here is choppy. The below screenshot..

Read more: http://techcrunch.com/2014/08/12/nsa-internet-metadata-program-collected-more-than-was-allowed-shared-data-too-broadly/