The Guardian has reported on a new leaked document which reveals that from 2001 until 2011 the US government was collecting e-mail metadata en masse. That program shut down two years ago, but there's also evidence of other ongoing "big data" digging into e-mails.
There are some key differences between this massive metadata collection and the collection of telephony data revealed earlier this month. First, the e-mail collection is supposed to only occur when there is at least one foreign communicant, while the phone call metadata is collected on US-to-US calls as well.
Second, the Obama administration has said the bulk collection of e-mail metadata, a program which went by the name Stellar Wind, ended in 2011. The collection of telephone metadata is ongoing.
That metadata includes the names on the "To," "From," and "BCC" lines of every e-mail. It also includes the Internet protocol (IP) addresses, which show the physical location of most e-mail users. Given the way e-mail works, such metadata could reveal a huge amount of information about the user: not just who they're e-mailing, but where they are, what they're reading and sharing, and what kind of ads they might be responding to.
The Stellar Wind program was put into place under the Bush administration in early October 2001, less than a month after the 9/11 terrorist attacks. For a few months in 2004 the program was shut down after a "dramatic rebellion" by senior officials at the Justice Department and FBI, including then-deputy attorney general James Comey, who was nominated last week to head the FBI.
However, the documents show that this short-lived rebellion simply "brought [the program] under a newly created legal framework," write Spencer Ackerman and Glenn Greenwald, The Guardian reporters who have been dissecting the trove of top-secret documents leaked by Ed Snowden. By July 2004, the chief judge of the FISA court had blessed the program under a new order, and it resumed.
In 2011, the program was terminated by President Obama "as the result of an interagency review," an administration spokesperson told The Guardian. "The Internet metadata collection program authorized by the FISA court was discontinued in 2011 for operational and resource reasons and has not been restarted," he said.
Other Internet surveillance programs thrive: Meet “EvilOlive”
Despite those assurances, the collection of Internet metadata continues today. A second Guardian story today offers some sketchy details about several programs, including one that allows the NSA "to direct more than half of the Internet traffic it intercepts from its collection points into its own repositories." That program, codenamed with the palindrome EvilOlive, is a new capability announced by the NSA's Special Source Operations (SSO) in December 2012.
"The... solution is allowing more than 75% of the traffic to pass through the filter," the December document reads, according to The Guardian. "This milestone not only opened the aperture of the access but allowed the possibility for more traffic to be identified, selected, and forwarded to NSA repositories. After the EvilOlive deployment, traffic has literally doubled."
Much of the Internet metadata comes from other governments friendly to the US, including the British intelligence agency GCHQ. Other SSO documents reviewed by The Guardian, including ones as recent as February 2013, suggest the EvilOlive program is expanding. Joint surveillance programs with unnamed partner agencies called MoonLightPath and Spinneret "are planned to be added by September 2013."
An SSO official celebrated the processing of the "One Trillionth metadata record" by another program called ShellTrumpet. Almost half of those trillion records were processed in 2012 and served a variety of government agencies to perform tasks like "direct e-mail tip alerting."
reader comments
191