Letter says NSA buys Americans' internet data without warrant
National Security Agency buys some logs of Americans' home Internet activities from commercial data brokers a declassified letter by the agency,
The letter, addressed to Democratic senators and obtained by The New York Times, offered few details about the nature of the data, other than emphasizing that it did not include the content of Internet communications.
Still, this revelation is the latest to expose a legal gray zone: Intelligence and law enforcement agencies sometimes purchase potentially sensitive and revealing domestic data from brokers who have a court order to obtain it directly. Is required.
This comes as the Federal Trade Commission has begun cracking down on companies that trade and sell personal location data collected from smartphone apps without people's knowledge and consent as to where it ends up and how it is used. For what purpose it will be done.
In A letter to the Director of National Intelligence On Thursday, Sen. Ron Wyden, Democrat of Oregon, argued that “Internet metadata” – logs showing when two computers have communicated, but not the content of any messages – “can be equally sensitive” to the FTC. The location the data is targeting.
He urged intelligence agencies to stop buying Internet data about Americans if it was not collected under the standard set by the FTC for location records.
Mr. Wyden wrote, “The U.S. government should not fund and legitimize such a shady industry that blatantly violates Americans' privacy. This is not only unethical, but also illegal.”
A representative for the director of national intelligence, Avril D. Haynes, did not respond to a request for comment.
NSA made his special revelation under pressure In a letter that its late director, Gen. Paul M. Nakasone, sent to Mr. Wyden last month. In November, Senator put a stop to On Lieutenant General Timothy D. Hoff, President Biden's nominee as the next director of the agency, to prevent the Senate from voting on his confirmation until the agency publicly discloses whether it collects Americans' location data and Was buying web browsing records.
In the letter, General Nakasone wrote that his agency has decided to disclose that it purchases and uses a variety of commercially available metadata for its foreign intelligence and cybersecurity missions, including NetFlow data “throughout “In a manner relating to domestic Internet communications”.
NetFlow data generally means Internet metadata Shows when a computer or server is connected But it does not include the content of their conversation. Such records could be generated when people visit various websites or use smartphone apps, but the letter did not specify how detailed the data the agency purchases is.
Asked for clarification, an NSA official provided a statement saying that the agency purchases commercially available NetFlow data for its cybersecurity mission of detecting, identifying, and thwarting foreign hackers. It stressed that “at all stages, the NSA takes steps to minimize the collection of U.S. individual information,” including using technical means to filter it.
The statement said it limited its NetFlow data to Internet communications in which one party has a computer address inside the United States and the other party is foreign, or where one or both communicators are foreign intelligence targets, such as a Malicious cyber actors. ,
While General Nakasone also acknowledged that some of the data purchased by the NSA “is linked to electronic devices being used outside – and, in some cases, inside – the United States,” he said the agency did not use domestic location data. Information not purchased, including from known phones or Internet-connected cars in the country.
Mr Wyden, a longtime privacy advocate and surveillance skeptic who has access to classified information as a member of the Senate Intelligence Committee, has proposed legislation that would bar the government from buying data about Americans. Will give which he will need a court order to get it.
In early 2021, he received a memo revealing that the Defense Intelligence Agency purchased a commercially available database containing location data from smartphone apps and had searched it multiple times without a warrant for Americans' past movements. The senators are trying to persuade the government to disclose more publicly about its practices.
The correspondence with Mr. Wyden, a portion of which was redacted as classified, strongly suggested that other parts of the Defense Department also purchase such data.
Law enforcement and intelligence agencies outside the Defense Department also purchase data about Americans in a way that is coming under increasing scrutiny. In September, the Inspector General of the Department of Homeland Security Many of its units malfunctioned To purchase and use smartphone location data in violation of privacy policies. Customs and Border Protection has also indicated That he will stop buying this kind of data.
one more Letter Under Secretary of State for Intelligence and Security Ronald S. Moultrie told Mr Wyden that obtaining and using such data from commercial brokers is subject to various safeguards.
He said the Pentagon used the data legitimately and responsibly to carry out its various missions, including detecting hackers and protecting US service members. He said there are no legal restrictions on purchasing the data which is “just as available for purchase to foreign adversaries, U.S. companies and private individuals as it is to the U.S. government.”
But in his letter to Ms. Haines, Mr. Wyden urged intelligence agencies to adjust their practices, pointing to the Federal Trade Commission's recent crackdown on companies that sell personal information.
This month, the F.T.C. Banned a data broker formerly known as X-Mode Social By selling local data as part of the first settlement of its kind. The agreement established that the agency considers the business location data – which was collected without consumers' consent that it would be sold to government contractors for national security purposes – a violation of a provision of the Federal Trade Commission Act that is inappropriate and Is misleading. Practice.
And last week, the F.T.C. unveiled a proposed agreement Another data aggregator, InMarket Media, prohibits it from selling precise location data if it doesn't fully inform customers and obtain their consent — even if the government isn't involved.
While the NSA is unwilling to buy data that includes location information, Mr. Wyden argued that Internet metadata could also reveal sensitive things — such as whether a person has attempted suicide, substance abuse or sexual abuse, Or visiting websites about counseling related to other such topics. Personal matters, such as if someone is seeking mail-order abortion pills.
In his letter, he wrote that the actions against Has been obtained from. ,