The NSA's ICREACH tool is like Google for your personal data
Nearly two dozen U.S. government agencies have access to a top-secret search engine that accesses phone calls, emails, and other forms of online communication, according to classified documents revealed by the Intercept.
Described in a secret National Security Agency (NSA) document as a “Google-like search,” the search engine provides domestic law enforcement agencies, such as the Federal Bureau of Investigation (FBI), with access to “more than 850 billion records,” the Intercept reports.
In addition to information on foreigners, the search engine, dubbed ICREACH, reportedly contains millions of records on innocent U.S. citizens.
The classified documents revealing ICREACH’s existence are part of the files leaked to journalist Glenn Greenwald by NSA whistleblower Edward Snowden. Until now, it wasn’t known exactly how the NSA was sharing access to its intelligence files with law enforcement agencies like the FBI or the Drug Enforcement Agency (DEA). It was also unclear to what types of information other agencies could access.
According to the Intercept, information amassed by the NSA could be used by agencies like the FBI, DEA, or Central Intelligence Agency (CIA) to “track people’s movements, map out their networks of associates, help predict future actions, and potentially reveal religious affiliations or political beliefs.”
“The documents provide the first definitive evidence that the NSA has for years made massive amounts of surveillance data directly accessible to domestic law enforcement agencies.”
An unidentified U.S. official told the Intercept that ICREACH wasn’t designed to store records in a database of its own. Instead, it merely connects as many as a thousand analysts, working at up to 23 different U.S. government agencies, to a variety of intelligence databases.
ICREACH apparently does not give other agencies access to the larger cache of phone records— the collection of which the Guardian revealed last summer—that are obtained daily by the NSA under Section 215 of the Patriot Act.
The Office of the Director of National Intelligence reportedly told the Intercept in a statement that ICREACH grants access to data obtained under Executive Order 12333, enacted during the Reagan administration to expand the data collection capabilities of the U.S. Intelligence Community. The order has since been cited by NSA while surreptitiously syphoning unencrypted information from Google and Yahoo data centers.
Last July, in an op-ed for the Washington Post, former U.S. State Department official John Rapier Tye called the “incidental” collection of information belonging to U.S. persons under Executive Order 12333 “unconstitutional.”
Referred to by the NSA as a “one-stop shopping tool” for analysts, ICREACH came about under the previous NSA Director, Gen. Keith Alexander, who retired this March. A classified letter allegedly written by Alexander says the structure of ICREACH is intended to “allow unprecedented volumes of communications metadata to be shared and analyzed.”
Through ICREACH, U.S. intelligence and law enforcement agencies have access to “more than 50 existing NSA/CSS metadata fields contained in trillions of records,” the letter states. (CSS refers to the Central Security Service, a signals intelligence branch of the U.S. Department of Defense)
According to the Intercept, Alexander’s letter suggests that the ICREACH service allows the 23 agencies using it to access millions of records tied to innocent Americans, which is referred to as “minimized communications metadata records.” The term “minimized” is used by the NSA to mean information on U.S. citizens that is intentionally flagged by an analyst because it was collected without a warrant.
Information collected about Americans is “minimized”—as opposed to being deleted—because the NSA’s rules allow it to retain the data for up to five years.
For more on ICREACH, read the full report by Ryan Gallagher at the Intercept.
Photo via Elliott Brown/Flickr (CC BY 2.0) | Remix by Jason Reed