According to documents provided to the British paper by former NSA contractor Edward Snowden, the agency was granted secret authority in 2011 to sift through U.S. citizens’ data that was accidentally collected by its Internet surveillance program, PRISM.
Details of PRISM leaked to the Guardian and the Washington Post by Snowden in June revealed that the NSA readily obtains warrants from a secret judiciary body called the Foreign Intelligence Surveillance Court in order to obtain emails, chats, photos, and videos from Silicon Valley tech companies.
The court was created by the Foreign Intelligence Surveillance Act of 1978 (FISA) and has since then has granted thousands of requests for such information (and rejected only ten).
A 2008 amendment to FISA allowed the agency to collect the information of those living outside the U.S. or communicating with someone outside the U.S. without a warrant.
In many cases, the data of law abiding U.S. citizens is accidentally swept up through this process as well. Previously, the NSA has asserted that this data was purged. According to NSA training materials obtained by the Washington Post, agents are required to report when American data is collect. However, the materials added, “it’s nothing to worry about.”
The Guardian is now reporting that a top secret document telling NSA agents how to handle this data has indicated that a loophole in the FISA amendment permits “use of certain United States person names and identifiers as query terms when reviewing collected [data].”
In other words, the NSA can search its database of information accidentally collected on Americans by username, email address, IP address and other personal “identifiers.”
U.S. Senator and intelligence committee member Sen. Ron Wyden (D-Ore.), has been critical of the NSA’s spying practices. To the extent that he can discuss the top secret information, he told the Guardian that the loophole amounted to a “backdoor search” of Americans’ private information.
The document provided by Snowden, and apparently last updated in 2012, does however indicate an at least theoretical restriction on the search: “analysts may [NOT] implement any queries [on U.S. citizens] until an effective oversight process has been developed by NSA and agreed to by [Department of Justice/Office of the Director of National Intelligence].”
As the Guardian notes, there is no indication whether such an oversight process has ever been developed or implemented. Nor is there any proof the NSA has undertaken such searches.
Illustration by Jason Reed