What It Means To Be An NSA ‘Target’

11 years ago

August 10, 2013 at 4:30 pm

An important New York Times investigation from today reporting that the NSA “is searching the contents of vast amounts of Americans’ email and text communications into and out of the country”, coupled with leaked documents published by the Guardian, seriously calls into question the accuracy of crucial statements made by government officials about NSA surveillance.

The US government has previously tried to reassure the public about its use of FISA Amendments Act Section 702 surveillance practices, emphasising that, under Section 702, the government may not “intentionally target any US citizen, any other US person, or anyone located within the United States.” Indeed, the chair of the Senate Intelligence Committee Senator Feinstein, in a letter to constituents who wrote to her expressing concern about the NSA’s spying program,said this: “[T]he government cannot listen to an American’s telephone calls or read their emails without a court warrant issued upon a showing of probable cause.”

We’ve written before about the word games the government plays in describing its surveillance practices: “acquire”, “collect” and “content” are all old government favourites. The New York Times report proves Feinstein statement is false, and it’s clear it’s time to add “target” to the list of word games as well.

When “Target” Means Searching a Specific Person’s Communications

First, at least this much is clear: a “target” under the FAA must be (a) a non-US person and (b) not physically located within the United States. A “person,” for purposes of the FAA, includes individuals as well as “any group, entity, association, corporation, or foreign power.” Under the FAA, the government can thus “target” a single individual (e.g., Vladimir Putin), a small group of people (eG., Pussy Riot), or a formal corporation or entity (e.g., Gazprom).

So, when the NSA decides to “target” someone (or something), it turns its specific surveillance vacuum at them. The NSA then believes it can intercept and analyse all electronic communications of the target (telephone conversations, email conversations, chat, web browsing, etc) so long as the “target” is overseas and remains overseas. As others have noted, this includes conversations the “target” has with Americans, which would then be “incidentally” collected. Keep in mind this does not require a warrant or even the approval of a court, which is only one way Senator Feinstein’s reassurance was demonstrably false. But there’s still more.

When “Target” Means Searching Everyone’s Communications

Once a target is established, the NSA believes it can expand the sweep of its interception far more broadly than the communications of the particular, identified target. Notably, the NSA’sprocedures state (emphasis added):

[I]n those cases where NSA seeks to acquire communications about the target that are not to or from the target, NSA will either employ an Internet Protocol filter to ensure that the person from whom it seeks to obtain foreign intelligence information is located overseas, or it will target Internet links that terminate in a foreign country.

In plain English: the NSA believes it not only can (1) intercept the communications of the target, but also (2) intercept communications about a target, even if the target isn’t a party to the communication. The most likely way to assess if a communication is “about” a target is to conduct a content analysis of communications, probably based on specific search terms or selectors.

And that, folks, is what we call a content dragnet.

Importantly, under the NSA’s rules, when the agency intercepts communications about a target, the author or speaker of those communications does not, thereby, become a target: the target remains the original, non-US person. But, because the target remains a non-US person, the most robust protection for Americans’ communications under the FISA Amendments Act (and, indeed, the primary reassurance the government has given about the surveillance) flies out the window. If you communicate about a target of NSA surveillance, your citizenship is irrelevant: the only thing standing between you and NSA surveillance is your IP address or the fibre optic path through which your communications flow.

Privacy Protections Must Be Stronger than an IP Address or the Path our Communications Happen to Take

The NSA only limits this type of broad content dragnet in two ways: a filter based on IP addresses or directing its surveillance at “Internet links that terminate in a foreign country.”1

Presumably, the IP filter is used in circumstances where the NSA’s surveillance is being conducted on U.S. soil. The agency simply filters out known US IP addresses and scans the content of the rest. But there are a host of reasons that an American’s IP address might not be representative of their location. First, there are a variety of privacy-enhancing technologies — like Tor or VPNs — that could easily make wholly domestic communications appear as though they were occurring overseas. Second, IP addresses, in general, are imperfect measures of a person’s location: if a large ISP (like, for example, AT&T) is assigned a block of IP addresses, an IP address assigned to someone in Canada one day could be assigned to an American the next and vice versa. And all this, of course, says nothing about nationality or legal status: a given IP address says nothing about the citizenship of the person using the device.

The only other limitation on this type of content dragnet is targeting Internet links in foreign countries. Again, like IP filtering, this is not an effective way to ensure that Americans’ communications are not intercepted and analysed. In particular, because third-party providers (like Google, Yahoo, or Microsoft) tend to have redundant and distributed operations around the world, there’s a very real chance that your wholly domestic email, sent between two US citizens might travel and be “stored” on data centres around the world. Targeting an “Internet link” that terminates abroad would inevitably carry large amounts of purely “domestic” communications.

An Example: Targeting Vladimir Putin (and Everyone Else)

At this point, it might be useful to provide an example. Say the NSA wants to target Vladimir Putin, the President of Russia, under Section 702. Putin is (a) a non-US-person, (b) (usually) located outside the United States, and (c) would clearly be expected to communicate foreign intelligence information. He is thus eligible for targeting under Section 702. The NSA would then intercept Putin’s calls, emails, chats, and other communications (including those directed at the United States and involving United States citizens).

Under the NSA’s rules, though, the agency can also intercept all communications about Putin. To accomplish this, NSA presumably performs a content analysis — probably occurring both within the United States and overseas — of large swaths of communications, using deep packet inspection to root out electronic communications about Putin.

In this example, under the NSA’s procedures, a US citizen sending an email about Putin’sfrequent, shirtless poses to another US citizen could have their communications intercepted and analysed by NSA under a variety of conditions:

if they’re outside the US;
if they’re inside the US, using Tor, and their IP address looks like it’s outside the US;
if they’re inside the US, using a VPN, and their IP address looks like it’s outside the US;
if they’re inside the US and their IP address doesn’t accurately reflect their location for any host of reasons;
if they’re inside the US and their communications are backed up or stored abroad.

In each of these examples, the NSA believes it has the authority to intercept your communications, even though in most examples the person doing the communicating is (1) a US person, (2) located within the United States, (3) communicating with someone within the United States, and (4) not communicating with the “target” of an investigation. While the NSA may not intercept every email about Putin’s shirtless poses, based on its procedures, it believes it has the authority. Such an interpretation of the government’s authority under the FAA violates the spirit, if not the letter, of the law. Not to mention the US Constitution.

After a Full and Public Investigation, We Need to Rein in the NSA’s Use of Section 702

Lately, the focus of the NSA debate has shifted to the NSA’s domestic associational tracking program — the collection and storage of millions of Americans call record information. And rightly so: the program is unconstitutional, and EFF has filed suit to stop it immediately. But Section 702 should not be forgotten: it needs attention — and reform — as well.

As the debate continues, when Diane Feinstein tells you that “the government cannot listen to an American’s telephone calls or read their emails without a court warrant issued upon a showing of probable cause,” she’s not telling you the truth: the government can read your emails without ever even asking a judge and without even attempting to demonstrate that probable cause exists, just so long as your emails have a “foreign” IP address or your communications happen to leave the country.

This article is reproduced from Electronic Frontier Foundation under Creative Commons licence. Image by Tischenko Irina/Shutterstock.

7 Most Popular Headphone Myths, Debunked

Here’s How to Spot Fake Airpods

Tesla Laid Off a Bunch of Employees and Forced Security to Sort It Out at the Door

AMD’s RX 7800 XT GPU Gave Me the Performance I’ve Been Craving

A24 Under Fire for Seemingly AI Generated Civil War Ads

Today’s Best Australian Tech Deals

Moose’s Mobile Deals Have Some Hard to Ignore Dollar-To-Data Value

Listen Up, You Can Get up to 38% off Bose Headphones and Speakers

Here’s How You Can Get a Fast NBN 50 Plan For Under $60

The Best Mobile Plans Under $30