It’s been one year since the Guardian first published the Foreign Intelligence Surveillance Court order, leaked by former NSA contractor Edward Snowden, that demonstrated that the NSA was conducting dragnet surveillance on millions of innocent people. Since then, the onslaught of disturbing revelations, from disclosures, admissions from government officials, Freedom of Information Act requests, and lawsuits, has been nonstop. On the anniversary of that first leak, here are 65 things we know about NSA spying that we did not know a year ago:
1. We saw an example of the court orders that authorize the NSA to collect virtually every phone call record
in the United States—that’s who you call, who calls you, when, for how long, and sometimes where.
2. We saw NSA Powerpoint slides documenting how the NSA conducts “upstream” collection
, gathering intelligence information directly from the infrastructure of telecommunications providers.
3. The NSA has created a “content dragnet”
by asserting that it can intercept not only communications where a target is a party to a communication but also communications “about a target, even if the target isn’t a party to the communication
4. The NSA has confirmed
that it is searching data collected under Section 702 of the FISA Amendments Act to access American’s communications without a warrant, in what Senator Ron Wyden called the “back door search loophole.”
5. Although the NSA has repeatedly stated it does not target Americans, its own documents show that searches of data collected under Section 702 are designed simply to determine with51 percent confidence a target’s “foreignness
6. If the NSA does not determine a target’s foreignness, it will not stop spying
on that target. Instead the NSA will presume that target to be foreign unless they “can be positively identified as a United States person.”
8. Hackers at the NSA target sysadmins
, regardless of the fact that these sysadmins themselves may be completely innocent of any wrongdoing.
13. The intelligence budget in 2013 alone was $52.6 billion— this number was revealed by a leaked document, not by the government. Of that budget, $10.8 billion went to the NSA
. That’s approximately $167 per person in the United States.
14. The Foreign Intelligence Surveillance Court has issued orders that allow the NSA to share raw data
—without personally identifying information stripped out— with the FBI, CIA, and the National Counterterrorism Center.
15. Pursuant to a memorandum of understanding
, the NSA regularly shares raw data with Israel without stripping out personally identifying information about U.S. persons.
16. The Snowden disclosures have made it clear the Obama administration misled the Supreme Court
about key issues in ACLU’s case against NSA spying, Clapper v. Amnesty International
, leading to the dismissal of the case for lack of standing.
17. The NSA “hacked into Al Jazeera
‘s internal communications system.” NSA documents stated that “selected targets had ‘high potential as sources of intelligence.’”
18. The NSA used supposedly anonymous Google cookies as beacons for surveillance
, helping them to track individual users.
20. The NSA facial recognition program
“can now compare spy satellite photographs with intercepted personal photographs taken outdoors to determine the location.”
21. Although most NSA reform has focused on Section 215 of the PATRIOT Act, and most advocates have also pushed for reform of Section 702 of the FISA Amendments Act, some of the worst NSA spying happens under the authority of Executive Order 12333
, which President Obama could repeal or modify today.
24. The NSA has targeted Tor
, a set of tools that allow Internet users to browse the net anonymously.
25. The NSA program MUSCULAR infiltrates links
between the global data centers of technology companies such as Google and Yahoo. Many companies have responded to MUSCULAR by encrypting traffic over their internal networks.
26. The XKEYSCORE program analyzes
emails, online chats and the browsing histories of millions of individuals anywhere in the world.
27. NSA undermines the encryption tools
relied upon by ordinary users, companies, financial institutions, targets, and non-targets as part of BULLRUN, an unparalleled effort to weaken the security of all Internet users, including you.
28. The NSA’s Dishfire operation has collected 200 million text messages
daily from users around the globe, which can be used to extract valuable information such as location data, contact retrievals, credit card details, missed call alerts, roaming alerts (which indicate border crossings), electronic business cards, credit card payment notifications, travel itinerary alerts, and meeting information.
29. Under the CO-TRAVELER operation, the US collects location information
from global cell towers, Wi-Fi, and GPS hubs, which is then information analyzed over time, in part in order to determine a target’s traveling companions.
30. A 2004 memo
entitled “DEA- The ‘Other’ Warfighter”, states that the DEA and NSA “enjoy a vibrant two-way information-sharing relationship.”
31. When the DEA acts on information its Special Operations Division receives from the NSA, it cloaks the source of the information
through “parallel construction,” going through the charade of recreating an imaginary investigation to hide the source of the tip, not only from the defendant, but from the court. This was intended to ensure that no court rules on the legality or scope of how NSA data is used in ordinary investigations.
32. The fruits of NSA surveillance routinely end up in the hands of the IRS
. Like the DEA, the IRS uses parallel construction to cloak the source of the tip.
33. Even the President’s handpicked Privacy and Civil Liberties Oversight Board recommended that the government end Section 215
mass telephone records collection, because that collection is ineffective, illegal, and likely unconstitutional.
35. The NSA had a secret $10 million contract with security firm RSA to create a “back door”
in the company’s widely used encryption products.
36. The NSA tracked access to porn
and gathered other sexually explicit information “as part of a proposed plan to harm the reputations of those whom the agency believes are radicalizing others through incendiary speeches.”
37. The NSA and its partners exploited mobile apps
, such as the popular Angry Birds game, to access users’ private information such as location, home address, gender, and more.
Many of the Snowden revelations have concerned the NSA’s activities overseas, as well as the activities of some of the NSA’s closest allies, such as the its UK counterpart GCHQ. Some of these have been cooperative ventures. In particular, the “Five Eyes”— The United States, New Zealand, Australia, the United Kingdom, and Canada— share citizen data amongst themselves – providing loopholes that might undermine national legislation.
40. The Guardian reported: “In one six-month period in 2008 alone, [GCHQ] collected webcam imagery
– including substantial quantities of sexually explicit communications – from more than 1.8-million Yahoo user accounts globally.”
42. Major telecommunications companies including BT, Vodafone, and Verizon business have given GCHQ unlimited access
to their fiberoptic cables
45. The NSA’s partners Down Under, the Australian Signals Directorate, has been implicated in breaches of attorney-client privileged communications, undermining a foundational principle
of our shared criminal justice system.
49. CSEC and CSIS were recently rebuked
by a federal court judge for misleading him
in a warrant application five years ago with respect to their use of Five Eyes resources in order to track Canadians abroad.
Ironically, some of the NSA’s operations have been targeted at countries that have worked directly with the agency in other instances. And some simply seemed unnecessary and disproportionate.
55. The NSA bugged EU embassies
in both New York and Washington. It copied hard drives from the New York office of the EU, and tapped the internal computer network from the Washington embassies.
56. The NSA collected the metadata of more than 45-million Italian phone calls
over a 30 day period. It also maintained monitoring sites in Rome and Milan.
60. The Hindu reported that, based on NSA documents: “In the overall list of countries spied on by NSA programs, India stands at fifth place
There’s no question that the international relationships Obama pledged to repair, as well as the confidence of the American people in their privacy and constitutional rights, have been damaged by the NSAs dragnet surveillance. But one year later, both the United States and international governments have not taken the steps necessary to ensure that this surveillance ends. That’s why everyone must take action— contact your elected representative, join Reset the Net, and learn about how international law applies to U.S. surveillance today.