Thursday, August 1, 2013
Presenting XKeyscore: What the NSA Is Still Hiding
http://readersupportednews.org/opinion2/424-national-security/18687-presenting-xkeyscore-what-the-nsa-is-still-hiding
Davidson writes: "The N.S.A., it appears, doesn't just turn to its metadata library to see who's been calling a terrorist; it uses it in a coordinated way as one of the magnets to draw people's identities from the Web and gather information about them."
The National Security Agency is presenting a new program called XKeyscore where analyst can see nearly everything a typical user does on the internet. (photo: Martin Rogers/Workbook Stock/Getty Images)
Presenting XKeyscore: What the NSA Is Still Hiding
By Amy Davidson, The New Yorker
01 August 13
elect a Foreigness Factor," the text on a National Security Agency training slide for a system called XKeyscore, made public by the Guardian, in a piece by Glenn Greenwald, tells its analysts. An arrow points to a drop-down menu with choices like "Foreign govt indicates that the person is located outside the U.S." and "The person is a user of storage media seized outside the U.S." Foreignness matters because the N.S.A. is not supposed to spy on Americans. The one selected for the sample search might be the easiest: "In direct contact w/tgt overseas, no info to show proposed tgt in U.S." In other words, We found a link between you and someone abroad we're interested in, and you haven't shown us that you're American - so let's take a look.
A look at what? XKeyscore, according to an N.S.A. presentation that the Guardian posted (thirty-two slides, from 2008) can let an analyst see "nearly everything a typical user does on the internet." That includes, the presentation claims, the contents of documents and chats, as well as information about what one reads and cares about and, perhaps, believes. XKeyscore can determine your location by doing reverse searches. Did you write a document mentioning a certain name? Did you search for a term on the BBC's site, or look at a town on Google Earth? XKeyscore can deliver up your e-mail address - an example of what it calls a "strong selector." "How do I find a cell of terrorists that has no connection to known strong-selectors?" A slide asks.
• Answer: Look for anomalous events
• E.g. Someone whose language is out of place for the region they are in
• Someone who is using encryption
• Someone searching the web for suspicious stuff
"Someone whose language is out of place for the region they are in." That is a telling mark for a nation of immigrants, one that supposedly values that heritage. As for "suspicious stuff," does that include reading articles expressing doubts about the honesty of what we've been told about the N.S.A.? The analysts don't seem to have to ask anyone before doing these searches: they just say, via another menu, that they've got a reason.
One thing that many in the Administration have assured us since N.S.A. documents leaked by Edward Snowden first came to light is that we should not worry about metadata. On Wednesday, in time for a Senate hearing, the Administration released more documents having to do with a secret Foreign Intelligence Surveillance Act court order to Verizon to hand over information on millions of calls to and from Americans. (Senator Al Franken called it "Ad-hoc transparency") This metadata told the N.S.A. what numbers called what numbers, when, for how long, and what cell towers the callers were near. This was something that the Director of National Intelligence, James Clapper, had specifically told the Senate was not happening - a lie Snowden caught him in. Its defense since then has been that the collection of telephone metadata is simultaneously a negligible detail and absolutely crucial, the only thing keeping more planes from hitting New York. Officials from the President on down keep talking as if the only issue was whether the N.S.A. was listening in on phone calls.
The XKeyscore presentation shows how empty those words are. The N.S.A., it appears, doesn't just turn to its metadata library to see who's been calling a terrorist; it uses it in a coördinated way as one of the magnets to draw people's identities from the Web and gather information about them. Have you done things that both count as anomalous (without showing that you're American first) and ever entered your phone number on a shopping site? Were you buying books there? And now there's your e-mail, and log-in. The slides in the presentation (for example, one with the header "Plug-ins extract and index metadata into tables") suggest that, in combination with the contents of the N.S.A.'s other databases, telephone information can be a powerful route to almost anything. We now have a partial view of many programs, and no view at all on the many FISA court opinions interpreting the law, which it has kept secret. XKeyscore seems to draw on the N.S.A.'s other databases and its sweeps of Internet traffic. The most important question is how everything fits together.
Not everything is easy for the N.S.A. Several slides refer, in red type, to what one takes as a common problem: "data volume too high" - the searches return too many results, too many files and chats. In that case, the suggestion is that analysts try a shallower search. And then they can get more specific.
Is this keeping us safe? A number of the slides cover what are called "success stories," but the Guardian redacted them because, it said, they revealed operational details. But the bargain of a democracy is that we get to debate how much freedom and privacy we have to give up in return for safety. (Those trade-offs are reflected in the Fourth Amendment.) By keeping the parameters of its violations secret, the N.S.A., as Senator Wyden and others have pointed out, cheated. The games that the government has played with language make one wary; we hear about warrants, but then learn that they might be better called meta-warrants - general blessings on operations that move further and further away from due process. As the Washington Post pointed out, the documents the government released Wednesday talk about the precautions analysts takes, but then "also apparently shows that NSA technicians, contrary to government officials' statements, may review the data even when there is no connection to foreign terrorism." Where is the line between performing technical tasks and domestic spying?
The XKeyscore presentation, again, is five years old. The Administration ought to answer - clearly - questions about how much of this is still going on. The safeguards we have been told are in place are not here. (There doesn't seem to be any check box for individualized warrants.) In the documents the government released Wednesday, there was mention, in relation to telephone-data collection, to problems with "automated tools operating in a manner that was not completely consistent with the specific terms of the Court's orders." Can the government finally learn to talk about all this in a way that is completely consistent with the truth?
One wonders, too, how many goals for the future of XKeyscore, laid out in one of the last slides, the N.S.A. has managed to realize. They include higher speed, "entity extraction," and expanded Google Earth capability. Also, "better presentation." Privacy, it turns out, ends with a drop-down menu. And so the N.S.A. wants it to look pretty.
Donations can be sent to the Baltimore Nonviolence Center, 325 E. 25th St., Baltimore, MD 21218. Ph: 410-366-1637; Email: mobuszewski [at] verizon.net. Go to http://baltimorenonviolencecenter.blogspot.com/
"The master class has always declared the wars; the subject class has always fought the battles. The master class has had all to gain and nothing to lose, while the subject class has had nothing to gain and everything to lose--especially their lives." Eugene Victor Debs
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment