recommended reading

Snowden Undermines Presidential Panel’s Defense of NSA Spying

Andre Penner/AP

Just when the National Security Agency looked as though it had finally scored a victory for its maligned surveillance programs, Edward Snowden again crashed the party.

The fugitive's newest leak, reported by The Washington Post over the weekend, claims that the vast majority of accounts scooped up in a foreign-intelligence program are not those of actual overseas targets but ordinary Internet users whose communications with those targets are incidentally collected.

The contents of the surveillance files—almost half of which contained information from U.S. citizens or residents—"tell stories of love and heartbreak, illicit sexual liaisons, mental-health crises, political and religious conversions, financial anxieties and disappointed hopes," The Post reports.

While revealing on its face, Snowden's latest revelation also arrived just days after the Privacy and Civil Liberties Oversight Board, an independent watchdog agency, deemed spying under Section 702 of the Foreign Intelligence Surveillance Act legal and effective.

Section 702, amended in 2008 by Congress, allows intelligence agencies to spy on the communications of foreigners believed to be living outside the United States. It provides the legal authority for an NSA program known as "PRISM," in which the agency demands that Facebook, Google, and other Internet companies hand over users' communications. Section 702 also allows intelligence agencies to tap into the Internet backbone to collect massive amounts of international communications, a program unofficially known as "Upstream."

Whether intentional or not, the timely Post article—the culmination of a four-month investigation of 160,000 email and instant-message conversations—serves in part as a rebuke to the privacy board's conclusions, civil-liberties groups say, and calls into question the completeness of its review, which stands in stark contrast to the board's critical review earlier this year of the spying on domestic phone records under Section 215 of the USA Patriot Act.

"There definitely seem to be discrepancies" between the reports, said Liza Goitein, codirector of the Liberty and National Security Program at the Brennan Center for Justice. "It appears that, in the Snowden documents, that [American] information is collected deliberately in far broader circumstances than what the Privacy and Civil Liberties Oversight Board discussed."

Goitein said the privacy board did not have access to large samples of intercepted communications and instead relied heavily on the testimony of NSA officials when crafting its 200-page report. "Testimony is well and good, but show me the money," she added.

That divergence of source material has resulted in several inconsistencies, according to privacy advocates, such as the board's insistence that NSA targets are "individualized" and correspond to something akin to an email address. The Post story, however, reports that the NSA has targeted Internet Protocol addresses of servers, which could conceivably correspond to hundreds or even thousands of Internet users.

The new Snowden leak "certainly shows that the PCLOB may not have received the full story from the intelligence community," said Mark Jaycox, a legislative analyst with the Electronic Frontier Foundation. "TheWashington Post article introduces entirely new facts that should've been addressed by the PCLOB and found in the PCLOB report."

The board's chairman, David Medine, and Patricia Wald, a former D.C. Circuit judge appointed by Jimmy Carter, pressed for stronger safeguards that would require intelligence agencies to obtain a warrant from the Foreign Intelligence Surveillance Court before searching American data collection via 702 programs.

In a statement accompanying the board's unanimous report, Medine and Wald note:

"The Section 702 program has collected hundreds of millions of Internet communications. Even if only a small percentage of those communications are to or from an American, the total number of Americans' communications is likely significant. Furthermore, these communications, which may be maintained for many years in government databases in searchable form, may contain sensitive and confidential matters having nothing to do with the foreign intelligence purposes of the Section 702 program."

In an interview with National Journal, Wald confirmed that the board did not have access to specific numbers, such as those reported in The Washington Post, which concluded that nine accounts of Internet data are collected incidentally on average for every one target.

"We did not know anything about the percentage that would be intercepted as non-targeted, or as a subset of that, Americans that were not targeted," Wald said. "If true, [the Snowden leak] adds more numbers to [our analysis]."

In May, the House passed legislation that would require the government to obtain a warrant before searching the communications of Americans' data gathered incidentally under 702 authority. The privacy board, however, did not endorse any legislation that would close so-called backdoor domestic searches. The Senate Judiciary Committee has said it will take up NSA reform this summer, and Chairman Patrick Leahy has indicated that backdoor searches may be a top area of focus.

The Snowden leak additionally appears to confirm what privacy groups have long assumed: that private, sensitive information belonging to Americans is being collected and kept through 702 surveillance. The batch of communications data examined by The Post, which reportedly included nearly 900 email addresses that could be "strongly linked" to Americans, includes pictures of infants in bathtubs and women modeling lingerie. The article does not make it explicitly clear which or how many images reviewed by NSA analysts belong to Americans.

During the privacy board's meeting last week, multiple members mentioned that they hoped its report would clear up misconceptions about 702 surveillance.

"I'd like to dispel any notion that this program is likely to give the government a complete or even a significant picture of an American's private life," said Rachel Brand, a conservative member of the five-member panel, during her opening remarks.

But privacy groups strongly pushed back on that assertion.

"The idea that intimate details are not being collected … is not the whole story," said Neema Guliani, legislative counsel with the American Civil Liberties Union. "And the Post story really speaks to that."

Brand would not comment about the Post article, except to say the new Snowden leak made her "concerned about the privacy implications of the NSA's inability to safeguard this data."

Wald additionally noted that incidental collection could show "a slice of life" but would likely not be able to reveal a complete portrait of an American's personal life.

The Brennan Center's Goitein disagreed with that assessment.

"There's no reason why surveillance has to be comprehensive to be abused," Goitein said. "All you need is one incriminating or embarrassing piece of information about a person to make their life difficult."

Threatwatch Alert

Network intrusion

Florida’s Concealed Carry Permit Holders Names Exposed

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.


When you download a report, your information may be shared with the underwriters of that document.