NSA collects e-mail address lists: Can users be protected? (+video)
The NSA snags contact information as it flows through telecommunications servers and other systems overseas, according to a Washington Post report. Not surprisingly, civil libertarians are unhappy with the new revelations.
Each day the National Security Agency scoops up half a million “buddy list” and in-box e-mail address lists from instant chat and Web-based e-mail services worldwide, according to internal agency documents released Monday by The Washington Post.
Using computerized electronic filters, the NSA snags the buddy lists and address books as they flow through telecommunications servers and other systems overseas, where US laws do not restrict wholesale data gathering, the Post reported, citing conversations with unnamed senior US intelligence officials.
Collection happens most often when computers and smart phones allow their users to “sync” their contact lists to services such as Yahoo, Facebook, and Google. At the same time, Web-based e-mail services often produce detailed lists of recipients on the fly, as e-mails are sent and received.
On one typical day, the NSA collected 444,743 e-mail address books from Yahoo, 105,068 from Hotmail, 82,857 from Facebook, 33,697 from Gmail, and 22,881 from other providers, one of two documents shows. Both documents were leaked to the Post by former NSA contractor Edward Snowden.
At this rate, the take is about 250 million such lists each year.
Such lists are “metadata rich,” one of the documents notes. Besides e-mail addresses, they often include phone numbers, names, and sometimes the subject line and even first lines of an e-mail. Suspected terrorists and their contacts can be compared to such lists to find new leads.
“You need the haystack to find the needle,” said Gen. Keith Alexander, NSA director, defending the agency’s collection programs at the Aspen Security Forum in July.