- Gen. Nakasone reveals how NSA buys lots of Americans' internet data without permission for foreign intel and cybersecurity.
- Netflow data shows internet traffic details, raising privacy worries for mental health and assault survivor sites.
- Senator Wyden reveals NSA's domestic data collection, worries about agencies getting Americans' data without asking.
- ODNI urged to make spy agencies follow rules like FTC's for legal data buying and be transparent about data keeping.
In Nakasone's letter, he highlighted the NSA's interest in commercially available netflow data, concentrating on the intricacies of wholly domestic internet communications and interactions involving a U.S. Internet Protocol address connecting with its overseas counterpart. Netflow data, a cloak-and-dagger trove of non-content metadata, reveals the nuances of internet traffic flow, unraveling the mysteries of network activities and spotlighting servers that may be harboring the mischief of potential hackers.
Despite the NSA's discretion regarding the specific origins of the purchased internet records, Senator Wyden voiced apprehension over the sensitivity of this internet metadata. He underscored its potential to lay bare private information linked to individuals' online ventures, encompassing visits to websites dedicated to mental health, resources for survivors of sexual assault, or telehealth providers specializing in birth control or abortion medication.
Senator Wyden, entrenched in the Senate Intelligence Committee, unearthed details about the NSA's domestic internet records collection back in March 2021. However, the disclosure couldn't see the light of day until it shed its classified status. The revelation adds a layer of complexity to the ongoing scrutiny of the U.S. intelligence community's penchant for acquiring substantial datasets from private data brokers. While this practice isn't a novel concept, the ODNI's acknowledgment in June 2023 spurred concerns about its ramifications on privacy and civil liberties.
The NSA's dependence on commercially sourced data for intelligence-gathering has thrown a legal spotlight on the agency, especially as Congress scrutinizes its surveillance powers. Senator Wyden has seized upon recent actions by the Federal Trade Commission (FTC) against data brokers like X-Mode and InMarket, viewing them as significant legal milestones. These actions spotlight concerns about government agencies procuring Americans' data without explicit consent.
The NSA contends that prevailing U.S. law doesn't tether them to obtaining a court order for commercially available information. They argue that such data is equally accessible to foreign adversaries, private entities, and the U.S. government alike. Senator Wyden advocates for the ODNI to enact a policy aligning with FTC standards for legal data sales. This would compel U.S. spy agencies to purge data that doesn't meet these standards, or if retention is imperative, inform Congress or the public.
While the NSA affirms its collection of commercially available internet netflow data, the ambiguity persists on whether the agency also dips into location databases, a practice observed in other federal government agencies. Nakasone clarified in his letter that the NSA refrains from acquiring and using location data from phones or vehicles known to be within the United States, leaving room for interpretation concerning the acquisition of commercially available data originating from non-U.S. devices. The NSA, when probed, declined to expound on Nakasone's statements.
Note: Content is generated using AI and editing by humans. Photo: DIW - AIGen
Read next: The UN is Afraid of Killer Robots, Here’s Why