Newly declassified docs prove NSA collected data on tens of thousands of Americans

[Lee J <lee () riskbasedsecurity com>]

http://www.infoworld.com/d/security/newly-declassified-docs-prove-nsa-collected-data-tens-of-thousands-of-americans-225394

But the collection of phone and Internet data may have been inadvertent,
the declassified documents show

Newly declassified documents released by the Obama Administration on
Wednesday show that the National Security Agency (NSA) collected phone and
Internet data on tens of thousands of Americans before it discovered and
reported the issue to a secret court that oversees the program.

The documents were posted Wednesday by the Office of the Director of
National Intelligence on a new Tumblr page called IC on the
Record<http://icontherecord.tumblr.com/tagged/declassified>.
The documents include two heavily redacted opinions by the secret Foreign
Intelligence Surveillance Court (FISC), another file from 2011 describing
the NSA's procedures for targeting and minimizing the data it collects, and
several other documents.

*[ Also on InfoWorld:* *Serious action is needed to undo NSA's damage to
U.S. cloud 
providers<http://www.infoworld.com/d/cloud-computing/serious-action-needed-undo-nsas-damage-us-cloud-providers-224667?source=fssr>.
| Learn how to protect your systems with Roger Grimes' Security
Adviser blog<http://www.infoworld.com/blogs/roger-grimes?source=fssr>
 and Security Central
newsletter<http://www.infoworld.com/newsletters/subscribe?showlist=infoworld_sec_rpt&source=ifwelg_fssr>,
both from InfoWorld. ]*

In an accompanying statement, Director of National Intelligence James
Clapper said the goal in releasing the documents is to give the U.S. public
more insight into the "lawful foreign surveillance activities" carried out
by the nation's intelligence community.

"In addition to comprehensive explanations of the authorities under which
the Intelligence Community conducts foreign surveillance, the site will
address methods of collection, use of collected data, and oversight and
compliance," Clapper said.

President Barack Obama in June called on Clapper to release more details of
the NSA's surveillance after widespread concerns were stoked by former NSA
contract worker Edward Snowden's leaks to the
media<http://www.computerworld.com/s/article/9239892/FAQ_What_the_NSA_phone_snooping_uproar_is_all_about>
.

The most interesting document released today is a FISC opinion from two
years ago that shows the NSA collected phone and Internet data on
potentially hundreds of thousands of Americans with no link to terrorism
before the court ended the practice in October 2011. The data collection
apparently started before the court was established in 2008; FISC ruled the
practice unconstitutional after being told about it by the NSA.

The declassified court opinion shows that the NSA's collection of wholly
domestic communications happened because it was unable to properly filter
the massive volumes of data it was collecting online. According to the
court's description of the issue, the NSA's Internet collection devices at
the time were incapable of accurately distinguishing between communications
that originated outside the U.S with domestic communications.

[..]

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security offers security intelligence, risk management services and customized security solutions. The 
YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk 
mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.