XKeyscore: NSA tool collects ‘nearly everything a user does on the Internet’

NSA analysts require no prior authorization for searches of emails, social media activity, and browsing history
August 1, 2013

A top secret National Security Agency program allows analysts to search with no prior authorization through vast databases containing emails, online chats and the browsing histories of millions of individuals — its “widest-reaching” system for developing intelligence from the Internet — according to documents provided by whistleblower Edward Snowden, Guardian columnist Glenn Greenwald reported Wednesday.

The latest revelations come as senior intelligence officials testify to the Senate judiciary committee on Wednesday, releasing classified documents in response to the Guardian’s earlier stories on bulk collection of phone records and Fisa surveillance court oversight.

Training materials for XKeyscore detail how analysts can use it and other systems to mine enormous agency databases by filling in a simple on-screen form giving only a broad justification for the search, including U.S. persons.. The request is not reviewed by a court or any NSA personnel before it is processed.

The purpose of XKeyscore is to allow analysts to search the metadata as well as the content of emails and other internet activity, such as browser history, even when there is no known email account (a “selector” in NSA parlance) associated with the individual being targeted.

Analysts can also search by name, telephone number, IP address, keywords, the language in which the internet activity was conducted or the type of browser used. An NSA tool called DNI Presenter, used to read the content of stored emails, also enables an analyst using XKeyscore to read the content of Facebook chats or private messages.

The XKeyscore program also allows an analyst to learn the IP addresses of every person who visits any website the analyst specifies. As one slide indicates, the ability to search HTTP activity by keyword permits the analyst access to what the NSA calls “nearly everything a typical user does on the internet”.

William Binney, a former NSA mathematician, said last year that the agency had “assembled on the order of 20 trillion transactions about U.S. citizens with other U.S. citizens,” an estimate, he said, that “only was involving phone calls and emails.” A 2010 Washington Post article reported that “every day, collection systems at the [NSA] intercept and store 1.7 billion emails, phone calls and other type of communications.”

One document explains: “At some sites, the amount of data we receive per day (20+ terabytes) can only be stored for as little as 24 hours.” In 2012, there were at least 41 billion total records collected and stored in XKeyscore for a single 30-day period.