Yep, the NSA is grabbing your address book, contact lists too

[Saran999 288]

Millions of Americans, non-Americans have been swept up in this digital dragnet.

 

According to a new report from the Washington Post, the National Security Agency is

“harvesting hundreds of millions of contact lists from personal e-mail and instant messaging accounts around the world, many of them belonging to Americans.”

 

This new revelation, not surprisingly, comes from the top secret documents entrusted to the Post and other media outlets by former National Security Agency contractor Edward Snowden. This new unnamed program, which the Post says “has not been disclosed before,

” is designed to pull address books and buddy lists from unencrypted connections “as they move across global data links.”

The paper added:

   During a single day last year, the NSA’s Special Source Operations branch collected 444,743 e-mail address books from Yahoo, 105,068 from Hotmail, 82,857 from Facebook, 33,697 from Gmail, and 22,881 from unspecified other providers, according to an internal NSA PowerPoint presentation. Those figures, described as a typical daily intake in the document, correspond to a rate of more than 250 million per year. Each day, the presentation said, the NSA collects contacts from an estimated 500,000 buddy lists on live-chat services as well as from the “in-box” displays of Web-based e-mail accounts.

    The collection depends on secret arrangements with foreign telecommunications companies or allied intelligence services in control of facilities that direct traffic along the Internet’s main data routes.

    Although the collection takes place overseas, two senior US intelligence officials acknowledged that it sweeps in the contacts of many Americans. They declined to offer an estimate but did not dispute that the number is likely to be in the millions or tens of millions.

Based on the Post’s reporting, which includes a byline from independent security researcher Ashkan Soltani, the program appears to be related to X-Keyscore, which snags nearly all short-term unencrypted traffic from various points around the globe. As Ars previously described, it would be nearly impossible for the NSA to store all that data for an extended period of time. One slide published in June 2013 says that for a single 30-day period in 2012, this amounted to “at least 41 billion total records.”

 

 

According to an unnamed intelligence official, the Post noted that “because of the method employed, the agency is not legally required or technically able to restrict its intake to contact lists belonging to specified foreign intelligence targets,” adding that “when information passes through 'the overseas collection apparatus... the assumption is you’re not a US person.'"

A spokesperson for the Office of the Director of National Intelligence also told the Post that the agency is focused on "terrorists, human traffickers, and drug smugglers," not the contacts of ordinary Americans.