The Obama administration expanded the NSA's ability to collect Americans' internet data in 2012, with absolutely no notice to the public, The New York Times reports. The Justice Department issued two memos, in secret, to the NSA allowing the agency to gather and search Americans' international internet traffic without a warrant, ostensibly to find foreign hackers or malware. The secret memos allowed the NSA to track IP addresses and cybersignatures that could be tied to foreign governments. However, documents provided to the Times by Edward Snowden show that the NSA tried to target hackers that weren't tied to any foreign authority.
A bit of background: The NSA covertly began a warrantless wiretapping program under President George W. Bush after the attacks of September 11, 2001. This program came under fire in 2005, once the public learned about it. Congress legalized the NSA's warrantless wiretaps in 2008, with a caveat: The agency was only allowed to target noncitizens not on American soil. The Obama administration started building its own cybersecurity policy in 2009 and at the same time, the NSA proposed using its existing, warrantless surveillance program in the name of cybersecurity.
In 2011, the FBI received permission to "wiretap" internet data linked to specific governments. The FBI negotiated in 2012 to use the NSA's internet-monitoring systems, which gathered digital traffic at "chokepoints operated by US providers through which international communications enter and leave the United States," a leaked document reads, according to the Times. The NSA then began sending this data to the FBI's "cyberdata repository" in Quantico, Virginia.
Back to 2012: The Justice Department secretly permitted the NSA to search Americans' internet addresses and cybersignatures without a warrant, tying the authority to the government's existing program of monitoring foreign powers. The NSA has long surveilled the internet data of foreign intelligence targets, but the 2012 memos expanded these procedures and allowed the agency to search for less-identifying IP addresses and malware. The expanded authority allows the NSA to collect large amounts of Americans' data, including private emails, trade secrets and business dealings, because monitoring a hacker involves copying the data that person steals, the Times reports.
Information about the US government's hidden surveillance practices comes at a pertinent time. This week, for the first time since the 9/11 attacks, Congress and the Senate passed a measure limiting the government's domestic surveillance powers.
The Times spoke with Jonathan Mayer, a cybersecurity scholar at Stanford Law School who reviewed some of the leaked documents, and he said the NSA's activities look like law enforcement, not foreign-intelligence gathering. Mayer told the Times, "That's a major policy decision about how to structure cybersecurity in the US and not a conversation that has been had in public."
[Image credit: Associated Press]