CLOSE
ThinkStock
ThinkStock

Is the Government Reading Your Email?

ThinkStock
ThinkStock

The National Security Agency is the primary cryptographic and signals-intelligence agency of the United States. To spy on foreign communications, it operates data collection platforms in more than 50 countries and uses airplanes and submarines, ships and satellites, specially modified trucks, and cleverly disguised antennas. It has managed to break the cryptographic systems of most of its targets and prides itself on sending first-rate product to the president of the United States.

Inside the United States, the NSA’s collection is regulated by the Foreign Intelligence Surveillance Act, passed in 1978 to provide a legal framework for intercepting communications related to foreign intelligence or terrorism where one party is inside the United States and might be considered a “U.S. person.”

Three bits of terminology: The NSA “collects on” someone, with the preposition indicating the broad scope of the verb. Think of a rake pushing leaves into a bin. The NSA intercepts a very small percentage of the communications it collects. At the NSA, to “intercept” is to introduce to the collection process an analyst, who examines a leaf that has appeared in his or her computer bin. (An analyst could use computer software to assist here, but the basic distinction the NSA makes is that the actual interception requires intent and specificity on behalf of the interceptor.) A “U.S. person” refers to a U.S. citizen, a legal resident of the United States, or a corporation or business legally chartered inside the United States.

So the big question everyone wonders is: does the NSA read my e-mail? Based on the public statements of the former director of the National Security Agency, Justice Department attorneys, and others involved in NSA operations—as well as confidential information provided to the authors and verified independently by officials read in to the programs—here is how to tell if the NSA spies on you:

1. If you regularly call people in Afghanistan, Pakistan, or Yemen, your telephone records have probably passed through an NSA computer. Most likely, however, if you’ve been calling rug merchants or relatives, no one at the NSA knew your name. (A computer program sanitizes the actual identifying information.) Depending on the time, date, location, and contextual factors related to the call, a record may not have been created.

2. If you’ve sent an e-mail from an IP address that has been used by bad guys in the past (IP addresses can be spoofed), your e-mail’s metadata—the hidden directions that tell the Internet where to send it (that is, the To and From lines, the subject line, the length, and the type of e-mail) probably passed through a server. The chances of an analyst or a computer actually reading the content of an e-mail are very slim.

3. If you are or were a lawyer for someone formally accused of terrorism, there is a good chance that the NSA has or had—but could not or cannot access (at least not anymore)—your telephone billing records. (N.B.: A Senate Select Committee on Intelligence report notes that the FISA Amendments Act does not require material erroneously collected to be destroyed.)

4. If you work for a member of the “Defense Industrial Base” on sensitive projects and your company uses Verizon and AT&T, your e-mail has likely been screened by NSA computers for malware.

5. Before 2007, if you, as an American citizen, worked overseas in or near a war zone, there is a small chance that you were “collected on” by a civilian NSA analyst or a member of the NSA’s Central Security Service (the name given to the military service elements that make up a large part of the NSA’s workforce).

6. If you, from September 2001 to roughly April 2004, called or sent e-mail to or from regions associated with terrorism and used American Internet companies to do so, your transaction records (again, without identifying information) were likely collected by your telecommunications company and passed to the NSA. The records were then analyzed, and there is a tiny chance that a person or a computer read them or sampled them. The NSA would ask telecommunications companies for tranches of data that correlated to particular communities of interest, and then used a variety of classified and unclassified techniques to predict, based on their analysis, who was likely to be associated with terrorism. This determination required at least one additional and independent extraneous piece of evidence.

7. There is a chance that the NSA passed this data to the FBI for further investigation. There is a small chance that the FBI acted on this information.

8. If you define “collection” in the broadest sense possible, there is a good chance that if the NSA wanted to obtain your transactional information in real time and knew your direct identity (or had a rough idea of who you are), they can do so, provided that they can prove to a FISA judge within seventy-two hours that there is probable cause to believe you are a terrorist or associated with a terrorist organization.

9. If the NSA receives permission from a judge to collect on a corporation or a charity that may be associated with terrorism, and your company, which is entirely separate from the organization in question, happens to share a location with it (either because you’re in the same building or have contracted with the company to share Internet services), there is a chance that the NSA incidentally collects your work e-mail and phone calls. It is very hard for the agency to map IP addresses to their physical locations and to completely segregate parts of corporate telephone networks. When this happens, Congress and the Justice Department are notified, and an NSA internal compliance unit makes a record of the “overcollect.”

10. If any of your communications were accidentally or incidentally collected by the NSA, they probably still exist somewhere, subject to classified minimization requirements. (The main NSA signals-intelligence database is code-named PINWALE.) This is the case even after certain collection activities became illegal with the passage of the 2007 FISA Amendments Act, the governing framework for domestic collection. The act does not require the NSA to destroy the data.

11. If you are of Arab descent and attend a mosque whose imam was linked through degrees of association with Islamic charities considered to be supporters of terrorism, NSA computers probably analyzed metadata from your telephone communications and e-mail.

12. Your data might have been intercepted or collected by Russia, China, or Israel if you traveled to those countries. The FBI has quietly found and removed transmitters from several Washington, D.C.–area cell phone towers that fed all data to wire rooms at foreign embassies.

13. The chances, if you are not a criminal or a terrorist, that an analyst at the NSA listened to one of your telephone conversations or read one of your e-mail messages are infinitesimally small given the technological challenges associated with the program, not to mention the lack of manpower available to sort through your irrelevant communications. If an unintentional collection occurred (an overcollect), it would be deleted and not stored in any database.

What safeguards exist today?

From what we could figure out, only three dozen or so people inside the NSA have the authority to read the content of FISA-derived material, all of which is now subject to a warrant. Can the NSA share FISA product on U.S. persons with other countries? By law it cannot and does not. (The FBI can, and does.) What is the size of the compliance staff that monitors domestic collection? Four or five people, depending on the budget cycle. How many people outside the NSA are privy to the full details of the program? More than one thousand. How can you find out if you’ve been accidentally or incidentally surveilled? You can’t. You can sue, but the government will invoke a state secrets privilege, and judges will probably agree—even when you can prove without any secret evidence that there is probable cause to believe that you were surveilled.

The NSA’s general counsel’s office regularly reviews the “target folders”—the identities of those under surveillance—to make sure the program complied with the instruction to surveil those reasonably assumed to have connections to al-Qaeda. They do this by sampling a number of the folders at random. How do we know the program isn’t expanding right now, pushing the boundaries of legality, spying not just on suspected terrorists but on American dissidents? We don’t. But if it is, and over a thousand people are involved, how much longer can that secret last?

Adapted from Deep State: Inside the Government Secrecy Industry, by Marc Ambinder and D.B. Grady. Grady is a regular contributor to mental_floss.

nextArticle.image_alt|e
iStock
arrow
Animals
France Hires Two Cats to Get Rid of Rats in Government Offices
iStock
iStock

The French government just hired two new employees, but instead of making policy decisions, the civil servants will be responsible for keeping offices rat-free. As The Telegraph reports, the cats are the first official mousers to France.

The secretary to the prime minister, Christophe Castaner, brought in the cats after he saw that the mouse problem at the offices near the Elysee Palace was getting out of hand. They're named Nomi and Noé after the early duke of Brittany Nominoé.

Paris is home to about 4 million rats—nearly two for every citizen—and the capital's offices are just as vulnerable to infestation as other old buildings. Until now, government employees had been setting out traps to solve the vermin problem. With Nomi and Noé now living on site, the hope is that the pets will double as pest control.

The new hires aren't unprecedented: The British government employs over 100,000 cats to chase down rodents. Official mouser may sound like a cushy job, but the UK holds its felines to a high standard. Larry, the official Chief Mouser to the Cabinet Office to two prime ministers, was nearly fired in 2012 for failing to react to a mouse in plain sight.

[h/t The Telegraph]

nextArticle.image_alt|e
iStock
arrow
technology
6 Things Americans Should Know About Net Neutrality
iStock
iStock

Net neutrality is back in the news, as Ajit Pai—the chairman of the Federal Communications Commission (FCC) and a noted net neutrality opponent—has announced that he plans to propose sweeping deregulations during a meeting in December 2017. The measures—which will fundamentally change the way consumers and businesses use and pay for internet access—are expected to pass the small committee and possibly take effect early in 2018. Here's a brief explanation of what net neutrality is, and what the debate over it is all about.

1. IT'S NOT A LAW; IT'S A PRINCIPLE

Net neutrality is a principle in the same way that "freedom of speech" is. We have laws that enforce net neutrality (as we do for freedom of speech), but it's important to understand that it is a concept rather than a specific law.

2. IT'S ABOUT REGULATING ACCESS TO THE INTERNET

Fundamentally, net neutrality is the principle that Internet Service Providers (ISPs) should not be allowed to prioritize one kind of data traffic over another. This also means they cannot block services purely for business reasons.

To give a simple example, let's say your ISP also sells cable TV service. That ISP might want to slow down your internet access to competing online TV services (or make you pay extra if you want smooth access to them). Net neutrality means that the ISP can't limit your access to online services. Specifically, it means the FCC, which regulates the ISPs, can write rules to prevent ISPs from preferring certain services—and the FCC did just that in 2015.

Proponents often talk about net neutrality as a "level playing field" for online services to compete. This leaves ISPs in a position where they are providing a commodity service—access to the internet under specific FCC regulations—and that is not always a lucrative business to be in.

3. INTERNET PROVIDERS GENERALLY OPPOSE NET NEUTRALITY

In 2014 and 2015, there was a major discussion of net neutrality that led to new FCC rules enforcing net neutrality. These rules were opposed by companies including AT&T, Comcast, Time Warner Cable, and Verizon. The whole thing came about because Verizon sued the FCC over a previous set of rules and ended up, years later, being governed by even stricter regulations.

The opposing companies see net neutrality as unnecessary and burdensome regulation that will ultimately cost consumers in the end. Further, they have sometimes promoted the idea of creating "fast lanes" for certain kinds of content as a category of innovation that is blocked by net neutrality rules.

4. TECH COMPANIES GENERALLY LOVE NET NEUTRALITY

In support of those 2015 net neutrality rules were companies like Amazon, Facebook, Google, Microsoft, Netflix, Twitter, Vimeo, and Yahoo. These companies often argue that net neutrality has always been the de facto policy that allowed them to establish their businesses—and thus in turn should allow new businesses to emerge online in the future.

On May 7, 2014, more than 100 companies sent an open letter to the FCC "to express our support for a free and open internet":

Over the past twenty years, American innovators have created countless Internet-based applications, content offerings, and services that are used around the world. These innovations have created enormous value for Internet users, fueled economic growth, and made our Internet companies global leaders. The innovation we have seen to date happened in a world without discrimination. An open Internet has also been a platform for free speech and opportunity for billions of users.

5. THE FCC CHAIR ONCE QUOTED EMPEROR PALPATINE

Ajit Pai, who was one of the recipients of that open letter above and is now Chairman of the FCC, quoted Emperor Palpatine from Return of the Jedi when the 2015 rules supporting net neutrality were first codified. (At the time he was an FCC Commissioner.) Pai said, "Young fool ... Only now, at the end, do you understand." His point was that once the rules went into effect, they could have the opposite consequence of what their proponents intended.

The Star Wars quote-off continued when a Fight for the Future representative chimed in. As The Guardian wrote in 2015 (emphasis added):

Referring to Pai's comments Evan Greer, campaigns director at Fight for the Future, said: "What they didn't know is that when they struck down the last rules we would come back more powerful than they could possibly imagine."

6. THE TWO SIDES DISAGREE ABOUT WHAT NET NEUTRALITY'S EFFECTS ARE

The Star Wars quotes above get at a key point of the net neutrality debate: Pai believes that net neutrality stifles innovation. He was quoted in 2015 in the wake of the new net neutrality rules as saying, "permission-less innovation is a thing of the past."

Pai's statement directly contradicts the stated position of net neutrality proponents, who see net neutrality as a driver of innovation. In their open letter mentioned above, they wrote, "The Commission’s long-standing commitment and actions undertaken to protect the open Internet are a central reason why the Internet remains an engine of entrepreneurship and economic growth."

In December 2016, Pai gave a speech promising to "fire up the weed whacker" to remove FCC regulations related to net neutrality. He stated that the FCC had engaged in "regulatory overreach" in its rules governing internet access.

For previous coverage of net neutrality, check out our articles What Is Net Neutrality? and What the FCC's Net Neutrality Decision Means.

SECTIONS

arrow
LIVE SMARTER
More from mental floss studios