XKeyscore: Another wide-reaching NSA surveillance tool exposed?


internet-surveillance1

XKeyscore – the claims

the guardian logoAccording to newly revealed documents presented to The Guardian by whistleblower Edward Snowden, a surveillance program called XKeyscore enables the National Security Agency (NSA) to see “nearly everything a user does on the internet”.  The Guardian article. with a somewhat flamboyant heading, claims that NSA training materials include a boast that XKeyscore is its “widest-reaching” system for developing intelligence from the internet, and detail how analysts can use it and other systems to mine enormous agency databases by filling in a simple on-screen form giving only a broad justification for the search.

The article further asserts that XKeyscore provides the technological capability to target US persons for extensive electronic surveillance without a warrant, provided that some identifying information is known to the analyst. Analysts can search by name, telephone number, IP address, keywords, the language in which the internet activity was conducted or the type of browser used. Snowden is quoted as saying… “I, sitting at my desk, could wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal email.”

XKeyscore – the other side of the coin

NSA - logo - smallOf course, the NSA has responded with typical justification, saying in a press release dated 30th July that “NSA’s activities are focused and specifically deployed against – and only against – legitimate foreign intelligence targets in response to requirements that our leaders need for information necessary to protect our nation and its interest. All of our analytic tools are aimed at information we collect pursuant to lawful authority to respond to foreign intelligence requirements – nothing more.

The NSA’s statement goes on to specifically address the XKeyscore issue thus:

 XKeyscore is used as a part of NSA’s lawful foreign signals intelligence collection system. By the nature of NSA’s mission, which is the collection of foreign intelligence

Allegations of widespread, unchecked analyst access to NSA collection data are simply not true. Access to XKEYSCORE, as well as all of NSA’s analytic tools, is limited to only those personnel who require access for their assigned tasks. Those personnel must complete appropriate training prior to being granted such access – training which must be repeated on a regular basis. This training not only covers the mechanics of the tool but also each analyst’s ethical and legal obligations. In addition, there are multiple technical, manual and supervisory checks and balances within the system to prevent deliberate misuse from occurring.

the week magazine - logoInterestingly, US journalist Mark Ambinder has since refuted many of The Guardian’s claims, saying that XKeyscore is not top-secret, although collection of bulk data is perhaps classified.  And further, that XKeyscore is not used for surveillance, and is instead, simply a search tool for NSA databases that hold data collected through other means. The following is an extract from Mark Ambinder’s article published on “The Week”:

I quibble with the Guardian‘s description of the program as “TOP SECRET.” The word is not secret; its association with the NSA is not secret; that the NSA collects bulk data on foreign targets is, well, probably classified, but at the SECRET level. Certainly, work product associated with XKEYSCORE is Top Secret with several added caveats. Just as the Guardian might be accused of over-hyping the clear and present danger associated with this particular program, critics will reflexively overstate the harm that its disclosure would reasonably produce.

XKEYSCORE is not a thing that DOES collecting; it’s a series of user interfaces, backend databases, servers and software that selects certain types of metadata that the NSA has ALREADY collected using other methods.

XKeyscore – the conclusion

As you know, I am an Aussie and as such do not feel comfortable commenting on another countries policies. Not that the Australian Government is exactly guilt free, when it comes to covert surveillance our government agencies are right up there with the best, or perhaps that should be the “worst”. However, in my humble opinion, in this case there does appear to be a clear distinction twixt “potential” and “actuality”. One thing I think we can all agree on, regardless of country of residence, is that the terms “trust” and “government agencies” are definitely not compatible.


Sources:

About the Author

Jim Hillier

Jim is the resident freeware aficionado at DCT. A computer veteran with 30+ years experience who first started writing about computers and tech back in the days when freeware was actually free. His first computer was a TRS-80 in the 1980s, he progressed through the Commodore series of computers before moving to PCs in the 1990s. Now retired (aka an old geezer), Jim retains his passion for all things tech and still enjoys building and repairing computers for a select clientele... as well as writing for DCT, of course.