XKeyscore: Another wide-reaching NSA surveillance tool exposed?

XKeyscore – the claims

According to newly revealed documents presented to The Guardian by whistleblower Edward Snowden, a surveillance program called XKeyscore enables the National Security Agency (NSA) to see “nearly everything a user does on the internet”.  The Guardian article. with a somewhat flamboyant heading, claims that NSA training materials include a boast that XKeyscore is its “widest-reaching” system for developing intelligence from the internet, and detail how analysts can use it and other systems to mine enormous agency databases by filling in a simple on-screen form giving only a broad justification for the search.

The article further asserts that XKeyscore provides the technological capability to target US persons for extensive electronic surveillance without a warrant, provided that some identifying information is known to the analyst. Analysts can search by name, telephone number, IP address, keywords, the language in which the internet activity was conducted or the type of browser used. Snowden is quoted as saying… “I, sitting at my desk, could wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal email.”

XKeyscore – the other side of the coin

Of course, the NSA has responded with typical justification, saying in a press release dated 30th July that “NSA’s activities are focused and specifically deployed against – and only against – legitimate foreign intelligence targets in response to requirements that our leaders need for information necessary to protect our nation and its interest. All of our analytic tools are aimed at information we collect pursuant to lawful authority to respond to foreign intelligence requirements – nothing more.

The NSA’s statement goes on to specifically address the XKeyscore issue thus:

 XKeyscore is used as a part of NSA’s lawful foreign signals intelligence collection system. By the nature of NSA’s mission, which is the collection of foreign intelligence

Allegations of widespread, unchecked analyst access to NSA collection data are simply not true. Access to XKEYSCORE, as well as all of NSA’s analytic tools, is limited to only those personnel who require access for their assigned tasks. Those personnel must complete appropriate training prior to being granted such access – training which must be repeated on a regular basis. This training not only covers the mechanics of the tool but also each analyst’s ethical and legal obligations. In addition, there are multiple technical, manual and supervisory checks and balances within the system to prevent deliberate misuse from occurring.

Interestingly, US journalist Mark Ambinder has since refuted many of The Guardian’s claims, saying that XKeyscore is not top-secret, although collection of bulk data is perhaps classified.  And further, that XKeyscore is not used for surveillance, and is instead, simply a search tool for NSA databases that hold data collected through other means. The following is an extract from Mark Ambinder’s article published on “The Week”:

I quibble with the Guardian‘s description of the program as “TOP SECRET.” The word is not secret; its association with the NSA is not secret; that the NSA collects bulk data on foreign targets is, well, probably classified, but at the SECRET level. Certainly, work product associated with XKEYSCORE is Top Secret with several added caveats. Just as the Guardian might be accused of over-hyping the clear and present danger associated with this particular program, critics will reflexively overstate the harm that its disclosure would reasonably produce.

XKEYSCORE is not a thing that DOES collecting; it’s a series of user interfaces, backend databases, servers and software that selects certain types of metadata that the NSA has ALREADY collected using other methods.

XKeyscore – the conclusion

As you know, I am an Aussie and as such do not feel comfortable commenting on another countries policies. Not that the Australian Government is exactly guilt free, when it comes to covert surveillance our government agencies are right up there with the best, or perhaps that should be the “worst”. However, in my humble opinion, in this case there does appear to be a clear distinction twixt “potential” and “actuality”. One thing I think we can all agree on, regardless of country of residence, is that the terms “trust” and “government agencies” are definitely not compatible.

Sources:

• The Guardian: XKeyscore: NSA tool collects ‘nearly everything a user does on the internet
• NSA Press Release: Press Statement on 30 July 2013
• The Week: What’s XKEYSCORE? (by Mark Ambinger)