The Guardian just published another information dump detailing a secret, previously unknown National Security Agency program that supposedly collects "everything a user does on the internet." It's called XKeyscore. The ominous-sounding tool allows NSA analysts to search through gigantic databases for an individual's personal information — such as emails, online chats, and browsing histories — "with no prior authorization," writes the Guardian's Glenn Greenwald.
While many of the details are vague — the report doesn't mention PRISM, so it's unclear if XKeyscore is part of PRISM or a separate entity altogether — here are three important things you should know about the program:
1. It stores a massive amount of data
XKeyscore gathers truckloads of digital information, everything from browsing history and Facebook chats to emails and logins. Once it's collected, an NSA analyst can quickly search through the database using a person's name, telephone number, IP address, or keywords.
But the XKeyscore system collects so much data that it can only store content for three to five days at a time before it's tossed away. Metadata, meanwhile, is stored for 30. According to one document leaked by whistleblower Edward Snowden: "At some sites, the amount of data we receive per day (20+ terabytes) can only be stored for as little as 24 hours."
To give you an idea of how much data that is: For each month in 2012, the XKeyscore program supposedly collected at least 41 billion total records. That's a lot to process.
2. The program works without a warrant
The FISA Amendments Act of 2008 mandates that the feds acquire a warrant to snoop on a U.S. citizen, unless — and this a pretty big unless — they are suspected to be communicating with a foreign target. But this particular program allows the NSA to skirt the warrant, alleges the Guardian:
XKeyscore provides the technological capability, if not the legal authority, to target even U.S. persons for extensive electronic surveillance without a warrant provided that some identifying information, such as their email or IP address, is known to the analyst. [Guardian]
3. The "legal justification" is a click away
You know those drop-down menus you use whenever you fill out a form online? The Guardian alleges that NSA analysts justify their surveillance of individuals by picking from a similar pull-down. "Once options on the pull-down menus are selected, their target is marked for electronic surveillance and the analyst is able to review the content of their communications," reports Greenwald.
Here's what that slide supposedly looks like:
If you look close enough, the parameters are pretty loose, particularly "phone number is registered in a country other than the U.S." and "a network or machine indicates they are outside the U.S."