How the NSA collects everything you do on the internet

[Dr. Trainwreck]

Why should that bother anyone aside from the hilarious notion of 'omg privacy is important because it's privacy!' argument?

Last time I checked this 'hilarious notion' of PRIVACY OMG was a right. But don't worry people, you don't need your rights anyway, if you don't do bad shit you have nothing to hide. Remember, only bad people could ever possibly want to hide something, right?

So it could be on record somewhere I'm texting erotic messages and sending nude photos to my girlfriend. Who gives a fuck?

Oh, you're wicked dumb. Your government bombs allied countries, to kill people they won't show any proof have done anything wrong. Can you truly tell me you know what they give a fuck about?

[K. A. Pital]

Formless has already explained the problem in most simple terms: government officials can read e-mails of people at will and if they think that said people threaten their interests, which may be completely hideous (like covering up war crimes, for example), they can then proceed to blackmail people or destroy the lives of anyone involved. Or anyone they think is involved or may be involved.

This opens such an enormous potential for abuse that it is not even a question of privacy.

It is a question of privacy before a malevolent war-making leviathan, which is your Dear Leader Beloved Government.

[TheHammer]

Also, TheHammer - the logic that it's ok to collect and record massive amounts of data because it only becomes criminal once the government looks at it inappropriately is roughly equivalent to saying that it's perfectly legal to download every song, book, movie, and tv show, so long as you never watch them.

The way I look at it is this, the data is already out there on someones server. All this sytem does is provide a tool to help analysts sift through it to find the specific targets they are looking for. As I understand from the article, unless something is "flagged" most of the data rolls off its cache after a few days as it is. I'm quite certain many of these other organizations (Google, Facebook etc) retain your data for far longer than that.

As to your statement, I'm not up on all the current legislation regarding the storage and transfer of digital media, but I believe I could make a logical argument as to why what you just described should be perfectly legal. All you are essentially doing would be creating a local cache, for the sake of convenience, for media you might potentially consume in the future. So long as you paid for the rights to watch/read/listen to said media then there is no harm to the content creator, and thus no crime.

You know what the funny thing is? If there were proper civilian oversight over this project, you wouldn't have to wait for a whistleblowing leak to tell you that power has been abused. Because it would be transparent and instances of abuse could be a matter of public record. There's enough precedent of the government doing really bad shit to unpopular groups that you really don't need evidence to want some kind of oversight.

They have been moving to make things more transparent, but with any sort of intelligence organization it is never going to be crystal clear. The project is under the jurisdiction of the FISA court, and recently they've looked at adding a privacy advocate http://www.theguardian.com/law/2013/aug ... -us-senate to help assuage some fears. I expect you don't think that goes far enough, but I'm not sure what exactly you would find acceptable "civilian oversight".

To give some perspective, lets look at healthcare records - something very private and personal to most of us. The IT people at a healthcare organization have the capability to get your records from your hospital, and a good number of other hospitals that you go to. They can read through reports, doctors notes, view x-rays and MRI scans - your entire medical history. Unless there is a specific report of an abuse, there is no civilian or government oversight that prevents them from doing this, merely internal auditing. However, those IT people know that if they get caught abusing that power, there are MASSIVE fines (to the person not the organization) and potential jail time, not to mention the end of their career. I expect that an intelligence analyst is under similar circumstances.

Something that struck me as funny, while browsing the guardian website I accidentally clicked on the "facebook" link at the top. Then I was prompted with the following: "The Guardian would like access to your public profile, friends list, email address, birthday, and current city". It seems everyone is getting in on the data collection these days.

[Thanas]

The track record of intelligence failures in the military seems to suggest that people who screw up don't get any punishment at all and even when you gun down women and children while screaming "kill them all" you don't get anything more than a slap on the wrist.

What is the evidence that makes you so confident that THIS TIME it will be different?

[General Zod]

They have been moving to make things more transparent, but with any sort of intelligence organization it is never going to be crystal clear. The project is under the jurisdiction of the FISA court, and recently they've looked at adding a privacy advocate http://www.theguardian.com/law/2013/aug ... -us-senate to help assuage some fears. I expect you don't think that goes far enough, but I'm not sure what exactly you would find acceptable "civilian oversight".

If the warrants used to access data aren't a matter of public record accessible to everyone, then it's not good enough. If they're accessing data without warrants, then they've committed abuse. Plain and simple.

To give some perspective, lets look at healthcare records - something very private and personal to most of us. The IT people at a healthcare organization have the capability to get your records from your hospital, and a good number of other hospitals that you go to. They can read through reports, doctors notes, view x-rays and MRI scans - your entire medical history. Unless there is a specific report of an abuse, there is no civilian or government oversight that prevents them from doing this, merely internal auditing. However, those IT people know that if they get caught abusing that power, there are MASSIVE fines (to the person not the organization) and potential jail time, not to mention the end of their career. I expect that an intelligence analyst is under similar circumstances.

It's something the government doesn't need to know about without a damn good reason. What if some shithead in the government gets the idea to start putting people on a blacklist to prevent them from traveling if they invoke just the right combination of magic search terms into the internet regardless of their intent?

[Havok]

As far as I know, the internet is a completely voluntary. It also is akin to a public street. Why anyone thinks it's any different, despite guarantees of privacy from whatever porn site you are on, I have no idea.

Are you saying that just because walking out on the street is voluntary it is completely fine for some government agency to record every step you take outside of your home?

I can record everything a government agent does outside his home on public streets.

[K. A. Pital]

What if the government thinks that because someone may be somehow connected to "foreign folks who want to harm broadly-defined American interests", it is okay to lock that person up in a prison outside of American territory, torture that person, hold him there for years without due process...

Wait. That's real life, TheHammer. So again, why do you even want the American government to be able to read everyone's e-mails? Cause they'd be "more efficient" at throwing people into Gitmos all over the world to carefully torture them under CIA guidance? That's the plan?

As far as I know, the internet is a completely voluntary. It also is akin to a public street. Why anyone thinks it's any different, despite guarantees of privacy from whatever porn site you are on, I have no idea.

As far as I know, the post is completely voluntary and is akin to a public street. Why anyone thinks it's any different, despite guarantees of privacy from whatever post office you are in, I have no idea.

So I'll pry open your deliveries and read your mail. And your mom's mail. And that's because mail is a public street. Nice logic there.

[Havok]

As far as I know, the internet is a completely voluntary. It also is akin to a public street. Why anyone thinks it's any different, despite guarantees of privacy from whatever porn site you are on, I have no idea.

Any logic which holds "the internet is voluntary and public"

I didn't say it was public. I said why anyone treats it as private is beyond me.

must also hold phone calls and snail mail letters equally public. So, you're comfortable with the government OCRing your mail and recording your phone calls? All your mail and phone calls, ever?

Really? Is that what is happening? Phone calls happens and are done. They aren't saved on servers with IP addresses attached to them and history saved in your browser and however many other places.

A phone call is an event that if missed, only has the fact that you made the call, not the content, kept as record. Regular mail has one copy that is sent to one place and again, nothing saved, and if the USPS is any indication, not much of a record.

But lets also ignore the piles of laws and statutes that protect phone calls and mail as explicitly private that have been around for what... like over 100 years now?

But still, NOTHING is private. All you guys are bitching about is how easy it is for "The Man" to watch you. "The Man" can ALWAYS watch you, listen to you, see you, you guys are just crying because now they don't have to wake up some Judge to sign a piece of paper in the middle of the morning. C'mon.

Don't like how easy it is to get your info on the internet? Don't put your info on the internet. There is not one business or institution that is considered a "need" that you can't deal with in person or through the regular mail.

[Havok]

As far as I know, the internet is a completely voluntary. It also is akin to a public street. Why anyone thinks it's any different, despite guarantees of privacy from whatever porn site you are on, I have no idea.

As far as I know, the post is completely voluntary and is akin to a public street. Why anyone thinks it's any different, despite guarantees of privacy from whatever post office you are in, I have no idea.

So I'll pry open your deliveries and read your mail. And your mom's mail. And that's because mail is a public street. Nice logic there.

There have been guarantees of privacy for the mail in place by the, y'know, the federal government for ages. Have they ever made those guarantees for the internet?

And no, the mail is not akin to a public street, but go ahead and keep making idiotic analogies.

[Thanas]

Have they ever made those guarantees for the internet?

Yes, the 4th amendment also extends to the internet. This is why people cannot simply hack into your email and why doing so is a crime.

You have a point when people voluntarily put out content for all to see, like, say, facebook. But not when it comes to email.

Really? Is that what is happening? Phone calls happens and are done. They aren't saved on servers with IP addresses attached to them and history saved in your browser and however many other places.

Nope. The NSA is also saving these on a server, with addresses attached to them and also a log of calls being made.

[Havok]

Fair enough, but it's not a new thing that the NSA is recording phone calls or figuring out information you can get from the fucking Yellowpages. I mean, christ, I HOPE our National Security Agency can manage the task of figuring out what the phone companies have been keeping records of for decades.

[Havok]

Have they ever made those guarantees for the internet?

Yes, the 4th amendment also extends to the internet. This is why people cannot simply hack into your email and why doing so is a crime.

You have a point when people voluntarily put out content for all to see, like, say, facebook. But not when it comes to email.

The thing is with the Constitution and even the BoRs, you have to use pretty much the broadest and vaguest interpretation to infer any sort of "right" to privacy. Even without that though, specific federal laws have been enacted to protect physical mail.

[TheHammer]

The track record of intelligence failures in the military seems to suggest that people who screw up don't get any punishment at all and even when you gun down women and children while screaming "kill them all" you don't get anything more than a slap on the wrist.

What is the evidence that makes you so confident that THIS TIME it will be different?

Because in this instance, it would be far more cut and dry. If Agent Zimmerman kills someone in the field and he is the only living witness, then it might be tough to determine what exactly happened. If Analyst Smith has an audit trail showing he was snooping in his ex-wife's email, or anyone elses without a warrant then it would be an obvious abuse of his power.

If you want to argue for more stringent restrictions of when this tool is used, and how it is used, then I certainly have no problem with that. But the fact that the tool itself exists isn't really your problem because it can be used in a professional, legal, non-abusive manner.

If the warrants used to access data aren't a matter of public record accessible to everyone, then it's not good enough. If they're accessing data without warrants, then they've committed abuse. Plain and simple.
...
It's something the government doesn't need to know about without a damn good reason. What if some shithead in the government gets the idea to start putting people on a blacklist to prevent them from traveling if they invoke just the right combination of magic search terms into the internet regardless of their intent?

How would you reconcile the secret nature of intelligence gathering, with a public record for the warrant?

As to your second point, I don't doubt that something like that could happen given how we've sometimes added folks to "no fly" lists, but as with the no fly lists if something like that did occur the ACLU would be all over their ass. I'd hope that they learned their lesson there, but if not that's how our system works - When the government oversteps its bounds, we take it to the courts.

[TheHammer]

Wait. That's real life, TheHammer. So again, why do you even want the American government to be able to read everyone's e-mails? Cause they'd be "more efficient" at throwing people into Gitmos all over the world to carefully torture them under CIA guidance? That's the plan?

Firstly, to be clear, they are NOT randomly reading everyone's e-mails. There are rules and regulations that govern the use of this tool. If someone wants to argue that those rules and regulations should be tightly controlled, I'm with you there, but I'm not against having the technical capability.

Second, Why would being "more efficient" in this case be a bad thing? As I understand it, many of the folks wrongfully held at Gitmo are there because of mistaken identity, or being at the wrong place at the wrong time. Because evidence is able to be gathered to show that someone is in fact complicit in working with terrorists, then that situation would be far less prone to mistakes would it not?

[General Zod]

How would you reconcile the secret nature of intelligence gathering, with a public record for the warrant?

How do the police do it?

As to your second point, I don't doubt that something like that could happen given how we've sometimes added folks to "no fly" lists, but as with the no fly lists if something like that did occur the ACLU would be all over their ass. I'd hope that they learned their lesson there, but if not that's how our system works - When the government oversteps its bounds, we take it to the courts.

How's that worked out for the people holed up in Gitmo for the last 11 years?

[Terralthra]

As far as I know, the internet is a completely voluntary. It also is akin to a public street. Why anyone thinks it's any different, despite guarantees of privacy from whatever porn site you are on, I have no idea.

As far as I know, the post is completely voluntary and is akin to a public street. Why anyone thinks it's any different, despite guarantees of privacy from whatever post office you are in, I have no idea.

So I'll pry open your deliveries and read your mail. And your mom's mail. And that's because mail is a public street. Nice logic there.

There have been guarantees of privacy for the mail in place by the, y'know, the federal government for ages. Have they ever made those guarantees for the internet?

The Electronic Communications Privacy Act protects wire, oral, and electronic communications while in transit, protects communications held in electronic storage, most notably messages stored on computers, and prohibits the use of pen register and/or trap and trace devices to record dialing, routing, addressing, and signalling information used in the process of transmitting wire or electronic communications without a court order. Man, if only you'd bothered to check if such a law had been passed, you wouldn't look like such an idiot right now.

And no, the mail is not akin to a public street, but go ahead and keep making idiotic analogies.

Nonsense. Every piece of mail you send or receive passes down many public streets, is in multiple buildings for routing purposes, and is handled by many people between you and the your correspondent. Why you'd have any expectation of privacy for something that public is beyond me.

[K. A. Pital]

Firstly, to be clear, they are NOT randomly reading everyone's e-mails. There are rules and regulations that govern the use of this tool. If someone wants to argue that those rules and regulations should be tightly controlled, I'm with you there, but I'm not against having the technical capability.

Actually, as a crypto-anarchist I am obviously against anyone having even the mere capability to do so. But let's put my personal preferences aside.

The problem with XKeyScore is the potential for abuse with the fact of existence itself. How so? Well, there are two problems. First - intelligence gathering is a non-transparent institution due to the demands of secrecy (which is tied to the protection of intelligence officers, et cetera). This does not allow the public to be able to see how intelligence operates the tools they have at their disposal. Time and again this was proven when covert CIA or No Such Agency programs were exposed and Congressional "oversight" was made mockery of. Since these tools are operated by people who are not under the direct control of the public, at least in theory like elected officials are... well, I see no reason to have these tools in place. The second problem is of course the technical capacity in the hands of the government. Unlike many so-called libertarians of the USA, I deeply distrust the government, which is a non-transparent institution with extremely limited accountability to the people. There should be laws to protect the populace; much like Japan's constitution is there to protect the nation from militaristic madness that cost it too much during World War II.

See?

[Singular Intellect]

Right. And when I have detailed access to information about any government worker up to and including president Obama on the same level as the program the article in the OP talks about, then you can come back here and brag about how much more you know about software than me. Until then, nice try, but no. You're just an imbecile.

Ah, an illiterate moron. Where did I say I know more about software than you do? Where did I say a fucking thing about software at all?

Also, still not seeing a response to point #2, but whatever. Something tells me you're too interested in technological vaporware to be much of a threat to yourself politically anyway.

Your 'point' was just you whining I shouldn't vote, participate in politics or have a clue what the problem is. If that's your 'point', you're clearly mentally handicapped on the issue of what a 'point' is.

Why should that bother anyone aside from the hilarious notion of 'omg privacy is important because it's privacy!' argument?

Last time I checked this 'hilarious notion' of PRIVACY OMG was a right. But don't worry people, you don't need your rights anyway, if you don't do bad shit you have nothing to hide. Remember, only bad people could ever possibly want to hide something, right?

I actually agree with that notion. The only objection I entertain is one of safety of individuals and society, which is addressed with more transparency and information availability, not less.

The concept of privacy is a joke and creates far more problems than it solves. Name one problem the elimination of privacy creates that isn't addressed by eliminating privacy for everyone.

So it could be on record somewhere I'm texting erotic messages and sending nude photos to my girlfriend. Who gives a fuck?

Oh, you're wicked dumb. Your government bombs allied countries, to kill people they won't show any proof have done anything wrong. Can you truly tell me you know what they give a fuck about?

You'll first have to provide sources for me on where the Canadian Government has been doing such a thing.

Nonsense. Every piece of mail you send or receive passes down many public streets, is in multiple buildings for routing purposes, and is handled by many people between you and the your correspondent. Why you'd have any expectation of privacy for something that public is beyond me.

Privacy isn't the concern, speed of delivery and integrity of the package is. Those two desired criteria would be heavily compromised if such packages underwent disruptive handling procedures (like opening them).

Two concerns which don't apply to digital deliveries, thus the argument of 'privacy' is irrelevant.

[General Zod]

The concept of privacy is a joke and creates far more problems than it solves.

Such as?

[Havok]

As far as I know, the post is completely voluntary and is akin to a public street. Why anyone thinks it's any different, despite guarantees of privacy from whatever post office you are in, I have no idea.

So I'll pry open your deliveries and read your mail. And your mom's mail. And that's because mail is a public street. Nice logic there.

There have been guarantees of privacy for the mail in place by the, y'know, the federal government for ages. Have they ever made those guarantees for the internet?

The Electronic Communications Privacy Act protects wire, oral, and electronic communications while in transit, protects communications held in electronic storage, most notably messages stored on computers, and prohibits the use of pen register and/or trap and trace devices to record dialing, routing, addressing, and signalling information used in the process of transmitting wire or electronic communications without a court order. Man, if only you'd bothered to check if such a law had been passed, you wouldn't look like such an idiot right now.

You look like an idiot for asking a question now? You that hard up for someone to flame?
Also your link says...

The ECPA also included so-called pen/trap provisions that permit the tracing of telephone communications

And no, the mail is not akin to a public street, but go ahead and keep making idiotic analogies.

Nonsense. Every piece of mail you send or receive passes down many public streets, is in multiple buildings for routing purposes, and is handled by many people between you and the your correspondent. Why you'd have any expectation of privacy for something that public is beyond me.

And every person and place you listed is a federal employee or building whose one job is to get you your mail, unmolested.
You honestly don't see the difference from that to transmitting information that is going through how many barely protected points, none of which are manned by government employees who will lose their jobs and possibly face jail time for reading the information, owned by private companies that already expose the information to advertisers and such?

I'm not saying any of it is right, but you are a colossal fucking idiot if you think that your information is safe on the internet because websites or even laws say it is. Hell even the regular mail and phones... it's wildly amusing that all the squares and smart kids are just now figuring out what criminals have known for 50+ years.

And again, all this just comes down to complaining about quickness and ease of access. It is all accessible all the time.

[Singular Intellect]

The concept of privacy is a joke and creates far more problems than it solves.

Such as?

Gee, I dunno? People planning to beat up homosexuals, kidnap a kid, rape someone, drink and drive then killing someone, etc? You don't see how widespread monitoring of everyone would solve or make such problems quickly responded to?

[General Zod]

The concept of privacy is a joke and creates far more problems than it solves.

Such as?

Gee, I dunno? People planning to beat up homosexuals, kidnap a kid, rape someone, drink and drive then killing someone, etc? You don't see how widespread monitoring of everyone would solve or make such problems quickly responded to?

So instead of having the police investigating actual crimes, you want them to waste the manpower they don't have investigating every instance of bad intent that crops up? That's both hilarious and unrealistic.

[Singular Intellect]

So instead of having the police investigating actual crimes, you want them to waste the manpower they don't have investigating every instance of bad intent that crops up? That's both hilarious and unrealistic.

Who said only the cops get access to that information or that they have to investigate every bad intent?

[General Zod]

So instead of having the police investigating actual crimes, you want them to waste the manpower they don't have investigating every instance of bad intent that crops up? That's both hilarious and unrealistic.

Who said only the cops get access to that information or that they have to investigate every bad intent?

How do you expect them to tell the difference between credible and non-credible bad intents without investigating them? Each investigation is going to chew up time and manpower that they don't have, and all of the crimes you complained about are normally handled by regular police. It sounds to me like you want a real-life thought police to keep people from acting on bad impulses.

[Singular Intellect]

How do you expect them to tell the difference between credible and non-credible bad intents without investigating them? Each investigation is going to chew up time and manpower that they don't have, and all of the crimes you complained about are normally handled by regular police. It sounds to me like you want a real-life thought police to keep people from acting on bad impulses.

Not at all. Police respond to actual crimes, the monitoring just makes it very easy to find the guilty parties/missing persons. For example, a parent whose kid goes missing can tap the universal system and find them quickly. Police only get involved when the public, using the same system, can't handle it.