NSA Collecting Hundreds of Millions of Email Contact Lists

New reporting on agency's bulk collection of data, including Americans'

The National Security Agency (NSA) has been collecting "hundreds of millions of contact lists from personal e-mail and instant messaging accounts around the world, many of them belonging to Americans of millions," the Washington Post reported on Monday.

The new revelations about vast NSA surveillance are the latest in a series made possible by whistleblower Edward Snowden.

The contact lists collected represent "a sizable fraction of the world's e-mail and instant messaging accounts," and are scooped up with the help of foreign telecomms and foreign intelligence agencies.

The Post reports:

During a single day last year, the NSA's Special Source Operations branch collected 444,743 e-mail address books from Yahoo, 105,068 from Hotmail, 82,857 from Facebook, 33,697 from Gmail and 22,881 from unspecified other providers, according to an internal NSA PowerPoint presentation. Those figures, described as a typical daily intake in the document, correspond to a rate of more than 250 million a year.

The higher number of Yahoo users' data may be because it, "unlike other service providers, has left connections to its users unencrypted by default," a practice the company told the Post on Monday it would stop.

Techdirt points out that it's not just the email addresses that would be collected in this program:

[W]hile the program is ostensibly targeted at "metadata" concerning connections between individuals, the fact that it collects "inboxes" and "buddy lists" appears to reveal content at times. With buddy lists, it can often collect content that was sent while one participant was offline (where a server holds the message until the recipient is back online), and with inboxes, they often display the beginning of messages, which the NSA collects.

This previously undisclosed program is able to skirt the Foreign Intelligence Surveillance Act because the data is collected overseas. Even if an American is not overseas, his or her data might be because "Large technology companies, including Google and Facebook, maintain data centers around the world to balance loads on their servers and work around outages," the paper explains.

___________________

Our work is licensed under Creative Commons (CC BY-NC-ND 3.0). Feel free to republish and share widely.