NSA Purchases Americans' Web Browsing Data Without Warrants
The National Security Agency has been buying Americans' web browsing data from commercial data brokers without warrants, according to recently disclosed documents.
NSA Buys Web Browsing Data from Commercial Data Brokers
The National Security Agency (NSA) has been purchasing Americans' web browsing data from commercial data brokers without obtaining warrants, as revealed in documents made public by Senator Ron Wyden. The data includes information about the websites visited by Americans and the apps they use. This latest disclosure highlights the routine practice of government agencies buying sensitive information about American citizens from commercial marketplaces without requiring a court order.
The sale of web browsing data raises concerns about foreign governments engaging in similar activities. The Biden administration is reportedly preparing an executive order to address foreign purchases of personal data of US citizens. The New York Times was the first to report Wyden's disclosure.
NSA's Purchases and Use of Netflow Data
The NSA's purchases involve netflow data, which is the technical information generated by devices when they access the internet. Although the purchased data does not include the content of Americans' communications, it pertains to domestic internet communications as well as communications where one side is located in the United States and the other side is abroad. However, the NSA is not buying cellphone location data or location data from automotive infotainment systems within the US.
An NSA official confirmed that commercially available netflow data is purchased for the agency's cybersecurity mission. The data is used to support the NSA's cybersecurity and foreign intelligence operations, including the defense of US military networks against foreign hacking. The NSA takes measures to minimize the collection of personal information and applies technical filters throughout the process.
Legitimate Uses of Netflow Data
Netflow data has legitimate applications that do not involve spying on individuals. Cybersecurity experts, such as Allison Nixon from Unit 221B, highlight the usefulness of netflow data in tracking malware and distributed denial of service attacks. It aids in detecting cyber threats and protecting organizations against cyberattacks. For example, netflow data is instrumental in antivirus software catching malware and banks identifying credit card fraud.
The disclosure of the NSA's practice was made possible by Senator Wyden's efforts over the course of nearly three years. Wyden previously revealed the Defense Intelligence Agency's warrantless purchase of commercially available smartphone location data. In response to the latest disclosure, Wyden has called on the Biden administration to cease warrantless surveillance of Americans through internet data purchases.
Calls for Action and Regulation
Senator Wyden's letter to Director of National Intelligence Avril Haines urges the Biden administration to stop the warrantless surveillance of Americans through internet data purchases. Wyden emphasizes that the US government should not be supporting an industry that violates Americans' privacy and potentially operates illegally. Wyden also raises questions about the legality of the practice in light of recent actions by the Federal Trade Commission (FTC), the primary federal privacy regulator.
Privacy regulators have taken steps to address data brokers and the commercial surveillance industry. The FTC has banned the sale of certain personal information by companies like InMarket Media and Outlogic. FTC Chair Lina Khan has initiated a process that could lead to new regulations targeting the industry. Wyden calls for intelligence agencies to delete any commercially acquired data that does not align with the recent crackdowns by the FTC.