A new report indicates 90 percent of the data the NSA intercepts has nothing to do with its targets.
The Washington Post completed a four-month investigation based on information provided by Edward Snowden. In a collection of some 160,000 intercepts between 2009 and 2012, it found 9 out of every 10 people surveilled weren’t linked to actual targets.
The paper reports when the NSA tracked targets into chatrooms, for example, it collected info on everyone else there. When it marked a single server as a target, it reportedly vacuumed up everything — from the more than 100 people who connected to it.
Ars Technica notes there are indications at least some of the surveillance was useful. The collection included "fresh revelations about a secret overseas nuclear project,” and “the identities of aggressive intruders into US computer networks.”
But it’s thought some 10,000 unrelated account holders — and the digital transcripts of their personal lives — were stuck in the dragnet. “Electronic bystanders,” GigaOM calls them, many with personal details in the clear.
Because despite efforts by NSA analysts to anonymize the data, the Post still found email addresses and other information linking intercepts to U.S. citizens and residents.
In short, according to privacy advocates and journalists on Twitter — the collection is way too broad. One asks: “Why call them ‘targets’ if you're hitting other people 90% of the time?” (Via @trevortimm, @JesselynRadack, @xor)
And the Washington Post suggests the NSA hasn’t improved much in the meantime.
In its June transparency report, the NSA listed more than 89,000 targets under section 702 surveillance rules. The Post says If its accuracy is still around 10 percent, it could mean close to 900,000 user accounts are under surveillance.