Hacker News new | past | comments | ask | show | jobs | submit login
NSA collected US email records in bulk for more than two years under Obama (guardian.co.uk)
200 points by basisword on June 27, 2013 | hide | past | favorite | 61 comments



So at minimum, the NSA literally knows every single person or entity that I have exchanged emails with, when we exchanged emails, the size of the message, every single website I have ever had an account on, for much of my adult life. And that data is sitting in their archives, indefinitely.

Just let that sink in for a minute.


What I found interesting, was that this so called "contact chaining" (where they graph out who you talk to, and two degrees onward) was only approved after 9/11. Amazing how far we've fallen.

The agency "analyzed networks with two degrees of separation (two hops) from the target", the report says. In other words, the NSA studied the online records of people who communicated with people who communicated with targeted individuals.

Contact chaining was considered off-limits inside the NSA before 9/11. In the 1990s, according to the draft IG report, the idea was nixed when the Justice Department "told NSA that the proposal fell within one of the Fisa definitions of electronic surveillance and, therefore, was not permissible when applied to metadata associated with presumed US persons".


Kevin Bacon had better get on a plane to Ecuador before he's arrested for treason.


Contact chaining was off limits where some of the contacts were US Persons, I think you mean.


has a nice big graph of all the cc's too.


Oh, and I missed it the first read-through: every website I've visited. My life's browsing history.

It's almost certain that this metadata was for protocols other than SMTP and HTTP as well. Probably all netflows.


Obama: "but Bin Laden's dead and Al Qaeda has been defeated."

No. THEY WON.


Meanwhile, we're about to leave Afghanistan to the Taliban, and we're supplying arms to Al Qaeda loyalists in Syria.


Bill Maher has an excellent clip on this. He boils it down to, "Basically we're arming Al Qaeda."

http://www.youtube.com/watch?v=M6paYu3GM2Y


No they didn't; vrtually none of their objectives have been met, except that of getting the US to remove its military forces from Saudi Arabian soil.

I get your point, but it's a purely rhetorical one that has little to do with actual history. Al Qaeda had real objectives of their own, rather than simply existing to make us fearful.


Bin Laden's overall strategy against much larger enemies such as the Soviet Union and United States was to lure them into a long war of attrition in Muslim countries, attracting large numbers of jihadists who would never surrender. He believed this would lead to economic collapse of the enemy nations. Al-Qaeda manuals clearly express this strategy. In a 2004 tape broadcast by al-Jazeera, bin Laden spoke of "bleeding America to the point of bankruptcy". [1]

[1]http://en.wikipedia.org/wiki/Osama_bin_Laden#Beliefs_and_ide...


That doesn't really bear out your point.


I wasn't the one making the point.

That said, if their goal was to bankrupt us & draw us out by a war of attrition - it's easy to say that they achieved their objective.


And according to the article they were emails of Americans with no connection to foreigners.

The claims of metadata being public and being exempted from Fourth Amendment does not resonate with me and even more so with emails. It seems by collecting IP addresses associated with emails, NSA has the ability to compare that with all the other data they may have collected and build a profile on you.

To me it seems to be a violation of the fourth amendment. I do not expect the government to be constantly searching everything about everyone without a probable cause.


Every American has to ask themselves, "Is this worth it?" Are the plots stopped and the lives saved worth the loss of privacy, the loss of trust and good will internationally, and most frightening of all, the unprecedented power this gives the government?

I don't think anyone can reasonably say that it is.


How about the loss of creativity? I feel that one of the long-term consequences of being constantly watched is that you learn to act in less experimental ways. You take fewer risks, and reduce your actions to what's "safe".

Ask yourself - how easy would it be to do your job if somebody you didn't know or trust was sitting behind you evaluating every decision you made.

In my opinion, the financial and societal implications of a populous that behaves strictly to conform for fear of consequence, translates to slower innovation, less technological advancement, and will have a long term negative economic impact.


It's not every American, it's every human being. This isn't just happening in US but most likely in every democratic country as well. We're not special or unique in this area, yes we should be leading the world in terms of how to protect our privacy but we haven't led in that area for decades. So I'm not surprised about this.

Now, as for the question. The problem is after 9/11, everything changed. People did task the government to prevent further 9/11 attacks and sadly, they can only do that by doing what they're doing now. IMO, 9/11 wasn't the point of what the terrorists were doing, but the aftermath of it.

I'm the man who believes that we don't deserve security if we use it to justify the loss of our rights. However, that belief is easily shaken when and if my family are harmed in an attack that could've been foiled, and my first reaction would be, why didn't the government stop it? So, you can see the problem right here.

Nothing is worth losing our rights over, we fought so many wars to protect it, suffered so many loss as the result of the wars, and yet, we're giving them up easily for terrorism.


> Now, as for the question. The problem is after 9/11, everything changed.

I'm not from the US, and this sort of statement really baffles me every time I hear it. There's nothing remarkable about the events really, probably more people get killed by fridges falling on them than by a terrorist attack, yet nobody seems to modify their lifestyle to avoid standing in front of them.

Can you explain to me what actually changed about the American lifestyle? I genuinely have no idea.


Don't be obtuse. Of course it's remarkable, the only other reason you ever hear of 3000+ people being killed in the space of a few hours is when there's some large natural disaster like an earthquake.

Now, if you can't work out how the largest terrorist attack in history might have change the stance of the world's largest military superpower, with a knock-on effect on everyone else, then you're not trying. When I saw the events of 9-11 happening on TV I immediately knew it was going to result in years of war, just like the collapse of the Soviet Union obviously led to a de-escalation of military posture.

probably more people get killed by fridges falling on them than by a terrorist attack

Not at the same time, and crucially, not at someone else's pleasure. I'm not American either but the notion that people wouldn't or shouldn't react to something like this is just asinine. Frankly, I'm surprised it didn't lead to greater change in the US than it actually has.


Not wanting to sound like an ahole but...

http://en.wikipedia.org/wiki/Atomic_bombings_of_Hiroshima_an...

As for the parent comment, I know it changed everything. But beyond the initial years, how has it changed your life over, say the past 2 years. Is everything back to normal? How long do you continue changing your behaviour and living in fear? (I realise you're not American, just asking)


Your argument is that Hiroshima didn't change anything?


No, your first point. The US has been just as responsible mass death. And of course it changes a lot.

Don't be obtuse. Of course it's remarkable, the only other reason you ever hear of 3000+ people being killed in the space of a few hours is when there's some large natural disaster like an earthquake.


Oh for heaven's sake. It was obvious that I meant during peacetime.


I agree. I think after 9/11, Americans were emotionally shocked into agreeing to all of this, not thinking what they were giving up. I get that, but it's been over 10 years. We need to snap out of it


> The problem is after 9/11, everything changed. People did task the government to prevent further 9/11 attacks and sadly, they can only do that by doing what they're doing now.

There are many ways they can do it. I hate argument from lack of imagination. That's why SCOTUS allows DUI checkpoints: supposedly the police can't do their job without them and they need them for public safety.


The scary thing is that citizens don't know how many plots these privacy invasions have stopped and therefore can't have an informed opinion on the matter and can't decide to fight back against these invasions of privacy. I'm sure plenty of plots have been stopped but would they still have been stopped without this information?


The scary thing is that it's possible. Personally I don't care of what they collect because I don't fear the present government. However I fear that any big entities can do the same or that any malicious group could infiltrate the government to get access to these data (or collect more).

The fact that we consider our online privacy as granted is the scary part.


There is a fundamental difference between expecting privacy on the Internet, and the government actively collecting all data on all people and compiling a massive database linking all of this data together.

No one should expect privacy. There are sketchy ISPs, sketchy mail providers, hosting providers, etc.

But a few hackers collecting email from a few individuals is not the same as a massive database that links everything in entire world in one nice package. A few random hackers in Russia do not have the political machinery or military machinery of the US government. They generally don't care that you're pro-gay rights (or whatever). They aren't going to try to punish you for your political views. They probably just want money or to defraud you in someway.

The US government, however, wants to control you.


> ...a massive database that links everything in entire world in one nice package.

Are you on facebook? Were you ever on facebook?


Since when could facebook crush dissent and political movements with military force?


Glad you saw my point. Unfortunate you chose to ignore it.


The US government, however, wants to control you.

[Citation needed]


I also fear that the availability of such extensive records on all citizens makes it more likely that an abusive government might come to power. I.e. what Snowden referred to as 'turnkey totalitarianism'.


The only reason you don't fear them is because you don't value your freedom enough.


> The fact that we consider our online privacy as granted is the scary part.

Ignorant, actually.

'Privacy on the internet' is an oxymoron.


I find it amusing the the Guardian seems to position this article in such a way that it is meant to disparage the Obama administration. While the administration is far from above criticism, and a variety of other Guardian reveals do justifiably criticize the President, my personal takeaway from this is a sign that the administration did at least attempt to curb some Bush era privacy invasions—though perhaps to a pitiful extent. Funny how the article doesn't seem to put it that way.


The NSA collected US email records in bulk for more than two years and the FISA court renewed collection orders every 90 days.

So the Obama regime didn't curb anything until after the eight or ninth renewal of the program. Pitiful indeed.


Are you under the impression that you can review the entire federal government, decide which programs to get rid of, and shut down every one of those programs, during your first year on office?

Because if so, please, run, I'd like to see it happen.

By pitiful, I meant that this shutdown seems minuscule among the variety of other privacy violations—but that hardly justifies the Guardian using this specific reveal as an attack piece.


> Are you under the impression that you can review the entire federal government, decide which programs to get rid of, and shut down every one of those programs, during your first year on office?

No, I'm not. But I do believe that we were all given the impression that ending unconstitutional wiretaps was going to be near the top of Obama's to-do list.


I agree. That's a problem for which he deserves more than a little criticism. But that's not what I was discussing, at all.


So Edward Snowden wasn't bluffing when he said there was more... I'm thinking the government is going to try to step up the efforts to bring him (and this will need to include Greenwald) in to stop it all. This is better than tv!


Snowden isn't mentioned once in this article.


Good. The focus should be on the revelations.


interesting observation. he wasn't mentioned in the original one either, i believe. This could be a good thing though. more whistleblowers. I have a feeling this is all part of the snowden thing though. just my feeling


It seems he has a lot info and he's slowly releasing it - probably to ensure the story stays in the news and that there is actual important information to go along with the story of him personally.


How do we know that there isn't another super secretive program, right now, that is still collecting everything?

How can we trust the Government, ever in the future, to tell the truth?

I don't see how this can actually be solved, since most people aren't concerned about encrypting their communications. I can't use encryption to message other people unless they use encryption too.

This is the future. We will be constantly watched.

Please tell me I'm wrong.


> I don't see how this can actually be solved, since most people aren't concerned about encrypting their communications.

They shouldn't need to be. Encryption is cheap, it should happen automatically behind users backs by default.

> I can't use encryption to message other people unless they use encryption too.

Build the next WhatsApp/Facebook/GMail and integrate encryption to it.


>We will be constantly watched.

Your phones are tapped, your metadata is collected, your internet traffic is watched and stored, and your categorized, organized data online (emails, documents, history, behaviors, etc) is available at the drop of a dime.

What do you mean "will be constantly watched"?


    we provide user data to governments only in accordance    
    with the law. Our legal team reviews each and every     
    request, and frequently pushes back when requests are
    overly broad or don’t follow the correct process. Press   
    reports that suggest that Google is providing open-ended
    access to our users’ data are false, period.
    -- Larry Page
So, clearly we have a request that is within the law as far the courts are concerned. Did Google push back on this too? Did they succeed? Did the order just not apply to them somehow?


Although Google's statements are of minimal value to me, my belief is that Google would not have to be complicit in this particular program. This was likely pulling from fiber taps at ISP backbones.


But: such a tap would reveal no information about gmail-to-gmail communication, no? Most gmail usage is via their SSL web app or an email client, and their directions for most (all?) clients specify to use SSL. And in my experience, most people using gmail send most of their emails to other gmail accounts.


This program has apparently ended. That probably means a more powerful system is operating currently.


Why is the subject of this article Obama? It was a Bush era program that he shut down. But since he didn't do it the day he took office, I guess he is literally Bush Jr. Jr. Great reporting by The Guardian.


Easier to gin up outrage, I suppose. Most people here seem to have completely missed the past tense or the subheading 'Secret program launched by Bush continued 'until 2011'', or else chosen to ignore it because they want to vent rather than discuss it.


> But since he didn't do it the day he took office

Well... why didn't he?


Perhaps because he isn't omniscient and wasn't aware that it existed?


I really wish the Guardian would get someone very technical to talk to these sources and then write a technical report of exactly what's happening. These dumbed down articles make it hard for me to understand what is happening.

The specific question I had is how they jump from email meta-data to IP Logs. If they were collecting all of my IP traffic, that would be a lot bigger deal than email headers. The title and most of the content seem to imply it's only email metadata, so I don't know how to interpret the alarming quotes about having a copy of my brain.


And how, with money polluting politics so badly, do you fight this type of situation? A public scandal. And how do you get a scandal? Wait for the inevitable government overreach and someone to leak it, the bigger the better. There are to many people for it not to leak out, no matter how much you try to squash them.

The current situation has been a foregone conclusion for the last decade. This is how the government has worked for years. I'm surprised so many people act shocked by both the government's actions and the leaks.


I created a petition with a concept that I think would be a pretty helpful proactive step to start addressing these problems:

https://petitions.whitehouse.gov/petition/enable-american-so...

Let me know what you think!


"Seeing your IP logs – and especially feeding them through sophisticated analytic tools – is a way of getting inside your head that's in many ways on par with reading your diary," Sanchez added.

It's great to see this information going public, however hyperbolic statements like the above are completely unnecessary and really take away from the rest of the article.


In my opinion, though, that statement is not hyperbolic and is very, very true - no matter how scary that may seem.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: