Yesterday, we talked about PRISM
, the NSA's tool for spying on all foreign Internet traffic routed through the United States. Today, we've got news a fresh leak and another troubling aspect of the NSA's spying capabilities. The newly revealed program, dubbed Boundless Informant, is an analysis tool that creates heat maps of where NSA
information comes from and who provides it. PRISM, in other words, provides the raw data -- Boundless Informant analyzes that data and breaks it down by source, volume, and capability.
According to Glenn Greenwald and the Guardian, Boundless Informant collected roughly three billion pieces of information in a 30 day window during March, 2013. According to the declassified FAQ on the program, the purpose of BI is to "provide the ability to dynamically describe GAOs [Global Access Operation] collection capabilities (through metadata record counts) with no human intervention and graphically display the information in a map view, bar chart, or simple table."
The FAQ goes on
to state that Boundless Informant doesn't contain data related to FISA or ECI because it's limited to classifications that fall below those types.
So What's The Big Deal?
The problem with Boundless Informant isn't that it exists -- it's that it proves the NSA flatly lied to Congress a year ago. In June 2012, Congressmen Ron Wyden (D-Ore) and Mark Udall (D-Col), both of whom sit the Senate intelligence oversight committee, requested that the NSA provide "a ballpark estimate of how many Americans have been monitored under this law." "This law" refers to the 2008 FISA extension. The response from Charles McCullough, Inspector General of the Intelligence Community, was breathtaking. First, he claimed that investigating how many Americans the NSA had spied upon was "beyond the capacity of [t]his office." Then he wrote "an IG review of the sort suggested would itself violate the privacy of U.S. persons."
Now, we know better. While it's true that Boundless Informant doesn't track FISA requests, it tracks billions of *other* data points that the NSA records on a monthly basis. Now, we know that the NSA has metadata for Verizon (acknowledged), and almost certainly every other carrier. Now, we know the NSA is tracking foreign Internet traffic as it passes through the United States. The idea that the NSA couldn't provide a ballpark
summary of how many US citizens it placed under surveillance is flatly untrue. The idea that it refused to do so out of concerns for citizen privacy was ludicrous a year ago, but it's ridiculous past the point of ignoring it today.
Look at the heatmap, in its entirety.
Areas under high surveillance include: Turkey, Yemen, Germany, Saudi Arabia, Iraq, Afghanistan, China, Egypt, India, Syria, and Pakistan. The US's color puts us squarely in the middle of the gradient. It's no wonder that the MPAA and RIAA have been clamoring for China-like levels of surveillance -- they're largely fueled by ex-Congressman, who presumably have some level of knowledge on the program.
Let me say again: Boundless Informant proves that the NSA has a very
good idea what information it collects on both US citizens and the world at large. The system itself is not the problem. The problem is that when members of Congress attempted to exercise legal, mandated oversight, they were rebuffed by claims that the NSA lacked the capability to provide the necessary information -- claims now proven false.
The database isn't the problem. The lie
is the problem. In a letter defending PRISM yesterday, Director of National Intelligence James Clapper wrote "In a rush to publish, media outlets have not given the full context – including the extent to which these programs are overseen by all three branches of government – to these effective tools."
Effective oversight cannot exist if the NSA lies about its own capabilities to Congress.