NSA stores metadata on innocent web users for a year: Report

Summary:If your web traffic falls under the NSA's spy net, its metadata goes into storage for a year, whether you've committed a crime or not, according to new leaked documents.

The US National Security Agency (NSA) reportedly stores metadata on millions of web users without their consent and regardless of whether they are a person of interest, new leaked documents show.

The Guardian has reported that documents leaked to it by whistleblower Edward Snowden detail the NSA's metadata repository called Marina. The document is described as an "introductory guide to digital network intelligence for NSA field agents".

Metadata includes information about communications sent over the internet, but not the content itself. For example, metadata on an email sent between two parties might include the IP addresses, email addresses, times, names of the recipients, and how large the email and any attachments are, but not the actual message body.

According to the guide, this information is stored for 365 days, and The Guardian claims that this potentially provides the NSA with the ability to find information on people who may be innocent today, but may become criminals tomorrow.

Australia tested the metadata retention debate last year, when the nation's then-Attorney-General Nicola Roxon put forth a proposal to force internet service providers (ISPs) to retain metadata on customers for two years. It was met with varying degrees of hostility — through professional organisations such as Electronic Frontiers Australia, the Institute of Public Affairs, GetUp, and the Greens; and more clandestine methods, such as Anonymous Australia's protest attack on local ISP AAPT.

The NSA has been under fire since it was found that it has been secretly mining data from US technology companies under its PRISM program. Further scrutiny revealed that this is also true in the UK and France , which have their own similar systems, and documents reaffirmed Australia's existing spy installations .

More recent findings from leaked documents have found that the US doesn't check the raw intelligence data it sends to Israel, and that the US and the UK are able to break most encryption schemes used online, in part due to vulnerabilities they introduced.

Topics: Privacy, Government, Government : US, Security

About

A Sydney, Australia-based journalist, Michael Lee covers a gamut of news in the technology space including information security, state Government initiatives, and local startups.

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.