US government faces new post-Snowden leaker

Summary:The United States Government could be facing a new leak source besides Edward Snowden, after classified documents emerged this week outlining data-collecting activities relating to the nation's central counterterrorism database.

Just over a year after former NSA contractor Edward Snowden disclosed thousands of classified documents, the United States Government may be confronted by a new leaker in its ranks, after leaked documents relating to the country's central counterterrorism database were published online this week by The Intercept.

The leaked documents, entitled Directorate of Terrorist Identities (DTI) Strategic Accomplishments 2013, were prepared by the National Counterterrorism Center (NCTC), and stamped with the words "SECRET/NOFORN" — meaning it is not to be shared with foreign governments.

Special Feature

IT Security in the Snowden Era

The Edward Snowden revelations have rocked governments, global businesses, and the technology world. When we look back a decade from now, we expect this to be the biggest story of 2013. Here is our perspective on the still-unfolding implications along with IT security and risk management best practices.

US intelligence is considering whether to ask the Department of Justice to open a criminal investigation into the new suspected leak, according to a report on 5 August by Reuters.

However, Reuters also said in its report that an "official familiar with the matter" suggested the government does not know for certain that a second leaker exists.

This contradicts a claim this week by CNN on Tuesday that US officials had confirmed that the government believed there was a "new leaker" exposing national security documents.

In its report on the leaked documents, The Intercept said that nearly half of the people on the US government's  database of terrorist suspects are not connected to any known terrorist group.

Of the 680,000 people caught up in the government's Terrorist Screening Database — a watchlist of "known or suspected terrorists" — more than 40 percent are described by the government as having "no recognized terrorist group affiliation," the report said.

The leaked documents also show that, as of June last year, the United States Government had compiled more than one million names on its central counterterrorism database, the Terrorist Identities Datamart (TIDE).

TIDE is the US government's central database on known or suspected international terrorists. TIDE's information is shared across the US intelligence community. The documents attribute this million-name "milestone" to the efforts of the Directorate of Terrorist Identities (DTI).

"Since DTI stood up as an independent NCTC Directorate in December 2010, analysts have created more than 430,000 terrorism-related person records and deleted 50,000 subjects whose nexus to terrorism was refuted," the documents said.

Additionally, the documents outlined the volume of biometric data that was collected and analysed in 2013 by a range of government departmental sources, for inclusion in the database.

"DTI has added over 730,000 biometric files to TIDE. On a daily basis, DTI analysts process more than 250 nomination cables and 200 encounter reports, visa applications and other data sources to support the US government's screening and terrorism analysis missions," the documents said.

"DTI has seen a large increase of biometric data in 2013, both actively received from the nominating partners as well as proactively sought by the Identity Intelligence Group," the document said. "The top five agency contributors of data are as follows: Department of Defense (60 percent), DHS (13 percent), CIA (12 percent), FBI (9 percent), and State Department (5 percent).”

The documents indicated the DTI also performed "deep dives" for biometric and other data on people in the US Midwest whose names were on the TIDE list in the wake of the Boston Marathon bombings. The process saw the directorate pull the TIDE records of every individual with an Illinois, Indiana, or Wisconsin driver's licence.

Special Feature

Why business leaders must be security leaders

Why do many boards leave IT security primarily to security technicians, and why can’t techies convince their boards to spend scarce cash on protecting stakeholder information? We offer guidance on how to close the IT security governance gap.

They said that DTI has partnered with the CIA to "enhance select populations in TIDE" with clandestinely acquired foreign government information from CIA's Hydra program, with the aim of correlating the two departments' data to uncover "additional terrorism information" that is then used to conduct quality assurance reviews on existing TIDE records.

The DTI's database development data exploitation team have developed a database which has created "multiple efficiencies" for internal processes, the documents revealed.

"The database allows for automated tracking, metrics reporting, increased accuracy in de-duplication, and allows for automated tracking of KSTs for further research,” they said.

The scope of the US Government's counterterrorism databasing activities, as revealed in the documents, comes as the Australian Prime Minister Tony Abbott works to pass laws which would see the mandatory retention of the web browsing history of every Australian resident.

Earlier this week, Abbott and the Attorney-General George Brandis said that, in principle, Cabinet approval had been given for the development of a framework to require telecommunications companies to retain data for up to two years.

The move is part of a range of measures the prime minister plans to implement in the aim of combating "home-grown terrorism".

"The government will introduce a range of counter-terrorism measures to give security agencies the resources and legislative powers needed to combat home-grown terrorism and Australians who participate in terrorist activities overseas," Abbott said in statement published yesterday.

Topics: Security, Privacy

About

Leon covers enterprise technology and start-ups from ZDNet's Sydney newsroom.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.