NSA stores metadata on innocent web users for a year: Report

NSA stores metadata on innocent web users for a year: Report

Summary: If your web traffic falls under the NSA's spy net, its metadata goes into storage for a year, whether you've committed a crime or not, according to new leaked documents.

SHARE:

The US National Security Agency (NSA) reportedly stores metadata on millions of web users without their consent and regardless of whether they are a person of interest, new leaked documents show.

The Guardian has reported that documents leaked to it by whistleblower Edward Snowden detail the NSA's metadata repository called Marina. The document is described as an "introductory guide to digital network intelligence for NSA field agents".

Metadata includes information about communications sent over the internet, but not the content itself. For example, metadata on an email sent between two parties might include the IP addresses, email addresses, times, names of the recipients, and how large the email and any attachments are, but not the actual message body.

According to the guide, this information is stored for 365 days, and The Guardian claims that this potentially provides the NSA with the ability to find information on people who may be innocent today, but may become criminals tomorrow.

Australia tested the metadata retention debate last year, when the nation's then-Attorney-General Nicola Roxon put forth a proposal to force internet service providers (ISPs) to retain metadata on customers for two years. It was met with varying degrees of hostility — through professional organisations such as Electronic Frontiers Australia, the Institute of Public Affairs, GetUp, and the Greens; and more clandestine methods, such as Anonymous Australia's protest attack on local ISP AAPT.

The NSA has been under fire since it was found that it has been secretly mining data from US technology companies under its PRISM program. Further scrutiny revealed that this is also true in the UK and France, which have their own similar systems, and documents reaffirmed Australia's existing spy installations.

More recent findings from leaked documents have found that the US doesn't check the raw intelligence data it sends to Israel, and that the US and the UK are able to break most encryption schemes used online, in part due to vulnerabilities they introduced.

Topics: Privacy, Government, Government US, Security

Michael Lee

About Michael Lee

A Sydney, Australia-based journalist, Michael Lee covers a gamut of news in the technology space including information security, state Government initiatives, and local startups.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments
Log in or register to join the discussion
  • About "breaking" encryption.

    "and that the US and the UK are able to break most encryption schemes used online, in part due to vulnerabilities they introduced."

    This was never really shown; the details were too vague to confirm this. You can't wave magic words around to make something true. You have to present the evidence.
    CobraA1
    • Thanks for that...

      ... Mr NSA man
      btone-c5d11