NSA stores metadata on innocent web users for a year: Report

If your web traffic falls under the NSA's spy net, its metadata goes into storage for a year, whether you've committed a crime or not, according to new leaked documents.
Written by Michael Lee, Contributor

The US National Security Agency (NSA) reportedly stores metadata on millions of web users without their consent and regardless of whether they are a person of interest, new leaked documents show.

The Guardian has reported that documents leaked to it by whistleblower Edward Snowden detail the NSA's metadata repository called Marina. The document is described as an "introductory guide to digital network intelligence for NSA field agents".

Metadata includes information about communications sent over the internet, but not the content itself. For example, metadata on an email sent between two parties might include the IP addresses, email addresses, times, names of the recipients, and how large the email and any attachments are, but not the actual message body.

According to the guide, this information is stored for 365 days, and The Guardian claims that this potentially provides the NSA with the ability to find information on people who may be innocent today, but may become criminals tomorrow.

Australia tested the metadata retention debate last year, when the nation's then-Attorney-General Nicola Roxon put forth a proposal to force internet service providers (ISPs) to retain metadata on customers for two years. It was met with varying degrees of hostility — through professional organisations such as Electronic Frontiers Australia, the Institute of Public Affairs, GetUp, and the Greens; and more clandestine methods, such as Anonymous Australia's protest attack on local ISP AAPT.

The NSA has been under fire since it was found that it has been secretly mining data from US technology companies under its PRISM program. Further scrutiny revealed that this is also true in the UK and France, which have their own similar systems, and documents reaffirmed Australia's existing spy installations.

More recent findings from leaked documents have found that the US doesn't check the raw intelligence data it sends to Israel, and that the US and the UK are able to break most encryption schemes used online, in part due to vulnerabilities they introduced.

Editorial standards