The report (.PDF) outlines the use of warrants, the activities of law enforcement under the Foreign Intelligence Surveillance Act of 1978, and the usage of National Security Letters (NSLs).
Similar to subpoenas, NSLs can be used to force vendors to hand over customer information such as banking and telephone records, as well as Internet usage. (Companies which are recipients of an NSL are banned from revealing so, leading to the use of so-called warrant canaries.)
In this year's report, the NSA revealed a rise in the use of warrantless query terms in the quest for US citizen communications data from the organization's databases, which may include telephone logs, text messages, or other digital communication records.
In 2018, the US intelligence agency made 9,637 queries, an uptick on 2017's total of 7,512 requests.
The communications records of non-US citizens are also targeted in the quest for foreign intelligence. The NSA says that in 2018, 164,770 foreign entities or individuals were targeted under Section 702 of FISA. In total, 129,080 entities were targeted through search terms the year prior.
FISA authorities are also able to make use of pen register and trap and trace (PR/TT) devices when pursuing foreign intelligence. These devices can be used to capture dialing, routing, addressing or signaling (DRAS) information. In total, 34 such orders were made during 2018 with an estimated 29 targets of such orders -- 14 of which were US citizens, and 15 of which were foreign.
However, it is worth noting these figures only relate to new orders for the use and installation of PR/TT devices and not repeat, renewed orders, which suggests the numbers may be higher.
In total, 434.2 million phone call records were collected from US citizens, a reduction from 534.3 million in 2017. The intelligence agency says it was unable to isolate every record, and therefore, duplicates may be included in the statistics.
How to discover and destroy spyware on your smartphone (in pictures)
In addition, 164,682 search terms including information on a US person of interest were queried in databases containing call detail records, but this does not include queries made by the FBI.
A total of 10,235 NSLs were issued, alongside 38,872 requests for information (ROI).
"The FBI often issues NSLs under different legal authorities [...] for the same individual or organization," the report says. "The FBI may also serve multiple NSLs for an individual for multiple facilities (e.g., multiple email accounts, landline telephone numbers and cellular phone numbers). The number of requests, consequently, is significantly larger than the number of individuals or organizations that are the subjects of the NSLs."
The silver lining may be the reduced rate of phone call mass data collection, a program first revealed by NSA ex-contractor Edward Snowden. The NSA has recently requested that the White House formally drops the scheme, as compliance and regulatory issues are overturning the benefits of intelligence gathering through this particular system.
These are the worst hacks, cyberattacks, and data breaches of 2018