One of the early NSA whistleblowers, William Binney, detailed to Wired last year about the agency’s domestic surveillance program dubbed “Stellar Wind,” making it the first time anyone had gone on record to talk about it.
Now, more details about the project’s history are emerging as part of the continuing deluge of information leaked to the U.K.’s the Guardian, including that the program operated for two years under the Obama administration before being discontinued.
Binney says Stellar Wind was far larger than has been publicly disclosed and included not just eavesdropping on domestic phone calls but the inspection of domestic email. At the outset the program recorded 320 million calls a day, he says, which represented about 73 to 80 percent of the total volume of the agency’s worldwide intercepts. The haul only grew from there. According to Binney—who has maintained close contact with agency employees until a few years ago—the taps in the secret rooms dotting the country are actually powered by highly sophisticated software programs that conduct “deep packet inspection,” examining Internet traffic as it passes through the 10-gigabit-per-second cables at the speed of light.
The project began under George W. Bush’s administration in 2001 with oversight by the FISA court and involved collection of phone metadata as well as Internet metadata “every 90 days,” the Guardian reported.
The top secret document — a draft report by the inspector general’s office — about the program stated that the Internet metadata collected involved “communications with at least one communicant outside the United States or for which no communicant was known to be a citizen of the United States.”
The Guardian reported that the NSA was authorized to analyze this data in 2007 provided it be “associated with United States persons and persons believed to be in the United States.”
Although phone record metadata might be considered less revealing to some — it includes times and dates for when calls were made, duration and who was contacted — Internet metadata is a different story.
Here’s what the Guardian wrote of what such data can reveal:
Internal government documents describe how revealing these email records are. One 2008 document, signed by the US defense secretary and attorney general, states that the collection and subsequent analysis included “the information appearing on the ‘to,’ ‘from’ or ‘bcc’ lines of a standard email or other electronic communication” from Americans.
In reality, it is hard to distinguish email metadata from email content. Distinctions that might make sense for telephone conversations and data about those conversations do not always hold for online communications.
“The calls you make can reveal a lot, but now that so much of our lives are mediated by the internet, your IP [internet protocol] logs are really a real-time map of your brain: what are you reading about, what are you curious about, what personal ad are you responding to (with a dedicated email linked to that specific ad), what online discussions are you participating in, and how often?” said Julian Sanchez of the Cato Institute.
“Seeing your IP logs – and especially feeding them through sophisticated analytic tools – is a way of getting inside your head that’s in many ways on par with reading your diary,” Sanchez added.
At one point in the Bush administration, the ability to collect this metadata was lost, but the “DoJ and NSA immediately began efforts to recreate this authority,” the inspector generals’ report stated.
The new method of metadata collection, approved by FISA Judge Collen Kollar-Kotelly, had more limits, specifying datalinks and limiting who could access the information.
Other restrictions included requiring the NSA to stop analysis when “a chain hits a telephone number or [internet] address believed to be used by a United States person,” according to a 2007 memorandum. The Guardian explained these chains mean those in communication with a target.
“[…] the NSA studied the online records of people who communicated with people who communicated with targeted individuals,” the Guardian stated.
The program was discontinued after an interagency review in 2011, according to the Guardian, which also noted the Washington Post citing an official saying that Obama administration was not “using this program” to “collect Internet metadata in bulk.”
Still, the official too said, “I’m not going to say we’re not collecting any Internet metadata.”
The PRISM program, which was leaked by former CIA and later government contractor Edward Snowden to the Guardian and the Washington Post earlier this month, was said by CBS to be a “top-secret arm of the controversial Stellar Wind program.”
Read more about the new documents revealed by the Guardian.
This story has been updated to fix a typo.