02:02 PM

NSA: We Touch Only 1.6% Of Internet Traffic

Intelligence agency releases new details about the scope and scale of its digital dragnet.

How much Internet traffic is being actively intercepted and reviewed by the National Security Agency (NSA)?

According to newly released details from the NSA, of the estimated 1,826 petabytes of data that flow across the Internet daily, the agency in its foreign intelligence mission touches about 1.6% of that. That was the claim made in a seven-page PDF released Saturday on the NSA's website, which was released to communicate in greater detail the scope and scale of NSA collection, as well as legal basis for that surveillance.

According to the document, the NSA studies only a fraction of the data it intercepts. Notably, of the 1.6% of Internet traffic the NSA touches daily, the agency actively reviews only 0.025%, or about 7,250 GB. "Put another way, if a standard basketball court represented the global communications environment, NSA's total collection would be represented by an area smaller than a dime on that basketball court," the document states.

The newly published overview -- which is "aimed at providing a succinct description of NSA's mission, authorities, oversight and partnerships" -- disclosed that it works with a number of overseas organizations to provide signals intelligence pertaining to terrorists, online attackers and other enemies of the state. "NSA partners with well over 30 different nations in order to conduct its foreign intelligence mission," reads the document. "In every case, NSA does not and will not use a relationship with a foreign intelligence service to ask that service to do what NSA is itself prohibited by law from doing."

[ What do IT professionals think of the NSA's data gathering practices? Read NSA Surveillance: IT Pro Survey Says What? ]

The document also confirms that the agency runs a number of surveillance programs that involve "[compelling] one or more providers to assist NSA with the collection of information responsive to the foreign intelligence need." Some related, recently outed programs go by cover names such as Blarney, Fairview, Lithium and Oakstar. The agency said those aren't standalone efforts, however, but rather part of a higher-level effort to obtain desired intelligence.

Other efforts, as already revealed publicly, extend to telecommunications providers. On that front, NSA offered additional details pertaining to its Business Records Foreign Intelligence Service Act (FISA) program (a.k.a. BR FISA), through which "specified U.S. telecommunications providers are compelled by court order to provide NSA with information about telephone calls to, from, or within the U.S." The document continues, "The information is known as metadata, and consists of information such as the called and calling telephone numbers and the date, time, and duration of the call -- but no user identification, content, or cell site locational data." It noted that BR FISA has been reauthorized four times by Congress since being launched in 2006.

But have the surveillance programs -- and potential privacy tradeoffs -- been worth it? Gen. Keith Alexander, who leads the NSA, said in a keynote speech at this year's Black Hat information security conference in Las Vegas that 54 terrorist-related activities -- 13 of them in the United States -- had been thwarted thanks to the NSA's surveillance programs. Building on that statement, the newly published NSA document said that of the 13 domestic activities, BR FISA played a role in 12.

The release of new details pertaining to the NSA's surveillance efforts came just one day after President Obama called on Congress to reform the Patriot Act and Foreign Intelligence Surveillance Court authorized by FISA. In a press conference, he also recommended adding greater oversight of and transparency into the NSA's intelligence collection efforts, directed the NSA to add its first-ever Civil Liberties and Privacy Officer, and called on a group of outside experts to study the NSA's current surveillance technology and detail the security, privacy and foreign policy implications related to their use.

Also Friday, the White House released a 22-page white paper arguing that the government has broad latitude when it comes to collecting telephone metadata. But it also noted that the surveillance programs authorized by FISA and the Patriot Act can legally be used only for counterterrorism purposes, and said the programs the surveillance effort "includes internal oversight mechanism to prevent misuse."

In response to Obama's call for the NSA's surveillance programs to be reformed, WikiLeaks chief Julian Assange issued a statement saying the move vindicated the role of former NSA contractor Edward Snowden's whistle blowing. "But rather than thank Edward Snowden, the President laughably attempted to criticize him while claiming that there was a plan all along, 'before Edward Snowden,'" said Assange. "The simple fact is that without Snowden's disclosures, no one would know about the programs and no reforms could take place."

Regardless, President Obama's proposed reforms may face an uphill battle. Notably, House Homeland Security Committee Chairman Michael McCaul (R-Tex.), who formerly dealt with the FISC while working as a counterterrorism prosecutor, warned Sunday on NBC that Obama's proposals could "slow down the efficacy and efficiency of our counterterrorism investigation."

Meanwhile, Sen. Ron Wydon (D-Ore.), who wants to see the domestic telephone metadata interception program shuttered, said the proposals didn't go far enough. "Notably absent from President Obama's speech was any mention of closing the backdoor searches loophole that potentially allows for the warrantless searches of Americans' phone calls and emails under section 702 of the Foreign Intelligence Surveillance Act," he said in a statement. "I believe that this provision requires significant reforms as well and I will continue to fight to close that loophole."

Comment  | 
Print  | 
More Insights
Oldest First  |  Newest First  |  Threaded View
User Rank: Apprentice
8/12/2013 | 10:08:00 PM
re: NSA: We Touch Only 1.6% Of Internet Traffic
Years ago, talking about email encryption services like TOR or personal cloud devices that you keep in your home like CloudLocker would have made you seem incredibly paranoid. Not so anymore. In fact, I expect the market for products that protect personal privacy to grow by leaps and bounds. It's really a shame.
User Rank: Apprentice
8/12/2013 | 10:27:03 PM
re: NSA: We Touch Only 1.6% Of Internet Traffic
Hey NSA, you've been so much more than kind. You can keep the dime. But only if you throw the rest away. Except, we all know you're not going to do that. You're going to keep it for whenever you feel like looking at it. That's the problem. I agree with AbneyW074, it's a shame, but we need more new products like Cloudlocker, TOR, Startpage, etc, to give NSA as small a target as possible.
Tom Murphy
Tom Murphy,
User Rank: Apprentice
8/13/2013 | 4:26:11 PM
re: NSA: We Touch Only 1.6% Of Internet Traffic
This is a slippery slope, both in the US and in every other country in the world. I've always believed that people should expect whatever they put online to be seen by others, no matter what privacy protections they take. That's not a good thing; it's just a reality. I'm wary that governments are actively spying, but isn't that what Google and Facebook do, too? Will we see a day when governments pay private tech companies for that service? In the US, we have come to expect that sort of activity to be controlled by court-ordered warrants issued in secret, and the security court allowed this under that standard. In other countries, the order may simply come from the military or the government. Eventually, we'll all be in some government's file for what we say. I may be in there now just for this post. That's nothing short of creepy.
User Rank: Apprentice
8/15/2013 | 12:26:04 AM
re: NSA: We Touch Only 1.6% Of Internet Traffic
NSA is looking at a dime-sized amount of information on a basketball court. I like that metaphor. But it matters more than a dime to me whether I'm included in that speck. We need judicial oversight of this process, not the security agencies being a rule onto themselves.
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.