NSA: We Touch Only 1.6% Of Internet Traffic

Intelligence agency releases new details about the scope and scale of its digital dragnet.
How much Internet traffic is being actively intercepted and reviewed by the National Security Agency (NSA)?

According to newly released details from the NSA, of the estimated 1,826 petabytes of data that flow across the Internet daily, the agency in its foreign intelligence mission touches about 1.6% of that. That was the claim made in a seven-page PDF released Saturday on the NSA's website, which was released to communicate in greater detail the scope and scale of NSA collection, as well as legal basis for that surveillance.

According to the document, the NSA studies only a fraction of the data it intercepts. Notably, of the 1.6% of Internet traffic the NSA touches daily, the agency actively reviews only 0.025%, or about 7,250 GB. "Put another way, if a standard basketball court represented the global communications environment, NSA's total collection would be represented by an area smaller than a dime on that basketball court," the document states.

The newly published overview -- which is "aimed at providing a succinct description of NSA's mission, authorities, oversight and partnerships" -- disclosed that it works with a number of overseas organizations to provide signals intelligence pertaining to terrorists, online attackers and other enemies of the state. "NSA partners with well over 30 different nations in order to conduct its foreign intelligence mission," reads the document. "In every case, NSA does not and will not use a relationship with a foreign intelligence service to ask that service to do what NSA is itself prohibited by law from doing."

[ What do IT professionals think of the NSA's data gathering practices? Read NSA Surveillance: IT Pro Survey Says What? ]

The document also confirms that the agency runs a number of surveillance programs that involve "[compelling] one or more providers to assist NSA with the collection of information responsive to the foreign intelligence need." Some related, recently outed programs go by cover names such as Blarney, Fairview, Lithium and Oakstar. The agency said those aren't standalone efforts, however, but rather part of a higher-level effort to obtain desired intelligence.

Other efforts, as already revealed publicly, extend to telecommunications providers. On that front, NSA offered additional details pertaining to its Business Records Foreign Intelligence Service Act (FISA) program (a.k.a. BR FISA), through which "specified U.S. telecommunications providers are compelled by court order to provide NSA with information about telephone calls to, from, or within the U.S." The document continues, "The information is known as metadata, and consists of information such as the called and calling telephone numbers and the date, time, and duration of the call -- but no user identification, content, or cell site locational data." It noted that BR FISA has been reauthorized four times by Congress since being launched in 2006.

But have the surveillance programs -- and potential privacy tradeoffs -- been worth it? Gen. Keith Alexander, who leads the NSA, said in a keynote speech at this year's Black Hat information security conference in Las Vegas that 54 terrorist-related activities -- 13 of them in the United States -- had been thwarted thanks to the NSA's surveillance programs. Building on that statement, the newly published NSA document said that of the 13 domestic activities, BR FISA played a role in 12.

The release of new details pertaining to the NSA's surveillance efforts came just one day after President Obama called on Congress to reform the Patriot Act and Foreign Intelligence Surveillance Court authorized by FISA. In a press conference, he also recommended adding greater oversight of and transparency into the NSA's intelligence collection efforts, directed the NSA to add its first-ever Civil Liberties and Privacy Officer, and called on a group of outside experts to study the NSA's current surveillance technology and detail the security, privacy and foreign policy implications related to their use.

Also Friday, the White House released a 22-page white paper arguing that the government has broad latitude when it comes to collecting telephone metadata. But it also noted that the surveillance programs authorized by FISA and the Patriot Act can legally be used only for counterterrorism purposes, and said the programs the surveillance effort "includes internal oversight mechanism to prevent misuse."

In response to Obama's call for the NSA's surveillance programs to be reformed, WikiLeaks chief Julian Assange issued a statement saying the move vindicated the role of former NSA contractor Edward Snowden's whistle blowing. "But rather than thank Edward Snowden, the President laughably attempted to criticize him while claiming that there was a plan all along, 'before Edward Snowden,'" said Assange. "The simple fact is that without Snowden's disclosures, no one would know about the programs and no reforms could take place."

Regardless, President Obama's proposed reforms may face an uphill battle. Notably, House Homeland Security Committee Chairman Michael McCaul (R-Tex.), who formerly dealt with the FISC while working as a counterterrorism prosecutor, warned Sunday on NBC that Obama's proposals could "slow down the efficacy and efficiency of our counterterrorism investigation."

Meanwhile, Sen. Ron Wydon (D-Ore.), who wants to see the domestic telephone metadata interception program shuttered, said the proposals didn't go far enough. "Notably absent from President Obama's speech was any mention of closing the backdoor searches loophole that potentially allows for the warrantless searches of Americans' phone calls and emails under section 702 of the Foreign Intelligence Surveillance Act," he said in a statement. "I believe that this provision requires significant reforms as well and I will continue to fight to close that loophole."

Editors' Choice
Kelly Jackson Higgins 2, Editor-in-Chief, Dark Reading