When the NSA spy programs were leaked in early June, President Obama and his administration assured Americans that the programs were subject to rigorous oversight. We already knew that wasn't exactly true, but new slides published by the Washington Post further confirm this.
In four new slides published over the weekend, we have been given a better look at how PRISM operates. All we knew before was that it collected data from major Internet companies, and even then, those same companies claimed that the NSA couldn't pull data directly from them. Well, they were kind of telling the truth as the first slide reveals the FBI puts "government equipment on private company property to retrieve matching information from a participating company." The worst part about all this, however, is that the information collected by the FBI is sent to the NSA "without further review." In other words, there's very little oversight.
To be fair, there is some oversight. The above slide details how an analyst for the NSA submits a request for information about a new surveillance target. That request goes to a supervisor who will either endorse or deny the request based on a reasonable belief that the target is a "foreign national who is overseas." The fun part is that "reasonable belief" is defined by 51 percent confidence on the part of the analyst. Good to know that NSA analysts must at least be a little over half confident.
The next slide reveals how the information from private companies is analyzed. It shows an automated process that replaces oversight from human analysts with that of a computer. Data, upon arriving at the NSA, is filtered through a number of systems with code names like PRINTAURA, SCISSORS, NUCLEON, PINWALE, MAINWAY and MARINA. These systems filter data based upon type. For example, voice data is sent to NUCLEON and video data is sent to PINWALE.
The NSA does employ two systems called FALLOUT and CONVEYANCE that try to automatically reduce the amount of information on Americans that's collected by everything else. It's something, but the reliability of computer systems to sort out data belonging to Americans from data belonging to foreign nationals isn't exactly trustworthy.
The third slide shows how each target being surveilled is assigned a case notation. This allows the NSA to follow the movement of targets, and in some cases, perform real-time surveillance. The Washington Post explains that "the NSA may receive live notifications when a target logs on or sends an e-mail, or may monitor a voice, text or voice chat as it happens." It's noted that the availability of real-time surveillance depends on the provider so not every company allows it.
Finally, the fourth slide reveals the database that the NSA uses to look up information on targets. Besides looking like a badly built Web site from the mid-90s, the slide also reveals that there were 117,675 active surveillance targets in the database as of April 5. The good news is that not everybody is being watched, but the bad news is that information belonging to innocent Americans is still being picked up as "incidental data" as part of the surveillance on these targets.
As far as leaks go, this has been one of the more interesting ones, but there have been damaging leaks as well. It was recently revealed that the U.S. spies on not only its enemies, but its friends as well. Germany and France have both demanded that the U.S. come clean on claims that it has spied on its leaders and people. The two countries are even threatening to block trade negotiations over the spy program revelations.
We're not done with the leaks either as the government believes Edward Snowden was able to get away with pretty much everything related to the NSA and its spy programs. It's only a matter of time before more of it is published, and all of it may be leaked if something were to happen to Snowden.