NSA is buying Americans’ internet browsing records without a warrant::“Web browsing records can reveal sensitive, private information about a person based on where they go on the internet,” said Sen. Ron Wyden.

  • PapaStevesy@midwest.social
    link
    fedilink
    English
    arrow-up
    97
    ·
    9 months ago

    Sounds like the problem is more that they’re for sale in the first place, not that they don’t have a warrant. They don’t need it because our privacy laws are so outdated and ineffectual(/nonexistent).

    • assembly@lemmy.world
      link
      fedilink
      English
      arrow-up
      16
      ·
      9 months ago

      Yeah like I feel that the headlines are missing the forest through the streets. If there is enough important information available about individuals that the NSA would find it useful and worth buying, we need to ensure that it’s stopped at the source and not available to anyone.

  • JaymesRS@literature.cafe
    link
    fedilink
    English
    arrow-up
    59
    ·
    9 months ago

    Do I like this? No. But I also don’t like that any other entity can do this either. But if we’re going to ban the government from doing this, we should also be banning the sale of this data to anybody.

  • linearchaos@lemmy.world
    link
    fedilink
    English
    arrow-up
    37
    arrow-down
    1
    ·
    9 months ago

    This right here. All the people bitching about wanting to use Opera and wanting to use Chrome and wanting to use Edge and Brave, this is what we’re trying to fight. This is what we’re trying to minimize.

    Even though the NSA is probably trying to use this for ‘good’ at the moment, It’s not a hard stretch that a couple of changes in power later that information’s still going to be there.

    • Uriel238 [all pronouns]@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      26
      arrow-down
      2
      ·
      9 months ago

      When the Snowden releases came out the promise was the NSA was only using their massive surveillance machine to hunt down Islamist terrorists.

      But since then they’ve passed tips to local precincts regarding loose cash in transit so that it can be seized and used by police departments for margarita ice crushers and other luxuries. The NSA itself gets a cut of the take.

      This is to say NSA efforts are being used to rob Americans using asset forfeiture, which is about as far from for good or in support of a good cause as you can get.

      • profdc9@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        arrow-down
        2
        ·
        9 months ago

        The NSA does not need money from asset forfeiture. This is one of the stupidest accusations I’ve heard of NSA. They have to be careful about how they use their intelligence to keep potential targets unaware of what they can or are snooping on. This would be the stupidest and most pointless use of their intelligence. Anyone they would share intelligence with must do so with the most absolute secrecy, and municipal and state law enforcement generally does not qualify. This doesn’t mean they’re not acting unlawfully, but knowing if they are is going to next to impossible.

        • Uriel238 [all pronouns]@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          1
          ·
          9 months ago

          As with much of the federal government, the NSA’s information security is lax and outdated, and strict records that are supposed to be kept about who looks at what are not actually filed.

          We’re pretty sure Russia and China are unofficially privy to any data they want.

          NSA was supposed to be an INFOSEC department, making sure that Eve was out of business. That changed after the PATRIOT act (though the movie Sneakers predicted this change in mission). The eliptic curve scandal was a dead giveaway.

          That said, at this point NSA leaks stuff to other law enforcement, and fourth-amendment protections are circumvented with parallel construction. Asset forfeiture puts the proof of innocence on the prior owner, so there are no rights to begin with. (Though this is changing state by state.)

        • Uriel238 [all pronouns]@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          9 months ago

          Yes. I assumed you were assuming some of us would hold some of the usual centrist justifications for NSA, e.g. there are some serious meanies out there who might want to 9/11 or Pearl Harbor the US again, but risks of this could be drastically reduced by not engaging in military adventurism for sake our our industrialist plutocrats. Essentially, if the US stopped being an outrageous and brutal dick to the rest of the international community, then the numbers who would attack our civilians would be drastically reduced to fringe militant ideologues.

          So yes, there are no valid justifications for NSA. It exists because the state and the legal departments of the state regard the US public as an enemy.

          • linearchaos@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            9 months ago

            I’m certain they’ve caught bad guys ii would have wanted caught and stopped shit I would have wanted stopped. E.g. I’m certain they’ve stopped human trafficking.

            But the world isn’t black and white. They don’t need to set us up to be a total f****** police state to do some good in the world

            • Uriel238 [all pronouns]@lemmy.blahaj.zone
              link
              fedilink
              English
              arrow-up
              2
              ·
              9 months ago

              Yes, there’s a balance that has to be struck between protection and liberty. Years ago I speculated what could happen if everyone was chipped into a system that monitored their vitals, with the resulting data we could track morbid outcomes (say heart attacks) to their core roots and then track people who are currently experiencing early warning signs and show the TRUE POWER OF PREVENTATIVE MEDICINE

              The problem is, of course, so much data can be used for purposes against the interests of the public, and will once there are technicians privy to all that information. This was the original business model of Google: no-one looks at the data except its owner (e.g. I get to look at my own contacts lists) and Google profits from analysis of multiple data points. Only the police got the power of courts to look at the data, to the point where they wanted everyone who happened to websearch a given name, or whose phones were in a radius of a crime scene at a certain time.

              You don’t want to be a non-white or a known protestor who had business near a crime scene in the US.

              So yeah, until we’re able to lock up data so no-one but their intended audience has the capacity to read it, even when a court writes a warrant, we can’t trust such all-encompassing systems, especially if the state is at risk of turning into an ideology-driven regime. (England, for instance, still has hard feelings between Catholics and Anglicans, and the Irish / UK border is a bit tense these days.)

              • linearchaos@lemmy.world
                link
                fedilink
                English
                arrow-up
                2
                ·
                9 months ago

                And unfortunately with the state of data protection, You can never be assured that that won’t land in someone else’s hands eventually.

  • kromem@lemmy.world
    link
    fedilink
    English
    arrow-up
    22
    arrow-down
    1
    ·
    9 months ago

    I wonder how much of this is to provide a plausible paper trail for parallel construction to hide illegal signals collection in legal proceedings.

    “No your honor, we didn’t find this out because of domestic spying programs, it was from this data we bought from Google.”

  • clif@lemmy.world
    link
    fedilink
    English
    arrow-up
    21
    ·
    edit-2
    9 months ago

    This has been commonplace for decades. The government agencies went big into it after 9/11. Funny thing was that I found out about it from a competing company telling me about how the company I worked for at the time was doing it.

    I should note that I’m firmly against it, just that it’s not new.

    It’s illegal to spy on your own citizens in the US, but completely okay if someone else does the spying and you buy the data.

    • BearOfaTime@lemm.ee
      link
      fedilink
      English
      arrow-up
      9
      ·
      9 months ago

      Hell, Verizon got caught installing spy hardware for the government in phone data centers in the mid-90’s.

      There was a brief storm about it, then the news media moved on to something else.

      I’m sure it’s still there, at every phone provider, or something like it.

    • Mango@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      9 months ago

      You may as well consider them government employees if they’re doing it at the government’s buying power.

  • JoYo@lemmy.ml
    link
    fedilink
    English
    arrow-up
    21
    arrow-down
    1
    ·
    9 months ago

    props to senator wyden for declassifying this shit. oregon picks good ones.

    • brbposting@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      13
      arrow-down
      1
      ·
      9 months ago

      Absolute legend. Held the confirmation of the next NSA Director until they declassified it.

      Thank him here!

      Also, he’s privy to classified information he can’t disclose. I’m thinking going forward he could say “I wish I could hold confirmation of the NSA Director again until they declassify XYZ“ and we would know he’s been plugged in to something unethical re: XYZ. Maybe it’s already possible to read in between the lines of his public statements.

      • zalgotext@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        3
        ·
        9 months ago

        I’m thinking going forward he could say “I wish I could hold confirmation of the NSA Director again until they declassify XYZ“

        I’m thinking he absolutely can’t do that because

        he’s privy to classified information he can’t disclose.

        Oftentimes you can’t even reveal what classified stuff you may have access to, as that info by itself could be classified. Giving little hints and letting people “read between the lines” would almost certainly count as mishandling classified information, especially if you’re a high-profile politician doing that in public statements.

  • profdc9@lemmy.world
    link
    fedilink
    English
    arrow-up
    13
    arrow-down
    2
    ·
    9 months ago

    It’s quite likely a lot of Americans’ data is already being stored and perhaps mined in the Utah Data Center.

    https://en.wikipedia.org/wiki/Utah_Data_Center

    I would just assume your data could be there unless your computer has never been connected to the Internet. It’s simply too easy to hide surveillance in the processor (in the form of remote administration capabilities), the operating system (with remote updates), or the browser, or in the numerous security holes or likely zero-day exploits out there. The state of computer security is an absolute joke, and your 4096-bit RSA key is not keeping your data safe.

    • wikibot@lemmy.worldB
      link
      fedilink
      English
      arrow-up
      5
      ·
      9 months ago

      Here’s the summary for the wikipedia article you mentioned in your comment:

      The Utah Data Center (UDC), also known as the Intelligence Community Comprehensive National Cybersecurity Initiative Data Center, is a data storage facility for the United States Intelligence Community that is designed to store data estimated to be on the order of exabytes or larger. Its purpose is to support the Comprehensive National Cybersecurity Initiative (CNCI), though its precise mission is classified. The National Security Agency (NSA) leads operations at the facility as the executive agent for the Director of National Intelligence. It is located at Camp Williams near Bluffdale, Utah, between Utah Lake and Great Salt Lake and was completed in May 2014 at a cost of $1. 5 billion.

      to opt out, pm me ‘optout’. article | about

  • AutoTL;DR@lemmings.worldB
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    9 months ago

    This is the best summary I could come up with:


    NSA director Gen. Paul Nakasone disclosed the practice in a letter to Sen. Ron Wyden, a privacy hawk and senior Democrat on the Senate Intelligence Committee.

    “Web browsing records can reveal sensitive, private information about a person based on where they go on the internet, including visiting websites related to mental health resources, resources for survivors of sexual assault or domestic abuse, or visiting a telehealth provider who focuses on birth control or abortion medication,” said Wyden in a statement.

    By its own admission, the ODNI said at the time that commercially purchased data “clearly provides intelligence value,” but “raises significant issues related to privacy and civil liberties.”

    Previous reporting shows the Defense Intelligence Agency bought access to a commercial database containing Americans’ location data in 2021 without a warrant.

    Government agencies typically have to secure a court-approved warrant before obtaining private data on Americans from a phone or a tech company.

    But U.S. agencies have skirted this requirement by arguing they do not need a warrant if the information, like precise location records or netflow data, is openly for sale to anyone who wants to buy it — though this legal theory remains untested in U.S. courts.


    The original article contains 1,045 words, the summary contains 198 words. Saved 81%. I’m a bot and I’m open source!

  • morriscox@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    2
    ·
    9 months ago

    Ironically, what bothered me at first is the use of internet instead of Internet. An internet is a network of networks. The Internet is the global network of networks. I know that internet is becoming the standard but having been a network administrator, it does annoy me.

  • HeyJoe@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    9 months ago

    I still wonder what they are buying and from who. If it’s the ISP I kind of wonder what they still get from me since I don’t use their DNS servers and the ones I point to are setup for DoH for all traffic at home. I also use other stuff for added privacy. It doesn’t take a lot of effort, I hope more people start taking their networks seriously and setup some easy bare minimum precautions to help make it at least slightly harder to track you.

    • linearchaos@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      9 months ago

      With the NSA’s whatever the fuck they want budget, nothing’s off the table. Dark web, Google, Microsoft, probably whoever will sell it and then they probably slapped them with a gag order If they’re an entity likely to publicize it.

      My pi holes are set up to pull dot and doh, but they still have to get there traffic from a provider. I should probably funnel that through my VPN but making my DNS unpredictably slow doesn’t sound like much fun.

      I’m sure ISPs will sell whatever they can see. Smart TV manufacturers use some crazy database to be able to detect what you’re watching You know that’s going off to everybody that would give them a $20 bill. Then anywhere where you’ve used the same email to sign up for multiple services all those services will be more than happy to sell their data.

      Your bank, LexusNexis with credit data, your school, All the places that your parents and your kids use.

      It’s not that hard to use a password manager and a catch-all email and start diversifying your user accounts.

      Tour and VPN start to degrade your service quality.

      Using open source browsers and anonymizing as much as you can is good and yes even DNS over HTTPS plays a role in reduction.

      In the end though, I wonder how much it really matters. If they just get one or two chunks out of that list, how much are the rest of it do they get for free or cheap. If you had the eye of sauron on you and they were really trying they would know everything you do.

      • brbposting@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        2
        ·
        9 months ago

        In the end though, I wonder how much it really matters. … If you had the eye of sauron on you and they were really trying they would know everything you do.

        If the Fed specifically targets you, I imagine eventually they’ll dig up what they need one way or another. (Widespread E2EE should be a barrier of course.)

        Given the average person will never be targeted, I think taking the lowest hanging fruit privacy protections is good for a little bit of peace of mind and a little bit of security against data leaks. NSA gets hacked? Maybe when the dump hits blackhat forums or The Pirate Bay it won’t be as obvious how much time you spend on UnixSocks.