But while the government has been saying that these rules, though previously unreleased, do a good job of protecting American’s from unnecessary surveillance, it seems this leak shows just the opposite.
The documents, as released by The Guardian, come after Edward Snowden, a former contractor for the NSA leaked a slide deck intended to be seen by top NSA officials. The slide deck contained information about a government surveillance program called PRISM, which collected a number of different user data points from companies such as Google, Facebook, and Yahoo. Another leaked documented showed a court order given to Verizon, asking for all call data for any calls originating in the U.S. and terminating in a foreign entity, or all call data between U.S. calls.
Today’s leaked document does confirm that the government must delete any incidentally collected data within five years, but does not have to do so if that data is encrypted, or if the person associated with that data is suspected to have valuable information about a foreign target or could be a part of a crime that has happen or will happen here in the U.S.
Because data is encrypted, it can be immediately assumed that there is some secret information in those communications. The NSA could keep this information longer that the 5 year minimization standard in order to decrypt that information and analyze it to make sure no stone in the foreign intelligence investigation goes unturned. The NSA is can also share un-minimized information with other agencies, such as the CIA, with the understanding that that agency will perform its own minimization acts.
The point is that if a piece of data has a significant enough amount of foreign intelligence information, it might fall outside of the realm of minimization that government officials are standing behind as a major protection for U.S. citizens. However, that’s a broad term.