These graphs identify people’s associates, their locations at certain times, their traveling companions and other personal information, according to the NYT report, which is the latest revelation from documents provided by Edward J. Snowden, the former N.S.A. contractor.
The NSA authorized the conduct of “large-scale graph analysis on very large sets of communications metadata without having to check foreignness” of every e-mail address, phone number or other identifier, the documents said. It can augment the communications data “with material from public, commercial and other sources, including bank codes, insurance information, Facebook profiles, passenger manifests, voter registration rolls and GPS location information, as well as property records and unspecified tax data, according to the documents. They do not indicate any restrictions on the use of such ‘enrichment’ data…,” the report said.
The news comes amid continued moves by other companies and countries to exploit the opportunities afforded by the revelations.
For example, Germany’s largest email providers, including partly state-owned Deutsche Telekom, have teamed up to offer a new service, Email Made in Germany. By encrypting email through German servers and abiding by the country’s strict privacy laws, the companies said U.S. authorities won’t easily be hack into this information. More than a hundred thousand Germans have adopted the service since it was rolled out in August, the WSJ reported Friday on the service.
Separately, Senator Dianne Feinstein apparently accidentally confirmed Thursday that the NSA is collecting emails via “upstream” collection methods — in other words, from the Internet backbone — by doing so directly from U.S telecom companies who have been willing to cooperate. This is something that the U.S. government apparently hasn’t admitted until now.