NSA Gets Full Take on FISA-Authorized Web Forums

Screen Shot 2015-07-02 at 6.03.50 PMAmong the document dump associated with the Intercept’s two stories on XKeyscore, there’s one that has importance outside of the discussion of how XKeyscore works in the slide deck on how XKS works on web forum data.

It reveals what was fairly predictable, but has never been confirmed: That the NSA obtains “full take” on US-based web forums that it can get FISA orders for.

This has been suggested in a number of terrorist proceedings — that the targets were first identified in a forum, and from there targeted for more surveillance (or, just as often, for an FBI undercover sting).

The XKS deck in question further makes clear that the NSA saves all of the data from such forums, so that data will come up in XKS queries going forward. Further, the NSA can pull the messages that use one of the most popular extremist tools for encryption.

All this almost certainly means that the same web forum data would be available to FBI Agents for back door searches at the Assessment level, so even the mere participation in a web forum may target someone for further investigation (or even, for coercion to become an informant himself).

Again, this has been fairly clear for some time. But this slide deck confirms what the government has been obscuring from defense attorneys.

 

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

3 replies
  1. edge says:

    Any chance that we can get an i con the the record dump of FISA forum orders soon? (I’m also curious what constitutes a forum? Are these comments a forum? Does all of Disqus count as one forum?)

    • Useful Idiots says:

      For intents and purposes, Disqus, LiveFyre and their ilk are considered the same way Facebook, Twitter, Google+ (to include YouTube and all of google’s crud), and their ilk are. In that context, one assumes selectors are based on accounts and contact chaining from those accounts (regardless of where the posts actually occur) while also providing a large pool of accessible ways to jump parallel to other fora in pursuit of ‘investigations’. From there connected graphs can be formed which can then be drilled down into. One reason I’m disturbed and disgusted by so many sites embracing third-party comment plugins — it just enables a surveillance state with minimal work. Evil stuff.

      • Stephen says:

        Useful Idiots wrote: “One reason I’m disturbed and disgusted by so many sites embracing third-party comment plugins — it just enables a surveillance state with minimal work.”
        .
        Yes and no. The NSA et al would effectively still get the same outcome even if each site used it’s own unique comment system–provided each site allowed users to log-in using a third-party service provider’s login system. Eg Facebook, Twitter, Google+, etc.
        .
        Even those sites which don’t (like the system used here at EmptyWheel) still–with only one exception that I aware of, though there may well be others–require commenters to supply an email address before they are allowed to post. That email address, if it can be captured by the NSA et al, would still tend to uniquely identify a commenter, and therefore function in the same fashion as the third-party logins.

Comments are closed.