An ominous looking map released by The Guardian over the weekend purporting to show where the National Security Agency (NSA) snoops on metadata may not be as scary as the initial report suggested, although other evidence suggests data about U.S. citizens is being collected by the spy agency.
The Guardian report details a tool called Boundless Informant that allows an at a glance understanding of the amount of metadata being siphoned from “computer and telephone networks” across the globe via signal intelligence (SIGINT) infrastructure. This presumably would include metadata about telephone calls, text messages, and internet traffic such as information about the source of a message, the time stamp and duration, and general geographic location — but intelligence on the content of the communications. According The Guardian, over a 30-day period in March 2013 the agency showed 97 billion pieces of intelligence in the system, nearly 3 billion of those associated with the United States.
While 3 billion may seem like a huge volume of data, consider that 2.19 trillion text messages alone were sent in the United States in 2012. Breaking that down into a monthly figure, that’s roughly 182.5 billion text message sent in the US per month. And this system should in theory also include call, email and web traffic metadata, with each use of those communications platforms creating multiple bits of metadata associated with the sender, time, and other non-content details. Considering that volume, 3 billion pieces of metadata intelligence coming from within the United States may actually represent a very targeted level of surveillance that could plausibly be limited to persons reasonably believed to be foreign nationals.
But another detail from the associated documents suggests Boundless Informant doesn’t tell the whole story of metadata surveillance within the United States. Under the header “Do You Have All The Data? What Data Is Missing?” on a factsheet about the program, it says that due to the security level of the tool it does not include intelligence from “ECI or FISA,” referring to data collected pursuant to electronic crimes investigations or Foreign Intelligence Surveillance Act orders.
This means it likely does not reflect the bulk of metadata collected from Verizon and other telecommunication companies about nearly all calls because the orders came through FISA courts. Similarly, if FISA courts are issuing similar orders to internet service providers or tech companies for that level of information about email and web traffic, Boundless Informant wouldn’t report on that intelligence. Despite rhetoric from the government suggesting that metadata collection isn’t as invasive as collecting the contents of communications, it can be used to track movements over time, and infer a detailed picture of relationships and other aspects of an individual’s life by mapping out patterns of communications.