Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 18 submissions in the queue.
posted by janrinok on Tuesday January 30, @11:33PM   Printer-friendly

NSA finally admits to spying on Americans by purchasing sensitive data:

The National Security Agency (NSA) has admitted to buying records from data brokers detailing which websites and apps Americans use, US Senator Ron Wyden (D-Ore.) revealed Thursday.

This news follows Wyden's push last year that forced the FBI to admit that it was also buying Americans' sensitive data. Now, the senator is calling on all intelligence agencies to "stop buying personal data from Americans that has been obtained illegally by data brokers."

"The US government should not be funding and legitimizing a shady industry whose flagrant violations of Americans' privacy are not just unethical but illegal," Wyden said in a letter to Director of National Intelligence (DNI) Avril Haines. "To that end, I request that you adopt a policy that, going forward," intelligence agencies "may only purchase data about Americans that meets the standard for legal data sales established by the FTC."

Wyden suggested that the intelligence community might be helping data brokers violate an FTC order requiring that Americans are provided "clear and conspicuous" disclosures and give informed consent before their data can be sold to third parties. In the seven years that Wyden has been investigating data brokers, he said that he has not been made "aware of any company that provides such a warning to users before collecting their data."

The FTC's order came after reaching a settlement with a data broker called X-Mode, which admitted to selling sensitive location data without user consent and even to selling data after users revoked consent.

In his letter, Wyden referred to this order as the FTC outlining "new rules," but that's not exactly what happened. Instead of issuing rules, FTC settlements often serve as "common law," signaling to marketplaces which practices violate laws like the FTC Act.

According to the FTC's analysis of the order on its site, X-Mode violated the FTC Act by "unfairly selling sensitive data, unfairly failing to honor consumers' privacy choices, unfairly collecting and using consumer location data, unfairly collecting and using consumer location data without consent verification, unfairly categorizing consumers based on sensitive characteristics for marketing purposes, deceptively failing to disclose use of location data, and providing the means and instrumentalities to engage in deceptive acts or practices."

The FTC declined to comment on whether the order also applies to data purchases by intelligence agencies. In defining "location data," the FTC order seems to carve out exceptions for any data collected outside the US and used for either "security purposes" or "national security purposes conducted by federal agencies or other federal entities."

NSA officials told Wyden that not only is the intelligence agency purchasing data on Americans located in the US but that it also bought Americans' Internet metadata.

[...] In response to Wyden's letter to Haines, the Under Secretary of Defense for Intelligence & Security, Ronald Moultrie, said that the Department of Defense (DoD) "adheres to high standards of privacy and civil liberties protections" when buying Americans' location data. He also said that he was "not aware of any requirement in US law or judicial opinion" forcing the DoD to "obtain a court order in order to acquire, access, or use" commercially available information that "is equally available for purchase to foreign adversaries, US companies, and private persons as it is to the US government."

In another response to Wyden, NSA leader General Paul NakasoneĀ told Wyden that the "NSA takes steps to minimize the collection of US person information" and "continues to acquire only the most useful data relevant to mission requirements." That includes some commercially available information on Americans "where one side of the communications is a US Internet Protocol address and the other is located abroad," data which Nakasone said is "critical to protecting the US Defense Industrial Base" that sustains military weapons systems.


Original Submission

 
This discussion was created by janrinok (52) for logged-in users only, but now has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Interesting) by JoeMerchant on Wednesday January 31, @12:51PM

    by JoeMerchant (3937) on Wednesday January 31, @12:51PM (#1342498)

    I believe this is another case of yes, and no.

    Approximately 35,000 employees, how many bunglers do you know of? Not even 3500 I suspect.

    Hanging 10 or 20% of your operation out in the press as incompetent fools let's another 20-40% get down to serious business, while the others keep up appearances of being semi competent and law abiding to keep the funding flowing.

    --
    🌻🌻 [google.com]
    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3