You’ve never heard of XKeyscore, but it definitely knows you. The National Security Agency’s top-secret program essentially makes available everything you’ve ever done on the Internet — browsing history, searches, content of your emails, online chats, even your metadata — all at the tap of the keyboard.
The Guardian exposed the program on Wednesday in a follow-up piece to its groundbreaking report on the NSA’s surveillance practices. Shortly after publication, Edward Snowden, a 29-year-old former Booz Allen Hamilton employee who worked for the NSA for four years, came forward as the source.
This latest revelation comes from XKeyscore training materials, which Snowden also provided to The Guardian. The NSA sums up the program best: XKeyscore is its “widest reaching” system for developing intelligence from the Internet.
The program gives analysts the ability to search through the entire database of your information without any prior authorization — no warrant, no court clearance, no signature on a dotted line. An analyst must simply complete a simple onscreen form, and seconds later, your online history is no longer private. The agency claims that XKeyscore covers “nearly everything a typical user does on the Internet.”
“I, sitting at my desk,” said Snowden, could “wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal email.”
While United States officials denied this claim, the XKeyscore program, as the public understands it, proves Snowden’s point. The law requires the NSA to obtain FISA warrants on U.S. citizens, but this is pushed aside for Americans with foreign targets — and this program gives the NSA the technology to do so. The training materials claim XKeyscore assisted in capturing 300 terrorists by 2008.
The Guardian article breaks down how the program works with each activity, from email monitoring to chats and browsing history, and includes screenshots from the training materials.
The Guardian reached out to the NSA for comment prior to publication. The agency defended the program, stressing that it was only used to legally obtain information about “legitimate foreign intelligence targets in response to requirements that our leaders need for information necessary to protect our nation and its interests.”
“XKeyscore is used as a part of NSA’s lawful foreign signals intelligence collection system,” the agency said in its response. “Allegations of widespread, unchecked analyst access to NSA collection data are simply not true. Access to XKeyscore, as well as all of NSA’s analytic tools, is limited to only those personnel who require access for their assigned tasks … .
“In addition, there are multiple technical, manual and supervisory checks and balances within the system to prevent deliberate misuse from occurring. Every search by an NSA analyst is fully auditable, to ensure that they are proper and within the law. These types of programs allow us to collect the information that enables us to perform our missions successfully — to defend the nation and to protect U.S. and allied troops abroad.”
XKeyscore is the second black mark on the NSA’s record in the past few weeks. The Guardian’s first story uncovered PRISM, a highly controversial surveillance program that reportedly allows the security agency to access the servers of major Internet organizations including Facebook, Google, Apple, Microsoft, Yahoo, YouTube and Skype, among others.
Snowden’s information led to a public outcry for transparency, and the U.S. government pushed to declassify more information about PRISM in an effort to paint a clearer picture about the program.
Snowden has been charged with espionage. He is currently holed up in the transit area of Moscow’s Sheremetyevo Airport while his request for asylum is under review by Russian immigration authorities, according to Snowden’s lawyer.