Editing National Security Agency (section)

== Operations ==
Operations by the National Security Agency can be divided into three types:
* Collection overseas, which falls under the responsibility of the Global Access Operations (GAO) division.
* Domestic collection, which falls under the responsibility of the [[Special Source Operations]] (SSO) division.
* Hacking operations, which fall under the responsibility of the [[Tailored Access Operations]] (TAO) division.

=== Collection overseas ===
==== Echelon ====
{{Main|ECHELON}}
"Echelon" was created in the incubator of the [[Cold War]].<ref>{{cite book|publisher=[[Potton & Burton|Craig Potton Publishing]]|title=Secret Power: New Zealand's Role in the International Spy Network|last=Hager|first=Nicky|year=1996|page=55|isbn=978-0-908802-35-7}}</ref> Today it is a [[legacy system]], and several NSA stations are closing.<ref name=Muir /> NSA/CSS, in combination with the equivalent agencies in the United Kingdom ([[Government Communications Headquarters]]), Canada ([[Communications Security Establishment]]), Australia ([[Australian Signals Directorate]]), and New Zealand ([[Government Communications Security Bureau]]), otherwise known as the [[UKUSA Agreement|UKUSA]] group,<ref name=ukusa>Richelson, Jeffrey T.; Ball, Desmond (1985). ''The Ties That Bind: Intelligence Cooperation Between the UKUSA Countries''. London: [[Allen & Unwin]]. {{ISBN|0-04-327092-1}}</ref> was reported to be in command of the operation of the so-called [[ECHELON]] system. Its capabilities were suspected to include the ability to monitor a large proportion of the world's transmitted civilian telephone, fax, and data traffic.<ref>Patrick S. Poole, Echelon: America's Secret Global Surveillance Network (Washington, D.C.: [[Free Congress Research and Education Foundation|Free Congress Foundation]], October 1998)</ref>

During the early 1970s, the first of what became more than eight large satellite communications dishes were installed at Menwith Hill.<ref>[http://www.cbsnews.com/news/ex-snoop-confirms-echelon-network/ Echelon"] {{Webarchive|url=https://web.archive.org/web/20140120020809/http://www.cbsnews.com/news/ex-snoop-confirms-echelon-network/ |date=2014-01-20 }}, ''60 Minutes'', February 27, 2000</ref> Investigative journalist [[Duncan Campbell (journalist, born 1952)|Duncan Campbell]] reported in 1988 on the "[[ECHELON]]" surveillance program, an extension of the [[UKUSA Agreement]] on global signals intelligence [[SIGINT]], and detailed how the eavesdropping operations worked.<ref name=CampbellListening1988>{{Cite news|last=Campbell|first=Duncan|author-link=Duncan Campbell (journalist, born 1952)|title=They've Got It Taped|newspaper=[[New Statesman]] via duncancampbell.org|date=August 12, 1988|url=http://www.duncancampbell.org/menu/journalism/newstatesman/newstatesman-1988/They%27ve%20got%20it%20taped.pdf|access-date=June 19, 2007|archive-url=https://web.archive.org/web/20130614020755/http://www.duncancampbell.org/menu/journalism/newstatesman/newstatesman-1988/They%27ve%20got%20it%20taped.pdf|archive-date=June 14, 2013|url-status=dead}}</ref> On November 3, 1999, the BBC reported that they had confirmation from the Australian Government of the existence of a powerful "global spying network" code-named Echelon, that could "eavesdrop on every single phone call, fax or e-mail, anywhere on the planet" with Britain and the United States as the chief protagonists. They confirmed that Menwith Hill was "linked directly to the headquarters of the US National Security Agency (NSA) at Fort Meade in Maryland".<ref name=BBC3nov1999>{{cite news|first=Andrew|last=Bomford|date=November 3, 1999|title=Echelon spy network revealed|publisher=BBC|url=http://news.bbc.co.uk/2/hi/503224.stm|access-date=June 7, 2013|archive-date=June 14, 2013|archive-url=https://web.archive.org/web/20130614020758/http://news.bbc.co.uk/2/hi/503224.stm|url-status=live}}</ref> NSA's United States Signals Intelligence Directive 18 (USSID 18) strictly prohibited the interception or collection of information about "... [[U.S. person]]s, entities, corporations or organizations...." without explicit written legal permission from the [[United States Attorney General]] when the subject is located abroad, or the [[Foreign Intelligence Surveillance Court]] when within U.S. borders. Alleged Echelon-related activities, including its use for motives other than national security, including political and [[industrial espionage]], received criticism from countries outside the UKUSA alliance.<ref name=EP>{{cite web|url=https://fas.org/irp/program/process/rapport_echelon_en.pdf|title=European Parliament Report on Echelon|date=July 2001|access-date=July 4, 2008|archive-date=June 28, 2019|archive-url=https://web.archive.org/web/20190628043116/https://fas.org/irp/program/process/rapport_echelon_en.pdf|url-status=live}}</ref>

[[File:Berlin 2013 PRISM Demo.jpg|thumb|Protesters against NSA data mining in [[Berlin]] wearing [[Chelsea Manning]] and [[Edward Snowden]] masks]]

==== Other SIGINT overseas operations ====
The NSA was also involved in planning to blackmail people with "[[SEXINT]]", intelligence gained about a potential target's sexual activity and preferences. Those targeted had not committed any apparent crime nor were they charged with one.<ref>{{cite news|title=Top-Secret Documents Reveal NSA Spied on Porn Habits as Part of Plan to Discredit 'Radicalizers'|url=http://www.huffingtonpost.com/2013/11/26/nsa-porn-muslims_n_4346128.html?1385526024|access-date=May 6, 2014|newspaper=The Huffington Post|date=November 26, 2013|author=Glenn Greenwald|location=London|archive-date=July 4, 2014|archive-url=https://web.archive.org/web/20140704223727/http://www.huffingtonpost.com/2013/11/26/nsa-porn-muslims_n_4346128.html?1385526024|url-status=live}}</ref> To support its [[Facial recognition system|facial recognition]] program, the NSA is intercepting "millions of images per day".<ref>{{cite news|author1=James Risen|author2=Laura Poitras|title=N.S.A. Collecting Millions of Faces From Web Images|url=https://www.nytimes.com/2014/06/01/us/nsa-collecting-millions-of-faces-from-web-images.html|access-date=June 1, 2014|newspaper=The New York Times|date=May 31, 2014|archive-date=June 1, 2014|archive-url=https://web.archive.org/web/20140601084735/http://www.nytimes.com/2014/06/01/us/nsa-collecting-millions-of-faces-from-web-images.html|url-status=live}}</ref> The [[Real Time Regional Gateway]] is a data collection program introduced in 2005 in Iraq by the NSA during the [[Iraq War]] that consisted of gathering all electronic communication, storing it, then searching and otherwise analyzing it. It was effective in providing information about Iraqi insurgents who had eluded less comprehensive techniques.<ref name="WP71413">{{cite news|title=For NSA chief, terrorist threat drives passion to 'collect it all,' observers say|url=https://www.washingtonpost.com/world/national-security/for-nsa-chief-terrorist-threat-drives-passion-to-collect-it-all/2013/07/14/3d26ef80-ea49-11e2-a301-ea5a8116d211_story.html|access-date=July 15, 2013|newspaper=The Washington Post|date=July 14, 2013|author=Ellen Nakashima|author2=Joby Warrick|quote=Collect it all, tag it, store it. . . . And whatever it is you want, you go searching for it.|archive-date=March 1, 2017|archive-url=https://web.archive.org/web/20170301114727/https://www.washingtonpost.com/world/national-security/for-nsa-chief-terrorist-threat-drives-passion-to-collect-it-all/2013/07/14/3d26ef80-ea49-11e2-a301-ea5a8116d211_story.html|url-status=live}}</ref> This "collect it all" strategy introduced by NSA director, [[Keith B. Alexander]], is believed by [[Glenn Greenwald]] of ''[[The Guardian]]'' to be the model for the comprehensive worldwide mass archiving of communications which NSA is engaged in as of 2013.<ref name="NSA71513">{{cite news|title=The crux of the NSA story in one phrase: 'collect it all': The actual story that matters is not hard to see: the NSA is attempting to collect, monitor, and store all forms of human communication|url=https://www.theguardian.com/commentisfree/2013/jul/15/crux-nsa-collect-it-all|access-date=July 16, 2013|newspaper=The Guardian|date=July 15, 2013|author=Glenn Greenwald|archive-date=March 10, 2017|archive-url=https://web.archive.org/web/20170310132541/https://www.theguardian.com/commentisfree/2013/jul/15/crux-nsa-collect-it-all|url-status=live}}</ref>

A dedicated unit of the NSA locates targets for the [[CIA]] for extrajudicial assassination in the Middle East.<ref name="MillerTateTargeted">Greg Miller and Julie Tate, October 17, 2013, "[https://www.washingtonpost.com/world/national-security/documents-reveal-nsas-extensive-involvement-in-targeted-killing-program/2013/10/16/29775278-3674-11e3-8a0e-4e2cf80831fc_story.html Documents reveal NSA's extensive involvement in targeted killing program] {{Webarchive|url=https://web.archive.org/web/20170823063930/https://www.washingtonpost.com/world/national-security/documents-reveal-nsas-extensive-involvement-in-targeted-killing-program/2013/10/16/29775278-3674-11e3-8a0e-4e2cf80831fc_story.html |date=2017-08-23 }}", ''The Washington Post''. Retrieved October 18, 2013.</ref> The NSA has also spied extensively on the European Union, the United Nations, and numerous governments including allies and trading partners in Europe, South America, and Asia.<ref>Laura Poitras, Marcel Rosenbach, Fidelius Schmid und Holger Stark. "[http://www.spiegel.de/netzwelt/netzpolitik/nsa-hat-wanzen-in-eu-gebaeuden-installiert-a-908515.html Geheimdokumente: NSA horcht EU-Vertretungen mit Wanzen aus] {{Webarchive|url=https://web.archive.org/web/20240518182038/https://www.spiegel.de/netzwelt/netzpolitik/nsa-hat-wanzen-in-eu-gebaeuden-installiert-a-908515.html |date=2024-05-18 }}". ''Der Spiegel'' (in German). Retrieved June 29, 2013.</ref><ref>"[http://www.spiegel.de/politik/ausland/nsa-hoerte-zentrale-der-vereinte-nationen-in-new-york-ab-a-918421.html US-Geheimdienst hörte Zentrale der Vereinten Nationen ab] {{Webarchive|url=https://web.archive.org/web/20240512130608/https://www.spiegel.de/politik/ausland/nsa-hoerte-zentrale-der-vereinte-nationen-in-new-york-ab-a-918421.html |date=2024-05-12 }}". ''Der Spiegel'' (in German). Retrieved August 25, 2013.</ref> In June 2015, [[WikiLeaks]] published documents showing that NSA spied on [[France|French]] companies.<ref>[http://www.spiegel.de/politik/ausland/wikileaks-enthuellung-nsa-soll-auch-franzoesische-wirtschaft-bespitzelt-haben-a-1041268.html Spiegel.de: Wikileaks-Enthüllung, NSA soll auch französische Wirtschaft bespizelt haben (German)] {{Webarchive|url=https://web.archive.org/web/20160919202253/http://www.spiegel.de/politik/ausland/wikileaks-enthuellung-nsa-soll-auch-franzoesische-wirtschaft-bespitzelt-haben-a-1041268.html |date=2016-09-19 }}, June 2015</ref> WikiLeaks also published documents showing that NSA spied on federal German ministries since the 1990s.<ref>{{cite web|url=https://www.handelsblatt.com/politik/deutschland/wikileaks-und-taeglich-gruesst-die-nsa/12034888.html|title=Wikileaks: Und täglich grüßt die NSA|author=|date=July 9, 2015|website=Handelsblatt.com|access-date=March 10, 2017|archive-date=October 18, 2017|archive-url=https://web.archive.org/web/20171018075016/https://www.handelsblatt.com/politik/deutschland/wikileaks-und-taeglich-gruesst-die-nsa/12034888.html|url-status=dead}}</ref><ref>{{Cite web|url=https://www.sueddeutsche.de/politik/nsa-skanal-us-spionage-ist-eine-demuetigung-fuer-deutschland-1.2558131|title=US-Spionage ist eine Demütigung für Deutschland|first=Tanjev|last=Schultz|website=Süddeutsche.de|date=9 July 2015|access-date=23 February 2022|archive-date=23 February 2022|archive-url=https://web.archive.org/web/20220223192449/https://www.sueddeutsche.de/politik/nsa-skanal-us-spionage-ist-eine-demuetigung-fuer-deutschland-1.2558131|url-status=live}}</ref> Even Germany's Chancellor [[Angela Merkel]]'s cellphones and phones of her predecessors had been intercepted.<ref>{{cite news|url=https://www.theguardian.com/us-news/2015/jul/08/nsa-tapped-german-chancellery-decades-wikileaks-claims-merkel|title=NSA tapped German Chancellery for decades, WikiLeaks claims|agency=Reuters|date=8 July 2015 |work=The Guardian}}</ref>

==== Boundless Informant ====
In June 2013, [[Edward Snowden]] revealed that between 8th February and 8th March 2013, the NSA collected about 124.8&nbsp; billion telephone data items and 97.1&nbsp; billion computer data items throughout the world, as was displayed in charts from an internal NSA tool codenamed [[Boundless Informant]]. Initially, it was reported that some of these data reflected eavesdropping on citizens in countries like Germany, Spain, and France,<ref>[http://www.lemonde.fr/technologies/article/2013/10/21/france-in-the-nsa-s-crosshair-phone-networks-under-surveillance_3499741_651865.html France in the NSA's crosshair: phone networks under surveillance] {{Webarchive|url=https://web.archive.org/web/20240512131834/https://www.lemonde.fr/technologies/article/2013/10/21/france-in-the-nsa-s-crosshair-phone-networks-under-surveillance_3499741_651865.html |date=2024-05-12 }} Le Monde October 21, 2013</ref> but later on, it became clear that those data were collected by European agencies during military missions abroad and were subsequently shared with NSA.

==== Bypassing encryption ====
In 2013, reporters uncovered a secret memo that claims the NSA created and pushed for the adoption of the [[Dual EC DRBG]] encryption standard that contained built-in vulnerabilities in 2006 to the United States [[National Institute of Standards and Technology]] (NIST), and the [[International Organization for Standardization]] (aka ISO).<ref>{{cite news |first=Nicole |last=Perlroth |url=http://bits.blogs.nytimes.com/2013/09/10/government-announces-steps-to-restore-confidence-on-encryption-standards/ |title=Government Announces Steps to Restore Confidence on Encryption Standards |website=The New York Times |type=Bits blog |date=September 10, 2013 |access-date=June 7, 2024 |archive-date=July 12, 2014 |archive-url=https://web.archive.org/web/20140712084931/http://bits.blogs.nytimes.com/2013/09/10/government-announces-steps-to-restore-confidence-on-encryption-standards/ |url-status=live }}</ref><ref name=pp20130905 /> This memo appears to give credence to previous speculation by cryptographers at [[Microsoft Research]].<ref>{{cite web |url=https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html |title=Schneier on Security: The Strange Story of Dual_EC_DRBG |publisher=Schneier.com |date=November 15, 2007 |access-date=October 9, 2013 |archive-date=April 23, 2019 |archive-url=https://web.archive.org/web/20190423212823/https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html |url-status=live }}</ref> [[Edward Snowden]] claims that the NSA often bypasses the encryption process altogether by lifting information before encryption or after decryption.<ref name=pp20130905>{{cite news|url=https://www.propublica.org/article/the-nsas-secret-campaign-to-crack-undermine-internet-encryption|title=The NSA's Secret Campaign to Crack, Undermine Internet Security|date=September 5, 2013|publisher=[[ProPublica]]|author=Perlroth, Nicole, Larson, Jeff, and Shane, Scott|quote=This story has been reported in partnership between The New York Times, the Guardian and ProPublica based on documents obtained by The Guardian. For the Guardian: [[James Ball (journalist)|James Ball]], Julian Borger, Glenn Greenwald; For the New York Times: Nicole Perlroth, Scott Shane; For ProPublica: Jeff Larson|access-date=June 7, 2024|archive-date=February 21, 2020|archive-url=https://web.archive.org/web/20200221043243/https://www.propublica.org/article/the-nsas-secret-campaign-to-crack-undermine-internet-encryption|url-status=live}}</ref>

[[XKeyscore]] rules (as specified in a file xkeyscorerules100.txt, sourced by German TV stations [[Norddeutscher Rundfunk|NDR]] and [[Westdeutscher Rundfunk|WDR]], who claim to have excerpts from its source code) reveal that the NSA tracks users of privacy-enhancing software tools, including [[Tor (network)|Tor]]; an anonymous email service provided by the [[MIT Computer Science and Artificial Intelligence Laboratory]] (CSAIL) in Cambridge, Massachusetts; and readers of the ''[[Linux Journal]]''.<ref name=NDR>{{cite news |author1=J. Appelbaum |author2=A. Gibson |author3=J. Goetz |author4=V. Kabisch |author5=L. Kampf |author6=L. Ryge |title=NSA targets the privacy-conscious |url=http://daserste.ndr.de/panorama/aktuell/nsa230_page-1.html |access-date=July 4, 2014 |work=Panorama |publisher=Norddeutscher Rundfunk |date=July 3, 2014 |archive-date=July 3, 2014 |archive-url=https://web.archive.org/web/20140703215350/http://daserste.ndr.de/panorama/aktuell/nsa230_page-1.html |url-status=live }}</ref><ref>{{cite news |author1=Lena Kampf, Jacob Appelbaum |author2=John Goetz, Norddeutscher Rundfunk |name-list-style=amp |url=https://www.tagesschau.de/inland/nsa-xkeyscore-100.html |title=Deutsche im Visier des US-Geheimdienstes: Von der NSA als Extremist brandmark |date=July 3, 2014 |publisher=[[ARD (broadcaster)|ARD]] |language=de |access-date=June 7, 2024 |archive-date=July 3, 2014 |archive-url=https://web.archive.org/web/20140703074652/http://www.tagesschau.de/inland/nsa-xkeyscore-100.html |url-status=live }}</ref>

==== Software backdoors ====
[[Linus Torvalds]], the founder of [[Linux kernel]], joked during a [[LinuxCon]] keynote on September 18, 2013, that the NSA, who is the founder of [[SELinux]], wanted a backdoor in the kernel.<ref>{{cite web|url=http://www.linuxfoundation.org/news-media/news/2013/09/techweekeurope-linus-torvalds-jokes-nsa-wanted-backdoor-linux|title=TechWeekEurope: Linus Torvalds Jokes The NSA Wanted A Backdoor In Linux|work=linuxfoundation.org|url-status=dead|archive-url=https://web.archive.org/web/20150916142701/http://www.linuxfoundation.org/news-media/news/2013/09/techweekeurope-linus-torvalds-jokes-nsa-wanted-backdoor-linux|archive-date=2015-09-16|access-date=2014-05-23}}</ref> However, later, Linus' father, a [[Member of the European Parliament]] (MEP), revealed that the NSA actually did this.<ref>{{cite web|url=http://falkvinge.net/2013/11/17/nsa-asked-linus-torvalds-to-install-backdoors-into-gnulinux/|title=NSA Asked Linus Torvalds To Install Backdoors Into GNU/Linux|work=falkvinge.net|date=17 November 2013|access-date=7 June 2024|archive-date=19 May 2024|archive-url=https://web.archive.org/web/20240519085005/http://falkvinge.net/2013/11/17/nsa-asked-linus-torvalds-to-install-backdoors-into-gnulinux/|url-status=live}}</ref>

{{blockquote|When my oldest son was asked the same question: "Has he been approached by the NSA about backdoors?" he said "No", but at the same time he nodded. Then he was sort of in the legal free. He had given the right answer, everybody understood that the NSA had approached him.|[[Nils Torvalds]]|[[European Parliament Committee on Civil Liberties, Justice and Home Affairs|LIBE]] Committee Inquiry on Electronic Mass Surveillance of EU Citizens – 11th Hearing, 11 November 2013<ref>{{cite web|url=http://www.europarl.europa.eu/committees/en/libe/events.html|title=Civil Liberties, Justice and Home Affairs – Hearings|work=europa.eu|access-date=2024-06-07|archive-date=2016-09-16|archive-url=https://web.archive.org/web/20160916144242/http://www.europarl.europa.eu/committees/en/libe/events.html|url-status=live}}</ref>}} [[IBM Notes]] was the first widely adopted software product to use [[public key cryptography]] for client-server and server–server authentication and encryption of data. Until US laws regulating encryption were changed in 2000, IBM and [[Lotus Software|Lotus]] were prohibited from exporting versions of Notes that supported [[Symmetric-key algorithm|symmetric encryption]] keys that were longer than 40 bits. In 1997, Lotus negotiated an agreement with the NSA that allowed the export of a version that supported stronger keys with 64 bits, but 24 of the bits were encrypted with a special key and included in the message to provide a "workload reduction factor" for the NSA. This strengthened the protection for users of Notes outside the US against private-sector [[industrial espionage]], but not against spying by the US government.<ref>[[United States|"The Swedes discover Lotus Notes has key escrow!"]] [[intelligence agency|The Risks Digest]], Volume 19, Issue 52, December 24, 1997,</ref><ref>[[codebreaking|Only NSA can listen, so that's OK]] Heise, 1999.</ref>

==== Boomerang routing ====
While it is assumed that foreign transmissions terminating in the U.S. (such as a non-U.S. citizen accessing a U.S. website) subject non-U.S. citizens to NSA surveillance, recent research into boomerang routing has raised new concerns about the NSA's ability to surveil the domestic Internet traffic of foreign countries.<ref name="boomerang" /> Boomerang routing occurs when an Internet transmission that originates and terminates in a single country transits another. Research at the [[University of Toronto]] has suggested that approximately 25% of Canadian domestic traffic may be subject to NSA surveillance activities as a result of the boomerang routing of Canadian [[Internet service provider]]s.<ref name="boomerang" />

==== Implanting hardware equipment ====
{{Multiple image|image1 = NSA implanting station.jpg|image2 = NSA interception.jpg|caption1 = Intercepted packages are opened carefully by NSA employees|caption2 = A "load station" implanting a beacon}}

A document included in the NSA files released with [[Glenn Greenwald]]'s book ''[[No Place to Hide (Greenwald book)|No Place to Hide]]'' details how the agency's [[Tailored Access Operations]] (TAO) and other NSA units gained access to hardware equipment. They intercepted [[Router (computing)|routers]], [[Server (computing)|servers]], and other [[network hardware]] equipment being shipped to organizations targeted for surveillance and installing covert implant firmware onto them before they are delivered. This was described by an NSA manager as "some of the most productive operations in TAO because they preposition access points into hard target networks around the world."<ref>{{cite web|url=https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant|title=Photos of an NSA "upgrade" factory show Cisco router getting implant|last=Gallagher|first=Sean|date=May 14, 2014|website=Ars Technica|access-date=June 7, 2024|archive-date=June 4, 2024|archive-url=https://web.archive.org/web/20240604094912/https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/|url-status=live}}</ref> 

Computers that were seized by the NSA due to [[interdiction]] are often modified with a physical device known as Cottonmouth.<ref>{{cite web|last=Whitwam|first=Ryan|url=http://www.extremetech.com/computing/173721-the-nsa-regularly-intercepts-laptop-shipments-to-implant-malware-report-says/|title=The NSA regularly intercepts laptop shipments to implant malware report says|work=extremetech.com|date=December 30, 2013|access-date=June 7, 2024|archive-date=December 5, 2022|archive-url=https://web.archive.org/web/20221205081243/https://www.extremetech.com/computing/173721-the-nsa-regularly-intercepts-laptop-shipments-to-implant-malware-report-says|url-status=live}}</ref> It is a device that can be inserted at the USB port of a computer to establish remote access to the targeted machine. According to the NSA's Tailored Access Operations (TAO) group implant catalog, after implanting Cottonmouth, the NSA can establish a [[network bridge]] "that allows the NSA to load exploit software onto modified computers as well as allowing the NSA to relay commands and data between hardware and software implants."<ref>{{Cite web |url=http://www.spiegel.de/static/happ/netzwelt/2014/na/v1/pub/img/USB/S3223_COTTONMOUTH-I.jpg |title=Archived copy |access-date=2015-03-10 |archive-date=2015-03-10 |archive-url=https://web.archive.org/web/20150310094750/http://www.spiegel.de/static/happ/netzwelt/2014/na/v1/pub/img/USB/S3223_COTTONMOUTH-I.jpg |url-status=dead }}</ref>

=== Domestic collection ===
{{Further|Mass surveillance in the United States}}
NSA's mission, as outlined in [[Executive Order 12333]] in 1981, is to collect information that constitutes "foreign intelligence or counterintelligence" while ''not'' "acquiring information concerning the domestic activities of [[United States person]]s". NSA has declared that it relies on the FBI to collect information on foreign intelligence activities within the borders of the United States while confining its activities within the United States to the embassies and missions of foreign nations.<ref>[https://www.nsa.gov/public_info/_files/speeches_testimonies/2013_08_09_the_nsa_story.pdf nsa.gov: The NSA story] {{webarchive|url=https://web.archive.org/web/20141209113543/https://www.nsa.gov/public_info/_files/speeches_testimonies/2013_08_09_the_nsa_story.pdf |date=2014-12-09 }}, Retrieved January 19, 2015 – Page 3: 'NSA ... will work with the FBI and other agencies to connect the dots between foreign-based actors and their activities in the U.S.'</ref>

The appearance of a 'Domestic Surveillance Directorate' of the NSA was soon exposed as a hoax in 2013.<ref>[https://nsa.gov1.info/ Domestic Surveillance Directorate website] {{Webarchive|url=https://web.archive.org/web/20240528223651/https://nsa.gov1.info/ |date=2024-05-28 }}, Nsa.gov1.info, Retrieved January 19, 2015</ref><ref>[https://www.forbes.com/sites/kashmirhill/2013/08/29/the-definitive-nsa-parody-site-is-actually-informative/ The Definitive NSA Parody Site Is Actually Informative] {{Webarchive|url=https://web.archive.org/web/20240512125453/https://www.forbes.com/sites/kashmirhill/2013/08/29/the-definitive-nsa-parody-site-is-actually-informative/ |date=2024-05-12 }}, Forbes.com, Retrieved January 19, 2015</ref> NSA's domestic surveillance activities are limited by the requirements imposed by the [[Fourth Amendment to the U.S. Constitution]]. The [[Foreign Intelligence Surveillance Court]] for example held in October 2011, citing multiple Supreme Court precedents, that the Fourth Amendment prohibitions against unreasonable searches and seizures apply to the contents of all communications, whatever the means, because "a person's private communications are akin to personal papers."<ref name="FiscPrivacyRuling2011">{{cite web|url=https://www.eff.org/sites/default/files/filenode/fisc_opinion_-_unconstitutional_surveillance_0.pdf|pages=73–74|date=October 3, 2011|author=John D Bates|title=[redacted]|access-date=June 7, 2024|archive-date=August 24, 2013|archive-url=https://web.archive.org/web/20130824171345/https://www.eff.org/sites/default/files/filenode/fisc_opinion_-_unconstitutional_surveillance_0.pdf|url-status=live}}</ref> However, these protections do not apply to non-U.S. persons located outside of U.S. borders, so the NSA's foreign surveillance efforts are subject to far fewer limitations under U.S. law.<ref name="Jordan_David">David Alan Jordan. [https://iilj.org/documents/Jordan-47_BC_L_Rev_000.pdf Decrypting the Fourth Amendment: Warrantless NSA Surveillance and the Enhanced Expectation of Privacy Provided by Encrypted Voice over Internet Protocol] {{webarchive|url=https://web.archive.org/web/20071030095250/http://www.ss8.com/pdfs/Ready_Guide_Download_Version.pdf |date=2007-10-30 }}. Boston College Law Review. May 2006. Last access date January 23, 2007, </ref> The specific requirements for domestic surveillance operations are contained in the [[Foreign Intelligence Surveillance Act]] of 1978 (FISA), which does not extend protection to non-U.S. citizens located outside of [[U.S. territory]].<ref name="Jordan_David" />

==== President's Surveillance Program ====
{{See also|NSA warrantless surveillance (2001–2007)}}

[[George W. Bush]], president during the [[September 11 attacks|9/11 terrorist attacks]], approved the [[Patriot Act]] shortly after the attacks to take anti-terrorist security measures. [[Title I of the Patriot Act|Titles 1]], [[Title II of the Patriot Act|2]], and [[Title IX of the Patriot Act|9]] specifically authorized measures that would be taken by the NSA. These titles granted enhanced domestic security against terrorism, surveillance procedures, and improved intelligence, respectively. On March 10, 2004, there was a debate between President Bush and White House Counsel [[Alberto Gonzales]], Attorney General [[John Ashcroft]], and Acting Attorney General [[James Comey]]. The Attorneys General were unsure if the NSA's programs could be considered constitutional. They threatened to resign over the matter, but ultimately the NSA's programs continued.<ref>{{cite book|title=President George W. Bush's Influence Over Bureaucracy and Policy|last=Provost|first=Colin|publisher=Palgrave Macmillan|year=2009|isbn=978-0-230-60954-9|pages=[https://archive.org/details/presidentgeorgew0000unse/page/94 94–99]|url=https://archive.org/details/presidentgeorgew0000unse/page/94}}</ref> On March 11, 2004, President Bush signed a new authorization for mass surveillance of Internet records, in addition to the surveillance of phone records. This allowed the president to be able to override laws such as the [[Foreign Intelligence Surveillance Act]], which protected civilians from mass surveillance. In addition to this, President Bush also signed that the measures of mass surveillance were also retroactively in place.<ref name=NYTimes2015-09-20 /><ref name="NYTWarrantless">[[James Risen]] & [[Eric Lichtblau]] (December 16, 2005), [https://www.nytimes.com/2005/12/16/politics/16program.html Bush Lets U.S. Spy on Callers Without Courts] {{Webarchive|url=https://web.archive.org/web/20150524040621/http://www.nytimes.com/2005/12/16/politics/16program.html |date=2015-05-24 }}, ''[[The New York Times]]''</ref>

One such surveillance program, authorized by the U.S. Signals Intelligence Directive 18 of President George Bush, was the Highlander Project undertaken for the National Security Agency by the U.S. Army [[513th Military Intelligence Brigade]]. NSA relayed telephone (including cell phone) conversations obtained from ground, airborne, and satellite monitoring stations to various U.S. Army Signal Intelligence Officers, including the [[201st Expeditionary Military Intelligence Brigade|201st Military Intelligence Battalion]]. Conversations of citizens of the U.S. were intercepted, along with those of other nations.<ref>{{cite web |url=http://www.gwu.edu/~nsarchiv/NSAEBB/NSAEBB23/index2.html |title=Gwu.edu |publisher=Gwu.edu |access-date=October 9, 2013 |archive-date=June 2, 2010 |archive-url=https://web.archive.org/web/20100602002703/http://www.gwu.edu/~nsarchiv/NSAEBB/NSAEBB23/index2.html |url-status=live }}</ref> Proponents of the surveillance program claim that the President has [[Unitary executive theory|executive authority]] to order such action{{citation needed|date=January 2022}}, arguing that laws such as FISA are overridden by the President's Constitutional powers. In addition, some argued that FISA was implicitly overridden by a subsequent statute, the [[Authorization for Use of Military Force Against Terrorists|Authorization for Use of Military Force]], although the Supreme Court's ruling in ''[[Hamdan v. Rumsfeld]]'' deprecates this view.<ref>{{Cite journal |title=Hamdan v. Rumsfeld, Secretary of Defense, Et Al. Certiorari to the United States Court of Appeals for the District of Columbia Circuit |url=https://www.supremecourt.gov/opinions/05pdf/05-184.pdf |journal=Supreme Court of the United States |access-date=2022-03-12 |archive-date=2020-12-07 |archive-url=https://web.archive.org/web/20201207022617/https://www.supremecourt.gov/opinions/05pdf/05-184.pdf |url-status=dead }}</ref>

==== The PRISM program ====
[[File: Prism-slide-8.jpg|thumb|PRISM: a [[clandestine operation|clandestine]] [[global surveillance|surveillance]] programs under which the NSA collects large amounts of user data from companies such as [[Facebook]] and [[Microsoft]].]] Under the [[PRISM (surveillance program)|PRISM]] program, which started in 2007,<ref name="WaPo1">{{cite news |url=https://www.washingtonpost.com/investigations/us-intelligence-mining-data-from-nine-us-internet-companies-in-broad-secret-program/2013/06/06/3a0c0da8-cebf-11e2-8845-d970ccb04497_story.html?hpid=z1 |title=U.S. intelligence mining data from nine U.S. Internet companies in broad secret program |newspaper=The Washington Post |date=June 7, 2013 |access-date=June 6, 2013 |first1=Barton |last1=Gellman |first2=Laura |last2=Poitras |archive-date=June 15, 2013 |archive-url=https://archive.today/20130615061900/http://www.washingtonpost.com/investigations/us-intelligence-mining-data-from-nine-us-internet-companies-in-broad-secret-program/2013/06/06/3a0c0da8-cebf-11e2-8845-d970ccb04497_story.html?hpid=z1 |url-status=live }}</ref><ref name=Greenwald1>{{cite news|last=Greenwald|first=Glenn|title=NSA taps in to internet giants' systems to mine user data, secret files reveal|work=The Guardian|url=https://www.theguardian.com/world/2013/jun/06/us-tech-giants-nsa-data|access-date=June 6, 2013|date=June 6, 2013|location=London|archive-date=August 18, 2006|archive-url=https://web.archive.org/web/20060818114650/http://www.guardian.co.uk/world/2013/jun/06/us-tech-giants-nsa-data|url-status=live}}</ref> NSA gathers Internet communications from foreign targets from nine major U.S. Internet-based communication service providers: [[Microsoft]],<ref>{{cite news|title=Microsoft handed the NSA access to encrypted messages|work=The Guardian|url=https://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data|access-date=September 7, 2013|date=July 12, 2013|archive-date=November 19, 2015|archive-url=https://web.archive.org/web/20151119014627/http://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data|url-status=live}}</ref> [[Yahoo]], [[Google]], [[Facebook]], [[PalTalk]], [[AOL]], [[Skype]], [[YouTube]] and [[Apple Inc.|Apple]]. Data gathered include email, videos, photos, [[VoIP]] chats such as [[Skype]], and file transfers.

Former NSA director General Keith Alexander claimed that in September 2009 the NSA prevented [[Najibullah Zazi]] and his friends from carrying out a terrorist attack.<ref name="Angwin">{{cite book |last=Angwin |first=Julia |author-link=Julia Angwin |title=Dragnet Nation: A Quest for Privacy, Security, and Freedom in a World of Relentless Surveillance |url=https://archive.org/details/dragnetnationque0000angw|url-access=registration |year=2014 |publisher=Times Books / Henry Holt and Company |isbn=978-0-8050-9807-5 |page=[https://archive.org/details/dragnetnationque0000angw/page/47 47]}}</ref> However, no evidence has been presented demonstrating that the NSA has ever been instrumental in preventing a terrorist attack.<ref>{{cite web| url = https://www.propublica.org/article/claim-on-attacks-thwarted-by-nsa-spreads-despite-lack-of-evidence| title = Elliott, Justin and Meyer, Theodoric ''ProPublica''. Retrieved October 7, 2016.| date = 23 October 2013| access-date = 7 June 2024| archive-date = 7 June 2024| archive-url = https://web.archive.org/web/20240607064024/https://www.propublica.org/article/claim-on-attacks-thwarted-by-nsa-spreads-despite-lack-of-evidence| url-status = live}}</ref><ref>{{cite web|url=http://bigstory.ap.org/article/nyc-bomb-plot-details-settle-little-nsa-debate|title=Goldman, Adam and Apuzzo, Matt Associated Press. Retrieved October 7, 2016.|access-date=October 7, 2016|archive-date=July 3, 2015|archive-url=https://web.archive.org/web/20150703231925/http://bigstory.ap.org/article/nyc-bomb-plot-details-settle-little-nsa-debate|url-status=dead}}</ref><ref>{{cite web|url=https://www.nbcnews.com/news/world/nsa-program-stopped-no-terror-attacks-says-white-house-panel-flna2D11783588|title=NSA program stopped no terror attacks, says White House panel member|website=NBC News|date=20 December 2013|access-date=7 June 2024|archive-date=21 December 2013|archive-url=https://web.archive.org/web/20131221133023/http://investigations.nbcnews.com/_news/2013/12/19/21975158-nsa-program-stopped-no-terror-attacks-says-white-house-panel-member?lite|url-status=live}}</ref><ref>{{Cite news|url=https://www.techdirt.com/articles/20131220/11312025653/judge-intelligence-task-force-both-seem-stunned-nsa-couldnt-provide-single-example-data-collection-stopping-terrorism.shtml|title=Judge And Intelligence Task Force Both Seem Stunned By Lack Of Evidence That Bulk Phone Collection Program Stops Terrorists|last=Masnick|first=Mike|date=December 23, 2013|work=Techdirt.|access-date=2017-10-10|archive-url=https://web.archive.org/web/20161010010635/https://www.techdirt.com/articles/20131220/11312025653/judge-intelligence-task-force-both-seem-stunned-nsa-couldnt-provide-single-example-data-collection-stopping-terrorism.shtml|archive-date=October 10, 2016|url-status=dead}}</ref>

==== The FASCIA database ====
'''FASCIA''' is a [[database]] created and used by the U.S. National Security Agency that contains trillions of device-location records that are collected from a variety of sources.<ref name="Hindu">{{cite news |author=Narayan Lakshman |date=2013-12-05 |title=NSA tracking millions of cellphones globally |url=http://www.thehindu.com/sci-tech/technology/nsa-tracking-millions-of-cellphones-globally/article5424401.ece |url-status=live |archive-url=https://web.archive.org/web/20140424062040/http://www.thehindu.com/sci-tech/technology/nsa-tracking-millions-of-cellphones-globally/article5424401.ece |archive-date=2014-04-24 |access-date=2014-03-23 |work=The Hindu }}</ref> Its existence was revealed during the 2013 [[global surveillance disclosure]] by [[Edward Snowden]].<ref name="apps.washingtonpost-nsa-fascia">{{cite news |author=The Washington Post |date=2013-12-04 |title=FASCIA: The NSA's huge trove of location records |url=https://apps.washingtonpost.com/g/page/world/fascia-the-nsas-huge-trove-of-location-records/637/ |url-status=live |archive-url=https://web.archive.org/web/20141101195543/http://apps.washingtonpost.com/g/page/world/fascia-the-nsas-huge-trove-of-location-records/637/ |archive-date=2014-11-01 |access-date=2014-03-23 |newspaper=The Washington Post |format=2&nbsp;slides}}</ref>

The FASCIA database stores various types of information, including [[Location area identity|Location Area Codes]] (LACs), [[Cell ID|Cell Tower IDs]] (CeLLIDs), [[Visitor Location Register]]s (VLRs), [[International Mobile Station Equipment Identity]] (IMEIs) and [[MSISDN]]s (Mobile Subscriber Integrated Services Digital Network-Numbers).<ref name="Hindu" /><ref name="apps.washingtonpost-nsa-fascia"/> Over about seven months, more than 27 [[terabyte]]s of location data were collected and stored in the database.<ref name="apps.washingtonpost-fascia-ghostmashine">{{cite news |author=The Washington Post |date=2013-12-04 |title=GHOSTMACHINE: The NSA's cloud analytics platform |url=https://apps.washingtonpost.com/g/page/world/ghostmachine-the-nsas-cloud-analytics-platform/644/ |url-status=live |archive-url=https://web.archive.org/web/20171120013152/https://apps.washingtonpost.com/g/page/world/ghostmachine-the-nsas-cloud-analytics-platform/644/ |archive-date=2017-11-20 |access-date=2014-03-23 |newspaper=The Washington Post |format=4&nbsp;slides}}</ref>

=== Hacking operations ===
Besides the more traditional ways of eavesdropping to collect signals intelligence, the NSA is also engaged in [[hacker (computer security)|hacking]] computers, smartphones, and their networks. A division that conducts such operations is the [[Tailored Access Operations]] (TAO) division, which has been active since at least circa 1998.<ref name=fp2013>{{cite journal|last=Aid|first=Matthew M.|title=Inside the NSA's Ultra-Secret China Hacking Group|journal=Foreign Policy|date=10 June 2013|url=https://foreignpolicy.com/2013/06/10/inside-the-nsas-ultra-secret-china-hacking-group/|access-date=11 June 2013|archive-date=12 February 2022|archive-url=https://web.archive.org/web/20220212231030/https://foreignpolicy.com/2013/06/10/inside-the-nsas-ultra-secret-china-hacking-group/|url-status=live}}</ref>

According to the ''[[Foreign Policy]]'' magazine, "... the Office of Tailored Access Operations, or TAO, has successfully penetrated Chinese computer and telecommunications systems for almost 15 years, generating some of the best and most reliable intelligence information about what is going on inside the People's Republic of China."<ref>"[http://www.businessinsider.com/us-nsa-unit-tao-hacking-china-for-years-2013-6 U.S. NSA Unit 'TAO' Hacking China For Years] {{Webarchive|url=https://web.archive.org/web/20240512132004/https://www.businessinsider.com/us-nsa-unit-tao-hacking-china-for-years-2013-6 |date=2024-05-12 }}". Business Insider. June 11, 2013</ref><ref>"[http://www.computerworld.com/article/2473609/cybercrime-hacking/secret-nsa-hackers-from-tao-office-have-been-pwning-china-for-nearly-15-years.html Secret NSA hackers from TAO Office have been pwning China for nearly 15 years] {{Webarchive|url=https://web.archive.org/web/20180207010751/https://www.computerworld.com/article/2473609/cybercrime-hacking/secret-nsa-hackers-from-tao-office-have-been-pwning-china-for-nearly-15-years.html |date=2018-02-07 }}". ''[[Computerworld]]''. June 11, 2013.</ref> In an interview with ''[[Wired (magazine)|Wired]]'' magazine, Edward Snowden said the Tailored Access Operations division accidentally caused [[Syria]]'s internet blackout in 2012.<ref>"[http://www.ibtimes.com/flubbed-nsa-hack-caused-massive-2012-syrian-internet-blackout-snowden-says-1657886 Flubbed NSA Hack Caused Massive 2012 Syrian Internet Blackout, Snowden Says] {{Webarchive|url=https://web.archive.org/web/20240512123802/https://www.ibtimes.com/flubbed-nsa-hack-caused-massive-2012-syrian-internet-blackout-snowden-says-1657886 |date=2024-05-12 }}". ''International Business Times.'' August 13, 2013.</ref>