Baleeted
June 30, 2018 9:35 AM Subscribe
"Consistent with NSA’s core values of respect for the law, accountability, integrity, and transparency we are making public notice that on May 23, 2018, NSA began deleting all call detail records (CDRs) acquired since 2015 under Title V of the Foreign Intelligence Surveillance Act (FISA)."
"... NSA is deleting the CDRs because several months ago NSA analysts noted technical irregularities in some data received from telecommunications service providers. These irregularities also resulted in the production to NSA of some CDRs that NSA was not authorized to receive. Because it was infeasible to identify and isolate properly produced data, NSA concluded that it should not use any of the CDRs."
"... NSA is deleting the CDRs because several months ago NSA analysts noted technical irregularities in some data received from telecommunications service providers. These irregularities also resulted in the production to NSA of some CDRs that NSA was not authorized to receive. Because it was infeasible to identify and isolate properly produced data, NSA concluded that it should not use any of the CDRs."
Call me skeptical.
posted by darkstar at 9:39 AM on June 30, 2018 [5 favorites]
posted by darkstar at 9:39 AM on June 30, 2018 [5 favorites]
2015, eh? Wonder what else was going on in foreign intelligence that year.
posted by eirias at 9:40 AM on June 30, 2018 [15 favorites]
posted by eirias at 9:40 AM on June 30, 2018 [15 favorites]
These irregularities also resulted in the production to NSA of some CDRs that NSA was not authorized to receive. Because it was infeasible to identify and isolate properly produced data, NSA concluded that it should not use any of the CDRs.
They just want to make sure their data is legal. Now they'll do it right.
posted by pracowity at 9:43 AM on June 30, 2018 [1 favorite]
They just want to make sure their data is legal. Now they'll do it right.
posted by pracowity at 9:43 AM on June 30, 2018 [1 favorite]
began deleting all call detail records (CDRs) acquired since 2015
In other words, deleting records between the Trump campaign and Russia before they're subpoenaed by investigators.
posted by AlSweigart at 9:44 AM on June 30, 2018 [37 favorites]
In other words, deleting records between the Trump campaign and Russia before they're subpoenaed by investigators.
posted by AlSweigart at 9:44 AM on June 30, 2018 [37 favorites]
Meanwhile, private companies collect and expose personal data on everybody. Yesterday:
What makes this discovery exceptional was the sheer size of the database, the sensitivity of the content, and the complete lack of security. Precise details are difficult to ascertain, and Exactis has not been forthcoming with details. However, it appears to contain something like 340 million records (230 million on consumers and 110 million on business contacts); making it a far bigger potential breach than last year's Equifax breach.
The Exactis website claims the firm has consumer data on 218 million individuals and 110 million households. Eight-eight million have email addresses and matching postal addresses, and 112 million include residential phone numbers. Business data includes 21 million companies, 40 million postal addresses, 21 million records with email addresses and matching postal address, and 52 million with business phone numbers.
How much of this was exposed is not known, but it is potentially everything. It doesn't include social security numbers or payment details, but goes into great detail for each individual, including interests, habits and the age and gender of children. It apparently includes more than 400 variables ranging from religion, pets, whether a person smokes, to personal interests.
posted by Brian B. at 9:47 AM on June 30, 2018 [2 favorites]
What makes this discovery exceptional was the sheer size of the database, the sensitivity of the content, and the complete lack of security. Precise details are difficult to ascertain, and Exactis has not been forthcoming with details. However, it appears to contain something like 340 million records (230 million on consumers and 110 million on business contacts); making it a far bigger potential breach than last year's Equifax breach.
The Exactis website claims the firm has consumer data on 218 million individuals and 110 million households. Eight-eight million have email addresses and matching postal addresses, and 112 million include residential phone numbers. Business data includes 21 million companies, 40 million postal addresses, 21 million records with email addresses and matching postal address, and 52 million with business phone numbers.
How much of this was exposed is not known, but it is potentially everything. It doesn't include social security numbers or payment details, but goes into great detail for each individual, including interests, habits and the age and gender of children. It apparently includes more than 400 variables ranging from religion, pets, whether a person smokes, to personal interests.
posted by Brian B. at 9:47 AM on June 30, 2018 [2 favorites]
I trust that NSA is still independent enough this isn't directly some Trump-inspired move. At least, I hope it is. But then what the hell is going on? NSA doesn't delete data and has been bending and breaking privacy laws for decades now. My immediate cynical assumption is they must have some other source for the same data.
The NYTimes gives some more context. Prior to 2015 the NSA just recorded all this data themselves. Congress passed the Freedom Act in 2014 that mostly was a renewal of the PATRIOT act. But post-Snowden people were pissed, so the Freedom Act curtailed spy powers in various ways. NSA is no longer supposed to blanket record all call records, only specifically targeted ones. I think what this deletion means it that NSA realized they were collecting more data than they were supposed to.
If there's politics here, my guess is it's NSA angling to get these restrictions lifted in the future. It may also be they honestly are trying to comply with the law. I still bet they have other ways to construct the same sort of data records.
posted by Nelson at 10:39 AM on June 30, 2018 [3 favorites]
The NYTimes gives some more context. Prior to 2015 the NSA just recorded all this data themselves. Congress passed the Freedom Act in 2014 that mostly was a renewal of the PATRIOT act. But post-Snowden people were pissed, so the Freedom Act curtailed spy powers in various ways. NSA is no longer supposed to blanket record all call records, only specifically targeted ones. I think what this deletion means it that NSA realized they were collecting more data than they were supposed to.
If there's politics here, my guess is it's NSA angling to get these restrictions lifted in the future. It may also be they honestly are trying to comply with the law. I still bet they have other ways to construct the same sort of data records.
posted by Nelson at 10:39 AM on June 30, 2018 [3 favorites]
I don't believe anything governmental officials or politicians say regarding domestic surveillance. Check out Barry Eisler's book "The God's Eye View" (fiction) especially the appendix which contains a ton of relevant and relevatory links regarding domestic spying.
posted by TreeHugger at 11:18 AM on June 30, 2018 [1 favorite]
posted by TreeHugger at 11:18 AM on June 30, 2018 [1 favorite]
The Exactis website claims the firm has consumer data on 218 million individuals and 110 million households.
Thus far the only time I've seen data companies have on US citizens is when someone asks under the FDCPA. If there are other ways to get data outta a firm beyond discovery in the US of A - I'm all ears.
Ever pull your Lexis/Nexis report (after they were sued under the FDCPA and had to release)? What is interesting about their report is they cite the sources they used. Myself - I've not heard of most of those firms.
NSA doesn't delete data
Anyone got a $5 spot they got the same data from another source?
posted by rough ashlar at 2:55 PM on June 30, 2018 [1 favorite]
Thus far the only time I've seen data companies have on US citizens is when someone asks under the FDCPA. If there are other ways to get data outta a firm beyond discovery in the US of A - I'm all ears.
Ever pull your Lexis/Nexis report (after they were sued under the FDCPA and had to release)? What is interesting about their report is they cite the sources they used. Myself - I've not heard of most of those firms.
NSA doesn't delete data
Anyone got a $5 spot they got the same data from another source?
posted by rough ashlar at 2:55 PM on June 30, 2018 [1 favorite]
"Consistent with NSA’s core values of respect for the law, accountability, integrity, and transparency"
Is there a German word for "damning yourself with faint praise"?
posted by "mad dan" eccles at 10:19 AM on July 1, 2018
Is there a German word for "damning yourself with faint praise"?
posted by "mad dan" eccles at 10:19 AM on July 1, 2018
2015, eh? Wonder what else was going on in foreign intelligence that year.
Surely a lot of stuff, but my tinfoil hat tells me that 2015 is the year that the nascent Russian misinfo ops got a LOT of Republicans to believe that Obama was going to use the Jade Helm military exercise as a pretense to take over Texas / impose martial law / etc.
posted by a snickering nuthatch at 9:21 AM on July 2, 2018
Surely a lot of stuff, but my tinfoil hat tells me that 2015 is the year that the nascent Russian misinfo ops got a LOT of Republicans to believe that Obama was going to use the Jade Helm military exercise as a pretense to take over Texas / impose martial law / etc.
posted by a snickering nuthatch at 9:21 AM on July 2, 2018
« Older Hello. I'm clearly Noel Gallagher. | Hi, my name is George Lungu and I am a circuit... Newer »
This thread has been archived and is closed to new comments
So they're still happening.
posted by Revvy at 9:38 AM on June 30, 2018 [3 favorites]