5 Fun Facts From the Latest NSA Leak from Wired Magazine

• The NSA generally destroys communication of U.S. persons that are collected incidental to collecting data on foreign individuals — unless the communication is encrypted, which means that encrypted email and text communications involving U.S. persons that are collected by the NSA in the course of conducting bulk collections would be retained by the agency. It does this as a matter of course, the document appears to say, to further its research and assessment into cracking encryption. The NSA may retain the encrypted communications for “any period of time” during which it might prove to be useful. Per the document: “In the context of a cryptanalytic effort, maintenance of technical data bases requires retention of all communications that are enciphered or reasonably believed to contain secret meaning, and sufficient duration may consist of any period of time during which encrypted material is subject to, or of use in, cryptanalysis.”

Furthermore, using the “wrong” encryption program might make you an NSA target. That’s because the National Security Agency takes a number of variables into account in determining whether it can target you for surveillance. One indicator that you might be fair game: using “specific types of cryptology or steganography” that are “extensively used by individuals associated with a foreign power or foreign territory.”

• The NSA maintains a massive database of U.S. email addresses and phone numbers. The agency says it does this only to help determine who is a U.S. citizen and therefore make sure that it’s not accidentally spying on those people.

Per one of the documents, the NSA “maintains records of telephone numbers and electronic communications accounts/addresses/identifiers that NSA has reason to believe are being used by United States persons. Prior to targeting, a particular telephone number or electronic communications account/address/identifier will be compared against those records in order to ascertain whether NSA has reason to believe that telephone number or electronic communications account/address/identifier is being used by a United States person.”

• The NSA also maintains a database of information incidentally collected from GSM and Home Location Registers to determine when a foreign person being targeted has entered the U.S. According to the document, “These registers receive updates whenever a GSM phone moves into a new service area. Analysis of this HLR information provides a primary indicator of a foreign user of a mobile telephone entering the United States.” 

Read the rest at Wired Magazine