Latest Snowden Revelations Highlight Troubling Role of NSA in Cybersecurity

On Thursday, an article from the New York Times and ProPublica shed new light on the involvement of the National Security Agency (NSA) in the country’s cybersecurity efforts. The story highlights the NSA’s ability to conduct warrantless surveillance of Americans’ international internet traffic to search for malicious attacks. With numerous cybersecurity bills currently being debated by Congress, the NSA’s expanded role in battling cyber attacks makes them all the more troubling.

“Those who have said that the cybersecurity bills are not about surveillance have been proven wrong. The new revelations show that the NSA sees surveillance as the flipside of cybersecurity,” said Greg Nojeim, Director of CDT’s Freedom, Security, and Technology Project. “Being the victim of a cyber attack should not be a reason for the NSA to collect your communications and mine them for intelligence purposes,” he added.

The leaked documents show that the NSA is using Section 702 of the Foreign Intelligence Surveillance Act (FISA) in a far broader manner than previously understood. Section 702 is supposed to be used to monitor foreign targets.  However, by using Section 702 to collect information directly from main internet cables in the US, the NSA is sweeping up communications of Americans, including those who have been victimized by cyber attacks.

“The backdoor search loophole in Section 702 of FISA is a far bigger problem than we thought. Unlike the bulk collection of phone records under Section 215, collection under Section 702 gets the actual content of communications. The scope of this incidental collection of Americans’ communications in the name of cybersecurity is just not acceptable,” Nojeim added.