The NSA admits to acquiring Americans’ internet records through data brokers without court orders, raising privacy concerns, as revealed by Senator Ron Wyden.
The U.S. National Security Agency (NSA) has publicly acknowledged acquiring internet browsing records from data brokers to identify the online activities of Americans without requiring a court order, according to U.S. Senator Ron Wyden. In a letter to the Director of National Intelligence (DNI), Avril Haines, Senator Wyden criticized the government’s support for an industry with questionable ethics and illegal violations of Americans’ privacy, urging the government to ensure intelligence agencies lawfully acquire data on U.S. citizens.
The collection of metadata on users’ browsing patterns poses a significant privacy risk. Consequently, it has the potential to reveal personal information based on visited websites, including sensitive areas such as mental health resources, support for assault survivors, or telehealth services focusing on birth control or abortion medication.
In response to Senator Wyden’s inquiries, the NSA claimed it had implemented compliance measures to minimize the collection of U.S. person information. Moreover, emphasizing the acquisition of data relevant to mission requirements, the NSA clarified that it does not purchase or use location data from U.S. phones without a court order. Additionally, it refrains from utilizing location information from vehicle telematics systems within the country.
Assuring strict privacy standards, Ronald S. Moultrie, under secretary of defense for intelligence and security (USDI&S), stated that the Department of Defense follows these standards when acquiring and utilizing commercially available information (CAI) to support lawful intelligence or cybersecurity missions.
The revelation underscores the trend of intelligence and law enforcement agencies obtaining sensitive data from third-party companies rather than directly from communication providers, bypassing the need for court orders. In early 2021, it became known that the Defense Intelligence Agency (DIA) was acquiring domestic location data from smartphones through commercial data brokers.
This disclosure about warrantless data purchases follows the Federal Trade Commission (FTC) prohibiting companies like Outlogic (formerly X-Mode Social) and InMarket Media from selling precise location information without users’ informed consent. As part of its settlement, Outlogic is also barred from collecting location data related to sensitive places such as medical clinics, domestic abuse shelters, and places of worship.
Senator Wyden highlighted the legal ambiguity surrounding the purchase of sensitive data from these undisclosed companies. Consumers often remain unaware of who shares their data, raising concerns about transparency and accountability. Additionally, apps incorporating software from these data brokers and ad-tech vendors do not inform users about the sale and sharing of location data for purposes like advertising or national security.
Senator Wyden emphasized that, according to the FTC, mere user consent to data collection by apps or websites is insufficient; consumers must be informed and agree to their data being sold to government contractors for national security purposes. He noted a lack of companies providing such warnings to consumers, suggesting that this lawbreaking trend likely extends across the industry.
Related story:
