The US National Security Agency's (NSA) infamous XKeyscore mass surveillance tool, first brought to light by whistleblower Edward Snowden, makes tracking people as easy as Googling their name, according to newly published documents.
Details of XKeyscore were published by The Intercept in one of the largest releases of NSA documents to date. The 48 top-secret documents relating to XKeyscore detail how around 150 field sites in the US and abroad sweep up people's internet searches, emails, documents, usernames and passwords, and other private communications.
In order to access all of a target's web activity and communications, all that is needed is the person's email address, telephone number, or other identifying data. "Anyone could be trained to do this in less than one day: they simply enter the name of the server they want to hack into XKeyscore, type enter, and are presented login and password pairs to connect to this machine. Done. Finito," said Jonathan Brossard, CEO of security firm Toucan Systems.
"NSA has built an impressively complete set of automated hacking tools for their analysts to use. The amount of work an analyst has to perform to actually break into remote computers over the internet seems ridiculously reduced – we are talking minutes, if not seconds. Simple. As easy as typing a few words into Google."
The ease of use of XKeyscore revealed by the latest documents support claims by Snowden in his first video interview following the leak of NSA documents in 2013 that he could wiretap anyone, including the president, if he had their personal email. Despite the US Fourth Amendment protection against "unreasonable search and seizure", the nature of XKeyscore means communications of Americans are swept up "incidentally".
The NSA has once again defended the use of such invasive tools, claiming they are necessary to stifle terrorist threats. "The US government calls on its intelligence agencies to protect the United States, its citizens, and its allies from a wide array of serious threats," the agency said in a statement.
"These security threats include terrorist plots from al-Qaeda, ISIL [Islamic State], and others; the proliferation of weapons of mass destruction; foreign aggression against the United States and our allies; and international criminal organisations." The Foreign Intelligence Surveillance Court ruled that the National Security Agency may temporarily resume its once-secret program that systematically collects records of Americans’ domestic phone calls in bulk.