This story is over 5 years old.


Snowden Wasn't Lying: The NSA's XKeyscore Program Can Spy on Everything You Do Online

It's hard to imagine the NSA giving up such capabilities until it's forced to.
A slide from the XKeyscore presentation published by the Guardian.

When Edward Snowden revealed the NSA's spying operations in June, the biggest bombshell he dropped was the claim that he could "wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal email." Now, a newly-revealed NSA program called XKeyscore, as described in a 2008 presentation published by the Guardian, appears to corroborate Snowden's claims.

XKeyscore, a massive system that, in the NSA's words, "performs strong (e.g. email) and soft (content) selection" of data and "provides real-time target activity," makes PRISM look downright tame by comparison. The presentation notes that most of what users do online is anonymous, so on top of being able to extract metadata from a user—including any email addresses, phone numbers, or files seen during a targeted user's session—the system is designed to find users based on data anomalies.


That includes, to use the presentation's example, finding a German speaker in Pakistan by extracting HTML language tags and making them searchable—a massive task when you're looking at the country scale. It also claims to be able to find a user's email address based on their Google Maps activity, and to find the origin of a "Jihadist document that has been passed around through multiple people."

The presentation says that no other system could do these types of searches, because it involves too much data to sift through. It also claims that over 300 terrorists were captured based on intelligence developed using the system.

According to the presentation, the system is based on a "massive distributed Linux cluster" with more than 700 servers distributed around the world. Importantly, the presentation says it is "REL TO USA, AUS, CAN, GBR, NZL," which lends support to past revelations that the NSA's spying programs were deployed to a number of partner countries.

A slide from the XKeyscore presentation published by the Guardian.

Remember, this is from 2008; the presentation notes that the system can scale up simply by adding more servers.

It's not clear if the system is still in use, but the system's scalability is yet another reason the NSA's Utah data center is of concern. Also not clear is what legal checks the system has. The materials boast that an analyst can easily do a thorough search of an individual's online history with a lone piece of identification—say an email, or an IP address. As Glenn Greenwald notes, the NSA is required to get a court order from the secret FISA court to spy on Americans, but regardless, XKeyscore appears to offer (or have offered) an incredible ability to access user data with little difficulty.


Five years is a long time, and the NSA may have moved to another program by now. But the existence of the program contradicts claims by government officials that the NSA doesn't have the capability to tap emails in real time.

Notably, Senator Saxby Chambliss, senior Republican on the Senate intelligence committee, told George Stephanopolous on The Week that "I was back at NSA just last week. I spent a couple of hours there with high-level and low-level NSA officials. And what I've been assured of is that there is no capability at NSA for anyone without a court order to listen to any telephone conversation or to monitor any email."

A slide from the XKeyscore presentation published by the Guardian.

As Conor Friedersdorf at The Atlantic argues, that claim makes no sense. The NSA doesn't have the capability to monitor emails without a court order? They clearly do have the ability to do so with a court order, so how does that change? It's not like FISA judges give NSA analysts one-time access codes to surveillance systems for every court order, especially when analysts have the legal ability to surveill anyone who's not American without a court order.

Of course, government officials have been fighting the NSA allegations from the beginning. Remember, Rep. Mike Rogers, the Republican chairman of the House intelligence committee, said that Snowden was lying about having real-time email access. "He's lying. It's impossible for him to do what he was saying he could do," Rogers said in June.

XKeyscore's own training materials claim otherwise. Based on official's denials, it would appear that either the NSA isn't being totally upfront about what it could do, or there's a serious case of semantic deniability going on here. Intelligence officials are set to testify to the Senate judiciary committee, which may shed light on the whole matter. And, to be fair, a presentation dating from 2008 doesn't guarantee that such activities are ongoing. But considering new programs keep making their way into the public eye, it's hard to imagine the NSA giving up such capabilities until it's forced to.