Without public notice or debate, the Obama administration has expanded the National Security Agency’s warrantless surveillance of Americans’ international Internet traffic to search for evidence of malicious computer hacking, according to classified NSA documents.
In mid-2012, Justice Department lawyers wrote two secret memos permitting the spy agency to begin hunting on Internet cables, without a warrant and on American soil, for data linked to computer intrusions originating abroad — including traffic that flows to suspicious Internet addresses or contains malware, the documents show.
The Justice Department allowed the agency to monitor only addresses and “cybersignatures” — patterns associated with computer intrusions — that it could tie to foreign governments. But the documents also note that the NSA sought permission to target hackers even when it could not establish any links to foreign powers.
The disclosures, based on documents provided by Edward J. Snowden, the former NSA contractor, and shared with the New York Times and ProPublica, come at a time of unprecedented cyberattacks on American financial institutions, businesses and government agencies, but also of greater scrutiny of secret legal justifications for broader government surveillance.
While the Senate passed legislation this week limiting some of the NSA’s authority, it involved provisions in the U.S.A. Patriot Act and did not apply to the warrantless wiretapping program.
Government officials defended the NSA’s monitoring of suspected hackers as necessary to shield Americans from the increasingly aggressive activities of foreign governments. But critics say it raises difficult trade-offs that should be subject to public debate.
The NSA’s activities run “smack into law enforcement land,” said Jonathan Mayer, a cybersecurity scholar at Stanford Law School who has researched privacy issues and who reviewed several of the documents. “That’s a major policy decision about how to structure cybersecurity in the U.S. and not a conversation that has been had in public.”
It is not clear what standards the agency is using to select targets. It can be hard to know for sure who is behind a particular intrusion — a foreign government or a criminal gang — and the NSA is supposed to focus on foreign intelligence, not law enforcement.