December 19, 2024 / by 

 

Section 702 Used for Cybersecurity: You Read It Here First

I have been reporting for years that the government uses Section 702 for cybersecurity purposes, including its upstream application.

ProPublica and NYT have now confirmed and finally liberated related Snowden documents on the practice. They show that DOJ tried to formalize the process in 2012 (though I have reasons to doubt that the NSA documents released tell all of the story, as I hope to show in upcoming posts).

Without public notice or debate, the Obama administration has expanded the National Security Agency’s warrantless surveillance of Americans’ international Internet traffic to search for evidence of malicious computer hacking, according to classified NSA documents.

In mid-2012, Justice Department lawyers wrote two secret memos permitting the spy agency to begin hunting on Internet cables, without a warrant and on American soil, for data linked to computer intrusions originating abroad — including traffic that flows to suspicious Internet addresses or contains malware, the documents show.

The Justice Department allowed the agency to monitor only addresses and “cybersignatures” — patterns associated with computer intrusions — that it could tie to foreign governments. But the documents also note that the NSA sought to target hackers even when it could not establish any links to foreign powers.

The disclosures, based on documents provided by Edward J. Snowden, the former NSA contractor, and shared with the New York Times and ProPublica, come at a time of unprecedented cyberattacks on American financial institutions, businesses and government agencies, but also of greater scrutiny of secret legal justifications for broader government surveillance.

Jonathan Mayer, whom ProPublica and NYT cite in the article, has his own worthwhile take on what the documents say.

Stay tuned!

Copyright © 2024 emptywheel. All rights reserved.
Originally Posted @ https://emptywheel.net/tag/jeffrey-white/