Actually, "WRONG" puts it a bit too strongly. It's more accurate to say that the headline on the Guardian's sensational new XKEYSCORE story is not backed up by the story itself. If you feel I've used a misleading headline myself to sucker you in here, I'm sorry. I learned from the best.
Upon reading the article, we find that the source of the quoted text in the headline is not as promised:
One presentation claims the program covers "nearly everything a typical user does on the internet", including the content of emails, websites visited and searches, as well as their metadata.
"Covers" is very, very different from "collects," and for the Guardian to equate the two is dishonest. In fact, the leaked presentation strongly suggests that XKEYSCORE doesn't "collect" anything at all. Rather, it appears to be little more than a sophisticated search engine for retrieving data that has already been collected, presumably through other systems including
PRISM, and stored in NSA databases. Slide 5 of the leaked presentation shows how this works: The analyst enters a query into XKEYSCORE, which in turn queries several other cryptically named systems: F6 HQS, FORNSAT, SSO (the latter may stand for
single sign-on, which would imply that it serves as a gateway to other NSA databases; slide 2 alludes to this).
The reference to "real-time target activity" on slide 2 is intriguing. Savvy observers have long assumed that the NSA has the ability to monitor and analyze some kinds of Internet activity in real time on at least a limited basis, and this would seem to provide some confirmation for that belief. Even so, the context provided by the rest of the slides makes it reasonably clear that the monitoring itself is performed by other systems, some of which we already knew about from the PRISM revelations. More importantly, the existence of a mechanism for providing real-time access to data collected through active monitoring of a subject does not by itself imply that arbitrary subjects can be monitored at will without a warrant. It seems more likely that XKEYSCORE provides a way for an analyst to be alerted about anomalous or suspicious traffic generated by a subject who is already under observation. Whether a warrant has been properly obtained for said monitoring is of course a very important question, but it's well outside the scope of this program.
With this context, the reference to "nearly everything a typical user does on the internet" (apparently taken from a presentation the Guardian has not seen fit to provide) would seem to refer an ability to recognize and parse different kinds of structured data within the ocean of data handled by the NSA. (It irks me that the kinds of insane Manichean conclusions that people jump to around here makes it necessary to say this explicitly, but yes, the NSA collects too much data, and that's bad, and they should not collect so much data.) Slide 12, which lists a number of plug-ins tailored to different kinds of data (HTTP traffic, e-mail addresses, phone numbers, etc.) would be an example of this. We can infer that XKEYSCORE has plug-ins or filters designed to parse most kinds of data and traffic that a typical Internet user might generate on a typical day. Unfortunately, the Guardian's apparently conflation of parsing data with collecting it casts what is probably a fairly unsurprising and uncontroversial search feature as something much more sinister—an inference that numerous other media organs have not hesitated to take even farther, if a quick scan of the latest headlines is any indication.
Why does this matter? For two months now, Edward Snowden, Glenn Greenwald, and the Guardian have dangled a tantalizing story about the yawning power of the NSA before us, and have repeatedly failed to deliver on that promise. In its latest story, the Guardian makes yet another reference to the celebrated Holy Grail behind this controversy, by way of claiming that this story supports it in some way:
The files shed light on one of Snowden's most controversial statements, made in his first video interview published by the Guardian on June 10.
"I, sitting at my desk," said Snowden, could "wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal email".
Unfortunately, simply asserting this is not the same thing as proving it.
Nothing in either today's story or the leaked NSA slide deck presented along with it even begins to address the veracity of Snowden's 50-megaton claim. If the
Guardian has files that support Snowden's wiretapping statement, not only has it not seen fit to share them with us, it didn't even talk about them in this very story—that quote right there is the
only place wiretapping is even addressed. Likewise, the headline on this story—i.e., the only part most people will ever read—appears at last to deliver the long-promised exposé on the NSA's nightmarish electronic skeleton key, a sinister device that provides the
most evil government in the history of the world with free and untrammeled access to
your every email and Facebook message on demand without warrant or oversight. It is only upon reading the story that we learn that we have been fooled yet again.
After a while, you begin to detect a pattern. I long ago gave up any expectation that Edward Snowden will ever be shown to be anything more than a flim-flam artist, and I'm not much interested in anything Glenn Greenwald has to say about anything these days, I'm sorry to say. But I've long respected the Guardian, and that they would stoop to this sort of misleading and sensationalist journalism is disgraceful.
But of course I could be wrong. I welcome any counterexamples.