NSA collects data from millions of cellphones worldwide

Program seeks to identify individuals who communicate with tagets of NSA surveillance, report says

The U.S. National Security Agency is collecting location data daily from tens of millions of cellphones around the world, the Washington Post reported Wednesday.

The report is based on documents obtained from former NSA contractor turned document leaker Edward Snowden and interviews with U.S. officials.

The five billion or so cellphone records collected by the agency every day include data on millions of Americans who use personal devices while traveling aboard.

Since Snowden began leaking information in June, there has been a string of stories detailing varied NSA data collection programs.

The disclosures have raised widespread security and privacy concerns around the world and have spawned calls for greater transparency and oversight over NSA data collection activities.

In a statement, the American Civil Liberties Union expressed dismay at the sheer scale and scope of the program described yesterday.

"It is staggering that a location-tracking program on this scale could be implemented without any public debate, particularly given the substantial number of Americans having their movements recorded by the government," the civil liberties group said.

"The dragnet surveillance of hundreds of millions of cell phones flouts our international obligation to respect the privacy of foreigners and Americans alike," the ACLU said

The collected cellphone data is fed into a massive database from where it's combed with a suite of sophisticated analytic tools collectively dubbed CO-TRAVELER, the report aid. The tools let NSA analysts to identify cellphones and quickly retrace their movements to find hidden relationships among the people using them, the Post said, citing unnamed sources.

CO-TRAVELER algorithms allow NSA analysts to correlate the movements of millions of cellphones to find hidden patterns.

The analytics suite includes tools that can map the date, time and location of cellphones to find significant moments of overlap. "Other tools compute speed and trajectory for large numbers of mobile devices, overlaying the electronic data on transportation maps to compute the likely travel time and determine which devices might have intersected," the Post said in its report.

Individuals who use disposable phones, or who switch on their phones only long enough to make calls, are usually marked for special attention by the NSA. CO-TRAVELER is designed, for instance, to note when a new phone connects to a cell tower soon after an existing phone is used for the last time, the Post report said.

The apparent goal of the massive data collection effort is to identify people meeting overseas with foreign intelligence targets.

The NSA gets much of the cellphone data directly from cables linking the networks of major U.S and international mobile service providers. The spy agency also works with at least two large corporate partners, identified only as ARTIFICE and WOLFPOINT, to administer and manage the equipment used to intercept and collect the data.

Though the NSA does not collect location data on Americans by design, in reality the agency ends up collecting metadata, including detailed location information, on potentially millions of Americans, the Post report said.

U.S. intelligence officials told the newspaper that the cell phone data collection program i legal and aims only to acquire information about foreign intelligence targets. No U.S. intelligence agency deliberately collects bulk information from cellphones in the United States, agency officials claimed.

An NSA spokeswoman on Wednesday declined a Computerworld request for comment on the report.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His email address is jvijayan@computerworld.com.

Read more about privacy in Computerworld's Privacy Topic Center.

Join the CSO newsletter!

Error: Please check your email address.

Tags Gov't Legislation/RegulationNational Security AgencyregulationsecuritynsaU.S. National Security Agencywashington postthreegovernmentprivacy

More about National Security AgencyNSATopic

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jaikumar Vijayan

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts