ProPublica

Journalism in the Public Interest

Cancel

NSA Says It Can’t Search Its Own Emails

In response to a public records request, the super-snooping spy agency says it doesn’t have the technology.

The NSA's new data center in Bluffdale, Utah, which is expected to open later this year and will contain some of the world's fastest supercomputers. (George Frey/Getty)

The NSA is a "supercomputing powerhouse" with machines so powerful their speed is measured in thousands of trillions of operations per second. The agency turns its giant machine brains to the task of sifting through unimaginably large troves of data its surveillance programs capture. 

But ask the NSA, as part of a freedom of information request, to do a seemingly simple search of its own employees' email? The agency says it doesn’t have the technology.

"There's no central method to search an email at this time with the way our records are set up, unfortunately," NSA Freedom of Information Act officer Cindy Blacker told me last week.

The system is “a little antiquated and archaic," she added.

I filed a request last week for emails between NSA employees and employees of the National Geographic Channel over a specific time period. The TV station had aired a friendly documentary on the NSA and I want to better understand the agency's public-relations efforts.

A few days after filing the request, Blacker called, asking me to narrow my request since the FOIA office can search emails only “person by person," rather than in bulk. The NSA has more than 30,000 employees.

I reached out to the NSA press office seeking more information but got no response.

It’s actually common for large corporations to do bulk searches of their employees email as part of internal investigations or legal discovery.

“It’s just baffling,” says Mark Caramanica of the Reporters Committee for Freedom of the Press. “This is an agency that’s charged with monitoring millions of communications globally and they can’t even track their own internal communications in response to a FOIA request.”

Federal agencies’ public records offices are often underfunded, according to Lucy Dalglish, dean of the journalism school at University of Maryland and a longtime observer of FOIA issues.

But, Dalglish says, “If anybody is going to have the money to engage in evaluation of digital information, it’s the NSA for heaven’s sake.”

For more on the NSA, read our story on the agency’s tapping of Internet cables, our fact-check on claims about the NSA and Sept. 11, and our timeline of surveillance law.

It’s only baffling if one assumes they haven’t designed the system this way on purpose.

Standard practice for companies that want to serve pro-privacy customers is to not keep logs.  With logs regularly deleted, there’s nothing in them a search warrant can turn up.

It’s also standard practice when abusing one’s powers to make sure those powers can’t be turned on you.

So how do you foil Freedom of Information Act requests, if that’s your interest?  You make it extremely difficult to find and centralize the information people would request.  No information, no scrutiny.

Security through obscurity, although this definitely is a show-stopper for any FOIA requests. You are authorized to go through the haystack but only at the rate of one piece of straw per week/month/year. Good luck finding that needle. You won’t live that long.

If you deal with a LOT of “classified” information (because you’re the NSA or a business protecting what could be called “insider information” about your plans/capabilities/flaws), then having a pre-built system to search all of your employees’ emails can be a decided risk.

It is one thing if an e-intruder cracks an email account and can access all of that account’s “sent” and “inbox” mail…they have to access the email account(s) and the emails on a one-by-one basis, meaning that the intruder “probably” won’t find useful information before it becomes stale…or they are detected.

But if you have that pre-built search facility in place, then all an e-intruder has to do is access an account with the privileges to use/awareness of that search facility - and your entire entity (business or governmental) becomes the intruder’s playground.

So me, I don’t find the NSA’s inability to make it easy to search - and thus capture - billions of emails to be disturbing, at all; quite the contrary.

By the way:  If you see the NSA or another “I” or “A” agency to be a “threat”, then stop electing politicians who prioritize some other interest over “the general Welfare” of the American people and so the safety and security of these United States.

“Some other interest”...like oil or the financial sector.  Or both.

It takes a totalitarian further up the chain of command to force any “I” or “A” agency to behave like totalitarians.

And now how are they to find all the Snowdens within.

HENRY A. TURNER, ATTORNEY AT LAW

July 23, 2013, 12:52 p.m.

Dick Chaney would likely say: “Joe Stalin never had these problems.”

It’s only baffling if one asks intentionally vague questions then acts as if an answer seeking clarification is a stonewall denial.

As previously stated, in a security context, e-mail accounts can be compartmentalized. A request for “all” of something that does not reside entirely in a single compartment, and which does not deny the compartments (aka departments) from which one wants info can result in a predictable “what do you really want” sort of reply.

Why not aski for “all correspondence between TV reporters and employees of the United States.” That one’s sure to generate denials that should be good for days worth of blog posts, which ProPublica can use to show it’s really standing up against government surveillance, all the while ProPublica advocates for policies that will increase government surveillance - such as mandatory participation in a healthcare system that will document personal information in a database centrally accessible to the same revenue agency that decides which 501C organizations are or are not “primarily” involved in “social” issues.

It’s only baffling if one asks intentionally vague questions then acts as if an answer seeking clarification is a stonewall denial.

As previously stated, in a security context, e-mail accounts can be compartmentalized. A request for “all” of something that does not reside entirely in a single compartment, and which does not identify the particular compartments (aka departments) from which one wants info can result in a predictable “what do you really want” sort of reply.

Why not ask for “all correspondence between TV reporters and employees of the United States.” That one’s sure to generate denials that should be good for days worth of blog posts, which ProPublica can use to show it’s really standing up against government surveillance, all the while ProPublica advocates for policies that will increase government surveillance - such as mandatory participation in a healthcare system that will document personal information in a database centrally accessible to the same revenue agency that decides which 501C organizations are or are not “primarily” involved in “social” issues.

Hey Mertha/Marta ... If you’re going to astroturf, perhaps you should make it less obvious, eh?

The only thing worse than the NSA’s lack of accountability is their chutzpah about being unaccountable.  They seem pretty smug that nobody can do anything about them.

It’s not a good sign.  I hope they’re wrong.

“There’s no central method to search an email at this time with the way our records are set up…”
This may be technically correct, but it’s a red herring.
None of this deals with the elephant in the room: Oversight of these agencies that have this ability to invade the privacy of millions of its citizens. 
No, we’re not yet in a “1984” world, but the potential for it is there.
There is no reason to be confident that these oversight entities—the Senate, FISA—have been effective or wil be in the future.
Once these agencies develop a power, they will not relinquish it.
It means jobs and power.
Next year, next month, 5, 10 years from now, some person or persons in govnt will use this power for political purposes.
It was done under COINTELPRO—google it.

*cough*bullshit*cough*

They shouldn’t try searching their mailboxes or mail servers.

They should simply search the data they stole from the continuous worldwide sniffing… a simple query would do.

I don’t believe it. They can do it they just haven’t set it up. They can search anything they want. That’s why I now use ExpressVPN even when I’m back on US soil. The security tips on http://vpnexpress.net about mail and cloud storage are useful too.

NSA’s Booz Allen Hamilton Information:

Out of Boozer’s own website.

NSA corporation Booz Allen Hamilton – http://www.boozallen.com/  Turning Big Data Into Big Insights.  http://www.boozallen.com/consulting/view-our-work/48383297/turning-big-data-into-big-insights  Leverage the power of our Cloud Analytics Reference Architecture

We are living in the greatest age of information discovery the world has ever known. Fueled in large part by the more than five billion mobile phones in use around the globe, our world is increasingly measured, instrumented, monitored, and automated in ways that generate incredible amounts of rich and complex data. Unfortunately, the number of big data analysts and the capabilities of traditional tools aren’t keeping pace with this unprecedented data growth.

Booz Allen Hamilton’s Cloud Analytics Reference Architecture integrates cloud computing technology and advanced analytic capabilities. Our secure, scalable, and schema-less framework allows machines to do the mundane tasks required to compile and sort the data and frees people to do the analysis that provides insights for data-driven decision-making.

The Cloud Analytics Reference Architecture

Our layered framework incorporates a wide range of services to move from technology infrastructure with chaotic, distributed data burdened by noise to large-scale data processing and analytics characterized by speed, precision, security, scalability, and cost efficiency

Domain Experts, Software Engineers, and Analysts

Booz Allen brings together best-of-breed domain experts, software engineers, and analysts to extract new insights from data, enabling our clients to make the intelligent data-driven business decisions required to compete in today’s information age.

Who We Serve – http://www.boozallen.com/consultants Booz Allen’s major clients include global corporations in the health, energy, and financial services sectors, as well as nearly all departments and agencies across the U.S. federal government. These clients face a wide range of complex and pressing challenges such as combating global terrorism, improving cyber capabilities,…

In civil government, we serve several key areas and clients:

Financial sector

Health and human services

Environment and sustainability

Infrastructure (transportation, energy, telecommunications)

Law enforcement and homeland security

International funding institutions (World Bank, USAID)

Non-governmental organizations (NGOs)

In Defense, we serve several key areas:

U.S. Armed Services

Department of Defense

Joint Commands

Intelligence agencies

Foreign military programs of U.S. allies

http://edwardmd.wordpress.com/2013/06/16/fascist-us-leaders-expose-snowdens-information-is-factual-nsas-booz-allen-hamilton-information-and-more-on-edward-snowden/  Fascist US Leaders Expose Snowden’s Information Is Factual; NSA’s Booz Allen Hamilton Facts ; and More on Edward Snowden.  by Ed Ward, MD 6-15-13

““There’s no central method to search an email at this time with the way our records are set up, unfortunately,” NSA Freedom of Information Act officer Cindy Blacker told me last week.”

Can’t search? ... or won’t.

The silliness of that response would be amusing if this came from some run of the mill corporation. But it didn’t.

Either they’re liars, or they’re incompetent. Given the systems the NSA has at it’s disposal, I’d go with liars.

They are lying.  There is always a way.  They are required by law to be able to comply with FOIA requests and they must do so.

This article is part of an ongoing investigation:
Surveillance

Surveillance

ProPublica investigates the threats to privacy in an era of cellphones, data mining and cyberwar.

Get Updates

Stay on top of what we’re working on by subscribing to our email digest.

optional

Our Hottest Stories

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •