Edward Snowden speaks via video link to attendees of the MCI alumni and friends conference at the Congress Innsbruck on Oct. 18, 2018, in Innsbruck, Austria.
There was a time when the idea that the U.S. government might spy on your web activity might have seemed like a far-fetched conspiracy theory.
But that was before Edward Snowden. Back in 2013, Snowden, a former employee of a defense contractor for the National Security Agency, shocked the world by revealing the extent to which U.S. intelligence was able to conduct surveillance on the internet and electronic communications. Snowden’s revelations, published in the U.K. newspaper the Guardian and other outlets, included the existence of a previously undisclosed NSA program called PRISM. The latter gave NSA direct access to the servers of various big U.S. internet companies, and enabled officials to collect information that included users’ search histories, the content of their emails, file transfers and even live chats [sources: Greenwald and MacAskill,Gellman and Poitras].
Snowden’s documents and information also revealed that the NSA had secretly broken into the communications links between data centers across the world, allowing it to download data on internet communication — more than 180 million records in one month alone — and store it at the agency’s headquarters in Fort Meade, Maryland [source: Gelman and Soltani]. The "upstream" surveillance program, as it was called, enables NSA to search the international online activity of Americans. The program gave NSA the ability to scrutinize anyone who sends emails abroad or browses a website hosted outside the U.S. [source: Gorski and Toomey].
Though the two online surveillance programs are authorized through a federal law that is designed to allow U.S. intelligence agencies to conduct surveillance upon foreigners, information about the activities of Americans are gathered up in the process as well. The revelations raised an outcry, but nevertheless, both programs were reauthorized by Congress in January 2018 [source: Hautala].
But though the NSA gathers vast amounts of data about online activity, that doesn’t necessarily mean that it’s spying upon vast numbers of ordinary Americans, which would be illegal. As this Q&A from the Director of National Intelligence explains, before the trove of data can be searched for a foreign intelligence target’s online activity it requires an order from a special secret court that hears such requests. There also are procedures in place that require intelligence agencies to redact any communications from Americans that were captured accidentally in the surveillance.
But having your search history scooped up by NSA’s surveillance programs isn’t the only way that the U.S. government might gain access to what you do on the web. We’ll get into that in the next two sections.