FORT MEADE, Md., Oct. 15 (UPI) -- The National Security Agency grabs and keeps tens of millions of personal email and instant messaging contact lists of Americans, secret documents indicate.
The tens of millions of Americans' personal contact lists are among about a quarter-billion lists the NSA harvests each year, senior U.S. intelligence officials told The Washington Post, confirming information in top-secret documents leaked by former NSA contractor Edward Snowden.
The global spying activity is not authorized by Congress or by the secret intelligence court that oversees foreign surveillance, the officials said.
That's because the NSA grabs the contact lists overseas, rather than domestically, as messages move across global data links, one senior official told the Post.
Overseas interception is beyond the scope of the Foreign Intelligence Surveillance Act.
Such interception would be illegal if done in the United States, the senior officials told the Post.
Besides avoiding FISA restrictions, the NSA does not notify or ask for help from U.S. companies such as Yahoo! Inc. and Facebook Inc. that host the information, because the spy agency captures the contact lists "on the fly" as they cross major Internet switches, rather than "at rest" on the companies' computer servers, the documents and U.S. officials said.
In addition, because of the way the information is collected, the agency is not required or even technically able to limit what it grabs to contact lists belonging to foreign intelligence targets, the one senior official told the Post.
When information passes through "the overseas collection apparatus, the assumption is you're not a U.S. person," the official said.
Google Inc., Microsoft Corp. and Facebook spokespeople all told the Post they had no idea the NSA was mass-collecting webmail addresses and chat lists.
They all said they provided no information for the contact-list interception.
"We would have significant concerns if these allegations about government actions are true," Microsoft spokeswoman Nicole Miller said.
A spokesman for the Office of the Director of National Intelligence, which oversees the NSA, told the Post the agency was "focused on discovering and developing intelligence about valid foreign intelligence targets like terrorists, human traffickers and drug smugglers."
"We are not interested in personal information about ordinary Americans," Shawn Turner said.
Rules approved by the U.S. attorney general require the NSA to "minimize the acquisition, use and dissemination" of information that identifies a U.S. citizen or permanent resident, he added.
Online contact lists provide the NSA with far richer sources of data than the NSA's controversial collection of nearly all U.S. call-record metadata, the Post said.
That information is reported to include the numbers of both parties on a call, location information, call duration, unique identifiers, and the time and duration of all calls, but not the conversation contents.
Address books commonly include names and email addresses, phone numbers, street addresses, and business and family information.
Inbox listings of email accounts stored in the "cloud" sometimes contain the first few lines of a message.
The cloud, or cloud computing, is an expression referring to the collection and storage of data in remote servers accessed through the Internet.
During a typical day last year, the NSA's Special Source Operations branch collected 444,743 email address books from Yahoo! customers, 105,068 from Windows Live Hotmail, 82,857 from Facebook, 33,697 from Google's Gmail and 22,881 from unspecified other providers, an internal NSA PowerPoint presentation indicated.
Those figures correspond to a rate of more than 250 million a year.
The presentation didn't say why the NSA collects more than twice as many address books from Yahoo! than the other big services combined.
The NSA each day collects contacts from a half-million buddy lists on live-chat services as well as from the Web-based email inbox displays, the presentation said.
The NSA's Special Source Operations is also responsible for the agency's top-secret PRISM surveillance program that gathered intelligence from U.S. Internet companies.