As the Obama administration considers shifting the collection of those records from the
Under the research, U.S. data mining would be shielded by secret coding that could conceal identifying details from outsiders and even the owners of the targeted databases, according to public documents obtained by The Associated Press and AP interviews with researchers, corporate executives and government officials.
In other developments Monday:
—The Justice Department and leading Internet companies agreed to a compromise with the government that would allow the firms to reveal how often they are ordered to turn over information about their customers in national security investigations. The deal with
—Published reports said new documents leaked by former NSA contactor
—NBC News reported that British cyber spies demonstrated a pilot program to their U.S. partners in 2012 in which they were able to monitor
Under pressure, the administration has provided only vague descriptions about changes it is considering to the NSA's daily collection and storage of Americans' phone records, which are presently kept in NSA databanks. To resolve legal, privacy and civil liberties concerns, President
One federal review panel urged Obama to order phone companies or an unspecified third party to store the records; another panel said collecting the phone records was illegal and ineffective and urged Obama to abandon the program entirely.
Internal documents describing the
A DNI spokesman,
The intelligence director's office is by law exempt from disclosing detailed budget figures, so it's unclear how much money the government has spent on the SPAR project, which is overseen by the DNI's Intelligence Advanced Research Projects Activity office. Birmingham said the research is aimed for use in a "situation where a large sensitive data set is held by one party which another seeks to query, preserving privacy and enforcing access policies."
"If the NSA wanted to deploy something like this it would take one to two years to get the hardware and software in place to start collecting data this way either from phone companies or whatever other entity they decide on," said Bellovin, who is also a former chief technologist for the
The NSA's surveillance program collects millions of Americans' daily calling records into a central agency database. When the agency wants to review telephone traffic associated with a suspected terrorist — the agency made 300 such queries in 2012 — it then searches that data bank and retrieves matching calling records and stores them separately for further analysis.
Using a "three-hop" method that allows the NSA to pull in records from three widening tiers of phone contacts, the agency could collect the phone records of up to 2.5 million Americans during each single query. Obama this month imposed a limit of "two hops," or scrutinizing phone calls that are two steps removed from a number associated with a terrorist organization, instead of the current three.
An encrypted search system would permit the NSA to shift storage of phone records to either phone providers or a third party, and conduct secure searches remotely through their databases. The coding could shield both the extracted metadata and identities of those conducting the searches, Bellovin said. The government could use encrypted searches to ensure its analysts were not leaking information or abusing anyone's privacy during their data searches. And the technique could also be used by the NSA to securely search out and retrieve Internet metadata, such as emails and other electronic records.
Some computer science experts are less sanguine about the prospects for encrypted search techniques. Searches could bog down because of the encryption computations needed, said
"There's no silver bullet that guarantees the intelligence community will only have access to the records they're supposed to have access to," Weitzner said. "We also need oversight of the actual use of the data."
Intelligence officials worry that phone records stored outside the government could take longer to search and could be vulnerable to hackers or other security threats. The former NSA deputy director,
The encrypted search techniques could make it more difficult for hackers to access the phone records and could prevent phone companies from knowing which records the government was searching.
"It would remove one of the big objections to having the phone companies hold the data," Bellovin said.
Similar research is underway by researchers at
Most Popular Stories
- Obama, Ukraine Discuss Russian Incursion in Crimea
- Chinese May Have Spotted Malaysia Airlines Debris
- Social Media Causee Sleep Deprivation in Students
- First-time Jobless Claims Drop Unexpectedly
- Banks Buying Little From Minority Firms: Study
- General Electric Plans IPO of Credit Card Unit
- 'Candy Crush' Maker Files IPO
- SXSW Crash Kills 2, Injures 23
- First-time U.S. Jobless Claims Hit 3-month Low
- U.S. Business Inventories Up, Retail Sales Down