July 3, 2014 | By Eva Galperin and Nadia Kayyali and Kurt Opsahl

Dear NSA, Privacy is a Fundamental Right, Not Reasonable Suspicion

Learning about Linux is not a crime—but don’t tell the NSA that. A story published in German on Tagesschau, and followed up by an article in English on DasErste.de today, has revealed that the NSA is scrutinizing people who visit websites such as the Tor Project’s home page and even Linux Journal. This is disturbing in a number of ways, but the bottom line is this: the procedures outlined in the articles show the NSA is adding "fingerprints"—like a scarlet letter for the information age—to activities that go hand in hand with First Amendment protected activities and freedom of expression across the globe.

What we know

The articles, based on an in-depth investigation, reveal XKeyscore source code that demonstrates how the system works. Xkeyscore is a tool which the NSA uses to sift through the vast amounts of data it obtains. This source code would be used somewhere in the NSA’s process of collecting and analyzing vast amounts of data to target certain activities. According to the Guardian, XKeyscore’s deep packet inspection software is run on collection sites all around the world, ingesting one or two billion records a day.

The code contains definitions that are used to determine whether to place a "fingerprint" on an online communication, to mark it for later. For example, the NSA marks online searches for information about certain tools for better communications security, or comsec, such as Tails.

As the code explained, "This fingerprint identifies users searching for the TAILs (The Amnesic Incognito Live System) software program, viewing documents relating to TAILs, or viewing websites that detail TAILs." Tails is a live operating system that you can start on almost any computer from a DVD, USB stick, or SD card. It allows a user to leave no trace on the computer they are using, which is especially useful for people communicating on computers that they don’t trust, such as the terminals in Internet cafes.

The NSA also defines Tor directory servers (by IP number) and looks for connections to the Tor Project website. This is hardly surprising, considering the documentation of the NSA’s distaste for Tor. It is, however, deeply disappointing. Using privacy and anonymity software, like Tor and Tails, is essential to freedom of expression.  

Most shocking is the code that fingerprints users who visit Linux Journal, the website of a monthly magazine for enthusiasts of the open-source operating system.  The comments in the NSA’s code suggest that the NSA thinks Linux Journal is an "extremist forum," where people advocate for Tails. The only religious wars in the Linux Journal are between the devoted users of vi and emacs.

Learning about security is not suspicious

The idea that it is suspicious to install, or even simply want to learn more about, tools that might help to protect your privacy and security underlies these definitions—and it’s a problem. Everyone needs privacy and security, online and off. It isn’t suspicious to buy curtains for your home or lock your front door. So merely reading about curtains certainly shouldn’t qualify you for extra scrutiny.

Even the U.S. Foreign Intelligence Surveillance Court recognizes this, as the FISA prohibits targeting people or conducting investigations based solely on activities protected by the First Amendment. Regardless of whether the NSA is relying on FISA to authorize this activity or conducting the spying overseas, it is deeply problematic. The U.S. Constitution still protects people outside U.S. borders, and, as a U.S. appeals court recently recognized, even non-citizens are not bereft of its protections.

Moreover, privacy is a human right, which the U.S. has recognized by signing the International Covenant on Civil and Political Rights.  The fingerprinting program revealed today is fundamentally inconsistent with this right.

Tor is used to circumvent Internet censorship

The code focuses a lot on the Tor Project and its anonymity software. Tor is an essential tool for circumventing Internet censorship, which is used extensively by the governments of countries such as China and Iran to control the flow of information and maintain their hold on power.  In fact, Tor was developed with the help of the U.S. Navy, and currently gets funding from several sources within the U.S. government, including the State Department.  Secretary of State Hillary Clinton made support for anti-censorship tools a key element of her Internet policy at the State Department, declaring: "The freedom to connect is like the freedom of assembly in cyberspace."

You can still use Tor and TAILs

One question that is sure to come up is whether this means people desiring anonymity should stop using Tor or Tails. Here’s the bottom line: If you’re using Tor or Tails, there is a possibility that you will be subject to greater NSA scrutiny. But we believe that the benefits outweigh the burdens.

In fact, the more people use Tor, the safer you are. That’s why we’re continuing to run the Tor Challenge. The ubiquitous use of privacy and security tools is our best hope for protecting the people who really need those tools—people for whom the consequences of being caught speaking out against their government can be imprisonment or death. The more ordinary people use Tor and Tails, the harder it is for the NSA to make the case that reading about or using these tools is de facto suspicious.


Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

Retención de datos en Paraguay: Activistas luchan por su rechazo https://eff.org/r.b1au #pyrawebs

May 4 @ 2:06pm

A message from EFF's new Executive Director, Cindy Cohn, on the next chapter in the fight for civil liberties: https://eff.org/r.975b

May 4 @ 12:41pm

Big content remains in denial about the defeat of SOPA, and is trying to resuscitate it by stealth: https://eff.org/r.vfgz

May 4 @ 10:53am
JavaScript license information