5 Sneaky Ways The NSA Spies On Americans

The U.S. government needs only three degrees of separation to look at Kevin Bacon's phone records.

The U.S. National Security Agency remains at the center of controversy this summer, nine weeks after The Guardian and the Washington Post broke the news about its PRISM online data-mining program. While the many additional spying scandals that have come to light since then have all been technically legal, they’re really weird—because the NSA’s actual job is to monitor foreign communications.

How does the agency rationalize its spying on U.S. citizens? Here are five tricky justifications.

1. The NSA plays “three degrees of Kevin Bacon.”

When the NSA has a suspect, it can collect information three degrees away from that person. This means it can look at the suspects’ phone records, the phone records of everyone the suspect called (1 degree), the phone records of everyone they called (2 degrees), and finally the phone records of everyone they called (3 degrees).

The justification: Terrorists are probably friends with other terrorists.

The result: The NSA can cast a crazy broad net! This reporter has 260 contacts in his phone book. Assuming all my contacts have about that many people as well, one degree away is 67,000 people. Two degrees? 17,576,000 folks. By three degrees, the NSA could have collected phone records on 4,569,760,000. That’s, um, billions. It’s unlikely the NSA is actually collecting this information, but a limit of three degrees from a suspect is no limit at all.

NSA Headquarters in the 1960s

2. The NSA hides behind metadata.

The voice part of phone calls is strictly protected legally. The metadata, or peripheral information of a call, isn’t. This includes the number dialed, the number doing the calling, the duration of the call, and, if applicable, the cell tower that picked up the signal. These data points are all deemed the property of the telephone company that carries the call.

The justification: The NSA can use this legally available information to quickly catch criminals. Most recently, the agency collected this data from Verizon right after the April 19 bombings at the Boston Marathon.

The result: Your phone company is legally obligated to hand your phone records (which can be surprisingly revealing) over to the government when it asks.

3. The NSA asks for information companies already have.

PRISM, the major online spying program revealed by former NSA contractor Edward Snowden, is a giant interface and archive for information already collected online by social media and other companies.

The justification: PRISM doesn’t directly monitor activity online, but instead serves as a repository for information requested by the government from companies like Google or Facebook. It’s a needle-in-the-haystack approach to finding terrorists, in which the NSA tries to find more needles by adding as much hay as possible.

The result: The hay is tons of private information about American citizens.

NSA Data Center in Bluffdale, Utah

Phone records? Probably in here.

4. The NSA sifts through everything that crosses the border.

When electronic communications like emails and text messages cross the border, NSA computers scan them in an effort to gather information about foreigners under surveillance.

The justification: The NSA needs to keep tabs on foreign individuals the government has decided to track.

The result: The NSA is reading your emails and texts.

5. The NSA assumes you’re foreign until proven otherwise.

The NSA tries to determine whether communication is foreign through strategies like matching known phone numbers against an internal database. Whenever an attempt to determine one way or another fails, the program assumes the person in question is foreign and continues unabated.

The justification: It’s the agency’s job to monitor foreign threats.

The result: You’re not a U.S. citizen, sometimes.