New NSA mass surveillance programs have come to light thanks to a joint NSA and United States Army virtual hard drive image left exposed on the internet. The new leaks have exposed an NSA program which collects the contents of the communications of American citizens and residents, including the contents of SMS text messages and emails. The virtual hard drive belonged to the United States Army’s Intelligence and Security Command (INSCOM) and the NSA. The leak was discovered by the Director of Cyber Risk Research and Cyber Risk Analyst, Chris Vickery, at the cybersecurity research organization UpGuard.
The virtual hard drive was discovered on a public Amazon Web Services server. Information discovered in the virtual hard drive included top secret files that were not even protected with a password. Vickery informed the federal government of the leak back in October. The server was then secured. It is not known who is operating the Amazon Web Services server.
The programs revealed are called Ragtime, and there are at least 11 variations of it. Four of the Ragtime programs were known prior to this new leak, including Ragtime-A, Ragtime-B, Ragtime-C, and Ragtime-P. The Ragtime-A program allegedly involves the collection of counterterrorism data from foreigners communicating with each other. The Ragtime-B program allegedly captures intelligence from foreign governments as it passes through networks located in the United States. The Ragtime-C program is a joint effort with the United Kingdom’s GCHQ, which allegedly concentrates on collecting information related to nuclear non-proliferation. Intelligence gathered through the Ragtime-P program allegedly involves data captured under the bulk collection authorized under the USA PATRIOT Act.
Thanks to the new leaks more of the Ragtime mass surveillance programs have been exposed. The newly discovered mass surveillance programs include the Ragtime-BQ program, the Ragtime-F program, the Ragtime-N program, the Ragtime-PQ program, the Ragtime-S program, the Ragtime-T program, and the Ragtime-USP program. In the United States intelligence community, the abbreviation USP stands for United States Person. A United States Person includes American citizens and American permanent residents.
Americans are supposed to be protected from unreasonable mass surveillance programs by the 4th Amendment to the United States Constitution, however, intelligence agencies and law enforcement agencies get around the 4th amendment by using powers granted to them by Congress under the USA PATRIOT Act and the Foreign Intelligence Surveillance Act (FISA), as well as, powers granted to them by the President under Executive Order 12333. Intelligence agencies also bypass the 4th amendment through intelligence that is shared with them from intelligence agencies in other countries, as part of the FIVE EYES surveillance alliance.
The NSA often lies about who is being subjected to warrantless mass surveillance. With the release of this new leak on the Ragtime programs, a spokesperson from the NSA lied to ZDNet, saying, “The Foreign Intelligence Surveillance Act makes clear that, except in limited circumstances, NSA must obtain a court order, based on probable cause, from the Foreign Intelligence Surveillance Court to conduct electronic surveillance targeting a US person.”
According to a previously leaked NSA document, the Ragtime programs originated in 2002. The Ragtime programs were part of a larger mass surveillance program, known as STELLARWIND, which were authorized by former President George W. Bush as part of a mass surveillance program known as the President’s Surveillance Program.
These new NSA leaks come just weeks before Congress is expected to consider reforming or permanently reauthorizing government surveillance powers such as FISA Section 702. Privacy activists are calling for the repeal of FISA Section 702, however, that doesn’t seem very likely to happen any time soon. Much of the intelligence collected by the NSA is received through the cooperation of private industry, such as telephone and cell phone service providers. Other NSA programs which intercepted the contents of communications include the CROSSBEAM surveillance program, MYSTIC surveillance program, the LOGGERHEAD program, the ORANGECRUSH program, the PRESSUREWAVE program, the RHINEHART program, the CONVEYANCE program, and the NUCLEON program.