January 29, 2024 A US Senator, Ron Wyden, has raised concerns about the National Security Agency (NSA) purchasing Americans’ personal data, including their internet browsing habits, from data brokers. In a letter to US Director of National Intelligence Avril Haines, Wyden highlighted that US intelligence agencies are buying location data harvested from Americans’ smartphones and domestic internet metadata without a warrant. This practice includes the NSA’s acquisition of browsing habits, which would typically require a court order.

The NSA has been involved in intercepting phone metadata and internet communications through bulk data collection programs under Section 702 of the US Foreign Intelligence Surveillance Act. While these rules are intended to target foreign threats, they also end up capturing communications between US persons and foreign nationals.

The acquisition of personal data from data brokers bypasses the need for a warrant, exploiting a legal gray area due to the lack of disclosure by app makers and informed consent by app users. This practice has been further obscured by the secrecy of intelligence agencies.

Recent actions by the US Federal Trade Commission (FTC) suggest a shift in tolerance towards the buying and selling of unlawfully obtained data. Wyden referred to the FTC’s settlement with data broker X-Mode Social as an example of this change. He has asked Haines to ensure that intelligence agencies conduct an inventory of purchased personal data, verify its lawful acquisition, and delete data that does not meet legal standards or notify Congress and the public if there’s a need to retain it.

The NSA has not yet responded to these revelations, which highlight the ongoing tension between national security measures and the protection of individual privacy rights.

Sources include: The Register