Over the last year, through the revelations of Ed Snowden and independent reporting by others, we've learned more and more about the National Security Agency's spying programs. Indeed, there have now been so many revelations that it can be hard to keep them straight. So here's a handy guide to the most significant ways the NSA spies on people in the United States and around the world.
1. The NSA collects every American's phone records
This was one of the first programs revealed by Snowden and it continues to be one of the most controversial. The Patriot Act allows the NSA to obtain business records that are relevant to terrorist investigations. The government claims that this gives it the power to obtain records — phone number dialed, time and duration of call — about every domestic phone call in the United States. In January the Obama administration proposed changes to require judicial oversight of access to the database.
2. The PRISM program lets the NSA access private user data on leading online services
A slide disclosed by Snowden lists 9 major internet companies — Microsoft, Yahoo, Google, Facebook, PalTalk, YouTube, Skype, AOL, and Apple — as participating in the PRISM program. The program allows the NSA to get private information such as emails, Facebook messages, and stored documents. It's not known how carefully these information requests are scrutinized.
3. The NSA engages in offensive hacking operations
Tailored Access Operations is the NSA's elite hacking unit. While some other NSA programs collect information in bulk, TAO engages in targeted attacks on high-value targets. It is believed that the NSA has a large library of exploits, allowing it to hack into a wide variety of consumer gadgets and business IT systems.
4. The NSA taps long-distance internet connections
The NSA works with countries around the world to tap into underseas fiber optic cables carrying vast quantities of fiber optic data. There's also evidence that the NSA has been tapping into fiber optic cables in the United States.
5. The NSA intercepted data flowing within Google and Yahoo data centers
When you log into GMail, you'll see a "lock" icon indicating that communications between your computer and Google's server is protected by encryption. But until recently, Google didn't employ encryption when it moved data between its own servers. The NSA tapped into these connections and harvested large quantities of user data. Yahoo was also targeted.
6. The NSA spies on foreign leaders
Recently there has been growing tension between the United States and Germany over charges that the NSA spied on the cell phone of German chancellor Angela Merkel. And she's not the only world leader who has allegedly been targeted by the US government. Brazilian president Dilma Rousseff and Mexican president Enrique Peña Nieto have also reportedly had their phone calls or emails intercepted. Documents released by Snowden suggest that at least 35 world leaders have been targeted by the NSA.
7. The NSA spies on millions of ordinary people overseas
8. The NSA tracks cell phone locations around the world
The NSA spies on cell phone networks around the world, collecting 5 billion records per day about the locations of users' cell phones. The agency isn't allowed to deliberately target cell phone users in the United States, but some American cell phone records are collected "incidentally."
9. From 2001 to 2011, the NSA collected vast amounts of information about Americans' internet usage
In 2001, the Bush administration began collecting data about Americans' internet usage. The data collected included the sender and recipients of emails, as well as information about which websites a user browsed. The program operated for two years under President Obama but was shut down in 2011.
10. The NSA has undermined the security of encryption products
Over the last decade, the NSA has persuaded technology companies to modify their products to make them "exploitable" — that is, vulnerable to targeted attacks by the NSA.
11. The NSA uses tracking cookies to choose hacking targets
Most commercial websites have "tracking cookies," small bits of data that are stored on a user's computer to help with ad targeting. Documents released by Snowden shows that the NSA uses these cookies to identify users as hacking targets.
12. The NSA has cracked a popular standard for encrypting cell phone communications
Most cell phone communications are encrypted to protect the privacy of users. But the NSA has cracked one of the most popular encryption standards, called A5, allowing them to intercept the contents of cell phone communications.
13. The NSA can record every phone call in a certain, unspecified, country and store it for 30 days
The Washington Post has reported that an NSA program allows the agency to record every phone call in an unspecified country, and store them for 30 days for later analysis. The Post didn't identify the country, but the Intercept has reported that the program is being used in the Bahamas.
Update: I modified #13 to include the Intercept's reporting about the phone program being used in the Bahamas.