NSA found illegally buying private data of Americans

US Senator Ron Wyden called out the US National Security Agency Thursday for buying up the private data of Americans through illegal data brokers – without their knowledge, consent, or a warrant.

The Democrat Senator from Oregon released a letter he wrote to US Director of National Intelligence (DNI) Avril Haines, calling on the agency to stop the shadowy practice in the wake of a recent FTC action against Virgania-based data broker X-Mode Social.

The FTC banned the “smartphone-location” data brokers from selling its collected data on the premise that it violated consumer’s right to privacy earlier this month.

“I write to request that you take action to ensure that US intelligence agencies only purchase data on Americans that has been obtained in a lawful manner,” the first sentence of Wyden’s 11-page letter stated.

Wyden letter on NSA and data brokers

As part of the January 9th case ruling, the FTC now requires data brokers to obtain Americans’ informed consent before selling their data.

The FTC case against X-Mode Social (now Outlogic) was considered a landmark decision, and one that spurred Wyden – who first discovered the broker was selling its location data directly to the US military in 2020 – to push for further changes.

“The US government should not be funding and legitimizing a shady industry whose flagrant violations of Americans’ privacy are not just unethical, but illegal,” Wyden wrote.

“To that end, I request that you adopt a policy that, going forward, IC elements may only purchase data about Americans that meet the standard for legal data sales established by the FTC,” the letter stated, referring to a process where the agency would be forced to obtain a federal warrant before acquiring data through a broker.

Senator Wyden, also a senior member of the US Senate Intelligence Committee, said after years of pushing for information, the NSA had finally responded to his office, confirming “the agency is purchasing Americans' internet browsing data without a warrant.”

Web browsing records can reveal sensitive, private information about a person based on where they go on the internet, according to the privacy advocate.

Sensitive data exposed in the NSA-purchased datasets include websites related to mental health resources, resources for survivors of sexual assault or domestic abuse, or visiting a telehealth provider who focuses on birth control or abortion medication.

The NSA responded to the accusations and said the information is collected for national security purposes and cybersecurity missions, and is otherwise is used sparingly.

"At all stages, NSA takes steps to minimize the collection of US person information, to include application of technical filters," an NSA spokesperson told Reuters.

In the letter, Wyden also requested the US intelligence agencies build an inventory of all the personal data of Americans collected to date and purge any of it that does not comply with the FTC's new standards.

Wyden said he had strategically held off in approving the nomination of Lt. General Timothy Haugh to serve as NSA director until the NSA finally fulfilled his thee year old request for the information.

The letter was originally written on December 11th.