Snowden leak alleges NSA snooping on web contact lists
Date published: 16th October 2013
In response to earlier allegations, Yahoo said that it would begin to encrypt email connections from next year. Meanwhile Facebook called for greater government transparency about data collection and Microsoft said the revelations raised "significant concerns".
The data collection, which the paper says takes place overseas, happens when users log in, compose a message or sync devices.
According to the leaked document, the information is collected at at least 18 key access points controlled by telecommunication companies based outside the US.
Because American web communications can flow outside of the country, the contact lists of US citizens also cross the international collection points, known as Sigads (Signals Intelligence Activity Designators).
This is particularly significant because President Obama has previously said that US citizens were not targeted by the surveillance, which he said struck "the right balance" between security and privacy.
Address books include names and email addresses but can also include telephone numbers, home addresses, and business and family information.
Many web-based email services generate contact lists automatically once an email has been sent. These lists allow users to write emails more quickly by providing an auto-complete suggestion.
Prof Alan Woodward, who is from the University of Surrey's department of computing and has been an adviser to GCHQ (UK Government Communications Headquarters) is not surprised by the latest allegations.
"One of the problems of putting any data in the cloud or with other forms of online service provider is that you no longer have complete control over it," he told the BBC.
"Many of the online service providers are themselves reaching into your machine and pulling your contact list from your PC to their service to 'assist' you in finding other users of the service that you might know and wish to contact or connect with."
To continue reading click here