Americans have been inundated with misguided arguments designed to bring the NSA’s bulk collection of metadata to an end. As of this writing, it looks like Telecommunications Providers will be required to retain metadata for extended periods and provide access to that data for the FBI and intelligence agencies. At the end of the day it’s probably the best compromise but completely unnecessary and unenlightened.
This Friday’s shoot-the-shit topic attempts to shed some light on what exactly is METADATA. All shoot-the-shit rules apply so have at it!
I’ll begin by saying that collecting METADATA is far less revealing than data mining social media, by orders of magnitude. If you want to find out about someone’s sex life, family members, employment, vacation schedule, travel, general preferences, religious belief and politics you can easily do that by mining social media. Anyone has access to that information, even against your will, by simply paying for that access or hacking social media. So, why is everyone freaked out about the NSA collecting METADATA. I guess METADATA sounds scary and futuristic. But let’s understand what METADAT is so I’ll start with that.
METADATA is a machine generated record intended to meet two needs, but before I talk about those needs let’s look at what information constitutes METADAT.
METADATA is a record generated by a central office switch or private branch exchange. It has three formats depending on switch/ software manufacturer: comma delimited fields, fixed length fields or space delimited fields. In data base parlance a field is a piece of information. METADATA contains the following fields: originating phone number, number dialed, time of call, duration of the call, incoming trunk group, outgoing trunk group and other information needed by the telecommunications provider to perform traffic engineering functions and troubleshooting.
A typical METADAT record looks like this
555-555-5555, 41-999-999-9999, 13:00, 7.5, 4, O17 (this format is a comma delimited record. Each field is separated by a comma)
Nowhere does it provide the names of the parties, addresses, and there is NO CONTENT information. So what does the NSA do with all this stuff? It allows the NSA to map possible terror cells. Here’s a typical scenario.
Paris police foil a terror attack on French soil. While collecting evidence, they look at residential phone data and cell phone call data. The data reveals that 2000 phone calls were made throughout the year and 500 of those were to three numbers in the U.S. The FBI is informed and begins working the case. By searching bulk data, they are able to locate the suspected numbers as well as identify what other numbers the suspected phone numbers interacted with. Using bulk data, the FBI is able to connect the dots to start building the case. At no time during this process is there a single conversation heard.
Now let’s start using our heads for something other than hat racks. Can a conversation you’ve had 10 months ago be monitored. NO! What happens, once a phone number is connected to possible terror networks, the lead agency obtains warrants to install wire taps.
How METADATA became protected information is beyond me. Its principal purpose is billing, for example in a hotel room to determine room charges, and it is also intended for technicians to determine peak periods, trunk group utilization, identify call routing problems, etc. etc. Asking the telecommunications providers to retain metadata adds to their cost structure, increases the value of hacking those sites, increases subscriber rates or lead to the sale of metadata.
Diminishing the NSAs ability to collect bulk metadata increases the risk of a domestic terror cell going undetected. It also makes the U.S. a more favorable environment for setting up terror operations (financing, supply and command & control.)
Be sure to catch next Friday’s Shoot-the-Shit where we attempt to answer the question: “Mommy where does hacking come from?”
Be sure to chime in and let us know what you think! Have a great weekend!