Reading articles on this secret program some seem to claim that an analyst can sit down and type in a name and get info like network activity and emails sent etc. Now I could understand an originating IP or email address but how exactly are names attached to profiles, from ISP records?
Other claims seem more reasonable like seeing search terms originating from a specific area or country, or flagging the use of specific languages in emails, but I can’t figure out how they would accurately attach a name to traffic.
*For example once the ISP account I was using was registered to a guy that had been dead more than a decade, the phone company didn’t care as long as someone was paying the bill.
XKeyscore, according to Wikipedia’s random sources, isn’t just a metadata logger but a packet inspector, meaning it can read everything you send.
For most people, I’d assume they’d have used their names at some point during their online presence (such as associating it with their email address). From then on it’s just correlating future data with previous patterns.
Like if user Bob logged in from 75.10.34.165 all through 1999 with a particular MAC address/browser signature/cookie/password/email/same model cell phone/last 4 of the SSN, whatever… and later moved to another ISP but still retained some of the other info, it would be possible for a system with enough access to ISP and website logs to automatically correlate that data, perhaps with degrees of confidence based on how many pieces of metadata match. There could also be less obvious indicators: which group of websites or people does this person talk to, do they usually login around the same times around the same locations, do they make these same spelling errors over and over again, do we see update requests from these same 27 iPhone apps from several different IP addresses, whatever.
Keep in mind that most home internet isn’t anonymous to begin with – you have to provide at least some sort of payment name, address, possibly a SSN or a DL for a credit check, etc. All of that stuff is a subpoena away from any legit law enforcement agency, and not even a subpoena away for the NSA. The hard part is getting access to all that “private” info to begin with, not necessarily cross-referencing all your data once you have it.