There’s A Plan to Immediately Purge Some Governmentwide Network Surveillance Data

After a series of stinging government hacks, the Department of Homeland Security said scans of incoming Internet traffic from the public would be amped up. It has been unclear how this monitoring might affect the privacy of citizens and employees. Now, a little-noticed National Archives and Records Administration assessment offers some insight: Any surveillance data collected that does not trigger alarms will be erased pronto, according to a pending records disposal plan.

DHS’ National Cybersecurity Protection System, better known as EINSTEIN, collects streams of traffic containing, among other things, e-mails and Web-surfing habits, to flag patterns indicative of known malicious attacks. On June 9, NARA tentatively green-lighted a DHS request to "destroy or delete immediately" information "inadvertently collected or captured by any or all NCPS capabilities that are determined not to be related to known or suspected cyberthreats or vulnerabilities." Such data typically includes anything from authorized online banking sessions to, some federal employees suspect, porn-site visits. "It’s likely they are bulk-collecting data and to avoid any accusations of monitoring things they aren't chartered to monitor, they must purge the data," said Jason Lewis, chief collections and intelligence officer at LookingGlass Cyber Solutions. EINSTEIN "casts a wide collection net, so they have to delete information they didn't intend to capture."