LONDON — Documents published by the Guardian newspaper are providing new insight into the National Security Agency's surveillance of world data, giving an over-the-shoulder look at the programs and techniques U.S. intelligence analysts use to exploit the hundreds of billions of records they gather each year.
Dozens of training slides published Wednesday divulge details about XKeyscore, one of a family of NSA programs that leaker Edward Snowden says has given America the ability to spy on "the vast majority of human communications."
Some of the slides appear to carry screenshots showing what analysts would see as they trawled the intercepted conversations and include sample search queries such as "Show me all encrypted word documents from Iran" or "Show me all the word documents that reference Osama Bin Laden."
One question-and-answer slide asks what to do if a terror cell isn't associated with any particular search term. The answer: Look for "anomalous events," which the NSA defines as "someone whose language is out of place for the region they are in" or, rather more vaguely, "someone searching the web for suspicious stuff."
In an indication of the program's importance, one slide says that XKeyscore has led to the capture of more than 300 terrorists. In a statement, the NSA said that figure only included captures up to the year 2008, and pushed back against any suggestion of illegal or arbitrary collection of data.
"These types of programs allow us to collect the information that enables us to perform our missions successfully — to defend the nation and to protect U.S. and allied troops abroad," the statement said.
How and from where the program harvests its information isn't completely clear, nor is it obvious how XKeyscore fits in with other recently revealed NSA activities, such as the PRISM program, which draws data from Silicon Valley firms.
"It's hard to tell what this is without some context," said security researcher Ashkan Soltani, who has been following the NSA revelations.