President Obama said the National Security Agency’s e-mail collecting program “does not apply to U.S. citizens and...people living in the United States.” (Thomas LeGro/The Washington Post)

According to documents provided by former intelligence contractor Edward Snowden, the National Security Agency is gathering hundreds of millions of address books and contact lists from people around the world, including some Americans. Because the collection occurs in foreign countries, such as when data crosses international borders, the activities are not restricted by the Foreign Intelligence Surveillance Act, report Barton Gellman and Ashkan Soltani:

Taken together, the data would enable the NSA, if permitted, to draw detailed maps of a person’s life, as told by personal, professional, political and religious connections. The picture can also be misleading, creating false “associations” with ex-spouses or people with whom an account holder has had no contact in many years.

The NSA has not been authorized by Congress or the special intelligence court that oversees foreign surveillance to collect contact lists in bulk, and senior intelligence officials said it would be illegal to do so from facilities in the United States. The agency avoids the restrictions in the Foreign Intelligence Surveillance Act by intercepting contact lists from access points “all over the world,” one official said, speaking on the condition of anonymity to discuss the classified program. “None of those are on U.S. territory.”

Because of the method employed, the agency is not legally required or technically able to restrict its intake to contact lists belonging to specified foreign intelligence targets, he said.

When information passes through “the overseas collection apparatus,” the official added, “the assumption is you’re not a U.S. person.”

In practice, data from Americans is collected in large volumes — in part because they live and work overseas, but also because data crosses international boundaries even when its American owners stay at home. Large technology companies, including Google and Facebook, maintain data centers around the world to balance loads on their servers and work around outages.

A senior U.S. intelligence official said the privacy of Americans is protected, despite mass collection, because “we have checks and balances built into our tools.”

NSA analysts, he said, may not search within the contacts database or distribute information from it unless they can “make the case that something in there is a valid foreign intelligence target in and of itself.”

In this program, the NSA is obliged to make that case only to itself or others in the executive branch. With few exceptions, intelligence operations overseas fall solely within the president’s legal purview.

Barton Gellman

The newest disclosures follow an admission by the NSA’s director, Gen. Keith Alexander, that the agency tested a program to collect information on the locations of Americans’ cellphones in 2010 and 2011:

“This may be something that is a future requirement for the country, but it is not right now,” given that the FBI is able to gather the location of suspects’ cellphones by obtaining warrants from a court, Alexander told the Senate Judiciary Committee.

The disclosure came just a week after Alexander declined to answer whether the NSA had ever sought the authority to obtain such data. But Sen. Ron Wyden (D-Ore.), an Intelligence Committee member who has been pressing this issue for at least two years, suggested Wednesday that officials were still withholding significant information.

“After years of stonewalling on whether the government has ever tracked or planned to track the location of law abiding Americans through their cell phones, once again, the intelligence leadership has decided to leave most of the real story secret — even when the truth would not compromise national security,” Wyden said in a statement.

Ellen Nakashima

Important parts of the legal justification for NSA’s surveillance activities remain secret, including a legal opinion justifying the bulk collection of metadata associated with Americans’ digital communications:

That document, written by Colleen Kollar-Kotelly, then chief judge of the Foreign Intelligence Surveillance Court (FISC), provided the legal foundation for the NSA amassing a database of all Americans’ phone records, say current and former officials who have read it.

Now, more officials are saying that Americans should be able to read and understand how an important precedent was established under the 2001 USA Patriot Act, which was passed after the Sept. 11, 2001, attacks. . . .

Kollar-Kotelly told associates this summer that she wanted her legal argument out, according to two people familiar with what she said. Several members of the intelligence court want more transparency about the court’s role to dispel what they consider a misperception that the court acted as a rubber stamp for the administration’s top-secret spying programs. The court meets in secret to hear applications for domestic surveillance and its opinions generally are not made public.

Ellen Nakashima and Carol Leonnig

For more on the NSA’s practice of collecting address books and contact lists, read this summary.