Browse Definitions :
Definition

surveillance metadata

Contributor(s): Matthew Haughn

Surveillance metadata is details about data pertaining to the actions of an observed party.

metadata summarizes basic information about data, which can make categorizing, finding and working with particular instances of data easier. In the case of surveillance – especially on the part of government agencies -- metadata not only facilitates categorizing and retrieving content but provides information on its own and may also be used to legitimize collecting and examining content.

Surveillance metadata is usually associated with electronic communication channels, such as phone, email and social media. Data is collected through wiretapping and other electronic surveillance methods, including government Trojans, wiretap Trojans and keyloggers.

Typically, surveillance metadata is gathered by government or law enforcement pertaining to a particular suspect or person of interest. Metadata related to a phone call, for example, includes the date, time, call duration, calling / contacted party and, in the case of mobile phones, location. The conversation itself is not metadata but content, as is, for example, an email message.

The point that collectors of surveillance metadata, such as the National Security Agency (NSA), emphasize to justify continued monitoring is that they record only metadata and not content. However, metadata has been shown to be quite revealing. Furthermore, according to whistleblower Edward Snowden, the NSA sometimes collects content as well as metadata, and the agency has access to all email content.

Metadata has become a household word since Snowden, a former NSA employee, reported that the agency’s PRISM program was monitoring United States citizens. Snowden revealed that the NSA collects metadata from many communication sources including:

  • All credit card transactions.
  • Phone records from all major providers.
  • Facebook data.
  • App data and GPS locations from cell phones.

Snowden also reported that the NSA enlisted the cooperation of numerous trusted businesses, creating a ubiquitous surveillance network and, in doing so, subverted the privacy rights of individuals.

This was last updated in August 2014

Continue Reading About surveillance metadata

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

SearchCompliance

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

  • PCI DSS (Payment Card Industry Data Security Standard)

    The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to ...

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

SearchSecurity

  • tokenization

    Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential ...

  • incident response

    Incident response is an organized approach to addressing and managing the aftermath of a security breach or cyberattack, also ...

  • Federal Information Security Management Act (FISMA)

    The Federal Information Security Management Act (FISMA) is United States legislation that defines a framework of guidelines and ...

SearchHealthIT

SearchDisasterRecovery

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

  • cloud disaster recovery (cloud DR)

    Cloud disaster recovery (cloud DR) is a combination of strategies and services intended to back up data, applications and other ...

SearchStorage

Close