Surveillance metadata is details about data pertaining to the actions of an observed party.
metadata summarizes basic information about data, which can make categorizing, finding and working with particular instances of data easier. In the case of surveillance – especially on the part of government agencies -- metadata not only facilitates categorizing and retrieving content but provides information on its own and may also be used to legitimize collecting and examining content.
Surveillance metadata is usually associated with electronic communication channels, such as phone, email and social media. Data is collected through wiretapping and other electronic surveillance methods, including government Trojans, wiretap Trojans and keyloggers.
Typically, surveillance metadata is gathered by government or law enforcement pertaining to a particular suspect or person of interest. Metadata related to a phone call, for example, includes the date, time, call duration, calling / contacted party and, in the case of mobile phones, location. The conversation itself is not metadata but content, as is, for example, an email message.
The point that collectors of surveillance metadata, such as the National Security Agency (NSA), emphasize to justify continued monitoring is that they record only metadata and not content. However, metadata has been shown to be quite revealing. Furthermore, according to whistleblower Edward Snowden, the NSA sometimes collects content as well as metadata, and the agency has access to all email content.
Metadata has become a household word since Snowden, a former NSA employee, reported that the agency’s PRISM program was monitoring United States citizens. Snowden revealed that the NSA collects metadata from many communication sources including:
- All credit card transactions.
- Phone records from all major providers.
- Facebook data.
- App data and GPS locations from cell phones.
Snowden also reported that the NSA enlisted the cooperation of numerous trusted businesses, creating a ubiquitous surveillance network and, in doing so, subverted the privacy rights of individuals.