Browse Definitions :
Definition

surveillance metadata

Contributor(s): Matthew Haughn

Surveillance metadata is details about data pertaining to the actions of an observed party.

Metadata summarizes basic information about data, which can make categorizing, finding and working with particular instances of data easier. In the case of surveillance – especially on the part of government agencies -- metadata not only facilitates categorizing and retrieving content but provides information on its own and may also be used to legitimize collecting and examining content.

Surveillance metadata is usually associated with electronic communication channels, such as phone, email and social media. Data is collected through wiretapping and other electronic surveillance methods, including government Trojans, wiretap Trojans and keyloggers.

Typically, surveillance metadata is gathered by government or law enforcement pertaining to a particular suspect or person of interest. Metadata related to a phone call, for example, includes the date, time, call duration, calling / contacted party and, in the case of mobile phones, location. The conversation itself is not metadata but content, as is, for example, an email message.

The point that collectors of surveillance metadata, such as the National Security Agency (NSA), emphasize to justify continued monitoring is that they record only metadata and not content. However, metadata has been shown to be quite revealing. Furthermore, according to whistleblower Edward Snowden, the NSA sometimes collects content as well as metadata, and the agency has access to all email content.

Metadata has become a household word since Snowden, a former NSA employee, reported that the agency’s PRISM program was monitoring United States citizens. Snowden revealed that the NSA collects metadata from many communication sources including:

  • All credit card transactions.
  • Phone records from all major providers.
  • Facebook data.
  • App data and GPS locations from cell phones.

Snowden also reported that the NSA enlisted the cooperation of numerous trusted businesses, creating a ubiquitous surveillance network and, in doing so, subverted the privacy rights of individuals.

This was last updated in August 2014

Continue Reading About surveillance metadata

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

SearchCompliance

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

  • compliance as a service (CaaS)

    Compliance as a Service (CaaS) is a cloud service service level agreement (SLA) that specified how a managed service provider (...

  • data protection impact assessment (DPIA)

    A data protection impact assessment (DPIA) is a process designed to help organizations determine how data processing systems, ...

SearchSecurity

  • spyware

    Spyware is a type of malicious software -- or malware -- that is installed on a computing device without the end user's knowledge.

  • application whitelisting

    Application whitelisting is the practice of specifying an index of approved software applications or executable files that are ...

  • botnet

    A botnet is a collection of internet-connected devices, which may include PCs, servers, mobile devices and internet of things ...

SearchHealthIT

SearchDisasterRecovery

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • disaster recovery team

    A disaster recovery team is a group of individuals focused on planning, implementing, maintaining, auditing and testing an ...

  • cloud insurance

    Cloud insurance is any type of financial or data protection obtained by a cloud service provider. 

SearchStorage

  • DRAM (dynamic random access memory)

    Dynamic random access memory (DRAM) is a type of semiconductor memory that is typically used for the data or program code needed ...

  • RAID 10 (RAID 1+0)

    RAID 10, also known as RAID 1+0, is a RAID configuration that combines disk mirroring and disk striping to protect data.

  • PCIe SSD (PCIe solid-state drive)

    A PCIe SSD (PCIe solid-state drive) is a high-speed expansion card that attaches a computer to its peripherals.

Close