The 10 biggest Edward Snowden leaks

One year ago, on June 5, 2013, The Washington Post published the first of Edward Snowden's leaks. Since then, many more revelations have come to light. Here are a look at 10 of the biggest.

No one knows exactly how many documents Edward Snowden illegally accessed and downloaded while working as a contract employee for a National Security Agency (NSA) signals intelligence facility in Hawaii; some estimate as many as 1.3 million. As a contracted NSA systems administrator with top-secret Sensitive Compartmented Information (SCI) clearance, Snowden certainly had access to millions of classified documents.

NSA officials claim the majority of the documents Snowden stole had little or nothing to do with domestic surveillance. But it is precisely the documents describing the NSA's purported domestic spying -- and those related to its surveillance of foreign leaders -- that have garnered the most attention. Here are 10 of them.

Related: One year later: Four reasons Edward Snowden remains a polarizing figure


NSA documents obtained by Snowden described Prism as a program for collecting user data from Microsoft, Google, Facebook, Skype and several other major Internet companies. It allows analysts from the FBI's Data Intercept Technology Unit and the NSA's Special Source Operations group to search for and inspect specific items of interest flowing through the data streams of each of the companies.

Under the program, the NSA purportedly collects audio, video, email, photographs, documents and connection logs to help counterterrorism analysts track the movements and interactions of foreign nationals of interest. In PowerPoint slides leaked by Snowden, NSA officials described Prism as the single biggest source of information used to prepare intelligence reports, including those prepared for White House daily briefings.

Bulk phone metadata collection program

A secret court order obtained by Snowden revealed the existence of an NSA program for collecting daily phone metadata records from U.S. phone companies.

Under the program, the NSA collects records such as the originating and called numbers, call time and duration, location data, calling card numbers, International Mobile Station Equipment Identity numbers and other data pertaining to all domestic and international calls made from within the U.S. The government says the data it is collects helps U.S. intelligence keep track of the communications of known or suspected terrorists.

Concerns over the program prompted President Barack Obama to announce changes aimed at restricting the data collected and the manner in which collected data is stored.


Documents and presentation slides obtained by The Guardian described Xkeyscore as a program that lets the NSA collect virtually any information about an individual's Internet activity anywhere in the world. The program purportedly lets NSA analysts sift through enormous databases to gather data on emails, browsing and search histories, online chats and other online activity of any Internet user anywhere in the world.

The XKeyscore system collects so much data that the vast majority of it can only be stored a few days at a time. NSA officials have strongly denied many of the claims pertaining to the program's purported capabilities and the manner in which it is allegedly used.


The secret surveillance programs revealed by Snowden included a massive data collection program named Tempora, which is run by Britain's Government Communications Headquarters (GCHQ) in cooperation with the NSA.

Under the program, the GCHQ collects petabytes worth of information daily from data interceptors placed directly on regional and transatlantic fiber-optic cables carrying huge volumes of Internet data into and outside the U.K. from exchanges and Internet servers in North America and elsewhere. Data intercepted under the program include email content, records of phone calls, Facebook entries and Internet browsing histories.

The leaked documents showed that as of May 2012, the NSA had assigned 250 analysts -- and the GCHQ had 300 -- to pore over data gathered under Tempora.

Efforts to weaken data encryption

One of Snowden's most controversial leaks involved apparent efforts by the NSA and GCHQ to systematically weaken the commercial encryption tools designed to protect everything from emails to highly sensitive documents. The methods included building backdoors into technology projects, using sophisticated supercomputers to crack encryption algorithms and forcing vendors to hand decryption keys using secret court orders.

Documents obtained from Snowden showed the U.S. intelligence community reportedly spending 20% of its nearly $53 billion annual budget on cryptographic projects and operations. The NSA spends $250 million a year on a program under which it tries to work with vendors of encryption technologies to allegedly make the products more easily exploitable.

Tapping smartphones

The Snowden leaks showed that in addition to collecting phone metadata and Internet data, the NSA and the GCHQ are also capable of harvesting data directly from BlackBerrys, iPhones, Android-powered phones and other smartphones.

Der Spiegel, which was one of the first to break the story, noted that the agencies have the ability to tap a lot of smartphone data, including contact lists, location information, SMS traffic and notes. The NSA apparently has set up separate teams that specialize in gathering information from specific mobile operating systems. It also has the ability to read messages sent via BackBerry's Enterprise Server, the publication said, quoting documents obtained from Snowden.

NSA hacked 50,000 computers worldwide

An elite NSA hacking united known as Tailored Access Operations has infected at least 50,000 computers worldwide with specialized malware referred to as "implants" by the agency, a leaked Snowden slide revealed. The implants were likened to sleeper cells that could be activated at any time with a single click.

The slide showed that in addition to the 50,000 implants, the NSA's Computer Network Exploitation (CNE) unit also has dozens of special data collection facilities spread out across the globe for collecting Internet data and foreign satellite communications.

Role of private companies in NSA data collection

Snowden's leaks raised several questions about the role private companies played in helping the NSA collect data. The concerns peaked last December, when Reuters revealed that EMC Corp.'s security division, RSA, might have enabled a backdoor in one of its encryption technologies at the behest of the NSA.

Companies like Google, Microsoft, Yahoo and Facebook have all vehemently denied that they have voluntarily given customer data to the NSA or any other intelligence agency. They have claimed that the only circumstances under which they might have provided data is when compelled to do so via court order.

NSA spies on world leaders

A document leaked by Snowden showed that the U.S. secretly monitors the phone conversations of at least 35 world leaders. Though the document did not identify the leaders being monitored, it lent credibility to claims by various world leaders that the NSA was monitoring their phones. Among those who claimed they were spied on were German Chancellor Angela Merkel, Brazilian President Dilma Rousseff and Mexico's former president Felipe Calderon.

Meanwhile, in a report that the NSA denied, French newspaper Le Monde claimed that the NSA had gathered data on millions of French citizens by spying on French telecommunications company Alcatel-Lucent.

NSA tracks and hacks systems administrators

The Intercept, a publication co-founded by Glen Greenwald, the Guardian reporter who first broke the story on the Snowden leaks, in March claimed that a document provided by Snowden shows the NSA infiltrates computers belonging to systems administrators who work for foreign telecommunications and Internet companies.

The documents show that the NSA aspired to build an international hit list of system administrators to target as part of its surveillance effort. In addition to trying to get system administrator passwords, the agency also tries to obtain network maps and other data from targeted systems administrators outside the U.S., the publication claimed.

Copyright © 2014 IDG Communications, Inc.

Related Slideshows