The two documents have shown that the NSA keeps "content repositories" holding records of devices associated with U.S. individuals, as well as records of their "electronic communications accounts / addresses / identifiers" that can serve to identify them as U.S. citizens and exempt then from future surveillance.
They also show that despite NSA analysts having been instructed to use "reasonable judgment" when trying to determine if the collected communication is tied to U.S. or non-U.S. persons, they are given a considerable leeway for mistakes.
For example, if the IP address, statements made during the communication and other previously collected information (in the aforementioned "content repositories") by the agency points to the fact that the target is a U.S. citizen, surveillance is to be dropped.
But if there is no definitive information on the potential target's location - for instance, when he or she is using Tor or other online anonymizing software or services - the analysts are allowed to and urged to assume that, if not positively identified as such, the target is a non-U.S. person and to continue the surveillance.
Also, if the communication is encrypted, and especially if the U.S. person is using certain types of cryptology or steganography known to have been used by "individuals associated with a foreign power or foreign territory,” analyst are free to collect it and store it for future reference and cryptanalysis attempts. This type of communication is kept "indefinitely."
Communication between the attorneys and their clients - if the clients are under criminal indictment - can also be collected, and if some of the communication deals with national security matters, can be marked and analyzed.
The same applies for domestic communication, except that it's not only when there is indication of danger to national security, but also when there are signs that it contains usable intelligence, information on criminal activity, threat of harm to people or property, or is believed to contain any information relevant to cybersecurity. Such communication can also be sent to other government agencies for further analysis.
"On Sunday, Director of National Intelligence James Clapper released a carefully-worded statement in response to a Cnet article and other reports questioning when intelligence analysts can listen to domestic phone calls. Clapper said: 'The statement that a single analyst can eavesdrop on domestic communications without proper legal authorization is incorrect and was not briefed to Congress,'" noted Cnet's Declan McCullagh.
"Clapper's statement was viewed as a denial, but it wasn't. Today's disclosures reveal why: Because the Justice Department granted intelligence analysts 'proper legal authorization' in advance through the Holder regulations."
The EFF has more about the U.S. Government's word games when talking about NSA domestic spying, and Russ Tice, a former intelligence analyst, also shared on Thursday details about intelligence community's surveillance of U.S. military officials, lawmakers, diplomats, lawyers, and many more.
So far, the U.S. government or the NSA have not commented on these new allegations.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.