By Catherine Dunn
FORTUNE -- 2013 will be remembered as the year Edward Snowden changed everything we know about the scope of U.S. surveillance practices. The former National Security Agency contractor leaked classified documents to The Guardian and the Washington Post before fleeing the country first for Hong Kong and then Russia.
By now the revelations about the government's snooping are well known. Six months after the first media reports were published, a federal judge ruled that the government's bulk collection of Americans' phone records likely violates the Constitution. Days later, a presidential advisory panel recommended new limits on NSA surveillance powers, including an end to the phone records program.
The government still doesn't know how many more secrets may yet surface from Snowden's leak. Here, a look back on what we learned this year about how the super-secret agency has been gathering intel about phone and internet activity in the U.S. and around the world.
Collecting "business records" in bulk
The first blockbuster disclosure about NSA surveillance revolved around the "ongoing" collection of Verizon (VZ) customer records in the U.S. -- thanks to a secret court order granted by the Foreign Intelligence Surveillance Court. Such court orders -- which rely on the "business records" provision in the Patriot Act -- cover not the content of calls, but their "metadata," such as the phone numbers involved, "location data, call duration, unique identifiers, and the time and duration of all calls," The Guardian reported.
Reports by The Guardian and the Washington Post blew the lid off an NSA program called PRISM: "collection directly from the servers" of nine U.S. Internet companies, including Microsoft (MSFT), Yahoo (YHOO), Google (GOOG), Facebook (FB), and Apple (AAPL), according to an agency presentation slide.
All of those companies either denied knowledge of the program, or that they provided the government with such access. More recently, a group of tech giants issued an open letter to Washington, urging surveillance reform.
James Clapper recants
As recently as March, director of national intelligence James Clapper told the Senate Intelligence Committee that the NSA did not collect data on millions of Americans -- at least, "not wittingly."
But on June 21, following the initial stories on the Snowden leaks, Clapper recanted that statement in a letter to intelligence committee chairwoman Dianne Feinstein (D-Calif.). "My response was clearly erroneous -- for which I apologize," he said.
XKeyscore unlocks almost "everything"
NSA training materials described this program as the agency's "widest-reaching" means for gathering intelligence online, allowing analysts to search for a variety of internet activity by filling out an on-screen form, according to The Guardian.
"One presentation claims the program covers 'nearly everything a typical user does on the Internet,' including the content of emails, websites visited, and searches, as well as their metadata," the paper reported.
Lavabit shuts down email service
In August, Edward Snowden's encrypted email service provider, Lavabit, shut down its business amid a secret court battle. "Without congressional action or a strong judicial precedent," Lavabit owner Ladar Levison wrote in a message to users, "I would strongly recommend against anyone trusting their private data to a company with physical ties to the United States."
Two months later, unsealed court records showed that the government wanted Levison to provide encryption keys for the emails of all Lavabit customers. "In my case, they wanted to break open the entire box just to get to one connection," he told the New York Times.
NSA audit details violations
An NSA audit from May 2012 showed "2,776 incidents in the preceding 12 months of unauthorized collection, storage, access to or distribution of legally protected communications," according to the Washington Post. Responding to the report, NSA compliance director John DeLong said the violations weren't "willful," and that they numbered in the "parts-per-million or parts-per-billion range."
Commenting on the same report, the chief judge of the Foreign Intelligence Surveillance Court told the Post that the court's oversight capabilities were limited. "The FISC does not have the capacity to investigate issues of noncompliance, and in that respect the FISC is in the same position as any other court when it comes to enforcing [government] compliance with its orders," U.S. district judge Reggie Walton said in a statement.
Tapping Merkel's cell?
World leaders including Brazil's Dilma Rousseff, French president François Hollande, and Germany's chancellor Angela Merkel bristled at reports of U.S. surveillance efforts in their respective countries. An incensed Merkel took her complaints to the top, calling on President Obama to address allegations that her own cell phone had been tapped. In response, "The president assured the chancellor that the United States is not monitoring and will not monitor the communications of the chancellor," White House spokesman Jay Carney said.
Using clouds and cookies
The allure of user data stored and tracked by major Internet companies continued to surface in leaked documents. The NSA found ways to tap into the private clouds of Google and Yahoo -- retrieving in a single month as many as 181,280,466 records from user accounts, the Washington Post reported. (Both companies denied giving the NSA access to their systems.)
Google "PREF" cookies, which can help identify a user's web browser and serve up personalized ads, have also enticed the NSA. "In addition to tracking web visits, this cookie allows NSA to single out an individual's communications among the sea of Internet data in order to send out software that can hack that person's computer," the Post reported in a later story.
One method for undermining those deemed "radicalizers" by the NSA? Document their online porn habits.
From Glenn Greenwald, Ryan Gallagher, and Ryan Grim in the Huffington Post: "Among the vulnerabilities listed by the NSA that can be effectively exploited are 'viewing sexually explicit material online' and 'using sexually explicit persuasive language when communicating with inexperienced young girls.' "
Tracking location data via cell phones
From a person's home or from business meetings, hotel rooms and doctors' offices, the NSA is collecting billions of records a day on the cell phone locations of individuals.
"In scale, scope and potential impact on privacy, the efforts to collect and analyze location data may be unsurpassed among the NSA surveillance programs that have been disclosed since June," wrote Barton Gellman and Ashkan Soltani in the Washington Post. "Analysts can find cell phones anywhere in the world, retrace their movements and expose hidden relationships among the people using them."
Tapping the strange science of quantum mechanics, physicists are creating new data security protocols that even the NSA can't crack.
By Clay Dillow
FORTUNE -- The news out of Moscow of late has been dominated by Edward Snowden, the American leaker of secret state documents who is currently seeking temporary asylum in Russia. Meanwhile, across town and to much less fanfare, Dr. Nicolas Gisin found himself explaining last week the solution MOREJul 29, 2013 2:45 PM ET
The coalition between civil libertarians on the left and right appears to be stronger than many had thought. But it appears to be an alliance of convenience.
FORTUNE -- The close, bipartisan vote on Wednesday on a House bill to restrict the National Security Agency's program phone surveillance program revealed a radical evolution -- or devolution, depending on how you look at -- in how we approach the always-difficult tension between MOREDan Mitchell, contributor - Jul 25, 2013 4:02 PM ET
The debate over how much privacy we should give up in return for how much protection is necessary, but complicated. It's too important leave it to Twitter and cable news.
FORTUNE -- The revelation of the National Security Agency's collecting all our telephone metadata has supposedly sparked a "national conversation" -- a great debate taking on all the thorny issues surrounding privacy vs. security. Even President Obama said, "I welcome this MOREDan Mitchell, contributor - Jun 27, 2013 10:29 AM ET
Tools of Big Brother? Not quite. The American public is largely supportive of unmanned aerial vehicles.
By Clay Dillow
FORTUNE -- Gauging purely from the headlines and the tenor of cable television news coverage, one could very easily come to the conclusion that the general public's feeling on domestic drone use in the United States is less-than-enthusiastic. Many civil liberties groups have voiced concerns about Big Brotherly government surveillance via unmanned MOREJun 26, 2013 5:00 AM ET
Harsh criticism for the Obama administration.
By Sameepa Shetty, reporter
FORTUNE -- Famous whistleblowers and journalists, including Julian Assange and Daniel Ellsberg, held a conference call on Wednesday, to express concern about the freedom of press, in the light of the latest whistleblowing scandal.
"With the Obama administration's prosecution of WikiLeaks, [Julian] Assange, [Bradley] Manning and [Edward] Snowden and also their cases against publishers of the content, they are criminalizing the process MOREJun 20, 2013 7:39 AM ET
The search giants collaborated with the feds after 9/11 on an electronic intelligence program.
By Tory Newmyer, writer
FORTUNE -- Google and Yahoo -- and the other tech giants stung by the recent news of their participation in government surveillance programs -- are in the midst of a public-relations offensive to steady suddenly wobbly reputations.
They're sounding a commiserating note, insisting they're just as confounded and concerned as many Americans by the MOREJun 17, 2013 11:41 AM ET
Companies like Silent Circle, which promises to secure or get rid of consumers' private information, have seen a surge in the wake of government spying reports.
FORTUNE -- Silent Circle, an app that allows users to place encrypted phone calls, makes money on paranoia. Paranoia like, say, the fear that the government might build a massive surveillance operation in cooperation with major tech companies and then keep it secret from the MOREJun 14, 2013 10:24 AM ET
Apple, Google, Yahoo and Microsoft have denied participating in the controversial government program. When will one of their employees say otherwise?
By Ryan Bradley, senior editor
FORTUNE -- Thursday night, after the Guardian broke news of Verizon's involvement in a massive domestic spying operation by the National Security Agency, the Washington Post and the Guardian both revealed the existence of a program called PRISM -- a means by which the government gained access MOREJun 7, 2013 11:51 AM ET
|Inside the underground sex economy|
|Obama wants to expand overtime pay|
|NJ agrees to ban Tesla direct sales|
|Plug the financial leaks, now!|
|Bitcoin: taxes are the real reason it's doomed|