The NSA revelations all in one chart

ProPublica plotted the NSA programs, showing which ones fall squarely into the agency's stated mission of foreign surveillance, and which ones are more controversial

Illustrations by Alberto Cairo (special to ProPublica)

This is a plot of the NSA programs revealed in the past year according to whether they are bulk or targeted, and whether the targets of surveillance are foreign or domestic. Most of the programs fall squarely into the agency’s stated mission of foreign surveillance, but some – particularly those that are both domestic and broad-sweeping – are more controversial.

Just as with the New York Magazine approval matrix that served as our inspiration, the placement of each program is based on judgments and is approximate.

For more details, read our FAQ or listen to our podcast. Also, take our quiz to test your NSA knowledge.



Program Name







Squeaky Dolphin

A British effort to monitor YouTube video views, URLS "liked" on Facebook and Blogger visits.




Optic Nerve

A British program to bulk collect images from Yahoo webcam chats: "It would appear that a surprising number of people use webcam conversations to show intimate parts of their body to the other person."




Honey Traps

A British spy effort to conduct covert Internet investigations, including sexual "honey-traps."




Hacking Anonymous

A British spy unit to monitor hacktivists such as the group Anonymous.




Royal Concierge

A GCHQ program to monitor hotel reservations for "governmental hard targets."




Swedish-American surveillance of Russia

A Swedish-American effort to spy on Russian leadership.





A large network of clandestine surveillance "sensors" to collect data from satellites, cables, and microwave communications around the world.





A network of active command and control servers around the world that can be used for "industrial scale exploitation."




Internet Metadata

A program, ended in 2011, to sweep up domestic Internet metadata such as the To and From fields in emails.




A so-called man-in-the-middle attack for "mass exploitation" of traffic "passing through network choke points" as well as "surgical target selection."




Buddy List, Address Book Spying

An NSA effort to collect hundreds of millions of contact lists from email and instant messaging accounts.




Program to Discredit Militants

An NSA effort to spy on targets' online sexual activity.





An NSA effort to use Web cookies and data from phone apps to identify users' devices and physical locations.




50,000 implants

An NSA map of the 50,000 computers worldwide it has implanted with surveillance malware.




Targeting Embassies

An NSA operation targeting the Italian embassy in Washington D.C.





An NSA program to break into Chinese-owned Huawei networks and products.





An NSA program to collect images from emails for facial recognition.





An NSA program to collect up to 200 million text messages a day worldwide.





An NSA program to geolocate people's SIM cards via Predator drones.





An NSA technique to deploy malware by sending out emails that trick targets into clicking a malicious link.




Tapping Underseas Cables

Companies - including BT, Vodafone, and Verizon Business - gave GCHQ access to their underseas cables.




LinkedIn Hack

Engineers at a Belgian telcom were infected with malware, via a technique called QuantumInsert, when they pulled up their LinkedIn profiles.




Cellphone Location Test

In 2010 and 2011, the NSA tested bulk collection of location data from Americans cellphones.




Joint NSA and GCHQ effort to undermine and weaken cryptography standards and tools.



Angry Birds

NSA and GCHQ efforts to intercept information transmitted by phone apps, including Angry Birds.




Hacking OPEC

NSA and GCHQ programs to infiltrate the OPEC oil cartel




Hacking Al Jazeera

NSA hacked into Al Jazeera's internal communications system.





NSA programs that inject spyware onto targets' computers through so-called "man on the side" attacks. Variants include QuantumInsert, QuantumBiscuit, and QuantumSmackdown.




Hammerchant / Hammerstein

NSA programs to spy on data sent through voice over IP calls and Virtual Private Networks.




Surveillance of 2009 U.N. Climate Change conference

NSA surveillance of the 2009 U.N. Climate Change conference.




EgotisticalGoat and EgotisticalGiraffe

The Egotistical animal programs are techniques to track users of Tor anonymizing software.





The NSA and GCHQ have jointly operated a program to intercept data from Yahoo and Google networks.




Spying on Gamers

The NSA and GCHQ monitored games including World of Warcraft.




Co-Traveler/ FASCIA

The NSA collected 5 billion records a day of cellphone locations worldwide.




G8 and G20 Summit Spying

The NSA conducted surveillance during the 2010 G8 and G20 summits in Canada.




Cracking cellphone encryption

The NSA has the capability to defeat a widely-used cellphone encryption technology.




Hacking Angela Merkel

The NSA targeted German Chancellor Angela Merkel's cellphone.





The NSA tested a technique for using drones to map "the Wi-Fi fingerprint of nearly every major town in Yemen."





The Prism program collects data from the servers of U.S. technology companies.



NoseySmurf, TrackerSmurf, DreamySmurf, ParanoidSmurf

The Smurf programs get inside iPhones and Android devices, turning on microphones, tracking location, and managing power.





The Upstream program collects communications transiting the Internet via commercial partners codenamed Fairview, Stormbrew, Blarney, and Oakstar.



Phone Metadata

The well-known and controversial program to collect of phone call records - aka metadata - of nearly all Americans.




Tracfin amasses gigabytes of data about credit card purchases.




ANT catalog

Various techniques - with names like IronChef and DropoutJeep - used to inject surveillance software into Apple, Cisco, Dell and other products.








Like this story? Get our top stories by email.


Red Cross: How we spent Sandy money is a ‘trade secret’

The charity is fighting ProPublica's public records request for information on how it raised and spent money after the super storm

Just how badly does the American Red Cross want to keep secret how it raised and spent over $300 million after Hurricane Sandy?

The charity has hired a fancy law firm to fight a public request we filed with New York state, arguing that information about its Sandy activities is a "trade secret."

The Red Cross' "trade secret" argument has persuaded the state to redact some material, though it's not clear yet how much since the documents haven't yet been released.

As we've reported, the Red Cross releases few details about how it spends money after big disasters. That makes it difficult to figure out whether donor dollars are well spent.

The Red Cross did give some information about Sandy spending to New York Attorney General Eric Schneiderman, who had been investigating the charity. But the Red Cross declined our request to disclose the details.

So we filed a public records request for the information the Red Cross provided to the attorney general's office.

That's where the law firm Gibson Dunn comes in.

An attorney from the firm's New York office appealed to the attorney general to block disclosure of some of the Sandy information, citing the state Freedom of Information Law's trade secret exemption.

The documents include "internal and proprietary methodology and procedures for fundraising, confidential information about its internal operations, and confidential financial information," wrote Gabrielle Levin of Gibson Dunn in a letter to the attorney general's office.

If those details were disclosed, "the American Red Cross would suffer competitive harm because its competitors would be able to mimic the American Red Cross's business model for an increased competitive advantage," Levin wrote.

The letter doesn't specify who the Red Cross' "competitors" are.

The Red Cross is a public charity and occupies a unique place responding to disasters alongside the federal government.

Among the sections of the documents the Red Cross wanted redacted was "a two-line title" at the top of a page, one line of which was "American Red Cross."

The attorney general's office denied that redaction, writing that it "can not find disclosure of this two line title will cause the Red Cross any economic injury."

Asked about the effort to have Sandy materials kept secret, Red Cross spokeswoman Anne Marie Borrego told ProPublica: "We sought to keep confidential a small part of the letter [sent to the AG] that provided proprietary information important to maintaining our ability to raise funds and fulfill our mission."

Doug White, a nonprofit expert who directs the fundraising management program at Columbia University, said that it's possible for nonprofits to have trade interests — the logo of a university, for example — but it's not clear what a "trade secret" would be in the case of the Red Cross. He called the lawyer's letter an apparent "delaying tactic."

Ben Smilowitz of the Disaster Accountability Project, a watchdog group, said,

"Invoking a 'trade secret' exemption is not something you would expect from an organization that purports to be 'transparent and accountable.'"

In agreeing to withhold some details, the attorney general's office found that portions of the documents the charity wanted to redact "describe business strategies, internal operational procedures and decisions, and the internal deliberations and decision-making processes that affect fundraising and the allocation of donations."

The attorney general's office also found "that this information is proprietary and constitutes trade secrets, and that its disclosure would cause the Red Cross economic injury and put the Red Cross at an economic disadvantage."

Another section the Red Cross wanted redacted was a paragraph that noted the charity's "willingness to meet with the [Office of the Attorney General.]" The attorney general's office denied that part of the request

Borrego, the Red Cross spokeswoman, declined to say how much the charity is paying Gibson Dunn but said, "we do not use funds restricted to Superstorm Sandy to cover those expenses."

We'll let you know when we get the documents we asked for — at least the parts that aren't trade secrets.

If you have experience with or information about the American Red Cross, including its operations after Sandy, email [email protected]

Related articles: Read our other coverage about how the Red Cross' post-storm spending on Sandy is a black box.


Like this story? Get our top stories by email.



Nagesh Kini

5 years ago

The NPO sector has necessarily to be brought under the Consumer Protection Laws.At present they are not expressly exempted.
But they some how try to wriggle out to deny providing information. In one case even saying that the date on the court fee stamp is time barred!

Medicare billing outliers often have disciplinary problems, too
As news organizations analyze data on Medicare payments, doctors with disciplinary records keep popping up

Over the past couple months, media organizations including ProPublica have been busy dissecting data released by Medicare on payments made to health professionals in 2012.
We've uncovered unusual billing patterns: Doctors who only bill for the most complicated and high-priced office visits, and ambulance companies in New Jersey who ferry patients to and from dialysis appointments dozens of times a year.
But one thread connecting various stories by us and others is how often doctors with unusual billing patterns have been disciplined by their state medical boards or have faced accusations against their licenses.
In our first story, we found dozens of doctors who Medicare kept paying after they were suspended or terminated from state Medicaid programs, indicted or charged with fraud, or had settled civil allegations of submitting false claims to Medicare.
Bloomberg found a similar pattern, reporting how Medicare had paid millions to doctors who had lost their licenses.
The first time cardiologist Robert Graor lost his Ohio license to practice medicine was in 1995, after he was convicted of 10 felony theft counts for embezzling more than $1 million from the Cleveland Clinic and sentenced to three years in jail.
The second time was in 2003, after he'd won back the license following his release from prison. This time, the Ohio Board of Medicine found he repeatedly misrepresented his credentials over a two-decade period and permanently barred him from practicing medicine.
That didn't stop Graor from participating in Medicare, the government's health insurance program for the elderly and disabled. In 2012, Medicare paid $660,005 for him to treat patients in New Mexico, which gave him a license to practice in 1998. Graor declined to comment.
Among those who almost always billed for the most complex office visits, we again found disciplined doctors. One Michigan doctor surrendered his license in New York, agreed not to renew his license in Connecticut, had withdrawn his application for a license in Ohio and was once on probation in Michigan. Another doctor is facing a 2013 accusation by California's medical board for gross negligence in his prescribing of controlled substances, a charge he denies.
Both told us that they charged Medicare appropriately.
The Dallas Morning News found that 10 of the 77 medical providers in Texas who almost exclusively billed for the priciest office visits in 2012 "have been fined or otherwise sanctioned by the Texas Medical Board." That included a Laredo physician who was disciplined three times by the board, most recently in 2013, following allegations of "inappropriate conduct with a hospitalized woman he treated for depression and an overdose," the News reported.
The doctor "denied engaging in any sexual contact with the patient," the medical board's report said. But the board ordered that he have a chaperone present when examining female patients, the News reported.
For a subsequent story, the Morning News found that of the 163 Texas providers "who led the nation in per-patient use of certain procedures," 21 had been disciplined by the Texas Medical Board. "One doctor served prison time for health-care fraud. Another has been disciplined by regulators five times, on charges including dangerous use of anesthesia. A third devotes his practice to a controversial therapy that Medicare won't cover."
The Wall Street Journal also has focused on doctors with unusual billings, looking at more than 2,300 providers who were paid $500,000 or more by Medicare for a single procedure or service. Included were some sanctioned doctors. One Florida doctor billed Medicare for a radiation procedure used by only two other doctors in the database, earning $2.41 million for it in 2012. He was disciplined in 1998 for alleged fraudulent billing. The doctor told the Journal that his care was never in question and that he simply had to improve his medical documentation.
KQED, NPR's San Francisco member station, identified an emergency medicine doctor in Southern California who billed, on average, for 30 of the most complex office visits per patient in 2012. The doctor was put on probation by the Medical Board of California in 2006 after being accused of "repeated negligent acts, incompetence, making false statements and inadequate record keeping," the station reported. His probation was extended last year after he was accused of violating the terms of his prior sanction.
And the Chicago Tribune identified a neurosurgeon who was indicted earlier this year for, among other things, frequently billing for the most complex office visits and indiscriminately prescribing controlled substances. The doctor billed for these visits more than 75 percent of the time in 2012, the data showed, and claimed half of all of the most complex office visits by all Illinois neurosurgeons in 2012, the Tribune reported.
The doctor told the Tribune through an attorney that he intends to dispute the charges. He continues to see patients as he awaits trial, the newspaper reported.
Aaron Albright, a spokesman for the Centers for Medicare and Medicaid Services, said in an email that the agency is taking steps to protect Medicare from fraudulent billers.
"CMS checks with state licensing boards to ensure that only licensed providers are enrolled in Medicare," he wrote. "We are also sharing information with the Federation of State Medical License Boards to refer health care providers that have abusive billing behaviors for licensure action."
Since March 2011, Albright wrote, more than 770,000 providers and suppliers have been screened by Medicare, resulting in some 260,000 practice locations having their billing numbers deactivated. Another 17,500 providers and suppliers had their billing privileges revoked and would have to reapply to Medicare and be approved before they could resume charging the program for services.
Conversely, state medical boards do not use Medicare billing data to trigger investigations of doctors.
Jarrett Schneider, a spokesman for the Texas Medical Board, said in an email that the board relies on complaints to determine whether an investigation is warranted.
"Typically, in order to open an investigation, TMB needs specific patient information in order to obtain relevant information and medical records from a physician. So while it's certainly possible that Medicare information could be reviewed during the course of an investigation, the Board would most likely be reviewing that information after a complaint has been made regarding a specific patient or patients."
Officials at the Ohio medical board agreed that current laws don't contemplate such huge data releases or proactive analysis to identify possible cases.
"We're not equipped to do that at the current time," said Jonathan Blanton, interim director of the State Medical Board of Ohio. "I don't know that our rules are really set up to contemplate that kind of an inquiry."
That said, Blanton added, the field of medical regulation needs to consider the use of data going forward.
"It kind of hits you like a tidal wave," Blanton said of the Medicare data release. "There's this ocean of information. Sorting through it to find information that's relevant and important, and tying it to a specific physician and a specific case will be challenging."
The Federation of State Medical Boards, in a statement, said disciplinary data about physicians is available to government agencies and health organizations, and that they should use it as a "predictive resource."
"Whether it is a hospital privileging board or a federal agency like CMS, we strongly encourage any organization acting in a capacity that includes physician oversight to access physician disciplinary-history data – which is widely available – to identify bad actors and help prevent problems before they occur," the statement said.
Want to know more about Medicare data? Read ProPublica's The Prescribers series, based on data from Medicare's prescription drug program.

Like this story? Get our top stories by email.


We are listening!

Solve the equation and enter in the Captcha field.

To continue

Sign Up or Sign In


To continue

Sign Up or Sign In



online financial advisory
Pathbreakers 1 & Pathbreakers 2 contain deep insights, unknown facts and captivating events in the life of 51 top achievers, in their own words.
online financia advisory
The Scam
24 Year Of The Scam: The Perennial Bestseller, reads like a Thriller!
Moneylife Online Magazine
Fiercely independent and pro-consumer information on personal finance
financial magazines online
Stockletters in 3 Flavours
Outstanding research that beats mutual funds year after year
financial magazines in india
MAS: Complete Online Financial Advisory
(Includes Moneylife Online Magazine)