The government needs to explain why it had a practice of keeping irrelevant information with personal details of ordinary people, Opsahl noted. "The article revealed the NSA is not making a serious effort to exclude US persons, as required by the law."
The Post's revelations provide a rare glimpse into exactly what the NSA collects as part of its surveillance activities.
According to the Post some of the user accounts in the documents leaked by Snowden appear to have been monitored because they were directly linked with legitimate terrorism suspects. But many other accounts were monitored simply because they happened to be in the same online chat room as a terrorism suspect or used the same foreign IP address as a suspect and other tenuous reasons, the Post said.
Vance downplayed privacy concerns and insisted that the NSA takes all legally mandated steps to ensure that all data it collects is handled in an appropriate manner.
"That's why Congress required that there be rules minimizing the collection, retention, and dissemination of information about U.S. persons," she said in an email to Computerworld.
The rules were approved by the U.S. Attorney General and the Foreign Intelligence Surveillance Court and are designed to minimize the impact of surveillance on Americans who are not targets, Vines said. The agency is now working to extend similar privacy protections to non-suspects living outside the U.S., she said.
Sign up for CIO Asia eNewsletters.