Julie O. answered • 05/17/19
PreAP W History /Global Studies; US Govt/US History teacher
In response, my guess would be a definite yes as there are contextual programs that search given phrases that are designated as threatening and then can be cross referenced by country or other targeted terms. That kind of software has existed for decades in companies like Google and the NSA most likely had a hand in the development and coding of such programs.
Here is an excerpt from a document delivered By Edward Snowden in his famous whistleblowing case which talks of a specific program called XKS or XKEYSTROKE which is the NSA's version of Google.
"What is Contextual Logic?
(S//REL) Contextual logic is the ability to look for keywords, regular expressions, geo-
boxes, and other events purely within a specified a scope (context). While this may not
sound like a big deal, currently the only context that current DNI processing sensors
provide is that of ""strong-selector” where an email address/chat handle/ip address is
extracted from a known application type and looked up against a list of known targets.
Derived From: NSA/CSSM 1-52
Dated: 20070108
Declassify On: 20350201
SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL
SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL
(S//REL) Contextual logic allows the creation of advanced analytics with extreme
precision. For example, if as an analyst needs to find all people in Kabul performing web
searches on Jihad, how could this be done? For starters, tasking the term Jihad in
CADENCE or other similar systems would result in voluminous collect as the keyword
hit on every news web page, blog entry, RSS feed etc. The result would be a ton of data
that would ultimately be useless to the analyst and waste precious exfil bandwidth.
(S//REL) So who could I ask the question “Show me all the people doing web searches
on Jihad from Kabul?” Well for starters, the system would need to understand web
searches. What protocol is used for relaying the text of a search from your browser to the
search site’s data centers? The system must not only be capable of identifying this traffic,
but also of processing it and extracting out the text of the web search. Well it turns out
that most search engines uses the HTTP protocol (just like every other web site out there)
and the search terms are url-encoded and are passed as the url argument “q”.
XKEYSCORE (or other equivalent system) will extract the “q” url argument and then
normalize the text by url-decoding it. After normalization, the text is passed to the
GENESIS context for scanning against all search terms NS A analysts are looking for.
(S//REL) So this is how we would task the web search:
fingerprint('web_search/extremist/jihad' ) =
web_search('jihad' or 'mojahadeen') ;
(S//REL) But wait - we’re not done yet. The analyst requested that the expression only
be true if the person was physically located in Kabul.
(S//SI//REL) To execute the geographic this part of the question, the GENESIS engine
performs an NKB IPGEO lookup against all sessions. The country and city codes are
then passed to the contexts relating to country and city. The city code tasking for Kabul
will fire. "
Here is the exact link to the website: https://search.edwardsnowden.com/docs/GuidetousingContextsinXKSFingerprints2015-07-01_nsadocs_snowden_doc
Form your own conclusions but your query seems relevant.
