The primary tool is known as Mainway. "It is," reported the New York Times on Saturday, "a repository into which vast amounts of data flow daily from the agency’s fiber-optic cables, corporate partners and foreign computer networks that have been hacked."
Using details from other leaked documents, the NYT report suggests that it is part of a project to create a system capable of accepting 20 billion 'record events' daily and making them available to NSA analysts within 60 minutes (from the secret 2013 budget request to Congress).
From a 2008 document we learn that an 'Enterprise Knowledge System' is designed to “rapidly discover and correlate complex relationships and patterns across diverse data sources on a massive scale.”
The result is the ability to generate detailed graphs of inter-relationships in order to reveal new targets for surveillance. What will surprise many Americans is that this includes foreigners and US citizens alike. "N.S.A. officials declined to say how many Americans have been caught up in the effort, including people involved in no wrongdoing," says the NYT. "The documents do not describe what has resulted from the scrutiny, which links phone numbers and e-mails in a 'contact chain' tied directly or indirectly to a person or organization overseas that is of foreign intelligence interest."
An NSA spokeswoman told the newspaper, "All data queries must include a foreign intelligence justification, period.” However, the 'six degrees of separation' concept (Wikipedia) shows that a connection can easily be demonstrated for anyone. Once that connection is made, the NSA needs no warrant from the Foreign Intelligence Surveillance Court to include collected metadata on US citizens.
According to an NSA memorandum from January 2011, the agency is authorized to conduct “large-scale graph analysis on very large sets of communications metadata without having to check foreignness” of every e-mail address, phone number or other identifier.
The legal justification for this approach, the NSA spokeswoman told the NYT, is the 1979 Smith vs Maryland ruling – the same ruling that Google used to try to get a lawsuit against it tossed – that states that Americans can have no expectation of privacy for the metadata of their communications; and that as such, no warrant is required. This was confirmed by FISC earlier this month.
An example of an NSA relationship graph, taken from an NSA PowerPoint presentation leaked by Snowden, has been published by the NSA. It demonstrates what Orin S. Kerr, a law professor at George Washington University, described to the NYT as "the digital equivalent of tailing a suspect."