When the NSA first released the outline of their security programs, the agency claimed that it only touched 1.6 percent of internet traffic. Publications like The Atlantic disputed that number and now, the Wall Street Journal is saying that all the different programs of the NSA are capable of covering 75 percent of all US internet traffic.
The discrepancy here is due to the amount that the NSA specifically requests from different ISPs and what the agency’s spying programs are capable of. In other words, assuming NSA’s and WSJ’s numbers are true, the difference arises with what the NSA can do and what the NSA actually does. The WSJ report also mentions that while the agency often notes that its capable of seeing the metadata of communications (like the “to” and “from” lines of emails), its also capable of intercepting the actual contents as well.
Due to the large amount of data the NSA is examining, not all of the data is being discarded — meaning that American’s communications are likely left stored in the NSA’s database, despite the agency being required to destroy information on Americans that “doesn’t fall under exceptions to the rule, including information that is relevant to foreign intelligence, encrypted, or evidence of a crime.”
I would say I’m glad I don’t live in America but I’m pretty sure NSA does worse things abroad — with little to no oversight under the guise of national security.