“According to the new documents, the scanning is enabled by broad legal powers, granted by the Department of Justice and FISA court in 2012. An initial Justice Department order (interpreting Section 702 of the FISA Amendments Act) authorized the NSA to target data based on specific IP addresses or threat signatures that were linked to foreign nations. In addition to its surveillance operations, the NSA is tasked with defending official US networks from digital intrusions, a task that’s grown increasingly difficult as states like China have grown more sophisticated. But according to the documents, limiting the scans to foreign states was too restrictive for the NSA.”
http://www.theverge.com/2015/6/4/8729155/snowden-nsa-internet-cyber-surveillance-cyberattack