The National Security Agency has expanded warrantless surveillance of Americans’ international Internet traffic under President Obama, according to new classified documents from Edward Snowden reported on by the New York Times and ProPublica.

The goal of the expansion of spying is to spot “evidence of malicious computer hacking.”

The data the NSA sniffs up has been shared with the FBI since 2012, and prosecutors are allowed to use that data, according to ProPublica.

The Justice Department (DOJ) wrote two secret memos in 2012 allowing the NSA’s expansion of spying on Americans without a warrant.

The DOJ’s memo allowed the NSA to monitor “addresses and ‘cybersignatures'” that are tied to foreign governments but “the documents also note that the NSA sought to target hackers even when it could not establish any links to foreign powers,” the reporters wrote.

One objection cited by critics of the NSA’s actions is that the decision to have the spy agency operate heavily on American soil is “a major policy decision about how to structure cybersecurity in the U.S., and not a conversation that has been had in public,” Jonathan Mayer, a cybersecurity scholar at Stanford Law School, told the reporters after reviewing the documents.

The most important part of USA Freedom Act may be declassifying FISA court orders that re-interpret laws in secret http://t.co/yQDxk1bhpQ — Trevor Timm (@trevortimm) June 4, 2015

It’s not just the Patriot Act. The NSA has another secret legal interpretation of surveillance law. http://t.co/iPOdzQGUql #SnowdenDocs — Julia Angwin (@JuliaAngwin) June 4, 2015

“It is not clear what standards the agency is using to select targets,” the ProPublica and Times report notes. “It can be hard to know for sure who is behind a particular intrusion—a foreign government or a criminal gang—and the NSA. is supposed to focus on foreign intelligence, not law enforcement.”

The exact dimensions of the expansion are unknown, though the documents point out that the spying through “hacker signatures pull in a lot.”

U.S. government officials defended the expansion in an explanation to reporters.

“It should come as no surprise that the U.S. government gathers intelligence on foreign powers that attempt to penetrate U.S. networks and steal the private information of U.S. citizens and companies,” Brian Hale, the spokesman for the Office of the Director of National Intelligence, said. “Targeting overseas individuals engaging in hostile cyberactivities on behalf of a foreign power is a lawful foreign intelligence purpose.”

Targeted Internet protocol (IP) addresses and strings of malicious computer code are sniffed out of American Internet traffic without a warrant, according to the report.

“Reliance on legal authorities that make theoretical distinctions between armed attacks, terrorism, and criminal activity may prove impractical,” the White House National Security Council wrote in a classified annex to a policy report in May 2009, according to the report.

Earlier this week, Obama signed the USA Freedom Act, the first major reforms to NSA surveillance in 40 years, into law. The legislation ends the agency’s bulk collections of Americans’ phone records, instead relying on phone companies to store those records themselves.

H/T ProPublica and New York Times | Photo via Freedom of the Press Foundation/Wikimedia Commons (CC BY 4.0) | Remix by Max Fleishman