Executive Branch Intelligence Surveillance & Privacy

The Latest NSA Documents II: The Crap Hits the Fan

Benjamin Wittes, Lauren Bateman, Matt Danzer
Wednesday, September 11, 2013, 3:50 PM

The story starts in May 2006, when the FISA Court granted the FBI’s application for telecommunications companies to turn over certain “tangible things” to the NSA under Section 215. The “tangible things,” in this case, consisted of the much-ballyhooed telephony metadata---the time and duration of each telephone call, the originating and terminating telephone numbers, and the type of device on which the call was made.

Published by The Lawfare Institute
in Cooperation With
Brookings

The story starts in May 2006, when the FISA Court granted the FBI’s application for telecommunications companies to turn over certain “tangible things” to the NSA under Section 215. The “tangible things,” in this case, consisted of the much-ballyhooed telephony metadata---the time and duration of each telephone call, the originating and terminating telephone numbers, and the type of device on which the call was made. Judge Malcolm Howard found sufficient evidence to believe that the metadata was relevant to investigations. The order is careful to note, though, that although the government is authorized to collect the information, it must follow minimization procedures set forth by the Attorney General.

The most striking portion of the document is the series of tight restrictions on NSA’s use of and access to the metadata. Most notably, although Judge Howard concedes that the data collected under the order “will necessarily be broad,” he orders that “use of [the] information for analysis shall be strictly tailored to identifying terrorist communications and shall occur solely according to the procedures described in the application, including the minimization procedures designed to protect U.S. person information.” Judge Howard also orders strict oversight, including periodic DOJ review of NSA justifications for metadata access, frequent random spot-checks by the NSA Office of General Counsel to ensure NSA agents were in compliance with the order, and the mandatory destruction of the metadata within five years.

Most importantly for present purposes, he includes the following restriction:

access to the archived data shall occur only when NSA has identified a known telephone identifier for which, based on  the factual and practical considerations of everyday life on which reasonable and prudent persons act, there are facts giving rise to a reasonable, articulable suspicion that the telephone identifier is associated with [REDACTED]; provided, however that a telephone identifer believed to be used by a U.S. person shall not be regarded as associated with [REDACTED] solely on the basis of activities that are protected by the First Amendment to the Constitution.

In the more-than-two years that followed, the government sought and received repeated renewals of this order, including in December 2008---just before it discovered a really big problem.

On January 9, 2009, lawyers from the Justice Department’s National Security Division met with representatives of NSA and discussed an “alert system” that NSA had set up to query the metadata database with phone numbers about which they had terrorism concerns. During this meeting, DOJ became concerned that some of those queries were not, in fact, proceeding on the basis of “reasonable articulable suspicion” (RAS), so they followed up with an email asking for clarification. On January 14, NSA confirmed that the Justice Department’s fears had been correct.

The next day, the Justice Department notified the FISA Court, as the government later summarized, that the alert list “included telephone identifiers that were not RAS-approved, as well as some that were.” In fact, it had included a lot of non-RAS-approved identifiers. A few days later, NSA shut down the alert list process while it sought to figure out how to fix things.

Judge Reggie Walton of the FISC was not pleased. In a January 28 order, he wrote that NSA “has been querying the business records acquired . . . in a manner that appears to the Court to be directly contrary to [the Court's] Order and directly contrary to sworn attestations of several Executive Branch officials.” He ordered the government to file a written brief that addressed each of the following issues:
  • Who within the executive branch knew of this violation and when they learned of it;

  • The period of time over which such unauthorized querying had been conducted;

  • How the violation was discovered;

  • How numerous officials in the Justice Department in charge of reviewing the telephony metadata program failed to identify the program earlier;

  • The NSA’s standard for tasking telephone identifiers for collection and any limits on that standard under the First Amendment;

  • The form in which the government stores data derived from the queries run against the business records; and

  • How the government would identify and destroy information derived from the inappropriate queries.


Benjamin Wittes is editor in chief of Lawfare and a Senior Fellow in Governance Studies at the Brookings Institution. He is the author of several books.
Lauren Bateman is a student at Harvard Law School, where she is an editor of the Harvard Law Review. She previously worked as a National Security Legislative Correspondent for Senate Majority Leader Harry Reid, and she takes a special interest in legislative procedure. She also interned for the United States Attorney's Office for the District of Nevada, and was a Research Fellow for the Project on National Security Reform. She graduated with a B.A., magna cum laude, in History and Government from The College of William & Mary in 2009.
Matt Danzer is a graduate of Columbia Law School, where he was a member of the Columbia Law Review and served as president of the National Security Law Society. He also works as an editor for the Topic A public policy blogs on Roll Call. He graduated from Cornell University in 2012 with a B.S., with honors, in Industrial and Labor Relations.

Subscribe to Lawfare