A Correction and a Reiteration
As I was getting on the long flight home from Thailand, Wells and I realized that I had made a considerable error in my earlier post on the NSA data collection effort. In reading the FISA Court's order, I had misread a fuzzy date stamp as reflecting April 15---when it, in fact, says April 25.
Published by The Lawfare Institute
in Cooperation With
As I was getting on the long flight home from Thailand, Wells and I realized that I had made a considerable error in my earlier post on the NSA data collection effort. In reading the FISA Court's order, I had misread a fuzzy date stamp as reflecting April 15---when it, in fact, says April 25. Because the 15th was the day of the Boston Marathon bombing, this led me to presume---it now seems wrongly---that the order was some sort of investigative response to the bombing. As Wells noted later, however, the comments of the Senate Intelligence Committee leadership strongly suggest that the surveillance order is unrelated to the bombing but is a part of seven-year-old programmatic activity---the current order being merely a routine sort of renewal. We have noted the error in the original post, and I apologize to anyone who was misled by my mistake.
That said, the point of my post still stands and I want to reiterate it. So I have modified my earlier language below to reflect my current understanding of the collection. Like Wells, I refer readers as well to Orin Kerr's excellent post over at the Volokh Conspiracy. And as I am writing once again in haste (on a brief stopover in Seoul), I want to be clear both that I have not yet read the Washington Post article that just broke and that my thinking may well change as more facts develop.
Because we have only the order itself, not the application that underlies it, we don't know the government's exact legal theory here. But I have a hard time imagining the application that could have produced it without authorizing programmatic collection of just about any data for any investigative purpose at all. Section 215, codified in law as 50 U.S.C. § 1861, allows the government to apply to the FISA court for an order for production “of any tangible things . . . for an investigation to obtain foreign intelligence information not concerning a United States person or to protect against international terrorism or clandestine intelligence activities. . . .” To acquire such an order, the government does not have to do much—just as it doesn’t have to do much in a criminal investigation: It merely has to offer, in pertinent part, “a statement of facts showing that there are reasonable grounds to believe that the tangible things sought are relevant to an authorized investigation . . . to obtain foreign intelligence information not concerning a United States person or to protect against international terrorism or clandestine intelligence activities.”
So presumably, the theory would have to be that the "tangible things" here are the giant ongoing flood of data from the telecommunications companies and that they are "relevant to an authorized investigation," perhaps of Al Qaeda, "to protect against international terrorism." That reading seems oddly consistent with the statutory text, which may be why the intelligence committee leadership seems so comfortable with the program.
But that still leaves the question of how it's possible to regard metadata about all calls to and from a Dominos Pizza in Peoria, Illinois or all calls over a three month period between two small businesses in Juneau, Alaska as “relevant” to an investigation to protect against terrorism. I think the only possible answer to this question is that a dataset of this size could be “relevant” because there are ways of analyzing big datasets algorithmically to yield all kinds of interesting things—but only if the dataset is known to include all of the possibly-relevant material. The individual data may not be relevant, but the dataset or data stream is relevant because it is complete—and therefore is sure to include any communications by whomever we turn out to be concerned about.
But here's the problem: if that constitutes relevance for purposes of Section 215 then isn’t all data relevant to all investigations? Grand jury subpoenas, after all, issue on the basis of relevance too---albeit relevance to a criminal investigation. Why couldn't the FBI obtain all domestic metadata on the theory that some sort of data-mining would be useful in a mob investigation---and that a complete dataset is therefore "relevant" to it?
Benjamin Wittes is editor in chief of Lawfare and a Senior Fellow in Governance Studies at the Brookings Institution. He is the author of several books.