Published by The Lawfare Institute
in Cooperation With
Brookings

The next key date in the metadata saga was February 26, 2009---that is, about a month after the government initially had apprised the court of a violation of the its procedures for querying collected metadata, and fourteen days after the government had elaborated on the difficulties, while humbly claiming that new safeguards might nevertheless ensure obedience to court-imposed rules.  Such was the context for the February 26 document, styled a “Notice of Compliance Incident” (“February 26 Filing”)---which confirmed additional errors on the government's part.

That document relies upon a supplemental declaration by NSA Director Lt. Gen. Keith Alexander, who had initiated a still-pending “end-to-end system engineering and process reviews” of the agency’s use of bulk telephony metadata.  In particular, the intelligence chief had ordered an audit of all queries made to the metadata repository since November 1, 2008, the goal being to identify any queries using telephone identifiers that did not met the  “reasonable, articulable suspicion” standard.

In particular, the February 26 Filing identifies two different new NSA violations of FISC orders regarding handling of the metadata. The first involved an unidentified analytical tool,which automatically culled the metadata for telephone identifiers---ones that had not, unfortunately, been earlier deemed to satisfy the court’s required standard of reasonable, articulable suspicion.  By way of response, the filing explained, NSA had halted all automated queries of the metadata, blocked access to materials previously generated by the automated tool, and committed not to resume automated queries until it could ensure the queries’ compliance with FISC orders.

Like their automatic counterparts, manual queries also presented a problem, according to the February 26 Filing.  In it NSA reported that three of its analysts had conducted queries, using fourteen telephone identifiers that (you guessed it) also had not been approved pursuant to the reasonable, articulable suspicion standard. Oddly, the government’s filing continued, these analysts did not realize they were querying the metadata.  To address the shortcoming, NSA subsequently installed a “software fix” on February 20.  This reportedly prevented the use of non-approved identifiers in metadata queries, going forward.

The gist: the government once more had found compliance problems, and once more said it had taken needed remedial steps to resolve them.

So how much, if at all, would this reassure the FISC?

Not too much, at least gauging by that court’s March 2, 2009 Order (“March 2 Order”)---the next item in the week’s tranche of declassified materials.

Judge Walton begins the at-times caustically-worded, 20-page ruling by recounting recent history: the FISC’s 2008 authorization of bulk telephony metadata collection, based on the government’s claims of urgent need and its proposal to observe strict minimization requirements in querying the metadata; the government’s preliminary indication, in January, of non-compliance with those very requirements, and in particular the extensive querying of metadata for “alert list” telephone numbers, where no reasonable and articulable suspicion was present; the court’s insistence upon learning more about those incidents; and the government’s provision of further detail its February filing to the court.

The context set out, Judge Walton turns to the substance.  And he pulls no punches.  Indeed, the March 2 Order thoroughly bashes the government, for three different sets of issues: NSA’s violations of the court order with its “alert list” mechanism; the agency’s repeated misrepresentations to the court; and the other “non-compliance matters” by NSA.   

As to the first of the trio, Judge Walton observes that, given the government’s concessions about the alert list,  “most of telephone identifiers compared against the incoming BR metadata were not [approved per the reasonable and articulable suspicion standard],” and thus ran directly counter to FISC-approved minimization rules (emphasis in the original).  As for the government’s explanation for the error---that certain NSA personnel had thought that minimization protocols for metadata queries applied only to metadata which had been “archived,” rather than simply to metadata which had been obtained by NSA in the first instance---the FISC says this “strains credulity.”  “Such an illogical interpretation of the Court’s Orders,” Walton writes, “renders compliance with the [reasonable and articulable suspicion] requirement merely optional.”

Equally frustrating to the Court was NSA’s suggestion that its goof was somehow less than surprising, because NSA doesn’t use reasonable and articulable suspicion requirements for queries of data collected through its various signals intelligence collection activities---that is, ones not governed by the business records provision authorizing the metadata program.

Add to the above a second problem: repeatedly misrepresenting the nature of the alert list process to the Court.  According to the March 2 Order, earlier FISC decisions had called for regular reports about queries of collected metadata.  But the government’s reporting said time and again---quite wrongly---that all telephone identifiers on the alert list already had been found to satisfy the reasonable and articulable suspicion standard.  This mistake had its origins in a factually inaccurate draft report to the FISC, which itself had been prepared in August 2006 by an attorney at NSA. Apparently, the lawyer had circulated his draft to colleagues, and asked for help in making “sure that everything I have siad (sic) is absolutely true.”  Unpacking the misrepresentations to the court, the March 2 Order quotes the attorney’s request for help, and another submission by NSA Director Keith Alexander.  The latter acknowledges:

it appears there was never a complete understanding among the key personnel who reviewed the report for the SIGINT Directorate and the Office of General Counsel regarding what each individual meant by the terminology used in the report.  Once this initial misunderstanding occurred, the alert list description was never corrected since neither the SIGINT Directorate nor the Office of the General Counsel realized there was a misunderstanding.  As a result, NSA never revisited the description of the alert list that was included in the original report to the Court.

The foregoing, writes Judge Walton,

has prevented, for more than two years, both the government and the FISC from taking steps to remedy daily violations of the minimization procedures set forth in FISC orders and designed to protect [redacted] call detail records pertaining to telephone communications of U.S. persons located within the United States who are not the subject of any FBI investigation and whose call detail information could not otherwise have been legally captured in bulk.

That left a third, residual category of errors, which the March 2 Order refers to generically as “other non-compliance matters.”  These too involved queries of metadata, conducted without first finding reasonable, articulable suspicion that the number in question indeed was associated with a FISA-covered target. In October of 2008, NSA analysts, untrained in minimization processes, inadvertently had queried telephony metadata without being aware that they were doing so, and without first finding reasonable and articulable suspicion.  (There were 2,373 of these numbers, all of them foreign.) Certain remedial measures were then imposed.  But these fixes twice proved ineffective---first in December 2008, when analysts again ran queries on unapproved numbers, and again more recently, in January of 2009, when the same occurred.

With the foregoing in mind, Judge Walton concludes that “minimization procedures … have been so frequently and systematically violated that it can fairly be said that this critical element of the overall [business records metadata] regime has never functioned effectively.”

So what about a remedy?  Judge Walton next reassesses the metadata program, first by observing that the vast majority of individual records collected

pertain to communications of non-U.S. persons who are not the subject of an FBI investigation to protect against international terrorism or clandestine intelligence activities, and are data that otherwise could not be legally captured in bulk by the government.  Ordinarily, this alone would provide sufficient grounds for a FISC judge to the deny the application.

The district court judge nevertheless allowed metadata collection in bulk, he writes, both because of the government’s explanation, “under oath, of how the collection and access of such data are necessary to analytical methods” of NSA’s; and because of the minimization procedures.  Its the last part that troubles Judge Walton most; he writes that he “no longer has … confidence” that NSA officials are complying with them.  He adds that NSA’s latest round of new and technical minimization-assuring safeguards---including those described in February 26 Filing---are likely insufficient.  Indeed, the FISC openly doubts that  “the most recent discovery of a systematic, ongoing violation---on February 18, 2009---will be the last.”

Ultimately, the March 2 Order modifies the metadata program, but stops short of halting it outright---both because of the program’s importance to national security, and because Judge Walton believes that bulk metadata collection can proceed, if adequate minimization procedures are put in place and routinely observed.

The March 2 Order ends with Judge Walton’s resolution to the recurring compliance problem, and his instructions to the government.  The latter are as follows:  NSA may continue to collect bulk metadata collection, as ordered previously by the court.  However, “the government is hereby prohibited from accessing [metadata] acquired pursuant to FISC orders in the above-captioned docket and its predecessors for any purpose except as described herein.”  One acceptable purpose is “maintaining data integrity;” another is “compliance with the Court’s orders.”  But so far as NSA’s analytic work goes, “the government may request through a motion that the Court authorize querying of [metadata] for purposes of obtaining foreign intelligence on a case-by-case basis,” save only for cases posing an immediate threat to human life (emphasis added).  In such cases, Judge Walton writes, the government may query and then report to the court the following business day on the query and the details surrounding it.

Finally, the March 2 Order requires the government, upon conclusion of its “end to end” and process reviews, to file a report with the FISC.  This must contain affidavits from high ranking officials, describing the value and relevance of the sought metadata; a read-out of the outcome of the “end to end” and process reviews; a full account of steps taken to remedy the incidents described in Walton’s order and any future incidents, and an affidavit attesting to the effectiveness of those steps; and a description of proposed minimization techniques, should Judge Walton elect to permit the government once more to query collected metadata without prior approval from the FISC.


Wells C. Bennett was Managing Editor of Lawfare and a Fellow in National Security Law at the Brookings Institution. Before coming to Brookings, he was an Associate at Arnold & Porter LLP.
Matt Danzer is a graduate of Columbia Law School, where he was a member of the Columbia Law Review and served as president of the National Security Law Society. He also works as an editor for the Topic A public policy blogs on Roll Call. He graduated from Cornell University in 2012 with a B.S., with honors, in Industrial and Labor Relations.

Subscribe to Lawfare