NSA misled surveillance court and broke privacy protections in mass telephone metadata program


The National Security Agency on a daily basis for 3 years illegally accessed telephone metadata records and misled the secret court meant to oversee the storage program, newly declassified documents show.

As a result of Freedom of Information Act lawsuits, the Office of the Director of National Intelligence declassified on Sept. 10 hundreds of pages of redacted Foreign Intelligence Surveillance Court documents concerning oversight of the mass telephone metadata program. The FISC has ruled that the NSA can store records of all domestic and international telephone calls that pass through U.S. carrier switches under authority of Section 215 of the Patriot Act (codified at 50 USC § 1861)--so long as it searches those records only when it has "reasonable, articulable suspicion" that a telephone number is of interest to counterterrorism analysts.

But, in a March 2, 2009 order (.pdf), FISC Judge Reggie Walton said since FISC authorization of the mass storage telephone metadata storage program in May 2006, the NSA used a list of telephone identifiers against which it matched incoming mass telephony metadata records. "Most of the telephone identifiers against the incoming BR metadata were not RAS-approved," Walton said (original emphasis).

"No one inside or outside the NSA can represent with adequate certainty whether the NSA is complying" with data minimization procedures, Walton also said. He ordered the intelligence community to stop accessing the telephone record database except with court permission on a case-by-case basis, a requirement he later lifted in a Sept. 3, 2009 order (.pdf) that restored routine access. In the interim, the NSA conducted an "end-to-end (.pdf)" review of the program that resulted in "technological fixes, improving training, and implementing new oversight procedures," Director of National Intelligence James Clapper says in a statement.

NSA documents cited by Walton in the March order show that as of Jan. 15, 2009, only 1,935 of 17,835 identifiers on the alert list were associated with a reasonable, articulable suspicion.

Walton said a government explanation for the noncompliance with the RAS standard "strains credulity." A intelligence community submission to the court suggested that some NSA personnel believed the RAS standard was applicable only to archival databases, Walton said.

"It is difficult to imagine why the Court would intend the applicability of the RAS requirement--a critical component of the procedures proposed by the government and adopted by the Court--to turn on whether or not the data being accessed has been 'archived' by the NSA in a particular database at the time of the access," he wrote.

Every application for renewal of the storage program since 2006 contained a sentence affirming the numbers on the list met the RAS standard. In a Feb. 17, 2009 declaration, NSA head Gen. Keith Alexander attributed its continuance to a lack of "complete understanding among the key personnel…regarding what each individual meant by the terminology."

The order also found the NSA violated the reasonable, articulable suspicion standard in other ways. During a 5 day period in April 2008, 31 NSA analysts queried the telephony record database "without being aware they were doing so," the NSA told the court, using 2,737 foreign telephone numbers to conduct searches that hadn't been subjected to a RAS standard test.

As a result, NSA modified a tool for accessing data, ensuring that analysts would be aware when they queried the telephony records database--but two NSA analysts in December 2008 and January 2009 made searches using 280 foreign telephone numbers without subjecting the queries to the RAS standard "despite full implementation of the above-referenced software modifications," Walton wrote.

For more:
- go to an ODNI webpage with Clapper's statement and links to the documents

Related Articles:
Sensenbrenner files amicus brief supporting ACLU lawsuit against bulk telephone metadata storage
White House NSA surveillance board heavy on the Washington insiders
Metadata is a proxy for content, argues Princeton professor in ACLU lawsuit against bulk metadata collection