NSA, Which Once Claimed It Needed Every Phone Record, Now Claims It Actually Gets Less Than 20%

from the is-that-supposed-to-be-comforting? dept

Ever since the first Snowden leaks about the way the NSA interpreted Section 215 of the PATRIOT Act to allow it to collect all call records from various telcos, one of the key arguments that has been made by the program's defenders is that it was necessary to have every single call record to make the important connections between terrorists. Multiple officials have argued that to find the "needle in the haystack" they need to be able to collect the whole haystack. In fact, that was part of the argument made by the few judges who have reviewed and approved this program. In the very first FISC ruling that actually analyzed the legality of the program (as opposed to earlier approvals that never bothered with an analysis), the court clearly indicated that it was necessary to collect everything:
The government depends on this bulk collection because if production of the information were to wait until the specific identifier connected to an international terrorist group were determined, most of the historical connections (the entire purpose of this authorization) would be lost. The analysis of past connections is only possible "if the Government has collected and archived a broad set of metadata that contains within it the subset of communications that can later be identified as terrorist-related." Because the subset of terrorist communications is ultimately contained within the whole of the metadata produced, but can only be found after the production is aggregated and then queried using identifiers determined to be associated with identified international terrorist organizations, the whole production is relevant to the ongoing investigation out of necessity.
That legal tapdancing aside, it basically argues that the only way this data makes sense is if the NSA has all of it. Similarly, when Judge William Pauley found the program legal late last year, he too relied on the argument that the NSA needed all the data.

And yet... it appears that they're actually not getting that much data. A new report from the Washington Post claims that the NSA is actually only getting between 20 to 30% of the data. The Wall Street Journal rushed out a quick story claiming it's actually less than 20%.

Apparently, while the NSA has gotten approvals to get data on landline calls from Verizon and AT&T, it actually hasn't yet gone after the same data from most mobile phone calls. For example, even though it gets Verizon landlines, it apparently does not collect the data on Verizon Wireless. Nor does it collect the data from T-Mobile. There are somewhat conflicting reports as to why this is, but the Washington Post piece suggests that the incident in 2009 in which FISC chief judge Reggie Walton nearly shut the whole program down over compliance failures has basically stopped the NSA from updating the program, because everywhere they look there have been more (you guessed it) compliance failures, and they're simply not set up to handle mobile phone data. Update: And some are questioning the whole claim here, noting that the orders that have been revealed do appear to request IMEI and IMSI data -- information that is only associated with mobile phones.
“It’s not simply the ability to go to the court and order some vendor to give you more records, but you have to make sure that the [agency’s collection system] is prepared and ready to take the data and meet all the requirements of the court,” the former official said. “You don’t want to turn it on and get hundreds of millions of records, only to find out that you’ve got the moral equivalent of raw sewage spilling into the Chesapeake Bay.”

The process of preparing the system can take months, said the senior U.S. official, adding that mobile calls have different data elements than land-line calls. “That’s a really detailed set of activities where we get sample data in, and we march it through our systems,” the official said. “We do that again and again and again. We put in auditing procedures to make sure it works. So before we turn on that mobility data, we make sure it works. . . . It’s very complex.”

Compounding the challenge, the agency in 2009 struggled with compliance issues, including what a surveillance court found were “daily violations of the minimization procedures set forth in [court] orders” designed to protect Americans’ call records that “could not otherwise have been legally captured in bulk.”

As a result, the NSA’s director, Gen. Keith Alexander, ordered an “end-to-end” review of the program, during which additional compliance incidents were discovered and reported to the court. The process of uncovering problems and fixing them took months, and the same people working to address the compliance problems were the ones who would have to prepare the database to handle more records.
Basically, there have been so many compliance problems that the NSA has had to work overtime to try to fix their systems and prepare for an influx of mobile phone data. The Wall Street Journal version of the report says that part of the problem is the NSA can't figure out how to strip location data from mobile phone data, and because collecting that information might lead to compliance issues, they haven't been able to figure out how to do it without running into more trouble down the road.

But fear not, surveillance state lovers, the NSA is getting ready and its goal is to get back to collecting nearly every phone record from every phone provider. Once the systems are in place, they appear to fully intend to send over some requests to the FISA court to get all those mobile operators to comply as well. One hopes that, this time, with so much more awareness of what's going on, at least one of those mobile operators will fight back.

Either way, this whole thing actually shows just how ridiculous the NSA's claims are that it absolutely needs all this data to keep us safe. The very fact that this report is coming out in both the Washington Post and the Wall Street Journal at nearly the same time suggests a stupid sort of PR attempt on the part of the NSA, which seems to think that after months of insisting they need it all, they can now placate people by saying "well, we really only collect about 20% of the data (though we're hoping to collect it all)." Not only does this actually highlight the widespread compliance problems with this data, it further shows that the argument that somehow collecting it all is necessary to keep us safe is just completely wrong.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: bulk metadata, cell phones, compliance issues, location data, mobile phones, nsa, phone records, section 215, surveillance


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 7 Feb 2014 @ 9:56am

    only 20-30%? I suspect they lie. I bet they get way more but try to play down what they get.

    link to this | view in chronology ]

  • identicon
    anon, 7 Feb 2014 @ 10:03am

    Read more carefully

    Lets wait for the independent audit we have already seen how they twist definitions secretly.

    Also the Post says less than 30% of _call records_ - those have two phone numbers on them so if a person is calling a friend with another carrier they only have to get one of the two call records to know. So at a high level this could be call coverage of 50-60% of calls of Americans.

    Also is this different for calls to businesses are those included or excluded in the information above? Assuming this also does not count calls with American on one end and foreign on the other.

    What about calls they don't know the location of the origination or termination of calls? Are those counted for or against the total?

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Feb 2014 @ 10:04am

    Luckily all terrorists were communicating on the 20% surveillance lines for NSA to stop 54 threats. Now that this top secret sensitive information is out in the open, all of them will switch to Verizon wireless. I suggest that all new customers of Verizon wireless be added to the no-fly list, you know, for national security.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Feb 2014 @ 10:08am

    We need a revolution.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Feb 2014 @ 10:20am

    End the NSA

    Fucking Liars. We have no need for the agency! Cut the funding completely. It's worthless.

    link to this | view in chronology ]

  • icon
    AricTheRed (profile), 7 Feb 2014 @ 10:45am

    I call Security Theatre BULLSHIT!

    • As IF! THE NSA's budget has been BILLIONS of ever-increasingly worthless dollars and they have only been collecting land-line meta-data.

    They got caught in the bathroom stall with the pooch bent over fucking that dog, with Clapper and Alexander holding the tail, waiting their turn, and you expect me to believe they are only collecting LANDLINE data?

    What self-respecting terrorist would even speak aloud within ear(wiretap)shot of a landline?

    How about this for the next big NSA/Pinocchio lie that we want you all to believe:

    "The NSA's section 215 phone meta-data collection program was only collecting less than %30 of Americans calls, because the program was only used for FAX lines."

    Why you ask, because everyone who hates the American police state has seen Eagle Eye, and already knows they can remotely bug you with your camera-phone and mic and vector in a predator with hellfire missiles and blow up the whole wedding party! So fellow jihadists only use land-line FAX machines to coordinate strikes against the Great Satan. My good friend and financial backer Dianne "you're gonn'a love the next whopper you read about in the paper" Feinstein has assured me they are only monitoring cellphones!

    It was the single greatest intelligence victory since the cracking of the enigma machine, and we all have the NSA and all of the other shills in washington to thank for it!


    Hey NSA THANKS FOR KEEPING US SAFE!!!

    assholes

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Feb 2014 @ 10:51am

    Mobile phones are the NSA's bread a butter. It's how they lock Hellfire missiles onto people. I don't believe their statement that they only collect 20% of mobile phone metadata and message content.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Feb 2014 @ 10:52am

    30% of the world

    Here is how you minimize the call data.... 30% of the WORLD'S CALL DATA

    link to this | view in chronology ]

  • icon
    pixelpusher220 (profile), 7 Feb 2014 @ 11:10am

    NSA Time Machine

    "if production of the information were to wait until the specific identifier connected to an international terrorist group were determined, most of the historical connections (the entire purpose of this authorization) would be lost"

    Well yes, you don't to go back in time and find out what someone you just met today did last year.

    And even this is ridiculous since the phone companies keep records for a significant amount of time themselves.

    Wish I could start a phone company that expressly DIDN'T log anything. It certainly 'could' to comply with legal requests, but by default nothing is logged. sigh.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Feb 2014 @ 12:08pm

    To date, there has been nothing the NSA has put out you can believe. Everything is a lie. It now plays against them when they really need it. This can not be believed simply because of it's source.

    Landlines are obsolete and people are dropping it with the exception of older folk who haven't changed. It's gotten such a small figure of the population that AT&T has requested that the FCC let them drop service.

    So from that, the NSA is trying to say that all their terrorist concerns are from the elderly who are a diminishing part of the population as the years go by.

    This is nothing more than BS hoping to fool and calm the public who are pushing for things to change. They are again afraid of losing their precious.

    link to this | view in chronology ]

  • identicon
    David, 7 Feb 2014 @ 12:11pm

    Only 20%? No wonder they failed to stop Boston.

    If they had been able to get 100% of the call records, they would have been able to listen to the Russian intelligence agency telling them that those Usbekistans were up to no good.

    With 20%, can you wonder that they failed to listen?

    link to this | view in chronology ]

  • icon
    Charles (profile), 7 Feb 2014 @ 1:35pm

    As my good friend Gollum said about the NSA

    Liarsies, liarsies,
    Pantsies on firesies.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Feb 2014 @ 3:41pm

    Way to have an explanation worse then the thing that needs explaining.

    So you DONT have access to all our date, but you DO want access to our data, oh yeah, because THATS not the thing i was not most worried about /s

    Assuming you've "decided" to tell the truth this time, i dont want you to unwittingly strain yourselves over such a small thing like the truth or anything

    link to this | view in chronology ]

  • identicon
    Anonymous, 7 Feb 2014 @ 5:34pm

    Well, thank goodness it's only 20% or less. I feel so much better now. Now if you'll excuse me, I have a bridge to buy, and they're only selling one per customer.

    link to this | view in chronology ]

  • identicon
    Martin Brody, 7 Feb 2014 @ 10:01pm

    You're gonna need a bigger Bluffsdale.

    link to this | view in chronology ]

  • identicon
    Ellen, 8 Feb 2014 @ 12:21am

    0.5 % supervision is sufficient to control a fascist slave state

    So 20 percent is 40 times overkill

    link to this | view in chronology ]

  • icon
    btrussell (profile), 8 Feb 2014 @ 7:55am

    At some point after looking through a haystack for a needle, you have to ask yourself, "Is it really worth ruining all that hay for one needle?"

    A reasonable person accepts the loss, a lunatic doubles down.

    link to this | view in chronology ]

    • icon
      btrussell (profile), 8 Feb 2014 @ 9:01am

      Re:

      Need to edit this:
      At some point after looking through a haystack for a needle, you have to ask yourself, "Is it really worth ruining all that hay for one needle?"

      A reasonable person accepts the loss.

      link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.