Dutch Ruppersberger Proposes Replacing Bulk Metadata Collections With Targeted Pen Register Searches

from the time-for-the-NSA-to-get-out-of-the-bulk-collection-business dept

Thu, Mar 13th 2014 2:53pm — Tim Cushing

One of the ranking members of the House Intelligence Committee has just handed down a rather sensible proposal that would take the "bulk" out of "bulk collection" and allow the records to remain at telcos rather than being stored by the NSA or another third party. (Hint: it's not Mike Rogers.)

The suggestion runs as follows:

The concept, which Rep. C.A. Dutch Ruppersberger (D-Md.) said he is still refining, would require court review of numbers that the phone companies are asked to search against. But it would not call for a requirement that companies hold data longer than they do now…

Details would have to be worked out, but, he said, the idea would be to send suspect numbers, which a court has deemed to meet the standard, to all phone companies. They would search daily against this list and send back to the NSA any numbers that hit up against the list.

Ruppersberger's proposal (which he says has sprung out of "serious discussions" with Rep. Rogers) retains the RAS (Reasonable Articulable Suspicion) stipulation that currently governs the NSA's searches of the stored metadata, but it does loosen other restraints -- namely, that the searches be constrained to targets of "authorized investigations" and "agents of foreign powers."

If this sounds all too familiar, there's a reason for that.

Some analysts say that what Ruppersberger appears to be proposing looks very similar to existing authority under the “pen register” provision of the Foreign Intelligence Surveillance Act. That provision enables the government to order a phone company to send back in real-time “dialing” information, such as phone numbers, if the government can show the information sought would be “relevant to an ongoing investigation to protect against international terrorism” or espionage.

This pen register concept was thoroughly bastardized by FISC judge Colleen Kollar-Kotelly in 2004 to give the agency permission to use an open-ended (but targeted) surveillance technique as a way to grab every phone record from telcos in three-month chunks (granted in perpetuity by the FISA court).

But the pen register statute hasn't been written off the books. It still exists and is, in fact, still used occasionally by the NSA, which prompts the following question: why bother introducing new legislation and new guidelines? Why not just make the NSA adhere to the existing statute (albeit one not so thoroughly distended by a previous FISA court decision)?

“So the natural way to solve this problem is not by creating a new authority, but by taking the existing authority designed for exactly this purpose, and narrowing it so it can’t be again used for bulk collection,” said Julian Sanchez, a fellow at the CATO Institute and surveillance expert.

The problem with new laws is that it adds to the number of exploitable tools the NSA can use. As noted above, this eliminates some of the limits governing the bulk records collection. While arguably better than the unlimited metadata harvesting the NSA has done for most of the last decade, the public would be better served by simply requiring the agency to follow existing pen register statutes, provided, of course, the FISA court restores the definition back to its original form.

It is good to see another legislator pushing the NSA back towards targeted surveillance, something it increasingly abandoned in the wake of the PATRIOT Act, especially one that has the misfortune of working closely with Rep. Mike Rogers.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: bulk data collection, dutch ruppersberger, nsa, pen register, section 215, surveillance

18 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Getting aggravated, 13 Mar 2014 @ 3:12pm

Techdirt site becoming unusable
For you gentlemensies and ladies of the technical support persuasion, the following message is making the site almost unusable.

A script on this page may be busy, or it may have stopped responding. You can stop the script now, or you can continue to see if the script will complete.

The variations in problem js code being flagged are as follows:

Script: http://ws.sharethis.com/button/buttons.js:1

Script: http://a.postrelease.com/serve/load.js?async=true:1

I suggest that this be investigated, it may be affecting a number of us from the antipodes and nether regions of the third rock.
[ link to this | view in chronology ]
- fairuse (profile), 13 Mar 2014 @ 3:29pm
  
  Re: Techdirt site becoming unusable
  Dear Aggravated,
  Are you using Firefox with a load of tuner extensions that may be getting in each others way? Maybe you are using Chrome with some god awful plugin waiting on a status that will never happen? i do not know therefore the folks who can fix things need that kind of info from you.
  
  I have never had that problem using Safari and Chrome. Turn off "stuff" till the browser is factory clean and see what happens.
  
  Trying to help :-)
  [ link to this | view in chronology ]
  - Getting aggravated, 13 Mar 2014 @ 4:37pm
    
    Re: Re: Techdirt site becoming unusable
    The problem has only been in the last two days and the only site that is affected is Techdirt. I have 21 system updates available (using Centos 6.5 and Firefox 24.3.0).
    
    No updates to my extensions or plugins, no user scripts configured. The problem seems to be with some of the offsite scripts being run, the same two ones. It may be related to the fact of not being in the northern hemi.
    
    Thanks for the suggestions. I have actually avoided Chrome after one awful experience with it on another machine.
    
    One can only hope that the problem is fixed soon.
    [ link to this | view in chronology ]
    - fairuse (profile), 13 Mar 2014 @ 8:43pm
      
      Re: Re: Re: Techdirt site becoming unusable
      Understood. Hope it is resolved easily. NoScript is good stuff for zapping, IMHO, silly things sharethis. Disclaimer: I am anti-mouseover widget guy; hate that stuff.
      [ link to this | view in chronology ]
  - Lurker Keith, 13 Mar 2014 @ 8:54pm
    
    Re: Re: Techdirt site becoming unusable
    I had some excessive loading just now (I just hit [esc] to stop it), & the only Chrome extensions I'm using are a search ranker from my AV (that shouldn't even be triggered here) & an AdBlocker; both have been running for a little while, & I just noticed this loading issue today.
    
    My system should be up-to-date, since there were updates just a day or two ago.
    
    I have noticed that once in a while, Techdirt will implement some kind of change (often a change to that pop-up thing I don't like, which is currently missing -- sometime the AdBlocker catches it, sometimes it doesn't, I think), & similar loading issues follow.
    [ link to this | view in chronology ]
- pixelpusher220 (profile), 13 Mar 2014 @ 4:07pm
  
  Re: Techdirt site becoming unusable
  I suggest you use NoScript which can block all scripts by default. I then enable them one by one (once!) until the site performs acceptably.
  
  ShareThis and PostRelase aren't allowed to run for me (on Firefox ) :)
  [ link to this | view in chronology ]
  - Getting aggravated, 14 Mar 2014 @ 12:51am
    
    Re: Re: Techdirt site becoming unusable
    Just out in noscript and allowing only techdirt.com, problem neatly has gone away. Thanks for the reminder about noscript.
    [ link to this | view in chronology ]
fairuse (profile), 13 Mar 2014 @ 3:33pm

Dutch probably emailed the district.
Checking e-mail to see if one of his wordy updates is there. Ruppersberger is a straight up guy but was when he was county exec. Humm.
[ link to this | view in chronology ]
Votre (profile), 13 Mar 2014 @ 3:37pm

Different 'flavors' of vanilla ice cream (i.e. French, Creamery, Natural, Golden, Home Style) are still just vanilla ice cream.
[ link to this | view in chronology ]
- pixelpusher220 (profile), 13 Mar 2014 @ 4:09pm
  
  Re:
  Exactly, there are still 'searches' being done against 'everybody' which is the main problem.
  
  Maybe you could call this a small step forward but a pen-register isn't a 'search against' (the Rep's actual words), it's a list of who called/was called by a specific number. It's a, wait for it, register (or log) of activity. Not a search against EVERYTHING.
  [ link to this | view in chronology ]
  - fairuse (profile), 13 Mar 2014 @ 8:49pm
    
    Re: Re:
    It looks like, but is not like, slowing down bulk data grab? I get the part about the register but something is missing in good 'ol dutch's layout.
    
    I'll wait for the popup coloring book version.
    [ link to this | view in chronology ]
Anonymous Coward, 13 Mar 2014 @ 5:22pm

Why are there only suggestions coming from officials about reigning in the phone record metadata collections?

Also techdirt site has been freezing up firefox (no extensions) for me over the last 2 days as well on 2 different systems.
[ link to this | view in chronology ]
Lurker Keith, 13 Mar 2014 @ 8:57pm

That's possible?
One of the ranking members of the House Intelligence Committee has just handed down a rather sensible proposal

Congresspeople can manage sensible proposals? Who knew?
[ link to this | view in chronology ]
- That One Guy (profile), 13 Mar 2014 @ 11:27pm
  
  Re: That's possible?
  I believe there's a fitting statement for that, something about even broken clocks being right occasionally.
  [ link to this | view in chronology ]
That One Guy (profile), 14 Mar 2014 @ 12:10am

A rather important question:
...which a court has deemed to meet the standard, to all phone companies...

Which court is the question. If it's the FISA 'court', then they could, almost literally, have a request for 'Every single number in the US. Because national security. And terrorism.' and the only thing that would slow the FISA 'court' down would be finding the 'Approved' stamp.
[ link to this | view in chronology ]
- John Fenderson (profile), 14 Mar 2014 @ 8:53am
  
  Re: A rather important question:
  The FISC, in my view, doesn't actually count as a legitimate court.
  [ link to this | view in chronology ]
Ninja (profile), 14 Mar 2014 @ 4:01am

and allow the records to remain at telcos rather than being stored by the NSA or another third party

This is still an issue. The amount of time that data must be stored has to be very carefully discussed.
[ link to this | view in chronology ]
Donglebert The Needlessly Unready, 14 Mar 2014 @ 4:29am

erm...
is Dutch Ruppersberger a name or a description?
What's next? Rijks Waterstaat?
[ link to this | view in chronology ]