NSA Appears To Be Chaining Calls Using Phone Numbers One Hop Out As New Originating Selectors
from the making-any-hop-limitations-pointless,-at-least-for-Clapper's-chain-gang dept
The ODNI's first transparency report put a lot of not very reassuring numbers on display, misusing the word "target" to give the impression that Section 702's ~90,000 targets were actually limited to 90,000 people, rather than, say, several thousand collection points gathering data and communications from several additional unspecified targets.The ODNI also claimed it couldn't offer specifics on the number of people targeted by the 19,000+ NSLs issued last year, even while pointing to letters sent to Intelligence Committees and members of the administration that attempted to do exactly that. A caveat was appended to the 2013 letters, noting that the FBI's NSL target estimates were probably inflated due to the NSL's limitations and targeting specifications.
But there are further statistical "anomalies" hidden within the transparency report. The section detailing the business records program (aka, Section 501 [formerly Section 215]) listed a small number of targets as well, something entirely at odds with the NSA/FBI's demands for every phone record from certain providers. While there are only a certain number of RAS (reasonable articulable suspicion) approved selectors that can be used by the NSA to search the bulk records, there's apparently a workaround that allows analysts to access many more records within the database.
Marcy Wheeler of emptywheel spotted some wording in the two most recent FISA court orders (released late Friday afternoon) that confirms the agency is using numbers one hop out from the RAS-approved numbers as additional selectors, triggering even more contact chaining.
In that same motion it implemented the change in standard dragnet language that has been retained in these more recent dragnet orders: the NSA is chaining on “connections” as well as actual calls.If it's any consolation, this new chains-upon-chains method apparently can't be performed automatically, most likely due to these automated searches not complying with FISA court limitations (rather than a lack of computing ability). The most recent bulk records orders note that these searches will now always be performed manually.
14 The first “hop” from a seed returns results including all identifiers (and their associated metadata) with a contact and/or connection with the seed. The second “hop” returns results that include all identifiers (and their associated metadata) with a contact and/or connection with an identifier revealed by the first “hop.
Queries of the BR metadata using RAS-approved selection terms for purposes of obtaining foreign intelligence information may occur by manual analyst query only.As Wheeler notes, this wording may also indicate the agency's anticipation of bulk records being maintained and held by service providers, thus further limiting its splashing around in the collected metadata. But it does indicate that the recently-imposed "hop" limitation is nearly useless. Rather than simply searching one hop out from the RAS selector, the agency is having its analysts build contract chains starting from that hop and moving outward. This puts the agency right back where it was prior to the minimal restrictions placed on it by the administration's reform measures.
It's not a strictly legal move, no matter if it's automated or not. Feinstein's fake reform measures would have codified this quasi-legal procedure, as Wheeler points out. Denials offered by NSA officials may have had a slight ring of truth, especially if the automated system wasn't capable of meeting FISC stipulations, but it appears to be all systems go at this point.
Whether Administration witnesses were being deliberately deceitful when testifying about call-based chaining (“not wittingly!”) or the NSA only recently resumed doing connection based chaining manually, having given up on doing it automatically, one thing is clear. The NSA has been doing connection based chaining since at least February, and very few people in Congress know what that means. Nevertheless, they’re about to authorize that formally.What the NSA buries in half-truths, carefully-worded denials and artful retractions always has the chance to become legally sanctioned by efforts like Feinstein's, which seek to codify the NSA's programs and instantly whitewash any past brushes with illegality. The NSA plays to edges of the letter of the law and disregards the spirit. Even its past excesses and deliberate misuse of its powers have failed to keep it down for long. At worst, it's back to its 2008 form, dealing with the same sort of limitations FISC Judge Walton imposed on it after uncovering years of abuse. But it has more contacts to chain than it did previously, thanks to its manual search method, even with reform efforts taking away one of its hops.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: chaining. phone numbers, nsa, selectors, surveillance
Reader Comments
Subscribe: RSS
View by: Time | Thread
If they use a few more hops everybody will be connected to Al Qaeda. It's easy to form links only looking at connections and manufacture possible plots. Stasi used to be pro at it.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
We have always been at war with HobbyLobMart.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Do you want the terrorists to win?
[ link to this | view in chronology ]
Reasonable?
[ link to this | view in chronology ]
Re: Reasonable?
[ link to this | view in chronology ]
Re: Re: Reasonable?
I know most people here don't enjoy the concept, but in the real world this looks like an excellent way to make it harder for criminals to operate, and also to spot potential connections that might not otherwise be evident.
there are plenty of historic reasons why warrants should be needed for every hop.
Not quite as clear, and to be fair, the numbers would get out of hand very rapidly. He calls or is called by 10 people, and they each call 10 people... now you need 100 warrants, each one a page or more long, with justifications, time in front of a judge... You need to hire more agents just to fill out forms. You also know that if there is an original warrant for the first guy, then the rest of the warrants would pretty much be a given - just buried under a sea of needed paperwork that might make agents consider not using the information.
I think it's much better that a warrant is requested if the meta data (numbers called) suggest something that may be relevant to the case. It would have to be tied to an original warranted case, but it seems like a good way to get the job done and not overburden the courts with endless warrant requests.
[ link to this | view in chronology ]
Re: Re: Re: Reasonable?
[ link to this | view in chronology ]
Re: Re: Re: Reasonable?
Second, perhaps is not probable cause unless there is proof she's talking with him about drug dealing itself. I'm calling my relatives in Iran. Since it's Iran perhaps I'm a terrorist so my calls should be tapped. Got my point?
I know most people here don't enjoy the concept, but in the real world this looks like an excellent way to make it harder for criminals to operate, and also to spot potential connections that might not otherwise be evident.
There's no evidence that all the collection has helped in any significant way. But there is PLENTY historical examples of how such power can and will be abused. Your totalitarianism is oozing.
Not quite as clear, and to be fair, the numbers would get out of hand very rapidly. He calls or is called by 10 people, and they each call 10 people... now you need 100 warrants, each one a page or more long, with justifications, time in front of a judge...
So? That's due process. He calls 10 people, 2 of them discuss drugs with him. Get a warrant to check those other 2 and start a proper investigation on them as well. If needed repeat. Properly justified a warrant can be delivered in less than 30 minutes or even less. If the agents don't like to follow the rules then just replace them. That's how it should be, that's how the Constitution works. The constitution itself makes the distinction on people or persons as a mean to encompass all people, not only American citizens in some of the Amendments.
I think it's much better that a warrant is requested if the meta data (numbers called) suggest something that may be relevant to the case.
No, it is not. Metadata alone does not show anything. If the actual content suggests a second person is involved then you go through the judiciary and get the pertinent warrants. As I noted it is neither hard nor it takes a long time as you seem to believe.
It would have to be tied to an original warranted case, but it seems like a good way to get the job done and not overburden the courts with endless warrant requests.
One of the attributions for the courts is upholding Constitutional protections. Granting warrants when it seems fit falls squarely within their attribution.
Caution, your totalitarianism is gushing out like crazy. You are a despicable person.
[ link to this | view in chronology ]
Re: Re: Reasonable?
While I agree the 'searching' must be targeted, applying normal judicial standards might be inappropriate.
Maybe we need new names for 'targets' and 'warrants' to make things clear for them, along with non ambiguous definitions. Of course, they will just redefine those new terms anyway.
[ link to this | view in chronology ]
Re: Re: Re: Reasonable?
My guess is that's not even the worst the data is used for currently. Democrat representative Maxine Waters said shortly after Obama's re-election that: "Obama is building a database like the world has never seen with everything on everyone", and the context was that this data was going to be used to win elections in perpetuity.
[ link to this | view in chronology ]
Re: Re: Re: Re: Reasonable?
[ link to this | view in chronology ]
[ link to this | view in chronology ]