The Email Collection The NSA Shut Down Has Been Abused For Years
from the and-it's-only-part-of-a-larger-collection dept
As was noted here earlier, the NSA surprised many people by shutting down its email collection. This collection was authorized by the FISA Amendments Act, which is due for renewal at the end of this year. Since the point the collection began, it was clear the NSA was also harvesting (inadvertently, it said) US persons' communications.
Ron Wyden, along with a few other lawmakers, has been asking the NSA for years to turn over information on this program -- specifically, how many US persons had been swept up "incidentally" in the bulk collection. For years, the NSA has refused to do so, claiming it would be impossible to compile this information and, somewhat hilariously, claiming it would violate the privacy of those swept up in the collection to query the database for incidental collections.
This decision to shut down the program may result in that answer never being given to Wyden. The ODNI (Office of the Director of National Intelligence) may decide the shutdown renders this particular query moot. It shouldn't. Now that the email program has been shut down EXPLICITLY because it sweeps up too many US persons' in the dragnet, the answer is more important than ever. And the ODNI has recently (and very belatedly) promised to deliver this number and should keep that promise even though the program has been shut down. Not only that, but this shutdown only affects the collection of email. It doesn't prevent the NSA from collecting other internet-based communications. With fewer people using email as their primary communication method, the NSA will still have plenty of communications to harvest.
There's another good reason for turning over that number: the Section 702 collection has been plagued with problems pretty much since its inception. The FISA court determined in 2011 that the program -- as operated by the NSA -- was unconstitutional. Apparently some fixes were made as the program was allowed to continue. But as Marcy Wheeler pointed out a year ago, the program has never not been violating the Foreign Intelligence Surveillance Act.
In his November 6, 2015 opinion reauthorizing Section 702, presiding judge Thomas Hogan described two more definite violations of 50 U.S.C. §1809(a)(2), and one potential one, bringing the list of times the FISC caught NSA illegally surveilling Americans to four, and potentially five, times.
Fall 2009 confession/July 2010 opinion: Collection of categories of data under the bulk PRTT program not permitted by the FISC (Bates’ opinion describes a category violation reported to FISC in the very first PRTT docket, along with NSA’s assurances it would never happen again)
June 2010 confession/December 10 2010, May 13, 2011 opinions: Retention of overcollected data from a traditional FISA warrant in mission management systems ultimately not deemed necessary for collection avoidance
May 2011 confession/October 3, 2011 opinion: Collection of entirely domestic communications on upstream surveillance MCTs
July 13, 2015 confession/November 6, 2015 opinion: Retention of 702 communications that had been otherwise purged in mission management systems, even though FISC had ruled against such retention in 2011
[Potential] July 13, 2015 confession/November 6, 2015 opinion: Retention of data that should have been purged or aged off in compliance databases
This is the authority the NSA wants approved at the end of the year. This shutdown might be an attempt to finally make the program legal -- or at least legal enough to survive a closer examination as the issue heads towards a vote.
This shutdown -- along with the NSA's long history of abuse -- also explains why there were no Section 702 approvals from the FISA court. As Wheeler suggested when the information was first released, the lack of approvals in 2016 indicated the program had "serious issues." Her post from last year shows the program has always had "serious issues." The number of requests the government made in 2016 was redacted from the report, but the footnote attached to it suggests it was more than one.
Perhaps the court no longer found the program Constitutional, at least not the way the NSA routinely operated it. While incidental collection is always a problem with bulk surveillance, the internal controls, which NSA talking points claim prevent abuse, apparently aren't controlling much or preventing much. It appears the NSA can't find a way to operate this part of the Section 702 program without collecting (and querying) US persons' communications, so it has decided to shut it down, rather than spend any more time and effort trying to talk the FISA court into approving its ritualistic abuse.
Despite having years to improve its practices and improve its segregation of collected data, the agency apparently did very little to rein this program in. A 2014 DOJ/ODNI report quoted by Wheeler shows misuse of collected data continued to increase even as the NSA sought orders to collect even more.
The joint oversight team, however, is concerned about the increase in incidents involving improper queries using United States person identifiers, including incidents involving NSA’s querying of Section 702-acquired data in upstream data using United States Person identifiers. Specifically, although section 3(b)(5) of NSA’s Section 702 minimization procedures permits the scanning of media using United States person identifiers, this same section prohibits using United States person identifiers to query Internet communications acquired through NSA’s upstream collection techniques. NSA [redacted] incidents of non-compliance with this subsection of its minimization procedures, many of which involved analysts inadvertently searching upstream collection. For example, [redacted], the NSA analyst conducted approved querying with United States persons identifiers ([long redaction]), but inadvertently forgot to exclude Section 702-acquired upstream data from his query.
This continued abuse and misuse is highly problematic, although the ODNI has been the last entity to officially recognize this. The "upstream" collection not only results in vast amounts of intercepted communications, but is one the FBI's favorite sources for intel. The ODNI denies to this day the FBI's searches of the NSA's collections are "backdoor searches," but it's information and communications the FBI certainly can't collect itself under its legal authorities. The supposedly foreign-facing collection is routinely used by a domestic law enforcement agency to obtain US persons' communications without a warrant. That's a "backdoor" search, no matter how the ODNI portrays it.
No matter what else comes of it, this shutdown is huge. Even though it's a smaller part of a larger internet communications collection program, it's still a significant closure. And once again, this is a result of Snowden's leaks. Wyden's persistent pestering about incidental collection likely played a small part as well. But without documents clearly showing how much the program collected and how it was being used, the NSA would most likely still be trying to find a way to push these requests past the FISA court. And without this additional scrutiny, the court itself might have found itself more easily persuaded.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: 702, about, mass surveillance, nsa, searches, section 702, surveillance
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Remember that time...
I'm sure the NSA wouldn't do that.
/sarc
[ link to this | view in chronology ]
Re: Remember that time...
If I cannot believe the evidence that government agents put forward on CP, why would I believe them when they say they have stopped something? This is nothing more than a lie to the public bench-test to see how many tools believe it and start sending questionable emails.
The government breaks the law so frequently and egregiously they could bust into one of our homes, burn it down and publicly execute someone on the front lawn and no one would give a fuck. However, some politician looking to make a name for themselves over it, might get someone fired.
[ link to this | view in chronology ]
How many times do you have to be lied to before you start calling bullshit?
Stop parroting what NSA (or NYT or WashPo) say as though it's credible.
They are not going to stop reading our emails. They would never do that. At most it is just word games or hiding the program somewhere else.
[ link to this | view in chronology ]
Re: Credibility of the NSA
Techdirt just points out the obvious crap.......
Now, what needs to happen is the US constitution bit about warrants needs to apply worldwide to the CIA and NSA. The constitution doesn't restrict its requirements to US persons or US citizens -- and its time our "intelligence" agencies honored that, indeed, are forced to honor that.
[ link to this | view in chronology ]
Re: Credibility of the NSA
"I seriously doubt anyone at Techdirt thinks the NSA is credible outside of leaks, do you?"
Yes indeed. Techdirt eagerly swallowed this latest NSA deception.
Note in the TD post above:
"No matter what else comes of it, this shutdown is huge."
(...does that sound like TD is at all tentative or skeptical about this NSA announcement... or merely passively 'reporting' some routine Federal news?
No, TD swallows it hook, line, and sinker!)
Any experience professional journalist would immediately be skeptical of the source, text, and circumstances of this latest (alleged) NSA shutdown statement-- but not so with TD, Wyden, or New York Times... they really want to believe it.
It's also obvious that TD is buddy-buddy with Ron Wyden and/or his staffers... and routinely promotes Wyden.
Your belief that "the US constitution bit about warrants needs to apply worldwide to the CIA and NSA" is naive.
CIA/NSA don't obey the Constitution/law now -- how the helll are you gonna make them obey your modified Constitution?
[ link to this | view in chronology ]
Re:
https://en.wikipedia.org/wiki/Contempt_of_Congress
[ link to this | view in chronology ]
Re: Congress Judicial Powers
Nor does Congress have subpoena authority or Contempt-of-Congress authority. These are "Judicial" powers.
Under the Constitution, all Federal "judicial powers" reside solely with the Supreme Court and its lower courts.
Congress simply granted itself these judicial powers-- an outrageous violation of fundamental U.S. law.
No wonder the NSA/CIA/FBI think they can ignore the law -- they are absolutely correct... in the realpolitik of Washington D.C.
[ link to this | view in chronology ]
It was shutdown
[ link to this | view in chronology ]
Wag the dog?
The ODNI is part of the government, which Senate and Congress are supposed to oversee. If they took their role seriously, they could demand full disclore, a set of safeguards against future 'inadvertent' mistakes, and the names of people personally responsible for enforcing them BEFORE granting or extending any further rights to the NSA.
If somebody robbed a bank, people would laugh in their face if their defense was the argument that the incident happened in the past and is longer ongoing. We should do the same with the ODNI.
[ link to this | view in chronology ]
Re: Wag the dog?
https://en.wikipedia.org/wiki/Contempt_of_Congress
[ link to this | view in chronology ]
Re: Re: Wag the dog?
Yea, if only the Electorate took its job seriously...
"Our modern Congress is a bit wary of exercising their full authority,"
I believe you wrong on that. They are just using more suitable tools now. To get contempt of congress you have to get a lot of jerks to agree, all with political biases working on behalf of their political party.
Now if you said politically calculating?
[ link to this | view in chronology ]
Re: Wag the dog?
But Constitutional trivia is so 18th Century....
[ link to this | view in chronology ]
Supoena power
[ link to this | view in chronology ]