U.S. Outlines N.S.A.’s Culling of Data for All Domestic Calls
WASHINGTON — The Obama administration on Wednesday released formerly classified documents outlining a once-secret program of theNational Security Agency that is collecting records of all domestic phone calls in the United States, as a newly leaked N.S.A. document surfaced showing how the agency spies on Web browsing and other Internet activity abroad.
Together, the new round of disclosures shed even more light on the scope of the United States government’s secret surveillance programs, which have been dragged into public view and debate by leaks from the former N.S.A. contractor Edward J. Snowden.
The Office of the Director of National Intelligence released the newly declassified documents related to the domestic phone logging program at the start of a Senate Judiciary Committee hearing on the topic. Simultaneously, The Guardian published a still-classified 32-pagepresentation leaked by Mr. Snowden that describes the N.S.A.'s XKeyscore program, which mines Internet browsing information that the agency is apparently vacuuming up at 150 network sites around the world.
The documents released by the government, meanwhile, include an April ruling by the Foreign Intelligence Surveillance Court that supported a secondary order — also leaked by Mr. Snowden — requiring a Verizon subsidiary to turn over all of its customers’ phone logs for a three-month period.
It said the government may access the logs only when an executive branch official determines that there are “facts giving rise to a reasonable, articulable suspicion” that the number searched is associated with terrorism.
The releases also included two formerly classified briefing papers to Congress from 2009 and 2011, when the provision of the Patriot Act that the court relied on to issue that order was up for reauthorization. The papers outlined the bulk collection of “metadata” logging all domestic phone calls and e-mails of Americans and are portrayed as an “early warning system” that allowed the government to quickly see who was linked to a terrorism suspect.
“Both of these programs operate on a very large scale,” the 2011 briefing paper said, followed by something that is redacted, and then: “However, as described below, only a tiny fraction of such records are ever viewed by N.S.A. intelligence analysts.”
Both programs traced back to the surveillance efforts the Bush administration secretly started after the terrorist attacks of Sept. 11, 2001, and which initially operated outside statutory authority or court oversight. The Bush administration later obtained orders from the Foreign Intelligence Surveillance Court to continue them.
The Obama administration has said it shut down the program that collected e-mail “metadata” in 2011, but it is not clear whether such collection has continued under a different program.
The newly disclosed XKeyscore presentation focuses in particular on Internet activities, including chats and Web site browsing activities, as intelligence analysts search for terrorist cells by looking at “anomalous events” like who is using encryption in Iran or “searching the web for suspicious stuff.”
In contrast to the domestic-call tracking program, the example cited in the XKeyscore presentation — which said it had generated intelligence that resulted in the capture of more than 300 terrorists — appeared to be focused on overseas activity.
A map showed 150 network sites around the world at which the N.S.A. is collecting that information; it is not clear whether the governments in those places are aware of the spying.
The volume of data is so vast that most of it is stored for only three days, the presentation said, although “metadata” — information showing log-ins and server activity, but not content — is stored for a month.
Several of the pages on the presentation were redacted by The Guardian.
But the presentation shows that while much of the focus from Mr. Snowden’s revelations so far has been on communications — whether calls or e-mails — that are linked, directly or indirectly, to a known suspect, the N.S.A. is also collecting and searching through massive amounts of Web-browsing activity.
“A large amount of time spent on the Web is performing actions that are anonymous,” the presentation explains, saying that the XKeyscore system can extract and store retrospective activity from “raw unselected bulk traffic.”
One example of how analysts might use the system is to search for whenever someone has started up a “virtual private network” in a particular country of interest; VPNs are pipelines that add greater security to online communications. N.S.A. analysts are able to use the system to extract the activity retrospectively from “raw unselected bulk traffic” and then decrypt it to “discover the users.”
It also cited using the system to locate a target who speaks German but is known to be in Pakistan by looking for German-language Internet activity in that country, or to uncover where and by whom a Microsoft Word document was created that had passed through several users’ hands.
Yet another slide said: “My target uses Google Maps to scope target locations — can I use this information to determine his e-mail address? What about the Web searches — do any stand out and look suspicious?”
At the start of Wednesday’s hearing, the chairman of the Senate Judiciary Committee, Senator Patrick J. Leahy, Democrat of Vermont, expressed deep skepticism about the domestic phone records program. He criticized intelligence officials and defenders of the program for misleadingly saying it helped prevent 54 terrorist events, a number that conflates the usefulness of N.S.A. surveillance activities targeted at noncitizens abroad with the usefulness of the database of Americans’ phone calls.
A classified list of “terrorist events” that N.S.A. surveillance helped to prevent, he said, “simply does not reflect dozens or even several terrorist plots” that the domestic call log program “helped thwart or prevent, let alone 54, as some have suggested.”
Citing the “massive privacy implications” of the program, Mr. Leahy said: “If this program is not effective it has to end. So far I’m not convinced by what I’ve seen.”
But Senator Dianne Feinstein, the chairwoman of the Senate Intelligence Committee who is also on the judiciary panel, said that while the program could be changed with greater restrictions and safeguards, it should be preserved because it would place the nation “in jeopardy” to eliminate it.
Robert Litt, the top lawyer in the Office of the Director of National Intelligence, testified that the Obama administration was also “open to re-evaluating this program” to create greater public confidence that it protects privacy while “preserving the essence of the program.”
Last week, the House of Representatives voted narrowly to defeat an amendment to shut down the N.S.A.'s domestic phone record tracking program. The 217-to-205 vote was far closer than expected and came as members of both parties defied their leadership to oppose continuing the domestic call logging program, suggesting that momentum against it was building.
Before Mr. Snowden’s leaks made clear what the government was doing with the Patriot Act program, several senators on the Intelligence Committee had made cryptic warnings that it was interpreting the law in a twisted way to do something alarming and made reference to the2011 briefing paper. The New York Times filed a lawsuit under the Freedom of Information Act to obtain that document.
The lawsuit contended that the abstract legal analysis outlining what the government believed the Patriot Act meant could not be withheld from the public as properly classified and should be released, even if the passages detailing the program that relied upon that interpretation were redacted.
The Obama administration had argued that it could withhold that document entirely, and in May 2012 a Federal District Court judge, William H. Pauley III, agreed to dismiss the lawsuit after reading the briefing paper, finding that the details of the classified program were “inextricably intertwined” with the rest, so releasing it in redacted form was “neither feasible nor warranted.”
The newly declassified documents about the call logging program do not go into great detail about the legal analysis on which it is based. The court’s order was rooted in a surveillance law that allows the F.B.I. to obtain records that are “relevant” to an investigation.
A key question has been how the judges justified stretching that term to encompass collecting records of all calls. Government officials have explained that a subset of those calls will later turn out to be relevant when analyzing who has links to a suspected terrorist.
By putting them all into a single database, the N.S.A. can preserve the records for later analysis for up to five years; look at circles of callers up to three “hops” removed from the target, even if they are subscribers to different phone companies; and search for patterns that may indicate that a suspect is trying to hide his communications, like cycling through throwaway “burner” phones from different providers.
Mr. Leahy asked whether by the same legal logic, the government could not obtain “virtually all available commercial data” like a comprehensive database of all Americans’ credit card records, Web site visits, medical records, or firearms. As an example, he asked whether the government would be justified in collecting records of all purchases in case someone was buying precursors to a bomb.
James Cole, the deputy attorney general, emphasized that the court had found the phone logs all to be relevant, and so lawfully collectable only “in the context of the restrictions and in the context of what it is you’re looking for.” Other kinds of records in a different context might not meet that same criteria, he said.
“We’re not collecting all their phone records so that we can wander through them,” Mr. Cole said. “The phone records are being done to look at the connections. If somebody’s buying things that could be used to make bombs, of course we would like to know that. But we may not need to do it in this fashion.”
Senator Charles Grassley of Iowa, the ranking Republican on the panel, also expressed skepticism about that theory. He asked how the calling records of innocent Americans could be considered relevant.
Mr. Litt explained: “It’s a well-accepted concept that if you need to get a large group of records in order to find a smaller group of records that actually provides the information you need to move forward, that the larger group of records can be relevant.”
But Mr. Grassley pressed on, asking whether there was any legal precedent to support such a broad conception of “relevance.”
Mr. Cole replied that judges on the Foreign Intelligence Surveillance Court had now signed off on the program 34 times because the orders have to be renewed every three months, and each was such a precedent.
“The legal precedent comes from the history of all the orders that have been issued,” he said.