NSA Memo Shows Unlimited Access To Bulk Records Unnecessary To Keep US Safe From Terrorists

from the but,-of-course,-the-program-must-not-be-restricted-in-any-way dept

The DNI's recent document dump has sprung loose an April 2009 "notification memorandum" from the NSA, which provides updates on its "end-to-end" reviews of both the Section 215 (phone metadata) and the Section 402 (email metadata) bulk records collections. As was noted in earlier posts, both programs were suspended by the FISA court because of the NSA's routine abuse FISA Act limitations.

The declassified document is addressed to the Senate Select Committee on Intelligence (SSCI). There's no indication this information was also disseminated to the House Intelligence Committee, but perhaps that will surface in the future. The memo spends a few introductory paragraphs detailing the efforts the NSA has made to clean up its act before delving into more interesting details -- including the limitations placed on the Section 215 collection by the Judge Walton, as well as a new problem it uncovered during its 60-day "end-to-end" reviews.

Here are the rules the NSA was forced to comply with under Walton's court order.

Since the March 5, 2009 FISA Court order, the Court's approval has been required for each selector before it is tasked for BR FISA metadata analysis. On Mar 21 NSA resumed manual access to BR FISA metadata, allowing chaining [redacted] of FISA Court-approved selectors associated with [redacted] following multiple operational and technical reviews to ensure compliance.
This explains ODNI counsel Robert Litt's hesitancy to store metadata at a "neutral site." To do so would mean returning to 2009's restrictions -- which were brought on by the agency's own malfeasance. Utilizing a neutral site would likely mean the FISA court would be approving selectors rather than granting permission for rolling, 90-day collections of all phone records.

Also of note is how few court-approved selectors there were at that point.
A limited number of NSA analysts are now performing manual queries against 209 FISA Court-approved high-priority selectors daily…
Once again, hauling in millions of phone records seems like overkill. Since the agency has had (serious) trouble with adhering to the RAS (reasonable articulable suspicion) requirement, it would make more sense to return to this limitation if the Section 215 program is to remain running. With two bulk data programs suspended or significantly altered between 2009-2010, the US still somehow managed to avoid being overrun with terrorist attacks. If the program can't be eliminated, at the very least, it should return to this more minimal standard -- seeking court approval for RAS-compliant selectors and searching offsite, rather than simply amassing millions of non-relevant phone records.

Further down, more incidents of data abuse/misuse are detailed, this time at the hands of other agencies which were given access to the metadata collections
[Redacted; presumably includes a start date] NSA and DIA entered into a pilot program which allowed the DlA's Joint Intelligence Task Force - Combating Terrorism (JITF-CT) access to counterterrorism-related SIGINT information, including SIGINT collected pursuant to the Foreign Intelligence Surveillance Court's (FISC) [redacted] . Access to this FISA data was controlled and was limited to JITF-CT who had undergone training on the application of NSA minimization procedures to the FISA data and who were subject to NSA oversight of their activities. Moreover, these personnel were required to coordinate with NSA regarding dissemination of the information outside of JITF-CT.
The NSA made these Task Force members "employees" in order to grant them the privileges needed to access the metadata collection in its unminimized form. While conducting a review of its systems in 2008, the NSA found that one database (name redacted in memo) "lacked sufficient controls." The database was shut down and resurrected with "correct" controls implemented. Unfortunately, it was this "uncontrolled" database that its new honorary employees had access to. The NSA revoked Task Force members' access to the databases but was unable to determine explicitly whether any sort of unauthorized access had occurred.

Instead of presenting a possible worst-case scenario, the agency memo delivers this powerful statement of (misplaced) faith.
[A sentence and half worth of redacted text] there is no way to determine whether, in fact, JITF-CT analysts accessed it without authorization. However, even if such access occurred, the analysts were trained in routine minimization procedures and were required to coordinate with NSA regarding dissemination of information outside JITF-CT…
Of course. Because the training and minimization procedures have always prevented actual NSA employees from abusing the bulk records collections.

This isn't the only case of problematic shared access. Another agency is discussed in a heavily-redacted paragraph. This unnamed agency was given access to unminimized X-KEYSCORE SIGINT data. Among the other unredacted sentences is one stating that this access is "predicated" on the principle that "collaboration is essential" to prevent terrorist attacks. Whichever agency is not being named here doesn't seem to have held up its end of the bargain, which resulted in the (perhaps temporary) suspension of its access to the data.
On review of this access NSA is considering whether allowing this [redacted] access to unminimized SIGINT collection fully complies with NSA procedures.
Whether or not that access has been returned is still open for debate considering the agency's name has been hidden away under the black and turquoise [!?] ink. What isn't open to debate is the fact that the NSA continues to struggle with handling its data collections responsibly. As more documents are pried loose thanks to the ACLU and EFF's efforts, I'm sure we'll see even more evidence that the agency isn't nearly as careful as its defenders assert it is.



Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 8:55am

    has taken long for this pearl of wisdom to come out, has it? everyone knew this. the security services knew it, but whoever the Fascist arse hole is that is forcing it to be done, not just here but in almost every so-called democratic country as well, whether friend or foe, just wants to be able to carry on doing it. it has nothing to do with terrorism! it is all about trying to ensure that certain laws that will be of benefit to certain countries and certain industries, can go through and that anyone trying to organise resistance and marches against governments can be identified, arrested (probably in the dead of night, as in Nazi Germany) so as to put the fear of Christ up them! it makes me wonder if the relatives of those that were taken to countries like the USA and UK have started a new movement, to try to finish what Hitler started! why else would every country be trying to stifle everything that would benefit the people and promote everything that will benefit industries and be detrimental to the people?

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 9:11am

    I think I hear Mike Rogers yelling about something....
    That's probably a good thing.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 10:22am

    Re:

    yeah, it's frightening really. As I see it there has to be an end game in mind here - but it's secret, right? cause, that's they way it rolls.

    A) They're doing it because they can
    B) Chaos is about to be created by ruling elites and nature and it needs to be controlled/policed
    C) it's all about future and present manipulation of populations into accepting a reality they will surely otherwise disagree with
    D) All of the above

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    GEMont, Nov 21st, 2013 @ 2:25pm

    A call to genius

    When it was leaked that the military had developed a program that could determine truth from falsehood of videotaped speakers, it was quickly buried under a ton of denials. Such technology in the hands of the public would have ended the ability of politicians to effectively lie to the public via television.

    What the world needs now, is a technology that can determine what text lies beneath the "redaction ink".

    Considering how many of these censored docs are floating around today, an entire encyclopedia of hidden reality could be composed for the benefit of mankind and the detriment of the criminals that now form the bulk of government rosters.

    A Best Seller indeed.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    GEMont, Nov 21st, 2013 @ 5:08pm

    Just a thought on where we're heading... again

    I could be wrong of course, but methinks it goes like this:

    Society is based on wealth, so certain members of society do whatever they can to gather wealth for themselves, because the greater the wealth possessed, the greater the freedom to get away with doing things that the law prevents poorer people from doing and the greater the chance of survival for self and family should some unforseen event take place.

    Eventually, there is a larger and larger number of people; ruthless, self-oriented, opportunists, willing to do whatever it takes - murder, theft, coercion, deception - to get rich, who gravitate towards one another and tend to hang out together for mutual safety and to reinforce the belief that they are the chosen, as proven by their wealth.

    These people, realizing they have a combined ability to shape the future through bribery, coercion and misinformation, bend the laws of the land to their own purpose; eliminating all laws that limit their ability to make greater wealth for themselves at the expense of their fellow citizens.

    This group eventually sees Fascism as the greatest of all boons to the wealthy as it provides a slave labor force that means the elimination of wages for workers, increasing profits manyfold. They turn war into a business venture, both for the aquisition of slave labor and free raw materials. Fascism allows them to commit crimes in broad daylight and simply rewrite the events for public dissemination, without concern for violation of law or public dissent.

    The "public" fails to condemn these wealthy "lords" and their criminal activities, because it believes there is a chance it can someday join their ranks and enjoy the royal privileges available to the wealthy. So it simply pretends the problem is caused by some other force and carries on blindly to the end.

    Since there is no concept of "enough wealth", the more money and power the rich get, the more they want, and eventually the rich citizens drain the poorer and poorer public of its last dollar and create conditions for massive public revolt, external foreign take-over, or simple national collapse, as the only way remaining to them to gather more wealth is by waging war on the wealthy of other nations, or on each other.

    At this point, regardless of the outcome, the wealthy escape the broken nation - fleeing to some less fascist poor nation where they can hide out till the storm blows over and still live like kings.

    And here they will repeat the procedures above till this nation too falls into chaos and crumbles.

    This is why there are so many ruins scattered about the surface of the earth, from so many failed social structures.

    It is a cycle we cannot break free of because it is the only one we have ever known and the one that offers life as a god among peasants to any who are willing to do what is needed to get ahead. Sadly this very criteria destines the society to fail because only the least human, most ruthless and uncaring of people can possibly rise to the top of the society order.

    C'est la vie eh.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This