Latest NSA Leak: Rules On How They Use Data Without A Warrant
from the wow dept
Glenn Greenwald had promised that there were more incredible leaks concerning the NSA to come, and here’s the first big one. Greenwald has revealed the NSA’s rules that show the procedures for targeting non-US persons, and also how they “minimize” data collected on US persons when dealing with the “bulk” data records collection they do, such as with all of the data around every phone call made. These are two key parts to the NSA’s insistence that they’re staying within the law and not spying on people in the US. The details here, however, suggest a very different story. The FISA court has signed off on these rules that appear to grant incredibly wide latitude for the NSA to make use of data, rather than really “minimize” its usage. While President Obama and others have insisted that the rules make sure that the NSA really isn’t collecting data on Americans, the reality shows that FISC approved rules let the NSA:
- Keep data that could potentially contain details of US persons for up to five years;
- Retain and make use of “inadvertently acquired” domestic communications if they contain usable intelligence, information on criminal activity, threat of harm to people or property, are encrypted, or are believed to contain any information relevant to cybersecurity;
- Preserve “foreign intelligence information” contained within attorney-client communications;
- Access the content of communications gathered from “U.S. based machine[s]” or phone numbers in order to establish if targets are located in the US, for the purposes of ceasing further surveillance.
The report from Greenwald also reveals that orders he has seen from the FISA court concerning broad data collection do not appear to include details or explanations, other than your basic rubber stamp that FISC says it’s okay.
One such warrant seen by the Guardian shows that they do not contain detailed legal rulings or explanation. Instead, the one-paragraph order, signed by a Fisa court judge in 2010, declares that the procedures submitted by the attorney general on behalf of the NSA are consistent with US law and the fourth amendment.
But since those procedures have now been leaked, we can see that they’re not very carefully targeted at all. If the NSA doesn’t know where someone is located, it can assume the person is foreign:
In the absence of specific information regarding whether a target is a United States person, a person reasonably believed to be located outside the United States or whose location is not known will be presumed to be a non-United States person unless such person can be positively identified as a United States person.
That part about how the NSA can still keep data on US persons if they believe the data contains “evidence of a crime,” “technical data base information” or “information pertaining to a threat of serious harm to life or property” obviously give the NSA incredible powers to — contrary to what they’ve stated publicly — retain all sorts of info on Americans.
Once we and others have had a chance to dig deeper through these, I’m sure we’ll have more to say, but for now, it appears that, once again, the NSA and its defenders were less than fully forthcoming about how the NSA uses the data it collects and how it makes sure that Americans aren’t targeted.