NSA Extends Its Streak Of Surveillance Violations To Fourteen Years With Its Latest Announcement
from the let's-hear-it-for-the-good-guys! dept
There isn’t a surveillance program or authority the NSA hasn’t abused and yet it’s still humming along, hoovering up data and communications while mostly useless Congress folks pretend to be in the oversight business. Section 702, the “about” program, Section 215… all of these have received judicial smackdowns and the occasional Congressional nastygram, but the only thing that’s changed is the NSA’s willingness to admit its failures.
Consistent with NSA’s core values of respect for the law, accountability, integrity, and transparency we are making public notice that on May 23, 2018, NSA began deleting all call detail records (CDRs) acquired since 2015 under Title V of the Foreign Intelligence Surveillance Act (FISA).
2015 would be the date the control of phone records shifted back to phone companies and the FISA court began demanding articulable suspicion for specific targets before the NSA could even ask phone companies for records. Prior to that, the NSA had collected phone records from telcos in bulk, using its internal tools to limit itself to targeted searches of compiled haystacks. The USA Freedom Act effectively ended this part of the Section 215 program, forcing the NSA to target first and ask for only records related to its targets.
Apparently, it can’t even do this right.
NSA is deleting the CDRs because several months ago NSA analysts noted technical irregularities in some data received from telecommunications service providers. These irregularities also resulted in the production to NSA of some CDRs that NSA was not authorized to receive. Because it was infeasible to identify and isolate properly produced data, NSA concluded that it should not use any of the CDRs. Consequently, NSA, in consultation with the Department of Justice and the Office of the Director of National Intelligence, decided that the appropriate course of action was to delete all CDRs.
Whatever was broken on the tech end is now apparently fixed. All oversight has been notified and the collection of records (via telcos) will continue. I guess our three-year national nightmare is over and the NSA is finally on the road to recov—
Last year, I did a report that catalogued all the times NSA had violated FISA since the Stellar Wind phone dragnet got moved under FISA in 2004. There were the five different practices deemed violations of 1809(a)(2), which prohibits the use of any data that was illegally collected.
In addition to those, NSA had continued to conduct back door searches of data collected using upstream 702 collection even after John Bates prohibited the practice in 2011.
While Rosemary Collyer (who is the worst presiding FISA Judge ever) didn’t deem that a violation of 1809(a)(2) — meaning NSA didn’t have to segregate and destroy andy data collected improperly — it still violated the minimization procedures that control 702 collection.
So between 2004 and 2016, NSA was always breaking the rules of FISA in one way or another.
And we can now extend that timeline to 2018.
Thanks, Marcy Wheeler, for clearing that up. This is just a continuance of the NSA’s inability to run its programs in a technically-capable manner, much less with an eye on the Constitution. Muted applause for taking this oversight before the few members who give a shit start asking questions, but why aren’t we (and by “we,” I mean the people who could actually do something about it) expecting more from an well-funded agency with vast technical knowledge? Sure, an apology is better than a plausible denial, but it’s been 14 years of failure after failure. Where’s the improvement? Or is national security just one of those things that’s too important to be done properly? We just need to have it done, no matter how many violations occur in the process? I fear that’s how most of the NSA’s oversight actually feels: the ends justify the badly-broken means.