NSA Appears To Be Chaining Calls Using Phone Numbers One Hop Out As New Originating Selectors

from the making-any-hop-limitations-pointless,-at-least-for-Clapper's-chain-gang dept

The ODNI's first transparency report put a lot of not very reassuring numbers on display, misusing the word "target" to give the impression that Section 702's ~90,000 targets were actually limited to 90,000 people, rather than, say, several thousand collection points gathering data and communications from several additional unspecified targets.

The ODNI also claimed it couldn't offer specifics on the number of people targeted by the 19,000+ NSLs issued last year, even while pointing to letters sent to Intelligence Committees and members of the administration that attempted to do exactly that. A caveat was appended to the 2013 letters, noting that the FBI's NSL target estimates were probably inflated due to the NSL's limitations and targeting specifications.

But there are further statistical "anomalies" hidden within the transparency report. The section detailing the business records program (aka, Section 501 [formerly Section 215]) listed a small number of targets as well, something entirely at odds with the NSA/FBI's demands for every phone record from certain providers. While there are only a certain number of RAS (reasonable articulable suspicion) approved selectors that can be used by the NSA to search the bulk records, there's apparently a workaround that allows analysts to access many more records within the database.

Marcy Wheeler of emptywheel spotted some wording in the two most recent FISA court orders (released late Friday afternoon) that confirms the agency is using numbers one hop out from the RAS-approved numbers as additional selectors, triggering even more contact chaining.
In that same motion it implemented the change in standard dragnet language that has been retained in these more recent dragnet orders: the NSA is chaining on “connections” as well as actual calls.

14 The first “hop” from a seed returns results including all identifiers (and their associated metadata) with a contact and/or connection with the seed. The second “hop” returns results that include all identifiers (and their associated metadata) with a contact and/or connection with an identifier revealed by the first “hop.
If it's any consolation, this new chains-upon-chains method apparently can't be performed automatically, most likely due to these automated searches not complying with FISA court limitations (rather than a lack of computing ability). The most recent bulk records orders note that these searches will now always be performed manually.
Queries of the BR metadata using RAS-approved selection terms for purposes of obtaining foreign intelligence information may occur by manual analyst query only.
As Wheeler notes, this wording may also indicate the agency's anticipation of bulk records being maintained and held by service providers, thus further limiting its splashing around in the collected metadata. But it does indicate that the recently-imposed "hop" limitation is nearly useless. Rather than simply searching one hop out from the RAS selector, the agency is having its analysts build contract chains starting from that hop and moving outward. This puts the agency right back where it was prior to the minimal restrictions placed on it by the administration's reform measures.

It's not a strictly legal move, no matter if it's automated or not. Feinstein's fake reform measures would have codified this quasi-legal procedure, as Wheeler points out. Denials offered by NSA officials may have had a slight ring of truth, especially if the automated system wasn't capable of meeting FISC stipulations, but it appears to be all systems go at this point.
Whether Administration witnesses were being deliberately deceitful when testifying about call-based chaining (“not wittingly!”) or the NSA only recently resumed doing connection based chaining manually, having given up on doing it automatically, one thing is clear. The NSA has been doing connection based chaining since at least February, and very few people in Congress know what that means. Nevertheless, they’re about to authorize that formally.
What the NSA buries in half-truths, carefully-worded denials and artful retractions always has the chance to become legally sanctioned by efforts like Feinstein's, which seek to codify the NSA's programs and instantly whitewash any past brushes with illegality. The NSA plays to edges of the letter of the law and disregards the spirit. Even its past excesses and deliberate misuse of its powers have failed to keep it down for long. At worst, it's back to its 2008 form, dealing with the same sort of limitations FISC Judge Walton imposed on it after uncovering years of abuse. But it has more contacts to chain than it did previously, thanks to its manual search method, even with reform efforts taking away one of its hops.

Reader Comments (rss)

(Flattened / Threaded)

  1.  
    icon
    Ninja (profile), Jul 3rd, 2014 @ 3:13am

    https://en.wikipedia.org/wiki/Six_degrees_of_separation

    If they use a few more hops everybody will be connected to Al Qaeda. It's easy to form links only looking at connections and manufacture possible plots. Stasi used to be pro at it.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Jul 3rd, 2014 @ 3:44am

    I wonder how the world is going to look back on this era in 20 or so years.

     

    reply to this | link to this | view in thread ]

  3.  
    icon
    That Anonymous Coward (profile), Jul 3rd, 2014 @ 4:38am

    Re:

    Nothing happened 20 years ago.
    We have always been at war with HobbyLobMart.

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    David, Jul 3rd, 2014 @ 5:26am

    Do you want the terrorists to win?

    The only way to prevent another 9/11 is to stop deserving it. The main thing distinguishing the NSA and its ilk from "real" terrorists is that the former cost the American taxpayers a lot more money and lives and constitute a much larger danger to American values and liberties.

     

    reply to this | link to this | view in thread ]

  5.  
    icon
    Whatever (profile), Jul 3rd, 2014 @ 5:41am

    Reasonable?

    It seems pretty reasonable to check the people that a target contacts to see if they are being used as a relay or a go between. Checking who they are calling or receiving calls from seems like actually pretty good work. It seems that it would also make it a lot easier to understand the potential value of one contact point compared to another.

     

    reply to this | link to this | view in thread ]

  6.  
    icon
    Ninja (profile), Jul 3rd, 2014 @ 6:15am

    Re: Reasonable?

    If such surveillance is targeted and has proper warrants then you might have a point. Might. A friend of mine was friends with a drug dealer and they used to talk very often before he got arrested. Simply examining her calls with him would be far enough to determine if there are any further implications. If this primary investigation showed she was involved then a warrant to tap her phone too would be very easy to obtain since there would be evidence that she is involved. Due process. You don't seem to like it but that's how it's supposed to happen. Law enforcement does not have the right to go wiretapping anyone and everyone, just specific targets and there are plenty of historic reasons why warrants should be needed for every hop.

     

    reply to this | link to this | view in thread ]

  7.  
    icon
    Whatever (profile), Jul 3rd, 2014 @ 7:02am

    Re: Re: Reasonable?

    The thing is that they are not tapping her phone - they are collecting metadata on her calls to look to see if she is also perhaps calling Columbia. If they are targetting the drug deal, they would certainly be smart to check to see if some of the people he is contacting are perhaps handling business for him.

    I know most people here don't enjoy the concept, but in the real world this looks like an excellent way to make it harder for criminals to operate, and also to spot potential connections that might not otherwise be evident.

    there are plenty of historic reasons why warrants should be needed for every hop.

    Not quite as clear, and to be fair, the numbers would get out of hand very rapidly. He calls or is called by 10 people, and they each call 10 people... now you need 100 warrants, each one a page or more long, with justifications, time in front of a judge... You need to hire more agents just to fill out forms. You also know that if there is an original warrant for the first guy, then the rest of the warrants would pretty much be a given - just buried under a sea of needed paperwork that might make agents consider not using the information.

    I think it's much better that a warrant is requested if the meta data (numbers called) suggest something that may be relevant to the case. It would have to be tied to an original warranted case, but it seems like a good way to get the job done and not overburden the courts with endless warrant requests.

     

    reply to this | link to this | view in thread ]

  8.  
    icon
    Coyne Tibbets (profile), Jul 3rd, 2014 @ 7:42am

    Re:

    As the last time of great freedom from surveillance and government control. The good old days before every baby born was required to have a imbedded brain chip implant complete with built in intent interpreter and pain-enforced retraining.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Anonymous Anonymous Coward, Jul 3rd, 2014 @ 8:12am

    Re: Re: Re: Reasonable?

    With a warrant it is sometimes just a fishing expedition. Without a warrant, it is only a fishing expedition. The purpose of a warrant is to articulate a reason. Without a reason they are trolling for mud, to use on you if necessary (or maybe even enjoyable).

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Anonymous Anonymous Coward, Jul 3rd, 2014 @ 8:18am

    Re: Re: Reasonable?

    This is the NSA, whom have no law enforcement mandate and have no intention of building cases to take before any judge.

    While I agree the 'searching' must be targeted, applying normal judicial standards might be inappropriate.

    Maybe we need new names for 'targets' and 'warrants' to make things clear for them, along with non ambiguous definitions. Of course, they will just redefine those new terms anyway.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Anonymous, Jul 3rd, 2014 @ 9:28am

    Re: Re: Re: Reasonable?

    If they have "no intention of building cases to take before any judge", then perhaps they should stop giving their data away to other agencies like the FBI and DEA who do have that intention, thus bastardizing the notion of due process.

    My guess is that's not even the worst the data is used for currently. Democrat representative Maxine Waters said shortly after Obama's re-election that: "Obama is building a database like the world has never seen with everything on everyone", and the context was that this data was going to be used to win elections in perpetuity.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    AnonymouseCoward, Jul 3rd, 2014 @ 10:52am

    "manual analyst.sh" --deep-dive --query --selector tel:313-555-1212

     

    reply to this | link to this | view in thread ]

  13.  
    icon
    Ninja (profile), Jul 3rd, 2014 @ 11:47am

    Re: Re: Re: Reasonable?

    First of all, metadata alone is enough to fuck you good. Do you trust 100% every single person you call? That pizza store that serves as a disguise for a meth lab that you order their delicious pizza every friday?

    Second, perhaps is not probable cause unless there is proof she's talking with him about drug dealing itself. I'm calling my relatives in Iran. Since it's Iran perhaps I'm a terrorist so my calls should be tapped. Got my point?

    I know most people here don't enjoy the concept, but in the real world this looks like an excellent way to make it harder for criminals to operate, and also to spot potential connections that might not otherwise be evident.

    There's no evidence that all the collection has helped in any significant way. But there is PLENTY historical examples of how such power can and will be abused. Your totalitarianism is oozing.

    Not quite as clear, and to be fair, the numbers would get out of hand very rapidly. He calls or is called by 10 people, and they each call 10 people... now you need 100 warrants, each one a page or more long, with justifications, time in front of a judge...

    So? That's due process. He calls 10 people, 2 of them discuss drugs with him. Get a warrant to check those other 2 and start a proper investigation on them as well. If needed repeat. Properly justified a warrant can be delivered in less than 30 minutes or even less. If the agents don't like to follow the rules then just replace them. That's how it should be, that's how the Constitution works. The constitution itself makes the distinction on people or persons as a mean to encompass all people, not only American citizens in some of the Amendments.

    I think it's much better that a warrant is requested if the meta data (numbers called) suggest something that may be relevant to the case.

    No, it is not. Metadata alone does not show anything. If the actual content suggests a second person is involved then you go through the judiciary and get the pertinent warrants. As I noted it is neither hard nor it takes a long time as you seem to believe.

    It would have to be tied to an original warranted case, but it seems like a good way to get the job done and not overburden the courts with endless warrant requests.

    One of the attributions for the courts is upholding Constitutional protections. Granting warrants when it seems fit falls squarely within their attribution.

    Caution, your totalitarianism is gushing out like crazy. You are a despicable person.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Anonymous Anonymous Coward, Jul 3rd, 2014 @ 12:37pm

    Re: Re: Re: Re: Reasonable?

    This is where the FBI and DEA get into the fiction of parallel construction, with instructions to local law enforcement and prosecutors to lie by omission. If the defense gets a sniff of surveillance, the case is in trouble because of this. Or at least it should be.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
Advertisement
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
Advertisement
Recent Stories
Advertisement
Support Techdirt - Get Great Stuff!

Close

Email This

This feature is only available to registered users. Register or sign in to use it.