The NSA's 'Time Machines' Make It Incredibly Easy To Violate Section 702 Restrictions

from the collect-all-the-things! dept

Marcy Wheeler has a fascinating post about NSA collection activities under Section 702 and Executive Order 12333. The rules governing the collections allow the NSA to gather communications when a targeted foreigner leaves the country, but are supposed to cease when this target returns to the United States. It's something that's easier said than done, even when the NSA engages in good faith efforts to abide by these restrictions.

As Wheeler points out, the collection efforts don't always comply with these rules, and the way they're constructed allows the NSA to collect communications and other data it shouldn't have access to. First, this is how they're supposed to work:

The short version is that FISA imposes some restrictions on whether you can collect data at rest to obtain data from outside the period of a FISA order. Thus, if you're not supposed to collect on someone when they're in the US (whether that person is a US person or a foreigner), there are classified restrictions about whether you can collect stored data from that period.

None of these rules are (as far as I'm aware) public, but there are rules for all the various laws. In other words, you're not supposed to be able to collect GMail on a foreigner while they're in the US, but you're also not supposed to be able to cheat and just get the same Gmail as soon as they leave the country.

When a US person is targeted, violations are even more likely. Again, the NSA can collect data and communications created when this person is located overseas, but is not supposed to have access to anything created while the person was in the United States. But it doesn't always do this, thanks in part to how it conducts its FISA searches.

This is even more complex for Americans. Domestically, there are two kinds of collection: 1805, which is the collection of data in motion — an old fashioned wiretap, and 1824, which is called a "physical search" order. The government likes to hide the fact that the collection of data at rest is accomplished with an 1824 physical search order, not 1805. So an 1824 order might be used to search a closet, or it might be used to image someone's hard drive. Most often, 1805 and 1824 get combined, but not always (the FISC released a breakdown for these last year).

So, when this target travels overseas, the person data can be collected. While it's restricted to the time period the person is out of the country -- and further restricted by the period covered by the FISA order -- the NSA's collection programs, which include implants on devices, continue to gather data in motion while the collection is supposedly forbidden. This is stored by the NSA, accessible at any time.

Data at rest is an even bigger problem. This often comes from device imaging or exfiltration via hacking. Data at rest can come from any time period, including months or years before the person became an NSA target. This is the end result of the NSA's multiple collection authorities and its harvesting tactics.

Effectively, once someone leaves the country the NSA has access to time machines to collect data from the past, though there are supposed to be limits on doing this.

[...]

[B]ecause of the differing rules on data in motion and data at rest — and because of the truly awesome methods used as soon as someone goes overseas — there are actually a lot of ways that NSA can get around the legal limitations based on space by playing with the limitations on time.

As Wheeler notes, it's a problem for the NSA, even when it engages in good faith collection efforts. Segregation of data is an ongoing issue, one highlighted by its recent abandonment of its "about" email collection. Most of the legal authorities used are seldom discussed because they remain shrouded in official secrecy, so there's no telling how often violations occur. But the NSA's data-harvesting "time machines" clearly violate guidelines and are yet another reason no one should be in a hurry to grant a clean reauthorization of Section 702 at the end of this year.


Reader Comments

Subscribe: RSS

View by: Time | Thread



Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.