Thursday, May 11, 2006

NSA has database of millions of phone calls

You've heard about the National Security Agency's data-mining programs -- the ones that sift through huge quantities of data looking for patterns that might indicate terrorist activity.

But up until now the extent -- and implications -- of such programs have been only vaguely discussed, since hard facts were scarce.

No more. USA Today reports that the NSA phone-call-tracking effort is huge -- and it's all being stored in a giant database.

he National Security Agency has been secretly collecting the phone call records of tens of millions of Americans, using data provided by AT&T, Verizon and BellSouth, people with direct knowledge of the arrangement told USA TODAY.

The NSA program reaches into homes and businesses across the nation by amassing information about the calls of ordinary Americans — most of whom aren't suspected of any crime. This program does not involve the NSA listening to or recording conversations. But the spy agency is using the data to analyze calling patterns in an effort to detect terrorist activity, sources said in separate interviews. ...

The agency's goal is "to create a database of every call ever made" within the nation's borders....

For the customers of these companies, it means that the government has detailed records of calls they made — across town or across the country — to family members, co-workers, business contacts and others.

This effort doesn't involve actual eavesdropping -- listening in on the conversations. Legality aside, that would be physically impossible given the volume of calls. Instead the NSA is assembling a record of who called whom when, and for how long, anywhere in the United States.

A look at some of the issues raised by the story:

Extent: The program appears to be far more extensive than has been suggested previously. With an exception I'll discuss below, it's an attempt to log every domestic call in the United States.

Privacy: The records are scrubbed of personal identifying information, such as names, Social Security numbers and street addresses. Getting those requires some showing of "probable cause." But if you have the phone number, there are plenty of ways to get the other information. The simplest is a reverse phone directory, in which you enter a phone number and get the name and street address back.

Plus, there's no way to tell what the information is being used for. The NSA told one phone company that the data could be shared with other government agencies, such as the FBI, the CIA and the DEA. The last example, especially, makes it sound as if the database would be used as a general crime-fighting tool -- conveniently bypassing warrant and privacy laws.

Line-blurring: The NSA, like the CIA, has historically been prohibited from spying domestically for civil liberty reasons. This program is proof that that prohibition has been shattered. Not only is the NSA monitoring domestic communications, but as I'll discuss below, the agency said the information might be shared with the CIA, thus getting the spy agency into the domestic intelligence business.

If you're keeping track, American citizens are now being scrutinized by local police intelligence units, the FBI, the CIA, the NSA and even the Pentagon. And those agencies are increasingly unshackled by such bothersome things as warrants or probable cause requirements.

Legality: By law, phone companies require a court order before turning over customer data. The NSA program doesn't bother with that. Nor does it bother with the FISA court, in keeping with Bush administration practice. Instead, Bush claims that the his "inherent authority" and the Patriot Act give him the power to run such a program.

But a telling example is the exception I alluded to above. One major phone company refused to comply with the NSA program: Qwest. (My phone company, by the way), leaving a 14-state hole in the NSA's surveillance. Qwest's concerns were threefold: the legality of the program, who would have access to the data, and how the data would be used.

The NSA told Qwest that other government agencies, including the FBI, CIA and DEA, also might have access to the database, the sources said. ... NSA representatives pointedly told Qwest that it was the lone holdout among the big telecommunications companies. It also tried appealing to Qwest's patriotic side: In one meeting, an NSA representative suggested that Qwest's refusal to contribute to the database could compromise national security, one person recalled.

In addition, the agency suggested that Qwest's foot-dragging might affect its ability to get future classified work with the government. Like other big telecommunications companies, Qwest already had classified contracts and hoped to get more.

Note that none of these were legal arguments; they were emotional appeals. The NSA was on shaky legal ground -- and knew it:

Unable to get comfortable with what NSA was proposing, Qwest's lawyers asked NSA to take its proposal to the FISA court. According to the sources, the agency refused.

The NSA's explanation did little to satisfy Qwest's lawyers. "They told (Qwest) they didn't want to do that because FISA might not agree with them," one person recalled. For similar reasons, this person said, NSA rejected Qwest's suggestion of getting a letter of authorization from the U.S. attorney general's office. A second person confirmed this version of events.

So there you have it. NSA didn't want to ask for permission because they knew they probably wouldn't get it. Not because the FISA court was inefficient, as has been claimed; but because FISA, quite properly, would likely have disallowed the program.

What we have here is another classic example of the Bush administration's approach to security and civil liberties: Begin a hugely invasive monitoring program, with few if any privacy protections; conduct it entirely in secret; and instead of seeking approval and authorization from the organizations expressly established to do so, just ignore them (and the law) and hope not to get caught.

The secrecy part is the most maddening part of it, because it served no legitimate purpose. Suppose everyone knew that the government was collecting data on domestic calls; how does that help terrorists? What could they do about it? The secrecy only served to hide the program from public scrutiny.

Might data-mining be useful? Yes. But it should be fully debated, and if implemented it should come with oversight and privacy protections. These massive, secrecy-shrouded invasions of privacy need to stop.

USA Today also has a useful Q&A on the program.

Update: Congress -- both Republican and Democrat -- is demanding answers. You have to figure that eventually Bush will so alienate the legislative branch that they'll start acting like a real check again.

, , , , , ,

Labels: , ,


Blogger Tom Strong said...

There's an interesting (and mostly civil) debate on this going on between Dean's World and Unwilling Self-Negation.

Myself, I'd probably have been more outraged three years ago. At this point I'm pretty jaded. If Choicepoint can have this level of access to my data, why not the DEA?

5/11/2006 3:20 PM  
Blogger Gary said...

calling pattern data

5/12/2006 9:59 AM  
Anonymous Sarah Blak said...

Thank you very much for the input - will take note of some of the opinions here.

6/03/2011 1:19 AM  

Post a Comment

Links to this post:

Create a Link

<< Home