The NSA’s 12-Year Struggle to Follow the Law
Credit to Author: Marcy Wheeler| Date: Fri, 15 Sep 2017 14:56:15 +0000
This spring, the government announced a change to the way the National Security Agency collects information targeting foreigners, using the telecom backbone in what it calls “upstream” collection. Whereas for 10 years, the agency had sucked up communications mentioning a target’s selector—say, collecting all emails sent to someone in this country that include Osama bin Laden’s phone number in the body of the email—in April it stopped doing so domestically (though it will still do tons of it in collection overseas).
Not long after the announcement, the government released documents explaining why it had dropped this kind of collection, which it calls “about” collection. Those documents amounted to a confession that the NSA failed to follow rules the Foreign Intelligence Surveillance Court put in place in 2011 to ensure upstream collection complied with the Fourth Amendment.
There was a stink, at the time, accusing the Obama Administration of using Section 702 of FISA—which only permits the government to target foreigners—of using it to spy on Americans for five years. Those accusations were, technically, true (the NSA attributed such spying to technical failures, not legal ones). But the truth is far more troubling. In fact, from 2004 to 2016, the NSA was always engaging in collection the FISC would go on to deem unauthorized. For 12 years, under both the Bush and Obama Administrations, the NSA was collecting information that, if retained, would break the law.
But under the current presiding judge, overseeing the plans of the Trump Administration, NSA will be allowed to keep such data, a change from her three predecessors.
In adopting the solution to the “about” problem pitched by the Trump Administration, FISC presiding judge Rosemary Collyer, the latest judge to deal with such violations, did less than her predecessors to ensure that such violations don’t cause ongoing privacy violations. Not only did she stop short of ensuring that FISA remains the “exclusive means” to conduct surveillance, she allowed the government to keep data it got by breaking the rules. But it’s not clear she has solved the problem. Given the NSA’s own description of its understanding of the problem, it’s not clear the agency has solved the problem either.
The FISC is not like a normal court. There are no cops patrolling the streets to make sure no one breaks the Foreign Intelligence Surveillance Act, the law the FISC oversees, and then charging scofflaws. Violations of FISA get discovered in just three ways. Hypothetically, defendants prosecuted using evidence collected under FISA sometimes can ask to review the underlying process for any problems, but aside from a few times prosecutors have told defendants the government spied on their conversations with lawyers, that has never once worked in practice. In very rare cases, most notably with Edward Snowden’s leaks, whistleblowers will reveal details that even Congress didn’t fully understand (such as that NSA sometimes bypasses FISA by stealing Google and Yahoo data from their servers overseas, rather than using the FISA program, called PRISM).
“Too often, however, the government fails to meet its obligation to provide prompt notification to the FISC when noncompliance is discovered”
In general, however, the FISC and Congress have to rely on the NSA or DOJ to report any violations of FISA; NSA, effectively, gets to police itself.
While the government claims it does a good job self-policing, the court hasn’t always agreed. Even before the FISA Amendments Act passed, the government reorganized PRISM without telling judge Reggie Walton, who was overseeing a challenge to that program. A year later, judge Thomas Hogan was surprised to learn the NSA hadn’t been reporting all violations to the court, reporting only systematic ones or specific misrepresentations the government made to the court. After the government revealed two different systematic problems in 2009 and a third in 2011, affecting three different programs, FISC judge John Bates complained about “the third instance in less than three years in which the government has disclosed a substantial misrepresentation regarding the scope of a major collection program.” And after several delayed notifications last fall and this spring, Rosemary Collyer scoffed at the government’s excuses for two different eleven- and five- month delays in notifying the FISC of violations. “Too often, however, the government fails to meet its obligation to provide prompt notification to the FISC when noncompliance is discovered.”
So one reason the government ends up spying on Americans inappropriately for years at a time is because it takes that long to get around to telling the FISC it has been doing so.
That’s especially true with upstream collection, which involves searching within internet packets to select what content to keep. To begin with, it’s a more complex technical process than simply calling Google and asking for the contents of someone’s email box (though even with PRISM, NSA gets more than a target’s Google email box contents). Plus, when collecting by targeting at the level of packets, the legal categories of content and metadata on which much surveillance law is based break down, as a group of noted computer scientists explained in a report last fall. Similarly, it’s often hard to tell whether a packet belongs to a foreigner, especially as more traffic travels internationally and as people adopt location-obscuring tools like VPNs and Tor. Finally, the government can use upstream surveillance to collect on different kinds of selectors—things like a server hosted at a particular IP address, or an encryption key—that create problems not covered by many of the FISC opinions envisioning targeting of email addresses.
As Collyer said in her April opinion imposing a dubious fix on yet more upstream violations, upstream collection “has represented more than its share of the challenges in implementing Section 702.”
“Virtually every … record generated [by the bulk Internet metadata program] included some data that had not been authorized for collection”
The problems with upstream collection started in 2004, years before the FISA Amendments Act was passed. The government got the FISC to approve collection of what it claimed was only metadata off the telecom switches to replace the Internet dragnet part of President Bush’s Stellar Wind program. But in approving the collection, judge Colleen Kollar-Kotelly limited which categories of data the NSA could obtain. Within three months, the government violated those category restrictions. So Kollar-Kotelly imposed twice quarterly “spot checks” to make sure NSA didn’t continue to violate those restrictions—roughly 25 spot checks were performed between 2004 and 2009.
In 2009, in the wake of problems in the phone dragnet program, Reggie Walton made the NSA conduct an end-to-end review of the internet dragnet to look for problems. Yet it wasn’t until, in response to a Walton order, NSA’s Inspector General started investigating the internet dragnet that the NSA finally told the FISC that “virtually every … record generated [by the bulk Internet metadata program] included some data that had not been authorized for collection,” As Bates observed when laying out NSA’s remarkable failures to find these ongoing violations, “those responsible for conducting oversight at NSA failed to do so effectively.
In 2010, when Bates dealt with this collection—or more pointedly, with NSA’s request to keep the data it collected in violation of specific category limitations—he did something novel. He said the NSA would be breaking the law if it kept and used the data it knew to have violated those category restrictions. Bates pointed to a section of FISA that said anyone using or disclosing data that they “knew or had reason to know [had been] obtained through electronic surveillance not authorized by” FISA might face criminal sanctions. For the first time we know of, a FISC judge was enforcing FISA’s “exclusive means” provision—or perhaps more importantly, the authority of FISC to enforce the rules it set on NSA’s collection—with threats of criminal sanctions.
On at least four other occasions, the FISC used that “exclusive means” section to ensure (or to try to ensure) that NSA didn’t get away with keeping the data it obtained by breaking the rules. On two occasions, for example, the FISC made NSA get rid of data it retained in “management systems” that it was supposed to purge. Though not before the government argued that prohibitions on using unlawfully collected information “only applied to interceptions authorized by the Court and did not apply to the fruits of unlawful surveillance.” NSA kept data collected under Section 702 like this for five years until finally destroying it last year.
For four years, the NSA had been collecting entirely domestic communications that fit no intelligence purpose without telling the court
In another instance, FISC made NSA double check that data collected during a period when its post-collection checks ensuring targets really were located overseas were on the fritz, to make sure that targets hadn’t entered the US while they were targeted.
But the important precedent to FISC’s policing of exclusive means is another upstream collection problem. In 2011, after four years, the government first told the FISC that when it conducted “about” collection (searching for emails that refer to Osama bin Laden’s phone number), it sometimes got entire bundles of communication. Sometimes those bundles included communications that were entirely domestic. Mind you, as part of that disclosure process, the NSA revealed it collected a whole bunch more domestic communications that weren’t bundled but that because they mentioned Osama bin Laden’s phone number (or whatever selector), were at least interesting to the NSA. But those other bundled domestic communications were particular problematic because they broke the rules and weren’t of interest.
So for four years, the NSA had been collecting entirely domestic communications that fit no intelligence purpose without telling the court. When he learned about it, Bates did what he had done the year before—he told the NSA they couldn’t use the data that violated the rules, and within a year, the NSA deleted it.
But in spite of the fact that Bates knew the NSA would collect these entirely domestic communications going forward—both those communications that did mention something like Osama bin Laden’s phone number, and those that did not but instead got sucked up as part of a bundle—he let the NSA continue to collect it, with a few new rules attached. He did, however, impose one prohibition. When he newly permitted the NSA to search on its collections using a selector used by Americans (sometimes referred to as “back door searches”), he prohibited such searches on upstream data. That way, no American’s communications that were originally collected without being targeted or in mistaken belief they were foreign could be accessed later via a backdoor search.
That’s the rule the NSA broke—was breaking, for five years—after Bates imposed the rule.
It was clear pretty quickly the NSA was violating this prohibition, that it didn’t have the infrastructure in place to follow it. By May 2013, for example, NSA’s overseers pointed out that NSA wasn’t tracking back door searches in a centralized place, so it couldn’t actually track them easily. Six months later, NSA’s overseers identified one of the problems the agency continues to use to explain breaking this rule: the NSA’s systems required analysts to opt out of upstream searching, rather than having that work automatically. The next year, overseers suggested NSA require analysts to say whether they thought they were querying on a US person while doing upstream searches to eliminate another of the excuses for the problem. So it’s not like NSA didn’t know it was breaking the rules; it’s just that it never chose to make it harder to break the rules. But when, in 2016, the results of closer investigations conducted by NSA’s Inspector General and Oversight Department started coming in, it became clear the problem was far worse than NSA’s other overseers had been able to see.
“It will still be possible for the NSA to acquire [a bundled communication] that contains a domestic communication.”
It took three years after identifying the problem before NSA figured out just how bad it was.
And it was bad. For one tool used to do back door searches on Americans targeted by individual FISA warrants who were located overseas, 85% of queries were not compliant, often because they targeted those people for periods when spying wasn’t authorized by a FISA warrant, as the FISA Amendments Act requires they be. In addition, over the course of six months of review, the NSA couldn’t even find all the places it had stored upstream content that might have been improperly switched.
So at the end of that six month period (this brings us to April 2017), Collyer approved a proposal offered by Trump’s appointees she claimed was a fix. Rather than prohibiting back door searches of content known to include entirely domestic communications, the NSA would just stop doing the most problematic kind of upstream collection, the “about” collection that can result in bundled communications including entirely unrelated communications. With that change, Collyer for the first time approved back door searches on upstream collection, without even consulting an amicus, which was arguably required by the USA Freedom Act, a 2015 law that required the court to explain why it didn’t use an amicus when considering significant issues.
But that fix clearly doesn’t solve the problem of NSA accessing domestic communications with its newly expanded back door searches. “It will still be possible,” Collyer admitted, “for the NSA to acquire [a bundled communication] that contains a domestic communication.” (It’s not clear, at all, from Collyer’s opinion whether she understands that single communications may also be entirely domestic.)
This is an issue that Senator Ron Wyden and Director of National Intelligence continue to fight about, with DNI Coats refusing to release an unclassified description of how the government can knowingly collect domestic communications under the program.
Plus, it’s not at all clear NSA can fulfill the terms of the new fix. Just weeks before Collyer approved the new certificates, according to Collyer’s opinion, “the government reported that NSA was still attempting to identify all systems that store upstream data and all tools used to query such data.” If it can’t do that, how can it immediately delete all that data (as required by the opinion), much less ensure it adheres to the new rules? In addition, some data appears to remain beyond the reach of NSA’s auditing system, meaning any future problems will again go undiscovered. In the weeks before reauthorization, the NSA was even discovering data that had been mislabeled as PRISM data.
In the past, Walton had required end-to-end reports and IG reports to ensure problems with the metadata dragnet programs didn’t persist. Bates had withheld reauthorization of the internet dragnet until asking several rounds of follow-up questions. Not Collyer. She just included a note instructing, “Of course, NSA still needs to take all reasonable and necessary steps to investigate and close out the compliance incidents…relating to the improper use of U.S.-person identifiers to query terms in NSA upstream data.” She imposed no systematic reporting requirements or levers to ensure that would happen.
To justify a straight reauthorization, the government will claim the program fixes its problems
Worse still, Collyer let the government keep the data and derivative reporting, even without an assessment of whether the underlying records included domestic communications that could not be retained without an individualized waiver. “Certain records derived from upstream internet communications…will be retained by NSA, even though the underlying raw Internet transactions from which they are derived might be subject to destruction.” Some of these records were used to get FISA applications on US persons, precisely the kind of use of improperly collected data that FISA exclusivity criminalizes.
Collyer’s three immediate predecessors as presiding judge—John Bates, Reggie Walton, and Thomas Hogan—had all used the precedent established by Bates to force the NSA to destroy any data it obtained while breaking the rules. Even while Collyer reviewed the NSA’s fulfillment of their prior orders to destroy such data, she imposed no such restriction herself. The NSA got to keep the fruit of those searches, and may still be spying on Americans as a result.
In the weeks ahead, Congress will begin debating reauthorization of the FISA Amendments Act. The government insists Congress shouldn’t make any changes, not even codifying the prohibition on “about” collection that related to a decade of violations, something a draft bill attempts to do, according to the New York Times.
“As demonstrated in numerous declassified court opinions and other materials, the FISC exercises rigorous independent oversight of activities conducted pursuant to Section 702 to ensure that incidents of non-compliance are addressed through appropriate remedial action,” the government’s letter to Congress claims, in spite of all the evidence that oversight, even from more aggressive judges, has been insufficient. The government also continues to dodge questions about how Section 702 can collect entirely domestic communications, as admitted by Collyer, and how many Americans it sucks in because Americans are talking to targeted foreigners. To justify a straight reauthorization, the government will claim the program fixes its problems.
The truth, however, is NSA has struggled to follow the rules of Section 702 for almost a decade.