Confirmed: NSA Does Search Section 702 Data for Particular US Person Data

Update: To help Joshua Foust understand this topic, I did a second, really basic version of this post here. So if you’re fairly new to all this stuff, you might start there and then come back.

Update: Alexander’s office has conceded Udall and Wyden’s point about the classified inaccuracy. It also notes:

With respect to the second point raised in your 24 June 2013 letter, the fact sheet did not imply nor was it intended to imply “that the NSA has the ability to determine how many American communications it has collected under section 702, or that the law does not allow the NSA to deliberately search for the records of particular Americans.”

He then cites two letters from James Clapper’s office which I don’t believe have been published.

I’ve seen some people complaining that Ron Wyden and Mark Udall didn’t explicitly describe what Keith Alexander’s lies were in the NSA handout on Section 702 collection (note, as of 1PM, NSA has taken down their handout from their server). I’m okay with them leaving big breadcrumbs instead, not least because until we fix intelligence oversight, we’re going to need people like them who manage to stay on the committees but lay these signposts.

That said, I think people are underestimating how big of a signpost they did leave. Consider this, from their letter:

Separately, this same fact sheet states that under Section 702, “Any inadvertently acquired communication of or concerning a US person must be promptly destroyed if it is neither relevant to the authorized purpose nor evidence of a crime.” We believe that this statement is somewhat misleading, in that it implies that the NSA has the ability to determine how many American communications it has collected under section 702, or that the law does not allow the NSA to deliberately search for the records of particular Americans. [my emphasis]

Last year’s SSCI report on extending the FISA Amendments Act strongly implied that the government interpreted the law to mean it could search for records of particular Americans.

During the Committee’s consideration of this legislation, several Senators expressed a desire to quantify the extent of incidental collection under Section 702. I share this desire. However, the Committee has been repeatedly advised by the ODNI that due to the nature of the collection and the limits of the technology involved, it is not reasonably possible to identify the number of people located in the United States whose communications may have been reviewed under Section 702 authority. Senators Ron Wyden and Mark Udall have requested a review by the Inspector General of the NSA and the Inspector General of the Intelligence Community to determine whether it is feasible to estimate this number. The Inspectors General are conducting that review now, thus making an amendment on this subject unnecessary.

Finally, on a related matter, the Committee considered whether querying information collected under Section 702 to find communications of a particular United States person should be prohibited or more robustly constrained. As already noted, the Intelligence Community is strictly prohibited from using Section 702 to target a U.S. person, which must at all times be carried out pursuant to an individualized court order based upon probable cause. With respect to analyzing the information lawfully collected under Section 702, however, the Intelligence Community provided several examples in which it might have a legitimate foreign intelligence need to conduct queries in order to analyze data already in its possession. [my emphasis]

This passage made it clear that the Intelligence Community had demanded the ability to search on US person data already collected. Wyden and Udall’s letter makes that even more clear.

And the minimization procedures leaked last week support this (though note, these date to 2009 and might have been ruled to violate the Fourth Amendment since, though I suspect they haven’t).

They make it clear that US person communications will be retained if they contain foreign intelligence information (a term not defined in the procedures), including those they collected because (they claim) they’re unable to filter it out.

3(b)

(1) Personnel will exercise reasonable judgment in determining whether information acquired must be minimized and will destroyed inadvertently acquired communications of or concerning a United States person at the earliest practicable point in the processing cycle at which such communication can be identified either: as clearly not relevant to the authorized purpose of the acquisition (e.g., the communication does not contain foreign intelligence information)

[snip]

The communications that may be retained include electronic communications acquired because of limitations on NSA’s ability to filter communications.

(2) Communications of or concerning United States persons that may be related to the authorized purpose of the acquisition may be forwarded to analytic personnel responsible for producing intelligence information from the collected data.

The procedures make it clear that, with authorization from the NSA Director, even communications entirely between US persons may be retained (see section 5) if they are of significant intelligence value. Communications showing a communications security vulnerability may also be retained (this permission, related to cybersecurity, was not made public in the NSA handout).

And here’s perhaps the most interesting way of keeping US person data.

6(c)

(1) NSA may provide to the Central Intelligence Agency (CIA) unminimized communications acquired pursuant to section 702 of the Act. CIA will identify to NSA targets for which NSA may provide unminimized communications to CIA. CIA will process any such unminimized communications received from NSA in accordance with CIA minimization procedures …

(2) NSA may provide to the FBI unminimized communications acquired pursuant to section 702 of the Act. FBI will identify to NSA targets for which NSA may provide unminimized communications to the FBI. FBI will process any such unminimized communications received from NSA in accordance with FBI minimization procedures …

This is a kind of collection that Pat Leahy seems to believe escapes review by current Inspector General reviews of the program, as he tried to mandate such reviews in last year’s reauthorization.

The minimization procedures also appear to support Julian Sanchez’ guesstimate of how they could pull up US person contacts, since a phone number or unique name are not explicitly included among the identifiers that would constitute IDing a US person.

Now, all that doesn’t specifically address the other lie Wyden and Udall invoked, which they describe “portrays protections for Americans’ privacy as being significantly stronger than they actually are.” But I think the points I’ve laid out above — particularly the cybersecurity collection that is entirely unmentioned in the 702 sheet — probably lays out the gist of Alexander’s lies.

The government has spent the entire time since these documents were revealed trying to lie to Americans about whether their contacts with foreigners can be retained and read. And those lies keep getting exposed.

Tweet about this on Twitter0Share on Reddit0Share on Facebook0Google+0Email to someone

18 Responses to Confirmed: NSA Does Search Section 702 Data for Particular US Person Data

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
Emptywheel Twitterverse
bmaz RT @goldengateblond: MSNBC: Harrison Ford Crashed His Plane FOX: Member of the Hollywood Elite Crashed His Plane CNN: We Found a Plane!
6mreplyretweetfavorite
emptywheel @ColMorrisDavis Interesting move fr Chevron. @DavidColeGtown
10mreplyretweetfavorite
bmaz @fordm Jesus.
12mreplyretweetfavorite
emptywheel @DavidColeGtown Also dodging issues of WHY it appears (acc to CIA) there were no heroes. Which still exist under Obama @ColMorrisDavis
25mreplyretweetfavorite
emptywheel @DavidColeGtown Yes. Unlike you I read things before I comment on them. You're doing CIA's work right now. Congrats! @ColMorrisDavis
26mreplyretweetfavorite
emptywheel @ColMorrisDavis At a time, of course, when they were trying to get Yoo to invent docs to approve stuff that wasn't approved @DavidColeGtown
28mreplyretweetfavorite
emptywheel @ColMorrisDavis Plus CIA got to make sure 2003 DOD OLC memo worked for them. @DavidColeGtown
28mreplyretweetfavorite
bmaz .@sahilkapur @hillhulse And, yet, Loretta Lynch is an absolutely horrible nominee: https://t.co/K6jnEfMeVv
40mreplyretweetfavorite
bmaz RT @davidminpdx: Prison documentary I helped to produce, the Mind of Mark DeFriest, opens in NY and LA tomorrow. Schedule: http://t.co/KQbo
43mreplyretweetfavorite
bmaz The secret nature of police culture encourages rampant abuse and brutality | Rare http://t.co/oUEbELi71k via @BlanksSlate
46mreplyretweetfavorite
emptywheel @DavidColeGtown Are you, by your own logic, claiming that George Tenet is your hero? @ColMorrisDavis
47mreplyretweetfavorite
emptywheel @DavidColeGtown Did I say that? Look, if you don't even acknowledge documented CIA tampering, reporting is not credible. @ColMorrisDavis
49mreplyretweetfavorite
June 2013
S M T W T F S
« May   Jul »
 1
2345678
9101112131415
16171819202122
23242526272829
30