Wyden and Udall: They’re Blowing Smoke about Phone and Other Bulk Record Safety

When I wrote about the letter from Ron Wyden, Mark Udall, and 24 other Senators to James Clapper a month ago, I focused on the specter that Section 215 would be used to collect gun records (in response to which, the NRA let its political guns drop from flaccid fingers).

Given yesterday’s response from Wyden and Udall to Clapper’s response, I should have focused on this passage:

Senior officials have noted that there are rules in place governing which government personnel are allowed to review the bulk phone records data and when. Rules of this sort, if they are effectively enforced, can mitigate the privacy impact of this large-scale data collection, if they do not erase it entirely. Furthermore, over its history the intelligence community has sometimes failed to keep sensitive information secure form those who would misuse it, and even if these rules are well-intentioned they will not eliminate all opportunities for abuse.

In response to that passage, Clapper spent one paragraph talking about when the government can access this data and another describing the oversight over it, including,

Implementation of the program is regularly reviewed not only by NSA, but by outside lawyers from the Department of Justice and by my office, as well as by Inspectors General. The Executive Branch reports all compliance incidents on to the FISC.

Later, in response to a question specifically about violations, Clapper wrote,

Since the telephony metadata collection program under section 215 was initiated, there have been a number of compliance problems that have been previously identified and detailed in reports to the Court and briefings to Congress as a result of Department of Justice reviews and internal NSA oversight. However, there have been no findings of any intentional or bad-faith violations.

These problems generally involved human error or highly sophisticated technology issues related to NSA’s compliance with particular aspects of the Court’s orders. As required, those matters, including details and appropriate internal remedial actions, are reported to the NSA’s Inspector General, the Department of Justice, the Office of the Director of National Intelligence, the FISC and in reports provided to Congress and other oversight organizations.

To which Wyden and Udall insisted,

Their [in context, probably meaning NSA’s, though they did not specify] violations of the rules for handling and accessing bulk phone information are more troubling than have been acknowledged and the American people deserve to know more details.

Now, there are a couple of different things going on here.

First, as Wyden and Udall also note, Clapper didn’t answer their question, “How long has the NSA used the PATRIOT Act authorities to engage in bulk collection of Americans’ records? Was this collection underway when the law was reauthorized in 2006?” Clapper instead answered how long NSA was using Section 215 to get telephony metadata, answering May 2006. But we know that collection was briefed before passage of the PATRIOT reauthorization, and it appears the government used a kluged hybrid order to get it from at least the time the illegal program was revealed in 2005 until the reauthorization passed.  So this earlier use may implicate earlier violations.

Nevertheless, what Clapper claims to be human error seems to be something more, the querying of records pertaining to phone numbers that aren’t clearly terrorists (or Iranians).

And given the revelation the government has gone three hops deep into this data, the reference to “highly sophisticated technology issues” suggests more sophisticated data mining than a game of half-Bacon.

Finally, one more thing. In the debate over the Amash-Conyers amendment the other day, House Intelligence Chair Mike Rogers also boasted of the controls that — according to Wyden and Udall — have proven insufficient. But in the process of boasting, he admitted other agencies have less effective oversight than the NSA.

It is that those who know it best support the program because we spend as much time on this to get it right, to make sure the oversight is right. No other program has the legislative branch, the judicial branch, and the executive branch doing the oversight of a program like this. If we had this in the other agencies, we would not have problems. [my emphasis]

When Wyden and Udall asked this question originally, they asked specifically, “Have there been any violations of the court orders permitting this bulk collection, or of the rules governing access to these records?” While most of their questions specified NSA, that one didn’t. The FBI, not NSA, is the primary user of Section 215, though it shares its counterterrorism (and counterespionage) data with the National Counterterrorism Center.

And even Mike Rogers appears to believe “the other agencies” have problems with this kind of data.

All of which seems to suggest there have been serious problems with the NSA’s use of the phone record dragnet. But there have been even more serious problems with bulk records on other subjects as used by other agencies.

Tweet about this on Twitter0Share on Reddit0Share on Facebook0Google+3Email to someone

6 Responses to Wyden and Udall: They’re Blowing Smoke about Phone and Other Bulk Record Safety

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
Emptywheel Twitterverse
emptywheel @Krhawkins5 Remember when Litt said sometimes they don't tell if an "informant" has been used?
1hreplyretweetfavorite
emptywheel @Krhawkins5 Right--and there are evidence laundering parts of FBI.
1hreplyretweetfavorite
emptywheel @Krhawkins5 Thing is none of those unsolicited tip sources have ever been revealed, but German always hits on it.
2hreplyretweetfavorite
emptywheel @Krhawkins5 But these tips are usu for US kids, some who also are not primary Arabic or other non-English languages.
2hreplyretweetfavorite
emptywheel My WAG: Has Evan Kohlmann become Garbage In Garbage Out of terror prosecutions? https://t.co/lgdn2mJHLC https://t.co/YIJxSqDbmv
2hreplyretweetfavorite
emptywheel @bradheath Though might that have changed over time -- it did on the 215 side, and of course w/onsite access.
2hreplyretweetfavorite
emptywheel @bradheath Yeah, I think that 7d is increasingly being used to protect corporate partners as a source and method.
2hreplyretweetfavorite
emptywheel Udpated: O'Malley: Arbor Paul: New Holland Kasich: GR Brewing https://t.co/djTtXm7Owq
2hreplyretweetfavorite
emptywheel MI Craft Brew Count Rand Paul: Fundraiser at New Holland O'Malley: Fundraiser at Arbor https://t.co/TiNnWlJFSi
2hreplyretweetfavorite
emptywheel @thegrugq (Aside from Uighurs) And piggyback on all the data sharing we've put in place bc of GWOT, too.
2hreplyretweetfavorite
emptywheel @attackerman Proof that ISIL was thriving in Afghanistan before its time.
2hreplyretweetfavorite
emptywheel @bradheath Wow. You didn't even get a confirm-and-deny along the way? At least confirmation they're using 7s to protect contractors.
2hreplyretweetfavorite
July 2013
S M T W T F S
« Jun   Aug »
 123456
78910111213
14151617181920
21222324252627
28293031