Coincidental Timing in NSA’s Telecom Switch Collection

We knew the government had “shut down” the Internet metadata in “late” 2011.

But I believe Friday’s filings are the first time they’ve specified publicly: they shut it down in December 2011.

That gives us the following chronology:

May 29, June 22, 2009: First Internet dragnet violations noticed as part of phone dragnet review

Around July 2009: NSA pilots new contact-chaining approach for Internet dragnet

Around November 2009: FISA Court does not re-approve Internet dragnet (see 15-16)

Between July and October 2010: FISC reauthorizes and NSA restarts Internet dragnet, but finds some overcollection since start of program in 2004

November 29, 2010: NSA signs directive allowing analysts to chain through US persons

January 3, 2011: Government rolls out new dragnet approach, providing

May 2, 2011: Government “clarifies” that upstream collection includes some US person data

October 3, 2011: John Bates finds some upstream dragnet illegal

Between October 3 and October 6, 2011: NSA General Counsel considers appeal

October 13, 2011: Government claims 1809(a)(2) does not apply — presumably to upstream collection

October 17, 2011: Draft training module advises analysts to talk to management or subject matter expert about Internet dragnet from prior to November 2009

November 22, 2011: Government still challenging applicability of 1809(a)(2) in upstream collection

Late 2011: Government starts dealing with upstream content

December 2011: Government halts Internet dragnet

That is, the government stopped collecting Internet metadata in the US within weeks of the discussion between John Bates and the government over whether or not Section 1809(a)(2) applied to NSA’s deliberate collection of US person content within the US via collection off telecom switches in the US — the same method of collection as used in the Internet dragnet.

That’s not to say the legal discussion influenced the decision. There are plenty of other explanations — including Google’s encryption by default (which made Google content inaccessible via US switches) and the earlier limits Bates imposed on US metadata collection, which may have made domestically-collected metadata less useful — for NSA to shut down that collection.

But I wonder whether Bates’ persistent focus on 1809(a)(2) had an influence.

I say that for two reasons — aside from the timing.

First, it is unusual for a training document to recommend asking a person for information about how to handle something, as the dragnet training instructed analysts, “for information on PR/TT data collected prior to November of 2009, contact your organization’s management or subject matter expert,” as late as October 17, 2011. The data from this period involved overcollection (probably content collected in the guise of metadata) that, if known to be US person data, could not be circulated without violating 1809(a)(2). This kind of instruction should be written down, especially given the legal sensitivity surrounding it, not transmitted person-to-person. But it appears not to have been.

There are a lot of details about Bates’ resolution of the Internet metadata overcollection in 2010 that we don’t yet know. Unlike with the 2011 US opinion,we don’t see the follow-up discussion to see how that collection was handled.

But we do know how Bates enforced his 2011 opinion: by emphasizing that the government couldn’t use any of that US person upstream collection for submissions to the FISC.

Beginning late in 2011, the government began taking steps that had the effect of mitigating any Section 1809(a)(2) problem, including the risk that information subject to the statutory criminal prohibition might be used or disclosed in an application filed before this Court.

Given that the government uses metadata to select which content collection to translate, this restriction on submitting improperly collected data to the FISC might be even more restrictive with the Internet dragnet information than the upstream collection.

In October and November 2011, John Bates reiterated his assertion – first made the year earlier in conjunction with Internet dragnet collected via the same means that the NSA could be subject to 1809(a)(2) — in response to which, the government still tried to object. But then they stopped objected and started complying, at the same time they also stopped collecting Internet metadata from within the US.

Two years in a row the NSA’s collection off telecom switches was deemed to be illegal. As the second judgment got resolved (by imposing restrictions on the circulation of the data), the government moved the collection tied to the first judgment overseas.

Twitter19Reddit0Facebook1Google+0Email

6 Responses to Coincidental Timing in NSA’s Telecom Switch Collection

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6

Emptywheel Twitterverse
emptywheel @sbagen I keep waiting for someone to sue Senate Press Gallery as their standards are very arbitrary. @SCOTUSblog would make perfect case.
6mreplyretweetfavorite
emptywheel It's ironic that CIA boasting abt disseminating censored docs as 9/11 trial grinds to a halt over censored shitty doc http://t.co/ilNVAkp3w6
37mreplyretweetfavorite
emptywheel Dangerous Censored Documents, in Soviet Russia and War on Terror America http://t.co/ilNVAkp3w6
38mreplyretweetfavorite
emptywheel @khanserai Dunno. I think self-interested and often deceptive leaking is reflexive for FBI. It's like breathing to them. @onekade
1hreplyretweetfavorite
emptywheel @khanserai Precisely. They can say whatever they want to NBC, and NBC won't question why that's possible. W/DOJ it'd be risky. @onekade
1hreplyretweetfavorite
emptywheel RT @onekade: FBI refused to cooperate with the House Homeland Security Committee investigation and stonewalled the DOJ IG, but spoke to Dat…
2hreplyretweetfavorite
emptywheel @ashk4n Which means the govt may use this ruling to get around the metadata-as-content problem that has been dogging them since 2004.
3hreplyretweetfavorite
emptywheel RT @ashk4n: From an engineering perspective: the outside IP headers are 'signaling/routing info' and the inside protocol-specific headers a…
3hreplyretweetfavorite
emptywheel RT @ashk4n: Most confusing re Lavabit: PR/TT is for "signaling/addr info" but gov wants to decrypt payload to get email headers http://t.co
3hreplyretweetfavorite
emptywheel RT @MarkAdomanis: Odd that many who panicked a/b Snowden's revelations are demanding we give the Russians a detailed look at our surveilanc…
3hreplyretweetfavorite
JimWhiteGNV Grumpy surveillance apologists are STILL grumpy.
3hreplyretweetfavorite
emptywheel RT @ashk4n: Fed appeals court affirms Lavabit district decision: providing SSL keys in 4-point font is in contempt http://t.co/u0LDsGyV8L #…
4hreplyretweetfavorite
December 2013
S M T W T F S
« Nov   Jan »
1234567
891011121314
15161718192021
22232425262728
293031