Coincidental Timing in NSA’s Telecom Switch Collection

We knew the government had “shut down” the Internet metadata in “late” 2011.

But I believe Friday’s filings are the first time they’ve specified publicly: they shut it down in December 2011.

That gives us the following chronology:

May 29, June 22, 2009: First Internet dragnet violations noticed as part of phone dragnet review

Around July 2009: NSA pilots new contact-chaining approach for Internet dragnet

Around November 2009: FISA Court does not re-approve Internet dragnet (see 15-16)

Between July and October 2010: FISC reauthorizes and NSA restarts Internet dragnet, but finds some overcollection since start of program in 2004

November 29, 2010: NSA signs directive allowing analysts to chain through US persons

January 3, 2011: Government rolls out new dragnet approach, providing

May 2, 2011: Government “clarifies” that upstream collection includes some US person data

October 3, 2011: John Bates finds some upstream dragnet illegal

Between October 3 and October 6, 2011: NSA General Counsel considers appeal

October 13, 2011: Government claims 1809(a)(2) does not apply — presumably to upstream collection

October 17, 2011: Draft training module advises analysts to talk to management or subject matter expert about Internet dragnet from prior to November 2009

November 22, 2011: Government still challenging applicability of 1809(a)(2) in upstream collection

Late 2011: Government starts dealing with upstream content

December 2011: Government halts Internet dragnet

That is, the government stopped collecting Internet metadata in the US within weeks of the discussion between John Bates and the government over whether or not Section 1809(a)(2) applied to NSA’s deliberate collection of US person content within the US via collection off telecom switches in the US — the same method of collection as used in the Internet dragnet.

That’s not to say the legal discussion influenced the decision. There are plenty of other explanations — including Google’s encryption by default (which made Google content inaccessible via US switches) and the earlier limits Bates imposed on US metadata collection, which may have made domestically-collected metadata less useful — for NSA to shut down that collection.

But I wonder whether Bates’ persistent focus on 1809(a)(2) had an influence.

I say that for two reasons — aside from the timing.

First, it is unusual for a training document to recommend asking a person for information about how to handle something, as the dragnet training instructed analysts, “for information on PR/TT data collected prior to November of 2009, contact your organization’s management or subject matter expert,” as late as October 17, 2011. The data from this period involved overcollection (probably content collected in the guise of metadata) that, if known to be US person data, could not be circulated without violating 1809(a)(2). This kind of instruction should be written down, especially given the legal sensitivity surrounding it, not transmitted person-to-person. But it appears not to have been.

There are a lot of details about Bates’ resolution of the Internet metadata overcollection in 2010 that we don’t yet know. Unlike with the 2011 US opinion,we don’t see the follow-up discussion to see how that collection was handled.

But we do know how Bates enforced his 2011 opinion: by emphasizing that the government couldn’t use any of that US person upstream collection for submissions to the FISC.

Beginning late in 2011, the government began taking steps that had the effect of mitigating any Section 1809(a)(2) problem, including the risk that information subject to the statutory criminal prohibition might be used or disclosed in an application filed before this Court.

Given that the government uses metadata to select which content collection to translate, this restriction on submitting improperly collected data to the FISC might be even more restrictive with the Internet dragnet information than the upstream collection.

In October and November 2011, John Bates reiterated his assertion — first made the year earlier in conjunction with Internet dragnet collected via the same means that the NSA could be subject to 1809(a)(2) — in response to which, the government still tried to object. But then they stopped objected and started complying, at the same time they also stopped collecting Internet metadata from within the US.

Two years in a row the NSA’s collection off telecom switches was deemed to be illegal. As the second judgment got resolved (by imposing restrictions on the circulation of the data), the government moved the collection tied to the first judgment overseas.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

6 replies
  1. What Constitution? says:

    We’re approaching “lists” time. How ’bout a list of “EW’s top five questions for DiFi” to be asked on TV. Things like “did you know and approve of moving collection of US person data overseas after such activity was found to be illegal by FISC?”. More artfully framed, of course — but I’m just so tired of that “Democratic” senator’s bloviations, it would be lovely to see her confronted with meaningful questions.

  2. Ghosts of Christmas Future says:

    http://www.zerohedge.com/news/2013-12-27/nsas-massive-phone-tracking-program-legal-new-york-judge-finds

    The judge says telephone metadata collected by the government does NOT contain cellular tower location data. This is explicitly disputed by the leak from Snowden-obtained files showing the NSA is logging 5 billion cellular locations per day, including ‘incidentally’ gathered U.S. cellular location data:

    http://apps.washingtonpost.com/g/page/national/how-the-nsa-is-tracking-people-right-now/634/

    But I’m sure Judge Pauley checked and rechecked everything he was given in his rush to agree with the NSA, right?

  3. thatvisionthing says:

    I asked this bleachers question earlier ( http://www.emptywheel.net/2013/12/21/conning-the-record-conning-the-courts-defrauding-the-people/#comment-660901 ) and it has to do with the timeline/legal reasoning, even though it’s off the scale of this timeline. Everyone keeps saying 9/11 started this, justifies this, the judge just said it again, but didn’t the Nacchio/Qwest case show that telecoms were approached in February 2001?

    (Coming from here http://www.emptywheel.net/2013/10/03/is-carmen-ortiz-subjecting-dzhokhar-tsarnaev-to-solitary-to-prevent-him-from-learning-about-developments-in-florida/#comment-637095 and http://www.emptywheel.net/2013/10/04/upstream-us-person-collection-eo-12333-andor-fisa/#comment-637168 — bmaz and I saw things differently.)

    I did a site search here on Nacchio, and the results show a number of posts where it looks like ew took his claims more seriously. I went back and found the pdf of the Nacchio court records that the Rocky Mountain News got released through FOIA in 2007. It’s an 84-page PDF and lousy quality and lots redacted, not my best thing. But still, start reading it and on page 3 it talks about the military approaching him in 1997.

    In late 1997, Dean Wandry advised Mr. Nacchio that he had received a call from [redacted] Wandry reported that a general officer wanted to meet Mr. Nacchio. [redacted] showed up two weeks later with a (three star) Lieutenant General and his aide, a First Lieutenant. The meeting took place in Denver, at 555 17th St. They told Mr. Nacchio they’d heard about Qwest’s new network. Mr. Nacchio described it to them and talked about his background at ATT, with which they were already familiar. They asked if the General and Wandry could then meet privately and Mr. Nacchio said yes.

    The General and Wandry stepped into a separate conference room. The General told Mr. Wandry that he ran the largest telecom operation in the world, he had looked at Qwest’s network and he wanted to use it for government purposes. The General told Wandry that he wanted Wandry to meet with [redacted] the next week at [redacted]. After the [blank space] people left that first meeting, Mr. Wandry told Mr. Nacchio that there was a big opportunity here for Qwest, and that [redacted] also wanted Mr. Nacchio to obtain a security clearance.

    When Mr. Wandry arrived at [redacted] to meet [redacted] the next week, he learned that he had already been granted security clearance and was “read in” to those programs relevant to [redacted] use of Qwest network. Mr. Nacchio received his own clearance a short time later. [big redaction]

    Footnote 1 – Mr. Wandry preceded Mr. Payne as manger (sic) of Qwest’s government group.

    That’s not even the February 2001 stuff that Glenn Greenwald, Scott Horton, the NY Times and Washington Post focused on in 2007 when the court papers were released.

    The pdf is linked in this 10/15/07 Greenwald Salon column: http://web.archive.org/web/20071020093249/http://www.salon.com/opinion/greenwald/2007/10/15/amnesty/index.html

    Please put this in your context? The timeline shouldn’t start on 9/11. What Snowden said, it was never about terror:

    These programs were never about terrorism: they’re about economic spying, social control, and diplomatic manipulation. They’re about power.

Comments are closed.