The Faulty Premise of the 30% Call Data Claims: Legal Limits on Geolocation Data

In this post, I suggested that reports (WSJ, WaPo) that NSA collects only 20 to 30% of US phone records probably don’t account for the records collected under authorities besides Section 215.

So why did WSJ, WaPo, LAT, and NYT all report on this story at once? Why, after 8 months in which the government has taken the heat for collecting all US call records, are anonymous sources suddenly selectively leaking stories claiming they don’t get (any, the stories suggest) cell data?

There’s a tall tale the stories collectively tell that probably explains it.

None of the stories really explain why NSA didn’t start collecting cell data from the start, when, after all, it got no legal review. Nor did they note that, according to this WSJ article which a few of them cited, NSA does get cell data from AT&T and Sprint. But the stories collectively provide two explanations for why — as cell phones came to dominate US telecommunications — NSA didn’t add them to their Section 215 collection (which remember, is different from not including them in their EO 12333 collection).

First, NSA was too busy responding to crises (their 2009 phone dragnet violations and the Snowden leaks) to integrate cell data.

WSJ:

The agency’s legal orders to U.S. phone companies don’t cover most cellphone records, a gap the NSA has been trying to address for years. The effort has been repeatedly slowed by other, more pressing demands, such as responding to criticisms from the U.S. court that oversees its operations, people familiar with the matter say.

WaPo:

Compounding the challenge, the agency in 2009 struggled with compliance issues, including what a surveillance court found were “daily violations of the minimization procedures set forth in [court] orders” designed to protect Americans’ call records that “could not otherwise have been legally captured in bulk.”

As a result, the NSA’s director, Gen. Keith Alexander, ordered an “end-to-end” review of the program, during which additional compliance incidents were discovered and reported to the court. The process of uncovering problems and fixing them took months, and the same people working to address the compliance problems were the ones who would have to prepare the database to handle more records.

The NSA fell behind, the former official said.

In June, the program was revealed through a leak of a court order to Verizon by former NSA contractor Edward Snowden, setting off an intense national debate over the wisdom and efficacy of bulk collection.

The same NSA personnel were also tasked to answer inquiries from congressional overseers and others about how the program and its controls worked. “At a time when you’re behind, it’s hard to catch up,” the former official said.

This claim is pretty ridiculous, given that we know (indeed, several of these reporters got selective leaks about this in October just before Keith Alexander admitted to it) NSA worked on geolocation from 2010 to 2011, which these reporters’ anonymous sources claim is the problem with cell data now. They were working on the problem, if indeed it was one.

The existence of that 2010 to 2011 pilot program also presents problems for the other explanation offered: that NSA is legally prohibited from receiving cell geolocation data.

WaPo:

Apart from the decline in land-line use, the agency has struggled to prepare its database to handle vast amounts of cellphone data, current and former officials say. For instance, cellphone records may contain geolocation data, which the NSA is not permitted to receive.

WSJ:

Moreover, the NSA has been stymied by how to remove location data—which is isn’t allowed to collect—from cellphone records collected in bulk, a U.S. official said.

[snip]

A key difficulty has been separating location data from cellphone records. NSA has an agreement with the secret Foreign Intelligence Surveillance court that it won’t collect location data from phones.

It is true that Alexander told Congress in October NSA would warn Congress and the FISC before they started collecting cell geolocation data again, but NSA still maintained it would be legal to do so.

And it is true that the intervening years since the pilot program, the Jones case presented challenges to the practice that even James Clapper admitted — back in 2012 — might force NSA to change its current practices (even while suggesting the rules were probably different for intelligence gathering as opposed to criminal investigation).

It’s also possible NSA’s delayed notice to Congress on its geolocation efforts — not even the House Judiciary Committee got notice before the Reauthorization of the PATRIOT Act in 2011 — has created problems for NSA’s collection of geolocation (and therefore, these stories claim, cell data).

Nevertheless, the record shows that DOJ and NSA believed the language of the existing Section 215 orders permitted NSA to collect cell location data at least through the end of 2011 and probably still believed it after Jones.

So that can’t be the explanation for why NSA hasn’t been collecting cell data (under Section 215, from Verizon and T-Mobile) all these years.

But the claim NSA is not permitted to collect geolocation data provides two of these stories reason to report that the purported legal prohibition on the collection of cell location has forced NSA to seek court orders for the cell data in question.

WaPo:

The government is taking steps to restore the collection — which does not include the content of conversations — closer to previous levels. The NSA is preparing to seek court orders to compel wireless companies that currently do not hand over records to the government to do so, said the current and former officials, who spoke on the condition of anonymity to discuss internal deliberations.

LAT:

The NSA aims to build the technical capacity over the next few years to collect toll records from every domestic land line and cellphone call, assuming Congress extends authority for Section 215 of the USA Patriot Act after it expires in June 2015.

Once the capacity is available, the agency would seek court orders to require telecommunications companies that do not currently deliver their records to the NSA to do so.

This is the point of these stories: to prepare us for the argument, in advance of next year’s PATRIOT Act reauthorization, that Section 215 must be expanded to include cell data these reporters claim NSA doesn’t collect (they imply, under any authority) now. NSA told these reporters a story about how meager its (Section 215-based) collection is to prepare for a debate that it needs to expand authority, not curtail it.

That said, even as obviously facetious as are the claims that NSA believed it was prohibited from collecting geolocation data even as it was doing so, there have been at least two intervening events, in addition to the Jones decision, that I suspect have changed NSA’s views on cell location data. These may explain why NSA is telling this tall tale now.

First, whereas before July 19, 2013 (indeed, for the entire period when it was testing cell location data), NSA had no guidance on whether Section 215 covered cell location, in July, in the wake of Snowden’s leaks, Claire Eagan explicitly excluded Cell Location Site Identifier information from the order (though that is not the only way to get cell location).

Furthermore, this Order does not authorize the production of cell site location information (CSLI).

That is, the Executive no longer operated at the full expanse of its authority on cell geolocation, because a court bound its authority, at least for Section 215 collection.

In addition, as of about two weeks ago and for the first time in 14 years, Verizon Wireless is no longer partially foreign owned. Verizon Wireless and Vodaphone announced plans to split up back in September and on January 28, the board approved the deal. The split will be final on February 21.

I suspect (this is speculation, but I will explain in a future post why my confidence on this point is very very high) that the reason NSA is telling this tall tale right now has nothing to do (as some of the stories suggested) with the fact that some of America’s key cell telecoms are partly foreign owned. Rather, I suspect any gap in cell data collection arises instead from the fact that the nation’s largest cell provider, Verizon, is no longer partly owned by a British company and therefore no longer subject to the collection agreements of GCHQ.

Say … am I really the only NSA beat writer who is wondering why it is taking ODNI so long to declassify the January 4 FISC reauthorization for the Section 215 dragnet as compared to the previous reauthorizations since the Snowden leak?

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

18 replies
  1. joanneleon says:

    I doubt they’ll wait for PATRIOT reauthorization. I think there’s a reason why Keith Alexander and DiFi have been panicking about the cybersecurity legislation ever since the Snowden leaks happened. And since it will be nearly impossible to pass laws that give NSA even more authority (unless some kind of digital Pearl Harbor happened) they might be changing strategy to break up the cyber laws and attach them to must pass bills like the one coming up for the debt ceiling.

    I’m also curious about why Obama’s (now Hillary’s) big funding PAC announced that they aren’t raising money for Congressional candidates in 2014. D party is famous for using their big fund raising committees to twist legislative arms. Meanwhile the stories are flying about Koch brothers funding attack ads against them in the districts. Foundation laid for some serious arm twisting.

  2. joanneleon says:

    A point of confusion. I recall, a long time ago, hearing that court orders weren’t needed at all for collection of cell records. I’m not sure if that was speculation, or what. In any case, I think the statements about NSA not collecting cell metadata are absurd. And this, from a technical standpoint, is also absurd:
    “A key difficulty has been separating location data from cellphone records. “

  3. Mindrayge says:

    Perhaps the writers of these articles could go back to these anonymous sources and ask them to explain FASCIA – a database full of cell phone geolocation records. Especially the WaPo reporter, since it was their paper that published about FASCIA.

    But like it said on your earlier post this is all misinformation designed to take advantage of the fact that 99.9% of the people have no idea how the telephone system really operates and that aside from the last mile via radio (from cell phone to tower) there is no difference in how phone calls are handled whether using a cell phone or land line.

    Not to mention that T-Mobile and the like do not own any of the existing infrastructure for moving calls across the United States let alone across town. Either ATT, Verizon, Sprint, or whoever owns the Worldcom/MCI physical infrastructure are the only entities that matter in terms of collecting telephony metadata on all phone calls made anywhere in the US.

    Any attempt to compel something like T-Mobile for records like they do for Verizon, for example, would just be a case of smoke and mirrors.

    This is a powerful misinformation approach that shouldn’t be taken lightly. It can be difficult to explain how the telephone system actually works without losing the interest of 99% of any readers. It is even worse than trying to explain the legal aspects – whether court cases or OLC memos, etc. – as you already lost them as most can’t follow it. But a very large majority do have cell phones and almost all of them think that using a cell phone is completely different than using a land line. It is that experience and lack of understanding how the system works – afterall they don’t need to know how it works to make a call – that makes this a difficult misinformation campaign to derail.

  4. emptywheel says:

    @Mindrayge: Yup. I’m working my way up to that FASCIA post. And yes, you’d have thought Nakashima might have looked at WaPo’s own reporting about how much cell data gets collected under other authorities.

  5. orionATL says:

    think of nsa’s self-righteous (gotta save the nation) overreach on electronic spying (phone or e-mail)

    as a set of heavily overlapping circles (venn diagram),

    each circle representing a different, often self-assigned, legal authority to “collect” private information from american (and other) citizens.

    it would seem that the chance of an individual not being monitored under some one(s) of these legal authorizations would be extremely small.

    whether it is physically the case or not i can’t say, but if multiple agencies or authorizations are involved, it would seem at least possible for the same conversation to be collected and stored more than once.

    (excepting those who own and live above their pizza joint using the same number for business and personal :))

    the benefit to the nsa (fbi, cia) is that it would allow extensive dodging of court orders.

  6. joanneleon says:

    @Mindrayge: Feels like we’ve fallen through the looking glass.

    Of course it was to be expected. All conversations, all official hearings have been ringfenced into the FISA oversight programs (or at least they tried). As soon as they step outside that ringfence, we’re through the looking glass. But it is really surprising that the journalists were willing to go there.

  7. Snoopdido says:

    @Mindrayge: Agreed that this is a disinformation campaign that either apparently suckered in NatSec beat reporters like Gorman, Nakashima, and Dilanian, or they are witting accomplices in spreading this ludicrous tripe.

    That the NSA “can’t” handle cell phone data and records is such a poor example of an NSA joke that these reporters should be ashamed to take notes of this BS much less put in in print.

    The NSA has been using cell phone data including geolocation for tracking and targeting in Afghanistan for years. They’ve used in it Pakistan and Yemen and many other places.

    Remember that the NSA has been the publicly-acknowledged leader for decades in capturing radio and radiating signals from the air, and what are cell phones but today’s radio and radiating devices?

    In fact, the original purpose for the very creation of the NSA was to capture the world’s radio and radiating signals from the air.

    The FBI uses cell phone data including geolocation for years including the most recent use in tracking the Boston Bombing suspects.

    I don’t expect to see corrections or retractions from these NatSec beat reporters because the embarrassment would be all too much for any sentient being.

  8. orionATL says:

    there is a style of reporting i call “robert woodward reporting” in which the reporter acts as emanuensis to the powerful person.

    if the president says “the earth is flat”, the reporter reports that.

    if the soap company prez says her soap brand doesn’t cause skin rash, they report that.

    if the nsa says it only “collects” 20% of calls, the reporter reports that.

    what makes this very common style of reporting infuriating is that it is strongly one-sided and often characterized by lies and misleading statements. for gov’t and corporate officials this presents an excellent opportunity to propagandize, not the least because any rebuttal that may occur will occur post hoc.

    there is, however, a benefit to be found in the robert woodward reporting style – what the gov’t or corp’t officials say becomes part of a public record. information, whether propaganda or not, becomes available to others which might not otherwise have become available.

    re this nsa story, four reporting sources make it clear that a nsa propaganda campaign is in motion.

  9. JohnT says:

    I think you’re right. The word “only” is to frame the debate

    The corp media’s talking about “only” 30% being collected, rather than the 30%, is 29.999999999% more than what was collected pre-scary-boogeyman-terror legislation

    Oh yea, forgot to add, isn’t the 30% without warrants?

    PS don’t click unless you have time for a time suck

    https://twitter.com/Baseball_Photos

  10. earlofhuntingdon says:

    Yes, it’s an understatement to say that the NSA claims about not collecting geolocation data are thin. Mandatory use of gps chips in all cell phones was a USG initiative, which means key players such as the NSA and DoD would have wanted it. It was put in place shortly after 9/11, and in the midst of several telecoms mega-mergers. That gave the USG a big carrot to encourage its immediate adoption.

    Nominally for use in the civilian emergency 911 system, cellphone gps chips were always about the USG obtaining users’ geolocation data, and its retention and analysis. Given that background, the NSA cannot credibly claim to ignore a valuable data stream it helped create by claiming that it was too busy, that it was uninterested, or that it was legally barred from doing so.

  11. ess emm says:

    The anonymous sources claim “the NSA has been stymied by how to remove location data—which is isn’t allowed to collect—from cellphone records collected in bulk” also does NOT square with Page 22 of PCLOB report.

    The calling records that the NSA collects under its Section 215 program do not currently include “cell site location information.” That information, unique to mobile phones, is a component of a call detail record that shows which cell phone tower a mobile phone is connecting with. Thus it can be used to track the geographic location of a mobile phone user at that time the user places or receives a call. At the NSA’s request, telephone companies remove that information from their calling records before transmitting the records to the NSA.32

    32 Amended Memorandum Opinion, In re Application of the Federal Bureau of Investigation for an Order Requiring the Production of Tangible Things, at 4 n.5, No. BR 13-109 (FISA Ct. Aug. 29, 2013); see also Declaration of Acting Assistant Director Robert J. Holley, Federal Bureau of Investigation, ¶ 5, ACLU v. Clapper, No. 13-3994 (S.D.N.Y. Oct. 1, 2013) (“Holley Decl.”) (stating that metadata obtained under the orders does not include cell site location information). Agency personnel check this portion of incoming records to ensure that cell site location information has been removed.

    Moreover, as ew reminds us here and on Twitter, Verizon has received a 215 order. So they produced cellphone data.

    My hunch is that ew is right that this is all a present-tense “truth” to obfuscate past practice. But how to explain the Review Group’s Dec 12, 2013 report that says its “only a small percentage of total” calls?

  12. Saul Tannenbaum says:

    As a technical matter, this:

    Moreover, the NSA has been stymied by how to remove location data … from cellphone records collected in bulk, a U.S. official said.

    has to be utter bullshit.

    The general workflow of all big-data databases is that there’s an ingestion procedure that takes the data from whatever form they’re received and transforms it into whatever form the database needs. If you have data you don’t want to store, you don’t have to struggle to remove it, you simply skip over it in the ingestion procedure. If you don’t ingest it, it’s not in the database. Period.

  13. Mindrayge says:

    @joanneleon: Indeed, it is the through the looking glass. Everything from the White House White Paper to the various hearings to the President’s own review team to the PCLOB have only concerned what the government has acknowledged and nothing else.

    The NSA considers this discussion of their systems and what their missions collect to be an information battlespace. They are actively and aggressively trying to shape the battlefield using every advantage they have, which is rather formidable. They see their activities in trying to quash this discussion as being no different than how other Generals may have to plan to deal with insurgents entrenched in an Iraqi city like Fallujah. They have every intention of winning and they are not interested in a fair fight.

  14. What Constitution? says:

    @Mindrayge: Agreed. And thanks for your technological primer, too, that’s very useful to mere mortals like me.

    Here’s hoping that the “why” behind this new NSA spin continues to be evaluated even after the “whether” definitively is dispelled. After all, whether the NSA is in fact collecting “everything” but may be doing so under the rubric of other authorities, or whether the NSA actually is not collecting everything due to either technological inability (!?!) or judicial, congressional, executive or even international restrictions, the question of why this story is being propagated at all remains pretty intriguing. Of course, in light of the fact that the NSA/DOJ appear to have definitively acquiesced in Judge Pauley assuming that they collect “everything” — and Judge Pauley explicitly stated that the NSA surveillance “only works because” the NSA is collecting everything when he ruled that as far as he was concerned justified bulk metadata collection is OK — maybe the best way to call NSA’s bluff here would be to seek a remand from the Court of Appeals so Judge Pauley might have the benefit of a factually honest presentation from DOJ and NSA before he rules the Fourth Amendment is inapplicable to modern life….

    It appears we’re watching the groundwork for a “missile gap” argument by the NSA and DiFi. You’re right, Mindrayge, they have no desire to have an honest discussion or a fair fight, they’re trying to position themselves for a kill shot on the Constitution here. There is no shortage of adherents to P.T. Barnum’s thesis in the halls of the military-industrial-techno complex, and they will have no qualms about doubling down on fear mongering — so as the Snowden-permitted scrutiny and attendant skepticism of the structure and efficacy of NSA spying gains strength, there is undoubtedly a lot of thought going in to how to deflect attention and overcome criticism. Hence, “the best defense is a good offense”, and if fearmongering was able to generate $52 Billion a year, more fearmongering might overcome the risk of having to cut back. Thus, “we’re actually missing 2/3 of the threats” — disregarding the fact that the expositions to date have discredited the notion that this entire effort actually has accomplished anything of value (“innumerable” threats to “54” to “maybe 3” to “well, one” to “not so sure”) is floated as possibly making us “less safe”. The solution? Why, get rid of any pesky judicial, executive or legislative “constraints” and increase the funding, of course. It’s a “missile gap” waiting to happen (well, to be more precise, it’s more like a “mineshaft gap” argument as “missile gap” thinking was lampooned in Kubrick’s Dr. Strangelove…).

    The omnibus collection activities being undertaken by the NSA are illegal and unconstitutional, and the conflicting judicial decisions of Judges Leon and Pauley are the best we got at the moment to test that principle. The NSA is well aware of how those two decisions came down and is very interested in trying to buttress the Pauley decision in the appellate (and oversight) universe, and the actions taken by the NSA should be considered in light of how those positions might affect (or reflect) the judicial posture and review. In that regard, the scariest friggin’ “argument” made by Judge Pauley to rubberstamp as “constitutional” the NSA’s actions was, in my opinion, his stunningly disingenuous invocation of this brief quote from the Boumediene majority of the Supreme Court: “Liberty and security can be reconciled; and in our system they are reconciled within the framework of the law.” This statement was actually, of course, written by the Supreme Court in the context of rejecting claims of “need, security and fear” that were urged as grounds for ignoring the Constitution in the War on Terra and, indeed, the sentence quoted by Pauley in his opinion was actually directly preceded in the Supreme Court’s Boumediene decision with the predicate affirmation that “The laws and Constitution are designed to survive, and remain in force, in extraordinary times.” Judge Pauley ignored this reality and sought to hijack part of the Supreme Court’s actual statement, quote that part out of context and misuse it as a putative justification for abandoning the Constitution if you’re scared enough – which is exactly the opposite of both the rationale and the holding of the Supreme Court in Boumediene. And Judge Pauley purported to justify his decision about sacrificing the Fourth Amendment to allow an NSA surveillance program that he found “only works because they get everything”. Yet now the NSA is saying they don’t get everything — but doing so in order to demand even more “effects” of US citizens …. That’s what NSA is angling to steamroll next: more resources to assure greater omnipresence and even less oversight.

  15. Mindrayge says:

    @emptywheel: Incidentally, if you have a passing interest in seeing what happens with the phone system when a call is placed in the US or elsewhere here is a “light” tutorial of it:

    http://web.uct.ac.za/depts/commnetwork/eee5026/note/eee526-06-250ss7_tutorial_091503v2.pdf

    One thing you would see is how the OPC/DPC interconnect is set up. That would allow making a bit more sense of the documents we have seen with intercepts between those or what we had seen in the “GHOSTMACHINE” screenshot showing the OPC/DPC pairs from JUGGERNAUT (an SS7 DNR database) and the pair counts available from SIGADS like MOONLIGHTPATH (US-3127), SPINNERET (US-3180) etc.

    You can also see from the figures in the tutorial the differences between the ANSI (US) implementation of SS7 and the ITU version used elsewhere. There is some mention as well of the differences with the Chinese implementation.

    The most important thing to get from it, even if you skim through, is that there is zero chance that Cell phone traffic doesn’t ride over a system that has that much invested in it. While it doesn’t show where GSM (CDMA, etc) fit in the layers there are other internet resources that do and they will show that it shows up below the layers that handle routing, billing, etc. so it is clear the ATT and Verizons of the world did not go about re-inventing wheels just for cell phones.

    It is because almost everybody that uses a phone (cell or land line or IP) has no idea what really happens when they place a call that this particular misinformation/disinformation campaign is very powerful. Especially the perception that cell phones and how their calls are handled are completely different from land lines.

  16. Mindrayge says:

    @What Constitution?: They are attacking this on many fronts. The NSA doesn’t see this as a setback so much as an opportunity. It is amazing the level of success that exists in this country with PSYOPS where two incompatible “truths” must be held as valid in one’s head to accept the “reality” they sell.

    For example, China as the adversary that is poised to destroy us at a moments notice while our plutocrats are using Chinese labor to sell goods and the Chinese government loans us money (via Treasuries).

    Even with Snowden we now see the “he’s not so clever” using a low cost (read low tech) to scrape data while at the same time being a lucky or a genius to realize that Hawaii not upgraded in security. All of which is laughable due to what is already known about the way the NSA operates. Particularly that they are very anal about access security and the security of anything transiting their networks. Here they get to pretend they are mere incompetents that were vulnerable all the time but only someone that wants to destroy America as we know it would take advantage.

    We have seen the incompetence game played before with Iraq and more poignantly with the handling of Hurricane Katrina. Or even Chelsea Manning. But really what went on was reckless arrogance and the result of such reckless arrogance is indistinguishable from incompetence when things go bad.

    You are right that there is an angle being played wherein there is a goal to entrench the Surveillance State though they would much prefer to get the American people to not only accept it but to demand it.

    Unfortunately it won’t be the Courts that can end or contain this. It will be up to the people and it is clear to me that there is quite a way to go before the people will demand the government cease and desist. For that to happen, would require the people to jettison our oligarchs and that won’t come without a fight.

Comments are closed.