You are all probably bored with my repeated posts about why the claim that NSA only collects 30% of US data is probably only narrowly true.
So I won’t discuss how absurd it would be to argue that the terrorist dragnet drawing on the records of at least 3 phone companies was less comprehensive than Hemisphere, the similar AT&T-specific database it makes available to hunt drug crime.
I just want to raise a methodological issue.
In her declaration submitted in support of the suits challenging the Section 215 dragnet, Theresa Shea emphasized something implicit in the Business Records order: the telecoms are only turning over records they already have.
[P]ursuant to the FISC’s orders, telecommunications service providers turn over to the NSA business records that the companies already generate and maintain for their own pre-existing business purposes (such as billing and fraud prevention).
Presumably, AT&T provides precisely this same data to the NSA for its master phone dragnet. That is, to the extent that AT&T compiles this data in particular form, that may well be the form it hands onto NSA.
And that’s interesting for several reasons.
Hemisphere includes not just AT&T call records. It includes records from “CDRs for any telephone carrier that uses an AT&T switch to process a telephone call.” It gets 4 billion call records a day, including international ones and cell ones. As Scott Shane explained,
AT&T operates what are called switches, through which telephone calls travel all around the country. And what AT&T does in this program is it collects all the—what are called the CDRs, the call data records, the so-called metadata from the calls that we’ve heard about in the NSA context. This is the phone number—phone numbers involved in a call, its time, its duration, and in this case it’s also the location. Some are cellphone calls; some are land line calls. Anything that travels through an AT&T switch, even if it’s not made by an AT&T customer—for example, if you’re using your T-Mobile cellphone but your call travels through an AT&T switch somewhere in the country, it will be picked up by this project and dumped into this database.
Which supports the report from last summer that the government can get T-Mobile calls off AT&T’s records. These are the pre-existing records that NSA can come get and they include T-Mobile calls.
There’s another interesting part of that. As I noted the first two phone dragnet orders provided for compensation to the providers, even though the statute doesn’t envision that. That would bring you to November 2006; Hemisphere started in 2007, with funding from ONCDP, the White House Drug Czar. Remember, too, that FBI had the equivalent of Hemisphere onsite until late 2007-2008. That is, one thing Hemisphere does is pay for one provider to store what serves as a good baseline dragnet that can then be handed over to the NSA. That’s significant especially given Geoffrey Stone’s claims that the dragnet is not comprehensive because the cost involved: there should be no cost, but somehow it’s driving decisions.
In any case, as luck would have it, Hemisphere got exposed at the same time as the dragnet.
Hemisphere operates with different legal problems than the NSA phone dragnet. At least with the phone dragnet, after all, AT&T has been compelled to turn over records; with Hemisphere they’re effectively retaining them voluntarily to turn surveillance into a profit center (though they do get compelled on an order-by-order basis). Moreover, AT&T’s far more exposed by the publication on Hemisphere than it is on the NSA dragnet (or perhaps, than even Verizon is under the phone dragnet). The exposure of Hemisphere might make AT&T more hesitant to “voluntarily” retain this data.
Finally, there’as the amicus challenge EFF and ACLU submitted in a criminal case in Northern California notes, Hemisphere includes precisely the data the NSA is struggling with: cell location data.
Hemisphere goes even further than the NSA’s mass call-tracking program, as the CDRs stored in the Hemisphere database contain location information about callers (see Hemisphere Slide Deck at 3, 13), thus implicating the specific concerns raised by five Justices in Jones. See 132 S. Ct. at 955 (Sotomayor, J., concurring) (“wealth of detail about [a person’s] familial, political, professional, religious, and sexual associations” revealed through “trips to the psychiatrist, the plastic surgeon, the abortion clinic,” etc.) (internal quotation marks, citation omitted); id. at 964 (Alito, J., concurring).
The FISC has created all sorts of problems for NSA to store cell location data, most explicitly with Claire Eagan’s order in July specifically prohibiting it.
But here AT&T is, creating the opportunity for the perfect challenge to use Jones to challenge location in a dragnet specifically.
Which is all a way of saying that the tensions with the phone dragnet may not be entirely unrelated from the fact that Hemisphere also got challenged.