Turns Out the NSA “May” Destroy Evidence of Crimes before 5 Years Elapse

The metadata collected under this order may be kept online (that is, accessible for queries by cleared analysts) for five years, at which point it shall be destroyed. — Phone dragnet order, December 12, 2008

The Government “takes its preservation obligations with the utmost seriousness,” said a filing signed by Assistant Attorneys General John Carlin and Stuart Delery submitted Thursday in response to Presiding FISA Court Judge Reggie Walton’s accusation they had made material misstatements to him regarding the question of destroying phone dragnet data.

Recognizing that data collected pursuant to the Section 215 program could be potentially relevant to, and subject to preservation obligations in, a number of cases challenging the legality of the program, including First Unitarian Church of Los Angeles  v. NSA,

… Signals Intelligence Division Director Theresa Shea wrote in her March 17 declaration (starting at page 81) explaining what the government has actually done to protect data under those suits.

At which point Shea proceeded to admit that the government hadn’t been preserving the data they recognized was potentially relevant to the suits at hand.

… since the inception of the FISC-authorized bulk telephony metadata program in 2006, the FISC’s orders authorizing the bulk collection of telephony metadata under FISA Section 501 (known also as the Section 215 program) require that metadata obtained by the NSA under this authority be destroyed no later than five years after their collection. In 2011, the NSA began compliance with this requirement (when the first metadata collected under the FISC authority was ready to be aged off) and continued to comply with it until this Court’s March 10 order and the subsequent March 12, 2014 order of the FISC.

Thursday’s filing added to that clarity, not only saying so in a footnote, but then submitting another filing to make sure the footnote was crystal clear.

Footnote 6 on page 5 was intended to convey that “[c]onsistent with the Government’s understanding of these orders in Jewel and Shubert, prior to the filing of the Government’s Motion for Second Amendment to Primary Order, the Government complied with this Court’s requirements that metadata obtained by the NSA under Section 215 authority be destroyed no later than five years after their collection.”

The significance seems clear. The Government admits it could potentially have a preservation obligation from the filing of the first Section 215 suit, Klayman v. Obama, on June 6, 2013. But nevertheless, it destroyed data for 9 months during which it recognized it could potentially have a preservation obligation.  That means data through at least March 9, 2009 and perhaps as late as September 10, 2009 may already be destroyed, assuming reports of biannual purging is correct. Which would perhaps not coincidentally cover almost all of the phone dragnet violations discovered over the course of 2009. It would also cover all, or almost all, of the period (probably)  NSA did not have adequate means of identifying the source of its data (meaning that Section 215 data may have gotten treated with the lesser protections of EO 12333 data).

And the amount of data may be greater, given that NSA now describes in its 5 year age-off requirement no affirmative  obligation to keep data five years.

This all means the government apparently has already destroyed data that might be implicated in the scenario Judge Jeffrey White (hypothetically) raised in a hearing on March 19, in which he imagined practices of graver Constitutional concern than the program as it currently operates five years ago.

THE COURT: Well, what if the NSA was doing something, say, five years ago that was broader in scope, and more problematical from the constitutional perspective, and those documents are now aged out? And — because now under the FISC or the orders of the FISC Court, the activities of the NSA have — I mean, again, this is all hypothetical — have narrowed. And wouldn’t the Government — wouldn’t the plaintiffs then be deprived of that evidence, if it existed, of a broader, maybe more constitutionally problematic evidence, if you will?

MR. GILLIGAN: There — we submit a twofold answer to that, Your Honor.

We submit that there are documents that — and this goes to Your Honor’s Question 5B, perhaps. There are documents that could shed light on the Plaintiffs’ standing, whether we’ve actually collected information about their communications, even in the absence of those data.

As far as — as Your Honor’s hypothetical goes, it’s a question that I am very hesitant to discuss on the public record; but I can say if this is something that the Court wishes to explore, we could we could make a further classified ex parte submission to Your Honor on that point.

According to the NSA’s own admissions, until just over 5 years ago, the NSA was watchlisting as many as 3,000 Americans without doing the requisite First Amendment review required by law. And that evidence — and potentially the derivative queries that arose from it — is apparently now gone.

Which puts a new spin on the narratives offered in the press about DOJ’s delay in deciding what to do with this evidence. WSJ described the semiannual age-off and suggested the issue with destroying evidence might pertain to standing.

As the NSA program currently works, the database holds about five years of data, according to officials and some declassified court opinions. About twice a year, any call record more than five years old is purged from the system, officials said.

A particular concern, according to one official, is that the older records may give certain parties legal standing to pursue their cases, and that deleting the data could erase evidence that the phone records of those individuals or groups were swept up in the data dragnet.

FP’s sources suggested DOJ was running up against that semiannual deadline.

A U.S. official familiar with the legal process said the question about what to do with the phone records needn’t have been handled at practically the last minute. “The government was coming up on a five-year deadline to delete the data. Lawsuits were pending. The Justice Department could have approached the FISC months ago to resolve this,” the official said, referring to the Foreign Intelligence Surveillance Court.

There should be no February to March deadline. Assuming the semiannual age-off were timed to March 1, there should have already been a September 1 deadline, at which point NSA presumably would have destroyed everything moving forward to March 1, 2009.

Which may mean NSA and DOJ put it off to permit some interim age-off, all the out of control violations from 2009.

We shall see. EFF and DOJ will still litigate this going forward. But as I look more closely at the timing of all this, DOJ’s very belated effort to attempt to preserve data in February seems to have served, instead, to put off dealing with preservation orders until the most potentially damning data got destroyed.

All of this is separate from the dispute over whether DOJ violated the preservation order in Jewel, and that case may be coming up on the 5 year destruction of the last violative Internet metadata, which might be aged off by April 30 (based on the assumption the Internet dragnet got shut down on October 30, 2009).

But even for he more narrow question of the phone dragnet, for which the government admits it may have data retention obligations, the government seems to have already violated those obligations and, in the process, destroyed some of the most damning data about the program. 

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

6 replies
  1. P J Evans says:

    It’s very much like the investigations that are dragged out until the statute of limitations expires on the alleged crimes, after which the DOJ says ‘oh, too bad, we can’t do anything about it now’.

  2. Snoopdido says:

    I’m particularly intrigued by the US government’s response to Judge White that you quoted Emptywheel:
    .
    “MR. GILLIGAN: There — we submit a twofold answer to that, Your Honor.
    .
    We submit that there are documents that — and this goes to Your Honor’s Question 5B, perhaps. There are documents that could shed light on the Plaintiffs’ standing, whether we’ve actually collected information about their communications, even in the absence of those data.
    .
    As far as — as Your Honor’s hypothetical goes, it’s a question that I am very hesitant to discuss on the public record; but I can say if this is something that the Court wishes to explore, we could we could make a further classified ex parte submission to Your Honor on that point.”
    .
    1. The US government appears to be saying that the have kept the documents as opposed to the call records that were input into the documents. I’m unsure of any value these documents would have for the plaintiff’s case, but for some reason the US government thought it pertinent to the plaintiff’s “standing” in the case.
    .
    2. The really interesting part that you quoted Emptywheel is that second part of the US government’s response. Why, and what, would the US government respond that going ex parte better inform Judge White about his hypothetical on destruction of relevant data and documents aged out 5 years ago?
    .
    It’s almost as if the US government is saying that their destruction of data aged out 5 years isn’t really destruction at all.
    .
    Which brings me to my final curious question; What exactly does the US government mean when they say they “destroy” the data? How exactly is that done?
    .
    As almost all organizations with IT infrastructure have long instituted regular offsite backup of their data to offline storage like DAT tapes (full backups and likely daily/weekly changes), and the NSA would be unlikely to risk not backing up their data collection, again just what does the US government do when they claim they are “destroying” the data?

    • Snoopdido says:

      As a further description of my main question about “destroying” the data, I can understand that the NSA would purge 5 year old data from their Mainway SIGINT call record metadata collection database which is where they have their “online” storage (excluding that “corporate store” that never gets purged), but what about the NSA’s “offline” storage?
      .
      If the NSA, like most organizations, uses something like DAT tape for offline storage, do they actually physically destroy the DAT tapes, or do they like many organizations re-use the DAT tapes on an “oldest comes first” basis?
      .
      Or, are the US government lawyers confused by the technology and are making assumptions that their use of “destroyed” is the same as what the NSA’s IT staff means by “purged”?

        • Snoopdido says:

          The PCLOB may have understood “purged” is not the same as “destroyed”, but I wouldn’t make the same claim for US government lawyers in their never-ending efforts to obfuscate the issue with the Judiciary, Congress and the public.
          .
          I would strongly recommend that those who have an oversight role get the US government lawyers to explicitly define just what they mean by “destroyed”. It may be that it’s similar to how they define the word “relevant”.

  3. GeoffCN says:

    Too bad there isn’t a “Patriot’s Backup” of all of that data sitting in Berlin/Rio.

Comments are closed.