What Does NCTC Do with NSA and FBI’s Newly Disclosed Databases?

The discussion about the various “NSA” programs we’ve seen so far have discussed only how NSA works with FBI. FBI requests the dragnet phone information and hands it over to NSA. NSA negotiates direct access to internet companies that allow FBI to make direct queries.

We’ve heard from Keith Alexander about what NSA does — its only use of Section 215, he said, was the phone records.

We heard from Robert Mueller who gave less clear answers about what FBI does and does not do.

But we have yet to have direct testimony from James “least untruthful too cute by half” James Clapper. Mind you, we’ve gotten several fact sheets and Clapper’s hilarious interview with Andrea Mitchell. Just no specific public testimony.

And curiously, in the DNI’s own fact sheets, he doesn’t specify who does what, aside from describing the statutory role his position and the Attorney General play in authorizing FAA 702 orders. He doesn’t say what FBI does, what NSA does … or what his own organization does.

That’s important, because in addition to overseeing all intelligence, Clapper’s office also includes the National Counterterrorism Center. And the NCTC is the entity in charge sharing data. Indeed, it is statutorily required to have access to everything.

[The National Security Act] provides that “[u]nless otherwise directed by the President, the Director of National Intelligence shall have access to all national intelligence and intelligence related to the national security which is collected by any federal department, agency, or other entity, except as otherwise provided by law, or as appropriate, under guidelines agreed upon by the Attorney General and the Director of National Intelligence.

That means, presumably, that NCTC is doing a lot of the work that NSA and FBI are making narrow denials about.

But it also means that NCTC can play with these databases — the dragnet and the access via PRISM to 702 data — as well as any other data in the Federal government, including databases that John Brennan gave it the ability to go get.

So here’s the thing. When Keith Alexander gives you pat reassurances about how limited NSA’s access to Americans’ call data is, that may disclose a whole lot more intrusive data mining over at James Clapper’s shop.

Remember, here is what James Clapper was initially asked.

Wyden: Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?

Clapper: No, sir.

Wyden: It does not?

Clapper: Not wittingly. There are cases where they could, inadvertently perhaps, collect—but not wittingly.” [my emphasis]

His first attempt to walk back that lie went like this:

What I said was, the NSA does not voyeuristically pore through U.S. citizens’ e-mails. [my emphasis]

His second attempt to walk it back went like this:

ANDREA MITCHELL: Senator Wyden made quite a lot out of your exchange with him last March during the hearings. Can you explain what you meant when you said that there was not data collection on millions of Americans?

JAMES CLAPPER: First– as I said, I have great respect for Senator Wyden. I thought, though in retrospect, I was asked– “When are you going to start– stop beating your wife” kind of question, which is meaning not– answerable necessarily by a simple yes or no. So I responded in what I thought was the most truthful, or least untruthful manner by saying no.

And again, to go back to my metaphor. What I was thinking of is looking at the Dewey Decimal numbers– of those books in that metaphorical library– to me, collection of U.S. persons’ data would mean taking the book off the shelf and opening it up and reading it.

ANDREA MITCHELL: Taking the contents?

JAMES CLAPPER: Exactly. That’s what I meant. Now–

ANDREA MITCHELL: You did not mean archiving the telephone numbers?

All of those efforts were, by context at least, limited exclusively to NSA. They don’t address, at all, what NCTC might do with this data (or, for that matter, FBI).

So what does the NCTC do with the data that NSA and FBI have issued careful denials about?

Update: I’m going to replicate a big chunk of this post on the oversight over NCTC’s use of other agencies data, complete with the bit about how the guy in charge of it thought Cheney’s illegal program was the shit.

Back when John Negroponte appointed him to be the Director of National Intelligence’s Civil Liberties Protection Officer, Alexander Joel admitted he had no problem with Cheney’s illegal domestic wiretap program.

When the NSA wiretapping program began, Mr. Joel wasn’t working for the intelligence office, but he says he has reviewed it and finds no problems. The classified nature of the agency’s surveillance work makes it difficult to discuss, but he suggests that fears about what the government might be doing are overblown.

“Although you might have concerns about what might potentially be going on, those potentials are not actually being realized and if you could see what was going on, you would be reassured just like everyone else,” he says.

That should trouble you, because he’s the cornerstone of oversight over the National Counterterrorism Center’s expanded ability to obtain and do pattern analysis on US person data.

The Guidelines describe such oversight to include the following:

  • Periodic spot checks overseen by CLPO to make sure database use complies with Terms and Conditions
  • Periodic reviews to determine whether ongoing use of US person data “remains appropriate”
  • Reporting (the Guidelines don’t say by whom) of any “significant failure” to comply with guidelines; such reports go to the Director of NCTC, the ODNI General Counsel, the CLPO, DOJ (it doesn’t say whom at DOJ), and the IC Inspector General; note, the Guidelines don’t require reporting to the Intelligence Oversight Board, which should get notice of significant failures
  • Annual reports from the Director of NCTC on an (admittedly worthwhile) range of metrics on performance to the Guidelines; this report goes to the CLPO, ODNI General Counsel, the IC IG, and–if she requests it–the Assistant Attorney General for National Security

There are a few reasons to be skeptical of this. First, rather than replicate the audits recently mandated under the PATRIOT Act–in which the DOJ Inspector General develops the metrics, these Guidelines have NCTC develop the metrics themselves. And they’re designed to go to the CLPO, who officially reports to the NCTC head, rather than an IG with some independence.

That is, to a large extent, this oversight consists of NCTC reporting to itself.

Also, note who doesn’t get these reports? Congress. Not even the Intelligence Committees.

22 replies
  1. P J Evans says:

    Everything it can, would be my guess. And it answers the questions asked by the other agencies.

  2. orionATL says:

    The fundamental question an american citizen should put to the presidential executive responsible for this/these spying-on-american-citizens program is:

    “Give me the details of the oversight you exercised on these programs from the time they were conceived.”


    “Tell me what you, as president, did personally to insure that these programs were not intrusive, as your minions minions and congressional allies have repeatedly assured us in the last two weeks.”

    It is time that playing the goofball game of

    pin down lying diane feinstein,

    Pin down lying mike rodgers,

    pin down lying general keith alexander,

    pin down lying general james clapper

    Pin down egregiously lying robert mueller


    The president is responsible for the conduct of his officers.

    The president should be the one answering questions.

    But amazingly, the president is not being asked any questions about his responsibility for authorizing and supporting the exceedingly dangerous activities he has authorized the nsa under four-star general alexander to conduct.

    In my view, this is presidential negligence, at best; presidential incompetence at worst.


    We are talking about presidentially authorized aggressive american military action that involves/threatens the world’s, and our nation’s, most critical communications systems.

  3. Michael Cromer says:

    They’re data mining.

    What is “data mining”? Wikipedia says: Data mining (the analysis step of the “Knowledge Discovery in Databases” process, or KDD), an interdisciplinary subfield of computer science, is the computational process of discovering patterns in large data sets involving methods at the intersection of artificial intelligence, machine learning, statistics, and database systems.

    Succinctly, it’s using computers to analyze masses of raw data, turning it into bits of useful, actionable knowledge — or, in the counter-terrorism business, “targets”.

    Now hear this: There is no need, no point, no useful purpose, for the NSA to scoop up all this Verizon metadata, and all this PRISM data, moving it in bulk to their own data warehouses, UNLESS the NSA wants to data mine it, e.g. in order to develop possible “targets.”

    If the NSA already knew their targets, they wouldn’t need all this data in house. They could subpoena the target’s phone bills and Facebook postings from the appropriate companies. Or get a warrant to wiretap, if need be. This is run-of-the-mill standard police investigative work, like we see on TV shows every day. It doesn’t require data warehouses or data mining.

    Moreover: In every court in the land (except the FISA court), to get a warrant or have your subpoena upheld, you need to specify the target (and show evidence of probable cause). [Only in the FISA court, it is rumored, can you get a warrant for doing “data mining” without naming a specific target and showing probable cause.]

    Dragnet. Data mining. They mean the same thing: A broad sweep to find targets. The main difference is that to do a dragnet you have to have a lot of human bodies – cops. With data mining you only need a data warehouse and some sophisticated software, and maybe one human to push the start button.

    Human involvement is a key to this. The Intelligence community and FISA court apparently have decided that it’s not “wiretapping” (requiring a warrant) unless and until a human being listens to the conversation. That’s why President Obama and others have made such a point of saying that they’re not listening to your conversations. They probably aren’t, until they get that warrant. But they’re using sophisticated computer data mining software to find you so they can put your name on that warrant! Does that violate the Fourth Amendment? I think so.

    Chilling. But there’s something even more chilling. It hasn’t been leaked yet, but I’m pretty certain we’ll find out soon. The NSA isn’t just vacuuming the metadata. They’re grabbing the content (your conversations), too, and storing them away for future use. That will make it easy for them, with your name on that warrant, to listen to all your past conversations as well as your future ones. It’s perfectly legal for them to record your conversations, because, as they constantly point out, “nobody’s listening to your conversations.” Yet.

  4. orionATL says:

    @Michael Cromer:

    “…If the NSA already knew their targets, they wouldn’t need all this data in house. They could subpoena the target’s phone bills and Facebook postings from the appropriate companies. Or get a warrant to wiretap, if need be. This is run-of-the-mill standard police investigative work, like we see on TV shows every day. It doesn’t require data warehouses or data mining…”

    A very important point.

    This nsa program is not prospective – it is not preventing anything.

    It is retrospective – going back and checking, once an individual has been identified by her actions.

    All the “we could have stopped that” is bullshit absent an identified target.

  5. Michael Cromer says:

    Dianne Feinstein: NSA needs no court to query database – POLITICO.com


    So, as long as no one listens, it’s okay to “query” the database. (And besides, it has no “content” anyway.)

    But they’re not querying. They’re data mining. They’re using parameters, pattern-matching, and sophisticated algorithms to discover potential targets, for which they can then “articulate” a justification for a warrant. We know this because there’s no other earthly reason to have all that raw data stored in a massive Utah data warehouse.

    Pre-crime. (See “Minority Report” starring Tom Cruise)

  6. Michael Cromer says:

    @orionATL: I think I might disagree. They ARE actively looking for potential terrorists. What’s not clear that they are finding any. In time. But even if they could, it violates the Fourth Amendment.

    4A is not only intended to protect our personal privacy. It recognizes that the government, if they want to “get” someone for political reasons, could eventually find a past “crime” to charge them with if they had unrestrained access to all our personal affairs. Likewise, police and prosecutors could easily use fishing expeditions to find many “criminals” to pump up their success stats. The 4A says you must FIRST have a crime and a good reason to connect someone with it to get a warrant. 4A doesn’t recognize a concept such as pre-crime.

  7. Michael Cromer says:

    I am NOT defending NSA or their data wareehouse or their secrecy when I say this…

    Think about the peculiar position we have put our leaders, our law enforcement people, and our iuntelligence community in, post 9/11.

    We aren’t asking them to find the perpetrators of the next 9/11 when and after it happens. We are asking them to find future-perps in time to prevent it from happening. We are asking them to stop potential criminals BEFORE they have committed the crime. In other words, “pre-crime.” Just like the movie.

    And that’s what our leaders are trying to do. But there is no concept of pre-crime in the Constitution. Why? It would be an anethma to our values. We believe in trusting people, but we do recognize that some will commit crimes. We will find and prosecute and punish those that do, and we hope that may serve as a deterrent to others. Our Constitution recognizes “post-crime”. but it does not recognize pre-crime because for the government to go around targeting individuals before they have committed any crime would not only violate our privacy it would negate “life, liberty, and the pursuit of happiness.”

    But our leaders are operating as if we want them to go into pre-crime mode even though it sacrifices our privacy and liberty and happiness, because (they assume) it is so important to “prevent the next 9/11 [at almost any cost]” They know that it flies in the face of Constitutional principles, but they also know that if they asked us to amend the Constitution directly to permit them, we probably vote NO. Resoundlingly.

    So they are trying find back doors and semantic ways to work around the Constitution, in secret, so they don’t have to put it to a vote.

    I’m not defending them. I’m just pointing out the dilemma.

  8. Nigel says:

    @Michael Cromer:

    “But our leaders are operating as if we want them to go into pre-crime mode” – without debating it beforehand.
    I appreciate that you’re not defending them, but wouldn’t it be easier to resolve the dilemma by openly discussing what’s at stake first ?

    As far as erosion of the 4th Amendment goes, this kind of thing can sound a little paranoid –
    – until you remember that the US already incarcerates its citizens at a rate around four or five times that of the rest of the world (including all the ‘repressive’ nations).

  9. SpanishInquisition says:

    “We aren’t asking them to find the perpetrators of the next 9/11 when and after it happens. We are asking them to find future-perps in time to prevent it from happening. We are asking them to stop potential criminals BEFORE they have committed the crime. In other words, ‘pre-crime.’ Just like the movie.”

    I recognize what you are saying, but that isn’t actually true. You are IDing actual terrorist acts as the only crimes that there are, not the predicate acts beforehand also being criminal as well. If for instance you have explosives that itself is a crime, the government stopping you for that is itself a crime, which you don’t have to blow something up in a terrorist act before you’re a criminal. There are any number of things – criminal conspiracy comes to mind – that you can be charged with before you actually commit an act. If you hire a hitman to kill someone and the government stops the hit from taking place, that was not an instance of ‘pre-crime’ because the criminal acts had already taken place without a single bullet having been fired.

    “I’m not defending them. I’m just pointing out the dilemma.”

    There isn’t a dilemma. The 9/11 report said the problem was a lack of co-ordination, not a lack of tools for the government. What the government is asked to do is enforce laws going back pre-9/11, which doesn’t mean ‘pre-crime’ enters the equation because acts leading up to attacks are themselves criminal and have been so for ages.

  10. Michael Cromer says:


    Me: “I’m not defending them. I’m just pointing out the dilemma.”

    You: There isn’t a dilemma. The 9/11 report said the problem was a lack of co-ordination, not a lack of tools for the government. What the government is asked to do is enforce laws going back pre-9/11, which doesn’t mean ‘pre-crime’ enters the equation because acts leading up to attacks are themselves criminal and have been so for ages.

    Me: I agree with you, but our leaders DO SEE it as a dilemma. They are pathologically fearful of being the ones on whose watch another 9/11 occurs. They will do anything in their power, including exercising powers and authorities they do not have (under the Constitution) to 100% avoid the next 9/11. They are taking advantage of the state of technology, using almost unlimited secret budget, to create the mother of all surveillance tools, under a one roof so that there cannot be a lack of coordination.

    They say, “Trust us, this tool is completely legal.” But you and I know it is not because it is unconstitutional – or would be if the courts could review it, which they can’t because it is too secret to allow the courts to see.

    They say, “Trust us, we have not/will not abuse this tool.” But you and I know that such tools will always be abused because it is human nature to take fullest advantage of the tools available, and we will not have the ability to put a stop to the abuse because it is too secret for us to see.

    There may not really be a dilemma, but our leaders THINK there is. They believe they must “100%” prevent the next 9/11, but “100%” is impossible without subverting the Constitution. If you put yourself into their frame of mind, seeing this dilemma through their eyes, then it’s easy to figure out what NSA and their cohorts are doing with all this data, whether we can yet prove it or not.

  11. emptywheel says:

    @Michael Cromer: That’s implied by one of the slides Glenn put up after the first ones–it suggests they’re collection from the switches.

    It’s also implied, IMO, from Clapper’s library metaphor, bc if we’er using numbers to pinpoint 1s and 0s, it suggests we’re using it to get content. But the way he describes it–being out of order–suggests they got packets, not emails.

  12. William Ockham says:

    People really need to read the definition of electronic surveillance in the law. It’s all about the acquisition of the “content”. Metadata is fair game. It’s only electronic surveillance if one of the following conditions are met:

    It’s a wire or radio communication sent or received by a particular U.S. person and that person was the target and there is a privacy expectation and a warrant would be required for LE purposes.

    It’s a wire communication to or from a U.S. person, the collection occurs inside the U.S. and you’re not a computer trespasser.

    It’s radio communication that was intentionally acquired, sender and recipients are all in the U.S., there is a privacy expectation, and a warrant would be required for LE purposes.

    Here’s the definition of “Contents”:

    “Contents”, when used with respect to a communication, includes any information concerning the identity of the parties to such communication or the existence, substance, purport, or meaning of that communication.

    I would have thought that information concerning the existence of that communication would include metadata, but no. And don’t feel too good about the identity crap. As long as they can tie you to the phone call or email through other means, they can use the identity of the parties.

    These definitions were rewritten specifically to cover this program that sucks up essentially everything, including the content. The deal they struck with the FISC is that a human being won’t listen to the stored recordings of your phone calls or read your email without getting a court order. That’s what they mean when they say “it’s not collection of data” until they open the library book.

  13. susan says:

    So in vacuuming up and looking at this information from all Americans that means our children too?

  14. Rayne says:

    @Michael Cromer: Yes, exactly, with the data collected and mining techniques they can make statistically significant predictions of behavior against targets which match patterns statistically identified as high risk.

    Pre-crime. Unfortunately, not-yet-crime if ever crime.

    The critical flaw with Clapper’s Dewey Decimal System analogy is that the index is useless without the library’s contents. They cannot act on the equivalent of an index unless they have content proving crime. I don’t believe for a moment they aren’t sweeping up all content for this reason.

    @susan: Of course. How can they tell, for example, in a household like mine where at any given time there are as many as (12) networked devices in operation which of these devices is being operated at that moment by one of my kids — especially since the kids are now young adults and share similar reading habits with their mother?

    I’m not certain which is worse at this point: the violation of their privacy, or the normative cultural pressure to expect this invasion as a course of digital life.

  15. greengiant says:

    The NSA hoover is a pen register on every phone in the country. The FISA act requires a court order for a pen register? We can get to the phone tap, wire tap, computer tap, and just plain conversation tap in a later post.

    The only exception is if the lying impeachable AG may authorize for only foreign intelligence, … and there is no substantial likelihood that the surveillance will acquire the contents of any communication to which a United States person is a party.

    I believe Rachel from credit card services is a contractor for the NSA. That is what I would be doing to confirm phone location and voice ID.

  16. susan says:

    Does this have any implication on what age Aaron Swartz was when an investigation(data query) began on him?

  17. C says:

    @orionATL: Yes! If you noticed in all of the cases they have cited as “successes” the system has been used after the attack to identify possible co-conspirators or to track the process. It has not led to prevention unless you assume that scaring the crap out of some nail polishers counts as preventing a hypothetical attack.

  18. Bill Michtom says:

    @J.Green: removing Clapper is missing the most responsible party–Obama, as orianATL points out.

    I disagree, however, with “this is presidential negligence, at best; presidential incompetence at worst,” because I see no reason to conclude that Obama’s action or inaction is anything but knowledgeable & purposeful.

    The negligence and incompetence is all Congressional.

  19. klynn says:

    EW, I have been away since Wednesday and I am catching up on your posts. You are remarkable. The past few weeks could be the content for a book..

Comments are closed.