I want to point to a passage of the 2008 DOJ IG Report on use of Section 215. I think it adds new details about how the government came to use Section 215 to spy on all of us.
On page 20, the report describes what it calls “combination Section 215 Applications and Orders in 2006.” It reveals that for a period, when FBI got pen register/trap and trace orders, it would also use Section 215 to get subscriber information.
A combination application is a term used by OIPR to refer to a Section 215 request that was added to or combined with a FISA application for a pen register/trap and trace. The use of the combination request evolved from OIPR’s determination that FISA pen register/trap and trace orders did not require providers to turn over subscriber information associated with telephone numbers obtained through those orders. As a result, Section 215 requests were added to pen register/trap and trace orders to seek subscriber information.
That’s all for regular FBI use of the program.
But then it includes one of those heavily redacted passages that, we now know, refer to the bulk metadata collection program(s).
OIPR also used combination orders in 2005 and 2006 to obtain [two lines redacted]23
After passage of the Reauthorization Act on March 9, 2006, combination orders became unnecessary for subscriber information and [one line redacted]. Section 128 of the Reauthorization Act amended the FISA statute to authorize subscriber information to be provided in response to a pen register/trap and trace order. Therefore, combination orders for subscriber information were no longer necessary. In addition, OIPR determined that substantive amendments to the statute undermined the legal basis for which OIPR had received authorization [half line redacted] from the FISA Court. Therefore, OIPR decided not to request [several words redacted] pursuant to Section 215 until it re-briefed the issue for the FISA Court. 24
23 [One line footnote redacted]
24 OIPR first briefed the issue to the FISA Court in February 2006, prior to the Reauthorization Act. [two lines redacted]
This may actually pertain solely to the phone metadata collection (as far as we know, they never used 215 for Internet metadata because (James Cole implied yesterday) Internet companies don’t keep records of their customers’ metadata.
And the reference to 2005-2006 may simply refer to the period, after the initial NYT reports, when phone companies asked to be required to turn over their customers’ metadata.
If so, then this is nothing new … except for one detail. It suggests the government used PR/TT for the initial period of this collection, until such time as Congress passed the “relevant to” language in Section 215.
But that would also suggest that DOJ had developed and briefed this new use of Section 215 orders even before Congress approved the bill.
Only, it doesn’t appear to have told those pushing the bill through Congress.
Perhaps that’s why Jim Sensenbrenner — who was one of the bill managers — is so pissed.