How Many People Are Included in Contact Chaining with 27,090 Numbers?

I’ve decided that if I could have a nickel for every time I’ve said “I told the apologists so” as I’ve read these documents, I’d be Warren Buffet. But I don’t get a nickel for predicting the NSA is as bad as it is. So I could use your help to keep doing what I do. 

One of the most stunning revelations from ODNI’s conference call with Officials Who Can’t Be Quoted Because They Might Be Lying is that only 11% of the numbers the NSA was comparing daily business record collections against should have been included.

Those numbers are presented in the government’s first response to Reggie Walton’s order for more information.

In short, the system was designed to compare both SIGINT and BR metadata against the identifiers on the alert list but only to permit alerts generated from RAS-approved identifiers to be used to conduct contact chaining [redacted] of the BR metadata. As a result, the majority of telephone identifiers compared against the incoming BR metadata in the rebuilt alert list were not RAS-approved. See id. at 4, 7-8. For example, as of January 15, 2009, the date of NSD’s first notice to the Court regarding this issue, only 1,935 of the 17,835 identifiers on the alert list were RAS-approved. (10-11)

This means that every day, the NSA was comparing names they thought maybe might could be terrorist numbers, as well as numbers they actually had reason to believe actually were, with all the phone records in the US to see if Americans were talking to these people. [Update: And to clarify, the 89% on the list who were “compared” to the daily business record take weren’t contact chained — NSA just checked to see if they should look further.]

As I said, per the Officials Who Can’t Be Quoted Because They Might Be Lying who gave today’s conference call, that’s as bad as it gets.

But it appears to get worse.

You see, as NSA was confessing all this to DOJ’s National Security Division, they were also cleaning up their lists (the January 15 numbers come from a week after NSD first got involved). And it appears that before they started their confessional process (in the days before Obama took over from George Bush), they had far more people on their list. And they were contact-chaining those numbers.

At the meeting on January 9, 2009, NSA and NSA also identified that the reports filed with the Court have incorrectly stated the number of identifiers on the alert list. Each report included the number of telephone identifiers purported on the alert list. See, e.g., NSA 120-Day Report to the FISC (Dec. 11, 2008), docket number BR 08-08 (Ex. B to the Government’s application in docket number BR 08-13), at 11 (“As of November 2, 2008, the last day of the reporting period herein, NSA had included a total of 27,090 telephone identifiers on the alert list . . . .”). In fact, NSA reports that these numbers did not reflect the total number of identifiers on the alert list; they actually represented the total number of identifiers included on the “station table” (NSA’s historical record of RAS determinations) as currently RAS-approved) (i.e., approved for contact chaining [redacted]

This appears to mean the NSA could (they don’t say whether they did) conduct chaining two or three degrees deep on all these potential maybe might could be terrorists.

If those 27,090 talked to 10 people in the US, and those 270,090 people in the US regularly talked to 40 people in the US, and those people talked to 40, then it would potentially incorporate 433 millio–oh wait! That’s more people than live in the US!

That is, there’s a potential that, by contact chaining that many people, this actually represented a comprehensive dragnet of all the networked relationships in the US until the days before Obama became President.

And they lied to Reggie Walton about it as they got their first real legal review of the program.

But honest, all this was really just unintentional.

Update: Later in the filing, the government admits they were doing more than 3 hops until early 2009.

Second, NSA is implementing software changes to its system that will limit to three the number of “hops” permitted from a RAS-approved seed identifier.

This means those 27,090 identifiers that were in use on November 1, 2008 (at which point it became clear Obama would win the election) could have been contact chained far deeper into American contacts. This makes it very likely that that “contact chaining” actually did include everyone in the US.

image_print
18 replies
  1. Rayne says:

    “Contact chaining” is a nice euphemism for “social network analysis.”

    So basically they had enough data to take a snapshot of nearly all Americans’ personal and business networks, thereby interfering with our freedom of association.

    Jeepers, add the spiffy information about the network infrastructure AND validate network nodes with something like, oh, say Duqu or Flame…why, any threat of a revolt among the peasants could be put down pretty easily just by focusing on key node points.

    Or find out about hidden transactions in order to compromise key node points, ex. Eliot Spitzer’s banking pre-March 2008.

  2. Peterr says:

    From way back in the day — June 14, 2007, to be specific — comes this bit of commentary from a certain federal judge upon reading a brief to his court:

    Walton: With all due respect, these are intelligent people, but I would not accept this brief from a first year law student. I believe this was put out to put pressure on this court in the public sphere to rule as you wish. [Reggie pissed]

    Take out “in the public sphere” from the quote above, and Reggie could easily quote himself in these FISA rulings.

    Given that his ultimate ruling the older case above was defanged by the Executive Branch, I can see where he’d be doubly pissed at being lied to by the very same people on their way out of town.

    And then double it again, because the lies get told in private where no one can see how big the lies are.

  3. lefty665 says:

    We are beginning to learn that NSA abuses personalize to Keith Alexander. Even Hayden reported Alexander for going beyond the law.

    Prior generations of NSAers feared that abusing their tools would enable tyranny. Alexander has personally turned NSA ever more comprehensively inward. That is precisely the abuse that was feared.

    Railing at the NSA generalizes the abuse and misses the source. It is Keith, Keith Alexander, General Keith Alexander DIRNSA. He’s been DIRNSA longer than anyone else. It is past time for him to be retired.

    http://cryptome.org/2013/09/nsa-cowboy.htm

  4. emptywheel says:

    I’ll add one more thing:

    The government effectively claimed that, since they had “fixed” teh problem, they shoudl get to continue with the program.

    But if I’m right about this post, they effectively purged the evidence to make their crimes look smaller than they were.

  5. orionATL says:

    the weak link in this astonishing, for america in my lifetime, episode of blatant governent constitutional illegality, is the federal judiciary.

    almost nowwhere can we find a federal district judge with the courage to challenge blatant doj lying, blatant doj professional misconduct, blatant doj disregard for precedent, not to mention blatant doj disregard for what they full well know is unconstitutional government conduct.

    the deceiving ghost of john yoo rules the justice department.

    our federal district judges’ response is to duck and cover and wet their federal benches in fear of overuling an out-of-control, court-manipulating, court-deceiving, illegality-demanding doj/whitehouse.

    why the fear?

    the federalist society/right-wing assault on the appeals courts over the last twenty years has left crackpots in positions to make repeated reversals of district court decisions.

    the fact that many judges, inappropriately in my view, come from corporate law practice.

    the fact that far too many judges are associated with elite law schools, harvard law being perp #1, which attract some of the worst possible candidates, self-serving from day one, for judgeships (or for public office).

    the fact that the five mitred justices of the current supreme court are severely dishonest idealogues doing major damage to our society by concocting one after another 5-4 legal decisions based on purest legal sophistry and on intellectual dishonesty of the most blatant sort.

  6. C says:

    As a tangential point the WSJ made a nice pairing of quotes from the newly-released documents and the prior assurances. From the article:

    Officials said the violations were inadvertent, because NSA officials didn’t understand their own phone records collection program. In a 2009 declaration to the judge, NSA Director Keith Alexander said that “from a technical standpoint, there was no single person who had a complete technical understanding of the [record] system architecture.”

    Then one paragraph later they deliver the punchline:

    “This is not a program where we are out freewheeling it,” Gen. Alexander said in June. “It is a well-overseen and a very focused program.”

    http://online.wsj.com/article/SB10001424127887324094704579067422990999360.html

  7. Peterr says:

    @emptywheel: Marcy, you’re going to be called “shrill” if you keep using words like “lied” and “crimes” to describe the work of these selfless civil servants.

    Not that you’re wrong to use them, of course.

    If only there were criminal penalties attached to lying to the FISA court, and judges willing to impose them.

  8. JamesJoyce says:

    @Rayne:

    “…freedom of association.” Funny you mention “freedom of association?”

    The intent of “Savak,” set up by the CIA, in Iran was to crush dissent by any means necessary. This meant destroying “associations,” not in the economic interest of BP oil monopoly on Iran’s oil. To crush political and social movements in Iran opposed to oil’s corporate sodomy of a nation. Americans are getting the same treatment now. This data collection will be used against Americans to protect the continued exploitation of oil’s biggest cash cow, Americans and the billion dollars a day we waste at a minimum, in servitude to a energy monopoly!

    I do not see this ending well at all. America’s civil war was about energy. Humans in servitude to humans exploited for uncompensated energy. We are witnessing a repeat in history. Slave owners did not want to give up their “advantage,” achieved by law, an energy monopoly, by owning people. In fact slave owners initiated a civil war, to protect their monopoly on energy! Wake up America! We are being “boxed in” as were Iranians, now by our government to protect a energy monopoly!

  9. JamesJoyce says:

    “Trusting” government is a fools errand. We need citizens, not historically inept lap dogs looking for that next day’s “dog treat” in the form of a payoff! Sit…. Paw…. Rollover… No barking…. Good puppy, now here is your treat, laced with cyanide?

  10. Rayne says:

    @emptywheel: And they’ll say they’ve minimized it.

    Yet somewhere they have a network analysis, a snapshot reduced to key nodes.

    We really need somebody with expertise on social network analysis, because we’re up against folks using tools like Palantir.

    @JamesJoyce: You might want to check out this NPR report published yesterday —

    It’s Okay to Protest in China, Just Don’t March

    No similar study has been performed on US-based internet activity; it would be far more difficult, of course, given the diversity of social media content. However, the same premise might explain why the Occupy Movement was not able to motivate a critical mass of folks to take to the streets in the wake of the economic crisis. Much of the public’s drive to take to the streets had been partially defused by Obama For America campaign; OFA’s outreach efforts abruptly died out, never fully realizing the same energy for 2012 as it did in 2008. Even the Tea Party was defused after the healthcare debates and the 2010 elections. People were still incredibly angry at both ends of the spectrum, but nothing happened to create protests in the street, nothing to the scale we’ve seen with immigration reform or with 2002-2003 antiwar protests.

    Did their social network analysis help them suppress Occupy’s momentum?

    They certainly weren’t using the analysis to preemptively address the Boston bombing.

  11. blueburner says:

    “On December 29, 2012 Naomi Wolf of The Guardian newspaper provided U.S. government documents which revealed that the FBI and DHS had monitored Occupy Wall Street through its joint terrorism task force despite labelling it a peaceful movement.”

    The slime that’s been oozing out regarding Mass Govt Surveillance will only get darker and more toxic. Any activist from the 70s will tell you that these govt agencies don’t care about rules and the Grand Powers, hungry for insights & info, won’t question how information is collected and don’t want to know–plausible deniability.

    The Occupy movement was the strongest global social movement in the world since the social protests of the 70s–and we all know how Hoover & Cointelpro asserted its powers during that time. Now, with cell phones & technologies used in tandem with a range of on the street surveillance (infiltration, provocateurs, informants, intimidation) the power of Mass Govt Surveillance is such that it is practically impossible to organize and dissent without govt interference.

    Protest is a crucial element of democracy. It keeps democracy from morphing into other unpleasant forms of governance and I believe we’ve reached that juncture.

    Even I realize that while I write this post, the very mention of surveillance or Cointelpro has probably provided key words attracting the attention of some analyst who’ll note it and investigate my IP address.

    Note that the NSA is not keywording or surveilling Criminal Banks that ripped off the country and threw millions of out work and triggered the depletion of individual assets in the process. NYPD can stop & frisk millions of people of color who’ve done nothing, but they give the Wall St Flim Flam Men a pass.

    Who’s being protected here?

  12. Saul Tannenbaum says:

    @orionATL: Just for the other perspective…

    When I worked at a University, I was the technical guy who most often contacted for take-this-stuff-down requests.

    We, as technical people, were very careful to never make policy and never act on our own to take-stuff-down. Our continual disappointment were academic officials who were cowards, would take every request at face value, and then instruct us to take-stuff-down.

    That little John Hopkins tap dance is very familiar to me, because, given a little bit of time, even the cowards recognize that there are actual things a University stands for and that sometimes, you’re the person called upon to uphold those values.

  13. orionATL says:

    @Saul Tannenbaum:

    thanks. your words ring true and further carry the weight of one who has been down in the engine room.

    based on close observation, i have long held that the quintessential requirements to be a dean were the ability to lie well and complete ethical suppleness.

  14. Saul Tannenbaum says:

    @Rayne: State of the art social network analysis is hopelessly compromised in the sense that its in the hands of corporate interests: Facebook, Twitter, LinkedIn, etc. They have the motivation ($) to do the work, the raw data, and the resources. Academic work in this is almost always a corporate partnership. I’ve written here in comments about a conference I went to at Harvard, organized by Cass Sunstein (!), which was basically those folks showing off what they’re able to do with social network data. Facebook actually conducted an experiment to demonstrate that they can increase voter turnout, and have done other work showing they can increase participation in organ donor programs.

    MIT has done this: https://immersion.media.mit.edu/ which is a way for folks to understand the power of metadata, half art, half data analysis, which is interesting, but nowhere near what’s really needed.

  15. Rayne says:

    @P J Evans: Um, that may have been deliberate. Seriously, why would they just kill the thing that got them elected before they got a Congress it needed?

    We really need to ask more questions about stuff that just looked like stupid at work. When something breaks down, the first question should be, qui bene?

    When the DNC under the first chair post-Dean ditched the 50-State Strategy, well before 2010 election season: qui bene?

    Applies to other events apart from the political sectore, too, like when RIM-Blackberry kept having major outages a couple years ago: qui bene?

    Mm-hmm.

    @Saul Tannenbaum: I agree that social network analysis may be compromised, but I’m not talking about the fuzzy puppy stuff like Facebook.

    I’m talking Palantir and IBM’s network analysis tools, and tools telecom systems use to balance loads and monitor for failures. Powerful systems that deliver, but are compromised because they serve the oligarchs, not the people.

    Working tools are out there; they are using them. They just aren’t using them to deliver a more perfect union, establish justice, insure domestic tranquility, provide for the common defense, promote the general welfare, and secure the blessings of liberty to ourselves and our posterity.

Comments are closed.