I’m going to do a post on all the Section 215 documents the Most Transparent Administration Evah™ didn’t turn over in its fit of feigned transparency. But first I want to clarify something about timing.
There are 7 documents in the ACLU Vaughn Index “dated” January 8, 2007. There is an 8th in the EFF Vaughn Index (see document 3). There are 4 documents on ACLU’s site linking all the NSA documents released bearing that date, one of which was released by Edward Snowden.
But at least some (and probably all) of these documents were not written on January 8, 2007.
For example, this document, an “interim competency test” for the phone dragnet, must date to sometime after March 2009, because it describes restrictions in place only between that month and September 2009. Document 3 in EFF’s Vaughn Index (which was not released) refers to the June 25, 2009 End-to-End report (it may be an earlier version of this report, but I suspect it describes some rejection on the part of FISC of some activity).
The date January 8, 2007 actually refers to the date of the policy on classification governing the documents in question. (That policy superseded one dated November 23, 2004, and it was superseded on November 16, 2012.)
I raise this partly to clear up fairly widespread confusion (confusion that started with DOJ and ODNI’s actions, but which has extended to a number of journalists).
But also because it betrays a real bureaucratic sloppiness on the part of NSA.
The documents mis-identified as January 8, 2007 documents are largely training manuals and guidelines, as well as some less formal Congressional notice. Some of the other training manuals and guidelines are not dated at all (even the documents that are effectively drafts should have version control on them). This is surprising in any bureaucracy the size of NSA, but particularly given that many of these documents play a key role in legal compliance. (To its credit, what appears to be the most recent training program released, which is actually a story-board for a multi-module training program, is dated.)
While I suspect NSA accomplishes some of this version control via online file management (meaning that an analyst who goes to the file for “dragnet training” will only have access to the most up-to-date version), there still remains the risk that employees won’t follow new restrictions because they’re operating from outdated documents and can’t easily determine which is newest.
It also, of course, makes it harder — for both us and, in all probability (given that these documents were all in possession of DOJ), DOJ — to determine whether NSA was providing the training it assured the FISA Court it was providing (and all that’s before you consider how utterly crappy most of these materials are from a training perspective).
Consider the irony: for at least some of its documentation, NSA takes more care to date the policy guiding its classification than to date its legal validity.