As bmaz noted, WaPo reported today that NSA has been collecting billions of phone records a day, including cell location information. Once again, when the NSA says it has stopped or doesn’t conduct a practice, it means only it has stopped the practice in the US, even though it still collects US person data overseas.
But the NSA refuses to reveal how many Americans’ data are being swept up.
The number of Americans whose locations are tracked as part of the NSA’s collection of data overseas is impossible to determine from the Snowden documents alone, and senior intelligence officials declined to offer an estimate.
“It’s awkward for us to try to provide any specific numbers,” one intelligence official said in a telephone interview. An NSA spokeswoman who took part in the call cut in to say the agency has no way to calculate such a figure.
An intelligence lawyer, speaking with his agency’s permission, said location data are obtained by methods “tuned to be looking outside the United States,” a formulation he repeated three times. When U.S. cellphone data are collected, he said, the data are not covered by the Fourth Amendment, which protects Americans against unreasonable searches and seizures.
A number of tech people are wondering if there’s some secret technical reason why NSA can’t or won’t estimate the number.
But the reason is almost certainly far more cynical.
In 2010 (sometime between July and October), John Bates told the NSA if they knew they were collecting content of US persons, they were illegally wiretapping them. But if they didn’t know, then they weren’t in violation.
When it is not known, and there is no reason to know, that a piece of information was acquired through electronic surveillance that was not authorized by the Court’s prior orders, the information is not subject to the criminal prohibition in Section 1809(a)(2). Of course, government officials may not avoid the strictures of Section 1809(a)(2) by cultivating a state of deliberate ignorance when reasonable inquiry would likely establish that information was indeed obtained through unauthorized electronic surveillance.
Then in 2011, Bates made them count some of their collection of US person content (he deemed it intentional collection, though they and their Congressional overseers still like to claim, legal opinion notwithstanding, it was not; the use of “tuned to be looking outside the US” is probably more of the same). And using the threat of labeling that US person content, he forced them to purge the information. But they somehow refused to count the larger amount of US person data collected intentionally, and NSA was permitted to keep that.
Presumably, the laws would be different on overseas collection, which would not count as “electronic surveillance.” Except that with Section 703 of FISA — which requires an order for collection on US person content overseas — there may be similar levels of protection, just via different statutes.
One thing the NSA has learned through experience with John Bates and FISC is that if you claim you don’t know you’ve collected US person data, a judge will not declare it legal. But if you admit you’ve collected US person data, then that same judge may threaten you with sanctions or force you to purge your data.
So there’s a very good reason why it’s “awkward” for NSA “to try to provide any specific numbers.” Doing so would probably make the collection illegal.