December 26, 2013 / by emptywheel

 

Coincidental Timing in NSA’s Telecom Switch Collection

We knew the government had “shut down” the Internet metadata in “late” 2011.

But I believe Friday’s filings are the first time they’ve specified publicly: they shut it down in December 2011.

That gives us the following chronology:

May 29, June 22, 2009: First Internet dragnet violations noticed as part of phone dragnet review

Around July 2009: NSA pilots new contact-chaining approach for Internet dragnet

Around November 2009: FISA Court does not re-approve Internet dragnet (see 15-16)

Between July and October 2010: FISC reauthorizes and NSA restarts Internet dragnet, but finds some overcollection since start of program in 2004

November 29, 2010: NSA signs directive allowing analysts to chain through US persons

January 3, 2011: Government rolls out new dragnet approach, providing

May 2, 2011: Government “clarifies” that upstream collection includes some US person data

October 3, 2011: John Bates finds some upstream dragnet illegal

Between October 3 and October 6, 2011: NSA General Counsel considers appeal

October 13, 2011: Government claims 1809(a)(2) does not apply — presumably to upstream collection

October 17, 2011: Draft training module advises analysts to talk to management or subject matter expert about Internet dragnet from prior to November 2009

November 22, 2011: Government still challenging applicability of 1809(a)(2) in upstream collection

Late 2011: Government starts dealing with upstream content

December 2011: Government halts Internet dragnet

That is, the government stopped collecting Internet metadata in the US within weeks of the discussion between John Bates and the government over whether or not Section 1809(a)(2) applied to NSA’s deliberate collection of US person content within the US via collection off telecom switches in the US — the same method of collection as used in the Internet dragnet.

That’s not to say the legal discussion influenced the decision. There are plenty of other explanations — including Google’s encryption by default (which made Google content inaccessible via US switches) and the earlier limits Bates imposed on US metadata collection, which may have made domestically-collected metadata less useful — for NSA to shut down that collection.

But I wonder whether Bates’ persistent focus on 1809(a)(2) had an influence.

I say that for two reasons — aside from the timing.

First, it is unusual for a training document to recommend asking a person for information about how to handle something, as the dragnet training instructed analysts, “for information on PR/TT data collected prior to November of 2009, contact your organization’s management or subject matter expert,” as late as October 17, 2011. The data from this period involved overcollection (probably content collected in the guise of metadata) that, if known to be US person data, could not be circulated without violating 1809(a)(2). This kind of instruction should be written down, especially given the legal sensitivity surrounding it, not transmitted person-to-person. But it appears not to have been.

There are a lot of details about Bates’ resolution of the Internet metadata overcollection in 2010 that we don’t yet know. Unlike with the 2011 US opinion,we don’t see the follow-up discussion to see how that collection was handled.

But we do know how Bates enforced his 2011 opinion: by emphasizing that the government couldn’t use any of that US person upstream collection for submissions to the FISC.

Beginning late in 2011, the government began taking steps that had the effect of mitigating any Section 1809(a)(2) problem, including the risk that information subject to the statutory criminal prohibition might be used or disclosed in an application filed before this Court.

Given that the government uses metadata to select which content collection to translate, this restriction on submitting improperly collected data to the FISC might be even more restrictive with the Internet dragnet information than the upstream collection.

In October and November 2011, John Bates reiterated his assertion — first made the year earlier in conjunction with Internet dragnet collected via the same means that the NSA could be subject to 1809(a)(2) — in response to which, the government still tried to object. But then they stopped objected and started complying, at the same time they also stopped collecting Internet metadata from within the US.

Two years in a row the NSA’s collection off telecom switches was deemed to be illegal. As the second judgment got resolved (by imposing restrictions on the circulation of the data), the government moved the collection tied to the first judgment overseas.

Copyright © 2013 emptywheel. All rights reserved.
Originally Posted @ https://www.emptywheel.net/2013/12/26/coincidental-timing-in-nsas-telecom-switch-collection/