1. Howard, Malcolm BR 06-05 (5/24/06)
    • Application submitted 5/23/06
    • Expires 8/18/06
    • One group (al Qaeda) originally approved, a second (or more) added via amendment on August 8, 2006)
    • Footnote 1 asserting most calls domestic to domestic (redacted thereafter)
    • Probably just 2 providers (plural custodians, but short redaction)
    • Includes compensation paragraph dropped with third order
    • Footnote 2: 2 numbers per day
    • Only 7 people authorized to sign off on RAS: Signals Intelligence Directorate Program Manager for Counterterrorism Special Projects; the Chief or Deputy Chief, Counterterrorism Advanced Analysis Division; or one of the four specially authorized Counterterrorism Advanced Analysis Shift Coordinators in the Analysis and Production Directorate of the Signals Intelligence Directorate
    • Classification mark redacted
  2. Howard, Malcolm BR 06-08 (8/18/06)
    • Begin large footnote modifying names of (now 2) organizations cleared for RAS
    • 8 authorizers (plus addition of “production” to SID Program Manager), addition 5th CT Shift Coordinator
    • Add language approving RAS for FISA targets
    • Classification based on application; declassification of President
    • 2 (4 pages and 15 pages) Orders of unknown subject (10/31/06)
  3. Scullin, Frederick, BR 06-12 (11/15/06)
    • Compensation paragraph dropped
    • Footnote 2 changed to 3 numbers a day
    • Mandate review every 90 days
    • Add at least 2 spot checks every 90 days
    • Congressional notification regarding implementation of Section 215 authority (1/25/07)
    • 43 total BR orders in 2006
  4. Broomfield, Robert, BR 07-04 (2/07/07)
    • Add exception to FISC authorization for RAS for FISA docket 06-2081
    • Internal Executive Branch email message and attached document regarding implementation of Section 215 authority (3/9/07)
  5. Gorton, Nathaniel, BR 07-10 (5/03/07)
  6. Gorton, Nathaniel, BR 07-14 (7/25/07)
    • Replace docket 06-2081 exception to FISA language w/docket 07-449 [see also]
  7. Vinson, Roger, BR 07-16 (10/18/07)
  8. Howard, Malcolm, BR 08-01 (1/10/08)
    • Footnote 5 notes that “for analytical efficiency” “a copy of data” from phone dragnet data will be stored on same server as [EO 12333 and foreign collected] data
    • Move spot check language to FISC l
    • NSA management cancels monthly due diligence meetings (1/08)
    • DOJ IG Report on Section 215, including 2 classified sections that presumably include the dragnet (though only for 2006), as well as notice of failure to meet statute’s minimization requirement (3/08)
  9. Kollar-Kotelly, Colleen, BR 08-04 (4/3/08)
    • Approval for training new NSA analysts?
    • 31 newly trained NSA analysts query BR database using 2,373 identifiers without knowing they were doing so (4/08)
    • Internal memo addressed to NSD/OI officials including Matthew Olsen in anticipation of filing to FISC (6/6/08)
  10. Zagel, James, BR 08-07 (6/26/08)
    • Add IMSI, IMEI to list of metadata included in order [see also]
    • Footnote 1, defining identifier, noticeably longer
    • NSA shifts the servers the reports are retained on (no word about the records themselves) (7/29/08) [See also compliance notices on data retention in 2013]
    • Disabling of hyperlink allowing CIA, FBI, and NCTC to access BR metadata directly (Note, ETE report says this happened in “Summer 2008 timeframe”) (7/08)
    • Distribution of Data Integrity Analysts’ defeat list changes (probably expands) in some way (8/08)
    • NSA tells FISC about tool to find correlations (8/18/08)
    • BR 08-07 (8/20/08) [see also] approves method of analysis, probably correlations
  11. Zagel, James, BR 08-08 (9/19/08?)
    • AG Guidelines for Domestic FBI Operations (9/28/08)
    • Notice of April violations (10/17/08)
    • Start date for audit as part of E-2-E (11/1/08)
    • 27,090 identifiers allowed to be contact chained, as subsequently reported (11/2/08)
    • (12/1/08) BR 06-05 and 6 other docket orders first provided to Congressional oversight committees
    • Start date for 2 analysts doing 280 queries using non-RAS identifiers (12/10/08)
  12. Walton, Reggie, BR 08-13 (12/11/08)
    • Begin requirement of consultation w/DOJ
    • Supplemental opinion assess legality under 2702/2703 (12/12/08)
    • Notice on “alert” violation; 1,935 of 17,835 identifiers RAS approved (1/15/09)
    • End date for 2 analysts making 280 queries for non-RAS identifiers (1/23/09)
    • Notice of violation on 280 non-RAS queries (1/26/09)
    • Order for more information regarding 1/15/09 notice on “alert” violation (1/28/09)
    • Supplemental notice about failed attempt to kluge the automatic notice (2/3/09)
    • Memo providing more info on violations (2/15/09)
    • Notice of violation on query tool (2/26/09)
    • Order setting out new rules for dragnet access. (3/2/09)
    • Notice of domestic identifiers being queried w/o RAS review (3/4/09)
    • 13 total BR orders in 2008
  13. Walton, Reggie, BR 09-01 (3/5/09)
    • Notice that “data integrity” analysts sharing non user emails beyond BR cleared analysts (5/8/09)
  14. Walton, Reggie, BR 09-06 (5/29/09)
    • Secondary order to provider (Verizon?) excludes foreign-to-foreign data
    • Supplemental order (both dockets) on sharing outside of NSA (5/29/09)
    • Notification of chaining on correlated numbers (6/15/09)
    • Notification of access by CIA, FBI, NCTC (6/16/09)
    • Supplemental order in both dragnets (6/22/09) [See PR/TT version]
    • End-to-End report (6/25/09)
    • Notification that NSA following USSID 18 instead of minimization procedures (6/26/09)
    • Notification of unminimized results shared with unidentified recipient (GCHQ?) (6/29/09)
    • End-to–End report shared with FISC (7/2/09)
  15. Walton, Reggie, BR 09-09 (7/8/09) [see also]
    • New group approved via primary order pp. 5-7
    • Order specifically mentions NSA failure to follow BR-specific minimization procedures
    • Order requires briefing on legal requirements of dragnet (10)
    • Order requires consultation with DOJ, including on automated queries (14)
    • Requires explanation why NSA disseminated out of NSA, can’t remove credit card info (16-17)
    • Order requires weekly reports
    • Approval for data integrity analysts’ use of non-user specific identifiers
    • 4 new roles approved to approve disseminations
    • Notice of ability to obtain fourth hop contact number (8/4/09)
    • Submission with E-2-E (8/19/09)
  16. Walton, Reggie, BR 09-13 (9/3/09)
    • Begin inclusion of language providing access for discovery purposes
    • Order regarding new dissemination violations (9/25/09)
    • Briefing materials for FISC regarding implementation of Section 215 authority (9/18/09)
  17. Walton, Reggie, BR 09-15 (10/30/09) [See also]
    • Supplemental opinion on historical queries and dissemination (11/05/09)
    • Briefing materials for government personnel pertaining to implementation of Section 215 authority (11/18/09)
  18. Walton, Reggie, BR 09-19 (12/16/09) [see also; see also]
  19. Walton, Reggie, BR 10-10 (2/26/10)
    • July 16, 2010 violation showing tech accessing records outside of acceptable time period. Report to FISC on that provided under FOIA shows Verizon Wireless in the docket.
  20. Walton, Reggie, BR 10-17 (5/14/10)
    • June 25, 2010: After several delays, new selector tracking tool introduced. (page 91)
    • August 2, 2010: DOJ informs John Bates that Data Integrity Analysts could conduct foreign intelligence queries too. (110)
  21. Walton, Reggie, BR 10-49 (8/04/10)
    • Includes declaration that NSA would chain beyond 3 hops, which they did once in October. (page 175)
  22. Walton, Reggie, BR 10-70 (10/29/10)
    • BR 10-82 (11/23/10) approves collection of financial records for specific investigation, finds such use does not conflict w/financial NSL law
    • Memo to Congressional staffer regarding certain acquisition authorities, including Section 215 (12/1/10)
    • Changes in reporting, from weekly to monthly. Probably same order restrictions on number of analysts accessing DB lifted. (309)
    • 96 total BR orders in 2010
  23. Bates, John, BR, 11-07 (1/20/11)
  24. Feldman, Martin, BR 11-57 (4/13/11)
  25. Bates, John, BR 11-107 (6/22/11)
  26. ~9/16/11? BR 11-151
  27. BR-11-191 12/09? [see also]
  28. ~1/29/12?
  29. ~4/29/12?
    • May 2012 DOJ NSD says NSA UGC can determine whether terrorists groups are included in those approved by FISC.
  30. ~7/28/12?
  31. ~10/26/12, BR 12-178
    • Supplement approval of new automated query, BR 12- 178, (11/8/2012) [see also]
    • November 29, 2012: Order requiring tracking of all dissemination changed to cover just tracking of US person dissemination [310]
    • 212 total BR orders in 2012
  32. ~1/25/13? BR 13-22:
    • April 2, 2013: Analyst shares query results outside of BR FISA analysts
    • April 18, 2013: Techs discover data from 2007
  33. Vinson, Roger, BR 13-80, (4/25/13)
    • May 7, 2013: Notice to Congress of compliance incident: retention of data past 5 years.
  34. Eagan, Claire, BR 13-109, (7/18/13)
    • Notice to FISC August 2, August 7, October 4 of unreported disseminations.
    • September 20, 2013: Notice to Congress of compliance incidents: disseminations not reported to FISC in 30 day reports.
  35. McLaughlin, Mary, BR 13-158 (10/11/13)
    • November 22, 2013: NSA notifies NSD it obtained 9 cell phone records that would later be shown to include CSLI.
    • 178 total BR applications in 2013; 179 total dockets reflecting submission of final minimization procedures.
    • December 2013: BR FISA dissemination tracking tool.
  36. Hogan, Thomas, BR 14-01 (1/3/14)
    • Include reference to Eagan, McLaughlin, Leon, and Pauley opinions.
    • Congress can access database to perform oversight
    • Supplement gives FISC review over RAS and limits to 2 hops (2/5/14); See also
    • Order denying motion to preserve data (3/7/14)
    • Order approving preservation of data (3/12/14)
    • Memorandum opinion (Collyer) treating mosaic theory (3/20/14)
    • Order requiring explanation for material misstatement regarding preservation orders (3/21/14)
  37. Collyer, Rosemary, BR 14-67  (3/28/14)
    • Add footnote assuring technical controls prevent any foreign intelligence queries without RAS.
    • End requirement that OGC and NSD review RAS selection.
    • Eliminate description of automated queries.
  38. Zagel, James, BR 14-96 (6/19/14) [see also]
    • Application made by Deputy Director, not Director.
    • July 30, 2014: NSA confirms that 9 cell phone samples from previous year included CSLI.
  39. Dearie, Raymond BR 14-125 (9/11/14)
  40. Mosman, Michael BR-166 (12/4/14)
    • Changes “technical controls” footnote to include “that in cases of imminent threat to human life NSA my bypass these technical controls, subject to management controls, to conduct queries using RAS-approved seeds.”
    • Crossed out reauthorization date may stem from FISC preference for Friday reauthorizations.
    • 170 total BR applications in 2014
  41. Boasberg, James BR 15-24 (2/26/15)
    • Application submitted late (on February 23?)
    • Move footnote adopting “connection chaining” language used in USAF.
    • Merge previous footnotes 12 and 13.
    • Eliminate definition of 5 years as 60 months in destruction paragraph.
    • Add paragraph ordering government to inform of any changes pursuant to decisions in 3 pending appellate cases.
    • Add paragraph scolding government for applying 4 days later and ordering government to include memo addressing any issues of law.
    • Current copy lacks at least one page, included extended deadline and signature.
    • 95-day renewal to coincide with PATRIOT Reauthorization June 1.
  42. Mosman, Michael 15-75 (6/29/15)
    • Add language reflecting new minimization language in USA Freedom Act.
    • Change in redaction for custodian of records.
    • Change in language to reflect 2nd Circuit decision in ACLU case.
    • Change in provider redaction may reflect additional provider.
    • Includes 2 month deadline, plus retroactive collection back to May 31.
  43. Mosman, Michael 15-99 (8/27/15)
    • Deferred question of whether government could keep data beyond 11/28/15.
    • Appointed Preston Burton amicus 9/17/15 to review that question.
    • 142 approved applications for all Section 215.
Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.