[Vision2020] Court Upbraided N.S.A. on Its Use of Call-Log Data

[Art Deco]

  [image: The New York Times] <http://www.nytimes.com/>

------------------------------
September 10, 2013
Court Upbraided N.S.A. on Its Use of Call-Log Data By SCOTT
SHANE<http://topics.nytimes.com/top/reference/timestopics/people/s/scott_shane/index.html>

Intelligence officials released secret documents on Tuesday showing that a
judge reprimanded the National Security
Agency<http://topics.nytimes.com/top/reference/timestopics/organizations/n/national_security_agency/index.html?inline=nyt-org>in
2009 for violating its own procedures and misleading the nation’s
intelligence court about how it used the telephone call logs it gathers in
the hunt for terrorists.

It was the second case of a severe scolding of the spy agency by the
Foreign Intelligence Surveillance Court to come to light since the
disclosure of thousands of N.S.A. documents by Edward J. Snowden, a former
contractor, began this summer.

The newly disclosed violations involved the N.S.A. program that has drawn
perhaps the sharpest criticism from members of Congress and civil
libertarians: the collection and storage for five years of information on
virtually every phone call made in the United States. The agency uses
orders from the intelligence court to compel phone companies to turn over
records of numbers called and the time and duration of each call — the
“metadata,” not the actual content of the calls.

Since Mr. Snowden disclosed the program, the agency has said that while it
gathers data on billions of calls, it makes only a few hundred queries in
the database each year, when it has “reasonable, articulable suspicion”
that a telephone number is connected to terrorism.

But the new documents show that the agency also compares each day’s phone
call data as it arrives with an “alert list” of thousands of domestic and
foreign phone numbers that it has identified as possibly linked to
terrorism.

The agency told the court that all the numbers on the alert list had met
the legal standard of suspicion, but that was false. In fact, only about 10
percent of 17,800 phone numbers on the alert list in 2009 had met that
test, a senior intelligence official said.

In a sharply worded March 2009 ruling, Judge Reggie B. Walton described the
N.S.A.’s failure to comply with rules set by the intelligence court, set
limits on how it could use the data it had gathered, and accused the agency
of repeatedly misinforming the judges.

“The government has compounded its noncompliance with the court’s orders by
repeatedly submitting inaccurate descriptions of the alert list process” to
the court, Judge Walton wrote. “It has finally come to light that the
F.I.S.C.’s authorizations of this vast collection program have been
premised on a flawed depiction of how the N.S.A. uses” the phone call data.

The senior American intelligence official, briefing reporters before the
documents’ release, admitted the sting of the court’s reprimand but said
the problems came in a complex, highly technical program and were
unintentional.

“There was nobody at N.S.A. who really had a full understanding of how the
program was operating at the time,” said the official, who spoke on the
condition of anonymity. The official noted that the agency itself
discovered the problem, reported it to the court and to Congress, and
worked out new procedures that the court approved.

In making public 14
documents<http://www.dni.gov/index.php/newsroom/press-releases/191-press-releases-2013/927-draft-document>on
the Web site of the director of national intelligence, James
R. Clapper Jr.<http://topics.nytimes.com/top/reference/timestopics/people/c/james_r_clapper_jr/index.html?inline=nyt-per>,
the intelligence officials were acting in response to Freedom of
Information Act lawsuits and a call from President
Obama<http://topics.nytimes.com/top/reference/timestopics/people/o/barack_obama/index.html?inline=nyt-per>for
greater transparency about intelligence programs. The lawsuits were
filed by two advocacy groups, the Electronic Frontier Foundation and
the American
Civil Liberties
Union<http://topics.nytimes.com/top/reference/timestopics/organizations/a/american_civil_liberties_union/index.html?inline=nyt-org>.


“The documents only begin to uncover the abuses of the huge databases of
information the N.S.A. has of innocent Americans’ calling records,” said
Mark M. Jaycox, a policy analyst at the Electronic Frontier Foundation. He
said the agency’s explanation — that none of its workers fully understood
the phone metadata program — showed “how much of a rogue agency the N.S.A.
has become.”

Judge Walton’s ruling, originally classified as top secret, did not go that
far. But he wrote that the privacy safeguards approved by the court “have
been so frequently and systematically violated” that they “never functioned
effectively.”

Senator Patrick J. Leahy of Vermont, the chairman of the Senate Judiciary
Committee, welcomed the release of the documents, but said that they showed
“systemic problems” and that the bulk collection of Americans’ phone
records should be stopped.

Intelligence officials have expressed some willingness to adjust the
program in response to complaints from Congress and the public, possibly by
requiring the phone companies, rather than the N.S.A., to stockpile the
call data. But they say that the program remains crucial in detecting
terrorist plots and is now being run in line with the court’s rules.

A different intelligence court judge, John D. Bates, rebuked the N.S.A. in
2011 for violations in another program and also complained of a pattern of
misrepresentation. The 2011 opinion, which made a reference to the 2009
reprimand, was released by intelligence officials last month.

Since June, Mr. Snowden’s revelations have set off the most extensive
public scrutiny of the N.S.A. since its creation in 1952. Last week, based
on his documents, The New York Times, ProPublica and The Guardian wrote
about the agency’s systematic
efforts<http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?hp>to
defeat privacy protections for Internet communications, including
evidence that the agency deliberately weakened an encryption standard
adopted nationally and internationally in 2006.

On Tuesday, the National Institute of Standards and Technology, the agency
charged with setting federal cybersecurity standards, scrambled to try to
restore public confidence, after reports that it had recommended a standard
that contained a back door for the N.S.A.

The agency said it would reopen the public vetting process for the
standard, used by software developers around the world. “If vulnerabilities
are found in these or any other N.I.S.T. standard, we will work with the
cryptographic community to address them as quickly as possible,” the agency
said in a statement.

The Times reported that as part of the N.S.A.’s efforts, it had worked
behind the scenes to push the same standard on the International
Organization for Standardization, which counts 163 countries among its
members.

The national standards agency denied that it had ever deliberately weakened
a cryptographic standard, and it moved to clarify its relationship with the
N.S.A. “The National Security Agency participates in the N.I.S.T.
cryptography process because of its recognized expertise,” the standards
agency said. “N.I.S.T. is also required by statute to consult with the
N.S.A.”

Cryptographers said that the revelations last week had eroded their trust
in the agency, but that reopening the review process was an important step
in rebuilding confidence.

“I know from firsthand communications that a number of people at N.I.S.T.
feel betrayed by their colleagues at the N.S.A.,” Matthew D. Green, a
cryptography researcher at Johns Hopkins University, said in an interview
on Tuesday. “Reopening the standard is the first step in fixing that
betrayal and restoring confidence in N.I.S.T.”

Nicole Perlroth contributed reporting.




-- 
Art Deco (Wayne A. Fox)
art.deco.studios at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.fsr.com/pipermail/vision2020/attachments/20130911/4012112d/attachment-0001.html>