Related:

25 April 2013, NYT: United States Foreign Intelligence Surveillance Court: In Re Application of the Federal Bureau of Investigation for an Order Requiring the Production of Tangible Things from (redacted) (Primary Order) (PDF)

2 February 2011, NYT: DOJ: Report on the National Security Agency's Bulk Collection Programs for USA PATRIOT Act Reauthorization (PDF)

14 December 2009, NYT: DOJ: Report on the National Security Agency's Bulk Collection Programs Affected by USA PATRIOT Act Reauthorization (PDF)
http://www.nytimes.com/2013/08/01/us/nsa-surveillance.html

July 31, 2013

Senate Panel Presses N.S.A. on Phone Logs

By CHARLIE SAVAGE and DAVID E. SANGER

WASHINGTON -- Senators of both parties on Wednesday sharply challenged the National Security Agency's collection of records of all domestic phone calls, even as the latest leaked N.S.A. document provided new details on the way the agency monitors Web browsing around the world.

At a Senate Judiciary Committee hearing, the chairman, Patrick J. Leahy, Democrat of Vermont, accused Obama administration officials of overstating the success of the domestic call log program. He said he had been shown a classified list of "terrorist events" detected through surveillance, and it did not show that "dozens or even several terrorist plots" had been thwarted by the domestic program.

"If this program is not effective it has to end. So far, I'm not convinced by what I've seen," Mr. Leahy said, citing the "massive privacy implications" of keeping records of every American's domestic calls.

At the start of the hearing, the Obama administration released previously classified documents outlining the rules for how the domestic phone records may be accessed and used by intelligence analysts. And as senators debated the program, The Guardian published [1]on its Web site a still-classified 32-page presentation, [2] apparently downloaded by Edward J. Snowden, the former N.S.A. contractor, that describes a separate surveillance activity by the agency.

Called the XKeyscore program, it apparently gives N.S.A. analysts access to virtually any Internet browsing activity around the world, data that is being vacuumed up from 150 foreign sites.

Together, the new disclosures provided additional details on the scope of the United States government's secret surveillance programs, which have been dragged into public view and public debate by leaks from Mr. Snowden, who remains stranded in a Moscow airport.

The hearing came a week after the House voted narrowly to defeat an amendment [3] to shut down the N.S.A.'s domestic phone record tracking program. The 217-to-205 vote was far closer than expected, and it -- along with shifting poll numbers -- suggested that momentum against the domestic program was building. [4] In recent days even some of the most outspoken supporters of the program have said they are open to adjusting it.

The Obama administration has been trying to build public support for its surveillance programs, which trace back to the Bush administration, by arguing that they are subject to strict safeguards and court oversight and that they have helped thwart as many as 54 terrorist events. That figure, Mr. Leahy emphasized, relies upon conflating another program that allows surveillance targeted at noncitizens abroad, which has apparently been quite valuable, with the domestic one.

Still, Senator Dianne Feinstein, the California Democrat who is chairwoman of the Senate Intelligence Committee, said she supported overhauling the program but keeping it in place because it generates information that might prevent attacks.

John C. Inglis, the deputy director of the N.S.A., said there had been 13 investigations in which the domestic call tracking program made a "contribution." He cited two discoveries: that several men in San Diego were sending money to a terrorist group in Somalia, and that a suspect who was already under scrutiny in a subway bomb plot was using a different phone.

Robert S. Litt, the top lawyer in the Office of the Director of National Intelligence, testified that the Obama administration was also "open to re-evaluating this program" to create greater public confidence that it protects privacy while "preserving the essence of the program." Administration officials have emphasized that the program collects only so-called metadata, and not the contents of phone calls.

Still, the top Republican on the committee, Senator Charles E. Grassley of Iowa, asked skeptical questions about the legal basis for the program while criticizing the director of national intelligence, James Clapper, for making inaccurate statements to Congress about it in March. Mr. Clapper has since apologized. [5]

"Nothing can excuse this kind of behavior from a senior administration official of any administration, especially on matters of such grave importance," Mr. Grassley said.

A series of slides describing XKeyscore, dated 2008, make it clear that the security agency system is collecting a huge amount of data on Internet activity around the globe, from chats on social networks to browsing of Web sites and searches on Google Maps. The volume of data is so vast that most of it is stored for only three days, although metadata -- information showing logins and server activity, but not content -- is stored for a month. Several of the pages were redacted by The Guardian.

Some of the servers the agency uses are run by foreign intelligence services of friendly nations, including Britain, Australia, Canada and New Zealand, but other servers may be on the soil of countries unaware the agency is mining Internet "pipes" on their soil. Some of the harvesting of data takes place on the coasts of the United States, and along the Mexican border. Most sites are in Europe, the Middle East, and along the borders of India, Pakistan, and China.

The intelligence analysts search for terrorist cells by looking at "anomalous events" -- someone searching in German from Pakistani sites, or an Iranian sending an encrypted Microsoft Word file. But one slide says the system can be used to identify anyone "searching the Web for suspicious stuff."

The presentation says the system enables analysts to identify and pursue leads even if they do not yet know the name, or the e-mail address, of a suspect. "A large amount of time spent on the Web is performing actions that are anonymous," it explains.

One example of how analysts might use the system is to search for whenever someone has started up a "virtual private network" in a particular country of interest; the networks are pipelines that add greater security to online communications. N.S.A. analysts are able to use the system to extract the activity retrospectively from "raw unselected bulk traffic," the documents say, and then decrypt it to "discover the users."

The agency said its surveillance of the Internet was part of its "lawful foreign signals intelligence collection" and not "arbitrary and unconstrained." The chairman of the House Intelligence Committee, Representative Mike Rogers, and the ranking Democrat, C. A. Dutch Ruppersberger, said, "The program does not target American citizens."

The XKeyscore presentation claimed the program had generated intelligence that resulted in the capture of more than 300 terrorists. By contrast, the documents released by the government about the domestic phone log program were more abstract.

They included briefing papers to Congress from 2009 [6] and 2011 [7] about the "very large scale" logging of Americans' calling records -- along with a related program that logged Americans' e-mails, and that was shut down later in 2011 -- portraying the programs as providing a vital and important capability.

But Senator Ron Wyden, an Oregon Democrat on the Senate Intelligence Committee who has been a leading critic of the bulk collection programs, said the program had been shut down because officials were unable "to provide evidence to support the claims" of operational value. Mr. Wyden has also questioned the utility of the phone log program.

The new documents also included an April "primary order" [8] by the Foreign Intelligence Surveillance Court that supported orders requiring phone companies to turn over all customer records. It said the government may access the records only when there are "facts giving rise to a reasonable, articulable suspicion" that the number to be searched is associated with terrorism.

However, it said that the results of each inquiry are then placed in a "corporate store" that analysts may search without any such limits. Intelligence officials have separately said that search results include not just a target's phone records, but also exponentially larger sets of the records of people in as many as three concentric circles around the target.

[1] http://www.theguardian.com/world/2013/jul/31/nsa-top-secret-program-online-data

[2] http://www.documentcloud.org/documents/743244-xkeyscore-slidedeck.html

[3] http://www.nytimes.com/2013/07/25/us/politics/house-defeats-effort-to-rein-in-nsa-data-gathering.html

[4] http://www.nytimes.com/2013/07/29/us/politics/momentum-builds-against-nsa-surveillance.html

[5] http://www.dni.gov/files/documents/2013-06-21 DNI Ltr to Sen. Feinstein.pdf

[6] https://www.documentcloud.org/documents/743214-2009-coverletter-report-collection.html

[7] https://www.documentcloud.org/documents/743215-2011-coverletters-report-collection.html

[8] https://www.documentcloud.org/documents/743216-primaryorder-collection-215.html

Earlier at url:

July 31, 2013

U.S. Outlines N.S.A.'s Culling of Data for All Domestic Calls

By CHARLIE SAVAGE

WASHINGTON -- The Obama administration on Wednesday released formerly classified documents outlining a once-secret program of the National Security Agency that is collecting records of all domestic phone calls in the United States, as top officials testified before the Senate Judiciary Committee.

As the hearing began, The Guardian newspaper published another document [1] from the archives of Top Secret surveillance matters leaked to it by the former N.S.A. contractor Edward J. Snowden. It was a 32-page presentation describing the N.S.A.'s XKeyscore program, [2] by which N.S.A. analysts can mine vast databases of phone and Internet information the agency has vacuumed up.

The documents released by the government, meanwhile, include an April ruling [3] by the Foreign Intelligence Surveillance Court that supported a secondary order [4] -- also leaked by Mr. Snowden -- requiring a Verizon subsidiary to turn over all of its customers' phone logs for a three-month period.

It said the government may access the logs only when an executive branch official determines that there are "facts giving rise to a reasonable, articulable suspicion" that the number searched is associated with terrorism.

The releases also included two formerly classified briefing papers to Congress from 2009 [5] and 2011, [6] when the provision of the Patriot Act that the court relied on to issue that order was up for reauthorization. The papers outlined the bulk collection of "metadata" logging all domestic phone calls and e-mails of Americans and are portrayed as an "early warning system" that allowed the government to quickly see who was linked to a terrorism suspect.

"Both of these programs operate on a very large scale," the 2011 briefing paper said, followed by something that is redacted, and then: "However, as described below, only a tiny fraction of such records are ever viewed by N.S.A. intelligence analysts."

Both programs traced back to the surveillance efforts the Bush administration secretly started after the terrorist attacks of Sept. 11, 2001, and which initially operated outside statutory authority or court oversight. The Bush administration later obtained orders from the Foreign Intelligence Surveillance Court to continue them.

The Obama administration has said it shut down the program that collected e-mail "metadata" in 2011, but it is not clear whether such collection has continued under a different program.

The newly disclosed XKeyscore presentation focuses in particular on Internet activities, including chats and Web site browsing activities, as intelligence analysts search for terrorist cells by looking at "anomalous events" like who is using encryption or "searching the web for suspicious stuff."

In contrast to the domestic-call tracking program, the example cited in the XKeyscore presentation -- which said it had generated intelligence that resulted in the capture of more than 300 terrorists -- appeared to be focused on overseas activity.

Several of the pages on the presentation were redacted by The Guardian.

But the presentation shows that while much of the focus from Mr. Snowden's revelations so far has been on communications -- whether calls or e-mails -- that are linked, directly or indirectly, to a known suspect, the N.S.A. is also collecting and searching through massive amounts of Web-browsing activity.

"A large amount of time spent on the Web is performing actions that are anonymous," the presentation explains, saying the XKeyscore system can extract and store retrospective activity from "raw unselected bulk traffic" that is collected and stored for 30 days.

As one example, it cited trying to locate for a target who speaks German but is known to be in Pakistan by looking for German-language Internet activity in that country. As another, a slide said: "My target uses Google Maps to scope target locations -- can I use this information to determine his e-mail address? What about the Web-searches -- do any stand out and look suspicious?"

At the start of Wednesday's hearing, the chairman of the Senate Judiciary Committee, Senator Patrick J. Leahy, Democrat of Vermont, expressed deep skepticism about the domestic phone records program. He criticized intelligence officials and defenders of the program for misleadingly saying it helped prevent 54 terrorist events, a number that conflates the usefulness of N.S.A. surveillance activities targeted at noncitizens abroad with the usefulness of the database of Americans' phone calls.

A classified list of "terrorist events" that N.S.A. surveillance helped to prevent, he said, "simply does not reflect dozens or even several terrorist plots" that the domestic call log program "helped thwart or prevent, let alone 54, as some have suggested."

Citing the "massive privacy implications" of the program, Mr. Leahy said: "If this program is not effective it has to end. So far I'm not convinced by what I've seen."

But Senator Dianne Feinstein, the chairwoman of the Senate Intelligence Committee who is also on the judiciary panel, said that while the program could be changed with greater restrictions and safeguards, it should be preserved because it would place the nation "in jeopardy" to eliminate it.

Robert Litt, the top lawyer in the Office of the Director of National Intelligence, testified that the Obama administration was also "open to re-evaluating this program" to create greater public confidence that it protects privacy while "preserving the essence of the program."

Last week, the House of Representatives voted narrowly to defeat an amendment [7] to shut down the N.S.A.'s domestic phone record tracking program. The 217-to-205 vote was far closer than expected and came as members of both parties defied their leadership to oppose continuing the domestic call logging program, suggesting that momentum against it was building. [8]

Before Mr. Snowden's leaks made clear what the government was doing with the Patriot Act program, several senators on the Intelligence Committee had made cryptic warnings that it was interpreting the law in a twisted way to do something alarming and made reference to the 2011 briefing paper. [9] The New York Times filed a lawsuit [10] under the Freedom of Information Act to obtain that document.

The lawsuit contended that the abstract legal analysis outlining what the government believed the Patriot Act meant could not be withheld from the public as properly classified and should be released, even if the passages detailing the program that relied upon that interpretation was redacted.

The Obama administration had argued that it could withhold that document entirely, and in May 2012 a Federal District Court judge, William H. Pauley III, agreed to dismiss the lawsuit [11] after reading the briefing paper, finding that the details of the classified program were "inextricably intertwined" with the rest, so releasing it in redacted form was "neither feasible nor warranted."

[1] http://www.theguardian.com/world/2013/jul/31/nsa-top-secret-program-online-data

[2] http://www.documentcloud.org/documents/743244-xkeyscore-slidedeck.html

[3] https://www.documentcloud.org/documents/743216-primaryorder-collection-215.html

[4] https://www.documentcloud.org/documents/712378-verizon.html

[5] http://www.documentcloud.org/documents/743214-2009-coverletter-report-collection.html

[6] https://www.documentcloud.org/documents/743215-2011-coverletters-report-collection.html

[7] http://www.nytimes.com/2013/07/25/us/politics/house-defeats-effort-to-rein-in-nsa-data-gathering.html

[8] http://www.nytimes.com/2013/07/29/us/politics/momentum-builds-against-nsa-surveillance.html

[9] https://www.documentcloud.org/documents/743215-2011-coverletters-report-collection.html

[10] https://www.documentcloud.org/documents/743192-patriotactfoiacomplaint.html

[11] https://www.documentcloud.org/documents/743195-patriotactfoia-ruling.html