2 March 2009, ODNI: FISC: In Re Production of Tangible Things from (redacted) (Order) (PDF)

September 10, 2013

NSA Violated Privacy Protections, Officials Say

Revelation Calls Into Question Security of Phone-Record Database


WASHINGTON--The National Security Agency's searches of a database containing the phone records of nearly all Americans violated privacy protections for three years by failing to meet a court-ordered standard, according to court documents released Tuesday.

The documents showed the violations continued until a judge ordered an overhaul of the program in 2009.

Since the breadth of the phone-records collection came to light through leaks by former NSA contractor Edward Snowden, U.S. officials have said that for all queries of the database, the NSA must show a "reasonable articulable suspicion" that the phone number being targeted is associated with a terrorist organization.

Between 2006 and 2009, however, of the 17,835 phone numbers checked against phone records, only 1,935 were based on that reasonable-suspicion standard, intelligence officials said.

In a March 2009 order that was declassified Tuesday, Judge Reggie Walton of the Foreign Intelligence Surveillance Court said the government had so "frequently and systematically violated" the procedures it had said it was following that a critical element of the program "never functioned effectively." The judge criticized what he described as "repeated inaccurate statements made in the government's submissions."

While the government previously acknowledged errors in handling phone and Internet data collected by the NSA, Tuesday's revelations show the extent to which the errors permeated the phone-data collection in particular and led to the previously undisclosed denunciation by the judge. They call into question the NSA's ability to follow the rules governing the sweeping domestic surveillance programs it introduced more than 10 years ago in the wake of the 2001 terrorist attacks.

Officials said the violations were inadvertent, because NSA officials didn't understand their own phone records collection program. In a 2009 declaration to the judge, NSA Director Keith Alexander said that "from a technical standpoint, there was no single person who had a complete technical understanding of the [record] system architecture."

Top U.S. officials, including Gen. Alexander, have repeatedly reassured lawmakers and the public that the phone-records program has been carefully executed under oversight from the secret national security court.

"This is not a program where we are out freewheeling it," Gen. Alexander said in June. "It is a well-overseen and a very focused program."

On Capitol Hill, key lawmakers renewed their call to shut down the phone- data program. In a statement, Sens. Ron Wyden (D., Ore.) and Mark Udall (D., Colo.) said that significant violations remain classified, including ones related to the collection of data about Americans' email communications.

Officials made public the violations as part of a court-ordered release of documents in lawsuits by the Electronic Frontier Foundation and the American Civil Liberties Union against the Justice Department. The release included roughly 1,800 pages.

The ACLU's Alex Abdo said the documents offer "further evidence that secret and one-sided judicial review is not an adequate check on the NSA's surveillance practices. The so-called 'compliance incidents' are troubling, but this is a program that should never have been authorized to begin with."

The NSA violations occurred between 2006, when the phone-records program first came under court supervision, and 2009, when NSA officials told Judge Walton the program had been conducting searches using thousands of phone numbers that didn't meet court standards. Before 2006, the program was run without court supervision.

The program was developed under a provision of the Patriot Act that allows the NSA, through the Federal Bureau of Investigation, to collect business records "relevant to an authorized investigation." The NSA determined that nearly all U.S. phone call records were "relevant" to its terrorism investigations, because it needed all the calls in order to determine with whom suspects were communicating.

The records, called "metadata," includes phone numbers people dialed and where they were calling from. The content of the calls isn't obtained under this program.

The NSA used an "alert list" of nearly 18,000 numbers of "counterterrorism interest" to screen phone records on a daily basis and determine which ones it should look at most closely, a senior intelligence official said. New phone records that had a relationship to those on the alert list were given a higher priority for subsequent possible searches that would be done if NSA could meet the "reasonable articulable suspicion" standard.

The documents also show that the government collected credit card information through some phone records. At the government's request, phone companies began removing credit card data from the records they turned over, beginning in 2006.

The violations were initially uncovered by Justice Department officials after a Jan. 9, 2009, meeting with NSA officials, according to the documents. The federal government reported the "compliance incident" to the Foreign Intelligence Surveillance Court that Jan. 15. Intelligence officials said the timing of the report, which came in the final days of the George W. Bush administration, was coincidental.

The next month, the government wrote to the secret court acknowledging that its description of the program had been inaccurate and violated the court's order, but argued that because NSA had identified the problems and taken steps to fix them, the court shouldn't modify its order approving the program. It said the program was "vital to NSA's counterterrorism intelligence mission."

In March 2009, Judge Walton was upset enough to order Justice Department lawyers to intervene and help fix the program.

It wasn't until September 2009 that Judge Walton issued a new authorization of the program that imposed much stricter rules on who could approve searches of the phone database and how that information could be shared. The program was overhauled so that all searches met the court-ordered standard, and NSA established a new compliance office, which now oversees the phone data and other NSA spy programs.

In the interim, they said, the NSA had to get approval from the court on a case-by-case basis to search its database, though there was an exception allowing immediate searches in emergency cases. Officials said NSA obtained court approval in specific cases multiple times.

James Clapper, director of national intelligence, said the NSA's discovery of the problems with the phone records program and its reporting to the court show that oversight of the NSA surveillance programs works as designed.The documents released Tuesday "are a testament to the government's strong commitment to detecting, correcting and reporting mistakes." He blamed errors on the "complexity of the technology."

Write to Siobhan Gorman at and Devlin Barrett at