NSA may kill off mass phone spying program Snowden exposed, says Congressional staffer

But really it's just the start of the latest surveillance chess game

Edward Snowden at Think. Image Darren Pauli / The Register

Special report The NSA may kill off a controversial mass surveillance program of Americans that was exposed by Edward Snowden, according to a Congressional staffer.

Luke Murry is national security advisor to House minority leader Kevin McCarthy (R-CA), and over the weekend told the Lawfare podcast (5 minutes in) that the US spying agency hasn't been using its system for blanket collection of US citizens' telephone metadata for the past six months "because of problems with the way in which that information was collected, and possibly collecting on US citizens."

Murry then suggested the White House may simply drop the program, especially since it requires Congress to reauthorize it this December. "I'm not actually certain that the administration will want to start that back up given where they’ve been in the last six months," he said.

That comment was picked up by reporters, and has led to lots of speculation that the NSA may be ending one of its most disliked spying programs: one that has been repeatedly criticized as unconstitutional by the law courts, privacy advocates, and legislators, because it indiscriminately snoops on America's own citizens.

The truth, unfortunately, is very different.

Murry muddied the issue by conflating the bulk collection of phone metadata with the broader Section 215 of the USA PATRIOT Act, which g-men previously used to obtain various bits of intelligence on pretty much anyone on US soil. Section 215 expired at the end of May 2015, and was, in a rather roundabout and messy way, reenabled through to the end of 2019 via the USA Freedom Act that passed the following month. Now its's 2019, and the section's up for renewal again.

When Murry was asked about national security topics coming up this year, he said: "One which may be must-pass, may actually not be must-pass, is Section 215 of USA Freedom Act, where you have this bulk collection of, basically metadata on telephone conversations — not the actual content of the conversations but we’re talking about length of call, time of call, who’s calling — and that expires at the end of this year."

Now, Section 215 is in fact much broader than phone metadata collection. In 2014, for example, there were 180 orders authorized by the US government's special FISA Court under Section 215, but only five of them related to metadata; the rest cover, well, the truth is that we don't know what they cover because it remains secret.

Tangible

The best guess is that the remaining 97 percent of the Section 215 orders cover things like emails and instant messages, search engine searches, and video uploads. The actual wording of the law is that the NSA can collect "tangible things" – which is likely the broadest possible language that the NSA and FBI could imagine when the law was written.

The reason that telephone metadata has been so closely associated with Section 215 is because that was the part of the blanket surveillance program of Americans whistleblower Edward Snowden first exposed, and it created a huge stink. It has stuck in people's heads.

We're spying on you for your own protection, says NSA, FBI

READ MORE

Telephone metadata collection has also repeatedly featured in battles over spying powers and in public announcements by the NSA. Why? In large part because it has become a part of larger public awareness in a way that all the others things Uncle Sam carries out under Section 215 have not.

In 2015, one month after the program was reauthorized, the Office of the Director of National Intelligence (ODNI) issued a rare statement that seemed like good news: the NSA would stop analyzing old bulk telephony metadata and start deleting it.

After Congress had looked into Section 215, a new agreement was reached that the NSA would turn away from bulk collection of data and instead focus on "new targeted production." The message was that the security services had learned their lesson and Congressional oversight has worked: the spying program had been scaled back.

But had it? Well, no, is the answer. Because despite the new "targeted" approach, three years later in June 2018, another statement came out of the blue in which the ODNI said it had begun deleting all "call detail records" – CDRs – that it had acquired since that 2015 change in approach.

Why? And why did it make the decision public?

Irregular

We don't know. But the ODNI's explanation was "because several months ago NSA analysts noted technical irregularities in some data received from telecommunications service providers." Those "irregularities" resulted in the NSA receiving information it was not authorized to receive, it said.

For some reason, prior to going public, the spy nerve-center felt the need to share its findings with the Department of Justice and Office of the Director of National Intelligence, and then they all decided the best course of action was to delete everything.

And once those entities had been pulled in, the NSA decided it needed to inform Congressional oversight committees, and the Privacy and Civil Liberties Oversight Board (PCLOB), as well as let the DoJ know it should inform the Foreign Intelligence Surveillance Court (FISC). At that point so many people knew that the ODNI presumably thought it was only a matter of time before the information leaked and so it put out a public statement.

But, the NSA assured everyone, "the root cause of the problem has since been addressed for future CDR acquisitions, and NSA has reviewed and revalidated its intelligence reporting to ensure that the reports were based on properly received CDRs."

Except, now, according to McCarthy's national security advisor Luke Murry, the NSA never started the program up again. And it is prepared, at least according to Murry's reading of the situation, to let the whole metadata program drop.

Why? It almost certainly has something to do with two US senators: Ron Wyden (D-OR) and Rand Paul (R-KY). Both have been battling with the NSA for several years over its spying programs.

Wyden is a member of the Senate intelligence committee, and so is given classified briefings about what the NSA really gets up to. Paul is a libertarian, and philosophically opposed to state surveillance.

Together, with others, they put up an almighty fight last year to push greater controls on another controversial spying program – Section 702 of the Foreign Intelligence Surveillance Act (FISA) – as it went through reauthorization. Ultimately they failed, but they got very close to winning, and that worried the NSA immensely.

Sponsored: How to get more from MicroStrategy by optimising your data stack

Next page: Interpretation

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER




Biting the hand that feeds IT © 1998–2019