Keeping the Spying Revelations Separate

Benjamin Wittes and Robert Chesney, who know a great deal about national security law, have an article urging people to keep the two revelations of government spying last week distinct from one another. There’s the Verizon metadata seizures and there’s the PRISM program, which are different in very important ways. First, we simply are not clear on what the PRISM program is and how it operates. Some have cast doubt, with seemingly reasonable arguments, on the PRISM revelations. But the Verizon leak we know is accurate because the actual order from the FISA court was leaked. And that might actually be the more significant problem:

At a high-level of abstraction, it does make some sense to lump these stories together. They both concern the tension between privacy and the need to collect intelligence in the context of evolving technologies—and the leaks, of course, came from the same source.

But at another level, conflating these two stories is a big mistake. They are by no means of equal weight and importance when it comes to informing the public about the government’s data-collection and monitoring powers. The Post story actually tells us little we did not already know—other than operational details that may prove of considerable use to those seeking to avoid NSA surveillance. By contrast, the Guardian story reveals a genuinely surprising and significant government legal position—albeit one apparently accepted by the FISA Court and congressional oversight leaders for a number of years—with important implications for the future of big data in government collection, surveillance, and intelligence authorities…

More importantly, the story, and the leak of the FISA Court order that underlies it, do reflect something significantly new concerning a claimed authority about which the public was not previously informed. Specifically, it reveals that the government was using a particular section of FISA—known as Section 215—as a way of accessing not just specific items about specific persons on a case-by-case basis, but also as a means to create giant datasets of telephony metadata that might later be queried on a case-by-case basis. As we move into the age of Big Data, it may not be surprising that the government would want to have authority to generate such a database; we all recall the Total Information Awareness initiative, after all. But it is surprising to learn both that the government thinks it already has this authority under Section 215, and still more so that the FISA Court agrees and that members of Congress know this as well.

Section 215 allows the government to seek and receive an order from the FISA court requiring third parties (like Verizon) to produce “tangible things” like business records, so long as the government can certify that the information sought is “relevant” to a national security investigation. It is the analog in the context of national security investigations to the grand jury subpoena in a criminal probe—the instrument by which the government can compel people to turn over material germane to the investigation. Most people assumed, prior to the Guardian story, that this provision was being used on discrete occasions to obtain individual collections of records about known counterintelligence or terrorist suspects—for records showing, say, that a certain person made certain purchases from a certain vendor or used a particular telephone to make specific calls. The government has, to some extent, encouraged this understanding, suggesting that Section 215 orders are comparatively rare and focused on specific business records.

There have been hints for some time that the government might be using Section 215 more aggressively. Senators Mark Udall and Ron Wyden, both members of the intelligence committee, have been warning for a while that the public would be shocked to know how government and the FISA Court had interpreted the provision. And Todd Hinnen, then acting head of the Justice Department’s National Security Division, testified in 2011 that “Section 215 has been used to obtain driver’s license records, hotel records, car rental records, apartment leasing records, credit card records, and the like. . . . Some orders have also been used to support important and highly sensitive intelligence collection operations, on which this committee and others have been separately briefed. On average, we seek and obtain section 215 orders less than 40 times per year” (emphasis added).

That said, until the Guardian story, it was not clear to the public that the government and the court had read the words “tangible things” and “relevant” so broadly as to permit the bulk pre-collection of records—including in particular “telephony metadata,” which includes all the non-content information pertaining to phone calls, such as the numbers involved and the physical location of the phones as indicated by the cell towers—much less that the government had been collecting such data for all calls within the United States and doing so for the past seven years, according to the leaders of the Senate intelligence committee.

That use of the business records provision for such a massive data-mining operation is, according to Wittes and Chesney, “different and grander in scope and scale from anything we had thought the law meant.” And unlike the PRISM program, there is no genuine dispute over what is happening.

"This is not an example of how petty Trumplethinskin can be. We all know he ..."

This Is How Petty Donald Trump ..."
"it sounds like you've never done an honest day's work.but there is actually such thing."

Trump Again Names Press the ‘Real ..."
"then why do you treat trans people differently, individually and collectively than you treat other ..."

Trump Again Names Press the ‘Real ..."
"Oh so you think the Democrats were your best hope, even though "Hillary Clinton" is ..."

Trump Again Names Press the ‘Real ..."

Browse Our Archives

Follow Us!

What Are Your Thoughts?leave a comment
  • D. C. Sessions

    On average, we seek and obtain section 215 orders less than 40 times per year

    Which takes on a very, very different meaning when you allow that one instance may be “everything you have on all of your customers.”

  • chisaihana5219

    Why is everyone so upset about this? We have known for years that the government has access to phone records and e-mails. You can’t watch a crime show on television without some character accessing phone logs or e-mails of the suspects without so much as a warrant. There have been documentary shows about the NSA and the data it collects. So much personal information is out on the web that you don’t even have to hack it, just google it. I’ve been notified twice that someone has hacked my bank and that all debit cards are cancelled and replaced. Why should I care if NSA has lists of my phone calls? It’s likely that the Chinese government also has a list of my phone calls and reads my e-mails. My medical records are now on-line and can be hacked too. Maybe what we need is not less access to information but more. Complete openness would perhaps lead to legislation that would truly regulate what could be done with this information. Privacy is an illusion that ended with the advent of MySpace (years ago). If you don’t want the government to know about you, get off the grid, stay off the net and the phone. That’s what the smart terrorists will do now that they know NSA is watching. Then again, if you look at the backlog at the VA, perhaps data overwhelm will protect us all!

  • machintelligence

    Why is everyone so upset about this?

    Why indeed? Why is the government ready to brand as a traitor someone who revealed what “everyone” knew?

  • doublereed

    Why is everyone so upset about this?

    Mostly because of this little line:

    The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

    Also, why are you bringing up television shows and their ridiculous non-realism? Is this like the CSI Effect. Come on man, you can’t be serious.

    Oh yes, and everything you’re saying is why we shouldn’t be surprised by this. You have said nothing about why we shouldn’t be upset.

  • maddog1129

    I dunno. On the TV shows I watch, they usually access one person’s e-mails or phone calls, and they do so WITH a warrant.

    Plus, why should what happens on TV shows be any kind of measure?