There have been so many informative reports over the last couple of days on government surveillance programs, it’s been tough to keep up with them all, but let’s take some time to review what’s come to public light.
This CNET story was published on Saturday, for example, and caused quite a stir.
The National Security Agency has acknowledged in a new classified briefing that it does not need court authorization to listen to domestic phone calls.
Rep. Jerrold Nadler, a New York Democrat, disclosed this week that during a secret briefing to members of Congress, he was told that the contents of a phone call could be accessed “simply based on an analyst deciding that.”
If the NSA wants “to listen to the phone,” an analyst’s decision is sufficient, without any other legal authorization required, Nadler said he learned. “I was rather startled,” said Nadler, an attorney and congressman who serves on the House Judiciary committee.
If true, this would suggest a return to warrantless wiretaps, used by the Bush/Cheney administration, before Congress expanded surveillance laws and required some modicum of oversight.
By late yesterday, however, it appears that the story was not accurate and the NSA cannot wiretap Americans’ calls without a warrant. The FBI said Nadler misunderstood the information provided in the closed-door briefing; Nadler walked back his assessment, and by this morning, CNET had effectively given up on defending its original report.
And while it’s at least mildly reassuring that the surveillance programs have not taken such a drastically illegal turn, there were plenty of other revelations that bolstered the concerns of privacy advocates and civil libertarians.
The Associated Press, for example, sketched out how the suddenly infamous PRISM program works, and the “streamlined” process through which the private sector complied with warrants.
Under Prism, the delivery process varied by company. Google, for instance, says it makes secure file transfers. Others use contractors or have set up stand-alone systems. Some have set up user interfaces making it easier for the government, according to a security expert familiar with the process.
Every company involved denied the most sensational assertion in the Prism documents: that the NSA pulled data “directly from the servers” of Microsoft, Yahoo, Google, Facebook, AOL and more.
Technology experts and a former government official say that phrasing, taken from a PowerPoint slide describing the program, was likely meant to differentiate Prism’s neatly organized, company-provided data from the unstructured information snatched out of the Internet’s major pipelines.
On the other hand, Reuters published a report suggesting surveillance affected a fairly small number of people.
The U.S. government only searched for detailed information on calls involving fewer than 300 specific phone numbers among the millions of raw phone records collected by the National Security Agency in 2012, according to a government paper obtained by Reuters on Saturday.
The unclassified paper was circulated Saturday within the government by U.S. intelligence agencies and apparently is an attempt by spy agencies and the Obama administration to rebut accusations that it overreached in investigating potential militant plots.
I haven’t seen this confirmed elsewhere, but so long as we’re taking an overview look at reports from the weekend, I thought I’d include it in the mix.
Meanwhile, Facebook and Microsoft confirmed that they received data requests under the FISA law, but “they added that the U.S. government did not permit them to provide specific figures.” So what did the government get from the tech giants? The companies only released “broad numbers with no breakdowns. Over the last six months of 2012, Facebook said, it had received as many as 10,000 requests from local, state and federal agencies, which impacted as many as 19,000 accounts. Facebook has 1.1 billion accounts worldwide. Microsoft said that it received between 6,000 and 7,000 similar requests, affecting as many as 32,000 accounts.”
And finally, Barton Gellman had a lengthy piece offering some helpful context on various NSA surveillance programs – it’s probably time we familiarize ourselves with words like “STELLARWIND,” “MAINWAY,” and “MARINA” – but of particular interest was the report’s details on the showdown in John Ashcroft’s hospital room in 2004.
Telephone metadata was not the issue that sparked a rebellion at the Justice Department, first by Jack Goldsmith of the Office of Legal Counsel and then by Comey, who was acting attorney general because John D. Ashcroft was in intensive care with acute gallstone pancreatitis. It was Internet metadata.
At Bush’s direction, in orders prepared by David Addington, the counsel to Vice President Richard B. Cheney, the NSA had been siphoning e-mail metadata and technical records of Skype calls from data links owned by AT&T, Sprint and MCI, which later merged with Verizon.
For reasons unspecified in the report, Goldsmith and Comey became convinced that Bush had no lawful authority to do that.
Unless I’m remembering the original story incorrectly, this seems like a twist on what had previously been reported. I was under the impression that the showdown was over a legally dubious NSA program related to warrantless wiretaps of telephone calls, but Gellman’s new reporting points to concerns from Ashcroft and Comey over the collection of online communications.
Good to know.