Six things revealed from newly-unclassified NSA documents

0
Title slide for a once-classified NSA PowerPoint presentation.

Title slide for a once-classified NSA PowerPoint presentation.

The Office of National Intelligence (ODNI) released thousands of documents on Monday related to the National Security Agency’s practice of collecting phone and internet data in bulk.

The files published by ODNI contained previously-classified NSA training materials, reports by the U.S. attorney general to Congress and Foreign Intelligence Surveillance Court (FISC) orders on the bulk collection of email metadata between 2004 and 2011, and telephony metadata from the mid-2000s to the present day.

Almost all of the documents in the 38 files released by ODNI on Monday were redacted in some form or another, but the documents did shed light on what government intelligence agencies were allowed to collect and how agents were allowed to use the data.

The documents also revealed multiple non-compliance issues with how the government disseminated intelligence data to other agencies as well as a shocking revelation that, despite the apparent incompetence of intelligence agencies with regard to the data, no government request for business records were rejected by the intelligence court since 2005.

The Desk the past two days pouring over the files made public Monday evening. Here are some key takeaways from the now-unclassified documents:

1. A telephone company gave the NSA personal information of customers: Some records given to the NSA within a three month period in 2006 contained personal names and credit card information of subscribers with a certain phone company (the name was redacted in a court document, but it’s assumed the phone company was Verizon).

The NSA said it responded by creating software that prevented analysts from viewing the names and credit card numbers. The agency also said it asked Verizon not to disclose that information again. It is not known if Verizon complied.

2. The NSA told analysts to monitor Americans, even if their activities appear to be constitutionally protected: Telephone numbers of individuals, American and foreign, were monitored if the NSA found an instance of “reasonable articulate suspicion.” NSA training material repeatedly said RAS could not be determined based on protected First Amendment activity, such as uploading sermons to the internet, reading certain material or speaking out against the government.

“Should you abandon a RAS nomination if there is a potential First Amendment concern? Absolutely not,” NSA training material says. “The present of First Amendment evidence does not invalidate a RAS.”

3. The NSA can save data accidentally collected on an American individual: A 2009 PowerPoint presentation titled “NSA Cryptological School Course” reveals the NSA can save information accidentally collected on Americans living in the United States.

NSA-AG-SLIDE

A slide called “AG Destruction Waiver” orders communication data inadvertently collected on American citizens, people living in the U.S. or communication made in the U.S. to be destroyed unless the U.S. Attorney General determines the communication data contains “significant foreign intelligence,” “information related to a threat of serious harm to life or property,” “technical information about a communications vulnerability” or “evidence of a serious crime.”

It is unclear what constitutes a “serious crime.” It is also unclear if the “communication” relates to phone calls, email, instant messages, internet traffic or all four.

4. The FISA groups world leaders with foreign terrorists: NSA training materials repeatedly stated that only individuals considered to be or interacting with “foreign power” could be nominated as a RAS candidate — that is, only those individuals who could be watched by NSA analysts.

foreignpower1

foreignpower2

Under the NSA’s definitions found in the 2009 cryptology PowerPoint, the agency can surveil the United Nations, German Chancellor Angela Merkel and other foreign diplomats and heads of state since they fit the definition of “an officer or employee of a foreign power.”

5. The NSA repeatedly ignored court orders on bulk collection: The court found the NSA “broke the conditions that it was meant to adhere by and shared unfiltered information with other agencies,” ZDNet’s Michael Lee reported, sourcing court documents released Monday by ODNI.

The court found, among other things, NSA analysts improperly gave other agencies, like the FBI and the CIA, information obtained from the bulk collection of telephone metadata. The court had originally ordered only specific NSA officials to authorize dissemination — not analysts — and the court found that the NSA “simply ignored” its order.

The FISC also said the NSA repeatedly collected more data than it was allowed to — and couldn’t explain to the court how it happened.

6. Despite the NSA’s incompetence, the FISC approved every government application for business records since 2005: According to Congressional reports prepared by the Office of the Attorney General, the U.S. government made dozenssometimes hundreds — of applications for business records to the FISC. According to the reports, the FISC approved all requests made by the government.


Year U.S. Gov’t applications
for business records
Number of applications
rejected by FISC
2005 155 0
2006 43 0
2007 17 0
2008 13 0
2009 21 0
2010 96 0
2011 205 0

Collection: All government documents released by ODNI (18 November 2013)
Document: 2006 Memo of Law on Fourth Amendment Protections
Document: 2009 NSA “Cryptological School Course” PowerPoint presentation
Document: FISC Judge Order Granting Bulk Email Data Collection
Document: NSA report to Foreign Intelligence Surveillance Court
Wall Street Journal: Documents show years of problems with NSA programs
ZDNet: NSA spy programs ignored court orders