12/24/2013 08:42 pm ET | Updated Feb 24, 2014

The NSA's Telephone Meta-data Program: Part I

In my last post I explained a bit about what it was like to serve as one of the five members of the President's Review Group that was charged this fall with the responsibility of making recommendations about NSA surveillance and related issues. At the end of that post, I said I would follow-up several more essays examining the reasoning beyond some of the Review Group's 46 recommendations. In this post, I address the NSA's bulk telephony meta-data program, which has received so much attention in recent months.

In the aftermath of the September 11 terrorist attacks, Congress made several significant changes to the Foreign Intelligence Surveillance Act. Among the most important was the addition of section 215, which authorized the Foreign Intelligence Surveillance Court (the FISC) to issue orders directing individuals and organizations to turn over to the government "tangible things including books, records, papers, documents, and other items" upon a finding by the FISC that the government has "reasonable grounds to believe that the tangible objects sought are relevant" to an investigation intended to protect the nation "against international terrorism."

On its face, there was nothing exceptional about section 215. The government has always been able to use subpoenas to compel individuals or businesses to turn over documents and other objects in the course of criminal investigations. Section 215 essentially extended the traditional subpoena power to the foreign intelligence context. Because foreign intelligence investigations are typically classified, it was necessary to obtain these orders from the FISC, rather than from ordinary federal courts, because the FISC is designed specifically to deal with classified matters.

As envisioned, section 215 enabled the government to obtain an order from the FISC directing a credit card company, for example, to turn over to the government the credit card records of an individual reasonably believed to be planning or participating in terrorist activities. Similarly, upon such a showing, the government could obtain an order from the FISC requiring the suspected terrorist's telephone company to turn over his phone records.

In May 2006, the FISC adopted a much broader and unprecedented interpretation of section 215. It was that decision that led to the collection of bulk telephony meta-data. In that decision, and in a succession of subsequent decisions, FISC judges have issued orders under section 215 directing specified telephone service companies to turn over to the NSA, "on an ongoing daily basis," huge quantities of telephone meta-data involving the phone records of millions of Americans, none of whom are themselves suspected of anything.

The meta-data at issue in the section 215 program includes information about phone numbers (both called and received), but it does not include any information about the content of the calls or the identities of the participants. Once the NSA has the meta-data in its system, it has been authorized by the FISC to retain it for five years, after which it must destroy the meta-data on a rolling basis.

Why does the NSA want this information? The FISC authorized the collection of bulk telephony meta-data in reliance on the NSA's assertion that having access to these call records "is vital to NSA's counterterrorism intelligence." The NSA explained that access to such meta-data would enable its analysts "continuously to keep track of" the activities, operatives, and plans of specific foreign terrorist organizations who "disguise and obscure their communications."

Under rules approved by the FISC, the NSA can legally access the bulk telephony meta-data only when its analysts find that "there are facts giving rise to a reasonable, articulable suspicion" (RAS) that a particular telephone number "is associated with" a foreign terrorist organization.

In 2012, NSA queried 288 phone numbers, known as "seeds," each of which was certified by NSA analysts to meet the RAS standard. When a seed phone number is queried, the NSA derives from the database a list of every telephone number that either called or was called by the seed phone number in the past five years. This is known as the "first hop." For example, if the seed phone number was in contact with 100 different phone numbers in the past five years, the NSA would obtain a list of those 100 phone numbers.

The NSA then seeks to determine whether there is reason to believe that any of those 100 numbers are also associated with a foreign terrorist organization. If so, the query has uncovered a possible connection to a potential terrorist network that merits further investigation. Conversely, if none of the 100 numbers is believed to be associated with possible terrorist activity, there is less reason to be concerned that the potential terrorist is in contact with co-conspirators inside the United States.

In most cases, the NSA makes a second "hop." That is, it queries the database to obtain a list of every phone number that called or was called by the 100 numbers it obtained in the first hop. Thus, if we assume that the average telephone number calls or is called by 100 phone numbers over the course of a five-year period, then the second hop will produce a list of 10,000 phone numbers (100 x 100) that are two steps away from the seed number that is reasonably believed to be associated with a foreign terrorist organization. If any of those 10,000 phone numbers is also thought to be associated with a terrorist organization, that too is potentially useful information. In a very few instances, the NSA makes a third "hop," which would expand the list of numbers to approximately one million (100 x 100 x 100).

In 2012, NSA's 288 queries resulted in a total of twelve "tips" to the FBI that called for further investigation. If the FBI investigates a telephone number or other identifier tipped to it through the section 215 program, it must rely on other information to identify the individual subscribers of any of the numbers retrieved. If, through further investigation, the FBI is able to develop probable cause to believe that an identifier in the United States is conspiring with a person engaged in terrorist activity, it can then seek an order from the FISC authorizing it to intercept the contents of future communications to and from that telephone number.

The NSA reports that, on at least a few occasions, information derived from the section 215 bulk telephony meta-data program has contributed to its efforts to prevent possible terrorist attacks, either in the United States or somewhere else in the world. After examining the evidence provided by the NSA, the Review Group concluded that the information obtained through the section 215 telephony meta-data program had not proved necessary to the prevention of any planned terrorist attack since the program's inception in 2006. At the same time, though, it is certainly possible to imagine a situation in which the section 215 program might produce highly valuable information.

In my next post, I will explore the Review Group's reasoning and recommendations concerning the future of this program. What do you think so far? What are the best arguments for and against this program?