NSA, Which Once Claimed It Needed Every Phone Record, Now Claims It Actually Gets Less Than 20%

from the is-that-supposed-to-be-comforting? dept

Ever since the first Snowden leaks about the way the NSA interpreted Section 215 of the PATRIOT Act to allow it to collect all call records from various telcos, one of the key arguments that has been made by the program's defenders is that it was necessary to have every single call record to make the important connections between terrorists. Multiple officials have argued that to find the "needle in the haystack" they need to be able to collect the whole haystack. In fact, that was part of the argument made by the few judges who have reviewed and approved this program. In the very first FISC ruling that actually analyzed the legality of the program (as opposed to earlier approvals that never bothered with an analysis), the court clearly indicated that it was necessary to collect everything:
The government depends on this bulk collection because if production of the information were to wait until the specific identifier connected to an international terrorist group were determined, most of the historical connections (the entire purpose of this authorization) would be lost. The analysis of past connections is only possible "if the Government has collected and archived a broad set of metadata that contains within it the subset of communications that can later be identified as terrorist-related." Because the subset of terrorist communications is ultimately contained within the whole of the metadata produced, but can only be found after the production is aggregated and then queried using identifiers determined to be associated with identified international terrorist organizations, the whole production is relevant to the ongoing investigation out of necessity.
That legal tapdancing aside, it basically argues that the only way this data makes sense is if the NSA has all of it. Similarly, when Judge William Pauley found the program legal late last year, he too relied on the argument that the NSA needed all the data.

And yet... it appears that they're actually not getting that much data. A new report from the Washington Post claims that the NSA is actually only getting between 20 to 30% of the data. The Wall Street Journal rushed out a quick story claiming it's actually less than 20%.

Apparently, while the NSA has gotten approvals to get data on landline calls from Verizon and AT&T;, it actually hasn't yet gone after the same data from most mobile phone calls. For example, even though it gets Verizon landlines, it apparently does not collect the data on Verizon Wireless. Nor does it collect the data from T-Mobile. There are somewhat conflicting reports as to why this is, but the Washington Post piece suggests that the incident in 2009 in which FISC chief judge Reggie Walton nearly shut the whole program down over compliance failures has basically stopped the NSA from updating the program, because everywhere they look there have been more (you guessed it) compliance failures, and they're simply not set up to handle mobile phone data. Update: And some are questioning the whole claim here, noting that the orders that have been revealed do appear to request IMEI and IMSI data -- information that is only associated with mobile phones.
“It’s not simply the ability to go to the court and order some vendor to give you more records, but you have to make sure that the [agency’s collection system] is prepared and ready to take the data and meet all the requirements of the court,” the former official said. “You don’t want to turn it on and get hundreds of millions of records, only to find out that you’ve got the moral equivalent of raw sewage spilling into the Chesapeake Bay.”

The process of preparing the system can take months, said the senior U.S. official, adding that mobile calls have different data elements than land-line calls. “That’s a really detailed set of activities where we get sample data in, and we march it through our systems,” the official said. “We do that again and again and again. We put in auditing procedures to make sure it works. So before we turn on that mobility data, we make sure it works. . . . It’s very complex.”

Compounding the challenge, the agency in 2009 struggled with compliance issues, including what a surveillance court found were “daily violations of the minimization procedures set forth in [court] orders” designed to protect Americans’ call records that “could not otherwise have been legally captured in bulk.”

As a result, the NSA’s director, Gen. Keith Alexander, ordered an “end-to-end” review of the program, during which additional compliance incidents were discovered and reported to the court. The process of uncovering problems and fixing them took months, and the same people working to address the compliance problems were the ones who would have to prepare the database to handle more records.
Basically, there have been so many compliance problems that the NSA has had to work overtime to try to fix their systems and prepare for an influx of mobile phone data. The Wall Street Journal version of the report says that part of the problem is the NSA can't figure out how to strip location data from mobile phone data, and because collecting that information might lead to compliance issues, they haven't been able to figure out how to do it without running into more trouble down the road.

But fear not, surveillance state lovers, the NSA is getting ready and its goal is to get back to collecting nearly every phone record from every phone provider. Once the systems are in place, they appear to fully intend to send over some requests to the FISA court to get all those mobile operators to comply as well. One hopes that, this time, with so much more awareness of what's going on, at least one of those mobile operators will fight back.

Either way, this whole thing actually shows just how ridiculous the NSA's claims are that it absolutely needs all this data to keep us safe. The very fact that this report is coming out in both the Washington Post and the Wall Street Journal at nearly the same time suggests a stupid sort of PR attempt on the part of the NSA, which seems to think that after months of insisting they need it all, they can now placate people by saying "well, we really only collect about 20% of the data (though we're hoping to collect it all)." Not only does this actually highlight the widespread compliance problems with this data, it further shows that the argument that somehow collecting it all is necessary to keep us safe is just completely wrong.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Anonymous Coward, Feb 7th, 2014 @ 9:56am

    only 20-30%? I suspect they lie. I bet they get way more but try to play down what they get.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    anon, Feb 7th, 2014 @ 10:03am

    Read more carefully

    Lets wait for the independent audit we have already seen how they twist definitions secretly.

    Also the Post says less than 30% of _call records_ - those have two phone numbers on them so if a person is calling a friend with another carrier they only have to get one of the two call records to know. So at a high level this could be call coverage of 50-60% of calls of Americans.

    Also is this different for calls to businesses are those included or excluded in the information above? Assuming this also does not count calls with American on one end and foreign on the other.

    What about calls they don't know the location of the origination or termination of calls? Are those counted for or against the total?

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Feb 7th, 2014 @ 10:04am

    Luckily all terrorists were communicating on the 20% surveillance lines for NSA to stop 54 threats. Now that this top secret sensitive information is out in the open, all of them will switch to Verizon wireless. I suggest that all new customers of Verizon wireless be added to the no-fly list, you know, for national security.

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Anonymous Coward, Feb 7th, 2014 @ 10:08am

    We need a revolution.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, Feb 7th, 2014 @ 10:20am

    End the NSA

    Fucking Liars. We have no need for the agency! Cut the funding completely. It's worthless.

     

    reply to this | link to this | view in thread ]

  6.  
    icon
    AricTheRed (profile), Feb 7th, 2014 @ 10:45am

    I call Security Theatre BULLSHIT!

    • As IF! THE NSA's budget has been BILLIONS of ever-increasingly worthless dollars and they have only been collecting land-line meta-data.

    They got caught in the bathroom stall with the pooch bent over fucking that dog, with Clapper and Alexander holding the tail, waiting their turn, and you expect me to believe they are only collecting LANDLINE data?

    What self-respecting terrorist would even speak aloud within ear(wiretap)shot of a landline?

    How about this for the next big NSA/Pinocchio lie that we want you all to believe:

    "The NSA's section 215 phone meta-data collection program was only collecting less than %30 of Americans calls, because the program was only used for FAX lines."

    Why you ask, because everyone who hates the American police state has seen Eagle Eye, and already knows they can remotely bug you with your camera-phone and mic and vector in a predator with hellfire missiles and blow up the whole wedding party! So fellow jihadists only use land-line FAX machines to coordinate strikes against the Great Satan. My good friend and financial backer Dianne "you're gonn'a love the next whopper you read about in the paper" Feinstein has assured me they are only monitoring cellphones!

    It was the single greatest intelligence victory since the cracking of the enigma machine, and we all have the NSA and all of the other shills in washington to thank for it!


    Hey NSA THANKS FOR KEEPING US SAFE!!!

    assholes

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Anonymous Coward, Feb 7th, 2014 @ 10:51am

    Mobile phones are the NSA's bread a butter. It's how they lock Hellfire missiles onto people. I don't believe their statement that they only collect 20% of mobile phone metadata and message content.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Feb 7th, 2014 @ 10:52am

    30% of the world

    Here is how you minimize the call data.... 30% of the WORLD'S CALL DATA

     

    reply to this | link to this | view in thread ]

  9.  
    icon
    pixelpusher220 (profile), Feb 7th, 2014 @ 11:10am

    NSA Time Machine

    "if production of the information were to wait until the specific identifier connected to an international terrorist group were determined, most of the historical connections (the entire purpose of this authorization) would be lost"

    Well yes, you don't to go back in time and find out what someone you just met today did last year.

    And even this is ridiculous since the phone companies keep records for a significant amount of time themselves.

    Wish I could start a phone company that expressly DIDN'T log anything. It certainly 'could' to comply with legal requests, but by default nothing is logged. sigh.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Anonymous Coward, Feb 7th, 2014 @ 12:08pm

    To date, there has been nothing the NSA has put out you can believe. Everything is a lie. It now plays against them when they really need it. This can not be believed simply because of it's source.

    Landlines are obsolete and people are dropping it with the exception of older folk who haven't changed. It's gotten such a small figure of the population that AT&T has requested that the FCC let them drop service.

    So from that, the NSA is trying to say that all their terrorist concerns are from the elderly who are a diminishing part of the population as the years go by.

    This is nothing more than BS hoping to fool and calm the public who are pushing for things to change. They are again afraid of losing their precious.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    David, Feb 7th, 2014 @ 12:11pm

    Only 20%? No wonder they failed to stop Boston.

    If they had been able to get 100% of the call records, they would have been able to listen to the Russian intelligence agency telling them that those Usbekistans were up to no good.

    With 20%, can you wonder that they failed to listen?

     

    reply to this | link to this | view in thread ]

  12.  
    icon
    Charles (profile), Feb 7th, 2014 @ 1:35pm

    As my good friend Gollum said about the NSA

    Liarsies, liarsies,
    Pantsies on firesies.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Anonymous Coward, Feb 7th, 2014 @ 2:45pm

    Re:

    No, AT&T didn't petition the FCC to drop landline service. They petitioned the FCC to drop landline services that are regulated as communication services instead of information services. Big difference.

    http://www.timmins.net/2013/12/11/how-att-verizon-and-comcast-are-working-together-to-scr ew-you-by-discontinuing-landline-service/ explains what their intentions are. Thankfully, the bill discussed has not passed.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Anonymous Coward, Feb 7th, 2014 @ 3:41pm

    Way to have an explanation worse then the thing that needs explaining.

    So you DONT have access to all our date, but you DO want access to our data, oh yeah, because THATS not the thing i was not most worried about /s

    Assuming you've "decided" to tell the truth this time, i dont want you to unwittingly strain yourselves over such a small thing like the truth or anything

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our Sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our Sponsors...
Recent Stories
A word from our Sponsors...

Close

Email This