Posted on

The NSA Overthrow of Oversight

The NSA oversight regime has been overthrown, and remains in place solely as a ceremonial figurehead to represent the illusion of checks and balances.

It’s been slightly over a year since the Edward Snowden revelations hit the air. Yet, the NSA remains unaccountable to Congress, the executive branch, and the courts created to deal with it.  It is is of no surprise that any change to the surveillance state has not and will not come at the federal level.

“Oversight regime” are actual words used by the of Office of the Director of National Intelligence Public Affairs in a press release called, “Newly Declassified Documents Regarding the Now-Discontinued NSA Bulk Electronic Communications Metadata Pursuant to Section 402 of the Foreign Intelligence Surveillance Act.”

We usually link the word “regime” with repressive, foreign governments. The federal Freudian slip accurately displays the intelligence committee’s view on any boundaries made to curb unlawful spying. Just as the US has overthrown Saddam’s and Qaddafi’s government through direct or indirect force, the intelligence community has successfully overthrown “oversight” committees and continues dragnet spying unhindered.

The NSA metadata program is rife with abuses. Concerns were well-documented in a report that concluded the following areas need remediation:

  • Automatic alerting processes
  • Pen register/trap and trace (PR/TT) metadata retention and destruction
  • Reasonable articulable suspicion (RAS) approval based on attorney general authorization
  • use of PR/TT metadata
  • sharing unminimized PR/TT data with uncleared individuals
  • external access of PR/TT query results
  • approval of dissemination of US identities
  • risks of using non-RAS data to query PR/TT metadata
  • handling of PR/TT metadata
  • discrepancies in NSA descriptions of procedures

The report concluded asserting that the NSA took steps to address the concerns.

However, later, a highly redacted preliminary report found that the NSA may be using unauthorized categories for extraction and collection of metadata.  It also revealed concerns that current practices were outside the court’s authorization. As Marcie Wheeler wrote in The Week,

The Justice Department later told the court that “virtually every” internet dragnet record “contains some metadata that was authorized for collection and some metadata that was not authorized for collection.” In other words, in the more than 25 checks the NSA’s general counsel should have done from 2004 to 2009, it never once found this unauthorized data.

A report from FISC in 2005 found that the NSA “had exceeded the scope of authorized acquisition continuously the more than REDACTED years of acquisition under these orders.”

The FISC report stated that NSA reported it’s overcollection for the precise reason that bulk collection is necessary – because without it, the communications would be diluted in the stream of mass communication.

The collection of both a huge volume and high percentage of unrelated communications is necessary to identify the much smaller number REDACTED such that the entire mass of collected metadata is relevant to investigating REDACTED affiliated persons.

Much of the overcollection was due to higher-ups’ lack of understanding procedure and poor management.

However, when asked how such abuse occurred the document stated, “The government has provided no comprehensive explanation of how so substantial an overcollection occurred.”

A 2009 report indicated that violations still occurred.

The documents show that when Attorney General Alberto Gonzales briefed the Senate Intelligence Committee in 2005 on programs authorized by the internet dragnet law, he made no mention of what the NSA was doing under it. They show how Judge Walton correctly guessed, in early 2009, that he might find the same violations with the internet dragnet as the Justice Department had previously disclosed about the NSA’s phone-tapping program.

That particular metadata program was apparently shut down down in 2009.

Marcie Wheeler concluded,

“But during precisely the same weeks when NSA’s general counsel was busy not finding the illegal data in virtually every internet dragnet record, NSA piloted a new program to permit its analysts to do the same kind of analysis on the metadata of U.S. persons collected under an executive order (Executive Order 12333). NSA expanded the program to all of NSA in early 2011, before NSA shut down the internet dragnet program.

That means there is a related dragnet program out there with nowhere near the level of oversight as the old one — the one that managed to compile five years of serious violations that the NSA never detected.”

Until more leaks come out, we will not know the evolution of the metadata program. However, we do know that oversight has not made anyone accountable for incidental collection, intentional collection of US persons, or management’s ignorance of procedure and law.

In other words, we should not trust promises that Congressional oversight with somehow protect our privacy. The oversight regime has failed.

We must seek answers outside Washington D.C.


Leave a Reply

Your email address will not be published.