Last month, it was revealed that the court established by the Foreign Intelligence Surveillance Act (FISA) had rebuked the National Security Agency (NSA) for using illegal search methods. Not surprisingly, this incident wasn't an isolated one. In another judicial opinion responding to a lawsuit by the Electronic Frontier Foundation (EFF), further illegal abuses by the NSA were unveiled. Like the previous revelations, this story tells of the dangers posed by a NSA conducting searches with far too broad a scope and too few constraints.
The latest NSA abuses involve the database of phone calls made by Americans compiled by the NSA. Phone companies have been ordered to turn over "metadata" about the calls made by their customers. The NSA keeps five years of this metadata on file at any given time. When the agency makes queries into the database, however, it is required by the FISA court to have a "reasonable articulable suspicion" that the call involves communication with a terrorist suspect or some other connection with terrorism. The opinion released this week showed that "of the 17,835 phone numbers checked against phone records," in a three-year period beginning in 2006, "only 1,935 were based on that reasonable-suspicion standard."
The fact that only roughly 11 percent of the database queries made by the NSA during this period conformed with legal requirements is particularly remarkable given the relative weakness of the standard. The standard for obtaining a search warrant under the Fourth Amendment is "probable cause." A "reasonable suspicion" standard—similar language governs the constitutionality of "stop and frisk" searches—places substantially less of a burden on the state when it seeks to justify a search. So, as with New York's City's stop-and-frisk policy, it is particularly damning that for three years, the overwhelming majority of the NSA's database queries could not even meet that standard.
The NSA's response, as reported by Wired, is essentially that it was all just too complicated so they shouldn't be held responsible:
“Incredibly, intelligence officials said today that no one at the NSA fully understood how its own surveillance system worked at the time so they could not adequately explain it to the court,” says EFF activist Trevor Timm. “This is a breathtaking admission — the NSA’s surveillance apparatus, for years, was so complex and compartmentalized that no single person could comprehend it.”
Intelligence Director James Clapper, in a blog post today, blamed the unlawful spying in part on “the complexity of the technology employed in connection with the bulk telephony metadata collection program,” and said it was not done deliberately.
As David Kravets, Kim Zetter, and Kevin Poulsen point out, the FISA court did not find this explanation to be credible. But taking the government's defense at face value might be even more disturbing. If the failure to comply with the law was the result of an individual willfully ignoring the law, this is something that sanctions can be put in place to deal with. But this latest example of NSA violations once again suggests that the sheer scope of the agency's searches create an ongoing threat to individual liberties, even when officials are acting in good faith.
It's increasingly clear that the "war on terror" has led to intrusions on civil liberties, intrusions that do not necessarily have a payoff in terms of increased security. The NSA has at least twice been guilty of systematically violating even the lax standards established by a deferential court. The current framework established by Congress simply isn't working, and greater scrutiny and tighter standards are required.