June 17, 2009
E-Mail Surveillance Renews Concerns in Congress
By JAMES RISEN and ERIC LICHTBLAU

WASHINGTON — The National Security Agency is facing renewed scrutiny over the extent of its domestic surveillance program, with critics in Congress saying its recent intercepts of the private telephone calls and e-mail messages of Americans are broader than previously acknowledged, current and former officials said.

The agency’s monitoring of domestic e-mail messages, in particular, has posed longstanding legal and logistical difficulties, the officials said.

Since April, when it was disclosed that the intercepts of some private communications of Americans went beyond legal limits in late 2008 and early 2009, several Congressional committees have been investigating. Those inquiries have led to concerns in Congress about the agency’s ability to collect and read domestic e-mail messages of Americans on a widespread basis, officials said. Supporting that conclusion is the account of a former N.S.A. analyst who, in a series of interviews, described being trained in 2005 for a program in which the agency routinely examined large volumes of Americans’ e-mail messages without court warrants. Two intelligence officials confirmed that the program was still in operation.

Both the former analyst’s account and the rising concern among some members of Congress about the N.S.A.’s recent operation are raising fresh questions about the spy agency.

Representative Rush Holt, Democrat of New Jersey and chairman of the House Select Intelligence Oversight Panel, has been investigating the incidents and said he had become increasingly troubled by the agency’s handling of domestic communications.

In an interview, Mr. Holt disputed assertions by Justice Department and national security officials that the overcollection was inadvertent.

“Some actions are so flagrant that they can’t be accidental,” Mr. Holt said.

Other Congressional officials raised similar concerns but would not agree to be quoted for the record.

Mr. Holt added that few lawmakers could challenge the agency’s statements because so few understood the technical complexities of its surveillance operations. “The people making the policy,” he said, “don’t understand the technicalities.”

The inquiries and analyst’s account underscore how e-mail messages, more so than telephone calls, have proved to be a particularly vexing problem for the agency because of technological difficulties in distinguishing between e-mail messages by foreigners and by Americans. A new law enacted by Congress last year gave the N.S.A. greater legal leeway to collect the private communications of Americans so long as it was done only as the incidental byproduct of investigating individuals “reasonably believed” to be overseas.

But after closed-door hearings by three Congressional panels, some lawmakers are asking what the tolerable limits are for such incidental collection and whether the privacy of Americans is being adequately protected.

“For the Hill, the issue is a sense of scale, about how much domestic e-mail collection is acceptable,” a former intelligence official said, speaking on condition of anonymity because N.S.A. operations are classified. “It’s a question of how many mistakes they can allow.”

While the extent of Congressional concerns about the N.S.A. has not been shared publicly, such concerns are among national security issues that the Obama administration has inherited from the Bush administration, including the use of brutal interrogation tactics, the fate of the prison at Guantánamo Bay, Cuba, and whether to block the release of photographs and documents that show abuse of detainees.

In each case, the administration has had to navigate the politics of continuing an aggressive intelligence operation while placating supporters who want an end to what they see as flagrant abuses of the Bush era.

The N.S.A. declined to comment for this article. Wendy Morigi, a spokeswoman for Dennis C. Blair, the national intelligence director, said that because of the complex nature of surveillance and the need to adhere to the rules of the Foreign Intelligence Surveillance Court, the secret panel that oversees surveillance operation, and “other relevant laws and procedures, technical or inadvertent errors can occur.”

“When such errors are identified,” Ms. Morigi said, “they are reported to the appropriate officials, and corrective measures are taken.”

In April, the Obama administration said it had taken comprehensive steps to bring the security agency into compliance with the law after a periodic review turned up problems with “overcollection” of domestic communications. The Justice Department also said it had installed new safeguards.

Under the surveillance program, before the N.S.A. can target and monitor the e-mail messages or telephone calls of Americans suspected of having links to international terrorism, it must get permission from the Foreign Intelligence Surveillance Court. Supporters of the agency say that in using computers to sweep up millions of electronic messages, it is unavoidable that some innocent discussions of Americans will be examined. Intelligence operators are supposed to filter those out, but critics say the agency is not rigorous enough in doing so.

The N.S.A. is believed to have gone beyond legal boundaries designed to protect Americans in about 8 to 10 separate court orders issued by the Foreign Intelligence Surveillance Court, according to three intelligence officials who spoke anonymously because disclosing such information is illegal. Because each court order could single out hundreds or even thousands of phone numbers or e-mail addresses, the number of individual communications that were improperly collected could number in the millions, officials said. (It is not clear what portion of total court orders or communications that would represent.)

“Say you get an order to monitor a block of 1,000 e-mail addresses at a big corporation, and instead of just monitoring those, the N.S.A. also monitors another block of 1,000 e-mail addresses at that corporation,” one senior intelligence official said. “That is the kind of problem they had.”

Overcollection on that scale could lead to a significant number of privacy invasions of American citizens, officials acknowledge, setting off the concerns among lawmakers and on the secret FISA court.

“The court was not happy” when it learned of the overcollection, said an administration official involved in the matter.

Defenders of the agency say it faces daunting obstacles in trying to avoid the improper gathering or reading of Americans’ e-mail as part of counterterrorism efforts aimed at foreigners.

Several former intelligence officials said that e-mail traffic from all over the world often flows through Internet service providers based in the United States. And when the N.S.A. monitors a foreign e-mail address, it has no idea when the person using that address will send messages to someone inside the United States, the officials said.

The difficulty of distinguishing between e-mail messages involving foreigners from those involving Americans was “one of the main things that drove” the Bush administration to push for a more flexible law in 2008, said Kenneth L. Wainstein, the homeland security adviser under President George W. Bush. That measure, which also resolved the long controversy over N.S.A.’s program of wiretapping without warrants by offering immunity to telecommunications companies, tacitly acknowledged that some amount of Americans’ e-mail would inevitably be captured by the N.S.A.

But even before that, the agency appears to have tolerated significant collection and examination of domestic e-mail messages without warrants, according to the former analyst, who spoke only on condition of anonymity.

He said he and other analysts were trained to use a secret database, code-named Pinwale, in 2005 that archived foreign and domestic e-mail messages. He said Pinwale allowed N.S.A. analysts to read large volumes of e-mail messages to and from Americans as long as they fell within certain limits — no more than 30 percent of any database search, he recalled being told — and Americans were not explicitly singled out in the searches.

The former analyst added that his instructors had warned against committing any abuses, telling his class that another analyst had been investigated because he had improperly accessed the personal e-mail of former President Bill Clinton.

Other intelligence officials confirmed the existence of the Pinwale e-mail database, but declined to provide further details.

The recent concerns about N.S.A.’s domestic e-mail collection follow years of unresolved legal and operational concerns within the government over the issue. Current and former officials now say that the tracing of vast amounts of American e-mail traffic was at the heart of a crisis in 2004 at the hospital bedside of John Ashcroft, then the attorney general, as top Justice Department aides staged a near revolt over what they viewed as possibly illegal aspects of the N.S.A.’s surveillance operations.

James Comey, then the deputy attorney general, and his aides were concerned about the collection of “meta-data” of American e-mail messages, which show broad patterns of e-mail traffic by identifying who is e-mailing whom, current and former officials say. Lawyers at the Justice Department believed that the tracing of e-mail messages appeared to violate federal law.

“The controversy was mostly about that issue,” said a former administration official involved in the dispute.

NSA's Domestic Spying Grows As Agency Sweeps Up Data
Terror Fight Blurs Line Over Domain; Tracking Email
By SIOBHAN GORMAN, Wall Street Journal

WASHINGTON, D.C. -- Five years ago, Congress killed an experimental Pentagon antiterrorism program meant to vacuum up electronic data about people in the U.S. to search for suspicious patterns. Opponents called it too broad an intrusion on Americans' privacy, even after the Sept. 11 terrorist attacks.

But the data-sifting effort didn't disappear. The National Security Agency, once confined to foreign surveillance, has been building essentially the same system.

The central role the NSA has come to occupy in domestic intelligence gathering has never been publicly disclosed. But an inquiry reveals that its efforts have evolved to reach more broadly into data about people's communications, travel and finances in the U.S. than the domestic surveillance programs brought to light since the 2001 terrorist attacks.

Congress now is hotly debating domestic spying powers under the main law governing U.S. surveillance aimed at foreign threats. An expansion of those powers expired last month and awaits renewal, which could be voted on in the House of Representatives this week. The biggest point of contention over the law, the Foreign Intelligence Surveillance Act, is whether telecommunications and other companies should be made immune from liability for assisting government surveillance.

Largely missing from the public discussion is the role of the highly secretive NSA in analyzing that data, collected through little-known arrangements that can blur the lines between domestic and foreign intelligence gathering. Supporters say the NSA is serving as a key bulwark against foreign terrorists and that it would be reckless to constrain the agency's mission. The NSA says it is scrupulously following all applicable laws and that it keeps Congress fully informed of its activities.

According to current and former intelligence officials, the spy agency now monitors huge volumes of records of domestic emails and Internet searches as well as bank transfers, credit-card transactions, travel and telephone records. The NSA receives this so-called "transactional" data from other agencies or private companies, and its sophisticated software programs analyze the various transactions for suspicious patterns. Then they spit out leads to be explored by counterterrorism programs across the U.S. government, such as the NSA's own Terrorist Surveillance Program, formed to intercept phone calls and emails between the U.S. and overseas without a judge's approval when a link to al Qaeda is suspected.

The NSA's enterprise involves a cluster of powerful intelligence-gathering programs, all of which sparked civil-liberties complaints when they came to light. They include a Federal Bureau of Investigation program to track telecommunications data once known as Carnivore, now called the Digital Collection System, and a U.S. arrangement with the world's main international banking clearinghouse to track money movements.

The effort also ties into data from an ad-hoc collection of so-called "black programs" whose existence is undisclosed, the current and former officials say. Many of the programs in various agencies began years before the 9/11 attacks but have since been given greater reach. Among them, current and former intelligence officials say, is a longstanding Treasury Department program to collect individual financial data including wire transfers and credit-card transactions.

It isn't clear how many of the different kinds of data are combined and analyzed together in one database by the NSA. An intelligence official said the agency's work links to about a dozen antiterror programs in all.

A number of NSA employees have expressed concerns that the agency may be overstepping its authority by veering into domestic surveillance. And the constitutional question of whether the government can examine such a large array of information without violating an individual's reasonable expectation of privacy "has never really been resolved," said Suzanne Spaulding, a national-security lawyer who has worked for both parties on Capitol Hill.

NSA officials say the agency's own investigations remain focused only on foreign threats, but it's increasingly difficult to distinguish between domestic and international communications in a digital era, so they need to sweep up more information.
The Fourth Amendment

In response to the Sept. 11 attacks, then NSA-chief Gen. Michael Hayden has said he used his authority to expand the NSA's capabilities under a 1981 executive order governing the agency. Another presidential order issued shortly after the attacks, the text of which is classified, opened the door for the NSA to incorporate more domestic data in its searches, one senior intelligence official said.
[Michael Hayden]

The NSA "strictly follows laws and regulations designed to preserve every American's privacy rights under the Fourth Amendment to the U.S. Constitution," agency spokeswoman Judith Emmel said in a statement, referring to the protection against unreasonable searches and seizures. The Office of the Director of National Intelligence, which oversees the NSA in conjunction with the Pentagon, added in a statement that intelligence agencies operate "within an extensive legal and policy framework" and inform Congress of their activities "as required by the law." It pointed out that the 9/11 Commission recommended in 2004 that intelligence agencies analyze "all relevant sources of information" and share their databases.

Two former officials familiar with the data-sifting efforts said they work by starting with some sort of lead, like a phone number or Internet address. In partnership with the FBI, the systems then can track all domestic and foreign transactions of people associated with that item -- and then the people who associated with them, and so on, casting a gradually wider net. An intelligence official described more of a rapid-response effect: If a person suspected of terrorist connections is believed to be in a U.S. city -- for instance, Detroit, a community with a high concentration of Muslim Americans -- the government's spy systems may be directed to collect and analyze all electronic communications into and out of the city.

The haul can include records of phone calls, email headers and destinations, data on financial transactions and records of Internet browsing. The system also would collect information about other people, including those in the U.S., who communicated with people in Detroit.

The information doesn't generally include the contents of conversations or emails. But it can give such transactional information as a cellphone's location, whom a person is calling, and what Web sites he or she is visiting. For an email, the data haul can include the identities of the sender and recipient and the subject line, but not the content of the message.

Intelligence agencies have used administrative subpoenas issued by the FBI -- which don't need a judge's signature -- to collect and analyze such data, current and former intelligence officials said. If that data provided "reasonable suspicion" that a person, whether foreign or from the U.S., was linked to al Qaeda, intelligence officers could eavesdrop under the NSA's Terrorist Surveillance Program.

The White House wants to give companies that assist government surveillance immunity from lawsuits alleging an invasion of privacy, but Democrats in Congress have been blocking it. The Terrorist Surveillance Program has spurred 38 lawsuits against companies. Current and former intelligence officials say telecom companies' concern comes chiefly because they are giving the government unlimited access to a copy of the flow of communications, through a network of switches at U.S. telecommunications hubs that duplicate all the data running through it. It isn't clear whether the government or telecom companies control the switches, but companies process some of the data for the NSA, the current and former officials say.

On Friday, the House Energy and Commerce Committee released a letter warning colleagues to look more deeply into how telecommunications data are being accessed, citing an allegation by the head of a New York-based computer security firm that a wireless carrier that hired him was giving unfettered access to data to an entity called "Quantico Circuit." Quantico is a Marine base that houses the FBI Academy; senior FBI official Anthony DiClemente said the bureau "does not have 'unfettered access' to any communication provider's network."

The political debate over the telecom information comes as intelligence agencies seek to change traditional definitions of how to balance privacy rights against investigative needs. Donald Kerr, the deputy director of national intelligence, told a conference of intelligence officials in October that the government needs new rules. Since many people routinely post details of their lives on social-networking sites such as MySpace, he said, their identity shouldn't need the same protection as in the past. Instead, only their "essential privacy," or "what they would wish to protect about their lives and affairs," should be veiled, he said, without providing examples.
Social-Network Analysis

The NSA uses its own high-powered version of social-network analysis to search for possible new patterns and links to terrorism. The Pentagon's experimental Total Information Awareness program, later renamed Terrorism Information Awareness, was an early research effort on the same concept, designed to bring together and analyze as much and as many varied kinds of data as possible. Congress eliminated funding for the program in 2003 before it began operating. But it permitted some of the research to continue and TIA technology to be used for foreign surveillance.

Some of it was shifted to the NSA -- which also is funded by the Pentagon -- and put in the so-called black budget, where it would receive less scrutiny and bolster other data-sifting efforts, current and former intelligence officials said. "When it got taken apart, it didn't get thrown away," says a former top government official familiar with the TIA program.

Two current officials also said the NSA's current combination of programs now largely mirrors the former TIA project. But the NSA offers less privacy protection. TIA developers researched ways to limit the use of the system for broad searches of individuals' data, such as requiring intelligence officers to get leads from other sources first. The NSA effort lacks those controls, as well as controls that it developed in the 1990s for an earlier data-sweeping attempt.

Sen. Ron Wyden, an Oregon Democrat and member of the Senate Intelligence Committee who led the charge to kill TIA, says "the administration is trying to bring as much of the philosophy of operation Total Information Awareness as it can into the programs they're using today." The issue has been overshadowed by the fight over telecoms' immunity, he said. "There's not been as much discussion in the Congress as there ought to be."
Opportunity for Debate

But Sen. Kit Bond of Missouri, the ranking Republican on the committee, said by email his committee colleagues have had "ample opportunity for debate" behind closed doors and that each intelligence program has specific legal authorization and oversight. He cautioned against seeing a group of intelligence programs as "a mythical 'big brother' program," adding, "that's not what is happening today."

While the Fourth Amendment guarantees "(t)he right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures," the legality of data-sweeping relies on the government's interpretation of a 1979 Supreme Court ruling allowing records of phone calls -- but not actual conversations -- to be collected without a warrant. Read the ruling.

The legality of data-sweeping relies largely on the government's interpretation of a 1979 Supreme Court ruling allowing records of phone calls -- but not actual conversations -- to be collected without a judge issuing a warrant. Multiple laws require a court order for so-called "transactional'" records of electronic communications, but the 2001 Patriot Act lowered the standard for such an order in some cases, and in others made records accessible using FBI administrative subpoenas called "national security letters." (Read the ruling.)

A debate is brewing among legal and technology scholars over whether there should be privacy protections when a wide variety of transactional data are brought together to paint what is essentially a profile of an individual's behavior. "You know everything I'm doing, you know what happened, and you haven't listened to any of the contents" of the communications, said Susan Landau, co-author of a book on electronic privacy and a senior engineer at Sun Microsystems Laboratories. "Transactional information is remarkably revelatory."

Ms. Spaulding, the national-security lawyer, said it's "extremely questionable" to assume Americans don't have a reasonable expectation of privacy for data such as the subject-header of an email or a Web address from an Internet search, because those are more like the content of a communication than a phone number. "These are questions that require discussion and debate," she said. "This is one of the problems with doing it all in secret."

Gen. Hayden, the former NSA chief and now Central Intelligence Agency director, in January 2006 publicly defended the activities of the Terrorist Surveillance Program after it was disclosed by the New York Times. He said it was "not a driftnet over Lackawanna or Fremont or Dearborn, grabbing all communications and then sifting them out." Rather, he said, it was carefully targeted at terrorists. However, some intelligence officials now say the broader NSA effort amounts to a driftnet. A portion of the activity, the NSA's access to domestic phone records, was disclosed by a USA Today article in 2006.

The NSA, which President Truman created in 1952 through a classified presidential order to be America's ears abroad, has for decades been the country's largest and most secretive intelligence agency. The order confined NSA spying to "foreign governments," and during the Cold War the NSA developed a reputation as the world's premier code-breaking operation. But in the 1970s, the NSA and other intelligence agencies were found to be using their spy tools to monitor Americans for political purposes. That led to the original FISA legislation in 1978, which included an explicit ban on the NSA eavesdropping in the U.S. without a warrant.

Big advances in telecommunications and database technology led to unprecedented data-collection efforts in the 1990s. One was the FBI's Carnivore program, which raised fears when it was in disclosed in 2000 that it might collect telecommunications information about law-abiding individuals. But the ground shifted after 9/11. Requests for analysis of any data that might hint at terrorist activity flooded from the White House and other agencies into NSA's Fort Meade, Md., headquarters outside Washington, D.C., one former NSA official recalls. At the time, "We're scrambling, trying to find any piece of data we can to find the answers," the official said.

The 2002 congressional inquiry into the 9/11 attacks criticized the NSA for holding back information, which NSA officials said they were doing to protect the privacy of U.S. citizens. "NSA did not want to be perceived as targeting individuals in the United States" and considered such surveillance the FBI's job, the inquiry concluded.

The NSA quietly redefined its role. Joint FBI-NSA projects "expanded exponentially," said Jack Cloonan, a longtime FBI veteran who investigated al Qaeda. He pointed to national-security letter requests: They rose from 8,500 in 2000 to 47,000 in 2005, according to a Justice Department inspector general's report last year. It also said the letters permitted the potentially illegal collection of thousands of records of people in the U.S. from 2003-05. Last Wednesday, FBI Director Robert Mueller said the bureau had found additional instances in 2006.

It isn't known how many Americans' data have been swept into the NSA's systems. The Treasury, for instance, built its database "to look at all the world's financial transactions" and gave the NSA access to it about 15 years ago, said a former NSA official. The data include domestic and international money flows between bank accounts and credit-card information, according to current and former intelligence officials.

The NSA receives from Treasury weekly batches of this data and adds it to a database at its headquarters. Prior to 9/11, the database was used to pursue specific leads, but afterward, the effort was expanded to hunt for suspicious patterns.

Through the Treasury, the NSA also can access the database of the Society for Worldwide Interbank Financial Telecommunication, or Swift, the Belgium-based clearinghouse for records of international transactions between financial institutions, current and former officials said. The U.S. acknowledged in 2006 that the CIA and Treasury had access to Swift's database, but said the NSA's Terrorism Surveillance Program was separate and that the NSA provided only "technical assistance." A Treasury spokesman said the agency had no comment.

Through the Department of Homeland Security, airline passenger data also are accessed and analyzed for suspicious patterns, such as five unrelated people who repeatedly fly together, current and former intelligence officials said. Homeland Security shares information with other agencies only "on a limited basis," spokesman Russ Knocke said.

NSA gets access to the flow of data from telecommunications switches through the FBI, according to current and former officials. It also has a partnership with FBI's Digital Collection system, providing access to Internet providers and other companies. The existence of a shadow hub to copy information about AT&T Corp. telecommunications in San Francisco is alleged in a lawsuit against AT&T filed by the civil-liberties group Electronic Frontier Foundation, based on documents provided by a former AT&T official. In that lawsuit, a former technology adviser to the Federal Communications Commission says in a sworn declaration that there could be 15 to 20 such operations around the country. Current and former intelligence officials confirmed a domestic network of hubs, but didn't know the number. "As a matter of policy and law, we can not discuss matters that are classified," said FBI spokesman John Miller.

The budget for the NSA's data-sifting effort is classified, but one official estimated it surpasses $1 billion. The FBI is requesting to nearly double the budget for the Digital Collection System in 2009, compared with last year, requesting $42 million. "Not only do demands for information continue to increase, but also the requirement to facilitate information sharing does," says a budget justification document, noting an "expansion of electronic surveillance activity in frequency, sophistication, and linguistic needs."

Write to Siobhan Gorman at siobhan.gorman@wsj.com

NSA Call Database

Foreign Intelligence Surveillance Act

NSA Electronic Surveillance Program

Electronic Frontier Foundation