May 26, 2018

4 Things to Be Worried About in the NSA’s New Transparency Report



By Neema Singh Guliani, J.D. / 05.07.2018
Legislative Counsel
American Civil Liberties Union


The Trump administration recently released a congressionally mandated report on the NSA’s surveillance activities in 2017. Quite a few of the numbers raise questions about Americans’ privacy — some because the numbers are so big, and others because they may indicate troubling intelligence practices.

The report is required by the 2015 surveillance reform law passed in response to unlawful spying under Section 215 of the Patriot Act. The goal of Congress’ reporting requirement was to provide a snapshot of how the government is using certain surveillance authorities and, in some cases, to measure if the reforms passed in response to past illegal spying are having the desired effects.

Here are four of the most concerning pieces of the report:

The NSA is collecting more than three times the number of call records it did last year — totaling over 530 million — and has not explained the increase. 

Under the Patriot Act, the government can ask phone companies to hand over call records associated with particular individuals, accounts, or devices on an ongoing basis — including the records two “hops” removed from the original target. Despite the fact that the number of targets has remained the same, the number of call records collected by the government has surged to over 530 million — more than three times what was reported last year.

The NSA has provided no clear explanation for this increase, telling the press that they “expect this number to fluctuate from year to year.” This canned response is woefully inadequate, and Congress should press for more answers.

The NSA continues to fail to report certain information about its activities as required by law.

The 2015 surveillance reform law, which the NSA endorsed, required the agency to report the number of “unique identifiers” — such as unique phone numbers and other account identifiers — that are collected by the government. The goal was to provide a sense of how many individual accounts were being swept up in the government’s surveillance.

The NSA has failed to report the number of unique identifiers associated with call detail record collection despite its obligation to do so under the law. As a result, we are left with no way to ascertain what has caused the surge in the number of phone records the government obtained. It could be due to duplication (like when one phone call creates records at multiple phone companies), multiple calls to the same number, or the types of unlawful surveillance that we have seen in the past.

The number of foreign targets for certain types of warrantless surveillance has increased by the largest percentage ever reported — and the government is increasingly using this data to spy on the content of Americans’ communications.

The report reveals that the number of targets subject to warrantless surveillance under Section 702 of the Foreign Intelligence Surveillance Act has increased by over 20 percent, the largest rise since the government started publicly reporting this number. This spike likely means that there is a corresponding increase in the number of Americans and foreigners who are swept up in the government’s surveillance.

Indeed, the report also reveals that this data is being mined more often to look for the content of Americans’ communications — despite the fact that the law prohibits the government from using Section 702 to target Americans. The NSA, CIA, and National Counterterrorism Center conducted over 7,500 of these backdoor searches, and the FBI does not report the number of searches it conducts at all.

The use of surveillance authorities requiring a court order has dropped — but that might not be a good thing.

The NSA reports less reliance on certain surveillance laws, including those that require the government to get a court order to obtain electronic metadata, including information about who is on the sending and receiving end of a communication as well as when it happened.  (This is often referred to as “pen register and trap and trace” or “PR/TT.”) According to the report, the government has obtained roughly only a quarter of the PR/TT orders that it obtained in 2013 — and that’s with over 90 percent fewer targets.

But we should not assume that this decrease translates into less spying. Given the increase in the use of other warrantless surveillance authorities, it is also possible that the government is obtaining this same information through means that do not require a court order.

For example, the government could be obtaining this information by mining data collected under Section 702 without a warrant, looking for the information of individuals who are not even targets of such surveillance. This would call into question whether existing restrictions are serving their purpose — or simply being easily skirted by the government’s increased abuse of warrantless surveillance authorities.

Congress should probe into the factors driving the various numbers in this report to determine whether the government is following the rules created to safeguard privacy and prevent overreach by the NSA.


Originally published by the American Civil Liberties Union, reprinted with permission for non-commercial purposes.

Comments

comments