What’s Up at the NSA?

The President and members of Congress have begun to speak publicly about the NSA domestic spying program the New York Times broke last week. No concrete new details about the program have come out, but I think there are enough clues in the language the President and other have used that the outlines of the program are emerging. What I’m about to engage in is purely speculative – I have no inside sources or information about the program that hasn’t been published elsewhere. But if you’ll permit me to strap on my tinfoil hat, this is what I think is happening.

My guess is that the NSA is intercepting broad swaths of communications – emails, phone calls, etc. – and that they have sophisticated data mining software that lets them sift through everything to see of there is anything they deem suspicious. A new technology would explain a few of the comments made by people familiar with the program. The website defensetech.org has picked up a couple of these. First, former Senator Bob Graham, who was chairman of the Senate Intelligence Committee when the NSA program started, in Sunday’s Washington Post:

“I came out of the room with the full sense that we were dealing with a change in technology but not policy” Graham said, with new opportunities to intercept overseas calls that passed through U.S. switches.

Next we have a statement from Bill Keller, the New York Times’ executive editor:

“[W]e satisfied ourselves that we could write about this program — withholding a number of technical details — in a way that would not expose any intelligence-gathering methods or capabilities that are not already on the public record.”

That’s two mentions of a new technology. The next puzzle piece is Senator Jay Rockefeller’scryptic handwritten letter to Vice President Cheney in which he compares the NSA program to the Total Information Awareness project that the Defense Department experimented with a few years ago. That program was essentially a large scale data mining project aimed at collecting commercial information and scouring it for connections that might point to a terrorist. I wrote about Total Information Awareness, which was subsequently shut down in the face of negative public opinion, a few years ago in an article about the Patriot Act. I’ve since encountered enough government sponsored data mining programs to know that Total Information Awareness was just one of many.

In that article I also detailed a new mindset among law enforcement officials. Here’s what I wrote at the time:

“Before the terrorist attacks, when a crime occurred, investigators would work to determine the perpetrator’s identity, and then they would try to dig up as much information about the suspect as possible. Collect, then convict…[T]he new attitude is detect and deter. The FBI is now wading through enormous amounts of data looking for activity that could indicate a terrorist plot or crime.”

President Bush used language almost identical to this in his press conference yesterday:

“We looked at the possible scenarios. And the people responsible for helping us protect and defend came forth with the current program, because it enables us to move faster and quicker. And that’s important. We’ve got to be fast on our feet, quick to detect and prevent.”

There’s one last puzzle piece. As you have no doubt heard by now, there is a special court that was established in the Foreign Intelligence Surveillance ACT (FISA) that is set up to approve the kinds of communications the NSA program is monitoring. The government is even allowed to request a warrant up to 72 hours after it conducts a search. (The Electronic Privacy Information Center has some background material on FISA). FISA is basically a rubber stamp – the court has rejected a grand total of four warrant requests since 1979.

So why didn’t the current program just go through FISA? I can only think of two explanations. First, that they are intercepting emails or phone calls that contain certain key words in real-time, and hence it isn’t even possible to get a warrant ahead of time. The second is that they are casting a wide net and intercepting communications from large numbers of people in the hopes that data mining will help them “detect and prevent” another terror attack.

When more details come out my guess is it will probably prove to be some combination of the two.

Ben Worthen is a CIO senior writer.

December 22 Update: Well, it’s starting to look like the tinfoil hat can come off. This passage was in today’s Washington Post:

“Sources knowledgeable about the program said there is no way to secure a FISA warrant when the goal is to listen in on a vast array of communications in the hopes of finding something that sounds suspicious….One government official, who spoke on the condition of anonymity, said the administration complained bitterly that the FISA process demanded too much: to name a target and give a reason to spy on it…The NSA program, and the technology on which it is based, makes it impossible to meet that criterion because the program is designed to intercept selected conversations in real time from among an enormous number relayed at any moment through satellites.”

I also want to share a quick but compelling argument a friend e-mailed me about why terror cases present so many legal gray areas:

“Intelligence seeks to ferret out information from a mountain of foreign data, and to do it before bad things happen.  Law enforcement seeks to investigate crimes that have already occurred at home, and make it so the evidence stands up in a court of law.  The possibility of domestic terrorist conspiracies falls somewhere in between.”

–B.W.