The Wall Street Journal discusses the role of the National Security Agency in analyzing the data they sweep up via FISA. Apparently "A number of NSA employees have expressed concerns that the agency may be overstepping its authority by veering into domestic surveillance." (WSJ) And, points out one expert somberly, the constitutional questions of whether the government can probe the wide array of data it's currently examining without violating reasonable expectations of privacy has never been resolved. (WSJ) "NSA officials say the agency's own investigations remain focused only on foreign threats, but it's increasingly difficult to distinguish between domestic and international communications in a digital era, so they need to sweep up more information," the article observes.(WSJ)
Do you mind? Should you mind? Let's take a look at exactly what they're sweeping up, and in.
I guess we must not mind.
Largely missing from the public discussion [of FISA] is the role of the highly secretive NSA in analyzing that data, collected through little-known arrangements that can blur the lines between domestic and foreign intelligence gathering. ....
According to current and former intelligence officials, the spy agency now monitors huge volumes of records of domestic emails and Internet searches as well as bank transfers, credit-card transactions, travel and telephone records. The NSA receives this so-called "transactional" data from other agencies or private companies, and its sophisticated software programs analyze the various transactions for suspicious patterns. Then they spit out leads to be explored by counterterrorism programs across the U.S. government
The NSA's enterprise involves a cluster of powerful intelligence-gathering programs, all of which sparked civil-liberties complaints when they came to light. They include a Federal Bureau of Investigation program to track telecommunications data once known as Carnivore, now called the Digital Collection System, and a U.S. arrangement with the world's main international banking clearinghouse to track money movements.
The effort also ties into data from an ad-hoc collection of so-called "black programs" whose existence is undisclosed, the current and former officials say. Many of the programs in various agencies began years before the 9/11 attacks but have since been given greater reach. Among them, current and former intelligence officials say, is a longstanding Treasury Department program to collect individual financial data including wire transfers and credit-card transactions....
Two former officials familiar with the data-sifting efforts said they work by starting with some sort of lead, like a phone number or Internet address. In partnership with the FBI, the systems then can track all domestic and foreign transactions of people associated with that item -- and then the people who associated with them, and so on, casting a gradually wider net. An intelligence official described more of a rapid-response effect: If a person suspected of terrorist connections is believed to be in a U.S. city -- for instance, Detroit, a community with a high concentration of Muslim Americans -- the government's spy systems may be directed to collect and analyze all electronic communications into and out of the city.
The haul can include records of phone calls, email headers and destinations, data on financial transactions and records of Internet browsing. The system also would collect information about other people, including those in the U.S., who communicated with people in Detroit.
The information doesn't generally include the contents of conversations or emails. But it can give such transactional information as a cellphone's location, whom a person is calling, and what Web sites he or she is visiting. For an email, the data haul can include the identities of the sender and recipient and the subject line, but not the content of the message.
Intelligence agencies have used administrative subpoenas issued by the FBI -- which don't need a judge's signature -- to collect and analyze such data, current and former intelligence officials said. If that data provided "reasonable suspicion" that a person, whether foreign or from the U.S., was linked to al Qaeda, intelligence officers could eavesdrop under the NSA's Terrorist Surveillance Program.(WSJ)
The article goes on to examine the scope of the NSA's efforts---to the extent known--- and the various concerns raised about these.
Gen. Hayden, the former NSA chief and now Central Intelligence Agency director, in January 2006 publicly defended the activities of the Terrorist Surveillance Program after it was disclosed by the New York Times. He said it was "not a driftnet over Lackawanna or Fremont or Dearborn, grabbing all communications and then sifting them out." Rather, he said, it was carefully targeted at terrorists. However, some intelligence officials now say the broader NSA effort amounts to a driftnet. A portion of the activity, the NSA's access to domestic phone records, was disclosed by a USA Today article in 2006. (WSJ)
At least it's clear to me, after reading this, why the telecoms want immunity.
The legality of data-sweeping relies largely on the government's interpretation of a 1979 Supreme Court ruling allowing records of phone calls -- but not actual conversations -- to be collected without a judge issuing a warrant. Multiple laws require a court order for so-called "transactional'" records of electronic communications, but the 2001 Patriot Act lowered the standard for such an order in some cases, and in others made records accessible using FBI administrative subpoenas called "national security letters."
A debate is brewing among legal and technology scholars over whether there should be privacy protections when a wide variety of transactional data are brought together to paint what is essentially a profile of an individual's behavior. "You know everything I'm doing, you know what happened, and you haven't listened to any of the contents" of the communications, said Susan Landau, co-author of a book on electronic privacy and a senior engineer at Sun Microsystems Laboratories. "Transactional information is remarkably revelatory."
Ms. Spaulding, the national-security lawyer, said it's "extremely questionable" to assume Americans don't have a reasonable expectation of privacy for data such as the subject-header of an email or a Web address from an Internet search, because those are more like the content of a communication than a phone number. "These are questions that require discussion and debate," she said. "This is one of the problems with doing it all in secret." (WSJ)
I wonder what people really do think. I'd almost be prepared to argue that Americans no longer have any expectation of privacy, what with all the ways in which private companies (not to mention the government) track and compile data on them. If, of course, this is true, people who want to keep their communications and data searches secret will find work-arounds.
It's disturbing to imagine that anyone really believes that a list of internet searches or email headings really does give you a profile of a person. What I mean is, of course, that it's disturbing to imagine what someone would make of me if they compiled a profile based on my internet searches and my favorite internet sites. For example, an investigator who did that would conclude that I watch a LOT more TV than I do, since I enjoy reading well-written and sarcastic recaps of shows I would never watch. The investigator might also include that I own, or aspire to own, a lot of expensive shoes since I regularly read Manolo's shoeblog----even though the reverse is true; or that I follow fashion and celebrities because I read "Go Fug Yourself" (which generally ridicules people I've never heard of wearing clothes of an equal complete lack of appeal to a woman of my age). So I don't know.
But I can see why "transactional information is remarkably revelatory"....back in college, one of my professors gave me a copy of someone's check records and challenged us to write an essay on that person's day-to-day life, aspirations, beliefs, and so forth. It was remarkably revelatory. So, you know, yeah....and if you put all that data all together? Yes....