We now have seen enough NSA denials to decrypt what they’re really saying.
Liberal, conservative, or independent, our news media does a bad job covering stories that play out over months. “News” is what’s happening right now — the newest revelation and the latest denial — embedded in a cloud of speculation about what might happen tomorrow. That focus on today’s scoop increases political polarization: When today’s headline contradicts yesterday’s and tomorrow’s is different yet, it’s tempting only to remember the ones that fit your prior bias. The one’s that don’t fit, well, they were all refuted by later developments, weren’t they?
In this series I’m going to take a longer perspective. What do we know about the NSA’s domestic spying that we didn’t know (or weren’t as sure of) in May? And I’m going to begin the series with a topic that would fit better in a college-course syllabus than a news article: vocabulary.
That may sound boring, but it’s the right place to start. The big reason this story keeps ping-ponging between alarm and reassurance is that the words the NSA uses in its comforting denials don’t really mean what you think they mean.
Ping-pong. Since June 5, when The Guardian and The Washington Post began publishing NSA documents leaked by Edward Snowden, revelations about the NSA’s spying on Americans have had a back-and-forth quality. Something alarming comes out, then more details are released that make the initial story seem overblown, then we discover that the comforting safeguards in the second round of stories are often violated in practice, and on it goes.
So, for example, the public’s initial worries (ping!) about domestic spying were countered by assurances (pong!) that it happened only under warrants from the secret Foreign Intelligence Surveillance Court (FISC), which had been established by Congress in the Foreign Intelligence Surveillance Act (FISA). That felt familiar, like the police-procedural shows on TV; authorities have to convince a judge they have a good reason to be suspicious of you before they can invade your privacy.
Then Snowden revealed just how open-ended those orders can be: Verizon was ordered not to turn over not just data about specific people connected to a particular terrorism investigation, but data about all calls going through its system. Apparently, the NSA was building a database of all phone calls in the United States — who called who, when, from where, and for how long. Ping!
But then we found out (pong!) that further FISC orders were required whenever the NSA used the database, and the database itself had auditing procedures to make sure analysts weren’t just messing around with it whenever they wanted. The Week reports:
In order to access the stored data sets, the NSA needs to have a real tangible reason. … [The] law has been interpreted by the Foreign Intelligence Surveillance Court to relate only to the way in which the data is used.
And then last month (ping!) it came out that the FISC had reprimanded the NSA for lying to it about what it was doing:
The court is troubled that the government’s revelations regarding N.S.A.’s acquisition of Internet transactions mark the third instance in less than three years in which the government has disclosed a substantial misrepresentation regarding the scope of a major collection program.
Those abuses, we are told, were all corrected in 2011 (pong!), so everything is hunky-dory now.
Meanwhile, another Snowden leak (ping!) gave us an internal audit in which the NSA found it had violated its own safeguards 2776 times during the year ending in March 2012. (The Electronic Frontier Foundation points out that even this report is incomplete: “the thousands of violations only include the NSA’s main office in Maryland—not the other—potentially hundreds—of other NSA offices across the country.”)
But the violations appear to be accidental and trivial. (Pong!) Senator Feinstein assured us that the Senate committee overseeing the NSA “has never identified an instance in which the NSA has intentionally abused its authority to conduct surveillance for inappropriate purposes.” Well, except for NSA officers who spied on their partner or spouse. (PIng!) But that almost never happens (assuming we caught them all) and usually is abusing the NSA’s foreign intel, not domestic intel. (Pong!)
What has been reported as fact provides fertile ground for worrisome speculation: How hard it would be to hide a needle in that haystack of violations? And what if there’s a further layer to this onion, and malevolent or overzealous analysts have ways to circumvent the audits? The NSA, after all, is supposed to have the best hackers in the world. What if a few of them have hacked the NSA’s own systems? Snowden himself must have circumvented a few internal procedures to escape with all those documents.
Decrypting the NSA. Here’s the first lesson to learn from the Summer of Snowden: When the NSA makes those comforting denials, it is choosing words carefully and using them in non-standard ways. This summer we’ve heard so many denials that we’re now able to properly interpret statements that were constructed to obfuscate. (This work builds on the glossary that the Electronic Frontier Foundation started compiling during the Bush administration.) Ironically, this is a standard code-breaking technique: If you can induce your opponent to send a lot of coded messages, you have much more data to use in breaking the code.
Collect. In the Free Online Dictionary, this is the first definition for collect:
To bring together in a group or mass; gather.
So if someone were gathering information about you and storing it in a database, you would probably say they were collecting information about you. Conversely, when the NSA says they aren’t collecting information about you, you probably think they are denying the existence of such a database.
They aren’t. In NSA parlance, information hasn’t been collected until it comes to the attention of a human analyst. If no database query returns your information to a person, it hasn’t been collected.
And so we can have public exchanges like this one in front of the Senate Intelligence Committee on March 12:
Senator Ron Wyden (D-Oregon): Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?
Director of National Intelligence James Clapper: No, sir.
Senator Wyden: It does not?
Director Clapper: Not wittingly. There are cases where they could inadvertently perhaps collect, but not wittingly.
Three months later we found out about the Verizon court order. Clapper undoubtedly knew in March that the NSA was assembling a database containing information on everyone who uses a phone, but since the number of Americans whose information is seen by a human analyst is less than “millions”, he could say no.
A small-scale analogy: Imagine that your neighbor raids your mailbox every day before you get home from work, steams the letters open, photocopies them, files the copies, and then reseals the envelopes and returns them to your box before you notice. In NSA terms, as long as he is just filing the copies and never reads them, he’s not collecting your mail.
Content. In the NSA’s public statements, only the body of an email or phone call is considered content. Anything in the header of an email — including the subject line — is metadata and not content. Likewise, the fact that you called so-and-so at a certain time from a certain place and talked for so many minutes is not content, even if what you said is easily deducible from that information. The New Yorker’s Jane Mayer quotes the following example from Sun Microsystems engineer Susan Landau:
You can see a call to a gynecologist, and then a call to an oncologist, and then a call to close family members.
The Guardian has a good summary of what metadata means in the context of email, phone calls, web browsing, Google searches, photographs, and posts to Facebook or Twitter.
The EFF points out that content is defined much more broadly in the FISA law itself:
any information concerning the identity of the parties to such communication or the existence, substance, purport, or meaning of that communication
If the NSA used the law’s definition, it could not deny that it’s accessing the content of your communications.
Conversation and communication. Similarly, the NSA makes a distinction between communications and conversations. Your conversation is in the content of your phone call, while the communication includes the metadata. So in 2006 Director of National Intelligence Michael Hayden was able to say:
the activities whose existence the president confirmed several weeks ago … is not a driftnet over Dearborn or Lackawanna or Freemont grabbing conversations that we then sort out by these alleged keyword searches or data-mining tools or other devices that so-called experts keep talking about. This is targeted and focused. This is not about intercepting conversations between people in the United States. This is hot pursuit of communications entering or leaving America involving someone we believe is associated with al Qaeda.
In reality, Hayden did have a driftnet gathering up metadata to feed into data-mining tools, as he later acknowledged. He just wasn’t feeding in conversations.
Specificity. Director Hayden’s statement is an example of another kind of trickery, which I made a little more obvious by the way I edited his quote: Denials are almost always about specific programs, not about the totality of the NSA’s activities.
The typical scenario goes like this: Questions will be raised about PRISM or XKeyscore or some other NSA program, and the official response seems to deny that the NSA is doing a certain kind of thing. But if you read the response carefully, all it really says is that the NSA isn’t doing that thing under that program.
Take another look at what Hayden said. If some other NSA program actually were scanning the content of conversations for keywords, he would not have lied.
Target. In an interview with Charlie Rose in June (beginning at about the 26-minutes-to-go mark), President Obama said:
President Obama: What I can say unequivocally is that, if you are a U.S. person, the NSA cannot listen to your telephone calls, and the NSA. cannot target your e-mails.
Charlie Rose: And have not?
Obama: And have not.
The law does not allow the NSA to “target” an American’s phone calls and emails. But the ACLU explains how your privacy can be violated without “targeting” you.
if an American is communicating (however innocently) with a foreign “target” under the [FISA Amendments Act of 2008], the law allows the government to collect, inspect, and keep the content of that communication. … The target need not be a suspected terrorist or even suspected of any kind of wrongdoing. … While official defenses have flatly stated that targets under the FAA must be both foreign and abroad, the statute only requires that the government “reasonably believe” those things to be true.
Analysts who use the [PRISM] system from a Web portal at Fort Meade, Md., key in “selectors,” or search terms, that are designed to produce at least 51 percent confidence in a target’s “foreignness.” That is not a very stringent test. …
Even when the system works just as advertised, with no American singled out for targeting, the NSA routinely collects a great deal of American content. That is described as “incidental,” and it is inherent in contact chaining, one of the basic tools of the trade. To collect on a suspected spy or foreign terrorist means, at minimum, that everyone in the suspect’s inbox or outbox is swept in. Intelligence analysts are typically taught to chain through contacts two “hops” out from their target, which increases “incidental collection” exponentially.
In July, AP reported that the system sucks in data about a vast number of non-targeted people.
For the first time, NSA Deputy Director John C. Inglis disclosed that the agency sometimes conducts what is known as three-hop analysis. That means the government can look at the phone data of a suspected terrorist, plus the data of all of the contacts, then all of those people’s contacts, and all of those people’s contacts.
If the average person calls 40 unique people, three-hop analysis could allow the government to mine the records of 2.5 million Americans when investigating one suspected terrorist.
these exceptions and loopholes open the door to the routine interception of American communications. And this doesn’t just result from the odd mistake; this is what the law was designed to do. … Domestic communications can be retained forever if they contain “foreign intelligence information” or evidence of a crime, or if they are encrypted or aid “traffic analysis.” That’s a lot of exceptions. And even communications that do not meet any of these criteria can be stored in the NSA’s massive databases for as long as five years.
Once your information has been pulled out of the general database by such a search, it enters “the corporate store“, a database which NSA analysts can access without further court orders — even though you were never “targeted”.
Who does this fool? Notice that the exchange between Director Clapper and Senator Wyden wasn’t on some Sunday talk show; it was in a Senate committee hearing. We also have writings from FISC judges who complain about being misled by the NSA. And that leads to Part II of the Summer of Snowden series (which might appear next week if space allows): Why constitutional checks and balances aren’t working.