NSA
loophole allows warrantless search for US citizens' emails and phone
calls
Exclusive:
Spy agency has secret backdoor permission to search databases for
individual Americans' communications
8
August, 2013
The
National Security Agency has a secret backdoor into its vast
databases under a legal authority enabling it to search for US
citizens' email and phone calls without a warrant, according to a
top-secret document passed to the Guardian by Edward Snowden.
The
previously undisclosed rule change allows NSA operatives to hunt for
individual Americans' communications using their name or other
identifying information. Senator Ron Wyden told the Guardian that the
law provides the NSA with a loophole potentially allowing
"warrantless searches for the phone calls or emails of
law-abiding Americans".
The
authority, approved in 2011, appears to contrast with repeated
assurances from Barack Obama and senior intelligence officials to
both Congress and the American public that the privacy of US citizens
is protected from the NSA's dragnet surveillance programs.
The
intelligence data is being gathered under Section 702 of the of the
Fisa Amendments Act (FAA), which gives the NSA authority to target
without warrant the communications of foreign targets, who must be
non-US citizens and outside the US at the point of collection.
The
communications of Americans in direct contact with foreign targets
can also be collected without a warrant, and the intelligence
agencies acknowledge that purely domestic communications can also be
inadvertently swept into its databases. That process is known as
"incidental collection" in surveillance parlance.
But
this is the first evidence that the NSA has permission to search
those databases for specific US individuals' communications.
A
secret glossary document provided to operatives in the NSA's Special
Source Operations division – which runs the Prism program and
large-scale cable intercepts through corporate partnerships with
technology companies – details an update to the "minimization"
procedures that govern how the agency must handle the communications
of US persons. That group is defined as both American citizens and
foreigners located in the US.
"While
the FAA 702 minimization procedures approved on 3 October 2011 now
allow for use of certain United States person names and identifiers
as query terms when reviewing collected FAA 702 data," the
glossary states, "analysts may NOT/NOT [not repeat not]
implement any USP [US persons] queries until an effective oversight
process has been developed by NSA and agreed to by DOJ/ODNI [Office
of the Director of National Intelligence]."
The
term "identifiers" is NSA jargon for information relating
to an individual, such as telephone number, email address, IP address
and username as well as their name.
The
document – which is undated, though metadata suggests this version
was last updated in June 2012 – does not say whether the oversight
process it mentions has been established or whether any searches
against US person names have taken place.
Senator
Ron Wyden. Photograph: Jacquelyn Martin/AP
Wyden,
an Oregon Democrat on the Senate intelligence committee, has
obliquely warned for months that the NSA's retention of Americans'
communications incidentally collected and its ability to search
through it has been far more extensive than intelligence officials
have stated publicly. Speaking this week, Wyden told the Guardian it
amounts to a "backdoor search" through Americans'
communications data.
"Section
702 was intended to give the government new authorities to collect
the communications of individuals believed to be foreigners outside
the US, but the intelligence community has been unable to tell
Congress how many Americans have had their communications swept up in
that collection," he said.
"Once
Americans' communications are collected, a gap in the law that I call
the 'back-door searches loophole' allows the government to
potentially go through these communications and conduct warrantless
searches for the phone calls or emails of law-abiding Americans."
Wyden,
along with his intelligence committee colleague Mark Udall, have
attempted repeatedly to warn publicly about the ability of the
intelligence community to look at the communications of US citizens,
but are limited by their obligation not to reveal highly classified
information.
But
in a letter they recently wrote to the NSA director, General Keith
Alexander, the two senators warned that a fact sheet released by the
NSA in the wake of the initial Prism revelations to reassure the
American public about domestic surveillance was misleading.
In
the letter, they warned that Americans' communications might be
inadvertently collected and stored under Section 702, despite rules
stating only data on foreigners should be collected and retained.
"[W]e
note that this same fact sheet states that under Section 702, 'Any
inadvertently acquired communication of or concerning a US person
must be promptly destroyed if it is neither relevant to the
authorised purpose nor evidence of a crime,'" they said.
"We
believe that this statement is somewhat misleading, in that it
implied the NSA has the ability to determine how many American
communications it has collected under Section 702, or that the law
does not allow the NSA to deliberately search for the records of
particular Americans."
The
foreign intelligence surveillance (Fisa) court issues approvals
annually authorizing such operations, with specific rules on who can
be targeted and what measures must be taken to minimize any details
"inadvertently" collected on US persons.
Secret
minimization procedures dating from 2009, published in June by the
Guardian, revealed that the NSA could make use of any "inadvertently
acquired" information on US persons under a defined range of
circumstances, including if they held usable intelligence,
information on criminal activity, threat of harm to people or
property, are encrypted or are believed to contain any information
relevant to cybersecurity.
At
that stage, however, the rules did not appear to allow for searches
of collected data relating to specific US persons.
Assurances
from Obama and senior administration officials to the American public
about the privacy of their communications have relied on the strict
definition of what constitutes "targeting" while making no
mention of the permission to search for US data within material that
has already been collected.
The
day after the Guardian revealed details of the NSA's Prism program,
President Obama said: "Now, with respect to the internet and
emails, this doesn't apply to US citizens and it doesn't apply to
people living in the United States."
Speaking
at a House hearing on 18 June this year, deputy attorney general
James Cole told legislators "[T]here's a great deal of
minimization procedures that are involved here, particularly
concerning any of the acquisition of information that deals or comes
from US persons.
"As
I said, only targeting people outside the United States who are not
US persons. But if we do acquire any information that relates to a US
person, under limited criteria only can we keep it."
Dianne
Feinstein, the California Democrat who chairs the Senate intelligence
committee, said in June 2012 that she believed the intelligence
agencies and the Justice Department were sufficiently mindful of
Americans' privacy.
"The
intelligence community is strictly prohibited from using Section 702
to target a US person, which must at all times be carried out
pursuant to an individualized court order based upon probable cause,"
Feinstein stated in a report provided to the Senate record.
While
there are several congressional proposals to constrain the NSA's bulk
collection of Americans' phone records, there has to date been much
less legislative appetite to abridge its powers under Section 702 –
as lawmakers are satisfied it doesn't sufficiently violate Americans'
privacy.
"702
is focused outside the United States at non-citizens," said Adam
Schiff, a member of the House intelligence committee. "The
evidence of the effectiveness of 702 is much more substantial than
215 [the bulk phone records collection]. So I think there are fewer
fourth amendment concerns and more evidence of the saliency of the
program."
Wyden
and Udall – both of whom say foreign surveillance conducted under
Section 702 has legitimate value for US national security – have
tried and failed to restrict the NSA's ability to collect and store
Americans' communications that it accidentally acquires.
Wyden
told the Guardian that he raised concerns about the loophole with
President Obama during an August 1 meeting with legislators about the
NSA's surveillance powers.
"I
believe that Congress should reform Section 702 to provide better
protections for Americans' privacy, and that this could be done
without losing the value that this collection provides," he
said.
The
Guardian put the latest revelations to the NSA and the Office of the
Director of National Intelligence but no response had been received
by the time of publication.
No comments:
Post a Comment
Note: only a member of this blog may post a comment.