https://www.nytimes.com/2020/02/25/us/politics/nsa-phone-program.html
N.S.A. Phone Program Cost $100 Million, but Produced Only Two Unique Leads
A disputed program that allowed the National Security Agency to gain access to
logs of Americans’ domestic calls and texts yielded only one significant
investigation, according to a newly declassified study.
By Charlie Savage
Feb. 25, 2020
WASHINGTON — A National Security Agency system that analyzed logs of Americans’
domestic phone calls and text messages cost $100 million from 2015 to 2019, but
yielded only a single significant investigation, according to a newly
declassified study.
Moreover, only twice during that four-year period did the program generate
unique information that the F.B.I. did not already possess, said the study,
which was produced by the Privacy and Civil Liberties Oversight Board and
briefed to Congress on Tuesday.
“Based on one report, F.B.I. vetted an individual, but, after vetting,
determined that no further action was warranted,” the report said. “The second
report provided unique information about a telephone number, previously known
to U.S. authorities, which led to the opening of a foreign intelligence
investigation.”
The report did not reveal the subject matter of the one significant F.B.I.
investigation that was spurred by the Freedom Act program, and it did not
divulge its outcome.
But the high expense and low utility of the call records collected sheds new
light on the National Security Agency’s decision in 2019 to shutter the program
amid recurring technical headaches, halting a counterterrorism effort that has
touched off disputes about privacy and the rule of law since the Sept. 11,
2001, attacks.
The information surfaced as Congress was weighing whether to allow the law that
authorizes the agency to operate the system — the USA Freedom Act of 2015 — to
expire on March 15, or whether to accede to the Trump administration’s request
that lawmakers extend the statute, so the agency could choose to turn the
system back on in the future.
The House Judiciary Committee will meet on Wednesday to consider a draft bill
that would adjust surveillance law in several ways, including terminating the
program’s authority. Separately on Tuesday, Attorney General William P. Barr
met with Republican senators to urge them to extend three other investigative
powers also set to expire on March 15.
The privacy board is an independent agency created by Congress on the
recommendation of the commission that studied the Sept. 11 attacks. A
declassified, partly censored version of the board’s 103-page report was
obtained by The New York Times.
In an interview, the board’s chairman, Adam I. Klein, praised the National
Security Agency for deciding last year to suspend the program — not only
because of its high cost and low value, but because of continuing problems in
which telecommunications companies kept sending the agency more people’s phone
records than it had legal authority to collect.
“It shows a lot of judgment to acknowledge that something that consumed a lot
of resources and time did not yield the value anticipated,” Mr. Klein said. “We
want agencies to be able to reflect on their collection capabilities and wind
them down where appropriate. That’s the best way to ensure civil liberties and
privacy are balanced with operational needs.”
In a statement appended to the report, Mr. Klein also noted that phone records
were becoming less important as people shifted to using encrypted chat apps.
And, he noted, the government could still gain access to some phone logs
through other means, like traditional subpoenas for records of discrete
accounts, or N.S.A. collection abroad, where there are fewer legal limits.
The Times reported last year that the National Security Agency had delivered a
bleak internal assessment of the call records program’s steep costs and minimal
benefits without taking an explicit position on whether the Trump
administration should seek to extend the law that authorized it. But the
specific figures undergirding that briefing were previously classified.
The privacy board, working with the intelligence community, got several
additional salient facts declassified as part of the rollout of its report.
Among them, it officially disclosed that the system has gained access to
Americans’ cellphone records, not just logs of landline phone calls.
It also disclosed that in the four years the Freedom Act system was
operational, the National Security Agency produced 15 intelligence reports
derived from it. The other 13, however, contained information the F.B.I. had
already collected through other means, like ordinary subpoenas to telephone
companies.
The report cited two investigations in which the National Security Agency
produced reports derived from the program: its analysis of the Pulse nightclub
mass shooting in Orlando, Fla., in June 2016 and of a February 2016 incident in
Ohio where a man attacked people at a restaurant with a machete. But it did not
say whether the investigations into either of those attacks were connected to
the two intelligence reports that provided unique information not already in
the possession of the F.B.I.
The system traces back to a secret decision by President George W. Bush to
unleash the National Security Agency from certain legal constraints after the
Sept. 11 attacks. Among other things, the agency began collecting customer
calling records in bulk from several large telecoms. Counterterrorism analysts
used the data as a map of social links, hunting for hidden associates of known
terrorism suspects by looking at indirect connections.
In 2006, the Foreign Intelligence Surveillance Court secretly blessed the
program under a legally disputed interpretation of the Patriot Act. In 2013,
the program’s existence was leaked by the former National Security Agency
contractor Edward J. Snowden, prompting an uproar over privacy rights and the
rule of law.
Defenders of the program claimed that it could have stopped the Sept. 11
attacks. But in practice, its most concrete accomplishment, according to a 2014
report by the Privacy and Civil Liberties Oversight Board, was leading the
F.B.I. to scrutinize a San Diego man who turned out to have donated several
thousand dollars to the Shabab, the Islamist group in Somalia. There was no
accusation that he was planning to a terrorist attack.
In 2015, Congress enacted the USA Freedom Act, which ended the bulk collection
of phone records under the Patriot Act, but authorized the National Security
Agency to operate an alternative system that kept the bulk records in the hands
of phone companies.
With a judge’s permission, the agency could query the system to swiftly obtain
the records not only of a suspect, but of everyone with whom that suspect had
been in contact.
The exponential math meant that the agency was still gathering a huge number of
call and text records about Americans, however. In 2018, the agency obtained 14
court orders, but gathered 434 million call detail records involving 19 million
phone numbers.
There were repeated signs of trouble. In spring 2018, the National Security
Agency purged hundreds of millions of records after it realized that its
database was contaminated with some files the agency had no authority to
receive. And in fall 2018, it discovered again that it was overcollecting data.
The agency turned off the program in 2019.
The agency has said that the cause of the problems was largely that telecoms
were returning erroneous call records. The unclassified version of the privacy
board’s report adds a few details to that discussion, but sections about
exactly what went wrong remain blacked out.
Mr. Klein said that after the agency’s staff worked with the intelligence
community to get large amounts of information declassified, the board met with
Joseph Maguire, the former acting director of national intelligence, to ask for
four more things to be made public.
Mr. Maguire agreed to declassify one — that the program had cost taxpayers $100
million — but three others remain secret despite the board’s request. Among
them, Mr. Klein said, were additional details about what kinds of records the
program did and did not collect, about the cause of the compliance problems
with the telecoms and about how the agency processed the data.
Katie Benner and Nicholas Fandos contributed reporting.
© 2020 The New York Times Company
NYTCoContact UsWork with usAdvertiseT Brand StudioYour Ad
ChoicesPrivacyTerms of ServiceTerms of SaleSite MapHelpSubscriptions
