National Security Agency - Research Paper Example

NSA Data Collected Under the Patriot Act The USA Patriot Act’s section 215 gives permission to the government to access specific business records for use in national security investigations. This, however, has to be approved by the Foreign Intelligence Surveillance Court (FISA Court). Also, the Foreign Intelligence Surveillance Act under section 402 allows the government to install and make use of a trap or pen register and trace device for investigations on national security. Two sensitive and crucial intelligence collection programs are supported by these authorities. The programs are authorized to do bulk collection of certain routing, dialing, signaling and addressing information about electronic and telephone communication. These include e-mailing and telephone addresses used in communication and the dates and times of the communications. However, the programs do not give permission to collection of the content of the e-mails or calls themselves (Electronic Frontier Foundation). It is worth noting that although a huge amount of the information is collected, a vast majority of it does not usually get reviewed. This is because of the unresponsive nature of the information toward the limited queries authorized for purposes of intelligence. These programs are also subjected to extensive regimes of internal checks, more so for U.S persons and are monitored by the FISA court together with the congress. Therefore, NSA bulk collection programs are important tools in fighting against terrorism, they are greatly helpful in identification of terrorist plots aiming the homeland. The tools have the uniqueness of producing intelligence that is otherwise not available to the NSA. Data collection Programs During the time before the 9/11 terrorist attack in New York, the NSA failed to establish that a call made by one of the persons involved in the attack, one al-Mihdhar, was in fact originating from San Diego, California. Instead, despite intercepting and transcribing the calls, NSA could not get to know al-Mihdhar’s calling location, leading to the conclusion that he was overseas. It is because of this that programs were developed to close such gaps that allow individuals like al-Mihdhar to go undetected while communicating, in fact while in the United States, during plotting of terror attacks. One such program operates under the FISA Court authority and which is pursuant to FISA’s “business records” authority, which has a common reference as “Section 215”. Together with similar programs in operation pursuant to FISA, and including exercising of trap/pen authorities, give crucial intelligence information. The pen/trap and Section 215 authorities are employed in selected cases in acquiring significant information on foreign intelligence. It would be impossible to acquire such information otherwise either on timely basis or at all. Information acquired from U.S persons is usually subjected to court-imposed strict restrictions on its use, retention and dissemination and is also subjected to the requirement of strict auditing and reporting. These authorities significantly support the two crucial and sensitive programs used by the NSA to collect and analyze voluminous transaction data from specified telecommunication service providers within the United States. One such program has its base in Section 215, the Section 215 and the Pen-Trap Collection. It is in this program that the NSA has the authority to collect, from telecommunication service providers, business records containing information about communication between telephone numbers. This may include time, date and duration of calls. No telephone call content is collected, however, under this program. Under a longstanding precedent by the Supreme Court, the Fourth Amendment does not protect the collected information. In the program, telecommunication companies are served with court orders that usually last 90 days, requiring them to produce business records related to substantially every call the company handles and includes both calls made within the U.S and between foreign countries and the U.S. The government is also allowed to, under the program that bases on pen/trap provision on the FISA, collect information on electronic communications like “from” and “to” line in e-mail, routing information and time and date the e-mails are sent, excluding the content. Similarly, this is through court order and may not be under protection of the Fourth Amendment under court decisions. The following programs are also used by NSA. The ‘prism’ is a $20m-a-year top secret surveillance program. It offers the agency information access on its targets from servers of United States’ biggest technology companies including Apple, Face book, Google, Microsoft, Yahoo, Pal Talk and AOL. It is suggested in NSA documents that the agency is able to directly access information from servers of United States’ companies through Prism. Documents also show millions having been paid out to Prism providers by NSA. Microsoft is believed to have also helped NSA in circumventing its user’s encryption (Domestic Surveillance Directorate). Another program is the Upstream. Apparently, “Upstream” refers to several bulk-intercept programs by NSA which are codenamed STORMBREW, OAKSTAR, BLARNEY and FAIRVIEW. These usually involve interception of huge cables of fiber-optic communication both at undersea landing stations and those crossing the USA. U.S companies are usually compensated to allow NSA to access the internet and phone data. The NSA retains all metadata obtained through Prism and Upstream in MARINA, a database system, for twelve months. Tempora is a program in which NSA together with UK’s GCHQ undertake systematic efforts aimed at undermining encryption, the technology that ensures internet safety and security including e-commerce, e-mail accounts, official and banking records. NSA runs a $250m-a-year program that works covertly and overtly with industry in weakening hardware equipment, software security and global security standards. This has led to experts warning of such actions leaving internet users vulnerable. Broadness of the data collection program NSA published, in 2001, a secret report, “Transition 2001” that defines its 21st century strategy. This was after the realization that conventional methods could not be used to access analog communication. The digital world’s globally-networked and encrypted communications required change in surveillance strategy. It turned into collection partners the nation’s telecommunications and internet companies by serving them secret court orders, installing their facilities with filters, acquiring their keys to encryption and building backdoors to their software. Various intercept stations have been installed by NSA at key junction points throughout the country. These are known as switches and are located inside windowless buildings that major telecommunication companies own. These control flow of the nation’s domestic internet traffic. The traffic gets routed to NSA intercept stations for processing though a fiber-optic splitter placed on an incoming communication line. Through close partnership with the Federal Bureau of Investigations (FBI), NSA collects on an ongoing basis, bulk telephone records of US citizens through Top Secret orders from FISA Court. These give the same metadata explained above including the devices used. The Prism program, NSA’s number one raw intelligence source, partners with FBI DITU (Data Intercept Technology Unit) in extraction of information from servers of nine biggest internet companies in America. The partnership ensures direct access to video, audio, photographs, documents, e-mails and connection logs in each of the companies. The Prism program allows for close tracking over time of targeted individuals. The ability to run live surveillance enables the NSA to gain crucial insights into thoughts and intentions of search terms. NSA’s exploitation of Google Cloud is a “muscular” program that allows it to conduct a convenient large scale gathering of data outside the FISA Court’s jurisdiction through secretly tapping into communication links among data centers owned by Google outside the United States. A way around security measures put up by Google was discovered by Special Source Operations (SSO) group that gives full access to user’s data stored by Google on the cloud. The cell phone location tracking is done in bulk, capturing near five billion records daily and feeding them into a massive database of a 27 terabyte capacity and stores information about location of one hundred million devices. Through tapping into cables connecting mobile networks across the globe and working with corporate partners in installing and intercepting equipment, NSA is able to apply mathematical techniques which enable analysts to map relationships among cell phone owners by correlating their movement patterns over time with other users globally who may be crossing their paths. This program, dubbed “Co-traveler”, allows NSA to look for the unknown associates of well known intelligence targets through tracking of persons whose movements intersect. As for the undersea cable tapping, STORMBREW, OAKSTAR, FAIRVIEW and BLARNEY systems are used to process data flowing across the internet. Each of the systems handles a different kind of intercepted data. For instance, BLARNEY gathers metadata that describes who is speaking to who and the network and devices they are using. In one method used in the tapping, modified nuclear submarines house technicians and gear required in placing physical taps on the cables at strategic points of the network. In a second method, intercept probes are used at points where cables connect to landing stations of various countries. The probes capture and copy onward flowing data. Legal rationale for the data collection The legal basis for the U.S government’s intelligence collection is explained in an administration white paper dated August 9, 2013. The paper shows that the FBI uses court orders allowing it to obtain in bulk telephony metadata from telecommunication service providers. The NSA then stores, queries and analyzes this metadata for counterterrorism purposes. This program is authorized by the FISA Court under the FISA Act, 50 U.S.C 1861, that is made into law as section 215 of U.S.A’s Patriot Act. This program first got authorized in 2006 and has since got renewed over thirty times with the orders of several different FISA Court judges. Below are the reasons why the metadata collection program, when subject to court imposed restrictions is constitutional as well as being compliant with the standards set in Section 215 by congress. In telephony metadata collection programs, telecommunication companies provide the government with information regarding calls made in the United States together with those made between foreign countries and the United States. This is usually through court orders the FISC issues. The information includes the telephone numbers used in making and to receiving the calls, time and date the calls were made and the call durations. The paper argues that it is of utmost importance that the information is not inclusive of the call’s content, and that the government is not able, through the program, to record or listen to the telephone conversations. The metadata collected bears importance to the government since by analyzing it; it is able to determine if suspected or known terrorist operatives have contacted any other persons who might be undertaking terrorist activities, including individuals and activities in the United States. The program is limited, with great care, to this purpose: it is only unlawful to query the telephony metadata in bulk for other purposes apart from counterterrorism. Also, all such queries are limited by the rules imposed by the court. The programs have internal oversight mechanisms that prevent misuse. They also have requirements for external reporting to the Congress and FISC. FISC judges, in their multiples, have found Section 215 as authorizing bulk collection of telephony metadata. It also gives permission to the FBI to obtain court orders directing businesses or other entities to produce documents or records provided reasonable grounds exist to believe the sought information is relevant to authorized investigations of international terrorism. “Relevance” here is taken to be a broad standard permitting large data volume discoveries in circumstances in which doing so would be necessary in identification of much lesser amounts of information that the data contains about the data under investigation. The program in telephony metadata collection, albeit broad in scope, lives up to the “relevance” standard as provided by Section 215 since there exists “reasonable grounds to believe” the data category, when subjected to querying and analysis in consistence with Court-approved standards would yield information pertinent to investigations by FBI on international terrorism, and since certain analytic tools employed in accomplishing this objective require collecting and storing large volumes of telephony metadata. This does not however, mean authorization by Section 215, for collection and storage in bulk of all information types: a particular data’s relevance to international terrorism investigations is dependent on all facts and circumstances. For instance, communication metadata differs from various other kinds of records as it inter-connects and connections between each data point, which are reliably identifiable only by analyzing large data volumes, are important to a wide range of international terrorism investigations. The metadata collection is also compliant with the constitution. It is made clear by the Supreme Court precedent telephone calls participants lack reasonable privacy expectations due to the Fourth Amendment on telephone numbers they use in making and receiving calls. Also, given that Court-imposed restrictions on access and dissemination of the data, any privacy intrusion resulting from metadata collection is outweighed by identification of suspect terrorist operatives together with thwarting of their plots as a public interest, rendering the program as reasonable under the Fourth Amendment. Non-public programs One top secret program that the NSA has not made public has to do with secret assassinations of individuals who are suspected to be terrorists or operatives in terrorism. This is a program that comes about as a result of the collected metadata. When suspected terrorists or their associates are tracked, the NSA then uses lethal drone strikes to attack and most certainly kill the individuals tracked. As revealed by a former Joint Special Operations Command (JSOC) drone operator who has also worked with the agency, NSA usually identifies targets using the controversial metadata analysis together with cell-phone tracking technologies. Without confirmation of targets’ identities using informants or operatives on the ground, the U.S military or the CIA then orders strikes basing on the location and activity of the cell phone believed to be used by the persons. The drone operator was a member of a task force, High Value Targeting, under JSOC and charged with the identification, capture and killing of suspected terrorists in Yemen, Afghanistan, Somalia and elsewhere. His revelations are bolstered by NSA top-secret documents leaked out by another whistleblower, Edward Snowden. In support of the same is a former U.S Air Force drone sensor operator, Brandon Bryant, who turned out to be outspoken in criticizing lethal operations in Yemen, Afghanistan and Iraq, in which he got directly involved. He reveals one tactic that involves “geo-location” of the handsets or SIM cards of suspected terrorists, which then enable the U.S Military and CIA to conduct drone strikes and night raids that capture or kill the individuals possessing the devices. It is quite clear that the possibility of killing innocent people in such raids is high. According to these whistleblowers, NSA locates targets for drone attacks by analysis of a SIM card’s rather than the call’s actual content. This program, they claim, amount to nothing less than death due to unreliable metadata. Work Cited Domestic Surveillance Directorate. NSA World Surveillance: Surveillance Techniques: How Your Data Becomes Our Data. Retrieved 20 April 2014 from http://nsa.gov1.info/surveillance/ Electronic Frontier Foundation. Transparency Project: Section 215 of the USA PATRIOT Act. Retrieved from https://www.eff.org/foia/section-215-usa-patriot-act Kurzweil Accelerating Intelligence (2014). NSA’s top secret technology can tap/infect computers even when not connected to the Internet. Retrieved 20 April 2014 from http://www.kurzweilai.net/nsas-top-secret-technology-can-tapinfect-computers-even-when-not-connected-to-the-internet Scahill, J., Greenwald, G. (2014). The NSA’s Secret Role in the U.S. Assassination Program. Retrieved 20 April 2014 from https://firstlook.org/theintercept/article/2014/02/10/the-nsas-secret-role/ Read More