I neglected some important points in this morning’s article on the NSA’s choreographed, confusing disclosures at Tuesday’s House Intelligence Committee Hearing. As many commenters rightly pointed out, listeners must evaluate whether intelligence and law enforcement officials can be taken at their word. Director of National Intelligence James Clapper previously told Senator Ron Wyden (D-Ore.) that, “No, sir,” NSA does not collect information on millions or hundreds of millions of Americans, at least “not wittingly.”
Of course, that is exactly what the PATRIOT Act Section 215 program provides for with American phone customers’ metadata. Hundreds of millions of citizens use telephones. Chairman Mike Rogers (R-Mich.) dismissed my assertion that Clapper denied this and, as noted in my article, he and Ranking Member Dutch Ruppersberger (D-Md.) seemed to have rehearsed their exchanges with the assembled officials.
NSA Director Alexander flatly denied pattern analysis or mining of the metadata, saying it would be impossible without specific queries. Agency whistleblower William Binney, a brilliant mathematician and cryptologist who spent almost four decades “never saying anything,” would probably challenge that notion. He developed some of NSA’s most advanced data analysis systems, only to see them turned on American citizens after 9/11. He quit, he says, after alternative, less invasive programs he developed and his pleas for constitutional fidelity were dismissed.
Binney laid out a less invasive approach to domestic surveillance in a fascinating USA Today interview he gave with two other NSA whistleblowers and their attorney from the Government Accountability Project (I strongly encourage all of my readers to take some time to look at it, at least the portion beginning with this excerpt):
Q: Is there a way to collect this data that is consistent with the Fourth Amendment, the constitutional protection against unreasonable search and seizure?
Binney: Two basic principles you have to use. … One is what I call the two-degree principle. If you have a terrorist talking to somebody in the United States — that’s the first degree away from the terrorist. And that could apply to any country in the world. And then the second degree would be who that person in the United States talked to. So that becomes your zone of suspicion. And the other one (principle) is you watch all the jihadi sites on the Web and who’s visiting those jihadi sites, who has an interest in the philosophy being expressed there. And then you add those to your zone of suspicion. Everybody else is innocent — I mean, you know, of terrorism, anyway.
[NSA Whistleblower J. Kirk] Wiebe: Until they’re somehow connected to this activity.
Binney: You pull in all the contents involving (that) zone of suspicion and you throw all the rest of it away. You can keep the attributes of all the communicants in the other parts of the world, the rest of the 7 billion people, right? And you can then encrypt it so that nobody can interrogate that base randomly. That’s the way of preventing this kind of random access by a contractor or by the FBI or any other DHS (Department of Homeland Security) or any other department of government. They couldn’t go in and find anybody. You couldn’t target your next-door neighbor. If you went in with his attributes, they’re encrypted. … So unless they are in the zone of suspicion, you won’t see any content on anybody and you won’t see any attributes in the clear. … It’s all within our capabilities.
He too must be taken at his word. All three whistleblowers readily admitted that Edward Snowden’s leaks gave unprecedented confirmation of their claims, but the details remain unclear.
Binney stated that the “13-80” notation on the leaked Verizon order means it was the 80th such order of 2013. Since they are issued every three months, he estimated that between 40 and 79 companies are involved (depending on whether Verizon’s order was issued last, first, or somewhere in between). During the Intelligence Committee hearing, Deputy Attorney General James Cole referred to a second, much longer Foreign Intelligence Surveillance Court order to Verizon, which places strictures on what can be done with the telephony metadata. If this is true, and data sharing court orders come in pairs, the theoretical number of companies involved according to Binney’s logic is cut in half: between 20 and 39.
Obviously, these are complicated issues, but Senator Wyden and his Intelligence Committee colleague Sen. Mark Udall (D-Colo.) question the necessity and value of archiving telephony metadata en masse. Both men have been consistent, strident critics of domestic surveillance; Wyden has been quoted as saying he did everything short of leaking classified material to warn of what Snowden saw. As reported by the Washington Post, Wyden and Udall issued a statement yesterday that challenged the claim that current practice is necessary for counter-terrorism:
Based on the evidence that we have seen, it appears that multiple terrorist plots have been disrupted at least in part because of information obtained under section 702 of FISA. However, it appears that the bulk phone records collection program under section 215 of the USA Patriot Act played little or no role in most of these disruptions. Saying that “these programs” have disrupted “dozens of potential terrorist plots” is misleading if the bulk phone records collection program is actually providing little or no unique value.
Even if Snowden doesn’t leak any further programs, details, controversy, misconceptions, and contradictions about the material he has brought to light will continue for some time. The nutshell is that there is no nutshell.