For three years, the National Security Agency routinely violated rules set down by federal judges governing how the agency was allowed to use mass-collected data about every telephone call made in the United States, according to more than 1,800 pages of declassified documents the Obama administration released Tuesday.
“From a technical standpoint, there was no single person who fully understood exactly how the program functioned,” said a senior intelligence official, one of two who agreed to discuss the documents with reporters only on condition of anonymity, despite speaking on a telephone conference call organized by his agency’s public affairs office.
“As a result, we did not describe it accurately” in court submissions beginning in May 2006 and the failure to comply with the court’s rules did not become apparent until January 2009, he said.
“This was a real compliance issue that NSA uncovered” through its internal vigilance, another official said.
But the admission drew withering criticism from privacy and civil liberties advocates.
“How can Congress, the American people, or even the president try to oversee an agency when the agency itself doesn’t even know the details of its programs?” asked Mark M. Jaycox, a policy analyst with the Electronic Frontier Foundation.
He called the NSA “a rogue agency.”
The documents released Tuesday relate to interpretations of section 215 of the Patriot Act argued by the government and approved by the FISA court, the secret tribunal created by the Foreign Intelligence Surveillance Act. Section 215, the so-called “business records” provision, allows the government to issue secret orders, compelling companies to turn over their records and forbidding them from revealing the seizure.
Top secret documents leaked in June by former NSA contractor Edward Snowden showed that the agency had used a secret, and very broad, interpretation of Section 215 to force U.S. telephone companies to hand over data about every phone call made in the United States.
The agency had thereby amassed a vast archival database of the caller, destination, time and duration — the so-called “metadata” — of every phone call made in America over the past five years.
Officials said in June that the database contained no information about the content of calls and that it was only used to look for people in America who had been in direct or indirect contact with suspected terrorists abroad. The FISA court ruled that the agency had to prove a “reasonable articulable suspicion” that a phone number was a legitimate target for counter-terrorism intelligence gathering before it could check the number against the database and see which Americans had been in touch with terrorists.
But beginning in 2006, NSA officials also checked the daily batches of data coming in from the phone companies against a so-called “alert list” — a batch of phone numbers that the agency regarded “of counter-terrorism interest” but many of which had not been cleared by the court. The list included the phone numbers of thousands of Americans.
During the three years the alert list was used, it grew from fewer than 4,000 to nearly 18,000, according to the officials on the conference call. Only about 2,000 of those had court approval.
“There are all kinds of things that [U.S. intelligence agencies do] that don’t meet any particular evidentiary standard,” one official said.