Reaction to NSA Surveillance of U.S. Citizens’ Phone Records

Benjamin Wittes and Wells C. Bennett

We are at a bit of a loss to understand the FISA Court order that Steve discussed earlier and that Glenn Greenwald disclosed at the Guardian. As Steve noted, the order required Verizon Business Network Services, under Section 215 of the Patriot Act,

to produce to the National Security Agency (NSA) upon service of this Order, and continue production on an ongoing daily basis thereafter for the duration of this Order, unless otherwise ordered by the Court, an electronic copy of the following tangible things: all call detail records or “telephony metadata” created by Verizon for communications (i) between the United States and abroad; or (ii) wholly within the United States, including local telephone calls.

The order—assuming it hasn’t been since modified or contravened—lasts for three months, beginning on April 25 and ending in mid-July.

We have only the order itself, not the application that underlies it, but we have a hard time imagining the application that could have produced it. Section 215, codified in law as 50 U.S.C. § 1861, allows the government to apply to the FISA court for an order for production “of any tangible things . . . for an investigation to obtain foreign intelligence information not concerning a United States person or to protect against international terrorism or clandestine intelligence activities. . . .” To acquire such an order, the government does not have to do much—just as it doesn’t have to do much in a criminal investigation: It merely has to offer, in pertinent part, “a statement of facts showing that there are reasonable grounds to believe that the tangible things sought are relevant to an authorized investigation . . . to obtain foreign intelligence information not concerning a United States person or to protect against international terrorism or clandestine intelligence activities.”

So we are trying to imagine what conceivable set of facts would render all telephony metadata generated in the United States “relevant” to a particular investigation—-whatever it might touch on, or how broadly it might sweep. Presumably, the theory would have to be that the “tangible things” here are the giant ongoing flood of data from the telecommunications companies and that they are “relevant to an authorized investigation,” perhaps of Al Qaeda, “to protect against international terrorism.” That reading seems oddly consistent with the statutory text, which may be why the intelligence committee leadership seems so comfortable with the program. But assume this is right. And assume further that the government does not yet know the identities of all of the targets, or the persons with whom those targets might communicate. How is it possible that all calls between, say, a Washington D.C. restaurant and its fish supplier are “relevant” even to such a broad investigation?

The only possible answer to this question is that a dataset of this size could be “relevant” because there are ways of analyzing big datasets algorithmically to yield all kinds of interesting things—but only if the dataset is known to include all of the possibly-relevant material. The data itself may not be relevant, but the dataset is relevant because it is complete—and therefore is sure to include any communications by whomever the bad guys turn out to be.

The trouble is that if that constitutes relevance for purposes of Section 215, then isn’t all data relevant to all investigations? Grand jury subpoenas, after all, issue on the basis of relevance too—albeit relevance to a criminal investigation. Why couldn’t the FBI obtain all domestic metadata on the theory that some sort of data-mining would be useful in a mob investigation—and that a complete dataset is therefore “relevant” to it?

According to press reports today, the government has sought, and won, judicial approval for comparable Section 215 orders for years in the past.  Its broad-sweeping collection, moreover, has been briefed to members of congressional intelligence committees.  In particular, the Chairman of the Senate intelligence committee said that these collection activities are years old and regularly renewed by the FISC.  The Ranking Member added that the collection described in the Guardian report is “nothing new.”

From a legal standpoint, it is undoubtedly significant that judges and legislators repeatedly have blessed these activities.  Still, the government ought to explain why Section 215’s “tangible things” and “relevance” language do not permit any metadata to  be deemed relevant and thus subject to production under the law. In other words, what’s the limiting principle here? This is an even more important question if the harvesting of these records from Verizon is so unremarkable, and so long-lasting, as Senators today seemed to imply. The government needs to explain its position to the public, and not just to the FISC and to appropriate members of Congress.