Wednesday, September 11, 2013

Court Upbraided N.S.A. on Its Use of Call-Log Data

http://www.nytimes.com/2013/09/11/us/court-upbraided-nsa-on-its-use-of-call-log-data.html?pagewanted=all&_r=0

---------- Forwarded message ----------
From: barry levine 
Date: Wed, Sep 11, 2013 at 8:44 AM
Subject: re: Court Upbraided N.S.A. on Its Use of Call-Log Data
To: "letters@nytimes.com"


To the Editor:
   Every day brings new evidence that James Clapper and Keith Alexander lied to Congress not casually but as part of a pattern of circumventing proper Congressional oversight. This is at once an affront to the authority of Congress, and assault on the Rule of Law and an attack on the sovereignty of the electorate. Each passing day that president Obama doesn't fire these two bolsters the conclusion that he is not in charge here and that our Intelligence Community is above the law.
Barry Haskell Levine

Court Upbraided N.S.A. on Its Use of Call-Log Data

By 
Published: September 10, 2013 36 CommentsIntelligence officials released secret documents on Tuesday showing that a judge reprimanded the National Security Agency in 2009 for violating its own procedures and misleading the nation’s intelligence court about how it used the telephone call logs it gathers in the hunt for terrorists.
It was the second case of a severe scolding of the spy agency by the Foreign Intelligence Surveillance Court to come to light since the disclosure of thousands of N.S.A. documents by Edward J. Snowden, a former contractor, began this summer.
The newly disclosed violations involved the N.S.A. program that has drawn perhaps the sharpest criticism from members of Congress and civil libertarians: the collection and storage for five years of information on virtually every phone call made in the United States. The agency uses orders from the intelligence court to compel phone companies to turn over records of numbers called and the time and duration of each call — the “metadata,” not the actual content of the calls.
Since Mr. Snowden disclosed the program, the agency has said that while it gathers data on billions of calls, it makes only a few hundred queries in the database each year, when it has “reasonable, articulable suspicion” that a telephone number is connected to terrorism.
But the new documents show that the agency also compares each day’s phone call data as it arrives with an “alert list” of thousands of domestic and foreign phone numbers that it has identified as possibly linked to terrorism.
The agency told the court that all the numbers on the alert list had met the legal standard of suspicion, but that was false. In fact, only about 10 percent of 17,800 phone numbers on the alert list in 2009 had met that test, a senior intelligence official said.
In a sharply worded March 2009 ruling, Judge Reggie B. Walton described the N.S.A.’s failure to comply with rules set by the intelligence court, set limits on how it could use the data it had gathered, and accused the agency of repeatedly misinforming the judges.
“The government has compounded its noncompliance with the court’s orders by repeatedly submitting inaccurate descriptions of the alert list process” to the court, Judge Walton wrote. “It has finally come to light that the F.I.S.C.’s authorizations of this vast collection program have been premised on a flawed depiction of how the N.S.A. uses” the phone call data.
The senior American intelligence official, briefing reporters before the documents’ release, admitted the sting of the court’s reprimand but said the problems came in a complex, highly technical program and were unintentional.
“There was nobody at N.S.A. who really had a full understanding of how the program was operating at the time,” said the official, who spoke on the condition of anonymity. The official noted that the agency itself discovered the problem, reported it to the court and to Congress, and worked out new procedures that the court approved.
In making public 14 documents on the Web site of the director of national intelligence,James R. Clapper Jr., the intelligence officials were acting in response to Freedom of Information Act lawsuits and a call from President Obama for greater transparency about intelligence programs. The lawsuits were filed by two advocacy groups, the Electronic Frontier Foundation and the American Civil Liberties Union.
“The documents only begin to uncover the abuses of the huge databases of information the N.S.A. has of innocent Americans’ calling records,” said Mark M. Jaycox, a policy analyst at the Electronic Frontier Foundation. He said the agency’s explanation — that none of its workers fully understood the phone metadata program — showed “how much of a rogue agency the N.S.A. has become.”
Judge Walton’s ruling, originally classified as top secret, did not go that far. But he wrote that the privacy safeguards approved by the court “have been so frequently and systematically violated” that they “never functioned effectively.”
Senator Patrick J. Leahy of Vermont, the chairman of the Senate Judiciary Committee, welcomed the release of the documents, but said that they showed “systemic problems” and that the bulk collection of Americans’ phone records should be stopped.
Intelligence officials have expressed some willingness to adjust the program in response to complaints from Congress and the public, possibly by requiring the phone companies, rather than the N.S.A., to stockpile the call data. But they say that the program remains crucial in detecting terrorist plots and is now being run in line with the court’s rules.
A different intelligence court judge, John D. Bates, rebuked the N.S.A. in 2011 for violations in another program and also complained of a pattern of misrepresentation. The 2011 opinion, which made a reference to the 2009 reprimand, was released by intelligence officials last month.
Since June, Mr. Snowden’s revelations have set off the most extensive public scrutiny of the N.S.A. since its creation in 1952. Last week, based on his documents, The New York Times, ProPublica and The Guardian wrote about the agency’s systematic efforts to defeat privacy protections for Internet communications, including evidence that the agency deliberately weakened an encryption standard adopted nationally and internationally in 2006.
On Tuesday, the National Institute of Standards and Technology, the agency charged with setting federal cybersecurity standards, scrambled to try to restore public confidence, after reports that it had recommended a standard that contained a back door for the N.S.A.
The agency said it would reopen the public vetting process for the standard, used by software developers around the world. “If vulnerabilities are found in these or any other N.I.S.T. standard, we will work with the cryptographic community to address them as quickly as possible,” the agency said in a statement.
The Times reported that as part of the N.S.A.’s efforts, it had worked behind the scenes to push the same standard on the International Organization for Standardization, which counts 163 countries among its members.
The national standards agency denied that it had ever deliberately weakened a cryptographic standard, and it moved to clarify its relationship with the N.S.A. “The National Security Agency participates in the N.I.S.T. cryptography process because of its recognized expertise,” the standards agency said. “N.I.S.T. is also required by statute to consult with the N.S.A.”
Cryptographers said that the revelations last week had eroded their trust in the agency, but that reopening the review process was an important step in rebuilding confidence.
“I know from firsthand communications that a number of people at N.I.S.T. feel betrayed by their colleagues at the N.S.A.,” Matthew D. Green, a cryptography researcher at Johns Hopkins University, said in an interview on Tuesday. “Reopening the standard is the first step in fixing that betrayal and restoring confidence in N.I.S.T.”
Nicole Perlroth contributed reporting.

No comments: