NSA Appears To Be Chaining Calls Using Phone Numbers One Hop Out As New Originating Selectors

from the making-any-hop-limitations-pointless,-at-least-for-Clapper's-chain-gang dept

In that same motion it implemented the change in standard dragnet language that has been retained in these more recent dragnet orders: the NSA is chaining on “connections” as well as actual calls.



14 The first “hop” from a seed returns results including all identifiers (and their associated metadata) with a contact and/or connection with the seed. The second “hop” returns results that include all identifiers (and their associated metadata) with a contact and/or connection with an identifier revealed by the first “hop.

Queries of the BR metadata using RAS-approved selection terms for purposes of obtaining foreign intelligence information may occur by manual analyst query only.

Whether Administration witnesses were being deliberately deceitful when testifying about call-based chaining (“not wittingly!”) or the NSA only recently resumed doing connection based chaining manually, having given up on doing it automatically, one thing is clear. The NSA has been doing connection based chaining since at least February, and very few people in Congress know what that means. Nevertheless, they’re about to authorize that formally.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

The ODNI's first transparency report put a lot of not very reassuring numbers on display, misusing the word "target" to give the impression that Section 702's ~90,000 targets were actually limited to 90,000 people, rather than, say, several thousand collection points gathering data and communications from severalunspecified targets.The ODNI also claimed it couldn't offer specifics on the number of people targeted by the 19,000+ NSLs issued last year, even while pointing to letters sent to Intelligence Committees and members of the administration that attempted to do exactly that. A caveat was appended to the 2013 letters, noting that the FBI's NSL target estimates were probably inflated due to the NSL's limitations and targeting specifications.But there are further statistical "anomalies" hidden within the transparency report. The section detailing the business records program (aka, Section 501 [formerly Section 215]) listed a small number of targets as well, something entirely at odds with the NSA/FBI's demands forphone record from certain providers. While there are only a certain number of RAS (reasonable articulable suspicion) approved selectors that can be used by the NSA to search the bulk records, there's apparently a workaround that allows analysts to access many more records within the database.Marcy Wheeler of emptywheel spotted some wording in the two most recent FISA court orders (released late Friday afternoon) that confirms the agency is using numbers one hop out from the RAS-approved numbers as additional selectors , triggering even more contact chaining.If it's any consolation, this new chains-upon-chains method apparently can't be performed automatically, most likely due to these automated searches not complying with FISA court limitations (rather than a lack of computing ability). The most recent bulk records orders note that these searches will now always be performed manually.As Wheeler notes, this wording may also indicate the agency's anticipation of bulk records being maintained and held by service providers, thus further limiting its splashing around in the collected metadata. But it does indicate that the recently-imposed "hop" limitation is nearly useless. Rather than simply searching one hop out from the RAS selector, the agency is having its analysts build contract chains starting from that hop and moving outward. This puts the agency right back where it was prior to the minimal restrictions placed on it by the administration's reform measures.It's not a strictly legal move, no matter if it's automated or not. Feinstein's fake reform measures would have codified this quasi-legal procedure, as Wheeler points out. Denials offered by NSA officials may have had a slight ring of truth, especially if the automated system wasn't capable of meeting FISC stipulations, but it appears to be all systems go at this point.What the NSA buries in half-truths, carefully-worded denials and artful retractions always has the chance to become legally sanctioned by efforts like Feinstein's, which seek to codify the NSA's programs and instantly whitewash any past brushes with illegality. The NSA plays to edges of the letter of the law and disregards the spirit. Even its past excesses and deliberate misuse of its powers have failed to keep it down for long. At worst, it's back to its 2008 form, dealing with the same sort of limitations FISC Judge Walton imposed on it after uncovering years of abuse . But it has more contacts to chain than it did previously, thanks to its manual search method, even with reform efforts taking away one of its hops.

Filed Under: chaining. phone numbers, nsa, selectors, surveillance