Thanks to resistance from Senator Rand Paul and other members of the Senate, the provisions of the USA Patriot Act that were used to justify the National Security Administration's broad collection of phone call metadata have expired. The Senate leadership is now scrambling to pass legislation that will restore some of these provisions, though the phone metadata provision—Section 215 of the Patriot Act—will likely not be renewed as it stood prior to its expiration.

So what does that do to the NSA's surveillance capabilities from a technical standpoint? All it really does is change where phone records are retained—they're back at the telephone carriers. It may create some technical and administrative hurdles to gain access to records, but those are hurdles the NSA has likely already addressed.

Section 215 changed aspects of the Foreign Intelligence Surveillance Act to allow requests through the Foreign Intelligence Surveillance Court for secret warrants that would grant access to "certain business records" by the FBI—including individuals' library and medical records, book sales records, educational records, and other "tangible things" related to interactions with businesses and public institutions. The NSA's bulk collection of phone records was justified under this provision—the request was made jointly with the FBI, and the phone companies who were served with the warrants were compelled to provide the data directly to the NSA. Because of their secrecy, these warrants compelled those served with them not to reveal that they had turned over data.

In brief, here's what the NSA has done in the past with that bulk phone metadata:

The phone records provided by AT&T (formerly the companies AT&T, SBC, and BellSouth) and Verizon have been pulled into Mainway, the NSA's five-year cache of phone metadata. This data can be mined by analysts with approval from one of a small number of NSA officials, according to the NSA's "fact sheet" on Section 215.

Mainway data is also processed, according to documents leaked by Edward Snowden, by XKeyscore, the distributed data analysis system the NSA built to process "signals intelligence." Anything from new Mainway data that matches identifiers selected by XKeyscore's filters gets merged with other collected intelligence and becomes accessible by NSA analysts.

Data in Mainway can also be analyzed with "graph" database tools to identify relationships between phone numbers based on common connections, producing lists of numbers within three "hops" of a person or organization of interest; the identifiers for those numbers can then be added to XKeyscore for further targeting.

So what happens if the NSA can no longer perform bulk collection? Depending on what the final wording of any legislation regarding Section 215 rules is, the NSA would have to make provisions to access the data from the telecom carriers' own records rather than getting the data in bulk. The USA Freedom Act, in the form it was passed by the House of Representatives, would put the phone companies in charge of retaining call data—and allow the NSA to query that data where it rests.

According to a letter sent by NSA Director Admiral Mike Rogers to Senators Mitch McConnell (R-Ky.) and Harry Reid (D-Nev.), shifting to "a query at the provider model is achievable within 180 days, with provider cooperation. We base this judgment on the analysis that we have undertaken on how to make this model work. Upon passage of the law, we will work with the companies that are expected to be subject to Orders under the law by providing them technical details, guidance and compensation to create a fully operational query at the provider model. We are aware of no technical or security reasons why this cannot be tested and brought on line within the 180-day period [specified by the USA Freedom Act]."

The NSA is very familiar with distributed query models that would be required for the new approach to work—they're at the core of XKeyscore. It's likely that much of the technical infrastructure required to make the change is already in place, as the billions of phone records currently collected by the NSA are almost certainly remotely gathered from the telco providers' call records already. If anything, it might actually help reduce the demands on the NSA's network connections to telco providers.

XKeyscore currently provides a "federated search" capability that can query its data stores around the world for information related to a specific identifier. It can also perform continuous distributed queries against data streams, identifying items that match a specific pattern. Applied to phone metadata on-site at telco providers, this sort of technology could watch for patterns in call data that indicate, for example, if a person of interest had changed phone numbers based on a shift in calls to numbers previously connected to that individual.

Mainway doesn't go away if bulk metadata is no longer collected. That's because it will likely still be used to store data pulled by remote query, as well as call information from VOIP phone services obtained through Prism requests and passive network surveillance.

So if USA Freedom Act is passed, even unaltered, by the Senate, it will change just one thing: where phone records are stored. The phone companies already retain records of calls for periods that often exceed the NSA's five-year limit for other regulatory and business reasons, so the NSA could potentially have access to an even deeper collection of data. The NSA would be able to "task" certain record identifiers and the numbers associated with them on the provider's side and still get near-realtime information about calls of interest.

It's unlikely that some form of the Section 215 provisions will not be passed by Congress, either as provided for in the USA Freedom Act or through amended versions of the bill. The main question that remains is how much oversight Congress will mandate for continued operation of telephone metadata surveillance. If the only real changes are to where the data is stored, metadata queries will still potentially be open to abuses such as those already documented by the NSA—querying phone metadata of girlfriends and ex-girlfriends, boyfriends and wives, and other random individuals.

In other words, the technical substance of NSA phone record surveillance may change, but the capabilities will not.