'Tip of the Iceberg': Senators Warn Far More Data May Not Be Safe
Senator to NSA Chief: "What I worry is how far you believe this authority extends."
Members of the Senate Appropriations Committee took the opportunity Wednesday during a previously scheduled hearing to challenge the director of the National Security Agency about the extent of the agency's domestic surveillance, during which it was made clear that what has been revealed thus far is just the "tip of the iceberg."
Responding specifically to questions regarding whether "e-mail contacts" are being "vacuumed" by the Obama administration's clandestine interpretation of the Patriot Act's surveillance powers, NSA Chief Keith Alexander responded, "I don't want to make a mistake" and reveal too much. He added that disclosing such details may cause "our country to lose some sort of protection."
Alexander followed up by saying the topic of e-mail and other metadata surveillance is best discussed in a "classified session" which senators are scheduled to attend Thursday.
The two programs in question, which were revealed last week in a series of breaking stories by the Guardian—which had obtained the information by Edward Snowden, an employee of the contracted security firm Booz Allen—are supposedly distinct and are theoretically justified by different laws.
The first, justified under Section 215 of the Patriot Act, collects the phone records of millions of Americans, but reportedly does not examine at their content. The other, known as PRISM, is justified under Section 702 of the 2008 Fisa Amendments Act and is meant to surveil the online communications of people believed not to be inside the United States.
However, as Alexander explained during yesterday's hearing, it is difficult, in practice, to separate them. "The reality is, they work together," Alexander said.
Senators yesterday were specifically concerned about a top secret court order from the Foreign Intelligence Surveillance Court, disclosed last week by the Guardian, which allows the NSA to obtain daily records of all domestic calls made by Verizon customers and could, under certain interpretations, justify a similar collection of email and IP data.
CNET's Declan McCullagh explains:
The Justice Department obtained that order by claiming it was permitted by Section 215 of the Patriot Act, 50 USC 1861, better known as the "business records" portion. Section 215 allows FBI agents to obtain any "tangible thing," including "books, records, papers, documents, and other items," which some of the Patriot Act's supporters have said was never intended to cover every American's phone call logs. (Section 215 orders are far less privacy-protective, and therefore more legally problematic, than traditional search warrants backed by probable cause and signed by a judge.)
In an unusual move, however, the Justice Department has refused to disclose its secret interpretation of Section 215—despite complaints from multiple senators—that would reveal just how far Patriot Act surveillance has extended.
"What I worry is how far you believe this authority extends," Sen. Johanns said to the NSA director during yesterday's hearing. Alexander replied that Section 215 only covered metadata: "If you want to get the content, you'd have to get a court order."
Under the Justice Department's reasoning, Web browsing logs and e-mail logs "would seem to be a record, and thus potentially subject to a 215 order," says Kurt Opsahl, a senior staff attorney at the Electronic Frontier Foundation.
Alan Butler, appellate advocacy counsel at the Electronic Privacy Information Center in Washington, D.C., agreed by adding that, considering the Justice Department's use of Section 215, they could make the argument that IP address records fall under the same "tangible" classification as phone numbers:
I think that IP address records would likely be treated the same as call records unless they contain "content" (detailed URIs for specific pages might be considered content). So the FBI could theoretically put forth the same broad relevance argument used to justify this Verizon order.
Adding further weight to the suspicion that there is much yet to be revealed about the NSA's dragnet surveillance operation, Rep. Loretta Sanchez (D-Calif.), appearing on C-SPAN's "Washington Journal" Wednesday, said that lawmakers learned "significantly more" about the NSA's spy programs during a Tuesday briefing with counter terrorism officials.
"What we learned in there," Sanchez said, "is significantly more than what is out in the media today." Adding that the information already revealed is just "the tip of the iceberg."
"I think it's just broader than most people even realize," she said, "and I think that's, in one way, what astounded most of us, too."