The NSA Spying Program No One Is Talking About

Just about all of you are familiar with what the administration (and the traditional media) calls the “Terrorist Surveillance Program” (TSP).  It was the subject of the February 6 hearings involving Alberto Gonzales, wherein the administration bypasses FISA requirements to obtain a warrant to listen to international-domestic phone calls where one end of the conversation was an American citizen.

I refer to this as “Domestic Spying Plan One” or DSP1.  A mountain of excellent blog posts have been written about this so I won’t rehash it.  Instead I’d like to tell you about Domestic Spying Plan 2 (DSP2), of which almost nothing has been written even though the proof of it is readily available.
The fact that DSP2 has not been addressed surprises me since it has been referenced many times by both blogs as well as the traditional media.  Perhaps this is because nobody has categorized it as such, I’m not sure.

Unlike DSP1, the DSP2 is not technologically advanced in nature at all.  And to understand DSP2, you need to know what “minimization procedures” are.  That’s a phrase of two ordinary words but it doesn’t necessarily make sense.

There are roughly 15 intelligence agencies in the United States (see my entire list and description of each here) that collect data (intelligence) in a variety of manners.  Each of these intelligence agencies have procedures, or rules, about who can view this material, what material can be collected, what material must be destroyed, and with whom this material can be shared.  These rules are collectively known as the “minimization procedures”.

To give you an idea of the context of minimization procedures, in 2002 the Justice Department (when Ashcroft was A-G) asked the Foreign Intelligence Surveillance Court (FISC) to conduct a review of a warrant they had denied.  The FISC had never once convened a review since the FISA law was passed in 1978.  The warrant was originally denied because the Justice Department wanted to use the information gathered in that warrant for use in the criminal prosecution of the target of the surveillance.

The FISC had originally stated that all FISA warrants must be for the primary purpose of conducting surveillance for counter-intelligence operations.  However the FISC review court ruled that in the future, the Department of Justice could seek warrants for the primary purpose of (domestic) criminal prosecution and that information gathered from a FISA warrant could be shared with domestic law enforcement agencies, including the FBI.

Simply put, intelligence previously gathered from a FISA warrant to conduct surveillance could not be shared with certain other branches of the government.  This was a result of the “minimization procedures” of the FISA law and the 2002 decision modified that.  Got it so far?

The FISA law is quite lengthy (read it here) but § 1802 states that the Attorney General may authorize electronic surveillance without a court order (FISC warrant) if A) the subject of the surveillance is purely foreign, B) it’s not likely that the surveillance will not involve an American and C) the minimization procedures are met.

The term “minimization procedures” is defined in the FISA law:

“Minimization procedures”, with respect to electronic surveillance, means–

(1) specific procedures, which shall be adopted by the Attorney General, that are reasonably designed in light of the purpose and technique of the particular surveillance, to minimize the acquisition and retention, and prohibit the dissemination, of nonpublicly available information concerning unconsenting United States persons consistent with the need of the United States to obtain, produce, and disseminate foreign intelligence information;

(2) procedures that require that nonpublicly available information, which is not foreign intelligence information, as defined in subsection (e)(1) of this section, shall not be disseminated in a manner that identifies any United States person, without such person’s consent, unless such person’s identity is necessary to understand foreign intelligence information or assess its importance;

(3) notwithstanding paragraphs (1) and (2), procedures that allow for the retention and dissemination of information that is evidence of a crime which has been, is being, or is about to be committed and that is to be retained or disseminated for law enforcement purposes; and

(4) notwithstanding paragraphs (1), (2), and (3), with respect to any electronic surveillance approved pursuant to section 1802 (a) of this title, procedures that require that no contents of any communication to which a United States person is a party shall be disclosed, disseminated, or used for any purpose or retained for longer than 72 hours unless a court order under section 1805 of this title is obtained or unless the Attorney General determines that the information indicates a threat of death or serious bodily harm to any person.

That’s a lot of legalese but essentially it states that the Attorney General will write a list of procedures which will make sure that information concerning unconsenting Americans is neither acquired, retained (kept) or disseminated (shared).

Now why is this so important?  Because the NSA and other intelligence agencies are going to come across information during their operation that does concern Americans.  When you’re using high-powered computers and other technology to monitor and analyze millions of phone calls, you’re going to come acquire some data (intelligence) involving Americans.

The entire purpose of the minimization procedures is to make sure that information about Americans is neither kept nor shared with other people or agencies of the government.

There is a legal distinction between “collecting” and “receiving” intelligence.  The NSA using its advanced computers may come across and record information about Americans.  This is the “collection” phase.  The purpose of the minimization procedures however is to keep that information from being used, which means stored, analyzed or shared with other agencies.  I’m bringing this up because it’s perfectly legal (under FISA and other laws) to collect intel about Americans, it’s the use of it which is illegal.  You can read more about this here.

Prior to the Bush administration, the minimization procedures followed the law and intelligence collected about Americans was destroyed per the minimization procedures.  The substance of DSP2 however is that these minimization procedures were changed.  This means that information previously collected but destroyed is now being kept and shared.

FISA is not the only law that governs intelligence collection.  The other two relevant laws or rules come from Executive Order 12333 (signed by Reagan in 1981) and Department of Defense regulation 240.1-R, both of which refer to minimization procedures established by the Attorney General.

When Alberto Gonzales was testifying in front of the Judiciary Committee on February 6, 2006, he was asked about the minimization procedures by Senator Biden:

BIDEN: By definition, you’ve acknowledged that these minimization — the very minimization programs that exist under FISA, you’re not bound by. You’ve acknowledged that you’re not bound by FISA under this program.

Therefore, are you telling me the minimization programs that exist under FISA, as the way FISA is applied, are adhered to?

GONZALES: OK, I’m sorry if I was confusing in my response.

What I was meaning to say is that there are minimization requirements. Those minimization requirements are basically consistent with the minimization requirements that exist with respect to FISA if FISA were to apply.

BIDEN: Would it be in any way compromising the program if you made available to the Intelligence Committee what those minimization procedures that are being followed are?

GONZALES: Well, of course, the minimization procedures themselves, under 12333, and I believe perhaps under the FISA Court, are classified. I also believe they probably have been shared with the Intel Committee.

BIDEN: They have not, to the best of my knowledge. They have not been shared with the Intelligence Committee to the best of my knowledge, unless you’re talking about this very small group of the chairman and the ranking member.

GONZALES: Sir, I’m talking about the minimization procedures for 12333 and for FISA.

BIDEN: Let me very precise.

GONZALES: OK.

BIDEN: I have not heard of NSA saying to the Intelligence Committee, “We are binding ourselves as we engage in this activity under the minimization procedures of 12333, as well as other statutes.” I’m unaware that that’s written down or stated anywhere or been presented to the Intelligence Committee. Can you assure us that has been done?

GONZALES: No, sir, I can’t assure you that.

Let me say this again.  The intelligence agencies, including the NSA, can legally collect information (intelligence) about Americans (when the Americans are not the intended target of surveillance) without a court order (warrant).  It is the minimization procedures which used to order this information destroyed and not shared with anyone.   Gonzales here seems to be clearly admitting that new minimization procedures have been written.

Who can see these minimization procedures? Not you or I, that’s for sure.  It seems doubtful that anyone beyond the “Group of 8” Representatives and Senators have been briefed on them.  And modifying them does not require any new legislation at all.  The laws and regulations in place just provide for the Attorney General to write procedures to decide what gets kept and shared and what doesn’t.

On January 23, 2006, the former director of the NSA (and currently deputy director of the DNI) General Michael Hayden gave a speech to the National Press Club.  In that speech he hinted at the fact that minimization procedures had been re-written (DSP2):

What is it that NSA does routinely? Where we set the threshold, for example, for what constitutes inherent foreign intelligence value? That’s what we’re directed to collect. That’s what we’re required to limit ourselves to — inherent foreign intelligence value. Where we set that threshold, for example, in reports involving a U.S. person shapes how we do our job, shapes how we collect, shapes how we report. The American SIGINT system, in the normal course of foreign intelligence activities, inevitably captures this kind of information, information to, from or about what we call a U.S. person. And by the way, “U.S. person” routinely includes anyone in the United States, citizen or not.

Actually, it only forbids collection of information on U.S. persons which are defined in the FISA law as either an American citizen or someone who is a legal permanent resident.  Tourists, exchange students and illegal aliens (such as ALL of the 9/11 hijackers) are not covered.

Inherent foreign intelligence value is one of the metrics we must use. Let me repeat that: Inherent foreign intelligence value is one of the metrics we must use to ensure that we conform to the Fourth Amendment’s reasonable standard when it comes to protecting the privacy of these kinds of people. If the U.S. person information isn’t relevant, the data is suppressed. It’s a technical term we use; we call it “minimized.” The individual is not even mentioned. Or if he or she is, he or she is referred to as “U.S. Person Number One” or “U.S. Person Number Two.” Now, inherent intelligence value. If the U.S. person is actually the named terrorist, well, that could be a different matter. The standard by which we decided that, the standard of what was relevant and valuable, and therefore, what was reasonable, would understandably change, I think, as smoke billowed from two American cities and a Pennsylvania farm field. And we acted accordingly.

Look, this is not unlike things that happened in other areas. Prior to September 11th, airline passengers were screened in one way. After September 11th, we changed how we screen passengers. In the same way, okay, although prior to September 11th certain communications weren’t considered valuable intelligence, it became immediately clear after September 11th that intercepting and reporting these same communications were in fact critical to defending the homeland. Now let me make this point. These decisions were easily within my authorities as the director of NSA under and executive order; known as Executive Order 12333, that was signed in 1981, an executive order that has governed NSA for nearly a quarter century.

In other words, previously destroyed data was now being kept and shared.  He’s just tacitly admitted that different minimization procedures were used, just as different “passenger screening” procedures were used.  However what Hayden does not specifically state is that these can only be modified by the Attorney General.

Now, let me summarize. In the days after 9/11, NSA was using its authorities and its judgment to appropriately respond to the most catastrophic attack on the homeland in the history of the nation. That shouldn’t be a headline, but as near as I can tell, these actions on my part have created some of the noise in recent press coverage. Let me be clear on this point — except that they involved NSA, these programs were not related — these programs were not related — to the authorization that the president has recently spoken about. Back then, September 2001, I asked to update the Congress on what NSA had been doing, and I briefed the entire House Intelligence Committee on the 1st of October on what we had done under our previously existing authorities.

Now, as another part of our adjustment, we also turned on the spigot of NSA reporting to FBI in, frankly, an unprecedented way. We found that we were giving them too much data in too raw form.

Got it?  Disseminating raw data to the FBI.  Hayden is clearly stating that previously unshared information was given to the FBI, and that information was intelligence gathered on Americans.

Hayden even admits that this is unrelated to DSP1, the story the press and blogs have been focused on since December 2005.

The change in minimization procedures was also referenced in Bob Woodward’s book Plan of Attack.  From here:

“If, in the course of surveillance, NSA analysts learn that it involves a US citizen or company, they are dumping that information right then and there,” an unnamed official told the Boston Globe in a story published October 27, 2001.

But after Bush was sworn in as president, the way the NSA normally handled those issues started to change dramatically. Vice President Cheney, as Bob Woodward noted in his book Plan of Attack, was tapped by Bush in the summer of 2001 to be more of a presence at intelligence agencies, including the CIA and NSA.

“Given Cheney’s background on national security going back to the Ford years, his time on the House Intelligence Committee, and as secretary of defense, Bush said at the top of his list of things he wanted Cheney to do was intelligence,” Woodward wrote in his book about the buildup to the Iraq war. “In the first months of the new administration, Cheney made the rounds of the intelligence agencies — the CIA, the National Security Agency, which intercepted communications, and the Pentagon’s Defense Intelligence Agency. “

It was then that the NSA started receiving numerous requests from Cheney and other officials in the State and Defense departments to reveal the identities of the Americans blacked out or deleted from intelligence reports, so administration officials could better understand the context of the intelligence.

That “raw” and previously deleted information was not only sent to the FBI and Cheney’s office, but to all the other intelligence agencies in the United States as well.  As the Washington Post stated on February 15, there is now a database of some 325,000 names of people “suspected” of having ties to terrorism.  You can be sure that many of those names entered that database as a result of DSP2.

And now you know about DSP2, the second in a long list of the administration’s programs to spy on the American people in the name of the “war on terror”.

This is cross-posted from Flogging the Simian

Peace

Author: soj

If you don't know who I am, you should :)