Surveillance

NSA document details foreign intel databases

NSA headquarters

The National Security Agency says it is not targeting people inside the United States for surveillance through its efforts to collect foreign intelligence, according to an unclassified report explaining how NSA implements its authorities under Section 702 of the Foreign Intelligence Surveillance Act.

However, information on citizens and residents becomes part of NSA's collections under Section 702, leading to questions about whether the agency uses its foreign intelligence authority to conduct warrantless, "backdoor" surveillance on U.S citizens.

The new document tracks closely with the testimony by top intelligence community lawyers at a March meeting of the Privacy and Civil Liberties Oversight Board, at whose request the unclassified NSA report was prepared. But it leaves many key questions unanswered, and the language is vague at times.

In the document, NSA delves into some details about how it collects, stores and accesses data collected under two of the programs revealed by former intelligence contractor Edward Snowden. It offers a look at how NSA analysts access data on the agency's systems, how analysts are trained to use the systems and the procedures in place to comply with privacy restrictions in the FISA statute.

Communications supplied to NSA by Internet companies are stored across "multiple NSA systems and data repositories." Although there isn't much in the way of specifics, the report indicates that one system might contain the content of communications -- such as text, audio and video -- while another system might store only the metadata associated with those communications -- such as the header information on an email message with to, from, subject and date information.

Under the program known as Prism, the FBI makes requests on behalf of NSA using "selectors" for individuals, such as phone number, email address and other identifiers. Companies are required to turn over communications to or from such selectors to NSA. The Upstream program, which intercepts communications from the Internet backbone rather than individual companies, can target selectors sending and receiving communications, as well as communications that reference or are about targeted selectors.

Under certain circumstances, NSA analysts are permitted to query databases using the email addresses, phone numbers and other identifiers of U.S. citizens and legal residents. That practice has been especially controversial because the section of intelligence law on domestic surveillance requires the order of a secret court to spy on U.S. citizens and those legally residing in the United States.

NSA claims that such queries must either be "reasonably likely to return foreign intelligence information" or be linked to an "imminent threat to life." As a practical matter, NSA analysts have more often queried metadata than the contents of communications. To go after content requires additional layers of approval. Furthermore, NSA may not query data collected under the broad Upstream program for citizen or resident identifiers. It's not clear from the document whether other agencies with domestic authorities could access information on citizens or residents under certain circumstances.

Finally, the report offers a look at what happens to "unevaluated" communications that are stored in NSA systems.

Upstream collections are retained for a maximum of two years, while the Prism collections are stored for up to five years. The report explains that information on U.S. citizens and residents may be destroyed if it's not relevant to NSA's purpose and includes no evidence of a crime. There are also provisions for destroying communications collected on selectors when they are determined to be inside the United States.

About the Author

Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy and the Department of Veterans Affairs. Prior to joining FCW, Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, New York Press, Architect Magazine and other publications.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.


Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.