NSA: Three Hops and You're Out
Revelations that the government's ability to access American citizens’ phone records without probable cause is much broader than previously contemplated got Congress' attention last week, drawing rebukes and warnings from both sides of the aisle.
The startling new insight came from NSA Deputy Director John Inglis, who testified before the House Judiciary Committee that the FISA court "has approved us to go out two or three hops." As described by the Washington Post, "When analysts think they have cause to suspect an individual, they will look at everyone that person has contacted, called the first hop away from the target. Then, in a series of exponential ripples, they look at everyone all those secondary people communicated with. And from that pool, they look at everyone those tertiary people contacted. This is called a second and a third hop."
How intrusive is this? It's not really clear.
One the face of it, it's pretty astounding. As AP's Pete Yost points out, "If the average person calls 40 unique people, three-hop analysis could allow the government to mine the records of 2.5 million Americans when investigating one suspected terrorist." Rep. John Conyers (D-MI) called the program "outrageous" and Rep. Zoe Lofgren (D-CA) proclaimed that "this program has gone off the tracks legally and needs to be reined in." Rep. Ted Deutch (D-FL) declared that “Intelligence officers, contractors, and personnel only need a rubber-stamp warrant from the FISA court to then learn virtually everything there is to know about an American citizen."
But intelligence-community officials rightly point out that the FISA Court, which is comprised of regular federal judges confirmed by the Senate and hand selected by the Chief Justice, approved this program under guidelines set out by Congress. But Rep. James Sensenbrenner (R-WI), the key House sponsor of the USA Patriot Act, argues that Congress' intent was only to authorize specific searches, not such blanket collection. He warned that Congress might not renew "Section 215" authority if the executive doesn't "change how they operate."
Deputy Attorney General James M. Cole was the latest to assure us that the collected information does “not include names or other personal identifying information” and does not include the content of any phone calls. He also reminded Congress that the records are not protected by the Fourth Amendment, even in ordinary law-enforcement operations, under a string of judicial rulings.
Additionally, the intelligence community insists that there's a vast difference between simply collecting information and accessing it. Indeed, they point out that they're legally prohibited from intentionally accessing the records of domestic calls made by US citizens.
NSA agents almost certainly aren't snooping willy-nilly through our metadata. The point of collection is to achieve a permanent archive of the information (the phone companies only keep it five years) to aid in investigations once a terrorist suspect has been identified. While the content of the calls isn't known, the metadata would allow investigators to trace the suspect's network over time. As Cole put it, "If you are looking for the needle in a haystack, you have to have the haystack.''
The problem, of course, is that the very existence of the database creates the opportunity for abuse. Has it been abused? Not that we know of. Then again, we didn't know about the program itself until its details were revealed illegally by a man now hiding out in Russia.
Nor do we have any real way of knowing what it is that we've gained in return for the additional risk. How many terrorists have been caught and how many potentially deadly plots have been thwarted as a result of this intrusive collection? Well, that's classified.
James Joyner is managing editor of the Atlantic Council.
Image: Flickr/Mike Herbst. CC BY-SA 2.0.