Networks provide NSA less data than suspected, report shows
WASHINGTON — A newly declassified report by the National Security Agency’s inspector general suggests that the government is receiving far less data from Americans’ international Internet communications than privacy advocates have long sus- pected.
The report indicates that when the NSA conducts Internet surveillance under the FISA Amendments Act, companies that operate the Internet are probably turning over only the emails of the NSA’s foreign targets — not all of the data crossing their switches, as the critics had presumed.
The theory that the gov- ernment is rooting through vast amounts of data for its targets’ messages has been at the heart of several lawsuits challenging such surveillance as violating the Fourth Amendment.
The report, obtained by the New York Times through a Freedom of Information Act lawsuit, was classified when completed in 2015, and it still contains many redactions.
But several uncensored sentences appear to indicate that the government supplies its foreign targets’ “selectors” — like email addresses — to the network companies that operate the Internet, and the companies sift through the raw data for any messages containing them, turning over only those.
The distinction is impor- tant for evaluating crucial constitutional issues raised by how to apply Fourth Amendment privacy rights to new communications and surveillance technologies. Government secrecy about Internet wiretapping has prevented judges from adjudicating the issues in open court.
Patrick Toomey, an American Civil Liberties Union lawyer who is helping lead one of several lawsuits challenging the NSA’s Internet surveillance, argued that even if the companies were sifting the data themselves, the constitutional issues were the same if the companies were doing something they would not otherwise do at the government’s direction.
“The equivalent would be if AT&T were compelled to put every phone call through a voice transcription and then give to the government” copies of only those calls that were linked to a suspect, Toomey said. “We would find that disturbing, not just because it could be abused, but because it involves the phone company listening to every phone call.”
The network companies that operate the Internet, like AT&T and Verizon, do not publicly discuss how the surveillance system works, and the government declined to comment about the newly disclosed report.
Congress commissioned the inspector general report after the leaks about surveillance by former intelligence contractor Edward Snowden. A central focus was the FISA Amend- ments Act program, which permits warrantless collection of communications on U.S. soil so long as the target is a noncitizen abroad .
One part of the program, called Upstream, involves the collection of emails and other Internet messages as they cross network switches.
The report discusses how network providers are legally compelled to give the NSA communications “related to tasked selectors.”
A senior administration official, speaking on the condition of anonymity, said there had been no official policy decision, as part of disclosing the inspector general report, to say more about how Upstream collection works than what the government had said previously.