Evaluating the NSA's Telephony Metadata Program
Interesting analysis: “Examining the Anomalies, Explaining the Value: Should the USA FREEDOM Act’s Metadata Program be Extended?” by Susan Landau and Asaf Lubin.
Abstract: The telephony metadata program which was authorized under Section 215 of the PATRIOT Act, remains one of the most controversial programs launched by the U.S. Intelligence Community (IC) in the wake of the 9/11 attacks. Under the program major U.S. carriers were ordered to provide NSA with daily Call Detail Records (CDRs) for all communications to, from, or within the United States. The Snowden disclosures and the public controversy that followed led Congress in 2015 to end bulk collection and amend the CDR authorities with the adoption of the USA FREEDOM Act (UFA).
For a time, the new program seemed to be functioning well. Nonetheless, three issues emerged around the program. The first concern was over high numbers: in both 2016 and 2017, the Foreign Intelligence Surveillance Court issued 40 orders for collection, but the NSA collected hundreds of millions of CDRs, and the agency provided little clarification for the high numbers. The second emerged in June 2018 when the NSA announced the purging of three years’ worth of CDR records for “technical irregularities.” Finally, in March 2019 it was reported that the NSA had decided to completely abandon the program and not seek its renewal as it is due to sunset in late 2019.
This paper sheds significant light on all three of these concerns. First, we carefully analyze the numbers, showing how forty orders might lead to the collection of several million CDRs, thus offering a model to assist in understanding Intelligence Community transparency reporting across its surveillance programs. Second, we show how the architecture of modern telephone communications might cause collection errors that fit the reported reasons for the 2018 purge. Finally, we show how changes in the terrorist threat environment as well as in the technology and communication methods they employ in particular the deployment of asynchronous encrypted IP-based communications has made the telephony metadata program far less beneficial over time. We further provide policy recommendations for Congress to increase effective intelligence oversight.
Clive Robinson • August 12, 2019 6:43 AM
Hmm,
Finally, in March 2019 it was reported that the NSA had decided to completely abandon the program and not seek its renewal as it is due to sunset in late 2019.
This could mean that they now have better ways to get around the restrictions, not that phone metadata is any less valuable than it once was.
Whilst “terrorists” might have changed methods due to,
changes in the terrorist threat environment as well as in the technology and communication methods they employ in particular the deployment of asynchronous encrypted IP-based communications
Foreign Terrorists are not as far as the US Gov entities are concerned not realy the threat anyway. Some of the newer “domestic terrorists” that are set to commit 350-400 mass shootings this year are however. But even thay pale into insignificance numbers wise when you consider crimes involving drugs and other serious organized crime. Whilst not strictly “NSA turf” I find it hard to believe that such capabilities will just be dropped.
That is whilst it may have
made the telephony metadata program far less beneficial over time.
True for one entity that is far from true for other entities.
Thus I guess the question arises,
If not NSA, then who?
But as always at the root of things are “humans” and they are not just capricious they also evolve in their environment… The fact terrorists are not using telephones as much currently does in no way mean they will not be using them again tommorow as their technical environment changes.