How The Latest NSA Surveillance Story Is Different From the Last One:
Some blogs are suggesting the latest NSA domestic surveillance story is old news, and that the MSM is just pretending that this is a new story. See, e.g., Newsbusters, which is dedicated to "exposing and combating liberal media bias." I think a bit of clarification might be helpful here.
As I see it, this story is really new, and is pretty different from the earlier NSA domestic surveillance stories from December and January. The earlier stories involved governmental tapping of telephone calls and e-mails when one party was outside the United States. That is, they involved the NSA recording the telephone calls and e-mails of people inside the United States from switches inside the United States when the other participant was outside the United States. Further, it seems that the government sharply limited that monitoring to a few hundred or a few thousand people, and only tapped calls when it had something like probable cause.
Today's story is different. As best I can tell, it involves telephone companies disclosing account records of how their domestic customers were using their phones. In other words, the phone companies were disclosing lists of numbers dialed for domestic telephone subscribers to the NSA, rather than letting the NSA install switches and listen in on international calls. Further, they were doing this on a much larger scale: the disclosures were not pursuant to probable cause or reasonable suspicion. We don't know all the facts yet, but this looks new to me: It's non-content instead of content, broad scale instead of narrow, stored instead of real-time, provider disclosure instead of government tapping, and domestic accounts instead of intercepting traffic with at least one party overseas.
As I see it, this story is really new, and is pretty different from the earlier NSA domestic surveillance stories from December and January. The earlier stories involved governmental tapping of telephone calls and e-mails when one party was outside the United States. That is, they involved the NSA recording the telephone calls and e-mails of people inside the United States from switches inside the United States when the other participant was outside the United States. Further, it seems that the government sharply limited that monitoring to a few hundred or a few thousand people, and only tapped calls when it had something like probable cause.
Today's story is different. As best I can tell, it involves telephone companies disclosing account records of how their domestic customers were using their phones. In other words, the phone companies were disclosing lists of numbers dialed for domestic telephone subscribers to the NSA, rather than letting the NSA install switches and listen in on international calls. Further, they were doing this on a much larger scale: the disclosures were not pursuant to probable cause or reasonable suspicion. We don't know all the facts yet, but this looks new to me: It's non-content instead of content, broad scale instead of narrow, stored instead of real-time, provider disclosure instead of government tapping, and domestic accounts instead of intercepting traffic with at least one party overseas.
Google around a bit and you'll find companies that offer cell phone records from pretty much all the major wireless providers.
It sounds to me like the Government was doing pretty much the same thing.
I find it deeply troubling on a pure commercial privacy rights grounds that this information is made available to anyone. There are reasons for concern even if you are not a privacy freak: for example, do we want criminal organizations to be able to obtain cell phone records regarding an undercover law enforcement officer's calls?
Needless to say, there are even more reasons to be concerned when a government is doing the snooping.
http://www.msnbc.msn.com/id/11256418/from/RL.1/
Interestingly, law enforcement agencies have purchased these records through those unscrupulous providers.
It appears that in this case, the feds simply cut out the middleman.
Border security and illegal immigration are issues that have much more effect on Americans.
Accessing another person's phone records by misrepresenting your identity is felony wire fraud. It was done, yes, but it was also illegal.
Who calls whom,
In what order,
It tells you among other things:
- who gives the orders,
- who is in the same related groups
- clues on whether an operation is planned or underway
Both state and federal laws protect the privacy of this information, but this situation raises the question of whether I should have some right to veto any release of this information (which I view as "mine"), or whether the phone company can release it, at least in some circumstances, without my knowledge or consent.
Many consumer privacy measures these days fall in this gray area. What right does my bank or credit card company have to use my information for its own commercial purposes? What uses may my HMO make of my medical information without obtaining my consent?
Full disclosure: I work for a California state Senator who is Joint Author of a bill, SB 202, which specifically makes a phone company's release of this kind of calling record a crime if it is released to anyone other than the customer. Little did we guess that the biggest violator of this principle would be our federal government.
However, I think that the reporting back in December probably DID mix up the two programs, such that there was some reporting on the domestic, non-content-related program then. For example, take this excerpt from 12/24/05 NYTimes:
Now, that was in an article purportedly on the international, content-related NSA program. But is that correct? Seems to me some or all of it might relate to the domestic, non-content related program "revealed" today in USAT.
As AS mentioned in the last comment, this program (collection of phone company records and data mining for terrorist patterns) was discussed in the Times stories in December of 2005. That's where the "old news" claims comes from.
If this info is what I think it is (what other numbers called a specific number, when, &how long), the phone companies release it all the time - via subpoenas by lawyers. And I doubt they inform the party "owning" the phone number.
Here, there is no such probable cause, and, in fact, the NSA has told at least one company, Qwest, that it doesn't think it needs to have probable cause.
That's why the ownership question comes up so pointedly here. If the information is not mine, or more the company's than mine, then they have the right to use it however they wish without my consent. I don't think most people would view the ownership question in such stark terms, but in this case it does appear that both the government and the phone companies have -- my interest in this information (which is, in fact, considered private as to me in federal and state law) is negligible. I don't think very many people would agree with this view of the information about their calling records.
I don't remember any privacy policy when I signed up for telephone service. I guess I just expected there to be one (though you do have to pay extra for an unlisted/unpublished number).
It rather reminds me of a reverse situation a few years ago when state Motor Vehicle Departments got in trouble for selling driver's license information to whomever chose to pay for it.
What source or report leads you to conclude that the previously reported NSA program "only tapped calls when it had something like probable cause"? In this context, how does "something like probable cause" differ from actual "probable cause"?
The bottom line: The phone companies apparently gave NSA access to their switches and call logs, and, using this data, NSA "looked for patterns, and then wrote algorithms to detect them as they went along, tweaking the algorithms as needed." When these counter-terrorism algorithims find a match in call data that analysts recognize as signs of a plot, NSA moves forward and collects the content of the communication--often, as we've learned, without a warrant.
So the leaks we've heard appear to be part and parcel of a massive data mining program that NSA has implemented to help intelligence analysts identify communications that should be intercepted. Which may have helped prevent, I'd add, any domestic terrorism in this country for nearly five years.
Again, please read the NJ article.
Possible reasons
1. Someone has a book coming out about it?
2. This year ends with an even number.
Also, I'd like some smarter people managing these programs.
As I read your US code text, it seems to me that the relevant part is:
(3) Aggregate customer information
A telecommunications carrier that receives or obtains customer proprietary network information by virtue of its provision of a telecommunications service may use, disclose, or permit access to aggregate customer information other than for the purposes described in paragraph (1). A local exchange carrier may use, disclose, or permit access to aggregate customer information other than for purposes described in paragraph (1) only if it provides such aggregate information to other carriers or persons on reasonable and nondiscriminatory terms and conditions upon reasonable request therefor.
(h) Definitions
(2) Aggregate information
The term “aggregate customer information” means collective data that relates to a group or category of services or customers, from which individual customer identities and characteristics have been removed.
As I read it, NSA can request and get aggregate data, for example a file string like:
Calling number, start date/time, called number, end date/time
No warrant or notice needed. Elsewhere, NSA can buy a revsrse directory file and match back in names and addresses.
simple and seems to me to be legal.
That was a couple of paragraphs above where the article quoted Orin.
http://volokh.com/posts/1136170769.shtml
http://volokh.com/posts/1139350005.shtml
I suggest a Google advanced search for the complete term, "pen register", and the single word, "Volokh".
How much can you guys stomach?
Bah humbug. Does it also scare you that another government agency - the IRS - maintains an extensive database of all your personal and financial transactions, including investments, property you own, charitable contributions you make, and medical expenses you incur? The data the IRS has - and has been collecting for a long time - is a hell of a lot more significant to me than who I called and when.
Is that supposed to be a FAVORABLE comparison? That the NSA is now as intrusive into the personal lives of ordinary Americans as the IRS? That's a SCARY thought, not a COMFORTING thought.
Well, if the reports are true, then the NSA is in fact trying to get call records for every American, every day.
More broadly, though, I'm not sure what your point is. Is the idea that as long as a government agency falls short of the IRS in terms of power and intrusiveness with respect to ordinary Americans, it must be OK? I don't think that proposition makes much sense.
The argument, "I must do this to keep us safe" is pretty weak when Bush leaves our orders more vulnerable than a fraternity keg party.