Why Not To Trust the Filters

What's the Big Secret?

Why Not To Trust the Filters

What's the Big Secret?

Why Not To Trust the Filters
An email conversation about the news of the day.
Aug. 29 2007 2:28 PM

What's the Big Secret?


Marty, David, Orin,

Here's my problem: We are asking an awful lot of our filters. In a recent New York Times op-ed that I otherwise disagreed with, Philip Bobbitt made an important observation: Whereas in the past the government tended to wiretap in order to gather evidence or intelligence from a foreign agent, today, "the purpose of the interception is to determine whether the person is in fact an agent at all." The threshold question for the NSA is, who should we be listening to? So, Bobbitt continues, they "build from a known element in a terror network—a person, a telephone number, a photograph, a safe house, an electronic dead-drop—to some picture of the network itself." Needles in haystacks make for a slightly misleading analogy here, because the spies don't even have the certainty that it's a single, hidden needle they're after. There might be lots of needles. There might be none.


If, as David hypothesizes, the government gained permission to monitor every call transiting an international switch and calibrated its filters to scan the metadata, and if that scan then flags certain identities, amounting to probable cause for more targeted surveillance of content, then the filters are not only assuming a legal responsibility previously vested in a judge. They're undertaking an exceedingly difficult technical detection job, as well, trying to extrapolate from call-traffic analysis and the links between different phone numbers or ISPs the existence, and location, of terror cells or foreign agents.

And yet one consistent leitmotif in the press leaks over the past couple of years is that our filters suck. Remember that Times report in January 2006 about how the NSA was turning over large numbers of phone numbers and e-mail addresses to the FBI? "Officials who were briefed on the NSA program said the agency collected much of the data passed on to the FBI as tips by tracing phone numbers in the United States called by terrorists overseas, and then by following the domestic numbers to other numbers called." This program has been described as a spider web—and if you imagine the number of contacts you're looking at when you get out to two and three degrees of separation, you're talking about a lot of people.

Sure enough, the FBI started chasing down all those leads, and the vast majority of them were dead ends—innocent people who happened to get snagged in the filter. According to that piece, FBI agents greeted a new batch of "tips" from the NSA by groaning, "More calls to Pizza Hut." And things haven't gotten much better in the interim. The Washington Post had a story over the weekend about how the vast majority of Americans and foreigners whose names are in the federal terrorist screening database have not done something to generate enough probable cause for an arrest.

I talked to Adm. Bobby Ray Inman, former head of the NSA, about precisely this issue last year. He said that eavesdropping is by its very nature low yield: You often have to wade through a lot of noise before you hit on the signal you're looking for. This is understandable, and not a problem at all in the foreign-to-foreign context. But given the lack of transparency here—and the abundance of evidence that whatever predicates our filters have established to identify a possible terrorist are broad enough that they flag a lot of people who aren't in fact terrorists—trusting the filters is a problem.

Here's another: David, you briefly mentioned "minimization," referring to what has traditionally been NSA self-policing when it came to the sometimes-inadvertent collection of Americans' communications. But before the exposure of the Terrorist Surveillance Program at the end of 2005, there was a little-noticed scandal involving John Bolton, of all people, that suggested, to me, at least, that minimization is honored more in the breach than in the execution. During his confirmation hearings to become U.S. ambassador to the UN, in the spring of 2005, Bolton admitted that on a number of occasions when he was at the State Department he had received reports of NSA intercepts between an individual in a foreign country and an individual in the United States. In keeping with minimization guidelines, the identity of the U.S. speaker had been redacted and replaced with the generic "U.S. person." But Bolton wanted to know who those U.S. persons were. So he called the NSA and asked, making no showing of cause other than a general suggestion that knowing who the American was would help him understand the context of the conversation (wouldn't it always?). And the NSA turned over the names, no questions asked. Following this revelation, Newsweek reported that between January 2004 and May 2005, the agency had supplied the names of some 10,000 American citizens in this informal manner to various interested parties in Washington. This story didn't get a lot of play at the time, but I think it's worth revisiting when we weigh the merits of leaving oversight of the NSA's massively expanded capabilities—and false-positive afflicted filters—to the agency itself.

Having said all that, I want to return once again to the Marty Lederman Question and push you a bit on this, Marty. In your first post, you quoted McConnell as saying, "You can go to jail for that sort of thing," and suggested, I think, that this was his response to warrantless wiretapping targeted at the international communications of people in the United States. You then raised the eponymous question: OK, but couldn't the NSA "target" whoever is on the international end of the line, which wouldn't require a warrant, but still manage to collect the U.S. person's international communications? Tell me if I've got this wrong, but my read of McConnell's interview was that he was explicitly answering your question—in the negative. "There's a claim of reverse targeting," he says. "Now what that means is we would target somebody in a foreign country who is calling into the United States and our intent is to not go after the bad guy, but to listen to somebody in the United States. That's not legal … it would be a breach of the Fourth Amendment. You can go to jail for that sort of thing."

So I wonder what all three of you think: Has McConnell explicitly denied that this sneaky targeting-without-"targeting" is going on? Does that put the MLQ to rest?