The Court “Oversight” of NSA Phone Surveillance Is a Joke

Innovation, the Internet, gadgets, and more.
June 21 2013 10:11 AM

Going Courtless

The NSA searches its mass database of phone records without real judicial oversight. That’s unacceptable.

General Keith Alexander, commander of the U.S. Cyber Command, director of the National Security Agency and chief of the Central Security Service, arrives at the Senate Appropriations Committee hearing on Cybersecurity: Preparing for and Responding to the Enduring Threat, on Capitol Hill in Washington June 12, 2013.
Gen. Keith Alexander, director of the National Security Agency, at a Senate hearing on June 12, 2013.

Photo by Yuri Gripas/Reuters

The National Security Agency has been collecting the phone records of all U.S. citizens—which numbers have called which other numbers, when, and for how long—in an enormous database. The government says this mass collection is OK because the database is “queried”—i.e., searched—only under court supervision. In theory, this two-tiered approach, with judicial scrutiny applied at the query stage rather than the collection stage, is defensible. But does the judiciary—in this case, the Foreign Intelligence Surveillance Court—really examine the database queries?

William Saletan William Saletan

Will Saletan writes about politics, science, technology, and other stuff for Slate. He’s the author of Bearing Right.

This week, at House and Senate hearings, five administration officials answered questions about the phone surveillance program. They held back plenty, but they told us a lot more than we had previously known. They testified that last year, the NSA had plugged fewer than 300 phone numbers into the database— numbers for which the agency could claim a “reasonable, articulable suspicion” of a connection to terrorism—to find out which other phones had called or received calls from those numbers. The officials cited multiple layers of supervision. But the judicial review they described is superficial. The NSA doesn’t have to get court approval each time it queries the database. It doesn’t even have to explain each query to the court afterward.

The officials who testified were NSA Director Keith Alexander, Deputy NSA Director Chris Inglis, Deputy Attorney General James Cole, FBI Director Robert Mueller, and Robert Litt, the general counsel to the director of national intelligence. Here are the key questions they addressed:

Advertisement

1. Who has access to the data?

“Only 20 analysts and NSA and their two managers, for a total of 22 people, are authorized to approve numbers that may be used to query this database,” Inglis testified. Mueller quoted the same figure: “You have just 22 persons who have access to this to run the numbers against the database—20 analysts and two supervisors.” Alexander elaborated:

“Could somebody get out and get your phone number and see that you were at a bar last night? The answer is no, because, first, in our system, somebody would have had to approve, and there's only 22 people that can approve a reasonable, articulable suspicion on a phone number. So, first, that [phone number] has to get input. Only those phone numbers that are approved could then be queried. And so you have to have one of those 22 [people] break a law.”

These statements don’t clarify whether the “access” reserved to these 22 people is a physical or just a legal matter. Is it possible for others to access the data? That raises the next question:

2. What are the barriers to unauthorized access?

Alexander testified, “To get to any data like the business records 215 data that we're talking about, that's in an exceptionally controlled area. You would have to have specific certificates to get into that.” Inglis told lawmakers that “the metadata is segregated from other data sets held by NSA.” Cole added that it’s “stored in repositories at NSA that can only be accessed by a limited number of people.” These statements imply that real barriers in physical or cyberspace protect the data. But what are the barriers? How is access controlled?

3. Can one person search the data alone?

Not legally. “Any analyst that wants to form a query, regardless of whether it's this authority or any other, essentially has a two-person control rule,” said Inglis. “They would determine whether this query should be applied, and there is someone who provides oversight on that.” Again, it isn’t clear whether this rule is just a legal requirement or is physically enforced by a dual-key system.

TODAY IN SLATE

Doublex

Crying Rape

False rape accusations exist, and they are a serious problem.

Scotland Is Just the Beginning. Expect More Political Earthquakes in Europe.

Why Men Can Never Remember Anything

The XX Factor
Sept. 19 2014 1:11 PM Why Men Can Never Remember Anything

The Music Industry Is Ignoring Some of the Best Black Women Singing R&B

How Will You Carry Around Your Huge New iPhone? Apple Pants!

Medical Examiner

The Most Terrifying Thing About Ebola 

The disease threatens humanity by preying on humanity.

Television

The Other Huxtable Effect

Thirty years ago, The Cosby Show gave us one of TV’s great feminists.

There’s a Way to Keep Ex-Cons Out of Prison That Pays for Itself. Why Don’t More States Use It?

No, New York Times, Shonda Rhimes Is Not an “Angry Black Woman” 

Brow Beat
Sept. 19 2014 1:39 PM Shonda Rhimes Is Not an “Angry Black Woman,” New York Times. Neither Are Her Characters.
Behold
Sept. 19 2014 11:33 AM An Up-Close Look at the U.S.–Mexico Border
  News & Politics
Foreigners
Sept. 19 2014 1:56 PM Scotland’s Attack on the Status Quo Expect more political earthquakes across Europe.
  Business
Moneybox
Sept. 19 2014 12:09 PM How Accelerators Have Changed Startup Funding
  Life
Inside Higher Ed
Sept. 19 2014 1:34 PM Empty Seats, Fewer Donors? College football isn’t attracting the audience it used to.
  Double X
The XX Factor
Sept. 19 2014 1:11 PM Why Men Never Remember Anything
  Slate Plus
Slate Picks
Sept. 19 2014 12:00 PM What Happened at Slate This Week? The Slatest editor tells us to read well-informed skepticism, media criticism, and more.
  Arts
Movies
Sept. 19 2014 2:06 PM The Guest and Fort Bliss How do we tell the stories of soldiers returning home from war?
  Technology
Future Tense
Sept. 19 2014 12:38 PM Forward, March! Nine leading climate scientists urge you to attend the People’s Climate March.
  Health & Science
Medical Examiner
Sept. 19 2014 12:13 PM The Most Terrifying Thing About Ebola  The disease threatens humanity by preying on humanity.
  Sports
Sports Nut
Sept. 18 2014 11:42 AM Grandmaster Clash One of the most amazing feats in chess history just happened, and no one noticed.