For years the National Security Agency has been violating restrictions and misusing the US domestic spying program that collected private data from US citizens, newly released declassified documents show.
The new information from Intelligence Community Documents Regarding Collection under Section 501 of the Foreign Intelligence Surveillance Act (FISA) shows that the government on a daily basis spied on Americans’ telephone numbers, calling patterns as well as users IP addresses during the surveillance of foreign terror suspects.
The documents show that between 2006 and 2009 the NSA violated the court restrictions by spying on telephone calls and lying to judges about how the data was deployed. The spying agency crossed referenced a selected list of some 16,000 phone numbers against databases which contained millions of records, thus violating the law, two senior intelligence officials told Bloomberg.
The metadata program which started in 2006 enabled the NSA to gather more information about a specific number that the agency claimed could be linked to terrorist activity. The agency also kept an alert list that was cross-referenced with new numbers to consider whether they should be added to a list of "reasonable articulable suspicion."
The NSA gathered the bulk phone records under Section 215 of the USA Patriot Act, which requires private companies to turn over evidence that is relevant to a terrorism investigation. However, the Foreign Intelligence Surveillance Court ruled that the NSA must have “reasonable, articulable suspicion” to run that number against a larger database. Only about 2,000 numbers on the list in 2009 met that legal condition, according to sources.
The released documents according to Director of National Intelligence James Clapper relate to “compliance incidents that were discovered by the NSA, reported to the FISC and the Congress, and resolved four years ago.”
According to the documents, the US District Judge Reggie Walton who oversaw a secret US spy court wrote he was "deeply troubled" in March 2009 after discovering government officials had been accessing domestic phone records without “articulable suspicion.”
In some cases the NSA was distributing the sensitive phone records by email to as many as 189 analysts, while only 53 were approved by the Foreign Intelligence Surveillance Court to see them, a Justice Department lawyer reported later in 2009.
The NSA notified the court of the violations only in January
2009, the documents show. In turn, the court asked the spying
agency to seek approval for each case before running the query on
an individual number. In September 2009 these procedures were
revised and the court allowed the surveillance program to remain.
"Upon discovery of these incidents, which were promptly
reported to the FISC, the Court, in 2009, issued an order
requiring the NSA to seek court approval to query the telephony
metadata on a case-by-case basis, except when necessary to
protect against an imminent threat to human life," Director
of National Intelligence James Clapper said in a statement.
Clapper also stated that the NSA was not trying to lie or mislead the court and that the problem with reporting the incidents was in a “lack of a shared understanding among various NSA components about how certain aspects of the complex architecture supporting the program functioned.” These gaps in understanding led to “unintentional misrepresentations in the way the collection was described to the FISC.”
The magnitude of the metadata collection program was first revealed in June by Edward Snowden, when he leaked documents from Verizon Communications Inc. which showed that the company shared its data with the NSA. In August, the Obama administration acknowledged the phone metadata program.
Tuesday’s disclosures were released in response to a court case in which the San Francisco-based Electronic Frontier Foundation sued the Justice Department in 2011 for records of data collection under the USA Patriot Act.
"The documents released today are a testament to the Government's strong commitment to detecting, correcting, and reporting mistakes that occur in implementing technologically complex intelligence collection activities, and to continually improving its oversight and compliance processes,” Clapper said.