Friday, January 20, 2006

More on NSA Spying

William M. Arkin on National and Homeland Security

 

Inside NSA's World

Every day, the National Security Agency intercepts and records more that 650 million "events" worldwide: radar signals, radio and data transmissions, satellite, cell and land-line telephone calls, faxes and e-mail and text messages and chats over the Internet. 

"The fact that we're discussing this program is helping the enemy," President Bush said yesterday. 

I doubt that there is a terrorist out there who doesn't assume that the NSA is listening in on their communications, so I doubt that the "media" is the right place to look if American counter-terrorism or regard for the law falters. 

And in fact the President is wrong on NSA. Though virtually any discussion of the National Security Agency -- AKA no such agency -- is avoided by the government, the executive branch declassified many details of America's eavesdropper as part of its review of the Joint Inquiry into Intelligence Community Activities before and after the Terrorist Attacks of Sept. 11, 2001.

Every day, NSA issues some 10,000 thematic and geographic "product reports" from its 650 million intercepts. Some are "finished" intelligence reports analyzing days, weeks, or months of intercepts fused with other intelligence material. Some are one or two sentence alerts triggered by reporting criteria for certain persons, countries, or events.

The volume of material flowing into NSA from satellites, ground stations, aircraft, ships, and submarines is staggering. Add to that that most of the material is in a foreign language and much of it is encrypted, and you begin to understand the agency's task, particularly as it abruptly changed focus after 9/11 from its traditional monitoring of the former Soviet Union, China, and rogue states to stateless individuals utilizing a far more complex suite of communications technologies. 

The Joint Inquiry found all of the intelligence agencies unfocused and insular and uncooperative, but when it came to the NSA, it found that the agency had failed during the 1990's to "address modern communications technology aggressively."  NSA failed, according to the Joint Inquiry 

"to focus its efforts against al-Qa’ida’s use of certain forms of this technology, [deleted]. NSA also had not adapted technology fully to the challenge of transnational threats such as terrorism. These present much different challenges than those posed by state actors, such as the former Soviet Union, that were NSA's primary targets in the 1980's. As a result, prior to September 11, NSA provided little counterterrorism intelligence from certain important technical sources."

 "Exploitation of terrorist communications," the Joint Inquiry concluded, "was uneven at best and suffered from insufficient investment." In other words, the agency responsible for being the technical wizard of intercepts hadn't even competently pursued its technical mission. 

"Part of the problem," the Joint Inquiry said, 

"is that the world is undergoing an information revolution, and we haven't yet learned how to cope with the sheer volume of information out there. Only a tiny fraction of the daily intercepts are actually ever reviewed by humans, and much of what is collected gets lost in the deluge of data -- unless someone on a mission makes a special effort to figure out what it means."

 What the Joint Inquiry found prior to 9/11 is that though NSA collected and analyzed hundreds of millions of potentially relevant communications associated with terrorism and terrorists, much of what is collected and analyzed was never published or distributed outside the agency because it did not meet "NSA's reporting thresholds:" 

"NSA has explained that these thresholds are flexible, sometimes changing daily, and consist of several factors, including: the priority of the intelligence requirement; the apparent intelligence value of the information; the level of customer interest in the topic; the current situation; and the volume of intercept to be analyzed and reported."

 Certainly the most serious NSA failure was the Joint Inquiry's discovery that one of the future 9/11 hijackers "communicated with a known terrorist facility in the Middle East while he was living in the United States." Yet the intelligence community did not identify the domestic origin of those communications prior to 9/11. The reason, the Joint Inquiry found, was a "gap … between NSA’s coverage of foreign communications and the FBI’s coverage of domestic communications …neither agency focused on the importance of identifying and then ensuring coverage of communications between the United States and suspected terrorist-associated facilities abroad …"

Prior to 9/11, the Joint Inquiry report says, NSA "adopted a policy that avoided intercepting the communications between individuals in the United States and foreign countries." It was NSA policy "not to target terrorists in the United States, even though it could have obtained a Foreign Intelligence Surveillance Court order authorizing such collection." 

NSA Director Lt. Gen. Michael Hayden (now the Deputy Director of National Intelligence) testified to the Joint Inquiry "that NSA did not want to be perceived as targeting individuals in the United States and believed that the FBI was instead responsible for conducting such surveillance." 

The Joint Inquiry found that as part of NSA's vacuum cleaner approach to intercepting international communications, "a significant portion of the communications collected by NSA involves U.S. persons as parties or contains information about U.S. persons." Under law and Attorney General procedures called the "minimization" rules, the Inquiry said, NSA ensured that information of this type that does not have intelligence value is purged before intelligence is disseminated. 

Hayden testified that it was "more appropriate for the FBI to conduct surveillance perceived as targeting individuals in this country … because the intelligence produced about communicants in the United States is likely to be about their domestic activities." NSA regularly provided information about U.S. persons targets to the FBI -- both in its regular reporting and in response to specific requests from the FBI. The FBI would then use this information in its investigations or obtain FISA Court authorization for electronic surveillance. 

One must wonder why prior to 9/11 there wasn't more collaboration and cooperation between the agencies. NSA staff hates it, even internally, when they are considered an "ATM" for signals intelligence, that is, just the raw producer of intercepts for the CIA and FBI and military intelligence.

In the spring of 2001, NSA began to change direction in its counter-terrorism targeting under Lt. Gen. Hayden: rather than analyzing the mass of what was collected hoping for the gem in the growing mass of available material, NSA began a methodical process of dissecting terrorist target communications practices and network to determine what to collect. This is commonly referred to at NSA as hunting rather than gathering.  It was a procedure that was in its infancy on 9/11. 

So what happened? The perceived shackles of domestic collection were removed, the gathering process began again to overwhelm the hunting process, new software, data-mining and link analysis methods were applied to isolate potential domestic targets.  The beginnings of an era of greater openness and candidness about NSA's challenges were halted and the agency disappeared into the administration's secret war. 

It is understandable in the days and weeks after 9/11 that the administration would have wanted to move quickly to close the gaps and focus on potential terrorists in the United States. But in four years, we've only got the Joint Inquiry to understand the NSA's challenges. More openness and greater Congressional oversight and scrutiny would have helped the agency and the United States to move forward in a better (and legal) way. 

And more media reporting. A greater understanding of NSA would have opened the door and thereby contribute to limiting its potential for abuse.

LINK

No comments: