The government argues that it is very careful; it consults with the Foreign Intelligence Surveillance Court and meets strict standards, only looking at the information when investigators have reasonable, documentable suspicion to believe they are on to a terrorist group. But it is often up to the National Security Agency (NSA) to apply those standards to itself, with outside review coming after the agency has accessed the metadata.
Second, and related, are the justifications for amassing all of that information. Section 215 of the Patriot Act allows the government to obtain records, such as phone metadata, as long as they are relevant to a terrorism investigation. Government lawyers argue that detecting patterns of communications — those whom suspects call and even associates of those associates — has yielded information that has contributed to foiling potential terror plots. In order to produce those benefits, they say, they must have, somewhere, the whole universe of this sort of metadata, which communications firms don’t keep themselves.
By that logic, nearly every record anywhere could be considered relevant. Other huge collections of surveillance metadata — though not of communications content, which is governed by different standards — could exist. If misused, they would also pose a threat to Americans’ privacy.
The House last week considered an amendment to a defense funding bill that would scale back the NSA’s wholesale gathering of phone or other metadata. The amendment didn’t pass and rightly so: Tacking it onto an appropriations bill is hardly the way to hash out complex national security policy. That is not the end of the debate. Earlier this month, Rep. F. James Sensenbrenner Jr. (R-Wis.) told intelligence officials that Congress might not renew the Patriot Act’s Section 215, unless they change their collection procedures.
The focus of any politically realistic reform should be on ensuring that government agents use only bits of metadata when they must. One idea is for Congress to require communications companies to store their records separately and force investigators to approach those firms to gain access. If lawmakers did that, they would also have to require companies to develop fast ways of transferring information to the government, and they must satisfy themselves that those companies can keep users’ stored metadata secure.
Another approach is to make sure the Foreign Intelligence Surveillance Court is tightly involved in the metadata program. If NSA agents already must articulate good reasons to examine a particular phone number, bringing them to a judge for approval hardly seems outrageous. From there, the court must carefully monitor the NSA’s success at minimizing Americans’ exposure.