At least 14 federal judges have approved the NSA’s acquisition of this data every 90 days since 2006 under the business records provision of the Foreign Intelligence Surveillance Act (FISA). The most recent approval came last week. The court’s order imposes strict limitations to ensure the data are used only for focused counterterrorism analysis. There is no “trolling” or “mining” of the data.
This data set is the key tool for analyzing the calling patterns and connections of suspicious phone numbers associated with foreign terrorist organizations and for discovering new phone numbers used by terrorist cells in the United States. The director of the NSA, Gen. Keith Alexander, has said that this program has helped prevent dozens of attacks on the United States and its allies, including the 2009 plot to bomb the New York subway.
But effectiveness and frequent court approval are evidently not enough for some critics of the program, who repeatedly ask: How can such a vast data set be “relevant” to counterterrorism investigations, as the statute requires, when only a tiny fraction of 1 percent of the data has ever been reviewed by NSA analysts?
There’s a simple, logical answer: The tool works only if it includes the broadest set of metadata that can be assembled into one database. The entire database is needed to track terrorists’ calling patterns effectively — a critical building block in counterterrorism investigations.
A more lawyerly answer lies in the generous relevance standard that governs use of administrative subpoena powers Congress has granted to many federal agencies — powers on which the FISA business records provision is modeled, except that FISA requires court approval while most administrative subpoenas do not.
The Supreme Court has said since 1946 that agencies may use subpoena authority to obtain any set of data or other records “reasonably relevant to an authorized investigation,” and courts usually defer to the agency’s determination of relevance, provided the agency can articulate a reasonable basis to believe the records will lead to useful information. In judging the reasonableness of a demand for records, courts may also consider the need for the records and the importance of the investigation. There’s no requirement to establish the relevance of each separate record in a database.
Under this standard, it’s not unusual for agencies to use civil investigative demands or other administrative subpoenas to obtain ongoing access to large data sets when necessary to preserve the data and to search for records germane to the investigation. That occurs in all manner of regulatory and law enforcement investigations. One salient example is the administrative subpoenas issued by the Treasury Department to acquire a database of transactional records relating to interbank financial transfers. This allows Treasury investigators to conduct focused queries for evidence of terrorist-related transactions.
If the NSA is singled out and prohibited from relying on this common relevance standard to assemble the telephone metadata collection under FISA, Americans will be distinctly less safe.
Some have argued that the data should remain under the control of the phone companies and that the NSA should have only secondhand access. That may be an appropriate alternative for the Securities and Exchange Commission or other regulatory agencies that often rely on private companies or third-party vendors to maintain databases needed for investigations. But such a change would render the NSA’s metadata program less effective, less secure and less responsive to executive branch and congressional oversight. Those are not desirable goals.
Many libertarians are quick to condemn the NSA’s collection of telephone metadata as an example of government overreach and encroachment into Americans’ private freedom. But protecting the United States from foreign attack is the core mission of the federal government, and a catastrophic failure in that mission could threaten the liberties we all cherish.
Moreover, it’s profoundly unfair to tar the NSA as irresponsible or an agency run amok. In my experience, there is no more self-restrained, professional and patriotic group of federal officers than those staffing the NSA today. We should be proud of the job this agency is doing and of the effectiveness and prudent focus of its metadata program.