washingtonpost.com
NSA Gave Other U.S. Agencies Information From Surveillance
Fruit of Eavesdropping Was Processed and Cross-Checked With Databases

By Walter Pincus
Washington Post Staff Writer
Sunday, January 1, 2006

Information captured by the National Security Agency's secret eavesdropping on communications between the United States and overseas has been passed on to other government agencies, which cross-check the information with tips and information collected in other databases, current and former administration officials said.

The NSA has turned such information over to the Defense Intelligence Agency (DIA) and to other government entities, said three current and former senior administration officials, although it could not be determined which agencies received what types of information. Information from intercepts -- which typically includes records of telephone or e-mail communications -- would be made available by request to agencies that are allowed to have it, including the FBI, DIA, CIA and Department of Homeland Security, one former official said.

At least one of those organizations, the DIA, has used NSA information as the basis for carrying out surveillance of people in the country suspected of posing a threat, according to two sources. A DIA spokesman said the agency does not conduct such domestic surveillance but would not comment further. Spokesmen for the FBI, the CIA and the director of national intelligence, John D. Negroponte, declined to comment on the use of NSA data.

Since the revelation last month that President Bush had authorized the NSA to intercept communications inside the United States, public concern has focused primarily on the legality of the NSA eavesdropping. Less attention has been paid to, and little is known about, how the NSA's information may have been used by other government agencies to investigate American citizens or to cross-check with other databases. In the 1960s and 1970s, the military used NSA intercepts to maintain files on U.S. peace activists, revelations of which prompted Congress to restrict the NSA from intercepting communications of Americans.

Today's NSA intercepts yield two broad categories of information, said a former administration official familiar with the program: "content," which would include transcripts of a phone call or e-mail, and "non-content," which would be records showing, for example, who in the United States was called by, or was calling, a number in another country thought to have a connection to a terrorist group. At the same time, NSA tries to limit identifying the names of Americans involved.

"NSA can make either type of information available to other [intelligence] agencies where relevant, but with appropriate masking of its origin," meaning that the source of the information and method of getting it would be concealed, the former official said.

Agencies that get the information can use it to conduct "data mining," or looking for patterns or matches with other databases that they maintain, which may or may not be specifically geared toward detecting terrorism threats, he said. "They are seeking to separate the known from the unknown, relationships or associations," he added.

The NSA would sometimes monitor telephones, e-mails or fax communications in cases where individuals in the United States -- and sometimes people they contacted -- were linked to an alleged foreign terrorist group, officials have said. The NSA, officials said, limited its decisions to follow-up with more electronic surveillance on an individual to those cases where there was some apparent link to terrorist sources.

But other agencies, one former official said, have used phone numbers or other records obtained from NSA in combination with wide-ranging databases to look for links and associations. "What data sets are included is a policy decision [made by individual agencies] when they involve other than terrorist links," he said.

DIA personnel stationed inside the United States went further on occasion, conducting physical surveillance of people or vehicles identified as a result of NSA intercepts, said two sources familiar with the operations, although the DIA said it does not conduct such activities.

The military personnel -- some of whose findings were reported to the Northern Command in Colorado -- were employed as part of the Pentagon's growing post-Sept. 11, 2001, domestic intelligence activity based on the need to protect Defense Department facilities and personnel from terrorist attacks, the sources said.

Northcom was set up in October 2002 to conduct operations to deter, prevent and defeat terrorist threats in the United States and its territories. The command runs two fusion centers that receive and analyze intelligence gathered by other government agencies.

Those Northcom centers conduct data mining, where information received from the NSA, the CIA, the FBI, state and local police, and the Pentagon's Talon system are cross-checked to see if patterns develop that could indicate terrorist activities.

Talon is a system that civilian and military personnel use to report suspicious activities around military installations. Information from these reports is fed into a database known as the Joint Protection Enterprise Network, which is managed, as is the Talon system, by the Counterintelligence Field Activity, the newest Defense Department intelligence agency to focus primarily on counterterrorism. The database is shared with intelligence and law enforcement agencies and was found last month to have contained information about peace activists and others protesting the Iraq war that appeared to have no bearing on terrorism.

Military officials acknowledged that such information should have been purged after 90 days and that the Talon system was being reviewed.

Gen. Michael V. Hayden, deputy director for national intelligence and former head of NSA, told reporters last month that the interception of communications to the United States allegedly connected to terrorists was, in almost every case, of short duration. He also said that when the NSA creates intelligence reports based on information it collects, it minimizes the number of Americans whose identities are disclosed, doing so only when necessary.

"The same minimalizationist standards apply across the board, including for this program," he said of the domestic eavesdropping effort. "To make this very clear -- U.S. identities are minimized in all of NSA's activities, unless, of course, the U.S. identity is essential to understand the inherent intelligence value of the intelligence report." Hayden did not address the question of how long government agencies would archive or handle information from the NSA.

Today's controversy over the domestic NSA intercepts echoes events of more than three decades ago. Beginning in the late 1960s, the NSA was asked initially by the Johnson White House and later by the Army, the Secret Service, and the Bureau of Narcotics and Dangerous Drugs to intercept messages to or from the United States. Members of Congress were not informed of the program, code-named Minaret in one phase.

The initial purpose was to "help determine the existence of foreign influence" on "civil disturbances occurring throughout the nation," threats to the president and other issues, Gen. Lew Allen Jr., then director of NSA, told a Select Senate Committee headed by then-Sen. Frank Church (D-Idaho) in 1975.

Allen, in comments similar to recent Bush administration statements, said collecting communications involving American citizens was approved legally, by two attorneys general. He also said that the Minaret intercepts discovered "a major foreign terrorist act planned in a large city" and prevented "an assassination attempt on a prominent U.S. figure abroad."

Overall, Allen said that 1,200 Americans citizens' calls were intercepted over six years, and that about 1,900 reports were issued in three areas of terrorism. As the Church hearings later showed, the Army expanded the NSA collection and had units around the country gather names and license plates of those attending antiwar rallies and demonstrations. That, in turn, led to creation of files on these individuals within Army intelligence units. At one point a Senate Judiciary subcommittee showed the Army had amassed about 18,000 names. In response, Congress in 1978 passed the Foreign Intelligence Security Act, which limited NSA interception of calls from overseas to U.S. citizens or those involving American citizens traveling abroad.

View all comments that have been posted about this article.

© 2006 The Washington Post Company