Senior intelligence officials now say that of the phone numbers on the alert list, more than 15,000 were wrongly included because they did not meet the standard for "reasonable, articulable suspicion" required by the FISA court. Even worse, the NSA officials who were reporting on the program to the FISC didn't understand the extent of the program, and so they sent inaccurate information to the court.
"There was no single person with a complete understanding of the [business-records] FISA system," said one official. "While there were people who understood portions of it ... it's not consistent with what we told the court we were doing. That's the problem."
As a result, for nearly three years, from 2006 to 2009, the NSA provided faulty information to the FISA court, during which the court continued to approve the bulk surveillance program.
"A description of the alert list process first appeared ... on August 18, 2006," the newly released documents read. "The reports filed with the court incorrectly stated that the alert list did not include telephone identifiers that were RAS [reasonable articulable suspicion]-approved. In fact, the majority of telephone identifiers on the list were not RAS-approved."
So how did the alert list work? In the agency's words:
When the NSA learned of the misstep and notified the court of it in January 2009, the alert list system was shut down and the FISC ruled that every future query of the NSA's database had to be specially approved by the court. Those special rules were in effect from March until September of 2009, and the NSA was forced in a separate court order to produce a report on the compliance violation.
The newly released documents are available here.