The Washington PostDemocracy Dies in Darkness

Everything you need to know about the NSA’s phone records scandal

On Wednesday, The Guardian released a classified court order requiring Verizon to turn over records of all domestic phone calls to the National Security Agency. The revelation has led to a renewed debate over the legality and policy merits of indiscriminate government surveillance of Americans.

So what has the government been doing? And how will the program affect ordinary Americans? Read on to find out.

So the government is listening in on all my phone calls?

No. At least, that's not what the document obtained by The Guardian shows. The court order, issued by the secret Foreign Intelligence Surveillance court, only sought metadata — a fancy word for information like what numbers you called, what time you made the calls, and how long the calls were. The order does not seek the audio of calls.

Of course, it's possible the NSA has other programs collecting the contents of calls. In 2006 a whistleblower reported the existence of a secret, NSA-controlled room in an AT&T switching facility in San Francisco. So it's possible the NSA is using rooms like that to listen to everyone's phone calls. But all we know for sure is that the NSA has been requesting information about our phone calls.

I'm not a Verizon customer. Does that mean I'm safe?

Probably not. We only have proof of spying on Verizon customers, but it's hard to imagine the NSA limiting its surveillance program to one company. There are probably similar orders in effect for AT&T and CenturyLink, the other major telephone companies.

The order may only pertain to Verizon's wired telephony business, as Verizon Wireless is technically a separate subsidiary. But the order includes hints that the NSA is also collecting information from cellular customers. In addition to phone numbers and call times, the order seeks information about the specific cell phone tower the customer used to connect to the network during each call.

It wouldn't make much sense to request that information from a traditional wired telephone company. So its inclusion suggests either that the order includes Verizon Wireless, or that it's boilerplate that is also being sent to wireless companies.

So the NSA is collecting information about my location as well as who I've called?

It appears so. Cellphones make calls using the closest tower. So if the NSA knows you made a call using a specific tower, they can safely assume you were near that tower at the time of the call. The accuracy of this information varies. In urban areas, tower information can pin down your location to a specific city block or even a specific building. In rural areas, it might only identify your location within a mile or two.

Is it legal for the government to collect so much information without a warrant?

It's hard to be sure since both the details of the program and legal rulings on it are secret. But civil liberties groups argue the program exceeds the powers Congress has granted to the executive branch, and that such a broad surveillance program is inconsistent with the Fourth Amendment.

The program appears to be based on Section 215 of the Patriot Act, which allows the government to obtain business records that are relevant to an ongoing terrorism investigation. That's a pretty permissive standard, but the Electronic Frontier Foundation argues that Congress intended to authorize information requests relevant to a specific terrorism investigation. Hoovering up the phone records of every person in the United States seems inconsistent with that requirement. We can't all be terrorism suspects.

In 2008, Congress passed the FISA Amendments Act, which did authorize dragnet surveillance programs. But a key part of the government's argument for that law, and its renewal last year, was that the government would only "target" overseas individuals. Here, the NSA is seeking records from everyone, even if they've never made an international phone call.

Finally, there are questions about whether the program is consistent with the Fourth Amendment, which requires search warrants to "particularly describe the place to be searched." The government's position is that it doesn't need a warrant under the third party doctrine, a legal theory that says you give up your privacy rights when you turn over information to a third party (in this case, your phone company). But at least one Supreme Court Justice, Justice Sonya Sotomayor, has described the doctrine as ""ill-suited to the digital age, in which people reveal a great deal of information about themselves to third parties in the course of carrying out mundane tasks." This week's revelations, combined with the recent news about DOJ spying on the Associated Press, might cause some of Sotomayor's colleagues to re-consider the third-party doctrine.

Why does the NSA want so much information?

Since the program is secret, it's hard to say for sure. But the NSA is probably using a software technique called data mining to look for patterns that could be a sign of terrorist activity. The idea is that NSA researchers can build a profile of "typical" terrorist activity and then use calling records —a nd other data such as financial transactions and travel records — to look for individuals or groups of people who fit the pattern. Many businesses use similar techniques, building profiles of their customers to help decide who is most likely to respond to targeting advertising.

Some critics question the effectiveness of these techniques. For example, in a 2006 Cato study, an IBM computer scientist argued that we simply don't have enough examples of real terrorists to build a profile of the "typical" terrorist.

I mostly use my cellphone to call my mother. What's the big deal if the government has my calling records?

The average Joe doesn't have anything to worry about, personally. The NSA probably doesn't care about the secrets of ordinary Americans.

But civil libertarians say that the privacy of communications plays a crucial role in a free and democratic society. Last month's AP scandal is a good illustration of the problem. Routine government monitoring of who was talking to reporters is likely to deter whistleblowers from talking to the media — for fear of losing their jobs, or worse. That makes it harder for the voters to learn about government misconduct, making misconduct more likely.

In the hands of an unscrupulous future president, mass surveillance could be turned into a powerful weapon against democratic government. For example, having the calling records of every member of Congress would likely reveal which members kept mistresses, which could be used to blackmail members of Congress into supporting a future president's agenda. Calling records could also provide valuable political intelligence, such as how frequently members of Congress were talking to various interest groups.

This sounds speculative and a little paranoid. Government officials wouldn't actually do that sort of thing, would they?

There are real historical examples of surveillance powers being abused. The most famous are the revelations that led to Richard Nixon's resignation in 1974. But abuses also occurred under his predecessors.

For example, between 1963 and 1965, the FBI bugged at least 14 hotel rooms of Martin Luther King, Jr., seeking "information concerning King's personal activities" to "discredit him." The FBI then sent King a letter threatening to release personally embarrassing recordings to the public. King interpreted it as "an effort to induce him to commit suicide." He was harassed by the FBI until his death in 1968.

We have no evidence that the NSA has engaged in such conduct, but the revelations of King's harassment didn't come out until years after the fact. And civil libertarians argue that no matter how ethical the current administration might be, it's only a matter of time before a less law-abiding administration comes to power.

How has Congress reacted to Wednesday's revelations?

The responses have been mixed. At a Thursday news conference, Sen. Dianne Feinstein (D-Calif.) and Sen. Saxby Chambliss (R-Ga.), both longtime advocates of expanded surveillance powers, defended the program as necessary to protect Americans from terrorism. Feinstein described the program as "lawful" under Section 215 of the Patriot Act. Chambliss said the program has been going on for seven years, and "every member of the United States Senate has been advised of this."

In contrast, Sen. Mark Udall (D-Colo.) condemned the program. "This sort of wide-scale surveillance should concern all of us and is the kind of government overreach I've said Americans would find shocking," he said on Thursday.

Sen. Ron Wyden (D-Ore.), called for the Obama administration to "immediately" release more information about the secret program. Sen. Rand Paul (R-K.Y.) described the program as an "astounding assault on the Constitution."

What comes next?

The revelation has sparked renewed debate about the merits of the government's dragnet surveillance powers. But with powerful senators defending the program, it's not clear if there will be support in Congress for changing the law.

The revelations will complicate the confirmation of James Comey, who President Obama has nominated to be the new director of the FBI. Comey was deeply involved in secret domestic surveillance programs during the Bush Administration.

It's a safe bet that the Obama administration will investigate who leaked the highly classified document to The Guardian.

Finally, the revelation may give a boost to civil liberties groups that are suing to stop the surveillance program. In one case, the Obama administration has argued that the program is effectively immune from judicial scrutiny thanks to the state secrets privilege. Now that the existence of the program is clearly established, judges may find that argument less plausible.

Correction: This post originally suggested that the order does not apply to Verizon Wireless, but that may not be the case. I've modified the second question accordingly.