On the third floor of the E. Barrett Prettyman courthouse in downtown Washington, judges assigned to the Foreign Intelligence Surveillance Court place their palms on a biometric hand scanner mounted next to the entrance door. Then the judges and their staff enter a code into door’s electronic cipher lock.
Inside a secure vault — one impenetrable to any sort of technical eavesdropping — the judges review some of the Justice Department’s most sensitive requests for access to private communications information, including the phone records of tens of millions of Americans, a collection that has generated significant criticism since it was disclosed in June.
The court is staffed year-round, and on an emergency basis, to authorize surveillance by the U.S. intelligence community. Although much attention has been focused on the court’s approval of the NSA’s so-called metadata phone records program, interviews with intelligence officers and experts, public statements and recently declassified documents indicate that the authorization marks the beginning of a long — and, U.S. officials say, carefully regulated — process.
That process, they say, often starts thousands of miles away. During a night raid in Kandahar, Afghanistan, U.S. Special Operations commandos might seize a computer belonging to a terrorist cell leader, for instance, and find an electronic phone book on it. An NSA linguist listening to intercepted phone calls from a terrorist in Yemen might hear him talking repeatedly to the same person about a bomb. A Saudi intelligence service might provide the cellphone number of a new, English-speaking al-Qaeda courier to the CIA station chief in Riyadh.
In each case, the numbers would trigger a search of the NSA’s vast collection of Americans’ phone records — even local calls.
The program that collects metadata has been referred to in shorthand as the “215 program” after the section in the law that governs it. It is a search for a needle in a haystack of unimaginable proportions, and administration officials can point to few successes.
The NSA maintains a separate collection program, known as PRISM, that was exposed in June and has been at times conflated with the metadata program. But PRISM is focused not just on terrorism but any foreign intelligence matter. It is especially used to pursue foreign terrorism suspects, foreign espionage cases and investigations involving weapons of mass destruction, and it routinely sweeps up the content of e-mail and social media exchanges involving American citizens, according to documents and interviews.
There is still much confusion about each program, even among people who have been briefed on them, and even among officials involved in carrying them out. What follows is an explanation of the 215, which has generated the most controversy and the most dedicated effort at reform in Congress.
Every 90 days, Justice Department lawyers ask a federal judge to renew the authority to collect the phone records of all Americans by reissuing what is known as a “215 order,” after the section in the USA Patriot Act that government lawyers have determined permits the collection of such records. That blanket order allows NSA analysts to search the phone database for links between foreign terrorists and their U.S.-based contacts.
But to begin a particular search, analysts must submit a request to their superiors showing why there is a “reasonable, articulable suspicion” that the number belongs to a member of a recognized terrorist organization. A reasonable, articulable suspicion is lower than the standard of “probable cause” used in criminal investigations to obtain a warrant or make an arrest. But the suspicion has to be based on facts that a reasonable person would accept.
The analysts’ 215 requests go to one of the 22 people at the NSA who are permitted to approve them — the chief or the deputy chief of the Homeland Security Analysis Center or one of 20 authorized Homeland Security mission coordinators within the Signals Intelligence directorate’s analysis and production directorate.
Once a request is approved, it is given to one of the Signal Intelligence directorate’s 33 counterterrorism analysts who are authorized to access the U.S. phone metadata collection.
When one of the analysts attempts to log into the database, the computer verifies whether the analyst has permission to do so. Edward Snowden, the NSA contractor who leaked details of the program, would not have had such authority.
An analyst’s search of the metadata begins with a foreign number: the number the NSA intercept was targeting in Yemen; the number the Saudi intelligence liaison took from the detainee; numbers found in the computer in Afghanistan that show calls to Europe or the United States.
The analyst then queries the database to see if it contains the number. In 2012, the database was queried 300 times by an NSA analyst.
If the database finds a U.S. phone number, the analyst will begin a “link analysis” chart of all the numbers connected to the original number and metadata about the calls, such as their date, time and duration. The metadata also includes a phone’s routing information, telephone calling card numbers and other identifiers internal to each phone.
It does not include the content of the calls or the names of the phone subscribers. It does not contain information about the phone’s location .
An analyst, for example, might find what appear to be 10 U.S. phone numbers — based on area codes or other identifiers — linked to the original number. The analyst will then use tools such as reverse telephone directories, public search engines and other NSA databases of foreign phone numbers.
Intelligence experts said other factors that could make a phone interesting to analysts are the frequency of calls linked to the initial number or the timing of calls, before or after attacks, for example.
Of the original 10 U.S.-based phone numbers identified, only two might remain interesting to the analyst. Using those two numbers, the analyst searches for all the calls made or received by those two phones. This is called a “hop.” The process often stops at the second hop but can go to a third if the second yields more numbers of interest.
Whatever numbers survive after the NSA analyst’s search are passed to the FBI for further investigation. The NSA gave the FBI 500 numbers in 2012.
The FBI’s job at this point is to find out whether any of those U.S. numbers should be investigated further for links to terrorist organizations or supporters. To do this, the FBI queries its own databases for numbers that are linked to existing bureau cases; or linked to overseas phone numbers known to be associated with other terrorist suspects; or show other foreign connections that raise questions.
The FBI can also search publicly available information, including court records, social media and certain commercial databases, which can give subscribers a person’s Social Security number, past residences and much more.
If the FBI wanted to go further, such as obtaining a person’s bank or credit card records, it would require a court order, warrant or subpoena and then an assessment or investigation probably would occur.
Each NSA database search is audited afterward by compliance officials at the agency. How many phone numbers are searched is reported every 30 days to the Foreign Intelligence Surveillance Court. Every 90 days, a small team from the Justice Department and the Office of the Director of National Intelligence spends a day at NSA looking over 215 documents and questioning analysts. Cursory reports on 215 activity are sent to Congress every year. The last one was eight sentences.
The government says there have been no willful abuses of the system, only a few mistakes. No information has been released about those instances.