[Infowarrior] - F.B.I. Data Mining Reached Beyond Initial Targets

[Richard Forno]

September 9, 2007
F.B.I. Data Mining Reached Beyond Initial Targets
By ERIC LICHTBLAU
http://www.nytimes.com/2007/09/09/washington/09fbi.html?hp=&pagewanted=print

WASHINGTON, Sept. 8 ‹ The F.B.I. cast a much wider net in its terrorism
investigations than it has previously acknowledged by relying on
telecommunications companies to analyze phone-call patterns of the
associates of Americans who had come under suspicion, according to newly
obtained bureau records.

The documents indicate that the Federal Bureau of Investigation used secret
demands for records to obtain data not only on individuals it saw as targets
but also details on their ³community of interest² ‹ the network of people
that the target in turn was in contact with. The bureau stopped the practice
early this year in part because of broader questions raised about its
aggressive use of the records demands, which are known as national security
letters, officials said Friday after being asked about it.

The community of interest data sought by the F.B.I. is central to a
data-mining technique intelligence officials call link analysis. Since the
attacks of Sept. 11, 2001, American counterterrorism officials have turned
more frequently to the technique, using communications patterns and other
data to identify suspects who may not have any other known links to
extremists.

The concept has strong government proponents who see it as a vital tool in
predicting and preventing attacks, and it is also thought to have helped the
National Security Agency identify targets for its domestic eavesdropping
program. But privacy advocates, civil rights leaders and even some
counterterrorism officials warn that link analysis can be misused to
establish tenuous links to people who have no real connection to terrorism
but may be drawn into an investigation nonetheless.

Typically, community of interest data might include an analysis of which
people the targets called most frequently, how long they generally talked
and at what times of day, sudden fluctuations in activity, geographic
regions that were called, and other data, law enforcement and industry
officials said.

The F.B.I. declined to say exactly what data had been turned over. It was
limited to people and phone numbers ³once removed² from the actual target of
the national security letters, said a government official who spoke on
condition of anonymity because of a continuing review by the Justice
Department.

Mike Kortan, a spokesman for the F.B.I., said in a statement Saturday in
response to an article posted on The Times¹s Web site on the bureau¹s use of
the community-of-interest requests that ³it is important to emphasize that
it is no longer being used pending the development of an appropriate
oversight and approval policy, was used infrequently and was never used for
e-mail communications.²

The scope of the demands for information could be seen in an August 2005
letter seeking the call records for particular phone numbers that had come
under suspicion. The letter closed by saying: ³Additionally, please provide
a community of interest for the telephone numbers in the attached list.²

The requests for such data showed up a dozen times, using nearly identical
language, in records from one six-month period in 2005 obtained by a
nonprofit advocacy group, the Electronic Frontier Foundation, through a
Freedom of Information Act lawsuit that it brought against the government.
The F.B.I. recently turned over 2,500 pages of documents to the group. The
boilerplate language suggests the requests may have been used in many of
more than 700 emergency or ³exigent² national security letters. Earlier this
year, the bureau banned the use of the exigent letters because they had
never been authorized by law.

The bureau declined to discuss any aspect of the community of interest
requests because it said the issue was part of an investigation by the
Justice Department inspector general¹s office into national security
letters. An initial review in March by the inspector general found
widespread violations and possible illegality in the F.B.I.¹s use of the
letters, but did not mention the use of community of interest data.

The government official who spoke on condition of anonymity said the F.B.I.
recently stopped asking the telecommunications companies for the community
of interest data. The exact time of and reason for the suspension is
unclear, but it appears to have been set off in part by the questions raised
earlier this year by the inspector general¹s initial review into abuses in
the use of national security letters.

The official said the F.B.I. itself was examining the use of the community
of interest requests to get a better understanding of how and when they were
used, but he added that they appeared to have been used in a relatively
small percentage of the tens of thousand of the records requests each year.
³In an exigent circumstance, that¹s information that may be relevant to an
investigation,² the official said.

A federal judge in Manhattan last week struck down parts of the USA Patriot
Act that had authorized the F.B.I.¹s use of the national security letters,
saying that some provisions violated the First Amendment and the
constitutional separation of powers guarantee. In many cases, the target of
a national security letter whose records are being sought is not necessarily
the actual subject of a terrorism investigation and may not be suspected at
all. Under the Patriot Act, the F.B.I. must assert only that the records
gathered through the letter are considered relevant to a terrorism
investigation.

Some legal analysts and privacy advocates suggested that the disclosure of
the F.B.I.¹s collection of community of interest records ‹ extending the
link even further beyond an actual suspect in a terrorism investigation ‹
offered another example of the bureau exceeding the substantial powers
already granted it by Congress.

³This whole concept of tracking someone¹s community of interest is not part
of any established F.B.I. authority,² said Marcia Hofmann, a lawyer for the
Electronic Frontier Foundation, which provided the records from its lawsuit
to The New York Times. ³It¹s being defined by the F.B.I. And when it¹s left
up to the F.B.I. to decide what information is relevant to their
investigations, they can vacuum up almost anything they want.²

Matt Blaze, a professor of computer and information science at the
University of Pennsylvania and a former researcher for AT&T, said the
telecommunications companies could have easily provided the F.B.I. with the
type of network analysis data it was seeking because they themselves had
developed it over many years, often using sophisticated software like a
program called Analyst¹s Notebook.

³This sort of analysis of calling patterns and who the communities of
interests are is the sort of things telephone companies are doing anyway
because it¹s central to their businesses for marketing or optimizing the
network or detecting fraud,² said Professor Blaze, who has worked with the
F.B.I. on technology issues.

Such ³analysis is extremely powerful and very revealing because you get
these linkages between people that wouldn¹t be otherwise clear, sometimes
even more important than the content itself² of phone calls and e-mail
messages, he said. ³But it¹s also very invasive. There¹s always going to be
a certain amount of noise,² with data collected on people who have no real
links to suspicious activity, he said.

Officials at other American intelligence agencies, like the National
Security Agency and the Central Intelligence Agency, have explored using
link analysis to trace patterns of communications sometimes two, three or
four people removed from the original targets, current and former
intelligence officials said. But critics assert that the further the links
are taken, the less valuable the information proves to be.

Some privacy advocates said they were troubled by what they saw as the
F.B.I.¹s over-reliance on technology at the expense of traditional
investigative techniques that rely on clearer evidence of wrongdoing.

³Getting a computer to spit out a hundred names doesn¹t have any meaning if
you don¹t know what you¹re looking for,² said Michael German, a former
F.B.I. agent who is now a lawyer for the American Civil Liberties Union. ³If
they¹re telling the telephone company, ŒYou do the investigation and tell us
what you find,¹ the relevance to the investigation is being determined by
someone outside the F.B.I.²