[Infowarrior] - E-Mail Surveillance Renews Concerns in Congress

[Richard Forno]

June 17, 2009
E-Mail Surveillance Renews Concerns in Congress
By JAMES RISEN and ERIC LICHTBLAU

http://www.nytimes.com/2009/06/17/us/17nsa.html?_r=2&hp=&pagewanted=print

WASHINGTON — The National Security Agency is facing renewed scrutiny  
over the extent of its domestic surveillance program, with critics in  
Congress saying its recent intercepts of the private telephone calls  
and e-mail messages of Americans are broader than previously  
acknowledged, current and former officials said.

The agency’s monitoring of domestic e-mail messages, in particular,  
has posed longstanding legal and logistical difficulties, the  
officials said.

Since April, when it was disclosed that the intercepts of some private  
communications of Americans went beyond legal limits in late 2008 and  
early 2009, several Congressional committees have been investigating.  
Those inquiries have led to concerns in Congress about the agency’s  
ability to collect and read domestic e-mail messages of Americans on a  
widespread basis, officials said. Supporting that conclusion is the  
account of a former N.S.A. analyst who, in a series of interviews,  
described being trained in 2005 for a program in which the agency  
routinely examined large volumes of Americans’ e-mail messages without  
court warrants. Two intelligence officials confirmed that the program  
was still in operation.

Both the former analyst’s account and the rising concern among some  
members of Congress about the N.S.A.’s recent operation are raising  
fresh questions about the spy agency.

Representative Rush Holt, Democrat of New Jersey and chairman of the  
House Select Intelligence Oversight Panel, has been investigating the  
incidents and said he had become increasingly troubled by the agency’s  
handling of domestic communications.

In an interview, Mr. Holt disputed assertions by Justice Department  
and national security officials that the overcollection was inadvertent.

“Some actions are so flagrant that they can’t be accidental,” Mr. Holt  
said.

Other Congressional officials raised similar concerns but would not  
agree to be quoted for the record.

Mr. Holt added that few lawmakers could challenge the agency’s  
statements because so few understood the technical complexities of its  
surveillance operations. “The people making the policy,” he said,  
“don’t understand the technicalities.”

The inquiries and analyst’s account underscore how e-mail messages,  
more so than telephone calls, have proved to be a particularly vexing  
problem for the agency because of technological difficulties in  
distinguishing between e-mail messages by foreigners and by Americans.  
A new law enacted by Congress last year gave the N.S.A. greater legal  
leeway to collect the private communications of Americans so long as  
it was done only as the incidental byproduct of investigating  
individuals “reasonably believed” to be overseas.

But after closed-door hearings by three Congressional panels, some  
lawmakers are asking what the tolerable limits are for such incidental  
collection and whether the privacy of Americans is being adequately  
protected.

“For the Hill, the issue is a sense of scale, about how much domestic  
e-mail collection is acceptable,” a former intelligence official said,  
speaking on condition of anonymity because N.S.A. operations are  
classified. “It’s a question of how many mistakes they can allow.”

While the extent of Congressional concerns about the N.S.A. has not  
been shared publicly, such concerns are among national security issues  
that the Obama administration has inherited from the Bush  
administration, including the use of brutal interrogation tactics, the  
fate of the prison at Guantánamo Bay, Cuba, and whether to block the  
release of photographs and documents that show abuse of detainees.

In each case, the administration has had to navigate the politics of  
continuing an aggressive intelligence operation while placating  
supporters who want an end to what they see as flagrant abuses of the  
Bush era.

The N.S.A. declined to comment for this article. Wendy Morigi, a  
spokeswoman for Dennis C. Blair, the national intelligence director,  
said that because of the complex nature of surveillance and the need  
to adhere to the rules of the Foreign Intelligence Surveillance Court,  
the secret panel that oversees surveillance operation, and “other  
relevant laws and procedures, technical or inadvertent errors can  
occur.”

“When such errors are identified,” Ms. Morigi said, “they are reported  
to the appropriate officials, and corrective measures are taken.”

In April, the Obama administration said it had taken comprehensive  
steps to bring the security agency into compliance with the law after  
a periodic review turned up problems with “overcollection” of domestic  
communications. The Justice Department also said it had installed new  
safeguards.

Under the surveillance program, before the N.S.A. can target and  
monitor the e-mail messages or telephone calls of Americans suspected  
of having links to international terrorism, it must get permission  
from the Foreign Intelligence Surveillance Court. Supporters of the  
agency say that in using computers to sweep up millions of electronic  
messages, it is unavoidable that some innocent discussions of  
Americans will be examined. Intelligence operators are supposed to  
filter those out, but critics say the agency is not rigorous enough in  
doing so.

The N.S.A. is believed to have gone beyond legal boundaries designed  
to protect Americans in about 8 to 10 separate court orders issued by  
the Foreign Intelligence Surveillance Court, according to three  
intelligence officials who spoke anonymously because disclosing such  
information is illegal. Because each court order could single out  
hundreds or even thousands of phone numbers or e-mail addresses, the  
number of individual communications that were improperly collected  
could number in the millions, officials said. (It is not clear what  
portion of total court orders or communications that would represent.)

“Say you get an order to monitor a block of 1,000 e-mail addresses at  
a big corporation, and instead of just monitoring those, the N.S.A.  
also monitors another block of 1,000 e-mail addresses at that  
corporation,” one senior intelligence official said. “That is the kind  
of problem they had.”

Overcollection on that scale could lead to a significant number of  
privacy invasions of American citizens, officials acknowledge, setting  
off the concerns among lawmakers and on the secret FISA court.

“The court was not happy” when it learned of the overcollection, said  
an administration official involved in the matter.

Defenders of the agency say it faces daunting obstacles in trying to  
avoid the improper gathering or reading of Americans’ e-mail as part  
of counterterrorism efforts aimed at foreigners.

Several former intelligence officials said that e-mail traffic from  
all over the world often flows through Internet service providers  
based in the United States. And when the N.S.A. monitors a foreign e- 
mail address, it has no idea when the person using that address will  
send messages to someone inside the United States, the officials said.

The difficulty of distinguishing between e-mail messages involving  
foreigners from those involving Americans was “one of the main things  
that drove” the Bush administration to push for a more flexible law in  
2008, said Kenneth L. Wainstein, the homeland security adviser under  
President George W. Bush. That measure, which also resolved the long  
controversy over N.S.A.’s program of wiretapping without warrants by  
offering immunity to telecommunications companies, tacitly  
acknowledged that some amount of Americans’ e-mail would inevitably be  
captured by the N.S.A.

But even before that, the agency appears to have tolerated significant  
collection and examination of domestic e-mail messages without  
warrants, according to the former analyst, who spoke only on condition  
of anonymity.

He said he and other analysts were trained to use a secret database,  
code-named Pinwale, in 2005 that archived foreign and domestic e-mail  
messages. He said Pinwale allowed N.S.A. analysts to read large  
volumes of e-mail messages to and from Americans as long as they fell  
within certain limits — no more than 30 percent of any database  
search, he recalled being told — and Americans were not explicitly  
singled out in the searches.

The former analyst added that his instructors had warned against  
committing any abuses, telling his class that another analyst had been  
investigated because he had improperly accessed the personal e-mail of  
former President Bill Clinton.

Other intelligence officials confirmed the existence of the Pinwale e- 
mail database, but declined to provide further details.

The recent concerns about N.S.A.’s domestic e-mail collection follow  
years of unresolved legal and operational concerns within the  
government over the issue. Current and former officials now say that  
the tracing of vast amounts of American e-mail traffic was at the  
heart of a crisis in 2004 at the hospital bedside of John Ashcroft,  
then the attorney general, as top Justice Department aides staged a  
near revolt over what they viewed as possibly illegal aspects of the  
N.S.A.’s surveillance operations.

James Comey, then the deputy attorney general, and his aides were  
concerned about the collection of “meta-data” of American e-mail  
messages, which show broad patterns of e-mail traffic by identifying  
who is e-mailing whom, current and former officials say. Lawyers at  
the Justice Department believed that the tracing of e-mail messages  
appeared to violate federal law.

“The controversy was mostly about that issue,” said a former  
administration official involved in the dispute.