Government assumes a lot when targeting persons overseas for surveillance

Rick Moran
The Washington Post has a companion story to the Guardian's revelations about FISA secret warrants that reveals additional details of just how much discretion is allowed by the FISA court when the US targets someone for surveillance:

It issues a certificate, good for one year, that allows the NSA to order a U.S. Internet or phone company to turn over over e-mails, phone calls and other communications related to a series of foreign targets, none of which the court approved individually.

"What's most striking about the targeting procedures is the discretion they confer on the NSA," said Elizabeth Goitein, co-director of the Brennan Center for Justice's Liberty and National Security program.

In figuring out whether a target is "reasonably believed" to be located overseas, for example, the agency looks at the "totality of the circumstances" relating to a person's location. In the absence of that specific information, "a person reasonably believed to be located outside the United States or whose location is not known will be presumed to be a non-United States person," according to rules on the targeting of suspects.

What's reasonable? And why the presumption that the target is located outside the US? We're hoping they have some "reasonable" method to get an idea where a target might be located, but given the broad way in which these warrants are drawn, why should they bother?

"When NSA proposes to direct surveillance at a target, it does so because NSA has already learned something about the target," according to the targeting rules. Often, that lead comes from the CIA or a law enforcement agency.

The NSA uses whatever details are contained in that lead to make an initial assessment of whether it is being asked to eavesdrop on an overseas target. But the agency then takes other steps depending on the circumstances, such as scanning databases "to which NSA has access but did not originate" for clues about location.

To prevent U.S. citizens and legal residents from being targeted, NSA keeps a database of phone numbers and e-mail addresses associated with people thought to be living in the country. New requests are compared to records on the list. Matches are signals to put the surveillance on hold.

It can't be stressed enough that regardless of how stringent these safeguards sound, Snowden claims that there are technical work arounds that analysts use routinely and that policy is honored in the breach. What happens if an analyst is caught disobeying the policy? Has it ever happened? What was their punishment?

Administration officials say the surveillance program does not target Americans anywhere without a warrant. Still, said Gregory Nojeim, senior counsel for the Center for Democracy and Technology, "there's a lot of leeway to use 'inadvertently' acquired domestic communications," for instance, for criminal inquiries.

And the rules show that the communications of lawyers and their clients may be retained if they contain foreign intelligence information, although dissemination must be approved by the NSA general counsel.

I'm not at all convinced of the value of PRISM. It appears to be set up to make it easier for the NSA to identify and track terrorists - at the expense of our privacy. Closing the many loopholes in surveillance programs will no doubt make it harder for the NSA to do their job. So be it. Better that than "inadvertent" collections of our communications.


The Washington Post has a companion story to the Guardian's revelations about FISA secret warrants that reveals additional details of just how much discretion is allowed by the FISA court when the US targets someone for surveillance:

It issues a certificate, good for one year, that allows the NSA to order a U.S. Internet or phone company to turn over over e-mails, phone calls and other communications related to a series of foreign targets, none of which the court approved individually.

"What's most striking about the targeting procedures is the discretion they confer on the NSA," said Elizabeth Goitein, co-director of the Brennan Center for Justice's Liberty and National Security program.

In figuring out whether a target is "reasonably believed" to be located overseas, for example, the agency looks at the "totality of the circumstances" relating to a person's location. In the absence of that specific information, "a person reasonably believed to be located outside the United States or whose location is not known will be presumed to be a non-United States person," according to rules on the targeting of suspects.

What's reasonable? And why the presumption that the target is located outside the US? We're hoping they have some "reasonable" method to get an idea where a target might be located, but given the broad way in which these warrants are drawn, why should they bother?

"When NSA proposes to direct surveillance at a target, it does so because NSA has already learned something about the target," according to the targeting rules. Often, that lead comes from the CIA or a law enforcement agency.

The NSA uses whatever details are contained in that lead to make an initial assessment of whether it is being asked to eavesdrop on an overseas target. But the agency then takes other steps depending on the circumstances, such as scanning databases "to which NSA has access but did not originate" for clues about location.

To prevent U.S. citizens and legal residents from being targeted, NSA keeps a database of phone numbers and e-mail addresses associated with people thought to be living in the country. New requests are compared to records on the list. Matches are signals to put the surveillance on hold.

It can't be stressed enough that regardless of how stringent these safeguards sound, Snowden claims that there are technical work arounds that analysts use routinely and that policy is honored in the breach. What happens if an analyst is caught disobeying the policy? Has it ever happened? What was their punishment?

Administration officials say the surveillance program does not target Americans anywhere without a warrant. Still, said Gregory Nojeim, senior counsel for the Center for Democracy and Technology, "there's a lot of leeway to use 'inadvertently' acquired domestic communications," for instance, for criminal inquiries.

And the rules show that the communications of lawyers and their clients may be retained if they contain foreign intelligence information, although dissemination must be approved by the NSA general counsel.

I'm not at all convinced of the value of PRISM. It appears to be set up to make it easier for the NSA to identify and track terrorists - at the expense of our privacy. Closing the many loopholes in surveillance programs will no doubt make it harder for the NSA to do their job. So be it. Better that than "inadvertent" collections of our communications.