A secret court order that authorised a massive trawl by the National Security Agency of Americans’ email and internet data was published for the first time on Monday night, among a trove of documents that also revealed a judge’s concern that the NSA “continuously” and “systematically” violated the limits placed on the program.
The order by the Fisa court, almost certainly its first ruling on the controversial program and published only in heavily redacted form, shows that it granted permisson for the trawl in part beacause of the type of devices used for the surveillance. Even the judge approving the spying called it a “novel use” of government authorities.
Another later court order found that what it called “systemic overcollection” had taken place.
Transparency lawsuits brought by civil liberties groups compelled the US spy agencies on Monday night to shed new light on the highly controversial program, whose discontinuation in 2011 for unclear reasons was first reported by the Guardian based on leaks by the former NSA contractor Edward Snowden.
In a heavily redacted opinion Colleen Kollar-Kotelly, the former presiding judge of the Fisa court, placed legal weight on the methods of surveillance employed by the NSA, which had never before collected the internet data of “an enormous volume of communications”.
The methods, known as pen registers and trap-and-trace devices, record the incoming and outgoing routing information of communications – traditionally phone calls made between individual users. Kollar-Kotelly ruled that acquiring the metadata, and not the content, of email and internet usage in bulk was harmonious with the “purpose” of Congress and prior court rulings – even though no surveillance statute ever authorized it and top officials at the justice department and the FBI threatened to resign in 2004 over what they considered its dubious legality.
“The court recognizes that, by concluding that these definitions do not restrict the use of pen registers or trap-and-trace devices to communication facilities associated with individual users, it is finding that these definitions encompass an exceptionally broad form of collection,” wrote Kollar-Kotelly in an opinion whose date is redacted.
The type of data collected under the program included information on the “to”, “from” and “bcc” lines of an email rather than the content. According to the government’s declaration to Kollar-Kotelly the NSA would keep the internet metadata “online” and available to analysts to search through for 18 months, after which it would be stored in an “‘offline’ tape system” available to relatively few officials. It would have to be destroyed four and a half years after initial collection.
Metadata, wrote Kollar-Kotelly, enjoyed no protection under the fourth amendment to the US constitution, a precedent established by the supreme court in 1979 in a single case on which the NSA relies currently.
Still, Kollar-Kotelly conceded that she was blessing “a novel use of statutory authorities for pen register/trap and trace surveillance”.
While at times Kollar-Kotelly appeared in her ruling to be hesitant about granting NSA broad authorities to collect Americans’ internet metadata, “deference”, she wrote, “should be given to the fully considered judgment of the executive branch in assessing and responding to national security threats and in determining the potential significance of intelligence-related information.”
The legal status of the internet metadata program was highly controversial. In March 2004 several justice department and FBI individuals threatened to resign – including James Comey, George W Bush’s deputy attorney general and now Barack Obama’s FBI director – if the Bush White House and NSA persisted in authorizing the program over their objections that the internet metadata bulk collection was insufficiently legally grounded.
An internal NSA draft history, first reported by the Guardian, noted that the program paused in March 2004, while the White House quelled the secret rebellion, but resumed in July after then NSA director Michael Hayden sought to reassure Kollar-Kotelly, who “signed the first” so-called Pen Register/Trap and Trace Order on 14 July 2004.
It is unclear if the order from Kollar-Kotelly released on Monday is her order of 14 July 2004 as the date is redacted.
A later opinion on the internet metadata program, by Kollar-Kotelly’s successor, John Bates, states that the “NSA exceeded the scope of authorized acquisition continuously” after Kollar-Kotelly’s initial approval.
Bates wrote that subsequent NSA reporting to the court revealed that “systemic overcollection” had taken place from almost the beginning of the program. “Virtually every” record generated by the program “included some data that had not been authorized for collection”. A footnote suggests that Kollar-Kotelly grew worried that the content of communications was collected at times despite her initial confidence that the collection methods of the pen registers and trap and trace devices could not permit that.
SCROLL TO CONTINUE WITH CONTENT