Documents released by the ACLU Wednesday reveal that the National Security Agency (NSA) improperly collected millions of phone call and text message records from Americans without authorization for the second time since 2015.
According to the NSA incident reports obtained through a Freedom of Information Act (FOIA) request, the agency over-collected communications data without the authorization of the United States Foreign Intelligence Surveillance Court (FISA), the court overseeing government surveillance.
Pursuant to UFA [USA Freedom Act], the FISC has authorized the targeted production to NSA of CDRs [call data records] pertaining to certain specific selection terms, and issued Secondary Orders to certain providers to compel the production of those CDRs. On or about October 12, 2018, NSA technical analysts examining the targeted production of CDRs observed an anomaly. Specifically, these analysts identified a larger than expected number of [records].
The report states that the unauthorized collection of data began on October 3, 2018, and continued until October 12, 2018. This was just months following the agency’s June 2018 public statement that it had begun deleting Americans’ communications records collected in November 2017 and February 2018 after “irregularities” in the process resulted in “the production to the NSA of some CDRs that NSA was not authorized to receive.” That statement concluded with the agency claiming that the “root cause of the problem” had been addressed for future CDR acquisitions.
“These documents further confirm that this surveillance program is beyond redemption and a privacy and civil liberties disaster,” said Patrick Toomey, staff attorney with the ACLU’s National Security Project in a statement Wednesday. “The NSA’s collection of Americans’ call records is too sweeping, the compliance problems too many, and evidence of the program’s value all but nonexistent. There is no justification for leaving this surveillance power in the NSA’s hands.”
The ACLU further claimed that the newly released records show that the NSA used records collected without authorization in February 2018 in seeking surveillance approval from a FISA court.
The CDR collection is part of the agency’s counterterrorism program authorized under Section 215 of the Patriot Act, which allows the NSA to collect records from U.S. phone companies showing the identity of callers’ identities as well as dates, times, and durations of calls. The provision is set to expire in December.
An NSA spokesperson in January said that the agency was “carefully evaluating all aspects” of the surveillance program and its future.
Although it has not been officially confirmed, people familiar with the matter told the Washington Post that the NSA is planning to shut down the surveillance program due to repeated unauthorized data collections.
[image via Youtube screengrab]