For the Civil Rights Litigation Clearinghouse collection of FISA matters, see our special collection
On November 18, 2013, the Director of National Intelligence authorized the declassification and public release of numerous orders approving the National Security Agency's ("NSA") so-called "Bulk Internet Metadata Program" under Section 402 of the Foreign Intelligence Surveillance Act of 1978 ("FISA"), commonly referred to as the Pen Register and Trap and Trace (PR/TT) provision, or Section 214 of the USA PATRIOT Act. Press release available here
. On August 11, 2014, the Director of National Intelligence authorized another declassification and public release of additional documents regarding the now-discontinued NSA Bulk Electronic Communications Metadata Program pursuant to Section 402 of FISA. Press release available here
Under the program, the NSA collected records from large telecommunication companies about electronic communications metadata. These records included the "to," "from," "cc," and "bcc" lines of an email and the email's time and date. The program did not authorize the collection of content of any electronic communications. Once collected, the records were stored for several years and were authorized to be queried, used, and disseminated only in accordance with "minimization rules" proposed by the government and approved by the Foreign Intelligence Surveillance Court ("FISC"). The most basic aspect of the minimization rules was that the metadata records were to be queried only when there was a reasonable suspicion, based on specific and articulated facts, that the identifier used as the basis for the query was associated with specified foreign terrorist organizations.
NSA collection of email metadata began in 2001, as part of the "President's Surveillance Program." Apparently the government took the position that internet metadata could be collected lawfully without court order because the NSA did not actually "acquire" communications until particular items were selected for review, after they showed up via query. But after Department of Justice lawyers raised objections to this theory, and accordingly to the program's legality, the Attorney General sought judicial ratification of the internet metadata program under the FISA pen/trap provisions, and the FISA Court blessed it in an order dated July 14, 2004. Except for a brief period in 2009, the FISC reauthorized the program approximately every 90 days until the Obama administration discontinued it in 2011. As of April 2014, only three FISC opinions and four FISC orders related to the internet metadata collections program have been released. All the opinions and orders have been significantly redacted. They nonetheless explain a good deal about how the program worked.
The volume of material collected was "enormous" from its beginning, as the first of these opinions explains. At the start, the government aimed "to build a meta data archive that will be, in relative terms, richly populated with [redacted] related communications." As the Court reported the government's initial intentions, "[s]ome proportion of these communications-less than half, but still a huge number in absolute terms-can be expected to be communications [redacted] who bear no relation to [redacted]." In 2009 or 2010, however, the government "in comparison with prior dockets, [sought] authority to acquire a much larger volume of metadata at a greatly expanded range of facilities." The growth in volume and scope included extending collection beyond the "streams of data with a relatively high concentration of Foreign Power communications" that had previously been the focus. Until the program ended, in 2011, the pen/trap bulk collection began to reach "electronic communications, the vast majority of which, viewed individually, are not relevant to the counterterrorism purpose of the collection, and many of which involve United States persons."
The FISC initially approved the internet metadata program in 2004 in an opinion by Judge Colleen Kollar-Kotelly under docket PR-TT [redacted], NS-DC-0028
in this Clearinghouse.
In 2004, the government first applied for authorization from the FISC for the installation and use of pen register and trap and trace devices for foreign intelligence purposes. The application
detailed what metadata would be collected and the manner in which it would be collected. In addition, the government included the declaration
of Michael V. Hayden, the NSA Director, as Attachment A. In the declaration, Hayden explained that the objective of the surveillance authority requested was to enable the NSA to discover information in terrorists' communications and to disseminate that information to the FBI and other elements of the United States Intelligence Community. With the application, the government also included a memorandum
of law and fact in support. The government explained why it believed email metadata collection was necessary in protecting against terrorism and the measures the government would take to protect the information collected. The Director of Central Intelligence George Tenet also submitted a declaration
. In his declaration, Tenet assessed the current, and possibly imminent, threats to U.S. national security posed by terrorists. He provided both factual and threat assessment support for the government's request.
On July 14, 2004, FISC Judge Colleen Kollar-Kotelly wrote an 87-page opinion
approving the government's application and initially authorizing the internet metadata program. (Although the government redacted this date in this order, the government gave the date as July 14, 2004, in a preliminary notice of potential compliance incident from sometime in 2009 and did not redact the date there. The date is given on page three of the notice
.) Judge Kollar-Kotelly noted that the application presented issues of first impression because it sought authority for a much broader type of collection than other pen register and trap and trace applications. Her opinion set out bases for the Court's finding that, first, the proposed collection constitutes a form of pen register and trap and trace surveillance that satisfied the statutory definitions of FISA, 50 U.S.C. §§ 1841-1846. Second, the Court concluded that the application included minimization procedures that satisfied the requirements of FISA, 50 U.S.C. § 1842. Third, the Court ruled that the installation and use of pen registers and trap and trace devices comply with the First and Fourth Amendments of the U.S. Constitution. In the concluding portion of the opinion, Judge Kollar-Kotelly ordered the NSA to abide by minimization procedures, including segregating data, limiting access to ten NSA administrators, querying performed on the basis of a reasonable, articulable suspicion that the person is associated with specified foreign terrorist organizations, and destruction of metadata within four and one-half years of initial collection. Subsequent applications to renew the authority for the program must include a report discussing new queries and changes to collection methods.
The July 14, 2004, primary order is the only document from this matter that has been publicly released. Although its date is redacted, we know that this first internet metadata order authorized collection beginning July 14, 2004. All such orders run for 90 days according to § 1842, so presumably, this order's authorization period expired October 12, 2004. As of January 4, 2015, the next eighteen PR/TT orders have not been declassified; the next one available is dated sometime in February 2009, and is in NS-DC-0063
, in this Clearinghouse.
The next matter with documents that have been publicly released relating to the Bulk Internet Metadata Program is NS-DC-0062
, in this Clearinghouse.Elizabeth Homan - 04/27/2014
Jessica Kincaid - 01/28/2015