Following the massive leak of surveillance data by whistleblower Edward Snowden in 2013, it was revealed that the US National Security Agency (NSA – its headquarters pictured above) had been collecting e-mail metadata as part of a program it claimed ended in 2011. However, a lawsuit filed by the New York Times has revealed that the NSA effectively continued the program from 2011 onwards, just under a different rules, and under less scrutiny from the Foreign Intelligence Surveillance Court (FISC) than the previous iteration.
The New York Times filed a Freedom of Information Act lawsuit against the NSA – the newspaper is one of the greatest proponents of the FOIA, and has used it to investigate the treatment of Guantanamo Bay detainees and the secret interpretation of the Patriot Act – through which it obtained records that the NSA ended its e-mail records program, which was authorised under the Pen Register and Trap and Trace (PRTT) provision, as “other authorities can satisfy certain foreign intelligence requirements” that its own system “had been designed to meet.”
The new method allowed the NSA to bypass much of the oversight it was under by FISC, which included the following rules:
“The databases could be queried using an identifier such as an email address only when an analyst had a reasonable and articulable suspicion that the email address was associated with certain specified foreign terrorist organizations that were the subject of FBI counterterrorism investigations. The basis for that suspicion had to be documented in writing and approved by a limited number of designated approving officials identified in the Court’s Order. Moreover, if an identifier was reasonably believed to be used by a United States person, NSA’s Office of General Counsel would also review the determination to ensure that the suspected association was not based solely on First Amendment-protected activities.”
The two new methods that the NSA exploited to continue collecting e-mail metadata without the above oversight were:
- Obtaining data collected by foreign intelligence agencies, such as the UK’s GCHQ, and;
- Using the Foreign Intelligence Surveillance Act Amendments of 2008 to collect the metadata of non-citizens of home soil without a warrant, which included e-mails sent to and from US citizens.
The NSA and Office of the Director of National Intelligence did not respond to the New York Times’ request for comment on these revelations.