WASHINGTON — Since 2010, the National Security Agency has been exploiting its huge collections of data to create sophisticated graphs of some Americans’ social connections that can identify their associates, their locations at certain times, their traveling companions and other personal information, according to newly disclosed documents and interviews with officials.
The spy agency began allowing the analysis of phone call and email logs in November 2010 to examine Americans’ networks of associations for foreign intelligence purposes after NSA officials lifted previous restrictions on the practice, according to documents provided by Edward J. Snowden, the former NSA contractor.
The policy shift was intended to help the agency “discover and track” connections between intelligence targets overseas and people in the United States, according to an NSA memorandum from January 2011. The agency was authorized to conduct “large-scale graph analysis on very large sets of communications metadata without having to check foreignness” of every email address, phone number or other identifier, the document said. Because of concerns about infringing on the privacy of U.S. citizens, the computer analysis of such data had previously been permitted only for foreigners.
The agency can augment the communications data with material from public, commercial and other sources, including bank codes, insurance information, Facebook profiles, passenger manifests, voter registration rolls and GPS location information, as well as property records and unspecified tax data, according to the documents. They do not indicate any restrictions on the use of such “enrichment” data, and several former senior Obama administration officials said the agency drew on it for both Americans and foreigners.
NSA officials declined to say how many Americans have been caught up in the effort, including people involved in no wrongdoing. The documents do not describe what has resulted from the scrutiny, which links phone numbers and emails in a “contact chain” tied directly or indirectly to a person or organization overseas that is of foreign intelligence interest.
The new disclosures add to the growing body of knowledge in recent months about the NSA’s access to and use of private information concerning Americans, prompting lawmakers in Washington to call for reining in the agency and President Barack Obama to order an examination of its surveillance policies. Almost everything about the agency’s operations is hidden, and the decision to revise the limits concerning Americans was made in secret, without review by the nation’s intelligence court or any public debate. As far back as 2006, a Justice Department memo warned of the potential for the “misuse” of such information without adequate safeguards.
An agency spokeswoman, asked about the analyses of Americans’ data, said, “All data queries must include a foreign intelligence justification, period.”
“All of NSA’s work has a foreign intelligence purpose,” the spokeswoman added. “Our activities are centered on counterterrorism, counterproliferation and cybersecurity.”
The legal underpinning of the policy change, she said, was a 1979 Supreme Court ruling that Americans could have no expectation of privacy about what numbers they had called. Based on that ruling, the Justice Department and the Pentagon decided that it was permissible to create contact chains using Americans’ “metadata,” which includes the timing, location and other details of calls and emails, but not their content. The agency is not required to seek warrants for the analyses from the Foreign Intelligence Surveillance Court.
NSA officials declined to identify which phone and email databases are used to create the social network diagrams, and the documents provided by Snowden do not specify them. The agency did say that the large database of Americans’ domestic phone call records, which was revealed by Snowden in June and caused bipartisan alarm in Washington, was excluded. (NSA officials have previously acknowledged that the agency has done limited analysis in that database, collected under provisions of the Patriot Act, exclusively for people who might be linked to terrorism suspects.)
But the agency has multiple collection programs and databases, the former officials said, adding that the social networking analyses relied on both domestic and international metadata. They spoke only on the condition of anonymity because the information was classified.
The concerns in the United States since Snowden’s revelations have largely focused on the scope of the agency’s collection of the private data of Americans and the potential for abuse.
The new documents provide a rare window into what the NSA actually does with the information it gathers.
A series of agency PowerPoint presentations and memos describe how the NSA has been able to develop software and other tools — one document cited a new generation of programs that “revolutionize” data collection and analysis — to unlock as many secrets about individuals as possible.
The spy agency, led by Gen. Keith B. Alexander, an unabashed advocate for more weapons in the hunt for information about the nation’s adversaries, clearly views its collections of metadata as one of its most powerful resources. NSA analysts can exploit that information to develop a portrait of an individual, one that is perhaps more complete and predictive of behavior than could be obtained by listening to phone conversations or reading emails, experts say.
Phone and email logs, for example, allow analysts to identify people’s friends and associates, detect where they were at a certain time, acquire clues to religious or political affiliations, and pick up sensitive information like regular calls to a psychiatrist’s office, late-night messages to an extramarital partner or exchanges with a fellow plotter.
“Metadata can be very revealing,” said Orin S. Kerr, a law professor at George Washington University. “Knowing things like the number someone just dialed or the location of the person’s cellphone is going to allow to assemble a picture of what someone is up to. It’s the digital equivalent of tailing a suspect.”
The NSA had been pushing for more than a decade to obtain the rule change allowing the analysis of Americans’ phone and email data. Intelligence officials had been frustrated that they had to stop when a contact chain hit a telephone number or email address believed to be used by an American, even though it might yield valuable intelligence primarily concerning a foreigner who was overseas, according to documents previously disclosed by Snowden. NSA officials also wanted to employ the agency’s advanced computer analysis tools to sift through its huge databases with much greater efficiency.
The agency had asked for the new power as early as 1999, the documents show, but had been initially rebuffed because it was not permitted under rules of the Foreign Intelligence Surveillance Court that were intended to protect the privacy of Americans.
A 2009 draft of an NSA inspector general’s report suggests that contact chaining and analysis may have been done on Americans’ communications data under the George W. Bush administration’s program of wiretapping without warrants, which began after the Sept. 11 attacks to detect terrorist activities and skirted the existing laws governing electronic surveillance.
In 2006, months after the wiretapping program was disclosed by The New York Times, the NSA’s acting general counsel wrote a letter to a senior Justice Department official, which was also leaked by Snowden, formally asking for permission to perform the analysis on U.S. phone and email data. A Justice Department memo to the attorney general noted that the “misuse” of such information “could raise serious concerns,” and said the NSA promised to impose safeguards, including regular audits, on the metadata program. In 2008, the Bush administration gave its approval.
A new policy that year, detailed in “Defense Supplemental Procedures Governing Communications Metadata Analysis,” authorized by Defense Secretary Robert M. Gates and Attorney General Michael B. Mukasey, said that because the Supreme Court had ruled that metadata was not constitutionally protected, NSA analysts could use such information “without regard to the nationality or location of the communicants,” according to an internal NSA description of the policy.
After that decision, which was previously reported by The Guardian, the NSA performed the social network graphing in a pilot project for 1 1/2 years “to great benefit,” according to the 2011 memo. It was put in place in November 2010 in “Sigint Management Directive 424” (sigint refers to signals intelligence).
In the 2011 memo explaining the shift, NSA analysts were told they could trace the contacts of Americans as long as they cited a foreign intelligence justification. That could include anything from ties to terrorism, weapons proliferation, international drug smuggling or espionage to conversations with a foreign diplomat or a political figure.
Analysts were warned to follow existing “minimization rules,” which prohibit the NSA from sharing with other agencies names and other details of Americans whose communications are collected, unless they are necessary to understand foreign intelligence reports or there is evidence of a crime. The agency is required to obtain a warrant from the intelligence court to target a “U.S. person” — a citizen or legal resident — for actual eavesdropping.
The NSA documents show that one of the main tools used for chaining phone numbers and email addresses has the code name Mainway. It is a repository into which vast amounts of data flow daily from the agency’s fiber-optic cables, corporate partners and foreign computer networks that have been hacked.
The documents show that significant amounts of information from the United States go into Mainway. An internal NSA bulletin, for example, noted that in 2011 Mainway was taking in 700 million phone records per day. In August 2011, it began receiving an additional 1.1 billion cellphone records daily from an unnamed American service provider under Section 702 of the 2008 FISA Amendments Act, which allows for the collection of the data of Americans if at least one end of the communication is believed to be foreign.
The overall volume of metadata collected by the NSA is reflected in the agency’s secret 2013 budget request to Congress. The budget document, disclosed by Snowden, shows that the agency is pouring money and manpower into creating a metadata repository capable of taking in 20 billion “record events” daily and making them available to NSA analysts within 60 minutes.
The spending includes support for the “Enterprise Knowledge System,” which has a $394 million multiyear budget and is designed to “rapidly discover and correlate complex relationships and patterns across diverse data sources on a massive scale,” according to a 2008 document. The data is automatically computed to speed queries and discover new targets for surveillance.
A top-secret document titled “Better Person Centric Analysis” describes how the agency looks for 94 “entity types,” including phone numbers, email addresses and IP addresses. In addition, the NSA correlates 164 “relationship types” to build social networks and what the agency calls “community of interest” profiles, using queries like “travelsWith, hasFather, sentForumMessage, employs.”
A 2009 PowerPoint presentation provided more examples of data sources available in the “enrichment” process, including location-based services like GPS and TomTom, online social networks, billing records and bank codes for transactions in the United States and overseas.
At a Senate Intelligence Committee hearing Thursday, Alexander was asked if the agency ever collected or planned to collect bulk records about Americans’ locations based on cellphone tower data. He replied that it was not doing so as part of the call log program authorized by the Patriot Act, but said a fuller response would be classified.
If the NSA does not immediately use the phone and email logging data of an American, it can be stored for later use, at least under certain circumstances, according to several documents.
One 2011 memo, for example, said that after a court ruling narrowed the scope of the agency’s collection, the data in question was “being buffered for possible ingest” later. A year earlier, an internal briefing paper from the NSA Office of Legal Counsel showed that the agency was allowed to collect and store raw traffic, which includes both metadata and content, about “U.S. persons” for up to five years online and for an additional 10 years offline for “historical searches.”James Risen reported from Washington and New York. Laura Poitras, a freelance journalist, reported from Berlin.