Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

NSA's domestic metadata collection going unused, could be ended permanently

An NSA data center in Utah.

Last updated

The U.S. National Security Agency has allegedly left its metadata collection system — first exposed by Edward Snowden in 2013 — unused for months, and it could vanish completely in the near future.

The NSA "hasn't actually been using it for the past six months," said Luke Murry, an adviser for Republican Rep. Kevin McCarthy of California, the House minority leader. Murry's comments were made during an episode of the podcast "Lawfare," noticed by the New York Times.

"I'm actually not certain that the [Trump] administration will want to start that back up," he added.

Initiated under President George W. Bush in 2001, the program collected phone and text messaging logs from carriers en masse, nominally with the goal of identifying links to terrorism suspects. At first companies like AT&T voluntarily complied with an order by Bush, but by 2006 the Foreign Intelligence Surveillance Court began issuing secret orders making that data mandatory under an interpretation of the Patriot Act. One of those orders, sent to Verizon, was the first of many documents exposed by Snowden and The Guardian.

Snowden and others attacked the program as a potential tool of mass surveillance, and possibly even more damaging than analyzing the actual contents of messages, since metadata can be collated to identify a person's location and habits. Pressure mounted until the Obama administration helped usher in a scaled-back version of the program under the 2015 Freedom Act.

The modified program kept records in the hands of carriers, though the logs of suspects and their contacts could be rapidly retrieved with a court order. The NSA's internal records dropped dramatically — as recently as 2017 however, it had 534 million records and just 40 targets.

In 2018 the NSA claimed it deleted its entire database of records created since the Freedom Act system launched, a way of coping with glitches that caused carriers to send logs with both accurate and inaccurate information. That resulted in the NSA collecting data from people unconnected to targets, and it supposedly decided it would be easier to wipe records entirely rather than scrub the people it didn't have authority to monitor.

The Freedom Act is due to expire at the end of 2019. If the NSA's system remains unused, the Trump administration may have no incentive to push for renewal, especially since even the pre-2015 program never prevented an attack.

Apple CEO Tim Cook quickly became involved after Snowden's revelations, meeting with President Obama and putting pressure on Congress. The company eventually began disclosing government data requests, if only in the vague manner allowed by U.S. law.

Less is known about the state of PRISM, an NSA program collecting data from internet-based tech companies. Apple became a participant in 2012, but following the Snowden leaks it insisted that it had "never heard of PRISM" and didn't "provide any government agency with direct access to our servers," despite that sort of access being mentioned in NSA briefing documents.



24 Comments

🍪
GeorgeBMac 8 Years · 11421 comments


Initiated under President George W. Bush in 2001, the program collected phone and text messaging logs from carriers en masse, nominally with the goal of identifying links to terrorism suspects. At first companies like AT&T voluntarily complied with an order by Bush, but by 2006 the Foreign Intelligence Surveillance Court began issuing secret orders making that data mandatory under an interpretation of the Patriot Act. One of those orders, sent to Verizon, was the first of many documents exposed by Snowden and The Guardian.

Snowden and others attacked the program as a potential tool of mass surveillance, and possibly even more damaging than analyzing the actual contents of messages, since metadata can be collated to identify a person's location and habits.

Interestingly, as additional (actual) facts become known, the administration is shifting its Huawei story to say that somewhere in the future the Chinese government could do exactly what the U.S. government has been doing:  Ordering private corporations to spy on people.

Huawei's suggestion that standardized, international guidelines on spying be established starts to make more and more sense.

foregoneconclusion 12 Years · 2857 comments

Snowden didn't actually expose anything of significance. The Supreme Court had already ruled in the '70s that landline metadata could be lawfully collected en masse with a court order, and the only Constitutional issue with the landline metadata collected under Bush and Obama was whether or not government servers could be used to store the data, not whether they had the right to get a court order to collect it. Snowden also incorrectly claimed that the government was mass collecting cell phone metadata. The biggest Constitutional issue by far regarding the Patriot Act and phones was warrantless wiretapping, which was publicly known to be happening long before Snowden.

🎅
foregoneconclusion 12 Years · 2857 comments

GeorgeBMac said:  Interestingly, as additional (actual) facts become known, the administration is shifting its Huawei story to say that somewhere in the future the Chinese government could do exactly what the U.S. government has been doing:  Ordering private corporations to spy on people.

That interpretation of what the FISA court was doing is not correct. Verizon and other companies would receive court orders to supply data, not spy on people. They had the right to hand the orders to their corporate lawyers and object to data requests that they thought were outside the boundaries of the court order. 

🎄
rob53 13 Years · 3316 comments

Looks like a perfect site for a new Apple iCloud server facility. Maybe Apple can get it at a government auction for cheap! I'm sure it would already have all the network security features Apple would need. All they'd have to do is put in their own servers, first sweeping the entire facility for bugs ....

seanismorris 8 Years · 1624 comments

I have shiny aluminum hat, so I’m going to say that it’s not going unused, but that it’s undergoing “testing”.

If it’s being “used” there’s a bunch of paperwork involved and things that require “approval”.  The end result is that the usage shows up to congress.

But, if you’re just “testing” the system it’s “unused” but oddly useful to the NSA... with no red tape.

I’m sure somewhere that it’s continuation will be attached to some meanless bill (that no one reads) and the program will continue “just in case” after all it could be useful in the future.  Additionally, most of the program is sunk costs...  So, why not?