WASHINGTON — The National Security Agency declassified three secret court opinions Wednesday showing how in one of its surveillance programs it scooped up as many as 56,000 emails and other communications by Americans not connected to terrorism annually over three years, revealed the error to the court — which ruled its actions unconstitutional — and then fixed the problem.
Director of National Intelligence James Clapper authorized the release, part of which Obama administration officials acknowledged Wednesday was prodded by a 2011 lawsuit filed by an Internet civil liberties activist group.
The court opinions show that when the NSA reported its inadvertent gathering of American-based Internet traffic to the court in September 2011, the Foreign Intelligence Surveillance Court ordered the agency to find ways to limit what it collects and how long it keeps it.
In an 85-page declassified FISA court ruling from October 2011, U.S. District Judge James D. Bates rebuked government lawyers for repeatedly misrepresenting the operations of the NSA’s surveillance programs.
“This court is troubled that the government’s revelations regarding NSA’s acquisition of Internet transactions mark the third instance in less than three years in which the government has disclosed a substantial misrepresentation regarding the scope of a major collection program,” Bates wrote in a footnoted passage that had portions heavily blacked out in the government’s disclosure.
The NSA had moved to revise its Internet surveillance in an effort to separate out domestic data from its foreign targeted metadata — which includes email addresses and subject lines. But in his October 2011 ruling, Bates ruled that the government’s “upstream” collection of data — taken from internal U.S. data sources — was unconstitutional.
Three senior U.S. intelligence officials said Wednesday that national security officials realized the extent of the NSA’s inadvertent collection of Americans’ data from fiber optic cables in September 2011. One of the officials said the problem became apparent during internal discussions between NSA and Justice Department officials about the program’s technical operation.
“They were having a discussion and a light bulb went on,” the official said.
The problem, according to the officials, was that the top secret Internet-sweeping operation, which was targeting metadata contained in the emails of foreign users, was also amassing thousands of emails that were bundled up with the targeted materials. Because many web mail services use such bundled transmissions, the official said, it was impossible to collect the targeted materials without also sweeping up data from innocent domestic U.S. users.
The officials did not explain why they did not prepare for that possibility when the surveillance program was created and why they discovered it only after the program was well underway.
Officials said that when they realized they had an American communication, the communication was destroyed. But it was not clear how they determined to whom an email belonged and whether any NSA analyst had actually read the content of the email. The officials said the bulk of the information was never accessed or analyzed.
As soon as the extent of the problem became clear, the officials said, the Obama administration provided classified briefings to both Senate and House intelligence committees within days. At the same time, officials also informed the FISA court, which later issued the three 2011 rulings released Wednesday — with redactions — as part of the government’s latest disclosure of documents.
The officials briefed reporters on condition of anonymity because they were not authorized to describe the program publicly.
The documents were declassified to help the Obama administration explain some of the most recent disclosures made by The Washington Post after it published classified documents provided by former NSA systems analyst Edward Snowden.
One of the intelligence officials briefing reporters said the newly declassified documents should help explain “the reasons why people shouldn’t go into a panic over articles they read in the press.”
But the FISA court’s classified rulings have also been at issue in a year-old lawsuit filed against the government by the Electronic Frontier Foundation, an Internet civil liberties activist organization. In a decision in June, the FISA court ruled that its authority did not prevent the release of the earlier 2011 opinion.
A senior administration official acknowledged Wednesday that some of the documents released were in response to the lawsuit, while others were released voluntarily. The official insisted on anonymity because he was not authorized to discuss the release with a reporter by name.
The release Wednesday of the FISA opinion, two other 2011 rulings and a secret “white paper” on the NSA’s surveillance came less than two weeks after a federal judge in Washington gave government lawyers a time extension in order to decide which materials to declassify. The EFF had been pressing for a summary judgment that would have compelled the government to release the secret FISA rulings, and the government’s most recent extension expired Wednesday, the day it released the once-secret FISA court rulings.
“This was all released in response to the court’s orders,” said Mark Rumold, an EFF attorney involved in the litigation.
The documents were posted later in the day on a new website that went live Wednesday afternoon. The front page of the site said it was “created at the direction of the president of the United States (and) provides immediate, ongoing and direct access to factual information related to the lawful foreign surveillance activities carried out by the U.S. intelligence community.”
The site is hosted by the private Internet site Tumblr, a trendy blogging service which is particularly popular among teenagers and young adults.
While the NSA is allowed to keep the metadata — the address or phone number and the duration, but not the content, of the communication — of Americans for up to five years, the court ruled that when it gathered up such large packets of information, they included actual emails between American citizens, in violation of the Fourth Amendment.
Bates wrote that the NSA had advised the court that “the volume and nature of the information it had been collecting is fundamentally different than what the court had been led to believe,” and went on to say the court must consider “whether targeting and minimization procedures comport with the Fourth Amendment.”
For instance, two of the senior intelligence officials said, when an American logged into an email server and looked at the emails in his or her inbox, that screen shot of the emails could be collected, together with Internet transactions by a terrorist suspect being targeted by the NSA — because that suspect’s communications were being sent on the same fiber optic cable by the same Internet provider, in a bundled packet of data.
These interceptions of innocent Americans’ communications were happening when the NSA accessed Internet information “upstream,” meaning off of fiber optic cables or other channels where Internet traffic traverses the U.S. telecommunications system.
The NSA disclosed that it gathers some 250 million internet communications each year, with some 9 percent from these “upstream” channels, amounting to between 20 million to 25 million emails a year. The agency used statistical analysis to estimate that of those, possibly as many as 56,000 Internet communications collected were sent by Americans or persons in the U.S. with no connection to terrorism.
Under court order, the NSA resolved the problem by creating new ways to detect when emails by people within the U.S. were being intercepted, and separated those batches of communications. It also developed new ways to limit how that data could be accessed or used. The agency also agreed to only keep these bundled communications for possible later analysis for a two-year period, instead of the usual five-year retention period.
The agency also, under court order, destroyed all the bundled data gathered between 2008, when the FISA Court first authorized the collection under section 702 of the USA Patriot Act, and 2011 when the new procedures were put in place.
The court signed off on the new procedures.
White House spokesman Josh Earnest said the White House still contends there is no domestic surveillance program. He said the program is specifically to gather foreign intelligence.
“The reason that we’re talking about it right now is because there are very strict compliance standards in place at the NSA that monitor for compliance issues, that tabulate them, that document them and that put in place measures to correct them when they occur,” Earnest said.
The disclosures were greeted with cautious optimism by Democratic Sen. Mark Udall of Colorado, who has sponsored legislation to curb some of the NSA’s surveillance and serves on the Senate Intelligence Committee.
“I am glad the NSA is taking this step at owning its mistakes, but it is also a sign that we can and must do more to protect innocent Americans with no connection to terrorism from being monitored by our government — whether intentionally or not,” Udall said Wednesday. “I will keep fighting to ensure that the NSA is not violating Americans’ privacy rights.”
Documents available at: http://icontherecord.tumblr.com
Associated Press writers Julie Pace, Josh Lederman, Richard Lardner and Eileen Sullivan contributed to this report.