What Could Still Be Secret in the NSA Wiretapping Story?

Submitted by Bill Lucas on Thu, 01/05/2006 - 08:00

The Bush administration has repeated many times since the New York Times exposed the warrantless wiretapping program run by the National Security Agency (NSA) that any discussion of it, whether by members of Congress or the media, or release of documents related it would weaken the security of the United States by giving the enemy intelligence on what the NSA is doing.

So how might an enemy gain from such a discussion?  One would have to expect that a reasonably talented enemy would have taken the administration's own comments and assumed that the program information released thus far is incomplete and does not describe the full breadth of the program.  They would have to assume that other unpublicized aspects of the program make communications even less private and secure than they thought.

What do we think we know about it so far?  It has been reported that the program targets phone calls, e-mails and other transmissions made between persons in the United States and international counterparties.  Further, the administration said that to be subject to warrantless wiretapping, the person or device tracked will have showed up in connection with another person or device already under surveillance for terrorist activities.  Also, the number of citizens potentially wiretapped at any one time is purportedly not more than 500.

That these aspects of the program could exist is not much of a stretch of the imagination when one considers that the existence and objective of the NSA has been confirmed for more than 30 years.  Any foreigner with a brain and an intent to electronically transmit information damaging to the security of the United States would have had to assume that the NSA would try to detect, transcribe and forward such a transmission to another security agency or department.  Additionally, any US citizen could know that the twenty-year-old Foreign Intelligence Surveillance Act (FISA) allowed the government to secretly wiretap them if evidence surfaced and was presented to a secret US court.  (Note that the existence of the court was not a secret; merely its proceedings and judges were kept secret.  Perhaps this confusion is what irked President Bush so much about public discussion of the program - maybe he thought that the existence of FISA and the court were not public knowledge because the word "secret" was used.)

We also now know that the administrative step of presenting evidence to the FISA court is no longer required to initiate wiretapping without our knowledge.  But if we are the enemy, we have gained nothing, because whether or not the FISA court knew of the surveillance, we could not have known.  (Does the Bush administration believe that there are traitors on the FISA court?)

If there is a loss of security in publicly discussing the details of the NSA warrantless wiretapping program, it must then come from aspects of the program which have not been made public.  So what might this program really entail?  What aspects of a wiretapping program, if they were made public, would truly cause enemies to change their behavior and diminish the US's ability to track their activities?  The suspicions about the program can be broken out into different categories:  Who?  What?  How?  and Where?

WHO is being wiretapped?  The administration's position is that only people or devices that have a connection to known or suspected terrorists are subject to wiretapping.  This was already public and any enemy would have to have figured this to be the case even before the NSA program was made public.  So in order for further public discussion of this aspect of the program to degrade our security, the list of potential targets would have to be larger.   

What criteria could the NSA use to develop a larger list of wiretapping targets?  How about anyone who ever visited, called or e-mailed a counterparty in the Middle East and south Asia?  That should cover most of the terrorists who might attack us.  But terrorists are also active in Europe, Africa, Asia and South America.  How about targeting anyone who ever communicated with any person or device from another country?  (Remember, we are looking for a list which, if it were made public, would give terrorists additional intelligence.)  Then again, why limit it to people who have communicated overseas?  A reasonable assumption might be that the NSA would like to target all communications by any person in the US who has traveled to another country or has communicated with any person or device from another country.

That will be a huge list, but we also know that the NSA has huge computers.  Part of the NSA mission from its inception has been code-breaking.  That requires the use of massive computing capacity.  They only need a team of programmers to turn some of these computers from code-breakers into communication monitors.  So while it is conjecture whom the NSA MIGHT be targeting for surveillance, it is not conjecture that massive surveillance is within their capabilities.

WHAT communications would the NSA seek to intercept from that list of targets?  Electronic communication involves many formats:  fixed-line phone, cell phone, internet phone, satellite phone, e-mail, internet chat rooms, instant messaging, text messaging,  and amateur radio among them.  Since there is little way for the NSA to know beforehand which phone calls or e-mails from their list of targets might contain sensitive intelligence, one way to be sure is to intercept all of them.  An article in the New York Times on 13 April 2006 ("Documents Show Link Between AT&T and Agency in Eavesdropping Case") strongly suggests that the infrastructure already put in place to monitor targeted traffic could be modified to monitor ALL traffic, purely domestic traffic included, with a "trivial" programming change.

If computing capacity were an issue, another way could be to randomly intercept a significant fraction of all transmissions.  Statistical concepts would predict that "hits" attained within the sample could be pursued to find other suspect transmission among the non-sampled population.

Several of the communication formats listed above have the capability of being encrypted.  It's a well-known story (if partly urban legend) that when it was publicly revealed that the US had monitored the satellite phone transmissions of Osama bin Laden, those transmissions stopped immediately.  It's also well-known that on 12 September 2001 Sen. Orrin Hatch publicly revealed intelligence gathered from monitored communications to suspected al Qaeda operatives marking the 9/11 operation's success.  A careful terrorist would be aware of these stories and would assume that the US might be monitoring transmissions, and so would attempt to encrypt sensitive transmissions.  For a wiretapping program to be successful against such an enemy, it would have to have the capability of quickly cracking the most widely used encryption schemes.  That's all that needs to be said on that subject.

HOW are these communications being wiretapped?  The 13 April 2006 New York Times article presents all that is necessary to believe that the monitoring infrastructure is in place and running at major switching points in the US.   

The problem is how to handle the massive amount of data such a program would generate.  Artificial intelligence algorithms can do a lot to identify suspect transmissions and refine the criteria for finding similar items, but eventually it gets down to humans to process the filtered results and identify high-value targets.  Human intelligence (here referring to the mental capacity kind, not the spies-on-the-ground kind) is a precious commodity.  One would have to assume that whatever individuals working on this program are overwhelmed.  At best they're investigating only a fraction of dangerous communications before the negative results of those communications become reality.

Where the captured data could be effectively used is in after-the-fact prosecution.  Simple database technologies could be used to find communications from the vast stores of copied transmissions.  Of course, none of the wiretapped domestic communications would be admissible in court unless either a) the FISA court had been presented beforehand with a request for permission to monitor that person or device, b) the law is changed to retroactively legalize all monitoring of communications under the program so far, or c) the administration or NSA "invents" knowledge a pre-existing connection from that person or device to a known or suspected target of the program.  Of course, with an ongoing program of detainment of "enemy combatants" at extra-jurisdictional facilities, who needs admissibility?

WHERE are these communications that are monitored?  Because other countries passed less restrictive surveillance laws after 9/11, or already had such laws in place beforehand, it's not unreasonable to assume that similar capability exists in other nations. What could REALLY upset the US administration and our allies, however, is if it were revealed that the NSA had the capability and a operating program to monitor communications completely outside the US without the knowledge of the intelligence services in the nations where the communications occurred.  Sure, no one would mind or be surprised if those countries included Afghanistan or Yemen, but what if they include France, Germany, Russia and Japan?

One question not discussed so far the WHY.  It's glaringly obvious that the righteous reason is to try to prevent loss of life.  It's not unreasonable to assume that the administrative constraints of the FISA court actually did impede the intelligence gathering efficiency needed to track terror suspects.  This is not to rationalize the administration's response to the constraints, but to recognize that after 9/11 there was likely a weakness observed.

But without the oversight built into the legal FISA approach in response to the Nixon administration's domestic spying, it's hard NOT to assume that purely political spying may be pursued, just as it was in the Nixon administration, by Defense Department, NSA or other intelligence agency appointees with security access to the program and its data.  With no independent oversight, who's to stop them?