According to documents released by the Director of National Intelligence, the NSA's collection and processing of location data from Americans' cell phone records appears not to have included prior legal approval from the Foreign Intelligence Surveillance Court. That's particularly problematic given the uncertain constitutional domain in which location tracking exists.
The location data was acquired by the NSA as part of its regular, constant ongoing collection of metadata on Americans' phone calls. When you place a phone call with a cell phone, your service provider receives information about the cell tower used to make the connection. Almost always, multiple towers receive that signal, allowing for accurate triangulation of a user's location. (It is not clear if this was the sort of calculation conducted by the NSA to provide a CIA drone with location data on a target in Pakistan.)
As had been suspected for some time, the NSA earlier this month admitted that it had run test analysis of that location data. The data used in the test was eventually destroyed and the testing reportedly discontinued.
But according to a memo created by the NSA for the Senate Select Committee on Intelligence in 2011, the agency didn't seek the permission of the Foreign Intelligence Surveillance Court, the body tasked with providing legal authority for NSA surveillance, before conducting those tests. The relevant section of the memo is below, with highlighting added.
In other words, the Department of Justice told the Court that NSA was going to analyze the data, instead of getting the FISC's approval first. That is problematic. When The New York Times reported on the previous location tests earlier this month, it noted that Director of National Intelligence James Clapper (whose office released the documents on Monday) assured a congressional committee that it would seek the FISC's approval if the NSA chose to track such information in the future.
There's good reason for that: the constitutionality of tracking location information — unlike collecting other metadata on calls — isn't certain. Some jurisdictions have allowed that data collection under the Fourth Amendment, but, as The Times noted, in a 2012 decision, "five [Supreme Court] justices suggested that any long-term, automated collection of a person’s publicly displayed actions might raise Fourth Amendment issues." The stipulation presented to the Senate committee suggests that the Department of Justice decided the tests were allowed because the data had been acquired under the phone records collection. That's precisely the issue over which the Court has expressed uncertainty.
Mark Rumold, staff attorney for the Electronic Frontier Foundation, was blunt in the privacy organization's assessment of the report.
What I find particularly startling is that neither NSA nor DOJ thought it was important to alert the FISC before collecting cell site location information. That's either evidence of a complete disregard for the FISC or a complete disregard for the sensitivity of the information they were collecting — and it's probably evidence of both.
Photo: Clapper. (AP)