NSA gathered thousands of Americans' emails, FISA court records show
Updated 4:50 p.m. ET
WASHINGTON
Amid growing public criticism, the National Security Agency declassified three secret U.S. court opinions Wednesday showing how it scooped up as many as 56,000 emails and other communications by Americans with no connection to terrorism annually over three years, how it revealed the error to the court and changed how it gathered Internet communications.
Director of National Intelligence James Clapper authorized the release Wednesday.
The opinions show that when the NSA reported that to the court in 2011, the court ordered the NSA to find ways to limit what it collects and how long it keeps it.
The NSA reported the problems it discovered in how it was gathering Internet communications to the court and shortly thereafter to Congress in the fall of 2011.
Three senior U.S. intelligence officials said Wednesday that the NSA realized that when it was gathering up bundled Internet communications from fiber optic cables, with the cooperation of telecommunications providers like AT&T, that it was often collecting thousands of emails or other Internet transactions by Americans who had no connection to the intended terror target being tracked.
The officials briefed reporters on condition of anonymity because they were not authorized to describe the program publicly.
- NSA breaches will prompt more legislation, congressmen say
- NSA abuses contradict Obama and congressional claims of oversight
- Report: NSA spying broke privacy rules numerous times
While the NSA is allowed to keep the metadata the address or phone number and the duration, but not the content, of the communication of Americans for up to five years, the court ruled that when it gathered up such large packets of information, they included actual emails between American citizens, it violated the Constitution's ban against unauthorized search and seizure.
In the opinion by the Foreign Intelligence Surveillance Court (FISA court) denouncing the practice, the judge wrote that the NSA had advised the court that "the volume and nature of the information it had been collecting is fundamentally different than what the court had been led to believe," and went on to say the court must consider "whether targeting and minimization procedures comport with the 4th Amendment."
For instance, two senior intelligence officials said, when an American logged into an email server and looked at the emails in his or her inbox, that screen shot of the emails could be collected, together with Internet transactions by a terrorist suspect being targeted by the NSA because that suspect's communications were being sent on the same fiber optic cable by the same Internet provider, in a bundled packet of data.
These interceptions of innocent Americans' communications were happening when the NSA accessed Internet information "upstream," meaning off of fiber optic cables or other channels where Internet traffic traverses the U.S. telecommunications system.
The NSA disclosed that it gathers some 250 million internet communications each year, with some 9 percent from these "upstream" channels, amounting to between 20 million to 25 million emails a year. The agency used statistical analysis to estimate that of those, possibly as many as 56,000 Internet communications collected were sent by Americans or persons in the U.S. with no connection to terrorism.
Under court order, the NSA resolved the problem by creating new ways to detect when emails by people within the U.S. were being intercepted, and separated those batches of communications. It also developed new ways to limit how that data could be accessed or used. The agency also agreed to only keep these bundled communications for possible later analysis for a 2-year period, instead of the usual 5-year retention period.
The agency also, under court order, destroyed all the bundled data gathered between 2008, when the FISA Court first authorized the collection under section 702 of the Patriot Act, until 2011 when the new procedures were put in place.
The newly released court opinions revealed the court signed off on the new procedures, deeming them constitutionally acceptable.
White House spokesman Josh Earnest said the White House still contends there is no domestic surveillance program despite new revelations about the scope of U.S. emails and Internet communications that can get swept up by the NSA. He said the program is specifically to gather foreign intelligence, adding that the fact that the extent of incidental American surveillance has been documented is proof positive that accountability measures are working properly.
"The reason that we're talking about it right now is because there are very strict compliance standards in place at the NSA that monitor for compliance issues, that tabulate them, that document them and that put in place measures to correct them when they occur," Earnest said.
The NSA and the FISA court have come under increasing criticism since former NSA contractor Edward Snowden leaked details of how they operate to the press earlier this year.
According to a Wall Street Journal report on Tuesday, the NSA has built a surveillance network that covers considerably more U.S. Internet communication than intelligence officials have previously disclosed publicly. The system, built by Boeing, Cisco, and Juniper Networks, draws information from telecommunications carriers that cover approximately 75 percent of all U.S. Internet traffic.
The surveillance network is designed to seek out communications that originate or end overseas or take place entirely on foreign soil, but pass through the U.S.
CBS News senior correspondent John Miller, a former deputy director of National Intelligence, explained Wednesday that the report reveals the "capability" but not the breadth of the "100-page rulebook that goes with how to use that capability."
Moreover, according to Miller, the data culled from that 75 percent of Internet communications, is so vast that the NSA is "not even putting a dent" in terms of sifting through the data, but rather collecting it so they have a record of communication and enough data to cross-check against.