By JAMES RISEN and ERIC LICHTBLAU, The New York Times, June 16, 2009
WASHINGTON — The National Security Agency is facing renewed scrutiny over the extent of its domestic surveillance program, with critics in Congress saying its recent intercepts of the private telephone calls and e-mail messages of Americans are broader than previously acknowledged, current and former officials said.
The agency’s monitoring of domestic e-mail messages, in particular, has posed longstanding legal and logistical difficulties, the officials said.
Since April, when it was disclosed that the intercepts of some private communications of Americans went beyond legal limits in late 2008 and early 2009, several Congressional committees have been investigating. Those inquiries have led to concerns in Congress about the agency’s ability to collect and read domestic e-mail messages of Americans on a widespread basis, officials said. Supporting that conclusion is the account of a former N.S.A. analyst who, in a series of interviews, described being trained in 2005 for a program in which the agency routinely examined large volumes of Americans’ e-mail messages without court warrants. Two intelligence officials confirmed that the program was still in operation.
Both the former analyst’s account and the rising concern among some members of Congress about the N.S.A.’s recent operation are raising fresh questions about the spy agency.
Representative Rush Holt, Democrat of New Jersey and chairman of the House Select Intelligence Oversight Panel, has been investigating the incidents and said he had become increasingly troubled by the agency’s handling of domestic communications.
In an interview, Mr. Holt disputed assertions by Justice Department and national security officials that the overcollection was inadvertent.
“Some actions are so flagrant that they can’t be accidental,” Mr. Holt said.
Other Congressional officials raised similar concerns but would not agree to be quoted for the record.
Mr. Holt added that few lawmakers could challenge the agency’s statements because so few understood the technical complexities of its surveillance operations. “The people making the policy,” he said, “don’t understand the technicalities.”
The inquiries and analyst’s account underscore how e-mail messages, more so than telephone calls, have proved to be a particularly vexing problem for the agency because of technological difficulties in distinguishing between e-mail messages by foreigners and by Americans. A new law enacted by Congress last year gave the N.S.A. greater legal leeway to collect the private communications of Americans so long as it was done only as the incidental byproduct of investigating individuals “reasonably believed” to be overseas.
But after closed-door hearings by three Congressional panels, some lawmakers are asking what the tolerable limits are for such incidental collection and whether the privacy of Americans is being adequately protected.
“For the Hill, the issue is a sense of scale, about how much domestic e-mail collection is acceptable,” a former intelligence official said, speaking on condition of anonymity because N.S.A. operations are classified. “It’s a question of how many mistakes they can allow.”
While the extent of Congressional concerns about the N.S.A. has not been shared publicly, such concerns are among national security issues that the Obama administration has inherited from the Bush administration, including the use of brutal interrogation tactics, the fate of the prison at Guantánamo Bay, Cuba, and whether to block the release of photographs and documents that show abuse of detainees.
In each case, the administration has had to navigate the politics of continuing an aggressive intelligence operation while placating supporters who want an end to what they see as flagrant abuses of the Bush era.
The N.S.A. declined to comment for this article. Wendy Morigi, a spokeswoman for Dennis C. Blair, the national intelligence director, said that because of the complex nature of surveillance and the need to adhere to the rules of the Foreign Intelligence Surveillance Court, the secret panel that oversees surveillance operation, and “other relevant laws and procedures, technical or inadvertent errors can occur.”
“When such errors are identified,” Ms. Morigi said, “they are reported to the appropriate officials, and corrective measures are taken.”
In April, the Obama administration said it had taken comprehensive steps to bring the security agency into compliance with the law after a periodic review turned up problems with “overcollection” of domestic communications. The Justice Department also said it had installed new safeguards.
Skip to next paragraph
Under the surveillance program, before the N.S.A. can target and monitor the e-mail messages or telephone calls of Americans suspected of having links to international terrorism, it must get permission from the Foreign Intelligence Surveillance Court. Supporters of the agency say that in using computers to sweep up millions of electronic messages, it is unavoidable that some innocent discussions of Americans will be examined. Intelligence operators are supposed to filter those out, but critics say the agency is not rigorous enough in doing so.
The N.S.A. is believed to have gone beyond legal boundaries designed to protect Americans in about 8 to 10 separate court orders issued by the Foreign Intelligence Surveillance Court, according to three intelligence officials who spoke anonymously because disclosing such information is illegal. Because each court order could single out hundreds or even thousands of phone numbers or e-mail addresses, the number of individual communications that were improperly collected could number in the millions, officials said. (It is not clear what portion of total court orders or communications that would represent.)
“Say you get an order to monitor a block of 1,000 e-mail addresses at a big corporation, and instead of just monitoring those, the N.S.A. also monitors another block of 1,000 e-mail addresses at that corporation,” one senior intelligence official said. “That is the kind of problem they had.”
Overcollection on that scale could lead to a significant number of privacy invasions of American citizens, officials acknowledge, setting off the concerns among lawmakers and on the secret FISA court.
“The court was not happy” when it learned of the overcollection, said an administration official involved in the matter.
Defenders of the agency say it faces daunting obstacles in trying to avoid the improper gathering or reading of Americans’ e-mail as part of counterterrorism efforts aimed at foreigners.
Several former intelligence officials said that e-mail traffic from all over the world often flows through Internet service providers based in the United States. And when the N.S.A. monitors a foreign e-mail address, it has no idea when the person using that address will send messages to someone inside the United States, the officials said.
The difficulty of distinguishing between e-mail messages involving foreigners from those involving Americans was “one of the main things that drove” the Bush administration to push for a more flexible law in 2008, said Kenneth L. Wainstein, the homeland security adviser under President George W. Bush. That measure, which also resolved the long controversy over N.S.A.’s program of wiretapping without warrants by offering immunity to telecommunications companies, tacitly acknowledged that some amount of Americans’ e-mail would inevitably be captured by the N.S.A.
But even before that, the agency appears to have tolerated significant collection and examination of domestic e-mail messages without warrants, according to the former analyst, who spoke only on condition of anonymity.
He said he and other analysts were trained to use a secret database, code-named Pinwale, in 2005 that archived foreign and domestic e-mail messages. He said Pinwale allowed N.S.A. analysts to read large volumes of e-mail messages to and from Americans as long as they fell within certain limits — no more than 30 percent of any database search, he recalled being told — and Americans were not explicitly singled out in the searches.
The former analyst added that his instructors had warned against committing any abuses, telling his class that another analyst had been investigated because he had improperly accessed the personal e-mail of former President Bill Clinton.
Other intelligence officials confirmed the existence of the Pinwale e-mail database, but declined to provide further details.
The recent concerns about N.S.A.’s domestic e-mail collection follow years of unresolved legal and operational concerns within the government over the issue. Current and former officials now say that the tracing of vast amounts of American e-mail traffic was at the heart of a crisis in 2004 at the hospital bedside of John Ashcroft, then the attorney general, as top Justice Department aides staged a near revolt over what they viewed as possibly illegal aspects of the N.S.A.’s surveillance operations.
James Comey, then the deputy attorney general, and his aides were concerned about the collection of “meta-data” of American e-mail messages, which show broad patterns of e-mail traffic by identifying who is e-mailing whom, current and former officials say. Lawyers at the Justice Department believed that the tracing of e-mail messages appeared to violate federal law.
“The controversy was mostly about that issue,” said a former administration official involved in the dispute.