Would N.S.A. Data Mining Have Been Able To Stop 9/11?
In his opinion striking down a challenge to the National Security Agency’s datamining programs, New York based Federal Court Judge William Pauley reaches back to the months before the September 11th attacks to spin a story of what the intelligence world was supposedly like in the dark days before Congress and President George W. Bush came together to give the N.S.A. more power to collect data on domestic and international communications than it had ever had before:
Prior to the September 11th attacks, the [NSA] intercepted seven calls made by hijacker Khalid al-Mihdhar, who was living in San Diego, California, to an al-Qaeda safe house in Yemen. The NSA intercepted those calls using overseas signals intelligence capabilities that could not capture al-Mihdhar’s telephone number identifier. Without that identifier, NSA analysts concluded mistakenly that al-Mihdhar was overseas and not in the United States. Telephony metadata would have furnished the missing information and might have permitted the NSA to notify the [FBI] of the fact that al-Mihdhar was calling the Yemeni safe house from inside the United States.
This is not an unfamiliar argument, of course. It’s one that political leaders have made for years now to justify many aspects of the powers granted to the N.S.A. and other agencies after September 11th, and one that has been trotted out several times in the months since Edward Snowden made public the information that he had obtained about what the agency was doing with the data that it was collecting and the new powers that had been granted to it. It’s a tempting argument to believe, of course. The idea that, but for more information and the ability to connect the dots, we might have been able to prevent the greatest national tragedy since the attack on Pearl Harbor is very appealing. However, as Jutin Elliot points out at Pro Publica in an article that was posted back in June during the height of the Snowden controversy, there’s little actual evidence that it’s true:
It is impossible to know for certain whether screening phone records would have stopped the attacks — the program didn’t exist at the time. It’s also not clear whether the program would have given the NSA abilities it didn’t already possess with respect to the case. Details of the current program and as well as NSA’s role in intelligence gathering around the 9/11 plots remain secret.
But one thing we do know: Those making the argument have ignored a key aspect of historical record.
U.S. intelligence agencies knew the identity of the hijacker in question, Saudi national Khalid al Mihdhar, long before 9/11 and had the ability find him, but they failed to do so.
“There were plenty of opportunities without having to rely on this metadata system for the FBI and intelligence agencies to have located Mihdhar,” says former Senator Bob Graham, the Florida Democrat who extensively investigated 9/11 as chairman of the Senate’s intelligence committee.
Mihdhar is at the center of the well-known story of the failure of information sharing between the CIA and FBI and other agencies.
Indeed, the Obama administration’s invocation of the Mihdhar case echoes a nearly identical argument made by the Bush administration eight years ago when it defended the NSA’s warrantless wiretapping program.
Elliot then goes on to describe the extent to which U.S. intelligence and law enforcement had been tracing Midhar’s movements around the world and even in communications, even though it was apparent at many points that their analysts were completely unaware of who it was Midhar was communication, which in several cases turned out to be people who ended up being participants in the 9/11 conspiracy:
Intelligence historian Matthew Aid, who wrote the 2009 NSA history Secret Sentry, says that the agency would have had both the technical ability and legal authority to determine the San Diego number that Mihdhar was calling from.
“Back in 2001 NSA was routinely tracking the identity of both sides of a telephone call,” he told ProPublica.
The NSA did not respond to a request for comment. The FBI stood by Mueller’s argument but declined to further explain how the metadata program would have come into play before 9/11.
There’s another wrinkle in the Mihdhar case: In the years after 9/11, media reports also suggested that there were multiple calls that went in the other direction: from the house in Yemen to Mihdhar in San Diego. But the NSA apparently also failed to track where those calls were going.
In 2005, the Los Angeles Times quoted unnamed officials saying the NSA had well-established legal authority before 9/11 to track calls made from the Yemen number to the U.S. In that more targeted scenario, a metadata program vacumming the phone records of all Americans would appear to be unnecessary.
That story followed President Bush’s defense of the NSA warrantless wiretapping program, which had just been revealed by the New York Times.
“We didn’t know they were here, until it was too late,” Bush said in a December 2005 live radio address from the White House.
It’s not clear how the wiretapping program would have come into play in the Mihdhar case. The program at issue in 2005 involved getting the actual content of communications, which the NSA had already been doing in the Mihdhar case.
Finally, in an update to his post written after Judge Pauley’s decision, Elliot writes this:
As his source, the judge writes in a footnote, “See generally, The 9/11 Commission Report.” In fact, the 9/11 Commission report does not detail the NSA’s intercepts of calls between al-Mihdhar and Yemen. As the executive director of the commission told us over the summer, “We could not, because the information was so highly classified publicly detail the nature of or limits on NSA monitoring of telephone or email communications.”
To this day, some details related to the incident and the NSA’s eavesdropping have never been aired publicly. And some experts told us that even before 9/11 — and before the creation of the metadata surveillance program — the NSA did have the ability to track the origins of the phone calls, but simply failed to do so.
A second look at several post 9/11 incidents in which law enforcement managed to stop terror plots well before they became dangerous also reveals that there’s little evidence to support the idea that the N.S.A. metadata program played a crucial role in stopping an act of terror, as Judge Richard Leon notes in his opinion finding the metadata collection program unconstitutional:
None of the three “recent episodes” cited by the Government that supposedly “illustrate the role that telephony metadata analysis can play in preventing and protecting against terrorist attack” involved any apparent urgency. In the first example, the FBI learned of a terrorist plot still “in its early stages” and investigated that plot before turning to the metadata “to ensure that all potential connections were identified.” Assistant [FBI] Director [Robert] Holley does not say that the metadata revealed any new information-much less time-sensitive information that had not already come to light in the investigation up to that point. In the second example, it appears that the metadata analysis was used only after the terrorist was arrested “to establish [his] foreign ties and put them in context with his U.S. based planning efforts.” And in the third, the metadata analysis “revealed a previously unknown number for [a] co-conspirator…and corroborated his connection to [the target of the investigation] as well as to other U.S.-based extremists.” Again, there is no indication that these revelations were immediately useful or that they prevented an impending attack.
The Government does not cite a single instance in which analysis of the NSA’s bulk metadata collection actually stopped an imminent attack, or otherwise aided the Government in achieving any objective that was time-sensitive in nature. In fact, none of the three “recent episodes” cited by the Government that supposedly “illustrate the role that telephony metadata analysis can play in preventing and protecting against terrorist attack” involved any apparent urgency….
Given the limited record before me at this point in the litigation—most notably, the utter lack of evidence that a terrorist attack has ever been prevented because searching the NSA database was faster than other investigative tactics—I have serious doubts about the efficacy of the metadata collection program as a means of conducting time-sensitive investigations in cases involving imminent threats of terrorism.
Given that the N.S.A.programs at issue have been in place for the better part of a decade now, one would assume that the Federal Government would be able to come up with an example or two showing how this supposedly immensely necessary program had actually done anything productive in preventing an attack or helping to track down a terrorist, then the government would be able to show some evidence or it. Instead, all they seem to be able to do is come up with hypothetical like the one put forward by Judge Pauley that don’t actually prove anything, and which end up being contradicted by the evidence on record. The fact that they cannot, and that in the specific case of the pre-9/11 argument that Judge Pauley makes, that the powers that the N.S.A. had prior to 9/11 seemed to be sufficient to find a lot of information about people at the center of the conspiracy. The problem was that the N.S.A. wasn’t able to properly interpret the data that it already had. That’s not a failure attributable to the lack of sufficient intelligence gathering power, it’s a failure attributable to human error or, perhaps, the simple fact that when there is so much information available the odds of finding the proverbial needle in the haystack. To the extent that last part was playing a role in what happened in the months and weeks prior to 9/11, then the logic of giving the agency the ability to gather even more information seems question at best. All that does is make the haystack bigger, and the needle harder to find.
Jacob Sullum at Reason notes correctly that, in the end, whether the hypothetical that Judge Pauley put forward is plausible or not is irrelevant to the basis for his opinion. In the end, Pauley ruled that you have no Fourth Amendment rights at all in your telephone or Internet metadata because of the third-party rule established in Smith v. Maryland. As a matter of law, of course, this is true, but I’d suggest that if the government cannot come up with a plausible reason why it shouldn’t have to obtain a warrant for the massive amounts of data it is collecting, then the justification for allowing agencies like the N.S.A. to violate a zone of expected privacy that has arguably expanded in the more than three decades since Smith was decided becomes all the more questionable.