NSA Has Massive Database of Americans’ Phone Calls

USA Today has the banner headline “NSA has massive database of Americans’ phone calls.” The actual story, alas, is much less dramatic:

The National Security Agency has been secretly collecting the phone call records of tens of millions of Americans, using data provided by AT&T, Verizon and BellSouth, people with direct knowledge of the arrangement told USA TODAY. The NSA program reaches into homes and businesses across the nation by amassing information about the calls of ordinary Americans — most of whom aren’t suspected of any crime. This program does not involve the NSA listening to or recording conversations. But the spy agency is using the data to analyze calling patterns in an effort to detect terrorist activity, sources said in separate interviews.

So, the government has my phone records? Sure, I trust mega-corporations who sell my private information to telemarketers with this information. But a government agency that collects and analyzes signals intelligence? I dunno.

The NSA’s domestic program, as described by sources, is far more expansive than what the White House has acknowledged. Last year, Bush said he had authorized the NSA to eavesdrop — without warrants — on international calls and international e-mails of people suspected of having links to terrorists when one party to the communication is in the USA. Warrants have also not been used in the NSA’s efforts to create a national call database.

In defending the previously disclosed program, Bush insisted that the NSA was focused exclusively on international calls. “In other words,” Bush explained, “one end of the communication must be outside the United States.” As a result, domestic call records — those of calls that originate and terminate within U.S. borders — were believed to be private.

Sources, however, say that is not the case. With access to records of billions of domestic calls, the NSA has gained a secret window into the communications habits of millions of Americans. Customers’ names, street addresses and other personal information are not being handed over as part of NSA’s domestic program, the sources said. But the phone numbers the NSA collects can easily be cross-checked with other databases to obtain that information.

Calls. Call records. Same thing, right?

Um, no.

Obviously, we don’t want the government listening in on our telephone conversations without some really good rationale. But having calling patterns stored in a database to look for patterns? That doesn’t fill me with any particular anxiety.

Now, we don’t want employees of NSA or any agency–including the phone companies themselves–able to pull up individual calling records for the sheer hell of it in order to snoop on their friends, neighbors, celebrities, and so forth. One presumes NSA has some safeguards in place for that sort of thing.

Update: To be clear, since it has been a while since I have written on this matter, security and liberty are both highly desirable goals for which we strive. They are, unfortunately, conflicting. Ben Franklin’s dictum, “They who would give up an essential liberty for temporary security, deserve neither liberty or security” is oft misquoted as an absolute (“They who would give up liberty for security, deserve neither liberty or security”); Franklin was, alas, not that simpleminded.

I am willing to give up trivial amounts of liberty (carrying a passport when traveling abroad, e.g.) when it provides some significant amount of additional security. I balk at even modest surrender of liberty (friskings by government travel agents at the airport) when I feel that the gain in security is negligible.

In this case, I believe the surrender of liberty is infinitesimal while the potential gain in security is huge. If it turns out that my premise is wrong (i.e., there have been some large number of people harassed because of perfectly legitimate calling patterns or other abuses), I am prepared to reevaluate my position.

FILED UNDER: Uncategorized, ,
James Joyner
About James Joyner
James Joyner is Professor and Department Head of Security Studies at Marine Corps University's Command and Staff College. He's a former Army officer and Desert Storm veteran. Views expressed here are his own. Follow James on Twitter @DrJJoyner.

Comments

  1. Roger says:

    I have been continually amazed over the past 5 years at how willing, almost eager Americans are to surrender the last vestiges of their rights. The executive just ignores the laws? Fine. Lock people up without charges? Fine. The (un)accused have no access to lawyers or even their families? Fine. Torture? Fine. Dig through our trash? Fine. Now, read our phone records? Fine. Warrants? What’s that? Too hard to understand. Whatever. Fine. We don’t need no stinkin’ legal system.

  2. James Joyner says:

    Roger:

    The things you list are separate issues on which I’ve taken positions. Many I oppose, some I support.

    There’s no requirement to get a warrant to obtain information in company databases that they turn over willingly. Further, individual privacy is simply affected differently in the access of an individual’s records vice a gigantic data mining operation.

  3. Bithead says:

    Some degree of consequentialism would appear to be in play here. If, as is suggested, they’ve been doing this for years, apparently nobody’s rights have been violated , since nobody’s complained about it. As with all such programs, it comes down to the quality of the people executing said programs.

    Based on the story as quoted, it would appear that what’s going on is there just looking for general calling trends in a statistical fashion not specifically who talked to who. And that seems reasonable.

  4. DC Loser says:

    I’m sure plenty of spouses out there are interested in their other half’s calling patterns.

  5. James Joyner says:

    DCL: I’m sure. Presumably, however, they have access to the phone bills. But that would fall in the last paragraph of the original post.

  6. Rodney Dill says:

    Good, now we can finally find out who screwed up the voting on American Idol

  7. Josh Cohen says:

    Given that I’ve had some pretty salacious conversations in the past, I hope it’s at least amused a few of these government people.

    Given the proficiency of hackers and the amount of people who prefer to use telephones to deal with credit card companies and banks, it’s only a matter of time before the hackers realize that (a) it takes the government FOREVER to close security holes and (b) the information’s there for the taking.

  8. DC Loser says:

    It’ll take some pretty good hacking to get to this data as they’re totally isolated from the internet. You’d need access to the restricted internal NSA network in order to get to this stuff.

  9. For me it comes down to the notion that I don’t trust government in a generic sense, and would prefer to prevent the potential of the harassment of which you speak, rather than waiting for it to happen and then getting upset.

    More to the point: if something like this was deemed necessary, then proper procedure, including court oversight, should have been utilized. The fact that Qwest was able to resist the request suggests that this was not a normal operation. And if the USAT story is correct, i.e., that NSA did not want to go to FISA for authorization, that gives me serious pause.

    I am no fan of the “trust us, we’re from the government” line of reasoning on these matters.

  10. James Joyner says:

    Steven: Noted. My understanding is that FISA wasn’t implicated because there is no surveillance here. There’s no listening in on these calls. They’re essentially getting massive copies of phone bills.

  11. LJD says:

    The same people whining about government analysis of their unimportant and uninteresting phone calls are usually the same ones screaming to have their fellow Americans’ doors kicked in so they can collect their guns.

  12. Geek, Esq. says:

    Mr. Joyner:

    Karl Rove and Scooter Libby had super-duper security clearances. How would you feel if they had access to that data?

  13. James Joyner says:

    Geek: Security clearances aren’t a frickin’ library card. You can’t just go up to NSA and say, “Here’s my clearance. Give me all your phone records.”

  14. Geek, Esq. says:

    My point is that we don’t know what safeguards are in place to prevent the intelligence arm of the ‘unitary executive’ from sharing this information with the partisan Republican arm of the ‘unitary executive.’

  15. James Joyner says:

    Geek: The Executive is only unitary in the sense that a single man embodies it. The president can issue all manner of executive orders and countermand the subordinate bureaucracy. It does not, however, follow that even high level executive staffers have carte blanche over national intelligence collection.

    Indeed, it would be quite amusing were a Karl Rove to show up at NSA demanding these records.

  16. Steven Plunk says:

    I’ve said it a hundred times, it’s not the feds we have to worry about when it comes to civil liberties, it’s the city councils and local governments that are the real threat.

    For instance the local water commission was inspecting back flow valves on sprinkler systems without homeowner knowledge and then issuing notices to fix them or get fined. This entailed getting into backyards and poking around in some cases.

    This phone database program really isn’t violating anyones privacy so why get our panties in a bunch?

  17. Jim Henley says:

    The pattern of these stories seems to be that we end up finding out there’s a lot more going on than the initial reassurances indicate. The Administration is also very Jesuitical in the ways it responds to these things, most famously with the President’s “I don’t have plans to invade Iraq *on my desk*” statements as chronicled in Cobra II.

    Back in the 1950s, wild-eyed crazies – we called them “conservatives” – opposed the proposal to issue everyone a newfangled social-security number because, these nutbars argued, one day it would become a de facto national ID. Well score one for the crazies! Er, conservatives.

    MAYBE all the NSA is doing with those records, today, is statistical analysis of the data set of calls. But given the clear assertions of unlimited prerogative by the President and his Attorney General, there’s every reason to think that if they wake up tomorrow and decide it would be a good idea to do something far more invasive with those records, they’d consider it well within their purview.

    And if they woke up yesterday and had the same thought, they sure aren’t going to announce it to us.

  18. niall says:

    Wow. Such a lot of excitement over CDRs. Never mind that all they are is a record of this phone number called that phone number for a duration of n seconds at such and such a time on such and such date. Even cross-referenced with some other database there is no way of knowing who was actually on the phone or what they talked about. If you can find a sinister way to abuse that, you’ve got all together too much time on your hands. That little grocery store discount club tag on your keychain gives away more titillating info about you, the average American, than call detail records ever will.

  19. Jim Henley says:

    Even cross-referenced with some other database there is no way of knowing who was actually on the phone or what they talked about.

    Nothing to see here, people! There’s so little value in call-detail records that law enforcement reguarly subpoenas them from carriers in criminal cases. Not because they think they might learn anything from such records but, well, just because! And the NSA wants all this data not because it might mean something to them but because they needed a data set to practice on for their SQL certification classes.

  20. How much liberty do we give up when we file a federal tax return? We do not have to fund the government this way. A sales tax could generate the same revenue without the intrusion. If you wanted to provide sales tax refunds to the poor, then they can choose to give up some of their privacy in the form of filing the information in return for the refund.

    The difference is the left likes the government having all of our personal financial information because it feeds the government to transfer funds from one group to another. They don’t like the government having the phone records because it merely aides in protecting the citizens.

    If the left wants to be taken seriously about a lesser intrusion by government, then they should be consistent on their view of the greater intrusion.

  21. Pug says:

    It might help if we would all just mail copies of our phone bills to the government every month. After all, we all need to do our part to keep America safe.

  22. Jim Henley says:

    So yetanotherjohn, is “In for a penny, in for a pound” the New Conservatism?

    Some of us were not only not born yesterday, we’re old enough to remember the 90s. So we know just what the Right’s reaction would be if the Clinton-era NSA did this. And they’d have been right to complain.

  23. McGehee says:

    So we know just what the Right�s reaction would be if the Clinton-era NSA did this.

    You mean, before 9/11?

    Some of us have had a little bit of an attitude change since then. It’s interesting to see who has not.

  24. niall says:

    Jim, your example of CDRs being used as part of a prosecution doesn’t undermine my point. In your example the CDRs are supplementary not the basis of action. Perhaps they show it is reasonable to make the assertion that the defendant called the victim repeatedly before the incident etc. That is a reasonable and proper use of the records being used to support a line of reasoning in a court case. All your example does is affirm that CDRs have a useful purpose (if they didn’t we wouldn’t keep’em around) not that they are particularly exciting in and of themselves. Another everyday use of them is to track toll-fraud such as when a phreak uses your misconfigured PBX to give free LD to all his buddies or when the new secretary keeps calling Madam Cleo’s psychic hotline. Or are you more concerned that the NSA might notice you’re not calling your mother as often as you should?

    Could the records be abused somehow? Pretty much any information can be abused in some way. The question then is, as our host has stated, whether the potential abuse outweighs the potential benefit of allowing the information to be accessed. Sure, I suppose it would be possible to single out people who are calling the ACLU frequently and then send the jackbooted thugs round to give them a working over but it seems to me that there are far easier ways to sort people out for egregious rights violations than sifting billions of CDRs. Clearly a potential for abuse exists but it is not a convenient or efficient means compared to many others more easily accessed. Just stop and think for a minute and I’m sure you can guess some of the easier ways to get comparable personal info that don’t require nearly as much work… That isn’t the case with ferreting out terrorist cells where the links aren’t already obvious. For instance, imagine taking what we know of the communication amongst the 19 9/11 hijackers and using that to generate a filter through which you could look at the CDRs in the period when the attacks were being planned. Then look at other similar events in the same way. What do they have in common? How do you get that with a handful of warrants to look at CDRs for a handful of callers, much less in some timely fashion where the info might still be actionable not after-the-fact detective work? In that situation you have extremely limited context and the chances of getting meaningful information are greatly diminished. In my opinion the potential benefit weighs more. And in the interests of disclosure I do work for one of the telcos, though in a position which does not give me access to any of the customer data we’re discussing here, so feel free to discredit everything I say on that basis if so inclined.

    In the end it sounds a lot more dark and scary than it really is. If you’re that worried about your calls being scrutinized by the NSA you can buy one of those prepaid cell phones and pay cash down at the quickie-mart.

  25. Jim Henley says:

    Some of us have had a little bit of an attitude change since then. It�s interesting to see who has not.

    True. We’re not ALL cowards.

  26. Jim Henley says:

    If you�re that worried about your calls being scrutinized by the NSA you can buy one of those prepaid cell phones and pay cash down at the quickie-mart.

    I’m not worried for me personally. My socioeconomic profile and ethnic background make it unlikely that I personally am going to suffer for any government overreach here.

    Your arguments about the potential value of the program would make an excellent summary of a brief to the FISA court. (Not being ironic here: it’s well and concisely stated.) Strangely, though, as we learn from QWEST’s lawyers, the NSA wanted to keep this program as far from the FISA Court (motto: “Our rubber stamps are always inked!”) as possible. Which is interesting in itself.

  27. legion says:

    Let’s see now…
    When they said they weren’t tapping US citizens’ phone calls, that was a lie.
    When they said they were only tapping calls that had one end in a foreign country, that was a lie.
    When they said they were only tapping calls of potential terror suspects, that was a lie.
    Bush says everything he told the NSA to do was legal, but since the NSA itself didn’t think this program would pass legal muster with the FISA court, so I’m gonna go out on a limb here and call that a lie too.

    I only wonder why _anyone_ believes a word that comes out of his evil, oathbreaking mouth.

  28. MrGone says:

    Hmmm, let’s see how this could work. They’re basically looking for data sets or call trees. I call my housekeeper once in a while. She’s from South Africa. She has family and friends throughout Africa, the EU and Asia. One of those people knows someone who knows a terror suspect. Voila, I’m in the tree. You may be also, since I sometimes write on this blog and they’re supposadly tracking web communications.

    Ever play 6 degrees of Kevin Bacon? You get the idea.

    Sleep tight.

  29. legion says:

    So Kevin Bacon is really Osama Bin Laden?

    Dammit! Hollywood really is trying to destroy America!

  30. MrGone says:

    Legion, No, but he is only six people away from him, and you, and me.

  31. MikeT says:

    Do you really expect the government to not make false connections? It’s only a matter of time before they expand this into recording all conversations for posterity in the event that they “missed something.” It’s technically feasible now. 32kbps MP3 gets several minutes per MB of data and can keep a crystal clear conversation record. If a company like Google can amass the kind of capabilities they have, the federal government can go well beyond that.

    I bet you that this is just an effort to get the infrastructure for that in place.

  32. SCATTERSHOT says:

    Anybody remember 900 FBI FILES?

  33. Jim Henely,

    Go take a look at the Echelon program started under Clinton. Compare and contrast that program with this one. Then tell me why I shouldn’t be concerned about echelon but should be concerned about this.

    We are always making trade offs as the post pointed out. I happen to find the IRS intrusion into my privacy much worse than the described program of tracking calls. You may not. That’s why we hold elections to decide. Considering that we have never had more republicans in the house or senate in the last 75 years, and that in the last 40 years the democrats have only once convinced a majority of the presidential election voters that they should be in charge (Carter 1976 with 50.08%), it would seem that the majority of the country trust the republicans more than the democrats. Sorry, but facts are facts.

  34. legion says:

    it would seem that the majority of the country trust the republicans more than the democrats. Sorry, but facts are facts.

    And opinions are opinions, and strawmen are strawmen. People don’t always get elected because they are more “trusted” than their opponents. And even if they are, people _believing_ repubs are more trustworthy than dems doesn’t mean they _are_ more trustworthy.

  35. tbizzle says:

    we should ask ourselves how the writers of the constitution would react if they knew that the mail carrier was writing down a list of who they were writing letters to and receiving letters from and then giving it to the british government. Anyone? It’s on par with the information phone companies are providing now.

  36. Bithead says:

    Anybody remember 900 FBI FILES?

    Yes, I do remember them. I also remember, that obtaining those files was already illegal. This, is not.

    Clearly, the real story here is laws don’t protect us from the lawless. What they do, is prevent the lawful from doing their job.

    And isn’t it interesting, that the people who were screaming the loudest over the NSA programs , said nothing whatever about those 900 FBI files?

  37. Kathy says:

    Now, we donâ??t want employees of NSA or any agencyâ??including the phone companies themselvesâ??able to pull up individual calling records for the sheer hell of it in order to snoop on their friends, neighbors, celebrities, and so forth. One presumes NSA has some safeguards in place for that sort of thing.

    One PRESUMES that safeguards are in place, James Joyner? Before the Bush administration, one PRESUMED that the government was not asking phone companies to hand over the calling records of millions of Americans. Before the Bush administration, one PRESUMED that the NSA did not intercept domestic calls, because that is against the law. Before the Bush administration, one PRESUMED that the DOJ went to a FISA court to present probable cause for a search warrant before surveilling someone, because that is the law.

    Anyone who can still write a sentence saying “One PRESUMES there are safeguards in place…” is dangerously naive, incredibly uninformed, or just plain stupid.

    If there’s anything Americans should have learned by now about the Bush administration, it’s that the only thing one can PRESUME about Pres. Bush is that, even if there ARE safeguards in place, Pres. Bush will ignore them whenever he wants to.

  38. Roger says:

    James, you say “The things [I] list are separate issues,” but they all have the same thing in common. They represent the ever growing intrusion we are allowing the govt. to make into our private affairs with barely a yawn. Next, I imagine the heat sensing tech we have that can allow law enforcement to watch us make love to our spouses through the walls of our homes will be no big deal–no warrant needed, either. Hey, what are they gonna do with that anyway excpet get their jollies and protect us from terrorists? And since that’s no big deal, what would it hurt to have Homeland Security cameras installed in our homes? What a great idea. That would surely help cut down on the threat of terrorism, not to mention ordinary crime that kills way more Americans than terrorists, after all. Once we finally get rid of that lousy Constitution completely, we all will be much, much safer. Who can argue with that? What do we have to fear from our own govt., anyway? Our Founding Fathers really were a bunch of head cases weren’t they?

  39. Bithead says:

    Why is it, but for all this fear of abuse of government, nobody as yet has been able to come up with any indication that such as happening?

    Certainly, one can argue that such data gathering of itself constitutes abuse of our rights, but that I think is a futile effort, and a Totally overhyped one.

    So it comes down to providing one , just one instance of someone’s rights being violated. In all of this hyperbolic argument, I’ve yet to see one instance of that. And that’s really what it all comes down to.

  40. Arun says:

    As per Michael Moore’s documentary film, Fahrenheit 9/11, George Bush is a friend (or business associate?, I don’t remember) of some of bin Laden’s family. That is a very small degree of separation. So I hope the Bush family and all their hanger-ons are being surveilled.

  41. Bithead says:

    As per Michael Moore�s documentary film, Fahrenheit 9/11, George Bush is a friend (or business associate?, I don�t remember) of some of bin Laden�s family. That is a very small degree of separation. So I hope the Bush family and all their hanger-ons are being surveilled.

    You take Michael Moore’s fantasies, as factual, do you? (Shudder)

  42. Roger says:

    “So it comes down to providing one , just one instance of someoneâ??s rights being violated.”

    Bithead, as the NSA has in fact illegally accessed the phone records of millions of innocent Americans, then millions of Americans have had their rights violated. Is that enough for you?

  43. Bithead says:

    No, because all they have is numbers.
    Not names. Nor do they have the content of the calling.

    Do try again.