DATA MINING BEHIND ILLEGAL NSA SPY PROGRAM?

Is Bush's illegal NSA spying program an extravagant data-mining venture? Emptywheel suggests it might be just that.

I've heard several administration apologists make claims that lend plausibility to this theory. One stated that it wasn't practical to use FISA to obtain warrants for such a volume of requests until the NSA program had somehow determined who should actually be monitored long-term. That raised my antennae, but I didn't put it together in precisely the way Emptywheel has. I conjectured that the statement was an indication that wholesale wiretapping was being conducted in a sort of fishing expedition, and that when information was obtained that provided probable cause, then individual warrants were solicited under FISA. But I think it's possible that Empty wheel may be closer to the truth than was my simple inference.

A few more details of the NSA spying program are beginning to leak out. I'm going to guess, based on the details we've got, that this program is some kind of reverse data mining project. That they're taking the laptops and cell phones captured from known Al Qaeda figures and from that hardware, developing a data profile of a "typical" Al Qaeda operative. Then, they're doing massive data mining in the US and overseas. And tapping people who fit the profile of that "typical" Al Qaeda operative.

It's clear now that one of the two remarkable aspects of this program is its new technology (the other being the warrantless search). Former Senator Bob Graham said he didn't remember any mention of warrantless searches. What struck him, from his briefings on the program, was the notion we were using new technology.

Former senator Bob Graham (D-Fla.), who chaired the Senate intelligence committee and is the only participant thus far to describe the meetings extensively and on the record, said in interviews Friday night and yesterday that he remembers "no discussion about expanding [NSA eavesdropping] to include conversations of U.S. citizens or conversations that originated or ended in the United States" -- and no mention of the president's intent to bypass the Foreign Intelligence Surveillance Court.

"I came out of the room with the full sense that we were dealing with a change in technology but not policy," Graham said, with new opportunities to intercept overseas calls that passed through U.S. switches. He believed eavesdropping would continue to be limited to "calls that initiated outside the United States, had a destination outside the United States but that transferred through a U.S.-based communications system."

Senator Rockefeller said something similar--but more telling--in the CYA letter he released today.

As you know, I am neither a technician or an attorney. Given the security restrictions associated with this information, and my inability to consult staff or counsel on my own, I feel unable to fully evaluate, much less endorse these activities.

As I reflected on the meeting today, and the future we face, John Poindexter's TIA project sprung to mind, exacerbating my concern regarding the direction the Administration is moving with regard to security, technology, and surveiliance.

Rockefeller complains that he's not a technician, echoing Graham's technical comment. Then Rockefeller mentions Pondexter's TIA program, a system that proposed to use massive data mining to profile and find potential terrorists. But the problem described with this TIA program--and with Able Danger, another data mining surveillance program--is that you don't know what a "hit" is. You don't know what the profile of a terrorist is, so you don't know what you're looking for as you data mine.

Well, the NYT story on this program suggests they may be working from the opposite direction to define what their "hits" are going to be. You see, the program started accelerating as they collected more hardware loaded with data that might help form a "typical" profile of an Al Qaeda operative.

What the agency calls a "special collection program" began soon after the Sept. 11 attacks, as it looked for new tools to attack terrorism. The program accelerated in early 2002 after the Central Intelligence Agency started capturing top Qaeda operatives overseas, including Abu Zubaydah, who was arrested in Pakistan in March 2002. The C.I.A. seized the terrorists' computers, cellphones and personal phone directories, said the officials familiar with the program. The N.S.A. surveillance was intended to exploit those numbers and addresses as quickly as possible, they said.

And this is where the NYT story gets a little vague. The searches are based on people "linked" to Al Qaeda--but linked in what way?

Since 2002, the agency has been conducting some warrantless eavesdropping on people in the United States who are linked, even if indirectly, to suspected terrorists through the chain of phone numbers and e-mail addresses, according to several officials who know of the operation. Under the special program, the agency monitors their international communications, the officials said. The agency, for example, can target phone calls from someone in New York to someone in Afghanistan.

I'm proposing it's not an indirect link to Al Qaeda, that the NYT is using this language to shield the technical details (if these people were really linked to Al Qaeda, the FISA warrant would be a cinch). I'm proposing that it's a link of similarity. They find the communication patterns of a known Al Qaeda operative, and they start monitoring everyone who has similar communication patterns.

Which would explain why they needed to start monitoring large numbers of people at once.

Those involved in the program also said that the N.S.A.'s eavesdroppers might need to start monitoring large batches of numbers all at once, and that it would be impractical to seek permission from the Foreign Intelligence Surveillance Court first, according to the officials.

Here they're claiming that the numbers are too onerous to get warrants for all the monitored numbers. Elsewhere they claim it's a time issue (which we know to be false, since you can get emergency taps under FISA). I'm suggesting the real issue was they couldn't defend tapping all those numbers at once since the only thing that connected them was a pattern of similarity, not probable cause.

Which explains why Bush wanted to hide the program. It's data profile layered on top (I'm guessing) of racial profiling divorced from any probable cause. Which is why they're finding people with dubious ties, if any:

But they said most people targeted for N.S.A. monitoring have never been charged with a crime, including an Iranian-American doctor in the South who came under suspicion because of what one official described as dubious ties to Osama bin Laden.

Is it possible the dubious ties are as little as a fondness for a take-out joint favored by suspected Al Qaeda operatives? The same gym? Friends in the same province of Iraq?

It's a kind of unreasonable search never imagined by our forefathers ... but one I'm sure they'd consider unreasonable nevertheless.

Hat tip to Bad Attitudes.

Tags: Bush, data mining, profiling, NSA, terrorism