Evaluating the NSA's Telephony Metadata Program

Interesting analysis: “Examining the Anomalies, Explaining the Value: Should the USA FREEDOM Act’s Metadata Program be Extended?” by Susan Landau and Asaf Lubin.

Abstract: The telephony metadata program which was authorized under Section 215 of the PATRIOT Act, remains one of the most controversial programs launched by the U.S. Intelligence Community (IC) in the wake of the 9/11 attacks. Under the program major U.S. carriers were ordered to provide NSA with daily Call Detail Records (CDRs) for all communications to, from, or within the United States. The Snowden disclosures and the public controversy that followed led Congress in 2015 to end bulk collection and amend the CDR authorities with the adoption of the USA FREEDOM Act (UFA).

For a time, the new program seemed to be functioning well. Nonetheless, three issues emerged around the program. The first concern was over high numbers: in both 2016 and 2017, the Foreign Intelligence Surveillance Court issued 40 orders for collection, but the NSA collected hundreds of millions of CDRs, and the agency provided little clarification for the high numbers. The second emerged in June 2018 when the NSA announced the purging of three years’ worth of CDR records for “technical irregularities.” Finally, in March 2019 it was reported that the NSA had decided to completely abandon the program and not seek its renewal as it is due to sunset in late 2019.

This paper sheds significant light on all three of these concerns. First, we carefully analyze the numbers, showing how forty orders might lead to the collection of several million CDRs, thus offering a model to assist in understanding Intelligence Community transparency reporting across its surveillance programs. Second, we show how the architecture of modern telephone communications might cause collection errors that fit the reported reasons for the 2018 purge. Finally, we show how changes in the terrorist threat environment as well as in the technology and communication methods they employ ­ in particular the deployment of asynchronous encrypted IP-based communications ­ has made the telephony metadata program far less beneficial over time. We further provide policy recommendations for Congress to increase effective intelligence oversight.

Tags: , , , , , ,

Posted on August 12, 2019 at 6:14 AM19 Comments

Comments

Clive Robinson August 12, 2019 6:43 AM

Hmm,

    Finally, in March 2019 it was reported that the NSA had decided to completely abandon the program and not seek its renewal as it is due to sunset in late 2019.

This could mean that they now have better ways to get around the restrictions, not that phone metadata is any less valuable than it once was.

Whilst “terrorists” might have changed methods due to,

    changes in the terrorist threat environment as well as in the technology and communication methods they employ in particular the deployment of asynchronous encrypted IP-based communications

Foreign Terrorists are not as far as the US Gov entities are concerned not realy the threat anyway. Some of the newer “domestic terrorists” that are set to commit 350-400 mass shootings this year are however. But even thay pale into insignificance numbers wise when you consider crimes involving drugs and other serious organized crime. Whilst not strictly “NSA turf” I find it hard to believe that such capabilities will just be dropped.

That is whilst it may have

    made the telephony metadata program far less beneficial over time.

True for one entity that is far from true for other entities.

Thus I guess the question arises,

    If not NSA, then who?

But as always at the root of things are “humans” and they are not just capricious they also evolve in their environment… The fact terrorists are not using telephones as much currently does in no way mean they will not be using them again tommorow as their technical environment changes.

Alejandro August 12, 2019 8:14 AM

Yup, NSA is moving on towards getting the magic back door to messaging apps, no doubt about it. They may have it already, but not the legal framework to make it happen.

And once they get it, it will be easy enough for any country, agency or person who wants it to have it too.

The military and police should not have wide open access to our communications if we choose to keep it private. Right?

TimH August 12, 2019 10:49 AM

The problem is that when the IC breaks the law, even in the most explicit way, the only people in the IC that ever face any repercussions are the whistleblowers. Looking at you too, Gina.

me August 12, 2019 3:36 PM

It’s probably an error to think that the info is not part of a strategy.

It could be used to make people believe they will not be supervised by these methods any more, although it still continues. Or so.

gordo August 12, 2019 4:04 PM

Privacy and Civil Liberties Oversight Board
The Board Held a Public Forum to Examine the USA Freedom Act, Telephone Records Program – May 31, 2019

Privacy and Civil Liberties Oversight Board Chairman Adam Klein and Board Members Edward Felten and Jane Nitze held a public forum on May 31, 2019 in Washington, DC to examine the USA FREEDOM Act and the government’s call detail records (CDR) program under that law. Several key provisions of the USA FREEDOM Act will sunset in December unless they are reauthorized by Congress.

Expert panelists included:

•Jamil N. Jaffer, Founder and Director of the National Security Institute and Director of the National Security Law & Policy Program at the Antonin Scalia Law School and George Mason University;
•Susan Landau, Bridge Professor of Cyber Security and Policy in the Fletcher School of Law and Diplomacy and the School of Engineering, Department of Computer Science, Tufts University;
•Jonathan Mayer, Assistant Professor of Computer Science and Public Affairs, Princeton University;
•Julian Sanchez, Senior Fellow at the Cato Institute;
•Caroline Lynch, Founder and Owner of Copper Hill Strategies, former Chief Counsel of the House Judiciary Subcommittee on Crime, Terrorism, Homeland Security, and Investigations;
•Michael Bahar, Partner, Eversheds Sutherland’s Global Cybersecurity and Privacy Practice, Former Minority Staff Director and General Counsel for the US House Intelligence Committee.

https://www.pclob.gov/reports/report-public-forum/

C-SPAN video of the forum is just over two hours.

Sancho_P August 12, 2019 5:20 PM

Very interesting analysis, thank you.

”NSA announced the purging of three years’ worth of CDR … The access to CDRs provided under UFA was simply not providing sufficient value any longer.” (from the paper)

May be.

However, isn’t such a vast collection of data an extreme liability?
What if there is another 9/11 and they again did not see the dots that were clearly there?
Hindsight is always an issue.
No data no problem.
Cheers.

Alejandro August 12, 2019 5:45 PM

My sense of this recent round in the anti-encryption crusade is military and police powers all over the world are waging a multi-front battle to settle this once and for all time, in their favor. There are too many self serving speeches popping up and it appears the technology is ripe for debasement

Specifically, the FB model of (fake) end to end (E2E) text message encryption, but with a parallel plaintext backdoor back to FB/.gov for AI “moderation” seems like an ideal end run to private/secure communication. For them.

The horribly misnomered Freedom Act renewal would be an ideal place for the government to grant itself even more surveillance powers over the boogeyman du jour: encrypted text messaging.

I’d like to say we can win this one, but in truth it seems like we are getting very close to losing encryption as a barrier to world wide corporate, government, criminal wide open mass surveillance.

Resist.

JonKnowsNothing August 12, 2019 7:30 PM

I wonder if anyone has ever actually seen “purged data”? What does that look like? A hole in the database block chain counter? A pile of NULL fields and NULL records in sequential order? Maybe something more exotic like: “NSA achieves world wide archive purge of all IC and Corporate archives with replacement NULL data records”?

I’m sure its more than a pile big enough to find on the floor but I still don’t see any.

Clive Robinson August 12, 2019 8:20 PM

@ Alejandro,

I’d like to say we can win this one, but in truth it seems like we are getting very close to losing encryption as a barrier to world wide corporate, government, criminal wide open mass surveillance.

Oh “we” as in the regular readership of this blog can win this as I’ve explained a few times before. That is without doubt unless they want to throw society back nearly two centuries to a time before electricity got used for communications.

But the general masses have lost, due to lazyness and convenience of “all in one devices” that have been “Compromised in design” in oh so many ways that such devices can not be made secure.

The only way out of this is education and asymetric warfare by the civilians against the Government (The civilians in America have done this before so we know they can do it).

In essence people have to educate the masses on the use of codes and similar based on “one time techniques” that are indistinguishable from ordinary plain text. As these can be paper and pencil systems potentially back doored hardware can be avoided. Thus it does not matter if the NSA, GCHQ etc get to hear/read a message as the content remains beyond their abilities to decode. Thus as with ordinary encryption the problem is asymmetrical, that is whilst it is trivial for the two communicating parties who know the key to encrypt and decrypt text etc, an attacking third party without access to the key has a major if not impossible job on their hands.

There are various tricks that can be used to make the apparent message statistics appear like a cipher that can be cracked. Whilst the reality is it’s actuall an OTP system that if used properly will consume their resorces indefinately without success.

stine August 13, 2019 1:54 AM

The cynic in me says that they are probably now registered as telecommunications company themselves. I would guess that their entire public-facing infrastructure is a collection of 50ft jumpers between each of the backbone carriers: ATT, Verizon, Level(3), etc. where said fiber passes through a $10M black box that can demux, filter and extract all of the unencrypted call data.

GregW August 13, 2019 6:50 AM

You don’t need CDRs if all the underlying comms are SIP-based at the carrier level and you are already intercepting that metadata. Isn’t most of the backend gear transitioned from SS7 to SIP at this point?

Sancho_P August 13, 2019 5:44 PM

@stine

”The cynic in me says that they are probably now registered as telecommunications company themselves.”

Nope, not likely, “they” would go bankrupt in less than 6 months 😉

Sancho_P August 13, 2019 5:47 PM

@Me, re AG Barr from your link (08/12 3:46) encryption creates security risk

“The status quo is exceptionally dangerous, it is unacceptable and only getting worse,” Barr said. “It’s time for the United States to stop debating whether to address it and start talking about how to address it.”

Sadly no one has the guts to ask AG Barr:
“Why don’t you start talking about how to address it?”

Sancho_P August 13, 2019 5:52 PM

What’s not addressed in the whole ”going dark” claim:

Their actual surveillance is about telephony call metadata (see article).
Now they talk about decryption / access to content of “calls”.

But:
Nobody talks about J. Epstein’s phone call metadata (*).
And nobody would talk about the content of his phone calls.

  • Clearly they don’t need that access.
    Worse, they don’t want that access to their own data.

(*) That’s what I meant by “No data no problem”.

John August 14, 2019 5:08 AM

Terrorism is a low frequency crime in the US. This is not to pat the agencies in the back but the occurence itself is very low. I don’t believe there are any statistics out there that keep track of how frequently it is “prevented” because there hasn’t been any reported attempts thwarted by authorities.

David August 19, 2019 4:05 AM

Mass Surveillance has come a long way since days of Echelon which was first ever glimpse leaked to the general public. The archiving or all voice data back in the days appeared grandstanding but now a rather trivial matter technically.

The Internet has largely gone dark since about a decade ago so I don’t believe they are still mass storing every single data packet they can get their hands on. However, it is reasonable to assume the targetted aspect of surveillance had been improved tremendously. The system more logically work in selectivity. While it is still possbiel to capture all meta data it isn’t very cost effective, nor very smart, to collect all encrypted comms that may not ever be decrypted rolling time forward. So the present day surveillance should logically work off a set of POIs with very close scrutiny by a human work force and HUMINT. The lesson learned should be don’t become a POI.

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.