Ever since the USA Patriot Act was rushed through in the immediate aftermath of the Sept. 11, 2001, attacks, some members of Congress have had buyer’s remorse, realizing over the years that they gave the executive branch and especially spy agencies too much latitude to snoop on Americans’ personal information. Hoping to rein in surveillance networks, in 2006 Congress placed a limit on the so-called personal business records that federal agencies can amass.
Under this measure, sensitive information like bank statements, library and medical records and details of phone calls could be intercepted only if “relevant” to a national security investigation. By using that word, some lawmakers say they intended to give the government the same authority to collect information that a grand jury has in a criminal investigation.
The comparison to a grand jury subpoena has become a central argument put forth by government officials defending the legality of the National Security Agency’s collection of metadata on virtually all Americans’ phone calls. However, the definition of "relevance" has apparently been substantially reinterpreted in secret opinions of the Foreign Intelligence Surveillance Court, which reviews intelligence requests for national security investigations, to allow data collection that goes far beyond what any grand jury can obtain.
“They’ve basically changed the meaning,” said Timothy H. Edgar, a privacy and civil liberties lawyer who worked for the Bush administration's director of national intelligence from 2006 to 2009 and then on President Barack Obama’s National Security Council. “Grand jury subpoenas may be broad or they may be narrow, but there’s still an outer limit as to what any grand jury would consider to be relevant.”
The relevance standard determines what information can be collected in any of type of legal investigation. Used in the context of a terrorism probe, under Section 215 of the USA Patriot Act, the “business records” provision, the FISC can issue a warrant allowing the NSA, the government’s electronic spying arm, to obtain these records if there are “reasonable grounds to believe that the tangible things sought are relevant to an authorized investigation.” When leaked documents from former government contractor Edward Snowden in June revealed the full extent of the NSA’s data collection program, lawmakers realized that the relevance standard they had placed on the government’s surveillance powers had essentially been rendered moot.
Though lawmakers expressed surprise at the phone data program, a minority in Congress has worried for years that the Patriot Act’s business records provision would give the government too much authority to snoop on U.S. citizens’ personal lives. When the provision was renewed in 2011, several members tried unsuccessfully to strengthen the relevance language in the law. During that time, members of Congress were assured by the Obama administration that “nothing will be broader here than what you get in a grand jury subpoena,” said Rep. Jerrold Nadler, a New York Democrat who had worked to reform Section 215. “Those assurances were not true.”
A grand jury can gather a relatively large swath of information to shed light on a criminal investigation. In a Medicare fraud case, for example, a suspected doctor's billing records, going back many years, may be reviewed. Even the records of other doctors at the same practice would likely be fair game. But trying to subpoena the records of all doctors in the same state would go too far. For a grand jury to acquire information, “there has to be some plausible nexus between the information you seek, the subject of the information you seek, and the subject of your investigation,” said Nathan Sales, an expert in security law at George Mason University School of Law. “Relevance is a concept that measures the connection between two different data sets. You can’t go on a fishing expedition.”
Government officials concede that Section 215 adheres to the same relevance standard that limits grand jury investigations. Just like grand jury subpoenas, “the concept of ‘relevance’ is broad enough to allow for the collection of information beyond that which ultimately turns out to be important to a terrorist-related investigation,” said Robert Litt, general counsel for the director of national intelligence, in a speech at the Brookings Institution earlier this month, despite the fact that “the scope of the collection” in the NSA’s telephone records collection program “is broader than typically might be acquired” by a grand jury.
Under the NSA program, the government captures metadata – the numbers, times and durations of all domestic calls – but doesn’t touch it until they have reason to believe that a particular number is linked to an investigation. At that point, NSA analysts use the database to analyze the behavior and social networks of the suspected number.
Like Litt, defenders of the NSA’s program insist that the relevance standard has not been changed – just the amount of information collected. Indeed, the phone records program relies not on broad collection but limitless collection. So to rationalize that under the relevance benchmark, the government has had to argue that unless all of the records are collected, the valuable ones cannot be identified. Apparently, the FISC has endorsed this point of view.
Benjamin Wittes, a national security law expert at the Brookings Institution, summarized the government’s position in a post on the Lawfare blog on July 19: “The dataset is relevant as a whole, in the government’s view, because parts of it are relevant — the only parts humans ever see -- and those parts would not be available to investigators and analysts if the entire dataset were not preserved and placed in a form they could query.”
In other words, the argument goes, while the personal phone logs of an average American will reveal nothing about terrorist activity unless he is communicating directly with a known terrorist, only by comparing the calling patterns of millions and millions of Americans can the NSA identify outliers, which may prove to be the telephony activity of a terrorist cell.
This is the case the Justice Department made two weeks ago in a letter to Rep. James Sensenbrenner, R-Wis., who has come out against the Section 215 program. “Because the telephony metadata must be available in bulk to allow NSA to identify the records of terrorist communications,” the letter reads, “the data is relevant to an authorized investigation to protect against international terrorism, as Section 215 requires, even though most of the records in the dataset are not associated with terrorist activity.”
The growing anger and frustration among some lawmakers toward the government’s relevance rationale was in sharp relief at a House Judiciary Committee hearing on July 17, as Rep. Blake Farenthold, R-Texas, asked Deputy Attorney General James Cole: “How is having every phone call that I make to my wife, to my daughter, relevant to any terror investigation?”
“I don't know that every call you make to your wife or your daughter...” Cole began.
But he was cut off by Farenthold, who said sharply: “But you got them.”
In response to another set of questioning, Cole said individual records did not matter much but “it's the old adage of, if you're looking for the needle in the haystack, you have to have the entire haystack to look through.”
As Timothy Edgar put it, the government is looking at the program as a “whole package” rather than individual pieces of data. “It’s not that every record that belongs to every American is relevant to a terrorism investigation,” Edgar said. “What [the government is] saying, is that by obtaining records in bulk, by collecting records in bulk, and then doing the sort of analysis that they can do, that whole system will produce relevant information.”
That’s not just expanding the scope, Edgar said, “that’s a completely different meaning of relevance.”
Despite using the relevance standard as their legal rationale, present and former government officials often walk away from that benchmark to describe the unique challenges of a terrorist investigation – challenges that are used to justify the policy decision to acquire information first and analyze it later. “Rather than attempting to solve crimes that have happened already, we are trying to find out what is going to happen before it happens,” Litt said at the Brookings event.
The pro-active nature of counterterrorism work means pulling critical information -- like a call between two al Qaeda operatives in the United States -- out of the millions of irrelevant domestic phone calls placed every day, former government officials argue. “The trick is, we can’t identify which ones are and are not relevant until we collect it and process it or run our algorithms against it or query the database after somebody tips us off,” said Sales, who served in both the Justice Department and the Department of Homeland Security during the George W. Bush administration.
Critics of the NSA program are growing increasingly frustrated with the relevance debate and hope to change the law so that argument becomes moot. As demonstrated by a close vote on NSA surveillance last week, a significant number of lawmakers in both parties hope to return NSA data collection activities back to what they believed they had originally had voted for. By a slim margin of only 12 votes, the House of Representatives voted to keep the program intact, defeating a measure by Reps. Justin Amash, R-Mich., and John Conyers, D-Mich., to halt bulk collection under Section 215. But the closeness of vote, in which 111 Democrats and 94 Republicans supported the bill, sent a signal that Congress has not yet accepted the government’s justification for the program, and in particular, it’s interpretation of the relevance standard.
“Relevance meant everything,” said Conyers when he emerged from the vote last Wednesday. “This analogy of a needle in a haystack is exactly the wrong example.”