The National Security Agency has “quietly shut down” the mass surveillance program it implemented after the September 11, 2001 terror attacks to analyse metadata on domestic calls and text messages, the New York Times reported on Monday, citing an episode of the Lawfare podcast with “senior Republican congressional aide” Luke Murry.
The Wall Street Journal separately reported that Murry stated the program has not been used in at least six months, with both papers writing that it is unclear whether Donald Trump’s administration will ask Congress to renew its legal authority when relevant portions of the Patriot Act expire at the end of 2019.
A prior iteration of the program, which was first publicly revealed by former intelligence contractor Edward Snowden in 2013, collected bulk metadata directly from service providers until 2015. That year, the U.S.A. Freedom Act revised the Patriot Act so that providers would only hand over data on specific suspects (as well as data from anyone they contacted) without it being piped directly into NSA servers, and limited its collection to require the approval of a judge. While the NSA collected call and text records in the “billions per day” before the revision, it still collected 534 million records in 2017 from just 40 targets, the Times wrote.
Metadata does not contain the actual content of a text message or the words spoken in a phone conversation, but it does include tags stating who contacted who, when, and for how long. While the NSA has claimed metadata only shows them the phone numbers involved, quite a bit of information about someone, like if they were in contact with, say, a local pizza shop, a gun store, or a Planned Parenthood facility.
The Times report noted that problems with the metadata program began cropping up last year, when the NSA reportedly deleted its entire database of post-Freedom Act information after finding providers were handing over information that “included both accurate and inaccurate data”:
When the agency then fed those numbers back to the telecoms to get the communications logs of all of the people who had been in contact with its targets, it ended up gathering some data of people unconnected to the targets. The agency had no authority to collect their information, nor a practical way to go through its large database and cull those records it should not have gathered. As a result, it decided to purge them all and start over.
As both the Times and the Journal noted, U.S. intelligence officials have long been unable to offer any concrete examples of a terror incident prevented by the program. Yet they have long fought privacy advocates opposed to the program by saying the NSA needs its metadata collection programs to provide it with the capacity to map out the social webs around terror suspects. (Note that the NSA’s ability to collect this information outside the bounds of the U.S. remains mostly unconstrained.)
Now, the Journal wrote, people familiar with the program stated that it lacks “operational value,” though no final decision has been made on its fate, and “the discussions about potentially ending the metadata program were in the early and informal stages.” A spokesman for House Minority Leader Kevin McCarthy, Murry’s boss, told the Times that Murry’s comments were made in an unofficial capacity.
“It seems clear to me that this is not a program that is needed for national security,” said American Civil Liberties Union senior legislative counsel Neema Singh Guliani told the Journal. “One of the goals of the Freedom Act was to limit large-scale collection, and I think there are questions as to whether that law is achieving its goals.”
The final decision whether to ask Congress to continue the program will lay with the Trump administration, not the NSA, according to the reports. Given that it seems to be in disarray and officials no longer seem quite as eager to keep it rolling, there’s a chance that it will cease.