NSA’s Preference for Metadata

Exclusive: The hidden ball in the debate over the NSA’s collection of phone and e-mail metadata (vs. tapping into actual conversations with a court order) is that the NSA actually prefers the metadata approach because it strips away privacy more efficiently, says ex-NSA analyst Kirk Wiebe.

By Kirk Wiebe

Senior national security officials, from President Barack Obama on down, have made light of the National Security Agency’s intrusive monitoring of the public by saying “only” metadata about communications, not the content of those communications, are collected. One might ask, then, why is it that intelligence and law enforcement officials much prefer this metadata approach?

For one, analysts can determine a great deal about a person any person by following the electronic crumbs that people inevitably leave behind in the course of their daily routines. And this data-byte-crunching analysis is much less time-consuming than monitoring each phone call or reading each e-mail.

A slide from material leaked by ex-NSA contractor Edward Snowden to the Washington Post, showing what happens when an NSA analyst "tasks" the PRISM system for information about a new surveillance target.

A slide from material leaked by ex-NSA contractor Edward Snowden to the Washington Post, showing what happens when an NSA analyst “tasks” the PRISM system for information about a new surveillance target.

So, the distinction between listening in on conversations and “just” collecting phone numbers called and the duration of the conversations is a red herring. The truth is that persistent, bulk collection of metadata in support of analysis is not can be  more revealing over time than content, the latter prohibited from collection unless probable cause criteria have been met in the eyes of a court.

Metadata collection can answer all but one of the five “W’s” of journalism: the Who, What, Where and When. Given time, it can even respond to “Why” someone interfaces with digital information systems the way they do. It can do this because it is possible to discern patterns of behavior in metadata.

A very simple example: You go to work via a toll road, taking essentially the same route five days a week, for about 48 weeks a year. A license plate scanner produces information about where your car was when it was scanned and at what time. Your passive transponder (e.g., E-Z Pass) records your entrance onto the toll road at which ramp, and when you were there. The same transponder reports when and where you got off the toll road.

You stopped to get gas. Your credit card records where you were and when you bought the gas. You arrive at work and turn on your computer. Your Internet service provider (ISP) records when an IP address was given to your computer and what time it was provided. The IP address is associated with a server at a location with a specific address and is associated with your name.

So it is possible to know when you arrived at work. Or perhaps you called your wife to tell her you arrived safely. Your phone has locational information and the time of the call is recorded. Of course, the phone is associated with your account/name.

Similarly, any deviation from these patterns for whatever reason would also be apparent. A consistent deviation might reveal a significant change in your personal life (e. g. job trouble, health problems, marital difficulties).

While this ability to construct a mosaic of your life may not be understood by those inclined to believe what they hear on the evening “news” that the metadata is no real threat to your privacy this reality is eminently understandable to those familiar with the technological power of the various NSA programs. MIT graduate students, for example, have produced a video, based largely on personal experience as well as research, that makes it very clear.

A caveat here: I have not seen everything that has been released by former NSA contractor Edward Snowden so far, but I have seen most. Even taken together, these documents listing the names of the programs like PRISM, XKEYSCORE and UPSTREAM  and the various diagrams depicting data flows on charts would not tell much to someone unfamiliar with the technological capabilities of these programs.

What is discernible is that NSA is interested in metadata and content from the Internet, a fact that is hardly classified. NSA is also interested in phone calls. That too is not classified, nor is it new. People have known for a long time that NSA’s mission is to produce foreign intelligence from communications.

Former NSA Director Michael Hayden long ago made it clear that given the rapid changes in networked communications and associated technologies NSA needed to master the “net.” There was no mistaking the intent. He even said he consulted with large Internet companies and their experts in Silicon Valley.

Bottom Line: Only people who work with these programs the contractors who support information technology, the IT developers and the NSA analysts understand what these programs are, what they do and how they do it, in other words, the extraordinary power that they possess.

A Highly Damaging Leak?

As for the “damage” from unauthorized disclosures of these programs over the past half-year largely from documents leaked by Snowden, defenders of NSA bulk collection are hewing to NSA’s talking points (recently acquired via a Freedom of Information request). Here are three of the 13 points listed:




But these “talking points” obscure the real questions posed by the bulk collection of metadata on virtually all human beings who communicate through electronic means, from telephone to e-mail: What is the real threat posed to personal privacy by the persistent, bulk collection of metadata of innocent people? And what is the real damage from disclosure of this reality?

As for legality, do not be fooled by allusions to the infamous Smith v. Maryland (1979) court decision which says Americans surrender their expectation of privacy over call data held by phone companies upon which the Government rests its case for claiming its NSA metadata collection is legal.

That case had absolutely nothing to do with the persistent, bulk collection of metadata. The citation amounts to a stall tactic, with the Government knowing it takes just about forever for the federal court system to adjudicate the legality of such a claim  while the collection will continue.

Also, be skeptical about the Government’s claims about massive (but indeterminate) damage to national security. According to the rules for classifying material, it must have the potential to cause EXCEPTIONALLY GRAVE DAMAGE to the national security of the United States (TOP SECRET), SERIOUS DAMAGE to the national security (SECRET), or to cause DAMAGE to the national security (CONFIDENTIAL stuff), if divulged to the public at large.

It would be difficult for anyone in a court of law to make the case that public disclosure of NSA’s intrusive collection has done any of those things. Despite the NSA’s “talking points,” no clear-cut evidence has been presented supporting the claims of “IRREVERSIBLE AND SIGNIFICANT DAMAGE.”

But here is a real leak that caused “exceptionally grave damage” to the national security: On the night of 9/11, Sen. Orin Hatch, R-Utah, told The Associated Press, “They have an intercept of some information that includes people associated with [Osama] bin Laden who acknowledged a couple of targets were hit.”

Hatch made similar comments to ABC News and said the information had come from officials at the CIA and FBI. We never heard bin Laden or any of his close associates on a satellite phone again. THAT was a true compromise of security. But nothing happened to Sen. Hatch.

Has Snowden caused great embarrassment, especially about monitoring the communications of various high-level persons in foreign countries, such as Germany and Brazil? Yes, but do any of those countries pose a security threat to the United States? None of which I am aware.

And, contrary to the alarmist claims of the NSA “talking points,” the damage to intelligence sources and methods aimed at legitimate foreign targets is, so far, minimal. Part of the reason is because, quite simply, there are no current options to avoid either phones or the Internet or travel, all of which are heavily monitored. Alternatives aimed at evading monitoring are fragile, costly, inconvenient, and usually ineffective.

Another irony about all the teeth-gnashing over Snowden’s revelations is this: As noted elsewhere, the U.S. government is sure to improve not degrade its intelligence gathering/analysis if it abandons the kind of mass metadata collection and storage that serves mainly to drown analysts in data.

The current system has been shown to be ineffective in identifying terrorists, raising the question: How does one damage something that is already “ineffective”?

Kirk Wiebe is a retired National Security Agency senior analyst and recipient of that Agency’s second highest award the Meritorious Civilian Service Award. As an employee of NSA, he has sworn to uphold the U.S. Constitution against all enemies, foreign and domestic. He has worked with colleagues Bill Binney, Ed Loomis, Tom Drake and Diane Roark to oppose NSA corruption and over-surveillance since 2001.

5 comments for “NSA’s Preference for Metadata

  1. January 14, 2014 at 02:00

    ARE YOU EFFIN’ KIDDIN’ ME? The NSA records not only metadata, the NSA RECORDS ALL CONTENT ALL THE TIME! WTF DO YOU THINK THAT 1 MILLION SQ. FOOT NSA FACILITY IS FOR? METADATA STORAGE? You could fit the world’s metadata content in a bathroom……….ONE MILLION SQUARE FEET?!?!!?!? That’s for recording CONTENT AND STORING THAT CONTENT INDEFINITELY FOR FUTURE USE. Several NSA whistleblowers said the same thing….especially William Binney, who worked at the NSA for over forty years.

  2. January 13, 2014 at 19:29

    Excellent insight, especially the comparison between the actual “true grave damage” done by Senator Orin Hatch’s reckless disclosures and the documented disclosure of proof of unregulated improper-ineffective violations of Constitutional felty by federal public officials by Edward Snowden. Another example of actual “true grave damage” to the IT was the intentional outing of Valerie Plame Wilson as political retribution for her husband refusing to endorse the disinformation of the Bush II administration in the run-up to the invasion of Iraq.
    As Usual,

    • Ethan Allen
      January 14, 2014 at 18:17

      In accordance with your statement,
      “Your email address will not be published.”;
      delete the Email address from the above reply IMMEDIATELY!
      When I posted the reply, a pop-up window
      from your provider(Word Press) notified me that “Your trial period has ended”. When I followed the ink it said that if I wanted to continue “spam protection” I would have to remit $7.98 for a year’s protection. When I closed the pop-up, the reply window reappeared with the email address published; and a notice that the reply was being moderated.
      I have been a loyal patron of ConsortiumNews for many years, and have often not been able to post comments due to the many problems the site has had, including the current Word Press application. The publishing of the email adddress, however, is an agregious FUCK UP!!! Do not waste an apology; JUST FIX IT!!
      Ethan Allen

  3. Joe Tedesky
    January 13, 2014 at 14:27

    If you are running a security plan then you maybe wise to concentrate on compromise. Once, in another life I had a security clearance. My boss would give me a wink and a nod for me to try and compromise our plan. When I would break in this would reveal our weakness. Thus we made security better. Of course Hayden needs to gnash his teeth, this is his job.

    I am still not sure what Snowden is doing. So far, he has released about 1% of Intel. Also, whatever part Greenwald has to play is to me an unknown. Maybe someone among you could catch me up to speed to what good Snowden has done so far. Sorry, I am just not convinced to what his contribution is. Although, I do favor protecting out privacy, if we have any left.

    The worst compromises don’t come from us little people, they come from people like Senator Hatch. In fact, the so called leaks almost always go back to some important players doorstep. So who should we be watching. The problem is these protective laws only apply to the whistleblower.

  4. queenvictrola
    January 13, 2014 at 13:05

    “Oppression has been privatized
    By moles and trolls and spooks and spies
    Its much worse than you realize
    Just trust us!” — Annie Ominous

Comments are closed.