We Need to Know More About When the FBI Can Access One of the NSA’s Biggest Databases

Americans have learned quite a bit about electronic surveillance since Edward Snowden leaked a massive trove of classified documents almost three years ago. And while we still know very little about certain types of surveillance, the Obama administration is about to make a big change that should make us all demand answers. According to a little noticed news report, President Obama is about allow the FBI to search through the biggest databases the NSA has to offer.

It helps to understand that different types of government surveillance are ruled by different procedures and protections based on where the surveillance occurs and who is targeted. It’s not quite this simple, but generally speaking: Surveillance in the United States targeting American citizens follows the traditional laws governing investigations that you see on “Law and Order.” Surveillance that takes place in the United States but targets foreigners abroad is conducted under the Foreign Intelligence Surveillance Act, which allows for much greater secrecy and, in some cases, less judicial oversight. And then there is surveillance that takes place overseas targeting foreigners, which has the least restrictions — practically none at all. Executive Order 12333, which governs all of the US’s intelligence activities overseas, provides the rules for this last category.

It is often stated that the National Security Agency has no interest in spying on American citizens. However, in 2008 pursuant to Executive Order 13470, the NSA began sharing certain databases of information — those collected in the second category — with the FBI and other agencies. We know that the FBI can (and does) routinely search this data for information on ordinary crimes using the names and other identifiers of Americans. This is commonly called the “backdoor loophole.” Any rules and guidelines for these backdoor searches are classified. The House has voted to close this loophole by wide margins. For example, the Massey-Lofgren amendment to the 2014 defense appropriations bill passed 293 to 123. Unfortunately, the amendment was removed by the Speaker of the House before final passage.

Strict rules have traditionally prevented this loophole from expanding to EO 12333 data. The NSA does not typically share “raw” 12333 data with other agencies, and NSA analysts are not permitted to search for Americans unless there is a reasonable belief that the search will return “foreign intelligence.” While the NSA does currently share some information with other agencies, it must first “minimize” the data to protect the rights of US persons. EO 13470 permits wider sharing of 12333 data, but requires that the Attorney General and Defense Secretary to agree to procedures as a prerequisite.

That agreement never happened. Until now.

According to Charlie Savage’s report in The New York Times, the Obama administration is on the “verge” of approving rules to permit the NSA to share raw EO 12333 data directly with other agencies, including the FBI. If this happens, even the pretense of protections may soon disappear.

This will undoubtedly have a huge impact on the privacy of Americans. The NSA frequently states that American citizens can never be “targeted” for surveillance it conducts. However, we know that Americans’ data is “incidentally” collected. The NSA and our allies around the world regularly vacuum up massive amounts data as it travels internationally. In one month in 2012, NSA collected 181 million data records. They want to “collect it all” and have built an enormous data center in Utah to hold the ever-increasing volume of information they obtain.

When the NSA collects data overseas, it inevitably collects information about American citizens. But just how much of the collected data is about Americans is unknown to anyone, including the NSA itself. This unknown quantity is referred to as the “Golden Number” as it implicates the pervasiveness of EO 12333 surveillance on Americans.

Perhaps it was easy to keep the communications of foreigners and non-foreigners separate in the days of Ronald Reagan when EO 12333 was signed. However, today, your digital trail is not confined by national boundaries. Your email, Facebook, and other digital accounts are routinely backed up in data centers around the world. Your data often travels overseas because, on the Internet, the fastest route to your neighbor might run through Ireland. Additionally, international backups provide redundancy and help speed the global network.

In the modern world, it may not matter that Americans cannot be targeted. Because our data is regularly travels around the world, it may be (and probably is) “incidentally” collected. Knowing the Golden Number would explain how large this problem is. Privacy advocates have repeatedly asked the NSA to conduct a sample study of signals intelligence data to find the Golden Number. However, to date, we have no idea how much data about Americans is included in the 12333 or other databases.

If the Obama administration moves forward with its proposed rule change, the FBI will have access to untold amounts of private emails, phone calls, and personal communications of American citizens — and unless the new guidelines change current rules, all without a warrant. It is imperative that the White House provide more information to ensure the legal protections of American citizens. A good first step would be declassifying the FBI rules, and requiring the FBI to get a warrant to search these records. 

About the Author(s)

Nathan White

Senior Legislative Manager for the Access Advocacy Team Follow him on Twitter (@NathanielDWhite).