In a story being reported this evening by Charlie Savage of The New York Times, it appears that President Obama is preparing to announce a legislative proposal that will seek to overhaul the Section 215 bulk telephony metadata collection program. The administration will seek to renew the Section 215 program in its current form for at least another 90 days, when the current FISC order expires on March 28 (this Friday), but, as story reports, in the future “the government would no longer systematically collect and store records of calling data.”
As is always the case, the devil will certainly be in the details, so we can’t know to what extent the proposal would curb the bulk collection program until we see the proposed legislation. Nevertheless, as it is being reported by The Times, the administration’s proposal does appear to be aimed at significantly curbing telephony metadata collection and potentially ending bulk telephony collection under Section 215.
From the story, we learn that:
Under the proposal, data about Americans’ calling habits would be kept in the hands of phone companies, which would not be required to retain the data for any longer than they normally would, according to senior administration officials. If approved by Congress, the changes would end the most controversial part of the bulk phone records program, a major focus of privacy concerns inside the United States since its existence was leaked last year.
. . .
As part of the proposal, the administration has decided to renew the program as it currently exists for at least one more 90-day cycle, senior administration officials said. But under the plan the administration has developed and now advocates, the officials said, the government would no longer systematically collect and store records of calling data. Instead, it would obtain individual orders from the Foreign Intelligence Surveillance Court to obtain only records linked to phone numbers a judge agrees are likely tied to terrorism.
The N.S.A. now retains the phone data for five years. But the administration considered and rejected imposing a mandate on phone companies that they hold onto their customers’ calling records for a period longer than the 18 months that federal regulations already generally require — a burden that the companies had resisted and that was seen as a major obstacle to keeping the data in their hands. A senior administration official said that intelligence agencies had concluded that the impact of that change would be small because older data is less important.
The new surveillance court orders would require phone companies to swiftly provide those records in a technologically compatible data format, including making available, on a continuing basis, data about any new calls placed or received after the order is received, the officials said.
They would also allow the government to seek related records for callers up to two calls, or “hops,” removed from the number that has come under suspicion, even if those callers are customers of other companies.
While the proposal appears to be aimed at curbing how data is collected, what remains unclear is what will (if anything) change about how the government uses the data that is collected. As Marty and David have written before, regulating the use of stored data is arguably the more important, but too often overlooked, question in the bulk collection debate. And at first blush, the proposal does not appear to alter, for example, the current practice of compiling all records within two “hops” from target numbers within the so-called “corporate store,” to which the NSA “may apply the full range of SIGINT analytic tradecraft to the results of the intelligence analysis queries of the collected . . . metadata” (Primary Order footnote 15).
I’m sure we’ll have much more to say once we learn further details about the administration’s proposal, but be sure to check back later of further analysis and commentary on this ongoing development.