Thesis: The U.S. administration is using an automated communication surveillance system to monitor communications between the domestic U.S. and foreign countries. The system is a enhanced version of the Echolon system developed by the National Security Agency during the cold war to spy on foreign communication.
The use of such a system in communication involving the domestic U.S. is against the Fourth Amendment and could not possibly be legal even through the Foreign Intelligence Surveillance Act.
To be able to use the technology, the administration decided to break the law.
Noah Shachtman of Defense Tech asked if there are technical reasons that led the administration to ignore the FISA procedures while wiretapping. I am now convinced that this is indeed the case.
Some hints come through the comments to his piece and there is additional information in today’s Lichtblau/Sanger New York Times piece:
Administration officials, speaking anonymously because of the sensitivity of the information, suggested that the speed with which the operation identified "hot numbers" – the telephone numbers of suspects – and then hooked into their conversations lay behind the need to operate outside the old law.
Described is an automated (i.e. speed) system that does not only wiretap calls from/to "hot numbers", it identifies new "hot numbers" on the fly.
The wiretapping process itself generates the criteria for further wiretapping.
This is an inherent feature of an evolved Echelon system that, I suspect, is now applied to the domestic United States.
ECHELON
is a term associated with a global network of computers that
automatically search through millions of intercepted messages for
pre-programmed keywords or fax, telex and e-mail addresses.
For decades Echelon has been used by the NSA to spy on foreign telecommunications. Echelon has been investigated by the European Parliament because it has been and may still be used for spying in commercial interests.
How does this work?
The system taps into general communication lines like international telecommunication satellite links and analyzes all traffic going through such lines.
The system listens to and processes communication in realtime. It is preconfigured with specific phone numbers, email addresses and/or keywords. An evolved Echelon may include speaker recognition.
If a specific communication matches one of the preconfigured criteria, i.e. includes a specific number, keyword or voice, it is recorded in a large storage facility.
Database mining technologies and automated statistic methods are used to find patterns within and between the recorded communications. The discovery of such patterns may lead to further investigation or may modify the system’s sensitivities.
The system may monitor a link to Pakistan and be triggered by all calls through that link originating from a mosque in Detroit. Those calls get recorded and the NSA’s computer banks use speech recognition and automated translation to further analyze them. The process may also use speaker recognition via voice patterns to distinguish persons involved in the calls.
The wiretapping and statistical analyze of calls from the line of the mosque in Detroit may have found three calls that included the keyword "plane" and also involved the specific voice pattern of an unknown person A.
That specific voice pattern would then become a criteria for listening into other calls. If person A in his next call uses a cell phone to call uncle Muhammad in Karachi, the general surveillance of such calls to Pakistan would recognize his voice pattern and trigger its recording.
The process can catch a specific persons calls, even if that person uses multiple phones and connections. The wiretapping of the mosque’s line generates new "hot numbers" for further wiretapping.
A similar process used on keywords starting with a preconfigured list could generate additional keywords. These would be added to the "trigger list" for further surveillance. A starting keyword may be "plane". A statistical relevant number of calls would be found to include the word "plane" and the word "plastic". This could lead to the word "plastic" being added to the keyword list.
The system also allows for statistical dissection of patterns and, more important, to find deviation from such pattern. While the use of the phrase "Merry Christmas" at the end of December is not suspect, its use in various calls in July and August would be quite suspicious and could trigger further investigation.
In general such a system will always generate a lot of false positives. Cases were people may get investigated, thrown into jails, "renditioned" and tortured because of some statistical anomaly.
FISA demands a "probable cause" to allow a wiretap. But with the application of an Echelon like system, the probable cause is generated by the wiretap. Indeed in their piece last Friday Rinsen/Lichtblau report:
A complaint from Judge Colleen Kollar-Kotelly, the federal judge who oversees the Federal Intelligence Surveillance Court, helped spur the [temporary] suspension, officials said. The judge questioned whether information obtained under the N.S.A. program was being improperly used as the basis for F.I.S.A. wiretap warrant requests from the Justice Department, according to senior government officials.
The administration could not apply for FISA wiretaps because the system now used to wiretap is inherently incompatible to FISA. The administration could have gone to Congress to ask for a modification of the law, but it did not. Instead it broke the law.
Why did they do this?
In an interview a former NSA architect of Echelon II, Bruce McIndoe, explains:
"No system of such enormous magnitude would only be used for a single purpose. They use it for everything they can, if they feel it’s necessary. Whenever they need to exploit its potential, they do it."
John Bolton may be able to tell more about such exploits.