WASHINGTON—The National Security Agency’s monitoring of Americans includes customer records from the three major phone networks as well as emails and Web searches, and the agency also has cataloged credit-card transactions, said people familiar with the agency’s activities.
Jerry Seib explains how the far-reaching data collection conducted by the U.S. government includes phone companies in addition to Verizon, plus Internet service providers and Apple. Photo: Getty Images
The disclosure this week of an order by a secret U.S. court for Verizon Communications Inc.’s phone records set off the latest public discussion of the program. But people familiar with the NSA’s operations said the initiative also encompasses phone-call data from AT&T Inc. and Sprint Nextel Corp., records from Internet-service providers and purchase information from credit-card providers.
The Obama administration says its review of complete phone records of U.S. citizens is a “necessary tool” in protecting the nation from terror threats. Is this the accepted new normal, or has the Obama administration pushed the bounds of civil liberties? Cato Institute Director of Information Policy Studies Jim Harper weighs in. Photo: Getty Images.
The agency is using its secret access to the communications of millions of Americans to target possible terrorists, said people familiar with the effort.
The NSA’s efforts have become institutionalized—yet not so well known to the public—under laws passed in the wake of the Sept. 11, 2001, attacks. Most members of Congress defended them Thursday as a way to root out terrorism, but civil-liberties groups decried the program.
Vote and comment
The National Security Agency is obtaining phone records from all Verizon U.S. customers under a secret court order, according to a newspaper report and ex-officials. WSJ intelligence correspondent Siobhan Gorman joins MoneyBeat. Photo: AP.
“Everyone should just calm down and understand this isn’t anything that is brand new,” said Senate Majority Leader Harry Reid (D., Nev.), who added that the phone-data program has “worked to prevent” terrorist attacks.
Senate Intelligence Chairman Dianne Feinstein (D., Calif.) said the program is lawful and that it must be renewed by the secret U.S. court every three months. She said the revelation about Verizon, reported by the London-based newspaper the Guardian, seemed to coincide with its latest renewal.
All Things D
The Laws That Make It Easy for the Government to Spy on Americans
What the NSA Wants to Know About You and Your Phone
Tech Companies’ Data Is Also Tapped
FISA Court in Focus
Obama’s Civil-Liberties Record Questioned
When NSA Calls, Companies Answer
Mixed Reactions on Hill
Lawmakers Push Holder for Briefing on Phone Records | More Reaction
Verizon Says Must Comply with Data Requests
Government Is Tracking Verizon Calls
NSA’s Domestic Spying Grows as Agency Sweeps Up Data (3/10/2008)
NSA Exceeds Legal Limits in Eavesdropping Program (4/16/2009)
U.S. Plans ‘Perfect Citizen’ Cyber Shield for Utilities, Companies (7/8/2010)
NSA Activities Violated Fourth Amendment Rights, Letter Discloses (7/20/2012)
Civil-liberties advocates slammed the NSA’s actions. “The most recent surveillance program is breathtaking. It shows absolutely no effort to narrow or tailor the surveillance of citizens,” said Jonathan Turley, a constitutional law expert at George Washington University.
Meanwhile, the Obama administration acknowledged Thursday a secret NSA program dubbed Prism, which a senior administration official said targets only foreigners and was authorized under U.S. surveillance law. The Washington Post and the Guardian reported earlier Thursday the existence of the previously undisclosed program, which was described as providing the NSA and FBI direct access to server systems operated by tech companies that include Google Inc., Apple Inc., Facebook Inc., Yahoo Inc., Microsoft Corp. and Skype. The newspapers, citing what they said was an internal NSA document, said the agencies received the contents of emails, file transfers and live chats of the companies’ customers as part of their surveillance activities of foreigners whose activity online is routed through the U.S. The companies mentioned denied knowledge or participation in the program.
The arrangement with Verizon, AT&T and Sprint, the country’s three largest phone companies means, that every time the majority of Americans makes a call, NSA gets a record of the location, the number called, the time of the call and the length of the conversation, according to people familiar with the matter. The practice, which evolved out of warrantless wiretapping programs begun after 2001, is now approved by all three branches of the U.S. government.
AT&T has 107.3 million wireless customers and 31.2 million landline customers. Verizon has 98.9 million wireless customers and 22.2 million landline customers while Sprint has 55 million customers in total.
NSA also obtains access to data from Internet service providers on Internet use such as data about email or website visits, several former officials said. NSA has established similar relationships with credit-card companies, three former officials said.
It couldn’t be determined if any of the Internet or credit-card arrangements are ongoing, as are the phone company efforts, or one-shot collection efforts. The credit-card firms, phone companies and NSA declined to comment for this article.
From the Archives
Video: U.S. Data Gathering Highlights Carriers’ Balancing Act
Video: U.S. Tracks Verizon Calls: A Lawyer’s Take
Though extensive, the data collection effort doesn’t entail monitoring the content of emails or what is said in phone calls, said people familiar with the matter. Investigators gain access to so-called metadata, telling them who is communicating, through what medium, when, and where they are located.
But the disconnect between the program’s supporters and detractors underscored the difficulty Congress has had navigating new technology, national security and privacy.
The Obama administration, which inherited and embraced the program from the George W. Bush administration, moved Thursday to forcefully defend it. White House spokesman Josh Earnest called it “a critical tool in protecting the nation from terror threats.”
But Sen. Ron Wyden (D., Ore.), said he has warned about the breadth of the program for years, but only obliquely because of classification restrictions.
“When law-abiding Americans call their friends, who they call, when they call, and where they call from is private information,” he said. “Collecting this data about every single phone call that every American makes every day would be a massive invasion of Americans’ privacy.”
In the wake of the Sept. 11 attacks, phone records were collected without a court order as a component of the Bush-era warrantless surveillance program authorized by the 2001 USA Patriot Act, which permitted the collection of business records, former officials said.
The ad hoc nature of the NSA program changed after the Bush administration came under criticism for its handling of a separate, warrantless NSA eavesdropping program.
President Bush acknowledged its existence in late 2005, calling it the Terrorist Surveillance Program, or TSP.
When Democrats retook control of Congress in 2006, promising to investigate the administration’s counterterrorism policies, Bush administration officials moved to formalize court oversight of the NSA programs, according to former U.S. officials.
Congress in 2006 also made changes to the Patriot Act that made it easier for the government to collect phone-subscriber data under the Foreign Intelligence Surveillance Act.
Those changes helped the NSA collection program become institutionalized, rather than one conducted only under the authority of the president, said people familiar with the program.
Along with the TSP, the NSA collection of phone company customer data was put under the jurisdiction of a secret court that oversees the Foreign Intelligence Surveillance Act, according to officials.
David Kris, a former top national security lawyer at the Justice Department, told a congressional hearing in 2009 that the government first used the so-called business records authority in 2004.
At the time he was urging the reauthorization of the business-records provisions, known as Section 215 of the Patriot Act, which Congress later approved.
The phone records allow investigators to establish a database used to run queries when there is “reasonable, articulable suspicion” that the records are relevant and related to terrorist activity, Ms. Feinstein said Thursday.
Director of National Intelligence James Clapper also issued a defense of the phone data surveillance program, saying it is governed by a “robust legal regime.” Under the court order, the data can only “be queried when there is a reasonable suspicion, based on specific facts, that the particular basis for the query is associated with a foreign terrorist organization.” When the data is searched, all information acquired is “subject to strict restrictions on handling” overseen by the Justice Department and the surveillance court, and the program is reviewed roughly every 90 days, he said. Another U.S. official said less than 1% of the records are accessed.
The database allows investigators to “map” individuals connected with that information, said Jeremy Bash, who until recently was chief of staff at the Pentagon and is a former chief counsel to the House Intelligence committee.
“We are trying to find a needle in a haystack, and this is the haystack,” Mr. Bash said, referring to the database.
Sen. Wyden on Thursday questioned whether U.S. officials have been truthful in public descriptions of the program. In March, Mr. Wyden noted, he questioned Mr. Clapper, who said the NSA did not “wittingly” collect any type of data pertaining to millions Americans. Spokesmen for Mr. Clapper didn’t respond to requests for comment.
For civil libertarians, this week’s disclosure of the court authorization for part of the NSA program could offer new avenues for challenges. Federal courts largely have rebuffed efforts that target NSA surveillance programs, in part because no one could prove the information was being collected. The government, under both the Bush and Obama administrations, has successfully used its state-secrets privilege to block such lawsuits.
Jameel Jaffer, the American Civil Liberties Union’s deputy legal director, said the fact the FISA court record has now become public could give phone-company customers standing to bring a lawsuit.
“Now we have a set of people who can show they have been monitored,” he said.
Updated June 7, 2013, 9:25 a.m. ET
By SIOBHAN GORMAN, EVAN PEREZ and JANET HOOK
—Danny Yadron and Jennifer Valentino-DeVries contributed to this article.
Copyright 2012 Dow Jones & Company, Inc. All Rights Reserved