Snowden on Government Access to American's Data
As a follow up to Liz's post, Snowden also took a question from Anthony DeRosa. DeRosa actually asked two questions:
1) Define in as much detail as you can what "direct access" means.
2) Can analysts listen to content of domestic calls without a warrant?
Snowden answered both but in a somewhat circuitous fashion. First, on what "direct access" means he said this:
1) More detail on how direct NSA's accesses are is coming, but in
general, the reality is this: if an NSA, FBI, CIA, DIA, etc analyst has
access to query raw SIGINT databases, they can enter and get results for
anything they want. Phone number, email, user id, cell phone handset id
(IMEI), and so on - it's all the same. The restrictions against this
are policy based, not technically based, and can change at any time.
Additionally, audits are cursory, incomplete, and easily fooled by fake
justifications. For at least GCHQ, the number of audited queries is only
5% of those performed.
This seems like fairly straightforward claim that people with access to the NSA database can get anything. There might be some policy which says they should not do so but Snowden seems to be saying that the chances of getting caught violating that policy are fairly small.
What's not clear from this answer is how much of the data available in these databases is focused on Americans and whether or not that includes call/email content as well as metadata. It's worth noting that DeRosa seemed to find this answer unsatisfactory.
Here is Snowden's answer to DeRosa's 2nd question which was a direct query about the ability to listen to domestic calls without a warrant:
2) NSA likes to use "domestic" as a weasel word here for a number of
reasons. The reality is that due to the FISA Amendments Act and its
section 702 authorities, Americans’ communications are collected and
viewed on a daily basis on the certification of an analyst rather than a
warrant. They excuse this as "incidental" collection, but at the end of
the day, someone at NSA still has the content of your communications.
Even in the event of "warranted" intercept, it's important to understand
the intelligence community doesn't always deal with what you would
consider a "real" warrant like a Police department would have to, the
"warrant" is more of a templated form they fill out and send to a
reliable judge with a rubber stamp.
This seems a bit vague though that may be partly because a full answer would require much more space than this format allows. So some calls including those of Americans are listened to without a warrant. Are these primarily calls made to or from suspected terrorists? How big is the list? Are these individual cases or is the NSA recording overseas calls in bulk? It's not clear what the boundaries of "incidental" collection are.
As for warrants, we can see from the activity of the FISA court over a period of years that they don't say no to anything. That said, if there is some kind of warrant, even a formality, then a record is being kept of who is listening to what.
In an interview with USA Today, former NSA technical director William Binney suggested Snowden's claim about wiretapping the President's phone may have been tied to Snowden's special access as a system administrator. Does that mean only people able to bypass the procedural security built into the system could wiretap the President or could any person with access to the NSA database do it? Put another way, was Snowden bragging about something he alone could do or giving us a sense of how wide open the NSA's data collection is? It's not clear.
There is just not enough information in Snowden's answer or in the public record to evaluate the process or its vulnerability to abuse. Again, since DeRosa asked the question, it's worth noting he didn't find this answer very satisfactory either.