Drip by drip, new revelations regarding NSA domestic surveillance programs become known every week. Edward Snowden and Glenn Greenwald have planned their news drops as an elaborate production: First they released their initial documents, then a few more in the next weeks. Then they allowed time for the administration to respond and try to mislead the American people, and then they responded with new documents that appear to directly contradict the President's claims.
This strategy was on clearest display last week, when another bombshell emerged after intelligence officials and administration actors had claimed that PRISM and other NSA surveillance programs were carefully regulated to protect American privacy with elaborate safeguards. Just when that narrative was starting to win over some people - and it was a critical part in the narrative in the Administration's efforts to combat the Amash amendment - Snowden and Greenwald responded by releasing an internal NSA audit on the use of these surveillance programs. The audit concluded that the programs have been seriously abused, including 2776 incidents in just the Washington area and violations of rules of the court order.
"One in 10 incidents [of NSA abuse] is attributed to a typographical error in which an analyst enters an incorrect query and retrieves data about U.S phone calls or e-mails," according to a telling part of the Washington Post article revealing the NSA audit. If a typographical error can so easily grant access to information on American citizens, then all of the data on American citizens is clearly available to the NSA but the NSA is simply using discretion to "avoid" accessing it.
If the NSA didn't use its discretion and "accidentally" accessed all phone records in Washington, DC, of course that would be one of the serious types of incidents that would be reported to the Congressional oversight committee. Right? But apparently, no.
The NSA accidentally accessed "a large number" of phone records for people with a 202 area code, which is the area code of congressmen, senators, Supreme Court justices, think-tanks, and 501c4 groups including Tea Party groups and their staffs.
How did such a "typographical error" occur? Well apparently in 2008 the NSA confused the US area code 202 for 20, the international area code for Egypt. But surely any US resident would have known that 1-202-XXX-XXXX is a US phone number and will produce data on American citizens, not Egyptians. Furthermore, the audit focused on NSA facilities located in the Washington DC area, so the NSA employees involved presumably all had first hand knowledge that 202 was DC's area code.
If the NSA was running a system that had serious concern for accessing data on American citizens, we would hope that they could program a system that would automatically rule out access to American area codes without some type of escalation. This is remarkably easy to program given that all US numbers begin with a 1 and have three numbers in their area code.
As someone who worked as a staffer in Congress, it's difficult for me to convey the level of incriminating information that the NSA may have obtained in just this one incident. The agency would have learned which sources called which reporters, which members of Congress and their staff were using official resources for campaign activities, which 501c4 groups were coordinating with campaigns - and thats just for starters.
Over a month ago, I wrote, "If Prism is Good Policy, Why Stop with Terrorism," examining how NSA surveillance data could be used for other public purposes. I suggested that we needed to draw a line in the sand, because otherwise, perfectly plausible arguments could be made for expanded uses of NSA data that include enforcing speed limits, combatting child pornography, and ending illegal downloading of copyrighted works:
If the barometer for violating the Fourth Amendment is efficacy, then why should these not also be up for discussion? The answer is clear: The Fourth Amendment was not designed for efficacy. It was designed for privacy and to defend our liberty. If that's not the case, why even stop with these examples?
We now know that the data has been shared with other agencies for other purposes, including to the IRS and DEA through the Special Operations Division. And that these agencies were told to lie about where they got the data when they tried to use it in court.
If the House and Senate Intelligence Committees constituted a serious adversarial oversight branch, they should react to these NSA programs and this audit with outrage: at the misleading comments made to the American people by the administration, the findings of the audit itself, and most importantly at the fact that this audit remained classified. Now that portions of the NSA surveillance program have been declassified and acknowledged, it is unconscionable that an internal audit would itself be classified.
But Congress can't work as a rigorous oversight branch because it doesn't have access to basic information about the NSA's interpretation of the law. The administration kept the NSA audit classified in what appears to have been a deliberate attempt to withhold critical information for oversight.
Just a few weeks ago Congress was considering the Amash amendment, which failed by only 12 votes, to withhold the funding for NSA surveillance granted by the Patriot Act. Even the author of the Patriot Act, Rep Jim Sensenbrenner, says that the bill he wrote did not authorize dragnet style NSA surveillance, and this use of the Patriot Act was all news to him. Of course the NSA has its own interpretation of the Patriot Act that has allowed these surveillance operations...But that interpretation remains classified. So while Congress was voting on defunding the NSA program, they were unable to see exactly how the NSA was interpreting that law to begin with.
Even more grievously, during the run-up to the Amash amendment vote, the administration, members of the Intelligence Committees and outside groups explained how safe the NSA programs are and touted the numerous safeguards built into the system to prevent accessing data on American citizens. All the while, there was an NSA audit on this exact issue that was withheld from Congress that demonstrates that the programs were not as safe as everyone was telling Congress. Perhaps the administration disagrees with the audit, but the audit is an oversight analysis and it ought to be provided to Congress and made part of the conversation. Imagine if the CBO had a negative score of Obamacare costing billions of dollars more than predicted and the administration tried to bury the report or declared it classified to avoid it being made public -- that would be quite a scandal!
It's plausible, and I would argue likely, that this audit would have changed 7 votes and flipped the Amash amendment into the win column. As one data point, Congressman Jim Himes (D-CT) voted against the Amash amendment, but when revelations about the NSA audit came out last week he tweeted: "Possibility of 1000s of NSA violations unacceptable. Many intel comm members unaware of this report. In fact, we have been told no abuses."
In a court proceeding, withholding this type of information from opposing counsel would be a bar-dismissible and contemptible act. But that is precisely what was done here. As noted when DNI James Clapper lied to Congress about PRISM and related programs, apparently the normal rules of law do not apply when it comes to the NSA.
How does such a parade of abuses take place without intervention by the congressional branch? In the 1970s, when NSA and CIA abuses were exposed, Congress created the Church and Pike Commissions to investigate illegal surveillance and other activities. That ultimately resulted in institutional checks upon intelligence operations and capacity and permanent oversight through the House and Senate Intelligence Committees. These committees were supposed to be watchdogs for civil liberties and ensure that our nation's intelligence activities came under the rule of law. They were specifically concerned to prevent warrantless wiretaps on American citizens.
But as most who work in Congress today will tell you, these adversarial oversight institutions have been co-opted. To many in Congress the primary purpose of these committees appears to be to reassure other members of Congress that all is fine and that they should go home. "Don't listen to those people in your district sir, I can assure you that the situation is taken care of" was a common refrain. In my time in Congress, I never heard staff on those committees try to rein in or limit the intelligence community or rally other members of Congress to restrain their power. Instead I heard the opposite.
Much of what the Intelligence Committees do is classified, so we don't know to what extent they attempt to rein in surveillance behind closed doors, but in their public facing work they give the impression that they are bolstering surveillance powers rather than providing oversight.
One recent example of their public facing work was the attempt to pass cybersecurity legislation, CISPA, which would empower the NSA with new capacities and information on domestic cyber data. The Intelligence Committee passed CISPA without offering any public hearing on the topic to allow civil liberties advocates to present their arguments. This happened in the wake of over 800,000 people signing a petition against CISPA, and over 30,000 websites, technology experts and think-tanks on the left and right opposing the bill on civil liberties grounds. In a previous article I argued for a new rule, that any bill that can get over 100,000 signatures to oppose it should be afforded an on-the-record hearing with both sides involved.
But instead of being given a voice, opponents of giving the NSA more power through CISPA were ridiculed by the Committee. Chairman Rogers (R-MI) claimed that opposition was from 14-year old "tweeters" who just didn't understand the legislation. By implication, the policy experts at FreedomWorks, American Conservative Union, Competitive Enterprise Institute, and fellows with Cato and Mercatus simply didn't understand the legislation either, because they were all against it.
A committee that passes public (non-classified) bills through closed hearings that involve monumental issues affecting the public interest - in spite of opposition from nearly a million people and 30,000 companies and tech experts with serious civil liberties concerns - is not a credible and adversarial oversight branch. The Intelligence Committees appear to have pursued a deliberate, and effective, tactic to avoid serious discussion and deliberation.
During the Amash vote, a real adversarial oversight committee would be more skeptical of the NSA's activities than the average member of Congress. Instead, the Committees' staff and members worked at a frantic pace to convince their fellow congressmen to vote against the Amash amendment. They tried to manipulate the debate by providing inaccurate and misleading information. For instance, Intelligence Committee members told other members of Congress that the only thing the NSA collects on American citizens is phone calling data, that the information isn't being shared with other governments or agencies, and that there are incredible safeguards to protect American privacy. All three claims that have been disproved, but were common talking points in the runup to the Amash vote.
Many congress members and their staff listen to these arguments because the Committee portrays itself as being the in-house experts. Not only that, Committee members can always pull out this trump card: "You don't have access to everything that we can see but if you knew what we knew you would understand..."
As I can personally attest, contesting claims made by Committee staffers by drawing on press reports - even reports that have been acknowledged as credible by Intelligence Committee members or the Administration- will often result in derision and sneers: "Oh you read the paper do you? And you believe what you read?" In one heated exchange I responded to a committee staffer rather flippantly: "Do you choose not to read anything that is publicly reported or are you not allowed to read anything that is publicly reported, and do you always believe the NSA over legitimate investigative journalism?" The response was that they chose not to read public reports.
If the Intelligence Committees' primary jobs are to provide adversarial oversight rather than to be the intelligence community's lobbyists inside of Congress, then it is time for a new committee make-up. There are members of these committees who care about serious oversight, but they are the exception to the rule. Of the 21 members of the House Intelligence Committee only two voted for the Amash Amendment: Adam Schiff (D-CA) and Ed Pastor (D-AZ). Meaning that on the biggest civil liberties issue since the events that led to the creation of the Committees themselves, committee members appear to be less adversarial towards the intelligence community and less protective of civil liberties than even an average member of Congress. It's time for all members on those committees to resign and be replaced with average members of the House and Senate, who are more skeptical of giving the NSA a free hand.
Derek Khanna (@DerekKhanna and Facebook.com/derekkhanna) is the maverick former Republican staffer and civil liberties advocate whose op-eds on cell phone unlocking went viral in January. He is now a Yale Law Fellow, columnist, and policy expert, and leader in the campaign to legalize unlocking your cell.