Leaked documents have revealed how the United States' National Security Agency (NSA) is able to gather and use information on US citizens.
Guidelines submitted to the secret Foreign Intelligence Surveillance Act (Fisa) court and approved by Attorney General Eric Holder in July 2009 stipulate that while the NSA is required to "minimise" the acquisition of data belonging to US citizens, "inadvertently acquired" data can still be kept and shared with other security agencies.
The NSA is only allowed to specifically target "non-US persons" and must not directly monitor any US citizens located within the United States borders. However the leaked Fisa documents, obtained by The Guardian, outline circumstances in which data belonging to "US persons" could be collected and kept.
To identify non US-persons, NSA officials are required to gather "lead information," which involves determining a target's means of communication, locating their IP address, examining their previous phone records and examining other personal data. If during this process it's determined the target is a US person, the NSA's surveillance of them must cease. However, information gathered even on confirmed US persons can be retained by the NSA for up to five years if it falls within a broad set of circumstances. These include:
- If the information gathered is "reasonably believed to contain evidence of a crime that has been, is being, or is about to be committed."
- If the communications or information gathered has been purposefully encrypted in an attempt to prevent surveillance
- If the data contains information deemed relevant to US cyber-security
As well as these broad circumstances, the documents reportedly cite "limitations on NSA's ability to filter communications" as an acceptable reason for the agency to retain information inadvertently collected on US-persons. Confidential communications between attorneys and their clients can also be kept so long as they are deemed relevant to foreign security interests. This information will be segregated into a separate database.
The guidelines specify that the NSA is free to share this gathered information with the FBI and CIA, so long as both of those agencies are in compliance with their own procedures to minimise the collection of data on US persons.
These procedures are detailed under Section 702 of the Fisa Amendments Act which was renewed for five years in December 2012. Since it allows for the collection of data relating to a specific person, it should not be confused with section 215 of the Patriot Act, which permits the collection of large, non-specific metadata relating to US citizens.
The documents also stipulate that NSA analysts are able to decide autonomously who to target without oversight from the courts or government. Targeting decisions are only reviewed by the Department of Justice every 60 days.
This appears to contradict a statement made by Director of National Intelligence James Clapper on 8 June, in which he said:
"The notion that Section 702 activities are not subject to internal and external oversight is similarly incorrect. Collection of intelligence information under Section 702 is subject to an extensive oversight regime, incorporating reviews by the Executive, Legislative and Judicial branches."
The documents also contradict President Barack Obama, who asserted during an interview on The Charlie Rose Show that the "702 program...does not apply to any U.S. person."
In a recent Q and A session with Guardian readers, Edward Snowden, the whistle-blower who originally exposed the NSA's surveillance actions, said American communications are viewed by the security agency on a daily basis:
"NSA likes to use 'domestic' as a weasel word here for a number of reasons. The reality is that due to the Fisa Amendments Act and its section 702 authorities, Americans' communications are collected and viewed on a daily basis on the certification of an analyst rather than a warrant.
"They excuse this as 'incidental' collection," Snowden said, "but at the end of the day someone at NSA still has the content of your communications."