NSA Overshare

by Sue Halpern

Back in March, in his virtual appearance at a TED conference in Vancouver, Edward Snowden said that the most shocking revelations from the documents he’d taken from the NSA were yet to come. On Monday, Ryan Gallagher and the team at First Look Media made good on that claim. Since at least 2010 and most likely before that, the NSA has been sharing 850 billion surveillance records with a dozen other government agencies including the DEA and the FBI through a Google-like search engine called ICREACH.  When an FBI agent enters a scrap of information like a phone number, for example, the ICREACH search engine sends back everything in the NSA archives associated with that number–private chats, phone logs, photos and so on. According to the Intercept report, “Information shared through ICREACH can be used to track people’s movements, map out their networks of associates, help predict future actions, and potentially reveal religious affiliations or political beliefs.” While the database for ICREACH is, in theory, restricted to material obtained from foreign surveillance operations, in practice many of those operations have netted information on American citizens with no ties to terrorism:

In a statement to The Intercept, the Office of the Director of National Intelligence confirmed that the system shares data that is swept up by programs authorized under Executive Order 12333, a controversial Reagan-era presidential directive that underpins several NSA bulk surveillance operations that monitor communications overseas. The 12333 surveillance takes place with no court oversight and has received minimal Congressional scrutiny because it is targeted at foreign, not domestic, communication networks. But the broad scale of 12333 surveillance means that some Americans’ communication get caught in the dragnet as they transit international cables or satellites—and documents contained in the Snowden archive indicate that ICREACH taps into some of that data.

In the words of Elizabeth Goitein of the Brennan Center for Justice at NYU Law School, “with ICREACH, the government ‘drove a truck’ through loopholes that allowed it to circumvent restrictions on retaining data about Americans”:

A key question, according to several experts consulted by The Intercept, is whether the FBI, DEA or other domestic agencies have used their access to ICREACH to secretly trigger investigations of Americans through a controversial process known as “parallel construction.”

Parallel construction involves law enforcement agents using information gleaned from covert surveillance, but later covering up their use of that data by creating a new evidence trail that excludes it. This hides the true origin of the investigation from defense lawyers and, on occasion, prosecutors and judges—which means the legality of the evidence that triggered the investigation cannot be challenged in court.

Here, again, is yet more evidence that collecting phone and Internet metadata is not a benign activity, as President Obama among others would like us to believe. But we knew that, didn’t we? It should give us pause, if nothing else, that the newly “strengthened” USA Freedom Act proposed last month by Senator Patrick Leahy, is not going to slow down traffic to ICREACH. And those 850 billion records? That number was from back in 2010. As Gallagher notes, “while the NSA initially estimated making upwards of 850 billion records available on ICREACH, the documents indicate that target could have been surpassed… .”