Advertisement

SKIP ADVERTISEMENT

News Analysis

A Gap in Surveillance, but Ways Around It

WASHINGTON — For the first time since the aftermath of the terrorist attacks of Sept. 11, 2001, Americans are again free to place phone calls — to friends, lovers, business associates, political groups, doctors and pizza restaurants — without having logs of those contacts vacuumed up in bulk by the National Security Agency.

And for the first time in nearly 14 years, if government agents identify new phone numbers that they suspect are linked to terrorism, they will have to subpoena phone companies for associated calling records and wait for the response to see if anyone in the United States has been in contact with that number. The N.S.A. can no longer simply query its database for the information.

This unusual situation may last only a few days, until Congress can reach an accommodation over three counterterrorism laws that expired at 12:01 a.m. Monday.

Nonetheless, the fact that Congress allowed the laws to lapse — the most important of them is the purported legal basis for the bulk records collection program — is an extraordinary moment in the story of the tensions between post-9/11 policies and privacy rights. It has led to heated warnings in the political realm about exposing the country to heightened risk of attack.

A few hours before the Senate convened on Sunday, John O. Brennan, the C.I.A. director, warned on the CBS program “Face the Nation” that if lawmakers let those laws lapse, the F.B.I. would “not have the ability then to track these various elements that we are looking at who are trying to carry out attacks here in the homeland.”

But interviews with law enforcement and intelligence officials about what they will do in the interim suggest there are multiple workarounds to the gap.

One of the expired laws permitted wiretap orders of “lone wolf” terrorism suspects who are not part of a foreign group, a provision that has apparently never been used. A second permitted “roving” wiretap orders that follow suspects who change phones, a provision that apparently has been used only rarely.

The third permitted court orders requiring businesses to turn over records that are relevant to a national security investigation, the provision known as Section 215 of the Patriot Act. In addition to the bulk phone records program, the F.B.I. used Section 215 about 160 times last year to obtain particular business records, like suspects’ Internet activity logs.

All three of the expired laws contained a so-called grandfather clause that permits their authority to continue indefinitely for any investigation that had begun before June 1.

Law enforcement officials have made it clear that the F.B.I. has long-running, open-ended “enterprise” investigations into groups that pose a threat to public safety, like Al Qaeda. A senior intelligence official recently told The New York Times that the administration was open to invoking the grandfather clause to get the records if a need arose during any lapse.

In addition, several officials said, in most terrorism-related cases the F.B.I. could instead use a grand jury subpoena to get the records it wanted by invoking rules for investigations into standard crimes.

Still, legal specialists said, there is one hypothetical gap: a counterintelligence investigation scrutinizing a newly arrived foreign diplomat for whom there is no evidence of any criminal wrongdoing. Neither invoking the grandfather clause nor using a grand jury subpoena would be likely to work in that case. But the debate has focused on terrorist attacks, not espionage.

In theory, the Obama administration could also invoke the grandfather clause to ask the Foreign Intelligence Surveillance Court to reauthorize the bulk phone records program as well. However, the administration has vowed not to do that.

A federal appeals court recently rejected the theory that Section 215 could be used to authorize the bulk calling logs program, a theory the surveillance court had embraced. Seeking to avoid a confrontation, the government is trying to avoid asking the surveillance court to say anything more about the program until Congress enacts new legislation.

But the apparent loss of the program for now does not mean the government has no way to analyze calling records linked to a new suspect. The F.B.I. can still issue subpoenas called national-security letters to phone companies to obtain the records.

There would be investigative drawbacks. It would probably take longer than querying the N.S.A. bulk calling logs database. And some phone companies do not keep their customers’ calling records more than 18 months, while the security agency keeps them for five years.

Any need for such workarounds may be brief. Last month, the House passed the USA Freedom Act. It would extend the three expired laws. After six months, the bill would ban the bulk collection of phone records, and create a new system in which the government could still systematically gain access to such logs to hunt for links to terrorists. But the bulk records would stay in the hands of phone companies.

The legislative impasse grew out of efforts by supporters of keeping the exiting program without changes, including Senator Mitch McConnell of Kentucky, the Republican majority leader.

Proponents of the existing program have argued that ending it would lead to terrorist attacks. Still, the program cannot claim to have thwarted an attack in nearly 14 years of existence.

The Bush administration started the program in October 2001, and persuaded the Foreign Intelligence Surveillance Court to start blessing it as legal under Section 215 in 2006. Since it came to light in 2013, via leaks by the former intelligence contractor Edward J. Snowden, two independent panels studied classified files and concluded that it had not been abused, but also that it had provided scant concrete benefits.

The program’s greatest achievement was leading the F.B.I. to scrutinize a man in San Diego who turned out to have donated several thousand dollars to the Shabab, the Islamist group in Somalia. The man was not accused of plotting any attack.

Still, privacy groups say that even if there is no evidence that analysts abused the program, merely to have the government collect the records damages Americans’ privacy. And officials say that even if the program has never thwarted an attack, it has helped flesh out investigations and it might yet prove critical.

Those sentiments converged into the changes that would be made by the USA Freedom Act. But for the next few days, at least, things will be a little bit different in post-9/11 America.

A version of this article appears in print on  , Section A, Page 1 of the New York edition with the headline: Workarounds in Surveillance. Order Reprints | Today’s Paper | Subscribe

Advertisement

SKIP ADVERTISEMENT