Minimization and the “Collection First” Surveillance Model

The Director of National Intelligence issued a statement late last night about the NSA collection flap.  It’s the smartest thing the government has released so far, and its justification for the program in question seems to confirm my speculation in Foreign Policy yesterday.

First, large-scale collections give the government a way to screen for patterns in communications that will bring to light terrorists who are unknown to the government. As the DNI puts it,  ”The collection is broad in scope because more narrow collection would limit our ability to screen for and identify terrorism-related communications. Acquiring this information allows us to make connections related to terrorist activities over time.”
Director_of_national_intelligence

Second, the government justifies collecting a reservoir of data because it is only allowed to consume the data a spoonful at a time. Here’s the DNI:

  • By order of the FISC, the Government is prohibited from indiscriminately sifting through the telephony metadata acquired under the program. All information that is acquired under this program is subject to strict, court-imposed restrictions on review and handling. The court only allows the data to be queried when there is a reasonable suspicion, based on specific facts, that the particular basis for the query is associated with a foreign terrorist organization. Only specially cleared counterterrorism personnel specifically trained in the Court-approved procedures may even access the records.
  • All information that is acquired under this order is subject to strict restrictions on handling and is overseen by the Department of Justice and the FISA Court. Only a very small fraction of the records are ever reviewed because the vast majority of the data is not responsive to any terrorism-related query.

In short, there’s less difference between this “collection first” program and the usual law enforcement data search than first meets the eye.  In the standard law enforcement search, the government establishes the relevance of its inquiry and is then allowed to collect the data.  In the new collection-first model, the government collects the data and then must establish the relevance of each inquiry before it’s allowed to conduct a search.

If you trust the government to follow the rules, both models end up in much the same place.  I realize that some folks simply will not trust the government to follow those rules, but it’s hard to imagine a system with more checks and restrictions and doublechecks than one that includes all three branches and both parties looking over NSA’s shoulder.

In theory, you could add the check of exposing the system to the light of day, but that means wrecking much of its intelligence value. Or you could simply prohibit the collection-first model (and lose the ability to spot terrorism patterns by matching disparate bits of data). I doubt that those “solutions” are worth the price.