Just as the Trump administration has signaled its interest in a permanent “clean” reauthorization of the Patriot Act’s phone surveillance provision, the NSA proves once again that it is not to be trusted with these tools. New documents obtained by the ACLU and reported in the Wall Street Journal have revealed that last year the NSA once again collected phone records of Americans that it was not authorized to obtain.
The NSA collected Information, including who phone-users were calling and for how long, after a telecommunications firm began sending the information to the NSA—despite the fact that it had received no orders that would have authorized them to do so. Although the name of the company is redacted, for years it has been widely reported that large telecommunication firms like AT&T and Verizon have worked with the NSA as part of BLARNEY, an NSA project that leverages “commercial partnerships” in order to gather intelligence.
This “anomalous” unauthorized collection of American’s private information comes only a few months after a separate incident in which “technical irregularities” resulted in the NSA getting access to many more records than it should have. In response, the NSA erased three years of all of its collected metadata, which amounted to records of hundreds of millions of phone calls. The documents released today include an assessment by the NSA that the overcollection had a “significant impact on civil liberties and privacy,” which is putting it mildly.
The NSA’s telephone record program, conducted under Section 215 of the Patriot Act, allows it to collect metadata of phone calls, including phone numbers, time stamps, and other identifying information. While this information may seem benign, many organizations and outlets, including EFF, have demonstrated how things like time stamps, phone numbers, and the GPS coordinates of where calls were made can be stitched together to reveal potentially compromising information about a person. Metadata can, for instance, have dire consequences for vulnerable populations who fear retribution for political beliefs, or whose metadata could be used in immigration enforcement.
With Section 215 up for re-authorization in December, these two instances prove that it’s time to let the NSA’s permission to sweep up phone records expire. If Section 215 is allowed to be reauthorized, accidents like this—in which an unthinkable amount of our personal data winds up in the hands of the government—will continue to happen.