Case: In re Application of the Federal Bureau of Investigation for an order requiring the production of tangible things from [redacted information] FISA Docket BR 09-09

For the Civil Rights Litigation Clearinghouse collection of FISA matters, see our special collection.

On January 17, 2014, the Director of National Intelligence authorized the declassification and public release of numerous orders approving the National Security Agency's ("NSA") so-called "Bulk Telephony Metadata Program" under Section 501 of the Foreign Intelligence Surveillance Act of 1978 ("FISA"), commonly referred to as Section 215 of the USA PATRIOT Act. Press release available here.

Under the program, the NSA has collected records from large telecommunication companies about, apparently, virtually all domestic telephone calls. These records, termed "telephony metadata," include the phone numbers placed and received; the date, time and duration of calls; some location identifiers; and calling card numbers. The records, however, apparently do not include the parties' names, addresses or financial information or the call's content. Once collected, the records are stored for several years and may be queried, used, and disseminated only in accordance with "minimization rules" proposed by the government and approved by the Foreign Intelligence Surveillance Court ("FISC"). The most basic aspect of the minimization rules has been that the metadata records can be queried when there is a reasonable suspicion, based on specific and articulated facts, that the identifier that will be used as the basis for the query is associated with specified foreign terrorist organizations.

The program began under executive authority alone, following the September 11, 2001 terrorist attacks. Subsequently, in 2006, the federal government first sought approval of the program from the FISC under Section 215 of the USA PATRIOT Act. This Section 215 order must be reviewed and reapproved by the FISC essentially every 90 days. It has been approved dozens of times by many different federal judges, on the FISC, since its initial approval on May 24, 2006 by the FISC. (See BR 06-05.)

This matter is a continuation of the Section 215 program from July 2009 to September 2009. In this matter, the FISC continued to address significant, systemic issues of the NSA's noncompliance with the minimization procedures.

Under the previous docket number,  BR 09-06, the FISC had issued an order requiring the NSA to submit a declaration providing a complete description of the NSA's failure to comply with the court-ordered minimization procedures. On June 28, 2009, the United States submitted its response. The government informed the court that the results of some metadata queries had been uploaded by the NSA into a database to which other intelligence agencies had access. Providing such access may have resulted in unlawful dissemination of information about U.S. persons.

Under this matter, on July 9, 2009, the FISC ordered NSA to perform an end-to-end review of its handling of telephony metadata. The court ordered weekly reporting from the NSA listing information obtained or derived from the metadata collection that the NSA had shared with anyone outside the NSA. In each instance in which U.S. person information was shared, the Chief of Information Sharing at NSA must personally certify the necessity of sharing it.

The 110-page review, dated August 19, 2009, provided justification for the telephony metadata program but identified several serious instances of noncompliance with the minimization procedures. The review revealed the NSA was collecting a significant number of identifiers of persons located within the domestic United States without appropriate approval from the NSA Office of the General Counsel. The NSA also discovered that some data was available to the CIA, FBI, and National Counterterrorism Center, in contravention of the minimization procedures. The report summarized steps taken to remedy the instances of non-compliance. Soon after the completion of the review, the NSA conducted a "briefing" for the FISC: briefing materials later released by the Director of National Intelligence (but apparently not filed with the Court) are included in this case record.

The end-to-end review did not mark an end to the compliance incidents, however. In the subsequent case, BR 09-13, the NSA orally informed the FISC of several more instances of mishandling data in September 2009, in contravention of the minimization procedures.