Page 56 - pclob usa freedom
P. 56

TOP SECRET//SI//NOFORN


               V.  (U) Analysis of Privacy Risks



                       (U) The government has suspended the USA Freedom Act CDR program and deleted the
               CDRs it collected under the program. 276   As the statutory sunset approaches, however, Congress
               will consider whether to reauthorize or modify the CDR provision or allow it to expire.  For that
               reason, we consider the privacy and civil liberties risks arising from the type and scale of two-
               hop CDR collection permitted by the statute and the role that various safeguards play in
               mitigating those risks.

                       A.  (U) Scale and Sensitivity of the Data Collected


                       (U) Although this program did not collect CDRs in bulk, the volume of records ingested
               was large.  According to the Office of the Director of National Intelligence’s 2018 Statistical
               Transparency Report, NSA received more than 151 million CDRs in 2016, 534 million in 2017,
               and 434 million in 2018. 277   (These include “duplicate records” and “numbers used by business
               entities for marketing purposes.” 278 )  In 2018, NSA collected records pertaining to more than 19
               million unique phone numbers.  279

                       (U) It is critical to remember that CDRs collected under the USA Freedom Act contained
               limited information.  Under the statute, CDRs cannot include a call’s content, the name, address,
               or financial information of a subscriber or customer, or cell-site or geolocation information. 280
               Rather, acquired CDRs contained a set of fields including phone numbers, device-identifying
               numbers (e.g., IMEI), subscriber-identifying numbers (e.g., IMSI), a telephone calling card
               number, various routing and status information, and call time and duration.

                       (S//NF) In theory, the connections documented by CDRs may reveal intimate information
               about an individual’s personal life.  They could indicate sensitive personal facts (such as a
               specific health condition), relationships, occupation, age, or sex.  However, as noted in Part
               II(A)(2),                                                       Moreover, Tool 1—the
               metadata viewer that NSA analysts used to retrieve USA Freedom Act CDRs—had limited

               276  (U) See National Security Agency, NSA Reports Data Deletion, Statement No. PA-010-18 (June 28, 2018),
               https://www.nsa.gov/news-features/press-room/Article/1618691/nsa-reports-data-deletion/; Letter from Daniel
               Coats, Director of National Intelligence, to Senators Richard Burr, Lindsey Graham, Mark Warner, and Dianne
               Feinstein (Aug. 14, 2019) (“The National Security Agency has suspended the call detail records program that uses
               [FISA Title V as amended by the USA Freedom Act] and deleted the call detail records acquired under this
               authority.”).
               277  (U) 2018 Statistical Transparency Report at 30.
               278  (U) 2018 Statistical Transparency Report at 28–30.
               279  (U) 2018 Statistical Transparency Report at 30.

               280  (U) 50 U.S.C. § 1861(k)(3)(B).

                                                             53


                                                TOP SECRET//SI//NOFORN
   51   52   53   54   55   56   57   58   59   60   61