Page 72 - pclob usa freedom
P. 72

TOP SECRET//SI//NOFORN


                       complexities of using these company-generated business records for intelligence
                       purposes. 328
               (U) The program remains dormant today.  Over the three years this program was operational, it
               cost over $100 million.

                       (U) As discussed in detail in the Report, since implementing the revised CDR program,
               NSA encountered multiple data integrity and compliance problems.  While NSA expended
               considerable effort to diagnose and remediate the problems as they arose and mitigate the
               likelihood of recurrence, the errors nevertheless recurred.  To NSA’s credit, in response to
               “technical irregularities in some data received from telecommunications service providers[,]”
               NSA ultimately concluded that “it was not feasible to identify and isolate properly produced
               data” 329  from improperly produced data so it deleted data collected under the program. 330

                       (U) There is no indication that the conditions that led to the compliance errors are likely
               to change.  If the program were reauthorized and restarted, it is hard to see what NSA could do to
               avoid further data integrity problems and accesses to data beyond the boundaries envisioned by
               the statute.

                       (U) Further, advancements in communications technology have already reduced the
               potential value of the CDR program.  Independent experts 331  and academics 332  have argued that
               telephony data is of decreased value given the shift to different communications protocols, such
               as encrypted messaging.  Both NSA  333  and FBI 334  agree that communications patterns and
               platforms have changed and that the current environment is unlike what it was years ago.  These
               communication platforms and technologies will continue to change and develop.  And, as



               328  (U) Letter from Director of National Intelligence, Dan Coats, to Senators Richard Burr, Lindsey Graham, Mark
               Warner, and Dianne Feinstein (Aug. 14, 2019) (expressing support for reauthorization of sunsetting provisions of
               the USA FREEDOM Act).
               329  (U) NSA Press Release, NSA Reports Data Deletion, PA-010-18 (June 28, 2018).
               330  (U) A very small number of records were retained because they were referenced in disseminated reports.
               331  (U) See, e.g., Privacy and Civil Liberties Oversight Board, Transcript of Public Forum to Examine the USA
               Freedom Act, Telephone Records Program (May 31, 2019) (statement of Mr. Michael Bahar), http://pclob.gov
               (“[I]t’s fair to say the terrorists know as much as you can to stay off your phones.  Or if you stay on your phone . . .
               start transitioning to encrypted communication . . .  And if you’ve got everything, you’ve got nothing.”).
               332  (U) See, e.g., Privacy and Civil Liberties Oversight Board, Transcript of Public Forum to Examine the USA
               Freedom Act, Telephone Records Program (May 31, 2019) (statement of Professor Susan Landau), http://pclob.gov
               (“There are a number of changes that have happened since the summer of 2001.  Technically and socially in the way
               we communicate, in the way terrorists communicate.”).
               333  (U) NSA briefing to the Board (May 23, 2019).

               334  (U) FBI briefing to the Board (June 19, 2019).

                                                             69


                                                TOP SECRET//SI//NOFORN
   67   68   69   70   71   72   73   74   75   76   77