Monday, November 18, 2013
In June of this year, President Obama directed me to declassify and make
public as much information as possible about certain sensitive programs while
being mindful of the need to protect sensitive classified intelligence activities
and national security. Since then, I have authorized the declassification
and public release of numerous documents pertaining to the government's
collection under Sections 501 and 702 of FISA.
Today I authorized the declassification and public release of additional
documents relating to collection under Section 501, bringing the total to
nearly 2000 pages of documents released to the public so far, including 20
orders and opinions of the Foreign Surveillance Court, 11 pleadings and other
documents submitted to the Court, 24 documents provided to Congress, and
20 reports, training slides, and other internal documents describing the
legal basis for the programs and how they operate. The information
released today includes a number of internal NSA documents, training slides
and internal guidance, which demonstrate the care with which NSA's foreign
intelligence collection pursuant to Section 501 is run, managed, and overseen.
Also included is the United States Signals Intelligence Directive 18 which
details policies and procedures to ensure NSA's missions and functions are
conducted in a manner that safeguards the constitutional rights of U.S persons,
and two opinions from the Foreign Intelligence Surveillance Court concerning
a now-discontinued NSA bulk electronic communications metadata program.
These documents were properly classified and their declassification was not
Release of these documents reflects the Executive Branch's continued commitment
to making information about this intelligence collection program publicly
available when appropriate and consistent with the national security of the
United States. Additionally, they demonstrate the extent to which the
Intelligence Community kept both Congress and the Foreign Intelligence
Surveillance Court apprised of the status of the collection program under
Section 215. Some information has been redacted because these documents
include discussion of matters that continue to be properly classified for
national security reasons and the harm to national security would be great
if disclosed. These documents will be made available at the website of the
Office of the Director of National Intelligence and at
the public website dedicated to fostering greater public visibility into
the intelligence activities of the U.S. Government.
James R. Clapper
Director of National Intelligence
Training. The documents released today include a number
of internal NSA documents, including training slides and internal
guidance. These documents explain in detail rules that have been put
in place to ensure compliance with the law and to protect privacy rights
in conducting the NSA's signals intelligence mission. Together, these
documents demonstrate the care with which NSA's foreign intelligence collection
pursuant to Section 501 is run, managed, and overseen. Each of the
training documents details the efforts that NSA makes to ensure that the
restrictions under which NSA operates are ingrained in the workforce charged
with implementing the authority granted by Congress and authorized by the
Minimization Procedures. In addition, as part of the
Government's continuing effort to provide the public with additional information
about how NSA conducts its activities, the DNI is publicly releasing United
States Signal Intelligence Directive 18. This directive details policies
and procedures designed to ensure that NSA's missions and functions are conducted
as authorized by law and in a manner that is consistent with the Fourth Amendment
to the Constitution. The directive sets forth the minimization policies
and procedures regarding NSA's SIGINT activities, including the rules for
the collection, retention, and dissemination of information about U.S.
Electronic Communications Metadata Collection Opinions.
Finally, the DNI has authorized the declassification and public release of
two opinions of the FISC concerning a now-discontinued NSA bulk electronic
communications metadata program. The FISC authorized this program under
Section 402 of FISA, the Pen Register and Trap and Trace (PR/TT)
provision. Previous public releases by the DNI, including the FISC's
opinion from October 3, 2011, referenced this program, and the fuller explanation
of the program provided by today's release extends the DNI's commitment to
providing greater transparency for FISA activities. Except for a brief
period, the FISC reauthorized this program approximately every 90 days from
its inception until it was discontinued in 2011. Throughout its operation,
the program was briefed to the Intelligence and Judiciary Committees of Congress
and generally referenced in the then-classified white papers provided to
Congress during reauthorization of the USA PATRIOT Act in 2009 and 2010.
The discontinued PR/TT program shared certain similarities to the NSA's bulk
telephony metadata programâthe subject of previous
releasesâin that the PR/TT program sought only the metadata
associated with electronic communications and not their content; moreover,
querying the metadata for both programs was permitted only for authorized
counterterrorism purposes. Additionally, both programs operated with
similar access, retention, and dissemination restrictions proposed by the
Government and approved by the FISC. Given these operational similarities,
many of the documents released today address both programs, sometimes side
by side, even though, as noted above, the PR/TT program was conducted pursuant
to a different legal authority from that authorizing the NSA's bulk telephony
metadata program. At all times, the PR/TT program collected metadata
from only a small percentage of world wide electronic communications traffic.
Additional Information on the Discontinued PR/TT Program
Under the now-discontinued PR/TT program, the FISC, after finding that the
Government's applications satisfied the requirements of FISA and the
Constitution, approved orders that enabled the Government to collect electronic
communications metadata, such as the
âccâ lines of an email and the email's
time and date. This program did not authorize the collection of the
content of any electronic communications. Under this program, NSA could
not read the content of any electronic communications for which the metadata
was acquired. Like NSA's bulk telephony metadata program, this program
was subject to several restrictions approved by the FISC, such as:
The information had to be stored in secure databases.
The information could be used only for counterterrorism purposes.
The databases could be queried using an identifier such as an email address
only when an analyst had a reasonable and articulable suspicion that the
account or email address was associated with certain specified foreign terrorist
organizations that were the subject of FBI counterterrorism
investigations. The basis for that suspicion had to be documented in
writing and approved by one of the 22 designated approving officials identified
in the Court's Order. Moreover, if an identifier was reasonably believed
to be used by a United States person, NSA's Office of General Counsel would
also review the determination to ensure that suspected association was not
based solely on First Amendment-protected activities.
NSA was required to destroy the bulk metadata after a set period of time.
The Documents Released
The first PR/TT document released today is an opinion and order from the
FISC that carefully analyzed and approved the Government's application to
initiate this collection program. The Court's detailed 87-page opinion
and 18-page order demonstrate the Court's searching and exhaustive review
of the proposed program prior to its implementation. The opinion not
only details the program's legal basis but also explains the procedures that
NSA was required to follow in administering the program. The Court
concluded that the NSA collection program was permissible under both FISA
and the Constitution.
The second PR/TT document released today is a 117-page FISC opinion, which
authorized NSA to re-initiate the program following the Government's suspension
of the program for several months to address compliance issues identified
by the Government and brought to the Court's attention. As the Court's
opinion explains, these incidents involved three general categories of compliance
issues: (1) access to the metadata; (2) disclosure of query results and
information derived from them; and (3) overcollection. Because of the
significance and complexity of these incidents, the Government did not seek
an order from the FISC to renew the program when it expired on its normal
schedule, thus essentially suspending the program for several months. As
detailed in the opinion released today, the Government addressed these concerns
during that period and, after a careful review, the FISC approved the
Government's application to resume collection on a modified basis.
As previously stated, this electronic communications metadata bulk collection
program has been discontinued. The Intelligence Community regularly
assesses the continuing operational value of all of its collection
programs. In 2011, the Director of NSA called for an examination of
this program to assess its continuing value as a unique source of foreign
intelligence information. This examination revealed that the program
was no longer meeting the operational expectations that NSA had for it.
Accordingly, after careful deliberation, the Government discontinued the
Both of these opinions contained extensive technical discussions of the
particular means by which the collection was to be accomplished, particular
targets of the collection, and other sensitive intelligence matters that
must remain classified. Accordingly, they are being released in redacted
Executive Branch Initiatives
Upon discovery in 2009 of longstanding compliance issues associated with
NSA's electronic communications and telephony bulk metadata collection programs,
NSA recognized that its compliance and oversight structure had not kept pace
with its operational momentum and the evolving and challenging technological
environment in which it functioned. NSA, in close coordination with
the Office of the Director of National Intelligence and the Department of
Justice, therefore undertook significant steps to address these issues from
a structural, managerial, and training perspective. The Director of
NSA ordered comprehensive reviews of both of these collection programs to
ensure that they were being implemented in accordance with all applicable
legal requirements. Concurrently, NSA created the position of Director
of Compliance to focus on the NSA-wide structural, managerial, and training
improvements necessary to keep NSA's activities consistent with the law,
policies, and procedures designed to protect privacy.
LIST OF RELEASES
NSA continues to enhance training for both operational and technical
personnel. NSA has added additional technology-based safeguards and
has implemented procedures to ensure accuracy and precision in its filings
before the FISC. NSA has also enhanced its oversight coordination with
the Office of the Director of National Intelligence and the Department of
Justice. NSA's senior leadership is directly involved in and responsible
for compliance efforts across NSA, including regular senior leadership reviews
of NSA's privacy compliance program.
Since 2009 and the discovery of the compliance incidents related to NSA's
bulk metadata programs, the Government has continued to increase its focus
on compliance and oversight. Today, NSA's compliance program is directly
supported by over three hundred personnel, a threefold increase in just four
years. This increase was designed to address changes in technology
and authorities enacted as part of the FISA Amendments Act to confront evolving
threats. This increase also reflects the commitment on the part of
the Intelligence Community and the rest of the Government to ensuring that
its intelligence collection activities are conducted responsibly and in
accordance with the law.
The Government continues to evaluate whether additional information concerning
the use of FISA authorities can be made public, consistent with protecting
Reports to Congress
The Attorney General's Annual Reports on Requests for Access to Business
Records under FISA for Years 2006-2012
10, 2009 NSA notification memorandum to SSCI on the status of the on-going
NSA-initiated end-to-end review of its bulk telephony metadata programs conducted
pursuant to Section 501 of FISA, and bulk electronic communications metadata
program conducted pursuant to Section 402 of FISA.
29, 2009 NSA notification memorandum to SSCI on the status of the on-going
NSA-initiated end-to-end review of its bulk telephony metadata program conducted
pursuant to Section 501 of FISA, and bulk electronic communications metadata
program conducted pursuant to Section 402 of FISA.
1, 2010 NSA memorandum to SSCI explaining that NSA does not acquire cell
site location information pursuant to the bulk electronic communications
metadata program, and with the exception of a limited sampling for testing
purposes, does not acquire such information pursuant to the bulk telephony
to Congress of a May 23, 2006 Government Memorandum of Law in support
of its Application to the FISC for authorization to conduct bulk telephony
metadata collection under Section501 of FISA. Included with the Memorandum
of Law is a copy of United States Signals Intelligence Directive 18 (USSID
18), which prescribes policies and procedures, and assigns responsibilities,
to ensure that NSA's signals intelligence activities are conducted in a manner
that is appropriate under the Fourth Amendment to the Constitution.
27, 2005 Prepared Testimony from Alberto R. Gonzales, Attorney General
of the United States, and Robert S. Mueller, III, Federal Bureau of
Investigation, United States Department of Justice Before the Select Committee
on Intelligence discussing the government's use of USA PATRIOT Act authorities
in combating international terrorism.
FISC Submissions, Opinions and Orders
of the FISC granting the Government's application seeking the collection
of bulk electronic communications metadata pursuant to Section 402 of FISA,
the Pen Register and Trap and Trace (PR/TT) provision.
of the FISC granting the Government's application seeking to re-instate
NSA's bulk electronic communications metadata program following the Government's
suspension of the program for several months to address compliance issues
identified by the Government and brought to the Court's attention.
and Supplemental Order of the FISC in response to the Government's reporting
of a compliance incident related to NSA's dissemination of certain query
results discovered during NSA's end-to-end review of its bulk telephony metadata
program, and ordering the Government to report on a weekly basis, any
disseminations of information from that program outside of NSA and provide
further explanation of the incident in its final report upon completion of
the end-to-end review.
17, 2006 Court-ordered NSA Inspector General and General Counsel report
on the adequacy of the management controls for the processing and dissemination
of U.S. person information collected under NSA's bulk telephony metadata
program. The report finds that although the NSA-designed management
controls governing the processing, dissemination, security, and oversight
of telephony metadata and U.S. person information are adequate, several aspects
exceed the terms of the Court's Order, and proposes additional controls to
enhance the protection of US person information.
17, 2006 NSA Presentation for the FISC regarding NSA's bulk telephony
metadata program pursuant to Section 501 of FISA, and notification of two
compliance issues concerning the collection.
1, 2009 NSA Presentation for the FISC regarding NSA's bulk telephony
metadata program pursuant to Section 501 of FISA for the purpose of demonstrating
NSA's compliance with the Court's Orders, and NSA's operational use of the
bulk telephony metadata program in its counterterrorism missions while
appropriately protecting privacy.
5, 2006 Cover filing submission to the FISC of the standard minimization
procedures governing the retention and dissemination by the Federal Bureau
of Investigation of information received by FBI pursuant to Section 501 of
8, 2009 Government Memorandum to the FISC providing preliminary notice
of a compliance incident identified during the ongoing NSA-initiated end-to-end
review of NSA's bulk telephony metadata program under Section 501 of FISA.
20, 2009 Order of the FISC approving the Government's request for
authorization to provide the application and orders in docket number BR 06-05
to congressional committees consistent with the Government's congressional
NSA Internal Procedures, Guidance, and Training Materials
States Signals Intelligence Directive 18 (USSID 18) dated July 27, 1993,
which prescribes policies and procedures designed to ensure that NSA's missions
and functions are conducted as authorized by law in a manner that is consistent
with the Fourth Amendment to the Constitution. The directive sets forth
the minimization policies and procedures regarding NSA's SIGINT activities,
including the rules for the collection, retention, and dissemination of
information about U.S. persons.
States Signals Intelligence Directive 18 (USSID 18) dated January 25,
2011, which prescribes policies and procedures designed to ensure that NSA's
missions and functions are conducted as authorized by law in a manner that
is consistent with the Fourth Amendment to the Constitution. The directive
sets forth the minimization policies and procedures regarding NSA's SIGINT
activities, including the rules for the collection, retention, and dissemination
of information about U.S. persons.
PowerPoint slide describing the requirements for verifying that only
metadata, and not content, is collected consistent with Court order.
NSA summary of requirements for the collection of bulk telephony metadata
under Section 501 of FISA
8, 2007 NSA web--based training slides on NSA's bulk telephony metadata
program pursuant to Section 501 of FISA. Topics include: 1) Court-ordered
requirements; 2) the reasonable articulable suspicion (RAS) standard; 3)
First Amendment considerations; and 4) Minimization procedures governing
the accessing, sharing, retention, and dissemination of
8, 2007 Interim Competency Test for NSA analysts on legal and compliance
issues concerning queries of bulk telephony metadata acquired by NSA pursuant
to Section 501 of FISA.
8, 2007 NSA PowerPoint presentation, designed for use by NSA personnel
with access to the bulk telephony metadata acquired by NSA pursuant to Section
501 of FISA, for purposes of performing analytical functions, including:
(1) Court-ordered requirements;
(2) The reasonable articulable suspicion (RAS) standard;
(3) First Amendment considerations; and
(4) Minimization procedures governing the accessing, sharing, retention,
and dissemination of information.
2009 NSA Cryptological School Course on Legal, Compliance, and Minimization
Procedures. These course materials, designed for NSA personnel provided
access to bulk telephony and electronic communications metadata acquired
pursuant to Section 501 of FISA and Section 402 of FISA respectively,
(1) Background on constitutional constraints under the Fourth
Amendment for NSA collection activities;
(2) Legal framework and applicable standards for collection,
retention, dissemination of information under FISA and Executive Order
(3) Guidance on collection, processing, retention, and dissemination
of information under United States Signals Intelligence Directive 18 (USSID
(4) Oversight and compliance issues relating to access and use
of SIGINT databases and information.
29, 2008 NSA memorandum providing guidance on NSA policy as to the applicable
legal standards for querying bulk telephony metadata acquired pursuant to
Section 501 of FISA, and bulk electronic communications metadata acquired
pursuant to Section 402 of FISA.
2008 Attorney General's Guidelines for Domestic FBI Operations, which
establishes the framework for the use of authorities and investigative methods
to protect the United States from terrorism and other threats to the national
security, and to further United States foreign intelligence objectives, in
a manner consistent with the Constitution and laws of the United States.
Core Intelligence Oversight Training materials relating to NSA signals
intelligence collection activities, including:
(1) Executive Order 12333;
(2) December 1982 DOD Procedures Governing the Activities of DOD Intelligence
Components That Affect United States Persons (DoD 5240 1-R);
(3) NSA/Central Security Service (CSS) Policy 1-23, Procedures Governing
NSA/CSS Activities that Affect U.S. Persons, which establishes procedures
and assigns responsibilities to ensure that the signals intelligence and
information assurance missions of NSA and the Central Security Service are
conducted in a manner consistent with the privacy rights of U.S. persons
as required by law, executive orders, DOD policies and instructions, and
internal policy; and
(4) DoD Guidance for Reporting Questionable Intelligence Activities and
Significant or Highly Sensitive Matters (DTM 08-052).
2011 NSA Course Materials regarding NSA's bulk telephony metadata program
pursuant to Section 501 of FISA, and NSA's bulk electronic communications
metadata program pursuant to Section 402 of FISA. These materials contrast
the differences between the authorities granted for the two programs, detail
the limitations on accuse, use, and retention of information collected under
these two programs, and explain the role of the two programs in the context
of the broader set of NSA's SIGINT authorities.