The NSA mission statement reads as follows:
The National Security Agency/Central Security Service (NSA/CSS) leads the U.S. Government in cryptology that encompasses both Signals Intelligence (SIGINT) and Information Assurance (IA) products and services, and enables Computer Network Operations (CNO) in order to gain a decision advantage for the Nation and our allies under all circumstances.
From that mission statement, we became curious about SIGINT. The NSA describes SIGINT as “intelligence derived from electronic signals and systems used by foreign targets, such as communications systems, radars, and weapons systems.” And the CNO? Their goal is simply to protect from those who want to “disrupt, deny, degrade, or destroy the information within computers and computer networks and/or the computers/networks themselves.”
Herein lies the rub. While we don’t really know why the NSA wants the information, we can look to their scope and purpose to get clues. In looking at what info they ask for, then compare it to what they do, we can begin to see what may be going on.
The court order says that Verizon must provide data about calls, but not personal information. The NSA will get numbers, times, geolocation tags, point of origin, time of call, duration of call, IMEI numbers, IMSI numbers, trunk identifiers, and calling card numbers. The NSA employs cryptology to assess risk and identify security issues. SIGINT is intelligence from electronics used by foreign targets.
It may also be as simple as metadata, used for nothing more than compiling an algorithm to better identify future threats.
It’s reasonable to think the NSA is looking for anomalies in call records. This order was signed on April 25th, 2013 by Judge Roger Vinson. That was ten days after the Boston Marathon bombings, in which long-range remote controls are believed to have been used to detonate the two bombs. It is also one day after the FBI and Department of Homeland Security released a joint intelligence bulletin about the bombings, which outline their belief that they bombs were remotely detonated.
If a bomb can be detonated remotely by a cellular call, perhaps call records are of interest to the NSA. If a phone were to be activated, but not used, they may want to know that. There may be data that can be extrapolated from date and time of account origin and first call made, corresponding to a device which remains inactive for some time. They may also be trying to connect a daisy chain of domestic terrorists, especially as they relate to foreign persons of interest.
It’s scary to us that the NSA wants phone records. Our natural reaction is to assume they are spying on innocent citizens, or otherwise want the information for nefarious purposes. They might. Then again, this relates specifically to Verizon Business Network Services, who have several government contracts, including a $40 million Air Force contract for “Defense Research and Engineering Network II telecommunication services for the High Performance Computing Modernization Program Office.”
We may want clarity on the situation, but we won’t get it.
It may also be as simple as metadata, used for nothing more than compiling an algorithm to better identify future threats. Perhaps the NSA realized they were incapable of properly identifying threats in a timely fashion, and needed a pool of data by which to create a system to do so. In that instance, real-world data would be the best, and hard to duplicate.
Executive Order 12333, enacted on December 4th, 1981, states, in part, that the NSA may “Collect (including through clandestine means), process, analyze, produce, and disseminate signals intelligence information and data for foreign intelligence and counterintelligence purposes to support national and departmental missions.” That was 1981, not 2013. As times change, so do the needs of those we entrust to keep us safe. When they realize they’re not doing so adequately, they adjust, just like those who aim to do harm will.
Whatever the purpose or scope, it’s important to realize that the NSA is doing what is in their power. If they begin monitoring citizen activity and involving themselves more in daily life, we should consider that a crisis. As it stands now, this is cause for concern. Even though the order specifically pertains to Verizon Business Services, the definition of what they do is fairly broad. Again, we don’t know if this order has been utilized with other carriers or not, so we don’t know the real reach of this desire for information.
We may want clarity on the situation, but we won’t get it. Top Secret court orders aren’t readily discussed, by either party. The leak suggests someone is so incensed by the order, they want the world to know. The problem is, the information stops there for us, but the NSA can get all the information they like. We get the headline, and they get the background.