WASHINGTON - The U.S. government is looking at ways to prevent anyone from spying on its own surveillance of Americans’ phone records.
As the Obama administration considers shifting the collection of those records from the National Security Agency to requiring that they be stored at phone companies or elsewhere, it’s quietly funding research to prevent phone company employees or eavesdroppers from seeing whom the U.S. is spying on, The Associated Press has learned.
The office of the director of national intelligence has paid at least five research teams across the country to develop a system for high-volume, encrypted searches of electronic records kept outside the government’s possession. The project is among several ideas that would allow the government to discontinue storing Americans’ phone records but still search them as needed.
Under the research, U.S. data mining would be shielded by secret coding that could conceal identifying details from outsiders and even the owners of the targeted databases, according to public documents and interviews with researchers, corporate executives and government officials.
In other developments Monday:
The Justice Department and leading Internet companies agreed to a compromise that would allow the firms to reveal how often they are ordered to turn over information about their customers in national security investigations. The deal with Google Inc., Microsoft Corp., Yahoo Inc., Facebook Inc. and LinkedIn Corp. would provide public information in general terms. Other technology companies were also expected to participate.
When The New York Times published a censored U.S. document on the smartphone surveillance program, computer experts said they were able to extract what appeared to be the name of a National Security Agency employee, the Middle Eastern terror group the program was targeting and details about the types of computer files the agency found especially useful. Since Snowden began leaking documents in June, his supporters have maintained they have been careful not to disclose any agent’s identity or operational details that would compromise ongoing surveillance. The employee did not return phone or email messages from the AP. A spokesman for the newspaper did not respond to emails from the AP. The National Security Agency and office of the director of national intelligence declined to comment.
NBC News reported that British cyberspies demonstrated a pilot program to their U.S. partners in 2012 in which they were able to monitor YouTube in real time and collect addresses from the billions of videos watched daily, as well as some user information, for analysis. At the time the documents were printed, they were also able to spy on Facebook and Twitter. The network said the monitoring program was called “Squeaky Dolphin.”
Under pressure, the administration has provided only vague descriptions about changes it is considering to the National Security Agency’s daily collection and storage of Americans’ phone records, which are presently kept in agency databanks. To resolve legal, privacy and civil liberties concerns, President Barack Obama this month ordered the attorney general and senior intelligence officials to recommend changes by March 28 that would allow the U.S. to identify suspected terrorists’ phone calls without the government holding the phone records itself.
One federal review panel urged Obama to order phone companies or an unspecified third party to store the records; another panel said collecting the phone records was illegal and ineffective and urged Obama to abandon the program entirely.
Internal documents describing the Security and Privacy Assurance Research project do not cite the National Security Agency or its phone surveillance program. But if the project were to prove successful, its encrypted search technology could pave the way for the government to shift storage of the records from NSA computers to either phone companies or a third-party organization.
A spokesman for the office of the director of national intelligence, Michael Birmingham, confirmed that the research was relevant to the National Security Agency’s phone records program. He cited “interest throughout the intelligence community” but cautioned that it may be some time before the technology is used.
Steven Bellovin, a Columbia University computer sciences expert who heads one of the teams funded by the office of the director of national intelligence, estimates the government could start conducting encrypted searches within the next year or two.
“If the NSA wanted to deploy something like this it would take one to two years to get the hardware and software in place to start collecting data this way either from phone companies or whatever other entity they decide on,” said Bellovin, who is also a former chief technologist for the Federal Trade Commission.
The National Security Agency’s surveillance program collects millions of Americans’ daily calling records into a central agency database. When the agency wants to review telephone traffic associated with a suspected terrorist - the agency made 300 such queries in 2012 - it then searches that databank and retrieves matching calling records and stores them separately for further analysis.
Front Section, Pages 5 on 01/28/2014