Long before I became a pirate, I had an interest in privacy, security, and digital surveillance, so I was completely floored when the Guardian published a National Security Letter to Verizon, compelling them to turn over phone records for a three-month period. National Security letters (NSLs) are very secretive. You can think of them as subpoenas that come with a gag order — a party that receives a NSL is forbidden from telling anyone about it — and very few recipients have managed to talk about them publicly (Calyx internet being a notable exception). Unless you’ve received an NSL, the guardian story was probably the first time you’d seen one of these things.
I’m a Verizon customer, and my phone calls fit the description of “(i) between the United States and abroad; or, (ii) wholly within the United States, including local telephone calls”. So, I sent the NSA a FOIA request, asking for all telephony records that originated from my home phone number.
Here’s my letter to the NSA:
National Security Agency
Attn: FOIA/PA Office (DJ4)
9800 Savage Road, Suite 6248
Ft. George G. Meade, MD 20755-6248
Dear NSA FOIA/PA Office:
This is a Privacy Act request, as described in http://www.nsa.gov/public_info/foia/submit_privacy_act_request/index.shtml.
I am seeking a list of all phone calls made from number 781-648-1083. 781-648-1083 is my home phone number, Verizon provides my phone service, and I am aware that Verizon has received national security letters compelling the company to provide
telephony metadata created by Verizon for communications (i) between the United States and abroad; or, (ii) wholly within the United States, including local telephone calls.
(The quoted text comes from the document at https://www.documentcloud.org/documents/709012-verizon.html, which was published by the Guardian newspaper in June 2013.
I am seeing a copy of said “telephony metadata”, where the call originated from 781-648-1083.
I would prefer to receive these records in electronic form (e.g., as a character-delimited file on a CD.
I am willing to pay up $100 for the processing of this request. Please inform me if the estimated fees will exceed this limit before processing my request.
I am seeking information for personal use and not for commercial use.
Thank you for your time and attention.
I thought this was a pretty conservative request, and one that would fall squarely within the scope of the Privacy act of 1974 — the NSA is a government agency, the records requested pertain solely to me, and therefore I should have the right to review them. It’s definitely less adventurous that what our friends at Muckrock did, requesting all of Dianne Feinstein’s phone records.
The NSA sent a three page letter in response to my FOIA request. Here is the full text of their response (dated November 21, 2013):
Dear Mr. Revilak:
This responds to your Freedom of Information Act (FOIA) request of 23 October 2013, which was received by this office on 4 November 2013, for a list of phone calls made from your home phone number, 781-648-1083. A copy of your request is enclosed. Your letter has been assigned Case Number 75473. Please refer to this case number when contacting u s about your request. For purposes of this request and based on the information you provided in your letter, you are considered an “all other” requester. There are no assessable fees for this request. Your request has been processed under the provisions of the FOIA.
You may be aware that one of the NSA/CSS missions is to collect, process, and disseminate communications or signals intelligence information for intelligence and counter intelligence purposes. NSA is authorized to engage in these activities in order to prevent and protect against terrorist attacks, the proliferation of weapons of mass destruction, intelligence activities directed against the United States, international criminal drug activities, and other hostile activities directed against the United States. The roles and responsibilities that NSA exercises are delineated in Executive Order 12333, as amended.
As you may also be aware, there has been considerable coverage of two NSA intelligence programs in the press/media. Under Sec. 215 of the USA PATRIOT Act, as authorized by the Foreign Intelligence Surveillance Court (“FISC”), NSA may acquire telephone metadata, such as the telephone numbers dialed and length of calls, but not the content of calls or the names of the communicants. Under Sec. 702 of the FISA, with appropriate authorization, NSA may target non-U.S. persons reasonably believed to be located outside the United States for foreign intelligence purposes. Under the FISC-authorized Sec. 215 authority, NSA cannot review any metadata unless strict requirements are met, i.e., the data may be queried only when there is a reasonable suspicion, based on specific facts, that a phone number is associated with a foreign terrorist organization. Likewise, under Sec. 702, there are strict controls approved by the FISC to help ensure that no U.S. person is targeted and FISC-approved minimizations procedures to ensure the protection of any information concerning U.S. persons that may be incidentally acquired.
Although these two programs have been publicly acknowledged, details about them remain classified and/or protected from release by statutes to prevent harm to the national security of the United States. To the extent that your request seeks any information on your telephone activity in relation to NSA intelligence programs, or in relation to any specific methods or means for conducting the programs, we cannot acknowledge the existence or non- existence of such information. Any positive or negative response on a request- by-request basis would allow our adversaries to accumulate information and draw conclusions about NSA’s technical capabilities, sources, and methods. Our adversaries are likely to evaluate all public responses related to these programs. Were we to provide positive or negative responses to requests such as yours, our adversaries’ compilation of the information provided would reasonably be expected to cause exceptionally grave damage to the national security.
Therefore, your request is denied because the fact of the existence or non-existence of responsive records is a currently and properly classified matter in accordance with Executive Order 13526, as set forth in Subparagraph (c) of Section 1.4. Thus, your request is denied pursuant to the first exemption of the FOIA, which provides that the FOIA does not apply to matters that are specifically authorized under criteria established by an Executive Order to be kept secret in the interest of national defense or foreign relations and are properly classified pursuant to such Executive Order.
Moreover, the third exemption of the FOIA provides for the withholding of information specifically protected from disclosure by statute. Thus, your request is also denied because the fact of the existence or non-existence of the information is exempted from disclosure pursuant to the third exemption. The specific statutes applicable in this case are: Title 18 U.S. Code 798; Title 50 U.S. Code 3024(i) (formerly Title 50 U.S. Code 403-l(i)); and Section 6, Public Law 86-36 (50 U.S. Code 3605, formerly 50 U.S. Code 402 note).
The Initial Denial Authority for NSA information is the Associate Director for Policy and Records, David J. Sherman. As your request is being denied, you are hereby advised of this Agency’s appeal procedures. Any person denied access to information may file an appeal to the NSA/CSS Freedom of Information Act Appeal Authority. The appeal must be postmarked no later than 60 calendar days of the date of the initial denial letter. The appeal shall be in writing addressed to the NSA/CSS FOIA Appeal Authority (DJ4), National Security Agency, 9800 Savage Road STE 6248, Fort George G. Meade, MD 20755-6248. The appeal shall reference the adverse determination and shall contain, in sufficient detail and particularity, the grounds upon which the requester believes that the determination is unwarranted. The NSA/CSS FOIA Appeal Authority will endeavor to respond to the appeal within 20 working days after receipt, absent any unusual circumstances.
There’s quite a bit of material there, so I’d like to dissect it a bit.
- The Guardian published an National Security Letter that clearly compelled Verizon to turn domestic call detail records over to the NSA. Yet, the NSA cannot acknowledge the existence of records that Verizon was legally compelled to provide.
- The NSA denied my request “because the fact of the existence or non-existence of responsive records is a currently and properly classified matter”. In the NSA’s eyes, classified information is still classified information, despite the fact that it’s become general public knowledge.
- The NSA claims that my call detail records are “matters that are specifically authorized … to be kept secret in the interest of national defense or foreign relations and are properly classified pursuant to such Executive Order.” I never considered calls to grandma as being in the interest of national defense or foreign relations, but the NSA apparently thinks they are.
- Regarding Title 18 U.S. Code 798, I assume the relevant portion is (a)(1) “concerning the communication intelligence activities of the United States or any foreign government”. Can’t have the masses knowing about those calls to grandma. Ditto for those calls to the pizza guy.
- Title 50 U.S. Code 3024(i) covers “Protection of intelligence sources and methods”. I’m not sure how that applies to my request, since I haven’t asked the NSA to divulge any sources or methods. (As the NSA noted in their response, their sources and methods have been widely reported on by the press and media).
- 50 U.S. Code 3605 covers “Disclosure of Agency’s organization, function, activities, or personnel”. Again, I’m not sure how this applies to my request. I haven’t requested the “names, titles, salaries, or number of the persons employed” by the National Security Agency. Likewise, I have not requested “the disclosure of the organization or any function of the National Security Agency, or any information with respect to the activities thereof”. (Again, the function and activities of the NSA have been widely reported by the media, at least when it comes to bulk collection of phone records).
I’m planning to file an appeal.
Are you irked by the NSA’s mass surveillance programs? Please consider sending us a donation; it will really go a long way towards helping us continue to advocate for Open Government, Open Culture, Open Innovation, and People First. If you’re not ready to take that plunge, consider registering as a Pirate or (even better) running for local office as a member of the Pirate party.
Long before I became a pirate, I had an interest in privacy, security, and digital surveillance, so I was completely floored when the Guardian published a National Security Letter to Verizon, compelling them to turn over phone records for a three-month period. National Security letters (NSLs) are very secretive. You can think of them as subpoenas that come with a gag order — a party that receives a NSL is forbidden from telling anyone about it — and very few recipients have managed to talk about them publicly (Calyx internet being a notable exception). Unless you’ve received an NSL, the guardian story was probably the first time you’d seen one of these things.
I’m a Verizon customer, and my phone calls fit the description of “(i) between the United States and abroad; or, (ii) wholly within the United States, including local telephone calls”. So, I sent the NSA a FOIA request, asking for all telephony records that originated from my home phone number.
Here’s my letter to the NSA:
I thought this was a pretty conservative request, and one that would fall squarely within the scope of the Privacy act of 1974 — the NSA is a government agency, the records requested pertain solely to me, and therefore I should have the right to review them. It’s definitely less adventurous that what our friends at Muckrock did, requesting all of Dianne Feinstein’s phone records.
The NSA sent a three page letter in response to my FOIA request. Here is the full text of their response (dated November 21, 2013):
There’s quite a bit of material there, so I’d like to dissect it a bit.
I’m planning to file an appeal.
Are you irked by the NSA’s mass surveillance programs? Please consider sending us a donation; it will really go a long way towards helping us continue to advocate for Open Government, Open Culture, Open Innovation, and People First. If you’re not ready to take that plunge, consider registering as a Pirate or (even better) running for local office as a member of the Pirate party.