Does the NSA have a Middleman?
(updated)
There's been a lot of speculation around the blogosphere today about how to reconcile the USA Today story about the NSA's phone record database with the recent blanket denials of involvement issued by both Verizon and BellSouth. I discussed one line of speculation in my previous post, i.e., that the relevant records are not held by Verizon and BellSouth but by various subcontractors and long-distance carriers with whom those companies do business. Eric Umansky has a good post which further explores this possibility and notes that BellSouth subcontracts its billing operations to an Israeli company.
Think Progress also has an interesting post about a recent presidential memorandum which may provide legal cover for the telecom companies to make misleading public statements in the interest of national security. While this is an intriguing possibility, I confess that I find it VERY unlikely that these companies would make knowingly false public statements, regardless of the legal cover they think they may have. The potential exposure is just too large.
But there may be another solution to this apparent contradiction. BellSouth and Verizon have both emphasized in their statements that they did not provide anything to the NSA, and that they have no arrangement with the NSA. What if there is a non-governmental middleman involved here? Suppose a private contractor approached the NSA (or more likely was encouraged to approach the NSA) with a proposal to gather the anonymized phone records from the major telecom companies, compile that information into a master database, and then sell that database to the NSA.
Such an arrangement would explain away a few puzzles. First, it would explain why Verizon and BellSouth can so emphatically state that they provided nothing to the NSA and have no relationship with the NSA. Second, it would seem to circumvent the Stored Communications Act, which prohibits only the provision of phone records to the government, not to private parties. Third, if this data was first stripped of identifying customer information (names, addresses, etc.) it arguably fits within the aggregate information exception to the Communications Act. The government would not need a court order or subpoena to take possession of this information (at least I don't think it would) because it would merely be purchasing data lawfully collected by a private entity (which is not affiliated with the original service provider).
I have no idea if this is what is actually happening, but it strikes me as a possibility worth considering.
UPDATE: Or maybe I was right the first time. The New York Times has a new article out reporting that the key distinction is between long-distance carriers and purely local carriers:
There's been a lot of speculation around the blogosphere today about how to reconcile the USA Today story about the NSA's phone record database with the recent blanket denials of involvement issued by both Verizon and BellSouth. I discussed one line of speculation in my previous post, i.e., that the relevant records are not held by Verizon and BellSouth but by various subcontractors and long-distance carriers with whom those companies do business. Eric Umansky has a good post which further explores this possibility and notes that BellSouth subcontracts its billing operations to an Israeli company.
Think Progress also has an interesting post about a recent presidential memorandum which may provide legal cover for the telecom companies to make misleading public statements in the interest of national security. While this is an intriguing possibility, I confess that I find it VERY unlikely that these companies would make knowingly false public statements, regardless of the legal cover they think they may have. The potential exposure is just too large.
But there may be another solution to this apparent contradiction. BellSouth and Verizon have both emphasized in their statements that they did not provide anything to the NSA, and that they have no arrangement with the NSA. What if there is a non-governmental middleman involved here? Suppose a private contractor approached the NSA (or more likely was encouraged to approach the NSA) with a proposal to gather the anonymized phone records from the major telecom companies, compile that information into a master database, and then sell that database to the NSA.
Such an arrangement would explain away a few puzzles. First, it would explain why Verizon and BellSouth can so emphatically state that they provided nothing to the NSA and have no relationship with the NSA. Second, it would seem to circumvent the Stored Communications Act, which prohibits only the provision of phone records to the government, not to private parties. Third, if this data was first stripped of identifying customer information (names, addresses, etc.) it arguably fits within the aggregate information exception to the Communications Act. The government would not need a court order or subpoena to take possession of this information (at least I don't think it would) because it would merely be purchasing data lawfully collected by a private entity (which is not affiliated with the original service provider).
I have no idea if this is what is actually happening, but it strikes me as a possibility worth considering.
UPDATE: Or maybe I was right the first time. The New York Times has a new article out reporting that the key distinction is between long-distance carriers and purely local carriers:
Government efforts to obtain data from the nation's largest
phone companies for a national security database appear to
have focused on long-distance carriers, not local ones,
statements by company officials indicate.
The statements have come in the week since USA Today
reported that the National Security Agency had collected
local and long-distance phone records on tens of millions of
Americans from Verizon, BellSouth and AT&T in the
aftermath of the Sept. 11 attacks.
The responses by the companies suggest that the agency,
in an effort to find patterns that could identify terrorists,
sought records from major long-distance providers like the
former MCI (now part of Verizon), AT&T and Qwest, but
did not ask for data on local calls.
Technical experts said long-distance calling records could
yield information not only on the companies' own
long-distance customers, but also on traffic that the
carriers connect on behalf of others, including some calls
placed on cellphones or on Internet voice connections.
posted by A.L. at 3:56 PM
10 Comments:
See, that's what I call intellectually creative problem solving ... for awhile I didn't recognize it as I've become so atuned to BushCo logic. As NSA was understood to be an only offshore spy mechanism I can see where a 3rd party might quelch initial nay sayers at Telecoms. So, who? ChoicePoint? And what kind of a contract would the middleman have to have with NSA? And what restrictions could we expect/not on the middleman's use of the info?
The "contractor" excuse has been used with great success by Citibank in defending against predatory practice allegations from Elliot Spitzer's office against Citibank's "Associates" unit. In Citibank's case "contractors" are sometimes almost indistinguishable from employees.
As pure speculation: the middleman's contract with the NSA could be limited to an agreement that it was to be the proxy for any and all NSA letters. Its contract with BellSouth could require it to maintain a secure database and to respond only to lawful inquiries. This would be similar to the CardSystems/Mastercard breech where everybody could blame everybody else while claiming their own purity.
In BellSouth's case, there's also the gap between its written soft denials such as its May 15th press release posted on its corporate website and the hard denials of its Vice President for Corporate Communications in interviews with the media.
On its webpage in hard text, BellSouth addresses only the narrow specific allegation that there is a contract under which this information was provided and states, "Based on our review to date, we have confirmed no such contract exists and we have not provided bulk customer calling records to the NSA."
But in media interviews, and in a telephone conversation with me, Jeff Battcher, BellSouth's VP for Corporate Communications, indicated that further review found no NSA involvement and he issued a flat denial.
When I asked if BellSouth might consider putting a specific flat denial on its website, he indicated that might be a good idea. But as of the evening of the 17th, no further denials have been posted.
What comes to mind is Scott McClellan's early comments about the Valerie Plame leak, which we now know was officially sanctioned, just as BellSouth's prevarication might be under a national security exception.
MZM perhaps?
A.L.,
See B.S. article:
http://rawstory.com/comments/15768.html
Interesting theory. This is a very confusing situation.
Two questions:
1) Would the phone companies' contracts with their customers allow for giving the information to such a middleman?
2) How do we explain Qwest's claims about being harassed by the government for not turning over the records? It would be very weird for the NSA to go to the phone companies and say "You are legally obligated to give this information to a non-government source."
Good questions, Dave. The answer to the first is going to depend on the terms of the companies' service contracts, which I haven't seen anyone post, but would be interested in seeing.
With respect to the second question, I doubt that the NSA ever told Qwest they were legally obligated to do anything. I suspect they tried to put pressure on Qwest by doing things like threatening to exclude them from future contracts, by giving them a guilt trip about enabling terrorism, and even by offering to pay them for the data.
A.L.,
Rereading the original USA Today story, it looks like you're right.
Of course it could also be that Quest had different data from AT&T, BellSouth & Verizon that NSA wanted. Different negotiation.
AL there was a History Channel special on tonight about Echelon. I missed part of it, but they pointed out that Canada, Brits & US share their spying info as well as their jobs. Idea is that the Canadians spied for the Brits in order to provide them "cover" and deniabilty. New twist to the middleman theory.
Long distance carriers were buying companies like Verizon. Verizon owns the land lines and switches. Everyone, including cellular, has to use their system.
There have been attempts at building systems, but none has really worked. So, the long distance carriers bought the land line carriers. There should'nt be too much confusion that the local phone company has to either be bought or leased from.
As far as billing, integrated billing was 'scary' to some because all the records for home cell, internet, etc. are there. This was an attempt at gaining the customers business, all their communications, unsing convenience billing as the excuse. The phone companies made alot of money providing communications services and using integrated billing to get the customer to 'come over to thier side.' Those records are there and I doubt that is what NSA wanted. The thinking is that it's an independent monitoring system outside the phone companies and alot like that drug movie where they monitored for a voice or keywords in the conversation. Land lines have to have warrants and that is why the NSA passes and, if they did anything at the phone company, it would probably be cellular.
'The record of the call' may well be what the monitoring computer at NSA provides when the monitoring computer finds that voice or keyword. It would be difficult not to have that information at NSA and do the monitoring.
Post a Comment
Links to this post:
Create a Link
<< Home