What the Ashcroft “Hospital Showdown” on NSA spying was all about How the government sought to justify blanket collection of Internet metadata.
We’ve known for years that the STELLAR WIND surveillance program—a massive NSA effort authorized by President George W. Bush after 9/11—eventually led to a dramatic showdown at the bedside of then-attorney general John Ashcroft. The situation surrounding STELLAR WIND was on such shaky legal ground that top members of the government threatened to quit in protest, though the exact reasons for their unease have been difficult to pinpoint.
Now, documents leaked by Edward Snowden have finally given us a clearer idea of what that showdown was really about: the wholesale collection of Internet metadata.
It appears that the meta data issue has been bouncing around through two different presidential administrations and that it is not as cut and dried and issue as people like Dianne Feinstein would have us believe. The public was aware of the showdown in John Ashcroft's hospital room involving Alberto Gonzales and James Comey, the then acting AG and now Obama's nominee for FBI director. There weren't enough details available until now to understand what the fight was all about.
One of the issues involved here is the difference between telephone and internet meta data. One of the first of Snowden's documents to be published was the order to Verizon to provide telephone meta data. It has been possible to construe phone records as legal to obtain without a warrant because they don't reveal the content of the conversations.
Internet metadata, however, would have been trickier. To see why, it’s important to understand how the Internet works differently from the phone network. When the phone company connects a call on a traditional circuit-switched phone network, it naturally has to know which two numbers it is connecting and for how long. That's pretty much the sum of the relevant metadata.
But that’s not how a packet-switched network like the Internet functions. Packets of Internet information don’t just consist of “metadata” and “content” but of many levels of metadata at different “layers” of the OSI stack familiar to techies. The many computers or programs involved in routing and processing that data typically only need to “look” at one or two of those layers to do their job. Especially if it’s just routing traffic from one foreign computer to another—traffic that just happens to be passing through the United States because that’s the cheapest path—the company running an Internet backbone doesn’t need to “see” or make any record of, for example, who is supposed to receive a particular e-mail or what webpage a user is trying to browse.
The problem came down to the fact that the collection of phone records wasn't electronic surveillance as defined by FISA, but the collection of internet records was. Lawyers for the Bush White House tried various devices to evade the problem. They tried to use the vague wording of the Patriot Act to superseded FISA but the lawyers at DOJ wouldn't sit still for it and threatened to resign.
After the big showdown the administration got legal cover for its activities by going to the FISA and getting a blanket order defined as "pen register". The collection of phone records continues today. Supposedly the collection of bulk internet data was halted in 2011. Nobody seems very clear about what is happening at present.
What this little piece of recent history seems to offer is a look at the problems of applying laws that go back 40 years to the realities of rapidly changing technology. Even if the issues were being debated in open court and open congressional hearings it would be difficult for the law to keep up with the technology. When debate is conducted in secret there is no possibility of accountability.
h/t and thanks for the link to KnKo.