On Tuesday, members in the House and Senate introduced new versions of the USA Freedom Act that would prohibit bulk collection of records under Section 215 of the Patriot Act, the FISA pen register authority, and national security letter statutes. The legislation, if passed, would result in significant changes to the National Security Agency’s bulk phone records program, raising questions about the impact such prohibitions could have on the Intelligence Community (IC). This makes it a good time to revisit analyses of the utility of bulk collection programs. The National Research Council (NRC) recently published one such analysis, “Bulk Collection of Signals Intelligence: Technical Options.”
The NRC’s report threatens to serve as the foundation for future thought about how the IC should respond to the age of big data, which is why its analysis is both important and problematic. Its baseline conclusion is that “[t]here is no software technique that will fully substitute for bulk collection where it is relied on to answer queries about the past after new targets become known.”
Outside of the narrowest technical context, this conclusion is fundamentally wrong. In practice, targeted approaches will more than substitute for bulk collection.
The NRC Report. The NRC report is the result of a process started by Presidential Policy Directive 28, which asked the Office of the Director of National Intelligence (ODNI) to “assess the feasibility of creating software that would allow the IC to conduct targeted information acquisition [of signal intelligence] rather than bulk collection.” The ODNI requested that the National Academies form a committee to study the question. The NRC report is the product of that committee’s work.
Read the full post at Just Security.