Pour one out for another fruitful FOIA case for surveillance documents

Another excellent Freedom of Information Act case for surveillance documents came to an end late last month while I was on vacation, so I’m only now getting to it. It was for inspector general reports at the National Security Agency about the three programs that grew out of Stellarwind.

The germ of the idea for this FOIA came from Marcy Wheeler of Emptywheel, who had spotted a passing reference to the existence of an NSA inspector general report about the FISA Amendments Act warrantless surveillance program deep in a 2013 memo to the Intelligence Oversight Board and pointed it out to me in early 2015. I made a FOIA request for it and threw in the other two Stellarwind successor activities — the bulk phone records and bulk e-mail records programs — without knowing if there were any inspector general reports about them. As is typically the case with FOIA, the NSA did not act on the request and so the New York Times filed a lawsuit. I thank our great FOIA lawyer, David McCraw, and two annual NYT First Amendment fellows, Jeremy Kutner (2014-15) and Tali Leinwald (2015-16) for their hard work on the case.

It turned out to be paydirt: there were hundreds of pages of documents that were responsive to the three-part request. The N.S.A. disclosed them in three tranches, and each was newsworthy. One document among the bulk phone metadata program group — turned over to us in unredacted form by mistake — disclosed the identities of the participants in the bulk phone records program (AT&T, Sprint and Verizon) and confirmed suspicions that it could be used to hunt for Hezbollah and Iranian operatives, not just Al Qaeda. The bulk e-mail metadata program group confirmed that even though the N.S.A. said it had turned off that program in late 2011, it did so only after it had figured out how to achieve similar results using data obtained in other ways. And the warrantless surveillance program group shed light on the role played by telecommunications providers in actively performing the sifting and filtering of data packets required for upstream Internet surveillance on behalf of the N.S.A. rather than passively turning over all the packets for the N.S.A. to hunt through itself. (Notably, Marcy had already surmised both that the N.S.A. collection and analysis of e-mail metadata had probably migrated more than ended, and that Iran was part of the phone metadata program, based on scattered clues in the prior public record.)

We challenged the N.S.A. over the legitimacy of several redactions, but Judge Katherine Forrest granted the Justice Department’s request for summary judgment and dismissed the case without any further disclosures. Nevertheless, it had already dragged a lot of useful material out into the public eye. As with the FOIA case for Department of Justice inspector general reports that also ended last month with a ruling against us in a dispute over whether any further redaction lines should be removed, the concluding loss masked a much larger overall victory for transparency and public understanding of government powers and actions.