The new NSA math: How 54 became “at most 1”

The Senate Judiciary Committee questioned senior officials of the NSA, FBI, and the Department of Justice at the hearings today. As one would expect, the senators scolded their agencies for lying to them but did not refer them for prosecution, which means that it was just grandstanding. Some senators also promised to introduce legislation forcing more transparency and revamping the rubber-stamp FISA court but we will have to see if that too is just grandstanding.

But there was one bit of information. The administration has been trumpeting that these massive surveillance programs have prevented ‘dozens’ of terrorist attacks. But this time they backtracked.

The NSA has previously claimed that 54 terrorist plots had been disrupted “over the lifetime” of the bulk phone records collection and the separate program collecting the internet habits and communications of people believed to be non-Americans. On Wednesday, [NSA deputy director John] Inglis said that at most one plot might have been disrupted by the bulk phone records collection alone. [My italics]

So they now imply, but don’t say directly, that the other ‘at least’ 53 possible plots came from the other programs. How long before that too is admitted to be a lie?


  1. says

    How can you interrupt a terrorist threat with information-gathering only?

    I call bullshit.

    You have to act on that information in order to interrupt a terrorist threat. And if you act on that information, that creates a record. Someone got arrested. Someone got killed. Someone got sent to the psych ward. A drone strike took out a small village. Something.

    What actions specifically were taken to disrupt these threats based on the information gathered? Were those actions legal? Were there any judicial proceedings based on those actions?

    Proof or it never happened.

  2. Chiroptera says

    To sharpen your point a bit, collecting meta-data lone won’t indicate the existence of imminint terrorist activity. Meta-data can at most give an indication of likely suspects to investigate further. As you stated, not only should there be a record of actions taken, there should also be records of subsequent investigations.

  3. Compuholic says

    It doesn’t really matter whether they managed to prevent 54 or 1 terrorist attacks. The NSA logs 60 million phone connections per day in Germany alone. So let’s say that they monitor 200 million phone connections per day wordwide (which should be a laughably low estimate).

    In the case of 54 attacks that means the percentage of foiled attacks to logged connections is:
    0.0000000027 %

    In the case of 1 attack it becomes:

    And this are only phone connections. Add to the mix that basically all forms of text messaging are completely stored, fully searchable and all communication partners are logged as well. This is a level of absurdity that I lack the words to adequately express my disgust.

    And I don’t buy the explanation that this giant surveillance infrastructure is there only to protect us from a few terror attacks every year. The potential for abuse is almost infinite and I don’t think it is a bug. It is a feature. It is J. Edgar Hoover again. But on a way larger scale.

  4. says

    We know of at least one terror attack that was NOT prevented because of this program – the Boston Marathon bombings. I don’t know if anybody has done some analysis on these lines but it seems obvious to me that beyond a certain size/scope, the returns in terms of timely actionable information will start to diminish simply because it will take far too long to sift through all the data. Even with the fastest supercomputers, it must be hard to keep up with the sheer volume of data that is generated daily by phone/email/Twitter/Facebook and whatever else they are scooping up. At some point we as a society need to do a cost/benefit analysis, is it worth throwing billions of dollars into these programs for preventing a few attacks or whether the same money can be used for other fruitful purposes like the space program or fighting climate change that may actually improve and save more lives.

  5. sailor1031 says

    The proof of the pudding is the fact of the Boston bombing. Sure I’ll bet NSA analysts were frantically busy after the fact checking out every contact the Tsanaevs ever made …but WTF? And the Russians had warned the FBI about Tamerlane……but it still didn’t lead to any surveillance.

    By its nature this accumulated data can only really be used after the fact unless there is an ongoing investigation already in progress. OTOH it’s a goldmine for checking out any persons deemed by the government to be “subversive”. And don’t think they wouldn’t use it. Would Nixon have used this database if he had it? So teabaggers and far right or left wackos and assorted malcontents nationwide, don’t even think about a new american revolution!

    And please, please, please NPR – can we stop calling this “metadata”?

  6. henry_pet says

    On the face of it, it’s completely and utterly implausible that terrorist plots could be systematically detected based primarily on sifting metadata and looking for patterns. Because the probability of actual terrorist attacks is so infinitesimally low, the probability of any low-probability “signature” of metadata connections that might indicate an event worthy of higher-level analysis would still be orders of magnitude greater, and the number of “false positives” would overwhelm the actual events being searched for.

    This can’t be the primary reason for creating and enhancing this massive data-grab.

    However, once one has a lead (either in a terrorism investigation or, say, the investigation of a politician who displeases somebody important), such a system would make it child’s play to track down all that person’s contacts, and data mine that individual’s record for anything incriminating.

    The Guardian piece today said that there’s too much traffic for any conceivable system to hold the entirety for more than several days, so flagging data for long-term or permanent storage needs to be done automatically and quickly.

Leave a Reply

Your email address will not be published. Required fields are marked *