TOPICS > Politics

How the U.S. Government’s ‘Big Cauldron of Data’ Affects Your Privacy

March 23, 2012 at 12:00 AM EDT
New guidelines allow the National Counterterrorism Center to keep and analyze information gathered about Americans or U.S. residents for much longer, according to a statement released Thursday. Margaret Warner discusses expanded intelligence access with former Center head Michael Leiter and author James Bamford.

JUDY WOODRUFF: And to the Obama administration’s move to relax limits on the search and storage of information about Americans.

Margaret Warner has the story.

MARGARET WARNER: The updated guidelines let the National Counterterrorism Center keep information gathered about Americans or U.S. residents much longer, even for those without suspected ties to terror.

The NCTC, as it’s called, was founded in 2004 as a clearinghouse for intelligence agencies to help connect the dots among the massive amounts of information collected by the NSA, CIA, FBI, the Pentagon and other agencies.

The director of national intelligence, James Clapper, and Attorney General Eric Holder announced the changes in a statement released yesterday. The revisions permit the NCTC to retain and continually assess data for a period of up to five years. The previous limit on storing, before ultimately destroying such information had been 180 days.

Obama administration officials say the new longer timeframe will expand the center’s ability to analyze data and identify terrorist threats. The announcement said the changes do not give the government any new powers for collecting information. Left unclear is the kinds of information on Americans that is being collected, retained, and analyzed now, and how widely commercial data, like travel records, credit card transactions, and phone calls, is involved.

The updates, the announcement said, were sparked by reviews of the failure to identify clues that might have anticipated the November 2009 Fort Hood shooting and the failed attack by the so-called underwear bomber.

And for more on this expansion, we turn to Michael Leiter, the first director of the National Counterterrorism Center under President George W. Bush and President Obama. He is now with a private technology firm and is also an analyst for NBC News. And James Bamford, who’s written extensively about intelligence matters and agencies, his most recent book is “The Shadow Factory: The Ultra-Secret NSA from 9/11 to the Eavesdropping on America.”

Welcome, gentlemen, to you both.

Mr. Leiter, let me begin. Before we get into a debate, explain what kind of data or information we’re talking about here that would be affected by these guidelines. I mean, is it data we would normally think of as private, credit cards, travel records, e-mails, phone calls?

MICHAEL LEITER, National Counterterrorism Center: Well, it is information that would be considered private.

But what I think is most important is that it is not information that is not already collected and already held by other government agencies. It is only information that is lawfully collected, either by the FBI or Department of Homeland Security, and these new guidelines simply allow NCTC, that already had access to this information, to retain this information for a longer period of time.

MARGARET WARNER: So explain though why there is a need to retain it for a longer period of time at the NCTC if it already exists at these other agencies.

MICHAEL LEITER: Well, the reason NCTC was created was to make sure that information from different organizations, the FBI, the CIA, the National Security Agency, was properly correlated.

And the best way to explain it is really an example. If today, an agency collects information related to a U.S. person, in six months, they have to get rid of that at the NCTC. But if in month seven, new information indicates that that first set of information could have indicated some terrorist activity, the NCTC couldn’t make that correlation, and that’s what this new change seeks to fix.

MARGARET WARNER: So, James Bamford, what’s wrong with that, or is there anything wrong with that, keeping this information for five years?

JAMES BAMFORD, “The Shadow Factory: The Ultra-Secret NSA from 9/11 to the Eavesdropping on America”: Well, you’re extending it by 10 times the original limit. I mean, you’re really pushing the — pushing down the trail that leads to the Total Information Awareness problem that affected the Bush administration.

There was an organization that came up with this idea of collecting every piece of information, putting it all together. And most of that was private information on U.S. citizens. And then somehow, from all that, we would be able to find these terrorists.

Well, the public was outraged by that idea and Congress was outraged by it, and they quickly disbanded the Total Information Awareness program. And the more we keep going down this road, the more we keep coming back to that same concept.

I just finished a cover story for “Wired” magazine this month where we look at this very, very large data center that’s being built in Utah for the National Security Agency and for other agencies also. It’s going to be one million square feet. It will probably hold a yottabyte of information, which is almost indescribable in terms of the number of pages.

I think it’s a quintillion — 500 quintillion pages of documents. You get to the point where you’re saying there’s just too much collection, and the analysis just has to go on with the information it has.

MARGARET WARNER: Mr. Leiter, back to you.

Explain more — is this just information that is sucked up about all Americans, or is it just Americans whose either activities or connections or relationships raise a red flag?

MICHAEL LEITER: Well, Judy, first. . .


MICHAEL LEITER: … respectfully to Mr. Bamford, I — my apologies, Margaret.


MICHAEL LEITER: I have to correct what Mr. Bamford said.

First of all, it is not a movement all the way to five years for retention. That’s the ceiling. It’s not a requirement for all information. And the idea behind Total Information Awareness was, you would find connections to terrorism by simply looking at all this data, credit card information and the like.

That’s simply not what this is. This involves information that the U.S. government already has a legal authority to collect, that it’s already holding. And then the NCTC can retain that information when there’s a substantial likelihood that there is terrorism information there.

And only at that point can the NCTC retain that and analyze it. And the type of information we’re talking about is not a blanket collection of information for everyone who is going and using their credit card each day or making a phone call. The information that is being collected is things like information that’s collected by the FBI pursuant to approval by the Foreign Intelligence Surveillance Court, so a court order authorizing electronic surveillance, or information regarding individuals who are leaving or entering the United States.

It is far, far from the vacuum — the vacuuming of information that Mr. Bamford seems to suggest.

MARGARET WARNER: What about that, Mr. Bamford?

JAMES BAMFORD: I don’t think it’s far away at all. The FBI bought into a tremendous amount of private databases from companies.

Yes, probably it’s legal to do that, but we saw in the Bush administration how for years they went on conducting illegal surveillance, and then lying to the public about what was going on. President Bush came out and said we were doing no warrantless eavesdropping, when in fact we were doing a massive amount of warrantless eavesdropping.

The amount of information the government collects I think is a problem. It’s a problem because it affects the privacy, Fourth Amendment rights of U.S. citizens. And I think the government is drowning in information. I think that is one of the problems. It isn’t able to find the terrorists because there’s too much information, not too little information.

MARGARET WARNER: Back to you, Mr. Leiter.

MICHAEL LEITER: Well, I certainly agree with Mr. Bamford that this is an issue.

And it’s very important that, as this information is initially collected and as it is retained by places like the National Counterterrorism Center, that there is very rigorous oversight. And I certainly can’t defend issues of warrantless wiretaps.

In this case, you are talking about information that is collected lawfully, and then retained for terrorism purposes. At the same time, as Ronald Reagan said, we should trust and verify. There needs to be a very, very rigorous set of controls to make sure that there are internal executive branch controls, that this information is protected adequately, and that there is outside review by the Senate and the House Intelligence Committees, and, where appropriate, the Foreign Intelligence Surveillance Court or other courts.

That is built in to these guidelines.

MARGARET WARNER: A quick final response from you, Mr. Bamford. Do you have any indication or any reporting that suggests that those safeguards aren’t in place?

JAMES BAMFORD: Well, I have no idea because you don’t know until there’s a leak or The New York Times or somebody else breaks a story that something is being done illegally.

The problem is not just the oversight. These problems — are constantly making mistakes. Ted Kennedy was put on the watch list for months before he could get off it. There are thousands, if not hundreds of thousands of people that have probably put on the watch list by accident.

So the more information you have of people that are being put into this big cauldron of data, the more chances you have of innocent people being caught up in this Web.


Well, thank you, James Bamford and Michael Leiter. Thank you both.