How Do Innovative Spy Warrants Work? One Expert Speculates

Last week, the Justice Department added a surprising twist to the always murky story of the warrantless surveillance of Americans' overseas communications, by announcing that the program would start getting warrants from the very court it had previously said was too slow and outdated. The government said it was using a combination of orders that were innovative and creative -- leading many to wonder how the orders worked -- but Attorney General Alberto Gonzales did not give any details -- saying this would tip off terrorists. The announcement sent national security experts into tea-leave reading mode -- trying to piece together an explanation that would allow the government to do widespread surveillance while staying within the contours of the law that requires specific warrants.

James X. Dempsey, the policy director for the Center for Democracy and Technology, is one of those who has a theory:

My theory is that what they ended up with was something between an individualized and a programmatic warrant. I don't think that what they did was a straight programmatic warrant -- these are individualized wiretaps. My current guess is there are 2 orders.

One order has a list of suspected terrorists or phone numbers believed to be used by terrorists, and the government said they have probable cause why this person is either likely to be member of a terrorist group or that an email address is being used by Al Qaeda. Maybe there are 100 identifiers or 500, I don't know. The government tells the court, "We don't know if any of these are being used but if we find one of these numbers being used, we want to start monitoring immediately." They've particularized it so it's just these 500. The court order may say tell us when you turn on monitoring and come back at end of 90 days and brief us and tell us a new list every ninety days.

The second approach involves the fruits of a massive data-sorting algorithm, Dempsey suggests. In this case, the government's argument is something akin to:

Every single day there are a million calls into and out from Pakistan, Afghanistan, Somalia, Yemen, Saudi Arabia etc. and we are monitoring the traffic datas to sort them out. We have a pretty good idea of what we are looking for to narrow it down to 100 calls a day where we have probable cause to believe these are calls of terrorists. This is the algorithm we use and this is why we believe it works, and at the end of the day, we only intercepting those who meet this standard DNA. It's good enough to be probable cause and gets us from millions down to 100.

That's pure speculation, Dempsey emphasized, but it makes sense since the National Security Agency has long relied on ways to filter out the traffic that is noise.

They have always done traffic analysis and the legal rules are ambiguous. But let's assume have pretty broad power to do that without court order where at least one leg of the communication is overseas and we know that they don't have ability to suck up all the content. They do everything they can to narrow down the stuff they have to translate.

Then the government has to convince the court that this approach is not a warrant that approves a whole program, because the surveillance law doesn't allow for such warrants -- they must be individualized and particularized. So Dempsey, surmises they have gotten a warrant that says if you find a, b, c, d, and e, then that's probable cause to believe a person is a terrorist and the government can start monitoring the content of the communication.

Dempsey likens that approach to seeing a guy standing on the corner furtively and passing bags to people in exchange for $20, that's probable cause to search the person for drugs.

Still Dempsey thinks the government could and should be more forthcoming:

Let's say the government came forward and said the wiretaps are not based on speculation but are based on observed behavior and that there are a certain set of factors which included geography that taken together give us probable cause to believe a particular phone number is involved in terrorism. We have presented these factors to court and we only wiretap when the factors are met.

I think they could say all of that safely and at the end of day, I might or might not be comfortable with that system. But we could have that debate and be a lot better off in terms of public trust and be assured that system of checks and balances is working. That's what the congressional staff and committees should be pushing for.

The opposite -- the secrecy that the new orders are wrapped in -- are inimical to democratic debate, Dempsey said.

There was an amazing quote in the briefing by Justice Department where an official said, 'There have been recent development in law that are secret'. I just don't see how you can have secret developments in the law.

Note: the Justice Department official said, "They're orders that take advantage of use of the use of (sic) the FISA statute and developments in the law. I can't really get into developments in the law before the FISA court. But it's a process that began nearly two years ago, and it's just now that the court has approved these orders," according to the official transcript.