Marc Ambinder:
The American public has a much better understanding of how the National Security Agency does its work, how it monitors itself, and how it interacts with the Foreign Intelligence Surveillance Court. We should avail ourselves of the opportunity to understand these issues as much as possible.
For example, the director of national intelligence tells usabout the two major overcollection/underestimation problems the NSA discovered in 2009.
One involved bulk telephone records, and the other involved the now-discontinued email metadata collection program. The DNI insists that the technical complexities of the collection were such that the agency did not for some time have a clear sense of precisely how its own programs were working. At the same time, when these two major problems were identified, the NSA realized that its compliance architecture had not kept pace with “operational momentum,” and began to overhaul its entire procedures and management structure. The NSA therefore did not realize it was misleading Congress and the FISA court. This makes sense.
But I do wonder: If NSA does not know what it is doing because it is so good at collecting intelligence, is it possible that the entire SIGINT architecture is somehow emergent in the sense that it is too complex to be subject to the type of oversight that a reasonable person who does not understand SIGINT would think is appropriate?
This isn’t a philosophical question. If the NSA doesn’t know what it’s doing, or if it is not possible for NSA to know what it is doing, then should it design systems that err on the side of overcompliance? In other words, should the “bias” of its policies be to proactively screen out information even if it might include valuable foreign intelligence because NSA is probably overcollecting? Or are the American people willing to allow a certain amount of technological pipe shifting, even if it includes their communication, so long as the NSA is legitimately trying to make it work?