How Much Email Metadata Does NSA Collect?
In Barton Gellman's big NSA surveillance piece, he says it wasn't bulk collection of telephone metadata that caused the dramatic showdown in John Ashcroft's hospital room in 2004. (Metadata consists of records about phone calls—time, location, and participants—not the contents of the calls themselves.) Everyone was fine with that. It was collection of internet metadata for email, chat, Skype, and so forth that caused the showdown. In the end, the program was shut down, but then a few months later it was started back up under the oversight of the FISA court.
So it's still cruising along, right? I'd guess so, but then there's this at the tail end of Gellman's article:
As for bulk collection of Internet metadata, the question that triggered the crisis of 2004, another official said the NSA is no longer doing it. When pressed on that question, he said he was speaking only of collections under authority of the surveillance court.
“I’m not going to say we’re not collecting any Internet metadata,” he added. “We’re not using this program and these kinds of accesses to collect Internet metadata in bulk.”
That's clear as mud, isn't it? Gellman also describes NSA's initial contention after 9/11 that it could collect bulk internet metadata because, legally, it didn't "acquire" the information merely by putting it in a database. It only "acquired" it when an analyst actually retrieved it for some reason. So as long as analysts only retrieved records they were legally entitled to, everything was kosher:
Goldsmith and Comey did not buy that argument, and a high-ranking U.S. intelligence official said the NSA does not rely on it today. As soon as surveillance data “touches us, we’ve got it, whatever verbs you choose to use,” the official said in an interview. “We’re not saying there’s a magic formula that lets us have it without having it.”
Taken together, these two officials are suggesting that NSA no longer collects internet metadata in bulk. It collects only data it's legally allowed to have in the first place, presumably based on a Section 702 warrant. But that's still a helluva lot. One of the documents released by Edward Snowden suggests that it amounts to over 1 trillion records per year.