in-depth analysis of FISA
intro:
On June 6, 2013, the Washington Post and The Guardian capturedpublic attention by reporting that the intelligence community was collecting large amounts of information about U.S. citizens.1 The National Security Agency (NSA) and Federal Bureau of Investigation (FBI) were “tapping directly into the central servers of nine leading U.S. Internet companies, extracting audio, video, photographs, e-mails, documents and connection logs that enable analysts to track a person’s movements and contacts over time.”2
In conjunction with the articles, the press published a series of PowerPoint slides attributed to the NSA, describing a program called “PRISM” (also known by its SIGAD, US-984XN).3 The title slide referred to it as the most used NSA SIGAD.4 The documents explained that PRISM draws from Microsoft, Google, Yahoo!, Facebook, PalTalk, YouTube, Skype, AOL, and Apple—some of the largest email, social network, and communications providers—making the type of information that could be obtained substantial: email, video and voice chat, videos, photos, stored data, VoIP, file transfers, video conferencing, notifications of target activity (e.g., logins), social networking details, and special requests.5 The slides noted that the program started in September 2007, with just one partner (Microsoft), gradually expanding through to the most recent company (Apple, added October 2012), and that the total cost of the program was $20 million per year.6 As of 2011, most of the more than 250 million Internet communications obtained each year by the NSA under §702 of the Foreign Intelligence Surveillance Act (FISA) Amendments Act derived from PRISM.7