Along the way, the court laid out guidelines for the NSA to meet in handling the data and conducting searches that were intended to protect Americans’ privacy. The court ruled, for instance, that the metadata should only be searched if there was “reasonable, articulable suspicion” of a link to terrorism or in an emergency.
Yet from May 2006 to January 2009, the NSA violated the court’s mandate, searching the telephone metadata it collected each day from the nation’s phone companies against an “alert list” of thousands of international and domestic phone numbers, according to a March 2009 opinion written by a FISC judge.
Only a fraction of those list numbers – about 10 percent of the 17,835 phone numbers on the government’s list in early 2009 – had a “reasonable, articulable suspicion” of a link to terrorism, as the court discovered in early 2009.
That’s when the Department of Justice notified the FISC that the NSA’s “alert list” search terms were not in compliance with the court’s requirements. Judges overseeing the court were not amused by the revelation.
“The government has compounded its noncompliance with the court’s orders by repeatedly submitting inaccurate descriptions of the alert list process” to the court, Judge Reggie Walton wrote. “It has finally come to light that the FISC’s authorizations of this vast collection program have been premised on a flawed depiction of how the NSA uses" the earlier collected phone metadata.
After the discovery, a full-blown investigation ensued. It found that more than 200 analysts from the FBI, CIA, and the National Counterterrorism Center had access to “query results” from the metadata database that did not correctly mask the identities of US persons, the Washington Post reported.