- It took too long to get a FISA warrant.
- They wanted to do use an entirely new style of surveillance where they captured everything and then processed it looking for patterns (see Schneier on this point.)
This raises the question of whether there's some way to satisfy those concerns that isn't basically a blank check for the government to tap people's communications.
There are two aspects to the timeliness issue. The first is that the communication may be occurring now and that you can't wait days for the recording to start. The second is that you need the intelligence right away. There's no substitute for rapid review in the second case, but in the first case, there's no reason that the surveillance and analysis have to happen contemporaneously. Simply capture the data and store it in some secure location and then apply to the FISA court for a warrant to retrieve the specific communication you're interested in. If you want to get clever, you could implement cryptographic controls: encrypt the messages under a key that the NSA doesn't control but the FISA court does.
Obvious objections: even under FISA the NSA can start capturing and then seek a warrant inside of 72 hours. This scheme would extend the window and decrease worries about getting your hand slapped. Another advantage is that you could actually lower the threshold for initial data acquisition without sacrificing completeness. An obvious objection here is that the NSA can just set up a parallel infrastructure that captures the data without encryption, but any set of administrative controls has this property.
The "data mine everything" approach is harder to accomodate, but still not impossible. In the past few years, there's been a fair amount of work on privacy preserving data mining and encrypted search. Once could imagine giving the NSA access to a transformed (blinded) version of the traffic which they could then run search algorithms on but requiring them to seek warrants for actually uncovering any given communication.
Obvious objections: data mining even blinded information yields private information. This is particularly true if meta-information is still available to the analysis system. These algorithms are generally quite slow, as well as limited in the kinds of queries they can perform. So, this is not as good as a system where you have all the data to work with. But again, people might be willing to let you have access to a broader class of data if they knew it was protected.
Why have this discussion at all? I'm generally not that sympathetic to the claim that the government needs expansive surveillance powers, but it's clear that many in government feel differently, and that legal limitations do not reduce the level of surveillance to one that I'm comfortable with. (Nor am I confident, for that matter, that there aren't programs that I'd be even less happy with going on.) Given that, I think it's worth trying to see if there's some way to strike a balance between surveillance capabilities and privacy that leaves both sides happier than they are now.
I had an interesting thought while reading this. What if NSA is sniffinf encrypted private traffic of US citizens, where it takes them more than 3 days to break the encryption? ie they begin sniffing, and 3 days later when the warrant application is due, they still don't know if they have ground for the warrant...
Craig: I suspect that to FISA, if you are using strong enough encryption that the NSA can't break it in 3 days, it's enough to justify the warrant.
Less snarkily, if they had enough reason to suspect a stream, I believe they could probably at least get an extension to the existing tap while they break the encryption. And if they had absolutely no reason to tap the stream other than joe-random-fishing expedition, well, they shouldn't get the warrant.