Agency tracks transactions handled by firms like Western Union in and out of the US
The CIA is secretly collecting bulk records of international money transfers, handled by firms like Western Union — including transactions into and out of the United States — under the same law that the National Security Agency uses for its huge database of Americans’ phone records, according to current and former government officials.
The CIA financial records programme, which the officials said is authorised by provisions in the Patriot Act and overseen by the Foreign Intelligence Surveillance Court, offers evidence that the extent of government data collection programmes is not fully known and that the national debate over privacy and security may be incomplete.
Some details of the CIA programme were not clear. But it was confirmed by several current and former officials, who spoke on the condition of anonymity because the matter remains classified.
The data does not include purely domestic transfers or bank-to-bank transactions, several officials said. Another, while not acknowledging the programme, suggested that the surveillance court had imposed rules withholding the identity of any Americans from the data the CIA sees, requiring a tie to a terrorist organisation before a search may be run, and mandating that the data be discarded after a certain number of years. The court has imposed several similar rules on the NSA call logs programme.
Several officials also said there was more than one other bulk collection programme that has yet to come to light.
“The intelligence community collects bulk data in a number of different ways under multiple authorities,” said one intelligence official.
Dean Boyd, a spokesman for the CIA, declined to confirm whether such a programme existed but said that the agency conducted lawful intelligence collection aimed at foreign — not domestic — activities and that it was subject to extensive oversight.
“The CIA protects the nation and upholds the privacy rights of Americans by ensuring that its intelligence collection activities are focused on acquiring foreign intelligence and counterintelligence in accordance with US laws,” he said.
Juan Zarate, a White House and Treasury official under President George W. Bush, said that, unlike telecommunications information, there has generally been less sensitivity about the collection of financial data, in part because the government already collects information about large transactions under the Bank Secrecy Act.
“There is a longstanding legal baseline for the US government to collect financial information,” said Zarate, who is also the author of “Treasury’s War”, about the crackdown on terrorist financing. He did not acknowledge the CIA programme.
Orders for business records from the surveillance court generally prohibit recipients from talking about them. A spokeswoman for one large company that handles money transfers abroad, Western Union, did not directly address a question about whether that firm had been ordered to turn over records in bulk, but said that the company complied with legal requirements to provide information.
“We collect consumer information to comply with the Bank Secrecy Act and other laws,” said the spokeswoman, Luella Chavez D’Angelo. “In doing so, we also protect our consumers’ privacy.”
In recent months, there have been hints in congressional testimony, declassified documents, and litigation that the NSA programme — which was disclosed by Edward J. Snowden, the former NSA contractor — is not unique in collecting records involving Americans.
For example, the American Civil Liberties Union is fighting a Freedom of Information Act lawsuit for documents related to Section 215 of the Patriot Act, the provision that allows the government to compel companies to turn over business records for counterterrorism purposes. Since the government declassified the NSA phone records programme, it has released many documents about it in response to the suit.
But the government has notified the ACLU that it is withholding two Foreign Intelligence Surveillance Court rulings invoking Section 215 — one dated August 20, 2008, and the other November 23, 2010 — because they discuss matters that remain classified, according to Alexander Abdo, an ACLU lawyer. “It suggests very strongly that there are other programmes of surveillance that the public has a right to know about,” Abdo said.
In addition, a Justice Department “white paper” on the NSA’s call records programme, released in August, said that communications logs were “a context” in which the “collection of a large volume of data” was necessary for investigators to be able to analyse links between terrorism suspects and their associates. It did not say that call records were the only context that meets the criteria for bulk gathering.
In hearings on Capitol Hill, government officials have repeatedly avoided saying that phone logs — which include date, duration and numbers of phone calls, but not their content — are the only type of data that would qualify for bulk collection under the Patriot Act provision. In a little-noticed exchange late in an October 3 hearing before the Senate Judiciary Committee, Gen Keith B. Alexander, the NSA director, appeared to go further.
At the hearing, Sen Mazie K. Hirono, D-Hawaii, asked Alexander and James R. Clapper Jr, the director of national intelligence, a sweeping question: “So what are all of the programmes run by the NSA or other federal agencies” that used either Section 215 of the Patriot Act or another surveillance law that allows warrantless wiretapping of phone and emails?
Alexander responded by describing, once again, the NSA’s call records programme, adding “none of that is hid from you.” Clapper said nothing.
Moments later, Alexander interjected that he was talking only about what the NSA was doing under the Patriot Act provision and appeared to let slip that other agencies were operating their own programmes.
“You know, that’s of course a global thing that others use as well, but for ours, it’s just that way,” Alexander said.
In September, the Obama administration declassified and released a lengthy opinion by Judge Claire Eagan of the surveillance court, written a month earlier and explaining why the panel had given legal blessing to the call log programme. A largely overlooked passage of her ruling suggested that the court had also issued orders for at least two other types of bulk data collection.
Specifically, Eagan noted that the court had previously examined the issue of what records were relevant to an investigation for the purpose of “bulk collections”, plural. There followed more than six lines that were censored in the publicly released version of her opinion.
Lawmakers on the House and Senate Judiciary Committees have been trying to gain more information about other bulk collection programmes.
In September, Rep Jim Sensenbrenner, R-Wisconsin, an author of the original Patriot Act, sent a letter to Attorney General Eric H. Holder Jr asking whether the administration was collecting bulk records aside from the phone data. An aide said he had yet to get a response. Even lawmakers on the Intelligence Committees have indicated that they are not sure they understand the entire landscape of what the government is doing in terms of bulk collection.
Sen Dianne Feinstein of California and Saxby Chambliss of Georgia, the top Democrat and Republican on the Senate Intelligence Committee, recently sent a classified letter to Clapper, asking for a full accounting of every other national security programme that involves bulk collection of data at home or abroad, according to government officials.