Of the many questions that still surround the National Security Agency’s vast global spying operations, one seems especially pertinent: Do they actually work? That is, have they helped to prevent terrorist attacks against Americans?
In the case of the NSA’s phone-data program — in which the agency vacuums up information about essentially every call made by Americans — it’s getting harder and harder for the government to answer yes. The latest evidence comes from a report last week by the Privacy and Civil Liberties Oversight Board, an independent federal agency established on the recommendation of the Sept. 11 Commission to balance the right to liberty against the need to prevent terrorism.
The board — which had access to classified information — offered this blunt assessment:
“We have not identified a single instance involving a threat to the United States in which the telephone records program made a concrete difference in the outcome of a counterterrorism investigation,” the report says. “Moreover, we are aware of no instance in which the program directly contributed to the discovery of a previously unknown terrorist plot or the disruption of a terrorist attack.”
In evaluating the NSA’s stunning surveillance capabilities, revealed by former contractor Edward Snowden beginning last June, the question always should be whether the benefits are worth the costs. By now it’s obvious that the oversight of this phone program was insufficient. The benefit of having the records in the first place, however, was always couched in more practical terms by the NSA and its supporters in Congress: It was helping thwart terrorist attacks.
The NSA has asserted that bulk data collection has played some role in disrupting 54 “terrorist events.” Of those, only 12 involved the phone-data program in some capacity. The privacy board examined each in detail. In the only case where the program may have helped the government identify a terrorism suspect — a San Diego cab driver named Basaaly Moalin, who was sending money to the Somalian terrorist group al-Shabaab — there was no threat of an attack on the United States and no reason to conclude that a bulk data-collection program was necessary to determine the connection.