The government acted swiftly in response to Judge John D. Bates’s October 3, 2011 opinion. While it contemplated an appeal, it did not bring one. Instead, it adopted a series of alterations to the NSA’s collection program with respect to “transactions,” and it went back to Judge Bates to get those approved. This led to a second opinion, issued on November 30, 2011 (available here, Part 1 and Part 2), in which Judge Bates considered whether the government’s new approach complied with the FISA and the Fourth Amendment. Less that two months after finding the NSA’s program deficient, Judge Bates approved the government's amended minimization procedures on the grounds that they "adequately corrected the deficiencies” identified by the earlier opinion.
Specifically, Judge Bates finds that the new minimization procedures brings the NSA’s upstream collection of Internet transactions containing multiple communications into line with 50 U.S.C. § 1881a(e), and the NSA’s proposed targeting and minimization procedures into line with the Fourth Amendment.
The court begins by distilling Judge Bates’s October 3 findings: that the government's original minimization procedures as applied to Internet transactions containing multiple communications did not meet FISA requirements for minimization procedures. For the reader looking for a succinct summary of the issue, this is actually a better document than the October 3 opinion itself---which treats the subject exhaustively. We, however, will not retread the ground here, as it is covered in Part II.
Judge Bates focuses on three major changes to the NSA’s minimization procedures that he describes as a “substantial improvement over the measures previously proposed by the government. . . .”
First, the amended minimization procedures require the NSA to segregate and restrict portions of its upstream collection post-acquisition. Generally the analyst reviewing the communication must promptly determine "whether it is a domestic or foreign communication to, from, or about a target and is reasonably believed to contain foreign intelligence information or evidence of a crime."
Second, transactions that have been removed from or are not subject to segregation are subject to special rules. For example, all transactions moved or copied from the segregated repository into more generally-accessible repositories must be "marked, tagged or otherwise identified" as having been formerly segregated. Further, for all multi-communication transactions acquired through the NSA's upstream collection, NSA analysts must make a series of determinations in order to use a single discrete communication within the larger internet transaction. These steps are as follows: the analyst must first determine whether the discrete communication sought is a wholly domestic communication. Where necessary, the analyst will perform checks to determine the locations of the sender and intended recipients. If the discrete communication that the analyst seeks to use is a wholly domestic communication, the entire transaction must be destroyed; if not, the analyst must go a further step and determine whether it is to, from or about a tasked selector. If the analyst determines that it is not, but that the discrete communication is "to or from an identifiable U.S. person or a person reasonably believed to be located in the U.S.," then the discrete communication may only be used to protect against an immediate threat to human life. The analyst must document this determination. If the analyst determines that the discrete communication is indeed to, from or about a tasked selector, the transaction must be handled according to the remaining minimization procedures.
Third, under the new minimization rules, the default retention period for Internet communications acquired by the NSA through its upstream collection has been shortened from five to two years.
The NSA's original minimization procedures were most problematic in that they tended toward the indiscriminate retention of information, rather than imposing robust requirements as to the identification and segregation of information not relevant to foreign intelligence. Judge Bates, however, finds that these three changes discussed above cumulatively adequately address the deficiencies identified in his October 3 opinion, and that the newly proposed minimization procedures meet the requirements of both 50 U.S.C. s 1801(h)(1) and the Fourth Amendment.
After a lengthy, redacted section, Judge Bates goes on to the problem of material collected under the old certifications using procedures the new certification has altered. He notes the government's claim that it not technically feasible for the NSA to apply the now-amended minimization procedures retroactively to those internet transactions it acquired under prior Section 702 certifications. The government "is now working" to appropriately amend those minimization procedures, he notes, and “the Court will review them” under FISA once the government submits its proposal.
That brings us to the final declassified FISC opinion, the one from nearly a year later, September 25 2012.