The National Security Agency's mass surveillance of telephone metadata could yield detailed information about the private lives of individuals far beyond what the federal government claims, according to new Stanford research.

Stanford computer science student and CISAC cybersecurity fellow Jonathan Mayer and a fellow CS student, Patrick Mutchler, were able to acquire detailed information about people's lives just from telephone metadata: the phone number of the caller and recipient, the particular serial number of the phones involved, the time and duration of calls and possibly the location of each person when the call occurred.

The researchers did not do any illegal snooping – they worked with the phone records of 546 volunteers, matching phone numbers against the public Yelp and Google Places directories to see who was being called.

From the phone numbers, it was possible to determine that 57 percent of the volunteers made at least one medical call. Forty percent made a call related to financial services.

The volunteers called 33,688 unique numbers; 6,107 of those numbers, or 18 percent, were isolated to a particular identity.

Privacy issues

The metadata issue has taken on urgency in the wake of last summer's revelations about surveillance of American citizens by the NSA. Privacy experts have questioned the federal government's assertions on the subject.

President Obama has said, "They are not looking at people's names, and they're not looking at content."

Jonathan Mayer talks to Hari Sreenivasan on PBS Newshour in this video: 

Computer scientists such as Mayer say metadata are extremely sensitive and revealing.

They contend their research shows that metadata from phone calls can yield a wealth of detail about family, political, professional, religious and sexual associations.

"It would be no technical challenge to scale these identifications to a larger population," said Mayer.

At the outset, Mayer said, they asked, "Is it easy to draw sensitive inferences from phone metadata? How often do people conduct sensitive matters by phone? We turned to our crowdsourced MetaPhone dataset for empirical answers."

They crowdsourced the data using an Android application and conducted an analysis of individual calls made by the volunteers to sensitive numbers, connecting the patterns of calls to emphasize the detail available in telephone metadata, Mayer said.

"A pattern of calls will, of course, reveal more than individual call records," he said. "In our analysis, we identified a number of patterns that were highly indicative of sensitive activities or traits."

For example, one participant called several local neurology groups, a specialty pharmacy, a rare-condition management service, and a pharmaceutical hotline used for multiple sclerosis.

Another contacted a home improvement store, locksmiths, a hydroponics dealer and a head shop.

'Unambiguously sensitive'

The researchers initially shared the same hypothesis as their computer science colleagues, Mayer said. They did not anticipate finding much evidence one way or the other.

"We were wrong. Phone metadata is unambiguously sensitive, even over a small sample and short time window. We were able to infer medical conditions, firearm ownership and more, using solely phone metadata," he said.

All three branches of the federal government are now considering curbs on access to telephone metadata, Mayer noted. Consumer privacy concerns are also salient as the Federal Communications Commission assesses telecom data sharing practices, he added.

U.S. Sen. Dianne Feinstein is alleging the CIA may have violated the U.S. Constitution by spying on the staff of the Senate Intelligence Committee.

Feinstein, D-Calif., who chairs the committee and has been a longtime supporter of the CIA and other intelligence agencies, made a dramatic speech on the floor of the U.S. Senate, accusing the CIA of possible criminal activity in its attempts to obstruct the committee’s investigation into the agency’s use of torture in the aftermath of the 9/11 terrorist attacks.

CIA Director John Brennan has dismissed the charges as “beyond the scope of reason” and insists the CIA has broken no laws.

CISAC Co-Director Amy Zegart, an intelligence expert, tells Politico: “This is the most serious feud since the Intelligence committees were established."

Zegart, a former National Security Council staffer, answers questions about the dispute: 

Brennan said Feinstein's accusations of the CIA possibly violating the U.S. Constitution are "beyond the scope of reason." What's going on between these two?

This is a longstanding and before-now private, bitter fight over how the Senate Intelligence Committee is investigating the CIA's past detention and interrogation programs. The current controversy is about whether congressional staff illegally acquired CIA documents during the course of their investigation and whether the CIA illegally spied on those congressional staffers.

But the deeper fight is really about how history will record and judge the Bush administration's detention and interrogation policies. It's a complex battle that is tinged with politics. The Senate investigation began years ago as a bipartisan effort to examine these policies and their efficacy. Eventually, though, Republican members of the committee felt they could no longer participate. So we're now in a bizarre world where Democratic senators on the Intelligence Committee are feuding with a Democratic administration about investigating controversial policies practices that occurred under a Republican predecessor.

Feinstein calls the crisis a defining moment for the agency. Is it?

This is an extraordinary moment for CIA-congressional relations and the worst feud since the Church Committee investigation of CIA abuses in the 1970s. Oversight is always a delicate dance between intelligence officials who believe strongly in the importance of secrecy for carrying out their mission and lawmakers who believe strongly in the value of transparency to maintain the public trust. Intelligence officials never freely volunteer details of their agencies' activities. It's Congress's job to probe, to ask tough questions and demand good answers. 

But this is different than the usual tension between intelligence overseers and agencies. Feinstein isn't accusing the CIA of stonewalling or not telling the full truth. She is accusing the agency of spying on and intimidating her staff. That's totally out of bounds. For Feinstein, this conflict is Constitutional – raising serious questions about separation of powers and Congress's ability to check the executive's most powerful agencies. It is institutional, calling into question the role of her committee in particular. And it is personal. She is claiming that her own staff has been referred to the Justice Department for possible criminal prosecution.

How serious is this for CIA Director Brennan, who vehemently denies the accusations and says no computers were hacked. 

The CIA is in big-time trouble. We may never know what actually happened in a basement room in Virginia where congressional staffers were reading millions of pages of CIA documents on computers. What matters more now is the political narrative. Ever since Edward Snowden – the former contractor for the National Security Agency – started releasing documents last June, the political narrative has been that U.S. intelligence agencies spy on and lie to just about everyone.

Much of this narrative is woefully distorted and just plain wrong. NSA is not out there listening to your calls with grandma. And there is still no evidence that NSA programs violated the law. But the narrative of distrust is powerful. Which is why Sen. Feinstein's charges against the CIA -- coming from one of the intelligence community's biggest defenders -- is so devastating.

Calling cybercrimes “the threat of the future,” former FBI Director Robert Mueller said federal investigators and businesses need to share information collected online in order to find and thwart hackers trying to disrupt Web-based networks.

“The intelligence that can be and is being collected by the private sector has to be made available in some way, shape or form to the federal government,” Mueller said.  “And that which we pick up has to be made available to the private sector. If we do not get that kind of collaboration, we will replicate what we had before 9/11 when we had stovepipes and inadequate ways of sharing information.”

Mueller – who took over the FBI a week before the Sept. 11 terrorist attacks and left the job two months ago – made his comments Friday while delivering the Payne lecture at Stanford.

“Terrorism remains today our primary threat,” Mueller said. “But tomorrow, it will probably be cyber and its various iterations.”

He said cybercrimes present a new challenge to law enforcement agencies because perpetrators are often anonymous and their motives are not always clear.

A hacker could be associated with a terrorist organization, an activist group or “an 18-year-old in his garage here in Silicon Valley who has the talent and capability and wants to make a point.”

And if the bad guy can’t be easily fingered, it’s difficult to know who should investigate the crime – the FBI, CIA, NSA or another agency. In order to pool federal resources, Mueller said a task force composed of 18 agencies works to examine cyber threats.

But their efforts to safeguard online financial, government, corporate and educational systems will go only so far without the expertise, knowledge and information gathered by Internet service providers.

“It is going to be the relationships with the private sector that are going to be absolutely critical to any success we can have in addressing cyber attacks,” he said.

Mueller’s lecture capped his weeklong visit at Stanford. He was invited by the Freeman Spogli Institute for International Studies and Stanford Law School to spend the academic year as a consulting professor and as the Payne Distinguished Lecturer.

The Payne Lectureship is named for Frank E. Payne and Arthur W. Payne, brothers who gained an appreciation for global problems through their international business operations. The position is given to someone with an international reputation as a leader, with an emphasis on visionary thinking; a broad, practical grasp of a given field; and the capacity to clearly articulate an important perspective on the global community and its challenges.

FSI Director Mariano-Florentino Cuéllar called Mueller a “perfect fit for Stanford.”

“His career embodies what I take to be the ethos of this university –practical yet principled; sensitive to complexity but also to the value of clarity and focus,” Cuéllar said.

Mueller will make several visits to Stanford during the year, spending his time working with FSI and law school scholars to develop research agendas on emerging issues in international security. He will hold graduate seminars and deliver a major lecture at the law school and work with students and fellows at the Haas Center, the law school and the Graduate School of Business. He will also mentor honors students at FSI’s Center for International Security and Cooperation and Center on Democracy, Development, and the Rule of Law.

As the FBI’s longest-serving director after J. Edgar Hoover, Mueller presided over some of the most drastic changes in the agency’s history.

The Sept. 11 attacks forced the FBI to change its priorities, placing the hunt for global terrorists at the top if its list. The counterterrorism and counterintelligence missions meant hiring more analysts and replacing the FBI’s more traditional targeting of mobsters, murderers and white-collar criminals.

Recalling his first briefing to George W. Bush after the terrorist attacks, Mueller said he began by telling the president what his agents were doing to investigate. He had been on the job for about a week, and started giving a rundown of command centers that were set up, evidence that was being collected and interviews being conducted.

“I’m about two or three minutes into it and President Bush stops me and says, `Bob, that’s all well and good,’” Mueller said. “That’s what the FBI has been doing for the hundred years of its existence. My question to you is: What is FBI doing to prevent the next terrorist attack?”

The question stumped the new director.

“I had not prepared for that question,” he said.

And it’s a question he answered continuously during the Bush and Obama administrations, and one that led to his reorganization of the FBI.

“Over those 12 years, the question has not changed,” Mueller said. “The question from both of the presidents to the FBI, to the CIA, to the community when it comes to counterterrorism is: What have you done to prevent the next terrorist attack?”

Two of CISAC's scholars, William J. Perry and Jeremy Weinstein, received honors in recognition of their groundbreaking work in international affairs.

Paying homage to William J. Perry's lifetime commitment to national security, the National Defense University renamed its Center for Hemispheric Defense Studies the William J. Perry Center for Hemispheric Defense Studies in a ceremony with U.S. Deputy Secretary of Defense Dr. Ashton Carter and Acting Perry Center Director Ken LaPlante.

At a meeting of regional defense ministers in 1996, then-U.S. Secretary of Defense William J. Perry proposed the establishment of a center where civilian and military leaders in the Western Hemisphere could collaborate on defense and international security. Today, the Perry Center is the pre-eminent academic institution for defense and security issues affecting the Americas. Perry is the Michael and Barbara Berberian Professor (emeritus) at FSI and a CISAC faculty member.

Professor Jeremy M. Weinstein received the prestigious Karl Deutsch Award from the International Studies Association, following in the foosteps of four other CISAC scholars who have received the award. The ISA recognizes scholars younger than 40 - or within 10 years of defending their dissertation - who have made the most significant contributions to the study of international relations and peace.

Weinstein, former Director for Development and Democracy on the National Security Council staff at the White House, is a leading international scholar in the study of civil war, political violence, international political economy and democracy. He is an associate professor of political science and a CISAC affiliated faculty member. 

In an homage to William J. Perry's lifetime commitment to national security, the National Defense University has renamed its Center for Hemispheric Defense Studies the William J. Perry Center for Hemispheric Defense Studies. U.S. Deputy Secretary of Defense Dr. Ashton Carter and Acting Perry Center Director Ken LaPlante gave remarks.

At a meeting of regional defense ministers in 1996, U.S. Secretary of Defense William J. Perry proposed creating a center where civilian and military leaders in the Western Hemisphere could collaborate on defense and international security issues. Today, the Perry Center is the pre-eminent academic institution for defense and security issues affecting the Americas.

The Stanford Law School celebrated CISAC Co-Director Tino Cuéllar’s new book, Governing Security: The Hidden Origins of American Security Agencies, which was recently published by Stanford University Press.

“I love a book party because we’re all devoted to the advancement of knowledge, but we all know it’s really hard to do and it’s not always appreciated when we do it,” Stanford Law School Dean Mary Elizabeth Magill told a gathering of law faculty to honor the book by Cuéllar, a law professor who also will be the next director of CISAC’s umbrella organization, the Freeman Spogli Institute for International Studies. The law faculty were also honoring law professor Michele Landis Dauber’s new book, “The Sympathetic State: Disaster Relief and the Origins of the American Welfare State.”

Cuéllar’s book explores the history of two major federal agencies: the Roosevelt-era Federal Security Agency – today the Department of Health and Human Services – and the Department of Homeland Security, established in the wake of the 9/11 terrorist attacks. Through the stories of both agencies, Cuéllar shows how Americans often end up choosing security goals through overlapping ambitions and conflicts over agency autonomy, presidential power and gut reactions to national security crises.

“More than other academic monographs which tend to be dry, impersonal affairs, I could see the person behind the prose in this book,” David Engstrom, an assistant law professor, told the gathering. “In the introduction, Tino crafts a beautiful metaphor by noting how easy it is to stand just to the north of the United States-Mexico border and to think that it’s somehow timeless, and to forget that it was state action that made that border such a consequential part of the social world for so many people. Now as you read, you soon realize that this book really isn’t about nation-state borders, in that sense, but rather about the border between domestic policy and national security and about the boundaries between public agencies.

“But then you also realize,” Engstrom continued, “Who better than Tino, who grew up along that U.S.-Mexico border, first to see and then to show us how seemingly arbitrary borders and boundaries can, through administrative action, become so consequential.”