Metadata Used To Prevent Attacks: The Strategy

NSA Director General Keith Alexander testified before the House Committee on Intelligence and said that the NSA’s surveillance programs have provided “critical leads to help prevent over 50 potential terrorist events.” Metadata can indicate when a call, email, or online chat began and how long the communication lasted. Section 215 of the Patriot Act provides the legal authority to obtain “business records” from phone companies. Metadata  gives intelligence analysts a retrospective view of a sequence of events.  Once a terrorist suspect has been identified or once an attack has taken place, intelligence analysts can use powerful software to sift through metadata to determine which numbers, IP addresses, or individuals are associated with the suspect.  Phone numbers and IP addresses sometimes serve as a proxy for the general location of where the planning has taken place. Just by knowing  how many individuals are in a chat room, how many individuals have contacted a particular phone user, or how many individuals are on an email chain could serve as an indicator of how many terrorists are involved in a plot. Furthermore, knowing when a suspect communicates can help identify his patterns of behavior. In addition, metadata can help establish whether a suspect communicates sporadically or on a set pattern (e.g., making a call every Thursday at 2:30 p.m.). Any deviation from that pattern could indicate that the plan changed at a certain point; any phone number or email address used consistently and then not at all could indicate that a suspect has stopped communicating with an associate. Additionally, a rapid increase in communication could indicate that an attack is about to happen.

More importantly, metadata can provide all of this information without ever exposing the content of a phone call or email.