N.S.A. used phone records program to seek Iran operatives

WASHINGTON — The National Security Agency has used its bulk domestic phone records program to search for operatives from the government of Iran and “associated terrorist organizations” — not just Al Qaeda and its allies — according to a document obtained by The New York Times.

The document also shows that a February 2010 order from the Foreign Intelligence Surveillance Court for the program listed AT&T and Sprint as involved in it. A leaked 2013 court order for the program was addressed only to a Verizon subsidiary.

The inclusion of Iran and allied terrorist groups — presumably the Shiite group Hezbollah — and the confirmation of the names of other participating companies add new details to public understanding of the once-secret program. The Bush administration created the program to try to find hidden terrorist cells on domestic soil after the attacks of Sept. 11, 2001, and government officials have justified it by using Al Qaeda as an example.

The disclosure of the new details comes at a time of debates over a proposed agreement to drop sanctions against Iran in exchange for curbs on its nuclear program, and about N.S.A. surveillance and the role of American communications companies.

In June, Congress enacted a law that will ban the systematic collection of domestic phone records after November, and create a replacement program for analyzing links between callers in search of associates of terrorism suspects without the government’s keeping the bulk data.

The document disclosing new information about the program is an August 2010 letter from the Justice Department to Judge John Bates, then the presiding judge of the intelligence court. It was included in about 350 pages of N.S.A. inspector general reports about the program the government provided to The Times late on Tuesday in response to a Freedom of Information Act suit.

The letter, which alerted Judge Bates to an incident in which a court-imposed rule for the program had been violated, contained information the government usually redacts when declassifying such documents: the full name of the intelligence court order in place for the program at the time, which included the listing of Iran and the names of the companies. The release of the uncensored version of the letter was apparently a mistake.

The N.S.A. did not respond to a request for comment.

President George W. Bush originally directed the N.S.A. to begin systematically collecting Americans’ calling records in bulk based on a unilateral assertion of executive power. In 2006, the Justice Department persuaded the intelligence court to bless the program. It began issuing orders to phone companies to turn over their customers’ calling records.

Its orders were based on a secret interpretation of a provision of the U.S.A. Patriot Act, known as Section 215, which permits the F.B.I. to obtain business records deemed “relevant” to a national security investigation.

The theory, accepted by the intelligence court but rejected in a recent appeals court ruling, is that everyone’s records are relevant to investigations hunting for terrorists because analyzing indirect links between callers can, in theory, reveal hidden relationships and sleeper cells.

After praising the program as crucial to preventing terrorist attacks, intelligence agency officials now say that it has never thwarted one. But the program’s proponents argue that it is still a useful investigative tool.

The program became public in June 2013 after Edward J. Snowden, a former N.S.A. contractor, disclosed a trove of the agency’s classified documents. The first of those published was the 2013 intelligence court order to a Verizon subsidiary requiring it to turn over all its customers’ calling records.

Although the Obama administration declassified the existence of the bulk phone records program, it has declined to confirm which other phone companies participated in it and which groups it could be used to search for.

The letter does not make clear how often the N.S.A. has used the program to search for Iran or Iranian-linked terrorist organizations. It also says nothing further about the companies listed in the case name.

There has been wide speculation that AT&T, which maintains a large database of calling records, was a participant in the program. And last year, when the government declassified documents about an aborted challenge to the program by a phone company in late 2009, it redacted the firm’s name, but officials said it was Sprint.

The Justice Department letter confirms that both of those companies have been participants.

But the document also contained a surprise. In addition to listing subsidiaries of Verizon Communications, the document lists Verizon Wireless, which was then a partnership with the British firm Vodafone.

The inclusion of Verizon Wireless was striking. In June 2013, The Wall Street Journal reported that Verizon Wireless and T-Mobile had not been part of the classified program because of their foreign ownership stakes. In 2014, The Journal, The Washington Post and The Times each reported, citing intelligence officials, that for technical reasons, the program consisted mostly of landline phone records.

However, it is not clear whether the inclusion of Verizon Wireless in the name of the court order means it was turning over customer records after all.

Ed McFadden, a Verizon spokesman, said he was not permitted to say whether that was the case. But he said that as a general matter, it has been the government’s practice to use broad language covering all of Verizon’s entities in headings of such court orders because it has a complex corporate structure, regardless of whether any specific part was required to provide information under that order.

Most of the inspector general reports, unlike the letter, contained redactions. They showed that the inspector general in 2006, shortly after the pre-existing program came under the intelligence court’s rules, called for greater procedural safeguards to make sure that the new rules were followed.

There were no reports included in the documents from 2007 to 2009, when it came to light internally that the N.S.A. had been accessing the call records in a way that systematically violated the court’s rules. In late 2009, the intelligence court stopped letting the N.S.A. access the bulk data for operational purposes while it built a new system and tested it. There were many reports from 2010 and 2011, when the court ordered the inspector general to conduct a series of audits.

One document also reveals a new nugget that fills in a timeline about surveillance: a key date for a companion N.S.A. program that collected records about Americans’ emails and other Internet communications in bulk. The N.S.A. ended that program in 2011 and declassified its existence after the Snowden disclosures.

In 2009, the N.S.A. realized that there were problems with the Internet records program as well and turned it off. It then later obtained Judge Bates’s permission to turn it back on and expand it.

When the government declassified his ruling permitting the program to resume, the date was redacted. The report says it happened in July 2010.

This article was written by Charlie Savage for The New York Times on Aug. 12, 2015. Charlie Savage is a Washington correspondent for The New York Times. He is known for his work on presidential power and national security legal policy matters.