NPR logo

Homeland Security in the Digital Age

  • Download
  • <iframe src="" width="100%" height="290" frameborder="0" scrolling="no" title="NPR embedded audio player">
  • Transcript
Homeland Security in the Digital Age

Homeland Security in the Digital Age

  • Download
  • <iframe src="" width="100%" height="290" frameborder="0" scrolling="no" title="NPR embedded audio player">
  • Transcript


This is TALK OF THE NATION. I'm Neal Conan in Washington.

On Sunday, President Bush again defended his administration's use of electronic surveillance on Americans without court approval. The president maintained that the program is critical to detect terrorist attacks before they happen, that it only tracks people with known links to al-Qaeda, and only intercepts messages where one end of the conversation is overseas. The New York Times report on the program generated enormous controversy. Later this month, the Senate Judiciary Committee is expected to hold hearings on the legality of this program and the Justice Department has started an investigation into the source of the leak. But it's also hard to figure out exactly what is going on. The program does have a code name, for example, but it's secret. Since the story broke last month, many suspect the program is actually far broader than what the White House described. A follow-up story in The Times reported that the National Security Agency has been working with telecommunications companies to sweep up vast amounts of telephone and Internet traffic, not to track individual calls or e-mails, but to search for patterns of suspicious behavior in a technique called data mining.

Later in the program, an investigation into congressional corruption gains a star witness as lobbyist Jack Abramoff pleads guilty and agrees to cooperate with prosecutors.

But first, the technology of electronic espionage. If you have questions about what the NSA is doing, how they're doing it or how the information is being used, give us a call. Our number here in Washington is (800) 989-8255. That's (800) 989-TALK. The e-mail address is

And we begin with Timothy Naftali, an intelligence historian at the University of Virginia's Miller Center of Public Affairs. He's the author of "Blind Spot: The Secret History of American Counterterrorism" and he's with us here in Studio 3A.

Nice to have you on TALK OF THE NATION.

Mr. TIMOTHY NAFTALI (University of Virginia Miller Center of Public Affairs): Nice to be here, Neal.

CONAN: First of all, I mean, what do we actually know for sure about what the NSA is doing?

Mr. NAFTALI: Well, we know what we've been able to read in The Times, and The Times has itself mentioned that it hasn't reported everything that it knows. Initially it looked as if the NSA was undertaking, without warrants, the surveillance of approximately 500 people at any given time, 500 calls or e-mail addresses. But as the story broke, it became apparent that as part of this program, the NSA was engaging in data mining.

Now this is something that the NSA has been thinking about doing for some time. In December of 2000, the NSA produced for the incoming Bush administration a transition document that laid out some of the policy implications of the new technology. Now this document--it's actually online now and declassified--but it lays out some of the capabilities that the NSA needs or feels it needs to have in order to do the monitoring required for national security. It doesn't mention data mining, but it says it has to be live on the Web. It has to have a way of screening and straining and filtering all of the electronic communications on broadband and wireless.

Data mining involves looking for suspicious patterns, whether it's the length of a call, the address of an e-mail, words in the particular e-mail or in the particular call, and the only way you can data mine is by going through millions of bytes of information. It's--we're talking about a vacuum cleaner approach to information in order to find suspicious activity.

Now the deputy director of national intelligence, who was, until recently, the director at the NSA, says that there's a subtly softer trigger to begin monitoring. No one has said, and NSA of course is not going on record about this, what trigger would be required to begin monitoring, but it looks as if the computer is, with the help of computer engineers, developing a sense of suspicious patterns and then following along these leads.

Now this must produce thousands of false-positives. One can imagine the number of calls or e-mails that might be considered suspicious although they're absolutely innocent.

CONAN: So this is effectively--get into more of it, but this is a gigantic fishing expedition. They're not looking for specific names. They're looking for suspicious behavior.

Mr. NAFTALI: They're looking for suspicious behavior. One of the real clues to just the scope of this operation came from Jay Rockefeller, Senator Rockefeller's letter that he wrote to Vice President Cheney in 2003. He actually released this letter after the initial New York Times story by Eric Lichtblau and Jason Risen. And in that letter, Rockefeller, who was briefed as the ranking member of the Senate Intelligence Committee in 2003, he says, `This sounds to me like TIAP, Total Information Awareness program,' which was indeed a massive attempt to glean terrorist, counterterrorist information by going through the Web.

CONAN: And there is, of course, another famous data mining operation that has come to light since, and that is Able Danger, the program that some say was able to identify Mohamed Atta as a terrorist before 9/11.

Mr. NAFTALI: In fact, my co-author in this piece in Slate, Shane Harris, wrote a wonderful piece for the National Journal about Able Danger, and the reason why Able Danger was shut down was that the Army intelligence officers working said, `Oh my goodness, this is a data mining operation. We've got all of these domestic hits. We're gonna get in trouble if we keep doing this.'

CONAN: Mm-hmm. Here's an e-mail question we have from David in California: `Is the NSA dealing with VoIP'--that's voice-over Internet protocol--`peer-to-peer systems such as skype? Skype is encrypted. Also, how do they deal with encrypted e-mail? PGP'--for encrypting e-mail, a program--`is readily available,' he points out.

Mr. NAFTALI: Well, I don't know the details, but my assumption is yes. One of the challenges for the NSA, of course, is that criminals, terrorists also have security--communications security personnel working for them, and I assume it's a game of, you know, who can break whose encryption first.

CONAN: Mm-hmm. Let me ask you a broader question about this whole area of technology. Obviously communications has undergone a digital revolution in the past 10 or 15 years. So much of communications now is not analog, you know, phone calls, but this digitized information streams that don't go through the old circuits that we're accustomed to.

Mr. NAFTALI: This is absolutely--this is very important to understand. Back in World War II, the British introduced the United States to a--their theory of monitoring suspicious behavior and they called it the channels approach, and basically what it involved was tapping all telegraph communications, controlling all air mail to the extent you could. And they could, because planes that would fly across transcontinental--or planes that would fly across the Atlantic would have to stop despite the fact Lindbergh had done it without stopping, they didn't, and so when they would stop--they would stop at Bermuda or if they were going to South America they'd stop in Trinidad, and there British intelligence would break into the plane and go through all the air mail.

Well, what the British were saying to the Americans was what you have to do is you have to intercept traffic. Well, it's much more complicated now because in a world where most of your communications is going by broadband or less and less is going by satellite or microwave, it's much harder for the NSA to have physical access to these communications without the cooperation of private enterprise. And I think the very interesting aspect of this story is the extent to which the private sector has assisted the NSA in this program, because the NSA has had to get access to their switches.

CONAN: Again, we don't know what's going on, but is it reasonable to conclude that this data mining developed information about these other hundreds of calls that we believe that the administration was going after?

Mr. NAFTALI: Well, the way this information came out, it--no one's been able to bring it together to know exactly the relationship between the 500 calls or e-mails that are being surveyed, monitored at any given time, and the data mining operation. It appears that this is a two-step process. First there's data mining, which is a fishing expedition based on certain protocols and some inputs from intelligence services. That must lead to a smaller number of hits which do not for one reason or another appear to the NSA to rise to the level of something that could be--could achieve a FISA warrant, and those then are monitored without warrant.

CONAN: A FISA warrant. That's a Federal Intelligence Security court that's been set up specifically to do that, but you need probable cause to do that, and...

Mr. NAFTALI: And...

CONAN: ...they may not have probable cause.

Mr. NAFTALI: No, you know, this is the part--look, there are so many aspects of this issue that are absolutely inscrutable at the moment. Not only the technical issues that the first caller raise, but also the reason why it was believed that you could not use the FISA, which is the Foreign Intelligence Surveillance Act, for these probable hits, because under the FISA, except where it's a matter of First Amendment rights, you don't need the name of a person, you don't need an identity. You can go after an e-mail address or you can go after a telephone number. My sense is that the data mining operation produces so many hits that the government decided, `Well, we just don't want to have a lawyer standing beside the NSA. We want the NSA to do what it has to do fast.' And that's why they've gone ahead with this program which is illegal.

CONAN: Well, legality will be discussed at the Judiciary Committee hearings, and there are those, as you know, who argue that it is perfectly legal, among them the president of the United States, so we'll leave that question open for now.

Let's get a listener on the line. This is Kathleen. Kathleen's calling us from Athens, Ohio.

KATHLEEN (Caller): Yeah. Hi. Thanks for taking my call.

CONAN: Sure.

KATHLEEN: Are there any other countries that we're aware of that are doing data mining and then sharing the information that they are gathering possibly through this data mining with the US? I'd read some about Amdox, an Israeli-based communications company that has the ability to data mine US communications system. So again, are there any countries sharing data mining?

Mr. NAFTALI: That's a fabulous question. There is actually a tradition of that, not necessarily in data mining. In 1940, before the--before Pearl Harbor, obviously, the United States government couldn't legally open American mail, but the British could, or they could illegally, and what they was they opened all US foreign mail which went via Trinidad and Bermuda and shared it with the FBI. I don't know, but I--don't know for a fact, but I can say that the Echelon program suggests that this kind of cooperation has existed before.

CONAN: Timothy. Thanks, Kathleen, for the call.

KATHLEEN: Thank you.

CONAN: And, Timothy Naftali, thank you for joining us today. We appreciate it.

Timothy Naftali, an intelligence historian at the University of Virginia's Miller Center of Public Affairs, author of "Blind Spot: The Secret History of American Counterterrorism."

We're gonna take a short break. When we come back, we'll be joined by James Bamford, who's written a couple of histories of the NSA, and take more of your calls: (800) 989-8255. What is data mining? I'm Neal Conan. It's the TALK OF THE NATION from NPR News.

(Soundbite of music)

CONAN: This is TALK OF THE NATION. I'm Neal Conan in Washington.

We're talking today about the technology of electronic espionage and how the NSA's ability to conduct surveillance has changed. If you have questions about what they're doing and how they do it, give us a call, (800) 989-8255, or send us an e-mail,

Joining us now is James Bamford, author of "Body of Secrets: Anatomy of the Ultra-Secret National Security Agency," and earlier "The Puzzle Palace: Inside the NSA." He's here with us here in Studio 3A.

Jim, nice to see you again.

Mr. JAMES BAMFORD (Author, "Body of Secrets"): Good seeing you, Neal.

CONAN: You've written the NSA has virtually the ability to get inside a person's mind. What did you mean by that?

Mr. BAMFORD: Well, when the Foreign Intelligence Surveillance Court was set up to prevent previous abuses by the Nixon administration, when Nixon administration tried to use--do basically the same thing, turn NSA's big ear inward on American public, the NSA only had a small capability of really getting into people's lives at that point, because all it could do was listen to telephone hard lines and an occasional telegram that somebody would send, which was fairly rare.

But today virtually everything a person thinks a person puts in the form of an electronic communications to some degree, either an e-mail at work, an e-mail at home, e-mail to friends, data transfers like bank transfers, medical records, cell phones as you're driving down the street or entering information into a BlackBerry as you're walking into an office. So there's this constant stream of information about a person going out in the form of electrons, and that's the problem you have now is that you have an agency that has the capability of eavesdropping on all that information.

And when NSA was set up, it was set up to focus entirely externally at foreign countries because just like using the Marines, we don't use the Marines to attack people in the United States. We have police and FBI and we use the Marines to launch attacks against enemies overseas. So the NSA was supposed to be used externally. It turned out that the Nixon administration illegally turned NSA inward and began eavesdropping on American citizens, and that's why they set up this buffer between the NSA and the American public known as the Foreign Intelligence Surveillance Court. So neither a president nor a director of NSA could arbitrarily or unilaterally make a decision to eavesdrop on Americans. There has to be this federal district court judge with a large list of clearances that would do it.

CONAN: But as Tim Naftali was telling us before the break, obviously technology has changed quite a bit since the Nixon administration.

Mr. BAMFORD: Oh, that's what I was just saying. It's changed a great deal in terms of what the capability is, but in terms of the law, the Foreign Intelligence Surveillance Act was fairly clear. It's--the law is...

CONAN: But--yeah. Well, the law for another day.


CONAN: We'll get back to that when the Judiciary Committee gets into this. But let's focus on the technology and this idea of data mining and, you know, again, what kinds of patterns do you think they're looking for?

Mr. BAMFORD: Well, that's the biggest threat right now is the fact that you've got these two technologies. You've got NSA's technology--and just to give you a little idea of NSA's technology, an average listening post--and they have listening posts around the world. There's a very big one in central England. There's one in West Virginia. There's one in the state of Washington. And these listening posts will bring in about a million communications per half-hour. Now there's filters in these satellites and also in the computers and so forth that will eliminate all but about 6,000 of those one million communications per half-hour. And people in the listening post itself by tweaking the systems will drop that number down to about a thousand per half-hour.

Now those thousand would then be sent to NSA. An NSA analyst would then put it through further analysis, and on an average there may be one message at the most that will come out of that one batch that started out being a million communications, because you've got to bring it all down small enough to be able to get bandwidth enough to send it to NSA, and then you've got to get it down small enough so that you actually get human beings that can actually read it or listen to it and make a determination.

CONAN: And figure out why it's important.

Mr. BAMFORD: Exactly.

CONAN: I mean, obviously there can be all these coded communications of all kinds, including, you know, if I send you a message, you know, `the flowers are in bloom along the River Seine,' who knows what it means?

Mr. BAMFORD: Exactly, mm-hmm.

CONAN: Yeah. Let's get some more listeners on the line. If you'd like to join us, (800) 989-8255, (800) 989-TALK. E-mail is

And let's begin with Ray, Ray calling from San Francisco.

RAY (Caller): Hey, good morning. James Bamford, can you comment on how much of what we hear referred to in the news as domestic surveillance endeavors is actually the continuance of long-term counterespionage aimed at uncovering leads within the agencies?

Mr. BAMFORD: It's hard to say. They do do a lot of eavesdropping--it's, I guess, fairly legal--on government communications itself. There--I remember seeing a telephone directory at one time, a Pentagon telephone directory, and in one of the very first pages it says, `Warning, your conversations may be overheard.' So there is probably a fair amount of eavesdropping on government communications itself, and that is somewhat excluded from, I think, the FISA act. It's...

CONAN: Would that be done by NSA or by the FBI?

Mr. BAMFORD: Traditionally it was done by--if it was the military it was done by the NSA. It was actually military people assigned to the NSA that would do that, and it was called COMSEC, communications security, and I assume it's still going on.

CONAN: Ray, good question. Thank you.

Here's an e-mail question we got from Matt in Mankato, Minnesota: `Is there or could there be a system set up to monitor all e-mail or phone conversations leaving this country for certain keywords--bomb, bin Laden, etc.--and upon hearing or reading those words the communication is automatically recorded?'

Mr. BAMFORD: That is pretty much the way it does work. It's interesting because in order to find what you're looking for, you have to intercept the entire stream. Say it's communications coming into the country, that's information that comes down from a communications satellite over the Atlantic, for example, and will go to this giant ground station in Etam, West Virginia. That's the--AT&T's downlink for all those communications. And when this communication comes down, it's a very large what they call footprint. In other words, you can pick up those signals, not just in that one little spot, but miles away, and NSA has its enormous eavesdropping station just 50 miles away in Sugar Grove, West Virginia, and that's what it does. It pulls in all of that same communications, but it filters it through computers that are loaded with people's names, people's telephone numbers, keywords, and those that are loaded in, if a communication's come through with James Bamford or with my telephone number or keywords they're looking for, will be kicked out. It's much easier if you're dealing with data communications such as e-mail. It's much more difficult if you're dealing with telephone numbers. It's mostly--or if you're dealing with telephone calls, it's mostly telephone numbers and not actually words spoken.

CONAN: And cell phones as well as regular land lines?

Mr. BAMFORD: Sure, cell phones also. It all--it'll come down--if you're talking about international communications, it's all coming down from this satellite. Now according to The New York Times article, they've also gotten access to key switches, and what that, to me, implies is that it was no problem picking up the information coming down from a satellite. It just comes down like rain and you just pick it up with a large dish. More difficult communications is that that comes through an undersea cable, and that's actually where more communications are being transmitted these days, or fiberoptic...

CONAN: Cables, yeah.

Mr. BAMFORD: ...transoceanic cables. And if the NSA has access to what they call a cable head--that's where it actually comes in--then they have access to all that information, also. So it's mammoth surveillance and that's what NSA is designed to do. It's the largest intelligence agency in the world, and its only function, its one function pretty much is eavesdropping on communications, breaking codes and making codes.

CONAN: Let's get another caller in, Aaron. Aaron's calling from Ann Arbor.

AARON (Caller): Hi. Yes. I'm wondering about the private sector's role in all this, because I keep hear--I've heard it a couple times mentioned in terms of that some of this stuff, they couldn't do it without private sector access, and I'm wondering--I'm partially wondering in terms of, you know, can--how much data mining could the private sector itself engage in, and--I mean, I'm just curious about the private sector's involvement in all this. I mean, is it to the--I don't--from what I understand, you couldn't just--it's not like sending a spy out to watch somebody in a public park kind of thing.


Mr. BAMFORD: No, there has to be a great deal of private sector involvement here, and my last book, "A Pretext for War," I wrote a fair amount about how NSA and the CIA is becoming enormously outsourced to private companies. Half of the CIA now is made up of private contractors. So there's this merger that hadn't really happened until really the last half-dozen years where the intelligence community is becoming largely merged with the private sector, and there is almost no difference. So getting access to these--to the data, to your telephone records, to your computer records, your e-mail records and things like credit card records, all that requires some access to private corporations, and according to what I've been reading, they've been getting a great deal of cooperation from these companies.

CONAN: Aaron, thanks very much.

You mentioned private companies and data mining. Well, joining us now is Paul Bradley, principal of data mining technology at Apollo Data Technology. He joins us from the studios of KUOW in Seattle.

Nice of you to be with us on TALK OF THE NATION.

Mr. PAUL BRADLEY (Apollo Data Technology): Thank you, Neal.

CONAN: Give us--as somebody who does it, give us an idea of how data mining works a little bit.

Mr. BRADLEY: It's similar to what the other guests have said. Data mining consists of a set of processes and computerized tools to extract patterns, trends and correlations that exist in the data set. These processes and tools have come from work done over the past 20-plus years in primarily three sub-areas of computer science and statistics. Those are the database field, machine learning and artificial intelligence.

CONAN: Mm-hmm.

Mr. BRADLEY: Once--oh, pardon me.

CONAN: No, I was just gonna say, machine learning and artificial intelligence are two pretty immense fields.

Mr. BRADLEY: Yeah. And--exactly. These--the patterns and trends that are extracted by these tools tend to be mathematical or statistical models which are summarizing correlations in other relationships that may exist in the data, and the value that these provide to an analyst or an organization is in providing them with information that they previously may not have known was there or correlations that they didn't know existed. And then also could utilize these patterns and trends to predict what would happen in the future, say, if a certain event was likely to occur or not.

CONAN: Give us a for instance.

Mr. BRADLEY: For instance, if I go to a bookstore and walk in and I look at a couple data mining books and I buy one, my likelihood of buying, say, another math book or statistics book tends to be higher, so the event being, you know, buying a similar book.

CONAN: So this...

Mr. BRADLEY: And this is the tech--oh...

CONAN: This sounds like a more complicated version of what, you know, Amazon does.

Mr. BRADLEY: It's very similar to--or data mining technology is used in what Amazon does to analyze the sales data, and based upon what product people are buying and the similarity among sets of products people buy, recommending other books or products to people.

CONAN: So this is being more and more used in everyday life?

Mr. BRADLEY: Absolutely. You see it from, like you mentioned, Amazon. A number of e-commerce sites do product recommendations. Data mining is being used in telecommunications. A number of marketing efforts by large companies are driven by knowledge and based upon the patterns extracted from customer data and similar types of applications.

CONAN: We're talking about data mining and its relationship to electronic warrantless searches. You're listening to TALK OF THE NATION from NPR news.

And, Paul Bradley, let me ask you just a second about the use of this information. You've got a whole bunch of data and obviously the more data, the better for establishing patterns in searches and that sort of thing.

Mr. BRADLEY: Sure.

CONAN: Do you know what profile you're looking for ahead of time, or do you use the computer to develop a profile based on the data?

Mr. BRADLEY: Excellent, excellent question. There are two general types of approaches. One is more of an exploratory data analysis approach where you might not have a specific goal or event that you want to identify in the data. You want to see how the data might naturally group together, some properties of certain groups of data, things like that. So in that sense it's more of learning about what is in the data and then working with people who are knowledgeable about the data and how it's collected to see if a lightbulb pops in their head, see if they get interested in something.

Another type of technology called predictive modeling is used to--when you can identify an event of interest, you can show a computer examples of that event and also examples of that event not occurring, and these statistical methods will learn the patterns and trends which help predict whether the event may occur or may not occur.

CONAN: And what does Apollo Data Technology use this stuff for?

Mr. BRADLEY: We primarily provide data mining as a service to our clients which tend to be national retailers, telecommunications companies and high technology companies to help them better market to their customers, help them to better understand some of the internal processes that the company has based upon data that is collected.

CONAN: Well, thanks very much. It's interesting. Paul Bradley, principal of data-mining technology at Apollo Data Technology, joined us from KUOW in Seattle. Thanks for being with us.

Mr. BRADLEY: Thank you.


Let's get another caller on the line. And this is Christian. Christian in Ann Arbor, Michigan.

CHRISTIAN (Caller): Yes, hi. Thank you very much for taking my call. You know, as a member of a generation that has really taken information for granted, you know, I think a lot of people my age are worried about, you know, people significantly older than us setting policy. One of the tools that young people have used now for several years is instant messaging. And I think it would be interesting for us to know, you know, how does the government look into instant messaging? Obviously, you know, young people have a lot to say. I think we're becoming more and more cynical. So, yeah, I think it would be interesting to know.

CONAN: Is instant messaging just as vulnerable as e-mail or phone calls, James Bamford?

Mr. BAMFORD: Oh, sure. Yeah. All the new technologies--if there's a new technology out there, you can rest assured that the NSA has been looking into it at least five years before you've ever heard of it, Wi-Fi, all this. And what makes it interesting is the technologies come and NSA is pretty much ready for the technologies, but then the protections--the encryption or the spyware, that kind of thing--follows later. And so there's this gap of time between a technology being developed, like Wi-Fi or whatever, and--which is, you know, being able to basically take your computer out and use a hot spot where there happens to be a signal.

CONAN: So...

CHRISTIAN: Can I ask one more question?

CONAN: If you keep it very, very quick.

CHRISTIAN: OK, sure. Yeah, on college campuses, you know, we have a lot of message boards and things like that, and I know that there have been, you know, some now investigations, like, I don't know, reading clubs. You know, are they looking closely into that or...

CONAN: Not as far as we know. I'm just going to leave it there, Christian...


CONAN: So--we're running out of time. But no, as far as we know, that the levels of inquiry are not directed there. But thanks very much for the phone call.

We'll have more of your calls after a break. (800) 989-8255.

I'm Neal Conan. You're listening to TALK OF THE NATION from NPR News.


CONAN: This is TALK OF THE NATION. I'm Neal Conan in Washington.

Here are the headlines from some of the other stories we're following here today at NPR News. The federal government is assisting in efforts to rescue 13 miners trapped in a West Virginia coal mine. Rescue and safety specialists are on the scene. A robot has been brought in to explore areas in the mine that are unsafe for people, though apparently now they've decided to try to accelerate their operation and the robot will not be used. Homeland Security Secretary Michael Chertoff has announced a list of cities that are eligible for the next round of urban security grants. However, those cities must first submit regional applications detailing how that money will be spent. You can hear details on those stories and much more later today on "All Things Considered" from NPR News.

Also, Jack Abramoff, a prominent and powerful lobbyist, has pleaded guilty and is now expected to cooperate with prosecutors in an investigation of congressional corruption. We'll have more on that story in just a few minutes.

But continuing now on our conversation with James Bamford, author of two histories of the National Security Agency, about spying and technology. If you'd like to join us, it's (800) 989-8255.

And let's get another caller on the line. This is Dan. Dan's calling from Crestwood in Kentucky.

DAN (Caller): Hi.

CONAN: Hi, Dan.

DAN: Thanks for taking my call.

CONAN: Sure.

DAN: Got a question for you. I understand the gist of what I've been listening to. The voice recognition or the way you search for things is you're looking for words or catchphrases like `bomb' or `bin Laden,' that--if that's accurate, then all people have to do is substitute a code word. Instead of saying `tell bin Laden to bring me the bomb,' they'd say `tell Ralph to bring me the disc player.' Doesn't that render all that technology obsolete? Guess that's all I have to say. Thanks. Bye-bye.

CONAN: OK, Dan, thank you.

Mr. BAMFORD: Well, that's, you know, a simplification of what's done. I mean, they don't use `bomb' or `bin Laden.' It's much more complicated. It's like doing a Google search. You're going to use quite a few words and you try to make those words as unique to what you're looking for as possible. They may use a whole string of chemical names; these are the same kind of chemicals that might be used in a bomb. And if they find all those chemicals or an abbreviation of them or slang for these chemicals in one e-mail or one conversation, then they may kick that out. But it--the caller is, you know, exactly right that that is a problem and that there is so much out there, if you just put out, you know, a handful of words, you're going to be overwhelmed with too much information.

CONAN: They've also at various times captured computers used by senior lieutenants in al-Qaeda and presumably can pick up hints on what words to look for from them.

Mr. BAMFORD: That's right. Yeah. And the problem is with the error rate. There are so--if you're just doing a broad search, there are so many that you're going to overwhelm any kind of analyst. So you really got to get a large number of keywords and get them as specific and unique to your target as possible.

CONAN: What about disposable cell phones, which police have found very frustrating?

Mr. BAMFORD: Well, that's the problem you have today. When NSA was formed, they were looking at one big country that never went anywhere, the Soviet Union and its satellite countries, and they communicated all the time. They were always chattering to pilots of aircraft, ships at sea, military units, diplomats and so forth. Now you've got the complete opposite. Now you've got people that are running around the world, one country to another; they communicate very rarely. That's the whole idea of a cell. And they use things like disposable cell phones and untraceable calling cards. So that's where NSA finds itself, in a very undesirable position in this, quote, "war on terrorism," unquote.

CONAN: An e-mail question from Gary in Panama City, Florida. `The activities of the NSA sound a lot like the FBI's Carnivore program which supposedly was halted due to privacy concerns. Could this just be Carnivore resurrected as a black-box NSA program?'

Mr. BAMFORD: Well, I think that's very accurate. I think the technology that was with Carnivore--NSA has had that technology for a very long time and has used it, but has used it internationally. It's used it around the world, not domestically. And the FBI did develop this system known as Carnivore, which was to go through domestic e-mails and data communications looking for keywords, key names, whatever. And so that may be what is being resurrected here, is some variant of that or NSA's equivalent of Carnivore being used domestically.

CONAN: Well, we've been talking about, you know, keywords and that's a part of it, but it's--the data mining is much more looking for these patterns of the length of messages and...

Mr. BAMFORD: Right, that's where you get the biggest danger here because you have NSA with this huge technology for--what Frank Church said was if NSA was ever turned on the American public, there would be no place to hide. And you marry that with this enormous data-mining technology where, you know, if you, you know, in the same week sign up for Al-Jazeera and go have a dinner in a Arabic restaurant in Washington, DC, who knows, you may be on the list. It has a very chilling effect on what people do. Should you buy this magazine with your credit card or shouldn't you?--because a record of it is going to be kept someplace and somebody is going to be looking at your pattern of activity. That's the problem when you have data mining, is that it doesn't discriminate against terrorists and non-terrorists. It can pull into its web a lot of people who do very innocent things.

CONAN: And again, the questions of legality that the Senate Judiciary Committee will address later this month in those hearings, those are involving calls from--well, I guess the term of art is `American persons,' US citizens or people here in the country legally. Is there a distinction in the technology? I mean, the way the technology flows, do calls from overseas go through different systems as domestic calls? I mean, if you're searching all this stuff, are you searching through vast amounts of domestic information as well?

Mr. BAMFORD: There is some merger. It is very complicated technology, technologically speaking, but you have domestic satellites that handle just domestic communications and you have international satellites that just handle international communications. And a communications expert know which fiber optic links connect what cities and what microwave links connect where. So the problem you have now is that there is information that begins overseas, transits the United States, and ends up overseas again. So if somebody is calling--somebody is in Spain and they want to call somebody in Rome, for example, and it's 10:00 in the morning in Spain and that link would normally go through Paris or something like that, well, it's a very busy time, 10:00 in the morning, in Europe. And so those links may be all filled between Madrid and...

CONAN: Rome.

Mr. BAMFORD: ...and Paris, redirected to Rome. So instead of redirecting it to Rome via Paris, they may redirect it to Rome via New York. I mean, you're only talking a millisecond of a time difference, but the problem is if you're eavesdropping on that communication between those two people, one in Spain and one in Rome, all of a sudden that call is now potentially a domestic call because it's transited, even though transited for a millisecond, a US link. And that's one of the problems that's being faced by NSA and this technology today.

CONAN: All right, let's see if we can get another caller on the line. And this is Serena(ph). Serena's calling us from New Jersey.

SERENA (Caller): Hi. I have a question about languages. I'm wondering when multiple languages are used in a phone call between two people, which would probably happen a lot with overseas phone calls, how the government interprets that.

Mr. BAMFORD: That's actually a very big problem for NSA, polylinguistic communications where you get more than one language being used. And it is very frequently used, especially with terrorists a lot of times. They're speaking several different dialects and it's a major problem. The two areas that NSA has never really been able to really solve completely is machine translation of voice communications and turning voice communications into written data completely because of the error rates and the amount of different ways people speak.

SERENA: Yeah, just check our transcripts sometimes, you begin to realize the problem. And so--but even translating stuff in time--I mean, I think after 9/11 it was found that they got two messages on September 10th saying `tomorrow's the big day,' but they weren't translated until the 12th.

Mr. BAMFORD: That's right. And if 9/11 hadn't happened, they might not have been translated for a month. The problem was NSA only had a handful of people that spoke Pashtun and Dari, which were the two key dialects in Afghanistan at the time. And language is a key problem. People in the United States don't grow up learning languages, let alone what they call exotic languages at NSA, languages where--or what they call low-density languages where the amount of people speaking are fairly small.

CONAN: Serena, thanks very much.

SERENA: Thanks.

CONAN: And let's see if we can get one final call in. This is Paul. Paul calling us from Cincinnati.

PAUL (Caller): Gentlemen, thank you for taking my call. Interesting show.

CONAN: Thank you.

PAUL: So far the technology that's been described seems to be predicated on finding the presence of something that is there, but how capable is it in capturing the absence of any information? For example, if my friend overseas sends me an e-mail that says, `Thank you, Paul, I got it; thank you very much,' that could mean a lot to me, but it doesn't seem to contain anything that might trigger the data-mining filters. And I'll take my answer off the air. Thank you.

CONAN: Thanks, Paul.

Mr. BAMFORD: Well, what they'd be looking for is--in the old days they used to call it traffic analysis. They couldn't break a lot of the Soviet communications, so what they would do is look at the externals of the messages, where it was being sent from, where it was going to, what the precedent of it was, whether--was it a priority or routine, what the classification of it was. And you put all these little external factors together and you could start building a little bit of a picture of what's going on.

CONAN: You might not know what the message is, but you do know that this--somebody here communicated a short message to somebody there.

Mr. BAMFORD: That's right. And, matter of fact, one of the tests to join NSA a long time ago--I don't know if they still have it--was you open your--one of the pages in the book would contain a picture with a lot of different little islands in the South Pacific and there is smoke signals being sent from different islands, and then there's a series of questions saying, `On which island is the king located? Which island is the island that is the least necessary there?' and so forth. And that's what you're doing. You're looking for patterns, and that's what they were trying to get people at NSA to do.

And so to answer your question, it may not be the content of the message but, you know, was your friend in Damascus when he sent it or was he in London, and did your friend send it with a prefix or a suffix on the e-mail that indicated where he might be, in a government office or whatever, and how often do you get them and do you get them at 3 in the morning? So there's a lot of--these are some of the things that the government is looking at in terms of data mining and externals from the message themselves.

CONAN: And it's presumably the island with no smoke signals. That's where the king lives.

Mr. BAMFORD: That's right. That's a very smart king.

CONAN: James Bamford, thank you very much for being with us today. We appreciate your time.

Mr. BAMFORD: My pleasure, Neal.

CONAN: Jim Bamford wrote two histories of the National Security Agency, one called "Body of Secrets," the other "The Puzzle Palace." He was kind enough to join us here today in Studio 3A.

Earlier we promised you an update on Jack Abramoff's guilty plea. There's currently a development in that story, a news conference being held. We'll have that for you later today on NPR News. We apologize for that.

You're listening to TALK OF THE NATION from NPR News.

Copyright © 2006 NPR. All rights reserved. Visit our website terms of use and permissions pages at for further information.

NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.