While intelligence officials could not point to attacks the program had thwarted, they defended the ability as a useful triaging tool for sifting through potential connections — and suggested that had it been in place before Sept. 11, it might have helped uncover Al Qaeda’s plot. Critics called that argument exaggerated and portrayed it as a legally dubious invasion of privacy that was ripe for abuse.
The Obama administration eventually embraced a plan to end the National Security Agency’s bulk collection of domestic phone data but preserve the old program’s analytical ability, resulting in the Freedom Act of 2015.
Under that law, the bulk records remained in the hands of the phone companies, not the government. But with a judge’s permission, the agency could swiftly retrieve the phone and text logs of particular suspects as well as of all of the people who had been in contact with those suspects, even when they were customers of different phone companies.
Under the replacement system, the number of records about Americans’ communications that the agency collected dropped significantly from the billions per day it had previously been sucking in.
Yet the scale of collection remained huge: The program gathered 151 million records in 2016, despite obtaining court orders to use the system on only 42 terrorism suspects in 2016, along with a few left over from late 2015. In 2017, it obtained orders for 40 targets and collected 534 million records.
Problems with the system emerged last year, when the National Security Agency said it had decided to delete its entire database of records gathered since the Freedom Act system became operational. Glenn S. Gerstell, the agency’s general counsel, said in an interview at the time that because of complex technical glitches, one or more telecom providers — he declined to say which — had responded to court orders for records by sending logs to the agency that included both accurate and inaccurate data.
When the agency then fed those numbers back to the telecoms to get the communications logs of all of the people who had been in contact with its targets, it ended up gathering some data of people unconnected to the targets. The agency had no authority to collect their information, nor a practical way to go through its large database and cull those records it should not have gathered. As a result, it decided to purge them all and start over.
But it had not been clear until Mr. Murry’s comments in the podcast that was posted over the weekend that the problems have continued, even as a legislative battle over the Freedom Act — and the inevitable scrutiny of how the program has functioned — has drawn near.