At the core of TIA was a device, then yet-to-be-invented, that Poindexter called a "privacy appliance." It would strip all data of personally identifying information — such as names and addresses — and give each data point a unique, encrypted designation. A TIA analyst would see how pieces of information fit together, but he would need a court order if he wanted to unlock the privacy appliance and see the names associated with that data.

NSA abandoned this privacy research when it took over Poindexter's programs in 2003, and a privacy appliance as sophisticated as what was hoped for in TIA still doesn't exist. However, the NSA's database of phone call records, known as Mainway, now have some privacy controls, according to intelligence employees who have used the system. The database does not contain any names, nor is the NSA collecting geolocation data that could pinpoint a user on a map, according to administration officials. When an analyst comes upon a phone number associated with a U.S. citizen or legal resident, a black 'X' mark appears over the number, says one former defense intelligence employee. Administration officials have said publicly that the databases only can be queried as part of a terrorism investigation, and that it has been accessed about 300 times last year.

Much less is known about how PRISM protects the privacy and identities of U.S. persons, whose communications the NSA cannot target without a warrant. Analysts are allowed to target a set of foreign communications — such as emails — if PRISM determines with 51 percent confidence that they are indeed foreign. Technically, it is very difficult to determine whether an email was actually sent by a foreigner and not a US person, experts say. And a 51 percent confidence rating is not a high threshold. This practically guarantees that US persons' information is swept up by PRISM. The NSA has not disclosed the procedures it uses to separate that information from the foreigners' data.


Use of broad searches

Poindexter believed that in order to find the proverbial "needle in the haystack," analysts needed to be able to look at a lot of haystacks. TIA would cast a wide net searching among mostly innocent and innocuous communications for those that merited further scrutiny.

NSA attempts to do just that with PRISM. It is meant to filter out potentially meaningful signals from an ocean of noise. Gen. Keith Alexander, the NSA director, has said that in the vast majority of terrorist attacks that the United States was able to stop, this kind of analysis was essential. (With the Mainway database, officials say their searches are more targeted, and are begun based on a specific phone number of a known or suspected terrorist.)


Reliance on court orders

Poindexter never envisioned giving the intelligence community unsupervised access to private data. He thought that courts should play a role, because this would legitimize the government's monitoring of private data and provide a check on potential abuse — at least in theory. He pointed to the longstanding practice of issuing intelligence surveillance warrants under the Foreign Intelligence Surveillance Court as a model.

The NSA has come to rely on that court, which is now issuing broad orders for information that, prior to the 9/11 attacks, would have been unimaginable. The court has sanctioned the copying of all phone records in the United States. It also reviews the government's Internet surveillance methods in an attempt to ensure that they don't unreasonably scoop up Americans' data too. This is far from perfect science. On at least one occasion, the court has found that these procedures were unconstitutional. We still don't know how they were changed to make them legal.


Amended privacy laws

Poindexter also hoped to ignite a national debate on whether to change privacy laws to reflect both advances in technology and the difficult task of finding an enemy — such as terrorist networks — that don't announce their presence.

He got his wish. In 2007 and 2008, after some of the NSA's secret programs were exposed, Congress debated changes to the Foreign Intelligence Surveillance Act. There were many public, heated exchanges. Ultimately, lawmakers voted to give the NSA more authority to search broadly for potential terrorists, and to do so without individualized warrants that name the specific person and place the agency wants to search.


The key question still unanswered is whether any of this surveillance actually prevents terrorist attacks. Poindexter couldn't say for sure that TIA would, though he believed that his early research showed promising signs. Officials now say that the NSA's surveillance activities have helped stop dozens of attacks. If the details of those plots are released, we'll all be able to decide for ourselves. Perhaps then can finally decide whether building Total Information Awareness was a good idea.



Harris is a senior writer for Foreign Policy.