"#$

!""#$%&' !) *+# ,#-./ 01.$%.2%3 452 657#2$8#$1 !99#33 15
:588;$&9.1&5$3
Theie is consideialIe conpIexily in lhe IegaI slandaids foi
goveinnenl access lo connunicalions-ieIaled infoinalion. This Appendix
seeks lo nake lhe IegaI iequiienenls and possilIe iefoins easiei lo
undeisland. This is achieved ly selling foilh an oulIine consisling of foui
conponenls. This shoil appendix can onIy sel foilh ceilain key eIenenls of
lhe Iav and is nol ained al iepiesenling a conpiehensive picluie of aII
ieIevanl slaluloiy piovisions and juiispiudence.
The fiisl conponenl sels foilh lhe luiden of pioof lhal lhe
goveinnenl nusl neel in oidei lo ollain lhe infoinalion. Iion Iess sliicl
lo sliiclei, lhe luiden of pioof used in lhis aiea of Iav incIudes: (1)
ieIevanl, (2) ieasonalIe giounds lo leIieve, oi ieasonalIe and ailicuIalIe
suspicion, and (3) piolalIe cause.
The second conponenl sels foilh lhe scope of lhe aclivily lo vhich
lhe luiden of pioof appIies, such as a ciininaI invesligalion oi foieign
inleIIigence invesligalion. ßolh a Iav enfoicenenl and IISA vaiianl
iequiie ¨piolalIe cause.¨ The piolalIe cause is of a diffeienl lhing,
hovevei. Ioi a ciininaI vaiianl lheie nusl le piolalIe cause lhal a ciine
has leen, is, oi viII le connilled. Ioi a IISA vaiianl, lheie nusl le
piolalIe cause lhal lhe laigel is an agenl of a foieign povei.
The lhiid conponenl sels foilh lhe IeveI of aulhoiizalion iequiied lo
undeilake lhe aclivily. The decision is sonelines nade ly lhe anaIysl, oi

"#%

suljecl lo appiovaI vilhin lhe execulive lianch, oi suljecl lo appiovaI ly a
judge.
The fouilh conponenl is lhe naluie of lhe infoinalion lhal can le
ollained puisuanl lo lhe ieIevanl IegaI aulhoiily.
If poIicynakeis vish lo iaise lhe slandaids foi goveinnenl access,
one oi noie of lhe fiisl lhiee conponenls can le anended. Ioi inslance, a
slandaid couId le iaised lo piolalIe cause, lhe scope of invesligalion
couId le naiioved, oi highei-IeveI appiovaI couId le iequiied. SiniIaiIy,
easing lhe slandaids couId occui aIong one oi noie of lhese lhiee
dinensions. Ioi inslance, ieIevance nighl le iequiied ialhei lhan a sliiclei
slandaid, oi lhe scope of lhe invesligalion couId lioaden, oi no sign-off ly
highei aulhoiily vouId le needed.
This appendix sels foilh lhe slandaids foi Iav enfoicenenl´s
undeilaking of ciininaI invesligalions and lhe inleIIigence connunily´s
foieign inleIIigence invesligalions. The slandaids piesenled leIov aie in
sone inslances sinpIified, so lhe appIicalIe slalules and case Iav shouId
le consuIled foi fuilhei delaiIs.

,!< =>?@A:=B=>* CDAC@0=0
*2.%&1&5$./ <.22.$1) (1) IiolalIe cause. (2) Ciine has leen, is, oi viII le
connilled. (3) Oidei fion a judge oi, in lhe Ianguage of lhe Iouilh
Anendnenl, a ¨neuliaI nagisliale.¨ (4) Can ollain docunenls, iecoids, oi
lhings.

"#&

<&2#1." EFG DH0H:H I JKFGL: (1) IiolalIe cause, pIus addilionaI
iequiienenls such as olhei invesligaloiy nelhods aie unIikeIy lo succeed.
(2) Ciine has leen, is, oi viII le connilled, onIy foi ciines Iisled in 18
U.S.C. § 2516. (3) Oidei issued ly judge. (4) Conveisalions lhal aie
evidence of ciininaI aclivily.
C#$M*2." EFG DH0H:H I NFJJL: (1) ReIevanl. (2) Ongoing ciininaI
invesligalion. (3) Oidei issued ly }udge. (4) Connunicalions nela-dala
(diaIing, iouling, addiessing, and signaIing infoinalion lul nol conlenl).
A#O;&2#% P&39/53;2# 54 :;3158#2 :588;$&9.1&5$3 A#952%3 EFG DH0H:H I
JQRNE%LL: (1) Specific and ailicuIalIe facls lhal lheie aie ieasonalIe giounds
lo leIieve ieIevanl and naleiiaI. (2) Ongoing ciininaI invesligalion. (3)
Oidei issued ly }udge. (4) Vaiious cIasses of iecoids, incIuding opened e-
naiIs if lheie is nolice lo lhe sulsciilei and non-conlenl iecoids vilh no
nolice iequiienenl.

S>*=,,S6=>:= CDAC@0=0
*&1/# S ?S0! EKR DH0H:H I FGRFL: (1) IiolalIe cause. (2) Taigel is an agenl of
a foieign povei oi a foieign povei and each of lhe faciIilies oi pIaces is
used oi aloul lo le used ly a foieign povei oi an agenl of a foieign povei.
(3) Oidei issued ly IISC puisuanl lo AC ceilificalion. (4) Conlenls of
connunicalions.
C#$M*2." ?S0! EKR DH0H:H I FGTJL) (1) ReIevanl lo an ongoing invesligalion.
(2) To piolecl againsl inleinalionaI leiioiisn oi cIandesline inleIIigence

"##

aclivilies, oi lo ollain foieign inleIIigence infoinalion nol conceining a US
peison. (3) Oidei issued ly IISC puisuanl lo AC ceilificalion. (4)
Connunicalions nela-dala (lul nol conlenl).
?S0! 0#91&5$ QRJ EKR DH0H:H I FGGFL: (1) ReasonalIe leIief peison is non-US
Ieison Iocaled oulside lhe US and suljecl lo one of lhe IISC-appioved
ceilificalions. (2) To acquiie foieign inleIIigence. (3) Taigeling iequesled
ly anaIysl suljecl lo ieviev ly adjudicalois. (4) Conlenl of
connunicalions.
0#91&5$ JFK EKR DH0H:H I FGUFL) (1) ReasonalIe giounds lo leIieve lhal lhe
langilIe lhings soughl aie ieIevanl. (2) To ollain foieign inleIIigence
infoinalion aloul a non-US peison oi lo piolecl againsl inleinalionaI
leiioiisn oi cIandesline inleIIigence aclivilies ieIevanl lo an aulhoiized
invesligalion. (3) Oidei issued ly IISC puisuanl lo AC ceilificalion. (4)
Docunenls, iecoids, oi olhei langilIe lhings.
>.1&5$./ 0#9;2&1V ,#11#23 EKR DH0H:H I TNUL: (1) ReIevanl oi puisuanl lo an
open nalionaI secuiily invesligalion. (2) Ioi counleiinleIIigence and
counleileiioiisn, incIuding cylei invesligalions. (3) IßI SpeciaI Agenl in
Chaige oi noie senioi IßI officiaI. (4) Connunicalions nela-dala. Nole:
Olhei NSL slalules exisls foi olhei calegoiies of iecoids.
='#9;1&7# @2%#2 FJNNN: (1) No iequiienenl. (2) Ioi foieign inleIIigence oi
counleiinleIIigence puiposes. (3) Decided ly anaIysl vilh supeivisoiy
appiovaI puisuanl lo inleinaI guideIines. (4) Ioieign inleIIigence
infoinalion.

"#'


DISCLAIMER: This overview is a quick reference guide and is not intended as
a substitute for the minimization procedures and their implementation.
Appendix B:
!"#$"%#& () *+, -$%"./0 -$(1#/1%(23 425#$ 6,, 789

TARGETING
• Targeting must be for a valid
foreign intelligence purpose
in response to National
Intelligence Priorities.
• Targeting must be under a
Foreign Intelligence Surveillance
Court (FISC)-approved FAA
702 Certification and limited to
non–US Persons located overseas.
• All targeting is governed
by FISC-approved
targeting procedures.
• Targeting of US Persons
or any persons located
inside the United States is
strictly prohibited.
• Reverse-targeting of US
Persons is prohibited.

COLLECTION
• Specific communications
identifiers (for example, phone
numbers or e-mail addresses) are
used to limit collection only to
communications to, from, or about
a valid foreign intelligence target.
• Intentional collection
of wholly domestic
communications (that is, all
communicants are in the
US) is prohibited.

ANALYSIS/
EXPLORATION
• Queries into collected data
must be designed to return valid
foreign intelligence.
• Overly broad queries
are prohibited.
• Upon additional
authorization and
oversight, queries using
US Person identifiers
are permitted for foreign
intelligence purposes.
• Any wholly domestic
communications (that is,
all communicants are in
the United States) must be
destroyed upon recognition.

DISSEMINATION
• Disseminations to external entities,
including Executive Branch
agencies and select foreign
partners, are made for valid foreign
intelligence purposes.
• US Person information
is protected in reporting
unless necessary to
understand and assess
the foreign intelligence,
evidence of a crime, or other
exception applies.

RETENTION
• Raw data is destroyed after two
years or five years (depending on
the collection source) after the
expiration of the certification under
which it was acquired.

"#(


Appendix B:
!"#$"%#& () *+, -$%"./0 -$(1#/1%(23 425#$ 6! 78999
DISCLAIMER: This overview is a quick reference guide and is not intended as
a substitute for the minimization procedures and their implementation.
TARGETING
• Targeting must be for a valid
foreign intelligence purpose
in response to National
Intelligence Priorities.
• All targeting is governed by
DOD regulations and Attorney
General–approved procedures.
• Targeting of US Persons
is NOT permitted except
in limited circumstances
that require additional
authorization or consent.
COLLECTION
• Selection terms/identifiers
must be crafted to limit
collection—to the extent
possible—to communications
responsive to a valid foreign
intelligence purpose.
ANALYSIS/
EXPLORSATION
• Queries into collected data
must be designed to return valid
foreign intelligence.
• Overly broad queries
are prohibited.
• Queries for US Person
information are prohibited
except in limited
circumstances that require
additional authorization
or consent.
• Any wholly domestic
communication (that is, all
communicants are in the
United States) must be
destroyed upon recognition.
DISSEMINATION
• Disseminations to external entities,
including Executive Branch
agencies and select foreign
partners, are made for valid foreign
intelligence purposes.
• US Person information
is protected in reporting
unless necessary to
understand and assess
the foreign intelligence,
evidence of a crime, or other
exception applies.
RETENTION
• Raw data is destroyed after five
years except when necessary to
maintain technical databases
for cryptanalytic or traffic
analysis purposes.

"#)


Appendix C:
!" $%&'(()*'%+', -.(&)/(' 012'34 56 7.('4 1%8 9:'34)*;&
a
Determines whether and how to authorize/fund intelligence
activities and conducts oversight via intelligence and
other committees.
b
Rules on matters under Foreign Intelligence Surveillance Act.
c
Provides privacy/civil liberties advice and oversight for USG
efforts to protect the nation from terrorism.
d
Reviews reports of potential violations of law and executive
order on behalf of President.
e
Includes DOJ’s National Security Division and DOJ’s Privacy
and Civil Liberties Office.
f
Includes ODNI’s Civil Liberties and Privacy Office, ODNI/OGC,
and the IC Inspector General.
g
At the department level, these can include departmental
counterparts to the agency-level organizations, and may also
include other offices (for example, DOD’s Assistant to the
Secretary of Defense for Intelligence oversight).
h
At the agency level, these can include the following
organizations: Offices of General Counsel, Offices of Inspector
General, Civil Liberties and Privacy Offices, Intelligence
Oversight Offices, Compliance Offices (for example, NSA’s
new Civil Liberties and Privacy Officer position, and NSA’s
Office of the Director of Compliance).
LEGISLATIVE BRANCH
• Congress
a
LEGISLATIVE BRANCH
• Constitution
• Statutes
EXECUTIVE BRANCH
• Privacy and Civil Liberties
Oversight Board
c
• President’s Intelligence
Oversight Board
d
• Department of Justice
e
• ODNI-level officials
f
• Department-level officials
g
• Agency-level officials
h
EXECUTIVE BRANCH
• Executive Orders and
Presidential Directives
• Attorney General
Guidelines
• IC Directives
• Agency regulations,
instructions, and policies
• Agency training
and guidance
JUDICIAL BRANCH
• Foreign Intelligence
b
JUDICIAL BRANCH
• Court orders and
standard minimization
procedures
Guidance to the IC
Analyst
Oversight and Enforcement
The graphic below illustrates the role played by each of the three branches of
the US Government in governance of a query run by an intelligence analyst.
On the left are the laws and guidelines that apply to actions of the analyst,
setting forth the parameters within which the search may be conducted. The
right side of the graphic highlights the review, oversight, and auditing functions
of each of the three branches, once the search has been conducted.

"'*

















This page has leen inlenlionaIIy Iefl lIank.

"'+





EMPLOYEE PROTECTIONS FOR DISCLOSURES:
• National Security Act of 1947, CIA Act of 1949, Inspector General Act of 1978
• Presidential Policy Directive No. 19
• Agencies’ Internal Policies

Appendix D:
!"#$%#& ()* +,-&./#01/)2#*& -$ .,# 3$.#//-4#$5# 6)77%$-.8
Employee/ Whistle-blower
Directly t o Inspect ors General
or via Of fices of General
Counsel to Inspectors General
Employee’s Management Chain
Inspectors General or
Congressional Af f airs Of fices
HPSCI or SSCI
(classified inf ormation)
HPSCI / SSCI / Employee’s
Congressman/ etc.
(unclassified inf ormation)

"'"

















This page has leen inlenlionaIIy Iefl lIank.

"'$

!""#$%&' =) D0 657#2$8#$1 A5/# &$ :;22#$1 =$92V"1&5$
01.$%.2%3
NSA piovided lhe Reviev Cioup lhe foIIoving infoinalion,
oulIining lhe ieIialiIily of ceilain enciyplion syslens. Oui
ieconnendalion 31 vouId give lhe foice of Iav lo piohililions on
undeiculling lhese and olhei slandaids.
Mosl of lhe slandaids desciiled leIov aie appioved ly NIST foi
piolecling uncIassified US Coveinnenl infoinalion and ly NSA foi
piolecling cIassified US Coveinnenl infoinalion. ALS, SHA-2, LC-DSA,
and LC-DH nake up lhe coie of ¨Suile ß,¨ NSA´s nandaled sel of pulIic
slandaid aIgoiilhnsW appioved in 2OO6W foi piolecling cIassified
infoinalion.
182
Lach aIgoiilhn discussed leIov is cuiienlIy in use in
NalionaI Secuiily Syslens, aIlhough NSA is puisuing lhe liansilion fion
SHA-1 lo SHA-2. Ioi fuilhei infoinalion on aII lul SHA-1 see
hllps://vvv.cnss.gov/poIicies.hlnI and iefeiences conlained lheie.
In geneiaI, NSA appIies lhe deep ciyplanaIylic liadeciafl and
nalhenalicaI expeilise deveIoped ovei decades of naking and lieaking
codes, lo ensuie lhal ciyplogiaphy slandaidized ly lhe US Coveinnenl is
sliong enough lo piolecl ils ovn sensilive connunicalions.

182
This papei addiesses lhe slienglh of slandaid ciyplogiaphic aIgoiilhns. Any ciyplogiaphic aIgoiilhn
can lecone expIoilalIe if inpIenenled incoiieclIy oi used inpiopeiIy. NSA voiks vilh NIST lo ensuie
lhal NIST slandaids incoipoiale guidance on coiiecl inpIenenlalion and usage. NSA viII expIoil
vuIneialIe inpIenenlalions and uses lo suppoil lhe IavfuI conducl of signaIs inleIIigence.

"'%

!=0 X *+# !%7.$9#% =$92V"1&5$ 01.$%.2% X ?SC0 FYQ
NSA did nol conliilule lo noi nodify lhe design of lhe Advanced
Lnciyplion Slandaid (ALS). Il vas designed ly lvo Luiopean
ciyplogiapheis: }oan Daenen and Vincenl Rijnen. Il vas pulIished and
sulnilled in 1998 foi NIST´s ALS conpelilion and seIecled in 2OO1 as lhe
Advanced Lnciyplion Slandaid. NSA exlensiveIy exanined lhe aIgoiilhns
in lhe conpelilion and piovided lechnicaI guidance lo NIST duiing lhe
conpelilion lo nake suie lhal NIST´s finaI seIeclion vas a secuie
aIgoiilhn. NIST nade lhe finaI aIgoiilhn choice undei ils ovn aulhoiily,
independenl of NSA. ßolh NSA and lhe acadenic ciyplogiaphy
connunily have lhoioughIy anaIyzed lhe ALS.
A0! X *+# A&7#31W 0+.8&2W !%#/8.$ C;Z/&9 [#V !/-52&1+8 X ?SC0 FGUW
>S0* 0C GRR\KU]
NSA did nol conliilule loW noi nodifyW lhe design of RSA, lul il did
piovide inpul on RSA usage in slandaids. Il vas designed in 1977 ly lhiee
ciyplogiapheis voiking al MIT: Aneiicans Ron Rivesl, and Leonaid
AdeInan, and IsiaeIi Adi Shanii. The aIgoiilhn vas independenlIy
designed eaiIiei ly CIiff Cocks of UK CCHQ in 1973 lul vas nol
pulIished, and vas onIy decIassified in 1997. ßolh NSA and lhe acadenic
ciyplogiaphy connunily have lhoioughIy anaIyzed lhe RSA aIgoiilhn
lolh as a digilaI signaluie (IIIS-186) and as an enciyplion aIgoiilhn foi
keys (SI 8OO-56ß).