Now, this is pretty good improvised tradecraft, and it would leave the government with no idea where or who the U.S.-based operative was or what phone numbers to monitor. It doesn’t have probable cause to investigate any particular American. But it surely does have probably cause to investigate any American who makes a call to Yemen at 11 a.m., Sanaa time, hangs up after a few seconds, and then gets a call from a different Yemeni number three hours later. Finding that person, however, wouldn’t be easy, because the government could only identify the suspect by his calling patterns, not by name.
So how would the NSA go about finding the one person in the United States whose calling pattern matched the terrorists’ plan? Well, it could ask every carrier to develop the capability to store all calls and search them for patterns like this one. But that would be very expensive, and its effectiveness would really only be as good as the weakest, least cooperative carrier. And even then it wouldn’t work without massive, real-time information sharing — any reasonably intelligent U.S.-based terrorist would just buy his first throwaway phone from one carrier and his second phone from a different carrier.
The only way to make the system work, and the only way to identify and monitor the one American who was plotting with al Qaeda’s operatives in Yemen, would be to pool all the carriers’ data on U.S. calls to and from Yemen and to search it all together — and for the costs to be borne by all of us, not by the carriers.