September 4, 2014 / by emptywheel

 

Clapper’s Claim that FBI Cannot Count Back Door Searches for Technical Reasons Probably Bullshit

I wanted to explain why I think it’s such a big deal that James Clapper specifically highlighted the carve out for transparency reporting on FBI’s back door searches in Leahy’s version of Freedom Act’s in his letter supporting the bill.

As I described, the bill requires reporting on back door searches, but then exempts the FBI from that reporting.

But that’s not the part of the bill that disturbs me the most. It’s this language:

‘(3) FEDERAL BUREAU OF INVESTIGATION.—

Subparagraphs (B)(iv), (B)(v), (D)(iii), (E)(iii), and (E)(iv) of paragraph (1) of subsection (b) shall not apply to information or records held by, or queries conducted by, the Federal Bureau of Investigation.

The language refers, in part,  to requirements that the government report to Congress:

(B) the total number of orders issued pursuant to section 702 and a good faith estimate of—

(iv) the number of search terms that included information concerning a United States person that were used to query any database of the contents of electronic communications or wire communications obtained through the use of an order issued pursuant to section 702; and

(v) the number of search queries initiated by an officer, employee, or agent of the United States whose search terms included information concerning a United States person in any database of noncontents information relating to electronic communications or wire communications that were obtained through the use of an order issued pursuant to section 702;

These are back door searches on US person identifiers of Section 702 collected data — both content (iv) and metadata (v).

In other words, after having required the government to report how many back door searches of US person data it conducts, the bill then exempts the FBI.

In his letter, Clapper says,

[W]e are comfortable with the transparency provisions in this bill because, among other things, they recognize the technical limitations on our ability to report certain types of information.

FBI back door searches are the most obvious limit on transparency guidelines, and FBI told PCLOB they couldn’t count them for technical reasons.

So effectively, Clapper is suggesting that Congress has recognized that FBI is incapable — for technical reasons — of counting how often it conducts back door searches.

That technical claim is almost certainly bullshit.

As a reminder, here’s what the government told PCLOB about FBI’s back door searches.

Because they are not identified as such in FBI systems, the FBI does not track the number of queries using U.S. person identifiers. The number of such queries, however, is substantial for two reasons.

First, the FBI stores electronic data obtained from traditional FISA electronic surveillance and physical searches, which often target U.S. persons, in the same repositories as the FBI stores Section 702–acquired data, which cannot be acquired through the intentional targeting of U.S. persons. As such, FBI agents and analysts who query data using the identifiers of their U.S. person traditional FISA targets will also simultaneously query Section 702–acquired data.

Second, whenever the FBI opens a new national security investigation or assessment, FBI personnel will query previously acquired information from a variety of sources, including Section 702, for information relevant to the investigation or assessment. With some frequency, FBI personnel will also query this data, including Section 702–acquired information, in the course of criminal investigations and assessments that are unrelated to national security efforts. In the case of an assessment, an assessment may be initiated “to detect, obtain information about, or prevent or protect against federal crimes or threats to the national security or to collect foreign intelligence information.”254 If the agent or analyst conducting these queries has had the training required for access to unminimized Section 702–acquired data, any results from the Section 702 data would be returned in these queries. If an agent or analyst does not have access to unminimized Section 702–acquired data — typically because this agent or analyst is assigned to non-national security criminal matters only — the agent or analyst would not be able to view the unminimized data, but would be notified that data responsive to the query exists and could request that an agent or analyst with the proper training and access to review the unminimized Section 702–acquired data.

FBI gives one explicit excuse for not counting back door searches: that they’re not identified as such in their databases, so FBI can’t distinguish between its searches on traditional FISA data from those on Section 702 FISA data.

Oh, okay then.

Except that has to be the result of a conscious choice FBI made, not a technical decision. Indeed, for some years, NSA has marked the same kind of data not just with the authority used to collect it, but with the SIGAD (location) where it was collected. If NSA can do that, why can’t it keep the data marked as it hands it off to FBI? Why wouldn’t FBI explicitly choose to do so? And if NSA could institute that change in response to the 2009 violations to keep doing what it was doing with the data, why can’t FBI make a similar change now?

Moreover, why is it acceptable for FBI not to distinguish these two data sources? How can it achieve its legally mandated notice requirements under FISA if it doesn’t distinguish between these two types of data? Is that why it’s not achieving its legally mandated notice requirements in at least some cases?

Which brings us to another choice FBI has made that underlies its “technical” inability to count how many back door searches it is doing: it is using them for assessments.

As the FBI’s Domestic Investigations and Operations Guide describes, assessments are used for “prompt and extremely limited checking out of initial leads.” No factual predicate (that is, no real evidence of wrong-doing) is required before the FBI starts an assessment. While FBI cannot use First Amendment activities as the sole reason for assessments, they can be considered. In addition to looking into leads about individual people, FBI uses assessments as part of the process for Domain Assessments (what FBI calls their profiling of Muslim communities) and the selection of informants to try to recruit. In some cases, an Agent doesn’t need prior approval to open an assessment; in others, they may get oral approval (though for several kinds, an Agent must get a formal memo approved before opening an assessment). And while Agents are supposed to record all assessments, for some assessments, they’re very cursory reports — basically complaint forms. That is, for certain types of assessments, FBI is not generating its most formal paperwork to track the process.

Note, the DIOG also requires its Agents to use the least intrusive means to conduct assessments, which ought to raise real questions about why it considers warrantless searches of US person content to be the least intrusive means to do anything. But apparently the FBI believes they can be!

Here’s the thing though: FBI’s professed technical inability to track these searches is an admission that it is not able to track these warrantless searches — which can be done without any evidence of wrong-doing, and can be targeted at potential victims and at communities the FBI wants to profile.

Why on earth would we let FBI do this without very easily auditable records and a very good sense of how often it is conducting warrantless searches of content to investigate people without evidence they’ve done anything wrong? Why would we trust FBI’s claim — which it made to PCLOB — that people are unlikely to show up in 702 data unless they have some national security nexus?

Well, apparently Congress is well on its way to do that.

We have learned — through the concerted effort of Ron Wyden and, following that, PCLOB — that FBI conducts warrantless searches of US person content to investigate people against whom there is no evidence of wrong-doing. Again: FBI is conducting warrantless searches of US person content without even having evidence those US persons have done anything wrong.

And James Clapper has told Congress FBI doesn’t have the technical ability to track these searches.

And Congress, in response, is preparing to say,

OK. We’re okay with the fact that you claim not to be able to track data which you have a legal obligation to inform defendants about. We’re okay with the fact that you claim not to be able to track the warrantless searches of US person content of probably innocent people. We’re okay with that.

In what world is this okay?

Copyright © 2014 emptywheel. All rights reserved.
Originally Posted @ https://www.emptywheel.net/2014/09/04/clappers-claim-that-fbi-cannot-count-back-door-searches-for-technical-reasons-probably-bullshit/