New & Improved USA Freedumb Act, with Twice the Contractors Compensated

Somewhere Booz Allen Hamilton Vice Chairman (and former NSA Director) Mike McConnell just said, “Ka-Ching.”

As I noted, the initial manager’s amendment of HR 3361 (AKA USA Freedumb Act) added compensation language to Section 215 that didn’t originally exist.

(j) COMPENSATION.—The Government shall compensate, at the prevailing rate, a person for producing tangible things or providing information, facilities, or assistance in accordance with an order issued or an emergency production required under this section.

In this latest iteration, the compensation has been expanded beyond just the telecoms to anyone else who assists.

(j) COMPENSATION.—The Government shall compensate a person for reasonable expenses incurred for—

(1) producing tangible things or providing information, facilities, or assistance in accordance with an order issued with respect to an application described in subsection (b)(2)(C) or an emergency production under subsection (i) that, to comply with subsection (i)(1)(D), requires an application described in subsection (b)(2)(C); or

(2) otherwise providing technical assistance to the Government under this section or to implement the amendments made to this section by the USA FREEDOM Act.

There’s reason to believe that contractors (AKA Booz!) does some of the triage work on the data currently. So one solution to that problem might be to move those Booz contractors — with their access directly to the raw data of Americans — over to Verizon and AT&T.

Because why shouldn’t NSA contractors be in bed together, wallowing in all your raw data.

Glad to see this bill is improving Intelligence Contractors bottom line, even if it doesn’t improve the dragnet.

Unread Reports as the Big Data Dump? Not Really.

The very same week the President released his breathless report on Big! Data!, the Washington Post has a story criticizing the sheer number and types of reports Congress requires from the Federal bureaucracy.

It started out with a good idea. Legislators wanted to know more about the bureaucracy working beneath them. So they turned to a tool as old as bureaucracy itself — the interoffice memo. They asked agencies to send in written reports about specific things they were doing.

Then, as happens in government, that good idea was overused until it became a bad one.

[snip]

But as the numbers got bigger, Congress started to lose track. It overwhelmed itself. Today, Congress is not even sure how many of those 4,291 reports are actually turned in. And it does not try to save copies of all the ones that are.

So some agencies cheat and send in nothing. And others waste time and money sending in reports — such as the one on dog and cat fur — that simply disappear into the void.

To support its case, WaPo focuses on one report requiring Customs and Border Patrol to report on how much dog and cat fur products are being shipped into the US, which is probably a needless report (which is also probably why WaPo picked it out of the 4,291 it identified).

And WaPo — a member of the Fourth Estate that purportedly serves as a check on power — comes to this very dangerous conclusion.

The problem is that there is no system to sort the good ones from the useless ones. They all flow in together, which makes it hard for congressional staffers to spot any valuable information hidden in the flood.

First, the press is part of that system! Rather than throwing cat and dog fur, perhaps WaPo could have tried to distinguish those that were critical from those that are questionable and those that are clearly frivolous.

Moreover, it is the height of irresponsibility to absolve Congressional staffers — whose bosses are the only ones that can eliminate useless reports — of responsibility for reading the reports they get. Either the staffers must be held accountable for reading the reports, or for eliminating them. That’s how you fix the system. That’s why we’re paying them.

Ultimately, too, I’m not sure I buy the WaPo’s argument that these are useless reports. 4,291 seems like a not unreasonable amount of data for legislators to receive and read about the world’s biggest (perhaps now second biggest) economy, about DOD’s $526 billion budget, about the many federal benefit programs, about the expanding police state.

And if you look at the actual list (rather than WaPo’s admittedly snazzy but not very informative infographic on them), many — perhaps even most — of the reports make a lot of sense.

Consider the reports listed for General Services Administration, an entity with an annual budget of $26 billion, which has the ability to effect great change as the source of enormous spending, and one that has routinely experienced significant spending scandals.

  1. Activities and status of advisory committees in existence during the previous calendar year
  2. A report on the status of the high-performance green building initiatives under this subtitle
  3. Administration’s alternative fueled vehicle program
  4. A description of lost opportunities for waste-heat recovery from the project described in paragraph (A)
  5. A report on the use of photovoltaic energy in public buildings
  6. Violations by Federal agencies of Federal Records Act of 1950, as codified 1950
  7. Reports by Inspector General of particularly serious or flagrant problems, abuses, or deficiencies in the administration of programs and operations of the agency
  8. Activities of the Inspector General
  9. Accessibility to public buildings by the physically handicapped
  10. Prospectus proposing a building project or lease
  11. Location, space, cost, and status of each public building, the construction, alteration, or acquisition of which is to be under authority of the Act, and which was uncompleted as of the date requested
  12. Building project surveys as requested by either the Senate or House
  13. Use of underutilized public buildings and property for facilities to assist the homeless
  14. Summary of excess property disposal reports
  15. Evaluation of the operation of programs for donation of Federal surplus personal property; excess personal property transferred
  16. Excessive stocking of property, above reasonable inventory levels, by executive agencies
  17. Administration of the Federal Property and Administrative Services Act of 1949
  18. Contracts to facilitate the national defense entered into, amended, or modified
  19. Acquisition cost of surplus real or related personal property conveyed for care or rehabilitation of criminal offenders during previous fiscal year
  20. Results of investigations of the cost of travel and the operation of privately owned vehicles to Federal employees while engaged in official business
  21. Annual determination of the average actual cost per mile for the use of a privately owned motorcycle, automobile, and airplane
  22. A plan to comply with Section 432 relating to energy and water conservation at General Services Administration facilities

Reports 1, 6, 7, 8, 10, 11, 12, 17, and 18 are simply reports Congress needs to ask for to ensure there’s some visibility into the Agency, to ensure they’ll be informed if GSA finds something wrong itself. Reports 2, 3, 4, 5, 9, 13, 14, 19, and 22 measure the efficacy of efforts to use GSA’s buying power to do some social good  (and report 9, on ADA accessibility, involves significant legal compliance).  Reports 15 and 16 address an area susceptible to graft.  Reports 20 and 21 are not only key to cost-benefit analysis of how Federal employees travel, but they apparently are tied to one of GSA’s most requested links. Some of these are also reports tied to an action, like buying a building. And all that amounts to less than 1 report for every $ billion American taxpayers give to GSA. If anything, there are a few more reports — that might identify obviously politicized or excessive spending, which is a persistent problem with GSA — that are missing.

Admittedly, that’s just one random agency. But aside from some entities the Federal government runs itself (like American Samoa and DC) as well as some Commissions over which there have been political fights in the past I’m not seeing a whole lot of waste here — though there may be some inefficiency in how the information is requested. I might grant that in the era of big data we need to automate this — in effect, give Congress a better way to Big! Data! the bureaucracies it oversees (though that would be awfully susceptible to abuse), but I don’t see a lot of information that shouldn’t be required from the bureaucracy.

I’m reminded how, 2 years ago, James Clapper claimed ODNI had to produce too many reports and should be permitted to eliminate 30 of them. He tried to get rid of the annual report on how many people have security clearance (one of the few ways we can measure the ballooning secret government). He tried to get rid of reports on Department of Homeland Security’s notoriously useless intelligence agency. He tried to eliminate reports on Chinese spying on the US and nuclear lab security, both persistent security issues. He tried to eliminate a report informing Congress what the privacy staffs of intelligence agencies are doing. In short, in the guise of onerous reporting, he tried to eliminate crucial oversight  (as well as a paper trail that could be FOIAed) on several areas of great public concern.

Or consider this: DOD cannot pass an audit. The biggest military in the world still is not required to account for the money it spends, both to itself and Congress.

And yet a newspaper is saying we require too much reporting from the great big bureaucracy?

I don’t buy it.

A Key Part of RuppRoge’s Fake Dragnet Fix Reform: Pay the Telecoms

Here’s an interesting “reform” in the RuppRoge’s Fake Dragnet Fix. It pays the telecoms.

COMPENSATION AND ASSISTANCE.–The Government shall compensate, at the prevailing rate, an electronic communications service provider for providing records in accordance with directives issued pursuant to [their bill].

Section 215 does not include such a payment provision. And while the first two phone dragnet orders included provision for such payments, that was probably illegal.

Don’t get me wrong. I’m sure the government has found some way to pay the telecoms, either through added payments for AT&T’s Hemisphere program or gifts in kind. (Though given the timing of DOJ’s suit against Sprint for over-billing, I do wonder whether the government is retaliating for something.) Telecoms don’t spy for free, so I’m sure they’ve been getting paid, illegally, for the last 8 years of dragnet spying they’ve been doing.

But the lack of such provision in Section 215 should have limited the scope of the dragnet. It should have required that requests be so narrow no telecom was going to send big bills to the government every month. And it presumably made the telecoms (well, except for AT&T, which never met a spying request it didn’t love) less willing to interpret orders from the government expansively.

The inclusion of such a compensation clause in the RuppRoge “reform” makes it even more likely this dragnet will expand with the now well-oiled willingness of the telecoms to go above and beyond the letter of the request.

Which is presumably just how the NSA wants it to be.

America’s $1 Trillion Target Barge

The NYT has a story about a mock US aircraft carrier Iran is building, its sources say, so Iran can blow it up for the propaganda value.

Iran is building a nonworking mock-up of an American nuclear-powered aircraft carrier that United States officials say may be intended to be blown up for propaganda value.

This has set off chatter about how weird and dumb Iran is for building this giant toy boat, which US sources call the Target Barge.

But pretty soon after I started reading the article I found myself applying the phrases in it to America’s F-35 program which, in many ways, is an even bigger propaganda prop. See how it looks when you swap out Iran’s barge for the F-35?

Intelligence officials do not believe that the US is capable of building an actual F-35.

“Based on our observations, this is not a functioning plane; it’s a large spending program built to look like an plane,” said Cmdr. Jason Salata, a spokesman for the Navy’s Fifth Fleet in Bahrain, across the Persian Gulf from Lockheed. “We’re not sure what the US hopes to gain by building this. If it is a big propaganda piece, to what end?”

[snip]

“It is not surprising that American military forces might use a variety of tactics — including military deception tactics — to strategically communicate and possibly demonstrate their resolve in air power,” said a Chinese official who has closely followed the construction of the F-35.

[snip]

[T]he Pentagon has taken no steps to cloak from prying Chinese hackers what it is building in pork-laden building sites across several countries. “The system is often too opaque to understand who hatched this idea, and whether it was endorsed at the highest levels,” said Karim Sadjadpour, an American expert at the Carnegie Endowment for International Peace.

See what I mean?

Opacity of purpose.

Failure to provide adequate security.

Probable impossibility to bring to completion.

Abundant propaganda.

I’m not all that sure what distinguishes the F-35 except the cost: Surely Iran hasn’t spent the equivalent of a trillion dollars — which is what we’ll spend on the F-35 when it’s all said and done — to build its fake boat.

So which country is crazier: Iran, for building a fake boat, or the US for funding a never-ending jet program?

Contractors Already Have Access to the Phone Dragnet

In today’s HJC hearing on the NSA, there was extensive discussion about the risks of outsourcing the dragnet to the telecoms or — especially, to a third party holding all the data. It’s a concern I share.

That said, not a single person at the hearing seemed to be aware of this footnote, which has been in the phone dragnet primary orders since at least last April.

5 For purposes of this Order, “National Security Agency” and “NSA personnel” are defined as any employees of the National Security Agency/Central Security Service (“NSA/CSS” or “NSA”) and any other personnel engaged in Signals Intelligence (SIGINT) operations authorized pursuant to FISA if such operations are executed under the direction, authority, or control of the Director, NSA/Chief, CSS (DIRNSA).

If this language left any doubt that it permits contractors to directly query the database of every single phone-based relationship in the US, this language from Dianne Feinstein’s Fake FISA Fix bill report (which aims to codify the status quo) should eliminate them.

The Committee believes that, to the greatest extent practicable, all queries conducted to the authorities established under this section should be performed by Federal employees. Nonetheless, the Committee acknowledges that it may be necessary in some cases to use contractors to perform such queries. By using the term “government personnel” the Committee does not intend to prohibit such contractor use.

Contractors already have access to the dragnet.

If it presents a security threat to have contractors from Booz Allen Hamilton or some other intelligence contractor to have direct access to the dragnet, then we need to shut the dragnet down.

Because they’ve already got it.

Weep for the Spurned Billion Dollar Mercenary!

In what is sure to be some interesting book publicity, Erik Prince has gone sobbing to the WSJ about the shoddy treatment the government that paid him billions treated him. In the piece, he continues to reveal new details about some of the operations CIA paid him to do, including the kill team training first revealed in 2009.

A chief target of Mr. Prince’s ire is Mr. Panetta, who in 2009 shut down the covert training operation for CIA “hit teams” that former Blackwater officials said took place on Mr. Prince’s Virginia property.

The CIA had been sending officers for training at Blackwater’s North Carolina training facility. But it wanted something closer to its Langley, Va., headquarters, former company officials said. So they asked Mr. Prince to build a small shooting range on his rural Virginia land.

“They needed a place that was only 35 minutes away from work,” said Gary Jackson, the former Blackwater president. “Erik was OK with that, and he has the property, and we had the money.” The trainings, including live-fire exercises, drew some complaints over the years from neighbors, Mr. Jackson said.

[snip]

When that information became public in 2009, right after Mr. Panetta canceled the Blackwater hit-team training, the CIA director ended the company’s role in maintaining the drones.

Mr. Prince said he is convinced that Mr. Panetta outed him as a CIA “asset” at a closed congressional hearing that year, adding that it was unthinkable for a CIA director to reveal the real name of a covert operative to lawmakers.

[snip]

“No one was out to scapegoat anyone in the relationship with Blackwater, but there were some issues that arose that prompted a serious look at contracts with the company,” said one former CIA official involved in the discussions. “There was a perception that they were trying to run some of their own operations untethered from agency oversight.” [my emphasis]

Only the last bit is really new (though it is suggested in a profile of the mafia hitman involved in the program).

But remember this real point is not that Panetta outed Prince to the House Intelligence Committee, it’s that he briefed these “programs” at all. According to Jan Schakowsky, under Cheney Blackwater had been working directly with the White House on counterterrorism policy (which makes sense since Cofer Black came up with that policy in the first place).

I reminded, by the way, that Barb Milkulski told John Brennan that Panetta was the only CIA Director who didn’t “jerk around” the intelligence committees.

Imagine how sad Prince must be that his mercenary company beginning to do its own operations got cut off when Congress actually learned about it!

DiFi Fake FISA Fix Explicitly Allows Contractors to Conduct Suspicionless Searches on US Person Data

The Senate Intelligence Committee has released its report on DiFi’s Fake FISA Fix. The report makes it clearer than ever that this is not at all an improvement, but rather an attempt to use the Snowden leaks as an opportunity to make the spying programs explicitly worse, which I’ll explain at more length later.

Just as an example, however, take a look at what they do with back door searches. As I explained here, the bill describes new reporting for a tiny fraction of back door searches, those that search on a US identifier as content, presumably to trick people in thinking that does anything for the vast majority of back door searches on US identifiers as metadata (DiFi’s staffers all but admitted that, anonymously, here). Thus, it provides new reports for a tiny fraction of this practice, while endorsing the vast majority of such searches — and the far more intrusive ones — to go on with no reporting requirements. And since I laid that out, NSA General Counsel Raj De and DNI General Counsel Robert Litt made it clear that NSA does not currently require even Reasonable Articulable Suspicion to search any content collected incidentally.

Here’s what the report adds to that, explicitly.

The Committee believes that, to the greatest extent practicable, all queries conducted to the authorities established under this section should be performed by Federal employees. Nonetheless, the Committee acknowledges that it may be necessary in some cases to use contractors to perform such queries. By using the term “government personnel” the Committee does not intend to prohibit such contractor use.

The NSA just had a contractor walk off with unbelievable amounts of data.

And the Senate Intelligence Committee’s response to that is to explicitly give contractors the authority to conduct suspicionless searches through vast quantity of data to access and read the content of US person data, with no reporting requirements.

I guess when they named this the “intelligence” committee they were just making an elaborate joke.

(Note: Snoopdidoo had some more observations on the report in comments to this thread.)

The USAID vs SIGAR Pissing Contest

Reuters has a riveting exclusive today in which they have been given a treasure trove of documents from which they have reported on documentation that a contractor involved in USAID highway construction in Afghanistan is employing a subcontractor who is a member of the Haqqani network:

Much of the evidence against Zadran is classified, but the cache of documents given to Reuters by U.S. officials on condition of anonymity show that he has close business ties with the Haqqani network’s leader, Sirajuddin Haqqani.

The Haqqanis, Islamist insurgents who operate on both sides of the Afghanistan-Pakistan border, are believed to have introduced suicide bombing into Afghanistan.

The links between Zadran and the insurgency include him teaming up with Saadullah Khan and Brothers Engineering and Construction Company (SKB), believed to be one of Sirajuddin Haqqani’s companies.

Together they won a $15 million contract to help build a road between the towns of Gardez and Khost in Afghanistan’s east for the U.S. Agency for International Development (USAID) in 2011.

“The owners of these companies are facilitators and commanders of the Haqqani Network,” one U.S. government memorandum says.

This problem fits into the overall work that SIGAR has been doing recently in which they comment on the lack of control and auditing on funds once they are turned over from USAID and other agencies to the Afghan government for disbursement. And huge amounts of money are involved:

The inability over many years to stop firms believed to be supporting the insurgency from winning multi-million-dollar contracts exposes the lack of control that donors have over cash once it is handed over to the Afghan government.

Those transfers make up an increasing proportion of aid. U.S. federal agencies want more than $10.7 billion for reconstruction programs in 2014, SIGAR says, and the government has promised at least half will be granted directly to Afghan institutions to spend as they see fit.

SIGAR has clearly upset a number of folks with their work on this front. Back on October 10, the Atlantic carried a hit piece against SIGAR (I owe Marcy a huge thank you for alerting me to the article) in which we are supposed to believe that USAID has built a public health system in Afghanistan that in just a few years has added 20 years to life expectancy while dropping child mortality by half. And the article would have us believe that this wonderful new system is at risk of being shut down because of SIGAR’s campaign against funds being disbursed by the Afghan government without an audit trail:

John Sopko is the U.S. government’s chief auditor for Afghanistan and a former prosecutor with years of experience on Capitol Hill. In September, Sopko’s office—the Special Inspector General for Afghanistan Reconstruction, or SIGAR—issued a report calling for the suspension of USAID’s $236 million in aid for basic health care in Afghanistan.

Why shut down such a successful program? The short answer is that SIGAR’s is a peculiar concept of caution.

Strikingly, the auditors’ report calling for the funding freeze for the health program doesn’t claim any evidence of serious fraud or waste. Instead, it raises hypothetical concerns about the Afghan government’s ability to manage aid money well, including evidence that some salaries were paid in cash, as well as the absence of double entry bookkeeping.

There is a huge problem with the underlying premise of “such a successful program”, though. It is fabricated bullshit. Here is how the hit piece frames their argument on the successes: Read more

The Irony of Booz Vice Chair Mike McConnell’s Timing

Please support this kind of weedy journalism

I’m in the process of going really deep in the weeds on this Section 215 stuff, just adjusting my earlier timelines.

Several of us have noted the curious timing of the discovery of the problems with Section 215 dragnet. November 2, 2008 was the stated high number of identifiers which the NSA could contact chain, at 27,090 (though when NSA started cleaning this stuff up they only audited back through November 1, 2008).

On December 10, 2008, two analysts (whom I wildarseguess suspect were actually FBI Agents) start doing searches on unapproved identifiers, doing 280 over the next month and a half.

On December 11 and 12, 2008, Reggie Walton wrote the first systematic opinion on this program and approved a new Primary Order.

On December 15, 2008, the NSA stopped one of its abusive alert system processes.

On January 9, 2009, NSA told folks at DOJ’s National Security Division about them.

By January 15, 2009, NSA had seemingly purged thousands of identifiers from its alert list, because on that day (five days before the inauguration) it had only 17,835, down from 27,090 two days before Obama was elected.

January 20, 2009: Obama took the oath as President, replacing George Bush.

That, of course, led to change at key positions. One which I find remarkably interesting, however was that of Mike McConnell, who had spent two years as Director of National Intelligence (just long enough to get immunity for those who did all this illegally under Cheney’s program). McConnell left on January 27, 2009, leading to a delay on (reported) DNI involvement in this until his replacement Dennis Blair came in on January 29. Blair was briefed on this on his second day in office, January 30, 2009.

I don’t know — because the documents don’t say (see, especially, Keith Alexander’s chart on page 25 of his declaration that is totally non-responsive about anyone in DNI who would have known about these problems)– how much the revolving Intelligence Contractor Exec McConnell knew about NSA’s extension of the illegal Cheney program, illegally, under the FISC sanctioned Section 215 order.

But remember: as Vice Chair of Booz, Mike McConnell was (sort of) Edward Snowden’s boss until the latter absconded with proof of these gross violations under McConnell’s tenure at DNI.

Among other things, this rough outline suggests this wasn’t so much a “discovery” of violations, it was an attempt to hide what at least some people knew were systematic and gross violations of the Section 215 program, just before Obama came in and replaced some of the top players.

But I do find it ironic that McConnell’s company, Booz, played its small part in making all this clear.

SIGAR’s Sopko re $50 Million Sole Source Rule of Law Contract: “You Can’t Make This Up”

John Sopko

John Sopko

The Special Inspector General for Afghanistan Reconstruction (SIGAR) has discovered that the State Department has awarded a sole source contract for nearly $50 million to provide training on the rule of law in Afghanistan. Remarkably, the State Department ignored its own rules for contracting and provided no mechanism for verifying spending under the contract. SIGAR also has found that the International Development Law Organization, which was awarded the contract, is particularly ill-equipped to manage such a large contract and is refusing to cooperate with SIGAR’s investigation.

From the alert letter (pdf) sent to Secretary of State John Kerry from Special Inspector General John Sopko:

I write to alert you to serious deficiencies related to the Afghanistan Justice Training Transition Program administered by the Department of State, Bureau of International Narcotics and Law Enforcement Affairs (INL). In the course of performing an audit of rule of law programs managed by INL, SIGAR became aware of INL’s sole source award to the International Development Law Organization (IDLO) for Afghan justice sector training services. This award does not appear to contain basic provisions that would allow INL to ensure proper monitoring and evaluation of a project expected to cost U.S. taxpayers nearly $50 million.

On December 27, 2012, INL offered IDLO $47,759,796 in exchange for work on a project titled, “Completing the Transition in Afghanistan: Justice Training Transition Program (JTTP)” (see attached). On January 2, 2013, IDLO accepted INL’s offer by initialing a two-and-a-half page Letter of Agreement. According to INL, this is the largest project IDLO has ever worked on and the United States has already obligated $20 million towards its completion.

It is very easy to see that this is the largest project IDLO has ever worked on. Their website is pathetic. The “people” section lists only one person, Irene Khan, noting that she served as Director General of Amnesty International from 2001-2009. The page fails to mention that she was removed from that post and caused quite a scandal with the huge payout she forced Amnesty International to give her in order to leave.

Returning to Sopko’s letter, we see that IDLO was chosen to replace another organization, PAE (whose new Executive Chairman just came from CACI, scary folks there…) and that SIGAR had “significant concerns raised regarding award and management of the PAE contract”. It appears that the State Department can’t quite figure out how to observe the law in giving out grants to train Afghans on the administration of justice. Further, SIGAR found that the State Department ignored its own rule in awarding this contract in a manner that makes oversight almost non-existent, even though it did require oversight on the portion of the program that is contracted to the Afghan government.

Regarding IDLO itself, the letter is devastating (emphasis added): Read more