[Photo: National Security Agency, Ft. Meade, MD via Wikimedia]

The 702 Compliance Reporting

/in , /by

This will be a very weedy post on two quarterly reports on 702 compliance released to ACLU under FOIA: March 2014, March 2015; the March reports both cover the December 1 through February 28 period. ACLU obtained them not by FOIAing quarterly compliance reporting directly. Rather, ACLU asked for all the documents referred in this Summary of Notable Section 702 Requirements, which they had received earlier. But the released copies are entirely useless in elucidating the Notable Requirements. The 2015 report, for example, was provided in part to explain how NSA assesses whether a selector will provide foreign intelligence information, but the section of the report that details with it (item 28 on page 46) has been withheld entirely (see break between PDF 8 and 9). In addition, there must be at least one more citation to it that is redacted in the Notable Requirements document. The reference(s) to the 2014 report are entirely redacted.

There are a few places such redacted references to the two reports might be: There’s a missing citation in Pre- and Post-Tasking Due Diligence (the redaction at the bottom of 2). There may be a citation missing in the continued assessment section at the bottom of page 4. There’s definitely one missing in the Obligation to Review section (page 5). There’s likely to be one in the long redacted passage on page 6 pertaining to resolving post-tasking problems as quickly as possible. And the sole footnote (see page 11) in the Summary has a reference, which is likely one on FBI techniques to analyze Section 702 information the government identified as being withheld in its entirety.

So the Compliance reports don’t help us — at all — to understand the requirements the government places on itself with respect to 702.

But they do show us, in more granular detail than show up in the Semiannual reports (this one includes the March 2014 period and this one includes the March 2015 period), the kinds of things that show up in the compliance reviews. The compliance reporting in both is generally organized in to the same sections (see page 29):

  • Tasking Issues
  • Detasking Issues
  • Notification Delays
  • Documentation Issues
  • Overcollection
  • Minimization
  • Other

And — as the Semiannual Report makes clear — we’re just seeing a fraction of the granular descriptions in the quarterly reports, because we’re not seeing the tasking, detasking, notification, or documentation issues. That means the unredacted content in the released reports represents less than 20% of the total number of compliance incidents for these two quarters.

Though we may be able to use the reports in conjunction to identify how many selectors, on average, are tasked at any given time. If the 25 minimization issues cited in the March 2015 report are representative (meaning there’d be 50 for the entire six month period), then there’d be roughly 338 incidents across all topics for the six month period (it’s not entirely clear how they deal with overlap). Given a compliance rate of .35% per average facilities tasked, this means roughly 96,571 facilities tasked at any given time, thought that may be low given the vastly different lead times on these reports (meaning in the interim year, the government might ID many more compliance issues that get reported primarily in the Semiannual report). There were 94,368 targets across the whole year in FY 2015 (which covers this entire period because the Fiscal Year begins in October). What that suggests is that for some targets, you’ll have more than one facility tasked at any given time, but unless there’s a lot of turnover in a given year (meaning that most targets are only tasked for some weeks or months), not that many.

Which leaves us with what the reports do show us: the other (largely dissemination) and minimization (largely overly broad queries and US person queries) compliance errors, errors which I’ve roughly tallied in this document.

Dissemination

Between the two quarterly reports, there are 13 incidences of what I’m lumping under improper dissemination (the report treats database dissemination differently from disseminating unmasked USP identities). Most of these are fairly non-descript, true error. In three cases, analysts at other agencies alerted the NSA that they had not masked a US person identity.

The exceptions are 2015-19 and -20, which are almost entirely redacted but pretty clearly deal with NSA sharing raw data with FBI and/or CIA improperly.

I find the second one — which includes no unredacted discussion of emergency detasking or other mitigation — to be the more alarming of the two. But in general, the possibility that NSA might mistakenly send FBI (especially) the wrong data is troubling because once things get to FBI they get far less direct scrutiny (both in terms of compliance reviews and in terms of auditing) than NSA gets. Sending the collection on an entire selector over to another agency is far more intrusive than sending over one unmasked name (though it’s not clear this raw data belonged to a US person). Plus, once things get to FBI they can start having repercussions.

Overbroad Queries

The overbroad queries are interesting not so much because they affect US persons directly (though they do in perhaps two cases), but for what they say about the querying process. Here’s what the 2015 Semiannual Report says about overbroad queries, which it acknowledges is a problem even while attributing the problem to errors in constructing Boolean queries.

(U) NSA’s minimization procedures require queries of Section 702-acquired data to be designed in a manner “reasonably likely to return foreign intelligence information.” Approximately 29% of the minimization errors in this reporting period involved non-compliance with this rule regarding queries (54% in the last reporting period).56 As with prior Joint Assessments, this is the cause of most compliance incidents involving NSA’s minimization procedures. These types of errors are typically traceable to a typographical or comparable error in the construction for the query. For example, an overbroad query can be caused when an analyst mistakenly inserts an “or” instead of an “and” in constructing a Boolean query, and thereby potentially received overbroad results as a result of the query. No incidents of an analyst purposely running a query for nonforeign intelligence reasons against Section 702-acquired data were identified during the reporting period, nor did any of the overbroad queries identified involve the use of a United States person identifier as a query term.

That generally accords with the most common description of the compliance errors: an analyst constructs a query poorly, recognizes as soon as she gets the results (presumably resulting in far more returned records than expected), someone (the reports as often as not don’t tell us who) deletes them, and it gets reported. There are a few incidents where analysts run multiple such queries before discovering the problem — that seems like more of a concern, as fat-fingering a Boolean connector shouldn’t explain it. I’m interested in the errors (2015-7, -8, and -9) where the redaction seems to suggest either some other kind of query or some embarrassment about disclosing that top secret method, Boolean search; it’s possible this pertains to XKS searches, which can also involve scripts. One of these overboard queries was done by a linguist (which given the Reality Winner case is interesting). There are also discrepancies about whether the analyst themselves discovered the problem or an auditor, the latter of which happened at least five times (two incidences don’t describe who discovered them). Finally, there are interesting differences in the description of the coaching that happens after an issue. Sometimes none is described. Most often, the report describes the analyst getting a talking to. But in a number of cases, “personnel,” which might be plural, get coaching. I’m interested in when more than one person would get such coaching.

Finally, consider what it means that most of these violations seem to involved multiple authorities, including 702. That’s not at all surprising: you’d want to track a target across all the collection you had on the person. But that also includes upstream 702, which may be part of the problem upstream became such a problem.

US Person Queries

Finally, there are the queries using US person identifiers that, for some reason, were improper under the guidelines first approved in 2011. As I’ve noted, these have been a consistent problem since at least 2013. The Semiannual Report acknowledges this, or at least the problems with searching upstream 702 data, which was prohibited in the 2011 guidelines.

(U) Additionally, as noted in prior Joint assessments, the joint oversight team believes NSA should assess modifications to systems used to query raw Section 702-acquired data to require analysts to identify when they believe they are using a United States person identifier as a query term. Such an improvement, even if it cannot be adopted universally in all NSA systems, could help prevent compliance instances with respect to the use of United States person query terms.59 NSA plans to test and implement this recommendation during calendar year 2016. The new internal compliance control mechanism being developed for NSA data repositories containing unevaluated and unminimized Section 702 information will require analysts to document whether the query being executed against the database includes a known United States person identifier. Once the query is executed, the details concerning the query will be passed to NSA’s auditing system of record for post-query review and potential metrics compilation. As part of the testing, NSA will evaluate the accuracy of reporting this number in future Joint Assessments.60

As you review the violations discovered in 2014 and 2015, remember that (as noted in the 2017 702 authorization), these results were in a period where NSA was just discovering far more pervasive problems with US person searches. As it is, in each quarter here, there were 10 or 11 inappropriate US person searches. In 2014, a number of those (2,5, 8, 17) were searches of 702 data using identifiers associated with US persons already targeted under Title I, 704, or 705(b). Just one (5) of the 2015 violations was approved for individual targeting, and that appears to be one of the earlier violations in the quarter (note it must have occurred in December 2014). That’s interesting, because this undated guideline on USP queries of 702 collections says any US person approved for individualized targeting or RAS (under the old phone dragnet) could be backdoor searched. It seems likely, then, they changed the policy in 2015 (which is particularly alarming, given that they did so just as NSA was moving towards discovering how bad their upstream searches were. In other words, they seem to have made legal one of the practices that was coming up as a violation.

These violation descriptions are also interesting for the (often redacted) specificity about the kind of selector used, sometimes described as email, telephony (which could include messaging), and in others as “facilities” (which might include cookies or IPs). That’s an indication of the range of identifiers under which you can search 702 data, which is in turn (because 702 searches are all supposed to derive from PRISM collection) a testament to the kinds of things that get turned over in PRISM returns.

Of the violations described, just one obviously pertains to the search on an identifier for which the authorization had expired. That’s interesting, because searches on expired warrants appeared far more frequently in past reports. Significantly, the IG Report reviewing compliance 704/705(b), which reviewed queries for two months that overlapped with the 2015 report at issue (January and February 2015; the compliance report included December 2014 whereas the IG Report included March 2015), did find persistent problems with expired authorizations, but in EO 12333 data (suggesting FISA queries might have fixed earlier such problems). But the discussion of these problems in Rosemary Collyer’s 702 reauthorization opinion shows that for one tool, 85% of 704/705(b) queries conducted from November 2015 through April 2016 — well after the later quarter covered here — were non-compliant. “Many of these non-compliant queries involved use of the same identifiers over different date ranges.” NSA was unable to segregate and destroy the improper queries. That’s perhaps unsurprising, because as late as April 2017, the NSA was still having difficulties identifying all the queries run against 702 data.

And in spite of the reports, from later 702 reporting that some of the 704/705(b) queries of 702 did not get included in auditing systems, a good number of these violations were not discovered by analysts (as often happened with improper queries) but by auditors, suggesting the violations may have had an impact on US persons.

All that said, there’s not all that much there there, aside from the sheer number (which the Semiannual report seems to think is just NSA’s serial refusal to fix the problem of default search settings). These two snap-shots of the 702 upstream query problem, capturing 702 collection in the period immediately before it started to blow up, are also an indication of how much ODNI/DOJ’s oversight of NSA (which is far more rigorous than the oversight than the same agencies give CIA and especially FBI) was missing.

The AlphaBay Jewish Community Center Bomb Threat of the Week Service

/13 Comments/in , /by

Back in April, the Department of Justice announced it had identified the perpetrator of at least some of the series of threats against targets that had terrified the Jewish community between January and March: Michael Ron David Kadar, an Israeli-American 18-year old, had allegedly placed at least 15 calls to different Jewish Community Centers and other targets this year. While it received less attention, DOJ also charged Kadar with swatting calls targeting secular schools in Georgia going back to August 2015.

The fact that Kadar, an Israeli Jew, was behind sowing terror throughout the Jewish community defied assumptions that the threats were motivated out of anti-Semitism. After all, why would a Jew seek to terrorize other Jews?

Except — as documents tweeted out by GWU’s Seamus Hughes yesterday make clear — the reality may be quite different.

Back in April, the FBI obtained a search warrant to search certain accounts on AlphaBay, the dark web marketplace taken down in July. It reveals that Israeli police seized a thumb drive in their search of Kadar’s room showing “THE ARCHIVE OF TARGETS.” Documents from the archive corresponded to the hoaxes launched against Jewish targets.

It then explains that an AlphaBay vendor working under the name Darknet_Legend — apparently run by Kadar — offered a “unique emailing service for all of you, I email bomb threats to schools on your request.” Emailed bomb threats cost $30 each, plus an extra $15 if you wanted to frame someone in particular for the hoax.

In June, a prosecutor asked the magistrate to unseal the earlier search warrant to facilitate the arrest of the person believed to have paid for at least one of the JCC bomb threats.

That ongoing investigation has identified a suspect believed to have ordered and paid for at least [sic] of the bomb threats made by Kadar. The FBI and local authorities in California intend to pursue criminal charges against the suspect. If they are successful in doing so, the local authorities may need this warrant and/or it may be producible in discovery.

On July 17, the magistrate unsealed that warrant.

While it’s not yet clear who the CA target was or what has happened to him or her since June, it appears that Kadar only carried out the threats, at $30 a pop, for someone else.

Robert Mueller’s Grand Jury and the Significance of Felix Sater

/25 Comments/in , , , /by

In response to Monday’s server hiccups and in anticipation that Mueller is nowhere near done, we expanded our server capacity overnight. If you think you’ll rely on emptywheel reporting on the Mueller probe, please consider a donation to support the site

The world is abuzz with the news that Robert Mueller has impaneled a DC-based grand jury that he used to subpoena information on the June 9, 2016 meeting between Don Jr., Paul Manafort, Jared Kushner, and some Russians promising dirt on Hillary Clinton. In reality, the Special Counsel had already been using a grand jury to get information on Mike Flynn and Paul Manafort and we should always have expected a dedicated grand jury.

Nevertheless, the move has convinced the chattering classes that this investigation is for real.

This comes as a surprise to people, apparently, after reports of Mueller’s 16th hire, illegal foreign bribery expert Greg Andres. It’s almost as if people haven’t been making sense of where Mueller is going from the scope of his hires, which include:

  1. Mob specialists: Andrew Weissman and Lisa Page are mob prosecutors.
  2. Fraud specialists: Weissman and Rush Atkinson are also fraud prosecutors.
  3. Corporate crime specialists: Weissman also led the Enron Task force. One of Dreeben’s key SCOTUS wins pertained to corporate crime. Jeannie Rhee has also worked on white collar defense.
  4. Public corruption specialists: Mueller hired someone with Watergate experience, James Quarles. And Andrew Goldstein got good press in SDNY for prosecuting corrupt politicians (even if Sheldon Silver’s prosecution has since been overturned).
  5. International experts: Zainab Ahmad, who worked terrorism cases in EDNY, which has some of the most expansive precedents for charging foreigners flown into JFK (including Russia’s darling Viktor Bout), knows how to bring foreigners to the US and successfully prosecute them in this country. Aaron Zelinsky has also worked in international law. Elizabeth Prelogar did a Fulbright in Russia and reportedly speaks it fluently. And, as noted, Andres has worked on foreign bribery.
  6. Cyber and spying lawyers: Brandon Van Grack is the guy who had been leading the investigation into Mike Flynn; he’s got a range of National Security experience. Aaron Zebley, Mueller’s former chief of staff at FBI, also has that kind of NSD experience.
  7. Appellate specialists: With Michael Dreeben, Mueller already has someone on the team who can win any appellate challenges; Adam Jed and Elizabeth Prelogar are also appellate specialists. Mueller’s hires also include former clerks for a number of SCOTUS justices, which always helps out if things get that far.

I lay this out there to suggest that in addition to hiring a bunch of super stars, Mueller also appears to have picked people for their expertise. Those picks reflect an already well-developed theory of the case, one formed long before he impaneled his own grand jury. And many of them boast expertise fairly distant from the question of foreign adversary’s hacking a political party’s server.

And I’d suggest there’s good reason for that.

Some of Mueller’s theory of the case undoubtedly comes from whatever evidence Jim Comey’s FBI and Van Grack’s grand jury had already collected, which at least publicly pertains to Mike Flynn’s disclosure problems, his comments to the Russians, and Paul Manafort’s money laundering. Some of it comes from stuff that was being investigated in NY.

But remember: Trump’s sordid ties to Russian mobsters (see categories 1, 2, 3, and 5) go back a long way. One of the best ways to understand what and how close some of those ties are is to look at the case of Felix Sater. Josh Marshall’s description here gets at a lot of the important bits.

Sater is a Russian emigrant who was jailed for assault in the mid-90s and then pulled together a major securities fraud scheme in which investors lost some $40 million. He clearly did something for the US government which the feds found highly valuable. It seems likely, though not certain, that it involved working with the CIA on something tied to the post-Soviet criminal underworld. Now Bayrock and Trump come into the mix.

According to Sater’s Linkedin profile, Sater joined up with Bayrock in 1999 – in other words, shortly after he became involved with the FBI and CIA. (The Times article says he started up with Bayrock in 2003.) In a deposition, Trump said he first came into contact with Sater and Bayrock in the early 2000s. The Trump SoHo project was announced in 2006 and broke ground in November of that year. In other words, Sater’s involvement with Bayrock started soon after he started working with the FBI and (allegedly) the CIA. Almost the entire period of his work with Trump took place during this period when he was working for the federal government as at least an informant and had his eventual sentencing hanging over his head.

What about Salvatore Lauria, Sater’s accomplice in the securities swindle?

He went to work with Bayrock too and was also closely involved with managing and securing financing for the Trump SoHo project. The Timesarticle I mentioned in my earlier post on Trump SoHo contains this …

Mr. Lauria brokered a $50 million investment in Trump SoHo and three other Bayrock projects by an Icelandic firm preferred by wealthy Russians “in favor with” President Vladimir V. Putin, according to a lawsuit against Bayrock by one of its former executives. The Icelandic company, FL Group, was identified in a Bayrock investor presentation as a “strategic partner,” along with Alexander Mashkevich, a billionaire once charged in a corruption case involving fees paid by a Belgian company seeking business in Kazakhstan; that case was settled with no admission of guilt.

All sounds totally legit, doesn’t it?

But there’s more!, as they say.

Sater’s stint as a “Senior Advisor” to Donald Trump at the Trump Organization began in January of January 2010 and lasted roughly a year. What significance that has in all of this I’m not sure. But here’s the final morsel of information that’s worth knowing for this installment of the story.

How exactly did all of Sater’s secret work and the federal government’s efforts to keep his crimes secret come to light?

During the time Sater was working for Bayrock and Trump he organized what was supposed to be Trump Tower Ft Lauderdale. The project was announced in 2004. People paid in lots of money but the whole thing went bust and Trump finally pulled out of the deal in 2009. Lots of people who’d bought units in the building lost everything. And they sued.

In other words, an FBI (and, possibly, CIA) informant had links with two of Trump’s business with ties to the Russian mob for — effectively — the entire extended Mueller tenure at FBI.

This is a point one of the few other people with reservations about Mueller as Special Counsel made to me not long ago. The FBI — Mueller’s FBI — has known about the ties between Trump’s businesses and the Russian mob for well over a decade. The FBI — Mueller’s FBI — never referred those ties, that money laundering, for prosecution in that entire time, perhaps because of the difficulties of going after foreign corruption interlaced with US businesses.

Now, in a remarkably short timeframe, former mob prosecutor Robert Mueller has put together a dream team of prosecutors who have precisely the kind of expertise you might use to go after such ties.

Because now it matters. It matters that the President has all these obligations to the Russian mob going back over a decade, because he can’t seem to separate his own entanglements from the good of the country.

Yes, Robert Mueller convened a grand jury and he has used it to go after the records of a meeting set up by one of Trump’s key Russian allies, Aras Agalarov, and his campaign, the guy who, at the very end of Mueller’s tenure at FBI, helped Trump stage the Miss Universe pageant in Russia, an event that may have marked significant new levels of Trump exposure to Russian compromise. But Mueller was on the trail of Trump and his Russian crime ties long before that. (The person with Mueller reservations actually wondered whether Trump himself wasn’t cooperating with the FBI in this period.)

Folks have made much of this exchange in the NYT’s long interview with Trump.

SCHMIDT: Last thing, if Mueller was looking at your finances and your family finances, unrelated to Russia — is that a red line?

HABERMAN: Would that be a breach of what his actual charge is?

TRUMP: I would say yeah. I would say yes. By the way, I would say, I don’t — I don’t — I mean, it’s possible there’s a condo or something, so, you know, I sell a lot of condo units, and somebody from Russia buys a condo, who knows? I don’t make money from Russia. In fact, I put out a letter saying that I don’t make — from one of the most highly respected law firms, accounting firms. I don’t have buildings in Russia. They said I own buildings in Russia. I don’t. They said I made money from Russia. I don’t. It’s not my thing. I don’t, I don’t do that. Over the years, I’ve looked at maybe doing a deal in Russia, but I never did one. Other than I held the Miss Universe pageant there eight, nine years [crosstalk].

SCHMIDT: But if he was outside that lane, would that mean he’d have to go?

[crosstalk]

HABERMAN: Would you consider——

TRUMP: No, I think that’s a violation. Look, this is about Russia. So I think if he wants to go, my finances are extremely good, my company is an unbelievably successful company. And actually, when I do my filings, peoples say, “Man.” People have no idea how successful this is. It’s a great company. But I don’t even think about the company anymore. I think about this. ’Cause one thing, when you do this, companies seem very trivial. O.K.? I really mean that. They seem very trivial. But I have no income from Russia. I don’t do business with Russia. The gentleman that you mentioned, with his son, two nice people. But basically, they brought the Miss Universe pageant to Russia to open up, you know, one of their jobs. Perhaps the convention center where it was held. It was a nice evening, and I left. I left, you know, I left Moscow. It wasn’t Moscow, it was outside of Moscow.

Technically, Trump was only asked about whether he’d consider Mueller’s review of finances unrelated to Russia to be outside his lane. But Trump largely answered it about Russia, about business deals — the condos, the pageant — with Russia going back to the time Mueller’s FBI would have been working with Felix Sater to learn about the Russian mob.

Yeah. It’s no surprise Mueller has impaneled a grand jury.

The Leakers Get Craftier

/25 Comments/in , , /by

Hey, are you all still here?

Thanks to everyone — especially Rayne — for watching after the likker cabinet while I was in Oz. It appears the Donald Administration has only gotten crazier since I was gone.

Last night, the WaPo published yet another big scoop show more lies about Russia. It reveals that President Trump personally dictated the response to the news that Don Jr, Paul Manafort, and Jared Kushner met with Natalia Veselnitskaya.

Flying home from Germany on July 8 aboard Air Force One, Trump personally dictated a statement in which Trump Jr. said that he and the Russian lawyer had “primarily discussed a program about the adoption of Russian children” when they met in June 2016, according to multiple people with knowledge of the deliberations. The statement, issued to the New York Times as it prepared an article, emphasized that the subject of the meeting was “not a campaign issue at the time.”

Two important details about this scoop: first, as Laura Rozen noted, Trump’s focus on adoption came after he chatted up Vladimir Putin at the spouse’s dinner for up to an hour at the G20 (remember how Trump gesticulated wildly to get Putin’s attention). Given that Trump claims they spoke about adoptions, it makes it more likely (as batshit as this is to contemplate!) Trump looped Putin in on how to respond.

Remember, too, that Rob Goldstone specifically envisioned involving Trump in this matter.

What do you think is the best way to handle this information and would you be able to speak to Emin about it directly?

I can also send this info to your father via Rhona, but it is ultra sensitive so wanted to send to you first.

At this point it’s probably safest to assume all the other claims about this — such as that there was no follow-up — will prove to be lies, too.

I wanted to point one more thing out, though.

The WaPo story is notable for two reasons. First, it features an almost entirely new set of journalists from the three mainstays who’ve published the other big Russian scoops. Just as interesting — in the wake of the unceremonious firing of Reince Priebus and others — the story almost entirely hides the sources for the story. While the story quotes an anonymous Trump advisor and airs the complaint of Jared Kushner’s legal team, the story says nothing about who actually revealed this story. And the story is specifically framed in a way that tees it up for Robert Mueller to ask questions about Trump’s obstruction, personally.

Trump has serially fired his staffers because no one can get a handle on this Russian scandal. But with each firing, Trump also makes it likely new leaks with badly exacerbate the scandal.

 

[Photo: National Security Agency via Wikimedia]

If a Tech Amicus Falls in the Woods but Rosemary Collyer Ignores It, Would It Matter?

/10 Comments/in , /by

Six senators (Ron Wyden, Pat Leahy, Al Franken, Martin Heinrich, Richard Blumenthal, and Mike Lee) have just written presiding FISA Court judge Rosemary Collyer, urging her to add a tech amicus — or even better, a full time technical staffer — to the FISA Court.

The letter makes no mention of Collyer’s recent consideration of the 702 reauthorization certificates, nor even of any specific questions the tech amicus might consider.

That’s unfortunate. In my opinion, the letter entirely dodges the real underlying issue, at least as it pertains to Collyer, which is her unwillingness to adequately challenge or review Executive branch assertions.

In her opinion reauthorizing Section 702, Collyer apparently never once considered appointing an amicus, even a legal one (who, under the USA Freedom structure, could have suggested bringing in a technical expert). She refused to do so in a reconsideration process that — because of persistent problems arising from technical issues — stretched over seven months.

I argued then that that means Collyer broke the law, violating USA Freedom Act’s requirement that the FISC at least consider appointing an amicus on matters raising novel or significant issues and, if choosing not to do so, explain that decision.

In any case, this opinion makes clear that what should have happened, years ago, is a careful discussion of how packet sniffing works, and where a packet collected by a backbone provider stops being metadata and starts being content, and all the kinds of data NSA might want to and does collect via domestic packet sniffing. (They collect far more under EO 12333.) As mentioned, some of that discussion may have taken place in advance of the 2004 and 2010 opinions approving upstream collection of Internet metadata (though, again, I’m now convinced NSA was always lying about what it would take to process that data). But there’s no evidence the discussion has ever happened when discussing the collection of upstream content. As a result, judges are still using made up terms like MCTs, rather than adopting terms that have real technical meaning.

For that reason, it’s particularly troubling Collyer didn’t use — didn’t even consider using, according to the available documentation — an amicus. As Collyer herself notes, upstream surveillance “has represented more than its share of the challenges in implementing Section 702” (and, I’d add, Internet metadata collection).

At a minimum, when NSA was pitching fixes to this, she should have stopped and said, “this sounds like a significant decision” and brought in amicus Amy Jeffress or Marc Zwillinger to help her think through whether this solution really fixes the problem. Even better, she should have brought in a technical expert who, at a minimum, could have explained to her that SCTs pose as big a problem as MCTs; Steve Bellovin — one of the authors of this paper that explores the content versus metadata issue in depth — was already cleared to serve as the Privacy and Civil Liberties Oversight Board’s technical expert, so presumably could easily have been brought into consult here.

That didn’t happen. And while the decision whether or not to appoint an amicus is at the court’s discretion, Collyer is obligated to explain why she didn’t choose to appoint one for anything that presents a significant interpretation of the law.

A court established under subsection (a) or (b), consistent with the requirement of subsection (c) and any other statutory requirement that the court act expeditiously or within a stated time–

(A) shall appoint an individual who has been designated under paragraph (1) to serve as amicus curiae to assist such court in the consideration of any application for an order or review that, in the opinion of the court, presents a novel or significant interpretation of the law, unless the court issues a finding that such appointment is not appropriate;

For what it’s worth, my guess is that Collyer didn’t want to extend the 2015 certificates (as it was, she didn’t extend them as long as NSA had asked in January), so figured there wasn’t time. There are other aspects of this opinion that make it seem like she just gave up at the end. But that still doesn’t excuse her from explaining why she didn’t appoint one.

Instead, she wrote a shitty opinion that doesn’t appear to fully understand the issue and that defers, once again, the issue of what counts as content in a packet.

Without even considering an amicus, Collyer for the first time affirmatively approved the back door searches of content she knows will include entirely domestic communications, effectively affirmatively permitting the NSA to conduct warrantless searches of entirely domestic communications, and with those searches to use FISA for domestic surveillance. In approving those back door searches, Collyer did not conduct her own Fourth Amendment review of the practice.

Moreover, she adopted a claimed fix to a persistent problem — the collection of domestic communications via packet sniffing — without showing any inkling of testing whether the fix accomplished what it needed to. Significantly, in spite of 13 years of problems with packet sniffing collection under FISA, the court still has no public definition about where in a packet metadata ends and content begins, making her “abouts” fix — a fix that prohibits content sniffing without defining content — problematic at best.

I absolutely agree with these senators that the FISC should have its own technical experts.

But in Collyer’s case, the problem is larger than that. Collyer simply blew off USA Freedom Act’s obligation to consider an amicus entirely. Had she appointed Marc Zwillinger, I’m confident he would have raised concerns about the definition of content (as he did when he served as amicus on a PRTT application), whether or not he persuaded her to bring in a technical expert to further lay out the problems.

Collyer never availed herself of the expertise of Zwillinger or any other independent entity, though. And she did so in defiance of the intent of Congress, that she at least explain why she felt she didn’t need such outside expertise.

And she did so in an opinion that made it all too clear she really, really needed that help.

In my opinion, Collyer badly screwed up this year’s reauthorization certificates, kicking the problems created by upstream collection down the road, to remain a persistent FISA problem for years to come. But she did so by blowing off the clear requirement of law, not because she didn’t have technical expertise to rely on (though the technical expertise is probably necessary to finally resolve the issues raised by packet sniffing).

Yet no one but me — not even privacy advocates testifying before Congress — want to call her out for that.

Congress already told the FISA court they “shall” ask for help if they need it. Collyer demonstrably needed that help but refused to consider using it. That’s the real problem here.

I agree with these senators that FISC badly needs its own technical experts. But a technical amicus will do no good if, as Collyer did, a FISC judge fails to consult her amici.

Chris Wray’s DodgeBall and Trump’s Latest Threats

/22 Comments/in , , , , /by

Though I lived-tweeted it, I never wrote up Christopher Wray’s confirmation hearing to become FBI Director. Given the implicit and explicit threats against prosecutorial independence Trump made in this interview, the Senate should hold off on Wray’s confirmation until it gets far more explicit answers to some key questions.

Trump assails judicial independence

The NYT interview is full of Trump’s attacks on prosecutorial independence.

It started when Trump suggested (perhaps at the prompting of Michael Schmidt) that Comey only briefed Trump on the Christopher Steele dossier so he could gain leverage over the President.

Later, Trump called Sessions’ recusal “unfair” to the President.

He then attacked Rod Rosenstein by suggesting the Deputy Attorney General (who, Ryan Reilly pointed out, is from Bethesda) must be a Democrat because he’s from Baltimore.

Note NYT goes off the record (note the dashed line) with Trump in his discussions about Rosenstein at least twice (including for his response to whether it was Sessions’ fault or Rosenstein’s that Mueller got appointed), and NYT’s reporters seemingly don’t think to point out to the President that he appeared to suggest he had no involvement in picking DOJ’s #2, which would seem to be crazy news if true.

Finally, Trump suggested (as he has elsewhere) Acting FBI Director Andrew McCabe is pro-Clinton.

Having attacked all the people who are currently or who have led the investigation into him (elsewhere in the interview, though, Trump claims he’s not under investigation), Trump then suggested that FBI Directors report directly to the President. In that context, he mentioned there’ll soon be a new FBI Director.

In other words, this mostly softball interview (though Peter Baker made repeated efforts to get Trump to explain the emails setting up the June 9, 2016 meeting) served as a largely unfettered opportunity for Trump to take aim at every major DOJ official and at the concept of all prosecutorial independence. And in that same interview, he intimated that the reporting requirements with Christopher Wray — who got nominated, ostensibly, because Comey usurped the chain of command requiring him to report to Loretta Lynch — would amount to Wray reporting directly to Trump.

Rosenstein does what he says Comey should be fired for

Close to the same time this interview was being released, Fox News released an “exclusive” interview with Rod Rosenstein, one of two guys who acceded to the firing of Jim Comey ostensibly because the FBI Director made inappropriate comments about an investigation. In it, the guy overseeing Mueller’s investigation into (in part) whether Trump’s firing of Comey amounted to obstruction of justice, Rosenstein suggested Comey acted improperly in releasing the memos that led to Mueller’s appointment.

And he had tough words when asked about Comey’s recent admission that he used a friend at Columbia University to get a memo he penned on a discussion with Trump leaked to The New York Times.

“As a general proposition, you have to understand the Department of Justice. We take confidentiality seriously, so when we have memoranda about our ongoing matters, we have an obligation to keep that confidential,” Rosenstein said.

Asked if he would prohibit releasing memos on a discussion with the president, he said, “As a general position, I think it is quite clear. It’s what we were taught, all of us as prosecutors and agents.”

While Rosenstein went on to defend his appointment of Mueller (and DOJ’s reinstatement of asset forfeitures), he appears to have no clue that he undermined his act even as he defended it.

Christopher Wray’s dodge ball

Which brings me to Wray’s confirmation hearing.

In fact, there were some bright spots in Christopher Wray’s confirmation hearing, mostly in its last dregs. For example, Dick Durbin noted that DOJ used to investigate white collar crime, but then stopped. Wray suggested DOJ had lost its stomach for such things, hinting that he might “rectify” that.

Similarly, with the last questions of the hearing Mazie Hirono got the most important question about the process of Wray’s hiring answered, getting Wray to explain that only appropriate people (Trump, Don McGahn, Reince Priebus, Mike Pence) were in his two White House interviews.

But much of the rest of the hearing alternated between Wray’s obviously well-rehearsed promises he would never be pressured to shut down an investigation, alternating with a series of dodged questions. Those dodges included:

  • What he did with the 2003 torture memo (dodge 1)
  • Whether 702 should have more protections (dodge 2)
  • Why did Trump fire Comey (dodge 3)
  • To what extent the Fourth Amendment applies to undocumented people in the US (dodge 4)
  • What we should do about junk science (dodge 5)
  • Whether Don Jr should have taken a meeting with someone promising Russian government help to get Trump elected (dodge 6)
  • Whether Lindsey Graham had fairly summarized the lies Don Jr told about his June 9, 2016 meeting (dodge 7)
  • Can the President fire Robert Mueller (dodge 8)
  • Whether it was a good idea to form a joint cyber group with Russia (dodge 9)
  • The role of tech in terrorist recruitment (dodge 9 the second)
  • Whether FBI Agents had lost faith in Comey (dodge 10)
  • Who was in his White House interview — though this was nailed down in a Hirono follow up (dodge 11)

Now, don’t get me wrong, this kind of dodge ball is par for the course for executive branch nominees in this era of partisan bickering — it’s the safest way for someone who wants a job to avoid pissing anyone off.

But at this time of crisis, we can’t afford the same old dodge ball confirmation hearing.

Moreover, two of the these dodges are inexcusable, in my opinion. First, his non-responses on 702. That’s true, first of all, because if and when he is confirmed, he will have to jump into the reauthorization process right away, and those who want basic reforms let Wray off the hook on an issue they could have gotten commitments on. I also find it inexcusable because Wray plead ignorance about 702 even though he played a key role in (not) giving defendants discovery on Stellar Wind, and otherwise was read into Stellar Wind after 2004, meaning he knows generally how PRISM works. He’s not ignorant of PRISM, and given how much I know about 702, he shouldn’t be ignorant of that, either.

But the big one — the absolutely inexcusable non answer that would lead me to vote against him — is his claim not to know the law about whether the President can fire Robert Mueller himself.

Oh, sure, as FBI Director, Wray won’t be in the loop in any firing. But by not answering a question the answer to which most people watching the hearing had at least looked up, Wray avoided going on the record on an issue that could immediately put him at odds with Trump, the guy who thinks Wray should report directly to him.

Add to that the Committee’s failure to ask Wray two other questions I find pertinent (and his answers on David Passaro’s prosecution either revealed cynical deceit about his opposition to torture or lack of awareness of what really happened with that prosecution).

The first question Wray should have been asked (and I thought would have been by Al Franken, who instead asked no questions) is the circumstances surrounding Wray’s briefing of John Ashcroft about the CIA Leak investigation in 2003, including details on Ashcroft’s close associate Karl Rove’s role in exposing Valerie Plame’s identity.

Sure, at some level, Wray was just briefing his boss back in 2003 when he gave Ashcroft details he probably shouldn’t have. The fault was Ashcroft’s, not Wray’s. But being willing to give an inappropriate briefing in 2003 is a near parallel to where Comey found himself, being questioned directly by Trump on a matter which Trump shouldn’t have had access to. And asking Wray to explain his past actions is a far, far better indication of how he would act in the (near) future than his rehearsed assurances he can’t be pressured.

The other question I’d have loved Wray to get asked (though this is more obscure) is how, as Assistant Attorney General for the Criminal Division under Bush, he implemented the July 22, 2002 Jay Bybee memo permitting the sharing of grand jury information directly with the President and his top advisors without notifying the district court of that sharing. I’d have asked Wray this question because it was something he would have several years of direct involvement with (potentially even with the Plame investigation!), and it would serve as a very good stand-in for his willingness to give the White House an inappropriate glimpse into investigations implicating the White House.

There are plenty more questions (about torture and the Chiquita settlement, especially) I’d have liked Wray to answer.

But in spite of Wray’s many rehearsed assurances he won’t spike any investigation at the command of Donald Trump, he dodged (and was not asked) key questions that would have made him prove that with both explanations of his past actions and commitments about future actions.

Given Trump’s direct assault on prosecutorial independence, an assault he launched while clearly looking forward to having Wray in place instead of McCabe, the Senate should go back and get answers. Trump has suggested he thinks Wray will be different than Sessions, Rosenstein, Comey, and McCabe. And before confirming Wray, the Senate should find out whether Trump has a reason to believe that.

Update: I did not realize that between the time I started this while you were all asleep and the time I woke up in middle of the night Oz time SJC voted Wray out unanimously, which is a testament to the absolute dearth of oversight in the Senate.

Yevgeniy Nikulin Writes The Donald

/15 Comments/in , , /by

Back in July, I noted that Vladimir Putin started waxing about independent hackers’ “art” as it looked more and more likely that Yevgeniy Nikulin, the guy DOJ has accused of hacking Linked In and MySpace, among others, would be extradited to the US.  Nikulin also made some news by alleging that back in February, the FBI Agent who had interrogated him in Prague had asked him about the election hack.

Now Nikulin has gone one better, writing to President Trump with his claim that he was asked to perjure himself by claiming credit for the DNC hack. (h/t ME)

Obviously, this might just be a ploy to garner attention and give Russia some ammunition to bolster their (thus far reportedly losing) claim that they should get custody of Nikulin for a minor hack rather than the US for a number of very major ones. It is a good way to get attention, especially given the way Trump keeps raising doubts about who hacked the DNC.

But it is actually not crazy to think Nikulin had a role in the DNC hack. One fairly credible alternative theory for the source of the DNC emails dealt to WikiLeaks is that someone used easily cracked credentials from Nikulin’s alleged breaches to obtain the email boxes of about 9 people at the DNC. If that were the case, it would raise the stakes for the logic behind the hacks Nikulin is alleged to have committed and the timing of the more public release of the stolen credentials.

In which case Nikulin’s appeal to Trump (who of course has shown zero interest in the plight of unjust DOJ claims for anyone else, even American citizens, since being elected) would be far more interesting — a way for Trump to personally intervene to prevent potentially damning information from landing in the hands of American prosecutors.

It’s the kind of thing that might come up in hour long conversations on the sidelines of meetings between Putin and Trump.

Be Careful How You Define Collusion: On the Veselnitskaya Bombshell and the Steele Dossier

/105 Comments/in , , /by

See update, below, which provides evidence that was not present when I wrote this post. 

The NYT has a new bombshell showing that Don Jr. was willing to meet with someone to get Russian dirt on Hillary. It is damning. But Democrats should be very careful about calling it collusion, yet.

On Saturday, the NYT reported that Don Jr, Paul Manafort, and Jared Kushner met on June 9 with Natalia Veselnitskaya, a Russian lawyer who has worked to overturn the Magnitsky sanctions. In Don Jr’s first response to the NYT, he admitted to the meeting, but said it focused primarily on adoptions (which means it focused on the sanctions).

Then, yesterday, NYT reported that Don Jr took the meeting because he was promised Russia-related dirt on Hillary. With that new detail, Don Jr changed his story, admitting that’s why he took the meeting, though he claimed that the information Veselnitskaya offered “made no sense.”

In a statement on Sunday, Donald Trump Jr. said he had met with the Russian lawyer at the request of an acquaintance. “After pleasantries were exchanged,” he said, “the woman stated that she had information that individuals connected to Russia were funding the Democratic National Committee and supporting Ms. Clinton. Her statements were vague, ambiguous and made no sense. No details or supporting information was provided or even offered. It quickly became clear that she had no meaningful information.”

He said she then turned the conversation to adoption of Russian children and the Magnitsky Act, an American law that blacklists suspected Russian human rights abusers. The law so enraged President Vladimir V. Putin of Russia that he retaliated by halting American adoptions of Russian children.

“It became clear to me that this was the true agenda all along and that the claims of potentially helpful information were a pretext for the meeting,” Mr. Trump said.

WaPo revealed that the meeting was set up by music publicist Rob Goldstone, and hints that he may have done so at the behest of Emin Agalarov (which Goldstone has since confirmed).

He did not name the acquaintance, but in an interview Sunday, Rob Goldstone, a music publicist who is friendly with Trump Jr., told The Washington Post that he had arranged the meeting at the request of a Russian client and had attended it along with Veselnitskaya.

Goldstone has been active with the Miss Universe pageant and works as a manager for Emin Agalarov, a Russian pop star whose father is a wealthy Moscow developer who sponsored the pageant in the Russian capital in 2013.

This news is damning for several reasons. Kushner failed to disclose it at first in his clearance application, and Don Jr didn’t reveal it in past interviews about meeting with Russians. Everyone tried to hide this at first.

But thus far, it is not evidence of collusion, contrary to what a lot of people are saying.

That’s true, most obviously, because we only have the implicit offer of a quid pro quo: dirt on Hillary — the source of which is unknown — in exchange for sanctions relief. We don’t (yet) have evidence that Don Jr and his co-conspirators acted on that quid pro quo.

But it’s also true because if that’s the standard for collusion, then Hillary’s campaign is in trouble for doing the same.

Remember: A supporter of Hillary Clinton paid an opposition research firm, Fusion GPS, to hire a British spy who in turn paid money to Russians — including people even closer to the Kremlin than Veselnitskaya — for Russia-related dirt on Don Jr’s dad.

Yes, the Clinton campaign was full of adults, and so kept their Russian-paying oppo research far better removed from the key players on the campaign than Trump’s campaign, which was run by incompetents. But if obtaining dirt from Russians — even paying Russians to obtain dirt — is collusion, then a whole bunch of people colluded with Russians (and a bunch of other foreign entities, I’m sure), including whatever Republican originally paid Fusion for dirt on Trump.

Breaking: Our political process is sleazy as fuck (but then, so are most of our politicians).

The claim that merely meeting with Veselnitskaya is collusion is all the more dangerous given that it invokes some weird details about the Fusion dossier. Most importantly, as Trump’s lawyer’s spox has pointed out (incoherently, at first), like whatever Clinton supporter retained the oppo research firm, Veselnitskaya also employed Fusion. An update to NYT’s Friday story laid some of this out, in the form of Mark Corallo’s more clever than you actually might think suggestion that the Democrats might have paid Fusion to set up this meeting.

In an interview, Mr. [Mark] Corallo explained that Ms. Veselnitskaya, in her anti-Magnitsky campaign, employs a private investigator whose firm, Fusion GPS, produced an intelligence dossier that contained unproven allegations against the president. In a statement, the firm said, “Fusion GPS learned about this meeting from news reports and had no prior knowledge of it. Any claim that Fusion GPS arranged or facilitated this meeting in any way is false.”

[snip]

One of Ms. Veselnitskaya’s clients is Denis Katsyv, the Russian owner of a Cyprus-based investment company called Prevezon Holdings. He is the son of Petr Katsyv, the vice president of the state-owned Russian Railways and a former deputy governor of the Moscow region. In a civil forfeiture case prosecuted by Mr. Bharara’s office, the Justice Department alleged that Prevezon had helped launder money tied to a $230 million corruption scheme exposed by Mr. Magnitsky by parking it in New York real estate and bank accounts. As a result, the government froze $14 million of its assets. Prevezon recently settled the case for $6 million without admitting wrongdoing.

[snip]

Besides the private investigator whose firm produced the Trump dossier, the lobbying team included Rinat Akhmetshin, an émigré to the United States who once served as a Soviet military officer and who has been called a Russian political gun for hire.

Republicans have already pointed to Akhmetshin’s work with Fusion as a way to discredit the Steele dossier. Now they are (or at least were, before the really damning bits came out) using it to attempt to discredit the most damning detail about Trump’s ties to Russians.

But there in one other interesting detail.

The first report (that we have) reflecting Christopher Steele’s work (and also the first report that some unknown Democrat paid for after earlier oppo research had been paid for by some Republican) is dated June 20.

The report, dated 11 days after the Veselnitskaya meeting, states that the Kremlin has a dossier on Clinton, but that it has not as yet been distributed abroad.

That claim is seemingly contradicted by the claims of Source A (a senior Russian Foreign Ministry figure) and Source D. Indeed, Source D appears to have claimed, in June, that dirt from Russia was helpful.

Ultimately, though, the memo seems to credit Source B, “a former top level Russian intelligence officer” and Source G, a senior Kremlin official, who said the dossier, attributed here to the FSB, had not yet been shared with Trump or anyone else in America.

Consider: First, Akhmetshin himself qualifies as a former intelligence officer (though it’s not clear how senior he was). He might have reason to deny that intelligence he tried to pass was the intelligence in question. And he’d likely be right, given that the Clinton dossier was purportedly a FSB, not a GRU, product. But it’s even possible that he didn’t want Hillary to know that he or a colleague was dealing dirt, however bad.

Nevertheless, the senior-most Russian quoted in the dossier compiled for Hillary Clinton claimed — and Steele appears to have believed — that Russia’s dirt on Hillary Clinton had not yet been released.

Which doesn’t really help the treatment of this as a scandal.

Don’t get me wrong. I suspect there is more to this story. But I also note that Democrats should be really careful not to get too far ahead of this one, for fear of where it will lead.

Update: NYT’s latest provides evidence that gets you far closer to collusion than the previous evidence.

Mr. Goldstone’s message, as described to The New York Times by the three people, indicates that the Russian government was the source of the potentially damaging information. It does not elaborate on the wider effort by Moscow to help the Trump campaign. There is no evidence to suggest that the promised damaging information was related to Russian government computer hacking that led to the release of thousands of Democratic National Committee emails.

James Clapper Updated Rules on Congressional Notice the Day before He Retired

/2 Comments/in , /by

On his very last full day in office on January 19, in the middle of an investigation that included then Senator Jeff Sessions’ discussions with the Russian Ambassador, James Clapper updated the rules on dissemination of the identities of members or staffers of Congress in intelligence reports.

One minor change to the previous procedures involved adding the Director of National Intelligence to the list of people whose requests to identify a MoC’s identity in a report don’t have to go through the same approval process as other people (which, in any case, involves approval by the DNI).

Here’s what that provision looked like in 2013.

As I suggested after Clapper most recently testified, his answers about unmasking the identity of a member of Congress or a Trump associate logically suggest he may have unmasked the identity of Jeff Sessions (though this process would involve someone else sharing the name of a member of Congress with Clapper, not Clapper unmasking the name).

LINDSEY GRAHAM: You made a request for unmasking on a Trump associate and maybe a member of Congress? Is that right, Mr. Clapper?

CLAPPER: Yes.

As I noted, the DNI is the person who has to approve the most sensitive requests. So by adding himself, Clapper only closed a loop, giving himself (or his successor) permission to ask for and receive information he himself had the authority to ask and receive in any case.

But I find the timing of the change interesting.

Maddow’s Forgery and Mistaken Timing

/48 Comments/in , /by

Much of Rachel Maddow’s reporting on the Russian scandal has been overly drawn out and breathless. But you should watch this piece (which is not only overly drawn out and breathless, but doesn’t emphasize the most important point).

Rachel describes how, on June 7, her tip line received a smoking gun document, appearing to be a Top Secret NSA document, laying out collusion between a Trump campaign official she doesn’t name (I’m going to wildarseguess, for a lot of reasons, it is Mike Flynn) and the Russians who hacked the election. She describes multiple reasons her team determined the document to be a fake: some misspellings, a declassification date that is wrong, some spacing weirdness, and that the campaign official is actually named, rather than masked as US Citizen 1.

But she also describes how the printer dots and a seeming crease on the document appear to replicate those that appear in the document Reality Winner is alleged to have provided to the Intercept.

Which is interesting, because as she shows about 14 minutes in (but doesn’t emphasize enough), the document sent to her tip line appears to have been created between the time Reality Winner went to jail and the time the Intercept published the document (unless I missed it, she doesn’t say precisely when they got the document, just that it was the same week as the Intercept published it Update: Corrected above). The creation date appears to be three and a half hours before the publication date at the Intercept. [Update: but not the creation date for the document, see below.]

Rachel surmises, correctly, I think, that the person sent the document both to discredit her own reporting (in much the same way reliance on fake documents discredited Dan Rather’s reporting of George Bush’s real Air National Guard scandal) as well as to discredit the notion that the Trump campaign, and the person named in particular, colluded with the Russians. This was an attempt to undercut potentially real news with deliberately faked news, fed through a selected outlet.

That would mean one of two things. Either the person who created the document faked the metadata (or created the document from Alaska or someplace west of there). Or the person received a copy of the very same document, including the crease, either from Reality Winner or from the Intercept or one of their sources, and then used it as a template to create a fake NSA document (or had visibility into the FBI’s investigation about this document). If it’s the latter, then the number of people who might be involved is rather small.

I’ve suggested there are reasons to wonder whether Winner was directed towards this document. I’d say there are more questions now about whether that’s the case.

Update: as PaulMD notes on Twitter, the document Rachel received actually has the very same creation time as the document the Intercept uploaded.

Update: Glenn Greenwald is pretty pissed about Rachel’s insinuations.

Update: Changed the title given the mistaken timing in the Rachel story.