“Everyday Americans” Are Increasingly Foreign Intelligence Now

/6 Comments/in , /by

[youtube]U-yLQPO_8E0[/youtube]

Yesterday, the Guardian revealed that the NSA is storing online metadata (including browsing information) for up to a year.

The National Security Agency is storing the online metadata of millions of internet users for up to a year, regardless of whether or not they are persons of interest to the agency, top secret documents reveal.

[snip]

The guide goes on to explain Marina’s unique capability: “Of the more distinguishing features, Marina has the ability to look back on the last 365 days’ worth of [Digital Network Information] metadata seen by the Sigint collection system, regardless whether or not it was tasked for collection.” [Emphasis original.]

So in addition to our phone metadata, the government is keeping our browsing metadata in case it needs it.

Remember, over a fifth of the query violations recorded by the NSA in the first quarter of 2012 accessed this database.

As interesting as this disclosure is, I’m just as interested in the way NSA responded to Guardian’s request for a rationale for this practice and some sense of how much of it includes US person data.

The Guardian approached the NSA with four specific questions about the use of metadata, including a request for the rationale behind storing 365 days’ worth of untargeted data, and an estimate of the quantity of US citizens’ metadata stored in its repositories.

But the NSA did not address any of these questions in its response, providing instead a statement focusing on its foreign intelligence activities.

“NSA is a foreign intelligence agency,” the statement said. “NSA’s foreign intelligence activities are conducted pursuant to procedures approved by the US attorney general and the secretary of defense, and, where applicable, the foreign intelligence surveillance (Fisa) court, to protect the privacy interests of Americans.

“These interests must be addressed in the collection, retention, and dissemination of any information. Moreover, all queries of lawfully collected data must be conducted for a foreign intelligence purpose.”

It continued: “We know there is a false perception out there that NSA listens to the phone calls and reads the email of everyday Americans, aiming to unlawfully monitor or profile US citizens. It’s just not the case.

“NSA’s activities are directed against foreign intelligence targets in response to requirements from US leaders in order to protect the nation and its interests from threats such as terrorism and the proliferation of weapons of mass destruction.” [my emphasis]

This non-answer does three things.

  • As with Ron Wyden’s repeated requests for the number of Americans targeted through the back door loophole, the NSA refuses to quantify the scope of this collection
  • It names all the spying on US person data “foreign intelligence” as a means to legitimize it
  • It denies accessing the content of “everyday Americans” rather than denying it accesses the content of Americans, period

I’m beginning to realize why NSA keeps responding with that last bullet — we are not reading your content. More and more, it appears not to be a denial that they access US person content (once you get into Internet “metadata” you’re quickly getting into content in any case), but rather a denial that they access the US person content of “everyday Americans.” Which suggests they do access the content of certain Americans who, because their activities might fall under categories the NSA claims “US leaders” have deemed foreign intelligence, are no longer considered “everyday Americans.”

And once you get beyond the fearmongering excuse of terror terror terror, you realize this is not just Muslims and Arabs (not that that would make it right in any case).

We live in an increasingly globalized world in which “everyday Americans” have a wide range of entirely legitimate reasons to engage with people outside of this country. At the core of this dragnet, it appears, is the argument that such legitimate activities somehow exclude you from the designation of “everyday Americans.”

But it’s not going to disclose whether it considers you an “everyday American” exempt from all this domestic-as-foreign spying or not.

Update: Musical accompaniment suggested by billmon.

Share this entry

Could an Independent NSA Inspector General Have Prevented 3 Years of Violations?

/4 Comments/in , /by

Last week, two former Senate Intelligence Committee members proposed a fix for the NSA no one has yet floated: making NSA’s Inspector General independent. Doing so, they argue, would give the IG more leeway to direct her investigations of the NSA and provide Congress needed insight into NSA’s real activities.

But one important option has yet to be proposed: creating an independent inspector general’s office at the NSA, comparable to the office that was created within the CIA in 1989.

[snip]

Not only was the inspector general’s office viewed differently after the law was passed, but the office itself was different. It decided which of the CIA’s activities would be investigated, inspected or audited without waiting for direction or approval from agency management. Employees of the IG’s office no longer had to worry about the potential effect on their careers if their findings and conclusions were critical of the agency. They may not have always gotten everything right, but they were freer to call things as they saw them and did so, at times to the chagrin of CIA management.

Having an independent inspector general at the CIA produced other advantages for the oversight process: It gave the congressional intelligence committees a more reliable partner — an office that lawmakers could call upon to conduct investigations beyond their own capabilities — and they learned of problems they otherwise might not have come across.

The same dynamic is not possible at the NSA today because the agency’s inspector general is appointed by and works for the NSA director. For all practical purposes, he is a member of the director’s staff and does not report directly to the intelligence committees.

I’m particularly interested in this recommendation given a few data points from the transition period between the illegal phone dragnet to the Section 215 dragnet in 2006.

As the documents submitted in 2009 make clear, the dragnet remained largely if not entirely unchanged from what it was before 2006. The initial “bug” that “arose” in 2009 was really just a “feature” — an alert system on suspect phone identifiers — of the illegal program that never got shut down or properly disclosed to the FISA Court. Many of the subsequent “bugs” (such as access to the queried data for FBI and CIA) also seem to be “features” no one turned off to keep the program legal.

And the Inspector General (from 2002 to 2006, NSA defender Joel Brenner served in that role) knew about the features of the illegal program because he was belatedly read into the illegal program in 2002 and actually provided 3 suggestions to improve oversight of it (see pages 45-46). Among other things, Brenner instituted and attended monthly due diligence meetings.

As Keith Alexander’s February 2009 declaration to Reggie Walton reveals, as the program was transferring to FISC authorization in 2006, someone in the IG office suggested NSA tell the FISA Court how the alert system worked, but NSA chose not to follow that suggestion.

Agency records indicate that, in April 2006, when the Business Records Order was being proposed, NSA’s Office of Inspector General (“OIG”) suggested to SID personnel that the alert process be spelled out in any prospective Order for clarity but this suggestion was not adopted.

More interesting still is the role of a 2006 study submitted to the FISA Court (starting at 85). Read more

Share this entry

Our Yemeni “Allies” Did More Damage than Edward Snowden

/5 Comments/in /by

The NYT reports that some counterterrorism analysts think the reports of the Ayman al-Zawahiri call with Nasir al-Wuhayshi have done more damage to our SIGINT collections than all of Edward Snowden’s leaking.

As the nation’s spy agencies assess the fallout from disclosures about their surveillance programs, some government analysts and senior officials have made a startling finding: the impact of a leaked terrorist plot by Al Qaeda in August has caused more immediate damage to American counterterrorism efforts than the thousands of classified documents disclosed by Edward Snowden, the former National Security Agency contractor.

Since news reports in early August revealed that the United States intercepted messages between Ayman al-Zawahri, who succeeded Osama bin Laden as the head of Al Qaeda, and Nasser al-Wuhayshi, the head of the Yemen-based Al Qaeda in the Arabian Peninsula, discussing an imminent terrorist attack, analysts have detected a sharp drop in the terrorists’ use of a major communications channel that the authorities were monitoring. Since August, senior American officials have been scrambling to find new ways to surveil the electronic messages and conversations of Al Qaeda’s leaders and operatives.

[snip]

The drop in message traffic after the communication intercepts contrasts with what analysts describe as a far more muted impact on counterterrorism efforts from the disclosures by Mr. Snowden of the broad capabilities of N.S.A. surveillance programs. Instead of terrorists moving away from electronic communications after those disclosures, analysts have detected terrorists mainly talking about the information that Mr. Snowden has disclosed.

Reading between the lines, the story suggests one reason Snowden’s leaks haven’t hurt counterterrorism that badly is because they’re targeted at (or most effective with) non-terrorist targets.

Senior American officials say that Mr. Snowden’s disclosures have had a broader impact on national security in general, including counterterrorism efforts. This includes fears that Russia and China now have more technical details about the N.S.A. surveillance programs.

But I’m perhaps most interested in the way NYT points to McClatchy as the first report of the leak, not the NYT itself.

McClatchy Newspapers first reported on the conversations between Mr. Zawahri and Mr. Wuhayshi on Aug. 4. Two days before that, The New York Times agreed to withhold the identities of the Qaeda leaders after senior American intelligence officials said the information could jeopardize their operations. After the government became aware of the McClatchy article, it dropped its objections to The Times’s publishing the same information, and the newspaper did so on Aug. 5.

Remember, whereas the NYT sourced this leak to US officials, McClatchy very clearly sourced it to a Yemeni official. In fact, McClatchy’s editor, James Asher, said that the reporter (Adam Baron) said the intercept was “common knowledge” known in Yemen.

Our story was based on reporting in Yemen and we did not contact the administration to ask permission to use the information. In fact, our reporter tells me that the intercept was pretty much common knowledge in Yemen.

None of this excuses the US officials who leaked this to brag about the NSA’s capabilities at a politically sensitive time. (In fact, the intercept was discovered by an Air Force unit stationed at NSA’s Fort Meade.)

But even before that, someone in Yemen was leaking broadly enough about this intercept that it was “common knowledge.”

Which, given the divided loyalties of many within the Yemeni government may well mean AQAP got details of the intercept firsthand, not via McClatchy or NYT.

Those same Yemeni allies have long blabbed about our infiltration of AQAP. Now, apparently, they’ve alerted AQAP to the precise means of wiretapping them. Perhaps this should tell us something about those Yemeni allies?

Share this entry

The People Who Work at Arthur Anderson NSA Are Such Nice People

/8 Comments/in /by

[youtube]uF40mZbrd7I[/youtube]

Back in 2001 or early 2002, I sat next to a lifetime Arthur Anderson accountant on a long plane ride. We talked about the Enron debacle and its ties to Anderson. She hadn’t worked the Enron account, and she insisted that Anderson itself was a highly ethical company — it was just the Enron account that was bad, she said. I gently raised the several other big accounting scandals Anderson starred in — Waste Management and Sunbeam both broke in 2001. But in her mind, that she and the people she worked with seemed like good people was all the proof she needed that Anderson was not a systematically unethical company.

That is, effectively, the defense that Bobby Chesney and Ben Wittes want to offer of the NSA after Chesney helped set up a special meeting of academics (plus Wittes) with the agency.

Our major takeaway concerns the dramatic disparity that separates the perception on the outside of what this agency does and NSA’s self-perception. To hear NSA folks talk about their compliance regime, for example, is to hear about an entirely different animal than the situation depicted in many new stories. To hear NSA folks discuss the relationship between encryption, cyber-security, and cyber offense is a different animal than to read news stories about how NSA breaks encryption. And so forth.  These conversations were all unclassified, but they vividly described a wide gap in understanding between NSA and the press, members of Congress, and the public regarding what the agency does and doesn’t do, how accountable and regulated it is, to what extent it complies with the law and how, and what the relevant law is.

That gap is unnecessary, or at least it need not be so wide. Read more

Share this entry

Another Reason David Barron Should Not Get a Lifetime Appointment without Further Disclosure

/1 Comment/in , /by

The other day I noted that President Obama had nominated David Barron to a lifetime appointment on the First Circuit even while his government was stonewalling the release  under FOIA of Barron’s OLC memo authorizing the due process-free execution of an American citizen.

While I presume Patrick Leahy will rush Barron’s confirmation through the Senate Judiciary Committee anyway, he shouldn’t, not until Americans have a better sense of Barron’s fairly outrageous claims (including, that courts couldn’t review such executions) in that memo.

Here’s another thing Leahy should insist we see before Barron gets to be a Circuit Judge.

If the N.S.A. does not immediately use the phone and e-mail logging data of an American, it can be stored for later use, at least under certain circumstances, according to several documents.

One 2011 memo, for example, said that after a court ruling narrowed the scope of the agency’s collection, the data in question was “being buffered for possible ingest” later. A year earlier, an internal briefing paper from the N.S.A. Office of Legal Counsel showed that the agency was allowed to collect and retain raw traffic, which includes both metadata and content, about “U.S. persons” for up to five years online and for an additional 10 years offline for “historical searches.”

Now, Barron left during the summer of 2010, so it’s not at all clear he wrote the OLC briefing paper (which presumably means “memo that is called something else to make it harder to FOIA”) authorizing retention of US person data, including content (presumably collected off the switches, but who knows?), for up to 15 years.

And it may well be that this is not as outrageous as an argument as those deployed to authorize the Anwar al-Awlaki killing. Perhaps this mem — um, briefing paper — doesn’t address the legality of the underlying collection at all and only addresses reasonable (!) retention policies under the Privacy Act or some other statute. Probably this memo invests the same blind faith in minimization — the argument that collecting and holding US person data is no big deal so long as there are procedures purportedly limiting the distribution of it, even if those procedures allow the Intelligence Community to operate with great discretion in secret –as the rest of NSA’s programs do.

So I’m not asserting that I know this mem– um, briefing paper — is problematic. I’m suggesting it may be.

I’m suggesting that we ought to know whether David Barron has green-lighted pretty broad abuses of US person privacy before he takes up an appellate position for the rest of his life.

Share this entry

Bill Binney Told You So

/13 Comments/in /by

Remember when Bill Binney said NSA was compiling dossiers of Americans, but Keith Alexander said that wasn’t true?

A former NSA official has accused the NSA’s director of deception during a speech he gave at the DefCon hacker conference on Friday when he asserted that the agency does not collect files on Americans.

William Binney, a former technical director at the NSA, said during a panel discussion that NSA Director Gen. Keith Alexander was playing a “word game” and that the NSA was indeed collecting e-mails, Twitter writings, internet searches and other data belonging to Americans and indexing it.

“Unfortunately, once the software takes in data, it will build profiles on everyone in that data,” he said. “You can simply call it up by the attributes of anyone you want and it’s in place for people to look at.”

[snip]

Binney was contradicting statements made on Friday by Alexander, who told the crowd of hackers and security professionals that his agency “absolutely” does not maintain files on Americans.

“And anybody who would tell you that we’re keeping files or dossiers on the American people,” Alexander continued, “knows that’s not true.”

The tantalizing reporting duo of Laura Poitras and James Risen (writing at NYT) report the NSA is … compiling graphs that show Americans’ connections with foreign targets, using both communications metadata and public resources like bank, insurance, Facebook, flight, voting property, and GPS information.

Since 2010, the National Security Agency has been exploiting its huge collections of data to create sophisticated graphs of some Americans’ social connections that can identify their associates, their locations at certain times, their traveling companions and other personal information, according to newly disclosed documents and interviews with officials.

[snip]

The policy shift was intended to help the agency “discover and track” connections between intelligence targets overseas and people in the United States, according to an N.S.A. memorandum from January 2011. The agency was authorized to conduct “large-scale graph analysis on very large sets of communications metadata without having to check foreignness” of every e-mail address, phone number or other identifier, the document said. Because of concerns about infringing on the privacy of American citizens, the computer analysis of such data had previously been permitted only for foreigners.

The agency can augment the communications data with material from public, commercial and other sources, including bank codes, insurance information, Facebook profiles, passenger manifests, voter registration rolls and GPS location information, as well as property records and unspecified tax data, according to the documents. They do not indicate any restrictions on the use of such “enrichment” data, and several former senior Obama administration officials said the agency drew on it for both Americans and foreigners.

It sure sounds like a dossier to me.

But then, the safe bet was always to assume Keith Alexander (and James Clapper, who also denied this) was lying.

Share this entry

“Whoa Whoa Whoa, Stop!” Dianne Feinstein Misstates the 2011 Violations

/20 Comments/in /by

One of the most enlightening aspects of yesterday’s Senate Intelligence Hearing on FISA came when Dianne Feinstein tried to rebut witness Tim Edgar’s categorization of the 2011 violations described in John Bates October 8, 2011 opinion. In her rebuttal, she proved she either doesn’t know, doesn’t understand, or chooses to misrepresent the opinion, which found that NSA had violated the law and Fourth Amendment in its Section 702 program.

Edgar was arguing (see page 5-6) that if the FISA Court opinions were publicly released, we’d know about ridiculous semantic definitions — like “relevant” — as those definitions were invoked, not years after the fact, which would lead to greater trust in the FISC.

As his second example, he cited NSA’s collection of US person communications on upstream collection. (After 2:20)

EDGAR: [T]he NSA’s interpretation of the requirement in Section 702, for content surveillance targeting foreign persons, that those procedures must target foreign persons is also surprising. The FISA court’s recently released opinions show that communications that target foreign persons include not only communications that are to or from that person, but also those that are merely about that person in a particular narrow sense, that the selection — the selector for that person appears in the communication.

Even communications which are not to or from, or about, the foreign target at all have been acquired as the result of the manner in which some NSA collection was conducted.

DiFi interrupted him (whoa whoa whoa stop!) — and (having read his statement in advance) started reading a written rebuttal to provide her version of the 2011 violations.

FEINSTEIN: Whoa, whoa, whoa, stop. Exactly what program are you talking about?

EDGAR: In the recently released FISA court opinion about upstream collection in the compliance incidents in 2011, it was documented how information from multiple communications — what they called “multiple communications transactions” — was obtained not by mistake, but because of the way the system was designed. That included any selector that was a foreign target in the entire multi- communications transaction.

And so that created a lot of controversy in the FISA court, and required the FISA court to work with the Justice Department and the intelligence community to narrow the minimization guidelines.

FEINSTEIN: OK. Because this is — this is important, may I interrupt this just — respond? [reading from prepared statement] In mid 2011, NSA notified the DOJ, the DNI, and the FISA court, and House and Senate Intelligence Committees, of a series of compliance incidents impacting a subset of NSA collection under Section 702 of FISA, known as upstream collection.

This comprises about 10 percent of all collection that takes place under 702, and occurs when NSA obtains Internet communications, such as e-mails, from certain U.S. companies that operate the Internet background;[sic] i.e., the companies that own and operate the domestic telecommunication lines over which Internet traffic flows.

In essence, the issue that arose in 2011 was that NSA, while trying to acquire e-mails to, from, or about an overseas target, realized it, and was inadvertent — that it was inadvertently acquiring other e-mails, including some e-mails sent between persons inside the United States that happened to be bundled with the e-mail messages NSA was trying to collect.

This bundling is done by Internet companies in order to make it easier to send information quickly over the telecom lines that make up the Internet. Unfortunately, NSA’s technical systems could not easily separate the individual messages within these bundles. And the result was that NSA collected some e-mail messages it did not intend to acquire.

OK. We held a lengthy hearing on the court’s ruling on October 20, 2011, at which General Alexander and Lisa Monaco — then the assistant attorney general for national security — described the court’s ruling and what they were doing to address it.

Here’s my point: It was a mistake. Action was taken immediately to correct it. It came to us. We took action. [bold mine, underline emphasis DiFi applied in delivery]

DiFi’s prepared statement misstates the facts as presented in Bates’ opinion in several ways:

  • The issue had existed since before July 2008
  • The collection was — according to the court ruling — not inadvertent
  • NSA only corrected the problem under threat of criminal referral, after months of delay

First, the issue did not arise in 2011.

As Bates made clear, “NSA has been collecting MCT’s since before the Court’s approval of the first Section 702 certification in 2008.” Read more

Share this entry

Ron Wyden’s Past Provocative Hearing Question on Cell Site Location

/8 Comments/in , /by

As I’ve noted, yesterday Ron Wyden got Keith Alexander to refuse to answer a question about whether the NSA has ever collected or made plans to collect Americans’ cell-site information in bulk.

Wyden: Senators Udall, Heinrich and I and about two dozen other senators have asked in the past whether the NSA has ever collected or made any plans to collect Americans’ cell-site information in bulk. What would be your response to that?

Gen. Keith Alexander (Alexander): Senator, on July 25, Director Clapper provided a non-classified written response to this question amongst others, as well as a classified supplement with additional detail. Allow me to reaffirm what was stated in that unclassified response. Under section 215, NSA is not receiving cell-site location data and has no current plans to do so. As you know, I indicated to this committee on October 20, 2011, that I would notify Congress of NSA’s intent to obtain cell-site location data prior to any such plans being put in place. As you may also be aware, –

Wyden: General, if I might. I think we’re all familiar with it. That’s not the question I’m asking. Respectfully, I’m asking, has the NSA ever collected or ever made any plans to collect Americans’ cell-site information. That was the question and we, respectfully General, have still not gotten an answer to it. Could you give me an answer to that? [my emphasis]

In addition to saying NSA is not doing so under Section 215, Alexander also pointed to two classified responses he would not repeat in unclassified setting.

Which I think confirms — as if there was any doubt — that the answer is yes, the NSA has at least planned, if not actually collected, cell-site location in bulk (though not necessarily under Section 215).

That said, many people are treating this as Wyden’s first provocative hearing question on the topic. This one — from February 2012, just after the US v Jones decision found use of a GPS to constitute a search — may provide some important insight onto the timing and rationale behind such bulk collection.

Wyden: Director Clapper, as you know the Supreme Court ruled last week that it was unconstitutional for federal agents to attach a GPS tracking device to an individual’s car and monitor their movements 24/7 without a warrant. Because the Chair was being very gracious, I want to do this briefly. Can you tell me as of now what you believe this means for the intelligence community, Read more

Share this entry

Ron Wyden’s What’s-Old-Is-New Question: Reverse Targeting

/2 Comments/in , /by

When you track Ron Wyden’s persistent attempts to squeeze answers out of National Security officials, you grow familiar with the rhythm of questions. Drone memos — Article II or AUMF, he asked for years before getting a still-secret answer. Has the government ever bulk collected location, Keith Alexander refused to answer yet again yesterday. As I noted, he publicly asked for the common commercial agreement OLC memo back in January before he asked again yesterday, in addition to a number of non-public requests he (and Russ Feingold) made.

That’s true of most of his questions from yesterday.

He asked, again, about the NSA’s ability to search through incidentally collected data for US person communications.

Section 702 of FISA was intended to give the government new authority to target foreigners, but the executive branch has argued that the NSA should have the authority to deliberately go through communications collected under section 702 and conduct warrantless searches for the communications of individual Americans. Has the NSA ever conducted any of these warrantless searches for individual Americans’ communications?

He tried to limit this in last year’s reauthorization, asked about it last fall, and caught Keith Alexander lying about it back in June.

The answer to the question, of course, is “Yes.”

He asked, again, how long the government has used PATRIOT to conduct bulk collection of US person data.

How long has the NSA used Patriot Act authorities to engage in the bulk collection of Americans’ records? And was this collection underway when Congress was voting to reauthorize the Patriot Act in late 2005 and early 2006?

He — and 25 other Senators — asked this question back in June. But Clapper refused to answer it.

The answer to the question (as has been confirmed by the 2009 draft NSA IG Report) is “Yes.” Which of course either means Congress added the “relevant to” language to shut down such bulk collection, or the government lied about how it was using the Pen Register/Trap and Trace and Business Records provisions when Congress reauthorized the PATRIOT Act in 2006.

But it’s the last question that — in this form at least — is new:

One of the recurring debates about section 702 of FISA is whether the law should include stronger protections against reverse targeting, which is the prohibited practice of trying to spy on Americans by collecting the communications of foreigners that those Americans are believed to be talking to. Since the FISA Amendments Act was passed in 2008, have there been any instances of reverse targeting by NSA analysts?

Don’t get me wrong. There has been plenty of discussion of reverse targeting going back to before the FISA Amendments Act (and, for that matter, the Protect America Act) were passed.

But the answer to this question, as with the two others, is almost surely “Yes.” Otherwise, Wyden wouldn’t have asked it (and planned to ask it during a public hearing).

Which means that, either before or after the FISA Court permitted the NSA to search through incidentally collected for US person communications (see question 1), it caught analysts picking foreign targets in such a way that they could collect the communications of Americans.

They did precisely what the law prohibits explicitly.

That is new.

No wonder DiFi ensured Wyden wouldn’t get a second round of questions, saving Keith Alexander and James Clapper from answering this in public.

Share this entry

Half the LOVEINT Violations Committed by Non-NSA Employees

/1 Comment/in /by

Screen shot 2013-09-26 at 9.14.52 PM

Chuck Grassley just released a summary of violations of NSA authority he requested back in August.

The data is pretty meaningless. As I have shown, NSA’s own internal reporting shows about 9% (and up to 20% in some categories) of its violations are “due diligence” violations, which are violations of rules that an analyst knows (human error, intelligence error, and training are treated as distinct violations). If today’s hearing was any indication, the Senate Intelligence Committee seems to have no understanding that 9% of all violations are willful violations of rules.

All that said, of the 12 incidents the NSA reported (there are 3 incidents still under investigation), fully half appear to be committed by members of different agencies (though one of those was a military person reported to NSA). That’s a lot of other agency personnel abusing SIGINT authorities they’re granted access to.

And note, DOJ has never prosecuted any of these. In just about all cases where DOJ gets a referral, the person resigns before being charged. The UCMJ does better — DOD has punished two people.

Share this entry