NSA Undermines Past Leaked Narrative about Edward Snowden with New Ones

/3 Comments/in , /by

The 21st paragraph of this 22 paragraph article on what Edward Snowden may have taken from the NSA reads.

But that also made it easier for systems administrators such as Snowden, whose job was to make sure the networks worked properly, to gain access to files.

WaPo’s sources apparently have a different understanding of what NSA/Booz paid Edward Snowden to do than the NYT, which says he was a hacker, not a systems administrator.

Yet in spite of the effort to make Snowden seem like an innocuous systems administrator, WaPo reports that based on a review of what Snowden “was able to review within the agency’s systems,” the NSA is most worried that Snowden will reveal how we hack into other countries’ networks, especially those of the Chinese.

But the release of information on how the NSA has penetrated Chinese networks would be especially damaging. “It’s not in the interests of the United States for the Chinese to know exactly how we do it,” said a former intelligence official. “It’s sources and methods.”

U.S. officials also fear that some of the documents Snowden has turned over to journalists disclose NSA methods of hacking into overseas networks, and, if published, will lead targets in other countries — in the Middle East, Europe, East Asia and South Asia — to take new defensive actions.

And the article uses that word, hack, twice to refer to our actions (and once to refer to China’s).

The article notes that Snowden has said, “he has no desire to publicize information that describes the technical specifications or blueprints for how the NSA has constructed its eavesdropping network.” So it points to the files people like the Guardian (which it also notes refuses to publish everything it has because the materials are sensitive) to create the specter of a threat this will happen. (The story doesn’t mention WikiLeaks, perhaps having learned its lesson after Walter Pincus had to make extensive corrections to a story making unsupported allegations about WikiLeaks, but I would bet that is the unspoken worry.)

In other words, the story confirms Snowden did not take any collected intelligence, and that he knows what we suspect a paid NSA hacker would know, but has not yet publicly leaked that (aside from very sketchy details to the South China Morning Post), which is what the NSA most fears he might leak. He has instead focused on the surveillance of individuals.

But in spite of the fact that that is what the article reports, that is presented as reason to be terrified by Edward Snowden.

 

Spying on Americans: A “Team Sport” Since 2004

/8 Comments/in , , /by

Screen shot 2013-07-11 at 6.25.06 PMOne of the more colorful revelations in today’s Guardian scoop is the newsletter piece that describes increased sharing of PRISM (Section 702) data with FBI and CIA.

The information the NSA collects from Prism is routinely shared with both the FBI and CIA. A 3 August 2012 newsletter describes how the NSA has recently expanded sharing with the other two agencies.

The NSA, the entry reveals, has even automated the sharing of aspects of Prism, using software that “enables our partners to see which selectors [search terms] the National Security Agency has tasked to Prism”.

The document continues: “The FBI and CIA then can request a copy ofPrism collection of any selector…” As a result, the author notes: “these two activities underscore the point that Prism is a team sport!”

But that’s something that has actually been built into the program for years. While the Joint IG Report on the illegal wiretap program claimed,

NSA also was responsible for conducting the actual collection of information under the PSP and disseminating intelligence reports to other agencies such as the Federal Bureau of Investigation (FBI), the Central Intelligence Agency (CIA), and the Office of the Director of National Intelligence (ODNI) National Counterterrorism Center (NCTC) for analysis and possible investigation.

The Draft NSA IG Report explained,

Coordination with FBI and CIA. By 2004, four FBI integrees and two CIA integrees, operating under SIGINT authorities in accordance with written agreements, were co-located with NSA PSP-cleared analysts. The purpose of co-locating these individuals was to improve collaborative analytic efforts.

And the minimization procedures released by the Guardian (which date to 2009), make it clear NSA can provided unminimized content to CIA and FBI on whatever selectors they request.

6(c)

(1) NSA may provide to the Central Intelligence Agency (CIA) unminimized communications acquired pursuant to section 702 of the Act. CIA will identify to NSA targets for which NSA may provide unminimized communications to CIA. CIA will process any such unminimized communications received from NSA in accordance with CIA minimization procedures adopted by the Attorney General, in consultation with the Director of National Intelligence, pursuant to subsection 702(e) of the Act.

(2) NSA may provide to the FBI unminimized communications acquired pursuant to section 702 of the Act. FBI will identify to NSA targets for which NSA may provide unminimized communications to the FBI. FBI will process any such unminimized communications received from NSA in accordance with FBI minimization procedures  adopted by the Attorney General, in consultation with the Director of National Intelligence, pursuant to subsection 702(e) of the Act.

And none of that should be surprising, given the tasking slide — above — that was first published by the WaPo. FBI, at least, is solidly in the midst of this collection, for a program deemed to be foreign intelligence collection.

There have been a variety of claims about all this team sport participation. But I’m not convinced any of them explain how all this works.

And in perhaps related news, the Fifth Circuit today said that Nidal Hasan could not have access to the FISA material on him, in spite of the fact that William Webster published a 150 page report on it last year. Legally, that material should be utterly distinct from PRISM, since a wiretap on Anwar al-Awlaki would require a specific FISA warrant (and the latest Guardian scoop refers to expanded cooperation since 2012). But I suspect the reason Hasan, the FISA evidence against whom has already been extensively discussed, can’t see it is because we would see what this actually looks like from the FBI side.

DOJ has to protect its team, you know.

The Evil Empire

/16 Comments/in , /by

Screen shot 2013-07-11 at 2.39.09 PM
The Guardian has its latest scoop on NSA spying, describing the extent to which Microsoft helps the government spy on its customers. This bullet list is just some of what the article reveals.

  • Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal;
  • The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail;
  • The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide;
  • Microsoft also worked with the FBI’s Data Intercept Unit to “understand” potential issues with a feature in Outlook.com that allows users to create email aliases;
  • Skype, which was bought by Microsoft in October 2011, worked with intelligence agencies last year to allow Prism to collect video of conversations as well as audio;
  • Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the program as a “team sport”.

But I’m as interested in some of the details about the cooperation as the impact of that cooperation.

For example, the story describes that this cooperation takes place through the Special Source Operations unit.

The latest documents come from the NSA’s Special Source Operations (SSO) division, described by Snowden as the “crown jewel” of the agency. It is responsible for all programs aimed at US communications systems through corporate partnerships such as Prism.

But we saw that when NSA approached (presumably) Microsoft in 2002, it did not approach via SSO; it used a more formal approach through counsel.

In addition, note how Skype increased cooperation in the months before Microsoft purchased it for what was then considered a hugely inflated price, and what is now being called (in other legal jurisdictions) so dominant that it doesn’t have to cooperate with others.

One document boasts that Prism monitoring of Skype video production has roughly tripled since a new capability was added on 14 July 2012. “The audio portions of these sessions have been processed correctly all along, but without the accompanying video. Now, analysts will have the complete ‘picture’,” it says.

Eight months before being bought by Microsoft, Skype joined the Prism program in February 2011.

According to the NSA documents, work had begun on smoothly integrating Skype into Prism in November 2010, but it was not until 4 February 2011 that the company was served with a directive to comply signed by the attorney general.

The NSA was able to start tasking Skype communications the following day, and collection began on 6 February. “Feedback indicated that a collected Skype call was very clear and the metadata looked complete,” the document stated, praising the co-operation between NSA teams and the FBI. “Collaborative teamwork was the key to the successful addition of another provider to the Prism system.”

While this isn’t as obvious as Verizon’s MCI purchase — which for the first time led that carrier to hand over Internet data — it does seem that those companies that cooperate with the NSA end up taking over their rivals.

 

Remember, the Department of Commerce plays some kind of role in ensuring that companies cooperate in protecting our critical infrastructure.

As of 2:30, Microsoft stock is at a high on the day.

Citing a Culture of “Verified Trust,” DefCon Asks Feds Not to Come

/2 Comments/in , , /by

Even after I wrote this post, few people following the NSA story seem to get that James Clapper’s lie to Ron Wyden was just the culmination of a seven month effort on Wyden’s part to get Keith Alexander to correct two misleading statements he made in an unclassified forum at DefCon last year.

That is, when Wyden asked Clapper “Does the NSA collect any type of data at all on ‘millions or hundreds of millions of Americans’?,” he was trying to correct Alexander’s dodge — by way of introducing the notion of “dossiers” — that the NSA doesn’t collect information on all Americans.

Which we now know, thanks to Edward Snowden’s leaks, it does.

So I’m not surprised that — a year after Alexander made lies that have now been exposed as such — DefCon has asked the Feds not to come. (h/t Brian Krebs)

FEDS, WE NEED SOME TIME APART.

POSTED 7.10.13

For over two decades DEF CON has been an open nexus of hacker culture, a place where seasoned pros, hackers, academics, and feds can meet, share ideas and party on neutral territory. Our community operates in the spirit of openness, verified trust, and mutual respect.

When it comes to sharing and socializing with feds, recent revelations have made many in the community uncomfortable about this relationship. Therefore, I think it would be best for everyone involved if the feds call a “time-out” and not attend DEF CON this year.

This will give everybody time to think about how we got here, and what comes next. [my emphasis]

The other content of Snowden’s leaks aside, the Verizon order and the minimization procedures show that what Alexander did last year was dress up in a hacker costume and lie — not just about the degree to which NSA collects the contacts of all Americans (the lie Ron Wyden worked so hard to correct), but also about the protections offered to people who encrypt their communications (that is, hackers).

As such, any chill between the Feds and hackers should not be laid at Snowden’s feet. They should be laid at General Alexander’s.

“Is This the New Espionage?” CBS Asks of Leaking Government Files, While Airing Leaked Government Video

/23 Comments/in , /by

“Is this the new espionage,” CBS asks, “the spy who believes, for the good of his country, he must reveal its secrets?”

CBS then chooses to give former NSA Director Michael Hayden — who oversaw the NSA when it engaged in an unprecedented illegal surveillance program — airtime to ask,

What kind of sense of moral superiority does it take, to feel like your moral judgment trumps the moral judgment of not one but two Presidents, both houses of Congress, and bipartisan majorities, the American court system, and 35,000 of your coworkers at the NSA?

Congratulations to CBS for at least visually tying Hayden to his gravy train at Chertoff Group, a firm associated with profiting off of “security solutions” (like Rapiscan) that end up being too costly and ineffective.

Hayden then tries to get in the head of Bradley Manning and Edward Snowden.

These two most recent cases — Private Manning and Mr. Snowden — they’re a bit different. They’re probably doing it for ideology and almost this romantic, absolute commitment to transparency.

I’ll come back to Hayden and his very amusing outrage in a second.

But did you notice what else CBS did in this clip?

They aired a leaked CIA/FBI film produced as part of Obama’s Insider Threat program, the program that also pushes government employees to spy on their coworkers.

And while CBS later admits, several minutes into this clip, that Snowden “is not a spy,” it sure seems funny for them for have first asked if leaking spy agency materials is “the new Espionage” in a piece that itself airs leaked spy agency material.

You’d think the obvious conclusion would be that Snowden’s action is the old journalism?

So back to Michael Hayden.

CBS barely discusses the law in this clip. I mean, sure, they talk about the convicted spies Robert Hanssen and Aldrich Ames and mention the law, Espionage. But they don’t mention FISA — one of several laws that Michael Hayden broke — nor do they mention war crimes that some of Bradley Manning’s disclosures revealed.

Which is sort of odd given that according to these whistleblowers’ own descriptions of their motives, both men talked about the laws they at least perceived their government to be grossly violating. (And the Draft NSA IG Report Snowden leaked provides more details on Hayden’s unpunished crimes than we’ve gotten before.)

By the way, when Hayden claims “the American court system” sides with him? He forgets Vaughn Walker’s ruling that, in fact, the government had illegally wiretapped al-Haramain during that window when Hayden agreed to continue the program even though the Acting Attorney General Jim Comey had deemed it illegal.

CBS decided to invite a criminal, Michael Hayden, on to attack the actions of a man who had provided the public additional evidence of his crimes. The clip ends with Hayden warning about how much more empowered insider threats are.

What is new that in this modern connected era the trusted insider who betrays us is far more empowered to do damage far greater than these kinds of folks were able to do in the past and so we just have to be more vigilant.

Perhaps the question we ought to be asking is not “is this the new espionage” but “who is the greater insider threat risk, Edward Snowden or Michael Hayden?”

PCLOB: An Exercise in False Oversight

/2 Comments/in , /by

As you may have seen from the reporting or my live-tweeting of yesterday’s Privacy and Civil Liberties Oversight Board hearing on the government’s surveillance program, there were a few interesting bits of news, starting with former FISC judge James Robertson’s assertion that what FISC has done since it started approving bulk collection amounts to “approval” not “adjudication” and puts the court in an inappropriate policy making role. Robertson also said FISC needs an adversarial role it doesn’t currently have. Robertson also raised the possibility Section 215 could be used to create a gun registry not otherwise authorized by law, a point ignored by the former government officials on his panel.

I also thought James Baker’s testimony was interesting. In his prepared statements, Baker seemed to suggest the entire hearing was a wasted exercise, because the program had plenty of oversight. (Remember, Baker was in a key role at DOJ working with FISC through 2007, and got stuck trying to keep intelligence gathered under the illegal program out of traditional FISA applications.) But just before the end of the hearing Baker said before all the bulk collection, FISA worked. He repeated it, FISA worked. Baker may have come to accept these bulk programs, but he sure seemed to think they weren’t necessary.

But the most telling part of the hearing, in my opinion, is the presence of Steven Bradbury and Ken Wainstein on the panel.

There were plenty of other former government officials on the panels, representing all branches. But these two were in far more central positions in the roll out of both the legal and illegal programs. One of the key documents released by the Guardian, showing Wainstein and Bradbury recommending that newly confirmed Attorney General Michael Mukasey resume the contact chaining of Internet metadata, shows them expanding one of the most legally questionable aspects of this surveillance.

The ground rules of the hearing made it worse. The hearing followed the inane rules the Obama Administration adopts in the face of large leaks, pretending these public documents aren’t public. The Chair of PCLOB, David Medine, said no one could confirm anything that hadn’t already been declassified by the government.

Which not only put that document outside the scope of the discussion. But meant neither Bradbury nor Wainstein disclosed this clear conflict.

At one point in the hearing, the moderator even suggested that every time ACLU’s Jameel Jaffer said something, either Bradbury or Wainstein should have an opportunity to rebut what Jaffer said.

Yes, there were a number of interesting revelations at the hearing, along with the typical inanity from Wainstein and, especially, Bradbury. But it was set up with all the conflicts of a Presidential Commission meant to dispel controversy, not a real champion for privacy or civil liberties.

And its treatment of these two former government shills is just representative of that.

The Torture That Underlies FISA Court’s “Special Needs” Decisions

/7 Comments/in , , /by

At the core of the expanding dragnet approved in secret by the FISA Court, Eric Lichtblau explained, is the application of “special needs” to “track” terrorists.

In one of the court’s most important decisions, the judges have expanded the use in terrorism cases of a legal principle known as the “special needs” doctrine and carved out an exception to the Fourth Amendment’s requirement of a warrant for searches and seizures, the officials said.

The special needs doctrine was originally established in 1989 by the Supreme Court in a ruling allowing the drug testing of railway workers, finding that a minimal intrusion on privacy was justified by the government’s need to combat an overriding public danger. Applying that concept more broadly, the FISA judges have ruled that the N.S.A.’s collection and examination of Americans’ communications data to track possible terrorists does not run afoul of the Fourth Amendment, the officials said.

That legal interpretation is significant, several outside legal experts said, because it uses a relatively narrow area of the law — used to justify airport screenings, for instance, or drunken-driving checkpoints — and applies it much more broadly, in secret, to the wholesale collection of communications in pursuit of terrorism suspects. “It seems like a legal stretch,” William C. Banks, a national security law expert at Syracuse University, said in response to a description of the decision. [my emphasis]

That’s actually not entirely secret. We see the beginnings of the process in the 2002 In Re Sealed Case decision by the FISC Court of Review, which thwarted FISA Court Chief Judge Royce Lamberth’s attempt to limit how much FISA information got shared for criminal prosecutions. In approving the “significant purpose” language passed in the PATRIOT Act which made it far easier for the government to use FISA information to justify criminal investigations, the decision pointed to the post-9/11 threat of terrorism to justify FISA as a special needs program (though as I lay out in this post, they also pointed to the judicial review and specificity of FISA to deem it constitutional, which should have presented problems for the dragnet programs that followed).

FISA’s general programmatic purpose, to protect the nation against terrorists and espionage threats directed by foreign powers, has from its outset been distinguishable from “ordinary crime control.” After the events of September 11, 2001, though, it is hard to imagine greater emergencies facing Americans than those experienced on that date.

We acknowledge, however, that the constitutional question presented by this case–whether Congress’s disapproval of the primary purpose test is consistent with the Fourth Amendment–has no definitive jurisprudential answer. The Supreme Court’s special needs cases involve random stops (seizures) not electronic searches. In one sense, they can be thought of as a greater encroachment into personal privacy because they are not based on any particular suspicion. On the other hand, wiretapping is a good deal more intrusive than an automobile stop accompanied by questioning.

Although the Court in City of Indianapolis cautioned that the threat to society is not dispositive in determining whether a search or seizure is reasonable, it certainly remains a crucial factor. Our case may well involve the most serious threat our country faces. Even without taking into account the President’s inherent constitutional authority to conduct warrantless foreign intelligence surveillance, we think the procedures and government showings required under FISA, if they do not meet the minimum Fourth Amendment warrant standards, certainly come close. We, therefore, believe firmly, applying the balancing test drawn from Keith, that FISA as amended is constitutional because the surveillances it authorizes are reasonable. [my emphasis]

Even in one of the only two FISA opinions (this from the Court of Review) that we’ve seen, then, the courts used the urgent threat of terrorism post-9/11 to justify searches that they found to be very close constitutional questions.

Terrorism was “the most serious threat” our country faces, the argument went, so this seeming violation of the Fourth Amendment was nevertheless reasonable.

Or at least close, a per curium panel including longtime FISA foe Laurence Silberman argued.

And in fact, this argument has always been built into the larger dragnet programs. Jack Goldsmith’s 2004 memo on the illegal program describes how it is premised on intelligence — gathered largely from interrogations of al Qaeda operatives — showing al Qaeda wants to attack in the United States.

As explained in more detail below, since the inception of [the program] intelligence from various sources (particularly from interrogations of detained al Qaeda operatives) has provided a continuing flow of information indicating that al Qaeda has had, and continues to have, multiple redundant plans for executing further attacks within the United States. Read more

Bradley Manning Defense: Good Data Miners Are Data Hogs

/5 Comments/in , , /by

I happened to need to consult the PressFreedom transcript of today’s Bradley Manning trial. And came across this exchange, which goes to the heart of the debate on NSA’s dragnet of Americans.

In it, Manning’s lawyer, David Coombs, questioned Chief Warrant Officeer Joshua Ehresman, the ranking officer in the SCIF Manning worked in. Ehresman describes how analysts in Manning’s role were encouraged to consult whatever sources they could get their hands on.

Q And you had earlier said the term data mining, what is data mining?

A That’s pulling everything you can from every bit of intelligence assets you’ve got to help build your products.

Q Would you expect (INAUDIBLE) list of data mining?

A Yes, sir.

Q Why is that?

A Because you can’t go off one source of intelligence to predict something to happen. You have to have other stuff that indicate that it’s going to happen. You can’t just guess.

Q Where do analysts obtain their information that they’re data mining?

A Everywhere, sir. We got them on the SIPR, we got them from the T-Drive. We got them from wherever we could, open source, anything.

Q And correct me if I’m wrong, when I think of the term data mining, what you just described, is basically an analyst looking at everything and anything that they can, at any location just to kind of figure out would this perhaps be relevant to what I’m doing, is that correct, or would you provide a different definition for it?

A Yes, sir.

Q Yes, sir, that’s —

A That’s correct. You’re trying to find out yes or no this is going to happen, and, yes, this is how it’s happened and this is why it’s happening. So you have to confirm or deny your assessment.

Q Now, with regards to I guess when you’re doing this was the any guidance put out that if your you’re data mining you can do everything but go to this particular area on SIPRnet?

A No, sir.

Q So were there any restrictions on what you would data mine on SIPRnet?

A No, sir.

Q Was it common for a soldiers or analysts to data mine?

A Yes, sir.

Q Did analysts also use open source information?

A Yes, sir.

Q And what is open source information?

A That’s regular Internet, sir.

Q How would an analyst use an open source?

A We would get on and check out the web pages or you can check out local newspaper or it’s anything that doesn’t come through our secret or higher confidential webs.

Q And, again, in kind of a general description, how would open source information help your work products?

A Sometimes some of the media had information that we didn’t find out through our patrols or something. We could get patrol report and they would have outside information or a different point of view from what happens. So we would use that in our assessment, sir.

Q And were analysts encouraged to use open source information for their work products?

A Yes, sir.

Q Was there any sort of restriction placed out by the S2 section of you can go to every place besides these sites on open source?

A There was no restriction, sir.

Ehresman would go on to testify that Manning was, “our best analyst by far when it came to developing products.” Manning was, Ehresman testified, “our go-to guy for a lot of our shops, sir.”

This has little to do, directly, with the question of whether Manning will be found guilty or innocent of the charges against him.

But it does demonstrate how impossible the goal of protecting both data mining analysis and privacy is. If you want the (then) Specialist Mannings of the world to do their job well, you need to give them as much information, in relatively unfettered form, as you can.

There’s little way to achieve this goal and, at the same time, protect the data you’re piping out, aside from the honor system. And the honor system relies, in turn, on you — the United States — matching your promises and claims.

Federal Court Strikes Down Obama DOJ’s State Secrets Defense

/4 Comments/in , , , , , , , /by

In what can only be described as a significant ruling, Judge Jeffrey White in the Northern California District (CAND) has rejected the federal government’s, via the Obama and Holder Department of Justice, assertion of state secrets privilege in the case of Jewel v. National Security Agency and the related consolidated case of Shubert v. Obama.

The full decision of the court is here, and in the critical active language from the court’s own summary states:

Having thoroughly considered the parties’ papers, Defendants’ public and classified declarations, the relevant legal authority and the parties’ arguments, the Court GRANTS the Jewel Plaintiffs’ motion for partial summary adjudication by rejecting the state secrets defense as having been displaced by the statutory procedure prescribed in 50 U.S.C. § 1806(f) of FISA. In both related cases, the Court GRANTS Defendants’ motions to dismiss Plaintiffs’ statutory claims on the basis of sovereign immunity. The Court further finds that the parties have not addressed the viability of the only potentially remaining claims, the Jewel Plaintiffs’ constitutional claims under the Fourth and First Amendments and the claim for violation of separation of powers and the Shubert Plaintiffs’ fourth cause of action for violation of the Fourth Amendment. Accordingly, the Court RESERVES ruling on Defendants’ motion for summary judgment on the remaining, non-statutory claims.

The Court shall require that the parties submit further briefing on the course of this litigation going forward.

Now, before too much celebration is made, there are some sobering aspects of this decision as well. As can be told from the quote above, several counts in both complaints have been dismissed based on sovereign immunity, and the court has questions about the continued validity of the remaining counts and has requested further briefing in that regard.

With the ultimate status of the litigation left for another day, the big news today is the negation of the dreaded state secrets assertion. To say this is a rare occurrence is to be too kind. In fact, the main instance where the privilege was overcome was the al-Haramain litigation, also in CAND, where Judge Vaughn Walker found non-classified evidence sufficient to proceed in the face of the state secrets assertion, and even that case was later reversed and dismissed by the 9th Circuit.

The court in Jewel mapped out the consideration process for the privilege challenge:

The analysis of whether the state secrets privilege applies involves three distinct steps. First, the Court must ascertain whether the procedural requirements for invoking the privilege have been satisfied. Second, the Court must make an independent determination whether the information is privileged. In determining whether the privilege attaches, the Court may consider a party’s need for access to the allegedly privileged materials. See Reynolds, 345 U.S. 19 at 11. Lastly, the “ultimate question to be resolved is how the matter should proceed in light of the successful privilege claim.” El-Masri v. United States, 479 F.3d 296, 304 (4th Cir. 2007).

Noting that the assertion of state secrets must not cause “a complete surrender of judicial control over access to the courts”, Judge White wrote:

Here, having reviewed the materials submitted for review and having considered the claims alleged and the record as a whole, the Court finds that Defendants have timely invoked the state secrets doctrine. Defendants contend that Plaintiffs’ lawsuits should be dismissed as a result of the application of the privilege because the state secrets information is so central to the subject matter of the suit that permitting further proceedings would jeopardize national security. Given the multiple public disclosures of information regarding the surveillance program, the Court does not find that the very subject matter of the suits constitutes a state secret. Just as in Al-Haramain, and based significantly on the same set of facts in the record here, the Court finds that although there are certainly details that the government has not yet disclosed,

because of the voluntary disclosures made by various officials since December 2005, the nature and purpose of the [Terrorist Surveillance Program], the ‘type’ of persons it targeted, and even some of its procedures are not state secrets. In other words, the government’s many attempts to assuage citizens’ fears that they have not been surveilled now doom the government’s assertion that the very subject matter of this litigation, the existence of a warrantless surveillance program, is barred by the state secrets privilege.

507 F.3d at 1200; see also Hepting v. AT&T Corp., 439 F. Supp. 2d 974, 986-88, 991 (N.D. Cal. 2006) (holding that the existence of a program of monitoring the contents of certain telephone communications was no longer a state secret as a result of the public statements made by the President and the Attorney General). Accordingly, the Court does not find dismissal appropriate based on the subject matter of the suits being a state secret. See Totten, 92 U.S. at 107.

White went on to note that there were significant items of evidence in the Jewel case tending to confirm or negate the factual allegations in Plaintiffs’ complaints that would be subject to state secrets exclusion. However, White held that, as a matter of law, the FISA procedural mechanism prescribed under 50 U.S.C. 26 § 1806(f) preempted application of the state secrets privilege in the litigation at bar.

Citing one of the interlocutory appellate decisions in al-Haramain and the underlying logic of then trial judge Vaughn Walker), Judge White said:

In its opinion on remand in the Al-Haramain matter, this district court found that “FISA preempts the state secrets privilege in connection with electronic surveillance for intelligence purposes ….” In re National Security Agency Telecommunications Records Litigation (“In re N.S.A. Telecommunication Records Litig.”), 564 F. Supp. 2d 1109, 1111 (N.D. Cal. 2008). The undersigned agrees and finds that the in camera review procedure in FISA applies and preempts the determination of evidentiary preclusion under the state secrets doctrine. Section 1806(f) of FISA displaces the state secrets privilege in cases in which electronic surveillance yields potentially sensitive evidence by providing secure procedures under which courts can consider national security evidence that the application of the state secrets privilege would otherwise summarily exclude.

Section 1806 of the FISA enabling statutes in Title 50 of the United States Code provides, inter alia;

… whenever any motion or request is made by an aggrieved person pursuant to any other statute or rule of the United States or any State . . . to discovery or obtain applications or orders or other materials relating to electronic surveillance . . . the United States district court … shall, notwithstanding any other law, if the Attorney General files an affidavit under oath that disclosure or an adversary hearing would harm the national security of the United States, review in camera and ex parte the application, order, and such other materials relating to the surveillance as may be necessary to determine whether the surveillance of the aggrieved person was lawfully authorized and conducted.

This finding by Judge White reaffirmed at least some control by federal trial courts of sweeping assertions of state secrets privilege by the Executive Branch. That is, better than nothing, for sure. But it is rather small comfort in light of the finding of qualified immunity extended to the government on the Jewel and Shubert plaintiffs’ statutory claims under FISA.

In discussing the intersection of the FISA claims with related claims by plaintiffs under the Stored Communication Act and Wiretap Act, the court did leave several more general counts of the complaints active. However, there is no way to look at the entirety of Jeff White’s opinion and come away believing the plaintiffs have any clear path to victory in the long run. The Jewel and Shubert cases live on to fight another day, for now, but the handwriting is on the wall for either the 9th Circuit or Supreme Court to deal the death blow down the road.

Why Has the Intelligence Community Missed So Many Digital Bales of Hay?

/5 Comments/in , /by

In a piece on the intelligence community’s increasing reliance on SIGINT, LAT reports that the amount of the President’s daily brief that comes from SIGINT has increased from 60% since 2000.

Determined to identify and track Al Qaeda terrorists and to prevent another attack after Sept. 11, 2001, the NSA set about vastly enlarging its ability to capture, store and exploit the ocean of texts, emails, videos and other electronic communications.

“They took on a new mission that required sifting vast amounts of data to find a few important signals,” said Stewart Baker, who was the NSA’s general counsel from 1992 to 1994 and held top Homeland Security Department jobs in the George W. Bush administration.

Today the NSA secretly siphons an almost unimaginable number of foreign government, corporate and private communications from the World Wide Web, according to the trove of classified material disclosed by Edward Snowden, the fugitive former NSA contractor. One document leaked last week revealed that NSA computers take in 500 million “communications connections” per month in Germany alone.

[snip]

About 60% of the president’s daily brief, the highly classified intelligence summary delivered to the White House each morning, was based as of 2000 on “signals intelligence,” or intercepted communications, according to a declassified NSA document from December of that year. The NSA portion has increased since then, former officials say.

“Over the last 10 years, because of the Internet gold mine, signals intelligence has become the primary vehicle for U.S. intelligence collection,” said James Lewis, director of the technology and public policy program at the nonpartisan Center for Strategic and International Studies in Washington.

WaPo’s original story on PRISM (which, remember, is just a computer interface making it easier for analysts to access data from just 9 companies) reported that 1 in 7 pieces of intelligence in the PDB derived from PRISM, or a total of 1,477 pieces of intelligence last year (10,339 pieces of intelligence in all the PDBs last year, then?).

An internal presentation of 41 briefing slides on PRISM, dated April 2013 and intended for senior analysts in the NSA’s Signals Intelligence Directorate, described the new tool as the most prolific contributor to the President’s Daily Brief, which cited PRISM data in 1,477 items last year. According to the slides and other supporting materials obtained by The Post, “NSA reporting increasingly relies on PRISM” as its leading source of raw material, accounting for nearly 1 in 7 intelligence reports.

Remember, this is all non-public information.

Back in 2011, however, the intelligence committee failed to understand the Arab Spring that was breaking out in public fora for all the world to see (I once quipped that those who followed Democracy Now’s Sharif Kouddous on Twitter had a better understanding of what was going on than the CIA).

And as recently as this year’s confirmation hearing for John Brennan, he admitted that the CIA needed to better monitor public social networks.

BRENNAN: Well clearly, counterterrorism is going to be a priority area for the intelligence community and for CIA for many years to come. Just like weapons proliferation is as well. Those are enduring challenges. And since 9/11 the CIA has dedicated a lot of effort, and very successfully, they’ve done a tremendous job to mitigate that terrorist threat.

At the same time, though, they do have this responsibility on global coverage. And so, what I need to take a look at is whether or not there has been too much of an emphasis of the CT front. As good as it is, we have to make sure we’re not going to be surprised on the strategic front and some of these other areas, to make sure we’re dedicating the collection capabilities, the operations officers, the all-source analysts, social media, as you said, the — the so-called Arab Spring that swept through the Middle East. It didn’t lend itself to traditional types of — of intelligence collection.

There were things that were happening — happening in a — on a populist — in a populist way, that, you know, having somebody, you know, well positioned somewhere who can provide us information is not going to give us that insight, social media, other types of things. So I want to see if we can expand beyond the sodestra (ph) collection capabilities that have served us very well, and see what else we need to do in order to take into account the changing nature of the global environment right now, the changing nature of the communication systems that exist worldwide.

Though Brennan suggested that a focus on leaders rather than common people led to CIA’s blindness in this case (I’d add, a reliance on brokers like Egypt’s Omar Suleiman or Saudi Arabia’s Mohammed bin Nayef, who have an interest in depicting unrest in their countries as threats to friendly governments, distorts reality).

But whether the NSA or the CIA should have seen the revolts bubbling up in plain sight, both missed it because of all the secret stuff they remained focused on.

I’m not actually advocating for the CIA to start trolling Twitter more aggressively. Still, if the focus on secret stuff has led to blindness, we need to rethink our obsession with secret digital haystacks.