Christopher Wray and the Myth Created by Parallel Construction

/7 Comments/in , /by

At the Friday Heritage Foundation Section 702 event, FBI Director Christopher Wray argued that reforming Section 702 (he suggested, illogically, making any reforms) would rebuild the wall taken down after 9/11. (Here’s the transcript, which unfortunately doesn’t include the Q&A period.)

I think back to the time that I was in government before on 9/11, right before 9/11, right after 9/11. I think about how hard dedicated men and women throughout the intelligence community worked to try to tear down the walls that had prevented us from connecting all the information that might have been able to prevent those attacks. As I said at the beginning, listening to this debate right now, watching some of the potential ideas that are being floated strikes me as eerily similar to people, well-intentioned, starting to put bricks into a wall.

There are problems with that argument (which have as much to do with our national myopia about the risks we face and how we’ve combatted them as anything else). But I’m grateful Wray made an effort to avoid the ad hominem attacks some of Section 702’s other boosters have resorted to.

Still, Wray’s response to concerns about using Section 702 in criminal prosecutions got dangerously close to that. In response to a question from David Shedd, Wray said that concerns about the topic derive from a myth. Those of us with such concerns, Wray said, are just “confused.”

There’s been a little bit of myth development in that space. When we talk about the criminal side, I think it’s important to distinguish between the tip and lead kind of scenario that I’m describing, which is where Section 702 is so important, and the prosecution end of it, where the information of any sort is being used. Section 702 has not been used for any traditional criminal case as evidence in a trial or anything like that ever, except in about 10 terrorism prosecutions. So the notion that there are criminal agents using Section 702 to make garden variety criminal cases, that’s just myth. It is not happening.

I’m reluctant to try to guess as to how people who are confused get confused. My goal is to get them straight.

To claim this is a myth, of course, Wray has to rely on a bogus number of defendants who have gotten their legally required 702 notice — ten counterterrorism cases — thereby pretending that 702 hasn’t had a key role in far, far more criminal cases, and not just in counterterrorism cases, but also counterespionage (including nation-state hacking) and counterproliferation cases.  (Interestingly, defendants are only known to have gotten notice in eight cases, meaning Wray may have revealed two more where defendants got non-public notice.) Plus, as I’ve noted, FBI submitted notice about attorney-client violations to FISC in nine cases in the time since DOJ largely stopped giving defendants notice.

The numbers just don’t add up.

Which means, in significant part, what Wray calls a myth is, in reality, parallel construction, a myth of a different sort, the myth that law enforcement tells defendants about where their cases came from or why certain approaches were used with the case, the myth created by DOJ’s secret interpretations about how they deal with legally mandated FISA notice. The myth that decides Keith Gartenlaub is a counterintelligence threat because of the conversations he conducts on Skype, a PRISM provider, with his in-laws, only to scrub all mention of those Skype conversations (and, DOJ presumably maintains in its secret policies on the issue, the legal obligation to give notice) once you go to trial.

Wray goes on to blithely describe how content collected without a warrant comes to define the tips FBI Agents get, even before any evidence has been collected.

There’s the information over here, that the Agent is seeing in real time in the US. That’s the tip or the lead. And then there’s the information in the database. And it’s the connection that’s important. Let me talk about what’s in the database, first, and what isn’t. What’s in the database — that 4.3% [of the NSA’s targets] — that’s not evidence of garden variety criminal conduct. The only stuff that’s in that is information about foreigners, reasonably believed to be overseas, for foreign intelligence purposes. So that’s foreign intelligence information in there. That’s not evidence of … I don’t know, pick an example, you know, child porn, or something else. It could be very serious, but that’s not what’s in there. So the Agent over here, if he’s in national security investigator is connecting national sec–something that he thinks is national security information with foreign intelligence information. The criminal agent, who is not doing anything related to national security, he’s not looking to try to find some national security hook for his case. He’s just trying to make sure — let’s say he’s got a cigarette smuggling case — one of the things we know is that terrorist groups have used things like cigarette smuggling to finance their activities. There are cases that Department of Justice has brought over the years on that very thing. Cigarette smuggling is a crime. Well, it could be handled one way but if it turns out that cigarette smuggling that’s designed to support Hezballah, that’s different. It needs to be viewed differently. But we won’t know if we just build a wall between the Agent and the information that’s sitting right over here in the FBI database. [my emphasis]

Wray makes another error here, in claiming that “That’s not evidence of … I don’t know, pick an example, you know, child porn,” in the information FBI deems foreign intelligence information. Either that, or the government should very quickly inform the Ninth Circuit of that fact, because Keith Gartenlaub is as we speak challenging the use of a physical search FISA order to turn nine-year old child porn lying unaccessed on his hard drives into foreign intelligence information and thereafter into a criminal prosecution.

But it’s not just Gartenlaub and a traditional FISA search. Given that 702 PRISM collection obtains not only emails, but also attachments and data stored in the cloud, it will obtain a lot more than communications, including photos. Those photos may be garden variety sexy photos shared between adults (indeed, photos of that kind were also introduced in Gartenlaub’s case). But they also may be abusive photos of children. The Intelligence Community will use both kinds — as well as all the other kinds of non-email information obtained by targeting email accounts — for its foreign intelligence purposes.

It’s fairly unfortunate that, three years after FBI asked for and obtained a change in its Section 702 minimization procedures so as to be able to easily deal with child porn discovered using it, the FBI Director claimed publicly that Section 702  data doesn’t include child porn.

Of course it does.

Whether we should want the FBI to immediately prosecute child porn discovered in the name of foreign intelligence information or, first (as happened with Gartenlaub) use it to try to flip someone to become an informant, is a policy discussion we’re not having.

But the reason we’re not having that discussion is because of the other myth being told, the myths about prosecutions that have used parallel construction to hide the whys and wherefores of the case, in large part to sustain the myth Wray is telling here, that those tips and that warrantless collection have nothing to do with each other.

I appreciate Wray’s efforts to avoid dodging the key issues by attacking those of us who recognize the 702 needs reform. But what is really going on is that the myths the government tells about how intelligence is used serves to make a real policy discussion difficult (for people like me, who know the criminal cases) and impossible (for staffers and members of Congress, who don’t). Wray and others in the intelligence community have grown so accustomed to these myths (see this Bob Litt exchange for an example), that they don’t even seem to see the implications of parallel construction for our claims to due process anymore. If we’re confused about the use of 702 information in criminal proceedings, the government is confused about how metasticizing parallel construction rots the guarantees in our Constitution.

I imagine FBI would like to defer this discussion once again; pretending reformers are the ones inventing myths is a good way to do that. But it’s important, this time around, that we call the government on the myths they tell, even while they claim we’re the ones who’re confused.

Update: When I asked FBI about the discrepancy in numbers (8 versus 10), a spox emphasized that Wray said “about” 10 cases have used 702 evidence.

Evidence the US Government Used Section 702 against Keith Gartenlaub[‘s Parents-in-Law]

/1 Comment/in /by

A few weeks ago, I laid out how the Keith Gartenlaub case made child pornography foreign intelligence information. I showed how the FBI moved back and forth from a criminal to a FISA to a criminal warrant, only to try to use evidence of child pornography to get Gartenlaub to flip on his Chinese in-laws regarding suspected spying.

In this post, I want to lay out circumstantial evidence that Section 702 was used in the case — probably to spy on communications of Gartenlaub’s Chinese in-laws as well as his communications with them. This is circumstantial, but important, particularly given FBI Director Christopher Wray’s claims last Friday that 702 doesn’t include child pornography and has only been used in counterterrorism cases.

FBI cites his communications on PRISM providers to obtain warrant for domestic records from those providers

The first reason to believe FBI used Section 702 with Gartenlaub is that the first warrant affidavit in the case, used to obtain his and his wife’s Yahoo and Google account data, looks like typical parallel construction. It provides a means to get the content from specific PRISM providers based in large part on the use of those providers to communicate with people in China.

The GARTENLAUB SUBJECT ACCOUNT, [email protected], is used by Keith Gartenlaub at work and at home based on information provided by Boeing regarding the use of his Boeing issued laptop computer . Information obtained from a court-authorized pen register and trap and trace device shows that he is in contact with a China based email account using a Shanghai IP address seven times since March 2013. The GARTENLAUB SUBJECT ACCOUNT is also used to communicate with his wife, as reflected in the results of a pen register and trap and trace device. Emails are also forwarded from Gartenlaubs Boeing e-mail account to the GARTENLAUB SUBJECT ACCOUNT, evidence of which exists on the results of the data pen and trap and trace device.

Given that this was a spying case, the Chinese interlocutors would have been solid Section 702 targets. Though, remarkably, nowhere in the unclassified legal documents does the government do anything more than cite him saying his wife’s family was “well connected” to explain who those suspected spying recruiters were.

Gartenlaub stated he never had to worry about his security while traveling in China because his wife’s family is “well connected.” Gartenlaub did not elaborate on what connections she has.

To get the later (or earlier!) FISA order, the FBI would have had to detail who in China he was talking about. And to get that they likely would have used 702.

The mysterious absence of Skype in evidence

In addition to Google and Yahoo, the affidavit asking for Google and Yahoo content also described his most frequent communications with people in China taking place on Skype.

I have also reviewed the records provided by Skype for the account subscribed to Keith Gartenlaub. Those records showed that in the period of April 2011 to March 2013, the account contacted other accounts based in China approximately once every three days, on average. (Gartenlaub was interviewed on February 7 , 8, and 22, 2013). After Gartenlaub was contacted by the FBI to set up an interview, the Skype account subscribed to Gartenlaub contacted accounts based in China approximately three times per day 1 on average.

[snip]

His contact with Chinese-based Skype accounts spiked as soon as he was contacted by the FBI about the C17 investigation;

But not only does the affidavit not ask for a warrant for Skype (as part of Microsoft, a PRISM provider), as best I can tell no Skype data ever got introduced at trial.

In other words, a key reason they suspected Gartenlaub — his discussions with elites in China — never made it into the case in chief.

Which may be how they avoided giving him his legally mandated 702 notice.

The timing of the Section 702 NCMEC change

Then there’s the most obvious reason to think that Gartenlaub’s prosecution implicates Section 702: the coincidence between the the change in Section 702’s minimization procedures, as it pertains to sharing with the Center for Missing and Exploited Children, and the date of his arrest.

The government changed the standard minimization procedures for individualized FISA orders on August 11, 2014. Then, citing back to this earlier change, FISC approved an equivalent change in the Section 702 minimization procedures on August 26, 2014. The next day, the government arrested Gartenlaub. Particularly given how long they had had the child porn from the January 2014 search, it seems likely they waited until all relevant authorities included NCMEC permission before arresting him based off information that clearly relied on FISA information, if not earlier 702 information.

Mind you, the change in the 702 minimization procedures would only be necessary to cover Gartenlaub’s case if the government had found some evidence of the child porn before the FISA search. I can’t think of any way they could have done that unless they found him sharing porn with targeted people in China. That shouldn’t be possible — not according to regular targeting rules, anyway.

Still, the timing does make me think the government wanted both sets of minimization procedures available in time for the arrest.

Whatever the case, given how easily the government could have targeted Gartenlaub’s in-laws, and given the PRISM providers implicated (both in the known discovery and the missing Skype communications), I think it highly likely the government used Section 702 as part of this case.

Even if they didn’t provide notice.

[Photo: National Security Agency, Ft. Meade, MD via Wikimedia]

Ben Wittes and Susan Hennessey Endorse Judicial Lawbreaking

/3 Comments/in /by

The surveillance boosters are having a tough time with this year’s Section 702 reauthorization. For the first time, enough details about the program are public such that we can have a debate about the authority. In response to substantive discussions of policy, boosters are engaging in ad hominem attacks and, at times, betraying their own ignorance.

Take this piece from Ben Wittes and Susan Hennessey. For the moment, ignore the insults they use against Congress and reformers. The most remarkable passage comes where they attack the HJC reauthorization bill’s requirement that, for the yearly 702 reauthorization, the FISA Court appoint an amicus or explain why they didn’t think it was necessary.

Or consider the strange provision that requires that the FISA court must appoint an amicus curiae, or special advocate and expert, in the certification process for Section 702’s surveillance programs to make the proceedings more adversarial with respect to the government’s position. Previously, the court appointed amici — which were established in the 2015 USA Freedom Act — at its discretion. The court has never indicated any need for a change in practice; indeed, if it wanted to appoint amici in every case it would and could. Currently, FISC judges rely on highly specialized staff attorneys and call on amici when they deem outside counsel useful to their decision-making. This provision usurps judicial discretion and further burdens a heavily strained court that would now need to justify each and every decision to not use the help it didn’t ask for.

Let’s start with the clear errors in this passage.

Contrary to what these so-called experts (a former NSA lawyer!!) say, the USA Freedom Act did not “establish” the practice of appointing amici at the court’s discretion. The FISC always had that authority, and in fact appointed amici on a number of occasions before passage of USAF, as early as the 2002 In Re Sealed Case and again in the wake of the Snowden leaks.

What the USAF did was mandate that the FISC appoint an amicus curiae for novel or significant interpretations of the law, “unless the court issues a finding that such appointment is not appropriate.”

Authorization.–A court established under subsection (a) or (b), consistent with the requirement of subsection (c) and any other statutory requirement that the court act expeditiously or within a stated time–
(A) shall appoint an individual who has been designated under paragraph (1) to serve as amicus curiae to assist such court in the consideration of any application for an order or review that, in the opinion of the court, presents a novel or significant interpretation of the law, unless the court issues a finding that such appointment is not appropriate;

It troubles me that a former NSA lawyer doesn’t know what that word, “shall” means. Or perhaps is writing about matters of law without actually reading the law?

It should be obvious that the yearly authorization of the yearly 702 reauthorization program is a “significant interpretation of law.” It authorizes spying on over 100,000 people.

That was especially true this year, because the FISC had to decide what to do in response to learning NSA had been violating rules imposed back in 2011 to ensure the constitutionality of upstream collection (for several of those years, Hennessey was at NSA). Just as importantly, the FISC had to decide whether to permit back door searches of upstream surveillance that it knew included entirely domestic communications. Such searches had never been permitted before because of the privacy impact on Americans. Yet FISA judge Rosemary Collyer didn’t bother consulting with an amicus. Nor did she provide the mandated finding explaining why she didn’t need the help.

And trust me, Collyer needed the help: it’s clear she got some key technical details (the difference between SCT and MCTs) wrong. Who knows how much else she got wrong? But she figured she was smart enough she could blow off the law requiring an amicus in such situations.

In the wake of such stubbornness from the court, the HJC bill mandates an amicus for the yearly authorization. It is an obvious (and inadequate) response to a clear problem that may have profound consequences for Americans’ privacy.

In response to that, Wittes and Hennessey complain that the court — the same court that has just blown off USAF!!! — “never indicated any need” to be obligated to do what USAF requires. They claim that the “provision usurps judicial discretion,” suggesting they don’t believe the coequal Congress itself may or should exercise discretion. And they suggest the once-yearly requirement would “further burden[] a heavily strained court that would now need to justify each and every decision to not use the help it didn’t ask for,” as if simply including an amicus review for a program that affects millions is just too difficult for judges who are used to adversarial process on all their non-FISA proceedings.

Here’s the craziest thing. These two experts (including an ex-NSA lawyer!!) make clear errors of law. They appear unfamiliar with the last 702 reauthorization. They get the constitutionality of coequal branches wrong.

And having done all that, they complain about “panicky civil libertarians” and “congressional dysfunction,” as if boosters who can’t get basic facts right are in a position to judge the good faith engagement of others.

This is what passes for responsible oversight among surveillance boosters: responding to judicial obstinance by complaining that asking the poor FISA court to do what Congress mandated they do “usurps judicial discretion.”

There is far more in this piece that is erroneous and obnoxious.

But why bother laying that all out? All this piece reveals is that key surveillance boosters are either operating in bad faith or unaware of the law and implementation of the program they bitch at others about.

If this is the best the surveillance boosters can do, then we should impose far more reforms of this bill, because Hennessey has revealed that the lawyers overseeing this program don’t know enough about it to make sure it operates safely.

[Photo: National Security Agency, Ft. Meade, MD via Wikimedia]

Ned Price Rebuts HPSCI’s Ignorance on Unmasking with His Own Stupid Obfuscation

/6 Comments/in /by

Former Obama NSC staffer Ned Price has a piece on Section 702 at Lawfare that embodies the stupidity surrounding Section 702 reauthorization debate. He apparently doesn’t realize it, but his post effectively argues, “the people in Congress who oversee FISA have no clue how it works but reauthorize it forever anyway.”

Price’s post features all the typical things that Section 702 boosterism does: the false pretense that the value of Section 702 means it must be passed without even the most obvious reforms, such as ensuring FISC uses an amicus during the annual recertification so they know more than Rosemary Collyer did in this year’s go-around.

Administration officials privately concede that, in light of this conflation, Section 702 stands little chance for a clean reauthorization later this year.

[snip]

White House officials have vocally supported the clean reauthorization of Section 702 authorities.

Nor does Price admit that when he says “clean reauthorization” what he really means is “dramatic change to the norm, because it’d be permanent reauthorization.”

Further, like most 702 booster pieces, Price dismisses the real complaints of those of us who’ve raised concerns about 702, without even responding to them.

To be sure, several lawmakers from both parties have long voiced opposition to Section 702 over sincerely held, if misguided, concerns about privacy and civil liberties.

Instead of doing that, Price hauls out the old canard that this is not about “surveillance” of Americans.

All the while, law enforcement and intelligence officials—including former FBI director James Comey, Director of National Intelligence Dan Coats, and National Security Agency Director Mike Rogers—reminded lawmakers in hearing after hearing this year that the tool is not intended for surveillance of U.S. citizens,

In one of those hearings where, Price claims, these men offered reassurances about the surveillance of Americans, Coats lied about whether 702 will collect entirely domestic communications, after having just signed a certificate saying it could. And Rogers was less than forthcoming about NSA’s repeated and consistent failures to inform FISC of compliance problems in timely fashion. As I said after the key one, “given the dodgy testimony of the two men running that dragnet, Americans should have more worries than ever before.”

Worse, Price is engaged in the same old fiction: in spite of the fact that witnesses and members of Congress have made it clear for years that a key purpose of 702 is to learn what Americans are saying to 702 targets, he wields that word “target” as if it doesn’t affect Americans. It does. It permits the warrantless access to Americans’ communications, and is queried routinely by the FBI even before they open investigations on someone. If you won’t honestly deal with that, you’re unwilling to defend the program as it exists.

But all that’s just the typical 702 boosterism, which serves as backdrop for Price’s central project: to explain how Devin Nunes’ panic about unmasking this year threatens 702 reauthorization.

Within the pantheon of Trump administration scandals, the manufactured uproar over “unmasking” came and went quicker than most. It was last spring that White House officials, working in tandem with House intelligence committee Chairman Devin Nunes, laundered intelligence information in an effort to train Americans’ sights on a practice that is routine—if highly regulated—within our national security establishment.

The effort blew up in their faces. The House Ethics Committee opened an investigation into Nunes,  who partially recused himself from the Russia investigation. The White House staffer who oversaw the secret political operation has since been fired. Even prominent Republicans, including Richard Burr, the chairman of the Senate intelligence committee, have publicly distanced themselves from the affair.

Price is right that Nunes’ stunt was a manufactured scandal. That’s something I’ve been saying for months.

But along the way he engages in the same kind of stupidity as the hacks he criticizes. First, he suggests that unmasking is an entirely separate issue than 702.

Nevertheless, administration allies on Capitol Hill have repeatedly obscured those facts, publicly conflating Section 702 authorities with unmasking and leaking,

While I’ve long pointed out that back door searches Price ignores are the more common way Americans would have their communications exposed by 702 surveillance, it is nevertheless the case that Americans whose names appear in reports based off 702 are usually eventually unmasked.

ICTR provided better information on unmasked US person identities this year than last, revealing how many USP identities got released.

As I said last year, ICTR is not doing itself any favors by revealing what a tiny fraction of all 702 reports the 3,914 — it must be truly miniscule.

All that said if you do get reported in one of those rare 702 reports that includes a USP identity, chances are very good you’ll be unmasked. In 30% of the reports with USP identities, last year, at least one USP identity was released in original form unmasked (as might happen, for example, if Carter Page or Mike Flynn’s identity was crucial to understanding the report). Of the remainder, though, 65% had at least one more US person identity unmasked. I believe that means that only roughly 26% of the names originally masked remained masked in the reports.

You actually cannot separate 702 from questions about how Americans’ communications get accessed without a warrant via the authority, and contrary to what Price suggests, unmasking is one of those ways (albeit the less troubling and less common).

More importantly, Price ignores what the unmasking scandal proves.  He cites both Trey Gowdy and Tom Rooney (whom he calls Tim) raising concerns about 702 because of the treatment of Title I intercepts targeting Sergey Kislyak. He specifically describes Gowdy’s comments as being “impermeable to fact.”

The political narrative, however, has thus far proven impermeable to fact. Rep. Trey Gowdy, a proponent of Section 702, last month summarized the zeitgeist of his caucus, telling Bloomberg: “A lot of my colleagues right now are very skeptical of reauthorizing this because of how little we know about unmasking.”

But what Price doesn’t tell you is that both Gowdy and Rooney (and Mike Lee, whose citation I think Price uses disingenuously) are the key overseers in Congress of FISA. As I noted in March when Gowdy and Rooney first started pursuing this hoax, these comments prove that the people purportedly closely overseeing NSA and FISA have no fucking clue how FISA works.

I mean, these two men who ostensibly provide oversight of FISA clearly didn’t understand what the biggest risk to privacy is –back door searches of US person content — which at the FBI doesn’t even require any evidence of wrong-doing. That is the biggest impediment to reauthorizing FISA.

And testimony about the intricacies of unmasking a US person identity — particularly when a discussion of traditional FISA serves as stand-in for Section 702 — does nothing more than expose that the men who supposedly oversee FISA closely have no fucking clue — and I mean really, not a single fucking clue — how it works. Devin Nunes, too, has already expressed confusion on how access to incidentally collected US person content works.

Does anyone in the House Intelligence Committee understand how FISA works? Bueller?

So it’s not just that Price misrepresents the risk to Americans (more often brown people, not top White House officials) from 702, or that he pretends unmasking is completely separate from 702, but he actually proves that the people overseeing the authority don’t understand it.

And based on that argument, Price says we should reauthorize the authority forever.

702 Reauthorization: The Anti-Leak Package

/7 Comments/in , /by

As part of the draft Section 702 Reauthorization released this week, the House Judiciary Committee included what I’ll call the anti-leak package. They’re not actually presented in the same Title, but I want to consider them as a group as a way to consider whether they’ll do anything to make leaking less useful than internal whistleblowing.

The package consists of three things:

  • Increased penalties for improperly handling classified information
  • New protections for FBI whistleblowers and contractor whistleblowers
  • A GAO report on whether classification works

Increased penalties for improperly handling classified information

The first part of the package changes 18 USC 1924, which criminalizes unauthorized retention of classified documents, to make knowingly retaining classified information a felony, while creating a new misdemeanor for negligently retaining classified information.

SEC. 302. PENALTIES FOR UNAUTHORIZED REMOVAL AND RETENTION OF CLASSIFIED DOCUMENTS OR MATERIAL.

Section 1924 of title 18, United States Code, is amended—

(1) in subsection (a), by striking ‘‘one year’’ and inserting ‘‘five years’’;

(2) by redesignating subsections (b) and (c) as subsections (c) and (d), respectively; and 13 (3) by inserting after subsection (a) the following new subsection (b):

(b) Whoever, being an officer, employee, contractor, or consultant of the United States, and, by virtue of his office, employment, position, or contract, becomes possessed of documents or materials containing classified information of the United States, negligently removes such documents or materials without authority and knowingly retains such documents or materials at an unauthorized location shall be fined under this title or imprisoned for not more than one year, or both.

I think this was done to make what Hillary Clinton did a clear felony, so Republicans can squawk about it, rather than solving any real problem.

Which is a pity. Because those who want to write new laws criminalizing the retention and leaking of classified information (something I’m not advocating, but I understand the sentiment), it might be useful to write laws that address the problems we’re actually seeing.

For example, the Espionage Act should be rewritten to make it clear it only applies to real Espionage — the secret sharing of “national defense information” (which should be better defined) with an adversary for some kind of personal benefit. By all means, create something else that applies to the Edward Snowdens and Chelsea Mannings of the world, if you feel the need to. But in that law, do something to ensure that the David Petraeuses of the world — who leaked information to get laid and tell nice stories about himself — don’t get a wrist slap, while people who at least believe their acts to be benefitting the country face life imprisonment.

The degree to which the Espionage statute specifically, and leak prosecutions generally, have become the means to pursue arbitrary retaliation against people who don’t hew a party line undermines the legitimacy of the classification system, which (in my opinion, as someone who has covered most recent leak prosecutions) just leads to more leaking.

In related news, one of the reasons why magistrate Brian Epps Cobb denied Reality Winner bail yesterday is because she admires Snowden and Assange.

In addition, this week’s news that an NSA TAO hacker brought files home and used them on his machine running Kaspersky, thereby alerting Russia to them, suggests the need to consider the impact of even negligent improper handling, because it can have an impact akin to that of Snowden if it is compromised.

Finally, there should be some controls over abuse of Original Classification Authority, both in Prepublication Reviews, to prevent the selective censorship of important stories. And there should be some recognition that OCAs are often not the only source of information (which is one of the problems with the Hillary emails — her staffers were reporting widely known facts that the CIA later claimed a monopoly on, thereby making the information “classified”).

Perhaps the GAO review, below, can go some distance to making this happen.

New protections for contractor whistleblowers

There’s a section that extends the (still inadequate) whistleblower protections of the National Security Act to contractors, while adding protection (just for contractors!) for the reporting of “evidence of another employee or contractor employee accessing or sharing classified information without authorization.” It also adds additional reporting vehicles for FBI contractors (to DOJ or FBI’s Office of Professional Responsibility, to FBI’s Inspection Division, or to the Office of Special Counsel).

The bill also adds contractors to those you can’t retaliate against by stripping of security clearance if they’ve made a protected disclosure.

Contractor is defined as “an employee of a contractor, subcontractor, grantee, subgrantee, or personal services contractor, of a covered intelligence community element.”

As I said, this is just the protection extended to intelligence community employees, with enforcement by the President, the same guy who orders up the illegal activities (such as torture or domestic spying) of the IC.

Plus, I’m not sure the language protects against two other problems that have happened with contractors. First, the loss of a contract, which doesn’t seem to be included in the definition of personnel decisions. So an agency could retaliate not by denying a promotion, but simply denying a contract. And, for similar reasons, I’m not sure the language prevents a contractor from retaliating against one of their employees directly, particularly if they’re threatened with losing work.

As I said, I’m not sure on this. I await analysis from the people who work whistleblower issues all the time.

That said, while this is an important improvement that will extend the same inadequate protection that IC employees get to IC contractors, I think it doesn’t necessarily protect against some known kinds of retaliation.

A GAO report on whether classification works

Perhaps most interestingly, the bill asks GAO to conduct on a story on why we’re having so much leakage.

SEC. 303. COMPTROLLER GENERAL STUDY ON UNAUTHORIZED DISCLOSURES AND THE CLASSIFICATION SYSTEM.

(a) STUDY.—The Comptroller General of the United States shall conduct a study of the unauthorized disclosure of classified information and the classification system of the United States.

(b) MATTERS INCLUDED.—The study under subsection (a) shall address the following:

(1) Insider threat risks to the unauthorized disclosure of classified information.

(2) The effect of modern technology on the unauthorized disclosure of classified information, including with respect to—

(A) using cloud storage for classified information; and

(B) any technological means to prevent or detect such unauthorized disclosure.

(3) The effect of overclassification on the unauthorized disclosure of classified information.

(4) Any ways to improve the classification system of the United States, including with respect to changing the levels of classification used in such system.

(5) How to improve the authorized sharing of classified information, including with respect to sensitive compartmented information.

(6) The value of polygraph tests in determining who is authorized to access classified information.

(7) Whether each element of the intelligence community (as defined in section (4) of the National Security Act of 1947 (50 U.S.C. 3003(4))—

(A) applies uniform standards in determining who is authorized to access classified information; and

(B) provides proper training with respect to the handling of classified information.

(c) COOPERATION.—The heads of the intelligence community shall provide to the Comptroller General information the Comptroller General determines necessary to carry out the study under subsection (a).

(d) REPORT.—Not later than 180 days after the date of the enactment of this Act, the Comptroller General shall submit to the Committee on the Judiciary and the Permanent Select Committee on Intelligence of the House of Representatives and the Committee on the Judiciary and the Select Committee on Intelligence of the Senate a report containing the study under subsection (a). (e) FORM.—The report under subsection (d) shall be submitted in unclassified form, but may include a classified annex.

I really like the idea of doing such a report (though am not sure GAO can get it done in just 6 months, especially since I’m sure some agencies will filibuster any cooperation). And what a novelty, to finally consider whether polygraphs actually do what they’re claimed to do (rather than get people to confess to dirt that can later be used against them or leaked to China in an OPM hack).

As mentioned above, a really thorough such study should also look specifically at the Prepublication Review process, which is one of the most notorious forms of arbitrary use of classification.

It should also try to quantify how much classification does (abusively) hide mismanagement or law-breaking, especially in the FOIA process.

A truly thorough study would have to include leaks by members of Congress, up to and including the Gang of Four — but that’s never going to happen and so that means of leakage will remain untouched.

A study should also not only review recent leak prosecutions, with a particularly focus on the selectivity with which they’ve been taken, but compare leak prosecutions with the efficacy of internal measures (like stripping someone of clearance), which ODNI has been using more in recent years, at least before Reality Winner.

And a study should do a macro review of the initiatives put in place since Chelsea Manning’s leaks, to review overall compliance (we know NSA and CIA had not fully complied as of last year), and to measure whether those initiatives have done any good.

Finally, for the classified version, the report should include a full measure of how much internal spying is being targeted at government employees and contractors in various CI programs, and whether those are overseen adequately (they’re absolutely not).

Will this all do any good?

As I said, I’m the one lumping these together into a package, not the bill’s authors. I did so, though, to better weigh whether this will do any good — whether we’ll move the balance on necessary discussions for democracy being weighed against genuine need to protect secrets. I think an actual assessment is worthwhile.

But ultimately, I suspect our leak problem stems, in large part, from the degree to which classification (and clearances and leak prosecutions) have all been designed to give the Executive Branch unfettered ability to run an arbitrary system of secrets that does as much to serve nexuses of power as it does to keep the country safe.  Secrets, in DC, have become the coin of power, not the necessary tool to ensure a vibrant and secure democracy.

And I’m not sure this effort will do much to change that.

[Photo: National Security Agency, Ft. Meade, MD via Wikimedia]

Five Reasons the 702 Reauthorization Transparency Provisions Are Bogus

/in /by

I thought that, after Bob Litt left the Office of Director of National Intelligence, we might stop pushing transparency measures in surveillance bills that don’t provide transparency.

Nope.

For the most part, the added transparency in the bill is either already being accomplished (like counts of individual FISA orders or published minimization procedures) or useless. The exception is language requiring a real count of Pen Registers, which would fix a problem in the USA Freedom Act transparency provisions, which only counted Pen Registers that targeted communications, but not that targeted things like location data.

I’ll deal with two others — a declaration tied to Section 309 and a Comptroller General review of classification — separately.

The truly insulting “transparency” provisions, however, are the ones that pretend to count US person impact but do anything but. There are two parts to them. First, the bill mandates semiannual reports from the FBI (which, remember, got exempted from everything meaningful in the USA Freedom Act transparency provisions).

(d) SEMIANNUAL FBI REPORTS.—Together with the semiannual report submitted under subsection (a), the Director of the Federal Bureau of Investigation shall submit to the congressional committees specified in such sub-section, and make publicly available, a report containing, with respect to the period covered by the report, the number of queries made by the Federal Bureau of Investigation described in subsection (j)(1) of section 702 that resulted in communications being accessed or disseminated pursuant to such subsection.

The section requires the FBI Director to count how many queries are made under the new court order queries that — as I’ve already pointed out — are utterly meaningless. Whereas last year there was one equivalent count, in the future there will be none, because it will be a pain in the ass to get a criminal search order and it will remain easy as pie to treat any query as an assessment to use criminal evidence for foreign intelligence purposes. So this requirement is like dividing by zero: it doesn’t get you anywhere.

Then there’s the sham count of US persons sucked in by 702.

(c) INCIDENTALLY COLLECTED COMMUNICATIONS AND OTHER INFORMATION.—Together with the semi-annual report submitted under subsection (a), the Director of National Intelligence shall submit to the congressional committees specified in such subsection a report on incidentally collected communications and other information regarding United States persons under section 702. Each such report shall include, with respect to the 6-month period covered by the report, the following:

(1) Except as provided by paragraph (2), the number, or a good faith estimate, of communications acquired under subsection (a) of such section of known United States persons that the National Security Agency positively identifies as such in the ordinary course of its business, including a description of any efforts of the intelligence community to ascertain such number or good faith estimate.

(2) If the Director determines that calculating the number, or a good faith estimate, under paragraph (1) is not achievable, a detailed explanation for why such calculation is not achievable.

(3) The number of—

(A) United States persons whose information is unmasked pursuant to subsection (e)(4) of such section;

(B) requests made by an element of the Federal Government, listed by each such element, to unmask information pursuant to such subsection; and

(C) requests that resulted in the dissemination of names, titles, or other identifiers potentially associated with individuals pursuant to such subsection, including the element of the intelligence community and position of the individual making the request.

(4) The number of disseminations of communications acquired under subsection (a) of section 702 to the Federal Bureau of Investigation for cases not pertaining to national security or foreign intelligence.

(5) The number of instances in which evidence of a crime not pertaining to national security or foreign intelligence that was identified in communications acquired under subsection (a) of section 702 was disseminated from the national security branch of the Bureau to the criminal investigative division of the Bureau (or from such successor branch to such successor division).

Here’s why this is meaningless:

Under 702 precedent, it’s unclear whether the most intrusive collection is “incidental” or “intentional”

First, note what they call this? “Incidentally collected” communications.

One of the most concerning groups of Americans collected under 702 are, at least according to John Bates’ 2011 702 opinionnot incidental. Those are the entirely domestic communications believed to be foreign and targeted intentionally, such as the old MCT emails.

That’s important because what likely happens with a good deal of Americans communications — those collected under the 2014 exception — will mostly be purged in the post-tasking process. When NSA did a count of collections in 2011, they tried to hide how much they’re purging — and likely did hide a good bit even from the final count. The language of this provision, which only requires a count of Americans it “positively identifies as such in the ordinary course of its business,” would certainly invite NSA to do the same again.

At the very least, this provision should include both a definition of incidental and a definition of “ordinary course of business.”

An “ordinary course of business” at NSA will miss where most interaction with US person data occurs in the “ordinary course of business”

Then consider what it means that NSA — and not CIA or FBI, both of whom do a lot more searches on Americans collected under 702 — is asked to do this count. The other agencies are going to come across a lot more Americans because they’re looking for them, but that ordinary course of business exposure of Americans won’t ever be counted if the only count happens at NSA.

If DNI won’t be asked for a real count, don’t permit him to say a count is impossible

And even there, the DNI can balk and — as he and others have been saying for 6 years — claim they can’t come up with a number. This provision should either demand a real number and permit this cop out, or use the “ordinary course” number and demand a real number.

The obsession with unmasking represents an elite person’s focus on impact

Unsurprisingly, there’s several requirements on unmasking (as well as another entire section of this focusing on procedures for unmasking and a dedicated report on it, which I’m ignoring).

I know that certain Republicans have discovered the impact of surveillance by learning that they or their friends can be swept up having sensitive conversations with Russians. But the focus on unmasking really reflects an elite concern. That’s because the people who are most likely to be swept up in intercepts but masked because the political sensitivity of collecting on them outweighs the intelligence value are elites — people like Devin Nunes and Jeff Sessions, not people like Mohammed Mohamud or other brown people. Those non-elite people are the ones who’ll be prosecuted for being swept up in a 702 intercept, rather than warned off by the FBI.

So along with the boredom of having Republicans continue to pretend this is the most dangerous impact on Americans, understand that believing that is largely about elites worrying about elites.

Tracking disseminations that don’t happen

Finally, the transparency provisions track two kinds of sharing with FBI criminal investigators, that don’t track how Americans might be affected in criminal investigations.

First, it asks for “The number of disseminations of communications acquired under subsection (a) of section 702 to the Federal Bureau of Investigation for cases not pertaining to national security or foreign intelligence.” It doesn’t define “national security” (elsewhere, the bill invites the IC to define foreign intelligence). It doesn’t say “dissemination” from whom? Is this just crimes like kiddie porn (which can be a foreign intelligence if owned by a Boeing engineer, under the Gartenlaub precedent) identified by the NSA and handed over?

But the entire item is pretty meaningless, given that FBI gets raw data, which is where evidence of a crime is most likely to be IDed.

Then there’s the question about how much gets disseminated from FBI’s National Security Division to FBI’s criminal division. But at least as I understand it from Semiannual reports, access to FISA data has all been decentralized to the field office. Already, that creates problems for oversight, because ODNI and DOJ aren’t doing visits to all field offices (contrary to what was claimed in congressional testimony this year). But that also means it doesn’t (as far as I know) take a dissemination from NSD to criminal to result in the dissemination of information, because Agents with FISA clearance are going to be able to access that data from the comfort of their own office.

For both these counts, then, HJC seems to be pretending that no raw 702 data is shared with FBI. But it is. And that’s the stuff that matters.

Which is why that’s the stuff we’ll never be able to count.

Congress keeps pretending they want counts of the impact of this. The NSA count they’re refusing to do is one thing — they can at least claim privacy considerations.

But they biannual charade of pretending we’re getting FBI to examine the impact of their actions when in fact we’re letting them operate without any such metrics is getting old.

702 Reauthorization Bill: Why a Back Door Fix for Criminal Searches Is Meaningless

/1 Comment/in , , /by

In this post, I explained how the House Judiciary Committee Section 702 reauthorization bill only closes the back door search loophole for “quer[ies] for evidence of a crime.” In addition, they let the government define what a “query reasonably designed for the primary purpose of returning foreign intelligence information” is, which means they’re basically punting on defining it themselves until 2023.

Given that treatment, the back door search fix is virtually useless, because for every search that might return the communications of an American, the government can always claim they’re considering recruiting the American as an informant.

Any communication queryable by back door search by definition involves a person of interest for a foreign intelligence reason

To understand why, first remember why FBI would get this information in the first place. They can only get raw 702 data if they have an active full investigation — and by definition, the targets of that that active full investigation are going to be targeted for the same reasons the target would be targeted by NSA, because they are of national security interest, pertaining to counterterrorism, counterproliferation, and counterintelligence/nation-state hacking.

Thus, any American whose communications might come up in a back door search will — by definition — be someone talking to a target of interest. That doesn’t mean they’re talking to a “bad guy,” as US national security professionals insist on speaking of adversaries. They’re just someone who has foreign intelligence information related to one of those three-plus topics.

Since 2002, the government has insisted that any crime — including rape — can be foreign intelligence information

The precedent that determined the limits of the government’s use of FISA-obtained information in criminal proceedings came in the 2002 In Re Sealed case challenge where the FISA Court of Review deemed the PATRIOT Act’s adoption of “significant purpose” language in FISA targeting to permit the sharing of information for criminal purposes.

As part of that case, the government claimed it could use criminal information to recruit a foreign spy.

Thus, for example, where information is relevant or necessary to recruit a foreign spy or terrorist as a double agent, that information is “foreign intelligence information” if the recruitment effort will “protect against” espionage or terrorism.

[snip]

Whether the government intends to prosecute a foreign spy or recruit him as a double agent (or use the threat of the former to accomplish the latter), the investigation will often be long range, involve the interrelation of various sources and types of information, and present unusual difficulties because of the special training and support available to foreign enemies of this country. [my emphasis]

During the hearing, FISCR judge Laurence Silberman tried to get Solicitor General Ted Olson to envision some kind of crime that couldn’t be used for foreign intelligence purpose, suggesting rape. But even that, Olson argued, could be deemed foreign intelligence information, because the government could use evidence of rape to coerce someone to become an informant.

OLSON: And it seems to me, if anything, it illustrates the position that we’re taking about here. That, Judge Silberman, makes it clear that to the extent a FISA-approved surveillance uncovers information that’s totally unrelated — let’s say, that a person who is under surveillance has also engaged in some illegal conduct, cheating —

JUDGE LEAVY: Income tax.

SOLICITOR GENERAL OLSON: Income tax. What we keep going back to is practically all of this information might in some ways relate to the planning of a terrorist act or facilitation of it.

JUDGE SILBERMAN: Try rape. That’s unlikely to have a foreign intelligence component.

SOLICITOR GENERAL OLSON: It’s unlikely, but you could go to that individual and say we’ve got this information and we’re prosecuting and you might be able to help us. I don’t want to foreclose that.

JUDGE SILBERMAN: It’s a stretch.

SOLICITOR GENERAL OLSON: It is a stretch but it’s not impossible either. [my emphasis]

The previous year, in 2001, the government had used the threat of a rape prosecution against Abu Zubaydah’s brother, Hesham Abu Zubaydah (who had had calls with his brother picked up on wiretaps), to convince him to become an informant. The FISCR decision certainly didn’t endorse approving individual FISA warrants to find proof of crimes that could be used to flip people. But neither did it place meaningful limits (and why should it, given that in those halcyon days all FISA orders were individualized).

In years since then, the government has repeatedly told the FISC they’re using programmatic spying to find informants. In both 2006 and 2009 it said it would use the phone dragnet “to discover individuals willing to become U.S. Government assets.” (see PDF 22 for citations to two Keith Alexander statements) That’s also one way the FBI measured the efficacy of Stellar Wind.

The Gartenlaub case shows FBI will use kiddie porn to (attempt to recruit) foreign intelligence informants

This is one reason the Keith Gartenlaub case is so important, in which the government used a criminal warrant, then a FISA warrant, then another criminal warrant to obtain evidence that Gartenlaub had nine-year old kiddie porn on his hard drives. The government justified all those warrants based on the claim that Gartenlaub was working with his Chinese in-laws — who always got described as influential in China — to steal Boeing information to share with China. Ultimately, they found no evidence of that.

I will eventually show evidence that the government also used Section 702 against Gartenlaub, probably (at a minimum) to obtain the Skype conversations he had with his in-laws, who would be targetable as influential Chinese citizens.

In any case, in association with the Gartenlaub case, the government changed both the individual FISA and the Section 702 minimization procedures to permit the sharing of data collected under FISA with the National Center for Missing and Exploited Children, meaning they can use FISA to obtain information on kiddie porn in the name of foreign intelligence collection.

After they indicted Gartenlaub, the government offered to drop the charges for information on the spying with China.

During his initial appearance in a federal courthouse in Santa Ana, Calif., the prosecutors indicated a willingness to reduce or drop the child pornography charges if he would tell them about the C-17, said Sara Naheedy, Gartenlaub’s attorney at the time.

Even at that late date, after eighteen months, two criminal warrants, and a FISA warrant, the government was treating Gartenlaub’s alleged kiddie porn possession as potential foreign intelligence information.

One purpose of assessments — and queries conducted under them — is to assess people to become informants

Every description of back door searches is clear: FBI can use them at the assessment level (that is, when they’re trying to figure out whether to open a full investigation).

[W]henever the FBI opens a new national security investigation or assessment, FBI personnel will query previously acquired information from a variety of sources, including Section 702, for information relevant to the investigation or assessment. With some frequency, FBI personnel will also query this data, including Section 702– acquired information, in the course of criminal investigations and assessments that are unrelated to national security efforts. In the case of an assessment, an assessment may be initiated “to detect, obtain information about, or prevent or protect against federal crimes or threats to the national security or to collect foreign intelligence information.

And FBI’s Domestic Investigations and Operations Guide is equally clear: the FBI uses assessments to determine whether people would make good informants. For example, the DIOG describes this scenario — which sounds just like what happened to Professor Xiaoxiang Xi — among its scenarios for using assessments.

A field office has a Full Investigation open on a group of individuals from country X believed to be targeting engineers and high-tech workers involved in the production of semiconductor chips. Evidence in the Full Investigation suggests that the individuals from country X are attempting to recruit the engineers and high tech workers to steal information regarding the semiconductor chips in exchange for money. During the investigation, an engineer who travels frequently to country X has been identified.

Information developed during the Predicated Investigation may be used to determine whether the engineer should be viewed as a subject of the investigation or a potential [Confidential Human Source]. If the engineer is determined to be a subject of the Full Investigation, a Type 5 Assessment may not be opened and the engineer needs to be opened as the target of a Full Investigation. If the primary focus of the FBI’s interest is to determine whether the individual may be a potential source, a Type 5 Assessment should be opened to collect information necessary to determine whether the FBI should attempt to recruit the engineer as a CHS. (PDF 117)

Remember: the FBI can obtain any 702 data related to a full investigation like the one described here. And Chinese scientists suspected of IP theft would be clear targets under the Foreign Government certificate. So it is solidly within the realm of possibility that the government would target Chinese scientists, obtain conversations (like the one that Xi got targeted for) about semiconductors, and then find that information at a later time when researching the American whose communication got collected incidentally.

That’s the problem with trying to fix the back door loophole while still permitting back door searches for foreign intelligence assessments: because it’s not until the government pulls up the information at the assessment stage — and it may well be years later, as was the case for Gartenlaub — that the government decides whether they’re going to use it and its fruits as foreign intelligence or criminal information.

Section 702 Reauthorization Bill: The Very Narrowly Scoped Back Door Search Fix

/1 Comment/in , /by

This is my second post on the draft House Judiciary Committee version of the Section 702 reauthorization. In this post, I’ll look at how the bill tries to fix the back door search loophole. In two followup posts I’ll explain why this fix is inadequate legislatively, and why it is inadequate legally.

The back door fix:

  • Requires a court order to access content “for evidence of a crime”
  • Requires an AG relevance statement to access metadata-plus
  • Creates exceptions that swallow the rule
  • Prevents reverse targeting
  • Mandates simultaneous access to FBI databases
  • Permits broad delegation
  • Creates auditable records with big loopholes
  • Invites the government to define foreign intelligence information

Requires a court order to access content “for evidence of a crime”

Here’s the language that requires the government to obtain a court order when accessing Section 702 data.

(j) REQUIREMENTS FOR ACCESS AND DISSEMINATION OF COLLECTIONS OF COMMUNICATIONS.—

(1) COURT ORDERS AND OTHER REQUIREMENTS.—

(A) COURT ORDERS TO ACCESS CONTENTS.—Except as provided by subparagraph (C), in response to a query for evidence of a crime, the contents of queried communications acquired under subsection (a) may be accessed or disseminated only upon—

(i) an application by the Attorney General to a judge of the Foreign Intelligence Surveillance Court that describes the determination of the Attorney General that—

(I) there is probable cause to believe that such contents may provide evidence of a crime specified in section 2516 of title 18, United States Code (including crimes covered by paragraph (2) of such section);

(II) noncontents information accessed or disseminated pursuant to subparagraph (B) is not the sole basis for such probable cause;

(III) such queried communications are relevant to an authorized investigation or assessment, provided that such investigation or assessment is not conducted solely on the basis of activities protected by the first amendment to the Constitution of the United States; and

(IV) any use of such queried communications pursuant to section 706 will be carried out in accordance with such section;

(ii) an order of the judge approving such application.

The requirement only applies to evidence of crime. It requires the crime to be one of the ones listed in the Wiretap Act, but includes state crimes, which in turn includes drug crimes (and child pornography, which of course is now in Section 702’s minimization procedures).

For some reason, it requires this application to go to FISC, rather than a regular magistrate, which is problematic both from a time management issue for FISC but also for reasons of standardization among magistrates. That’s all the more concerning given that the bill doesn’t explain what kind of review the FISC judge can do — whether the judge can actually review for probable cause, or whether she doesn’t have that authority. This is a big concern, because DOJ has repeatedly told FISC judges in secret that they don’t have authority specifically laid out in law, not even when they were asking judges to approve programmatic spying.

One good part of this language is that it requires something beyond metadata from a 702 search to support a probable cause review.

As I’ll write in a follow-up, though, the limitation of this to criminal purposes makes it absolutely meaningless — it simply misunderstands how FBI conducts these queries (and obviously doesn’t apply to how NSA and CIA do it).

Requires an AG relevance statement to access metadata-plus

In addition to the controls on content, this reauthorization also imposes new controls on access to metadata-plus.

(B) RELEVANCE AND SUPERVISORY APPROVAL TO ACCESS NONCONTENTS INFORMATION.—Except as provided by subparagraph (C), in response to a query for evidence of a crime, the information of queried communications acquired under subsection (a) relating to the dialing, routing, addressing, signaling, or other similar noncontents information may be accessed or disseminated only upon a determination by the Attorney General that—

(i) such queried communications are relevant to an authorized investigation or assessment, provided that such investigation or assessment is not conducted solely on the basis of activities protected by the first amendment to the Constitution of the United States; and

(ii) any use of such queried communications pursuant to section 706 will be carried out in accordance with such section.

This imposes an Attorney General certification of relevance for access to 702-derived “metadata-plus.” I’m using that term to refer to the broadened definition of metadata that presumably invokes John Bates’ definition adopted in a series of opinions, but which remains entirely redacted.

Consider the absurdity of the proposition that the government can search “just metadata” but metadata is so sensitive it can’t be publicly defined. And Congress chooses not to define it here either.

If we need to revisit the definition of metadata, then Congress should do it here, not just nod blindly to redacted opinions at FISC.

And, again, this applies only to crimes.

Creates exceptions that swallow the rule

As I keep saying, the back door search fix only applies to criminal searches. Here’s what is not included.

(C) EXCEPTIONS.—The requirement for an order of a judge pursuant to subparagraph (A) and the requirement for a determination by the Attorney General under subparagraph (B), respectively, shall not apply to accessing or disseminating queried communications acquired under subsection (a) if one or more of the following conditions are met:

(i) Such query is reasonably designed for the primary purpose of returning foreign intelligence information.

(ii) The Attorney General makes the determination described in subparagraph (A)(i) and

(I) the person related to the queried term is the subject of an order or emergency authorization that authorizes electronic surveillance or physical search under this Act or title 18 United States Code; or

(II) the Attorney General has a reasonable belief that the life or safety of a person is threatened and such contents are sought for the purpose of assisting that person.

(iii) Pursuant to paragraph (5), the person related to the queried term consents to such access or dissemination.

First, the bill exempts emergency or threat to life queries.

But before it does that, it exempts all requests “designed for the primary purpose of returning foreign intelligence information.” In a different section, HJC punts on the issue of defining what “foreign intelligence information” means, directing the government to do that in minimization procedures.

It punts on more than that. How can you have one category for “primary purpose” FI information, but then not treat criminal searches as primary? Where does that line end? Especially given that this is permitted, for both criminal and intelligence purposes, at the assessment level, which is before the government has any evidence.

In short, even where it is writing exceptions, the bill does it in such a way as to let the split swallow the rule.

Prevents reverse targeting

I think this language prohibits reverse targeting.

(D) LIMITATION ON ELECTRONIC SURVEILLANCE OF UNITED STATES PERSONS.—If the Attorney General determines that it is necessary to conduct electronic surveillance on a known United States person who is related to a term used in a query of communications acquired under subsection (a), the Attorney General may only conduct such electronic surveillance using authority provided under other provisions of law.

As I read it, if the FBI queries 702 data and finds evidence of a crime, they cannot then develop that evidence using already collected (or newly targeted) 702 data. They have to get a criminal warrant to do it.

Mind you, this is the kind of authorities laundering they do anyway, but this prohibition is worthwhile.

Mandates simultaneous access to FBI databases

The most interesting — and potentially dangerous — language in this section mandates that when the FBI does queries, all the data they have be accessible.

(E) SIMULTANEOUS ACCESS OF FBI DATABASES.—The Director of the Federal Bureau of Investigation shall ensure that all available investigative or intelligence databases of the Federal Bureau of Investigation are simultaneously accessed when the Bureau properly uses an information system of the Bureau to determine whether information exists in such a database. Regardless of any positive result that may be returned pursuant to such access, the requirements of this subsection shall apply.

I say it’s dangerous, because it might require very compartmented data to be more broadly accessible.

But the other thing that’s interesting about it is it will ensure that if there’s any multiplicitous data in the databases, FBI will have options to bypass the intent of the back door fix.

Consider: a great deal of individually targeted FISA data will replicate data obtained using 702 (which may in fact be the data the government used to obtain a targeted FISA order). A search on such data will return both the traditional FISA data and the 702 data. In cases where the FBI can use the former, they don’t have to bother with a “warrant” from FISC. As FBI obtains more and more raw EO 12333 data, that will be even more true there.

So while there may be an interesting operational reason for this — perhaps FBI even missed information in some sensitive investigation because not all data was accessible? — there are also clear downsides and the likelihood this will turn into a workaround to make the back door search even less meaningful.

Permits broad delegation

Another thing HJC doesn’t bother to specify is how broadly the Attorney General can delegate the authority for these various declarations.

(F) DELEGATION.—The Attorney General shall delegate the authority under this paragraph to the fewest number of officials that the Attorney General determines practicable.

(2) AUTHORIZED PURPOSES FOR QUERIES.—A collection of communications acquired under subsection (a) may only be queried for legitimate national security purposes or legitimate law enforcement purposes.

This was a significant problem behind the early NSL abuses. Letting the AG decide how much authority he wants to delegate invites similar abuses and is not why we’re paying Congress.

Creates auditable records with big loopholes

As always with transparency provisions, the loopholes are far more interesting than the provisions themselves, because they reveal where the interesting stuff is hiding. This requirement applies to all four agencies that get raw 702 traffic: NSA, CIA, NCTC, and FBI.

NSA is already doing this kind of record-keeping (sort of, though given the violations discovered last year, there’s reason to doubt it). But once they set the requirement, they create big problematic loopholes.

(3) RETENTION OF AUDITABLE RECORDS.— The Attorney General and each Director concerned shall retain records of queries that return a positive result from a collection of communications acquired under subsection (a). Such records shall—

(A) include such queries for not less than 5 years after the date on which the query is made; and

(B) be maintained in a manner that is auditable and available for congressional oversight.

With this language, HJC exempts Congressional queries (which I’m fine with), but also tech queries.

(4) COMPLIANCE AND MAINTENANCE.—The requirements of this subsection do not apply with respect to queries made for the purpose of—

(A) submitting to Congress information required by this Act or otherwise ensuring compliance with the requirements of this section; or

(B) performing maintenance or testing of information systems.

Until at least 2010, NSA was using tech queries to do metadata searches that weren’t authorized by the phone dragnet (which was facilitated by having tech people co-located with analysts, which made it easy for the analysts to as for help). If you exempt tech people, you will have abuses on any restriction.

In addition, the auditable record requirement doesn’t count for those who’ve given consent, which includes informants.

(5) CONSENT.—The requirements of this subsection do not apply with respect to—

(A) queries made using a term relating to a person who consents to such queries; or

(B) the accessing or the dissemination of the contents of queried communications of a person who consents to such access or dissemination.

From this I assume that a great many of these queries (especially those at CIA that aren’t now being counted) are being done for Insider Threat detection, which tracks a bunch of people who, by obtaining a clearance, have given consent for this kind of searching. I assume there are a great many of them too, since they need to be hidden.

(6) DIRECTOR CONCERNED.—In this subsection, the term ‘Director concerned’ means the following:

(A) The Director of the National Security Agency, with respect to matters concerning the National Security Agency.

(B) The Director of the Federal Bureau of Investigation, with respect to matters concerning the Federal Bureau of Investigation.

(C) The Director of the Central Intelligence Agency, with respect to matters concerning the Central Intelligence Agency.

(D) The Director of the National Counterterrorism Center, with respect to matters concerning the National Counterterrorism Center.

Invites the government to define foreign intelligence information

Finally, the bill requires the government to adopt a meaning for “query reasonably designed for the primary purpose of returning foreign intelligence information” in yearly certifications, rather than doing it themselves.

(b) PROCEDURES.—Subsection (e) of such section 6 (50 U.S.C. 1881a(e)) is amended by adding at the end the following new paragraph:

(3) CERTAIN PROCEDURES FOR QUERYING.— The minimization procedures adopted in accordance with paragraph (1) shall describe a query reasonably designed for the primary purpose of returning foreign intelligence information pursuant to subsection (j)(1)(C)(i).’’.

Again, it is the job of Congress to do this. Once the IC defines this in such a way that will further swallow up the rule, what then? We wait until 2023 (which is when this law would next get reauthorized) to define the term meaningfully? At some point we need to have an explicit discussion about the foreign intelligence purposes that drive a lot of these queries, and talk about whether they’re permissible under the Fourth Amendment. Now would be a good time, but this language just punts the question.

Other 702 posts

702 Reauthorization Bill: The “About” Fix (What Is A Person?)

[Photo: National Security Agency, Ft. Meade, MD via Wikimedia]

702 Reauthorization Bill: The “About” Fix (What Is A Person?)

/2 Comments/in /by

I’m going to do a series of posts on the draft 702 reauthorization bill, which is here. The bill makes a number of improvements to the status quo, but it’s not clear whether it fixes the biggest problems with Section 702.

Take the “about” fix, which is a short and sweet change to the targeting procedures.

(4) LIMITATION.—During the period preceding September 30, 2023, the procedures adopted in accordance with paragraph (1) shall require that the targeting of a person is limited to communications to or from the targeted person.

As a reminder, “about” collection targeted the content of “communications” — perhaps searching on something like Osama bin Laden’s phone number in the content of email. It posed a problem because sometimes NSA obtains upstream communications in bundles, meaning they’ll get a number of unrelated communications at the same time. In such a case, if an email in a bundle included the target (OBL’s phone number), then all the emails would be collected, which also might include emails to other people. In a small number of cases, such collection would result in the collection of entirely domestic communications that had no foreign intelligence value; it resulted in a larger number of entirely domestic, unbundled communications that were of foreign intelligence value because they mentioned the selector.

The legislative fix largely parallels the fix Rosemary Collyer approved in April. She accomplished this (relying on an Administration memo that, unlike almost everything else from the reauthorization process, has not been released) this way:

Finally, upstream collection of Internet transaction [redacted] for communications to or from a targeted person, but “abouts” communication may no longer be acquired. The NSA Targeting Procedures are amended to state that “[a]cquisitions conducted under these procedures will be limited to communications to or from persons targeted in accordance with these procedures. [citation removed], and NSA’s Minimization Procedures now state that Internet transactions acquired after March 17, 2017, “that are not to or from a person targeted in accordance with NSA’s section 702 targeting procedures are unauthorized acquisitions and therefore will be destroyed upon recognition.” [citation removed]

Here’s how it looks in practice, in the current targeting procedures.

In both cases, I have a similar concern, one which is made more obvious in the targeting procedures. They start by suggesting that all acquisitions under 702 will be limited to “communications to or from persons targeted in accordance with these procedures.” But then its discussion of upstream collection defines “Internet transaction” in such a way to treat it only as a communication.

The draft bill similarly suggests the possibility that there is the targeting of persons — for whom the active user rule much hold, but if there were some other kind of targeting, it might not hold.

What is a person, in this situation? Does this language prevent NSA from targeting a group (a point raised by John Bates on precisely this point in 2011)? Can NSA target — say — an encryption product used by a corporate group (ISIS’s shitty encryption product, for example), and if so are all users of that product assumed to be part of the group? What happens if the collection is targeting the command and control server of a botnet; any communications back and forth from it are, technically speaking, communications, but not involving a human person.

In other words, both versions of this prohibition seem to operate under they fiction that NSA is just collecting emails, traditional communications between traditional people. I’m actually not sure how the language would apply to other stuff. I’m also not sure if the possible exceptions would have privacy concerns.

Which is why I’m not certain whether the prohibition actually eliminates the privacy threat in question.

Not least, because directly after the introduction of the prohibition in her opinion, Collyer acknowledges that NSA will still obtain entirely domestic comms.

As I’ve said elsewhere, I think this prohibition does fix the email (and other kinds of Internet messaging) MCT problem. But given that even Collyer admits NSA will still obtain domestic communications, there’s still the problem that those domestic comms will be sucked up in the newly permitted back door searches of upstream communications.

Why Did Google Miss a Lot of Users Affected by FISA?

/2 Comments/in /by

There’s been some bad news in the transparency reports issued by America’s tech companies thus far. First, Apple revealed a huge spike in FISA requests.

the number of national security orders, including secret rulings from the Foreign Intelligence Surveillance Court, spiked during the period.

The company received between 13,250 and 13,499 national security orders, affecting between 9,000 and 9,249 accounts.

That’s a threefold increase compared to the year earlier, which saw up to 2,999 orders for the period.

It’s the largest number of national security orders that Apple has ever reported in five years of publishing transparency reports.

My guess is this reflects increasing reliance on requests to Apple to obtain information that would otherwise be encrypted (it might even suggest Apple was forced to put a back door into their phones, though there has been no declassified FISC opinion that would reflect that, so I doubt that’s it). I’m wondering, because of the change Apple just made in iOS 11 that requires passwords before a phone trusts a computer, whether Apple has been asked to turn over backups of iPhones shared to iTunes, but that’s admittedly a wildarseguess.

Then, in addition to an new high in standard government information requests, Google also revised its previously issued national security request numbers to reflect (on the most part) significantly more users and/or accounts affected (CNet reported this here).

At first I thought this might reflect either the two-year delayed reporting on new services being requested or delayed collection off an original target (which might happen if someone commented, four years later, on a YouTube video posted by an account being tasked).  And while some combination of those might be involved, Google claims this was an inadvertent undercounting

We’ve also posted updated figures for the number of users/accounts impacted by Foreign Intelligence Surveillance Act (FISA) requests for content in previous reporting periods. While the total number of FISA content requests was reported accurately, we inadvertently under-reported the user/account figures in some reporting periods and over-reported the user/account figures in the second half of 2010. The corrected figures are in the latest report and reflected on our visible changes page. [my emphasis]

Which suggests it may instead pertain to uncertainty — on the part of the government, especially — of which selectors relate to a natural person.

As I have noted, in the government’s own transparency reporting, they provide estimated numbers of targets for both 702 and traditional FISA. The reason they can only provide estimates is almost certainly because for both authorities (and for much of NSA’s 12333 targeting) they’re targeting selectors of interest, only some of which they’ve tied to a known person’s identity. And it’s likely they have selectors that are interesting because of their contacts and other behaviors that belong to already known targets using other selectors.

I provided some background on why this is the case in this post on changes in the reporting provisions the 2015 version of USA Freedom Act.

First, the reporting provisions as a whole move from tracking “individuals whose communications were collected” to “unique identifiers used to communicate information.” They probably did that because they don’t really have a handle on which of the identifiers all represent the same natural person (and some aren’t natural persons), and don’t plan on ever getting a handle on that number. Under last year’s bill, ONDI could certify to Congress that he couldn’t count that number (and then as an interim measure I understand they were going to let them do that, but require a deadline on when they would be able to count it). Now, they’ve eliminated such certification for all but 702 metadata back door searches (that certification will apply exclusively to CIA, since FBI is exempted). In other words, part of this is just an admission that ODNI does not know and does not planning on knowing how many of the identifiers they target actually fit together to individual targets.

But since they’re breaking things out into identifiers now, I suspect they’re unwilling to give that number because for each of the 93,000 targets they’re currently collecting on, they’re probably collecting on at least 10 unique identifiers and probably usually far, far more.

Just as an example (this is an inapt case because Hassanshahi, as a US person, could not be a PRISM target, but it does show the bare minimum of what a PRISM target would get), the two reports Google provided in response to administrative subpoenas for information on Shantia Hassanshahi, the guy caught using the DEA phone dragnet (these were subpoenas almost certainly used to parallel construct data obtained from the DEA phone dragnet and PRISM targeted at the Iranian, “Sheikhi,” they found him through), included:

  • a primary gmail account
  • two secondary gmail accounts
  • a second name tied to one of those gmail accounts
  • a backup email (Yahoo) address
  • a backup phone (unknown provider) account
  • Google phone number
  • Google SMS number
  • a primary login IP
  • 4 other IP logins they were tracking
  • 3 credit card accounts
  • Respectively 40, 5, and 11 Google services tied to the primary and two secondary Google accounts, much of which would be treated as separate, correlated identifiers

So just for this person who might be targeted under the new phone dragnet (though they’d have to play the same game of treating Iran as a terrorist organization that they currently do, but I assume they will), you’d have upwards of 15 unique identifiers obtained just from Google. And that doesn’t include a single cookie, which I’ve seen other subpoenas to Google return.

In other words, one likely reason the IC has decided, now that they’re going to report in terms of unique identifiers, they can’t report the number of identifiers targeted under PRISM is because it would make it clear that those 93,000 targets represent, very conservatively, over a million identifiers — and once you add in cookies, maybe a billion identifiers — targeted. And reporting that would make it clear what kind of identifier soup the IC is swimming in.

Here’s another list of the kinds of identifiers the government seeks with just a 2703(d) order (remember, under PRISM, the government would get both this list of the identifiers, as well as the content or other activity, including location data, tied to the identifiers).

A. The following information about the customers or subscribers of the Account:
1. Names (including subscriber names, user names, and screen names);
2. Addresses (including mailing addresses, residential addresses, business addresses, and e-mail addresses);
3. Local and long distance telephone connection records;
4. Records of session times and durations, and the temporarily assigned network addresses (such as Internet Protocol (“IP”) addresses) associated with those sessions;
5. Length of service (including start date) and types of service utilized;
6. Telephone or instrument numbers (including MAC addresses);
7. Other subscriber numbers or identities (including temporarily assigned network addresses and registration Internet Protocol (“IP”) addresses (including carrier grade natting addresses or ports)); and
8. Means and source of payment for such service (including any credit card or bank account number) and billing records.

B. All records and other information (not including the contents of communications) relating to the Account, including:
1. Records of user activity for each connection made to or from the Account, including log files; messaging logs; the date, time, length, and method of connections; data transfer volume; user names; and source and destination Internet Protocol addresses;
2. Information about each communication sent or received by the Account, including the date and time of the communication, the method of communication, and the source and destination of the communication (such as source and destination email addresses, IP addresses, and telephone numbers);
3. Records of any accounts registered with the same email address, phone number(s), method(s) of payment, or IP address as either of the accounts listed in Part 1; and Records of any accounts that are linked to either of the accounts listed in Part 1 by machine cookies (meaning all Google user IDs that logged into any Google account by the same machine as either of the accounts in Part A).

But for PRISM requests (as opposed to the new phone dragnet implemented in 2006), this works in reverse, with the government providing long lists of identifiers it wants to task, which may or may not reflect groupings using NSA’s own correlation process into identifiable targets. While the government surely asks for all Google content knowingly tied to all accounts of a known identifier (so, for example, if the government tasked “emptywheel” they also might get random Google accounts I set up under different names years ago, as well as accounts they connect by common use of the same cookie), it’s possible the government submits selectors believing they belong to the same person when in fact they are separate individuals.

Particularly once you’re tying collection to an IP address, it’s likely you’ll get multiple people off the same selector. And it may take Google some time to sort all that out. So that’s my guess of what’s going on: the change in numbers reflects the degree of uncertainty — even for Google! — regarding how many people are actually being targeted here.

 

That said, given the obviously different methodologies in counting these numbers, it may also work the other way. That is, Google may at first believe it has just turned over the data for, say, 10 of a user’s Google services, only to later realize it has also provided content or ad profile or Google map location data or Google pay.

Whatever it is, it is telling that even Google (!!!) can’t track how many targets FISA collection involves in real time.