Garr King, the judge in Mohamed Osman Mohamud’s case, has refused Mohamud’s demand for broad discovery into the government’s failure to notice him about the Section 702 surveillance they used to bust him.
Before I get into the substance of King’s ruling, take a look at how King dismisses the reporting–almost exclusively from NYT’s Charlie Savage–about how, upon having lied to SCOTUS, Solicitor General Don Verrilli pushed to change DOJ’s policy on notice about Section 702. Here’s King:
Defendant bases his argument, in part, on events concerning Clapper, 133 S. Ct. 1138. The Solicitor General argued to the Court that the government provided notice to defendants when evidence was derived from § 1881a surveillance. Plaintiffs had not received such notice, so the Court ruled plaintiffs had no standing to challenge the constitutionality of the FAA. Id. at 1143, 1148. Newspapers began to speculate about an internal Justice Department debate on providing notice in these circumstances. Defendant received his Supplemental Notification thereafter. [my emphasis]
That is, King dismisses clear evidence of DOJ misconduct by claiming the reporter — Savage — was just speculating.
Prosecutors plan to inform the defendant about the monitoring in the next two weeks, a law enforcement official said. The move comes after an internal Justice Department debate in which Solicitor General Donald B. Verrilli Jr. argued that there was no legal basis for a previous practice of not disclosing links to such surveillance, several Obama administration officials familiar with the deliberations said.
[snip]
In February, the Supreme Court dismissed a case challenging its constitutionality because the plaintiffs, led by Amnesty International, could not prove they had been wiretapped. Mr. Verrilli had told the justices that someone else would have legal standing to trigger review of the program because prosecutors would notify people facing evidence derived from surveillance under the 2008 law.
But it turned out that Mr. Verrilli’s assurances clashed with the practices of national security prosecutors, who had not been alerting such defendants that evidence in their cases had stemmed from wiretapping their conversations without a warrant.
[snip]
Mr. Verrilli sought an explanation from national security lawyers about why they had not flagged the issue when vetting his Supreme Court briefs and helping him practice for the arguments, according to officials.
The national security lawyers explained that it was a misunderstanding, the officials said. Because the rules on wiretapping warrants in foreign intelligence cases are different from the rules in ordinary criminal investigations, they said, the division has long used a narrow understanding of what “derived from” means in terms of when it must disclose specifics to defendants.
While there wasn’t as much as I’d like, the Privacy and Civil Liberties Oversight Board hearing today focused somewhat on the issue of back door searches: which are when NSA searches on US person data on “incidentally” collected data under Section 702 of FISA.
DOJ National Security Director Deputy AAG Brad Wiegmann even suggested we should call them queries, perhaps to obscure all the obvious problems with them as searches under the Fourth Amendment.
The most telling exchange, however, came when PCLOB Board Member Patricia Wald suggested that the FISA Court conduct the same kind of oversight over these backdoor searches that it is now doing pursuant to the changes in Section 215 President Obama made in January. (CSPAN won’t let me embed this yet but here’s a link.) ODNI General Counsel Robert Litt shot that idea down aggressively, stating that is is not practicable.
Patricia Wald: The President required, or, I think he required in his January directive that went to 215 that at least temporarily, the selectors in 215 for questioning the databank of US telephone calls–metadata–had to be approved by the FISA Court. Why wouldn’t a similar requirement for 702 be appropriate in the case where US person indicators are used to search the PRISM database? What big difference do you see there?
Robert Litt: Well, I think from a theoretical perspective it’s the difference between a bulk collection and a targeted collection which is that–
Wald: But I would think that, sorry for interrupting, [cross-chatter] I would think that message since 702 has actually got the content.
Litt: Well, and the second point that I was going to make is that I think the operational burden in the context of 702 would far greater than in the context of 215.
Wald: But that would–
Litt: If you recall, the number of actual telephone numbers as to which a RAS–reasonable articulaable suspcion determination was made under Section 215 was very small. The number of times that we query the 702 database for information is considerably larger. I suspect that the Foreign Intelligence Surveillance Court would be extremely unhappy if they were required to approve every such query.
Wald: I suppose the ultimate question for us is whether or not the inconvenience to the agencies or even the unhappiness of the FISA Court would be the ultimate criteria.
Litt: Well I think it’s more than a question of convenience, I think it’s also a question of practicability.
NSA General Counsel Raj De, who has spent the better part of the last 9 months saying “it’s only metadata” went on to argue that somehow this “targeted” content program (which of course requires no advance review of selectors) is less intrusive than the metadata collection under Section 215.
Make up your damn mind!
To be fair, I suspect one of the issues is that after the Nidal Hasan attack (and this is just a very well educated guess), NSA rolled out a system whereby new communications between a targeted foreigner and an American automatically pulls up all previous communications involving that US person. That would count as a search, even though it would effectively feel like an automatic cross-referencing of all prior communications involving someone talking to a target, even if that is a US person.
Nevertheless, this means that NSA is conducting so many back door searches on US person data that it would be “impracticable” to actually give those searches some kind of review.
No wonder NSA refuses to give numbers on this practice to Ron Wyden.
https://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.png00emptywheelhttps://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.pngemptywheel2014-03-19 18:01:552014-08-03 13:31:24NSA Conducts So Many Back Door Searches on US Persons It Would Be Impracticable to Approve Those Queries
The first panel of an all-day Privacy and Civil Liberties Oversight Board hearing on Section 702 of FISA just finished.
It featured NSA General Counsel Raj De, ODNI General Counsel Robert Litt, Deputy AAG for National Security Brad Weigmann, and FBI General Counsel James Baker.
While there were a number of interesting disclosures — which I’ll get at in the future — the most striking aspect of the hearing was the tooth-pulling effort to get the panel to define the terms they use.
There were a slew of terms defined, among others including “minimization,” “bulk collection,” “PRISM,”
But the most interesting redefinitions were for “purge” and “search.”
After much tooth-pulling, James Dempsey got De to admit that NSA’s definition of the word “search” is different from the one used in the Fourth Amendment. Actually, that may not be entirely true: Sometimes the actual collection of data counts as a search, sometimes only the querying of it does. NSA gets to decide which is which, best as I can tell, in secret or in legal filings where it will serve to deprive someone of standing.
Then there’s “purge,” which I can’t hear anymore without seeing a pink speech bubble and scare quotes surrounding the word. Purge does not mean — as you might expect — “destroy.” Rather, it means only “remove from NSA systems in such a way that it cannot be used.” Which, best as I understand it, means they’re not actually destroying this data.
I do hope EFF figures that out before they argue the protection order for Section 215 today, as on those terms it seems increasingly clear NSA is not complying with the Jewel protection order.
“Purge.” To keep. Somewhere else.
https://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.png00emptywheelhttps://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.pngemptywheel2014-03-19 10:59:112014-03-19 18:43:12Rosencrantz and Guildenstern Visit Pee-Clob
The government claims it does not have a protection order pertaining to the phone dragnet lawsuits because the suits with a protection order pertain only to presidentially-authorized programs.
The declaration made clear, in a number of places, that the plaintiffs challenged activities that occurred under presidential authorization, not under orders of the Foreign Intelligence Surveillance Court (FISC), and that the declaration was therefore limited to describing information collected pursuant to presidential authorization and the retention thereof.
Therefore, the government is challenging the EFF’s effort to get Judge Jeffrey White to reaffirm that the preservation orders in the Multidistrict Litigation and Jewel apply to the phone dragnet.
Fine. I think EFF can and should challenge that claim.
But let’s take the government at its word. Let’s consider what it would obliged to retain under the terms laid out.
The government agrees it was obliged, starting in 2007, to keep the content and metadata dragnets that were carried out exclusively on presidential authorization. Indeed, the declaration from 2007 they submitted describing the material they’ve preserved includes telephone metadata (on tapes) and the queries of metadata, including the identifiers used (see PDF 53). It also claimed it would keep the reports of metadata analysis.
That information is fundamentally at issue in First Unitarian Church, the EFF-litigated challenge to the phone dragnet. That’s true for three reasons.
First, the government makes a big deal of their claim, made in 2007, that the metadata dragnet databases were segregated from other programs. Whether or not that was a credible claim in 2007, we know it was false starting in early 2008, when “for the purposes of analytical efficiency,” a copy of that metadata was moved into the same database with the metadata from all the other programs, including both the Stellar Wind phone dragnet data, and the ongiong phone dragnet information collected under EO 12333.
And given the government’s promise to keep reports of metadata analysis, from that point until sometime several years later, it would be obliged to keep all phone dragnet analysis reports involving Americans. That’s because — as is made clear from this Memorandum of Understanding issued sometime after March 2, 2009 — the analysts had no way of identifying the source of the data they were analyzing. The MOU makes clear that analysts were performing queries on data including “SIGINT” (EO 12333 collected data), [redacted] — which is almost certainly Stellar Wind, BRFISA, and PR/TT. So to the extent that any metadata report didn’t have a clear time delimited way of identifying where the data came from, the NSA could not know whether a query report came from data collected solely pursuant to presidential authorization or FISC order. (The NSA changed this sometime during or before 2011, and now metadata all includes XML tags showing its source; though much of it is redundant and so may have been collected in more than one program, and analysts are coached to re-run queries to produce them under EO 12333 authority, if possible.)
Finally, the real problem for the NSA is that the data “alerted” illegally up until 2009 — including the 3,000 US persons watchlisted without undergoing the legally required First Amendment review — was done so precisely because when NSA merged its the phone dragnet data with the data collected under Presidential authorization — either under Stellar Wind or EO 12333 — it applied the rules applying to the presidentially-authorized data, not the FISC-authorized data. We know that the NSA broke the law up until about 5 years ago. We know the data from that period — the data that is under consideration for being aged off now — broke the law precisely because of the way the NSA mixed EO 12333 and FISC regulations and data.
The NSA’s declarations on document preservation — not to mention the declarations about the dragnets more generally — don’t talk about how the EO 12333 data gets dumped in with and mixed up with the FISC-authorized data. That’s NSA’s own fault (and if I were Judge White it would raise real questions for me about the candor of the declarants).
But since the government agreed to preserve the data collected pursuant to presidential authorization without modification (without, say, limiting it to the Stellar Wind data), that means they agreed to preserve the EO 12333 collected data and its poisonous fruit which would just be aging off now.
I will show in a follow-up post why that data should be utterly critical, specifically as it pertains to the First Unitarian Church suit.
But suffice it to say, for now, that the government’s claim that it is only obliged to retain the US person data collected pursuant to Presidential authorization doesn’t help it much, because it means it has promised to retain all the data on Americans collected under EO 12333 and queries derived from it.
https://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.png00emptywheelhttps://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.pngemptywheel2014-03-18 10:22:352014-03-18 10:34:32The Government Has a Festering EO 12333 Problem In Jewel/First Unitarian
Over the course of the opinion — which denies a warrant for three entire months of emails, plus account information and correspondence with Apple for a criminal investigation into Defense Contractor kickbacks — Facciola lays out what, over the last 6 months he has found to be a problem with DOJ’s search and seizure guidelines.
In the Matter of the Search of Information Associated with [redacted] Stored at Premises Controlled by Yahoo! (13-MJ-728; September 25, 2013) in which Facciola ordered the government to return data not within the scope of the request to Yahoo
In the Matter of an Order Authorizing Disclosure of Historical Cell Cite Location (13-MC-199, 13-MC-1005, and 13-MC-1006; October 31, 2013) in which Facciola warned the government he would reject future warrant applications because of “generic and inaccurate boilerplate language”
In the Matter of the Search of Information Associated with the Facebook Account Identified by the Username Aaron Alexis (13-MJ-742; November 26, 2013) in which Facciola objected to government’s two-step procedure to search the Navy Yard shooter’s to get all of Alexis’ email
In [redacted}@Mac.com (14-MC-228; this case) in which the government listed a bunch of email data to be “disclosed by Apple” but then laid out the authority to “seize” (implicitly all) the underlying emails
Here’s how Facciola describes what is common to all these warrant applications.
In essence, the applications ask for the entire universe of information tied to a particular account, even if it has established probable cause only for certain information.
He goes on to describe that the government uses essentially the same argument it uses in its NSA dragnets to claim that seizing all the phone records from a company don’t count as seizing them.
Any search of an electronic source has the potential to unearth tens or hundreds of thousands of individual documents, pictures, movies, or other constitutionally protected content. It is thus imperative that the government “describe the items to be seized with as much specificity as the government’s knowledge and circumstances allow.” United States v. Leary, 846 F.2d 592, 600 (10th Cir. 1988).
Here, the government has adequately described the “items to be seized”—but it has done so in the wrong part of the warrant and in a manner that will cause an unconstitutional seizure. By abusing the two-step procedure under Rule 41, the government is asking Apple to disclose the entirety of three months’ worth of e-mails and other e-mail account information. See Application at 14-15. Yet, on the very next page, it explains that it will only “seize” specific items related to its criminal investigation; it goes so far as to name specific individuals and companies that, if mentioned in an e-mail, would make that e-mail eligible to be seized. Id. at 15. Thus, the government has shown that it can “describe the items to be seized with [] much specificity”; it has simply chosen not to by pretending that it is not actually “seizing” the information when Apple discloses it. See Facebook Opinion [#5] at 9-10 (“By distinguishing between the two categories, the government is admitting that it does not have probable cause for all of the data that Facebook would disclose; otherwise, it would be able to ‘seize’ everything that is given to it.”).
As this Court has previously noted, any material that is turned over to the government is unquestionably “seized” within the meaning of the Fourth Amendment. See Brower v. Cnty. of Inyo, 489 U.S. 593, 596 (1989) (noting that a “seizure” occurs when an object is intentionally detained or taken). The two-step procedure of Rule 41 cannot be used in situations like the current matter to bypass this constitutional reality because the data is seized by the government as soon as it is turned over by Apple.
[snip]
What the government proposes is that this Court issue a general warrant that would allow a “general, exploratory rummaging in a person’s belongings”—in this case an individual’s e-mail account. Coolidge, 403 U.S. at 467. This Court declines to do so.
This opinion will likely result only in DOJ submitting a new application. It’ll clean up its ways or submit applications in other districts to avoid Facciola. This opinion, by a Magistrate, certainly won’t establish the principle that as soon as DOJ obtains data, it has seized it under the Fourth Amendment.
Still, given how centrally this claim that seizures don’t equal seizures, perhaps the obvious logic of Facciola’s stance will encourage other judges to stop twisting the normal meaning of seize to be solicitous to government demands.
https://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.png00emptywheelhttps://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.pngemptywheel2014-03-17 14:49:492014-03-17 15:21:33Magistrate Judge Targets DOJ’s Search ≠ Seizure Theory
Shane Harris has a report on the government’s odd behavior in regards to preserving the phone dragnet data in light of the suits challenging its legality.
It’s surprising on three counts. First, because he claims the legal back and forth has not previously been reported.
Now, that database will include phone records that are older than five years — not exactly the outcome that critics of the NSA program were hoping for. A dramatic series of legal maneuvers, which have not been previously reported, led the outcome.
It’s surprising not just because the “legal maneuvers” have in fact been reported before (though not the detail that James Cole got involved, though it’s not yet clear how his involvement affected the actual legal maneuvers rather than the internal DOJ communication issues). But also because Harris neglects to mention key details of those legal maneuvers — notably that EFF reminded DOJ, starting on February 26, that it had preservation orders that should affect the dragnet data, reminders which DOJ stalled and then ignored.
Harris’ piece is also surprising because of the implicit suggestion that NSA hasn’t been aging off data regularly, as it is supposed to be.
A U.S. official familiar with the legal process said the question about what to do with the phone records needn’t have been handled at practically the last minute. “The government was coming up on a five-year deadline to delete the data. Lawsuits were pending. The Justice Department could have approached the FISC months ago to resolve this,” the official said, referring to the Foreign Intelligence Surveillance Court.
There should be no “deadline” here — aside from the daily “deadline” that should automatically age off the five year old data. Now, the WSJ had previously reported that that’s not actually how age-off works.
As the NSA program currently works, the database holds about five years of data, according to officials and some declassified court opinions. About twice a year, any call record more than five years old is purged from the system, officials said.
But even assuming NSA only ages off data twice a year (in which case they should stop claiming they only “keep” data for 5 years because they already keep some of it for 5 1/2 years), most of these suits are well older than 6 months old, predating what might have been an August age-off, which means unless NSA already deviated from its normal pattern, it deleted data relevant to the suits.
By far the most surprising detail in Harris’ story, however, is this response from former DOJ National Security Division Counsel Carrie Cordero to the news that Deputy Attorney General James Cole has gotten involved. This is, Cordero claims, “uncharted territory.”
“This is all uncharted territory,” said Carrie Cordero, a former senior Justice Department official who recently served as the counsel to the head of the National Security Division. “Given the complexity and the novelty of this chain of events, it’s a good thing that the deputy attorney general is personally engaged, and it demonstrates the significant attention that they’re giving to it.”
To be more specific about Cordero’s work history, from 2007 to 2011, she was deeply involved in FISA-related issues, first at ODNI and then at DOJ’s NSD.
In 2009, I served as Counsel to the Assistant Attorney General for National Security at the Unit ed States Department of Justice, where I co – chaired an interagency group created by the Director of National Intelligence (DNI) to improve FISA processes. From 2007 – 2009, I served in a joint duty capacity as a Senior Associate General Counsel at the Office of the Director of National Intelligence, where I worked behind the scenes on matters relating to the legislative efforts that resulted in the FISA Amendments Act of 2008.
Given her position in the thick of FISA-related issues, one would think she was at least aware of the protection order Vaughn Walker issued on November 6, 2007 ordering the preservation of evidence, up to and including “tangible things,” in the multidistrict litigation issues pertaining to the dragnet.
[T]he court reminds all parties of their duty to preserve evidence that may be relevant to this action. The duty extends to documents, data and tangible things in the possession, custody and control of the parties to this action,
And Cordero presumably should be aware that Walker renewed the same order on November 13, 2009, extending it to cover the Jewel suit, which had an ongoing focus.
Cordero is presumably aware of two other details. First, there should be absolutely no dispute that the phone dragnet was covered by these suits. That’s because at least as early as May 25, 2007 (and again in a declaration submitted October 2009), Keith Alexander included the phone dragnet among the things he considered related to the EFF and other suits over which he claimed state secrets.
In particular, disclosure of the NSA’s ability to utilize the TSP (or, therefore, the current FISA Court-authorized content collection) in conjunction with contact chaining [redacted–probably relating to data mining] would severely undermine efforts to detect terrorist activities.
[snip]
To the extent that the NSA’s bulk collection and targeted analysis of communication meta data may be at issue in this case, those activities–as described in paragraphs 27 and 28 above–must also be protected from disclosure.
In paragraphs 27 and 28 and the following paragraphs, Alexander named the FISC Pen Register and Telephone Records Orders by name.
Thus, as far back as 2007, the NSA acknowledged that it used its content collection in conjunction with its metadata dragnets, including data obtained pursuant to the FISA dragnet orders.
https://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.png00emptywheelhttps://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.pngemptywheel2014-03-17 12:34:582014-04-04 12:33:08The Clear Precedent for Carrie Cordero’s “Uncharted Territory” of Destruction of Evidence
https://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.png00emptywheelhttps://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.pngemptywheel2014-03-17 11:10:482014-03-17 12:36:22The Clear Precedent for Carrie Cordero’s “Uncharted Territory” of Destruction of Evidence
As a number of stories reported last week, two of Dzhokhar Tsarnaev’s college buddies charged with obstruction lost their bid to get the prosecution to turn over texts Dzhokhar sent. The AP has the most detailed account:
The defense requested all communications between Tsarnaev and the three men, as well as all communications between Tsarnaev and other people.
[snip]
Robert Stahl, [Dias] Kadyrbayev’s lawyer, said prosecutors told defense attorneys that Tsarnaev destroyed his cellphone before his arrest. Stahl said that in other cases he’s had, some text messages have been retrieved from cellphones through a service provider. He asked Judge Douglas Woodlock to ask prosecutors to seek those text messages and turn them over to the defense.
Assistant U.S. Attorney Stephanie Siegmann said prosecutors have already given the defense text messages between Tsarnaev and the three friends taken from the cellphones of the friends.
“I believe the messages we’ve given them are all we could get,” Siegmann told the judge.
Woodlock said the defense was not entitled to get text messages between Tsarnaev and anyone else because they would not be relevant to the defendants’ cases.
The BoGlo describes the dispute slightly differently, suggesting the defense asked for texts involving the defendants, with the prosecution responding they had provided the texts between Tsarnaev and the defendants.
He asked Woodlock to ask prosecutors to seek any text messages involving the defendants and turn them over to the defense.
Siegmann said prosecutors have already given the defense text messages between Tsarnaev and the three friends taken from the cellphones of the friends.
Which would be rather interesting given the way NSA collects communications about people (though it’s unclear how quickly an emergency collection can be collected).
Here’s ABC on that dispute. Reuters and Boston Herald focused on other disputes, including that witnesses gave a statement and/or were videotaped by cops, but that this was suppressed.
Before getting too far into these competing claims (at least as presented without a transcript, which I’ll take a look at down the road), let me take a step back.
The docket in this case, like Dzhokhar’s docket, has a bunch of gaps which presumably reflect sealed filings. Part of that involves the protective order in this case, though it (plus a presumed sealed motion “taken under advisement” is referenced in the minutes for an October hearing).
According to a schedule set on January 15, defendants were supposed to submit motions to compel discovery by February 28. But on some date (the official file date is March 3, which can’t be right), defendants filed to extend the deadline to March 1, in part because of new discovery that week. The defense submitted their motion to compel on March 3, the prosecution responded on March 7; both those filings are still sealed. The hearing was on March 10. So it’s possible that some of these issues, including the question of what texts are accessible to prosecutors in a case related to the Boston Marathon attack, just came up in the last several weeks.
So.
In response to a defense demand that — in a case where the key physical evidence (the computer and firecracker casings Dzhokhar’s friends are accused of throwing away) yielded no DNA or fingerprint evidence, where Dzhokhar is accused of destroying his phone within a day of the time he texted his friends suggesting they “take” what they want — the defense get the other texts Dzhokhar may have sent during this period, the prosecution did not, apparently make the argument the judge ultimately adopted, that these texts weren’t relevant. Rather, AUSA Stephanie Siegmann seems to have suggested that the government had no ability to get any other texts.
Not only would that suggest Dzhokhar managed to destroy his cell phone in precisely the sweet spot between the time the cops admit to having IDed them (assuming that claim is credible) and when he lost the physical ability to do so as he bled out in the boat in Watertown. (Remember, according to some narratives he was using it during the car chase the night before.) But it would also suggest the NSA has no ability to get text messages from providers once a cell phone has been destroyed (nor was able to get the receiving end of those text messages based on the metadata of the texts).
Golly. It’s as if no dragnet exists, even in spite of NSA claims they used that very same dragnet to gain “peace of mind” after the attack.
We won’t learn any more of this claim unless and until the defense appeals this decision.
But FBI’s claimed inability to access Dzhokhar’s text messages in this case does seem remarkable.
https://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.png00emptywheelhttps://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.pngemptywheel2014-03-16 14:54:202014-04-13 22:07:40In Tsarnaev-Related Case, DOJ Suggests There Is No Dragnet
Yesterday, the Senate Armed Services Committee held a hearing for Vice Admiral Mike Rogers to serve as head of Cyber Command (see this story from Spencer about how Rogers’ confirmation as Cyber Command chief serves as proxy for his role as Director of National Security Agency because the latter does not require Senate approval).
Many of the questions were about Cyber Command (which was, after all, the topic of the hearing), but a few Senators asked questions about the dragnet that affects us all.
In one of those exchanges — with Mark Udall — Rogers made it clear that he intends to continue to hide the answers to very basic questions about how NSA conducts warrantless surveillance of Americans, such as whether the NSA conducts back door searches on American people.
Udall: If I might, in looking ahead, I want to turn to the 702 program and ask a policy question about the authorities under Section 702 that’s written into the FISA Amendments Act. The Committee asked your understanding of the legal rationale for NASA [sic] to search through data acquired under Section 702 using US person identifiers without probable cause. You replied the NASA–the NSA’s court approved procedures only permit searches of this lawfully acquired data using US person identifiers for valid foreign intelligence purposes and under the oversight of the Justice Department and the DNI. The statute’s written to anticipate the incidental collection of Americans’ communications in the course of collecting the communications of foreigners reasonably believed to be located overseas. But the focus of that collection is clearly intended to be foreigners’ communications, not Americans. But declassified court documents show that in 2011 the NSA sought and obtained the authority to go through communications collected under Section 702 and conduct warrantless searches for the communications of specific Americans. Now, my question is simple. Have any of those searches been conducted?
Rogers: I apologize Sir, I’m not in a position to answer that as the nominee.
Udall: You–yes.
Rogers: But if you would like me to come back to you in the future if confirmed to be able to specifically address that question I will be glad to do so, Sir.
Udall: Let me follow up on that. You may recall that Director Clapper was asked this question in a hearing earlier this year and he didn’t believe that an open forum was the appropriate setting in which to discuss these issues. The problem that I have, Senator Wyden’s had, and others is that we’ve tried in various ways to get an unclassified answer — simple answer, yes or no — to the question. We want to have an answer because it relates — the answer does — to Americans’ privacy. Can you commit to answering the question before the Committee votes on your nomination?
Rogers: Sir, I believe that one of my challenges as the Director, if confirmed, is how do we engage the American people — and by extension their representatives — in a dialogue in which they have a level of comfort as to what we are doing and why. That is no insignificant challenge for those of us with an intelligence background, to be honest. But I believe that one of the takeaways from the situation over the last few months has been as an intelligence professional, as a senior intelligence leader, I have to be capable of communicating in a way that we are doing and why to the greatest extent possible. That perhaps the compromise is, if it comes to the how we do things, and the specifics, those are perhaps best addressed in classified sessions, but that one of my challenges is I have to be able to speak in broad terms in a way that most people can understand. And I look forward to that challenge.
Udall: I’m going to continue asking that question and I look forward to working with you to rebuild the confidence. [my emphasis]
The answer to the question Rogers refused to answer is clearly yes. We know that’s true because the answer is always yes when Wyden, and now Udall, ask such questions.
But we also know the answer is yes because declassified parts of last August’s Semiannual Section 702 Compliance Report state clearly that oversight teams have reviewed the use of this provision, which means there’s something to review.
As reported in the last semiannual assessment, NSA minimization procedures now permit NSA to query its databases containing telephony and non-upstream electronic communications using United States person identifiers in a manner designed to find foreign intelligence information. Similarly, CIA’s minimization procedures have been modified to make explicit that CIA may also query its databases using United States person identifiers to yield foreign intelligence information. As discussed above in the descriptions of the joint oversight team’s efforts at each agency, the joint oversight team conducts reviews of each agency’s use of its ability to query using United States person identifiers. To date, this review has not identified any incidents of noncompliance with respect to the use of United States person identifiers; as discussed in Section 4, the agencies’ internal oversight programs have, however, identified isolated instances in which Section 702 queries were inadvertently conducted using United States person identifiers. [my emphasis]
It even obliquely suggests there have been “inadvertent” violations, though this seems to entail back door searches on US person identifiers without realizing they were US person identifiers, not violations of the procedures for using back door searches on identifiers known to be US person identifiers.
Still, it is an unclassified fact that NSA uses these back door searches.
Yet the nominee to head the NSA refuses to answer a question on whether or not NSA uses these back door searches.
And it’s not just in response to this very basic question that Rogers channeled the dishonest approach of James Clapper and Keith Alexander.
As Udall alluded, at the end of a long series of questions about Cyber Command, the committee asked a series of questions about back door searches and other dragnet issues. They asked (see pages 42-43):
Whether NSA can conduct back door searches on data acquired under EO 12333 and if so under what legal rationale
Whether NSA can conduct back door searches on data acquired pursuant to traditional FISA and if so under what legal rationale
What the legal rationale is for back door searches on data acquired under FISA Amendments Act
What the legal rationale is for searches on the Section 215 query results in the “corporate store”
I believe every single one of Rogers’ answers — save perhaps the question on traditional FISA — involves some level of obfuscation. (See this post for further background on what NSA’s Raj De and ODNI’s Robert Litt have admitted about back door searches.)
Consider his answer on searches of the “corporate store” as one example.
What is your understanding of the legal rationale for searching through the “Corporate Store” of metadata acquired under section 215 using U.S. Persons identifiers for foreign intelligence purposes?
The section 215 program is specifically authorized by orders issued by the Foreign Intelligence Surveillance Court pursuant to relevant statutory requirements. (Note: the legality of the program has been reviewed and approved by more than a dozen FISC judges on over 35 occasions since 2006.) As further required by statute, the program is also governed by minimization procedures adopted by the Attorney General an d approved by the FISC. Those orders, and the accompanying minimization procedures, require that searches of data under the program may only be performed when there is a Reasonable Articulable Suspicion that the identifier to be queried is associated with a terrorist organization specified in the Court’s order.
Remember, not only do declassified Primary Orders make it clear NSA doesn’t need Reasonable Articulable Suspicion to search the corporate store, but PCLOB has explained the possible breadth of “corporate store” searches plainly.
According to the FISA court’s orders, records that have been moved into the corporate store may be searched by authorized personnel “for valid foreign intelligence purposes, without the requirement that those searches use only RAS-approved selection terms.”71 Analysts therefore can query the records in the corporate store with terms that are not reasonably suspected of association with terrorism. They also are permitted to analyze records in the corporate store through means other than individual contact-chaining queries that begin with a single selection term: because the records in the corporate store all stem from RAS-approved queries, the agency is allowed to apply other analytic methods and techniques to the query results.72 For instance, such calling records may be integrated with data acquired under other authorities for further analysis. The FISA court’s orders expressly state that the NSA may apply “the full range” of signals intelligence analytic tradecraft to the calling records that are responsive to a query, which includes every record in the corporate store.73
There is no debate over whether NSA can conduct back door searches in the “corporate store” because both FISC and PCLOB say they can.
Which is probably why SASC did not ask whether this was possible — it is an unclassified fact that it is — but rather what the legal rationale for doing so is.
And Rogers chose to answer this way:
By asserting that the phone dragnet must comply with statutory requirements
By repeating tired boilerplate about how many judges have approved this program (ignoring that almost all of these approvals came before FISC wrote its first legal opinion on the program)
By pointing to AG-approved minimization procedures (note–it’s not actually clear that NSA’s — as distinct from FBI’s — dragnet specific procedures are AG-approved, though the more general USSID 18 ones are)
By claiming FISA orders and minimization procedures “require that searches of data under the program may only be performed when there is a Reasonable Articulable Suspicion that the identifier to be queried is associated with a terrorist organization”
The last part of this answer is either downright ignorant (though I find that unlikely given how closely nominee responses get vetted) or plainly non-responsive. The question was not about queries of the dragnet itself — the “collection store” of all the data. The question was about the “corporate store” — the database of query results based off those RAS approved identifiers. And, as I said, there is no dispute that searches of the corporate store do not require RAS approval. In fact, the FISC orders Rogers points to say as much explicitly.
And yet the man Obama has picked to replace Keith Alexander, who has so badly discredited the Agency with his parade of lies, refused to answer that question directly. Much less explain the legal rationale used to conduct RAS-free searches on phone query results showing 3rd degree connections to someone who might have ties to terrorist groups, which is what the question was.
Which, I suppose, tells us all we need to know about whether anyone plans to improve the credibility or transparency of the NSA.
https://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.png00emptywheelhttps://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.pngemptywheel2014-03-12 12:08:302014-04-01 14:26:28In Nomination Hearing, DIRNSA Nominee Mike Rogers Continues James Clapper and Keith Alexander’s Obfuscation about Back Door Searches
In a piece at MoJo, David Corn argues the Senate Intelligence Committee – CIA fight has grown into a Constitutional crisis.
What Feinstein didn’t say—but it’s surely implied—is that without effective monitoring, secret government cannot be justified in a democracy. This is indeed a defining moment. It’s a big deal for President Barack Obama, who, as is often noted in these situations, once upon a time taught constitutional law. Feinstein has ripped open a scab to reveal a deep wound that has been festering for decades. The president needs to respond in a way that demonstrates he is serious about making the system work and restoring faith in the oversight of the intelligence establishment. This is more than a spies-versus-pols DC turf battle. It is a constitutional crisis.
I absolutely agree those are the stakes. But I’m not sure the crisis stems from Feinstein “going nuclear” on the floor of the Senate today. Rather, I think whether Feinstein recognized it or not, we had already reached that crisis point, and John Brennan simply figured he had prepared adequately to face and win that crisis.
Which is why I disagree with the assessment of Feinstein’s available options as laid out by Shane Harris and John Hudson in FP.
If she chooses to play hardball, Feinstein can make the tenure of CIA Director John Brennan a living nightmare. From her perch on the intelligence committee, she could drag top spies before the panel for months on end. She could place holds on White House nominees to key agency positions. She could launch a broader investigation into the CIA’s relations with Congress and she could hit the agency where it really hurts: its pocketbook. One of the senator’s other committee assignments is the Senate Appropriations Committee, which allocates funds to Langley.
Take these suggestions one by one: Feinstein can only “drag top spies” before Congress if she is able to wield subpoena power. Not only won’t her counterpart, Saxby Chambliss (who generally sides with the CIA in this dispute) go along with that, but recent legal battles have largely gutted Congress’ subpoena power.
Feinstein can place a hold on CIA-related nominees. There’s even one before the Senate right now, CIA General Counsel nominee Caroline Krass, though Feinstein’s own committee just voted Krass out of Committee, where Feinstein could have wielded her power as Chair to bottle Krass up. In the Senate, given the new filibuster rules, Feinstein would have to get a lot of cooperation from her Democratic colleagues to impose any hold if ever she lost Senate Majority Leader Harry Reid’s support (though she seems to have that so far).
But with Krass, what’s the point? So long as Krass remains unconfirmed, Robert Eatinger — the guy who ratcheted up this fight in the first place by referring Feinstein’s staffers for criminal investigation — will remain Acting General Counsel. So in fact, Feinstein has real reason to rush the one active CIA nomination through, if only to diminish Eatinger’s relative power.
Feinstein could launch a broader investigation into the CIA’s relations with Congress. But that would again require either subpoenas (and the willingness of DOJ to enforce them, which is not at all clear she’d have) or cooperation.
Or Feinstein could cut CIA’s funding. But on Appropriations, she’ll need Barb Mikulski’s cooperation, and Mikulski has been one of the more lukewarm Democrats on this issue. (And all that’s assuming you’re only targeting CIA; as soon as you target Mikulski’s constituent agency, NSA, Maryland’s Senator would likely ditch Feinstein in a second.)
Then FP turns to DOJ’s potential role in this dispute.
The Justice Department is reportedly looking into whether the CIA inappropriately monitored congressional staff, as well as whether those staff inappropriately accessed documents that lay behind a firewall that segregated classified information that the CIA hadn’t yet cleared for release. And according to reports, the FBI has opened an investigation into committee staff who removed classified documents from the CIA facility and brought them back to the committee’s offices on Capitol Hill.
Even ignoring all the petty cover-ups DOJ engages in for intelligence agencies on a routine basis (DEA at least as much as CIA), DOJ has twice done CIA’s bidding on major scale on the torture issue in recent years. First when John Durham declined to prosecute both the torturers and Jose Rodriguez for destroying evidence of torture. And then when Pat Fitzgerald delivered John Kiriakou’s head on a platter for CIA because Kiriakou and the Gitmo detainee lawyers attempted to learn the identities of those who tortured.
There’s no reason to believe this DOJ will depart from its recent solicitous ways in covering up torture. Jim Comey admittedly might conduct an honest investigation, but he’s no longer a US Attorney and he needs someone at DOJ to actually prosecute anyone, especially if that person is a public official.
Implicitly, Feinstein and her colleagues could channel Mike Gravel and read the 6,000 page report into the Senate record. But one of CIA’s goals is to ensure that if the Report ever does come out, it has no claim to objectivity. Especially if the Democrats release the Report without the consent of Susan Collins, it will be child’s play for Brennan to spin the Report as one more version of what happened, no more valid than Jose Rodriguez’ version.
And all this assumes Democrats retain control of the Senate. That’s an uphill battle in any case. But CIA has many ways to influence events. Even assuming CIA would never encourage false flags attacks or leak compromising information about Democrats, the Agency can ratchet up the fear mongering and call Democrats weak on security. That always works and it ought to be worth a Senate seat or three.
If Democrats lose the Senate, you can be sure that newly ascendant Senate Intelligence Chair Richard Burr would be all too happy to bury the Torture Report, just for starters. Earlier today, after all, he scolded Feinstein for airing this fight.
“I personally don’t believe that anything that goes on in the intelligence committee should ever be discussed publicly,”
Burr’s a guy who has joked about waterboarding in the past. Burying the Torture Report would be just the start of things, I fear.
And then, finally, there’s the President, whose spokesperson affirmed the President’s support for his CIA Director and who doesn’t need any Democrats help to win another election. As Brennan said earlier today, Obama “is the one who can ask me to stay or to go.” And I suspect Brennan has confidence that Obama won’t do that.
Which brings me to my comment above, on AJE, that Brennan knows where the literal bodies are buried.
I meant that very, very literally.
Not only does Brennan know firsthand that JSOC attempted to kill Anwar al-Awlaki on December 24, 2009, solely on the President’s authority, before the FBI considered him to be operational. But he also knows that the evidence against Awlaki was far dodgier than it should have been before the President authorized the unilateral execution of an American citizen.
Worse still, Feinstein not only okayed that killing, either before or just as it happened. But even the SSCI dissidents Ron Wyden, Mark Udall, and Martin Heinrich declared the Awlaki killing “a legitimate use of the authority granted the President” in November.
I do think there are ways the (Legislative) Democrats might win this fight. But they’re not well situated in the least, even assuming they’re willing and able to match Brennan’s bureaucratic maneuvering.
Again, I don’t blame Feinstein for precipitating this fight. We were all already in it, and she has only now come around to it.
I just hope she and her colleagues realize how well prepared Brennan is to fight it in time to wage an adequate battle.
https://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.png00emptywheelhttps://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.pngemptywheel2014-03-11 21:44:582014-03-11 23:36:32Where the Bodies Are Buried: A Constitutional Crisis Feinstein Better Be Ready To Win
