What Michael Flynn’s DIA Imputes to Facts We Know

/16 Comments/in , , /by

Before I point to reasons why we should exercise some caution before we believe a DIA report claiming that Edward Snowden’s entire leak was orchestrated by the Russians, let me lay out the following.

First. until such time as we see evidence that the reported documents somehow inordinately benefit Russia (and/or see evidence that our cooperation with Russia isn’t increasing during the period of Snowden’s asylum there), I’m not much interested in the question. I’m still so busy — both between Snowden document reports and documents declassified in response to FOIAs in a false show of transparency — reading about programs Americans should have known, that I don’t have time or interest in this manufactured sideshow.

Second, I don’t know what Snowden’s relationship with Russia is (and suspect 99% of the people commenting don’t either). The claims Mike Rogers, in particular, made on Sunday are full of Clown Show logic problems, some of which Snowden debunked in a limited rebuttal in an interview with Jane Mayer. Some accusers and defenders are conflating what happened while Snowden was working at NSA and what happened after Snowden got stuck in Moscow. All that said, while we have no evidence of cooperation now, I fully expect Vlaidimir Putin tried all he could to get as much out of Snowden as he could.

I don’t know.

What I do know is that DIA under General Michael Flynn’s leadership seems to be developing a pattern of leaking sensational intelligence conclusions based on apparently bad logic at politically opportune moments.

The accusations against Snowden are from a DIA report that DIA’s Director, Michael Flynn, organized.

The Defense Department report was conducted by the Defense Intelligence Agency in coordination with other intelligence agencies across the government, according to two sources familiar with its findings. A spokesperson for the DIA said Lt. Gen. Michael Flynn, the agency’s director, organized a task force “to assess the potential impact to the Department of Defense from the compromise of this information.” But the spokesman did not say what, if any, conclusions the task force had reached about actual damage caused by documents Snowden took, regardless of whether they’ve been disclosed or not.

Admittedly, the conclusions of it got leaked with apparent White House permission. But it got leaked in the worst manner of Obama Administration asymmetric leaking, which have a history of being rather partial and politically self-serving.

Moreover, the entire orchestrated leak feels a lot like the “leak” last year — during heightened tensions between North and South Korea — of DIA’s conclusion that North Korea had the capability of launching a nuclear weapon on a ballistic missile. Republican Congressman Doug Lamborn, protected by Speech and Debate, revealed a detail that “accidentally” wasn’t redacted in a larger declassified finding. The “leak” fed a lot of fearmongering even as the Obama Administration was trying to temper responses.

A week after the initial leak, James Clapper and Flynn happened to testify before the Senate Armed Services Committee (the entire clip is worthwhile, but the particularly important parts start after 4:00). And in response to some Ted Cruz questions about North Korea, both Clapper and Flynn made it clear that the reason DIA had come to different conclusions than the rest of the Intelligence Community was because of the assumptions it had made. This inflammatory finding arose because of “a difference in how we judge assumptions,” Flynn explained. Clapper (who had spent a week trying to batten down the alarmism) said the debate arose from the “facts we know versus what we impute to those facts.”

That is, DIA had imputed conclusions to facts other agencies hadn’t.

According to its Director, DIA has a difference in how it judges assumptions from other intelligence agencies. And in this case, those who have read the DIA report appear to be repeating allegations remarkably divorced from any evidence, relying on wacky theories rather than real evidence.

Michael Flynn seems to be making a habit of this kind of analysis.

Third Party Booz(e)

/11 Comments/in /by

In Volokh Conspiracy’s new digs at the WaPo, former DHS Assistant Secretary Stewart Baker pushes back on Georgetown Professor Randy Barnett’s call to end the Third Party doctrine in truly remarkable terms.

Randy’s solution to that problem is to overrule a line of Supreme Court cases (Smith v. Maryland) holding that no one has a reasonable expectation of privacy in information they’ve disclosed to a third party. With Smith v. Maryland set aside, the government would need a search warrant to see the metadata.

Overruling Supreme Court precedent is a law professor’s prerogative, but the rest of us don’t have to go along. And in fact the Smith v. Maryland doctrine makes sense, especially compared to Randy’s solution. We all learned no later than the third grade that secrets shared with another are not really secrets. They can be revealed at times and in ways we never expected. It hurts, but it’s a fact of life.

Randy’s solution is a fiction; he wants the courts to deny the facts of life and pretend that we still control information we willingly gave away. [my emphasis]

“We all learned no later than the third grade,” this Snowden critic says, “that secrets shared with another are not really secrets.”

Such secrets “can be revealed at times and in ways we never expected,” Baker warns.

“The facts of life,” prove that we do not “still control information we willingly gave away.”

Baker argues that the Third Party doctrine arises not as a matter of law, but as a matter of fact, the facts of life, that no entity that shares information with another entity can claim that information is secret.

The NSA, of course, willingly gives away information all the time. Huge chunks of that data go to Booz Allen Hamilton, the contractor Snowden worked for. Equally large chunks go to GCHQ. Chunks of that data go to Lockheed and SAIC and a slew of other contractors.

According to Stewart Baker’s facts of life, the NSA has no business expecting this data to remain secret. None. Believing such data is secret defies common third grade logic and the facts of life.

Now that a big defender of the NSA has made the case that the NSA, too, is subject to the Third Party doctrine, perhaps we can move forward on giving the Third Grade treatment to all of their secret programs so we can debate them like adults?

Apparently, US Officials Can’t Get Verizon on the Line

/4 Comments/in /by

The WaPo has a story quoting anonymous US officials warning that it will be impossible to meet President Obama’s direction to find a solution for the phone dragnet by March 28. (Note, this is a circumstance where WaPo really ought to provide a bit more description of who these anonymous sources are, particularly given the likelihood that 1) certain Congressional sources can be expected to sabotage any plan and 2) certain contractors can be expected to try to profit off any changes.)

But I couldn’t get beyond this line without laughing:

No meeting has been scheduled between government officials and the phone companies to discuss the issue, and no decision has been made about approaching the companies to further discuss the possibility of them holding the records.

In a story claiming there are real obstacles to making this move, WaPo reports that no one has talked to Verizon and the other telecoms, nor have they even decided whether to talk to them about holding the records.

That is, one excuse cited by these anonymous and potentially self-interested people is that they have not yet gotten Verizon on the line.

As if establishing communication with a telecom that is supplying “substantially all” of their metadata on a daily basis would be prohibitively difficult.

At least that’s the story they’re telling, behind the veil of anonymity.

FISA Warranted Targets and the Phone Dragnet

/3 Comments/in , /by

The identifiers (such as phone numbers) of people or facilities for which a FISA judge has approved a warrant can be used as identifiers in the phone dragnet without further review by NSA.

From a legal standpoint, this makes a lot of sense. The standard to be a phone dragnet identifier is just Reasonable Articulable Suspicion of some tie to terrorism — basically a digital stop-and-frisk. The standard for a warrant is probable cause that the target is an agent of a foreign government — and in the terrorism context, that US persons are preparing for terrorism. So of course RAS already exists for FISC targets.

So starting with the second order and continuing since, FISC’s primary orders include language approving the use of such targets as identifiers (see ¶E starting on page 8-9).

But there are several interesting details that come out of that.

Finding the Americans talking with people tapped under traditional FISA

First, consider what it says about FISC taps. The NSA is already getting all the content from that targeted phone number (along with any metadata that comes with that collection). But NSA may, in addition, find cause to run dragnet queries on the same number.

In its End-to-End report submission to Reggie Walton to justify the phone dragnet, NSA claimed it needed to do so to identify all parties in a conversation.

Collections pursuant to Title I of FISA, for example, do not provide NSA with information sufficient to perform multi-tiered contact chaining [redacted]Id. at 8. NSA’s signals intelligence (SIGINT) collection, because it focuses strictly on the foreign end of communications, provides only limited information to identify possible terrorist connections emanating from within the United States. Id. For telephone calls, signaling information includes the number being called (which is necessary to complete the call) and often does not include the number from which the call is made. Id. at 8-9. Calls originating inside the United States and collected overseas, therefore, often do not identify the caller’s telephone number. Id. Without this information, NSA analysts cannot identify U.S. telephone numbers or, more generally, even determine that calls originated inside the United States.

This is the same historically suspect Khalid al-Midhar claim, one they repeat later in the passage.

The language at the end of that passage emphasizing the importance of determining which calls come from the US alludes to the indexing function NSA Signals Intelligence Division Director Theresa Shea discussed before — a quick way for the NSA to decide which conversations to read (and especially, if the conversations are not in English, translate).

Section 215 bulk telephony metadata complements other counterterrorist-related collection sources by serving as a significant enabler for NSA intelligence analysis. It assists the NSA in applying limited linguistic resources available to the counterterrorism mission against links that have the highest probability of connection to terrorist targets. Put another way, while Section 215 does not contain content, analysis of the Section 215 metadata can help the NSA prioritize for content analysis communications of non-U.S. persons which it acquires under other authorities. Such persons are of heightened interest if they are in a communication network with persons located in the U.S. Thus, Section 215 metadata can provide the means for steering and applying content analysis so that the U.S. Government gains the best possible understanding of terrorist target actions and intentions. [my emphasis]

Though, as I have noted before, contrary to what Shea says, this by definition serves to access content of both non-US and US persons: NSA is admitting that the selection criteria prioritizes calls from the US. And in the case of a FISC warrant it could easily be entirely US person content.

In other words, the use of the dragnet in conjunction with content warrants makes it more likely that US person content will be read.

Excluding bulk targets

Now, my analysis about the legal logic of all this starts to break down once the FISC approves bulk orders. In those programs — Protect America Act and FISA Amendments Act — analysts choose targets with no judicial oversight and the standard (because targets are assumed to be foreign) doesn’t require probable cause. But the FISC recognized this. Starting with BR 07-16, the first order approved (on October 18, 2007) after the PAA  until the extant PAA orders expired, the primary orders included language excluding PAA targets. Starting with 08-08, the first order approved (on October 18, 2007) after FAA until the present, the primary orders included language excluding FAA targets.

Of course, this raises a rather important question about what happened between the enactment of PAA on August 5, 2007 and the new order on October 18, 2007, or what happened between enactment of FAA on July 10, 2008 and the new order on August 19, 2008. Read more

Scorecard: Snowden-Related Publication of Verizon’s Name — 1. ODNI Publication of Verizon’s Name — 1.

/6 Comments/in , /by

Would you lookee here?

Sometime between the time I published this post — showing ODNI did not redact anything in this passage of the January 20, 2011 phone dragnet primary order
Screen shot 2014-01-20 at 3.20.11 AM

 

… And this afternoon, ODNI swapped out the document such that that passage now looks like this:

Screen shot 2014-01-21 at 3.26.21 PM

I guess maybe James Clapper’s office figured it would be hard to spew their defector propaganda if they themselves had published some of the same material.

We all know how Clapper strives to cover up his own crimes.

Except they did publish it.

Meaning ODNI has caused Verizon’s name to be published in conjunction with the phone dragnet as many times as Edward Snowden has. I wait with bated breath for the ill-considered “Traitor!!!” cries to be directed against Clapper.

Update: To be clear, as I noted on this post, I didn’t find this particular redaction error (I’ve got some more … interesting ones). Michael alerted me to it on Twitter. I just decided to point out that ODNI had tried to cover this up.

Once Again, Pew Misunderstands the Dragnet

/4 Comments/in /by

Screen shot 2014-01-21 at 11.03.56 AMBack in July, I pointed out that Pew’s analysis of a poll on the dragnet had falsely suggested 70% of participants were misinformed on the dragnet when in fact the polling outfit was.

A big chunk of Pew’s readers seem to have a more accurate understanding of the program than Pew’s pollsters.

Consider two of its three headline findings: that 70% use data for purposes other than terrorism and that 63% believe the government is collecting more than metadata.

The first question was asked like this:

Do you think this government data collection effort is only being used to investigate terrorism, or do you think the government uses this data for purposes other than terrorism investigations?

The second question was phrased like this:

Just your impression, does this government program only collect data such as phone numbers and e-mail addresses, or is it also collecting what’s actually being said in the calls and e-mails?

The thing is, both of these questions are true: The government collects content under Section 702, including the incidentally collected content of Americans (which they can go back and search on later). And the 702 program collects information for counter-proliferation, cybersecurity, and other foreign intelligence purposes (the metadata program is reportedly limited to terrorism … if you believe all of Iran is a terrorist organization).

That said, only some of the “other purposes” Pew readers cited — such as gathering information for other crimes, and for national security — match the ones the government admits to. They also name political targeting and general control.

While their report on recent polling is more subtle, they again appear to misunderstand the dragnet. Their headline stat is that approval of surveillance continues to go down. Even there, they suggest — still!! — that all this surveillance only targets terrorism and not (in a practice that is potentially far more intrusive to your average non-Muslim American) cybersecurity as well. (Update: The specific question was “Overall, do you approve or disapprove of the government’s collection of telephone and internet data as part of anti-terrorism efforts?”)

Then they seem befuddled that most respondents who followed Obama’s Friday speech closely don’t think the “reforms” he rolled out will have much affect, one way or another.

NSA Changes Have Little Impact

Obama’s proposed changes to the NSA’s data collection program did not register widely with the public. Just 49% say they heard about the proposed changes, with little difference across partisan groups.

Among those that did hear about the proposals, large majorities of Republicans (86%) and independents (78%) say these changes will not make much difference when it comes to protecting people’s privacy. Among Democrats who have heard of the changes, 56% say they won’t make much difference.

There is little concern that the changes to the NSA’s surveillance activities will hurt the government’s ability to fight terrorism. Overall, 79% of those who have heard about the proposals say they won’t make much difference in the government’s ability to fight terrorism; this view is shared by 85% of independents, 77% of Democrats and 75% of Republicans.

Admittedly, this is mostly just a read of the impact of Obama’s speech, without an assessment of the content of it. Yet it (especially the headline) seems to imagine that Obama rolled out substantive changes, especially affecting Americans. As I have noted, some of the changes he did make do no more than reinstitute current practice, without providing any new enforcement mechanism. But ultimately it is a far read that Obama preserved the dragnet.

So it is actually welcome that most non-partisan Democrats who watched closely understand that.

And Now the Counterproliferation Excuse to Expand the Dragnet

/1 Comment/in /by

The other day I noted how Obama’s speech set up terrorism, in the context of war, to justify the structure of the dragnet, then slipped cybersecurity into that framework without distinguishing what should be significantly different frameworks. Steven Aftergood reports that, in a new Defense Science Board report, DOD is attempting to do the same with counterproliferation. They recommend, in part, expanding the dragnet to the CP function.

The advances in persistent surveillance, automated tracking, rapid analyses of large and multi-source data sets, and open source analyses to support conventional warfighting and counterterrorism have not yet been exploited by the nuclear monitoring community…. New intelligence, surveillance, and reconnaissance (ISR) technologies, demonstrated in recent conflicts, offer significant promise for monitoring undesirable nuclear activity throughout the free world.”

The National Security Agency, among others, has pointed the way, the reportsuggested. A newly integrated global awareness system for counterproliferation should “build on lessons and experiences of successful national security capabilities, such as… NSA’s counterterrorism capabilities….”

“The ‘big data’ technologies for extracting meaning from vast quantities of data that are being developed commercially in the information technology (IT) industry, and for other purposes in DoD and the IC, need to be extended and applied to nuclear monitoring.”

Don’t get me wrong. I’m not suggesting counterproliferation is not a totally legitimate intelligence objective.

But I find their claims that the threat of non-state actions is brand new, now, in 2014.

In short, for the first time since the early decades of the nuclear era, the nation needs to be  equally concerned about both “vertical” proliferation (the increase in capabilities of existing  nuclear states) and “horizontal” proliferation (an increase in the number of states and non‐ state actors possessing or attempting to possess nuclear weapons).

After all, the threat of non-state proliferation had been identified before 9/11, and it served as the rationale for a lot of what we have done since then. Has DSB been asleep for the last 15 years?

Moreover, counterproliferation has been built into the dragnet from the start, and was explicitly carved out in the 2008 FISA Amendments Act. It’s fairly safe to presume that counterproliferation has always been one of the certifications under which FAA operates. It’s already part of the dragnet.

Finally, some of the novel kinds of proliferation that are likely of greatest concern — Pakistan and Saudi Arabia and friends — already should fall under the aegis of counterterrorism spying anyway.

Is there a reason DSB is calling to expand a dragnet for CP purposes when the dragnet supposedly already includes it?

The Privacy Problems (?) of Outsourcing the Dragnet

/8 Comments/in , /by

Both Ed Felten

I am reminded of the scene in Austin Powers where Dr. Evil, in exchange for not destroying the world, demands the staggering sum of “… one MILLION dollars.” In the year 2014, billions of records is not a particularly large database, and searching through billions of records is not an onerous requirement. The metadata for a billion calls would fit on one of those souvenir thumb drives they give away at conferences; or if you want more secure, backed up storage, Amazon will rent you what you need for $3 a month. Searching through a billion records looking for a particular phone number seems to take a few minutes on my everyday laptop, but that is only because I didn’t bother to build a simple index, which would have made the search much faster. This is not rocket science.

And Tim Edgar have started thinking about how to solve the dragnet problem.

One helpful technique, private information retrieval, allows a client to query a server without the server learning what the query is.  This would allow the NSA to query large databases without revealing their subjects of interest to the database holder, and without collecting the entire database.  Recent advances should allow such private searches across multiple, very large databases, a key requirement for the program.  The use of these cryptographic techniques would make the need for a separate consortium that holds the data unnecessary.  I discussed this in more detail in my testimonybefore the Senate Select Committee on Intelligence last fall.  Seny Kamara of Microsoft Researchpoints out these techniques were first outlined over fifteen years ago, while the state of the art is outlined in “Useable, Secure, Private Search” from IEEE Security and Privacy.

But I want to consider something both point to that President Obama said in his speech which both Felten and Edgar consider.

Relying solely on the records of multiple providers, for example, could require companies to alter their procedures in ways that raise new privacy concerns.

I’m admittedly obsessed by this, but one processing step the NSA currently uses on dragnet data seems to pose particularly significant privacy concerns: the data integrity role, in which high volume numbers — pizza joints, voice mail access numbers, and telemarketers, for example — are “defeated” before anyone starts querying the database.

This training module from 2011 (and therefore before some apparent additions to the data integrity role, as I’ll lay out in a future post) describes three general technical roles, the first of which would be partly eliminated if the telecoms kept the data.

  • Ensuring production meets the terms of the order and destroying that which exceeds it (5)
  • Ensuring the contact-chaining process works as promised to FISC (much of this description is redacted) (7)
  • Ensuring that all BR and PR/TT queries are tagged as such, as well as several other redacted tasks (this tagging feature was added after the 2009 problems) (9)

The first and third are described as “rarely coming into contact with human intelligible” metadata (the first function would likely see more intelligible data on intake of completed queries from the telecoms). But — assuming a parallel structure across these three descriptions — the redacted description on page 8 suggests that the middle function — what elsewhere is called the data integrity function — has “direct and continual access and interaction” with human intelligible metadata.

And indeed, the 2009 End-to-End Review and later primary orders describe the data integrity analysts querying the database with non-RAS approved identifiers to determine whether they’re high volume identifiers that should be taken out of the dragnet.

Those analysts are not just accessing data in raw form. They’re making analytic judgments about it, as this description from the E-2-E report explains.

As part of their Court-authorized function of ensuring BR FISA metadata is properly formatted for analysis, Data Integrity Analysts seek to identify numbers in the BR FISA metadata that are not associated with specific users, e.g., “high volume identifiers.” [Entire sentence redacted] NSA determined during the end-to-end review that the Data Integrity Analysts’ practice of populating non-user specific numbers in NSA databases had not been described to the Court.

(TS//SI//NT) For example, NSA maintains a database, [redacted] which is widely used by analysts and designed to hold identifiers, to include the types of non-user specific numbers referenced above, that, based on an analytic judgment, should not be tasked to the SIGINT system. Read more

Compensating the Dragnet

/7 Comments/in , /by

The first and second primary orders approving the phone dragnet, written by Malcolm Howard, included this paragraph.

(2) NSA shall compensate [redacted] for reasonable expenses in providing such tangible things;

The third primary order, written by Frederick Scullin, had no such paragraph.

There’s a likely explanation for the disappearance of the paragraph. The Section 215 statute does not provide for compensating providers.

I have no idea whether this means the telecom providers aren’t getting compensated (unlikely) or whether they’re getting compensated in some other fashion (my bet).

But Congress’ failure to include any compensation for responding to a Section 215 order is one more indication that they didn’t believe they were signing off on daily production of “substantially all” of providers’ metadata.

That raises another question, however. If Congress did not envision paying providers to comply with a Section 215 order, were they paid? If so, with what funds? Who approved such spending?

Update: The Verizon secondary order from April doesn’t reflect any compensation.

Obama’s Dragnet: Policeman of the Whole World

/7 Comments/in , , /by

And don’t let anybody make you think that God chose America as his divine, messianic force to be a sort of policeman of the whole world. God has a way of standing before the nations with judgment, and it seems that I can hear God saying to America, “You’re too arrogant! And if you don’t change your ways, I will rise up and break the backbone of your power, and I’ll place it in the hands of a nation that doesn’t even know my name. Be still and know that I’m God.”

–Martin Luther King, “It’s A Dark Day In Our Nation

As I noted the other day, in his speech on the dragnet, President Obama acknowledged that our unique technical surveillance capabilities demands more humility, not less.

But America’s capabilities are unique. And the power of new technologies means that there are fewer and fewer technical constraints on what we can do. That places a special obligation on us to ask tough questions about what we should do.

Yet that concern about our unique technical capabilities quickly transformed into exceptionalism — a concern about how distrust stemming from our dragnet hubris would corrode our “leadership” position in the world.

Instead, we have to make some important decisions about how to protect ourselves and sustain our leadership in the world, while upholding the civil liberties and privacy protections that our ideals – and our Constitution – require. We need to do so not only because it is right, but because the challenges posed by threats like terrorism, proliferation, and cyber-attacks are not going away any time soon, and for our intelligence community to be effective over the long haul, we must maintain the trust of the American people, and people around the world.

And that, in turn, became our role in protecting “our friends and allies as well.”

Our capabilities help protect not only our own nation, but our friends and allies as well. Our efforts will only be effective if ordinary citizens in other countries have confidence that the United States respects their privacy too. And the leaders of our close friends and allies deserve to know that if I want to learn what they think about an issue, I will pick up the phone and call them, rather than turning to surveillance. In other words, just as we balance security and privacy at home, our global leadership demands that we balance our security requirements against our need to maintain trust and cooperation among people and leaders around the world.

This includes protecting them not just from terrorism and hackers, but from crime — including the crime of violating US sanctions.

In terms of our bulk collection of signals intelligence, U.S. intelligence agencies will only use such data to meet specific security requirements: counter-intelligence; counter-terrorism; counter-proliferation; cyber-security; force protection for our troops and allies; and combating transnational crime, including sanctions evasion.

Of course, a number of countries (much of Latin America) object to the way we fight crime (drug cartels) in their countries. But our pursuit of our own national security has literally turned us into the world’s policeman. Which Obama repeats again — our leadership role requires us to use our dragnet to fight terrorists and crime.

We will appoint a senior official at the White House to implement the new privacy safeguards that I have announced today. I will devote the resources to centralize and improve the process we use to handle foreign requests for legal assistance, keeping our high standards for privacy while helping foreign partners fight crime and terrorism.

How ironic, how prescient, that King spoke our arrogance breaking the backbone of our power. Not only does it threaten to break the ideological backbone of our hegemony — replacing our liberties with our policing — but it quite literally threatens to balkanize the communication backbone we’ve exploited to become that policeman.

President Obama seems to understand what a crisis this poses to our leadership. He does not, yet, understand that that leadership was not supposed to be policing the world.