Jeremy Scahill: Two Degrees of Separation from the Dirty Wars Dragnet

/2 Comments/in , /by

Congratulations to Jeremy Scahill and the entire team that worked on Dirty Wars for being nominated for the Best Documentary Oscar.

This post may appear to be shamelessly opportunistic — exploiting the attention Dirty Wars will get in the days ahead to make a political point before the President endorses the dragnet on Friday — but I’ve been intending to write it since November, when I wrote this post.

Jeremy Scahill (and the entire Dirty Wars team) is the kind of person whose contacts and sources are exposed to the government in its dragnet.

To write his book (and therefore research the movie, though not all of this shows up in the movie) Scahill spoke with Anwar al-Awlaki’s father (one degree of separation from a terrorist target), a number of people with shifting loyalties in Somalia (who may or may not be targeted), and Afghans we identified as hostile in Afghanistan. All of these people might be targets of our dragnet analysis (and remember — there is a far looser dragnet of metadata collected under EO 12333, with fewer protections). Which puts Scahill, probably via multiple channels, easily within 3 degrees of separation of targets that might get him exposed to further network analysis. (Again, if these contacts show up in 12333 collection Scahill would be immediately exposed to that kind of datamining; if it shows up in the Section 215 dragnet, it would happen if his calls got dumped into the Corporate Store.) If Scahill got swept up in the dragnet on a first or second hop, it means all his other sources, including those within government (like the person depicted in the trailer above) describing problems with the war they’ve been asked to fight, might be identified too.

Scahill might avoid some of this with diligent operational security — a concerted effort to prevent the government from tracking him along with terrorists (though remember two things: one purpose of the dragnet is to discover burner phones, and his computer got hacked while he was working on this book). But the government’s intent is to sweep up records of any conversations that get as close to those hostile to American efforts as Scahill does.

One of my favorite figures in Scahill’s book was the Heineken and Johnny Walker swilling Mullah Zabara, a Yemeni tribal leader from Shabwa who expressed the ambivalence Yemenis might feel towards the US.

Several souther leaders angrily told me stories of US and Yemeni attacks in their areas that killed civilians and livestock and destroyed or damaged scores of homes. If anything, the US air strikes and support for Saleh-family-run counterterrorism units had increased tribal sympathy for al Qaeda. “Why should we fight them? Why?” Read more

Former Presiding Judge, John Bates, Makes Compelling Case to Eliminate FISA Court

/19 Comments/in /by

As you read John Bates’ “comments” about the NSA Review Group’s recommendations, it’s worth keeping two things in mind about him:

  • He has a history of dismissing legally important cases out of caution — arguably excess caution — over getting involved in matters reserved for the political branches, a caution he did not exercise here.
  • In August 2011, after Bates asked NSA to tell him how many entirely domestic communications were being caught via upstream collection (and after Bates had told NSA domestic collection of US person data was only illegal if they acknowledged it), they did not provide the number. And he didn’t make them. He did however, in the same exchange, rubber stamp NSA’s authority to conduct back door searches into US person communications.

In other words, Bates has long been overly solicitous of Executive power, and contrary to some claims, his work on the FISC actually reinforces, rather than refutes, claims that the Court is a rubber stamp.

Perhaps it’s not surprising, then, that his comments actually make a fairly compelling — albeit unintentional — case for eliminating the FISC (at least for all its expanded uses since 2001) altogether.

Don’t get me wrong. I’m sympathetic to some of Bates’ stated concerns. The concerns about workload (which Bates raises in his first and second bullets, but relegates to his last paragraphs) are real, and have been recognized by a number of people in the FISC debate. Bates points to some real constitutional issues in constructing an advocate for the court (which, again, have been pointed out, with potential solutions, by others).

But ultimately Bates’ comments (which may also reflect the concerns of Chief Justice John Roberts, whose authority he invokes in commenting on FISC matters) object to anything that might make FISC more of a … court.

Consider his argument against a Special Advocate. He worries a special advocate would harm what he (the same guy who couldn’t get the government to divulge how many Americans are getting swept up in domestic upstream collection) claims is candor.

Perhaps most troubling, however, is our concern that providing an institutional opponent to FISA applications would alter the process in other ways that would be detrimnetal to the FISC’s timely receipt of full and accurate information. As noted above, the current process benefits from the government’s taking on — and generally abiding by — a heightened duty of candor to the Court. Providing for an adversarial process in run-of-the-mill, fact-driven cases may erode this norm of governmental behavior, thereby impeding the Court’s receipt of relevant facts. (As noted above, the advocate would rarely, if ever, serve as a separate source of factual information.) Instead, intelligence agencies may become reluctant to voluntarily provide to the Court highly sensitive information, or information detrimental to a case, because doing so would also disclose that information to a permanent bureaucratic adversary.

Even setting aside the number of times I’ve been able to find factual problems with claims made in the few FISC filings so far released (suggesting advocates could provide factual and technical details the government doesn’t want to), this is a tacit admission that the FISC is not considered a bureaucratic adversary by the government.

This is particularly troubling given that, as Bates portrays the process, the “FISC may request or receive information from the applicant informally through the legal staff” (which according to Judge Walton’s portrayal of the process, means via the phone). The only paper trail of the process, then, are (again relying in part on Walton) the written analysis of the FISC’s staff attorneys. Which would mean an advocate would require “broad access” to these “draft decisions and memoranda from legal staff,” would would violate “ethical canons and separation-of-powers principles,” in turn “infring[ing] on the independence of the judges’ decisionmaking.”

One reason Bates objects to a Special Advocate, then, is that the Government would have to write all its requests down, which might affect their candor.

If that isn’t already troubling, Bates’ observation that “even relatively routine national security investigations involve changing facts” raises additional concerns. Bates describes FISC judges making decisions on a sometimes undocumented set of moving facts, facts which the targets of such surveillance have never been permitted to see, much less challenge, in court.

Then there’s Bates’ stated worries about the problems an advocate would present for the FISA Court of Review (and again, some of this may reflect John Roberts’ concern, as SCOTUS is the ultimate court of appeal). Some of this, again, reflects resource concerns. But even those resource concerns — such as the possibility the FISCR would have “to hire its own staff” reveals that the FISCR relies on the same staffers who drive FISC decisions in the first place. It is not, as it turns out, an independent court of its own.

Which makes the Constitutional concerns raised by the wacky decisions of the FISC, starting with its secret redefinition of “relevance” (without even benefit of independent dictionary definitions), all the more urgent. There is no standing to challenge these issues outside of the courts; with the FISC structure, there is apparently no fully independent court of appeal. And the Chief Justice wants to keep it that way.

Which means part of what Bates is defending is the authority for a bunch of District Court Judges to serve as Appellate Judges for some of the most Constitutionally novel issues raised by national security.

Yet Bates also seems to be defending the Court’s ability to remain ignorant about some things the Executive does. He rejects any proposal to serve as an oversight check on the Executive (this is another concern I have some sympathy for). But he does so in a document including this disclosure raised in objection to requiring warrants to conduct back door searches. (Snoopdido noted this passage last night.)

Decisions about querying Section 702 information are now made within the Executive Branch. As a result, the Courts do not know how often the government performs queries of data previously acquired under Section 702 in order to retrieve information about a particular U.S. person. It seems likely to us, however, that the practice would be common for U.S. persons suspected of activities of foreign intelligence interest, e.g., engaging in international terrorism, so that the burden on the FISC of entertaining this new kind of application could be substantial.

Remember: Bates is the guy who first approved NSA and CIA’s use of these back door searches (relying in part on the prior 3-year history of FBI’s use of them). But he has apparently never gotten enough “candor” from the Executive — either before or after he approved this — to know how and how often the Executive is using these searches!

Then he goes on to explain that the Executive might need to use back door searches to get the content of Americans they can’t otherwise target under FISA.

For a variety of reasons, a U.S. person suspected of such activity may not otherwise be a FISA target. For example, there may be probable cause to believe that a U.S. person is engaged in international terrorism, but intelligence agencies may not have the ability to implement current forms of FISA collection against that person because of the person’s location or lack of information about particular facilities.

Granted, what Bates is describing is the use of reverse targeting to get around technical difficulties, not legal ones (though I wonder how he’s sure about the legal case if the government has never made it).

But it is reverse targeting, the use of a back door search to get to the US person content, without a warrant, via collection on another target. This is forbidden by the law. Yet he describes it as one reason why the FISC shouldn’t get involved in reviewing warrants for this kind of search, which (as he describes it) violates the law.

Against the background of admitting that the FISC doesn’t always require the government to write down its requests and that it doesn’t want to approve warrants for activity that by his description violates the statute because the government should be permitted to continue violating the statute, Bates then objects to the recommendations to eliminate bulk collection and provide more review of 215 and NSLs, in part because of the burdens they’d pose for the Court. Most curiously, Bates says that if reforms eliminated NSL gag orders, the government would begin to use Section 215.

Those changes would like result in the government’s decreasing its reliance on NSLs for records subject to such a disclosure requirement and instead bringing to the FISC more applications under Section [215] for production of such records, in order to avoid disclosure of such information to private parties.

If the government could still get bulk Section 215 orders, I agree, they might well use those instead.

But Jim Comey — to the extent he can be believed in comments that were clearly misleading — said he’d end up using grand jury subpoenas instead. So a guy with years of involvement in prosecuting terrorism cases at least claims that he not only could — but would prefer to — use grand jury subpoenas for this information over the FISC.

Which would alleviate the need to routinely eliminate gags, because review in any criminal proceedings would provide the kind of transparency and review necessary for such things (this is a point Peter Swire made in yesterday’s hearing).

The reason we need a FISC is because the government — often through inadequate notice to defendants — has succeeded in avoiding the kind of review courts normally bring. But John Bates reveals a number of ways in which the court that is supposed to be providing that review has failed to do so. And Jim Comey, at least, thinks some of this could move back to real courts.

So why not? Why not move this, with all the gags grand jury subpoenas get and the national security experience judges have acquired over the last decade and all the normal constitutionally required review process, back to normal Title III Courts?

I admit it. Bates makes an excellent case for eliminating the FISC case, at least for all the exotic bulk programs the government has been inventing in secret.

Faster and Furiouser Domestic Spying: Why Would the NSA Review Group Talk to the ATF?

/12 Comments/in , , /by

Because I’m working on a post on John Bates’ response to the NSA Review Group recommendations, I happened to re-review the list of people the Review Group spoke with today (see page 277; Bates was the only one from the FISA Court they spoke with),

See if you find anything odd with this list of entities the Review Group spoke with from the Executive Branch (here’s a handy list of intelligence agencies to compare it to):

Assistant to the President for Homeland Security & Counterterrorism

Bureau of Alcohol, Tobacco, Firearms and Explosives

Central Intelligence Agency

Defense Intelligence Agency

Department of Commerce

Department of Defense

Department of Homeland Security

Department of Justice

Department of State

Drug Enforcement Agency

Federal Bureau of Investigations

National Archives and Records Administration

National Counterterrorism Center

National Institute for Standards and Technology

National Reconnaissance Office

National Security Advisor

National Security Agency

Office of the Director of National Intelligence

President’s Intelligence Advisory Board

Privacy and Civil Liberties Oversight Board

Program Manager for the Information Sharing Environment (PM-ISE)

Special Assistant to the President for Cyber Security

Treasury Department

Much of the list makes sense. You’ve got the people largely in charge of terrorism (NCTC, Lisa Monaco, FBI, Treasury), you’ve got some of the people in charge of cyber and/or corrupting encryption standards (DHS, Michael Daniel, NIST), you’ve got the people who have to deal with angry foreign leaders (State), you’ve got people in charge of data sharing and storage (PM-ISE and NARA), and you’ve got Commerce (which serves to boost, but also coerce, the tech companies on these issues).

There are some absences. I’m surprised Department of Energy, which plays a key role in counterproliferation, isn’t on here. It’s light on counterintelligence functions, both at DNI and things like AFOSI (which I believe has some nifty cybertools). I’m also a little surprised DOD was represented as a whole, but not some of the branch intelligence organizations. Similarly, DHS was represented as a whole, but not some of its relevant branches (TSA, CBP, and Secret Service).

And then there’s the Drug Enforcement Agency, which is on the list.

And even more alarmingly, the Bureau of Alcohol, Tobacco, Firearms and Explosives.

Don’t get me wrong, neither is all that surprising. We know some of the tools covered by the Review Group — notably National Security Letters — have actually been (mis)used in drug investigations as well as in terrorism ones. Given the logic of the certifications we know exist — not to mention the Administration’s fear-mongering and increasing focus on Transnational Crime Organizations not run by Jamie Dimon — I wouldn’t be surprised if Section 702 were used to fight the war on drugs, if it hasn’t already been. And the drug war certainly is a foreign intelligence priority for EO 12333 collection. Given NSA’s increasing inclusion of drug cartels in the boilerplate comments it releases about Snowden stories, I expect we’ll hear some nifty things about the war on drugs before this is out.

Similarly, one of the first things we learned the government was using Section 215 and/or NSLs to collect was purchase records for beauty supplies, otherwise known as explosives precursors. Since then, Members of Congress have talked about tracking fertilizer purchases. And I’d be shocked if there weren’t at least a half-hearted attempt to track pressure cooker purchases. I guess, from ATF’s inclusion among the Review Group’s interlocutors, we know a little bit about where this data resides: in probably the most fucked up law enforcement agency in government (though maybe that’s Immigration and Customs Enforcement, which thankfully was not considered central enough to talk to the Review Group).

Still, given the increasing number of signals that these authorities have been used to track gun purchases, and ATF’s notorious failures at tracking gun purchases in the past, I wonder whether they’re involved not just to talk about explosives purchases, but also gun records?

The Review Group warned that,

Like other agencies, there are situations in which NSA does and should provide support to the Department of Justice, the Department of Homeland Security, and other law enforcement entities. But it should not assume the lead for programs that are primarily domestic in nature.

For a variety of reasons (both reasonable and unreasonable), it is much harder to claim that tracking gun purchases pertains to counterterrorism or another foreign intelligence purpose than tracking acetone purchases.

Is this one of the domestic security functions the Review Group worried about?

Dragnet at Bernie’s: On Spying on Congress

/10 Comments/in , , /by

Bernie SandersIt turns out that Mark Kirk — not Bernie Sanders — was the first member of Congress to raise concerns about the NSA spying on Senators after Edward Snowden’s leaks started being published. Kirk did so less than a day after the Guardian published the Verizon order from the phone dragnet, in an Appropriations Committee hearing on the Department of Justice’s budget (see at 2:00). After Susan Collins raised the report in the context of drone killing, Kirk asked for assurances that members of Congress weren’t included in the dragnet.

Kirk: I want to just ask, could you assure to us that no phones inside the Capitol were monitored, of members of Congress, that would give a future Executive Branch if they started pulling this kind of thing up, would give them unique leverage over the legislature?

Holder: With all due respect, Senator, I don’t think this is an appropriate setting for me to discuss that issue–I’d be more than glad to come back in an appropriate setting to discuss the issues that you’ve raised but in this open forum–

Kirk: I’m going to interrupt you and say, the correct answer would say, no, we stayed within our lane and I’m assuring you we did not spy on members of Congress.

The first substantive question Congress asked about the dragnet was whether they were included in it.

After that, a few moments of chaos broke out, as other Senators — including NSA’s representative on the Senate Intelligence Committee, Barb Mikulski — joined in Kirk’s concerns, while suggesting the need for a full classified Senate briefing with the AG and NSA. Richard Shelby jumped in to say Mikulski should create the appropriate hearing, but repeated that what Senator Kirk asked was a very important question. Mikulski agreed that it’s the kind of question she’d like to ask herself. Kirk jumped in to raise further separation of powers concerns, given the possibility that SCOTUS had their data collected.

The very first concern members of Congress raised about the dragnet was how it would affect their power.

And then there was a classified briefing and …

… All that noble concern about separation of power melted away. And some of the same people who professed to have real concern became quite comfortable with the dragnet after all.

It’s in light of that sequence of events (along with Snowden’s claim that Members of Congress are exempt, and details about how data integrity analysts strip certain numbers out of the phone dragnet before anyone contact-chains on it) that led me to believe that NSA gave some assurances to Congress they need not worry that their power was threatened by the phone dragnet.

The best explanation from external appearances was that Congress got told their numbers got protection the average citizen’s did not, perhaps stripped out with all the pizza joints and telemarketers (that shouldn’t have alleviated their concerns, as some of that data has been found sitting on wayward servers with no explanation, but members of Congress can be dumb when they want to be).

And they were happy with the dragnet.

Then, 7 months later, Bernie Sanders started asking similar — but not the same –questions. In a letter to Keith Alexander, he raised several issues:

  • Phone calls made
  • Emails sent
  • Websites visited
  • Foreign leaders wiretapped

He even defined what he meant by spying.

“Spying” would include gathering metadata on calls made from official or personal phones, content from websites visited or emails sent, or collecting any other data from a third party not made available to the general public in the regular course of business.

In response, Alexander rejected Sanders’ definition of spying (implicitly suggesting it wasn’t fair), while using a dodge he repeatedly has: the Americans in question are not being targeted, even while they might be collected “incidentally.”

Nothing NSA does can fairly be characterized as “spying on Members of Congress or other American elected officials.”

[snip]

NSA may not target any American for foreign intelligence collection without a finding of probable cause that the proposed target of collection is a foreign power or an agent of a foreign power. Moreover, as you are aware, whenever an NSA activity results in the incidental collection of information about Americans, that information is handled pursuant to the very robust procedures designed to protect privacy interests — procedures that must be approved by the Attorney general or the Foreign Intelligence Surveillance Court, as appropriate. All those protections apply to members of Congress, as they do to all Americans.

Alexander then addressed just one of the three kinds of spying Sanders raised: phone data (which, if I’m right that NSA strips Congressional numbers at the data integrity stage, is the one place Alexander can be fairly sure Sanders’ contacts won’t be found).

Your letter focuses on NSA’s acquisition of telephone metadata…

And used the controls imposed on the raw data of the phone dragnet as an excuse for not answering Sanders’ question.

Among those protections is the condition that NSA can query the metadata only based on phone numbers reasonably suspected to be associated with specific foreign terrorist groups. For that reason, NSA cannot lawfully search to determine if any records NSA has received under the program have included metadata of the phone calls of any member of Congress, other American elected officials, or any other American without that predicate.

Alexander totally ignored Sanders’ two other specified concerns: emails sent and websites visited.

Which is mighty convenient, because for a very large segment of that collection (the internet metadata collected under EO 12333 and via PRISM, though not the data collected domestically before 2011 or domestic upstream collection), NSA believes it doesn’t even need Reasonable Articulable Suspicion to search on US person identifiers. Read more

Radical Idea: the Legislature Ends Smith v. Maryland

/12 Comments/in /by

The Senate Judiciary Committee hearing with the NSA Review Group just finished. There was no earth-shattering news. Perhaps the best one-liner from the hearing came when former CIA Deputy Director Mike Morell said that metadata is content (and I’m grateful he said it early in the hearing so it will make the evening news). Bizarrely, he claimed he just learned that while working on this report which is rather … unconvincing.

At the very end of the hearing, however, Senator Richard Blumenthal said something equally as important, which went something like,

Smith v. Maryland is about as outdated as any Supreme Court [sic] can be. Congress has an equal responsibility to protect the Constitution as the Supreme Court. There is no need to wait for the Supreme Court.

It’s a great idea, for the legislature to end Smith v. Maryland’s encroachment on the Constitution, and he’s right, Congress does have the authority to act.

But as far as I know, Blumenthal has yet to introduce a bill doing that.

What Was the Purpose of the Exigent Letter Program?

/7 Comments/in , /by

I’m aiming to have some rough guesses about what kind of bulk collection the FBI might use National Security Letters for (spoiler alert: my wildarseguess is that they’re getting subscriber lists from the same telecoms they’re getting phone dragnet data from).

But first, I want to return to the exigent letter program and consider how it may have complemented the dragnet during the period the dragnet had no court sanction.

As a reminder, starting in 2002, the FBI started getting phone calling records on individual users directly from telecoms using “exigent letters” — basically letters saying they needed the records urgently and promising some kind of legal documentation in the future. In 2003, representatives of the telecoms started moving onsite, so FBI Agents could ask for this information while looking over the representatives’ shoulders. As part of it, the FBI got “community of interest” data (basically, the 3-degrees information the phone dragnet provides) and “hot number” data (an alert when a number was used, which also became part of the phone dragnet). The program spun out of control because FBI often would never go back and provide that paperwork (and also they used it for improper purposes).

In 2006, at the same time the the phone dragnet from the illegal wiretap program was moving to Section 215 orders, FBI was trying to clean up the exigent letter problems with “blanket National Security Letters.” FBI issued the first blanket NSL on May 12, 2006; FISC approved the first Section 215 order on May 24. And while it took until January 2008 for the last telecom personnel to move out of FBI digs, FBI started phasing out the program by imposing new restrictions in 2006.

There’s a lot we don’t know yet about the exigent letters program — and the actions of those telecom personnel camping out at the FBI. That the 2010 IG Report on was produced in TS/SCI, classified, and unclassified versions (the other two NSL IG Reports (2007, 2008) came in classified and unclassified versions) suggests it had some tie to more sensitive counterterrorism programs, quite likely the illegal program.

And to some degree, the onsite telecom personnel were duplicating what we understand NSA to have been doing with phone call records in the illegal wiretap program: tracking activity and establishing 3-degree-of-separation maps around phone identifiers of interest. At least for those FBI Agents who knew of the illegal dragnet, they could get the same information from the NSA, though for FBI Agents it was likely more immediate to go directly to the telecom person and provide requests on post-it notes (as sometimes occurred). Moreover, the FBI could and did quickly check whether queries would be fruitful before they formally queried a number. That means they could use the telecom presence to run contact-chaining on people who were not yet formally identified as terrorist suspects (though that seems to have been possible with the NSA program at that point too).

But the duplicative nature of the program suggests the possibility (particularly given that it started in earnest in May 2003, after the illegal program had gotten started) that the telecom presence was used to launder results back through the telecoms to make them usable for both FISC and other Title III Courts.

One more thing of interest, given my spoiler alert. As far as I understand, the FBI would have access not just to a number’s community of interest, but also to the name of a phone subscriber (or, alternately, immediately be able to learn if a telecom served a particularly person or number). That is, the onsite telecom program provided the FBI with something that the current dragnet, as publicly understood, did not: easy access to contact-chaining, with identities attached.

As I have noted before, DOJ’s Inspector General has said he may be limited in what he presents in his 1,297-day old study of the use of Section 215 through 2009, started under his predecessor (who authored all the other reports), Glenn Fine, unless DOJ will declassify the earlier NSL and Section 215 reports. So there’s clearly a tie between what was done with Section 215 as it moved under FISC review and what had been done earlier with NSLs.

One thing I’m wondering about is whether FBI uses(d) NSLs to accomplish the parts of the previous programs that haven’t been authorized under the use of Section 215.

The Government Plays Connect-the-Dots Differently than They Say

/2 Comments/in , /by

In my continuing obsession to understand precisely how the government really uses the dragnet, consider this post, in which NSA Review Group member Geoffrey Stone conducts (IMO) inadequate analysis to conclude the phone dragnet is probably unconstitutional.

In it, he provides this description of how the government uses the phone dragnet:

In 2012, the NSA queried a total of 288 phone numbers. Based on these queries, the NSA found 16 instances in which a suspect phone number was directly or indirectly in touch with another phone number that the NSA independently suspected of being associated with terrorist activity. In such cases, the NSA turns the information over to the FBI for further investigation.

In terms of the “connect the dots” metaphor, the purpose of the program is not so much to discover new “dots” but to determine if there are connections between two or more already suspect “dots.” For example, if a phone number belonging to a terrorist suspect in Pakistan is found to have called a phone number in the United States that the government independently suspects belongs to a person involved in possible terrorist activity, alarm bells (figuratively) go off very loudly, alerting the government to the need for immediate attention. [my emphasis]

I don’t think this can be an accurate description of how the dragnet works.

It is close to what happened with Adis Medunjanin. As the FBI was honing in on Najibullah Zazi, the NSA did a query and found a new cell phone for Medunjanin, though they already knew Medunjanin was a likely accomplice of Zazi’s through via travel records. The government says they were particularly interested in this phone because it was in contact with other extremists. Thus, they found a brand new phone number, but one that ended up being associated with both a suspect (Medunjanin) and other suspects (the other people that phone was in contact with).

But that cell phone for Medunajnin was a brand new number to the NSA, at least according to their reports.

The claim may still be true if they used burner matching to identify Medunjanin as a match to the other phone record they had on him. But it seems this process would have to involve additional information about Medunjanin at some point — at the very least, the match of those travel documents to that phone number, if not his identity.

In other words, this only seems to make sense if they had Medunjanin’s “identity” in some form or another, belying their claims not to have identities while they’re contact chaining.

The description is potentially more problematic with Basaaly Moalin. In his case, the stated explanation for what happened is they found his number on a second-degree search, sent it to the FBI, and the FBI learned he was the guy who had previously been investigated in 2003.

The problem might be alleviated in two ways: first, if the hawala through which Moalin was sending money to Ayro, was also tied to a suspect number. That’s a distinct possibility: but the question is, how does that identity as a suspect number get communicated to NSA? If NSA already had it, doesn’t it mean they’ve got more suspect numbers sitting somewhere than have been RAS approved?

The other possibility is that Moalin himself was still identified as a suspect number from the investigation back in 2003 — that an investigation that turned up no evidence might still, during the era of the illegal program, have gotten someone nominated as a suspect number under Cheney’s program, and they never purged the system entirely (which would seem to be supported by the 2009 problems, which showed they hadn’t turned off the illegal program features).

Either of these possibilities, of course, would raise new concerns about the NSA program.

But the description would also raise real issues, both about the honesty of witnesses and the potential efficacy of the system. If the NSA only triggers on people who’ve got ties to a second suspect number (which is entirely different than what they’ve been saying) then it could not possibly alert the government to a fully compartmented lone actor (someone like, say, Faisal Shahzad). That is, it would only find people who were engaged in the kind of elaborate planning seen before the government dismantled al Qaeda, but would not find the kind of individual extremists we’ve seen almost exclusively (with the exception of Zazi) for years.

This would answer the question of whether the NSA is finding the right numbers, in that it would be less likely to find someone innocent. It also might explain why the program didn’t find Shahzad. But it would also mean it does (as presented) far less than the NSA has been saying it does.

I don’t actually believe that, but that is what it would suggest.

Robert Litt and Mike Rogers KNOW Congress Hasn’t Ratified the Phone Dragnet

/2 Comments/in , , /by

WaPo has a biting profile of Robert Litt, ODNI’s General Counsel who made one more failed attempt to rationalize James Clapper’s lies to Congress last week.

One of the most newsworthy bits is that WaPo published the name of Alfreda Frances Bikowsky, the analyst who got Khaled el-Masri kidnapped and tortured by mistake, for the first time.

A far more subtle but equally important detail comes in its description of why House Intelligence Chair Mike Rogers banned Litt from appearing before the Committee last summer.

Some lawmakers have found Litt’s manner off-putting at best. Rogers, the chairman of the House Intelligence Committee, made clear to the DNI’s office last summer that Litt was no longer welcome before his panel.

“The committee has not found Bob to be the most effective witness to explain complex legal and policy issues,” said a U.S. government official familiar with the falling-out. Rogers was also bothered that Litt faulted the committee for not doing more to share information about the surveillance programs with other members, unaware that doing so would have violated committee rules. [my emphasis]

For what it’s worth, I suspect Rogers is not worried as much about Litt’s honesty (Rogers hasn’t objected to James Clapper or Keith Alexander’s lies, for example, and has himself been a key participant in sustaining them), but rather, for his usual candor and abrasiveness, which the article also shows inspiring members of Congress to want to repeal the dragnet. Litt couches his answers in legalese, but unlike most IC witnesses, you can often parse it to discern where the outlines of truth are.

But I am acutely interested that Litt blames Rogers for not “doing more to share information about the surveillance programs with other members.”

That refers, of course, to Rogers’ failure to make the Administration’s notice on the phone dragnet available to members in 2011, before the PATRIOT Reauthorization. As a result of that, 65 Congressmen voted to reauthorize the PATRIOT Act without full notice (perhaps any formal notice) of the phone dragnet — a sufficiently large block to make the difference in the vote. In spite of that fact, the Administration and even FISA Judges have repeatedly pointed to Congress’ reauthorization of the phone dragnet to explain why it’s legal even though it so obviously exceeds the intent of the Section 215 as passed.

Apparently Litt blames Rogers for that. And doing so got him banished from the Committee.

Frankly, Litt is right in this dispute. Rogers’ excuse that committee rules prevented him from sharing the letter the Administration stated they wanted to be shared with the rest of Congress rings hollow, given that just one year earlier, Silvestre Reyes did make the previous letter available. If committee rules prevent such a thing, they are Rogers’ committee rules, and they were fairly new at the time. (Ironically, by imposing those rules, Rogers prevented members of his own party, elected with strong Tea Party backing, from learning about intelligence programs, though he may have just imposed the rules to increase the value of his own special access.)

So it is Rogers’ fault the Administration should not be able to claim Congress ratified the FISA Court’s expansive understanding of Section 215.

And Rogers and Litt’s spat about it make it clear they both know the significance of it: claims of legislative ratification fail because Congress did not, in fact, know what they were voting on, at least in 2011.

Unsurprisingly, that has not prevented the Administration from making that claim. Litt himself made a variety of it before PCLOB in November, months after he had this fight with Rogers.

[NSA General Counsel Raj] DE: So in other words, and some of this is obviously known to you all but just to make sure members of the public are aware, not only was this program approved by the Foreign Intelligence Surveillance Court every 90 days, it was twice, the particular provision was twice re-authorized by Congress with full information from the Executive Branch about the use of the provision.

[snip]

MR. LITT: I just want to add one very brief comment to Raj’s in terms of the extent to which Congress was kept informed. By statute we’re required to provide copies of significant opinion and decisions of the FISC to the Intelligence and Judiciary Committees of both Houses of Congress and they got the materials relating to this program, as we were required to by law.

Now, Litt’s intejection here is particularly interesting. He doesn’t correct De. He shifts the claim somewhat, to rely on Judiciary and Intelligence Committee notice. But even there, his claim fails, given that the Administration did not provide all relevant opinions to those Committees until after the first dragnet reauthorization in 2010. Litt probably thinks that’s okay because he didn’t qualify when Congress got the materials.

But it’s still a blatant lie, according to the public record.

More significantly, the Administration repeated that lie to both the FISC and, more significantly still, the 3 Article III Judges presiding over challenges to the dragnet generally.

The Administration keeps running around, telling everyone who is obligated to listen that Congress has ratified their expansive interpretation of the phone dragnet. It’s not true. And the fact that Litt and Rogers fought — way back in the summer — over who is responsible makes it clear they know it’s not true.

But they still keep saying it.

The NSA Does Know the Identity of Some of the Targets It Is Contact-Chaining

/6 Comments/in , /by

One claim the NSA has made just about every time one of its representatives has talked about the phone dragnet is that, because the dragnet contains only phone numbers, analysts don’t know who they’re chaining on. They have to give a number to the FBI, NSA people claim, where they use “additional legal process” to find the identity (more on that later).

And that may be true … up to a point.

But the claim goes far beyond even what the NSA (with an assist from friendly media partners) depicts.

Consider 60 Minutes depiction of of contact chaining (at 2:36).

Analyst Stephen Benitez showed us a technique known as “call chaining” used to develop targets for electronic surveillance in a pirate network based in Somalia.

Stephen Benitez: As you see here, I’m only allowed to chain on anything that I’ve been trained on and that I have access to. Add our known pirate. And we chain him out.

John Miller: Chain him out, for the audience, means what?

Stephen Benitez: People he’s been in contact to for those 18 days.

Stephen Benitez: One that stands out to me first would be this one here. He’s communicated with our target 12 times.

Stephen Benitez: Now we’re looking at Target B’s contacts.

John Miller: So he’s talking to three or four known pirates?

Stephen Benitez: Correct. These three here. We have direct connection to both Target A and Target B. So we’ll look at him, too, we’ll chain him out. And you see, he’s in communication with lots of known pirates. He might be the missing link that tells us everything.

John Miller: What happens in this space when a number comes up that’s in Dallas?

Stephen Benitez: So If it does come up, normally, you’ll see it as a protected number– and if you don’t have access to it, you won’t be able to look.

If a terrorist is suspected of having contacts inside the United States, the NSA can query a database that contains the metadata of every phone call made in the U.S. going back five years.

Working solely at the level of identifier, the software alerts him whether the first and second-degree contacts are “known pirates.” Given that the analyst is working on EO 12333 collected data, these targets do not have to have been reviewed for Reasonable Articulable Suspicion that they are pirates. But the system identifies them as such.

And, while this is more subtle, Benitez at least portrays the chaining process to move immediately onto “known Target B,” suggesting he may recognize precisely who that pirate is upon seeing the identifier.

I mocked the 60 Minutes piece for — among other things — showing us EO 12333 contact chaining to allay our concerns about the Section 215 phone dragnet.

But even with Section 215 dragnet, the NSA itself admits analysts might immediately recognize the identity of those they are contact chaining. This passage appears in one of their training programs on the process (see page 20).

So, for example, if you run a BR or PR/TT query on a particular RAS-approved e-mail identifier and it returns information that depicts identifier A, the RAS-approved see, was in direct contact with identifier B and the source of the metadata is BR or PR/TT, then just the fact that identifier A is communicating with identifier B is considered a BR or PR/TT query result.

[snip]

So if you knew that identifier A belonged to Joe and Identifier B belonged to Sam, and the fact of that contact was derived from BR or PR/TT metadata, if you communicate orally or in writing that Joe talked to Sam, even if you don’t include the actual e-mail account or telephone numbers that were used to communicate, this is still a BR or PR/TT query result.

To guard against an analyst immediately telling colleagues who aren’t phone dragnet cleared, the NSA makes it clear she shouldn’t just call them and say Joe and Sam have been chatting.

That risk exists because the analyst “knew that identifier A belonged to Joe and Identifier B belonged to Sam” — she knew who she was chaining off of.

This is not all that surprising. If you work with a phone number or email address enough, you’re going to recognize it as the identity of the person who uses it.

Yet it does suggest analysts get enough context — either through the target identifiers they use to target someone in the first place, or from accessing the content of the communications they chain off of — to “know” the identities of some the people that come up in contact chains.

We would expect them to have this context. It surely makes their analysis better informed.

But given that they do have this context, it is completely misleading for the NSA to claim they don’t know the identity of the people they’re contact chaining.

Richard Clarke Alludes to the Real Costs of the Dragnet

/10 Comments/in , /by

New America Foundation did a study of 225 terrorist plots to try to discern the source of the investigation. There are numerous obvious flaws to the study — many of which stem from the government’s own efforts to obscure the sources of what they do, some of which stem from a lack of awareness about how the government responded to other tips by collecting more NSA intelligence, some of which stem from ignoring the dragnet that existed in illegal form before the FISC-approved one.

With those caveats, NAF finds what has been reported for months: only the Basaaly Moalin’s provision of less than $10,000 to al-Shabaab stemmed from the phone dragnet.

Which provides the WaPo with another opportunity to report this as news. I’ll take it: any little bit helps!

WaPo and NAF also report what I reported 5 months ago: that the government delayed 2 months after identifying Moalin’s ties indirectly to Aden Ayro before wiretapping him. Remember, they say they need the dragnet to avoid delays in investigation.

Perhaps the most interesting part of WaPo’s report on this, though, are Richard Clarke’s comments. As a follow-up on the NSA Review Group’s comment on the risk to quality of life posed by the dragnet, Clarke claims the dragnet would still be too intrusive if it had contributed to every plot.

“Although we might be safer if the government had ready access to a massive storehouse of information about every detail of our lives, the impact of such a program on the quality of life and on individual freedom would simply be too great,” the group’s report said.

Said Clarke: “Even if NSA had solved every one of the [terrorist] cases based on” the phone collection, “we would still have proposed the changes.”

This is actually a fairly stunning comment (and not one, I suspect, Mike Morell, who is also quoted, would support). Even if the dragnet had identified every potential terrorist plot, Clarke says, it would still be too intrusive.

I think the dragnet is plenty intrusive — and I think plenty of the ways it infringes on privacy are those not accounted in NAF’s analysis (such as the use of the dragnet to pick targets for informants or conduct back door searches). Still: to suggest the dragnet would not be worth every single one of these leads?