DiFi’s Fake FISA Fix: The Roamer Pre-Emergency Exigent Excuse To Be Used on Internet Content

/6 Comments/in /by

There’s one more aspect of Dianne Feinstein’s Fake FISA Fix bill that doesn’t make any sense: it’s proposed solution to the “roamer problem.”

Roamers are, at least as the NSA’s internal review explains them, when a foreign target with a GSM device (I think Keith Alexander has used the word “phone” when he describes this) — who may be targeted under either FISA Amendments Act or EO 12333 — travels into the US and NSA keeps tracking him, resulting in a violation because it means the NSA is wiretapping someone in the US without a warrant.

My sense is the NSA had tracked but never really cared about this GSM problem before Barton Gellman released an internal compliance report dating to May 2012 that revealed them. The NSA claimed to itself the problem was “largely unpreventable” (though it did commit to more research to understand it).

But now that it has been revealed as part of an eye-popping number of violations in 2011-12, NSA has proposed to fix it this way.

(f)(1) Notwithstanding any other provision of this Act, acquisition of foreign intelligence information by targeting a non-United States person reasonably believed to be located outside the United States that was lawfully initiated by an element of the intelligence community may continue for a transitional period not to exceed 72 hours from the time when it is recognized that the non-United States person is reasonably believed to be located inside the United States and that the acquisition is subject to this title or title III of this Act, provided that the head of the element determines that there exists an exigent circumstance and—

Read more

DiFi’s Fake FISA Fix Appears to Further Extend Searches on US Persons Under Section 702

/4 Comments/in /by

There’s a section of DiFi’s FakeFISAFix bill, called “Restrictions on the Querying of the Contents of Certain Communications,” that purports to put new limits on the searches of data collected under Section 702 for US person information.

(m) QUERIES.—

(1) LIMITATION ON QUERY TERMS THAT IDENTIFY A UNITED STATES PERSON.—A query of the contents of communications acquired under this section with a selector known to be used by a United States person may be conducted by personnel of elements of the Intelligence Community only if the purpose of the query is to obtain foreign intelligence information or information necessary to understand foreign intelligence information or to assess its importance.

(2) RECORD.—

(A) IN GENERAL.—For any query performed pursuant to paragraph (1) a record shall be retained of the identity of the Government personnel who performed the query, the date and time of the query, and the information indicating that the purpose of the query was to obtain foreign intelligence information or information necessary to understand foreign intelligence information or to assess its importance.

While the additional record-keeping is a significant improvement (remember, the IC has been saying they can’t even count this), I think, as it does with Section 215 searches, the language of the bill may actually expand the searches for US person content in information collected under Section 702.

As a threshold matter, the language restricting certain searches to foreign intelligence purposes only codifies the status quo. The language John Bates approved in 2011 (see page 23 and following) when he gave NSA and CIA this authority (FBI apparently already had it) limited such searches to those “reasonably likely to yield foreign intelligence information.”

In addition, this provision permits such searches for the IC in general. As far as we know for sure, only NSA, CIA, and FBI have this authority (though NCTC have recently gotten their own FISA minimization procedures which might allow them). But this language would seem to permit other agencies within the IC — say, DEA — to query 702 data for US person information as well.

Moreover, the section specifically excludes dialing, routing, and addressing information from this.

(B) CONTENT.—The term ‘content’, with respect to a communication—

(i) means any information concerning the substance, purport, or meaning of that communication; and

(ii) does not include any dialing, routing, addressing, or signaling information

While leaving this stuff out of the definition of content makes sense under the law, this would have the effect of permitting searches on Section 702 data to see if US persons were in there (to see whether a US person was in contact with the target, for example), by searching on the selector as metadata rather than content. Such searches wouldn’t require the same documentation, nor would they bear the intelligence purpose limitation (though I think Bates’ ruling would still limit that).

In other words, thus far, this section seems to create the illusion of oversight for such searches, but oversight that only covers one kind of search on US person data. Read more

It Was Verizon, with the Fiber Cable, Under the Atlantic

/12 Comments/in /by

Egads. Nate is right. The SZ report is old — from August. Folks were chatting about it, I think, in conjunction with the new attention on the 12333 collection overseas, which is why I pointed to it. Thanks for pointing it out.

Remember when former Verizon COO John Stratton accused the Internet companies of “grandstanding” for objecting to having their data stolen?

In a media briefing in Tokyo, Stratton, the former chief operating officer of Verizon Wireless, said the company is “compelled” to abide by the law in each country that it operates in, and accused companies such as Microsoft, Google, and Yahoo of playing up to their customers’ indignation at the information contained in the continuing Snowden leak saga.

Stratton said that he appreciated that “consumer-centric IT firms” such as Yahoo, Google, Microsoft needed to “grandstand a bit, and wave their arms and protest loudly so as not to offend the sensibility of their customers.”

“This is a more important issue than that which is generated in a press release. This is a matter of national security.”

Stratton said the larger issue that failed to be addressed in the actions of the companies is of keeping security and liberty in balance.

“There is another question that needs to be kept in the balance, which is a question of civil liberty and the rights of the individual citizen in the context of that broader set of protections that the government seeks to create in its society.”

Grandstand this, baby:

On Friday Germany’s Süddeutsche newspaper published the most highly sensitive aspect of this operation – the names of the commercial companies working secretly with GCHQ, and giving the agency access to their customers’ private communications. The paper said it had seen a copy of an internal GCHQ powerpoint presentation from 2009 discussing Tempora.

The document identified for the first time which telecoms companies are working with GCHQ’s “special source” team. It gives top secret codenames for each firm, with BT (“Remedy”), Verizon Business (“Dacron”), and Vodafone Cable (“Gerontic”). The other firms include Global Crossing (“Pinnage”), Level 3 (“Little”), Viatel (“Vitreous”) and Interoute (“Streetcar”). The companies refused to comment on any specifics relating to Tempora, but several noted they were obliged to comply with UK and EU law.

Not that we didn’t already know this. Mostly, I’m just surprised AT&T is not included in this list.

Dianne Feinstein Opens the Tech Back Door to the Dragnet Database Even Wider

/2 Comments/in , /by

I’ve been writing for months about the great big loophole providing access to the phone dragnet database.

Basically, the NSA needs someone to massage the dragnet data before analysts do queries on it, to take out high frequency call numbers (telemarketers and pizza joints), and probably to take out certain protected numbers, like those of Members of Congress. (Note, that the NSA has to do this demonstrates not only that all their haystack claims are false, but also leaves the possibility they’ll remove numbers that actually do have intelligence value.)

The problem of course, is that this means there is routine access to the database of all phone-based relationships in the United States that does not undergo normal oversight. We know this is a problem because we know NSA has found big chunks of this data in places where it doesn’t belong, as it discovered on February 16, 2012 when it found over 3,000 call records that had been stashed and kept longer than the 5 years permitted by the FISA Court.

As of 16 February 2012, NSA determined that approximately 3,032 files containing call detail records potentially collected pursuant to prior BR Orders were retained on a server and been collected more than five years ago in violation of the 5-year retention period established for BR collection. Specifically, these files were retained on a server used by technical personnel working with the Business Records metadata to maintain documentation of provider feed data formats and performed background analysis to document why certain contact chaining rules were created. In addition to the BR work, this server also contains information related to the STELLARWIND program and files which do not appear to be related to either of these programs. NSA bases its determination that these files may be in violation of BR 11-191 because of the type of information contained in the files (i.e., call detail records), the access to the server by technical personnel who worked with the BR metadata, and the listed “creation date” for the files. It is possible that these files contain STELLARWIND data, despite the creation date. The STELLARWIND data could have been copied to this server, and that process could have changed the creation date to a timeframe that appears to indicate that they may contain BR metadata.

The bill the Intelligence Committee passed out of committee yesterday not only codifies this practice, but exempts this practice from the explicit limits placed on other uses of this database.

Here’s how it describes this access.

(D) LIMITED ACCESS TO DATA.—Access to information retained in accordance with the procedures described in subparagraph (C) shall be prohibited, except for access—

[snip]

(iii) as may be necessary for technical assurance, data management or compliance purposes, or for the purpose of narrowing the results of queries, in which case no information produced pursuant to the order may be accessed, used, or disclosed for any other purpose, unless the information is responsive to a query authorized under paragraph (3).

Note, I’ve never seen this access described in a way that would include “narrowing the results of queries” before. I’m actually very curious why a tech would need to directly access the database, presumably after a query has already been run, to narrow it. Isn’t that contrary to the entire haystack theory?

In any case, the rest of the bill relevant to the phone dragnet effectively exempts this access from almost all of the oversight it codifies.

The requirement for a written record of the Reasonable Articulable Suspicion and identity of the person making the query does not apply (see 2 A and B). Since no record is made, the FISA Court doesn’t review these queries (6A) and these queries don’t get included in the public reporting (b)(3)(C)(i). I don’t see where the bill requires any record-keeping of this access.

The requirement that the data be kept secure specifically doesn’t apply.

SECURITY PROCEDURES FOR ACQUIRED DATA.—Information acquired pursuant to such an order (other than information properly returned in response to a query under subparagraph (D)(iii)) shall be retained by the Government in accordance with security procedures approved by the court in a manner designed to ensure that only authorized personnel will have access to the information in the manner prescribed by this section and the court’s order. [my emphasis]

And the requirement that personnel accessing the database for these purposes (4) be limited and specially trained doesn’t apply.

A court order issued pursuant to an application made under subsection (a), and subject to the requirements of this subsection, shall impose strict, reasonable limits, consistent with operational needs, on the number of Government personnel authorized to make a determination or perform a query pursuant to paragraph (1)(D)(i).

The only limit that appears to apply to the queries from this data management access of the database is the 5 year destruction.

Now, I think the FISA Court made tentative bids to limit some of the activities in 2009. But this language seems to undermine some of the controls the Court has placed on this access (including audits).

In short, in a purported bid to raise confidence about the NSA creating a database of every phone-based relationship in the United States, the Intelligence Committee has actually codified a loosening of access to the database outside the central purpose of it. It permits a range of people to access the database for vaguely defined purposes, it permits them to move that data onto less secure areas of the network, and it doesn’t appear to require record-keeping of the practice.

But what could go wrong with permitting tech personnel — people like Edward Snowden — access to data with less oversight than that imposed on analysts?

Update: Added the language from the 2012 violation to show how clueless the NSA was about finding this data just lying around and its inability to determine where it came from.

Feinstein’s Fake Fix May Expand Use of the Phone Dragnet

/7 Comments/in , /by

Dianne Feinstein and 10 other Senate Intelligence Committee members approved a bill yesterday that purports to improve the dragnet but actually does almost nothing besides writing down the rules the FISA Court already imposed on the practice.

I’ll have far more on DiFi’s Fake Fix later, but for now, I want to point to language that could dramatically expand use of the phone dragnet database, at least as they’ve portrayed its use.

Here’s how, in June, DiFi described the terms on which NSA could access the dragnet database.

It can only look at that data after a showing that there is a reasonable, articulable that a specific individual is involved in terrorism, actually related to al Qaeda or Iran. At that point, the database can be searched. [my emphasis]

Here are the terms on which her Fake Fix permits access to the database.

there was a reasonable articulable suspicion that the selector was associated with international terrorism or activities in preparation therefor. [my emphasis]

The bill passed yesterday does not require any tie to al Qaeda (or Iran!). An association with al Qaeda (and Iran!) is one possible standard for accessing the database. But it also permits use of the data if someone is “associated with activities in preparation” for international terrorism.

Does that include selling drugs to make money to engage in “terrorism”? Does that include taking pictures of landmark buildings? Does that include accessing a computer in a funny way?

All of those things might be deemed “activities in preparation” for terrorism. And this bill, as written, appears to permit the government to access the database of all the phone-based relationships in the US based not on any known association with al Qaeda (and Iran!), but instead activities that might indicate preparation for terrorism but might also indicate mild nefarious activity or even tourism crossing international borders.

What’s the Relationship Database About?

/23 Comments/in , /by

Atrios asks what the whole dragnet is about.

It’s actually a serious question. Maybe it’s just a full employment program for spooks. Maybe they just do it because they can. But the only “real” point to such an extensive surveillance system is to abuse that surveillance (the surveillance itself is already an abuse of course).

At best it’s a colossal fucking waste of money. At worst?

I actually think there are understandable answers for much of this.

Since Michael Hayden took over the NSA, contractors have assumed an increasingly dominant role in the agency, meaning you’ve got a former DIRNSA at Booz Allen Hamilton pitching future Booz VPs on solutions to keep the country safe that just happen to make them fabulously profitable and don’t happen to foreground privacy. As Thomas Drake showed, we’re pursuing the biggest and most privacy invasive solutions because contractors are embedded with the agency.

I think there’s the One Percent approach we got from Dick Cheney, that endorses maximal solutions to hunt terrorists even while avoiding any real accountability (both for past failures and to review efficacy) because of secrecy. We’re slowly beginning to wean ourselves from this Cheney hangover, but it is taking time (and boosters for his approach are well-funded and publicized).

And, at the same time, criminals and other countries have attacked our weak network security underbelly, targeting the companies that have the most political sway, DOD contractors and, increasingly, financial companies, which is setting off panic that is somewhat divorced from the average American’s security. The accountability for cybersecurity is measured in entirely different ways than it is for terrorism (otherwise Keith Alexander, who claims the country is being plundered like a colony, would have been fired years ago). In particular, there is no punishment or even assessment of past rash decisions like StuxNet. But here, as with terrorism, the notion of cost-benefit assessment doesn’t exist. And this panicked effort to prevent attacks even while clinging to offensive cyberweapons increasingly drives the overaggressive collection, even though no one wants to admit that.

Meanwhile, I think we grab everything we can overseas out of hubris we got while we were the uncontested world power, and only accelerated now that we’re losing that uncontested position. If we’re going to sustain power through coercion — and we developed a nasty habit of doing so, especially under Bush — then we need to know enough to coerce successfully. So we collect. Everything. Even if doing so makes us stupider and more reliant on coercion.

So I can explain a lot of it without resorting to bad faith, even while much of that explanation underscores just how counterproductive it all is.

But then there’s the phone dragnet, the database recording all US phone-based relationships in the US for the last 5 years. Read more

What Are NSA’s Standards for Surveilling Transnational Crime Organizations?

/13 Comments/in , /by

Yesterday, the Italian magazine Panorama claimed that the NSA had wiretapped the Vatican.

I have some questions about the veracity of the report. NSA has denied it more vigorously than other allegations of tapping world leaders. Panorama is not known to have access to the Edward Snowden documents. One key claim — that the current Pope, Jorge Mario Bergoglio, has been surveilled since 2005 — was actually sourced to WikiLeaks in the story (In addition to cables on Argentine politics, Bergoglio shows up in a 2003 cable speculating on the possibility of a Latin American Pope).

All that said, I am intrigued by this claim.

Panorama said the recorded Vatican phone calls were catalogued by the NSA in four categories – leadership intentions, threats to the financial system, foreign policy objectives and human rights.

I did a quick review of WikiLeaks cables on the Vatican (remember, these are classified at no more than the Secret level, and therefore are not going to have any intercept information in them, and they of course stop at 2010). The human rights issues pertain to interfaith dialogue and the rights of Catholics in repressive countries, the Church’s role in anti-gay laws, and allegations of anti-Semitism (this cable, on the Church prioritizing unity and thereby endorsing Holocaust denial, is one of the few Secret ones). There are fewer that relate directly to the Church’s role in the financial system; though a good many cables with “financial” content relate to Syria or, especially, Lebanon, and include the Vatican because of its influence with Christian power brokers in the region (this cable, on Syrian money laundering, was forwarded to the Vatican mission for some reason).

But there two other reasons why the Vatican might be an NSA target based on those topics: its multi-decade cover-up of pedophilia (and the impact legal investigations and settlements might have around the world), and the Vatican’s role in money laundering. The recent disclosures of Vatican money laundering suggest Iraq, Iran, and Indonesia have used the bank, as well as the Italian mafia, but given its ties to Lebanon, I wouldn’t be surprised if it were also laundering money from that country, which is another close focus of the US’ own money laundering attention.

In other words, in addition to wiretapping the Vatican because it wields special influence in countries around the world (the leadership intentions and foreign policy objectives category), the US would have reason to surveil it because of what amount to Vatican actions that make it a Transnational Criminal Organization, completely apart from matters of faith.

That is, if NSA applied its apparent mandate to track TCOs indiscriminately.

But I bet you they don’t. While I am sure they track Latin American, African, and South Asian drug networks, I’m certain they track Russian mobsters who have ties to online crime, and I’m sure they are tracking and probably have an active role in the investigation of Yakuza’s ties to big Japanese banks (most of these are either named Treasury drug kingpin or TCO targets), I also believe if the NSA tracked transnational crime organizations generally, its efforts would be shut down tomorrow.

Imagine, for example, if in addition to using Title III wiretaps (though barely) and self-disclosure and evidence generated by other financial institutions in put-back suits, the NSA used its bulk collection to track JPMC’s international transfers to see whether any of it constituted “foreign intelligence,” and from that referred any evidence of a crime to the FBI? Imagine if the NSA were stealing all of JPMC’s transfer information, even outside its access to SWIFT, to see how JPMC laundered its world-destabilizing actions through multiple jurisdictions? And both JPMC and HSBC have a known history of material support for terrorism, which certainly ought to justify such spying (noting, of course, that I think JPMC did get spied on in conjunction with the Scary Iran Plot, which may have forced FinCEN to settle with it on other outstanding sanction violation issues).

They wouldn’t even need to track JPMC and other multinational banks in the name of transnational crime and terrorism; the Sovereign Wealth Funds of the world — both of volatile Middle Eastern countries, Asian targets, but even in Europe — have effectively become foreign policy entities. Do they track what Qatar and the Emirates do with their SWFs?

As I said, I doubt it. While I suspect as this scandal develops we’ll find more and more evidence that the NSA has spied on targets selected for their financial competition with the US and UK (we’ve already seen hints they collected intelligence on the Euro versus the dollar, Brazil’s competitive position vis as vis the US, for example), I also suspect if there were ever a hint that the NSA treated JPMC or HSBC like it did other TCO targets, it would get shut down in a matter of weeks.

The Smartest European Blowback In the World

/3 Comments/in /by

For the record, I think European and Brazilian efforts to crack down on US cloud companies — especially Google — are mostly just an effort to gain further access to the data themselves and create more competitive conditions for their countries’ own companies (see an interesting development on the Google front here), here is the kind of development that will slow the expansion of the US dragnet.

AT&T Inc.’s ambitions to expand in Europe have run into unexpected hurdles amid the growing outcry across the region over surveillance by the National Security Agency. German and other European officials said any attempt by AT&T to acquire a major wireless operator would face intense scrutiny, given the company’s work with the U.S. agency’s data-collection programs.

Resistance to such a deal, voiced by officials in interviews across Europe, suggests the impact of the NSA affair could extend beyond the diplomatic sphere and damage U.S. economic interests in key markets. AT&T Chief Executive Randall Stephenson has signaled repeatedly in recent months that he is interested in buying a mobile-network operator in Europe, highlighting the potential for growth on the continent at a time when the U.S. company faces headwinds at home.

On Wall Street, many bankers, investors and analysts expect AT&T to make a bid for Vodafone Group PLC, which owns cellphone networks across Europe, as early as the first half of next year.

No matter what other efforts other countries put into place to limit the US dragnet, until they take away access to the telecom backbone and/or until private companies dramatically improve their own security, the US government is just going to take what it wants (Indeed, I have been wondering whether the US push to privatize telecoms starting as early as the 1980s served, in part, to make it easier to find “partners” in access data signals).

To allow AT&T — one of NSA’s longest, most willing partners — to become a big player in Europe would simply provide that access.

I’m mildly sorry for Google and Yahoo, particularly because they’ve had their signals stolen for years and have resisted in the NSA various ways, only some of which have been effective.

But if AT&T gets locked out of overseas expansion because it is effectively just an arm of the NSA, I will applaud.

NSA Non-Denial Denial 241,352,052

/22 Comments/in /by

Here’s the best the NSA could come up with to deny the WaPo’s report about how it steals data from Google and Yahoo overseas.

NSA has multiple authorities that it uses to accomplish its mission, which is centered on defending the nation. The Washington Post’s assertion that we use Executive Order 12333 collection to get around the limitations imposed by the Foreign Intelligence Surveillance Act and FAA 702 is not true.

NSA seems defensive about WaPo’s suggestion they used EO 12333 — if they did — for this collection. But note that David Kris suggests at least one other possibility for this “vacuum cleaner” collection, voluntary production (as well as procedures subordinate to EO 12333), so it’s possible they didn’t use EO 123333. Maybe the first line is meant to suggest at least one of these providers did cough this up voluntarily (which I think past reporting might support).

NSA then engages in the most delectable projection ever, in which it takes this comment from its biggest apologist this side of Michael Hayden, John Schindler, and suggests the WaPo made the assertion.

Intercepting communications overseas has clear advantages for the NSA, with looser restrictions and less oversight. NSA documents about the effort refer directly to “full take,” “bulk access” and “high volume” operations on Yahoo and Google networks. Such large-scale collection of Internet content would be illegal in the United States, but the operations take place overseas, where the NSA is allowed to presume that anyone using a foreign data link is a foreigner.

Outside U.S. territory, statutory restrictions on surveillance seldom apply and the Foreign Intelligence Surveillance Court has no jurisdiction. Senate Intelligence Committee Chairwoman Dianne Feinstein has acknowledged that Congress conducts little oversight of intelligence-gathering under the presidential authority of Executive Order 12333 , which defines the basic powers and responsibilities of the intelligence agencies.

John Schindler, a former NSA chief analyst and frequent defender who teaches at the Naval War College, said it was obvious why the agency would prefer to avoid restrictions where it can.

“Look, NSA has platoons of lawyers and their entire job is figuring out how to stay within the law and maximize collection by exploiting every loophole,” he said. “It’s fair to say the rules are less restrictive under Executive Order 12333 than they are under FISA.” [my emphasis]

The WaPo didn’t make the assertion, NSA’s most loyal voice on Twitter did.

Read more

Why Swim Upstream Overseas?

/12 Comments/in , /by

Screen shot 2013-10-30 at 1.23.18 PMIn 2011, when John Bates declared the existing upstream collection illegal, he didn’t stop the practice. Instead, he imposed new minimization procedures on part of the collection (just that part that included transactions including communications that were completely unrelated to the search terms used). He required that collection be segregated. And he wrung assurances from NSA they wouldn’t do things — like search on data collected via upstream collection — that they could do with data collected under PRISM.

In short, it was actually a pretty permissive ruling, allowing the NSA to continue to collecting upstream data, at least for the terms and purposes they had claimed they were using it for.

So why go to the trouble of stealing data from Google and Yahoo links overseas instead of through PRISM — a question The Switch asks here — and upstream collection here?

Obviously, one of the problem is encryption. The graphic above makes it very clear NSA/GCHQ are trying to avoid Google’s default and Yahoo’s available SSL protection. Which mean they can’t do the same kind of upstream collection on encrypted content.

Now it’s clear from the aftermath of the 2011 ruling — in the way Google and Yahoo had to invest a lot to keep responding to new orders — that PRISM collection in the US is tied in some way to that upstream collection. Julian Sanchez suggests Google and Yahoo may now be unwilling to do keyword (actually key-selector, since some of these would be code) searches. And that may be the case (though it’s hard to see how they could refuse an order requiring that, given that the telecoms were responding to similar orders).

There are a few other possibilities, though.

First, remember that NSA wanted to continue its collection practice as it existed, with no changes. It considered appealing Bates’ decision. And it resisted his demands they clean up existing illegally collected data.

So it may be they simply continued doing what they were doing by stealing this data overseas. But that would only make sense if MUSCULAR dates to 2012, when Bates imposed new restrictions.

It’s also possible some of the restrictions he imposed wouldn’t allow NSA to accomplish what it wanted to. Two possibilities are his requirement that NSA segregate this collection. Another is his refusal to let NSA search “incidentally” collected data.

A third possibility is that other FISC restrictions — such as limits on how many contact chains one could do on Internet metadata (WaPo makes it clear this collection includes metadata) — provided reason to evade FISC as well.

Finally, I wonder whether the types of targets they’re pursuing have anything to do with this. For a variety of reasons, I’ve come to suspect NSA only uses Section 702 for three kinds of targets.

  • Terrorists
  • Arms proliferators
  • Hackers and other cyber-attackers

According to the plain letter of Section 702 there shouldn’t be this limitation; Section 702 should be available for any foreign intelligence purpose. But it’s possible that some of the FISC rulings — perhaps even the 2007-8 one pertaining to Yahoo (which the government is in the process of declassifying as we speak) — rely on a special needs exception to the Fourth Amendment tied to these three types of threats (with the assumption being that other foreign intelligence targets don’t infiltrate the US like these do).

Which would make this passage one of the most revealing of the WaPo piece.

One weekly report on MUSCULAR says the British operators of the site allow the NSA to contribute 100,000 “selectors,” or search terms. That is more than twice the number in use in the PRISM program, but even 100,000 cannot easily account for the millions of records that are said to be sent back to Fort Meade each day.

Given that NSA is using twice as many selectors, it is likely the NSA is searching on content outside whatever parameters that FISC sets for it, perhaps on completely unrelated topics altogether. This may well be foreign intelligence, but it may not be content the FISC has deemed worthy of this kind of intrusive search.

That’s just a wildarsedguess. But I do think it possible FISC has already told the NSA — whether it be in the 2011 opinion, opinions tied to the Internet dragnet problems (which themselves may have imposed limits on just this kind of behavior), or on the original PAA/FAA opinions themselves — that this collection violated the Fourth Amendment.

In which case the prediction Russ Feingold made back in 2007 — “So in other words, if they don’t like what we [or the FISA Court] come up with, they can just go back to Article II” — would prove, as so many Feingold comments have, prescient.