Apple’s Transparency Numbers Suggest Claims of Going Dark Overblown

/in , /by

Apple recently released its latest transparency report for the period ending June 30, 2015. By comparing the numbers for two categories with previous reports (2H 2013, 1H 2014, 2H 2014)  we can get some sense of how badly Apple’s move to encrypt data has really thwarted law enforcement.

Thus far, the numbers show that “going dark” may be a problem, but nowhere near as big of one as, say, NY’s DA Cy Vance claims.

The easier numbers to understand are the national security orders, presented in the mandated bands.

Screen Shot 2015-09-30 at 4.34.08 PM

Since the iPhone 6 was introduced in September 2014, the numbers for orders received have gone up — one band in the second half of 2014, and two more bands in the first half of this year. Curiously, the number of accounts affected haven’t gone up that much, possibly only tens or a hundred more accounts. And Apple still gets nowhere near the magnitude of requests Yahoo does, which number over 42,000.

Equally curiously, in the last period, Apple clearly received more NatSec orders than accounts affected, which is the reverse of what other companies show (before Apple had appeared close to one-to-one). One thing that might explain this is the quarterly renewal of Pen Register orders for metadata of US persons (which might be counted as 4 requests for each account affected).

In other words, clearly NatSec requests have gone up, proportionally significantly, though Apple remains a tiny target for NatSec requests compared to the bigger PRISM participants.

The law enforcement account requests are harder to understand.

Screen Shot 2015-09-30 at 1.51.47 PM

Note, Apple distinguishes between device requests, which are often users seeking help with a stolen iPhone, and account requests, which are requests for either metadata or content associated with an account (and could even include purchase records). The latter are the ones that represent law enforcement trying to get data to investigate a user, and that what I’ve laid out the latter data here [note, I fully expect to have made some data errors here, and apologize in advance — please let me know what you see!!].

Here, too, Apple has seen a significant increase, of 23%, over the requests it got in the second half of last year. Though, note, the iPhone 6 introduction would not be the only thing that would affect this: so would, probably, the June 2014 Riley Supreme Court decision, which required law enforcement to get a warrant to access cell phones, would also lead law enforcement to ask Apple for data more often.

Interestingly, however, there were fewer accounts implicated in the requests in the last half of the year, suggesting that for some reason law enforcement was submitting requests with a slew of accounts listed for each request. Whereas last year, LE submitted an average of over 6.5 accounts per request, this year they have submitted fewer than 3 accounts per request. This may reflect LE was submitting more identifiers from the same account — who knows?

The percentage of requests where content was obtained has gone up too, from 16% in 2013 to 24% in the first period including the iPhone 6 to 30% last quarter. Indeed, over half the period-on-period increase this period may stem from an increase in content requests (that is, the 107 more requests where content was obtained in the first half of the year, which was a period in which Apple got 183 more requests overall). Still, that number, 107 more successful requests for content this year than the second half of last year, seems totally disproportionate to NYC DA Cy Vance’s claim that the NYPD was unable to access the content in 74 iPhones since the iPhone 6 was established (though note, that might represent 1 request for content from 74 iPhones).

Perhaps the most interesting numbers to compare are the number of times Apple objected (because the agency didn’t have the right kind of legal process or a signed document) and the number of times Apple disclosed no data (which would include all those times Apple successfully objected — which appears to include all those in the first number — as well as those times Apple didn’t have the account, as well as times Apple was unable to hand over the data because a user hadn’t used default iCloud storage for messages. [Update, to put this more simply, the way to find the possible number of requests where encryption prevented Apple from sharing information is to subtract the Apple objected number from the no data number.] In the second half of 2013, Apple did not disclose any data 28.5% of the time. In the first half of this year, Apple did not disclose any data in just 18.6% of requests. Again, there are a lot of reasons why Apple would not turn over any data at all. But in general, cops are getting data more of the time when they give Apple requests than they were a few years ago.

More importantly, for just 65 cases in the first half of this year and 80 cases in the second half of last year did Apple not turn over any data for a request for reasons other than some kind of legal objection — and those numbers are both lower than the two half years preceding them. Each of those requests might represent hundreds of phones, but overall it’s a tiny number. So tiny it’s tough to understand where the NYPD’s 74 locked iPhones (unless they did request data and Apple actually had it).

There’s one more place where unavailable encrypted data might show up in these numbers: in the number of specific accounts for which data was disclosed. But as a percentage, what happened this year is not that different from what happened in 2013. In the second half of 2013, Apple provided some data (and this can be content or metadata) for 57.6% of the accounts specified in requests. In the first half of this year, Apple provided some data for 51.6% of the accounts specified in requests — not that huge a difference. And of course, the second half of last year, which may be an outlier, but during much of which the iPhone 6 was out, Apple provided data for 88.5% of the accounts for which LE asked for data.

Overall, it’s very hard to see where the FBI and other law enforcement agencies are going dark — though they are having to ask Apple for content more  often (which I consider a good thing).

Update: In talking to EFF’s Nate Cardozo about Apple’s most recent report, we agreed that Apple’s new category for Emergency Requests may be one other place where iPhone data is handed over (it doesn’t exist in the reports for previous half year periods). Apple defines emergency content this way:

Table 3 shows all the emergency and/or exigent requests that we have received globally. Pursuant to 18 U.S.C. §§ 2702(b)(8) and 2702(c)(4) Apple may voluntarily disclose information, including contents of communications and customer records, to a federal, state, or local governmental entity if Apple believes in good faith that an emergency involving imminent danger of death or serious physical injury to any person requires such disclosure without delay. The number of emergency requests that Apple deemed to be exigent and responded to is detailed in Table 3.

Given the scale of Apple’s other requests, though not in the scale of cloud requests comparatively, these are significant numbers, especially for the US (107) and UK (98).

Of significant note, Apple may give out content under emergency requests.

This is more likely to be a post-Riley response than an encryption response, but still notable given the number.

TSA Security Still Not Secure But Maybe We Can Keep Our Shoes on Soon

/9 Comments/in /by

The Senate Appropriations Committee is holding a hearing to discuss results of a still secret IG audit of TSA screening, featuring testimony from both TSA Administrator Peter Neffenger (who was only confirmed in July) and DHS’s IG, John Roth.

While neither will explain the results of the audit, Roth’s testimony makes it clear the audit did not turn out very well.

Our testing was designed to test checkpoint operations in real world conditions. They were not designed to test specific, discrete segments of checkpoint operations, but rather the system as a whole. The failures included failures in the technology, in TSA procedures, and in human error. We found layers of security simply missing.

Neffenger’s testimony provided more details which make it clear TSA had been emphasizing screening speed over security, especially as passenger volume and the incentive to carry on luggage has gone up.

The team’s initial conclusion is that the screening effectiveness challenges noted by the Inspector General were not merely a performance problem to be solved solely by retraining our officers. Officer performance is but one among many of the challenges. TSA frontline officers have repeatedly demonstrated during their annual proficiency evaluations that they have the knowledge and the skill to perform the screening mission well. Nor was this principally a failure of the AIT technology. These systems have greatly enhanced TSA’s ability to detect and disrupt new and evolving threats to aviation. AIT technology continues to perform to specification standards when maintained and employed properly, and we continue to improve its detection capabilities.

The challenge can be succinctly described as a set of multi-dimensional factors that have influenced the conduct of screening operations, creating a disproportionate focus on efficiency and speed in screening operations rather than security effectiveness. These challenges range across six dimensions: leadership, technology, workforce performance, the environment, operating procedures, and system design. Of these six, strong drivers include leadership focus, environmental influences, and system design.

Pressures driven by increasing passenger volume, an increase in checkpoint screening of baggage due to fees charged for checked bags as well as inconsistent or limited enforcement of size requirements for hand-carried bags and the one bag plus one personal item (1+1) standard1 create a stressed screening environment at airport checkpoints. The challenges also include the range of complex procedures that we ask our officers to employ, resulting in cognitive overload and personnel not properly employing the technology or a specific procedure. The limitations of the technology, the systems detection standards, TSA officers’ lack of training on equipment limitations, and procedures that failed to resolve the alarms appropriately all undermined our ability to effectively screen, as noted by the Inspector General’s report.

There’s a lot in both that addresses leadership (and Roth’s testimony makes it clear he kept raising the alarm under former TSA Administrator John Pistole), so hopefully Neffenger will do better at this.

The great news is Neffenger is looking at technology that will both work more efficiently without sacrificing security. Of particular note, he says there is a way to scan for shoe explosives without forcing us to take our damn shoes off.

So maybe we’ll move away from security theater in upcoming months and years?

While We’re Investigating Intelligence Failures on Syria…

/29 Comments/in /by

For the past several weeks, we’ve had a series of stories about how the intelligence on ISIS was cooked — at least within DIA. I had grand plans to write some posts on it — to track DIA’s past recent politicization (which I think should raise some skepticism about these claims, though I find them largely credible), to how the story has developed, and to a number of things that likely aren’t even being considered in whether the intelligence is cooked (such as whether treating ISIS as a terrorist group serves an analytical disservice).

Ah well — the posts that might have been.

But amid that frenzy about politicized Syria intelligence, the Guardian reports that in 2012 Russian ambassador Vitaly Churkin offered up Bashar al-Assad as part of a proposed peace deal, purportedly at his government’s direction.

Russia proposed more than three years ago that Syria’s president, Bashar al-Assad, could step down as part of a peace deal, according to a senior negotiator involved in back-channel discussions at the time.

Former Finnish president and Nobel peace prize laureate Martti Ahtisaari said western powers failed to seize on the proposal. Since it was made, in 2012, tens of thousands of people have been killed and millions uprooted, causing the world’s gravest refugee crisis since the second world war.

Ahtisaari held talks with envoys from the five permanent members of the UN security council in February 2012. He said that during those discussions, the Russian ambassador, Vitaly Churkin, laid out a three-point plan, which included a proposal for Assad to cede power at some point after peace talks had started between the regime and the opposition.

But he said that the US, Britain and France were so convinced that the Syrian dictator was about to fall, they ignored the proposal.

[snip]

“The most intriguing was the meeting I had with Vitaly Churkin because I know this guy,” Ahtisaari recalled. “We don’t necessarily agree on many issues but we can talk candidly. I explained what I was doing there and he said: ‘Martti, sit down and I’ll tell you what we should do.’

“He said three things: One – we should not give arms to the opposition. Two – we should get a dialogue going between the opposition and Assad straight away. Three – we should find an elegant way for Assad to step aside.”

I’m not so sure I buy this was a real offer from Russia. Possibly it was a trial balloon designed to prove that on Syria, as on Libya, the western powers were lying about their ultimate goals being regime change (though obviously this was an offer to remove Assad, though not his regime).

China Matters has a lot to say about this disclosure, arguing that it confirms his observation in the wake of a July 17, 2012 terrorist attack on Assad that the US was probably partnering with al Qaeda. Those posts are well worth reading (and the potential roles of David Petraeus and Hillary Clinton in such a scheme — one which Obama temporarily halted in summer 2012, only to reconsider it in 2013 — are equally worth considering).

But here’s the other question that must be raised from this article.

What the fuck kind of intelligence failure in 2012 had everyone in the US government believing that Assad was about to fall? I mean, I get that that was the conventional wisdom at the time (a CW China Matters rightly takes on in his post). But there were plenty of people (CM is one, Moon of Alabama another, Joshua Landis another) who were predicting Assad would be able to withstand that assault. Indeed, CM argues that Assad’s ability to withstand the July 2012 decapitation strike should have been the clue.

What sources were leading both the press and US intelligence to believe Assad was going to fall?

If you buy that the Russians were willing to make a reasonable deal of some sort in 2012, then the mistaken belief Assad was about to fall has been almost as catastrophic as the intelligence failures that got us into the Iraq War in terms of deaths and dislocation. They’ve been far more damaging, at least thus far, than cooked intelligence on ISIS. That bad intelligence likely comes the same vicinity as the intelligence that said we could insert a small group of fighters in al Nusra’s vicinity without the al Qaeda affiliate responding.

Admittedly, it’s likely there has been some internal accountability for this intelligence failure. David Petraeus probably could have withstood sharing code word intelligence with his mistress, after all. And Bandar bin Sultan, who surely was in charge of this effort, lost the Saudi intelligence portfolio.

But it is likely we’re taking advice from the same people as we did then, with the same disastrous consequences. Which go far beyond fluffing US success against ISIS.

King Salman Doubles Down on the Aircraft Carrier Cruiser

/16 Comments/in /by

Friday, Saudi Arabia’s King Salman came to DC to meet with Obama, renting out the entire Four Seasons hotel in a lavish display of extravagance as our joint policies in the Middle East foster a refugee crisis in Europe.

In a joint appearance on Friday, King Salman likened this meeting to the 1945 meeting on an aircraft carrier cruiser with FDR that laid the foundation for the oil-dollar-anti-Communist axis that has dominated post-war power.

I intended to make my first official visit to the United States as a symbol of the deep and strong relationship that we have with the United States that’s indeed historical relations that go back to the day when King Abd alAziz met with President Roosevelt in 1945.

Our relationship is beneficial not only to our two countries, but to the entire world and to our region. And this is significant, and we must always affirm that and deepen such relations.

Obama was more circumspect in his comments (I’ve put the transcript below as I didn’t find it posted on the White House site), speaking of specific things he’d like to accomplish in partnership with Saudi Arabia, several of which KSA has been only lukewarm at best in supporting. The official statement was even crazier, promising that KSA and the US would work on climate change together!

The one item with which KSA surely agreed was that the US would continue to help it to “counteract[] Iran’s destabilizing activities in the region,” which is actually code for the US continuing to help KSA to extend its influence at the expense of Iran, even in spite of the fact that KSA is a more destabilizing influence in the Middle East.

So amidst a showy meeting at which the US promised to continue to side with KSA against Iran, all while paying mere lip service to fixing the humanitarian disasters that result (most urgently in Yemen), Salman pitched the meeting in geostrategic terms: the KSA would continue to exert outsized influence on world affairs because of its special relationship with the US (which of course would be impossible if the two were to work toward any positive response to climate change).

Meanwhile, al-Arabiya emphasized something else: an ambitious plan to expand commercial partnerships between the countries, masterminded in part by intelligence contractor Booz Allen Hamilton.

Saudi Arabia on Friday unveiled a giant raft of investment and partnership potential opportunities in sectors including oil and gas, civil infrastructure, and banking as part of a 21st century vision of the cooperation between the two long-term allies, sources told Al Arabiya News on Saturday.

[snip]

With the Saudi government ramping up investment in free zones, roads, and communication networks, the kingdom will soon “aim to employ and rely completely on U.S. construction companies,” sources told Al Arabiya News.

The proposals were based on studies conducted by leading business and technology consultants, including Booz Allen Hamilton and BCG.

I’m interested in this because of the way in which joint economic partnership have formed the core of relations between KSA and the US — which was based on, and largely replaced, a similar partnership with Iran. It’s partly a vehicle for laundering petrodollars. It always pretended to be about bringing development to KSA. But it also seems to be about ensuring US bodies were present and exposed in the region, in case anything goes haywire.

As I’ve noted, back in 2013, the US prematurely extended the current version of that agreement when Mohammed bin Nayef came to welcome in Obama’s second-term cabinet. State was coy about releasing the terms of the agreement (underlying documents of which may show curious reporting structures for Americans in KSA), but eventually they did release what I suspect is a now-outdated agreement that nevertheless extends for 10 years (to 2023).

None of this is surprising. To placate the Saudis specifically, and the Gulf states generally, Obama is at least claiming he will sustain the preferential relationship with them, ignoring the damage that results. He is reassuring the Saudis they’ll continue to be our favored petro-weapon — we won’t pull a switcheroo like we did to the Iranians in 1976. And in response, Salman will bless the Iranian agreement (all while heating up the arms war in the Middle East that will expand instability).

But it is worth noting how Salman wants this to be perceived: as a continuation of KSA’s ability to demand idiotic interventions from the US at its behest.

Update: Corrected cruiser for carrier, per b.

PRESIDENT OBAMA: Well, it’s a great pleasure to welcome His Majesty, King Salman, to the Oval Office. This is the latest of several meetings that I’ve had with His Majesty. And the fact that he has chosen to take this first visit to the United States is indicative of the longstanding friendship between the United States and Saudi Arabia.

This is obviously a challenging time in world affairs, particularly in the Middle East, and so we expect this to be a substantive conversation across a wide range of issues. We share a concern about Yemen and the need to restore a functioning government that is inclusive and that can relieve the humanitarian situation there.

We share concerns about the crisis in Syria, and we’ll have the opportunity to discuss how we can arrive at a political transition process within Syria that can finally end the horrific conflict there.

We continue to cooperate extremely closely in countering terrorist activity in the region and around the world, including our battle against ISIL. And we’ll discuss the importance of effectively implementing the deal to ensure that Iran does not have a nuclear weapon, while counteracting its destabilizing activities in the region.

We’ll also have an opportunity to discuss the world economy and energy issues. And I look forward to continuing to deepen our cooperation on issues like education and clean energy and science and climate change because His Majesty is interested, obviously, ultimately in making sure that his people, particularly young people, have prosperity and opportunity into the future. And we share those hopes and those dreams for those young people, and I look forward to hearing his ideas on how we can be helpful.

So, Your Majesty, welcome, and let me once again reaffirm not only our personal friendship but the deep and abiding friendship between our two peoples.

HIS MAJESTY KING SALMAN: (As interpreted.) Thank you, Mr. President, and thank you for allowing us to enjoy your hospitality. I intended to make my first official visit to the United States as a symbol of the deep and strong relationship that we have with the United States that’s indeed historical relations that go back to the day when King Abd alAziz met with President Roosevelt in 1945.

Our relationship is beneficial not only to our two countries, but to the entire world and to our region. And this is significant, and we must always affirm that and deepen such relations. We always emphasize that we want to deepen our relations and further our cooperation in all fields.

As you know, Mr. President, our economy is a free economy, and therefore we must allow opportunities for businesspeople to exchange opportunities, because if people see that there are common interests, they will further themselves the relations between them. And our relationship must be beneficial to both of us, not only on the economic field but on the political and military and defense field, as well.

Once again, Mr. President, I’m happy to come to a friendly country to meet a friend. And we want to work together for world peace. Our region must achieve stability, which is essential for the prosperity of its people. And in our country, thank God we are prosperous, but we want prosperity for the entire region. And we are willing to cooperate with you in order to achieve that.

Thank you, Mr. President, for your hospitality. And I look forward to seeing you in Riyadh and seeing American officials coming to see us in Riyadh, and also Saudi officials coming to the United States.

PRESIDENT OBAMA: Thank you very much, everybody.

More Details on the Tres Marias Ambush

/4 Comments/in , /by

Matthew Aid linked to FOIAed State Department documents on the ambush of two intelligence officials in August 2012 (the documents were actually released to John Dyer in 2014).

They provide a number of interesting new details about the assault (see my earlier coverage here, here, here, and here).

  • Although the State Department hesitated to use the word “ambush” publicly for some time after the event, internal documents used that term immediately
  • The Federal Police — the same people who conducted the ambush! — brought the Americans to a hospital in Cuernavaca, though there were also army and navy individuals present (note, there had been a shooting in Cuernavaca the previous day)
  • There were 152 shots fired at the American car — far more than reported in initial reports; 40% of those were focused on the front seat windows, which not only (according to a cable) are the most vulnerable spots in the armor on the SUV, but also happened to be where the Americans were sitting
  • There’s a reference to pictures from the phones of the “agents,” which seems to be a reference to the victims; this is the one instance where the cables drop the charade that these were general Embassy employees
  • Both DIA and CIA were copied immediately on the first cables (DEA was not copied on anything, I don’t think)
  • An early cable said that our escaping vehicle may have run over one or two of the assailants
  • Unsurprisingly, the FBI had the lead on investigating the incident from very early on, despite a public focus on Mexico’s Attorney General’s role
  • A mostly redacted cable complaining about the slow pace of the investigation includes discussion of the US refusing to provide the victims for witness testimony (remember one of the two was on Temporary Duty in Mexico, meaning they hadn’t approved him as a credentialed Embassy employee working under official cover)
  • The police commander who ordered the culprits to lie about whether they were wearing uniforms or not had been in appropriately promoted, suggesting he’s someone’s fixer

More generally, the cables seem concerned with measuring the seriousness with which President Felipe Calderón responded to the attack. For example, this partly redacted discussion relays someone’s explanation of Calderón’s instructions the day of the attack.

Screen Shot 2015-09-04 at 11.38.40 AM

Then, a cable relaying the public apology Calderón gave four days after the attack included these details, including that the apology was not in his written speech.

Screen Shot 2015-09-04 at 11.43.33 AM

A description of Ambassador Anthony Wayne’s meeting with Calderón on early September is mostly redacted (it also includes details of meetings with Mexico’s AG). That description went to — among others — CIA Director David Petraeus, as well as John Brennan (who was still in the White House). And once Enrique Peña Nieto was elected, the Americans seemed pretty enthusiastic about cooperating when them going forward rather than Calderón.

A number of the cables tie the attack closely to the Merida initiative.

 

David Petraeus, Whose Greatest Aptitude Lies in Rewriting History

/6 Comments/in , /by

As always in stories involving David Petraeus, this story about his plan to work with al Qaeda to defeat ISIS involves some rewriting or forgetting of history. There’s the fiction that what is usually called the surge but here is at least called co-opting members of al Qaeda “worked.”

The former commander of U.S. forces in Iraq and Afghanistan has been quietly urging U.S. officials to consider using so-called moderate members of al Qaeda’s Nusra Front to fight ISIS in Syria, four sources familiar with the conversations, including one person who spoke to Petraeus directly, told The Daily Beast.

The heart of the idea stems from Petraeus’ experience in Iraq in 2007, when as part of a broader strategy to defeat an Islamist insurgency the U.S. persuaded Sunni militias to stop fighting with al Qaeda and to work with the American military.

The tactic worked, at least temporarily. But al Qaeda in Iraq was later reborn as ISIS, and has become the sworn enemy of its parent organization. Now, Petraeus is returning to his old play, advocating a strategy of co-opting rank-and-file members of al Nusra, particularly those who don’t necessarily share all of core al Qaeda’s Islamist philosophy. [my emphasis]

To be fair to the Daily Beast, they call it a “tactic,” not a strategy, which is correct and part of the problem with it — it provides no path to lasting peace and can easily lead to the metastasis of new violent groups — as DB makes clear happened with the rise of al Qaeda in Iraq. The description of how Petraeus engaged the Sons of Iraq also neglects to mention the financial payoff, which seems important both to understand the play but also its limitations. Thus far, though, DB at least hints as why Petraeus’ plan is so batshit crazy.

Then there’s the silence in the story about how every attempt to train allied troops that Petraeus has been involved with has turned to shit: Iraq, Afghanistan, Libya. That seems worth mentioning.

But I’m most interested in this claim:

Petraeus was the CIA director in early 2011 when the Syrian civil war erupted. At the time, he along with then Secretary of State Hillary Clinton and Defense Secretary Leon Panetta reportedly urged the Obama administration to work with moderate opposition forces. The U.S. didn’t, and many of those groups have since steered toward jihadist groups like the Nusra Front, which are better equipped and have had more success on the battlefield.

While it is true that Obama did not systematically arm rebels in Syria in 2011, it is also a public fact that the CIA was watching (and at least once doing more than that) Qatar and Saudi Arabia move arms from Libya before Petraeus’ departure in 2012, and Obama approved a covert finding to arm “moderate” rebels in April 2013, with CIA implementing that plan in June.

That’s all public and confirmed.

So how is it that we once again are pretending that the CIA — the agency Petraeus led as it oversaw a disastrous intervention in Libya that contributed to radicalization both there and in Syria — didn’t arm purported moderates who turned out not to be?

In other words, the story here should be, “David Petraeus, after overseeing a series of failed training efforts and covert efforts that led to increased radicalization, wants to try again.”

Which would make it even more clear how crazy this idea is.

John Yoo’s Assistance in Starting Iraq War Might Help Obama Avoid an Iran War

/16 Comments/in , , , , /by

Last week, Steven Aftergood released a January 27, 2003 OLC memo, signed by John Yoo, ruling that the Executive Branch could withhold WMD information from Congress even though 22 USC § 3282 requires the Executive to brief the Foreign Relations committees on such information. I had first noted the existence of the memo in this post (though I guessed wrong as to when it was written).

The memo is, even by Yoo’s standards, inadequate and poorly argued. As Aftergood notes, Yoo relies on a Bill Clinton signing statement that doesn’t say what he says it says. And he treats briefing Congress as equivalent to public disclosure.

Critically, a key part of the Yoo’s argument relies on an OLC memo the Reagan Administration used to excuse its failure to tell Congress that it was selling arms to Iran.

Fourth, despite Congress’s extensive powers under the Constitution, Its authorities to legislative and appropriate cannot constitutionally be exercised in a manner that would usurp the President’s authority over foreign affairs and national security. In our 1986 opinion, we reasoned that this principle had three important corollaries: a) Congress cannot directly review the President’s foreign policy decisions; b) Congress cannot condition an appropriation to require the President to relinquish his discretion in foreign affairs; and c) any statute that touches on the President’s foreign affairs power must be interpreted, so as to avoid constitutional questions, to leave the President as much discretion as possible. 10 Op. O.L.C. at 169-70.

That’s one of the things — a pretty central thing — Yoo relies on to say that, in spite of whatever law Congress passes, the Executive still doesn’t have to share matters relating to WMD proliferation if it doesn’t want to.

Thus far, I don’t think anyone has understood the delicious (if inexcusable) irony of the memo — or the likely reasons why the Obama Administration has deviated from its normal secrecy in releasing the memo now.

This memo authorized the Executive to withhold WMD information in Bush’s 2003 State of the Union address

First, consider the timing. I noted above I was wrong about the timing — I speculated the memo would have been written as part of the Bush Administration’s tweaks of Executive Orders governing classification updated in March 2003.

Boy how wrong was I. Boy how inadequately cynical was I.

Nope. The memo — 7 shoddily written pages — was dated January 27, 2003.The day the White House sent a review copy of the State of the Union to CIA, which somehow didn’t get closely vetted. The day before Bush would go before Congress and deliver his constitutionally mandated State of the Union message. The day before Bush would lay out the case for the Iraq War to Congress — relying on certain claims about WMD — including 16 famous words that turned out to be a lie.

The British government has learned that Saddam Hussein recently sought significant quantities of uranium from Africa.

This memo was written during the drafting of the 2003 State of the Union to pre-approve not sharing WMD information known by the Executive Branch with Congress even in spite of laws requiring the Executive share that information.

Now, we don’t know — because Alberto Gonzales apparently didn’t tell Yoo — what thing he was getting pre-authorization not to tell Congress about. Here’s what the memo says:

It has been obtained through sensitive intelligence sources and methods and concerns proliferation activities that, depending upon information not yet available, may be attributable to one or more foreign nations. Due to your judgment of the extreme sensitivity of the information and the means by which it was obtained, you have not informed us about the nature of the information, what nation is involved, or what activities are implicated. We understand, however, that the information is of the utmost sensitivity and that it directly affects the national security and foreign policy interests of the United States. You have also told us that the unauthorized disclosure of the information could directly injure the national security, compromise intelligence sources and methods, and potentially frustrate sensitive U.S. diplomatic, military, and intelligence activities.

Something about WMD that another nation told us that is too sensitive to share with Congress — like maybe the Brits didn’t buy the Niger forgery documents anymore?

In any case, we do know from the SSCI Report on Iraq Intelligence that an INR analyst had already determined the Niger document was a forgery.

On January 13, 2003, the INR Iraq nuclear analyst sent an e-mail to several IC analysts outlining his reasoning why, “the uranium purchase agreement probably is a hoax.” He indicated that one of the documents that purported to be an agreement for a joint military campaign, including both Iraq and Iran, was so ridiculous that it was “clearly a forgery.” Because this document had the same alleged stamps for the Nigerien Embassy in Rome as the uranium documents, the analyst concluded “that the uranium purchase agreement probably is a forgery.” When the CIA analyst received the e-mail, he realized that WINP AC did not have copies of the documents and requested copies from INR. CIA received copies of the foreign language documents on January 16, 2003.

Who knows? Maybe the thing Bush wanted to hide from Congress, the day before his discredited 2003 State of the Union, didn’t even have to do with Iraq. But we know there has been good reason to question whether Bush’s aides deliberately misinformed Congress in that address, and now we know John Yoo pre-approved doing so.

This memo means Obama doesn’t have to share anything about the Iran deal it doesn’t want to

Here’s the ironic part — and one I only approve of for the irony involved, not for the underlying expansive interpretation of Executive authority.

By releasing this memo just a week before the Iran deal debate heats up, the Obama Administration has given public (and Congressional, to the extent they’re paying attention) notice that it doesn’t believe it has to inform Congress of anything having to do with WMD it deems too sensitive. John Yoo says so. Reagan’s OLC said so, in large part to ensure that no one would go to prison for disobeying Congressional notice requirements pertaining to Iran-Contra.

If you think that’s wrong, you have to argue the Bush Administration improperly politicized intelligence behind the Iraq War. You have to agree that the heroes of Iran-Contra — people like John Poindexter, who signed onto a letter opposing the Iran deal — should be rotting in prison. That is, the opponents of the Iran deal — most of whom supported both the Iraq War and Iran-Contra — have to argue Republican Presidents acted illegally in those past actions.

Me? I do argue Bush improperly withheld information from Congress leading up to the Iraq War. I agree that Poindexter and others should have gone to prison in Iran-Contra.

I also agree that Obama should be forthcoming about whatever his Administration knows about the terms of the Iran deal, even while I believe the deal will prevent war (and not passing the deal will basically irretrievably fuck the US with the international community).

A key thing that will be debated extensively in coming days — largely because the AP, relying on an echo chamber of sources that has proven wrong in the past, published an underreported article on it — is whether the inspection of Parchin is adequate. Maybe that echo chamber is correct, and the inspection is inadequate. More importantly, maybe it is the case that people within the Administration — in spite of IAEA claims that it has treated that deal with the same confidentiality it gives to other inspection protocols made with inspected nations  — know the content of the Parchin side agreement. Maybe the Administration knows about it, and believes it to be perfectly adequate, because it was spying on the IAEA, like it long has, but doesn’t want the fact that it was spying on IAEA to leak out. Maybe the Administration knows about the Parchin deal but has other reasons not to worry about what Iran was allegedly (largely alleged by AP’s sources on this current story) doing at Parchin.

The point is, whether you’re pro-Iran deal or anti-Iran deal, whether you’re worried about the Parchin side agreement or not, John Yoo gave Barack Obama permission to withhold it from Congress, in part because Reagan’s OLC head gave him permission to withhold Iran-Contra details from Congress.

I believe this document Yoo wrote to help Bush get us into the Iraq War may help Obama stay out of an Iran war.

The Things Our Allies Tell Us — Or Don’t

/9 Comments/in /by

On Friday, the NYT reported that the US was surprised that the Nusra Front attacked Division 30, which is what they’re now calling the group of US-trained “moderate rebels” who’ve only recently been inserted in Syria.

In Washington, several current and former senior administration officials acknowledged that the attack and the abductions by the Nusra Front took American officials by surprise and amounted to a significant intelligence failure.

While American military trainers had gone to great lengths to protect the initial group of trainees from attacks by Islamic State or Syrian Army forces, they did not anticipate an assault from the Nusra Front. In fact, officials said on Friday, they expected the Nusra Front to welcome Division 30 as an ally in its fight against the Islamic State.

“This wasn’t supposed to happen like this,” said one former senior American official, who was working closely on Syria issues until recently, and who spoke on the condition of anonymity to discuss confidential intelligence assessments.

As Moon of Alabama snarked, this would mean the entire national security elite is shocked, shocked that people we’ve been bombing might not welcome us afterwards.

Given how quickly the US responded to the kidnapping by promising air cover for the Division — which is all but guaranteed to suck the US far more deeply into Syria’s civil war — I don’t rule out the very cynical possibility that some within the US recognized the likelihood our rebels would be attacked, but took that as acceptable price to force the US to engage more directly.

If that’s not the case, given how unlikely it is that the entirely intelligence establishment is so stupid so as to have missed the very obvious risk to our rebels, I think it’s quite likely that the US got affirmative HUMINT from one of our partners in the region that Nusra Front would not attack. Both the Saudis and Israelis are real possibilities to have provided this intelligence, given that we rely on the Saudis for a lot of our intelligence on Sunni terrorist groups and the Israelis have been cozying up to the group. And I’m frankly agnostic whether that intelligence would have been offered cynically — again, as a ploy to suck the US further into Syria — or in good faith.

But I do think one possible explanation for the seemingly impossible claim that this attack took the US by surprise to be that we had intelligence telling us this wouldn’t happen.

Meanwhile, in another corner of the Middle East, consider the first line of this FP story revealing the intelligence community learned the Houthis were launching scud missiles into the Saudi Arabia via Twitter.

The U.S. intelligence community first learned that Yemen’s Houthi rebels had launched a Scud missile toward Saudi Arabia on June 30 not from spies on the ground or satellites in the skies, but instead from a more modern form of information gathering: Twitter.

“The first warning of that event: ‘hashtag scudlaunch,’” Marine Lt. Gen. Vincent Stewart, the head of the Pentagon’s Defense Intelligence Agency (DIA), said at a gathering of intelligence contractors just outside Washington on Thursday night. “Someone tweeted that a Scud had been launched, and that’s how we started to search for this activity.”

This also means that the intelligence community — including the CIA led by the former Station Chief to Riyadh — did not learn the Houthis were mounting a counterstrike into KSA from our close allies the Saudis. Yet the likelihood of that was readily available, even to me, via Twitter.

Again, this suggests that the intelligence we may be getting from one of our most trusted allies on the ground may not be all that useful, though in this case I think it possible the Saudis themselves have been delusional about any risk the Houthis might pose.

Whether these two incidents stem from intelligence sharing with our allies, the effect of our ignorance on both counts is that we’re going to be sucked more deeply into the region.

Evan Kohlmann: Garbage In, Garbage Out

/3 Comments/in /by

Trevor Aaronson has an important piece on one of DOJ’s several “terrorism experts,” Evan Kohlmann. He has long been mocked, to no avail, by defense attorneys working terrorism cases for his lack of credentials and his hack theories about “radicalization;” Aaronson replays some of Kohlmann’s most embarrassing moments on the stand. Even in spite of that, judges keep accepting him as an expert witness. But Aaronson describes how Josh Dratel obtained discovery about another role Kohlmann plays with the FBI.

While representing at trial Mustafa Kamel Mustafa, of the Finsbury Park Mosque in London, New York lawyer Joshua Dratel, who has security clearances, was given classified materials about Kohlmann, a witness in the Mustafa prosecution. “It was the integrity of a prosecutor who learned of [the materials] some way,” Dratel said, crediting a single Justice Department employee for providing a rare full disclosure about Kohlmann.

Dratel has reviewed the classified materials in full, but he is prohibited from discussing their contents publicly. “It’s hard to talk about it without talkingabout it,” he said.

However, the judge in the Mustafa case allowed very limited references to the contents of the classified materials during Dratel’s cross-examination of Kohlmann — providing a clue to what the government is hiding about its star terrorism expert.

“You have done more than consulting for the FBI, correct?” Dratel asked Kohlmann.

“Correct,” Kohlmann said from the witness stand.

“You have done more than act as an expert for the government, correct?” Dratel followed.

“That’s correct, yes,” Kohlmann admitted.

That’s as far as the judge would allow.

Dratel asked Kohlmann whether he had told Tarek Mehanna prosecutors (Carmen Ortiz’ office) of his “precise” relationship with the FBI, but the judge prevented Dratel from obtaining a specific answer.

“In that case, in preparing for that case, or at any time during that case, did you inform the prosecutors in that case of your precise relationship with the FBI?” Dratel continued.

“I don’t know what you mean by ‘precise,’ but the prosecutors in that case I had worked with on a previous case, and they were fully aware of the nature of my work with the FBI,” Kohlmann answered.

“No, the precise nature of your relationship with the FBI,” Dratel said, speaking cryptically due to the classified material and the limits the judge had placed on his questions.

“Objection, your Honor,” the prosecutor interrupted.

“Did you inform them?” Dratel asked Kohlmann

Aaronson doesn’t guess, but I would guess that Kohlmann gets paid by the FBI to troll jihadist forums and identify potential sting targets.

A lot of counterterrorism cases include some evidence about online discussions (sometimes in forums, sometimes on more public sites), which gets turned over as an “unsolicited tip” to FBI officers, who then engage, and — on seemingly thin evidence — obtain a FISA warrant, which then leads to further evidence to support the sting. The judge in the case may never learn the details of this unsolicited tip, particularly if she is never asked to review a FISA warrant.

Defense attorneys never learn the details of those unsolicited tips — that’s part of what the whole FISA process hides — but they would be used in the materials to the FISC.

In other words, I’m guessing that Dratel got evidence that Kohlmann is providing the raw material for FBI’s stings, based on his whackjob theory of radicalization (the reference to Mehanna’s case may mean — and this is purely speculation — Kohlmann took part in some of the same kinds of online discussions that were used to incriminate Mehanna.

If I’m right, though, it would confirm what observers — starting with former FBI Agent Mike German — have long talked about: that the government is funding an echo chamber of “experts” who create the approach to terrorism we use, then reinforce it with their purported expertise.

This insight is crucial to understanding the government’s continuing embrace of radicalization theories. Simply put, the government continues to be the primary sponsor of radicalization studies because they justify counterterrorism policies that maximize its policing powers. As Kundnani has written, “[s]cholarship that associates a particular kind of ‘disposition’, be it ‘cultural,’ ‘psychological’…, with terrorist violence enables intelligence gatherers to use that disposition as a proxy for terrorist risk and to structure their surveillance accordingly.”

Treating terrorism as the spread of an ideological infection within a vulnerable community also allows the government to put aside difficult questions about the role U.S. foreign and national security policies play in generating anti-American grievances, which the Defense Department raised in this 2004 report. Studies supporting government radicalization theories rarely mention U.S. military actions in Muslim countries, lethal drone strikes, torture, or theGuantanamo Bay prison as radicalizing influences, though many terrorist reference them in attempting to justify their actions.

The reliance on radicalization theory also provides benefits to those who support the current political, social, and financial status quo, particularly in regard to U.S. foreign policy. The support for these theories comes from a broad array of organizations.

[snip]

Neo-conservativethink-tanks, private terrorism investigators, and cyber vigilantes that typically support the maintenance of interventionist Middle East policies and aggressive counterterrorism measures also stand to benefit from the government’s reliance on radicalization theory. These self-styled experts have the appearance of independent researchers, but often serve as echo-chambers for government theories of extremist organizations and behavior. As a defense attorney explained to The Nation, “[t]hey all work for the government or they work for government-funded agencies or government-contracted projects… [a]nd so when the government calls them, they are ready sources of government-approved information.”

If Kohlmann is one of the “private terrorism investigators” German mentions — and he certainly fits the bill — then he very likely is dumping garbage of whackjob theory picked targets into the system, and then validating the same whackjob theories on the stand.

I don’t know the precise specifics of what Dratel has been alerted to, but it sure does seem like we’re closer to proving that Kohlmann and his ilk are providing Garbage In Garbage Out that drives the war on terror.

CryptoWars, the Obfuscation

/in , , /by

The US Courts released its semiannual Wiretap Report the other day, which reported that very few of the attempted wiretaps last year were encrypted, with even fewer thwarting law enforcement.

The number of state wiretaps in which encryption was encountered decreased from 41 in 2013 to 22 in 2014. In two of these wiretaps, officials were unable to decipher the plain text of the messages. Three federal wiretaps were reported as being encrypted in 2014, of which two could not be decrypted. Encryption was also reported for five federal wiretaps that were conducted during previous years, but reported to the AO for the first time in 2014. Officials were able to decipher the plain text of the communications in four of the five intercepts.

Motherboard has taken this data and concluded it means the Feds have been overstating their claim they’re “going dark.”

[N]ew numbers released by the US government seem to contradict this doomsday scenario.

[snip]

“They’re blowing it out of proportion,” Hanni Fahkoury, an attorney at the digital rights group Electronic Frontier Foundation (EFF), told Motherboard. “[Encryption] was only a problem in five cases of the more than 3,500 wiretaps they had up. Second, the presence of encryption was down by almost 50 percent from the previous year.

“So this is on a downward trend, not upward,” he wrote in an email.

Much as I’d like to, I’m not sure I agree with Motherboard’s (or Hanni Fahkoury’s) conclusion.

Here’s what the data show since 2012, which was the first year jurisdictions reported being unable to break encryption (2012; 2013):

Screen Shot 2015-07-02 at 11.07.09 AM

You’ll see lots of parenthetical entries and NRs. That’s because this data is not being reported systematically. Parenthetical references are to encrypted feeds not reported until years after they get set, and usually those have been decrypted by the time they’re reported. NRs show that we have not getting these numbers, if they exist, from federal law enforcement (and the numbers can’t be zero, as reported here, because FBI has been taking down targets like Silk Road). The reporting on this ought to raise real questions about the quality of the data being reported and perhaps might spark some interest in mandating better reporting of this data so it can be tracked. But it also suggests that — at a time when law enforcement are just beginning to find encryption they can’t break (immediately) — there’s a lot of noise in the data. Does 2013’s 2% of encrypted targets and half-percent that couldn’t be broken represent a big problem? It depends on who the target is — a point I’ll come back to.

Congress will soon have that opportunity (but won’t avail themselves of it).

Even as US Courts were reporting still very low levels of encryption challenges faced by law enforcement, both the Senate Judiciary Committee and the Senate Intelligence Committee announced hearings next Wednesday where Jim Comey will have yet another opportunity to try to present a compelling argument that he should have back doors into our communication. SJC even saw fit to invite witnesses with opposing viewpoints, which the “intelligence” committee saw no need to do.

In an apparent attempt to regain some credibility before these hearings (Jim Comey is nothing if not superb at working the media), Comey went to Ben Wittes to suggest his claimed concern with increasing use of encryption has to do with ISIS’ increasing use of encryption. Ben quotes from Comey’s earlier comments to CNN then riffs on that in light of what Comey just told him in a conversation.

“Our job is to find needles in a nationwide haystack, needles that are increasingly invisible to us because of end-to-end encryption,” Comey said. “This is the ‘going dark’ problem in high definition.”

Comey said ISIS is increasingly communicating with Americans via mobile apps that are difficult for the FBI to decrypt. He also explained that he had to balance the desire to intercept the communication with broader privacy concerns.

“It is a really, really hard problem, but the collision that’s going on between important privacy concerns and public safety is significant enough that we have to figure out a way to solve it,” Comey said.

Let’s unpack this.

As has been widely reported, the FBI has been busy recently dealing with ISIS threats. There have been a bunch of arrests, both because ISIS has gotten extremely good at the inducing self-radicalization in disaffected souls worldwide using Twitter and because of the convergence of Ramadan and the run-up to the July 4 holiday.

As has also been widely reported, the FBI is concerned about the effect of end-to-end encryption on its ability to conduct counterterrorism operations and other law enforcement functions. The concern is two-fold: It’s about data at rest on devices, data that is now being encrypted in a fashion that can’t easily be cracked when those devices are lawfully seized. And it’s also about data in transit between devices, data encrypted such that when captured with a lawful court-ordered wiretap, the signal intercepted is undecipherable.

[snip]

What was not clear to me until today, however, was the extent to which the ISIS concerns and the “going dark” concerns have converged. In his Brookings speech, Comey did not focus on counterterrorism in the examples he gave of the going dark problem. In the remarks quoted by CNN, and in his conversation with me today, however, he made clear that the landscape is changing fast. Initial recruitment may take place on Twitter, but the promising ISIS candidate quickly gets moved onto messaging platforms that are encrypted end to end. As a practical matter, that means there are people in the United States whom authorities reasonably believe to be in contact with ISIS for whom surveillance is lawful and appropriate but for whom useful signals interception is not technically feasible.

Now, Ben incorrectly blurs the several roles of FBI here. FBI’s interception of ISIS communiques may be both intelligence and law enforcement. To the extent they’re the former — to the extent they’re conducted under FISA — they won’t show up in US Courts’ annual report.

But they probably should, if Comey is to have any credibility on this front.

Moreover, Ben simply states that “there are people in the United States whom authorities reasonably believe to be in contact with ISIS for whom surveillance is lawful and appropriate.” But there’s no evidence presented to support this. Indeed, most of the so-called ISIS prosecutions have shown 1) where probable cause existed, it largely existed in the clear, in Twitter conversations and other online postings and 2) there may not have been probable cause before FBI ginned it up.

It ought to raise real questions about whether Comey’s going dark problem is a law enforcement one — with FBI being unable to to access evidence on real criminals — or is an intelligence one — with FBI being unable to access First Amendment protected speech that nevertheless may be important for an understanding of the threat ISIS poses domestically. Again, the data is not there, one way or another, but given the law enforcement data, we ought to demand real numbers for intelligence intercepts. Another pertinent question is whether this encrypted data is easily accessible to NSA (ISIS recruiters are almost entirely going to be legitimate NSA targets located overseas), but not to FBI?

And all this presumes that Comey is telling the truth about ISIS and not — as he and just about every member of the Intelligence Community has done routinely — used terror threats to be able to get authorities to wield against other kinds of threats, especially hackers (which is not to say hackers aren’t a target, just that the IC likes to pretend its authorities serve an exclusively CT purpose when they clearly do not). The law enforcement data, at least, show that even members of very sophisticated drug distribution networks are using encryption at a really low level. Is ISIS’ ability to coach potential recruits into using encrypted products on Twitter really that much better, or is Comey really talking about hackers who more obviously have the technical skills to encrypt their communications?

Thus far, Comey would have you believe that intelligence — counterterrorism — targets encrypt at a much higher rate than even drug targets. But the data also suggest even federal law enforcement (that is, Comey’s agency, among others) aren’t tracking this very effectively, and so can’t present reliable numbers.

Before we go any further in this cryptowar debate, we ought to be able to get real numbers on how serious the problem is.