Colleen Kollar-Kotelly Ate the Serpent’s Fruit of Judicial “Oversight” in Lieu of Law

/8 Comments/in , /by

Sometime next week, I will have a post on what known documents the government chose not to release in yesterday’s dump — a significant chunk, for example, almost certainly show how the dragnet programs are tied inextricably to the content programs.

But for now, we’re getting increased clarity on the phone and Internet dragnet program.

One thing that seems clear is that there is no opinion authorizing the phone dragnet, as I suggested two months ago.

What passes as the government’s application for the phone dragnet — it is described as “Production to Congress of a May 23, 2006 Government Memorandum of Law,” but for a number of reasons, I have my doubts we’ve gotten even precisely that, which I’ll lay out at a future time — is dated May 23, 2006, the day before Malcom Howard approved the application. That doesn’t leave time for Howard to have written a fulsome opinion on the practice (and indeed, the timing makes me wonder whether this was approved because of urgent legal deadlines facing the telecoms). [Update: And when John Bates cites the “precedent” in his June-July 2010 opinion (75) he doesn’t cite an opinion.]

And the application makes it clear it relies on Kollar-Kotelly’s opinion as its legal justification. The first instance of doing so, tellingly, makes it clear FISC approval is designed primarily to give legal sanction for the program, not to assess whether the program actually is legal.

The Application is completely consistent with this Court’s ground breaking and innovative decision [redacted] in [redacted]. In that case, the Court authorized the installation and use of pen registers and trap and trace devices to collect bulk e-mail metadata [redacted]. The Court found that all of “the information likely to be obtained” from such collection is “relevant to an ongoing investigation to protect against international terrorism.” 50 U.S.C. § 1842(c)(2); [redacted] 25-54. The Court explained that “the bulk collection of meta data–i.e., the collection of both a huge volume and high percentage of unrelated communications–is necessary to identify the much smaller number of [redacted] communications.” Id. at 49. Moreover, as was the case in [redacted], this Application promotes both the twin goals of FISA: facilitating the foreign-intelligence collection needed to protect American lives while at the same time providing judicial oversight to safeguard American freedoms.

Let’s pause and reflect on this point for a moment.

We can now say with some certainty that a great many dragnet applications stem from the Kollar-Kotelly opinion. That’s because we have almost certainly identified the two opinions named in Claire Eagan’s opinion from earlier this year.

This Court has previously examined the issue of relevance for bulk collections. See [6 lines redacted]

While those involved different collections from the one at issue here, the relevance standard was similar. See 50 U.S.C. § 1842(c)(2) (“[R]elevant to an ongoing investigation to protect against international terrorism …. “). In both cases, there were facts demonstrating that information concerning known and unknown affiliates of international terrorist organizations was contained within the non-content metadata the government sought to obtain. As this Court noted in 2010, the “finding of relevance most crucially depended on the conclusion that bulk collection is necessary for NSA to employ tools that are likely to generate useful investigative leads to help identify and track terrorist operatives.”

An earlier reference in Eagan quotes the Kollar-Kotelly opinion directly (and the page number lines up), and while I have not found the citation from this passage in the Bates opinion also released yesterday yet (I think it may appear in the redactions on page 76), that opinion discusses relevance at length and was clearly written between 2009 and 2011. [Update: the quote appears to be a rough transcription of Bates’ cherry picked quote from Kollar-Kotelly that appears on page 9. Update 2: The quote comes from page 73, which is Bates’ own transcription of his citation of K-K, but Eagan missed the word “analytic” before tools.]

[Update] Another thing suggests the Bates opinion dates to 2010. The language in the December 2009 notice to Congress suggests ongoing problems, and includes the Internet metadata problems, whereas the February 2011 notice includes far more redacted discussion (yet still treats an active Internet metadata program.

In addition, we know from the geolocation materials that the government didn’t get an opinion dedicated to that application before they started.

DOJ advised in February 2010 that obtaining the data for the described testing purposes was permissible based upon the current language of the Court’s BR FISA order requiring the production of’ all ca11 detail records.’ It is our understanding that DOJ also orally advised the FISC, via its staff, that we had obtained a limited set of test data sampling of cellular mobility data (cell site location information) pursuant to the Court-authorized program and that we were exploring the possibility of acquiring such mobility data under the BR FISA program in the near future based upon the authority currently granted by the Court.

There are 2004, 2006, 2008, 2010, and 2013 opinions that relate to Section 215 (and, I suspect, other activities as well; updated with typo fixed). But at the very least, Kollar-Kotelly’s opinion authorized gathering substantially all the phone and (by 2010) Internet metadata in the country, as well as (starting in 2010) some subset of geolocation data).

Kollar-Kotelly, then, is the primary analysis the government has always relied on to construct maps charting the relationships of every American.

Which is why I find it so troubling that the application here is unashamed that the point of the opinion is not to assess the legality of a practice, but instead to “provid[e] judicial oversight to safeguard American freedoms.” (Side note: these opinions argue these practices are “necessary” to protect American lives, but the phone dragnet has never once done so, as far as we know, and the government has since purportedly canceled the Internet dragnet program because it was unnecessary, though that is almost certainly a lie.)

Guaranteeing the government doesn’t violate the Constitution was supposed to safeguard American freedoms. But with the Kollar-Kotelly opinion and all that follows from it, impotent oversight has came to substitute for defending the Constitution.

The “Heroes” of the Hospital Confrontation Brief the FISC

/6 Comments/in , /by

I’m going to have several posts on the documents released yesterday, starting with the Internet dragnet opinion and the phone dragnet application.

But to give those two background, I want to look at a passage in the Internet dragnet opinion, in which Colleen Kollar-Kotelly describes a fascinating briefing that she received in advance of authoring what Orin Kerr describes as a “quite strange” opinion.

After describing some declarations she received (including one from a person whose title remains redacted) and some questions she posed, she describes this briefing.

The Court also relies on information and arguments presented in a briefing to the Court on [redacted] which addressed the current and near-term threats posed by [redacted reference to Al Qaeda and others], investigations conducted by the Federal Bureau of investigation (FBI) to counter those threats, the proposed collection activities of the NSA (now described in the instant application), the expected analytical value of information so collected in efforts to identify and track operatives [redacted] and the legal bases for conducting these collection activities under FISA’s pen register/trap and trace provisions. 4

4 This briefing was attended by (among others) the Attorney General; [redacted] the DIRNSA; the Director of the FBI; the Counsel to the President; the Assistant Attorney General for the Office of Legal Counsel; the Director of the Terrorist Threat Integration Center (TTIC); and Counsel for Intelligence Policy.

That is, right at the beginning of her opinion, Kollar-Kotelly tells us that she had a briefing with:

  • AG John Ashcroft
  • [redacted]
  • DIRNSA Michael Hayden
  • FBI Director Robert Mueller
  • Counsel to the President Alberto Gonzales
  • AAG for OLC Jack Goldsmith
  • TTIC Director John Brennan
  • Counsel for OIPR James Baker

On page 30, Kollar-Kotelly seems to refer to the same redacted person again, which in the context of the reference to CIA v. Sims in that footnote, seems to suggest this is a reference to CIA Director George Tenet, which suggests the redacted author of the brief she relied on was authored by Tenet. (I leave open the more tantalizing possibility that it’s someone like Dick Cheney, but highly doubt it.)

So before she approved the use of FISA’s Pen Register to collect much of the Internet metadata in the US, she had a meeting with at least one of the villains — Alberto Gonzales — of the hospital confrontation at which DOJ refused to reauthorize the Internet metadata program that was part of the President’s illegal wiretap program, and at least three of its “heroes:” Ashcroft, Mueller, and Goldsmith.

Interestingly, this meeting does not appear — at least not described as such — in the Draft NSA IG Report description of the transition to a FISC order.

After extensive coordination, DoJ and NSA devised the PRITT theory to which the Chief Judge of the FISC seemed amenable. DoJ and NSA worked closely over the following months, exchanging drafts of the application, preparing declarations, and responding to questions from court advisers. NSA representatives explained the capabilities that were needed to recreate the Authority, and DoJ personnel devised a workable legal basis to meet those needs. In April 2004, NSA briefed Judge Kollar-Kotelly and a law clerk because Judge Kollar-Kotelly was researching the impact of using PSP-derived information in FISA applications. In May 2004, NSA personnel provided a technical briefmg on NSA collection of bulk Internet metadata to Judge Kollar-Kotelly. In addition, General Hayden said he met with Judge Kollar-Kotelly on two successive Saturdays during the summer of 2004 to discuss the on-going efforts.

Was this “briefing” one of the Saturday meetings Hayden had with FISC’s Presiding Judge?

Remember, David Kris described the genesis of the bulk collection programs this way, in a paper emphasizing the role of the Internet dragnet.

More broadly, it is important to consider the context in which the FISA Court initially approved the bulk collection. Unverified media reports (discussed above) state that bulk telephony metadata collection was occurring before May 2006; even if that is not the case, perhaps such collection could have occurred at that time based on voluntary cooperation from the telecommunications providers. If so, the practical question before the FISC in 2006 was not whether the collection should occur, but whether it should occur under judicial standards and supervision, or unilaterally under the authority of the Executive Branch.

[snip]

The briefings and other historical evidence raise the question whether Congress’s repeated reauthorization of the tangible things provision effectively incorporates the FISC’s interpretation of the law, at least as to the authorized scope of collection, such that even if it had been erroneous when first issued, it is now—by definition—correct. [my emphasis]

The Internet dragnet was illegal. At least 3 of the people who conveyed the importance of authorizing this program had said so — in very dramatic fashion — less than four months before she would do so.

And yet she wrote a memo saying it was legal.

Update, 8/12/14: This application confirms that George Tenet was the redacted declaration submitter.

The Phone Dragnet White Paper, Revisited

/8 Comments/in , /by

I made the mistake of referring to the Administration’s White Paper on the phone dragnet, which led me to do another close read of the document. Given what we know now there are several passages I find to be quite telling.

Still hiding the how and why of the first authorization

As I’ve traced, the government seems to be hiding the first authorization of the phone dragnet and may have withheld it from Congress for six months past the 2010 reauthorization of the phone dragnet.

Which is why I find it interesting the White Paper specifically admits to withholding “facts underlying its legal authorization.”

Because aspects of this program remain classified, there are limits to what can be said publicly about the facts underlying its legal authorization. This paper is an effort to provide as much information as possible to the public concerning the legal authority for this program, consistent with the need to protect national security, including intelligence sources and methods.

One fact underlying its legal authorization may well be what David Kris suggested it was: that the program was initially approved only to make Bush’s illegal program illegal.

 

The White Paper references the requirement — included as part of the FISA Amendments Act passed in 2008 — that the Administration provide all significant legal interpretations to Congress.

Although the proceedings before the FISC are classified, Congress has enacted legislation to ensure that its members are aware of significant interpretations of law by the FISC. FISA requires “the Attorney General [to] submit to the [Senate and House Intelligence and Judiciary Committees] . . . a summary of significant legal interpretations of this chapter involving matters before the [FISC or Foreign Intelligence Surveillance Court of Review (FISCR)], including interpretations presented in applications or pleadings filed with the [FISC or FISCR] by the Department of Justice and . . . copies of all decisions, orders, or opinions of the [FISC or FISCR] that include significant construction or interpretation of the provisions of this chapter.” 50 U.S.C. § 1871(a). The Executive Branch not only complied with this requirement with respect to the telephony metadata collection program, it also worked to ensure that all Members of Congress had access to information about this program and the legal authority for it. Congress was thus on notice of the FISC’s interpretation of Section 215, and with that notice, twice extended Section 215 without change.

But the Administration provide all the past decisions until August 16, 2010, two years after the law was passed. So their claim to have complied with that requirement sure seems like an attempt to cover up its failure to comply in good faith.

Just as interestingly, the White Paper separates the paragraph on complying with a requirement to provide all opinions from this one by a paragraph.

Moreover, in early 2007, the Department of Justice began providing all significant FISC pleadings and orders related to this program to the Senate and House Intelligence and Judiciary committees. By December 2008, all four committees had received the initial application and primary order authorizing the telephony metadata collection. Thereafter, all pleadings and orders reflecting significant legal developments regarding the program were produced to all four committees.

This is particularly bizarre given that they address the same topic: providing FISC orders to Congress. This makes the “thereafter”–withholding the date–comment all the more suspicious.

The non-substantive queries conducted by the techs

As I’ve reviewed repeatedly, NSA needs techs to massage the data before the analysts can use the database to lay out alleged terror networks. They also seem to work on algorithms with the data.

Which is why I find the modification of query here so interesting.

The Government cannot conduct substantive queries of the bulk records for any purpose other than counterterrorism.

It seems to be an admission that the Government can conduct non-substantive queries of the bulk records for non-CT purposes. Is that just the tech massaging or is that something else the court hasn’t authorized?

Rewriting the Guidelines to require investigative overkill

As I wrote in this post, some time after September 2008, the FISC started using the Attorney General Guidelines on Domestic Operations as FBI’s minimization procedures for Section 215.

So I found it interesting to see how the White Paper used the AGG. It starts by laying out that FBI protects the US from threats to national security and collects foreign intelligence.

Authorized Investigation. The telephony metadata records are sought for properly predicated FBI investigations into specific international terrorist organizations and suspected terrorists. Read more

The Era of Big Pen Register: The Flaw in Jeffrey Miller’s Moalin Decision

/14 Comments/in , /by

As I noted, on Thursday Judge Jeffrey Miller rejected Basaaly Moalin’s bid for a new trial based on disclosures of the Section 215 dragnet. Miller rejected the bid largely by relying on Smith v. Maryland and subsequent decisions that found no Fourth Amendment protection for pen registers.

But Miller resorts to a bit of a gimmick to dismiss Justice Sonia Sotomayor’s comments in US v. Jones.

Miller notes Sotomayor’s comments. But he points to the 170 year history of the pen register and reasons that because pen register technology is so old, they cannot be described as a “product of the so-called digital revolution,” and therefore cannot raise the kind of new privacy concerns Sotomayor had in mind.

As noted by Defendants, Justice Sotomayor stated that the recent rise of the digital era of cell phones, internet, and email communications may ultimately require a reevaluation of “expectation of privacy in information voluntarily disclosed to third parties.” Id. at 957. Defendants extrapolate from this dicta that the court should recognize that Defendant Moalin had a reasonable expectation of privacy cognizable under the Fourth Amendment that the Government would not collect either individual or aggregated metadata.

The difficulty with Defendants’ argument is twofold. First, the use of pen register-like devices – going back to Samuel Morses’s 1840 telegraph patent – predates the digital era and cannot be considered a product of the digital revolution like the internet or cell phones. See Samuel F.G. Morse, Improvement in the Mode of Communicating Information by Signals by the Application of Electro-Magnetism, U.S. Patent 1647, June 20, 1840, page 4 column 2. In short, pen register-like devices predate the internet era by about 150 years and are not a product of the so-called digital revolution – the basis for the concerns articulated by Justice Sotomayor. [my emphasis]

Now, before I pick this apart, let’s look back at an earlier move Miller made.

In assessing the Section 215 dragnet, Miller did not consider whether the collection of Moalin’s phone records as part of a database of every single American’s phone records was constitutional. Instead, he first considered Moalin’s interest in phone records not involving him, then considered Moalin’s protections in phone records involving him (this may suggest the government found Moalin on a second hop).

Defendants argue that the collection of telephony metadata violated Defendant Moalin’s First and Fourth Amendment rights. At issue are two distinct uses of telephone metadata obtained from Section 215. The first use involves telephony metadata retrieved from communications between third parties, that is, telephone calls not involving Defendants. Clearly, Defendants have no reasonable expectation of privacy to challenge any use of telephony metadata for calls between third parties. See Steagald v. United States, 451 U.S. 204, 219 (1981) (Fourth Amendment rights are personal in nature); Rakas v. Illinois, 439 U.S. 128, 133-34 (1978) (“Fourth Amendment rights are personal rights which, like some other constitutional rights, may not be vicariously asserted.”); United States v. Verdugo-Uriquidez, 494 U.S. 259, 265 (1990) (the term “people” described in the Fourth Amendment are persons who are part of the national community or may be considered as such). As noted in Steagald, “the rights [] conferred by the Fourth Amendment are personal in nature, and cannot bestow vicarious protection on those who do not have a reasonable expectation of privacy in the place to be searched.” 451 U.S. at 219. As individuals other than Defendants were parties to the telephony metadata, Defendants cannot vicariously assert Fourth Amendment rights on behalf of these individuals. To this extent, the court denies the motion for new trial.

The second use of telephony metadata involves communications between individuals in Somalia (or other countries) and Defendant Moalin. The following discusses whether Defendant Moalin, and other Defendants through him, have any reasonable expectation of privacy in telephony metadata between Moalin and third parties, including co-defendants.

In other words, Miller takes Moalin’s phone records out of the context in which they were used. In doing so, he turns an enormous database — very much the product of the “so-called digital revolution” — into two pen registers, 170 year old technology.

That move is all the more problematic given repeated Administration explanations (cited by Moalin’s defense and therefore even Miller in his ruling) that Moalin was only identified through indirect contact with an identified selector (presumed to be Somali warlord Aden Ayro).

That is, Moalin would not have been identified without using the features of the database and NSA’s chaining analysis. Moalin was identified not because a single pen register showed him to be in contact with Aden Ayro, but because a network analysis showed his contacts with someone else appeared to be of sufficient value to constitute a likely tie to Ayro himself. And that two-hop connection served either as the basis to listen to already collected conversations involving Moalin via back door searches or, by itself, the basis for probable cause to wiretap Moalin (I suspect it’s the former, and further suspect they used the fruits of that back door search to get the warrant to tap Moalin directly).

Members of the Administration have assured us, over and over, that this chaining analysis is only possible with a complete haystack. Thus, the entire haystack — the database and data analysis that are the quintessential tool of the “so-called digital revolution” — is the instrument of surveillance, not hundreds of millions of individual pen registers. And yet, in their first victory over a defendant with standing, the judge resorted to a gimmick to render that haystack back into hundreds of millions of pieces of hay again.

Update: This passage, from the Administration White Paper, is inconsistent with Miller’s treatment of the dragnet as two separate pen registers.

Although broad in scope, the telephony metadata collection program meets the “relevance” standard of Section 215 because there are “reasonable grounds to believe” that this category of data, when queried and analyzed consistent with the Court-approved standards, will produce information pertinent to FBI investigations of international terrorism, and because certain analytic tools used to accomplish this objective require the collection and storage of a large volume of telephony metadata. This does not mean that Section 215 authorizes the collection and storage of all types of information in bulk: the relevance of any particular data to investigations of international terrorism depends on all the facts and circumstances. For example, communications metadata is different from many other kinds of records because it is inter-connected and the connections between individual data points, which can be reliably identified only through analysis of a large volume of data, are particularly important to a broad range of investigations of international terrorism. [my emphasis]

Like Obi Wan, Osama bin Laden Has Come Back More Powerful Than Ever Before

/10 Comments/in , , /by

In a piece that serves only to claim we need even more invasive online surveillance because we’ve made al Qaeda more insidious than before Osama bin Laden died, Michael Hirsh tries to make Abu Musab al-Suri the new boogeyman (who, as J.M. Berger notes, may not even be alive!).

The truth is much grimmer. Intelligence officials and terrorism experts today believe that the death of bin Laden and the decimation of the Qaida “core” in Pakistan only set the stage for a rebirth of al-Qaida as a global threat. Its tactics have morphed into something more insidious and increasingly dangerous as safe havens multiply in war-torn or failed states—at exactly the moment we are talking about curtailing the National Security Agency’s monitoring capability. And the jihadist who many terrorism experts believe is al-Qaida’s new strategic mastermind, Abu Musab al-Suri (a nom de guerre that means “the Syrian”), has a diametrically different approach that emphasizes quantity over quality. The red-haired, blue-eyed former mechanical engineer was born in Aleppo in 1958 as Mustafa Setmariam Nasar; he has lived in France and Spain. Al-Suri is believed to have helped plan the 2004 train bombings in Madrid and the 2005 bombings in London—and has been called the “Clausewitz” of the new al-Qaida.

[snip]

But the agency’s opponents may not realize that the practice they most hope to stop—its seemingly indiscriminate scouring of phone data and emails—is precisely what intelligence officials say they need to detect the kinds of plots al-Suri favors.

[snip]

And the consensus of senior defense and intelligence officials in the U.S. government is that NSA surveillance may well be the only thing that can stop the next terrorist from blowing apart innocent Americans, as happened in Boston last April. “Al-Qaida is far more a problem a dozen years after 9/11 than it was back then,” [Navy Postgraduate School expert John] Arquilla says.

[snip]

Officials also say they need more intelligence than ever to determine which of the multifarious new jihadist groups is a true threat. “The really difficult strategic question for us is which one of these groups do we take on,” [Michael] Hayden says. “If you jump too quickly and you put too much of a generic American face on it, then you may make them mad at us when they weren’t before. So we are going to need a pretty nuanced and sophisticated understanding of where there these new groups are going and where we need to step up and intervene.”

Some officials suggest that to do that—to discriminate carefully between the terrorists who are directly targeting U.S. interests and those who aren’t—the United States needs to step up, not slow down, the NSA’s monitoring of potential targets. [my emphasis]

Hirsh doesn’t seem to notice it, but even while he quotes former and current architects of our counterterrorism strategy like Michael Hayden and Mike Rogers, if his tale is to be believed, you have to also believe those former and current counterterrorism leaders committed these grave counterterrorism failures:

  • Allowing no fewer than 25 failed states to flourish, especially in Yemen, Somalia, Syria, Libya, and Iraq
  • Failing to win or even establish governance in Afghanistan
  • Rendering al-Suri to Syria where he may or may not have been let free
  • Taking on Bashar al-Assad (who the article admits provided us counterterrorism support, including presumably proxy torturing al-Suri) even while not backing dictators who provide counterterrorism support during the Arab Spring
  • Abandoning Syrian rebels to Assad

Then Hirsh goes on to recite the debunked claims about how useful the Section 215 dragnet is (though curiously, he doesn’t mention Basaaly Moalin, perhaps because elsewhere Harold Koh admits that even most members of al-Shabaab aren’t members of al Qaeda, much less those who materially support al-Shabaab), how that would have (and, the implication is) and is the only thing that might have prevented 9/11.

Hirsh doesn’t even seem to notice that he repeats the claim that only NSA dragnets can prevent a Boston Marathon attack, yet NSA dragnets didn’t prevent the Boston Marathon attack.

Obviously, the whole thing is just as Mike Rogers/Michael Hayden sponsored advertisement to pass DiFi’s Fake FISA Fix (the article doesn’t address why she doesn’t just accept the status quo).

But in the process, Hirsh has instead laid out solid evidence we should never trust the people who’ve been running our war on terror for the last 12 years, because, if even a fraction of what he claims is true, they’ve actually made us far less safe.

The CIA (&etc) Money Orders

/4 Comments/in , , /by

NSL v 215Both the NYT (Charlie Savage and Mark Mazzetti) and WSJ (Siobhan Gorman, Devlin Barrett, and Jennifer Valentine-Devries) tell the same story today: the CIA is collecting bulk data on international money transfers. Given that someone has decided to deal this story to two papers at the same time, and given the number of times the Administration has pre-leaked stories to Gorman of late to increasingly spectacular effect (even making most national security journalists forget the very existence of GCHQ’s notoriously voracious taps at cable landings just off Europe) I assume this may be some kind of limited hangout.

It’s not that I doubt in the least that CIA gets and uses financial data. I don’t even doubt the government uses PATRIOT authorities to do so (as both stories assert).

But it would be unlikely that this data comes in through an FBI order and does not also get shared with Treasury and National Counterterrorism Center (if not NSA), both of which would have better infrastructure for analyzing it, and both of which we know to use such data for their known intelligence products. Indeed, in response to a question from both papers about this practice Western Union points to Treasury programs.

 A spokeswoman for one large company that handles money transfers abroad, Western Union, did not directly address a question about whether it had been ordered to turn over records in bulk, but said that the company complies with legal requirements to provide information.

“We collect consumer information to comply with the Bank Secrecy Act and other laws,” said the spokeswoman, Luella Chavez D’Angelo. “In doing so, we also protect our consumers’ privacy.”

And at WSJ a consultant to the industry points even more firmly towards Treasury.

Money-transfer companies are “highly, highly aware of their obligations under the Patriot Act,” said Robert Pargac, a director in global investigations and compliance at Navigant Consulting Inc. who has worked at several such companies. Western Union said last month it would be spending about 4% of its revenue in 2014 on compliance with rules under the Patriot Act, the Treasury Department’s Office of Foreign Assets Control and other anti-money-laundering and terrorist-financing requirements.

We know that, at least until 2008, the FBI maintained that it could share materials that came in through Section 215 with any agency so long as that agency asserted it had a need for the information, and there’s little reason to believe the FBI has changed that policy. So I would assume at least Treasury and NCTC gets this data as well. It may be all this story indicates is that — as they do with much Section 702 data — CIA gets its own access to the data. That’s a minimization story, not a collection story, because we’ve known this data was collected (as WSJ points out).

Then there’s the evidence both papers point to to show that this is a Section 215 program. Read more

Basaaly Moalin Denied New Trial

/in , /by

As I noted the other day, Basaaly Moalin argued for a new trial Wednesday, arguing that disclosures that his entire prosecution stems from indirect phone contacts with a Somali warlord under the Section 215 phone dragnet program raises questions about the validity of the evidence used to convict him.

One day after that hearing, Judge Jeffrey Miller denied Moalin a new trial.

Miller argues that the all the new disclosures about the phone dragnet present no new issues in the trial. He even suggests the multiple discussions of Moalin’s case in testimony before Congress and the documents released by the government may not be admissible (even though he relies on the most recent FISC order, which addresses the program as it exists now, not as it exists in 2007 when FBI was tipped to Moalin).

Setting aside the issue of admissibility of the public revelations of the NSA program of securing telephone metadata, the public disclosure of the NSA program adds no new facts to alter the court’s FISA and CIPA rulings. Because the court has already considered and addressed many of the FISA and CIPA arguments from a federal and constitutional law perspective, the present motion is akin to a motion for reconsideration.

Given the Judge’s quick turnaround, it’s clear he had no intention of granting a new trial, regardless of what Moalin presented yesterday. Miller determined that the phone dragnet was proper in secret a year ago — based on what I am certain was impartial information — and he refuses to consider the possibility that his determination was incorrect.

I will look closer at Miller’s thinking later today — while his legal analysis is better than, say, Claire Eagan’s, there are still at least two obvious holes in his analysis.

But for the moment, realize that the government has won the ability to base an entire conviction off even indirect phone contacts identified via the phone dragnet.

I suspect we’ll see this case again at the 9th Circuit.

DiFi’s Circular Defense of the Phone Dragnet’s Legality Proves It Is Illegal

/15 Comments/in , /by

In the report on her own Fake FISA Fix, DiFi makes this case that the phone dragnet program is not illegal.

First, in reference to the call records program, some people will say that the FISA Improvements Act codifies an illegal program. It does not. This legislation does not provide any new legislative authority with which the government may acquire call records or any other information under Section 215—in fact, it narrows the existing authority for it. Section 2 of the FISA Improvements Act clearly prohibits the use of the Business Records authority to collect bulk communication records except through the supplemental procedures and restrictions required by this section, as are detailed in this report.

As part of this previously classified program, in 2006, the Department of Justice sought approval from the FISA Court to collect call records in large number under the Section 215 Business Records provision. The FISA Court approved that request, and has reviewed and renewed that authority every 90 days for the past seven years. These renewal applications have been approved by at least 15 different federal court judges selected by the Chief Justice of the United States to serve on this Court.

The Department of Justice’s legal analysis of the call records program has recently been publicly released, as have the two most recent opinions by the FISA Court as part of the reauthorization of the program every 90 days.

Critics of the program may dispute the legal reasoning, but there should be no disagreement that this program currently is authorized under law and has been determined to be legal and Constitutional by the Executive and Judicial branches. [my emphasis]

Her rebuttal that this doesn’t codify the program is pretty funny given that just 1 paragraph earlier she talks about “codifying existing privacy protections,” which is the equivalent claim.

I’m more interested in what she doesn’t address.

She lays out how DOJ applied for and got authorization to collect this data in 2006 (she doesn’t say what date).

She points to two FISC court opinions — the one that forgot to address Jones and the one that cleaned up that obvious error — and the Administration White Paper. And she claims that’s “the legal reasoning.”

But of course, it’s not. There was either legal reasoning dated February 24, 2006 that they’re hiding, or there was an absence of legal reasoning, which ought to be a major giveaway in either case.

Moreover, all three documents DiFi points to as “the legal reasoning” suffer from a critical flaw. They all point to Congress’ “fully informed” reauthorization of the law to justify the validity of the law today.

But that “fully informed” reauthorization didn’t happen.

Indeed, DiFi’s own comments on the Fake FISA Fix twice tacitly admit that, when she notes that every member of the Senate got a chance to read notice on the dragnet, while remaining silent about the House.

In addition, information concerning the bulk telephone metadata program has been made available to every member of the Senate prior to the reauthorization of Section 215, most recently in 2011.

[snip]

For example, the NSA telephone metadata program was approved by federal judges and overseen by Congress, where every member of the Senate had access to information concerning how the programs were conducted and an opportunity to voice objections and debate their efficacy.

The White Paper goes even further. It obliquely admits not just that Mike Rogers refused to allow the House to learn about the dragnet before they voted on it.

An updated version of the briefing paper, also recently released in redacted form to the public, was provided to the Senate and House Intelligence Committees again in February 2011 in connection with the reauthorization that occurred later that year. See Letter from Assistant Attorney General Ronald Weich to the Honorable Dianne Feinstein and the Honorable Saxby Chambliss, Chairman and Vice Chairman, Senate Select Committee on Intelligence (Feb. 2, 2011); Letter from Assistant Attorney General Ronald Weich to the Honorable Mike Rogers and the Honorable C.A. Dutch Ruppersberger, Chairman and Ranking Minority Member, House Permanent Select Committee on Intelligence (Feb. 2, 2011). The Senate Intelligence Committee made this updated paper available to all Senators later that month. See Letter from Sen. Diane Feinstein and Sen. Saxby Chambliss to Colleagues (Feb. 8, 2011). [my emphasis]

But it also, even more obliquely, admits that the Executive did not provide the legal reasoning in question until August 16, 2010, after PATRIOT was reauthorized the first time.

Moreover, in early 2007, the Department of Justice began providing all significant FISC pleadings and orders related to this [Section 215] program to the Senate and House Intelligence and Judiciary committees. By December 2008, all four committees had received the initial application and primary order authorizing the telephony metadata collection. Thereafter, all pleadings and orders reflecting significant legal developments regarding the program were produced to all four committees. [my emphasis]

So to sum up DiFi’s legal defense of the dragnet:

  1. Three documents say it is legal
  2. All 3 documents say it is legal largely because Congress has reauthorized a previously legally suspect program
  3. One of those 3 documents that says it is legal because Congress reauthorized a legally suspect program admits (obliquely) that Congress was not fully informed either time it reauthorized that suspect program
  4. DiFi’s document pointing to these 3 documents claiming it is legal because Congress reauthorized a legally suspect program also admits Congress was not fully informed when it reauthorized that suspect program

I’m convinced! DiFi has made the case! The program does not, because of the ample notice problems in the past, fulfill the standards which the 3 documents require it would need to meet to be legal.

But it might be if her Fake FISA Fix becomes law.

If the Executive Had Followed Clear Minimization Requirements of PATRIOT, Dragnet Abuses Might Have Been Avoided

/13 Comments/in , /by

For 4 years, it has been clear that DOJ Inspector General Glenn Fine used his 2008 report on the FBI’s use of Section 215 to address how it had been used for what was then a secret program. For that reason, I want to look more closely at what he had to say about minimization.

Glenn Fine reveals how FBI minimization procedures are self-referential nonsense

As I noted, as part of a congressionally-mandated review completed in March 2008, DOJ’s Inspector General Glenn Fine reviewed whether DOJ had complied with PATRIOT Reauthorization’s requirement that the Attorney General craft minimization procedures to use with Section 215 collection.

He described how, in advance of a September 5, 2006 deadline, two parts of DOJ squabbled over what the minimization procedures should be.

Several months after enactment of the Reauthorization Act, the Office of Intelligence Policy and Review (OIPR) and the FBI — both of whom had been developing minimization procedures related to Section 215 orders — exchanged draft procedures. The drafts differed in fundamental respects, ranging from definitions to the scope of the procedures.

The fight seems to have been significantly fought between OIPR’s Counsel James Baker (who had a record of trying to get DOJ to follow the law) and FBI’s General Counsel Valerie Caproni (who got confirmed as a Federal Judge for NY this year literally at the same moment the Administration started releasing the most damning details on the dragnet).

Unresolved issues included the time period for retention of information, definitional issues of “U.S. person identifying information,” and whether to include procedures for addressing material received in response to, but beyond the scope of, the FISA Court order; uploading information into FBI databases; and handling large or sensitive data collections.

A couple of months would put this debate squarely in the time period when the first dragnet order would be signed (two months would be May 9; the first order was signed May 24).

And you can see how these issues would go squarely to the heart of whether or not the government could use Section 215 to authorize the dragnet. The dragnet introduces immediate retention issues, given that it authorizes collection on data not yet in existence; imagine if OIPR mandated an immediate search, with all non-responsive numbers to be destroyed. NSA itself treated phone numbers as “identifiers,” and yet this entire program fails to meet the most basic dissemination limits if you treat them as identifiers here. We know NSA had recurrent problem with receiving data that was beyond the scope, including credit card numbers and international data. Unloading this into the FBI database presents immense problems, given that the foreign intelligence value of a query is based on a algorithm, not more concrete evidence. And of course, Fine’s mention of the debate over “handling large or sensitive data collections” must implicate the dragnet, which is the quintessential large and sensitive data collection.

Almost the entirety of the detailed discussion of these issues is redacted.

Read more

In Which Ben Wittes Proves Ben Wittes Is NAKED

/12 Comments/in , /by

160 days ago, Jim Sensenbrenner released a letter to Eric Holder expressing concern about the way DOJ had interpreted Section 215. In it, he did some creative editing to hide that he had had an opportunity to learn about that interpretation before he voted to reauthorize the PATRIOT Act.

160 days ago, I was (I believe) the first person to point out that obfuscation.

In those 160 days, I have also documented the serial lies and obfuscations of people like Keith Alexander, James Clapper, Robert Mueller, Mike Rogers, Valerie Caproni, Dianne Feinstein, Raj De, and Robert Litt. (one, two, three, four, five, six, seven, eight, nine, ten, eleven, twelve, thirteen, fourteen, fifteen, sixteen, seventeen, eighteen, nineteen, twenty, twenty-one, twenty-two, twenty-three, twenty-four, twenty-five, twenty-six, twenty-seven, twenty-eight, twenty-nine, thirty, thirty-one, thirty-two, thirty-three; trust me, this is just a quick survey). The most recent of these lies came last week when Raj De and Robert Litt claimed Congress had been fully informed about the authorities they were voting on, a claim which the Executive Branch’s own record proves to be false.

In spite of the clear imbalance between the lies NSA critics have told and those NSA apologists have told, Ben Wittes has made it a bit of a hobby to use Sensenbrenner’s single (egregious) lie to try to discredit NSA critics (without, of course, pointing out the serial, at times even more egregious, lies NSA apologists were telling). Of late, Wittes has harangued that, because he told a lie 160 days ago, Sensenbrenner is operating in bad faith when he criticizes NSA’s programs now. (See also this post.)

I have never questioned the good faith of Senators Patrick Leahy, Ron Wyden, or Rand Paul. They are legislators with a perspective. That’s how Congress works.

Rep. James Sensenbrenner is a different matter.

Since the bulk metadata program broke, the former chairman of the House Judiciary Committee has been on a campaign of denunciation of both agency activity under the Patriot Act—the law he helped write. And he has been denouncing the administration for having misled him about how Section 215 is being used too. He has done so with a breathtaking dishonesty that puts him in a different category from those members who have a policy dispute with the administration. [my emphasis]

Mind you, Wittes did not examine the content of Sensenbrenner’s more recent claims. Had he done so, he might have realized that the record supports Sensenbrenner’s complaints, even if the messenger for those complaints might be less than perfect.

It ignored restrictions painstakingly crafted by lawmakers and assumed a plenary authority never imagined by Congress. Worse, the NSA has cloaked its operations behind such a thick cloud of secrecy that, even if our trust was restored, Congress and the American people would lack the ability to verify it.

Note, we’re still learning the full extent of how the Executive Branch blew off limits placed on the PATRIOT authorities.

Wittes might even have noted Sensenbrenner’s apparent commitment to do his own job better.

“I hope that we have learned our lesson and that oversight will be a lot more vigorous,” Sensenbrenner said.

Even ignoring Wittes’ remarkable double standard, in which he suggests Sensenbrenner’s one lie should disqualify him from speaking on this topic forever while Clapper and Alexander’s seeming addiction to lies apparently shouldn’t even be mentioned in polite company, a highly regarded expert recently laid out new evidence for why Sensenbrenner has good reason to be angry, regardless of his role in passing PATRIOT in 2001 or 2006 or 2010 or even 2011.

The expert?

Ben Wittes.

Read more