Did NSA Interpret Adverse FISC Fourth Amendment Ruling as Permission to Search American Contacts?

/3 Comments/in , /by

Finally! The backdoor!

The Guardian today confirms what Ron Wyden and, before him, Russ Feingold have warned about for years. In a glossary updated in June 2012, the NSA claims that minimization rules “approved” on October 3, 2011 “now allow for use of certain United States person names and identifiers as query terms.”

A secret glossary document provided to operatives in the NSA’s Special Source Operations division – which runs the Prism program and large-scale cable intercepts through corporate partnerships with technology companies – details an update to the “minimization” procedures that govern how the agency must handle the communications of US persons. That group is defined as both American citizens and foreigners located in the US.

“While the FAA 702 minimization procedures approved on 3 October 2011 now allow for use of certain United States person names and identifiers as query terms when reviewing collected FAA 702 data,” the glossary states, “analysts may NOT/NOT [not repeat not] implement any USP [US persons] queries until an effective oversight process has been developed by NSA and agreed to by DOJ/ODNI [Office of the Director of National Intelligence].”

The term “identifiers” is NSA jargon for information relating to an individual, such as telephone number, email address, IP address and username as well as their name.

The document – which is undated, though metadata suggests this version was last updated in June 2012 – does not say whether the oversight process it mentions has been established or whether any searches against US person names have taken place.

The Guardian goes on to quote Ron Wyden confirming that this is the back door he’s been warning about for years.

Once Americans’ communications are collected, a gap in the law that I call the ‘back-door searches loophole’ allows the government to potentially go through these communications and conduct warrantless searches for the phone calls or emails of law-abiding Americans.

But the Guardian is missing one critical part of this story.

The FISC Court didn’t just “approve” minimization procedures on October 3, 2011. In fact, that was the day that it declared that part of the program — precisely pertaining to minimization procedures — violated the Fourth Amendment.

So where the glossary says minimization procedures approved on that date “now allow” for querying US person data, it almost certainly means that on October 3, 2011, the FISC court ruled the querying the government had already been doing violated the Fourth Amendment, and sent it away to generate “an effective oversight process,” even while approving the idea in general.

And note that FISC didn’t, apparently, require that ODNI/DOJ come back to the FISC to approve that new “effective oversight process.”

Consider one more thing.

As I have repeatedly highlighted, the Senate Intelligence Committee (and the Senate Judiciary Committee, though there’s no equivalent report) considered whether to regulate precisely this issue last year when extending the FISA Amendments Act.

Finally, on a related matter, the Committee considered whether querying information collected under Section 702 to find communications of a particular United States person should be prohibited or more robustly constrained. As already noted, the Intelligence Community is strictly prohibited from using Section 702 to target a U.S. person, which must at all times be carried out pursuant to an individualized court order based upon probable cause. With respect to analyzing the information lawfully collected under Section 702, however, the Intelligence Community provided several examples in which it might have a legitimate foreign intelligence need to conduct queries in order to analyze data already in its possession. The Department of Justice and Intelligence Community reaffirmed that any queries made of Section 702 data will be conducted in strict compliance with applicable guidelines and procedures and do not provide a means to circumvent the general requirement to obtain a court order before targeting a U.S. person under FISA.

But in spite of Ron Wyden and Mark Udall’s best efforts — and, it now appears, in spite of FISC concerns about precisely this issue — the Senate Intelligence Committee chose not to do so.

This strongly suggests that the concerns FISC had about the Fourth Amendment directly pertained to this backdoor search. But if that’s the case, it also suggests that none of NSA’s overseers — not the Intelligence Committees, not ODNI/DOJ, and not FISC — have bothered to actually close that back door.

Displacing the Reset with Russia

/12 Comments/in , , , , /by

As you no doubt heard yesterday, Obama called off a planned meeting with Putin after the G20 next month in response to a number of things (including Russia’s increasing persecution of gays), but largely triggered by Russia’s offer of asylum to Edward Snowden.

In addition to this piece applauding that decision, Julia Ioffe wrote up all the things about our approach to Snowden in Russia that Lawrence O’Donnell deemed unfit for MSNBC last night, which echo what I said back in June. The key bullet points are:

  • You can’t back Putin into a corner and leave him no options. If you are a world leader worth your salt, and have a good diplomatic team working for you, you would know that. You would also know that when dealing with thugs like Putin, you know that things like this are better handled quietly. Here’s the thing: Putin responds to shows of strength, but only if he has room to maneuver. You can’t publicly shame him into doing something, it’s not going to get a good response. Just like it would not get a good response out of Obama.
  • The Obama administration totally fucked this up. I mean, totally. Soup to nuts. Remember the spy exchange in the summer of 2010? Ten Russian sleeper agents—which is not what Snowden is—were uncovered by the FBI in the U.S. Instead of kicking up a massive, public stink over it, the Kremlin and the White House arranged for their silent transfer to Russia in exchange for four people accused in Russia of spying for the U.S. Two planes landed on the tarmac in Vienna, ten people went one way, four people went the other way, the planes flew off, and that was it. That’s how this should have been done if the U.S. really wanted Snowden back.

You don’t back ego-driven world leaders into corners — whether it is Putin or Obama — and succeed in achieving your goals.

All that said, Reuters reported a far more interesting development than Obama blowing off the Putin meeting yesterday. The Saudis have offered to bribe Putin to back off his support of Bashar al-Assad.

Saudi Arabia has offered Russia economic incentives including a major arms deal and a pledge not to challenge Russian gas sales if Moscow scales back support for Syrian President Bashar al-Assad, Middle East sources and Western diplomats said on Wednesday.

[snip]

Syrian opposition sources close to Saudi Arabia said Prince Bandar offered to buy up to $15 billion of Russian weapons as well as ensuring that Gulf gas would not threaten Russia’s position as a main gas supplier to Europe.

In return, Saudi Arabia wanted Moscow to ease its strong support of Assad and agree not to block any future Security Council Resolution on Syria, they said.

Finally, America’s allies (and it’s unclear how involved the US was in this deal, though Bandar usually plays nicely with us) are speaking to Putin in terms of Russia’s interests, rather than insisting Assad’s overthrow benefits everyone.

I’m especially interested in Bandar’s promise to “ensur[e] that Gulf gas would not threaten Russia’s position as a main gas supplier to Europe.” That, frankly, is probably the biggest carrot on the table here. But I can imagine no way Bandar could guarantee it (did the Qataris buy in? can Bandar control fracking in Europe? and what happens if and when the Saudis succeed in getting us to overthrow the Iranians?).

It appears the Saudis are more impressed with the meeting than Putin.

One Lebanese politician close to Saudi Arabia said the meeting between Bandar and Putin lasted four hours. “The Saudis were elated about the outcome of the meeting,” said the source, without elaborating.

[snip]

Putin’s initial response to Bandar’s offer was inconclusive, diplomats say. One Western diplomat in the Middle East said the Russian leader was unlikely to trade Moscow’s recent high profile in the region for an arms deal, however substantial.

He said Russian officials also appeared skeptical that Saudi Arabia had a clear plan for stability in Syria if Assad fell.

But it at least appears to suggest that Putin would respond to discussions that acknowledged Russia’s interests, for a change. Even if Bandar can’t yet present a plan that seems plausible.

Does Putin really have to be the grown-up in the room who points out that Syria without Assad will not be stable anytime soon?

No matter what happens with Snowden, very few have acknowledged that, in addition to details of spying on Americans, he has also mapped out the backbone of our increasingly fragile hegemony over the world.  We have responded only by ratcheting up pressure, rather than attempting persuasion.

It will be interesting to see, first, whether this Saudi initiative has any better effect. And if it does, whether we’ve been included in implementing it.

Update: Washington Institute’s Simon Henderson says we weren’t part of this scheme.

The Saudi diplomatic push shows Riyadh’s determination to force the Assad regime’s collapse, which the kingdom hopes will be a strategic defeat for Iran, its regional rival in both diplomatic and religious terms. It also reflects Riyadh’s belief, shared by its Gulf Arab allies, that U.S. diplomacy on Syria lacks the necessary imagination, commitment, and energy to succeed.

[snip]

Meanwhile, the United States is apparently standing on the sidelines — despite being Riyadh’s close diplomatic partner for decades, principally in the hitherto successful policy of blocking Russia’s influence in the Middle East. In 2008, Moscow agreed to sell tanks, attack helicopters, and other equipment to the kingdom, but the deal never went through. Instead, in 2010, Washington and Riyadh negotiated a huge $60 billion defense deal (including attack helicopters), the details of which are still being finalized. The events of the past week suggest that the U.S.-Saudi partnership — which covers regional diplomacy, the Middle East peace process, the global economy, and weapons sales — is, at best, being tested. It would be optimistic to believe that the Moscow meeting will significantly reduce Russian support for the Assad regime. But meanwhile Putin will have pried open a gap between Riyadh and Washington. The results of the latest U.S.-Russian spat will be watched closely, particularly in Saudi Arabia.

More Lies to the FISA Court

/6 Comments/in , , /by

I was pulling up something else from Ron Wyden’s site, and noticed a sentence in this release pointing out how last week’s so-called transparency dump from James Clapper actually shows the lies the Intelligence Community told to Congress. I didn’t see the first time I looked at it.

Similarly misleading statements about the bulk email records program were also made to the Foreign Intelligence Surveillance Court, though these statements unfortunately remain classified.

As I’ve noted before, John Brennan testified that he submitted CIA interrogation derived evidence to the FISA Court, almost certainly in the “scary memos” he submitted to justify the continuation of Cheney’s illegal wiretap program.

Burr: I’m still not clear on whether you think the information from CIA interrogations saved lives.  Have you ever made a representation to a court, including the FISA court, about the type and importance of information learned from detainees including detainees in the CIA detention and interrogation program?

Brennan: Ahm, first of all, in the first part of your question, as to you’re not sure whether I believe that there has been information … I don’t know myself.

Burr: I said I wasn’t clear whether I understood, whether whether I was clear.

Brennan: And I’m not clear at this time either because I read a report that calls into question a lot of the information that I was provided earlier on, my impressions. Um. There, when I was in the government as the head of the national counterterrorism center I know that I had signed out a number of um affirmations related to the uh continuation of certain programs uh based on the analysis and intelligence that was available to analysts. I don’t know exactly what it was at the time, but we can take a look at that.

Burr: But the committee can assume that you had faith if you made that claim to a court or including the FISA court, you had faith in the documents in the information that was supplied to you to make that declaration.

Brennan: Absolutely. At the time if I had made any such affirmation, i would have had faith that the information I was provided was an accurate representation. [my emphasis]

While Wyden’s hinted misrepresentations are probably more modest — probably relating to how important the information derived from the Internet metadata collection really was — it nevertheless adds to the evidence that the non-adversarial nature of the FISA Court has allowed the Executive Branch to lie to the judges who preside there.

Stewart Baker’s User Interface and Edward Snowden’s Authorities

/31 Comments/in , /by

Former NSA Counsel Stewart Baker has been in an increasingly urgent froth since Edward Snowden’s leaks first became public trying to prove that the NSA should have more, not less, unchecked authority.

He outdid himself yesterday with an attempt to respond to Jack Goldsmith’s question,

How is the NSA Director Alexander’s claim that “we can audit the actions of our people 100%” (thus providing an important check against abuse) consistent with (a) stories long after Snowden’s initial revelations that the White House does not “know with certainty” what information Snowden pilfered, (b) reported NSA uncertainty weeks after the initial disclosure about what Snowden stole, (c) Alexander’s own assertion (in June) that NSA was “now putting in place actions that would give us the ability to track our system administrators”?

Baker’s totally inadequate response consists of pointing to certain features of XKeyscore revealed by the Guardian.

Take a close look at slide 7 of the latest leaked powerpoints.

It shows a sample search for a particular email address, including a box for “justification.” The sample justification (“ct target in n africa”) provides both the foreign intelligence reason for surveillance and the location of the target. What’s more, the system routinely calls for “additional justification.” All this tends to confirm NSA’s testimony that database searches must be justified and are subject to audits to prevent privacy abuses.

Now, I don’t know about Baker, but even without a drop-down menu, the average American high schooler is thoroughly adept at substituting a valid justification (“grandmother’s funeral,” “one day flu”) for an invalid one (“surfs up!” “first day of fishing season”). I assume the analysts employed by NSA are at least as adept at feeding those in authority the answers they expect. XKeyscore just makes that easier by providing the acceptable justifications in a drop-down menu.

More problematic for Baker, he commits the same error the Guardian’s critics accuse it of committing: confusing a User Interface like XKeyscore or PRISM with the underlying collections they access. (The Guardian has repeated Snowden and Bill Binney’s claims the NSA collects everything, without yet presenting proof that that includes US person content aside from incidental content collected on legitimate targets.)

That error, for Baker, makes his response to Goldsmith totally inapt to his task at hand, answering Goldsmith’s questions about what systems administrators could do, because he responds by looking at what analysts could do. Goldsmith’s entire point is that the NSA had insufficient visibility into what people with Snowden’s access could do, access which goes far beyond what an analyst can do with her drop-down menu.

And one of the few documents the government has released actually shows why that is so important.

The Primary Order for the Section 215 metadata dragnet, released last week, reveals that technical personnel have access to the data before it gets to the analyst stage.

Appropriately trained and authorized technical personnel may access the BR metadata to perform those processes needed to make it usable for intelligence analysis. Technical personnel may query the BR metadata using selection terms4 that have not been RAS-approved (described below) for those purposes described above, and may share the results of those queries with other authorized personnel responsible for these purposes, but the results of any such queries will not be used for intelligence analysis purposes. An authorized technician may access the BR metadata to ascertain those identifers that may be high volume identifiers. The technician may share the results of any such access, i.e., the identifers and the fact that they are high volume identifers, with authorized personnel (including those responsible for the indentification and defeat of high volume and other unwanted BR metadata from any of NSA’s various metadata respositories), but may not share any other information from the results of that access for intelligence analysis purposes. In addition, authorized technical personnel may access the BR metadata for purposes of obtaining foreign intelligence information pursuant to the requirements of subparagraph (3)(C) below.

[snip]

Whenever the BR metadata is accessed for foreign intelligence analysis purposes or using foreign intelligence analysis query tools, an auditable record of the activity shall be generated.

Note, footnote 4 describing these selection terms is redacted and the section in (3)(C) pertaining to these technical personnel appears to be too.

Now, I suspect the technical personnel who access the metadata dragnet are different technical personnel than the Snowdens of the world. They’re data crunchers, not network administrators. Which only shows there’s probably a second category of person that may escape the checks in this system.

That’s because with their front-end manipulation of the dataset (though not the activities described under (3)(C)), these personnel are not conducting what are considered foreign intelligence searches of the database. The data they extract from the database is specifically prohibited (though, with weak language) from circulation as foreign intelligence information. That appears to mean their actions are not auditable. When Keith Alexander says the data is 100% auditable? You shouldn’t believe him, because his own document appears to say only the analytical side of this is audited. (The document also makes it clear that once the data has been queried, the results are openly accessible without any audit function; the ACLU had a good post on this troubling revelation.)

I suspect a lot of what these technical personnel are doing is stripping numbers — probably things like telemarketer numbers — that would otherwise distort the contact chaining. Unless terrorists’ American friends put themselves on the Do Not Call List, then telemarketers might connect them to every other American not on the list, thereby suggesting a bunch of harassed grannies in Dubuque are 2 degrees from Osama bin Laden.

But there’s also the reference to “other unwanted BR metadata.” As I’ll explain in a future post, I suspect that may be some of the most sensitive call records in the dataset.

Whatever call records get purged on the front end, though, it appears to all happen outside the audit chain that Keith Alexander likes to boast about. Which would put it well outside the world of drop-down menus that force analysts actions to conform with something that looks like foreign intelligence analysis.

In other words, even the document the government provided (with heavy redactions) to make us more comfortable about this program shows places where it probably has insufficient visibility on what happens to the data. And that’s well before you get into the ability of people who can override other technical checks on NSA behavior as system administrators.

Update: More froth from Stewart Baker. This response to my post seems to be an utter capitulation to Goldsmith’s point.

Wheeler thinks this is important because it means that the “justification” menus don’t guarantee auditability of every use of intercept data by every employee at NSA. Again, that may be true, but the important point about the “justification” menu isn’t that it offers universal protection against abuse; nothing does. [my emphasis]

“Congress Was Fully Briefed” … at the Last Minute

/1 Comment/in , , /by

On September 30, 2009, Silvestre Reyes, then the Chair of the House Intelligence Committee, requested that DOJ provide a description of the Section 215 metadata dragnet program.

Reyes sent that request 8 days after September 22, when Patrick Leahy introduced the Senate’s version of PATRIOT Act reauthorization in the Senate, arguing for new limits on both Section 215 and the Pen Register/Trap and Trace authorities then being used to collect Internet metadata.

This bill adopts the reasonable constitutional standard that I supported in 2006 for 215 orders. First, it would eliminate the presumption in favor of the government’s assertion that the records it is seeking are relevant to its investigation. This bill would require the Government to make a connection between the records or other things it seeks and a suspected terrorist or spy before it is able to obtain confidential records such as library, medical and telephone records. Section 215 orders for tangible things permit the Government to collect an even broader scope of information than NSLs. For that reason, it is critical that the Government show that the records it seeks are both relevant to an investigation and connected to at least a suspected terrorist or spy.

This bill would also establish more meaningful judicial review of Section 215 orders. First, it repeals the requirement in current law that requires a recipient of a Section 215 nondisclosure order to wait for a full year before challenging that gag order. There is no justification for this mandatory waiting period for judicial review, and this bill eliminates it. It also repeals a provision added to the law in 2006 stating that a conclusive presumption in favor of the Government shall apply where a high level official certifies that disclosure of the order for tangible things would endanger national security or interfere with diplomatic relations. These restraints on meaningful judicial review are unfair, unjustified, and completely unacceptable. I fought hard to keep these two provisions out of the 2006 reauthorization, but the Republican majority at that time insisted they be included.

This bill will strengthen court oversight of Section 215 orders by requiring court oversight of minimization procedures when information concerning a U.S. person is acquired, retained, or disseminated. Requiring FISA Court approval of minimization procedures would simply bring Section 215 orders in line with other FISA authorities–such as wiretaps, physical searches, and pen register and trap and trace devices–that already require FISA court approval of minimization procedures. This is another common sense modification to the law that was drafted in consultation with Senators FEINGOLD and DURBIN. If we are to allow personal information to be collected in secret, the court must be more involved in making sure the authorities are used responsibly and that Americans’ information and personal privacy are protected.

Finally, this bill addresses concerns over the use of pen register or trap and trace devices “pen/trap”. The bill raises the standard for pen/trap in the same manner as it raises the standard for Section 215 orders. The Government would be required to show that the information it seeks is both relevant to an investigation and connected to a suspected terrorist or spy. This section also requires court review of minimization procedures, which are not required under current law, and adds an Inspector General audit of the use of pen/trap that is modeled on the the audits of Section 215 orders and NSLs.

On October 8, the Senate Judiciary Committee started consideration of the PATRIOT Reauthorization. On October 13, a substitute bill was adopted, gutting some of these additional limits on Section 215 authority. On October 28, that bill was reported to the Senate, with a report including minority views, including a complaint from Russ Feingold, Dick Durbin, and Arlen Specter that Leahy’s new limits on Section 215 authority weren’t passed.

New sunsets, audits, reporting requirements and executive branch procedures are positive reforms, but ultimately Congress must set the rules for when the Executive Branch can use investigative tools that have implications for Americans’ privacy rights. That is why we were disappointed that the Committee rejected amendments that would have imposed stricter statutory standards for obtaining any tangible things under Section 215 of the USA PATRIOT Act and for obtaining sensitive personal records under the NSL statutes–standards that would have protected against government fishing expeditions.

The standard under current law for both authorities is mere relevance to an investigation to protect against international terrorism or clandestine intelligence activities. That is a very broad standard, which does not provide, in our view, adequate protection against unnecessary, overbroad, or otherwise inappropriate demands for records.

When the Senate Judiciary Committee passed this bill out of committee, DOJ had not yet responded to Reyes’ request.

It was only around this period that the House started on its version of bill. John Conyers submitted it on October 20, and it was reported to the House Judiciary, Intelligence, and Financial Services Committees.

On November 5, the Judiciary Committee marked up and passed the bill. On that day — 36 days after Reyes had made his request — DOJ had still not responded to Reyes’ request.

It was not until December 14, 75 days after Reyes had submitted a request tied to critical legislation, that DOJ responded to Reyes’ request.

Thank you for your letter of September 30, 2009, requesting that the Department of Justice provide a document to the House Permanent Select Committee on Intelligence (HPSCI) that describes the bulk collection program conducted under Section 215 00 the “business records” provision of the Foreign Intelligence Surveillance Act (FISA).

DOJ introduced their letter, acknowledging neither the delay nor that two crucial committees had already voted out their bill in the interim. It continued,

We agree that it is important that all Members of Congress have access to information about this program, as well as a similar bulk collection program conducted under the pen register/trap and trace authority of FISA, when considering reauthorization of the expiring USA PATRIOT Act provisions.

Four pages into the attached document, DOJ admits that the Judiciary Committees — both of which had passed out the bill by this point — had not been briefed on the compliance problems described in the document.

The cover letter to the document indicates its intent “to provide the same document to the Senate Select Committee on Intelligence (SSCI) under similar conductions [in which the intelligence committee staffers must watch as members of Congress read the document in Intelligence Committee chambers], so it may be made available to the Members of the Senate.” But unlike the 2011 version, the 2009 document includes no proof that it was actually provided.

So 75 days after the House Intelligence Chair asked for a document that even DOJ claimed to agree was important for all members of Congress to have access to, DOJ finally provided it.

Read more

James Cole: “Of Course We’d Like Records of People Buying” Pressure Cookers

/8 Comments/in , /by

Now that the Suffolk cops have revealed they investigated Michele Catalano’s family because of a tip from her husband’s former employer about his Google searches and not FBI or NSA analysis of Google data themselves, a lot of people are suggesting it would be crazy to imagine that the Feds might have found Catalano via online searches.

Which is funny. Because just a day before this story broke, this exchange happened in the Senate between Senate Judiciary Chair Patrick Leahy and Deputy Attorney General James Cole. (after 1:45, though just before this exchange Leahy asks whether DOJ could use Section 215 to obtain URLs and bookmarks, among other records, which Cole didn’t deny)

Leahy: But if our phone records are relevant, why wouldn’t our credit card records? Wouldn’t you like to know if somebody’s buying, um, what is the fertilizer used in bombs?

Cole: I may not need to collect everybody’s credit card records in order to do that.

[snip]

If somebody’s buying things that could be used to make bombs of course we would like to know that but we may not need to do it in this fashion.

This is not a surprise. It comes two years after Robert Mueller confirmed they use Section 215 to collect “records relating to the purchase of hydrogen peroxide,” a TATP precursor.

So while we may not know how the government currently collects records relating to the purchase of fertilizer, acetone, hydrogen peroxide or — yes, after Boston, probably also pressure cookers and maybe even fireworks — and we don’t know just how broadly it collects such records, we do know that “of course” DOJ “would like to know … if somebody’s buying things that could be used to make bombs.”

So just one day ago, Cole didn’t deny they could use Section 215 to get search URLs, he affirmed they would want to get records of bomb-making materials.

He just didn’t tell us how they might do those things.

If By “Plots on the Homeland” You Mean “Defense against US-Backed Invaders”

/17 Comments/in , /by

Yesterday’s declassified documents on the Section 215 (and Internet Trap and Trace) dragnets repeat something I observed about a James Clapper declaration submitted in several FOIA cases related to the program: they all redact parts of the description of what allows the government to search on an identifier. While the government is happy to tell us searches are limited to counterterrorism (and Iran), they’re still hiding some aspect of what constitutes an appropriate search.

Which is just one of the reasons I’m interested in something NSA Deputy Director John Inglis said in yesterday’s Senate Judiciary Committee hearing on the NSA’s programs. At about 1:22, he described the selector they used to find Basaaly Moalin this way:

We knew a number that we had reasonable suspicion was affiliated with a terrorist group plotting against the homeland.

This claim — that the number was not just connected to a terrorist group, but a group “plotting against the homeland” — is new, as far as I’m aware.

Remember, the terrorist group in question is al-Shabaab. Other officials have said they got this number in October 2007 and court documents show the wiretap of Moalin began in December 2007. Yet al-Shabaab wasn’t listed as a Foreign Terrorist Organization until February 2008. If they were plotting against the US in October 2007, why weren’t they listed at that point?

I’ve long assumed (though it is just an assumption) that the number in question was that of Aden Hashi Ayro, a Somali warlord whose calls with Moalin were submitted as evidence in his case. Ayro was killed by a US missile on May 1, 2008. And it’s possible the claim that the pre-FTO al-Shabaab was plotting against our “homeland” pertains to him and his alleged ties to al Qaeda.

Here’s how a June 2008 WikiLeaks cable celebrating Ayro’s death described him.

(S/NF) Senior Al-Shabaab leader and al-Qaida associate Aden Hashi Ayrow was killed May 1 during a U.S. strike. In the early 1990s, Ayrow joined the military wing of Al-Ittihad Al-Islamiya (AIAI) and traveled to Afghanistan in 1997 for unspecified training. Ayrow remained in Afghanistan for a year before returning to Somalia to participate in Jihadist activities, and returned to Afghanistan in 2001, reportedly meeting with Osama bin Laden. Ayrow emerged in the 2002/2003 timeframe as a firebrand extremist and he quickly became a rising figure in what eventually became the Shabaab. Mercurial and largely uncontrollable, he was feared for his ruthlessness and unpredictability.

(S/NF) Ayrow has been violently opposed to U.S. and western interests in East Africa. The Shabaab’s emergence as a terrorist threat in Somalia is closely linked to Ayrow’s rise to power. During the course of 2005, Ayrow’s jihadist group emerged in Mogadishu as a violent destabilizing force. He has been linked to the killing of foreign aid workers, dozens of Somalis, and BBC journalist Kate Peyton. He also was the figure largely responsible for the desecration of the Italian cemetery in Mogadishu. Ayrow’s al-Shabaab faction has also conducted suicide bombings and anti-aircraft attacks targeting Ethiopian and Somali forces in Somalia. Ayrow was closely associated with East Africa Al-Qaida (EAAQ) operatives Harun Fazul and Saleh Nabhan, and now-deceased EAAQ cell leader Abu Talha Al-Sudani. [my emphasis]

The label “al Qaeda associate” and the visit to Osama bin Laden may have qualified Ayro (as ties to Al Qaeda in the Arabian Peninsula did Ahmed Warsame) as something beyond al-Shabaab warlord in the US book. And Toronto Star’s Michele Shephard told me on Twitter that Ayro had global ambitions. Certainly, some of Ayro’s associates had ties to al Qaeda’s past and planned attacks on US embassies in Africa.

But Shephard and the WikiLeaks cable also both say that the immediate focus in 2007 was on Ethiopian troops who had invaded Somalia in 2006 with US backing. Read more

Have 1,485 Innocent Americans Been Investigated for Researching Pressure Cookers?

/10 Comments/in , /by

Update: One of Catalano’s family members’ former employers tipped off the local cops to searches for backpack and pressure cooker on their computer. 

I have been warning about the criminalization of common items since it became clear in 2009 the FBI had investigated 3 purported (and apparently innocent) Najibullah Zazi “associates” for buying beauty supplies.

So I am thoroughly unsurprised that Michele Catalano’s family got questioned by 6 members of the Joint Terrorism Task Force because she researched pressure cookers online and her husband researched backpacks and her son clicked stories describing the Boston Marathon bomb.

I had researched pressure cookers. My husband was looking for a backpack. And maybe in another time those two things together would have seemed innocuous, but we are in “these times” now. And in these times, when things like the Boston bombing happen, you spend a lot of time on the internet reading about it and, if you are my exceedingly curious news junkie of a twenty-ear-old son, you click a lot of links when you read the myriad of stories. You might just read a CNN piece about how bomb making instructions are readily available on the internet and you will in all probability, if you are that kid, click the link provided.

Which might not raise any red flags. Because who wasn’t reading those stories? Who wasn’t clicking those links? But my son’s reading habits combined with my search for a pressure cooker and my husband’s search for a backpack set off an alarm of sorts at the joint terrorism task force headquarters.

It seems to have worked out okay for this apparently comfortable and apparently white family (though I am curious whether the FBI had investigated her husband’s business trips to Korea and China before they showed up).

But this was just one JTTF squad. And that JTTF told her husband that they conduct 100 such investigations a week.

They mentioned that they do this about 100 times a week. And that 99 of those visits turn out to be nothing. I don’t know what happens on the other 1% of visits and I’m not sure I want to know what my neighbors are up to.

It has been 15 weeks since the Boston Marathon attack. While I’m sure all these searches, by this one JTTF, weren’t in search of pressure cookers, just imagine that 100 pressure cooker investigations a week have been conducted by all JTTFs together? That would mean 1,485 innocent Americans — plus the 15 the FBI considers not so innocent or perhaps worthy of entrapment — have been targeted because of completely innocent First Amendment online searches.

But don’t worry. Keith Alexander and James Clapper assure you they’re not watching Americans’ communications.

Keith Alexander: We Report Violations to “Everyone”

/6 Comments/in , /by

At 32:14 in his speech to BlackHat yesterday, Keith Alexander said of the Section 215 dragnet,

We comply with the court orders and do this exactly right. And if we make a mistake, we hold ourselves accountable and report it to everyone.

Here’s what the 2011 report on both the telecom and Internet dragnets declassified yesterday said about NSA’s compliance failures (see PDF page 8).

Screen shot 2013-08-01 at 11.45.38 AM

By “everyone” Alexander appears not to include “citizens and taxpayers.”

As I reported Friday, Ron Wyden and Mark Udall say the Intelligence Committee downplays the seriousness of the violations that have occurred.

Their violations of the rules for handling and accessing bulk phone information are more troubling than have been acknowledged and the American people deserve to know more details.

Monday, Wyden elaborated further.

I am not allowed to discuss the classified nature of that, but I want to make sure those who are following this debate know that from my vantage point, reading those documents that are classified, these violations are more serious than have been stated by the intelligence community, and in my view that is very troubling. So I do hope Senators will go to the Intelligence Committee and ask to see those classified documents because I think when they read them–I think they will come to the conclusion to which I have come that, not only is what was stated by the Director of National Intelligence in that letter that was sent to you and me and Senator Udall and 23 other Senators–not only was that correct, but I think Senators who read those classified documents will also come to the conclusion that the violations are more serious than they thought–than the intelligence community portrayed.

After Alexander’s speech yesterday, CNBC asked further questions, including specifically about Wyden’s claims.

CNBC: General Alexander, Senator Wyden said yesterday that phone records collection abuse has been more significant than the government has acknowledged. What do you say about that?

Alexander: I’m not sure what he’s referring to, so I don’t know without him being more specific. If he could be. I think, um, maybe we should have a discussion on what that means.

(Alexander went on to provide actual specifics about what “everyone” means, though he did not explicitly admit it doesn’t include “everyone.”)

I’m not actually sure where that “if he could be” fits syntactically in Alexander’s response. But here’s why Wyden can’t provide more specifics.

Screen shot 2013-08-01 at 11.45.38 AM

Alexander, who is a classification authority (though James Clapper may be the classification authority for the 215 program), responded to a question about abuse by demanding that Wyden, who is not a classification authority, provide more details about something that NSA and ODNI have specifically kept classified.

But don’t worry. When they commit abuses, Alexander claimed, they tell “everyone.”

Later in the interview, Alexander told CNBC it could help.

Just reporting what somebody says is not the right thing to do for our country.

[snip]

Let’s put the facts on the table. If you just blindly take what somebody says, I think that’s not what our nation needs.

Yet blindly taking what somebody says about government abuse is precisely where Alexander and Clapper have left American citizens.

 

 

On Same Day Alexander Tells BlackHat, “Their Intent Is to Find the Terrorist That Walks Among Us,” We See NSA Considers Encryption Evidence of Terrorism

/19 Comments/in , , , /by

Screen shot 2013-08-01 at 9.34.18 AM

Thirty minutes into his speech at BlackHat yesterday, Keith Alexander said,

Remember: their intent is not to go after our communications. Their intent is to find the terrorist walks among us.

He said that to a room full of computer security experts, the group of Americans probably most likely to encrypt their communications, even hiding their location data.

At about the same time Alexander made that claim, the Guardian posted the full slide deck from the XKeyscore program it reported yesterday.

How do I find a cell of terrorists that has no connection to known strong-selectors?

Answer: Look for anomalous events

Among other things, the slide considers this an anomalous event indicating a potential cell of terrorists:

  • Someone who is using encryption

Meanwhile, note something else about Alexander’s speech.

13:42 into his speech, Alexander admits the Section 702 collection (this is true of XKeyscore too — but not the Section 215 dragnet, except in its use on Iran) also supports counter-proliferation and cybersecurity.

That is the sole mention in the entire speech of anything besides terrorism. The rest of it focused exclusively on terror terror terror.

Except, of course, yesterday it became clear that the NSA considers encryption evidence of terrorism.

Increasingly, this infrastructure is focused intensively on cybersecurity, not terrorism. That’s logical; after all, that’s where the US is under increasing attack (in part in retaliation for attacks we’ve launched on others). But it’s high time the government stopped screaming terrorism to justify programs that increasing serve a cybersecurity purpose. Especially when addressing a convention full of computer security experts.

But maybe Alexander implicitly admits that. At 47:12, Alexander explains that the government needs to keep all this classified because (as he points into his audience),

Sitting among you are people who mean us harm.

(Note after 52:00 a heckler notes the government might consider BlackHat organizer Trey Ford a terrorist, which Alexander brushes off with a joke.)

It’s at that level, where the government considers legal hacker behavior evidence of terrorism, that all reassurances start to break down.

Update: fixed XKeystroke for XKeyscore–thanks to Myndrage. Also, Marc Ambinder reported on it in his book.

Update: NSA has now posted its transcript of Alexander’s speech. It is 12 pages long; in that he mentioned “terror” 27 times. He mentions “cyber” just once.