Telecoms Versus the Toobz: The Source of the Legal Troubles

/6 Comments/in , /by

In this important piece on overbroad surveillance programs under Presidents Bush and Obama, the WaPo reveals that the program James Comey almost resigned over in 2004 involved sucking Internet metadata off telecom switches owned by the telecoms.

Telephone metadata was not the issue that sparked a rebellion at the Justice Department, first by Jack Goldsmith of the Office of Legal Counsel and then by Comey, who was acting attorney general because John D. Ashcroft was in intensive care with acute gallstone pancreatitis. It was Internet metadata.

At Bush’s direction, in orders prepared by David Addington, the counsel to Vice President Richard B. Cheney, the NSA had been siphoning e-mail metadata and technical records of Skype calls from data links owned by AT&T, Sprint and MCI, which later merged with Verizon.

For reasons unspecified in the report, Goldsmith and Comey became convinced that Bush had no lawful authority to do that.

This leads me to wonder whether legal leverage from the Internet providers — rather than any squeamishness about the law itself — caused the conflict.

Remember, in the fight over retroactive immunity in 2008, the industry group for the Internet providers — including Microsoft, Yahoo, and Google — argued against retroactive immunity.

The Computer & Communications Industry Association (CCIA) strongly opposes S. 2248, the “FISA Amendments Act of 2007,” as passed by the Senate on February 12, 2008. CCIA believes that this bill should not provide retroactive immunity to corporations that may have participated in violations of federal law. CCIA represents an industry that is called upon for cooperation and assistance in law enforcement. To act with speed in times of crisis, our industry needs clear rules, not vague promises that the U.S. Government can be relied upon to paper over Constitutional transgressions after the fact.

Given the WaPo’s report, this amounts to a demand that Congress allow the Internet companies to hold the telecoms accountable for helping the government seize their data.

As well they should have been able to. To a degree, these companies compete, and in the name of helping the government, the telecoms were helping themselves to Internet suppliers crown jewels.

Microsoft and Google versus AT&T and Verizon. Now that would have been an amusing lawsuit to watch. And probably a lot bigger worry for the people who use all of them to spy on us peons than we peons actually are.

NSA Spying: The Oversight of the Passive Voice

/9 Comments/in , /by

In a white paper claiming “the American people deserve to know what we are doing to protect both” privacy and liberty, and security, the government (Ellen Nakashima, at least, doesn’t specify which agency generated this) also includes this assertion:

The [dragnet metadata] program is subject to strict controls and oversight: the metadata is segregated and queries against the metadata are documented and audited.

The detail is one that NSA Director Keith Alexander had already claimed in his testimony before the Senate Appropriations Committee last week. He claimed,

Every time we query that database, it’s auditible by the committees, by DOJ, by the court, by the Administration.

In a telling comment to the press the other day, though, Dianne Feinstein, whose staffers on the Intelligence Committee would be the ones auditing the queries, said this:

Asked to confirm that intelligence officials do not need a court order for the query of the number itself, Feinstein said, “that’s my understanding.”

I found it really strange that a person who should be solidly in the thick of the audits Alexander was boasting about didn’t even seem sure about how someone accessed the database.

But then, Alexander said they were “auditable,” not that they were audited by all these people.

One of just a few explanations about oversight in a document trying to prove the government protects our privacy and liberty might be more persuasive if they weren’t presented in the passive voice. It doesn’t sound like DiFi knows Congress could audit the document; I wonder if the FISA Court, which Alexander claims also can audit the data, knows it can (I’d also like to see someone audit the claim it is segregated; is it ever copied?).

The white paper’s statements about the 702/PRISM program are equally unsatisfying.

Congress requires the Government to develop and obtain judicial approval for “minimization” procedures to ensure appropriate protection of any information about U.S. persons that may be incidentally acquired. The Government did that, and its procedures were approved by the Foreign Intelligence Surveillance Court.

As I’ve noted repeatedly, the FISC doesn’t get to review compliance with these procedures, only the adequacy of them if applied as promised. And since this white paper makes no claims that the government can’t access this US person data — which, after all, includes content and metadata — it suggests the most sensitive collection for Americans has only internal (DOJ and ODNI review) safeguards for Americans’ Internet communications.

Effectively, in addition to providing further evidence for Mark Udall’s assertions that the government could accomplish what it says it is doing via other, far less sensitive means, this document only serves to show how inadequate the oversight of these programs is.

To Justify Dragnet, FBI Implies It Can’t File 300 More NSLs in a Year

/11 Comments/in , /by

So Mark Hosenball just reported this, uncritically.

The U.S. government only searched for detailed information on calls involving fewer than 300 specific phone numbers among the millions of raw phone records collected by the National Security Agency in 2012, according to a government paper obtained by Reuters on Saturday.

As Jim Sensenbrenner noted the other day, if the government is doing only what it says it is with the database — finding US persons who are in contact with suspected terrorists — the FBI could use a grand jury subpoena or a National Security Letter to do so. Collecting all the phone records of Americans would only be required if the FBI were doing so many checks such a process became onerous.

Except that the FBI routinely gets upwards of 10,000 NSLs a year. Adding these 300 would be a drop in the bucket.

So the difficulty of getting NSLs can’t be the problem.

Which suggests the 300 claim is implicit acknowledgment they’re doing something more with this data than they’re letting on.

PRISM: The Difference between Orders and Directives

/19 Comments/in , /by

The AP has a story that lays out the architecture of how PRISM fits in with the rest of the government surveillance programs. The short version is, as much prior reporting supports, it uses PRISM to target communications it has collected, as packets, from the telecom backbone. Like the Section 215 dragnet (and consistent with James Clapper’s metaphor that the dragnet serves as the Dewey Decimal system to direct the government were to find the conversations it wants) it seems to serve to tell the government where to look to get more content.

The story is most valuable, in my opinion, for the distinction it describes between orders — which courts approve — and directives — which courts don’t.

Every year, the attorney general and the director of national intelligence spell out in a classified document how the government plans to gather intelligence on foreigners overseas.

By law, the certification can be broad. The government isn’t required to identify specific targets or places.

A federal judge, in a secret order, approves the plan.

With that, the government can issue “directives” to Internet companies to turn over information.

While the court provides the government with broad authority to seize records, the directives themselves typically are specific, said one former associate general counsel at a major Internet company. They identify a specific target or groups of targets. Other company officials recall similar experiences.

I’ve seen some apologist reporting that conflates these two, suggesting that the courts approve individual targets.

The entire point of FISA Amendments Act is to have the courts approve broader targeting.

As Russ Feingold warned four years ago, there is less oversight of how you get from orders to the procedures that make them compliant with the Constitution.

AP goes on to explain the danger to this scheme, though: there’s far less oversight over individual targets. Which can — and in 2009, at least — led the NSA to take US person data.

A few months after Obama took office in 2009, the surveillance debate reignited in Congress because the NSA had crossed the line. Eavesdroppers, it turned out, had been using their warrantless wiretap authority to intercept far more emails and phone calls of Americans than they were supposed to.

Remember, this overcollection was self-reported by the Obama Administration at the time, not discovered by the FISA Court. Good for the Obama Administration, though we’re trusting them at their word that the overcollection was unintentional.

As part of a periodic review of the agency’s activities, the department “detected issues that raised concerns,” it said. [snip]

The overcollection problems appear to have been uncovered as part of a twice-annual certification that the Justice Department and the director of national intelligence are required to give to the Foreign Intelligence Surveillance Court on the protocols that the N.S.A. is using in wiretapping. That review, officials said, began in the waning days of the Bush administration and was continued by the Obama administration. It led intelligence officials to realize that the N.S.A. was improperly capturing information involving significant amounts of American traffic.

But that raises one of the problems with the program. The court oversight is removed from the specificity of the collection, and the law, by design, prevents the court from double-checking whether the government does at the directive level what it says it will do at the order level.

Trust us.

Read more

The Inefficacy of Big Brother: Associations and the Terror Factory

/23 Comments/in , /by

The WSJ has a fascinating story, responding to (but not linking) this post, trying to address the question of whether the NSA programs we’ve learned about are efficient.

But some statisticians and security experts have raised another objection: As a terror-fighting tool, it is highly inefficient and has some serious downsides.

Their reasoning: Any automated approach to spotting something rare necessarily produces false positives. That means for every correctly identified target, many more alarms that go off will prove to be incorrect. So if there are vastly more innocent people than would-be terrorists whose communications are monitored, even an extremely accurate test would ensnare many non-terrorists.

[snip]

Even if the NSA’s algorithm “is terribly clever and has a very high sensitivity and specificity, it cannot avoid having an immense false-positive rate,” said Peter F. Thall, a biostatistician at the University of Texas’ M.D. Anderson Cancer Center. In his arena, false positives mean patients may get tests or treatment they don’t need. For the NSA, false positives could mean innocent people are monitored, detained, find themselves on no-fly lists or are otherwise inconvenienced, and that the agency spends resources inefficiently.

Others, though, noted a key difference between terrorism and, say, a needle in a haystack: Terrorists tend to talk to each other in a way that needles don’t. So by analyzing a network of communications, the NSA could be ferreting out clues from more than just the messages’ particulars.

This question is, obviously, one of the reasons I posted on the 3 apparent false positives presented as implicitly terrorist associates of Najibullah Zazi in 2009. Because — assuming I’m right that they were false positives — it provides a glimpse into precisely how the government understood a lot of these terms in 2009 (I assume, though could be wrong, that their approach continues to be fine-tuned). As a reminder, here’s what we know about these 3 people:

Evidence that “individuals associated with Zazi purchased unusual quantities of hydrogen and acetone products in July, August, and September 2009 from three different beauty supply stores in and around Aurora;” these purchases include:

Person one: a one-gallon container of a product containing 20% hydrogen peroxide and an 8-oz bottle of acetone

Person two: an acetone product

Person three: 32-oz bottles of Ion Sensitive Scalp Developer three different times

For a variety of reasons, I believe the 3 false positives consist of one person (probably person two) with a genuine relationship with Zazi who purchase relatively little acetone, and 2 people with false relationships with Zazi who bought an unusual amount of beauty supplies.

That says the FBI made two mistakes, IMO. Assuming any purchase of a common product, acetone, was criminal on behalf of someone with a real tie to Zazi.

And assuming the relationships between the other two — the ones buying more beauty supplies — were meaningful. This could be, and I suspect it is, an assumption that anyone who belongs to the same mosque (and unlike the radical one he attended in NY, Zazi was reportedly not close to people at his mosque in CO).

Also note. This program (unlike ones I believe to exist at the National Counterterrorism Center) may not be algorithms per se at all. Rather, it could just be associations: If tie to Zazi and if beauty supply purchaser = “positive.” In other words, for better and worse the FBI may not be asking the computers to “think” for it at all.

Nevertheless, the assumptions — that membership in the same mosque  (or, for that matter, a single communication with a suspected terrorist) necessarily equates to a meaningful relationship — probably doom the approach in any case.

Which brings me to my other point. The WSJ suggests the costs of false positives include wasted investigative resources and unfair persecution for false positives.

But it doesn’t consider the other possible uses of what may or may not be considered false positives.

First, there’s the possibility an FBI investigation into a true false positive — someone totally innocent of terrorism — may discover some other criminal exposure, which the FBI could and has been known to use to turn the false positive into an informant.

Then there’s the likelihood, especially if a potentially false positive is a young Muslim male, that the FBI will keep that person under heavy surveillance and recruitment for years and ultimately turn him into a terrorism statistic. The FBI started surveilling Mohamed Osman Mohamud 3 years, starting before he turned 18, before they got him to attempt to bomb a public event. His parents even alerted the authorities to his increasing radicalism, but instead of intervening to reverse it, the FBI exacerbated it with several informants.

Would Mohamud have ever turned to terrorism without all that help from the FBI? Would he have developed the competence and acquired the resources to do harm? We can’t actually know, and I’m actually not aware that anyone has asked this question.

What we also can’t know is whether, had the FBI dedicated its efforts to something else, it could have prevented a crime developing without FBI’s help.

That is, there are a whole slew of questions that have to be asked as we assess this program. Which is why we need real transparency.

Al Gore: Get Your Hands Off of My (Our?) Internet

/19 Comments/in , /by

Working on posts and then will have my sis-in-law in to watch the Grand Rapids Griffins defeat her Syracuse Crush tonight in hockey. (Really!)

But I did like this Al Gore interview:

Gore said he was not persuaded by the argument that the NSA surveillance had operated within the boundaries of the law.

“This in my view violates the constitution. The fourth amendment and the first amendment – and the fourth amendment language is crystal clear,” he said. “It is not acceptable to have a secret interpretation of a law that goes far beyond any reasonable reading of either the law or the constitution and then classify as top secret what the actual law is.”

Gore added: “This is not right.”

Gore even recognized the problem of the Director of National Intelligence lying under oath.

Gore did say, however, that he had serious concerns about some aspects of the testimony offered by national intelligence director James Clapper during testimony to the Senate intelligence committee last March.

Clapper, in response to pointed questions from Democratic senator Ron Wyden, had said during that appearance that the NSA did not collect data on Americans.

“I was troubled by his direct response to Senator Wyden’s very pointed question,” Gore said. “I was troubled by that.”

Yeah! Me too!

 

Russ Feingold: Yahoo Didn’t Get the Info Needed to Challenge the Constitutionality of PRISM

/16 Comments/in , , /by

The NYT has a story that solves a question some of us have long been asking: Which company challenged a Protect America Act order in 2007, only to lose at the district and circuit level?

The answer: Yahoo.

The Yahoo ruling, from 2008, shows the company argued that the order violated its users’ Fourth Amendment rights against unreasonable searches and seizures. The court called that worry “overblown.”

But the NYT doesn’t explain something that Russ Feingold pointed out when the FISA Court of Review opinion was made public in 2009 (and therefore after implementation of FISA Amendments Act): the government didn’t (and still didn’t, under the PAA’s successor, the FISA Amendments Act, Feingold seems to suggests) give Yahoo some of the most important information it needed to challenge the constitutionality of the program.

The decision placed the burden of proof on the company to identify problems related to the implementation of the law, information to which the company did not have access. The court upheld the constitutionality of the PAA, as applied, without the benefit of an effective adversarial process. The court concluded that “[t]he record supports the government. Notwithstanding the parade of horribles trotted out by the petitioner, it has presented no evidence of any actual harm, any egregious risk of error, or any broad potential for abuse in the circumstances of the instant case.” However, the company did not have access to all relevant information, including problems related to the implementation of the PAA. Senator Feingold, who has repeatedly raised concerns about the implementation of the PAA and its successor, the FISA Amendments Act (“FAA”), in classified communications with the Director of National Intelligence and the Attorney General, has stated that the court’s analysis would have been fundamentally altered had the company had access to this information and been able to bring it before the court.

In the absence of specific complaints from the company, the court relied on the good faith of the government. As the court concluded, “[w]ithout something more than a purely speculative set of imaginings, we cannot infer that the purpose of the directives (and, thus, of the surveillance) is other than their stated purpose… The petitioner suggests that, by placing discretion entirely in the hands of the Executive Branch without prior judicial involvement, the procedures cede to that Branch overly broad power that invites abuse. But this is little more than a lament about the risk that government officials will not operate in good faith.” One example of the court’s deference to the government concerns minimization procedures, which require the government to limit the dissemination of information about Americans that it collects in the course of its surveillance. Because the company did not raise concerns about minimization, the court “s[aw] no reason to question the adequacy of the minimization protocol.” And yet, the existence of adequate minimization procedures, as applied in this case, was central to the court’s constitutional analysis. [bold original, underline mine]

This post — which again, applies to PAA, though seems to be valid for the way the government has conducted FAA — explains why.

The court’s ruling makes it clear that PAA (and by association, FAA) by itself is not Constitutional. By itself, a PAA or FAA order lacks both probable cause and particularity.

The programs get probable cause from Executive Order 12333 (the one that John Yoo has been known to change without notice), from an Attorney General assertion that he has probable cause that the target of his surveillance is associated with a foreign power.

And the programs get particularity (which is mandated from a prior decision from the court, possibly the 2002 one on information sharing) from a set of procedures (the descriptor was redacted in the unsealed opinion, but particularly given what Feingold said, it’s likely these are the minimization procedures both PAA and FAA required the government to attest to) that give it particularity. The court decision makes it clear the government only submitted those — even in this case, even to a secret court — ex parte.

The petitioner’s arguments about particularity and prior judicial review are defeated by the way in which the statute has been applied. When combined with the PAA’s other protections, the [redacted] procedures and the procedures incorporated through the Executive Order are constitutionally sufficient compensation for any encroachments.

The [redacted] procedures [redacted] are delineated in an ex parte appendix filed by the government. They also are described, albeit with greater generality, in the government’s brief. [redacted] Although the PAA itself does not mandate a showing of particularity, see 50 USC 1805b(b), this pre-surveillance procedure strikes us as analogous to and in conformity with the particularity showing contemplated by Sealed Case.

In other words, even the court ruling makes it clear that Yahoo saw only generalized descriptions of these procedures that were critical to its finding the order itself (but not the PAA in isolation from them) was constitutional.

Incidentally, while Feingold suggests the company (Yahoo) had to rely on the government’s good faith, to a significant extent, so does the court. During both the PAA and FAA battles, the government successfully fought efforts to give the FISA Court authority to review the implementation of minimization procedures.

The NYT story suggests that the ruling which found the program violated the Fourth Amendment pertained to FAA.

Last year, the FISA court said the minimization rules were unconstitutional, and on Wednesday, ruled that it had no objection to sharing that opinion publicly. It is now up to a federal court.

I’m not positive that applies to FAA, as distinct from the 215 dragnet or the two working in tandem.

But other reporting on PRISM has made one thing clear: the providers are still operating in the dark. The WaPo reported from an Inspector General’s report (I wonder whether this is the one that was held up until after FAA renewal last year?) that they don’t even have visibility into individual queries, much less what happens to the data once the government has obtained it.

But because the program is so highly classified, only a few people at most at each company would legally be allowed to know about PRISM, let alone the details of its operations.

[snip]

According to a more precise description contained in a classified NSA inspector general’s report, also obtained by The Post, PRISM allows “collection managers [to send] content tasking instructions directly to equipment installed at company-controlled locations,” rather than directly to company servers. The companies cannot see the queries that are sent from the NSA to the systems installed on their premises, according to sources familiar with the PRISM process. [my emphasis]

This gets to the heart of the reason why Administration claims that “the Courts” have approved this program are false. In a signature case where an Internet provider challenged it — which ultimately led the other providers to concede they would have to comply — the government withheld some of the most important information pertaining to constitutionality from the plaintiff.

The government likes to claim this is constitutional, but that legal claim has always relied on preventing the providers and, to some extent, the FISA Court itself from seeing everything it was doing.

What Does NCTC Do with NSA and FBI’s Newly Disclosed Databases?

/22 Comments/in , , /by

The discussion about the various “NSA” programs we’ve seen so far have discussed only how NSA works with FBI. FBI requests the dragnet phone information and hands it over to NSA. NSA negotiates direct access to internet companies that allow FBI to make direct queries.

We’ve heard from Keith Alexander about what NSA does — its only use of Section 215, he said, was the phone records.

We heard from Robert Mueller who gave less clear answers about what FBI does and does not do.

But we have yet to have direct testimony from James “least untruthful too cute by half” James Clapper. Mind you, we’ve gotten several fact sheets and Clapper’s hilarious interview with Andrea Mitchell. Just no specific public testimony.

And curiously, in the DNI’s own fact sheets, he doesn’t specify who does what, aside from describing the statutory role his position and the Attorney General play in authorizing FAA 702 orders. He doesn’t say what FBI does, what NSA does … or what his own organization does.

That’s important, because in addition to overseeing all intelligence, Clapper’s office also includes the National Counterterrorism Center. And the NCTC is the entity in charge sharing data. Indeed, it is statutorily required to have access to everything.

[The National Security Act] provides that “[u]nless otherwise directed by the President, the Director of National Intelligence shall have access to all national intelligence and intelligence related to the national security which is collected by any federal department, agency, or other entity, except as otherwise provided by law, or as appropriate, under guidelines agreed upon by the Attorney General and the Director of National Intelligence.

That means, presumably, that NCTC is doing a lot of the work that NSA and FBI are making narrow denials about.

But it also means that NCTC can play with these databases — the dragnet and the access via PRISM to 702 data — as well as any other data in the Federal government, including databases that John Brennan gave it the ability to go get.

So here’s the thing. When Keith Alexander gives you pat reassurances about how limited NSA’s access to Americans’ call data is, that may disclose a whole lot more intrusive data mining over at James Clapper’s shop.

Remember, here is what James Clapper was initially asked.

Wyden: Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?

Clapper: No, sir.

Wyden: It does not?

Clapper: Not wittingly. There are cases where they could, inadvertently perhaps, collect—but not wittingly.” [my emphasis]

His first attempt to walk back that lie went like this:

What I said was, the NSA does not voyeuristically pore through U.S. citizens’ e-mails. [my emphasis]

His second attempt to walk it back went like this:

ANDREA MITCHELL: Senator Wyden made quite a lot out of your exchange with him last March during the hearings. Can you explain what you meant when you said that there was not data collection on millions of Americans?

JAMES CLAPPER: First– as I said, I have great respect for Senator Wyden. I thought, though in retrospect, I was asked– “When are you going to start– stop beating your wife” kind of question, which is meaning not– answerable necessarily by a simple yes or no. So I responded in what I thought was the most truthful, or least untruthful manner by saying no.

And again, to go back to my metaphor. What I was thinking of is looking at the Dewey Decimal numbers– of those books in that metaphorical library– to me, collection of U.S. persons’ data would mean taking the book off the shelf and opening it up and reading it.

ANDREA MITCHELL: Taking the contents?

JAMES CLAPPER: Exactly. That’s what I meant. Now–

ANDREA MITCHELL: You did not mean archiving the telephone numbers?

All of those efforts were, by context at least, limited exclusively to NSA. They don’t address, at all, what NCTC might do with this data (or, for that matter, FBI).

So what does the NCTC do with the data that NSA and FBI have issued careful denials about?

Update: I’m going to replicate a big chunk of this post on the oversight over NCTC’s use of other agencies data, complete with the bit about how the guy in charge of it thought Cheney’s illegal program was the shit.

Back when John Negroponte appointed him to be the Director of National Intelligence’s Civil Liberties Protection Officer, Alexander Joel admitted he had no problem with Cheney’s illegal domestic wiretap program.

Read more

Robert Mueller’s Claims to Be Ignorant about Geolocation Probably Bullshit

/13 Comments/in , /by

As I laid out in this Guardian column on today’s House Judiciary Committee hearing, after citing Smith v. Maryland a bunch of times to justify getting all Americans’ phone records, FBI Director Robert Mueller went on to pretend not to know whether those records include geolocation.

New York Representative Jerry Nadler wasn’t convinced Mueller’s excuse was good enough. He noted that metadata includes so much more information than it did in 1979, and that that earlier ruling might not stand in this case. Utah’s Jason Chaffetz got much more specific about the difference between phones in 1979 and now: location.

Landlines include location information. But with cell phones, the same location information necessary to route a call effectively provides a rough idea of where a person is even as they move from place to place (map functions on smart phones, as well as a lot of applications, rely on this data). Thus, the geolocation available as part of cell phone metadata provides a much better idea of where a person goes and what they do than location data for a landline tied to a person’s address.

Chaffetz posed several questions that, he revealed, he had sent Mueller Wednesday so that he would be prepared to answer, starting with whether or not geolocation is part of this metadata collection. In spite of Chaffetz’s prior warning, Mueller said he did not know whether it was included.

Note that the order to Verizon the Guardian publishedspecifically includes routing information in its description of metadata, which gets to geolocation. It’s clear this collection includes geolocation.

Mueller was also unprepared to answer whether or not a different supreme court case from last year, US v Jones, which determined that installing a GPS tracking device on a suspect’s car constituted a search, meant that the geolocation provided by the GPS function on cell phones did not qualify as metadata. Mueller was also unprepared to answer whether tracking someone’s location by using their phone constituted metadata.

In fact, Mueller admitted his staffers had told him he’d be asked these questions – yet still hadn’t prepared. It seemed almost as if his inability to answer this question in public was intentional.

As I suggested, Mueller’s feigned ignorance was probably intentional.

Moreover, his professed ignorance about whether the phone records include location is probably bullshit. That’s true, as I noted, because the order in question includes routing information, which in the case of cell phones, includes tower location which is location.

And remember, according to Tom Coburn, the FBI Director’s role in approving this process is so central, Coburn was worried that legal challenges to Mueller’s two-year extension might put the entire dragnet program at risk. So it’s hard to believe all this time Mueller has been personally vouching for orders like the one to Verizon that ask explicitly for routing information without knowing he was asking for routing information.

Here’s the other reason I think Mueller is telling a least untruth that is too cute by half when he claims ignorance.

Shortly after the US v. Jones ruling, Ron Wyden asked Director of National Intelligence James Clapper to what degree Jones affected the intelligence community. He even invoked “secret law,” the way he always has done when referring to this dragnet program(s).

Wyden: Director Clapper, as you know the Supreme Court ruled last week that it was unconstitutional for federal agents to attach a GPS tracking device to an individual’s car and monitor their movements 24/7 without a warrant. Because the Chair was being very gracious, I want to do this briefly. Can you tell me as of now what you believe this means for the intelligence community, number 1, and 2, would you be willing to commit this morning to giving me an unclassified response with respect to what you believe the law authorizes. This goes to the point that you and I have talked, Sir, about in the past, the question of secret law, I strongly feel that the laws and their interpretations must be public. Read more

House Intelligence Parrot: These Programs Are Not Secret…

/10 Comments/in , /by

… but it’s a grave danger for you to know about them.

Bob Minehart, a staffer for Democrats (presumably Dutch Ruppersberger) on the House Intelligence Committee, has put together a pair of talking point documents for members of the House to talk about the programs revealed by the Guardian last week. (I found out Minehart is the author by checking the documents’ metadata.) The talking points largely track what James Clapper released, though with a few differences that may come from Mike Rogers which I may return to.

The talking points claim the reporting on the programs have inaccuracies.

The articles referenced above contain numerous inaccuracies that imply the United States Government is spying on Americans. That is just plain false.

But the documents include a number of claims that are meaningless, given the underlying standards involved.

The FISA Court authorizes intelligence collection only after the Intelligence Community has proven its case, based on underlying facts and investigations.

The most pathetic part of these talking points, however, is the claim that these are not secret programs. Not the Section 215 dragnet of every Americans’ call data.

There is no secret program involved here – it is strictly authorized by a U.S. statute.

And not the direct access to Internet companies data with just a 51% certainty that the data collected is foreign.

There is no secret program involved – it is strictly authorized by a U.S. statute.

But in spite of this claim that massive dragnets deceitfully denied in Congressional hearings are not secret, the PRISM-related set still warns about what grave danger the leak of the information created.

The unauthorized disclosure of information about this critical legal tool puts our national security in grave danger, puts Americans at risk of terrorist and cyber attacks, and puts our military intelligence resources in danger of being revealed to our adversaries.

These are not secret programs, Dutch Ruppersberger wants you to know. But revealing them will kill us all.