PATRIOT Archives - Page 8 of 44

Ancient History: December 2012 in the Dragnet

January 24, 2014/12 Comments/in FISA, PATRIOT /by emptywheel

PCLOB tells us that the FISA Court approved a new automated query system (versions appear to have been in development for years, and it replaced the automated alert system from 2009) in late 2012 that permitted all the 3-degree contact chains off all RAS-approved identifiers to be dumped into the corporate store at once where they can be combined with data collected under other authorities (presumably including both EO 12333 and FAA) for further analysis.

In 2012, the FISA court approved a new and automated method of performing queries, one that is associated with a new infrastructure implemented by the NSA to process its calling records. 68 The essence of this new process is that, instead of waiting for individual analysts to perform manual queries of particular selection terms that have been RAS approved, the NSA’ s database periodically perform s queries on all RAS – approved seed terms, up to three hops away from the approved seeds. The database places the results of these queries together in a repository called the “corporate store.”

The ultimate result of the automated query process is a repository, the corporate store, containing the records of all telephone calls that are within three “hops” of every currently approved selection term. 69 Authorized analysts looking to conduct intelligence analysis may then use the records in the corporate store, instead of searching the full repository of records.

According to the FISA court’s orders, records that have been moved into the corporate store may be searched by authorized personnel “for valid foreign intelligence purposes, without the requirement that those searches use only RAS – approved selection terms.” 71 Analysts therefore can query the records in the corporate store with terms that are not reasonably suspected of association with terrorism. They also are permitted to analyze records in the corporate store through means other than individual contact-chaining queries that begin with a single selection term: because the records in the corporate store all stem from RAS-approved queries , the agency is allowed to apply other analytic methods and techniques to the query results. 72 For instance, such calling records may be integrated with data acquired under other authorities for further analysis. The FISA court’s orders expressly state that the NSA may apply “the full range” of signals intelligence analytic tradecraft to the calling records that are responsive to a query, which includes every record in the corporate store.

(While I didn’t know the date, I have been pointing the extent to which corporate store data can be analyzed for some time, but thankfully the PCLOB report has finally led others to take notice.)

On December 27, 2012, Jeff Merkley gave a speech in support of his amendment to the FISA Amendments Act that would push to make FISC decisions public. It referenced both the backdoor loophole (which John Bates extended to NSA and CIA in 2011, was implemented in 2012, and affirmed by the Senate Intelligence Committee in June 2012) and the language underlying the phone dragnet. Merkley suggested the government might use these secret interpretations to conduct wide open spying on Americans.

If it is possible that our intelligence agencies are using the law to collect and use the communications of Americans without a warrant, that is a problem. Of course, we cannot reach conclusions about that in this forum because this is an unclassified discussion.

My colleagues Senator Wyden and Senator Udall, who serve on Intelligence, have discussed the loophole in the current law that allows the potential of backdoor searches. This could allow the government to effectively use warrantless searches for law-abiding Americans. Senator Wyden has an amendment that relates to closing that loophole. Congress never intended the intelligence community to have a huge database to sift through without first getting a regular probable cause warrant, but because we do not have the details of exactly how this proceeds and we cannot debate in a public forum those details, then we are stuck with wrestling with the fact that we need to have the sorts of protections and efforts to close loopholes that Senator Wyden has put forward.

[snip]

Let me show an example of a passage. Here is a passage about what information can be collected: “ ….. reasonable grounds to believe that the tangible things sought are relevant to an authorized investigation (other than a threat assessment) conducted in accordance with subsection (a)(2),” and so on.

Let me stress these words: “relevant to an authorized investigation.”

There are ongoing investigations, multitude investigations about the conduct of individuals and groups around this planet, and one could make the argument that any information in the world helps frame an understanding of what these foreign groups are doing. So certainly there has been some FISA Court decision about what “relevant to an authorized investigation” means or what “tangible things” means. Is this a gateway that is thrown wide open to any level of spying on Americans or is it not? Read more →

The Impasse on Executive Spying

January 24, 2014/12 Comments/in FISA, PATRIOT /by emptywheel

In an important post the other day, Steve Vladeck described what he believed to be the most important lesson Edward Snowden has taught us.

They miss the single most important lesson we’ve learned — or should have learned — from Snowden, i.e., that the grand bargain has broken down. Intelligence oversight just ain’t what it used to be, and the FISA Court, as an institution, seemed to have been far better suited to handle individualized warrant applications under the pre-2001 FISA regime than it has been to reviewing mass and programmatic surveillance under section 215 of the USA PATRIOT Act and section 702, as added by the FISA Amendments Act of 2008.

Thus, even if one can point to specific individual programs the disclosure of which probably has not advanced the ongoing public policy conversation, all of the disclosures therefore illuminate a more fundamental issue of public concern — and one that should be (and, arguably, has been) driving the reform agenda: Whatever surveillance authorities the government is going to have going forward, we need to rethink the structure of oversight, both internally within the Executive Branch, and externally via Congress and the courts. That’s not because the existing oversight and accountability mechanisms have been unlawful; it’s because so many of these disclosures have revealed them to be inadequate and/or ineffective. And inasmuch as such reforms may strengthen not just mechanisms of democratic accountability for our intelligence community, but also their own confidence in the propriety and forward-looking validity of their authorities, they will make all of us — including the NSA — stronger in the long term.

While I agree with Vladeck that’s an important lesson from Snowden, I don’t think it has been admitted by those who most need the lesson: most members of Congress (most of all, the Intelligence Committees) and the FISA Court, as well as the other Article III judges who are quickly becoming dragnet experts.

But I’m hopeful PCLOB — which is already under attack even from Susan Collins for having the audacity to conduct independent oversight — will press the issue.

As I have noted in the past, PCLOB has a better understanding of how the Executive uses EO 12333 than any other entity I’ve seen (I think the Review Group may have a similar understanding, but they won’t verbalize it).

That’s why I find their treatment of FISA as a compromise to put questions about separation of powers on hold so interesting.

In essence, FISA represented an agreement between the executive and legislative branches to leave that debate aside 600 and establish a special court to oversee foreign intelligence collection . While the statute has required periodic updates, national security officials have agreed that it created an appropriate balance among the interests at stake, and that judicial review provides an important mechanism regulating the use of very powerful and effective techniques vital to the protection of the country. 601

600 “[T]he bill does not recognize, ratify, or deny the existence of any Presidential power to authorize warrantless surveillance in the United States n the absence of the legislation. It would, rather, moot the debate over the existence or non – existence of this power[.]” HPSCI Report at 24. This agreement between Congress and the executive branch to involve the judiciary in the regulation of intelligence collection activities did not and could not resolve constitutional questions regarding the relationship between legislative and presidential powers in the area of national security . See In re: Sealed Case , 310 F.3d 717, 742 (FISA Ct. Rev. 2002) (“We take for granted that the President does have that authority [inherent authority to conduct warrantless searches to obtain foreign intelligence information] and, assuming that is so, FISA could not encroach on the President ’ s constitutional power.”).

When NSA chose to avoid First Amendment review on the 3,000 US persons it had been watch-listing by simply moving them onto a new list, when it refused to tell John Bates how much US person content it collects domestically off telecom switches, when it had GCHQ break into Google’s cables to get content it ought to be able to obtain through FISA 702, when it rolled out an Internet dragnet contact-chaining program overseas in part because it gave access to US person data it couldn’t legally have here, NSA made it clear it will only fulfill its side of the compromise so long as no one dares to limit what it can do.

That is, Snowden has made it clear that the “compromise” never was one. It was just a facade to make Congress and the Courts believe they had salvaged some scrap of separation of powers.

NSA has made it clear it doesn’t much care what its overseers in Congress or the Court think. It’ll do what it wants, whether it’s in the FISC or at a telecom switch just off the US shore. And thus far, Obama seems to agree with them.

Which means we’re going to have to start talking about whether this country believes the Executive Branch should have relatively unfettered ability to spy on Americans. We’re going to have to take a step back and talk about separation of powers again.

Are Even the Basaaly Moalin Claims Falling Apart Now?

January 24, 2014/2 Comments/in FISA, PATRIOT /by emptywheel

I’ll have a much longer post later on what PCLOB has to say about the efficacy of the dragnet, which is actually far more interesting than I’ve seen reported thus far. But I want to look in detail at the passage in which they treat Basaaly Moalin.

And we believe that in only one instance over the past seven years has the program arguably contributed to the identification of an unknown terrorism suspect. In that case, moreover, the suspect was not involved in planning a terrorist attack and there is reason to believe that the FBI may have discovered him without the contribution of the NSA’s program.

Note the verb: “may have,” not “might have” or “could have.” Thus, the passage has a (presumably intentionally) ambiguous meaning which could suggest either that the FBI did find Moalin on their own or they had the ability to.

But in conjunction with the adverb “arguably,” the use of “may” here sure seems to suggest PCLOB thinks a case could be made that FBI did, in fact, find Moalin on their own. Without the dragnet.

That is, PCLOB seems to suggest that even the claim that the dragnet helped find a cab driver giving $8,500 to al-Shabaab in hopes of protecting his tribal lands against US-backed invaders may be false.

Does the fact that DOJ didn’t include Moalin in its claims of success to the 3 lawsuits against the dragnet reflect growing questions within DOJ about how they really rediscovered Moalin?

As I see it, there are two obvious ways that FBI might have discovered Moalin on their own, and a third that would be even more interesting.

Recall that Moalin was actually prosecuted with the help of his hawala, who also happened to be in contact with people close to Aden Ayro, the warlord Moalin is presumed to be a second hop from (the case against the hawala is largely sealed). It’s possible the FBI found Moalin through the investigation of the hawala.That’s particularly likely given PCLOB’s later comment that Moalin “was the user of a telephone number already linked to pending FBI investigations.”

Alternately, it’s possible the FBI got a tip off content related to Ayro and investigated using NSLs and found Moalin (though I think this is less likely because NSA has so few Somali translators). It’s also worth considering that at one point NSA contacted FBI because they had lost Ayro, asking if FBI had seen a new number for Ayro in Moalin’s calls. Which suggests, at least after they got a tap on Moalin, FBI may had an easier time of tracking Ayro than NSA did.

More interesting still, it’s possible FBI found Moalin in October 2007 by accessing dragnet results directly (as was possible for FBI to do until NSA shut this access down in June 2009), without having received a formal report from NSA reporting the link. If that’s the case, it’d be interesting for a slew of reasons, because it’d be a patently illegal lead, but it would technically come from the dragnet. If that were the case, I can see everyone wanting to lie about it, which might lead to … the kind of seemingly conflicting and increasingly cautious statements we’re seeing now (as well as DOJ’s silence on this “success” in recent court filings).

I have suggested that the timing of Moalin’s prosecution at least hints that they pursued it to have a first Section 215 success in time for PATRIOT reauthorization in 2011. Certainly, they were quick to roll out his case as a “dragnet success” last June. But if he wasn’t found via the dragnet, or if DOJ misrepresented precisely how he was found back in court filings in 2012 to hide that FBI had direct access to databases at NSA they weren’t legally entitled to have, then it’d put DOJ in a tight spot now, as Moalin appeals to the 9th Circuit. At least in September, they claimed to Judge Jeffrey Miller Moalin had been caught by the dragnet, and Miller didn’t think it harmed their case (though even there, Miller’s language made it clear he learned new information in those filings he hadn’t been told on the first FISA review). But if he wasn’t — or if FBI had legally impermissible access to the dragnet results — then Moalin’s appeal might get more interesting, either because DOJ misrepresented to the District what happened and/or because there’s something funky about the use of the dragnet with Moalin.

Of course, all that assumes Moalin would ever get to see the FISA related evidence against him, which PCLOB may have but which no FISA-related defendants ever have been able to do. Which is unlikely to happen.

PCLOB Estimates 120 Million Phone Numbers in Corporate Store

January 23, 2014/3 Comments/in FISA, PATRIOT /by emptywheel

PCLOB’s report confirms something ACLU’s Patrick Toomey and I have been harping on. One of the biggest risks of the phone dragnet stems not from the initial queries themselves, but from NSA’s storage of query results in the “corporate store,” permanently, where they can be accessed without the restrictions required for access to the full database, and exposed to all the rest of NSA’s neat toys.

According to the FISA court’s orders, records that have been moved into the corporate store may be searched by authorized personnel “for valid foreign intelligence purposes, without the requirement that those searches use only RAS-approved selection terms.”71 Analysts therefore can query the records in the corporate store with terms that are not reasonably suspected of association with terrorism. They also are permitted to analyze records in the corporate store through means other than individual contact-chaining queries that begin with a single selection term: because the records in the corporate store all stem from RAS-approved queries, the agency is allowed to apply other analytic methods and techniques to the query results.72 For instance, such calling records may be integrated with data acquired under other authorities for further analysis. The FISA court’s orders expressly state that the NSA may apply “the full range” of signals intelligence analytic tradecraft to the calling records that are responsive to a query, which includes every record in the corporate store.73

PCLOB doesn’t say it, but NSA’s SID Director Theresa Shea has: those other authorities include content collection, which means coming up in a query can lead directly to someone reading your content.

Section 215 bulk telephony metadata complements other counterterrorist-related collection sources by serving as a significant enabler for NSA intelligence analysis. It assists the NSA in applying limited linguistic resources available to the counterterrorism mission against links that have the highest probability of connection to terrorist targets. Put another way, while Section 215 does not contain content, analysis of the Section 215 metadata can help the NSA prioritize for content analysis communications of non-U.S. persons which it acquires under other authorities. Such persons are of heightened interest if they are in a communication network with persons located in the U.S. Thus, Section 215 metadata can provide the means for steering and applying content analysis so that the U.S. Government gains the best possible understanding of terrorist target actions and intentions. [my emphasis]

Plus, those authorities will include datamining, including with other data collected by NSA, like a user’s Internet habits and financial records.

Then, PCLOB does some math to estimate how many numbers might be in the corporate store.

If a seed number has seventy-five direct contacts, for instance, and each of these first-hop contact has seventy-five new contacts of its own, then each query would provide the government with the complete calling records of 5,625 telephone numbers. And if each of those second-hop numbers has seventy-five new contacts of its own, a single query would result in a batch of calling records involving over 420,000 telephone numbers.

[snip]

If the NSA queries around 300 seed numbers a year, as it did in 2012, then based on the estimates provided earlier about the number of records produced in response to a single query, the corporate store would contain records involving over 120 million telephone numbers.74

74 While fewer than 300 identifiers were used to query the call detail records in 2012, that number “has varied over the years.” Shea Decl. ¶ 24.

Some might quibble with these numbers: other estimates use 40 contacts per person (though remember, there’s 5 years of data), and the estimate doesn’t seem to account for mutual contacts. Plus, remember this is unique phone numbers: we should expect it to include fewer people, because people — especially people trying to hide — change phones regularly. Further, remember a whole lot of foreign numbers will be in there.

But other things suggest it might be conservative. As a recent Stanford study showed, if the NSA isn’t really diligent about removing high volume numbers, then queries could quickly include everyone; certainly, NSA could have deliberately populated the corporate store by leaving such identifiers in. We know there were 27,000 people cleared for RAS in 2008 and 17,000 on an alert list in 2009, meaning the query numbers for earlier years are effectively much much higher (which seems to be the point of footnote 74).

Plus, remember that PCLOB gave their descriptive sections to the NSA to review for accuracy. So I assume NSA did not object to the estimate.

So 120 million phone numbers might be a reasonable estimate.

That’s a lot of Americans exposed to the level of data analysis permissible in the corporate store.

The Immediate Phone Dragnet Fixes Obama Rejected

January 23, 2014/2 Comments/in FISA, PATRIOT /by emptywheel

In its report, PCLOB makes it clear that President Obama had most of its recommendations before he gave his speech last Friday.

PCLOB briefed senior White House staff on the Board’s tentative conclusions on December 5, 2013. The PCLOB provided a near final draft of the Board’s conclusions and recommendations on Section 215 and the operations of the FISA court (Parts 5, 7 and 8 of this Report) to the White House on January 3, the transparency section (Part 9) on January 8, 2014, and additional statutory analysis on January 14, 2014 (Part 5). On January 8, the full Board met with the President, the Vice President and senior officials to present the Board’s conclusions and the views of individual Board members.

Which means Obama was well aware of the four recommendations PCLOB made on immediate privacy fixes (they emphasize these recommendations don’t require Congressional or FISC action).

The Board recommends that the government immediately implement several additional privacy safeguards to mitigate the privacy impact of the present Section 215 program. The recommended changes can be implemented without any need for congressional or FISC authorization. Specifically, the government should:

(a) reduce the retention period for the bulk telephone records program from five years to three years;

(b) reduce the number of “hops” used in contact chaining from three to two;

(c) submit the NSA’s “reasonable articulable suspicion” determinations to the FISC for review after they have been approved by NSA and used to query the database; and

(d) require a “reasonable articulable suspicion” determination before analysts may submit queries to, or otherwise analyze, the “corporate store,” which contains the results of contact chaining queries to the full “collection store.”

So it’s safe to assume President Obama affirmatively rejected the 2 recommendations he did not adopt in any form: reducing the retention period for dragnet data and requiring RAS to search the corporate store.

Noted.

PCLOB Adopts the Drip Drip Drip Approach Too

January 23, 2014/1 Comment/in FISA, PATRIOT /by emptywheel

As Charlie Savage and Ellen Nakashima report, PCLOB will release a report on the phone dragnet today calling the program illegal. I’ll report more on the report after it gets released this afternoon.

In the meantime, note that it appears PCLOB is only reporting on the Section 215 phone dragnet with this report. They’re not reporting on Section 702.

Yet they were supposed to be. They told the President and Congress in November they would produce one report.

Met with officials of the Department of Justice (DOJ), Office of the Director of National Intelligence (ODNI), Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) on several occasions to discuss the operation and oversight of programs under Section 215 of the USA PATRIOT Act (telephone metadata) and Section 702 of the Foreign Intelligence Surveillance Act. These discussions covered collection, use and dissemination practices, compliance measures, including internal and external oversight, and the implementation guidelines governing collection and use of intelligence pursuant to Sections 215 and 702. These discussions commenced prior to June 2013 as part of the Board’s basic oversight responsibilities, and then evolved, after the Snowden leaks, into a more in-depth review of the programs operated pursuant to Sections 215 and 702. The review, which is intended to culminate in a public report as requested by the President and Members of Congress, is addressing the history, legality, necessity, and effectiveness of these programs. [my emphasis]

And that was even Nakashima’s understanding just hours before she got this report. Spencer Ackerman reports they will issue the Section 702 report in the coming weeks.

The PCLOB is not finished with its assessment of NSA surveillance. It plans in the coming weeks to issue another report evaluating the NSA’s collection of bulk foreign Internet communications, which have included those with Americans “incidentally” collected.

Drip … drip … drip …

Already, several weeks ago, anonymous sources were repeating anonymous White House staffers bitching that PCLOB would not be done before the President gave his speech last Friday.

It’s unclear why Obama will announce his recommendations before receiving the report from the privacy and civil liberties board. One official familiar with the review process said that some White House officials were puzzled by the board’s delay.

Now, the PCLOB is taking at least two bites at the dragnet, which will keep problems with the dragnet in the news.

I guess those anonymous White House complainers are going to have a harder time achieving closure on the discussions about the dragnet.

PCLOB Told Mike Rogers They Would Discuss Legality of Dragnet

January 23, 2014/1 Comment/in FISA, PATRIOT /by emptywheel

Mike Rogers is outraged! outraged! that PCLOB overstepped what he sees as their mandate to talk about the illegality of the phone dragnet.

Defenders of the program reacted sharply to the report’s findings on Thursday. Rep. Mike Rogers (R-Mich.), chairman of the House Intelligence Committee, said he agreed with the two dissenters “that the board should … not partake in unwarranted legal analysis.”

I find this hysterical not just because Rogers has spent the last 7 months weighing in the program’s legality. I’ll take Retired Appeals Court Judge Patricia Wald’s opinion on legality over Rogers’ any day.

But it’s also funny because PCLOB told Rogers (as well as the President and the rest of Congress) they were going to report on the program’s legality back in their November report to the President and Congress.

Met with officials of the Department of Justice (DOJ), Office of the Director of National Intelligence (ODNI), Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) on several occasions to discuss the operation and oversight of programs under Section 215 of the USA PATRIOT Act (telephone metadata) and Section 702 of the Foreign Intelligence Surveillance Act. These discussions covered collection, use and dissemination practices, compliance measures, including internal and external oversight, and the implementation guidelines governing collection and use of intelligence pursuant to Sections 215 and 702. These discussions commenced prior to June 2013 as part of the Board’s basic oversight responsibilities, and then evolved, after the Snowden leaks, into a more in-depth review of the programs operated pursuant to Sections 215 and 702. The review, which is intended to culminate in a public report as requested by the President and Members of Congress, is addressing the history, legality, necessity, and effectiveness of these programs. [my emphasis]

He didn’t object at the time.

He’s only objecting now that the Board has found the program illegal.

Rogers might complain that he didn’t notice this warning back then and therefore shouldn’t be held accountable for not objecting back when he was told they were going to review the legality of the program. But to make that argument, Rogers would have to admit he’s inattentive to matters concerning the programs he has primary oversight responsibility over.

While there’s abundant evidence that’s true, I doubt Rogers is prepared to admit it.

Project Minaret 2.0: Now, with 58% More Illegal Targeting!

January 22, 2014/6 Comments/in FISA, PATRIOT /by emptywheel

For weeks, I have been trying to figure out why the NSA, in a training program it created in August 2009, likened one of its “present abuses” to Project Minaret. What “unauthorized targeting of suspected terrorists in the US” had they been doing, I wondered, that was like “watch-listing U.S. people for evidence of foreign influence.”

Until, in a fit of only marginally related geekdom, I re-read the following passage in Keith Alexander’s declaration accompanying the End-to-End review submitted to the FISA Court on August 19, 2009 (that is, around the same time as the training program).

Between 24 May 2006 and 2 February 2009, NSA Homeland Mission Coordinators (HMCs) or their predecessors concluded that approximately 3,000 domestic telephone identifiers reported to Intelligence Community agencies satisfied the RAS standard and could be used as seed identifiers. However, at the time these domestic telephone identifiers were designated as RAS-approved, NSA’s OGC had not reviewed and approved their use as “seeds” as required by the Court’s Orders. NSA remedied this compliance incident by re-designating all such telephone identifiers as non RAS-approved for use as seed identifiers in early February 2009. NSA verified that although some of the 3,000 domestic identifiers generated alerts as a result of the Telephony Activity Detection Process discussed above, none of those alerts resulted in reports to Intelligence Community agencies. 7

7 The alerts generated by the Telephony Activity Detection Process did not then and does not now, feed the NSA counterterrorism target knowledge database described in Part I.A.3 below. [my emphasis]

As I’ll explain below, this passage means 3,000 US persons were watch-listed without the NSA confirming that they hadn’t been watch-listed because of their speech, religion, or political activity.

Here’s the explanation.

FISA Warranted Targets and the Phone Dragnet

January 22, 2014/3 Comments/in FISA, PATRIOT /by emptywheel

The identifiers (such as phone numbers) of people or facilities for which a FISA judge has approved a warrant can be used as identifiers in the phone dragnet without further review by NSA.

From a legal standpoint, this makes a lot of sense. The standard to be a phone dragnet identifier is just Reasonable Articulable Suspicion of some tie to terrorism — basically a digital stop-and-frisk. The standard for a warrant is probable cause that the target is an agent of a foreign government — and in the terrorism context, that US persons are preparing for terrorism. So of course RAS already exists for FISC targets.

So starting with the second order and continuing since, FISC’s primary orders include language approving the use of such targets as identifiers (see ¶E starting on page 8-9).

But there are several interesting details that come out of that.

Finding the Americans talking with people tapped under traditional FISA

First, consider what it says about FISC taps. The NSA is already getting all the content from that targeted phone number (along with any metadata that comes with that collection). But NSA may, in addition, find cause to run dragnet queries on the same number.

In its End-to-End report submission to Reggie Walton to justify the phone dragnet, NSA claimed it needed to do so to identify all parties in a conversation.

Collections pursuant to Title I of FISA, for example, do not provide NSA with information sufficient to perform multi-tiered contact chaining [redacted]Id. at 8. NSA’s signals intelligence (SIGINT) collection, because it focuses strictly on the foreign end of communications, provides only limited information to identify possible terrorist connections emanating from within the United States. Id. For telephone calls, signaling information includes the number being called (which is necessary to complete the call) and often does not include the number from which the call is made. Id. at 8-9. Calls originating inside the United States and collected overseas, therefore, often do not identify the caller’s telephone number. Id. Without this information, NSA analysts cannot identify U.S. telephone numbers or, more generally, even determine that calls originated inside the United States.

This is the same historically suspect Khalid al-Midhar claim, one they repeat later in the passage.

The language at the end of that passage emphasizing the importance of determining which calls come from the US alludes to the indexing function NSA Signals Intelligence Division Director Theresa Shea discussed before — a quick way for the NSA to decide which conversations to read (and especially, if the conversations are not in English, translate).

Section 215 bulk telephony metadata complements other counterterrorist-related collection sources by serving as a significant enabler for NSA intelligence analysis. It assists the NSA in applying limited linguistic resources available to the counterterrorism mission against links that have the highest probability of connection to terrorist targets. Put another way, while Section 215 does not contain content, analysis of the Section 215 metadata can help the NSA prioritize for content analysis communications of non-U.S. persons which it acquires under other authorities. Such persons are of heightened interest if they are in a communication network with persons located in the U.S. Thus, Section 215 metadata can provide the means for steering and applying content analysis so that the U.S. Government gains the best possible understanding of terrorist target actions and intentions. [my emphasis]

Though, as I have noted before, contrary to what Shea says, this by definition serves to access content of both non-US and US persons: NSA is admitting that the selection criteria prioritizes calls from the US. And in the case of a FISC warrant it could easily be entirely US person content.

In other words, the use of the dragnet in conjunction with content warrants makes it more likely that US person content will be read.

Excluding bulk targets

Now, my analysis about the legal logic of all this starts to break down once the FISC approves bulk orders. In those programs — Protect America Act and FISA Amendments Act — analysts choose targets with no judicial oversight and the standard (because targets are assumed to be foreign) doesn’t require probable cause. But the FISC recognized this. Starting with BR 07-16, the first order approved (on October 18, 2007) after the PAA until the extant PAA orders expired, the primary orders included language excluding PAA targets. Starting with 08-08, the first order approved (on October 18, 2007) after FAA until the present, the primary orders included language excluding FAA targets.

Of course, this raises a rather important question about what happened between the enactment of PAA on August 5, 2007 and the new order on October 18, 2007, or what happened between enactment of FAA on July 10, 2008 and the new order on August 19, 2008. Read more →

Scorecard: Snowden-Related Publication of Verizon’s Name — 1. ODNI Publication of Verizon’s Name — 1.

January 21, 2014/6 Comments/in FISA, PATRIOT /by emptywheel

Would you lookee here?

Sometime between the time I published this post — showing ODNI did not redact anything in this passage of the January 20, 2011 phone dragnet primary order …

… And this afternoon, ODNI swapped out the document such that that passage now looks like this:

I guess maybe James Clapper’s office figured it would be hard to spew their defector propaganda if they themselves had published some of the same material.

We all know how Clapper strives to cover up his own crimes.

Except they did publish it.

Meaning ODNI has caused Verizon’s name to be published in conjunction with the phone dragnet as many times as Edward Snowden has. I wait with bated breath for the ill-considered “Traitor!!!” cries to be directed against Clapper.

Update: To be clear, as I noted on this post, I didn’t find this particular redaction error (I’ve got some more … interesting ones). Michael alerted me to it on Twitter. I just decided to point out that ODNI had tried to cover this up.