Posts

US Official Position Says Hacking Is Permissible?

/1 Comment/in , /by

According to LAT’s Ken Dilanian, it is the “official position” of the US government that some kinds of hacking are “permissible.”

The official U.S. position — that governments hacking governments for military and other official secrets is permissible, but governments hacking businesses for trade secrets is not — is a tougher sell these days.

He makes the claim in an article that originally claimed Edward Snowden’s leaks have set back cybersecurity efforts, but then had to issue a correction acknowledging CISPA probably wasn’t going to happen anyway.

An article in the Feb. 2 Section A on the effects of Edward Snowden’s leaks of National Security Agency secrets said the White House backed the Cyber Intelligence Sharing and Protection Act, a cybersecurity measure. The White House threatened to veto the proposed bill in April. —

I take from this correction that Dilanian was fairly uncritically repeating the claims of NSA boosters — as other reporters have credulously repeated claims about the way Snowden’s leaks will affect cybersecurity initiatives.

Which is why I find his description of this “official position” so interesting.

I’m not aware of the US endorsing any official (public) policy on the kinds of hacks NSA (and CyberCommand) are permitted. Congress has tried to put some limits on it — or at least get briefing on it. And Keith Alexander successfully fought for a lot more autonomy over the hacks he could do.

The Executive does, however, have an official policy on SIGINT: President Obama’s recent Presidential Policy Directive. But a SIGINT official position and a hacking policy are not necessarily the same thing. While hacking is one way we collect SIGINT (though I don’t think NSA has admitted to that), we also conduct hacking for offensive purposes.

Even assuming they were the same thing, Dilanian’s characterization would be a misstatement of the policy in any case.

The actual policy permits the collection of SIGINT for broadly defined foreign intelligence purposes.

Thus, ” foreign intelligence ” means ” information relating to the capabilities, intentions, or activities of foreign governments or elements thereof, foreign organizations, foreign persons, or international terrorists,

Of course, corporations are, under US law, both “organizations” and “persons,” so this definition permits spying on foreign corporations (other intelligence documents lay this out explicitly).

And the PPD does permit the collection of foreign private commercial information to protect US and allies’ national security.

The collection of foreign private commercial information or trade secrets is authorized only to protect the national security of the United States or its partners an d allies. It is not an authorized foreign intelligence or counterintelligence purpose to collect such information to afford a competitive advantage 4 to U.S. companies and U.S. business sectors commercially.

This is, frankly, where our hypocrisy on hacking (and SIGINT) begins to fall apart, given that China would maintain that stealing our military (and energy and tech) secrets are a matter of national security, and the fact that our government maintains more nominal separation from the companies that develop such things than China does should not shield those companies from spying.

And then, finally, the limits on data collection don’t apply when the NSA is working to develop SIGINT capabilities.

it shall not apply to signals intelligence activities undertaken to test or develop signals intelligence capabilities.

Given that some of our alleged hacking seems to support efforts to develop new hacking capabilities, this exception could prove infinitely recursive, especially given the rules on information collection in the name of cyberdefense and attacks. And of course, when we exploited Siemens’ SCADA industrial control systems to attack Iran, we used a corporate competitor’s trade secrets in the name of national security.

That is, even ignoring how America’s self-interested standard simply defines our national security in terms that legitimize our own hacking, when you get into the interaction of our intelligence to hack which serves to collect intelligence, the rules on SIGINT basically fall apart.

But hey. If the US says hacking of official government secrets is “permissible,” then maybe DOJ will withdraw the charges against Edward Snowden?

The FBI’s Improving Cooperation with FSB

/4 Comments/in /by

There were a number of questions about security threats to the Sochi Olympics at the Global Threat hearing the other day. One of them provided Jim Comey the opportunity to say this:

National Counterterrorism Center Director Matthew Olsen: So we’re very focused on the problem of terrorism in the run-up to the Olympics. I would add that I traveled to Sochi last December and met with Russian security officials. They understand the threat; they are very focused on this and devoting substantial resources. The biggest issue, from my perspective, is not the games themselves, the venues themselves; there is extensive security at those locations — the sites of the events. The greater threat is to softer targets in the greater Sochi area and in the outskirts, beyond Sochi, where there is a substantial potential for a terrorist attack.

Dianne Feinstein: Thank you very much. Mr. Comey, would you tell us what you can about cooperation between Russia and your organization?

FBI Director Jim Comey: Certainly, Senator. The cooperation between the FSB and the FBI in particular has been steadily improving over the last year. We’ve had exchanges at all levels, particularly in connection with Sochi, including me directly to my counterpart at FSB, and I think that we have a good level of cooperation there. It can always improve; we’re looking for ways to improve it, as are they, but this, as Director Olsen said, remains a big focus of the FBI. [my emphasis]

In the middle of a hearing at which James Clapper railed against Edward Snowden, claiming that counterintelligence threats — by which he largely meant Snowden — presented the second biggest threat to the country, the FBI Director stated that cooperation between his agency and the Russian spy agency has been improving for the last year (I’m guessing he means it has been improving since the Boston attack, because relations were quite chilly before that).

Snowden’s the second biggest threat to this country, and yet our relations with Russia, and specifically with Russia’s spy agency, have been steadily improving over the entire period Snowden has had asylum in Russia.

I don’t pretend to know precisely what that means.

At a minimum, it poses real questions about the unsubstantiated and whispered claims that Snowden has provided Russia great intelligence on NSA’s activities. After all, if Russia was busy exploiting Snowden’s secrets, it presumably would present challenges for this budding new cooperation between the FSB and those investigating Snowden’s leaks.

(The Global Threats report actually raises the case of Jeffrey Paul Delisle, a Canadian intelligence officer who gave Russia Five Eyes secrets for five years, as proof the Russians are soliciting more spies as part of its cyberwar efforts.)

There is, of course, another (remote) possibility: that we worked out a deal with Russia, whereby they’d give Snowden asylum and report back what he had taken. I have no reason to believe Snowden has shared secrets (though don’t doubt Putin will take whatever he can get his hands on), and the thought that Russia would agree to tell us what Snowden got is far-fetched. Still, Putin’s enough of a statist he might do it (and might misinform us along the way). While far-fetched, if that were the case, though, it’d give the US several things: the security in knowing Snowden was in the hands of security forces who would prevent any non-state or weaker states from getting to him, who were also limiting what Snowden could say publicly. Some clue about what Snowden had taken. And a political situation which would help US efforts to propagndize against Snowden.

Alternately, one of the things the FBI has learned as it has worked more closely with the FSB is that Snowden hasn’t shared any secrets with Russia (perhaps, as many have suggested, Russia got enough from Delisle that they would rather use Snowden solely to discomfit us).

I don’t know what it means. But I do find it rather implausible that the FBI would continue to expand cooperation with the FSB even as it extracted NSA’s family jewels from Snowden. Yet that’s the story Snowden’s biggest detractors would like you to believe.

The Impasse on Executive Spying

/12 Comments/in , /by

In an important post the other day, Steve Vladeck described what he believed to be the most important lesson Edward Snowden has taught us.

They miss the single most important lesson we’ve learned — or should have learned — from Snowden, i.e., that the grand bargain has broken down. Intelligence oversight just ain’t what it used to be, and the FISA Court, as an institution, seemed to have been far better suited to handle individualized warrant applications under the pre-2001 FISA regime than it has been to reviewing mass and programmatic surveillance under section 215 of the USA PATRIOT Act and section 702, as added by the FISA Amendments Act of 2008.

Thus, even if one can point to specific individual programs the disclosure of which probably has not advanced the ongoing public policy conversation, all of the disclosures therefore illuminate a more fundamental issue of public concern — and one that should be (and, arguably, has been) driving the reform agenda: Whatever surveillance authorities the government is going to have going forward, we need to rethink the structure of oversight, both internally within the Executive Branch, and externally via Congress and the courts. That’s not because the existing oversight and accountability mechanisms have been unlawful; it’s because so many of these disclosures have revealed them to be inadequate and/or ineffective. And inasmuch as such reforms may strengthen not just mechanisms of democratic accountability for our intelligence community, but also their own confidence in the propriety and forward-looking validity of their authorities, they will make all of us — including the NSA — stronger in the long term.

While I agree with Vladeck that’s an important lesson from Snowden, I don’t think it has been admitted by those who most need the lesson: most members of Congress (most of all, the Intelligence Committees) and the FISA Court, as well as the other Article III judges who are quickly becoming dragnet experts.

But I’m hopeful PCLOB — which is already under attack even from Susan Collins for having the audacity to conduct independent oversight — will press the issue.

As I have noted in the past, PCLOB has a better understanding of how the Executive uses EO 12333 than any other entity I’ve seen (I think the Review Group may have a similar understanding, but they won’t verbalize it).

That’s why I find their treatment of FISA as a compromise to put questions about separation of powers on hold so interesting.

In essence, FISA represented an agreement between the executive and legislative branches to leave that debate aside 600 and establish a special court to oversee foreign intelligence collection . While the statute has required periodic updates, national security officials have agreed that it created an appropriate balance among the interests at stake, and that judicial review provides an important mechanism regulating the use of very powerful and effective techniques vital to the protection of the country. 601

600 “[T]he bill does not recognize, ratify, or deny the existence of any Presidential power to authorize warrantless surveillance in the United States n the absence of the legislation. It would, rather, moot the debate over the existence or non – existence of this power[.]” HPSCI Report at 24. This agreement between Congress and the executive branch to involve the judiciary in the regulation of intelligence collection activities did not and could not resolve constitutional questions regarding the relationship between legislative and presidential powers in the area of national security . See In re: Sealed Case , 310 F.3d 717, 742 (FISA Ct. Rev. 2002) (“We take for granted that the President does have that authority [inherent authority to conduct warrantless searches to obtain foreign intelligence information] and, assuming that is so, FISA could not encroach on the President ’ s constitutional power.”).

When NSA chose to avoid First Amendment review on the 3,000 US persons it had been watch-listing by simply moving them onto a new list, when it refused to tell John Bates how much US person content it collects domestically off telecom switches, when it had GCHQ break into Google’s cables to get content it ought to be able to obtain through FISA 702, when it rolled out an Internet dragnet contact-chaining program overseas in part because it gave access to US person data it couldn’t legally have here, NSA made it clear it will only fulfill its side of the compromise so long as no one dares to limit what it can do.

That is, Snowden has made it clear that the “compromise” never was one. It was just a facade to make Congress and the Courts believe they had salvaged some scrap of separation of powers.

NSA has made it clear it doesn’t much care what its overseers in Congress or the Court think. It’ll do what it wants, whether it’s in the FISC  or at a telecom switch just off the US shore. And thus far, Obama seems to agree with them.

Which means we’re going to have to start talking about whether this country believes the Executive Branch should have relatively unfettered ability to spy on Americans. We’re going to have to take a step back and talk about separation of powers again.

Scorecard: Snowden-Related Publication of Verizon’s Name — 1. ODNI Publication of Verizon’s Name — 1.

/6 Comments/in , /by

Would you lookee here?

Sometime between the time I published this post — showing ODNI did not redact anything in this passage of the January 20, 2011 phone dragnet primary order
Screen shot 2014-01-20 at 3.20.11 AM

 

… And this afternoon, ODNI swapped out the document such that that passage now looks like this:

Screen shot 2014-01-21 at 3.26.21 PM

I guess maybe James Clapper’s office figured it would be hard to spew their defector propaganda if they themselves had published some of the same material.

We all know how Clapper strives to cover up his own crimes.

Except they did publish it.

Meaning ODNI has caused Verizon’s name to be published in conjunction with the phone dragnet as many times as Edward Snowden has. I wait with bated breath for the ill-considered “Traitor!!!” cries to be directed against Clapper.

Update: To be clear, as I noted on this post, I didn’t find this particular redaction error (I’ve got some more … interesting ones). Michael alerted me to it on Twitter. I just decided to point out that ODNI had tried to cover this up.

Dragnet at Bernie’s: On Spying on Congress

/10 Comments/in , , /by

Bernie SandersIt turns out that Mark Kirk — not Bernie Sanders — was the first member of Congress to raise concerns about the NSA spying on Senators after Edward Snowden’s leaks started being published. Kirk did so less than a day after the Guardian published the Verizon order from the phone dragnet, in an Appropriations Committee hearing on the Department of Justice’s budget (see at 2:00). After Susan Collins raised the report in the context of drone killing, Kirk asked for assurances that members of Congress weren’t included in the dragnet.

Kirk: I want to just ask, could you assure to us that no phones inside the Capitol were monitored, of members of Congress, that would give a future Executive Branch if they started pulling this kind of thing up, would give them unique leverage over the legislature?

Holder: With all due respect, Senator, I don’t think this is an appropriate setting for me to discuss that issue–I’d be more than glad to come back in an appropriate setting to discuss the issues that you’ve raised but in this open forum–

Kirk: I’m going to interrupt you and say, the correct answer would say, no, we stayed within our lane and I’m assuring you we did not spy on members of Congress.

The first substantive question Congress asked about the dragnet was whether they were included in it.

After that, a few moments of chaos broke out, as other Senators — including NSA’s representative on the Senate Intelligence Committee, Barb Mikulski — joined in Kirk’s concerns, while suggesting the need for a full classified Senate briefing with the AG and NSA. Richard Shelby jumped in to say Mikulski should create the appropriate hearing, but repeated that what Senator Kirk asked was a very important question. Mikulski agreed that it’s the kind of question she’d like to ask herself. Kirk jumped in to raise further separation of powers concerns, given the possibility that SCOTUS had their data collected.

The very first concern members of Congress raised about the dragnet was how it would affect their power.

And then there was a classified briefing and …

… All that noble concern about separation of power melted away. And some of the same people who professed to have real concern became quite comfortable with the dragnet after all.

It’s in light of that sequence of events (along with Snowden’s claim that Members of Congress are exempt, and details about how data integrity analysts strip certain numbers out of the phone dragnet before anyone contact-chains on it) that led me to believe that NSA gave some assurances to Congress they need not worry that their power was threatened by the phone dragnet.

The best explanation from external appearances was that Congress got told their numbers got protection the average citizen’s did not, perhaps stripped out with all the pizza joints and telemarketers (that shouldn’t have alleviated their concerns, as some of that data has been found sitting on wayward servers with no explanation, but members of Congress can be dumb when they want to be).

And they were happy with the dragnet.

Then, 7 months later, Bernie Sanders started asking similar — but not the same –questions. In a letter to Keith Alexander, he raised several issues:

  • Phone calls made
  • Emails sent
  • Websites visited
  • Foreign leaders wiretapped

He even defined what he meant by spying.

“Spying” would include gathering metadata on calls made from official or personal phones, content from websites visited or emails sent, or collecting any other data from a third party not made available to the general public in the regular course of business.

In response, Alexander rejected Sanders’ definition of spying (implicitly suggesting it wasn’t fair), while using a dodge he repeatedly has: the Americans in question are not being targeted, even while they might be collected “incidentally.”

Nothing NSA does can fairly be characterized as “spying on Members of Congress or other American elected officials.”

[snip]

NSA may not target any American for foreign intelligence collection without a finding of probable cause that the proposed target of collection is a foreign power or an agent of a foreign power. Moreover, as you are aware, whenever an NSA activity results in the incidental collection of information about Americans, that information is handled pursuant to the very robust procedures designed to protect privacy interests — procedures that must be approved by the Attorney general or the Foreign Intelligence Surveillance Court, as appropriate. All those protections apply to members of Congress, as they do to all Americans.

Alexander then addressed just one of the three kinds of spying Sanders raised: phone data (which, if I’m right that NSA strips Congressional numbers at the data integrity stage, is the one place Alexander can be fairly sure Sanders’ contacts won’t be found).

Your letter focuses on NSA’s acquisition of telephone metadata…

And used the controls imposed on the raw data of the phone dragnet as an excuse for not answering Sanders’ question.

Among those protections is the condition that NSA can query the metadata only based on phone numbers reasonably suspected to be associated with specific foreign terrorist groups. For that reason, NSA cannot lawfully search to determine if any records NSA has received under the program have included metadata of the phone calls of any member of Congress, other American elected officials, or any other American without that predicate.

Alexander totally ignored Sanders’ two other specified concerns: emails sent and websites visited.

Which is mighty convenient, because for a very large segment of that collection (the internet metadata collected under EO 12333 and via PRISM, though not the data collected domestically before 2011 or domestic upstream collection), NSA believes it doesn’t even need Reasonable Articulable Suspicion to search on US person identifiers. Read more

Let’s Prosecute Treasury, State, and Drone Misses for Illegal Leaking

/3 Comments/in /by

Some crisis communications moron apparently advised John Inglis to repeat “unauthorized disclosure” over and over in his interview with Steve Inskeep (he does so 7 times).

Because Inglis implicitly accuses Treasury, the State Department, and failed drone operators for illegal leaks.

In response to Inskeep’s question whether the NSA conducts 44 million queries a year (which actually means the NSA is passively querying targets an order of magnitude more often, as Inglis’ response makes clear), Inglis tries to suggest that the only way a target would learn we were tracking him would be if someone leaked that information.

INGLIS: That’s what that math would lead you to but actually, it’s not that simple. So let’s say I’m interested in a particular terrorist, that individual might have dozens, might have across a given year hundreds of selectors. I’d kind of pick up and drop telephones on, you know, like it’s fast food. They might form, discard email addresses at a rapid rate. Why? Because we told them that they’re of interest to us. We’ve been telling them that for years through these unauthorized disclosures. So one individual might have attributable to them hundreds of these things. At the same time, we don’t query one time a year. We might try to find out every few hours. We might try to find out every once in a while, you know, where this thing is. It might be that geo-location is of interest to us. And so all of that then constitutes a broad number of inquiries.

Of course, the other way targets learn we are tracking them is if Treasury and State designate their organization a terror affiliate (or they themselves a designated target), or if they escape a near miss, perhaps by drone.

Seriously, Inglis would have to be a moron if he really believes many — if not most — of our top targets don’t know we’re tracking them. But he’s not a moron. Which presents the more logical conclusion that he has cynically started chanting leak leak leak when describing something that is a normal aspect of spying, all to suggest what Snowden has done devastated their work.

Obama Approves Releasing Classified Information to Attack Snowden for Leaking Classified Information

/15 Comments/in , /by

Kudos to Shane Harris who, unlike a number of other reporters, brought the appropriate skepticism to Mike Rogers and Dutch Ruppersberger’s attempt to fearmonger Edward Snowden’s leaks. Not only did Harris use the correct verb tense — “could” as opposed to “has” — to describe documents describing the activities of the Armed Services that have not yet been released (and note, implicitly Rogers and Rupp are saying the risk is to forces in the field but not within the domestic US). But he repeatedly noted Rogers and Rupp’s complete failure to provide any evidence:

But the lawmakers — who are working in coordination with the Obama administration and are trying to counter the narrative that Snowden is a heroic whistleblower — offered no specific examples to substantiate their claims.

[snip]

The lawmakers cited no articles or specific documents to support that claim.

[snip]

But the spokesman did not say what, if any, conclusions the task force had reached about actual damage caused by documents Snowden took, regardless of whether they’ve been disclosed or not.

My favorite part of Harris’ piece, however, is the way he makes clear that Rogers and Rupp are selectively releasing classified information — with the Administration’s approval — to complain about Snowden releasing classified information.

A congressional staffer who is familiar with the report’s findings said that the lawmakers chose to make some of its contents public in order to counter what they see as a false impression of Snowden as a principled whistleblower who disclosed abuses of power.

“Snowden has been made out by some people to be a hero. What we need to do is really look at the effect of his leaks and see that what he’s done is really harm our country and put citizens at risk. The purpose [of releasing some findings] is to clear the record and show that he’s not a hero,” the staffer told Foreign Policy.

The staffer said that the administration approved the information that the lawmakers disclosed in advance.

Because some leaky pigs are more equal than other leaky pigs.

Crimes against Secrecy, Crimes against the Constitution

/13 Comments/in , , /by

I’m not all that interested in the debate about offering Edward Snowden some kind of amnesty, as I think he could never accept the terms being offered, it arises in part out of NSA’s PR effort, and distracts from the ongoing revelations.

But I am interested in this. Amy Davidson wrote a column refuting Fred Kaplan’s assertion that because Snowden “signed an oath, as a condition of his employment as an NSA contractor, not to disclose classified information,” comparisons with Jimmy Carter’s pardon for draft dodgers are inapt. She notes (as a number of people have already) that the only “oath” that Snowden made was to the Constitution.

To begin with, did Snowden sign “an oath…not to disclose classified information”? He says that he did not, and that does not appear to have been contradicted. Snowden told the Washington Posts Barton Gellman that the document he signed, as what Kaplan calls “a condition of his employment,” was Standard Form 312, a contract in which the signatory says he will “accept” the terms, rather than swearing to them. By signing it, Snowden agreed that he was aware that there were federal laws against disclosing classified information. But the penalties for violating agreement alone are civil: for example, the government can go after any book royalties he might get for publishing secrets.

Snowden did take an oath—the Oath of Office, or appointment affidavit, given to all federal employees:

I will support and defend the Constitution of the United States against all enemies, foreign and domestic; that I will bear true faith and allegiance to the same; that I take this obligation freely, without any mental reservation or purpose of evasion; and that I will well and faithfully discharge the duties of the office on which I am about to enter. So help me God.

Now, some would argue—and it would have to be an argument, not an elision—that he violated this oath in revealing what he did; Snowden told Gellman that the revelations were how he kept it—protecting the Constitution from the officials at the N.S.A., which was assaulting it. Either way this is just not an oath, on the face of it, about disclosing classified information. [my emphasis]

Former Obama DOD official Phil Carter then attempted to refute Davidson on Twitter. He did so by pointing to the “solemnity” of the forms Snowden did sign, and then noting such “promises are far more legally enforceable than an ‘oath’ of office.”

Screen shot 2014-01-06 at 8.16.52 AM

I don’t dispute Carter’s point that nondisclosure agreements are easier to enforce legally than an oath to the Constitution. And, as noted above, in her original piece Davidson admitted that Snowden had acknowledged there were laws against leaking classified information. No one is arguing Snowden didn’t break any laws (though if our whistleblower laws covered contractors, there’d be a debate about whether that excuses Snowden’s leaks).

Nevertheless, Carter’s comment gets to the crux of the point (and betrays how thoroughly DC insiders have internalized it).

We have an ever-growing side of our government covered by a blanket of secrecy. Much of what that secrecy serves to cover up involves abuse or crime. Much of it involves practices that gut the core precepts of the Constitution (and separation of powers are as much at risk as the Bill of Rights).

Yet we not only have evolved a legal system (by reinforcing the clearance system, expanding the Espionage Act, and gutting most means to challenge Constitutional violations) that treats crimes against secrecy with much greater seriousness than crimes against the Constitution, but DC folks (even lawyers, like Carter) simply point to it as the way things are, not a fundamental threat to our country’s government.

That plight — where our legal system guards this country’s “secrets” more greedily than it guards the Constitution — is the entire point underlying calls for amnesty for Snowden. He has pointed to a system that not only poses a grave threat to the Bill of Rights, but just as surely, to separation of powers and our claim to be a democracy.

Moreover, those who (like Carter) point to our failed branches of government as better arbiters of the Constitution than Snowden ignore many of the details in the public record. Just as one example, David Kris has suggested that the entire reason Colleen Kollar-Kotelly wrote a badly flawed opinion authorizing the Internet dragnet was because George Bush had created a constitutional problem by ignoring Congress’ laws and the courts.

More broadly, it is important to consider the context in which the FISA Court initially approved the bulk collection. Unverified media reports (discussed above) state that bulk telephony metadata collection was occurring before May 2006; even if that is not the case, perhaps such collection could have occurred at that time based on voluntary cooperation from the telecommunications providers. If so, the practical question before the FISC in 2006 was not whether the collection should occur, but whether it should occur under judicial standards and supervision, or unilaterally under the authority of the Executive Branch. [my emphasis]

And while Kris argued Congress’ subsequent approval of the dragnets cures this original sin, the record in fact shows it did so only under flawed conditions of partial knowledge. Of course, these attempts to paper over a constitutional problem only succeed so long as they remain shrouded in secrecy.

That the first response of many is to resort to legalistic attempts to prioritize the underlying secrecy over the Constitution raises questions about what they believe they are protecting. The next torture scandal? Covert ops that might serve the interest of certain autocratic allies but actually make Americans less secure? The financial hemorrhage that is our military industrial complex? The sheer ignorance our bloated intelligence community has about subjects of great importance? Petty turf wars? Past failures of the national security system we’re encouraged to trust implicitly?

At some point, we need to attend to protecting our Constitution again. If Article I and III have gotten so scared of their own impotence (or so compromised) that they can no longer do so, then by all means lets make that clear by revealing more of the problems.

But we need to stop chanting that our Constitution is not a suicide pact and instead insist that our secrecy oaths non-disclosure agreements should not be suicide bombs.

The Civil Liberties Celebration Hangover Wears Off

/16 Comments/in , , , , , , , , , /by

JusticePicAt the end of last week, I joked a little about privacy and civil liberties advocates having had the “best week ever”. It was indeed a very good week, but only relatively compared to the near constant assault on the same by the government. But the con is being put back in ICon by the Administration and its mouthpieces.

As I noted in the same post, Obama himself has already thrown cold water on the promise of his NSA Review Board report. Contrary to some, I saw quite a few positives in the report and thought it much stronger than I ever expected. Still, that certainly does not mean it was, or is, the particularly strong reform that is needed. And even the measures and discussion it did contain are worthless without sincerity and dedication to buy into them by the intelligence community and the administration. But if Obama on Friday was the harbinger of the walkback and whitewash of real reform, the foot soldiers are taking the field now to prove the point.

Sunday morning brought out former CIA Deputy Director Michael Morrell on CBS Face the Nation to say this:

I think that is a perception that’s somehow out there. It is not focused on any single American. It is not reading the content of your phone calls or my phone calls or anybody else’s phone calls. It is focused on this metadata for one purpose only and that is to make sure that foreign terrorists aren’t in contact with anybody in the United States.

Morrell also stated that there was “no abuse” by the NSA and that Ed Snowden was a “criminal” who has shirked his duties as a “patriot” by running. Now Mike Morrell is not just some voice out in the intelligence community, he was one of the supposedly hallowed voices that Barack Obama chose to consider “reform”.

Which ought to tell you quite a bit about what Barack Obama really thinks about true reform and your privacy interests. Not much. In fact, Morrell suggested (and Obama almost certainly agrees) that the collection dragnet should be expanded from telephony to also include email. Not exactly the kind of “reform” we had in mind.

Then, Sunday night 60 Minutes showed that fluffing the security state is not just a vice, but an ingrained habit for them. Hot on the heels of their John Miller blowjob on the NSA, last night 60 Minutes opened with a completely hagiographic puff piece on and with National Security Advisor Susan Rice. There was absolutely no news whatsoever in the segment, it was entirely a forum for Rice and her “interviewer”, Lesley Stahl, to spew unsupported allegations about Edward Snowden (He “has 1.5 million documents!”), lie about how the DOJ has interacted with the court system regarding the government surveillance programs (the only false statements have been “inadvertent”) and rehab her image from the Benghazi!! debacle. That was really it. Not exactly the hard hitting journalism you would hope for on the heels of a federal judge declaring a piece of the heart of the surveillance state unconstitutional.

Oh, yes, Susan Rice also proudly proclaimed herself “a pragmatist like Henry Kissinger which, as Tim Shorrock correctly pointed out, is not exactly reassuring from the administration of a Democratic President interested in civil liberties, privacy and the rule of law.

So, the whitewashing of surveillance dragnet reform is in full swing, let the giddiness of last week give way to the understanding that Barack Obama, and the Intelligence Community, have no intention whatsoever of “reforming”. In fact, they will use the illusion of “reform” to expand their authorities and power. Jonathan Turley noted:

Obama stacked the task force on NSA surveillance with hawks to guarantee the preservation of the program.

Not just preserve, but to give the false, nee fraudulent, patina of Obama Administration concern for the privacy and civil liberties concerns of the American citizenry when, in fact, the Administration has none. It is yet another con.

Or, as Glenn Greenwald noted:

The key to the WH panel: its stated purpose was to re-establish public confidence in NSA – NOT reform it.

There may be some moving of the pea beneath the shells, but there will be no meaningful reform from the administration of Barack Obama. The vehicle for reform, if there is to be one at all, will have to come from the Article III federal courts. for an overview of the path of Judge Leon’s decision in Klayman through the DC circuit, see this piece by NLJ’s Zoe Tillman.

Lastly, to give just a little hope after the above distressing content, I recommend a read of this excellent article by Adam Serwer at MSNBC on the cagy pump priming for surveillance reform Justice Sotomayor has done at the Supreme Court:

If Edward Snowden gave federal courts the means to declare the National Security Agency’s data-gathering unconstitutional, Sonia Sotomayor showed them how.

It was Sotomayor’s lonely concurrence in U.S. v Jones, a case involving warrantless use of a GPS tracker on a suspect’s car, that the George W. Bush-appointed Judge Richard Leon relied on when he ruled that the program was likely unconstitutional last week. It was that same concurrence the White House appointed review board on surveillance policy cited when it concluded government surveillance should be scaled back.

“It may be necessary to reconsider the premise that an individual has no reasonable expectation of privacy in information voluntarily disclosed to third parties,” Sotomayor wrote in 2012. “This approach is ill suited to the digital age, in which people reveal a great deal of information about themselves to third parties in the course of carrying out mundane tasks.”

Give the entire article a read, Adam is spot on. If there is to be reform on the surveillance dragnet, it will almost certainly have to be the handiwork of the courts, and Justice Sotomayor planted the seed. The constant barrage of truth and facts coming from the Snowden materials, what Jay Rosen rightfully terms “The Snowden Effect” is providing the food for Sotomayor’s seed to flower. Hopefully.

“He’s sure as hell no traitor”

/6 Comments/in /by

Fortune has an interview with a former colleague of Edward Snowden’s in Hawaii (some have questioned its provenance, but details in the interview accord with other stories about Snowden at NSA; even Keith Alexander said he was very good at his job).

One of my favorite details describes how Snowden repeatedly alerted NSA to security problems in their code, but they didn’t always fix it.

He also frequently reported security vulnerabilities in NSA software. Many of the bugs were never patched.

This is consistent with a story describing him trying to fix a CIA security problem when he was in Europe, so it rings true. But it also reveals the NSA’s own lax concern for security.

But I’m most interested in this paragraph:

Snowden’s former colleague says that he or she has slowly come to understand Snowden’s decision to leak the NSA’s files. “I was shocked and betrayed when I first learned the news, but as more time passes I’m inclined to believe he really is trying to do the right thing and it’s not out of character for him. I don’t agree with his methods, but I understand why he did it,” he or she says. “I won’t call him a hero, but he’s sure as hell no traitor.”

I have been tracking the apparent concern on the part of top NSA officials that employees will learn something that disturbs them. This is — if authentic — one of the first descriptions we have of an NSA employee reacting to Snowden’s leaks (albeit from one who seemed to admire him).

But it describes this employee beginning to understand Snowden’s underlying point, though not his methods (and perhaps not his ultimate judgement it was unconstitutional).

This is the battle Keith Alexander seems most afraid of, the battle over the belief of NSA insiders.