HPSCI Archives - emptywheel

Posts

A Dragnet of emptywheel’s Most Important Posts on Surveillance, 2007 to 2017

December 5, 2017/in Cybersecurity, emptywheel, EO 12333, FISA /by emptywheel

Happy Birthday to me! To us! To the emptywheel community!

On December 3, 2007, emptywheel first posted as a distinct website. That makes us, me, we, ten this week.

To celebrate, the emptywheel team has been sharing some of our favorite work from the last decade. This is my massive dragnet of surveillance posts.

For years, we’ve done this content ad free, relying on donations and me doing freelance work for others to fund the stuff you read here. I would make far more if I worked for some free-standing outlet, but I wouldn’t be able to do the weedy, iterative work that I do here, which would amount to not being able to do my best work.

If you’ve found this work valuable — if you’d like to ensure it remains available for the next ten years — please consider supporting the site.

2007

Whitehouse Reveals Smoking Gun of White House Claiming Not to Be Bound by Any Law

Just days after opening the new digs, I noticed Sheldon Whitehouse entering important details into the Senate record — notably, that John Yoo had pixie dusted EO 12333 to permit George Bush to authorize the Stellar Wind dragnet. In the ten years since, both parties worked to gradually expand spying on Americans under EO 12333, only to have Obama permit the sharing of raw EO 12333 data in its last days in office, completing the years long project of restoring Stellar Wind’s functionalities. This post, from 2016, analyzes a version of the underlying memo permitting the President to change EO 12333 without providing public notice he had done so.

2008

McConnell and Mukasey Tell Half Truths

In the wake of the Protect America Act, I started to track surveillance legislation as it was written, rather than figure out after the fact how the intelligence community snookered us. In this post, I examined the veto threats Mike McConnell and Michael Mukasey issued in response to some Russ Feingold amendments to the FISA Amendments Act and showed that the government intended to use that authority to access Americans’ communication via both what we now call back door searches and reverse targeting. “That is, one of the main purposes is to collect communications in the United States.”

9 years later, we’re still litigating this (though, since then FISC has permitted the NSA to collect entirely domestic communications under the 2014 exception).

2009

FISA + EO 12333 + [redacted] procedures = No Fourth Amendment

The Government Sez: We Don’t Have a Database of All Your Communication

After the FISCR opinion on what we now know to be the Yahoo challenge to Protect American Act first got declassified, I identified several issues that we now have much more visibility on. First, PAA permitted spying on Americans overseas under EO 12333. And it didn’t achieve particularity through the PAA, but instead through what we know to be targeting procedures, including contact chaining. Since then we’ve learned the role of SPCMA in this.

In addition, to avoid problems with back door searches, the government claimed it didn’t have a database of all our communication — a claim that, narrowly parsed might be true, but as to the intent of the question was deeply misleading. That claim is one of the reasons we’ve never had a real legal review of back door searches.

Bush’s Illegal Domestic Surveillance Program and Section 215

On PATRIOTs and JUSTICE: Feingold Aims for Justice

During the 2009 PATRIOT Act reauthorization, I continued to track what the government hated most as a way of understanding what Congress was really authorizing. I understood that Stellar Wind got replaced not just by PAA and FAA, but also by the PATRIOT authorities.

All of which is a very vague way to say we probably ought to be thinking of four programs–Bush’s illegal domestic surveillance program and the PAA/FAA program that replaced it, NSLs, Section 215 orders, and trap and trace devices–as one whole. As the authorities of one program got shut down by exposure or court rulings or internal dissent, it would migrate to another program. That might explain, for example, why Senators who opposed fishing expeditions in 2005 would come to embrace broadened use of Section 215 orders in 2009.

I guessed, for example, that the government was bulk collecting data and mining it to identify targets for surveillance.

We probably know what this is: the bulk collection and data mining of information to select targets under FISA. Feingold introduced a bajillion amendments that would have made data mining impossible, and each time Mike McConnell and Michael Mukasey would invent reasons why Feingold’s amendments would have dire consequences if they passed. And the legal information Feingold refers to is probably the way in which the Administration used EO 12333 and redacted procedures to authorize the use of data mining to select FISA targets.

Sadly, I allowed myself to get distracted by my parallel attempts to understand how the government used Section 215 to obtain TATP precursors. As more and more people confirmed that, I stopped pursuing the PATRIOT Act ties to 702 as aggressively.

2010

Throwing our PATRIOT at Assange

This may be controversial, given everything that has transpired since, but it is often forgotten what measures the US used against Wikileaks in 2010. The funding boycott is one thing (which is what led Wikileaks to embrace Bitcoin, which means it is now in great financial shape). But there’s a lot of reason to believe that the government used PATRIOT authorities to target not just Wikileaks, but its supporters and readers; this was one hint of that in real time.

2011

The March–and April or May–2004 Changes to the Illegal Wiretap Program

When the first iteration of the May 2004 Jack Goldsmith OLC memo first got released, I identified that there were multiple changes made and unpacked what some of them were. The observation that Goldsmith newly limited Stellar Wind to terrorist conversations is one another reporter would claim credit for “scooping” years later (and get the change wrong in the process). We’re now seeing the scope of targeting morph again, to include a range of domestic crimes.

Using Domestic Surveillance to Get Rapists to Spy for America

Something that is still not widely known about 702 and our other dragnets is how they are used to identify potential informants. This post, in which I note Ted Olson’s 2002 defense of using (traditional) FISA to find rapists whom FBI can then coerce to cooperate in investigations was the beginning of my focus on the topic.

2012

FISA Amendments Act: “Targeting” and “Querying” and “Searching” Are Different Things

During the 2012 702 reauthorization fight, Ron Wyden and Mark Udall tried to stop back door searches. They didn’t succeed, but their efforts to do so revealed that the government was doing so. Even back in 2012, Dianne Feinstein was using the same strategy the NSA currently uses — repeating the word “target” over and over — to deny the impact on Americans.

Sheldon Whitehouse Confirms FISA Amendments Act Permits Unwarranted Access to US Person Content

As part of the 2012 702 reauthorization, Sheldon Whitehouse said that requiring warrants to access the US person content collected incidentally would “kill the program.” I took that as confirmation of what Wyden was saying: the government was doing what we now call back door searches.

2013

20 Questions: Mike Rogers’ Vaunted Section 215 Briefings

After the Snowden leaks started, I spent a lot of time tracking bogus claims about oversight. After having pointed out that, contrary to Administration claims, Congress did not have the opportunity to be briefed on the phone dragnet before reauthorizing the PATRIOT Act in 2011, I then noted that in one of the only briefings available to non-HPSCI House members, FBI had lied by saying there had been no abuses of 215.

John Bates’ TWO Wiretapping Warnings: Why the Government Took Its Internet Dragnet Collection Overseas

Among the many posts I wrote on released FISA orders, this is among the most important (and least widely understood). It was a first glimpse into what now clearly appears to be 7 years of FISA violation by the PRTT Internet dragnet. It explains why they government moved much of that dragnet to SPCMA collection. And it laid out how John Bates used FISA clause 1809(a)(2) to force the government to destroy improperly collected data.

Federated Queries and EO 12333 FISC Workaround

In neither NSA nor FBI do the authorities work in isolation. That means you can conduct a query on federated databases and obtain redundant results in which the same data point might be obtained via two different authorities. For example, a call between Michigan and Yemen might be collected via bulk collection off a switch in or near Yemen (or any of the switches between there and the US), as well as in upstream collection from a switch entering the US (and all that’s assuming the American is not targeted). The NSA uses such redundancy to apply the optimal authority to a data point. With metadata, for example, it trained analysts to use SPCMA rather than PATRIOT authorities because they could disseminate it more easily and for more purposes. With content, NSA appears to default to PRISM where available, probably to bury the far more creative collection under EO 12333 for the same data, and also because that data comes in structured form.

Also not widely understood: the NSA can query across metadata types, returning both Internet and phone connection in the same query (which is probably all the more important now given how mobile phones collapse the distinction between telephony and Internet).

This post described how this worked with the metadata dragnets.

The Purpose(s) of the Dragnet, Revisited

The government likes to pretend it uses its dragnet only to find terrorists. But it does far more, as this analysis of some court filings lays out.

2014

The Corporate Store: Where NSA Goes to Shop Your Content and Your Lifestyle

There’s something poorly understood about the metadata dragnets NSA conducts. The contact-chaining isn’t the point. Rather, the contact-chaining serves as a kind of nomination process that puts individuals’ selectors, indefinitely, into the “corporate store,” where your identity can start attracting other related datapoints like a magnet. The contact-chaining is just a way of identifying which people are sufficiently interesting to submit them to that constant, ongoing data collection.

SPCMA: The Other NSA Dragnet Sucking In Americans

I’ve done a lot of work on SPCMA — the authorization that, starting in 2008, permitted the NSA to contact chain on and through Americans with EO 12333 data, which was one key building block to restoring access to EO 12333 analysis on Americans that had been partly ended by the hospital confrontation, and which is where much of the metadata analysis affecting Americans has long happened. This was my first comprehensive post on it.

The August 20, 2008 Correlations Opinion

A big part of both FBI and NSA’s surveillance involves correlating identities — basically, tracking all the known identities a person uses on telephony and the Internet (and financially, though we see fewer details of that), so as to be able to pull up all activities in one profile (what Bill Binney once called “dossiers”). It turns out the FISC opinion authorizing such correlations is among the documents the government still refuses to release under FOIA. Even as I was writing the post Snowden was explaining how it works with XKeyscore.

A Yahoo! Lesson for USA Freedom Act: Mission Creep

This is another post I refer back to constantly. It shows that, between the time Yahoo first discussed the kinds of information they’d have to hand over under PRISM in August 2007 and the time they got directives during their challenge, the kinds of information they were asked for expanded into all four of its business areas. This is concrete proof that it’s not just emails that Yahoo and other PRISM providers turn over — it’s also things like searches, location data, stored documents, photos, and cookies.

FISCR Used an Outdated Version of EO 12333 to Rule Protect America Act Legal

Confession: I have an entire chapter of the start of a book on the Yahoo challenge to PRISM. That’s because so much about it embodied the kind of dodgy practices the government has, at the most important times, used with the FISA Court. In this post, I showed that the documents that the government provided the FISCR hid the fact that the then-current versions of the documents had recently been modified. Using the active documents would have shown that Yahoo’s key argument — that the government could change the rules protecting Americans anytime, in secret — was correct.

2015

Is CISA the Upstream Cyber Certificate NSA Wanted But Didn’t Really Get?

Among the posts I wrote on CISA, I noted that because the main upstream 702 providers have a lot of federal business, they’ll “voluntarily” scan on any known cybersecurity signatures as part of protecting the federal government. Effectively, it gives the government the certificate it wanted, but without any of the FISA oversight or sharing restrictions. The government has repeatedly moved collection to new authorities when FISC proved too watchful of its practices.

The FISA Court’s Uncelebrated Good Points

Many civil libertarians are very critical of the FISC. Not me. In this post I point out that it has policed minimization procedures, conducted real First Amendment reviews, taken notice of magistrate decisions and, in some cases, adopted the highest common denominator, and limited dissemination.

How the Government Uses Location Data from Mobile Apps

Following up on a Ron Wyden breadcrumb, I figured out that the government — under both FISA and criminal law — obtain location data from mobile apps. While the government still has to adhere to the collection standard in any given jurisdiction, obtaining the data gives the government enhanced location data tied to social media, which can implicate associates of targets as well as the target himself.

The NSA (Said It) Ate Its Illegal Domestic Content Homework before Having to Turn It in to John Bates

I’m close to being able to show that even after John Bates reauthorized the Internet metadata dragnet in 2010, it remained out of compliance (meaning NSA was always violating FISA in obtaining Internet metadata from 2002 to 2011, with a brief lapse). That case was significantly bolstered when it became clear NSA hastily replaced the Internet dragnet with obtaining metadata from upstream collection after the October 2011 upstream opinion. NSA hid the evidence of problems on intake from its IG.

FBI Asks for at Least Eight Correlations with a Single NSL

As part of my ongoing effort to catalog the collection and impact of correlations, I showed that the NSL Nick Merrill started fighting in 2004 asked for eight different kinds of correlations before even asking for location data. Ultimately, it’s these correlations as much as any specific call records that the government appears to be obtaining with NSLs.

2016

What We Know about the Section 215 Phone Dragnet and Location Data

During the lead-up to the USA Freedom Debate, the government leaked stories about receiving a fraction of US phone records, reportedly because of location concerns. The leaks were ridiculously misleading, in part because they ignored that the US got redundant collection of many of exactly the same calls they were looking for from EO 12333 collection. Yet in spite of these leaks, the few figured out that the need to be able to force Verizon and other cell carriers to strip location data was a far bigger reason to pass USAF than anything Snowden had done. This post laid out what was known about location data and the phone dragnet.

While It Is Reauthorizing FISA Amendments Act, Congress Should Reform Section 704

When Congress passed FISA Amendments Act, it made a show of providing protections to Americans overseas. One authority, Section 703, was for spying on people overseas with help of US providers, and another was for spying on Americans overseas without that help. By May 2016, I had spent some time laying out that only the second, which has less FISC oversight, was used. And I was seeing problems with its use in reporting. So I suggested maybe Congress should look into that?

It turns out that at precisely that moment, NSA was wildly scrambling to get a hold on its 704 collection, having had an IG report earlier in the year showing they couldn’t audit it, find it all, or keep it within legal boundaries. This would be the source of the delay in the 702 reauthorization in 2016, which led to the prohibition on about searches.

The Yahoo Scan: On Facilities and FISA

The discussion last year of a scan the government asked Yahoo to do of all of its users was muddled because so few people, even within the privacy community, understand how broadly the NSA has interpreted the term “selector” or “facility” that it can target for collection. The confusion remains to this day, as some in the privacy community claim HPSCI’s use of facility based language in its 702 reauthorization bill reflects new practice. This post attempts to explain what we knew about the terms in 2016 (though the various 702 reauthorization bills have offered some new clarity about the distinctions between the language the government uses).

2017

Ron Wyden’s History of Bogus Excuses for Not Counting 702 US Person Collection

Ron Wyden has been asking for a count of how many Americans get swept up under 702 for years. The IC has been inventing bogus explanations for why they can’t do that for years. This post chronicles that process and explains why the debate is so important.

The Kelihos Pen Register: Codifying an Expansive Definition of DRAS?

When DOJ used its new Rule 41 hacking warrant against the Kelihos botnet this year, most of the attention focused on that first-known usage. But I was at least as interested in the accompanying Pen Register order, which I believe may serve to codify an expansion of the dialing, routing, addressing, and signaling information the government can obtain with a PRTT. A similar codification of an expansion exists in the HJC and Lee-Leahy bills reauthorizing 702.

The Problems with Rosemary Collyer’s Shitty Upstream 702 Opinion

The title speaks for itself. I don’t even consider Rosemary Collyer’s 2017 approval of 702 certificates her worst FISA opinion ever. But it is part of the reason why I consider her the worst FISC judge.

It Is False that Downstream 702 Collection Consists Only of To and From Communications

I pointed out a number of things not raised in a panel on 702, not least that the authorization of EO 12333 sharing this year probably replaces some of the “about” collection function. Most of all, though, I reminded that in spite of what often gets claimed, PRISM is far more than just communications to and from a target.

UNITEDRAKE and Hacking under FISA Orders

A document leaked by Shadow Brokers reveals a bit about how NSA uses hacking on FISA targets. Perhaps most alarmingly, the same tools that conduct such hacks can be used to impersonate a user. While that might be very useful for collection purposes, it also invites very serious abuse that might create a really nasty poisonous tree.

A Better Example of Article III FISA Oversight: Reaz Qadir Khan

In response to Glenn Gerstell’s claims that Article III courts have exercised oversight by approving FISA practices (though the reality on back door searches is not so cut and dry), I point to the case of Reaz Qadir Khan where, as Michael Mosman (who happens to serve on FISC) moved towards providing a CIPA review for surveillance techniques, Khan got a plea deal.

The NSA’s 5-Page Entirely Redacted Definition of Metadata

In 2010, John Bates redefined metadata. That five page entirely redacted definition became codified in 2011. Yet even as Congress moves to reauthorize 702, we don’t know what’s included in that definition (note: location would be included).

FISA and the Space-Time Continuum

This post talks about how NSA uses its various authorities to get around geographical and time restrictions on its spying.

The Senate Intelligence Committee 702 Bill Is a Domestic Spying Bill

This is one of the most important posts on FISA I’ve ever written. It explains how in 2014, to close an intelligence gap, the NSA got an exception to the rule it has to detask from a facility as soon as it identifies Americans using the facility. The government uses it to collect on Tor and, probably VPN, data. Because the government can keep entirely domestic communications that the DIRNSA has deemed evidence of a crime, the exception means that 702 has become a domestic spying authority for use with a broad range of crimes, not to mention anything the Attorney General deems a threat to national security.

“Hype:” How FBI Decided Searching 702 Content Was the Least Intrusive Means

In a response to a rare good faith defense of FBI’s back door searches, I pointed out that the FBI is obliged to consider the least intrusive means of investigation. Yet, even while it admits that accessing content like that obtained via 702 is extremely intrusive, it nevertheless uses the technique routinely at the assessment level.

House Intelligence Parrot: These Programs Are Not Secret…

June 13, 2013/10 Comments/in FISA, PATRIOT /by emptywheel

… but it’s a grave danger for you to know about them.

Bob Minehart, a staffer for Democrats (presumably Dutch Ruppersberger) on the House Intelligence Committee, has put together a pair of talking point documents for members of the House to talk about the programs revealed by the Guardian last week. (I found out Minehart is the author by checking the documents’ metadata.) The talking points largely track what James Clapper released, though with a few differences that may come from Mike Rogers which I may return to.

The talking points claim the reporting on the programs have inaccuracies.

The articles referenced above contain numerous inaccuracies that imply the United States Government is spying on Americans. That is just plain false.

But the documents include a number of claims that are meaningless, given the underlying standards involved.

The FISA Court authorizes intelligence collection only after the Intelligence Community has proven its case, based on underlying facts and investigations.

The most pathetic part of these talking points, however, is the claim that these are not secret programs. Not the Section 215 dragnet of every Americans’ call data.

There is no secret program involved here – it is strictly authorized by a U.S. statute.

And not the direct access to Internet companies data with just a 51% certainty that the data collected is foreign.

There is no secret program involved – it is strictly authorized by a U.S. statute.

But in spite of this claim that massive dragnets deceitfully denied in Congressional hearings are not secret, the PRISM-related set still warns about what grave danger the leak of the information created.

The unauthorized disclosure of information about this critical legal tool puts our national security in grave danger, puts Americans at risk of terrorist and cyber attacks, and puts our military intelligence resources in danger of being revealed to our adversaries.

These are not secret programs, Dutch Ruppersberger wants you to know. But revealing them will kill us all.

House Intelligence Committee Moves to Learn How OTHER Services Don’t Throw Away Incidental US Person Data

March 8, 2013/2 Comments/in Drones /by emptywheel

I’ve long been tracking the implications of the Air Force’s policy to keep US person data incidentally collected using domestic drones. Effectively, it would allow the government to collect data on select locations (such as a likely drug trafficking route), so long as it didn’t target any particular American, and then refer back to or data mine that information in the future.

The policy is (not surprisingly, since both are DOD) very nearly parallel to what we think is happening with the NSA’s collections. So long as they weren’t originally targeting a US person, the government seems to be saying, nothing prevents them from going back to use the data in the future.

Which is why I’m not all that impressed by the House Intelligence Committee’s push, in this year’s appropriations bill, to require other services and DOD agencies to lay out what they’re doing with domestic collections.

Congress has directed the Secretary of Defense to report on the handling of surveillance data collected by military unmanned aerial systems operating in domestic airspace. A provision in the 2013 continuing appropriations conference bill approved by the House yesterday explained:

“The conferees are aware of concerns that have been raised regarding the use of unmanned aerial vehicles (UAV) and their sensors in domestic airspace. The conferees understand that the Air Force has policies and procedures in place governing the disposition of UAV collections that may inadvertently capture matters of concern to law enforcement agencies. These policies and procedures are designed to ensure constitutional protections and proper separation between the military and law enforcement. However, it is unclear if other Services and Defense agencies have similar policies and procedures in place, or if these policies and procedures need to be revised or standardized. Therefore, the conferees direct the Secretary of Defense to report to the congressional defense committees on the policies and procedures in place across the Services and Defense agencies governing the use of such collections and to identify any additional steps that need to be taken to ensure that such policies and procedures are adequate and consistent across the Department of Defense. This report shall be submitted not later than 90 days after the enactment of this Act.” [my emphasis]

Given the liberal policies the Air Force uses on “incidentally” collected information, it doesn’t seem to offer much protection under the Fourth Amendment (not least because the Clapper decision means we would never be able to challenge such collection). Rather, this effort seems designed to placate concerns about violations of Posse Comitatus and potentially stave off real privacy efforts.

When the Michael Chertoff threatened to use satellites to conduct this kind of surveillance 5 years ago, Democrats (led by Bennie Thompson and Jane Harman) balked, and forced Chertoff to back down. Since then, however, drones that can and do conduct the same kind of surveillance (in the guise of training, mind you!) have been rolled out without, until just recently, any focus on the same issues.

Yet another example of what a Democratic President can get away with that a Republican cannot.

30 Ways to Shrink Intelligence Oversight

June 7, 2012/3 Comments/in FISA, Intelligence /by emptywheel

Correction: I misunderstood a few things about this. First, this is the request from DNI, not what the Intelligence Committees have agreed to. And the House–which has taken up this request–did not accept all these requests (including the clearances audit). This post has been altered accordingly.

The DNI released their 2013 Intelligence Authorization request yesterday. Almost 10 pages of the 24 page document describe reporting that these “oversight” committees will no long require from the Intelligence Community. The bill starts by putting a default 3 year expiration on any new reporting requirements. And then it includes a list of 27 reports that the bill will eliminate and another 3 that it will modify.

And while some of the reports may well be redundant or outdated (the justification given for most of the changes), some seem really troubling. For example, the bill would eliminate a requirement–passed just three years ago–that the Administration audit and report (partially in unclassified form) the total number of security clearances and how long it takes to approve and reapprove those clearances. Here’s how the bill justifies eliminating such a report:

Justification: Section 506H includes two enduring reporting requirements. The requirement for a quadrennial audit of positions requiring security clearances should be repealed because the National Counterintelligence Executive, in partnership with other agencies with similar responsibilities, examines the manner in which security clearance requirements are determined more frequently than once every four years. Rather than submit a report regarding a quadrennial activity, the executive branch can provide more frequent briefings, as requested, if congressional interest persists.
With regard to the annual reporting requirement on security clearance determinations, the Executive Branch as a whole has made significant progress in expediting and streamlining the security clearance process since the passage of the Intelligence Reform and Terrorism Prevention Act, thus reducing the saliency of this report. This reporting requirement should be replaced by briefings, as requested, if congressional interest persists.

What this effectively does is eliminate one way for citizens to see at least the outlines and scope of our secret government. Rather than a partially unclassified report, instead, the intelligence community will brief Congress, rendering it not only secret, but eliminating some of the paperwork that can be FOIAed or archived.

The bill also would eliminate a requirement for the Director of National Intelligence and CIA Director to each provide an annual list of any advisory committees they’ve created, their subject, and their members. I’m guessing the proposed substitution–regular Congressional notifications and briefings–is probably not going to include the same level of detail. And given ODNI’s inadequate response to Electronic Frontier Foundation on an advisory committee as important as the Intelligence Oversight Board, I’m not all that confident it will provide adequate notice on more obscure advisory committees. Moreover, there is a history of advisory board members obtaining great influence and advantages from their position. Lists of members should be on paper somewhere.

CIA General Counsel: If the President Authorizes It, It’s Legal

April 11, 2012/9 Comments/in Drones, FISA, Indefinite Detention, state secrets, Torture, Unitary Executive /by emptywheel

I do hope the Harvard students who listened to this speech from CIA General Counsel Stephen Preston–in which he purported to explain what a law-abiding agency the CIA is and which appears to be the CIA’s effort to prove that the Anwar al-Awlaki killing was legal–are sophisticated enough to realize he, like all spooks, was peddling deceit. I’ll get to those details below.

But first I want to focus on how he bookends his claim that CIA’s “activities are subject to strict internal and external scrutiny.”

He starts by admitting that courts and citizens are not part of this “external scrutiny.”

It is true that a lot of what the CIA does is shielded from public view, and for good reason: much of what the CIA does is a secret! Secrecy is absolutely essential to a functioning intelligence service, and a functioning intelligence service is absolutely essential to national security, today no less than in the past. This is not lost on the federal judiciary. The courts have long recognized the state secrets privilege and have consistently upheld its proper invocation to protect intelligence sources and methods from disclosure. Moreover, federal judges have dismissed cases on justiciability or political question grounds, acknowledging that the courts are, at times, institutionally ill-equipped and constitutionally incapable of reviewing national security decisions committed to the President and the political branches.

Let’s unpack the logic of this: first, CIA operations are subject to strict “external scrutiny.” But because–“national security”–such external scrutiny is not possible.

Next, Preston claims that the courts have been in the business of consistently upholding the “proper invocation” of state secrets “to protect intelligence sources and methods.” Of course, just about every invocation of state secrets has been subsequently or contemporaneously shown to be an effort to protect–at best–misconduct and, in most cases, illegal activities: things like kidnapping, illegal wiretapping, and torture. So when he describes this “proper invocation” of states secrets, he is effectively saying that when lawsuits threatened to expose CIA’s law-breaking, courts have willingly dismissed those cases in the name of sources and methods.

And even before it gets to that stage, courts will bow to the Executive Branch’s claim that only Congress and the Executive can decide what forms of law-breaking by the CIA will be tolerated; courts are “ill-equipped” to judge the legality of illegal actions if those illegal actions are committed by the CIA.

So to prove that CIA’s ops are subject to “external scrutiny,” Preston starts by admitting that two of the most important agents of external scrutiny–citizens and courts–don’t actually exercise any scrutiny, particularly in cases where the government is willing to invoke state secrets to shield illegal activities.

The “Oversight” over NCTC’s Not-Terrorist-Terrorist Database

March 23, 2012/20 Comments/in FISA, Intelligence /by emptywheel

Back when John Negroponte appointed him to be the Director of National Intelligence’s Civil Liberties Protection Officer, Alexander Joel admitted he had no problem with Cheney’s illegal domestic wiretap program.

When the NSA wiretapping program began, Mr. Joel wasn’t working for the intelligence office, but he says he has reviewed it and finds no problems. The classified nature of the agency’s surveillance work makes it difficult to discuss, but he suggests that fears about what the government might be doing are overblown.

“Although you might have concerns about what might potentially be going on, those potentials are not actually being realized and if you could see what was going on, you would be reassured just like everyone else,” he says.

That should trouble you, because he’s the cornerstone of oversight over the National Counterterrorism Center’s expanded ability to obtain and do pattern analysis on US person data.

The Guidelines describe such oversight to include the following:

Periodic spot checks overseen by CLPO to make sure database use complies with Terms and Conditions
Periodic reviews to determine whether ongoing use of US person data “remains appropriate”
Reporting (the Guidelines don’t say by whom) of any “significant failure” to comply with guidelines; such reports go to the Director of NCTC, the ODNI General Counsel, the CLPO, DOJ (it doesn’t say whom at DOJ), and the IC Inspector General; note, the Guidelines don’t require reporting to the Intelligence Oversight Board, which should get notice of significant failures
Annual reports from the Director of NCTC on an (admittedly worthwhile) range of metrics on performance to the Guidelines; this report goes to the CLPO, ODNI General Counsel, the IC IG, and–if she requests it–the Assistant Attorney General for National Security

There are a few reasons to be skeptical of this. First, rather than replicate the audits recently mandated under the PATRIOT Act–in which the DOJ Inspector General develops the metrics, these Guidelines have NCTC develop the metrics themselves. And they’re designed to go to the CLPO, who officially reports to the NCTC head, rather than an IG with some independence.

That is, to a large extent, this oversight consists of NCTC reporting to itself.

CIA Secretly Breaking the Law with Impunity Again

November 18, 2010/in Intelligence, Torture /by emptywheel

Apparently, the Jan Schakowsky’s House Subcommittee completed its investigations of all the times the CIA failed to inform the Gang of Eight about covert ops and in other ways broke the law. Apparently, that investigation found “several instances” where CIA failed for follow the law procedures. But you can’t know precisely what those violations are, because they’re secret.

Here’s Silvestre Reyes’ statement on the investigation.

Today, the Committee officially completed its investigation into the congressional notification practices of the Intelligence Community by voting to adopt a final report presented by Subcommittee on Oversight and Investigations Chair Jan Schakowsky.

In its investigation, the Committee examined sixteen specific instances, spanning three Administrations, in which the Community did not provide Congress with complete, timely, and accurate information about intelligence activities. The Committee also examined federal law and regulations concerning the provision of information about intelligence activities to Congress; congressional notification policies, practices, and procedures across the Intelligence Community; and whether those contributed to any past notification failures.

The findings, I believe, are impressive and eye-opening. The report details the facts uncovered by the investigation in a thorough and even-handed manner. Its analysis is careful and well-founded. Its conclusions and recommendations are reasonable. I commend Ms. Schakowsky and her staff for their excellent work.

Given the sensitive nature of the investigation’s core issues, the content of the report is classified. I can say, though, that in several specific instances, certain individuals did not adhere to the high standards set forth by the Intelligence Community and its agencies. It’s the Committee’s aim to have these standards implemented on an official level, through policy, procedure, or law.

I am pleased to note that several of the recommendations contained in this report, including Gang of Eight reform, were largely enacted back in October when the President signed the FY2010 Intelligence Authorization Act into law.

Finally, let me emphasize that the Committee supports the efforts of the intelligence workforce in its difficult mission to keep America safe. And, while there may be differences of opinion with respect to specific findings, I think that all members can agree that the Committee must be kept fully and currently informed of significant intelligence activities in order to assist the Intelligence Community and keep them well-resourced. [my emphasis]

DOJ Circumvents Judge Walker; Attempts To Further Correct Previous Falsities

November 11, 2009/49 Comments/in Bingo, FISA, Law, Obama Administration, state secrets, Unitary Executive /by emptywheel

In what can only be described as a curious filing, the US Government, through the DOJ has submitted a pleading to the 9th Circuit Court of Appeals in the previously terminated al-Haramain appeal originally filed in 2006. In this appeal, on November 16, 2007, the 9th generally upheld the government’s state secrets assertion, but remanded the case to Judge Walker “to consider whether FISA preempts the state secrets privilege and for any proceedings collateral to that determination.” (Walker has so ruled and those proceedings are indeed ongoing and awaiting the Court’s decision of Plaintiffs’ Motion For Summary Judgment). The 9th Circuit’s mandate issued on January 16, 2008.

The new submission filed in the 9th Circuit is nothing short of a brazen attempt to subvert Judge Walker’s trial court authority and jurisdiction by an end run, and is entitled “NOTICE OF LODGING OF IN CAMERA, EX PARTE DECLARATION OF DIRECTOR OF NATIONAL INTELLIGENCE”

The Government hereby respectfully notifies the Court and counsel that it is lodging today with the Court Security Officer copies of an in camera, ex parte classified declaration, dated November 8, 2009, of the Director of National Intelligence, Dennis C. Blair.

We are making the lodging because an issue arose regarding an inaccuracy in an earlier Government submission in the district court that was part of the record before this Court in an interlocutory appeal in this matter bearing the above caption. The case has been remanded to the district court and an appeal is no longer pending before this Court. The lodging does not call for any action by this Court but is intended to ensure that this Court is informed of the earlier inaccuracy and has available to it classified details with respect to the issue. The Government has informed the district court of the issue, has offered to make available to that court additional classified details in camera, ex parte, and is informing that court that the Government is making the lodging in this Court.

Here is the document. Now the government had just submitted an unclassified declaration of ODNI Blair to the trial court in September, and references said declaration in their new little filing, but does not seem to attach it. Instead, they submit a new classified ex parte declaration from Blair.

Because the inaccuracy was in an earlier Government submission that was part of the record when the case came before this Court on interlocutory appeal, we are today lodging with the Court Security Officer copies of an in camera, ex parte classified declaration, dated November 8, 2009, of Director of National Intelligence Blair. That declaration provides additional classified information regarding the matter. As noted, the lodging ensures that this Court is informed of the issue and has available to it classified details concerning the issue.

Well now, it would seem that Jon Eisenberg has struck a raw nerve with his putative entry into the Horn v. Huddle case as an amicicus urging Royce Lamberth to leave his opinions in place and in force. After having been blistered by Read more →

Torture Tape Investigation in HPSCI

April 23, 2008/32 Comments/in Torture Tape /by emptywheel

Last week we learned that John Durham asked a computer forensics expert to contribute to a legal declaration pertaining to whether or not the CIA Inspector General had–or had ever had–evidence pertaining to the interrogations of two Gitmo detainees.

Today we learn that two of the people involved in the Torture Tape destruction are current high-raking Administration officials.

The [HPSCI] panel interviewed two “current, high-level government officials” in April, according to a congressional official, who declined to name the officials.

Both [Intelligence] panels have interviewed CIA Director Michael V. Hayden.

It’s not clear whether this passage means that Hayden (who just resigned from the military) is one of the two "current, high-level government officials" or not–he’d certainly qualify.

But that leaves another "current, high-level government official." This is significant because several of the key players (like Jose Rodriguez, who remains under subpoena from HPSCI) are former officials. Two notable exceptions are John Rizzo, who works in CIA’s General Counsel office, and John Helgerson, CIA’s Inspector General. We also know that John Negroponte, currently at State, wrote a memo pertaining to the Torture Tapes when he was DNI. Finally, there’s always everyone’s favorite current high-level government official involved with the torture tapes, David Addington.

But I’m not holding my breath.

I’m just as intrigued by the news that Crazy Pete Hoekstra and Silvestre Reyes have gotten into a spat over this investigation.

The House investigation has been riven by partisan disputes. In January, Peter Hoekstra of Michigan, the panel’s ranking Republican, publicly took issue with Democrats over issuing a subpoena for Rodriguez, selecting witnesses and other aspects of the investigation. Democrats have maintained that they have been responsive to Republican input.

A spokesman for Hoekstra declined to comment Tuesday.

As I have said repeatedly, one of the people spinning hard to dissociate himself from the Torture Tape destruction is Porter Goss, who was head of the CIA when the Torture Tape was destroyed, and who received Negroponte’s warning not to destroy the Torture Tape. I’ve long worried that an HPSCI investigation, handled badly, would work the same way Lee Hamilton and Dick Cheney’s HPSCI investigation into Iran-Contra did–to immunize key players from prosecution. In particular, I’ve worried about Pete Hoekstra attempting to protect his former colleague, Porter Goss, from any incrimination.

So I consider it a good sign that Crazy Pete has his knickers in a twist about the investigation.

Shorter Rizzo to Rodriguez: Well, If You’re Not Going to Testify, I Will Screw You

January 16, 2008/57 Comments/in Intelligence, Unitary Executive /by emptywheel

Remember how I suggested that this passage from Pincus’ love letter to Bob Bennett and his client Jose Rodriguez might be targeted to (among others) Porter Goss and John Rizzo?

"In 2003 the leadership of intelligence committees were told about the CIA’s intent to destroy the tapes. In 2005, CIA lawyers again advised the National Clandestine Service that they had the authority to destroy the tapes and it was legal to do so. It is unfortunate," Bennett continued, "that under the pressure of a Congressional and criminal investigation, history is now being revised, and some people are running for cover."

Well, here’s what Rizzo had to say to that.

"I told the truth," Rizzo said in a brief appearance before reporters.

Which doesn’t sound like it was all too helpful for Rodriguez’ little story. Read more →