Posts

8 Years Later, NSA Still Using Same PR Strategy to Hide Illegal Wiretap Program

/18 Comments/in , /by

[youtube]kfbHbht081E[/youtube]

Between these two posts (one, two), I’ve shown that the Executive Branch never stopped illegally wiretapping Americans, even after the worst part of it got “shut down” after the March 2004 hospital confrontation. Instead, they got FISC to approve collection with certain rules, then violated the rules consistently. When that scheme was exposed with the transition between the Bush and Obama Administrations, the Executive adopted two new strategies to hide the illegal wiretapping. First, simply not counting how many Americans they were illegally wiretapping, thus avoiding explicit violation of 50 USC 1809(a)(2). And, starting just as the Executive was confessing to its illegal wiretapping, moving — and expanding it — overseas. Given that they’re collecting content, that is a violation in spirit, at least, of Section 704 of FISA Amendments Act, which requires a warrant for wiretapping an American overseas (the government probably says this doesn’t apply because GCHQ does much of the wiretapping).

One big discovery the Snowden leaks have shown us, then, is that the government has never really stopped Bush’s illegal wiretapping program.

That actually shows in the PR response the government has adopted, which has consisted of an affirmative and a negative approach. The affirmative approach emphasizes the programs — PATRIOT Act Section 215 and Section 702 of FAA — that paralleled the illegal wiretap program (I’m not conceding either is constitutional, but only the upstream collection under 702 has been deemed an explicit violation of the law). This has allowed the government to release a blizzard of documents — Transparency!™ — that reveals some shocking disclosures, without revealing the bigger illegal programs. But note how, when the revelations touched on the Internet dragnet (which should be no more revelatory than the phone dragnet), ODNI tried to obscure basic details by hiding dates (even if they left those dates in one URL).

Meanwhile, the I Con has invested energy in trying to undermine every story that touches on the larger illegal wiretapping programs. Read more

In Which Ben Wittes Proves Ben Wittes Is NAKED

/12 Comments/in , /by

160 days ago, Jim Sensenbrenner released a letter to Eric Holder expressing concern about the way DOJ had interpreted Section 215. In it, he did some creative editing to hide that he had had an opportunity to learn about that interpretation before he voted to reauthorize the PATRIOT Act.

160 days ago, I was (I believe) the first person to point out that obfuscation.

In those 160 days, I have also documented the serial lies and obfuscations of people like Keith Alexander, James Clapper, Robert Mueller, Mike Rogers, Valerie Caproni, Dianne Feinstein, Raj De, and Robert Litt. (one, two, three, four, five, six, seven, eight, nine, ten, eleven, twelve, thirteen, fourteen, fifteen, sixteen, seventeen, eighteen, nineteen, twenty, twenty-one, twenty-two, twenty-three, twenty-four, twenty-five, twenty-six, twenty-seven, twenty-eight, twenty-nine, thirty, thirty-one, thirty-two, thirty-three; trust me, this is just a quick survey). The most recent of these lies came last week when Raj De and Robert Litt claimed Congress had been fully informed about the authorities they were voting on, a claim which the Executive Branch’s own record proves to be false.

In spite of the clear imbalance between the lies NSA critics have told and those NSA apologists have told, Ben Wittes has made it a bit of a hobby to use Sensenbrenner’s single (egregious) lie to try to discredit NSA critics (without, of course, pointing out the serial, at times even more egregious, lies NSA apologists were telling). Of late, Wittes has harangued that, because he told a lie 160 days ago, Sensenbrenner is operating in bad faith when he criticizes NSA’s programs now. (See also this post.)

I have never questioned the good faith of Senators Patrick Leahy, Ron Wyden, or Rand Paul. They are legislators with a perspective. That’s how Congress works.

Rep. James Sensenbrenner is a different matter.

Since the bulk metadata program broke, the former chairman of the House Judiciary Committee has been on a campaign of denunciation of both agency activity under the Patriot Act—the law he helped write. And he has been denouncing the administration for having misled him about how Section 215 is being used too. He has done so with a breathtaking dishonesty that puts him in a different category from those members who have a policy dispute with the administration. [my emphasis]

Mind you, Wittes did not examine the content of Sensenbrenner’s more recent claims. Had he done so, he might have realized that the record supports Sensenbrenner’s complaints, even if the messenger for those complaints might be less than perfect.

It ignored restrictions painstakingly crafted by lawmakers and assumed a plenary authority never imagined by Congress. Worse, the NSA has cloaked its operations behind such a thick cloud of secrecy that, even if our trust was restored, Congress and the American people would lack the ability to verify it.

Note, we’re still learning the full extent of how the Executive Branch blew off limits placed on the PATRIOT authorities.

Wittes might even have noted Sensenbrenner’s apparent commitment to do his own job better.

“I hope that we have learned our lesson and that oversight will be a lot more vigorous,” Sensenbrenner said.

Even ignoring Wittes’ remarkable double standard, in which he suggests Sensenbrenner’s one lie should disqualify him from speaking on this topic forever while Clapper and Alexander’s seeming addiction to lies apparently shouldn’t even be mentioned in polite company, a highly regarded expert recently laid out new evidence for why Sensenbrenner has good reason to be angry, regardless of his role in passing PATRIOT in 2001 or 2006 or 2010 or even 2011.

The expert?

Ben Wittes.

Read more

Is the Government Hiding FISC’s “Erroneous” 215 Opinion Until After Basaaly Moalin’s Hearing for a New Trial?

/4 Comments/in , /by

As I mentioned in this post, the government is due to turn over the remaining documents in the ACLU FOIA for Section 215 documents on November 18. Among the documents it may release is a February 24, 2006 FISC opinion. This may be the only comprehensive opinion written to authorize the Section 215 dragnet … and if it’s not, no comprehensive opinion authorized the opinion until August 29, 2013.

In short, that release will answer a lot of questions about what former Assistant Attorney General David Kris suggests may have been an erroneous decision authorizing the entire phone dragnet. We’ll learn more November 18.

But that won’t help Basaaly Moalin, who on Wednesday, November 13, will argue he should have a new trial in light of disclosures that the government only started wiretapping him after being tipped by the Section 215 dragnet. If the Judge in his case, Jeffrey Miller, decides he doesn’t merit a new trial, then he will be sentenced on November 18. And then, later that same day, the government will release what could be evidence that the very foundations of the Section 215 dragnet that caught Moalin are “erroneous.”

That seems to be the way things have gone for Moalin since June 18, when the government pushback on the Snowden leaks first led Moalin to learn his entire prosecution rested on the Section 215 dragnet, and since August 28, when Moalin first started pushing for a delay in sentencing so he could push for a new trial.

Back in July, the ACLU demanded the government turn over all responsive documents by August 12. That would have brought the release of all documents a month before Moalin’s then-scheduled sentencing. Instead, the government asked to have until September 15, the day before the date scheduled for his sentencing. That request would have been almost two weeks after the 60 day extension James Clapper asked for on July 5, 2013.

On August 16, Judge Pauley set up this production schedule.

The Government will review the Foreign Intelligence Surveillance Court (FISC) Opinions at issue and release any segreable information not exempt under FOIA by September 10, 2013. The Government will review a second tranche of documents and release any segreable information not exempt under FOIA by October 10, 2013. The Government will review the remaining documents at issue, excluding the FISC orders in the final row of the Government’s Vaughn index, and release any segreable information not exempt under FOIA by 10/31/2013. The parties will submit a status report to the Court by 11/8/2013.

The October 10 and 31 dates got pushed back because of the shut-down (which, of course, was not DOJ’s fault).

But the results has been to limit the argument Moalin should be able to make. In the Motion for a new trial (submitted on September 5), for example, Moalin’s team relies on the October 3, 2011 John Bates opinion (released on August 21) rather than the slew of documents showing systemic problems with the very program that tipped Moalin admitted in 2009 (released September 10). The government even taunts them about it in their Response.

Defendants’ reliance on an October 3, 2011 FISC Opinion is misplaced. The opinion documented the FISC’s judicial review of the Government’s Certifications of Collection and Interception pursuant to Section 702 of FISA and is hence irrelevant here were Section 702 is not at issue.

Of course. But the only reason the defendants weren’t able to make the very same argument — that the NSA had almost no meaningful controls over the querying they were doing of the Section 215 dragnet — and make it with collection closer to the time when the dragnet tipped Moalin is because ODNI sat on the Section 215 disclosures until after Moalin submitted his motion.

Of particular concern is the delay in revealing details of contact chaining (and that at the time Moalin was tipped, it was possible to chain a fourth hop in). The defense clearly focused on the government’s admission that Moalin had been indirectly in contact with Aden Ayro. That’s a point the government almost entirely ignored in their response. Add in that the government is still largely hiding how it uses the phone dragnet to find burner phones (and the evidence the government used Moalin’s calls with Ayro to find the warlords new phone after he had ditched an old one), and the defense was only given delayed access to some of the details that might best undermine the case that such indirect contacts might constitute probable cause for a FISA warrant.

The defense integrated some of the revelations about the 2009 disclosures in their reply, submitted October 10. That left unavailable the documents released on October 28, some of which showed the government in violation of FISA Amendment’s Act’s requirement to provide all significant FISC opinions on the topic at hand to the Intelligence and Judiciary Committees. Those documents would also present additional challenges to the legitimacy of the two reauthorizations of the dragnet since 2006.

Now, maybe this is just coincidental, that the one person who might challenge his conviction through the use of Section 215 would be prevented from using documents that might show the program itself is “erroneous.”

But as people like Dianne Feinstein squawk that the program is “legal,” they’d be well advised to consider the remarkable way that Moalin was deprived of the documents that might allow a challenge to the law as erroneous from the very start.

The White House — Lisa Monaco? — “Cutting Off the Intelligence Community”

/13 Comments/in , /by

Too bad for Obama he has decided the great new way to aggressively prosecute leaks without the bad PR of doing it through the Courts is to have James Clapper’s Inspector General investigate them. Because I’m betting the IC IG will be unenthusiastic about hunting down this admitted leaker.

Some U.S. intelligence officials said they were being blamed by the White House for conducting surveillance that was authorized under the law and utilized at the White House.

“People are furious,” said a senior intelligence official who would not be identified discussing classified information. “This is officially the White House cutting off the intelligence community.”

But I’m a bit more interested in this barb, putting Homeland Security Advisor Lisa Monaco solidly in the line of communication receiving intelligence from wiretaps on foreign leaders.

Any decision to spy on friendly foreign leaders is made with input from the State Department, which considers the political risk, the official said. Any useful intelligence is then given to the president’s counter-terrorism advisor, Lisa Monaco, among other White House officials.

As I have twice noted, Monaco brings dramatically different experience to the position than her predecessor, John Brennan. Rather than being implicated in the illegal program that was the root of many of the problems as the program moved under FISA Court review, she had had to try to clean them up while Assistant Attorney General for National Security, including at least the upstream violations. She also participated in the decision to shut down the Internet dragnet collection program.

After prior bitching about her silence during this scandal, she penned an op-ed last week laying out the evolving White House position.

Today’s world is highly interconnected, and the flow of large amounts of data is unprecedented. That’s why the president has directed us to review our surveillance capabilities, including with respect to our foreign partners. We want to ensure we are collecting information because we need it and not just because we can.

[snip]

Going forward, we will continue to gather the information we need to keep ourselves and our allies safe, while giving even greater focus to ensuring that we are balancing our security needs with the privacy concerns all people share.

The implication, of course, is that the same person voicing this “because we need it and not just because we can” has been implicated by receiving intelligence with Merkel’s and other leaders names on it, and may be responsible for not alerting the President to it. The accuracy of the claim, of course, depends on whether the White House really shut down the collection on Merkel earlier this summer or only in the last week or so; remember tasking priorities are reassessed biannually. Moreover, it’s not like wiretaps on allied leaders would be the primary focus of someone whose job centers on counterterrorism.

The thing is, this attack can backfire, as having received this information puts Monaco in an appropriate position to know whether we were collecting it because we could, not because we need to.

Monaco has, in the past, been part of a team that deemed a program not valuable enough to sustain. Which means she has a little experience for the pushback the IC may be throwing at her in coming days.

Civil Libertarians to Dianne Feinstein: We Told You So

/25 Comments/in /by

The moment when Dianne Feinstein should have called for a comprehensive review of NSA’s programs was no later than August 18, when she admitted the Senate Intelligence Committee doesn’t get briefed on violations that occur under Executive Order 12333, even though they constitute the bulk of violations.

The committee does not receive the same number of official reports on other NSA surveillance activities directed abroad that are conducted pursuant to legal authorities outside of FISA (specifically Executive Order 12333), but I intend to add to the committee’s focus on those activities.

The committee has been notified—and has held briefings and hearings—in cases where there have been significant FISA compliance issues. In all such cases, the incidents have been addressed by ending or adapting the activity.

[snip]

I believe, however, that the committee can and should do more to independently verify that NSA’s operations are appropriate, and its reports of compliance incidents are accurate. This should include more routine trips to NSA by committee staff and committee hearings at which all compliance issues can be fully discussed.

While at the time she bought the NSA’s roamer myth, it was already clear the NSA was spying on US persons via its bulk collection “overseas,” including via some of the more troubling violations. She should have further gotten concerned when both Keith Alexander and James Clapper dodged questions about upstream violations. But then, she was too busy reading factually inaccurate statements about the same collections.

Back in the day, though, making sure the NSA wasn’t using Article II to evade oversight used to be one of her chief concerns.

Nevertheless, it took the disclosures of spying on Angela Merkel — and, no doubt, the embarrassment of her party’s President, and perhaps growing support for a real investigation — to really rile her up.

It is abundantly clear that a total review of all intelligence programs is necessary so that members of the Senate Intelligence Committee are fully informed as to what is actually being carried out by the intelligence community.

Unlike NSA’s collection of phone records under a court order, it is clear to me that certain surveillance activities have been in effect for more than a decade and that the Senate Intelligence Committee was not satisfactorily informed. Therefore our oversight needs to be strengthened and increased.

With respect to NSA collection of intelligence on leaders of U.S. allies—including France, Spain, Mexico and Germany—let me state unequivocally: I am totally opposed.

Unless the United States is engaged in hostilities against a country or there is an emergency need for this type of surveillance, I do not believe the United States should be collecting phone calls or emails of friendly presidents and prime ministers. The president should be required to approve any collection of this sort.

It is my understanding that President Obama was not aware Chancellor Merkel’s communications were being collected since 2002. That is a big problem.

The White House has informed me that collection on our allies will not continue, which I support. But as far as I’m concerned, Congress needs to know exactly what our intelligence community is doing. To that end, the committee will initiate a major review into all intelligence collection programs. [my emphasis]

I welcome this review — by all accounts the torture review conducted under her supervision is more thorough than anything else we’ve seen.

But … ah, the torture review.

There’s one other reason DiFi should have been quicker to respond to questions Edward Snowden — whom she called a traitor — raised.

In December she finished a 6,000 page report, one key finding of which was that the CIA lied to her community.

Why did she think NSA would be any different?

“An internal and an external review”

/18 Comments/in /by

I’ll have more to say about WSJ’s report that Obama was unaware that the NSA was wiretapping 35 world leaders tomorrow.

But in my opinion, the most important detail in it reveals in addition to Obama’s James Clapper Committee to Make You Love the Dragnet, he has an internal review.

This summer, President Obama launched two reviews—an internal one and an external one. He highlighted them in a speech in August as part of a series of measures being taken to respond to the domestic uproar over NSA’s extensive spying practices in the U.S.

[snip]

The internal review, among different U.S. national security agencies, will be informed by findings from the external review, which is expected to deliver its final report in December, said White House spokeswoman Caitlin Hayden. [my emphasis]

Frankly, I don’t buy that Obama “highlighted” both these speeches in August. He highlighted his “independent” review, but mentioned nothing else that I can see.

Fourth, we’re forming a high-level group of outside experts to review our entire intelligence and communications technologies. We need new thinking for a new era. We now have to unravel terrorist plots by finding a needle in the haystack of global telecommunications. And meanwhile, technology has given governments — including our own — unprecedented capability to monitor communications.

So I am tasking this independent group to step back and review our capabilities — particularly our surveillance technologies. And they’ll consider how we can maintain the trust of the people, how we can make sure that there absolutely is no abuse in terms of how these surveillance technologies are used, ask how surveillance impacts our foreign policy — particularly in an age when more and more information is becoming public. And they will provide an interim report in 60 days and a final report by the end of this year, so that we can move forward with a better understanding of how these programs impact our security, our privacy, and our foreign policy.

Nor did the White House provide any details on reviews in the readout of the Angela Merkel conversation last week.

In other words, I suspect that for some reason — probably for a variety of them — Obama has decided that The James Clapper Committee to Make You Love the Dragnet is insufficient to the task of restoring confidence in the dragnet, so has people internal to the Administration working on fixes, probably tasked well after the Clapper committee, if not in the last week.

Or maybe he has just invented the existence of an “internal review” so as to explain why he is prepared to admit that 35 world leaders were being wiretapped by the NSA and anything else that proves inconvenient.

The National Security Agency ended a program used to spy on German Chancellor Angela Merkel and a number of other world leaders after an internal Obama administration review started this summer revealed to the White House the existence of the operations, U.S. officials said.

Officials said the internal review turned up NSA monitoring of some 35 world leaders, in the U.S. government’s first public acknowledgment that it tapped the phones of world leaders.

After all, the Guardian reported on the 35 world leaders (which the WSJ notes), and only after that we learn there’s an “internal review” that raised this as a point of concern? (Perhaps, too, this serves as a convenient fiction to accord with whatever Obama has told Angela Merkel on various occasions.)

WSJ spends much of the rest of the story trying to suggest the James Clapper Committee to Make You Love the Dragnet is not, as all evidence indicates, kabuki.

I don’t buy that, nor do I buy that there was really an “internal review” before things got really hot this week.

But I do hope that having been forced to create at least the appearance of a second review, Obama will use it as an opportunity to make more changes than he otherwise had planned on.

Update: Adding to my suspicion that the Administration created an “internal” review in the last few days, National Security Rice is now tweeting about it.

The Dog Ate Charles McCullough’s Homework

/6 Comments/in /by

Let’s take the narrative the Federal Government wants to tell us about the Boston Marathon attack.

Both FBI and CIA got tips from Russia in early- and mid-2011 implicating Tamerlan Tsarnaev in extremism which FBI, which appropriately has jurisdiction, investigated and entered into the relevant databases accessible to Joint Terrorism Task Force partners.

Later that year, the government alleges (based on the word of a guy they killed immediately thereafter), Tamerlan and Ibragim Todashev — and possibly Tamerlan’s brother Dzhokhar — knifed three friends and associates to death on 9/11 while they waited for pizza from a place the brothers may have once worked; while several of the people on both sides of that killing were involved in selling drugs, the presumed motive for that killing (especially given the date) pertains to Islamic extremism, not a drug and money dispute, in spite of or perhaps because of the pot and money left at the scene. After the killing, Tamerlan disappeared from the scene in Cambridge and was never interviewed by the cops. Senate Intelligence Committee members allege Russia passed on another warning about Tamerlan after October 2011, though the FBI insists it kept asking for more information to no avail.

The next year, Tamerlan left for Russia and Chechnya and Dagestan, but the Homeland Security dragnet missed him because Aeroflot misspelled his name (an issue that contributed to their missing the UndieBomb, too; Russia’s original tip to the FBI had gotten his birthdate wrong). While in Russia, Tamerlan met a bunch of Chechen extremists, several of whom were killed shortly after he met them. Then, Tamerlan returned to Boston, and he and his brother made some bombs out of pressure cookers and fireworks in his Cambridge flat (testimony of their cab driver notwithstanding), and then set them off near the finish line of the Boston Marathon, killing 3 and maiming hundreds.

In spite of the thousands of videos of the event, FBI’s prior investigation, and immigration records on the brothers including pictures, the government’s facial recognition software proved unable to find them (in spite of claims “FBI” officials were asking around Cambridge already), so the government released their pictures and set off a manhunt that resulted in Tamerlan’s death and the arrest of Dzhokhar.

That’s the story, right?

Two weeks after the attack, James Clapper tasked the Intelligence Community Inspector General, Charles McCullough, with investigating the attack to see if it could have been prevented (note, after the 2009 UndieBomb attack, the Senate Intelligence Committee conducted such an investigation but I’ve heard no peep of them doing so here). Also involved in that investigation are DOJ, DHS, and CIA’s IG, but not NSA’s IG, in spite of the fact that the Russians, at least, reportedly intercepted international texts implicating Tamerlan in planning jihad (though there’s no reason to believe the non-US side of those texts — a family member of the brothers’ mother — would have been a known CT target). (Note that, even as McCullough has been conducting this investigation, which ultimately involves information that has been leaked to the press, James Clapper has him conducting investigations into unauthorized leaks — does anyone else see the huge conflict here???)

Back on September 19 (perhaps not coincidentally the day after Ibragim Todashev’s friend Ashurmamad Miraliev was arrested in FL and questioned for 6 hours without a lawyer), McCullough wrote Congress to tell them that because “information relevant to the review is still being provided to the review team,” the review would be indefinitely delayed.

According to the BoGlo, McCullough is offering a new excuse for further delay: the shutdown.

Officials said the shutdown has hampered various agencies’ ability to conduct interviews, undertake research, or pay support personnel who are responsible for reviewing the operations of the government’s terrorism databases before the Marathon attack and determining whether information on the bombing suspects was properly handled.

[snip]

Last month congressional oversight communities were informed that while officials were “working diligently” to complete the review, the process of interviewing counter-terrorism officials and reviewing computer files had turned out to be more challenging than expected. McCullough, the intelligence community’s inspector general, said at the time that “information relevant to the review is still being provided to the review teams.”

A senior Senate staffer, who was not authorized to speak publicly, said briefings recently scheduled for intelligence officials to brief key congressional committees on the progress of the review were canceled.

So here we are over 6 months after the attack, and an inquiry purportedly reviewing whether our CT information sharing (led by the National Counterterrorism Center, which reports to Clapper, to whom McCullough also reports as a non-independent IG) did what it was supposed to, is still having trouble reviewing the actual databases (!?!?), ostensibly because they had to furlough the support people doing that rather than allow them to figure out how to fix problems to prevent the next terrorist attack. (Remember, James Clapper testified he had furloughed 70% of civilian IC staff, to the shock of Chuck Grassley and others.)

Perhaps that’s the problem. Perhaps it is the case that in 6 months time, IC support personnel had not yet been able to access and assess the database counterterrorism professionals are expected to monitor and respond to almost instantaneously. If that is the case, it, by itself, ought to be huge news.

Or perhaps there’s something about the Waltham investigation that has made it newly embarrassing that warnings before and — if blathery Senators are to be believed — after the murders didn’t focus more attention on Tamerlan Tsarnaev.

James Clapper versus DOJ (and NSA) on Upstream Collection Transparency

/4 Comments/in /by

Screen shot 2013-10-26 at 12.31.00 PM

Last week, David Ignatius wrote a column declaring the Director of National Intelligence position under James Clapper “Mission Accomplished!” It’s mostly a beat sweetener, but I’m intrigued by his claim that James Clapper forced the NSA to declassify more of the 2011 John Bates decision than they wanted to.

But there are welcome signs that this jury-rigged structure may finally be starting to work as the DNI responds to budget pressures and the scandals surrounding National Security Agency’s surveillance programs. Clapper has recently taken steps that forced the National Security Agency (NSA) to accept greater transparency and stopped the military agencies from wasteful spending on duplicative satellite imagery.

[snip]

One example is Clapper’s pressure on the NSA to disclose more about its surveillance programs. The NSA initially wanted to “redact” (a fancy word for censor) far more of a 2011 ruling by the Foreign Intelligence Surveillance Court that the agency had engaged in illegally broad surveillance. Clapper thought NSA lawyers were suppressing too much, so he instructed his general counsel, Robert Litt, to go back through the document and make public more information. Clapper ignored NSA and Justice Department protests, including to the White House, and backed Litt’s less-redacted version.

That 2011 opinion is one of the most important disclosures so far (and the more I think about it the more I’m convinced it was a dangerous rubber stamp). So I’m grateful as much of it was released as it was.

But I’m intrigued by what this account says of upstream collection (and the searching on US person data collected under FISA Amendments Act) generally.

As the screen cap above shows, even while the opinion made it clear what “upstream” collection is (and other documents released, Dianne Feinstein’s public comments, and the footnote below have made it clear the telecoms conduct the collection), it kept the actual language describing the process redacted.

Screen shot 2013-10-26 at 12.53.09 PM

 

Assuming Ignatius description that Clapper pushed for this level of disclosure is correct, consider Clapper’s gimmicky efforts to deny or refuse to discuss other upstream collection under EO 12333. That would say Clapper pushed to make more of this FAA upstream collection public, but has gone to some effort to deny the other direct collection under EO 12333.

Meanwhile, remember the way David Kris’ paper, which was reviewed by DOJ, managed to raise Internet metadata and EO 12333, but largely indirectly.

They’re awfully squirrely about the upstream collection, perhaps because they are increasingly targeting US persons using EO 12333. But it’s worth following.

James “Too Cute By Half” Clapper’s Denial

/15 Comments/in /by

James Clapper made a somewhat unprecedented denial of Le Monde’s report (French, English) about the NSA’s dragnet, denying the eye-popping numbers on the volume of French spying (70.3 million in a month) we do.

October 22, 2013

Recent articles published in the French newspaper Le Monde contain inaccurate and misleading information regarding U.S. foreign intelligence activities.  The allegation that the National Security Agency collected more than 70 million “recordings of French citizens’ telephone data” is false.

While we are not going to discuss the details of our activities, we have repeatedly made it clear that the United States gathers intelligence of the type gathered by all nations.  The U.S. collects intelligence to protect the nation, its interests, and its allies from, among other things, threats such as terrorism and the proliferation of weapons of mass destruction.

The United States values our longstanding friendship and alliance with France and we will continue to cooperate on security and intelligence matters going forward.

Now, for what it’s worth, this seems the product of somewhat bad translation of the English for the Le Monde article, which started as this,

Parmi les milliers de documents soustraits à la NSA par son ex-employé figure un graphique qui décrit l’ampleur des surveillances téléphoniques réalisées en France. On constate que sur une période de trente jours, du 10 décembre 2012 au 8 janvier 2013, 70,3 millions d’enregistrements de données téléphoniques des Français ont été effectués par la NSA.

And then a worse translation back into English, which produced this,

Amongst the thousands of documents extracted from the NSA by its ex-employee there is a graph which describes the extent of telephone monitoring and tapping (DNR – Dial Number Recognition) carried out in France. It can be seen that over a period of thirty days – from 10 December 2012 to 8 January 2013, 70,3 million recordings of French citizens’ telephone data were made by the NSA.

I’m not going to explain this perfectly, but effectively it took a verbal that could mean the tape recording or the data notation of calls and turned it into a gerund that has the connotation in English of a discrete tape recording (note also the really cloddish use of the passive in a situation where you wouldn’t use it in English).

And from that, Clapper pounced on the “recordings” and presented them — in a quotation taken out of context — as discrete phone calls recorded individually. NSA’s not doing that, he says.

But we knew that. What they’re doing is intercepting call data in bulk and then sorting through what they want to keep.

It’s worth noting that the comment on the Boundless Informant screen Le Monde gets this from, however, refers to a more accurate calls “interceptées.” None of that excuses Le Monde’s presentation of it as such, particularly not its weak English translation which Clapper exploited (which isn’t, however, the actual language that has given François Hollande an opportunity to pretend to be shocked, and his English-only gotcha would be useful in refuting this for actual French readers). But that’s one source of the gotcha.

Now, as I said, this is relatively unprecedented. In the recent “interview” with Keith Alexander, NSA issued non-denial denials about info sharing with Israel. But there have been few very specific denials like this one.

And why would there be? Should we now assume all the other facts that have come out, anywhere in the world, are true? That Clapper has gone out of his way to do so, it seems, suggests the IC doesn’t dispute any other facts, which is almost certainly not the case, but nevertheless a fair assumption given their attention to this discrete point.

The one exception to this general rule, though, suggests why Clapper may have used this bad translation to claim gotcha! It just so happens to pertain to the WSJ story on upstream Internet collection, Read more

The Common Commercial Services OLC Memo and Zombie CISPA

/12 Comments/in , /by

Some time last summer, Ron Wyden wrote Attorney General Holder, asking him (for the second time) to declassify and revoke an OLC opinion pertaining to common commercial service agreements. He said at the time the opinion “ha[d] direct relevance to ongoing congressional debates regarding cybersecurity legislation.”

That request would presumably have been made after President Obama’s April 25, 2012 veto threat of CISPA, but at a time when several proposed Cybersecurity bills, with different information sharing structures, were floating around Congress.

Wyden asked for the declassification and withdrawal of the memo again this January as part of his laundry list of requests in advance of John Brennan’s confirmation. Then, after having been silent about this request for 8 months (at least in public), Wyden asked again on September 26.

It appears that Wyden had intended to ask the question of one of the witnesses at an open Senate Intelligence Committee hearing (perhaps Deputy Attorney General James Cole), but — having had warning of his questions (because he sent them to the witnesses in advance) — Dianne Feinstein and Susan Collins ensured there would not be a second round of questions.

As it happens, Wyden made the request for the memo two days after DiFi told The Hill she was preparing to advance her version of CISPA, and the day after Keith Alexander started calling for cybersecurity legislation again.

In a brief interview with The Hill in the U.S. Capitol on Tuesday, Feinstein said she has prepared a draft bill and plans to move it forward.

The legislation would be the Senate’s counterpart to the Cyber Intelligence Sharing and Protection Act, known as CISPA, which cleared the House in April.

CISPA would remove legal barriers that prevent companies from sharing information with each other and the government about cyber attacks. It would also allow the government to share more information with the private sector.

Since then, Alexander has pitched new cybersecurity legislation in an “interview” with the NYT, admitting he needs to be more open about his places for cybersecurity.

Now, the Executive Branch’s unwillingness to actually share the law as it interprets it with us mere citizens prevents us from understanding precisely what relationship this OLC memo has with proposed cybersecurity legislation — but Wyden made it clear in January that it does have one. But here are some things we might surmise about the memo:

  • The Administration is currently relying on this memo. If it weren’t using it, after all, it wouldn’t need to be revoked. That means that since at least January 14, 2011 (before which date Wyden and Russ Feingold first asked it be revoked), the Administration has had a secret interpretation of law relating in some way to cybersecurity.
  • The interpretation would surprise us. As Wyden notes, “this opinion is inconsistent with the public’s understanding of the law” (he doesn’t say what that law is, but I’ll hazard a guess and say it pertains to information sharing). It’s likely, then, that some form of online provider has been sharing cyber-intelligence with the federal government under some strained interpretation of our privacy protections (and, probably, some kind of Attorney General assurances everything’s cool).

Let’s use the lesson we learned during the FISA Amendments Act where the telecoms were clambering for the legislation and the retroactive immunity, but the Internet companies were grateful for “clarity,” but explicitly opposed to retroactive immunity. When we learned the telecoms had been turning over the Internet companies metadata and content, this all made more sense. The Internet Companies wanted the telecoms to be punished for stealing their data.

In this case, in the first round of CISPA (which had broad immunity protections), Facebook and Microsoft were supporters. But in this go-around (which has still generous but somewhat more limited immunity), the big supporters consist of:

  • Telecoms (AT&T, Verizon; interestingly, Sprint did not sign a letter of support)
  • Broadband and other backbone providers (Boeing, Cisco, Comcast, TimeWarner, USTelecom)
  • Banks and financial transfer
  • Power grid operators and other utilities

Now, who knows with which of these entities the government is already relying on this common commercial services memo, which of our providers we believe have made some assurances to us but in fact they’ve made entirely different ones.

But I will say the presence of the telecoms, again, angling for immunity for information sharing, along with their analogues the broadband providers does raise questions. Especially considering Verizon Exec’s trash talking about consumer-centric Internet companies that don’t prioritize national security.

Stratton said that he appreciated that “consumer-centric IT firms” such as Yahoo, Google, Microsoft needed to “grandstand a bit, and wave their arms and protest loudly so as not to offend the sensibility of their customers.”

“This is a more important issue than that which is generated in a press release. This is a matter of national security.”

After all, the telecoms have a history of willingly cooperating with the government, even if it bypassed the protections offered by Internet companies, even if it violated the law. Have they been joined by big broadband?

Well, DOJ could clear all this up by revoking and releasing the memo. Until they do, though, my wildarsed guess is that those operating the Toobz in the country — the telecom and broadband companies — have already started sharing consumers’ data that a plain reading of the law seemingly wouldn’t permit them to do.