Posts

Drone Strikes on the NYT’s Claim to Have Improved

/6 Comments/in , , /by

NYT Public Editor Margaret Sullivan attempts to tell the story of why the NYT held the illegal wiretap story before the 2004 election. Amid comments from the main players, she effectively admits that the NYT only published in 2005 because James Risen’s A State of War was about to come out.

Michael V. Hayden, who was the director of the N.S.A. and later the director of the Central Intelligence Agency, told me in an interview that he argued strenuously against publication, right up until the moment when The Times decided to go ahead. His rationale: “That this effort was designed to intercept threatening communication” and to prevent another terrorist attack.

In the end, The Times published the story with a couple of guns held to its head: First, the knowledge that the information in the article was also contained in a book by Mr. Risen, “State of War,” whose publication date was bearing down like a freight train. Second, at the end, the word of a possible injunction against publishing, Mr. Risen said, provided a final push: “It was like a lightning bolt.” (Mr. Hayden said that would not have happened: “Prior restraint was never in the cards.”)

Like a game of chicken played on a high wire, it remains “the most stressful and traumatic time of my life,” Mr. Risen recalls. Although The Times later said that further reporting strengthened the story enough to justify publishing it, few doubt that Mr. Risen’s book was what took an essentially dead story and revived it in late 2005. “Jim’s book was the driving force,” Mr. Lichtblau said.

Sullivan doesn’t mention another part of the story: that shortly after the NYT accused Risen of violating their ethics policy because he did not tell the NYT his book covered topics he had reported on for the paper — not just the illegal wiretap program, but also MERLIN, the attempt to stall the Iranian nuclear program by dealing them faulty blueprints. He had apparently told them he was writing a book on George Tenet.

When that news broke in early 2006, I concluded that Risen probably used the threat of scooping the NYT, and a nondisclosure agreement, to actually get the illegal wiretap program into the paper.

Let’s assume for a moment I’m correct in understanding the NYT spokesperson to be suggesting that Risen violated those ethical guidelines by publishing this book. Here’s the scenario such an accusation seems to spell out. (Speculation alert.) Risen attempted to publish both the NSA wiretap story and the Iran nuclear bomb story in 2004. NYT editors refused both stories. Then, in 2005 Risen takes book leave (and I should say that the NYT’s book leave policy is one of the best benefits it offers its writers), misleading his editors about the content of the book. Once he returns, his editors hear rumors that the book actually features the NSA wiretap story. Only in the face of imminent publication of the book do they reconsider publishing the wiretap story. Read more

Three Theories Why the Section 215 Phone Dragnet May Have Been “Erroneous” from the Start

/6 Comments/in , /by

Update, 1/6/14: I just reviewed this post and realize it’s based on the misunderstanding that the February 24 OLC opinion is from last year, not 2006. That said, the analysis of the underlying tensions that probably led to the use of Section 215 for the phone dragnet are, I think, still valid. 

According to ACLU lawyer Alex Abdo, the government may provide more documents in response to their FOIA asking for documents relating to Section 215 on November 18. Among those documents is a February 24, 2006 FISA Court opinion, which the government says it is processing for release.

That release — assuming the government releases the opinion in any legible form — should solve a riddle that has been puzzling me for several weeks: whether the FISA Court wrote any opinion authorizing the phone dragnet collection before its May 24, 2006 order at all.

The release may also provide some insight on why former Assistant Attorney General David Kris concedes the initial authorization for the program may have been “erroneous.”

More broadly, it is important to consider the context in which the FISA Court initially approved the bulk collection. Unverified media reports (discussed above) state that bulk telephony metadata collection was occurring before May 2006; even if that is not the case, perhaps such collection could have occurred at that time based on voluntary cooperation from the telecommunications providers. If so, the practical question before the FISC in 2006 was not whether the collection should occur, but whether it should occur under judicial standards and supervision, or unilaterally under the authority of the Executive Branch.

[snip]

The briefings and other historical evidence raise the question whether Congress’s repeated reauthorization of the tangible things provision effectively incorporates the FISC’s interpretation of the law, at least as to the authorized scope of collection, such that even if it had been erroneous when first issued, it is now—by definition—correct. [my emphasis]

That “erroneous” language comes not from me, but from David Kris, one of the best lawyers on these issues in the entire country.

And the date of the opinion — February 24, 2006, 6 days before the Senate would vote to reauthorize the PATRIOT Act having received no apparent notice the Administration planned to use it to authorize a dragnet of every American’s phone records — suggests several possible reasons why the original approval is erroneous.

Possibility one: There is no opinion

The first possibility, of course, is that my earlier guess was correct: that the FISC court never considered the new application of bulk collection, and simply authorized the new collection based on the 2004 Colleen Kollar-Kotelly opinion authorizing the Internet dragnet. In this possible scenario, that February 2006 opinion deals with some other use of Section 215 (though I doubt it, because in that case DOJ would withhold it, as they are doing with two other Section 215 opinions dated August 20, 2008 and November 23, 2010).

So one possibility is the FISA Court simply never considered whether the phone dragnet really fit the definition of relevant, and just took the application for the first May 24, 2006 opinion with no questions. This, it seems to me, would be erroneous on the part of FISC.

Possibility two: FISC approved the dragnet based on old PATRIOT knowing new “relevant to” PATRIOT was coming

Another possibility is that the FISA Court rushed through approval of the phone dragnet knowing that the reauthorization that would be imminently approved would slightly different language on the “relevance” standard (though that new language was in most ways more permissive). Thus, the government would already have an approval for the dragnet in hand at the time when they applied to use it in May, and would just address the “relevance” language in their application, which we know they did.

In this case, the opinion would seem to be erroneous because of the way it deliberately sidestepped known and very active actions of Congress pertaining to the law in question.

Possibility three: FISC approved the dragnet based on new PATRIOT language even before it passed

Another possibility is that FISC approved the phone dragnet before the new PATRIOT language became law. That seems nonsensical, but we do know that DOJ’s Office of Intelligence Policy Review briefed FISC on something pertaining to Section 215 in February 2006.

After passage of the Reauthorization Act on March 9, 2006, combination orders became unnecessary for subscriber information and [one line redacted]. Section 128 of the Reauthorization Act amended the FISA statute to authorize subscriber information to be provided in response to a pen register/trap and trace order. Therefore, combination orders for subscriber information were no longer necessary. In addition, OIPR determined that substantive amendments to the statute undermined the legal basis for which OIPR had received authorization [half line redacted] from the FISA Court. Therefore, OIPR decided not to request [several words redacted] pursuant to Section 215 until it re-briefed the issue for the FISA Court. 24

24 OIPR first briefed the issue to the FISA Court in February 2006, prior to the Reauthorization Act. [two lines redacted] [my emphasis]

Still, this passage seems to reflect an understanding, at the time DOJ briefed FISC and at the time that the FISC opinion was written that the law was changing in significant ways (some of which made it easier for the government to get IDs along with the Internet metadata it was collecting using a Pen Register).

This would seem to be erroneous for timing reasons, in that the judge issued an opinion based on a law that had not yet been signed into law, effectively anticipating Congress.

The looming threat of Hepting v. AT&T and Mark Klein’s testimony

Which brings me to why. The 2009 Draft NSA IG Report describes some of what went on in this period.

After the New York Times article was published in December 2005, Mr. Potenza stated that one of the PSP providers expressed concern about providing telephone metadata to NSA under Presidential Authority without being compelled. Although OLC’s May 2004 opinion states that NSA collection of telephony metadata as business records under the Authorization was legally supportable, the provider preferred to be compelled to do so by a court order.

As with the PR/TT Order, DOJ and NSA collaboratively designed the application, prepared declarations, and responded to questions from court advisors. Their previous experience in drafting the PRTT Order made this process more efficient.

The FISC signed the first Business Records Order on 24 May 2006. The order essentially gave NSA the same authority to collect bulk telephony metadata from business records that it had under the PSP. And, unlike the PRTT, there was no break in collection at transition.

But the IG Report doesn’t explain why the telecom(s) started getting squeamish after the NYT scoop.

It doesn’t mention, for example, that on January 17, 2006, the ACLU sued the NSA in Detroit. A week after that suit was filed, Attorney General Alberto Gonzales wrote the telecoms a letter giving them cover for their cooperation.

On 24 January 2006, the Attorney General sent letters to COMPANIES A, B, and C, certifying under 18 U.S.C. 2511 (2)( a)(ii)(B) that “no warrant or court order was or is required by law for the assistance, that all statutory requirements have been met, and that the assistance has been and is required.”

Note, this wiretap language pertains largely to the collection of content (that is, the telecoms had far more reason to worry about sharing content). Except that two issues made the collection of metadata particularly sensitive: the data mining of it, and the way it was used to decide who to wiretap.

More troubling still to the telecoms, probably, came when EFF filed a lawsuit, Hepting, on January 31 naming AT&T as defendant, largely based on an LAT story of AT&T giving access to the its stored call records.

But I’m far more interested in the threat that Mark Klein, the AT&T technician who would ultimately reveal the direct taps on AT&T switches at Folsom Street, posed. Read more

The Business as Usual Brigade

/7 Comments/in /by

I missed the CATO surveillance event today (they’ll have video up soon, Julian Sanchez promises), but here’s the speech Ron Wyden gave.

I’m amused by this line:

We wanted to put this marker down early because we know in the months ahead we will be up against a “business-as-usual brigade” – made up of influential members of the government’s intelligence leadership, their allies in thinktanks and academia, retired government officials, and sympathetic legislators.

Wyden, a politician, can’t name these people.

But I would suggest they are all immediately identifiable as an archetype:

Influential members of the government’s intelligence leadership: Keith Alexander and James Clapper

Their allies in thinktanks and academia: Ben Wittes

Retired government officials: Michael Hayden

Sympathetic legislators: Dianne Feinstein

Indeed, further in his speech, he repeats claims these people have made, without identifying the speaker.

Some of the “business as usual” arguments have something of an Alice in Wonderland flavor.

We have heard that surveillance of Americans’ phone records, aka metadata, is not actually surveillance at all – it’s simply the collection of bits of information. [DiFi]

We’ve been told that falsehoods aren’t falsehoods – they are simply imprecise statements. [Clapper]

We’ve been told that rules that have been repeatedly broken are a valuable check on government overreach. [Wittes]

And we’ve been told that codifying secret surveillance laws and making them public surveillance laws is the same as actually reforming these overreaching surveillance programs. [Hayden]

And Wyden is absolutely correct. DiFi has submitted changes to Section 215 and 702 that … don’t change a single solitary thing, except that they (1) write down what the FISA Court has already mandated and (2) expand surveillance by authorizing the wiretapping of roamers for a period in the US.

So maybe Wyden isn’t correct? Maybe this is not the “Business as Usual Brigade,” but the “Use a crisis to authorizing phone wiretapping in the US brigade”?

Whatever it is, these are recognizable people. And the press should be focusing on the many ways in which their legislation actually increases surveillance.

“There are two more issues intelligence officials want noted”

/21 Comments/in , /by

Walter Pincus fancies his work to be about “reading documents” and finding the bits that everyone else has missed.

The way I’ve always done it is reading documents. I mean there is a huge amount of public material that’s put every day out in the public record and people don’t read it. The key to the column whether it’s good or not is documents. I just – I try to base every column on something I read; a transcript, a report, a hearing, whatever.

Somehow, that approach to journalism has resulted in this, basically an entire piece listing the things Intelligence Community bigwigs wish people had noticed in the White Paper released last Friday.

There are two more issues intelligence officials want noted.

For the most part, however, Pincus’ piece either reiterates the same tired bullet points the IC keeps repeating.

The NSA document notes that of 54 terrorist events discussed publicly, 13 had a U.S. connection, and in 12 of them, the phone metadata played a role.

[snip]

Intelligence officials later pieced together — and have remembered ever since — that 9/11 hijacker Khalid Almihdhar resided in California in early 2000 and that while some of his conversations with an al-Qaeda safe house in Yemen were picked up, the NSA did not have that U.S. phone number or any indication that he was located in San Diego.

[snip]

Another point they note is that over the length of these NSA programs, and similar ones that date to the late 1960s, there have been layers of oversight by the NSA, the Justice and Defense departments, Congress and the judiciary.

Or, in what is really only Pincus’ close focus on the released documents, uses thin evidence from the White Paper to “support” whiny complaints from the IC.

What also angers many former senior intelligence officials is the complaint by members of Congress and particularly some on the intelligence oversight committees that they were never told about the extent of the phone metadata program.

As the Justice paper notes, the Senate and House Intelligence and Judiciary committees “by December 2008 . . . had received the initial application and primary order authorizing the telephone metadata collection. Thereafter, all pleadings and orders reflecting significant legal developments regarding the program were produced to all four committees.”

What Pincus fails to mention is that the White Paper actually proves the critics to be correct. Not only does it prove the Administration waited 5 months — from Silvestre Reyes’ September 30, 2009 request to their December 14, 2009 response to Reyes’ request to the February 24, 2010 letter to members making them aware of that notice, effectively stalling through the entire period of debate over this issue — before actually informing Congress about the dragnet. It also suggests — as has been all-but confirmed since — that Mike Rogers simply decided not to pass on the notice at all the following year. The White Paper proves critics’ point, but Pincus hides that fact.

And all those details about 2009 and 2011 distract from the question of why the Bush Administration didn’t even try to give notice to Congress in 2006, when it had already briefed the FISA Court it planned to use the “relevant” language Congress intended to use to constrain Section 215’s use to blow up it up beyond recognition. Why is it adequate to provide the judiciary committees notice (note, even here the Administration’s claims fall short, as I’ll show in a follow-up) only 3 years after the fact?

Remember, too, that Pincus is a JD. At least in theory, he is trained to do the kind of analysis that Jeffrey Rosen and Orin Kerr have done, pointing out the legal flaws in this logic. Or maybe he might just want to point out how hard the Administration had to look for a definition of “relevant” that didn’t totally undermine their argument.

All of which is to show that Pincus has himself failed to do what he claims is his schtick. A close reading of the White Paper actually introduces more problems, not fewer, for the Administration’s dragnet programs.

Which makes these two parroted claims all the more painful to read.

Such transparency is useless if the news media do not pass it on to the public. Few, if any, major news outlets carried any of the details from the Justice and NSA papers.

[snip]

Intelligence officials say that if the U.S. media do not provide what the government claims are the facts underlying what critics and supporters say, the public cannot understand the issue.

Here Pincus is in a major news outlet passing on not what the White Paper actually shows, not the actual facts presented there, but reinterpreting it with the mostly anonymous guidance of the IC, spinning it to put in better light.

I guess Walter Pincus should read Walter Pincus.

Michael Hayden, after Escaping Justice, Calls for Other Criminals to Be Made Examples

/8 Comments/in , /by

In an article on the Bradley Manning and Edward Snowden leaks, Washington Times quotes former NSA and CIA Director Michael Hayden this way: (h/t Matthew Aid)

It is “really important that the government respond well to this particular abuse,” he said of the Snowden and Manning cases.

[snip]

Mr. Hayden said he does not endorse some forms of exemplary punishment, “what the French call ‘for the encouragement of others.’”

But if hackers “have this attachment to transparency, perhaps the intelligence community is not where they should be,” he said, adding that the government needs to use the Snowden case to show that it is “serious.”

The former director of both the NSA and CIA said it is “very appropriate” for the U.S. government to pursue Mr. Snowden relentlessly and make his fate an issue in its bilateral relations with any nation that harbors him.

“We need to recruit from this culture,” he said. “Members of this culture, when they embrace government service with its necessary requirements of secrecy, need to be shown the government is quite serious about those necessary requirements.”

To WT’s credit, they do acknowledge that Hayden currently works for the Chertoff Group, one of the most corrupt profiteers off the war on terror.

But it doesn’t mention that Hayden’s the guy who decided it’d be a good idea to outsource NSA’s IT to companies like Booz Allen Hamilton so as to get more people “from this culture” working on NSA’s programs in the first place.

More importantly, it doesn’t mention that the 2009 Draft NSA IG Report that Snowden leaked provided new details about how Hayden made the final decision to continue the illegal wiretapping program even after DOJ’s top lawyers judged it illegal in 2004.

Edward Snowden leaked new details of Michael Hayden’s crime. He leaked new details of how Hayden betrayed the public trust in probably more serious fashion than Edward Snowden has.

And yet somehow Michael Hayden continues to be the primary go-to guy to talk about how serious this leak is? Michael Hayden gets to opine about how Edward Snowden should be made an example of?

Now, perhaps applying Hayden’s own logic would have been valuable years ago. Perhaps if Hayden had been made an example of himself, after he betrayed the public trust and broke the law, we not only would have more trust in the NSA, but we have a better understanding of what NSA did then and is doing now.

But since we didn’t, Michael Hayden remains one primary exhibit about why Snowden’s leaks, however illegal, have a certain legitimacy.

Because so long as Michael Hayden runs free, we know the government refuses to police itself on these issues.

It’s all very rich for one criminal to call for another criminal to be made an example of. But the responsible press should at least point out how ironic it is that the criminal who escaped justice insists those who have exposed new details of his own crime get the full brunt of it.

“Is This the New Espionage?” CBS Asks of Leaking Government Files, While Airing Leaked Government Video

/23 Comments/in , /by

“Is this the new espionage,” CBS asks, “the spy who believes, for the good of his country, he must reveal its secrets?”

CBS then chooses to give former NSA Director Michael Hayden — who oversaw the NSA when it engaged in an unprecedented illegal surveillance program — airtime to ask,

What kind of sense of moral superiority does it take, to feel like your moral judgment trumps the moral judgment of not one but two Presidents, both houses of Congress, and bipartisan majorities, the American court system, and 35,000 of your coworkers at the NSA?

Congratulations to CBS for at least visually tying Hayden to his gravy train at Chertoff Group, a firm associated with profiting off of “security solutions” (like Rapiscan) that end up being too costly and ineffective.

Hayden then tries to get in the head of Bradley Manning and Edward Snowden.

These two most recent cases — Private Manning and Mr. Snowden — they’re a bit different. They’re probably doing it for ideology and almost this romantic, absolute commitment to transparency.

I’ll come back to Hayden and his very amusing outrage in a second.

But did you notice what else CBS did in this clip?

They aired a leaked CIA/FBI film produced as part of Obama’s Insider Threat program, the program that also pushes government employees to spy on their coworkers.

And while CBS later admits, several minutes into this clip, that Snowden “is not a spy,” it sure seems funny for them for have first asked if leaking spy agency materials is “the new Espionage” in a piece that itself airs leaked spy agency material.

You’d think the obvious conclusion would be that Snowden’s action is the old journalism?

So back to Michael Hayden.

CBS barely discusses the law in this clip. I mean, sure, they talk about the convicted spies Robert Hanssen and Aldrich Ames and mention the law, Espionage. But they don’t mention FISA — one of several laws that Michael Hayden broke — nor do they mention war crimes that some of Bradley Manning’s disclosures revealed.

Which is sort of odd given that according to these whistleblowers’ own descriptions of their motives, both men talked about the laws they at least perceived their government to be grossly violating. (And the Draft NSA IG Report Snowden leaked provides more details on Hayden’s unpunished crimes than we’ve gotten before.)

By the way, when Hayden claims “the American court system” sides with him? He forgets Vaughn Walker’s ruling that, in fact, the government had illegally wiretapped al-Haramain during that window when Hayden agreed to continue the program even though the Acting Attorney General Jim Comey had deemed it illegal.

CBS decided to invite a criminal, Michael Hayden, on to attack the actions of a man who had provided the public additional evidence of his crimes. The clip ends with Hayden warning about how much more empowered insider threats are.

What is new that in this modern connected era the trusted insider who betrays us is far more empowered to do damage far greater than these kinds of folks were able to do in the past and so we just have to be more vigilant.

Perhaps the question we ought to be asking is not “is this the new espionage” but “who is the greater insider threat risk, Edward Snowden or Michael Hayden?”

The 14% Domestic Phone Content Collection under the Illegal Wiretap Program

/16 Comments/in /by

Screen shot 2013-06-29 at 7.04.51 AMThere’s something funny about the claims the NSC Draft IG Report makes.

On page 8, the report notes:

Domestic Collection. The wording of the first authorization could have been interpreted to allow domestic content collection where both communicants were located in the U.S. or were U.S. persons. General Hayden recalled that when the Counsel to the Vice President pointed this out, General Hayden told him that NSA would not collect domestic communications because 1) NSA was a foreign intelligence agency, 2) NSA infrastructure did not support domestic collection, and 3) his personal standard was so high that there would be no problem getting a FISC order for the domestic collection.

Starting in February 21, 2006, DOJ pushed to get a FISC order for PSP collection, in spite of NSA’s numerous reservations. As an interim solution, they changed the definition of “facility” from that of a specific number of email address “to encompass the gateway or cable head that foreign targets use for communications. Minimization and probable cause standards would then be applied.” After months of trying to finesse this, FISC signed two orders to accomplish this:

The Foreign Content Order

The Domestic Content Order

Remember, domestic content, to the NSA, is content in which both participants are in the US (though at this point NSA may have been distinguishing between citizens and non-citizens). And when they moved to a FISC order, they had a specific order for domestic content. And, as the chart on page 16 shows, 14% of the telephony content was domestic (it was only 2% for Internet, though its number for that collection, 19,000, sure looks awfully round).

Now, apparently, by 2007 when they went to a FISC order, there wasn’t that much domestic collection left.

The Domestic Content Order did not create a similar loss in collection [as the 73% loss on the Foreign Content side] because so few numbers were tasked at that time. It did, however, slow operations because of the documentation required, and it took considerably longer to task under the order than under the PSP. Over time, the scope of the Domestic Content Order gradually decreased to a single selector tasked for collection in January 2009. In January 2009, at NSA’s request, assumed responsibility for the Domestic Content Order and became the declarant before the FISC.

This says they still had these gateway facilities in place 17 months after PAA passed (and NSA likely dumped it off onto FBI at that point to clean up in anticipation of Obama taking over).

The original authorization might seem to authorize domestic collection. And when they shifted to FISC rather than Presidential authorization, it continued to include domestic collection, though not so much, apparently, as when the program started.

 

How David Addington Hid the Document Implicating George Bush in Illegal Wiretapping

/24 Comments/in /by

On December 16 and December 20, 2005, respectively — just days after the NYT revealed its existence — EPIC and ACLU FOIAed DOJ for documents relating to George Bush’s (really, Dick Cheney’s) illegal wiretap program (National Security Archive also FOIAed, though more narrowly). Among other documents, they requested, “any presidential order(s) authorizing the NSA to engage in warrantless electronic surveillance.” Yet in spite of the fact that the ACLU was eventually able to get DOJ to cough up some of the OLC memos that provided a legal rationale for the program, no presidential order was ever turned over. I don’t believe (though could be mistaken) it was even disclosed in declarations submitted by Steven Bradbury in the suit.

There’s a very good (and, sadly, legal) reason for that. According to the 2009 NSC draft IG report the Guardian released yesterday, it’s not clear DOJ ever had the Authorization. The White House is exempt from FOIA, and it’s likely that NSA could have withheld the contents of the Director’s safe from any FOIA, which is where the hard copy of the Authorization was kept.

It’s worth looking more closely at how David Addington guarded the Authorization, because it provides a lesson in how a President can evade all accountability for unleashing vast powers against Americans, and how the National Security establishment will willingly participate in such a scheme without ensuring what they’re doing is really legal.

The IG report describes the initial Authorization this way:

On 4 October 2001, President George W. Bush issued a memorandum entitled “AUTHORIZATION FOR SPECIFIED ELECTRONIC ACTIVITIES DURING A LIMITED PERIOD TO DETECT AND PREVENT ACTS OF TERRORISM WITHIN THE UNITED STATES.” The memorandum was based on the President’s determination that after the 11 September 2001 terrorist attacks in the United States, an extraordinary emergency existed for national defense purposes.

[snip]

The authorization specified that the NSA could acquire the content and associated metadata of telephony and Internet communications for which there was probable cause to believe that one of the communicants was in Afghanistan or that one communicant was engaged in or preparing for acts of international terrorism. In addition, NSA was authorized to acquire telephone and Internet metadata for communications with at least one communicant outside the United States or for which no communicant was known to be a citizen of the United States. NSA was allowed to retain, process, analyze and disseminate intelligence from the communications acquired under the authority.

And while the NSA IG report doesn’t say it, the Joint IG Report on the program (into which this NSA report was integrated) reveals these details:

Each of the Presidential Authorizations included a finding to the effect that an extraordinary emergency continued to exist, and that the circumstances “constitute an urgent and compelling governmental interest” justifying the activities being authorized without a court order.

Each Presidential authorization also included a requirement to maintain the secrecy of the activities carried out under the program.

David Addington’s illegal program

While the Joint report obscures all these details, the NSA IG report makes clear that Dick Cheney and David Addington were the braintrust behind the program.

The Counsel to the Vice President used [a description of SIGINT collection gaps provided by Michael Hayden] to draft the Presidential authorization that established the PSP.

Neither President Bush nor White House Counsel Alberto Gonzales wrote this Authorization. David Addington did. Read more

Shorter WaPo: It Would Take Months to Know about Spying Misconduct

/11 Comments/in , , /by

For what it’s worth, I consider reports that the government doesn’t know what Edward Snowden took to be disinformation. And indeed, claims to that effect in this WaPo article are sourced to: “one former government official,”a “former senior U.S. official,” and “a former senior U.S. intelligence official who served in Russia.” There’s also “a senior intelligence official” who says only it’ll take months to complete the damage assessment on Snowden’s materials, which is different from claiming (as the other sources do) that Russia and China have what he took. And a “second senior intelligence official” who fearmongers improbably about how much easier this will make things on the terrorists.

But ultimately, most of the people claiming NSA doesn’t know what Snowden took are former officials, presumably out of the loop on such issues (unless, of course, they’re Booz Allen Hamilton revolving doormen).

Funny thing is, if all that were true — if the government is still struggling to figure out what Snowden took a month after he left NSA — it indicates that the government would not know if a Sysadmin at the NSA had spied on Americans, if ever, until months after someone did so.

But, promise, this giant dragnet is secure.

Update: Mark Hosenball’s version of this apparently organized leak (his is sourced to “several U.S. officials,” “one non-government source familiar with Snowden’s materials,” and “2 U.S. national security sources,” makes it fairly clear the government intends to release this disinformation — along with incorrect claims about the history of WikiLeaks — as a way to fearmonger about that connection.

Although WikiLeaks initially made the diplomatic cables available to media outlets, including the Guardian and New York Times, who redacted potentially sensitive information before publishing them, the website eventually released an entirely unredacted archive of the material, to the dismay of the Obama Administration. U.S. officials said the information put sources at risk and damaged relations with foreign governments.

The disinformation people spreading this story apparently are less worried about confirming genuine concerns about the security of these programs than they are about trying to catch up to WikiLeaks involvement with a new line of fearmongering.

Update: I changed the title of this after it was published.

Section 702 Is Used for Terror, Proliferation, AND Hacking

/14 Comments/in , , /by

The AP has a story about the way algorithms control Section 702, the legal program for which PRISM provides NSA analysts acces.

And while he also admits that Obama “had expanded the scope of the surveillance,” Michael Hayden makes this false claim (which he actually said on FNS).

Michael Hayden, who led both the NSA and CIA, said the government doesn’t touch the phone records unless an individual is connected to terrorism.

He described on “Fox News Sunday” how it works if a U.S. intelligence agent seized a cellphone at a terrorist hideout in Pakistan.

“It’s the first time you’ve ever had that cellphone number. You know it’s related to terrorism because of the pocket litter you’ve gotten in that operation,” Hayden said. “You simply ask that database, `Hey, any of you phone numbers in there ever talked to this phone number in Waziristan?'”

Here’s how I know this is absolutely false (aside from the language of Section 702 that clearly allows it to be used for foreign intelligence generally so long as it is targeted — which is one of those tricky words– at people not known to be in the US).

Director Clapper — who admittedly engages in least untruthfuls that are too cute by half — claimed this as one of the successes in Section 702.

Communications collected under Section 702 have provided significant and unique intelligence regarding potential cyber threats to the United States, including specific potential network computer attacks. This insight has led to successful efforts to mitigate these threats.

Don’t get me wrong. Using this kind of collection for foreign cyberattacks is entirely appropriate. Indeed, it is probably the very best use of the tool, since it’s it’s a lot easier to engage in cyberattacks — particularly if you’re overseas — using the Internet, whereas the most dangerous terrorists can and no doubt increasingly will find other means to communicate.

So it’s not that I object to using this program to target Chinese hackers. But as you consider the 51% standard that, according to Edward Snowden, NSA analysts have to meet, or if you consider how easily signals taken from any major US-based coverage can meet that 51% standard, understand that NSA is much more likely to make a “mistake” in its geographic screens for American hackers than for American Islamic extremists.

We’ve heard nothing but TERRA TERRA TERRA since these leaks first started. And every time you hear that, you might ask what it would mean if they also mean hacker.