Posts

I Told You So, It’s about Cybersecurity Edition

When James “Least Untruthful” Clapper released the first version of PRISM success stories and the most impressive one involved thwarting specific cyberattacks, I noted that the NSA spying was about hackers as much as terrorists.

When  “Lying Keith” Alexander answered a question about hacking China from George Stephanopoulos by talking about terror, I warned that these programs were as much about cybersecurity as terror. “Packets in flight!”

When the Guardian noted that minimization procedures allowed the circulation of US person communications collected incidentally off foreign targets if they were “necessary to understand or assess a communications security vulnerability,” I suggested those procedures fit cybersecurity targets better than terror ones.

When Ron Wyden and Mark Udall caught Lying Keith (again) in a lie about minimization, I speculated that the big thing he was hiding was that encrypted communications are kept until they are decrypted.

When I compared minimization procedures with the letter of the law and discovered the NSA had secretly created for itself the ability to keep US person communications that pose a serious threat to property (rather than life or body), I suggested this better targeted cyber criminals than terrorists.

When Joel Brenner suggested Ron Wyden was being dishonorable for asking James Clapper a yes or no question in March 2013, I noted that Wyden’s question actually referred to lies Lying Alexander had told the previous year at DefCon that hid, in part, how hackers’ communications are treated.

When the Guardian happened to publish evidence the NSA considers encryption evidence of terrorism the same day that Keith Alexander spokes to a bunch of encrypters exclusively about terrorism, I suggested he might not want to talk to those people about how these programs are really used.

And when I showed how Lying Keith neglected his boss’ earlier emphasis on cyber in his speech to BlackHat in favor of terror times 27, I observed Lying Keith’s June exhortation that “we’ve got to have this debate with our country,” somehow didn’t extend to debating with hackers.

I told you it would come to this:

U.S. officials say NSA leaks may hamper cyber policy debate

Over two months after Edward Snowden’s first disclosures, the cyberwarriors are now admitting disclosures about how vast is NSA’s existing power — however hidden behind the impetus of terror terror terror — might lead Congress to question further empowering NSA to fight cyberwar.

I told you so. Read more

More Lies to the FISA Court

I was pulling up something else from Ron Wyden’s site, and noticed a sentence in this release pointing out how last week’s so-called transparency dump from James Clapper actually shows the lies the Intelligence Community told to Congress. I didn’t see the first time I looked at it.

Similarly misleading statements about the bulk email records program were also made to the Foreign Intelligence Surveillance Court, though these statements unfortunately remain classified.

As I’ve noted before, John Brennan testified that he submitted CIA interrogation derived evidence to the FISA Court, almost certainly in the “scary memos” he submitted to justify the continuation of Cheney’s illegal wiretap program.

Burr: I’m still not clear on whether you think the information from CIA interrogations saved lives.  Have you ever made a representation to a court, including the FISA court, about the type and importance of information learned from detainees including detainees in the CIA detention and interrogation program?

Brennan: Ahm, first of all, in the first part of your question, as to you’re not sure whether I believe that there has been information … I don’t know myself.

Burr: I said I wasn’t clear whether I understood, whether whether I was clear.

Brennan: And I’m not clear at this time either because I read a report that calls into question a lot of the information that I was provided earlier on, my impressions. Um. There, when I was in the government as the head of the national counterterrorism center I know that I had signed out a number of um affirmations related to the uh continuation of certain programs uh based on the analysis and intelligence that was available to analysts. I don’t know exactly what it was at the time, but we can take a look at that.

Burr: But the committee can assume that you had faith if you made that claim to a court or including the FISA court, you had faith in the documents in the information that was supplied to you to make that declaration.

Brennan: Absolutely. At the time if I had made any such affirmation, i would have had faith that the information I was provided was an accurate representation. [my emphasis]

While Wyden’s hinted misrepresentations are probably more modest — probably relating to how important the information derived from the Internet metadata collection really was — it nevertheless adds to the evidence that the non-adversarial nature of the FISA Court has allowed the Executive Branch to lie to the judges who preside there.

Shut Down CyberCommand — US CyberCommander Keith Alexander Doesn’t Think It’s Important

Back on March 12 — in the same hearing where he lied to Ron Wyden about whether the intelligence community collects data on millions of Americans — James Clapper also implied that “cyber” was the biggest threat to the United States.

So when it comes to the distinct threat areas, our statement this year leads with cyber. And it’s hard to overemphasize its significance. Increasingly, state and non-state actors are gaining and using cyber expertise. They apply cyber techniques and capabilities to achieve strategic objectives by gathering sensitive information from public- and private sector entities, controlling the content and flow of information, and challenging perceived adversaries in cyberspace.

That was the big takeaway from Clapper’s Worldwide Threat Assessment. Not that he had lied to Wyden, but that that cyber had become a bigger threat than terrorism.

How strange, then, that the US CyberCommander (and Director of National Security) Keith Alexander mentioned cyber threats just once when he keynoted BlackHat the other day.

But this information and the way our country has put it together is something that we should also put forward as an example for the rest of the world, because what comes out is we’re collecting everything. That is not true. What we’re doing is for foreign intelligence purposes to go after counterterrorism, counterproliferation, cyberattacks. And it’s focused. [my emphasis]

That was it.

The sole mention of the threat his boss had suggested was the biggest threat to the US less than 5 months earlier. “Counterterrorism, counterproliferation, cyberattacks. and it’s focused.”

The sole mention of the threat that his audience of computer security professionals are uniquely qualified to help with.

Compare that to his 27 mentions of “terror” (one — the one with the question mark — may have been a mistranscription):

terrorists … terrorism … terrorist attacks … counterterrorism … counterterrorism … terrorists … counterterrorism … terrorist organizations … terrorist activities … terrorist … terrorist activities … counterterrorism nexus … terrorist actor … terrorist? … terrorism … terrorist … terrorists … imminent terrorist attack … terrorist … terrorist-related actor … another terrorist … terrorist-related activities … terrorist activities … stopping terrorism … future terrorist attacks … terrorist plots … terrorist associations

That was the speech the US CyberCommander chose to deliver to one of the premiere group of cybersecurity professionals in the world.

Terror terror terror.

Sitting among you are people who mean us harm

… US CyberCommander Alexander also said.

Apparently, Alexander and Clapper’s previous intense focus on stopping hacktavists and cyberattacks and cybertheft and cyber espionage have all been preempted by the necessity of scaring people into accepting the various dragnets that NSA has deployed against Americans.

Which, I guess, shows us the true seriousness of the cyber threat.

To be fair to our CyberCommander, he told a slightly different story back on June 27, when he addressed the Armed Forces Communications and Electronics Association International Cyber Symposium.

Sure, he started by addressing Edwards Snowden’s leaks.

But then he talked about a debate he was prepared to have.

I do think it’s important to put that on the table, because as we go into cyber and look at–for cyber in the future, we’ve got to have this debate with our country. How are we going to protect the nation in cyberspace? And I think this is a debate that is going to have all the key elements of the executive branch–that’s DHS, FBI, DOD, Cyber Command, NSA and other partners–with our allies and with industry. We’ve got to figure how we’re going to work together.

How are we going to protect the nation in cyberspace? he asked a bunch of Military Intelligence Industrial Complex types.

At his cyber speech, Alexander also described his plan to build, train, and field one-third of the force by September 30 — something you might think he would have mentioned at BlackHat.

Not a hint of that.

Our US CyberCommander said — to a bunch of industry types — that we need to have a debate about how to protect the nation in cyberspace.

But then, a month later, with the group who are probably most fit to debate him on precisely those issues, he was all but silent.

Just terror terror terror.

Keith Alexander: We Report Violations to “Everyone”

At 32:14 in his speech to BlackHat yesterday, Keith Alexander said of the Section 215 dragnet,

We comply with the court orders and do this exactly right. And if we make a mistake, we hold ourselves accountable and report it to everyone.

Here’s what the 2011 report on both the telecom and Internet dragnets declassified yesterday said about NSA’s compliance failures (see PDF page 8).

Screen shot 2013-08-01 at 11.45.38 AM

By “everyone” Alexander appears not to include “citizens and taxpayers.”

As I reported Friday, Ron Wyden and Mark Udall say the Intelligence Committee downplays the seriousness of the violations that have occurred.

Their violations of the rules for handling and accessing bulk phone information are more troubling than have been acknowledged and the American people deserve to know more details.

Monday, Wyden elaborated further.

I am not allowed to discuss the classified nature of that, but I want to make sure those who are following this debate know that from my vantage point, reading those documents that are classified, these violations are more serious than have been stated by the intelligence community, and in my view that is very troubling. So I do hope Senators will go to the Intelligence Committee and ask to see those classified documents because I think when they read them–I think they will come to the conclusion to which I have come that, not only is what was stated by the Director of National Intelligence in that letter that was sent to you and me and Senator Udall and 23 other Senators–not only was that correct, but I think Senators who read those classified documents will also come to the conclusion that the violations are more serious than they thought–than the intelligence community portrayed.

After Alexander’s speech yesterday, CNBC asked further questions, including specifically about Wyden’s claims.

CNBC: General Alexander, Senator Wyden said yesterday that phone records collection abuse has been more significant than the government has acknowledged. What do you say about that?

Alexander: I’m not sure what he’s referring to, so I don’t know without him being more specific. If he could be. I think, um, maybe we should have a discussion on what that means.

(Alexander went on to provide actual specifics about what “everyone” means, though he did not explicitly admit it doesn’t include “everyone.”)

I’m not actually sure where that “if he could be” fits syntactically in Alexander’s response. But here’s why Wyden can’t provide more specifics.

Screen shot 2013-08-01 at 11.45.38 AM

Alexander, who is a classification authority (though James Clapper may be the classification authority for the 215 program), responded to a question about abuse by demanding that Wyden, who is not a classification authority, provide more details about something that NSA and ODNI have specifically kept classified.

But don’t worry. When they commit abuses, Alexander claimed, they tell “everyone.”

Later in the interview, Alexander told CNBC it could help.

Just reporting what somebody says is not the right thing to do for our country.

[snip]

Let’s put the facts on the table. If you just blindly take what somebody says, I think that’s not what our nation needs.

Yet blindly taking what somebody says about government abuse is precisely where Alexander and Clapper have left American citizens.

 

 

Wyden: We Proved that “Unique” and “Vital” Information Wasn’t in 2011

I should have some analysis on the documents James Clapper released yesterday.

But it’s worth pointing to Ron Wyden’s analysis. He notes that the two documents on bulk collection programs — one from 2009 and one from 2011, both of which covered the Internet and phone metadata programs — both boasted of how unique and valuable the information was.

The briefing documents that were provided to Congress in December 2009 and February 2011 clearly stated that both the bulk email records and bulk phone records collection programs were “unique in that they can produce intelligence not otherwise available to NSA.” The 2009 briefing document went on to state that the two programs “provide a vital capability to the Intelligence Community,” and the 2011 briefing document stated that they provided “an important capability.”

The problem is, by the end of 2011, Wyden and Mark Udall had been able to prove that the Intelligence Community had oversold the value of the Internet metadata program, which led to its termination.

Senator Mark Udall and I have long been concerned about the impact of bulk collection on Americans’ privacy and civil liberties, and we spent a significant portion of 2011 pressing the Intelligence Community to provide evidence to support the claims that they had made about the bulk email records program. They were unable to do so, and the program was shut down due to a lack of operational value, as senior intelligence officials have now publicly confirmed.

This experience demonstrated that intelligence agencies’ assessments of the usefulness of particular collection programs – even significant ones – are not always accurate.

So while the government thought these documents would prove how controlled these programs are (aspects of them don’t), Wyden demonstrates that they show the IC lies about the usefulness of programs when they talk to Congress about them.

Which is, Patrick Leahy suggested in yesterday’s hearing, what the IC appears to be doing when invoking 54 plots to justify the 215 phone dragnet, which has only been tied to 12 plots.

Which is an interesting dynamic to proceed today’s meeting between Obama, Wyden, Udall, Dianne Feinstein, Saxby Chambliss, Bob Goodlatte, James Sensenbrenner, Dutch Ruppersberger, and Mike Rogers.

The presence of Sensenbrenner is key: to the extent they still exist, he’s a mainstream Republican. And he’s furious about the 215 program that he himself shepherded through Congress in 2006. So I would assume today’s meeting is an effort to develop the White House’s plan to phase out the dragnet.

All that said, Obama has clearly gamed the results, by inviting more of the surveillance champions than he did critics (and apparently House Democrats don’t count anymore).

Obama probably won’t see this through his bubble, but the day before this meeting Wyden demonstrated that the basis for the rosy tales DiFi and the other Gang of Four members are telling are claims from the IC that have since been discredited.

Is THIS What Wyden Meant by “Allowing the NSA to Deliberately Search for Records of Particular Americans”?

A month ago, I noted that after Ron Wyden and Mark Udall criticized Keith Alexander for suggesting the NSA could not deliberately search the records of specific Americans, the NSA Director withdrew the white sheet implying such a claim.

The latest report from Glenn Greenwald, describing how XKeyscore allows analysts — with no court review or other oversight — to review already collected information by indexing on metadata.

The purpose of XKeyscore is to allow analysts to search the metadataas well as the content of emails and other internet activity, such as browser history, even when there is no known email account (a “selector” in NSA parlance) associated with the individual being targeted.

Analysts can also search by name, telephone number, IP address, keywords, the language in which the internet activity was conducted or the type of browser used.

One document notes that this is because “strong selection [search by email address] itself gives us only a very limited capability” because “a large amount of time spent on the web is performing actions that are anonymous.”

The NSA documents assert that by 2008, 300 terrorists had been captured using intelligence from XKeyscore.

Analysts are warned that searching the full database for content will yield too many results to sift through. Instead they are advised to use themetadata also stored in the databases to narrow down what to review.

A slide entitled “plug-ins” in a December 2012 document describes the various fields of information that can be searched. It includes “every email address seen in a session by both username and domain”, “every phone number seen in a session (eg address book entries or signature block)” and user activity – “the webmail and chat activity to include username, buddylist, machine specific cookies etc”.

[snip]

One document, a top secret 2010 guide describing the training received by NSA analysts for general surveillance under the Fisa Amendments Act of 2008, explains that analysts can begin surveillance on anyone by clicking a few simple pull-down menus designed to provide both legal and targeting justifications. Once options on the pull-down menus are selected, their target is marked for electronic surveillance and the analyst is able to review the content of their communications:

Now, one of the graphics included with the story has a drop down menu recording how the analyst decided the target of this collection was outside the US. That is, it should exclude US persons and others located within the US. So I’m not convinced this is what Wyden and Udall referred to (unless there’s a way to get to targets’ interlocutors I can’t immediately identify).

But if analysts can access information this easily I can understand why the Senators would be so concerned.

 

DOJ Responds to Non-Intell Committee Member of Opposition Party, But Not Intell Committee Member of President’s Party

On June 20, Rand Paul started seeking more information about how the FBI used drones. On July 9, he sent a second letter to find out about the FBI’s use of drones. After placing a hold on Jim Comey’s nomination to be FBI Director, Paul got results, with an unclassified letter admitting FBI had used drones 10 times, and a classified letter that presumably provided more detail. While Paul wasn’t satisfied with that information — he sent a follow-up asking when the FBI considers drones to impinge on reasonable expectations of privacy — he at least did get a letter. He released his hold and voted against Comey’s nomination.

Compare that to Ron Wyden, a member of the Intelligence Committee and of the President’s own party.

After meeting with Comey on July 18, Wyden sent Comey (care of DOJ’s Legislative Affairs Office) a letter on July 22 asking:

  • Whether the program that led to the hospital confrontation was the Internet metadata program and whether his concerns about it had been adequately address
  • Whether the Comey was satisfied with the way the government carried out surveillance activities during his tenure as Deputy Attorney General or whether he wished he had done more to rein them in
  • Whether the 2001 AUMF allowed the President to collect communications of Americans inside the US without a warrant
  • Whether collection of Americans’ phone record has any impact on their privacy and whether it is justified even if does not provide unique value
  • Whether he commits to giving a straight answer about how much evidence the FBI needs to track geolocation

DOJ’s Office of Legislative Affairs wrote Wyden back on July 29, basically saying, “Mr. Comey is not in a position to respond to the additional questions in your letter” in part because he “is not able to determine whether your questions implicate information that remains classified.”

Of course, several of these questions go to Comey’s fitness to be FBI Director and pertain to activities he knows better than anyone else. Others ask about his belief, something that doesn’t require classified information to share.

Wyden voted “present” for Comey’s nomination.

Mind you, Wyden didn’t wait as long as Paul before he got a far less responsive response. And he didn’t place a hold on Comey’s nomination (though given the almost unanimous support for Comey, a hold really wouldn’t have done much to delay the nomination).

Still, Wyden asked Comey questions that go far more directly to Comey’s own qualifications to be FBI Director. He asked Comey questions that he, as a member of the Intelligence Committee, should be able to get answers on.

And he got squat.

Ignatius Has Become a “Choice between Security and Privacy” Stenographer

David Ignatius should be ashamed about this column. Even by his standards, it serves simply as stenography for the buzzwords top security officials have fed him, such that he repeats lines like this without any critical thinking.

Gen. Keith Alexander and other top NSA officials are considering ways they could reassure the public without damaging key programs, according to U.S. officials. They think that forcing Congress to decide between security and privacy is an unfair choice, since the country would lose either way. They’d like an agreement that protects both, but that’s a tall order. [my emphasis]

Remember: we’re talking about the Section 215 dragnet, not the (according to all players) far more valuable Section 702 collection. Even according to the government, it has only come into play in 13 terrorist cases. The only one the government can describe where it has been crucial involves indicting a man the FBI determined was not motivated by terrorism but rather tribal affiliation sending less than $10,000 to al-Shabaab three and a half years earlier.

And yet Ignatius uncritically repeats that requiring the government to use more specificity with its collections would present Congress the “unfair choice” of “deciding between security and privacy.”

So it should be no surprise that Ignatius uncritically repeats other details of the program. For example, Ignatius claims this involves only two-hop analysis, when we know it can go three hops (and therefore millions of people) deep.

When the agency identifies a suspicious number in, say, Pakistan, analysts want to see who that person called in the United States and who, in turn, might have been contacted by that second person.

Ignatius doesn’t note the descriptions — from both Edward Snowden and James Clapper — that they then use this metadata to index previously collected communications. That’s because he’s too busy repeating that we don’t “record” these collections, as if we’d have to.

Then finally there’s Ignatius’ claim that SWIFT (the record of international financial transfers) presents a viable alternative to the dragnet program. As I have reported, when the EU finally got to audit what the US had been doing with SWIFT, they discovered the real content of the queries was transmitted verbally, making it impossible to audit the use.

Thus far, no one has explained whether the queries and underlying articulable suspicion gets automatically recorded or — as happened with one of the precursors to this program — manually in hardcopy form. If it’s the latter (which I will assume until someone asserts differently) it is prone to the same kind of large scale documentation lapses that could hide a great deal of improper use of the dragnet. Which, given Ron Wyden and Mark Udall’s insistence that the problems have been more problematic than James Clapper lets on, could well be the case.

All of these are issues anyone with Ignatius’ access might want to answer.

Alternately, that access may now serve to do no more than produce “security or privacy” automatons, repeating the obviously false cant Ignatius has here.

 

Wyden and Udall: They’re Blowing Smoke about Phone and Other Bulk Record Safety

When I wrote about the letter from Ron Wyden, Mark Udall, and 24 other Senators to James Clapper a month ago, I focused on the specter that Section 215 would be used to collect gun records (in response to which, the NRA let its political guns drop from flaccid fingers).

Given yesterday’s response from Wyden and Udall to Clapper’s response, I should have focused on this passage:

Senior officials have noted that there are rules in place governing which government personnel are allowed to review the bulk phone records data and when. Rules of this sort, if they are effectively enforced, can mitigate the privacy impact of this large-scale data collection, if they do not erase it entirely. Furthermore, over its history the intelligence community has sometimes failed to keep sensitive information secure form those who would misuse it, and even if these rules are well-intentioned they will not eliminate all opportunities for abuse.

In response to that passage, Clapper spent one paragraph talking about when the government can access this data and another describing the oversight over it, including,

Implementation of the program is regularly reviewed not only by NSA, but by outside lawyers from the Department of Justice and by my office, as well as by Inspectors General. The Executive Branch reports all compliance incidents on to the FISC.

Later, in response to a question specifically about violations, Clapper wrote,

Since the telephony metadata collection program under section 215 was initiated, there have been a number of compliance problems that have been previously identified and detailed in reports to the Court and briefings to Congress as a result of Department of Justice reviews and internal NSA oversight. However, there have been no findings of any intentional or bad-faith violations.

These problems generally involved human error or highly sophisticated technology issues related to NSA’s compliance with particular aspects of the Court’s orders. As required, those matters, including details and appropriate internal remedial actions, are reported to the NSA’s Inspector General, the Department of Justice, the Office of the Director of National Intelligence, the FISC and in reports provided to Congress and other oversight organizations.

To which Wyden and Udall insisted,

Their [in context, probably meaning NSA’s, though they did not specify] violations of the rules for handling and accessing bulk phone information are more troubling than have been acknowledged and the American people deserve to know more details.

Now, there are a couple of different things going on here.

First, as Wyden and Udall also note, Clapper didn’t answer their question, “How long has the NSA used the PATRIOT Act authorities to engage in bulk collection of Americans’ records? Was this collection underway when the law was reauthorized in 2006?” Clapper instead answered how long NSA was using Section 215 to get telephony metadata, answering May 2006. But we know that collection was briefed before passage of the PATRIOT reauthorization, and it appears the government used a kluged hybrid order to get it from at least the time the illegal program was revealed in 2005 until the reauthorization passed.  So this earlier use may implicate earlier violations.

Nevertheless, what Clapper claims to be human error seems to be something more, the querying of records pertaining to phone numbers that aren’t clearly terrorists (or Iranians).

And given the revelation the government has gone three hops deep into this data, the reference to “highly sophisticated technology issues” suggests more sophisticated data mining than a game of half-Bacon.

Finally, one more thing. In the debate over the Amash-Conyers amendment the other day, House Intelligence Chair Mike Rogers also boasted of the controls that — according to Wyden and Udall — have proven insufficient. But in the process of boasting, he admitted other agencies have less effective oversight than the NSA.

It is that those who know it best support the program because we spend as much time on this to get it right, to make sure the oversight is right. No other program has the legislative branch, the judicial branch, and the executive branch doing the oversight of a program like this. If we had this in the other agencies, we would not have problems. [my emphasis]

When Wyden and Udall asked this question originally, they asked specifically, “Have there been any violations of the court orders permitting this bulk collection, or of the rules governing access to these records?” While most of their questions specified NSA, that one didn’t. The FBI, not NSA, is the primary user of Section 215, though it shares its counterterrorism (and counterespionage) data with the National Counterterrorism Center.

And even Mike Rogers appears to believe “the other agencies” have problems with this kind of data.

All of which seems to suggest there have been serious problems with the NSA’s use of the phone record dragnet. But there have been even more serious problems with bulk records on other subjects as used by other agencies.

On the Growing Fight Against America’s Secret Enemies

Cora Currier describes the absurd response she got when she asked for a list of our enemies.

At a hearing in May, Sen. Carl Levin, D-Mich., asked the Defense Department to provide him with a current list of Al Qaeda affiliates.

The Pentagon responded – but Levin’s office told ProPublica they aren’t allowed to share it. Kathleen Long, a spokeswoman for Levin, would say only that the department’s “answer included the information requested.”

A Pentagon spokesman told ProPublica that revealing such a list could cause “serious damage to national security.”

“Because elements that might be considered ‘associated forces’ can build credibility by being listed as such by the United States, we have classified the list,” said the spokesman, Lt. Col. Jim Gregory. “We cannot afford to inflate these organizations that rely on violent extremist ideology to strengthen their ranks.”

Thing is, this is not entirely new. At least until February, the government had been refusing to give Ron Wyden a list of every country in which we’ve used lethal force. And he’s on the Intelligence Committee!

Indeed, Currier suggests one reason this might be classified would be if Obama was fighting these enemies under Inherent Authority.

The AUMF isn’t the only thing the government relies on to take military action. In speeches and interviews Obama administration officials also bring up the president’s constitutional power to defend the country, even without congressional authorization.

But, as Jack Goldsmith notes, something else seems to be going on here, because the response Currier got suggests the list is classified Secret, not whatever Top Secret compartment the government maintained for a year Wyden couldn’t access.

The language of the DOD release suggests that at least a few more groups (or elements of groups), and maybe many more groups (or elements), are on the AUMF “list.”  The existence of a “list” (which was unclear in the May 2013 AUMF hearing), and the fact that there may be at least a few groups (or elements of groups) on it, is itself news in the AUMF-watcher world.  It is also consistent with suggestions and implications in reports, such as in Mark Mazzetti’s book, that the AUMF is being invoked in various ways by DOD Special Operations Forces for non-covert military activities in many countries around the globe.

Third, it is entirely unclear why the USG can acknowledge some groups without unduly “inflating” them, and not others.  And this in turn makes me skeptical of the notion of “inflation.”  To be sure, some groups that are AUMF-able (such as, perhaps, the Haqqani network, a known but not acknowledged U.S. target) perhaps cannot be named because the operations are covert actions and involve deals of non-acknowledgment with foreign governments (or elements of foreign governments).  But that cannot be a comprehensive explanation for DOD’s secrecy.  By stating that disclosure of groups on the list would “reasonably be expected to cause serious damage to the national security,” DOD has tipped off that the list is classified only at the secret (as opposed to top secret) level.  (See Section 1.2 of E.O. 13,256.)  Covert actions are typically classified at the top secret level.  This implies (but does not prove) that some if not all of the AUMF-groups in question are not subjects of covert actions.

But remember: There are two other instances where the government has refused to clarify who is, and is not, an enemy.

When a bunch of people who have talked to, but not assisted, terrorists sued to stop the NSAA’s provisions allowing indefinite detention, the government refused (until it became convenient) to say whether they could be detained or not.

Then, as part of the Bradley Manning charges, the government kept one of the enemies it was going to prove he had aided classified (but ultimately didn’t argue he had aided that enemy in court).

Prosecutors accuse him of “aiding the enemy,” and three in particular: al-Qaida, al-Qaida in the Arabian Peninsula and a “classified enemy” referred to by a Bates number, which is a form of legal document identification.
Three professors of military law – Yale Law School’s Eugene Fidell, Duke University School of Law’s Scott Silliman and Texas Tech University School of Law’s Richard Rosen – told Courthouse News they had never heard of a case involving a “classified enemy.”
After being informed that the phrase stumped the professors, a military spokeswoman insisted that the confusion stemmed from a misunderstanding, because “who the enemy ‘is’ is not classified.”
“What ‘is’ classified is that our government has confirmed that this enemy is in receipt of certain compromised classified information, and that the means and methods of collection that the government has employed to make that determination are classified,” the spokeswoman said in an email.

One thing about all these instances — refusing to share a list of lethal force targeted countries with Ron Wyden, sharing a classified list with Carl Levin only on request, refusing to tell Americans (and one member of parliament from Iceland) whether they are counted as enemies, and refusing to tell Manning which enemy he supposed aided — is that they provide the executive maximum flexibility. That may not be the only thing this extreme secrecy about enemies does. But it is one thing it does do, along with hiding how broad the unilaterally declared war under Inherent Authority is.

It sure does make things confusing, though!