Posts

The Webster Report Recommendations and FBI’s Federated Back Door Searches

Back in 2013, in the context of a discussion of back door searches, I noted William Webster’s reference, in his report on the Nidal Hasan investigation, to using FISA communications with key targets as tripwires for further investigation, The following spring, in response to Bob Litt’s proclamation that it would be “impracticable” to require the government to count back door searches, I returned to Webster’s recommendations on fixing FBI’s archaic database access to make it easier to match communications from the same user (starting at 140). I suggested that back door searches — particularly their expansion in 2011 — might be a response to his recommendations.

To be fair, I suspect one of the issues is that after the Nidal Hasan attack (and this is just a very well educated guess), NSA rolled out a system whereby new communications between a targeted foreigner and an American automatically pulls up all previous communications involving that US person. That would count as a search, even though it would effectively feel like an automatic cross-referencing of all prior communications involving someone talking to a target, even if that is a US person.

Nevertheless, this means that NSA is conducting so many back door searches on US person data that it would be “impracticable” to actually give those searches some kind of review.

Not long after this hearing, we learned FBI was the agency for which it was impracticable to count back door searches, not NSA.

In the FISA court hearing on October 20, 2015 over whether FBI should provide individual justifications for back door searches, one of the government’s [redacted] lawyers explained that the way federated searches integrate back door searches indeed did come directly from the Webster Report recommendations.

To use an example more recent and even more on point, the Webster Commission’s report on the Fort Hood attack criticized the government’s queries of information in its possession. The people doing the assessment of Nidal Hasan did not identify several messages between Anwar Aulaqi and Nidal Hasan, and the commission deemed it essential that the FBI possess the ability to search all of its repositories and to do so without balkanizing those data sources.

And so these systems that do these federated queries that allow us to, yes, to query the 702 information, but all of these sources are in direct response to those findings, and they’re in direct response to our efforts over the last 15 years to bring down this artificial wall between the law enforcement mission of the FBI and its national security intelligence mission.

Reading this transcript reminded me that, back in 2014, I imagined all this would be automatic — not so much a search, but an interlinked search that would automatically pull up existing content.

There’s reason to believe that model, and the back door access at CIA and NSA to content (which was approved in 2011), was designed to work similarly.

One of the documents recently liberated by ACLU makes it clear that NSA’s metadata back door searches of 702 content are, in some way, automated, such that counts of such queries are counted using algorithms and business rules.

NSA will rely on an algorithm and/or a business rule to identify queries of communications metadata derived from the FAA 702 [redacted] and telephony collection that start with a United States person identifier. Neither method will identify those queries that start with a United States person identifier with 100 percent accuracy.

The I Con the Record report notes the back door content search number, which combined CIA and NSA, is also an estimate, which may suggest it is also counted algorithmically as well (though these are reviewed more closely in compliance reviews). In any case, CIA’s switch from counting each query using a US person identifier to counting each US person identifier queried leads me to suspect it — and NSA — use more of a tasking model, where certain US person identifiers automatically trigger for the period they’re tasked; at the NSA, at least, the duration of approval to do back door searches is either tied to the underlying probable cause FISA order or to a deadline set by the approving authority.

Finally, a Snowden document dating to March 2012 (when NSA was still setting up back door searches) shows that an NSA triage program would first walk users through methods to prioritize communications based off metadata, then have links to access the content directly.

At the time, the sole authority listed was EO 12333, but as noted, this is precisely when they were implementing back door searches on 702 content.

None of this is all that surprising (but hey! Yay me for understanding precisely where back door searches came from three years ago).

But it suggests as we talk about “back door searches,” what we’re really talking about — at least when looking at access programs like the one above — is automatic notice that back door content exists, where content is just a click away.

“Specific Selection Term:” Still Not Convinced

While I was squawking about how Jim Sensenbrenner issued a manager’s amendment (aka USA Freedumb) purporting to end bulk collection by tying everything to a “specific selection term” without defining what “specific selection term” meant, the House Judiciary Committee released an updated version of the bill defining the term.

(2) SPECIFIC SELECTION TERM.—The term ‘specific selection term’ means a term used to uniquely describe a person, entity, or account.’

All the relevant invocations of the term now refer back to this definition.

The language not only doesn’t convince me this bill works, I think it validates my concern about the bill.

That’s because the word “entity” is already too loosely defined. Is this like the definition of the entity that struck us on 9/11 that Presidents have expanded anachronistically? Al Qaeda = AQAP = al-Nusra?

And in just about every case imaginable — an entity’s phone numbers, its bank accounts, its email addresses (though perhaps not domain name and IP) — there is a necessary translation process between the entity and the selector(s) that would be used for a search.

That this translation happens shows up in some of the invocations of “specific selection term” where they say the “specific selection term” will be used as a “basis” for selecting what to actually search on, as with the Pen Register section.

(3) a specific selection term to be used as the basis for selecting the telephone line or other facility to which the pen register or trap and trace device is to be attached or applied; and’

Al Qaeda is not the name of the telephone line (or facility, which itself has been an invention used to conduct bulk collection in the name of a specific selector).

This “basis for” language shows up even with the NSL language.

COUNTERINTELLIGENCE ACCESS TO TELEPHONE TOLL AND TRANSACTIONAL RECORDS.—Section 2709(b)  of title 18, United States Code, is amended in the matter preceding paragraph (1) by striking ‘‘may’’ and inserting ‘‘may, using a specific selection term as the basis for a request’’.

If the bill just required account identifiers or eliminated that “as a basis for” language, it might work. But as it is, that “as a basis for” involves analysis that also involves the possibility of using far different — and far broader — terms for the actual queries. (And it’s not clear — at least not to me — where and whether judges would get to approve this translation process.)

But you don’t have to take my word for it. You can look at a program that relied on “specific selection terms” “as a basis for” unbelievably vast collection.

The phone dragnet program.

In every single phone dragnet order, there’s a section that says records may only be searched if they’ve been associated with particular entities. Here’s the first one:

Screen shot 2014-05-06 at 10.15.18 PM

Read more

2 Agents 3 Hours a Day Weren’t REALLY Reading Anwar al-Awlaki’s Email

Former CIA Deputy Director John McLaughlin wants you to believe the NSA wasn’t really reading Anwar al-Awlaki’s communications content, on whose emails (including the web-based ones) the NSA had a full-time tap at least as early as March 16, 2008.

In my experience, NSA analysts err on the side of caution before touching any data having to do with U.S. citizens. In 2010, at the request of then-Director of National Intelligence Dennis Blair, I chaired a panel investigating the intelligence community’s failure to be aware of Umar Farouk Abdulmutallab, the “underwear bomber” who tried to blow up a commercial plane over Detroit on Dec. 25, 2009.

The overall report remains classified, but I can say that the government lost vital time because of the extraordinary care the NSA and others took in handling any data involving a “U.S. person.” (Abdulmutallab, a Ni­ger­ian, was recruited and trained by the late Anwar al-Awlaki, a U.S. citizen based in Yemen.)

And maybe that’s the case.

Except it doesn’t seem to square with the report that two FBI Agents were spending 3 hours a day each reading Awlaki’s mail. It doesn’t seem to accord with the efforts those Agents made to chase down the Nidal Hasan lead — which, after all, infringed on the privacy of two American citizens, against one of whom probable cause had not been established. You’d think it would be far easier to chase down the Abdulmutallab messages, particularly given what has been portrayed as more clearly operational content, given that Abdulmutallab would have gotten no protection as a US person.

Sure, those Agents complained about the “crushing” volume of the communications content they had to review every day, but that was a factor of volume, not any restrictions on reading FISA target Anwar al-Awlaki’s email.

Don’t get me wrong. I’m thrilled someone has raised Abdulmutallab in the context of assessing NSA’s dragnet, which I’ve been calling for since October.

UndieBomb 1.0 was the guy who was allegedly plotting out Jihad with Anwar al-Awlaki — whose communications the FBI had two guys reading – over things like chats and calls. That is, Umar Farouk Abdulmutallab was a guy whose plot the NSA and FBI should have thwarted before he got on a plane. (To say nothing of the CIA and NCTC’s fuck-ups.)

And yet, he got on that plane. His own incompetence and the quick work of passengers prevented that explosion, while a number of needles went unnoticed in the NSA’s most closely watched haystacks.

Nevertheless, the lesson DiFi takes is that we need more haystacks.

Shouldn’t the lessons of UndieBomb 1.0 be just as important to this debate as the partial, distorted, lessons of 9/11?

(I’ve also been wondering why Faisal Shahzad, who was getting instructions, including hawala notice, from known targets of drone strikes in Pakistan, before his attack, wasn’t identified by phone and Internet dragnet analysis as a person of interest through those contacts, though that may legitimately be because of turmoil in both dragnet programs.)

But for McLaughlin’s claims to be true then the description of the treatment of the Awlaki wiretaps in the Webster report on the Nidal Hasan investigation wouldn’t seem to make sense.

By all means, let’s hear what really happened back between 2008 and 2010, when the NSA missed multiple contacts with top AQAP targets and TTP targets and as a result missed two of the three main international terrorist attacks on this country since 9/11. That should be part of the debate.

But let’s be very clear whether it was really limits on US person data, when we see FBI reading content of two US persons directly, or rather the sheer volume we’re collecting (as well as the crappy computer systems FBI had in place in 2009) that caused the dragnet to fail.

Was Adel Daoud Targeted Off of a Back Door Search of Traditional FISA Collection?

Daoud Adel is a 20-year old US citizen from suburban Chicago who was charged last year in an FBI sting in which he allegedly tried to set off a car bomb outside a night club. Last year, during the debate on FISA Amendments Act reauthorization, Dianne Feinstein named his case directly, suggesting he had been busted using the legislation before the Senate. His legal team first demanded the FAA material she suggested existed back in May. And in September, they requested discovery for materials relating to FAA.

The government, however, strongly suggests none of the communications used to charge him were collected under FAA. It even suggests he misunderstands the meaning of DiFi’s comment.

Any discovery based on the FAA is unwarranted here because the FAA is simply not at issue in this case. As the Government explained in a previous filing, it “does not intend to use any such evidence obtained or derived from FAA-authorized surveillance in the course of this prosecution.” (DE 49, at 2).

[snip]

The defendant’s claim that the Government should disclose “the nature of the FAA surveillance in this case even, for instance[,] Defendant’s communications themselves were not intercepted” is perplexing. (DE 52, at 15 n.11). If Daoud’s communications were not intercepted, or his facilities not targeted, he would not be aggrieved and have no basis to challenge the collection. The Government sees no legal relevance to his broad discovery request.

Moreover, the defendant has also made multiple claims, in this motion and others, based on his interpretation of a single public remark. While the Government appreciates the defendant’s position in litigating FISA-related matters, it offers that the defendant may misunderstand this public remark, which is not a revelation that has any legal implication.

[snip]

As the Government has explained, this case singularly involves “traditional” FISA surveillance. [my emphasis]

Soapbox Orator’s comments in response to one of my posts on back door searches led me to examine the government’s response closely and I now suspect Daoud may have been identified using a back door search on traditional FISA collection.

Much of this debate centers on comments DiFi made on December 27, 2012, which seemed to suggest the 8 cases she named involved FAA.  But those comments were in response to comments Ron Wyden had just made. In that speech Wyden described (among other problems with FAA) back door searches.

The fact is, once the government has this pile of communications, which contains an unknown but potentially very large number of Americans’ phone calls and e-mails, there are surprisingly few rules about what can be done with it.

For example, there is nothing in the law that prevents government officials from going to that pile of communications and deliberately searching for the phone calls or e-mails of a specific American, even if they do not have any actual evidence that the American is involved in some kind of wrongdoing, some kind of nefarious activity.

Read more

William Webster Meets Edward Snowden, IRTPA, Roving Wiretaps, and the Phone Dragnet

For a post on back-door searches, I’m re-reading the William Webster report on whether the FBI could have anticipated Nidal Hasan’s attack. In the light of the Edward Snowden disclosure, I’m finding there are a number of passages that read very differently (so expect this to be a series of posts).

As you read this, remember two things about Webster’s report. First, FBI and NSA’s failure to find Umar Farouk Abdulmutallab in spite of texts he sent to Anwar al-Awlaki was probably prominent on the Webster team’s mind as they completed this (and surely factors significantly in the classified version of the SSCI report on the UndieBomb). So some of the comments in the Webster report probably don’t apply directly to the circumstances of Nidal Hasan, but to that (and Webster notes that some of the topics he addresses he does because they’re central to counterterrorism approaches). And the Webster report is perhaps the most masterful example of an unclassified document that hides highly classified background.

All that said, in a section immediately following Webster’s description of Section 215, Webster discusses how Roving Wiretaps, Section 6001 of IRTPA, and Section 215 were all reauthorized in 2011.

When FISA was passed in 1978, the likely targets of counterterrorism surveillance were agents of an organized terrorist group like the Red Brigades, the Irish Republican Army, or the Palestinian terrorist organizations of that era. Given the increasing fluidity in the membership and organization of international terrorists, the FBI may not be able to ascertain a foreign terrorist’s affiliation with an international organization. Section 6001 of the Intelligence Reform and Terrorist Prevention Act of 2004 (IRTPA) allows the government to conduct surveillance on a non-U.S. person who “engages in international terrorism or activities in preparation therefor” without demonstrating an affiliation to a particular international terrorist organization. Pub. L. 108-458, § 6001, 118 Stat. 3638, 3742 (2004).

Sections 206 and 215 of the PATRIOT Act and Section 6001 of IRTPA were scheduled to “sunset” on December 31, 2009. In May 2011, after an interim extension, Congress extended the provisions until June 1, 2015, without amendment. [my emphasis]

I find this interesting, first of all, because it doesn’t mention the Pen Register and Lone Wolf language that also got reauthorized in 2011 (suggesting he lumped these three together for a specific reason). And because it puts the language, “engages in international terrorism or activities in preparation therefor” together with roving wiretaps (“continuous electronic surveillance as a target moves from one device to another”), and Section 215, which we now know includes the phone dragnet.

As we’ve seen, DiFi’s Fake FISA Fix includes the language from IRTPA, on “preparation therefor,” which I thought was an expansion of potential targets but which I presume now is what they’ve been using all along. While I don’t recall either the White Paper nor Claire Eagan’s language using that language, I’m wondering whether some underlying opinion does.

Now consider how the roving wiretap goes with this. One reason — probably the biggest reason — they need all phone records in the US is so they can use it to find targets as they move from one burner cell phone to another. Indeed, one passage from DiFi’s Fake FISA Fix seems specifically designed to authorize this kind of search.

(C) to or from any selector reasonably linked to the selector used to perform the query, in accordance with the court approved minimization procedures required under subsection (g).

That language “reasonably linked” surely invokes the process of using algorithms to match calling patterns to calling patterns to find a target’s new phone. And note this is the only query that mentions minimization procedures, so the Court must have imposed certain rules about how you treat a new “burner” phone ID until such time as you’ve proven it actually is linked to the first one.

What’s interesting, though, is that the Webster report also lumps roving wiretaps in with this. What’s at issue in Nidal Hasan’s case was effectively roving electronic communication; he emailed Awlaki from several different email addresses and one of the problems FBI had was in pulling up Hasan’s communications under both identities (you can see how this relates to the back door loophole). But the inclusion of roving wiretaps here seems to suggest the possibility that a court has used the existing of roving wiretap approval for the use of the phone dragnet to find burner phones (which shouldn’t have been an issue in the Nidal Hasan case but probably was for Abdulmutallab).

One more comment? The notion that identifying an Al Qaeda target is any harder than identifying an IRA-affiliate is utter nonsense. If anything, US-based IRA affiliates were harder to identify because they were completely and utterly socially acceptable. But I guess such myths are important for people advocating more dragnet.

It’s Not Just Whether Nidal Hasan’s Emails Stuck Out, It’s Whether Abdulmutallab’s Did

I’ve been meaning to return to the Webster report on Nidal Hasan’s conversations with Anwar al-Awlaki. This conversation between Gunpowder & Lead and Intelwire about how alarming those emails were will be a start provides a good place to start.

Hasan’s emails should have raised more concern–but probably didn’t because of the sheer volume of Awlaki intercepts

G&L notes that certain details from the emails–such as his invocation of Hasan Akbar, a Muslim-American soldier who killed two officers in Kuwait–as an example that should have raised more concern than it did.

But more significant, his question to Awlaki didn’t actually deal with the valid question that he raised, the feeling of inner conflict between one’s faith and serving in the U.S. military. Instead, he leaped right to a question that should rightly trigger alarm: if Hasan Akbar died while attacking fellow soldiers, would he be a martyr? Hasan skipped over questions about whether serving in the U.S. military is religiously acceptable; whether going to war against fellow Muslims is a violation of religious principles. Instead, in addressing “some” soldiers who felt conflicted about fighting fellow Muslims, Hasan right away asked whether it was permissible to kill other U.S. soldiers in the way Hasan Akbar.

After a close analysis of a number of the emails, G&L refutes the representation of these emails as “fairly benign.”

I agree with that assessment (and would add that the suggestion, in a February 22, 2009 email, that Hasan was donating to entities that his mosque would not is another troubling detail). But I also agree with Intelwire. These emails, from an Army officer, surely merited more attention. But these emails, as they likely appeared among the stream of Anwar al-Awlaki communications, probably did not stick out.

Based on who Hasan was (a military officer), who he was talking to (a suspected 9/11 accomplice), and the fact he repeatedly tried to get Awlaki’s attention using a variety of stratagems, the case should have been escalated and Hasan’s superiors should have been informed.

But when you place the content of Hasan’s messages alongside all the other raw intelligence that counterterrorism investigations generate, it’s extremely hard to argue from a subjective, non-psychoanalytical reading that they represented a red flag.

Which is why this report has seemed poorly scoped to me. Because not only did Nidal Hasan’s emails fail to trigger further attention, but Umar Farouk Abdulmutallab’s contacts with Awlaki before Fort Hood did too.

In spite of the fact that the FBI had two people spending a significant chunk of each day (they claimed it took 40% or 3 hours of their work day; 88) reviewing communications tied to Awlaki, in spite of the fact that two men about to attack the US were in contact with Awlaki, “the FBI’s full understanding of Aulaqi’s operational ambitions developed only after the attempted bombing of Northwest Airlines Flight 253 on Christmas Day 2009.” (72)

The government also failed to respond to Abdulmutallab intercepts leading up to the Fort Hood attack

Consider: according to the report itself, Robert Mueller formally asked William Webster to conduct this inquiry on December 17, 2009 (though Webster’s appointment was reported over a week before then). Just 8 days later, another terrorist who had been in contact with Awlaki struck the US. Just 5 days after that, sources started leaking details of NSA intercepts from 4 months earlier (so around August) that might have warned about the attack.

Intelligence intercepts from Yemen beginning in early August, when Abdulmutallab arrived in that country, contained “bits and pieces about where he was, what his plans were, what he was telling people his plans were,” as well as information about planning by the al-Qaeda branch in Yemen, a senior administration official said. “At first blush, not all these things appear to be related” to the 23-year-old Nigerian and the bombing attempt, he said, “but we believe they were.”

It’s unclear how many of these intercepts were directly between Abdulmutallab and Awlaki, and therefore presumably reviewed by the FBI team in San Diego. But at least according to the sentencing materials submitted in the Abdulmutallab case (there are reasons to treat this with a bit of skepticism), there were substantive communications between Awlaki and Abdulmutallab.

Defendant provided this individual [who offered to connect him with Awlaki] with the number for his Yemeni cellular telephone. Thereafter, defendant received a text message from Awlaki telling defendant to call him, which defendant did. Read more

What Was the Evidence Supporting the First Strike on Anwar al-Awlaki?

According to the William Webster report, the FBI’s understanding about Anwar al-Awlaki’s operational role developed only after the UndieBomb attack.

As of January 7 and June 16, 2009, the FBI knew anwar al-Aulaqi was an anti-American, radical Islamic cleric and the subject of a Tier <redacted> FBI counterterrorism investigation. San Diego believed [<redacted> that Aulaqi was [developing ambitions beyond radicalization] <redacted>. WFO viewed him at that time as merely inspirational. The FBI’s full understanding of Aulaqi’s operational ambitions developed only after the attempted bombing of Northwest Airlines Flight 253 on Christmas Day 2009. [72; emphasis mine]

On December 24, 2009–the day before FBI began to understand Awlaki’s operational ambitions–a JSOC strike in Yemen missed Anwar al-Awlaki.

Dana Priest’s report revealing Awlaki was subsequently added to a JSOC kill list, published three days before Umar Farouk Abdulmutallab started cooperating again with the FBI, claims Awlaki was not the target of that December 24, 2009 strike.

As part of the operations, Obama approved a Dec. 24 strike against a compound where a U.S. citizen, Anwar al-Aulaqi, was thought to be meeting with other regional al-Qaeda leaders. Although he was not the focus of the strike and was not killed, he has since been added to a shortlist of U.S. citizens specifically targeted for killing or capture by the JSOC, military officials said. The officials, like others interviewed for this article, spoke on the condition of anonymity because of the sensitivity of the operations. [my emphasis]

But Ali Abdullah Saleh, speaking with David Petraeus three weeks before Priest’s report, sure seemed to treat Awlaki as one of two targets of the strike.

Saleh praised the December 17 and 24 strikes against AQAP but said that “mistakes were made” in the killing of civilians in Abyan. The General responded that the only civilians killed were the wife and two children of an AQAP operative at the site, prompting Saleh to plunge into a lengthy and confusing aside with Deputy Prime Minister Alimi and Minister of Defense Ali regarding the number of terrorists versus civilians killed in the strike. (Comment: Saleh’s conversation on the civilian casualties suggests he has not been well briefed by his advisors on the strike in Abyan, a site that the ROYG has been unable to access to determine with any certainty the level of collateral damage. End Comment.) AQAP leader Nassr al-Wahishi and extremist cleric Anwar al-Awlaki may still be alive, Saleh said, but the December strikes had already caused al-Qaeda operatives to turn themselves in to authorities and residents in affected areas to deny refuge to al-Qaeda. [my emphasis]

Given that we blamed Saleh for the strike, you have to assume he knew who the targets were. And he seems to suggest that both Wuhayshi and Awlaki were the intended targets.

Read more

Jailed Journalist More Credible than FBI Interview

There are two paragraphs of the William Webster report on Nidal Hasan’s contacts with Anwar al-Awlaki I find particularly interesting. [This appears on page 62; remember that Webster uses both redactions and substitutions–I’ve used different brackets to distinguish the two]

<Redacted> [In mid]-2011, an FBI <redacted> report documented an interview with an FBI subject <redacted> in which <redacted> [the subject] claimed to have met Aulaqi after the Fort Hood shootings. According to <redacted> [the subject], Aulaqi told him that Hasan “had contacted him via the Internet and had asked what he could do to help Muslims” and that Aulaqi had “advised Hasan that since he was an American soldier, he should kill other American soldiers.” According to <redacted> [the subject], Aulaqi said he had given Hasan “permission to carry out his attacks on Fort Hood.”

Although Hasan did contact Aulaqi via the Internet, we found no evidence, direct or indirect, that Aulaqi made these purported statements to Hasan (see Chapter 7). The evidence shows instead that Aulaqi did not even respond to Hasan’s first message and its question about whether the acts of Muslim soldiers who had killed other soldiers could be reconciled with the Quran. The Washington Post reported on November 16, 2009, that in an interview with a Yemeni journalist, Aulaqi “said that he neither ordered nor pressured Maj. Nidal M. Hasan to harm Americans….”

In effect, the conclusion of the Webster report is that this claim from an FBI interview proved to be uncorroborated by the known evidence. The suggestion is it may be a false claim–perhaps made by someone overselling his knowledge, perhaps to negotiate an informant deal or distract the FBI.

But in the following paragraph, as if to corroborate what the data say–which is that no such communication happened–Webster treats the claims Awlaki made to a journalist in a November 2009 interview as credible.

While Webster doesn’t say it, the journalist in question is Abdulelah Haider Shaye, the Yemeni journalist who remains in jail based in part on Obama’s direct request to former President Ali Abdullah Saleh.

In his first interview with a journalist since the Fort Hood rampage, Yemeni American cleric Anwar al-Aulaqi said that he neither ordered nor pressured Maj. Nidal M. Hasan to harm Americans, but that he considered himself a confidant of the Army psychiatrist who was given a glimpse via e-mail into Hasan’s growing discomfort with the U.S. military.

[snip]

Aulaqi declined to be interviewed by an American journalist with The Washington Post. But he provided an account of his relationship with Hasan — which consisted of a correspondence of a dozen or so e-mails — to Abdulelah Hider Shaea, a Yemeni journalist and terrorism expert with close ties to Aulaqi whom The Post contacted to conduct the interview. The Post reimbursed Shaea’s travel expenses but did not pay him.

On Sunday, Shaea offered details of his interview with Aulaqi, an influential preacher whose sermons and writings supporting jihad have attracted a wide following among radical Islamists. Shaea allowed a Post reporter to view a video recording of a man who closely resembles pictures of Aulaqi sitting in front of his laptop computer reading the e-mails, and to hear an audiotape in which a man, who like Aulaqi speaks English with an American accent, discusses his e-mail correspondence with Hasan.

Now, as I’ll post later, it looks like the representations of the emails that both Shaye and government sources provided underplayed the degree to which Awlaki comes off as a disinterested egotist rather than terror inspiration (though both seem to be a response to the way Pete Hoekstra framed the emails; notably, Crazy Pete has, AFAIK, remained utterly silent about the Webster report which shows his demagoguery to be overblown).

But I find it notable that the Webster report treats Awlaki’s comments–as mediated by Shaye and the WaPo–to be more credible than the FBI interview.

The William Webster Report: Working Thread

The William Webster report into the Nidal Hasan killing is here. I’m about 45 pages in–it’s an interesting report, both in content and in method. In particular, I like the way Webster dealt with classified information, including both redactions bu also substitutions.

I’m going to do a working thread here, though will be reading most of this after dinner. I’m going to use both the spelling Aulaqi here, bc that’s what the report uses, just so I can type directly, as well as Awlaki, bc that’s what I’m used to. Sorry about the lack of page numbers at the beginning.

Page 7: Note what is not included on the list of JTTF successes: The Najibullah Zazi investigation, even though FBI has bragged about JTTF’s work in Aurora CO. Also note that Mohamed Osman Mohamud–and a bunch of other entrapments–are on the list.

Databases: Webster’s section on databases really makes it clear that 7 years after 9/11, FBI agents were still dealing with a klugy, unworkable system.

Note the reference to what tier Aulaqi’s investigation was treated as.

Note the investigation into Aulaqi had lapsed, then got picked up again in 2006. Also, unless I’m missing it, they don’t mention the prostitution.

PDF 45: “The Aulaqi [investigation] [redacted] also served as an occasional “trip wire” for identifying [redacted] persons of interest.” This admits something that has been clear: FBI used Aulaqi (and Samir Khan and others) as a place to go look for radicals.

Read more

An Interesting Few Days for Al-Awlaki

Earlier today, bmaz and I asked a series of questions about the significance of Anwar al-Awlaki’s name on the list of US citizens who can be assassinated with no due process.

bmaz: So, the US can put Awlaki on a list for death by assassination, but couldn’t, and apparently still cannot, form the basis to prosecute him criminally??

ew: And cannot prosecute him having had a tap on his phones going back–at the very least–at least a year?

ew: I wonder if [the targeting of Awlaki] is what happened to the William Webster inquiry into Awlaki’s communications with Nidal Hasan?

Today, Declassifed blog’s Mark Coatney asked a related question that I had earlier raised: Why was the Administration, immediately, so chatty about the Underwear Bomber, even while it remains very close-lipped about Nidal Hasan? (The Administration–though not, apparently, Webster–was supposed to brief the Intelligence Committees on the Hasan investigation today, which I guess makes it safe to assume Dana Priest’s article came up in the briefing, if Congress didn’t already know about the assassinations of American citizens.)

Capitol Hill officials say that the Obama White House and relevant government agencies have been very cooperative in supplying congressional oversight committees with a torrent of information—both raw intelligence and law-enforcement material and results of internal administration inquiries—about alleged would-be Christmas Day underpants airplane bomber Umar Farouk Abdulmutallab. President Obama and other senior administration officials have said that in the months before Abdulmutallab boarded his flight from Amsterdam to Detroit, U.S. agencies had collected various “bits and pieces” of intelligence, which, had they been properly knitted together, might well have enabled U.S. authorities to foil Abdulmutallab’s attempted airplane bombing before he boarded his flight.

By contrast, the same officials allege that the administration has been relatively tightfisted with information, both from raw intelligence and law-enforcement files and from postmassacre investigations, on the background of the accused Fort Hood shooter. Congressional officials say they don’t know why the administration has been more reticent about Fort Hood than about the failed underpants attack, but that the contrast between how the cases have been treated up until now has been striking.

I’m glad I wasn’t the only one noticing the disparity in treatment of the two extremists.

More interesting than the confirmation that I’m not crazy in seeing the disparity, though, is the timeline revealed in several recent details on Al-Awlaki.

December 17, 2008: Nidal Hasan sends first email to al-Awlaki “asking for an edict regarding the [possibility] of a Muslim soldier killing his colleagues who serve with him in the American army”

November 5, 2009: Hasan killings in Ft. Hood

November 8, 2009: Al-Awlaki blesses Hasan’s killings

November 19, 2009: Underwear Bomber Umar Farouk Abdulmutallab’s father alerts US embassy of his concerns about his son

December 4, 2009:  Abdulmutallab leaves Yemen, having met with al Qaeda Arabian Peninsula members, possibly including al-Awlaki

December 22, 2009: FBI Deputy Director John Pistole provides classified briefing to Senate Homeland Security Committee on Fort Hood

December 23 (?), 2009: Al-Awlaki does interview with al-Jazeera that is subsequently posted to many jihadi forums

December 24, 2009: Strike in Yemen mistakenly thought to have hit al-Awlaki

December 25, 2009: Abdulmutallab attempts to blow up plane outside of Detroit

December 26, 2009: Crazy Pete Hoekstra says there may have been ties between al-Awlaki and Abdulmutallab

After December 24 but before end of 2009: Al-Awlaki added to JSOC list of those to be killed or captured

December 29: Moonie Times reports that al-Awlaki blessed Abdulmutallab’s plot beforehand (based on intelligence source)

If you match this timeline with the assertion that Awlaki had some tie with Abdulmutallab and that he was placed on the assassination list(s) just after Abdulmutallab’s attempted attack, then it seems clear that, after al-Awlaki’s ties to Hasan became clear, and after the attempted attack in Detroit, the Obama Administration almost immediately placed him on the list. Read more