What an Overbroad Section 215 Order Looks Like

Screen shot 2013-06-05 at 10.02.05 PMGlenn Greenwald has a tremendous scoop, for the first time I know of publishing a Section 215 warrant — in this case one asking for all US-based traffic metadata from Verizon Business Services from April until July.

Now, I think that this actually affects just a subset of all Verizon traffic: the business-focused traffic rather than Verizon Wireless or similar consumer products most people subscribe to (and if that’s so, the shitstorm that is about to break out will be all the more interesting given that rich businessmen will be concerned about their privacy for once).

Also, this does not ask for call content. It asks only for metadata, independent of any identifying data.

In other words, they’re using this not to wiretap the conversations of Occupy Wall Street activists but to do pattern analysis on the telecom traffic of (I think) larger businesses.

The request does, however, ask for location data (and Verizon does offer bundles that would include both cell and cloud computing). So maybe the FBI is analyzing where all Verizon’s business customers are meeting for lunch.

My extremely wildarsed guess is that this is part of hacking investigation, possibly even the alleged Iranian hacking of power companies in the US (those stories were first reported in early May).

I say that because cybersecurity is a big part of what Verizon Enterprise (as I believe they now go by) sells to its business customers; the infographic above, warning of data breaches when you least expect it (heh), is part of one they use to fear-monger its customers. Energy consumers are one of its target customer bases. And the case studies it describes involve several Smart Grid projects. Precisely the kind of thing the government is most freaked out about right now.

After all, aside from Medicare fraud, the government simply doesn’t investigate businesses, ever. Certainly not the kind of bankster businesses we’d like them to investigate. One of the few things they investigate business activities for is to see if they’ve been compromised. Moreover, the Section 215 order requires either a counterintelligence or a counterterrorist nexus, and the government has gone to great lengths to protect large businesses, like HSBC or Chiquita, that have materially supported terrorists.

Anyway, that’s all a wildarsed guess, as I said.

Ah well. If the government can use Section 215 orders to investigate all the Muslims in Aurora, CO who were buying haircare products in 2009, I’m sure big business won’t mind if the government collects evidence of their crimes in search of Iran or someone similar.

Update: Note, this order seems to show a really interesting organizational detail. This is clearly an FBI order (I’m not sure who, besides the FBI, uses Section 215 anyway). But the FISA Court orders Verizon to turn the data over to the NSC. This seems to suggest that FBI has NSA store and, presumably, do the data analysis, for at least their big telecom collections in investigations. That also means the FBI, which can operate domestically, is getting this for DOD, which has limits on domestic law enforcement.

image_print
30 replies
  1. natasha1 says:

    Why assume that the leaked order was the only one served? For all we know there are similar orders for operating / business units of Verizon and other telcos and collecting this info is SOP.

  2. Joe says:

    Interesting analysis, seems likely. Sad to see major outlets (Forbes, EFF, WaPo) reporting this as “All Verizon phone records given to govt”, at least on Twitter.

    What will Republicans do? And Democrats for that matter? This will be interesting, I really can’t imagine what’s going to happen

  3. Snoopdido says:

    Your wildarsed guess that this is part of hacking investigation, possibly even the alleged Iranian hacking of power companies in the US may eventually prove to be the case, but there is one thing that sticks out about the Section 215 warrant that bothers me in that regard (other than this could be about the Chinese hacking US companies).

    From the warrant:

    “all call detail records or “telephony metadata” created by Verizon for communications (i) between the United States and abroad; or (ii) wholly within the United States, including local telephone calls”

    The bothersome part is part (ii). Calls located wholly in the US, and including local telephone calls?

    That sounds more like secondary and tertiary tiers of community of interest connections.

  4. bmaz says:

    “I’m not sure who, besides the FBI, uses Section 215 anyway”

    Yeah, me either. But, if there are any other such entities within USG, I would certainly like to know.

  5. emptywheel says:

    @Snoopdido: Yup. It does. And I think they’d get a lot of this via other means. But if people are phishing, or if they’re bouncing their location off other accounts they might need everything in the US.

  6. Frank33 says:

    This is very special, by the Authorities. And I call it not just a Scoop, but a Meta-Scoop. Note that they do not require Verizon to give up calls from other countries that are not to or from the USA.

    And it is absolutely VERBOTEN to reveal this secret order. Anyone who does reveal it will be subject to secret rendition. So oh…

  7. What Constitution? says:

    Boy oh boy, reading that Greenwald piece I sure am glad that I only post stuff anonymously under a clever “handle”. Can’t be too careful these days. Oh, and that I haven’t done anything wrong, so I couldn’t have anything to worry about. Thank goodness the guys getting these subpoenas are from the government and are here to help me! See ya, 2-1/2 Men coming on soon!

  8. Joe says:

    @natasha1: we can’t assume that other orders were served because there isn’t proof. We can certainly estimate and conjecture, but we don’t just assume the worst of everything; that’s what the government does.

  9. Snoopdido says:

    Emptywheel, would you mind contacting Glenn Greenwald about this truly obnoxious and false part of a Time article (http://newsfeed.time.com/2013/06/05/7-things-to-know-about-the-governments-secret-database-of-cellular-data/) on this subject?

    I think Glenn should get them to publicly and profusely apologize:

    “7. The Guardian‘s Glenn Greenwald had the scoop: Greenwald, an American columnist for the British newspaper, has a long history of challenging the surveillance state. Originally a supporter of George Bush and the Iraq War, he wrote a scathing indictment of government overreach in his 2006 book How Would a Patriot Act? During the Obama years he’s frequently criticized the President for infringing on civil liberties.”

    Glenn, a supporter of Bush and the Iraq war? What utter nonsense!

  10. john francis lee says:

    It has nothing to do with Iran, China, terrorism, external threats … It has everything to do with developing a basis to prosecute any and everyone when we act up after the collapse of the dollar, when it really hits the fan ,..

    Revealed: NSA collecting phone records of millions of Americans daily

    In a letter to attorney general Eric Holder last year, they [Wyden and Udall] argued that “there is now a significant gap between what most Americans think the law allows and what the government secretly claims the law allows.”

    “We believe,” they wrote, “that most Americans would be stunned to learn the details of how these secret court opinions have interpreted” the “business records” provision of the Patriot Act.

    Coleen Rowley was speaking to Glen Ford, about drones and the ‘drone memo’, but her observation holds across all of Barack the Mob Lawyer Obama’s ‘memos’ …

    Listen to Black Agenda Radio on the Progressive Radio Network, with Glen Ford and Nellie Bailey – Week of 6/3/13

    You know, here’s what I’ve seen that’s been going on – and this began under Bush and I think Obama said “Well, that’s a good idea, I think I’m going to copy it. It’s ‘legalizing’ … So there were many actions that were completely, highly illegal – torture is one, torture is jus cogens, that means there is no excuse, that means there is no ticking time-bomb, no emergency – there is absolutely no possible way you can legalize torture, and yet John Yoo and his cohorts wrote memos and in, at the very least, years later when they became public it was then a fall-back – one of the lawyers called it : “It’s our golden shield.” And so all of the officials who followed thes unlawful memos were able then to say, “Well, sure. It was bad advice. But we were just following this bad advice. … And all of the Bush administration people have so far relied upon that theory of following bad advice : ‘our golden shield’.

    And I think Obama came along and said hmm, that worked really well, I’m going to do the same thing … what they will all say is “I was relying on bad legal advice.”

    Well, I worked in the FBI for 24 years, and there were such things as attorneys who were actually hired by the mob – they were kind of corporate attorneys for the mob – and there is no such defense as following attorneys’ advice when the attorneys were a part of it. …

    Acting beacasue some stooge lawyer you’ve hired to explain to you that doing stuff that violates the Consitution’s Bill of Rights is ‘OK’ because of whatever ad hoc malarky … doesn’t cut it. Especially not for a Harvard Constitutional Law Lecturer … that’s a ticket to the Big House, not the White House.

    The problem is that not only is the executive mobbed up, not only is the legislative mobbed up … the judicial is mobbed up as well.

    ” … whenever any Form of Government becomes destructive of these ends, it is the Right of the People to alter or to abolish it, and to institute new Government, laying its foundation on such principles and organizing its powers in such form, as to them shall seem most likely to effect their Safety and Happiness.”

    There are 546 mobbed-up people in Washington who need to be replaced by ordinary Americans. The entire political class is corrupt. We’re the only ones here. We’re just going to have to do it ourselves. And then keep on doing it ourselves. That’s the way it’s spozed to be and the only way it has a chance of working.

  11. Garrett says:

    Someone WaPo talked to describes it as 2007 2006:

    An expert in this aspect of the law said Wednesday night that the order appears to be a routine renewal of a similar order first issued by the same [FISA] court in 2006. The expert, who spoke on the condition of anonymity to discuss sensitive issues, said that the order is reissued routinely every 90 days and that it is not related to any particular investigation by the FBI or any other agency.

    Report: Verizon providing all call records to U.S. under court order, Washington Post, June 2013

    Though that would be except for pesky details about probable cause, and not Hoovering everything, and stuff:

    Under the new plan, Gonzales said, the secret court that administers the Foreign Intelligence Surveillance Act, or FISA, will oversee eavesdropping on telephone calls and e-mails to and from the United States when “there is probable cause to believe” that one of the parties is a member of al-Qaeda or an associated terrorist group.

    Court Will Oversee Wiretap Program, Washington Post, January 2007

    At least, for the pesky details, so far as we were told.

  12. joanneleon says:

    I think it’s reasonable to assume that is is just one of a set of court orders that are issued on a regular basis. A separate order for each telecom company, or division of a telecom company. All of them regularly and routinely renewed.

    It seems likely that such a very broad order is the way that TPTB cover themselves. And there’s that switch in San Francisco gathering up everything in bulk. I doubt there is a court order for that. We did hear that when the Bush admin came under so much pressure, they broke the surveillance program into pieces. Maybe they get the meta data from the telecoms who format it very nicely for them and make it easy to load into data bases, etc. and some agencies can use that info. The big data base (boy is that an understatement) might be reserved for the super cool intel analysts.

    All a wild assed guess, since we’re doing wild assed guesses.

  13. beowulf says:

    “Under the new plan, Gonzales said, the secret court that administers the Foreign Intelligence Surveillance Act, or FISA, will oversee eavesdropping on telephone calls and e-mails to and from the United States when “there is probable cause to believe” that one of the parties is a member of al-Qaeda or an associated terrorist group.”

    To be fair, as long as a single call or email during the life of a court order involves a member of Al-Qaeda or its sales team affiliate downline, then this statement is true.

    I see the docket number is 13-80, I wonder if the court started with 1. :o)

  14. Snoopdido says:

    Another noteworthy part of this story is the fact that all 3 branches of government are onboard with this type of dragnet surveillance of American domestic communications.

    The Executive branch, Congress, and the Courts all willfully and criminally in opposition against the Constitutional rights of the American public they’re supposed to be working for.

    I wonder if we should now call all 3 branches of the US government unlawful enemy combatants? It sure seems like they’ve declared war on us.

  15. Snoopdido says:

    @Snoopdido: Defending the indefensible – White House defends collecting phone records (http://hosted.ap.org/dynamic/stories/U/US_NSA_VERIZON_PHONE_RECORDS?SITE=AP&SECTION=HOME&TEMPLATE=DEFAULT&CTIME=2013-06-06-06-55-32):

    “The White House on Thursday defended the National Security Agency’s need to collect telephone records of U.S. citizens, calling such information “a critical tool in protecting the nation from terrorist threats.”

    While defending the practice, a senior Obama administration official did not confirm a newspaper report that the NSA has been collecting the telephone records of millions of U.S. customers of Verizon under a top secret court order.”

  16. Snoopdido says:

    @Snoopdido: More “official US government” comments from CNN (http://www.cnn.com/2013/06/06/politics/nsa-verizon-records/?hpt=hp_t1):

    “While the report infuriated people across the country — former Vice President Al Gore called the idea “obscenely outrageous” — a senior official in the Obama administration defended the idea of such an order early Thursday.

    Without acknowledging whether the order exists, the administration official emphasized that such an order does not include collection of “the content of any communications or the name of any subscriber. It relates exclusively to metadata, such as a telephone number or the length of a call.”

    “Information of the sort described in the Guardian article has been a critical tool in protecting the nation from terrorist threats to the United States, as it allows counterterrorism personnel to discover whether known or suspected terrorists have been in contact with other persons who may be engaged in terrorist activities, particularly people located inside the United States,” the unnamed official said in a written statement to media.”

  17. Snarki, child of Loki says:

    You know, the only way stuff like this ever gets stopped is when a Democrat in office uses it against Republican targets, right?

    So we can only hope that this data is being filtered for evidence of insider-trading.

    Yeah, crazy-talk, I know.

  18. lefty665 says:

    Glad to see something’s finally got everyone’s attention. Now that a tree is visible, please step back and look at the forest.

    NSA’s had it all for years, meta data and content, cell and land line. Could that be a big piece of what’s going into Beef Hollow Road? All your other electronic transactions make up some of the rest.

    Cell’s been had since before 9/11. Starting with the FCC Act of 1934, if you don’t want someone to listen to something, don’t broadcast it to them. No one has ever had any expectation of privacy on a cell phone, or a wireless handset on a land line, or WIFI.

    Room 641A opened for business in 2003. Whatever illusions of land line privacy, voice or data, anyone had disappeared then.

    There are a lot of very bright folks at NSA. Since early in WWII they have earned their living by developing more capabilities than their targets believed possible. After 9/11 they were given a new mission and cubic money to achieve it.

    Frank Church: “The NSA’s capability at any time could be turned around on the American people, and no American would have any privacy left, such is the capability to monitor everything…”.

    Remember the “gloves come off” order? Think that might have been domestically too? After all, it was a Global War on Terror.

  19. Ben Franklin says:

    Even conservatives are arising (Other than Rand Paul and Darrell Issa aside as unserious contrarians)

    Orrin Kerr;

    “3) If the order is what it appears to be, then the order points to a problem in Section 1861 that has not been appreciated. Section 1861 says that the “things” that are collected must be relevant to a national security investigation or threat assessment, but it says nothing about the scope of the things obtained. When dealing with a physical object, we naturally treat relevance on an object-by-object basis. Sets of records are different. If Verizon has a database containing records of billions of phone calls made by millions of customers, is that database a single thing, millions of things, or billions of things? Is relevance measured by each record, each customer, or the relevance of the entire database as a whole? If the entire massive database has a single record that is relevant, does that make the entire database relevant, too? The statute doesn’t directly answer that, it seems to me. But certainly it’s surprising — and troubling — if the Section 1861 relevance standard is being interpreted at the database-by-database level.”

  20. scribe says:

    Not entirely surprising this came out now and that the government is being decidedly low-key in complaining about it. The government got a huge hole knocked in the Fourth Amendment the other day when the S.Ct. went 5-4 for taking and retaining DNA from everyone arrested, for later testing. Recall, the analysis in that case – and the main analytical support the majority relied upon – was that the police were going to use that DNA information to identify whether the arrestee was involved in another crime sometime in the past (from which DNA had been gathered*). In other words, just like the use of communications metadata to find who people using the phone have been talking to sometime in the past (for whatever crime-solving the government might want to dream up months or years after the fact), the DNA samples were to be used to identify who had left their DNA at a crime scene some time in the past.

    If you read Scalia’s dissent this week in the DNA case (one of his blind-squirrel-finding-an-acorn moments), you’ll note he inveighs against creating a genetic panopticon at some length and with characteristic vigor. Not surprising people have referred to the communications collections which have been publicized, as a panopticon.

    From the government’s perspective, all this disclosure does is (a) make clear to the public more of the contours of the police state which exists and serve as a warning to anyone who might hink about challenging it and (b) give them an excuse to start another leak investigation to charge a journalist criminally for having the temerity to consider exercising the First Amendment.

    Glenn and the Guardian should lawyer up.

    – – – –
    * Note also – many people are unaware of this – that among the many politicians-showing-how-tough-on-crime-they-are bills which have been enacted into law are provisions removing the statute of limitations on criminal prosecution for crimes where some of the evidence is DNA evidence. Of course, since collection of DNA samples at crime scenes is now pretty much routine, that pretty much guts the idea of statutes of limitations.

  21. Ben Franklin says:

    @ scribe

    “was that the police were going to use that DNA information to identify whether the arrestee was involved in another crime ”

    Or if you talked to the arrestee in the past, and could possibly be extorted into providing your own surveillance.

    “Become a confidential informant, or else”

  22. Netmaker says:

    If the order was specifically for the Boston Bombing then the order would included the Call Detail Records (the meta-data) for phone calls placed well in advance of the actual bombing.

    That it doesn’t, supports a case that the data collection is an ongoing activity or isn’t related to the bombing at all.

    Telecoms routinely keep these CDRs actively available for months (are longer) after calls are made – for their own billing, network support and customer support purposes.

    The CDRs are then archived under Federal law depending on the type telecoms entity from anything from 3yrs to 7yrs although you would to consult with someone that is familiar telecoms law if this is important to you.

    To my knowledge, the telecoms do not have the means to record broad swathes of the content of phone calls. Typically they might record individual calls or possible those associating with a customer call center. They really don’t want the liabilities that accrue from holding on to record calls.

    The NSA, on the other hand, has the means to record large volumes of phones conversations has had been well documented for years. And has the means to transcribe the calls and search for specific information.

    What the telecom provided CDRs do is to provide the NSA the ability to associate the call conversation with the meta-data of the CDRs. To provide as complete a picture of the call as possible.

    It may be that the NSA has the necessary technical means to generate the CDRs themselves but even for telecoms this a massive operation which requires constant supervision so I suspect that NSA doesn’t have this means or at the least doesn’t have a robust means of their own.

  23. lefty665 says:

    @scribe: So, long ago you talked to someone who is now of interest and called in an order from a pizza joint Occupy folks frequented from a gym the 9/11 muscle worked out at.

    Does that generate a knock on the door, a signature strike? A little dramatic perhaps, but illustrative.

    All information, however obtained, is retained and becomes part of dynamic predictive analysis. Criteria are continually updated and ever more data integrated. As with DNA, no statute of limitations, fast data storage is amazingly elastic, and search algorithms ever more sophisticated.

    Your nom de blog will not protect you. Ask the Google, then think about what someone with real national technical means knows.

  24. tjallen says:

    The routine metadata from the communications companies serves as an index to the separately recorded signals from the public airwaves. Almost every phone call enters the public airwaves somewhere, whether wireless or microwaves or sat uplink. That’s all freely recorded, no warrant needed, no privacy. But it is a big jumble that needs sorting out – the metadata does this.

    Most of this data collection has been going on since Oct. 4 2001, and some of it all the way back to WW2. Read James Bamford’s books on the NSA, it’s all explained there in detail.

  25. lefty665 says:

    @Netmaker: Nice logic.

    One thought: “so I suspect that NSA doesn’t have this means or at the least doesn’t have a robust means of their own.” The grunt work meta data collection has already been done by the telecoms. Why expend the time and resources to reinvent that wheel? Maybe NSA is taking what is freely available from the telecoms and putting its talent and resources elsewhere. Stuff like using that data to decide who they want to pay more attention to, or deciding which phones to turn into personal bugs.

    @tjallen You got it. Please add Kahn’s “The Codebreakers” to all of Bamford in the required reading list.

  26. Jim White says:

    @lefty665: Heh. That reminds me once again of the time I was fully expecting the FBI to drop by my place of business for a chat. It was during the height of the anthrax scare, I think even around the time the feds were searching Hatfil’s storage locker only about 30 miles from Gainesville. We were culturing a novel bacterium to be used in biological control of plant parasitic nematodes. We were sharing DNA sequence information with collaborators in the UK, noting a sequence similarity to the main toxin gene in Bacillus anthracis. Also at the same time, a scientist who worked at my company went back to Iran to take care of some family matters and was sending back emails along the lines of “Have the cultures sporulated?”

    I was shocked they never came knocking. I wonder if their sifting and flagging software is any better yet, because you can bet they were already grabbing every form of communication at that time.

  27. lefty665 says:

    @Jim White: Don’t give up hope, the perp hasn’t been caught. There’s still time for an interview. Perhaps this post will precipitate one now that you’ve pointed out some of the dots. Nah, they closed the case along with Ivins. Could be they knew where the orders came from, so didn’t need to talk to you, and didn’t dare chase back to the OEOB.

    Curious isn’t it? Like not getting a facial recognition hit on the Tsarnev’s drivers license photos. May be a good way to distinguish which issues NSA is interested in and where FBI is driving. Turf is turf.

    PS. Can you keep the little boogers from destroying my garden?

  28. greengiant says:

    Feinstein told reporters at a Capitol Hill news conference today that the order was a three month renewal of an ongoing practice. Reuters.com reports the Intel committee members all thought it was a good thing.

  29. P J Evans says:

    @greengiant:
    They’re sure it will never be used against them.
    Feinstein is old enough to remember J Edgar Hoover. She should know better.

  30. The Raven says:

    Keep in mind that “business traffic” also may include connections with customers. In other words, if you call a Verizon Business Services customer, your call may be hoovered up in the data collection process.

    …I wonder if Verizon’s own services are VBS customers?

Comments are closed.