Minimization in the Age of Cyberwar

I’d like to compare how the NSA talking point document released yesterday compares with a document Glenn Greenwald has or has seen, with respect to minimization under Section 702 (PRISM/FAA) collection. Remember PRISM allows the government to access Internet communications with little review of individual targeting decisions, and any American communications accessed with that foreign target communication is also viewed.

The NSA document says US person communications can only be disseminated (this includes getting shared with FBI) if it is necessary to understand the communication, and evidence of crime, or indicates a threat of death.

The dissemination of any information about U.S. persons is expressly prohibited unless it is necessary to understand foreign intelligence or assess its importance; is evidence of a crime; or indicates a threat of death or serious bodily harm.

The Guardian document (which they did not publish) says US person communications — and note, these are entirely domestic communications — can be disseminated in two slightly different cases and a third unrelated one. The unrelated one permits US person communications to be disseminated if it contains “information necessary to understand or assess a communications security vulnerability.”

One typical example is a document submitted by the NSA in July 2009. In its first paragraph, it purports to set forth “minimization procedures” that “apply to the acquisition, retention, use, and dissemination of non-publicly available information concerning unconsenting United States persons that is acquired by targeting non-United States persons reasonably believed to be located outside the United States in accordance with section 702 of the Foreign Intelligence Surveillance Act of 1978, as amended.”

That document provides that “communications of or concerning United States persons that may be related to the authorized purpose of the acquisition may be forwarded to analytic personnel responsible for producing intelligence information from the collected data.” It also states that “such communications or information” – those from US citizens – “may be retained and disseminated” if it meets the guidelines set forth in the NSA’s procedures.

Those guidelines specifically address what the NSA does with what it calls “domestic communications”, defined as “communications in which the sender and all intended recipients are reasonably believed to be located in the United States at the time of acquisition”. The NSA expressly claims the right to store and even disseminate such domestic communication if: (1) “it is reasonably believed to contain significant foreign intelligence information”; (2) “the communication does not contain foreign intelligence information but is reasonably believed to contain evidence of a crime that has been, is being, or is about to be committed”; or (3) “the communication is reasonably believed to contain technical data base information, as defined in Section 2(i), or information necessary to understand or assess a communications security vulnerability.” [my emphasis]

Now, this is not an apple to apple comparison. Indeed, this could very well be an apples to small rubber child’s ball comparison.

The NSA document purports to describe minimization as it occurs today. The Guardian one dates to July 2009, so may be out of date, for starters.

And by design, the NSA timeline focuses on terrorism examples because TERROR TERROR TERROR is very convincing to people who don’t want to think. Based on the mention of a “communications security vulnerability,” the Guardian one seems to be a 702 order describing minimization for a cybersecurity order.

If that’s true, though, it suggests two things. First, that hacking has been equated to terrorism as a crime adequate to disseminate US person communications with no warrant.

And this is where the difference in the standard on foreign intelligence gets interesting: the NSA document claims that only communications necessary to understand foreign intelligence merits dissemination. The Guardian document only need be “reasonably believed to contain significant foreign intelligence information” (though admittedly, that may be the language used in the first instance).

But again, this minimization order is 4 years old. The other day the WaPo suggested that the NSA has changed how they collect Internet metadata (which may be what that other clause “technical data base information, as defined in Section 2(i)” in the minimization order refers to. It may be they’re conducting their cybersecurity dragnet via other means, perhaps even as a way to maintain this lower standard of minimization.

The government is clearly planning to engage in far more intrusive collection in the name of cyberwar than described in discussions about Section 702 (and at the end of the hearing yesterday, Mike Rogers alluded to keeping the programs in place, with their permissive standards, for other reasons, which I took to mean cybersecurity). And that is bound to treat far more Americans as targets of foreign-type collection.

image_print
29 replies
  1. Clark Hilldale says:

    EW, in light of your doubtlessly correct insight that cybersecurity is a big part of the rationale behind these efforts, I see you bolded the “communications security vulnerability” part of the guidelines from the NSA document described today by Greenwald.

    But another part of the NSA guidelines you quoted says that NSA claims the right to store and disseminate the content of Americans’ calls, emails, etc. even when “the communication does not contain foreign intelligence information but is reasonably believed to contain evidence of a crime that has been, is being, or is about to be committed”

    Not terrorism or foreign intel contact, but “a crime.”

    Can kinda drive a truck thru that loophole.

    Also, I see in Greenwald’s piece that he has other FISC docs he hasn’t published yet. Maybe the topic of this piece is a hint of further goodies. Remember back in early May (fully knowing the Snowden revelations), he published that story about ex-FBI agent Tim Clemente going on CNN and saying the government has the ability to go back and access the content of Americans’ phone calls.

  2. orionATL says:

    why has we built this cock-a-mame, gyro gearloose, rube goldburg nsa electronic spying machine?

    that spying machine is there because it is an artifact, a necessity of our ways of law enforcement. it is a crime-stoppers tool.

    suppose, instead of our current situation, every communication in the u.s. -cell-phone, e-mail, landline, voip, etc – had unbreakable, end-to-end encryption, by engineering design or by law.

    then, i’ll also assume, individual citizens’ privacy would be preserved and would have been given highest priority.

    the nsa would have to shrink back to its place in the pentagon panoply of warfare machinery.

    why don’t we do this?

    because we, or, really, our law enforcement and political leaders, believe that controlling “crime” ( including political activity as well as drugs, bank fraud, cybercrime, terrorism,…) thru tracking, plotting, and listening to communications, is of far higher value.

    those leaders value crime-stopping far more than they value our privacy.

    electronic spying is not the only way to identify and capture criminals, but it is easy to talk about publicly and easier to construct spy machinery than to use other techniques for identifying and capturing criminals.

    so i say again, the entire nsa spying edifice is an artifact of our focus on criminal behavior and specifically, on using electronic spying to identify and capture criminals.

    in contrast we do not value a citizen’s privacy very much at all. breaching and compromising that right, fourth amendment to the constitution notwithstanding, is viewed by political, judicial, and law enforcement officials as a NECESSITY.

    the astonishing, omnipotently intrusive, unconstitutional invasion of privacy by the nsa is just one more crime-stoppers tool in a society obsessed with crime and jail (and war). or to put it differently, in a society where law enforcement values have risen to be the supreme values guiding our political decision making.

  3. orionATL says:

    while i’m talking about the nsa spying machine as a crime-stoppers dream of easy street,

    i’d like our prez, general clapper, general alexander, and fbi head mueller to publicly assure me, under oath, that no nsa intercept of the metadata or the content of any person associated with the “occupy” movement was ever accessed and read (analyzed) by anyone at nsa, fbi, doj, dhs, cia,

    and that no report on any part or person associated with that movement was ever prepared or distributed, including especially to local police departments.

  4. rg says:

    One of the things I like about reading this blog is the occasional linguistic pirouette. Today I found distractingly interesting the comparison between an apple and the ball of a small rubber child.

  5. M. Black says:

    I’m with Clark Hilldale — any and every “if,” “and” or “but” with regard to the government’s pervasive spying seems to evaporate in light of that one enormously all-encompassing term “crime.” Surely, that includes even so benign an act as an “illegal” Occupy Wall Street demonstration or encampment.

  6. thatvisionthing says:

    @rg: Oh dude! I’m such an airhead, that was the one part of this that I understood, and I’ve been fixated ever since. Remembering my little (6’5″) brother as a bouncing boy. Cause I bounced him. Those were the days.

  7. William Ockham says:

    About that communications security vulnerability. The NSA is tasked with protecting USG networks and attacking foreign networks. One could read that exception to apply to anything they get by hacking your computer. I don’t think that’s what they meant, but with those guys it’s hard to tell.

  8. ess emm says:

    But again, this minimization order is 4 years old. The NSA document purports to describe minimization as it occurs today. The Guardian one dates to July 2009, so may be out of date, for starters. –
    -snip-
    The other day the WaPo suggested that the NSA has changed how they collect Internet metadata ….

    If, as the USG claims, Snowden accessed the Verizon order while he was doing NSA training then wouldnt he have downloaded the most recent minimization order, too?

    One possiblity for why the 2009 minimation order wouldnt be still in effect would be if there is a second leaker and the Verizon order came from her.

  9. 1970cs says:

    From Yahoo:

    Given the possible intrusiveness of the NSA programs in question, that is not much in the way of a track record of success, claimed national security blogger Marcy Wheeler in response to these revelations.
    “Headline for this hearing HAS to be: Dragnet provides little upside, that can be provided in other, for massive risk,” she tweeted.
    Ms. Wheeler and other critics focused on the alleged New York Stock Exchange (NYSE) plot as evidence that the NSA is scraping the bottom of its barrel of data for a positive example.”

    http://news.yahoo.com/nsa-exaggerating-surveillance-successes-212733162.html

  10. liberalrob says:

    @M. Black:

    Surely, that includes even so benign an act as an “illegal” Occupy Wall Street demonstration or encampment.

    Absolutely. After all, why wouldn’t it? The government is supposed to enforce all the laws, not just those against terrorism. This massive database could be an invaluable tool in ferreting out all kinds of hidden lawbreaking. Cell phone records could possibly be used to detect and punish jaywalking infractions. Just think of all the laws we “bend” in our daily lives…

    Remember in “Demolition Man” when Sylvester Stallone kept getting fined for cussing? A cop didn’t even need to show up, a nearby device just spit out a ticket.

  11. cymack says:

    @liberalrob: It appears that my old dream, of a shelf tax on the foregone excise revenue from purchases made before price increases, is at hand.

  12. Frank33 says:

    Why does NSA-Dragnet exist? It exists to follow everyone, especially reporters, especially unembedded reporters. Any protest is monitored with face recogntion software, and cell phones are also recorded. The NSA has or will soon have, a file on everyone in the world. The Secret Government has assassinated Pat Tillman and David Kelley. They murdered two Reuters journalists of the “Collateral Murder ” video. Hundreds of other journalists have been targeted and killed, not the shills of course.

    And now Michael Hastings was killed as his car exploded. There are some disturbing reports. There needs to be an investigation of this, not controlled by the fascists of the NSA.

    In a starting series of tweets sent by the WikiLeaks Twitter account, the organization says recently deceased Buzzfeed reporter Michael Hastings contacted one of their lawyers and said the FBI was investigating him…

    It was also reported that Hastings was working on a story regarding the CIA, according to LA Weekly…

    WikiLeaks says that, only a few hours before Hastings’ car accident, he contacted WikiLeaks lawyer Jennifer Robinson — a well known lawyer from London — and told her that the FBI was investigating him.

  13. orionATL says:

    @1970cs:

    i have no idea what general spook was up to, but i reiterate this comment from a previous ew post:

    “orionATL on June 18, 2013 at 2:08 pm said:

    we learned today that one of the terrorist plots nsa spying was said to have “prevented” involved bombing the federal reserve bank/ny stock exchange

    with a bomb whose materials were obligingly supplied by our fbi.”

    – See more at: http://www.emptywheel.net/2013/06/18/why-would-you-segregate-the-fisa-orders-but-not-the-directives/#comments

    i don’t know if the general was just misinformed by others or if he was engaging in “military deception (mildec)”, but i think the plot “to blow up the ny stock exchange” was not the one he cited, but this one involving a bangladeshi student and a very helpful fbi agent:

    http://www.nj.com/news/index.ssf/2012/10/man_arrested_in_fbi_terror_sti.html

    given the fbi’s extraordinary involvement, it’s small wonder general spook might be tempted to mess with the media’s mind.

  14. orionATL says:

    @orionATL

    apparently it wasn’t general spook who made a claim about some “plot to blow up the nyse”, but sean joyce, deputy director of the fbi:

    http://money.cnn.com/2013/06/18/news/economy/stock-exchange-plot/

    that would be the same fbi that aided the bangladeshi student cited in #14 in his efforts to blow up the nyse, later changed, on fbi advice, to an effort to blow up the ny fexeral reserve building.

    i wonder why the fbi’s deputy director did not mention that nyse plot?

  15. Frank33 says:

    Here is another terror plot thwarted by the FBI. A KKK right wing terrorist wanted to create an X-ray device to assassinate the President. The FBI quickly found out about this plot. The terrorist Crawford needed help. And the FBI are helpers. So the FBI helped him build his terror device!

    Crawford allegedly asked a high-ranking official in the KKK for money to fund his plot. The KKK official informed the FBI, and within weeks two undercover agents posing as KKK members were introduced to Crawford.

    Over the next several months, Crawford conducted extensive research for the design, at times expressing frustration over the slow pace of the team’s progress, the FBI affidavit indicated. Ultimately, with help from the undercover agents, Crawford and Feight acquired the necessary parts and even tested the device that would remotely detonate the weapon, according to the FBI. It would all be powered through a truck’s cigarette lighter, the FBI said.

  16. orionATL says:

    @TomVet:

    thanks for this very revealing info about doj’s disgraceful role in this case.

    the judge too comes off as a fool who can’t see thru doj obfuscation.

    these doj/fbi “professionals” are simply brutal, career-enhancing authoritarian hounds whose keepers – holder and joyce and obama – exrecise no control over them whatsoever.

    the defense attorneys the doj has fucked over for years can nownput a real hurt on the doj by continuing to publicize their experiences with blatant doj unfairness.

  17. Nigel says:

    “The dissemination of any information about U.S. persons is expressly prohibited unless it is…evidence of a crime”

    http://www.youtube.com/watch?v=6wXkI4t7nuc
    “…Estimates of the current size of the body of federal criminal law vary. It has been reported that the Congressional Research Service cannot even count the current number of federal crimes. These laws are scattered in over 50 titles of the United States Code, encompassing roughly 27,000 pages. Worse yet, the statutory code sections often incorporate, by reference, the provisions and sanctions of administrative regulations promulgated by various regulatory agencies under congressional authorization. Estimates of how many such regulations exist are even less well settled, but the ABA thinks there are ”nearly 10,000.” …”

  18. Frank33 says:

    @P J Evans:

    Here is video. The car’s engine was was thrown 60 yards. Strange.

    And we should add that Geraldo Rivera, former journalist, had something to say.

    Geraldo Rivera ✔ @GeraldoRivera

    Reporter Michael Hastings KI tragic car wreck Condolences to familyBut hard to forget he destroyed career of 1 of our best fighting generals
    4:31 PM – 19 Jun 2013

  19. emptywheel says:

    @William Ockham: Right, and then you look at the language of Section 217 of PATRIOT and they could get quite a lot:

    “(i) It shall not be unlawful under this chapter for a person acting under color of law to intercept the wire or electronic communications of a computer trespasser transmitted to, through, or from the protected computer, if —

    “(I) the owner or operator of the protected computer authorizes the interception of the computer trespasser’s communications on the protected computer;

    “(II) the person acting under color of law is lawfully engaged in an investigation;

    “(III) the person acting under color of law has reasonable grounds to believe that the contents of the computer trespasser’s communications will be relevant to the investigation; and

    (IV) such interception does not acquire communications other than those transmitted to or from the computer trespasser.” .

  20. P J Evans says:

    @Frank33:
    I heard about Geraldo’s tweet. (It was not well-received.)

    Cars can be split in two in hitting trees. Having the car engine thrown – or slide – a distance is possible. Invoking foul play (or some kind of CT) is over the line, before the accident investigation is done.

  21. liberalrob says:

    @P J Evans:

    Invoking foul play (or some kind of CT) is over the line, before the accident investigation is done.

    Over the line? Try “common practice.” Also, the worst part is that it’s entirely plausible. I wouldn’t put virtually anything past these clowns anymore.

  22. Frank33 says:

    The embedded press agents, have the same talking point. What a coinky dink. Michael Hastings took down the number one best fighting general who almost won the war.

  23. P J Evans says:

    @liberalrob:

    He was working on a story about Jill Kelly and her suit against DoD. I wouldn’t think that would be cause for assassination.
    Also, the coroner’s reports won’t be out for another couple of weeks.

  24. Frank33 says:

    @P J Evans:
    Centcom, and those party animal Generals Petraeus and Mattis, were great pals with Jill. They tried to be entrepreneur partners, with a business deal, coal gasification in Pakistan financed by S. Korea.

    And P4 had Operation Earnest Voice. Multiple personalities would invade the Internet and pretend to be real people. And then they would win the wars. Damn Hastings, and his defeatist hippie fans messed everything up.

Comments are closed.