Raj De and the Back-Door Loophole

As I already noted, NSA General Counsel lied in today’s PCLOB hearing when he said the use of Section 215 to conduct a phone dragnet had the indicia of legitimacy because Congress twice reauthorized the PATRIOT after the executive had given it full information.

We know that the 2010 freshman class — with the exception of the 7 members who served on the Judiciary or Intelligence Committees — did not have opportunity to learn the most important details about the phone dragnet before reauthorizing PATRIOT in 2011. And it appears DOJ withheld from the Judiciary and Intelligence the original phone dragnet opinion — and they clearly withheld significant FISC materials on it — until August 2010, after PATRIOT had been reauthorized the first time. I trust Ben Wittes, who wants to prevent Jim Sensenbrenner from commenting on NSA’s secrecy because he’s dishonest about his own role, applies a similar standard to Raj De.

But I was even more interested in the way De answered Center for Democracy and Technology’s Jim Dempsey’s question about the back-door loophole in which NSA searches on incidentally collected US person data (starting at 2:09:00).  Dempsey asked whether NSA needed something like the Reasonably Articulable Suspicion before it searched incidental US person data. De treated the question as nonsensical, given that when you collect on a particular phone number in the criminal context you don’t need to ignore what you find.

In other words, the NSA has a lower standard for access this content than they do for accessing the metadata of our phone calls.

Curiously, though, De tried to tout the minimization of both 702 and EO 12333 collection to present this as reasonable.

By minimization, Dempsey asked, you mean you keep it.

De insisted that no, there’s minimization at each step of the process.

I get how he was trying to use this blatant dodge. I get that the NSA assumes they can take everything so long as they’re careful about how they sent it around.

But make no mistake. NSA searches on the data before it gets minimized.

Here’s how this year’s Semiannual Compliance Review, submitted by the Attorney General and Director of National Intelligence, describes this practice.

NSA’s querying of unminimized Section 702-acquired communications using United States person identifiers (page 7)

Here’s how John Bates referred to the practice, based on a submission the NSA had made itself (though before De was writing the documents), in his October 3, 2011 opinion.

The government has broadened Section 3(b)(5) to allow NSA to query the vast majority of its Section 702 collection using United States-Person identifiers, subject to approval pursuant to internal NSA procedures and oversight by the Department of Justice. Like all other NSA queries of the Section 702 collection, queries using United States-person identifiers would be limited to those reasonably likely to yield foreign intelligence information. (page 22-23)

Bates justifies this practice by pointing to another agency’s (almost certainly FBI) use of the practice, which he describes as,

an analogous provision allowing queries of unminimized FISA-acquired information using identifiers — including United States-person identifiers — when such queries are designed to yield foreign intelligence information.

The NSA has restrictions about circumstances in which they can share this data (which arguably will be expanded under Dianne Feinstein’s FakeFISAFix). But they allow the NSA to share this data if it is “foreign intelligence,” evidence of a crime, and evidence of a threat to life-which-to-NSA-means-property.

They can sweep up entire countries worth of Internet traffic. They can sweep up entire mailboxes overseas. And then go in, without a warrant, and “discover” evidence of crime.

Tweet about this on Twitter0Share on Reddit0Share on Facebook0Google+0Email to someone

8 Responses to Raj De and the Back-Door Loophole

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
Emptywheel Twitterverse
emptywheel @KailiJoy They could extort donations on a vote by vote basis?
24mreplyretweetfavorite
emptywheel @raynetoday They've got video of assassin's car. @jason_corcoran
38mreplyretweetfavorite
emptywheel @DanMyer82366100 Which remarkably didn't outlast Hash Bash? @MichiganHist
43mreplyretweetfavorite
emptywheel @onekade 3) Strong reporting there's a financial dragnet. And lots more confirmation of poss uses. @csoghoian
51mreplyretweetfavorite
emptywheel @onekade Sure. But we have 1) official FBI confirmation of explosives precursor 2) DOJ IG confirmation Internet = most orders @csoghoian
52mreplyretweetfavorite
emptywheel @DanMyer82366100 Huh. It was 18 in NY and VT until just before I got there. And I'm younger than you. @MichiganHist
52mreplyretweetfavorite
emptywheel @onekade Sure. But a BIG mistake activists made last time was in only focusing on phone dragnet. This is not that. @csoghoian
54mreplyretweetfavorite
emptywheel @onekade I think getting at hackers via traffic rather than content. But don't think metadata like that, either.
55mreplyretweetfavorite
emptywheel @onekade But as I noted, the reporting on this was unreliable.
56mreplyretweetfavorite
emptywheel @onekade Ask @csoghoian. I think rather than getting content they're tracking who's coming in where.
57mreplyretweetfavorite
emptywheel @DanMyer82366100 Drinking age was lower back then, I imagine. I RTed that just to hear from someone who knew it at that time @MichiganHist
1hreplyretweetfavorite
emptywheel @onekade The smart people think they're using it to get data flow.
1hreplyretweetfavorite
November 2013
S M T W T F S
« Oct   Dec »
 12
3456789
10111213141516
17181920212223
24252627282930