Judge Sharon Johnson Coleman held a hearing Friday in the Adel Daoud case on whether the government needs to reveal how it collected certain communications from Daoud. That would be notable in any case, given that Daoud is one of the defendants Dianne Feinstein invoked during debate of the FISA Amendments Act reauthorization who has not, however, been noticed that FAA was used to bust him.
But it gets more interesting given something the prosecutor in the case, William Ridgway, said in Friday’s hearing.
Another Daoud attorney, Josh Herman, said some documents turned over by prosecutors, including emails dated 2011, seemed to support defense attorneys’ claim that warrantless surveillance was used on Daoud.
“This is not tin-foil hat paranoia,” Herman said.
But prosecutor William Ridgway said that the 2011 emails may have been found on Daoud’s computer that authorities seized with a warrant in 2012.
If the government did target Daoud only after sifting through communications data without a warrant, the defense wants to challenge all subsequent evidence on the grounds it was gathered through a violation of Daoud’s constitutional rights against unreasonable searches.
The criminal complaint describes an email account Daoud used to “obtain and distribute material … relating to violent jihad” going back to October 2011. That was 7 months before the FBI’s online undercover officers first contacted Daoud — purportedly in response to things he had posted publicly — to set up their sting.
So did the FBI’s investigation of Daoud really start in May 2012, as the complaint sort of implies. In which case, why mention the earlier emails? Or did they identify Daoud via emails collected back in 2011? What legal authority did they use to access those emails? And if they did, what explains the 7 month delay in their sting?
In discussions of where those emails came from at the hearing, Ridgway was non-committal, suggesting they “may” have come from a search on his computer seized with a warrant, but not claiming they did. (The government noticed both FISA wiretap and physical search information, the latter of which often means searches of stored communications, which is presumably another way they could have obtained the emails, if Daoud didn’t delete them, but he appears to have been fairly attentive to hiding his digital tracks by 2012.)
The timing of that claimed start date — October 2011 — is particularly intriguing. Not only is that around the time Daoud turned 18. But it also dates to John Bates’ October 3, 2011 approval (for the first time) of NSA (and CIA)’s use of back door searches on previously collected data and minimization procedures that addressed his concerns about the illegal upstream collection.
I have, in the past, suggested they may have identified Daoud (or perhaps found these emails) via a back door search. While there’s no direct evidence of what collection may have included Daoud, it’s possible they collect URL searches or hits on certain websites from which he collected extremist material.
But it’s also conceivable they identified Daoud via an upstream content search (that is, email collected at a telecom switch via a search on some of the content he had in his emails). For example, perhaps NSA first picked up Daoud’s contacts based on him sending Anwar al-Awlaki materials on October 9 and 18, 2011. It’s conceivable NSA tracks online jihad membership notices, like the one Daoud received on February 6, 2012. It’s likely they track links to sites making Inspire available, such as the URL Daoud sent himself on May 9, 2012 (the initial contacts with online undercover FBI officers were on May 14 and May 17, 2012). If so, any of those emails that transited certain collection points might be sucked up as part of NSA’s use of Section 702 to search on content.
Remember though: NSA has claimed they won’t use these authorities in tandem. They told John Bates they would not conduct back door searches on upstream collection. If they got any of this via upstream collection, they presumably should not be able to go back and search for Daoud (though who knows how NSA finesses this issue via tech claims).
This is why Ridgway’s comment is so striking. Ridgway seemed to suggest there were two possible ways (three, with collection of stored emails) the government could have obtained Daoud’s earlier emails.
Does he know for a fact there are two different ways to get these emails, because the government used both? Does he know there are two ways to get them because the government is using parallel construction to hide one of their more exotic uses of FISA collection from Judge Coleman?
Either of these practices — accessing Daoud’s communications at a time when he had done nothing beyond engage in potentially hateful speech via back door search, or obtaining his emails via upstream collection — would present a use of FISA that, while approved by FISA Judge John Bates (assuming it started after October 3, 2011), has not been known to be scrutinized by an Article III judge presiding in a criminal case. So there’d be a big incentive for the government to use parallel construction to hide the underlying collection.
Of course, it’s most likely — given Judges’ unwillingness to be the first to challenge the government’s ability to keep all FISA materials secret — that we’ll never know, that Daoud will be denied any more information about how the government first identified him as a terrorism lead.