January 10, 2014 / by emptywheel

 

Is PCLOB Holding Out for EO 12,333 Information?

As you know, I’ve been tracking the way President Obama seems to want to game the various legislative and review group recommendations with his own.

Which is why I’m interested in this anonymous complaint, from someone in the White House, that PCLOB has not yet released its report.

Before making his final decisions, the president was supposed to receive a separate report from a semi-independent commission known as the Privacy and Civil Liberties Oversight Board, which was created by Congress. However, that panel’s report has been delayed without explanation until at least late January, meaning it won’t reach the president until after he makes his decisions public.

Members of that oversight board met with the president on Wednesday and have briefed other administration officials on some of their preliminary findings. In a statement, the five-member panel said its meeting with the Mr. Obama focused on the NSA phone collection program and the Foreign Intelligence Surveillance Court, which oversees the data sweeps.

It’s unclear why the president will announce his recommendations before receiving the report from the privacy and civil liberties board. One official familiar with the review process said some White House officials were puzzled by the board’s delay. The report would still be available to Congress, where legislators are grappling with several bills aimed at dismantling or preserving the NSA’s authority. [my emphasis]

The complaint is interesting not just because it betrays some consternation that the White House won’t be able to control the timing on all of this.

Last we heard from PCLOB on November 4, they said publicly that that report would focus on just Section 215 and 702 programs, the two programs the Administration has been trying to provide a limited hangout on since June (though in their Semi-Annual Report from November 3, they also said they were focusing on 12333 guidelines).

But different board members were also focusing on EO 12333 activities. PCLOB Chair David Medine asked about the theft of Google and Yahoo data off their fiber in Europe; Patricia Wald asked whether EO 12333 guidelines legally governed the dissemination of Section 215 data even if the FISC imposed more stringent guidelines; Medine asked whether searches of the corporate store (phone dragnet query results) are governed by EO 12333; and James Dempsey asked what governs the back door searches of data collected under EO 12333.

PCLOB board members clearly get that they can’t understand the NSA’s activities without understanding what goes on under EO 12333. Yet on one occasion (in response to the Google and Yahoo question), NSA’s General Counsel Raj De tried to defer any answer because it was not a Section 215 or 702 question.

MR. DE: Even by the terms of the article itself there is no connection to the 702 or 215 programs that we are here to discuss. I would suggest though that any implication which seemed to be made in some of the press coverage of this issue that NSA uses Executive Order 12333 to undermine, or circumvent or get around the Foreign Intelligence Surveillance Act is simply inaccurate.

Later, Dempsey asked ODNI’s General Counsel Robert Litt when PCLOB was going to get the guidelines NSA used for “other types of collection,” meaning that collected under EO 12333.

MR. DEMPSEY: We have asked about, in fact months ago, several months ago we asked about guidelines for other types of collection, and where do we stand on getting feedback on that? Because you said 18, for example, is the minimization provisions for collection outside the United States, and that’s pretty old. Where do we stand on looking at how that data is treated?

MR. LITT: I think we’re setting up a briefing for you on that. I believe we’re setting up a briefing for you on that. We did lose a few weeks.

MR. DEMPSEY: No, I understand. I was wondering if you could go beyond saying we’re setting up a briefing.

MR. LITT: Well, I mean we’re in the process of reviewing and updating guidelines for all agencies under 12333. It’s an arduous process. You know, it’s something that we’ve been working on for some time and we’re continuing to work on it.

They’re referring to a letter PCLOB sent back in August about outdated guidelines limiting the dissemination of US person data, a James Clapper response a month later promising and a follow-up 10 days later, on October 3,  reminding PCLOB had asked for a briefing and updates on agencies’ EO 12333 procedures.

And a month later, PCLOB still had not gotten either the briefing or the written description of where agencies were.

During that entire time, it was becoming more and more clear that the NSA might be moving programs overseas (and therefore under EO 12333) that had been governed by FISA. If that is happening, it’s a matter of significant concern.

Reports on Obama’s review say he wants to roll out reforms that might cover any disclosures to come.

Obama is expected to deliver a national address announcing a set of intelligence-gathering changes. His aim is to set in place guidelines that will convince critics he is serious about reform and that will withstand future disclosures.

[snip]

“The bulk of the work on this is the policy review, not reacting to what the next story is,” said another senior administration official, who requested anonymity to discuss the internal deliberations. “We don’t know what the next thing will be, and we do have to deal with what comes next. But getting the policy right is what’s important so that as new things come, we’ve addressed the core of it.

I’m of the opinion that the disclosures to come will continue to focus attention on what the NSA does under EO 12333.

So is that what’s holding up PCLOB?

Copyright © 2018 emptywheel. All rights reserved.
Originally Posted @ https://www.emptywheel.net/2014/01/10/is-pclob-holding-out-for-eo-12333-information/