The government appears to hope three time’s a charm. The last two times they subpoenaed James Risen in the case of Jeffrey Sterling, Judge Leonie Brinkema quashed the subpoena. But they’re trying again, this time to get him to testify at Sterling’s trial.

It appears likely they planned to do this all along and crafted the charges against Sterling accordingly. For example, they claim they need Risen to testify, in part, to authenticate his book and the locale where alleged leaks took place.

Risen can directly identify Sterling as the individual who illegally transmitted to him national defense information concerning Classified Program No. 1 and Human Asset No. 1. Because he is an eyewitness, his testimony will simplify the trial and clarify matters for the jury. Additionally, as set forth below, Risen can establish venue for certain of the charged counts; can authenticate his book and lay the necessary foundation to admit the defendant’s statements in the book; and can identify the defendant as someone with whom he had a preexisting source relationship that pre-dated the charged disclosures. His testimony therefore will allow for an efficient presentation of the Government’s case.

Locale issues stem from mail fraud charges that appeared ticky tack charges up to this point. But the government is now arguing that that information–as distinct from whether Sterling served as a source for the information at issue–is critical to these ticky tack charges. Which, it seems they hope, would get them beyond any balancing test on whether Risen’s testimony is crucial for the evidence at question. They also point to mentions in the indictment of an on-the-record article Risen did with Sterling, suggesting that at the very least they ought to be able to ask Risen about this at trial since he would not be protecting an anonymous source.

In other words, they crafted the indictment to be able to argue to Brinkema that on some matters, Risen’s testimony is crucial, and on others, it qualifies for no privilege.

Of course, they also have to argue that this subpoena is not harassment. If I were Risen’s lawyer, I’d argue crafting the indictment in such a way as to carve out areas to get Risen into court is itself harassment.

But that’s not all. The government tries to argue for the necessity of Risen’s testimony in one other way, one that is of particular interest. They say that Risen told his publisher that he relied on more than one CIA source for his work on MERLIN.

In addition, Risen’s own representations to his publisher demonstrate the importance of his testimony regarding the defendant’s identity. In his book proposal, Mr. Risen represented that, in writing his book, he spoke with more than one CIA officer involved in Classified Program No. 1. Consistent with these representations, moreover, the chapter of Mr. Risen’s book that includes information about Classified Program No. 1 appears to reflect the private conversations and inner thoughts of more than one individual.11 See, e.g., Exhibit A at p. 203. Risen’s testimony is therefore relevant to identifying Sterling as a source and to identifying the specific items of national defense information in his book for which Sterling was his source. Put simply, Risen’s testimony will directly establish that Sterling disclosed to him the national defense information about which he sought to write in a 2003 newspaper article, and which he ultimately included in his 2006 book. The jury should be permitted to hear that evidence in assessing whether the Government has met its burden of proving the defendant’s guilt beyond a reasonable doubt.

While this might support the necessity of Risen’s testimony on one hand (to identify what he got from Sterling and what he got from other sources), wouldn’t it also admit a selective prosecution defense? That is, if the government itself is arguing that Risen spoke to more than one CIA officer about MERLIN, then why are they only charging Sterling?

The answer may be because of the dispute about the accuracy of Sterling’s testimony. Remember, the government claims that Sterling lied to Risen about some aspect of MERLIN, presumably about whether or not the blueprints we gave to Iran had an obvious flaw that the Russian defector immediately identified. And they’re trying to use that claim–that Sterling lied–to argue that Risen doesn’t have an obligation anymore to protect his source.

Finally, whatever interest Risen has in keeping confidential his source for the national defense information at issue here, it is severely diminished by the fact that the defendant characterized some of that information in a false and misleading manner as a means of inducing Risen to write about it. See Ind. ¶ 18, 19(d). In short, the Indictment charges that the defendant perpetrated a fraud upon Risen. If “[s]preading false information in and of itself carries no First Amendment credentials” in the civil context, see Lando, 441 U.S. at 171, then it should carry no greater weight in a criminal prosecution.

They say that even while conceding that some of the information Sterling allegedly leaked to Risen is true.

The Indictment alleges that some of the information that appears in Risen’s book is national defense information – and thus is implicitly true – but also notes that some of the information contained therein is characterized in a false and misleading manner. See Ind. ¶¶ 18,19(d). The Government is not here either confirming or denying the accuracy of any particular fact reported in the book.

There’s a lot we can conclude from this filing–not least that the government seems to be abandoning the intent of the Attorney General guidelines on subpoenaing journalists (the guidelines are not mentioned once in the filing). But most of all, it seems we can conclude that the government doesn’t care so much that Sterling allegedly leaked this information–because they’re not charging the other CIA officers they appear to know leaked to Risen–but that Sterling was critical of the operation while he leaked the information.

I’ve been reading the National Academy of Sciences Anthrax Report and noted something odd in follow-up to the McClatchy report of the other day describing unexplained tin and silicon in one of the anthrax samples. (Here’s Jim White’s post on the report.) As McClatchy reported, there’s some weird data about silicon and tin in some of the samples.

The lab data, contained in more than 9,000 pages of files that emerged a year after the Justice Department closed its inquiry and condemned the late Army microbiologist Bruce Ivins as the perpetrator, shows unusual levels of silicon and tin in anthrax powder from two of the five letters.

[snip]

To arrive at that position, however, the FBI had to discount its own bulk testing results showing that silicon composed an extraordinary 10.8 percent of a sample from a mailing to the New York Post and as much as 1.8 percent of the anthrax from a letter sent to Democratic Sen. Patrick Leahy of Vermont, far more than the occasional trace contamination. Tin — not usually seen in anthrax powder at all — was measured at 0.65 percent and 0.2 percent, respectively, in those letters.

But it turns out that the weirdest data–showing the 10.8 silicon in the NY Post sample–didn’t come from FBI. As NAS explained, that data came from the Armed Forces Institute of Pathology.

Early in the investigation, AFIP performed [scanning electron microscopy-energy-dispersive X-ray] SEM-EDX analysis of a New York Post letter sample and found regions in the sample having high silicon content but no oxygen, suggesting the presence of silicon-rich material that was not related to nanoparticulate silica. While this observation could have led to an explanation for the difference between the bulk and individual spore measurements, follow-up experiments apparently were not performed.

A release from AFIP describing their analysis of the Daschle letter (not the NY Post letter) is one of the most cited sources of the claim that the anthrax was weaponized in a uniquely Iraqi fashion.

“Ft Detrick sought our assistance to determine the specific components of the anthrax found in the Daschle letter,” said Florabel G. Mullick, MD, ScD, SES, AFIP Principal Deputy Director and department chair. AFIP experts utilized an energy dispersive X-ray spectrometer (an instrument used to detect the presence of otherwise-unseen chemicals through characteristic wavelengths of X-ray light) to confirm the previously unidentifiable substance as silica. “This was a key component,” Mullick said. “Silica prevents the anthrax from aggregating, making it easier to aerosolize. Significantly, we noted the absence of aluminum with the silica. This combination had previously been found in anthrax produced by Iraq.”

This was the analysis that a USAMRID scientist used to declare that the anthrax was weaponized–which said scientist retracted after later Sandia analysis was done (from the NAS report).

An initial finding by the Armed Forces Institute of Pathology (AFIP) found, upon gross examination, that the spores exhibited a silicon signal and sometimes exhibited an oxygen signal. Subsequent studies conducted by Sandia National Laboratories (as described in Chapter 4 of this report) determined that the silicon was localized to the spore coat within the exosporium—that is, it was incorporated into the cell as a natural part of the cell formation process. The USAMRIID scientist who first reviewed the AFIP results and made statements regarding the presence of silicon and possible weaponization retracted those earlier statements.

So some of this was known before–that AFIP served a key role in early rumors that the anthrax was weaponized in a way that pointed to Iraq. But the NAS report seems to confirm that the Iraq rumors originated at least in part from AFIP.

That’s all very interesting for several reasons. First, because FBI claims to have gotten data on AFIP’s SEM-EDX tests just last year.

The committee notes that this information was not made available to it or to the FBI until spring 2010.

That would mean FBI didn’t get (or ask for?) the information until after it had closed the investigation (they closed the investigation in February 2010)!

It would also suggest–rather incredibly–that FBI didn’t hunt down this information when they were stonewalling Jerry Nadler about it (as McClatchy reminds).

New York Democratic Rep. Jerrold Nadler asked FBI Director Robert Mueller how much silicon was in the Post and Leahy letters at a hearing before the House Judiciary Committee in September 2008. The Justice Department responded seven months later that silicon made up 1.4 percent of the Leahy powder (without disclosing the 1.8 percent reading) and that “a reliable quantitative measurement was not possible” for the Post letter.

More interesting still, NAS can’t explain what relationship existed between FBI and AFIP.

The committee also reviewed reports of work carried out in parallel at the AFIP although it is not clear how closely AFIP and the FBI investigative and scientific teams worked together or coordinated their efforts.

I’m also confused about when AFIP did these tests. In its list of official tests, NAS describes the AFIP SEM-EDX tests as having taken place in November 2001.

But somewhere along the way, perhaps along with information about the investigation of a claimed al Qaeda anthrax site explored in 2004, NAS got additional materials from AFIP dating to October 2001.

AFIP Materials related to USAMRIID Specimens October 2001 (41 pages)

And still more interesting is the reference to documents provided to NAS in December 2010–at the time when FBI was trying to stall the release of this document–showing AFIP, along with USAMRID, purportedly conducted anthrax studies on the remains of the Flight 93 9/11 hijackers.

Finally, in the new materials provided to the committee it is noted that [polymerase chain reaction] PCR analysis was performed on human remains from United flight 93 on 9/11/2001 that were identified as those of the hijackers (B3D1). Analysis was performed at USAMRIID and at AFIP for sequences diagnostic of B. anthracis. One assay at USAMRIID gave positive results, but these results were believed by the FBI to be due to laboratory contamination. All other results were negative. As the committee learned at the January 2011 meeting, there were no tests done on remains from any of the other September 11, 2001 hijackers. [my emphasis]

So let’s see. At some point during the anthrax attacks in 2001, USAMRID and AFIP decided to do anthrax tests on material from Flight 93. They purportedly  found the hijackers tested positive for anthrax! But on second thought, FBI tells us, that positive result came from “lab contamination.” And then, presumably just after those tests, USAMRID and AFIP, perhaps working outside the chain of the official FBI investigation of anthrax, discover evidence implicating Iraq in the anthrax attacks. Results that, once again, further testing suggested was inaccurate.

Another example of lab contamination, I guess. Funny how that happens.

And the FBI wants us to believe that over the course of a 9 year investigation, they never decided to investigate the circumstances surrounding this partnership that somehow always resulted in convenient propaganda?

I’ve been reviewing the docket on Thomas Drake’s case to see whether it touches on the privacy concerns Drake had about NSA’s post-9/11 activities.

It appears it doesn’t, even while there was an ongoing dispute about whether or not Drake will have access to the materials he submitted to the DOD Inspector General in support of claims that the ThinThread program operated more effectively than the Trailblazer program that Michael Hayden chose to enrich SAIC with instead (the Judge ruled that material would be admissible, but not a formal whistleblower defense, which Drake wasn’t trying to do anyway).

There are a couple of reasons why the silence, in the legal filings, about privacy concerns is interesting (aside from the fact that it’s a focus of Jane Mayer’s article.

First, because the two-sentence summary of the conclusion of the DOD IG Report on Trailblazer and ThinThread that the defense provides in a filing doesn’t address privacy.

In 2004, after more than a year of fact-finding, the Inspector General issued its initial audit findings. In a report entitled, “Requirements for the Trailblazer and Thinthread Systems,” the auditors concluded that “the National Security Agency is inefficiently using resources to develop a digital network exploitation system that is not capable of fully exploiting the digital network intelligence available to analysts from the Global Information Network . . . (T)he NSA transformation effort may be developing a less capable long-term digital network exploitation solution that will take longer and cost significantly more to develop.” The NSA continued to support the “less capable” program and its successor.

Which suggests the IG Report may not have addressed the claim that, in addition to being less efficient at “connecting the dots” than ThinThread, Trailblazer also offered none of the privacy protections ThinThread had.

That’s important because the government argued that Drake couldn’t claim to be a whistleblower because, by 2007, the issues at hand were resolved. They’re arguing both that any whistleblower claims would be mooted because Turbulence, Trailblazer’s successor, integrated “significant portions” of ThinThread, and that the debate was “over” by 2007, when Drake was (according to the indictment) serving as a source for Baltimore Sun reporter Siobhan Gorman.

In or about December 2004, the DOD IG completed its audit of [Trailblazer], including the allegations raised in the complaint letter. The NSA responded in August 2004 and February 2005, stating that based on the judgments of NSA’s experienced technical experts, the allegations were unfounded. Nonetheless, NSA agreed to incorporate significant portions of [ThinThread] into [Trailblazer] as a result of the DOD IG recommendations, thus largely mooting the issues raised in the complaint. In addition, starting in late 2005 and early 2006, the NSA transitioned away from [Trailblazer] to [Turbulence], another corporate architecture solution for Signals Intelligence collection.

[snip]

Just as importantly, by 2007, the timeframe of the charges in this case, there was no imminent harm faced by the defendant, because [Trailblazer] had incorporated elements of [ThinThread], and also because NSA had transitioned away from [Trailblazer] to [Turbulence].

[snip]

The defendant’s actions had no impact in the debate regarding the efficacy of [Trailblazer and ThinThread], because NSA had begun transitioning to [Turbulence] by 2006. Put simply, the debate was over.

There’s a lot going on in this passage. Obviously, the government is trying to claim that since Drake was allegedly collecting information for Gorman in 2007, he couldn’t claim he was whistleblowing.

Mind you he was not claiming he was whistleblowing, in the legal sense. He was only trying to get the IG materials to prove that’s why he collected three of the documents he’s accused of willingly keeping; basically, he’s arguing that if he overlooked three documents out of 5 boxes worth originally collected for the IG–and did not retain the really classified materials–that he basically just overlooked the three documents, rather than willfully retained them.

And the government is playing funny with dates. After all, they say Drake served as a source for Gorman from February 27, 2006, to November 28, 2007. The key story about ThinThread Drake served as a source for was dated May 18, 2006. And one of the charges accuses Drake of obstruction for shredding other documents. So not only is the 2007 date bogus because it igonores debates ongoing in 2006, but the government suggests that either Drake would be guilty for illegally retaining information, or obstructing an investigation. Moreover, Drake maintains he inadvertently included the three IG-related documents in the several boxes of unclassified materials, so the fact the debate was over is pointless.

Moreover, the successor to Trailblazer, Turbulence, was suffering from the same management problems Trailblazer had, as the defense notes just after citing the IG Report. The government wants to pretend the shift from Trailblazer to Turbulence ended the complaints about management problems, but it didn’t.

But then there’s the way the government portrays the IG complaint: efficacy. As I laid out the other day, there are four ways, Gorman’s sources claim, that ThinThread was better than Trailblazer:

The program the NSA rejected, called ThinThread, was developed to handle greater volumes of information, partly in expectation of threats surrounding the millennium celebrations. Sources say it bundled together four cutting-edge surveillance tools. ThinThread would have:

* Used more sophisticated methods of sorting through massive phone and e-mail data to identify suspect communications.

* Identified U.S. phone numbers and other communications data and encrypted them to ensure caller privacy.

* Employed an automated auditing system to monitor how analysts handled the information, in order to prevent misuse and improve efficiency.

* Analyzed the data to identify relationships between callers and chronicle their contacts. Only when evidence of a potential threat had been developed would analysts be able to request decryption of the records.

In other words, privacy was just one of three ways ThinThread was better than Trailblazer, according to Gorman’s sources.

But that’s not the aspect the government seems to address. That is, the government seems to be saying that, because Turbulence adopted some of the approaches of ThinThread that made it more efficient at analysis, Drake can’t complain. The suggestion is (though we can’t know because of the secrecy) privacy is not, like efficacy, an adequate reason to blow the whistle. Neither privacy, nor the Constitution.

And that’s interesting for two more reasons. First, because the government references a notebook of documents Drake provided that had nothing to do with the IG Report.

There was, for example, a notebook of documents provided by the defendant, many of which had nothing to do with the IG’s audit, but this notebook was destroyed before the case began, and after the IG completed its audit.

Is it playing games with the scope of the audit? That is, did Drake provide materials on privacy, which the IG didn’t include within the scope of its report? If so, the IG’s destruction of the notebook, in violation of DOD’s document retention policy, is all the more interesting.

Then, finally, the debates about privacy continued into 2007 and 2008. In August 2007, specifically, Mike McConnell nixed a Democratic version of the Protect America Act because it required the government to tell FISA judges what the plan for minimizing US person data is and allowed the judges to review for compliance. Debates on how to fix PAA continued throughout the fall and into the following year, with Russ Feingold and Sheldon Whitehouse both trying to make real improvements on the minimization requirements.

The government seems to want to say that Drake’s privacy concerns aren’t a valid whistleblowing concern. Because, I guess, government officials aren’t allowed to whistleblow about citizens’ rights.

Thomas Drake, the NSA whistleblower, was on 60 Minutes this evening. I’ll have more to say about his appearance and case going forward, but I just wanted to highlight a critical detail revealed by 60 Minutes: the relative cost of Trailblazer–the SAIC implemented program Michael Hayden championed–and ThinThread–the program Drake and others claim was more effective and had privacy protections.

One of them was Lieutenant General Michael Hayden, the head of the agency: he wanted to transform the agency and launched a massive modernization program, code named: “Trailblazer.” It was supposed to do what Thin Thread did, and more.

Trailblazer would be the NSA’s biggest project. Hayden’s philosophy was to let private industry do the job. Enormous deals were signed with defense contractors. [Bill] Binney’s Thin Thread program cost $3 million; Trailblazer would run more than $1 billion and take years to develop.

“Do you have any idea why General Hayden decided to go with Trailblazer as opposed to Thin Thread, which already existed?” Pelley asked.

“I believe he was convinced by others that going with a large-scale, industrial strength solution was the approach that NSA needed to take. You can’t really understand why they would make that kind of a decision without understanding the culture of NSA,” Drake said.

Asked to elaborate, Drake said, “Careers are built on projects and programs. The bigger, the better their career.” [my emphasis]

So Drake was complaining about a program that cost 300 times as much as the one he championed (ultimately, Trailblazer cost $1.2 billion, so actually 400 times as much). It’s not an apples-to-apples comparison. Trailblazer, according to a government filing, worked across more platforms. ThinThread, according to a Siobhan Gorman story, had additional functionality, including privacy protections.

But still, Drake complained about a program that did what ThinThread did–at 300 to 400 times the cost.

As one of the other NSA employees who whistleblew about Trailblazer, J. Kirk Wiebe, explains,

“How does a man see 9/11 happened, know that some part of it is due to corruption and mismanagement and sleep at night. How does a man do that? He obviously couldn’t,” Wiebe told Pelley.

Yet the government wants to put Drake in jail for 35 years because he tried to make sure incompetence that led to 9/11 doesn’t continue.

I’ll admit, I was merely disgusted when Mickey Mouse tried to trademark Seal Team 6. But Mickey’s seeming embrace of GateGrope is far more disturbing. (h/t Bruce Schneier) In a press release boasting about changes to Walt Disney World’s Star Tour ride, Disney boasts of their imitation TSA checkpoints!

The second room of the queue is now a security check area, similar to a TSA checkpoint. The two G-series droids are still there, G2-9T scanning luggage and G2-4T scanning passengers. For those attraction junkies, you’ll remember that the G-series droids are so named because in the original Disneyland Park version of the ride, they were created by removing the “skins” from two of the goose animatronics from the soon-to-close America Sings attraction (Goose = “G” series). While we won’t tell you why, you’ll enjoy paying a lot of attention to what the scans of the luggage show is inside. When it’s your turn to go through the passenger scan (a thermal body scan), you may be verbally accosted by a security droid. Also, keep an eye out in the queue for an earlier version of RX-24 (“Captain Rex”) from the original Star Tours; he’s labeled “defective” and has some familiar dialogue.

Families are paying something like $280 a day to be amused at Walt Disney World. And as part of the amusement, they “get” to go through a “thermal body scan”?!?!?! All enhanced by the pleasure of being “verbally accosted by a security droid”!?!?!?! And all this as a way to make standing in line for obscene amounts of time to feel like a celebration of fantasy and/or capitalism rather than a pathology just like it was in the former Soviet Union?

I’m actually surprised that Schneier isn’t even more appalled at this than he is, given that he’s been as skeptical of “security theater” as anyone.

I mean, I want to know how a company with close regulatory ties to the federal government decides it will now claim it’s fun to submit to verbal abuse at the hand of what is cast as a “droid”? … How it decides either that “security scans” are such a part of our reality that no endless queue should be without one–all to help suspend our disbelief, I assume–or that a body scan is a good way to kill time in an hour-long line?

Sure, there’s a history of using Mickey Mouse to get children to accommodate security “precautions.” But do we really need to use Mickey to accustom children to RapeAScan?

While Jane Mayer’s profile on NSA whistleblower Thomas Drake has generated a lot of attention for the way Obama’s DOJ is senselessly prosecuting him, there has been less focus on the key revelation that Drake and others went on the record to reveal in Mayer’s story: that the NSA chose not to integrate the privacy protections from a program called ThinThread into its illegal domestic surveillance program.

Pilot tests of ThinThread proved almost too successful, according to a former intelligence expert who analyzed it. “It was nearly perfect,” the official says. “But it processed such a large amount of data that it picked up more Americans than the other systems.” Though ThinThread was intended to intercept foreign communications, it continued documenting signals when a trail crossed into the U.S. This was a big problem: federal law forbade the monitoring of domestic communications without a court warrant. And a warrant couldn’t be issued without probable cause and a known suspect. In order to comply with the law, [Bill Binney, a crypto-mathmetician who headed Signals Intelligence Automation Research Center (SARC) that developed ThinThread] installed privacy controls and added an “anonymizing feature,” so that all American communications would be encrypted until a warrant was issued. The system would indicate when a pattern looked suspicious enough to justify a warrant.

[snip]

When Binney heard the rumors, he was convinced that the new domestic-surveillance program employed components of ThinThread: a bastardized version, stripped of privacy controls. “It was my brainchild,” he said. “But they removed the protections, the anonymization process. When you remove that, you can target anyone.” He said that although he was not “read in” to the new secret surveillance program, “my people were brought in, and they told me, ‘Can you believe they’re doing this? They’re getting billing records on U.S. citizens! They’re putting pen registers’ ”—logs of dialled phone numbers—“ ‘on everyone in the country!’ ”

[snip]

[Former HPSCI staffer Diane Roark] asked Hayden why the N.S.A. had chosen not to include privacy protections for Americans. She says that he “kept not answering. Finally, he mumbled, and looked down, and said, ‘We didn’t need them. We had the power.’ He didn’t even look me in the eye. I was flabbergasted.” She asked him directly if the government was getting warrants for domestic surveillance, and he admitted that it was not. [my emphasis]

Mayer’s actually not the first to report on the decision not to implement the privacy protections of ThinThread. It was the subject of one of Siobhan Gorman’s articles during the period when Drake, according to the indictment, served as a source for her. The article appeared on May 18, 2006, the morning of Michael Hayden’s confirmation hearing to be CIA Director. (Unlike most of Gorman’s articles from the period, this appears to be available only behind the Sun’s firewall. Update: I’ve found a link to the article at CommonDreams.) It describes that since Bush’s authorization for the program required no privacy protections, the NSA just didn’t bother to implement that part of ThinThread.

Once President Bush gave the go-ahead for the NSA to secretly gather and analyze domestic phone records – an authorization that carried no stipulations about identity protection – agency officials regarded the encryption as an unnecessary step and rejected it, according to two intelligence officials knowledgeable about ThinThread and the warrantless surveillance programs.”They basically just disabled the [privacy] safeguards,” said one intelligence official.

A former top intelligence official said that without a privacy requirement, “there was no reason to go back to something that was perhaps more difficult to implement.”

However two officials familiar with the program said the encryption feature would have been simple to implement. One said the time required would have involved minutes, not hours. [my emphasis; bracket original]

In other words, ThinThread came equipped with a measure–encryption–to achieve the same thing as minimization, but before the fact. But in implementing Dick Cheney’s illegal wiretapping, NSA took that protection out of the program. And when asked why he had done that, Michael Hayden explained they didn’t need the protection, not with the Presidential authorization they used to justify the program.

October 2001, as Michael Hayden was implementing Cheney’s illegal program, was not the only time the government chose not to include privacy protections on a data mining program focused on Americans.

As Shane Harris reported in 2006 and in more detail in his book, The Watchers, when the government dismantled John Poindexter’s Total Information Awareness program in August 2003 after Congress defunded it, they didn’t actual dismantle most of it–they just moved it into the NSA. In his book, Harris described Poindexter’s regret that the government had not salvaged the privacy protection research.

But he regretted that the privacy research had been tossed into the dustbin. He’d never felt that the idea got traction, and what little research there’d been would wither without funding. It was a fateful decision, since the agency inheriting TIA would so on enough find itself accused of a massive and illegal incursion into Americans’ private lives.

So in October 2001, NSA affirmatively chose to disable privacy protections in ThinThread, and then again in August to December 2003, the government chose to salvage the data mining aspects of Total Information Awareness, but not the privacy research.

In other words, the government, on at least two occasions, chose not to incorporate existing technology into its data mining program to protect the privacy of Americans. Sort of makes it clear that the Bush Administration wanted to make sure Americans’ privacy wasn’t protected, huh?

There are a number of oddly coinciding legal issues that I wanted to pull together into one post.

The Administration Fudges the War Powers Act

First and most obviously, today is the day the 60-day grace period for Libya under the War Powers Act expires. Obama should, by law, have to go to Congress to get sanction for our third war against a Muslim country.

Mind you, Congress isn’t going to make the President do that.

But just to be safe, the Administration is going to conduct some kind of legal hocus pocus to make sure it can claim it isn’t violating the WPA.

A variety of Pentagon and military officials said the issue was in the hands of lawyers, not commanders. Several officials described a few of the ideas under consideration.

One concept being discussed is for the United States to halt the use of its Predator drones in attacking targets in Libya, and restrict them solely to a role gathering surveillance over targets.

Over recent weeks, the Predators have been the only American weapon actually firing on ground targets, although many aircraft are assisting in refueling, intelligence gathering and electronic jamming.

By ending all strike missions for American forces, the argument then could be made that the United States was no longer directly engaged in hostilities in Libya, but only providing support to NATO allies.

Another idea is for the United States to order a complete — but temporary — halt to all of its efforts in the Libya mission. Some lawyers make the case that, after a complete pause, the United States could rejoin the mission with a new 60-day clock.

My money, given the way that the OLC wrote a memo retroactively justifying the first several weeks of the war that culminated with us ceding control to NATO (and for other reasons), is that we’ll choose option A; we’ll pretend that we’re just conducting a very expensive unfunded intelligence operation in support of our NATO allies and call that good.

Congress Tries to Force Obama to Fight the Forever Whereever War

Then there’s the Republicans efforts to rewrite the AUMF in the spending bill, which would make it a lot easier to pass without a lot of debate and certainly without concerted attention to it. Ben Wittes has been orchestrating a debate on this topic over at Lawfare (here, here, here, here, here, here, and here).

There are a couple of elements to this. First, the belief by both the right and left that the Administration has already exceeded the terms of the Afghan AUMF by striking at groups that either didn’t exist in 2001 or didn’t support the 9/11 attacks. If we’re right, it would mean such things as drone strikes in Yemen are legally questionable. And for those who believe we must use drones in Yemen and Somalia, it seems clear we must rewrite or expand the AUMF to incorporate these new targets.

In addition, there’s the question of detention. I believe that we are close to sufficiently achieving the objectives in the 2001 AUMF that it might require Obama to base the detention of Gitmo detainees on something more permanent. McKeon would like to institutionalize Obama’s preferred indefinite detention, but by endorsing detention going forward, might invite further indefinite detention.

There are probably some other things our government is doing under the guise of war that we don’t know about (but that McKeon presumably does and endorses).

But for the moment, let’s assume that the forever whereever war authorizes the President to continue to make up the rules of this war as he goes forward, with no defined end point.

And, as Adam Serwer implies, McKeon is doing this not via free-standing statute (which is what he first tried), but on the spending bill, making it much harder to oppose.

But the country never made that decision–the country made the decision to go to war against the perpetrators of the 9/11 attacks. That’s why I think that this new AUMF shouldn’t be something that gets tucked into a spending bill–it’s the kind of thing that the American people need to consider carefully. I suspect public opinion is probably on McKeon’s side here, but at the very least, a separate vote on a new AUMF would have the advantage of sanctioning this larger conflict in a more public and accountable manner. More importantly, we could be having a conversation of what the end of the “war on terror” is supposed to look like.

This is, in other words, the head of the House Armed Services Committee acting where he has greatest powers, in mapping out how DOD can spend money, to institutionalize the authority of the President to evolve the terms of the war against terrorists as he goes on.

PATRIOT without Sunset

At the same time as one corner of Congress is acting at the area of its strength, another corner of Congress is acting with typical cowardice. John Boehner, Mitch McConnell, and Harry Reid are pushing a vote on Monday to extend the PATRIOT Act another 4 years, until June 1, 2015.

Mind you, it might not be just their idea. This is the kind of thing Obama might encourage (though the Administration reportedly backed some, but not all, reforms on the table). This is a way for everyone involved–except for the liberals and handful of TeaParty candidates who will oppose the bill–to just endorse the status quo rather than acknowledge that PATRIOT has some real problems as well as some unnecessary authorities.

And so, with each new extension of a PATRIOT sunset, the myth that it actually will ever sunset gets weaker and weaker.

I’m interested in this development, though, for several reasons. Aside from detention and any secret stuff McKeon knows about and the Afghan-turning-into-Pakistan war, many of the key measures we use to fight terrorism are surveillance related. So at one level, with the never-sunsetting PATRIOT Act, we’re seeing the creeping permanence of the war on terror from an intelligence perspective, too, though by Congressional cowardice rather than Congressional strength.

The Osama bin Laden Strike

All of this is taking place against the background of Osama bin Laden’s death which, in a more noble era, would have steeled our elected representatives to reassess our war against terrorists.

The OBL death is interesting from this front for two other reasons, though.

First, the means. Rather than kill OBL with a drone strike, which (as Robert Chesney observes) the Administration seems to be tying to a war power, we took him out with JSOC operating under the auspices of CIA. We feel free to use JSOC in a variety of locales that are no declared wars. But doing it under Leon Panetta’s direction maintained the legal fiction that DOD operates exclusively in Afghanistan while CIA manages everything in Pakistan.

But it appears that fiction largely serves Pakistan’s benefit. In defending the legality of OBL’s killing (something I don’t contest), Harold Koh emphasizes the AUMF and not–as he might have–the September 17, 2001 Finding that authorizes CIA to capture and detain (and kill, if it came to that) top al Qaeda leaders.

By enacting the AUMF, Congress expressly authorized the President to use military force “against … persons [such as bin Laden, whom the President] determines planned, authorized, committed, or aided the terrorist attacks that occurred on September 11, 2001 …in order to prevent any future acts of international terrorism against the United States by such … persons” (emphasis added). Moreover, the manner in which the U.S. operation was conducted—taking great pains both to distinguish between legitimate military objectives and civilians and to avoid excessive incidental injury to the latter—followed the principles of distinction and proportionality described above, and was designed specifically to preserve those principles, even if it meant putting U.S. forces in harm’s way. Finally, consistent with the laws of armed conflict and U.S. military doctrine, the U.S. forces were prepared to capture bin Laden if he had surrendered in a way that they could safely accept. The laws of armed conflict require acceptance of a genuine offer of surrender that is clearly communicated by the surrendering party and received by the opposing force, under circumstances where it is feasible for the opposing force to accept that offer of surrender. But where that is not the case, those laws authorize use of lethal force against an enemy belligerent, under the circumstances presented here.

In other words, Koh could have made either an intelligence or a war justification for the killing (both of which, IMO, would have been legally more sound than the hocus pocus they’re pulling in Libya). He chose to go the AUMF route. That’s not surprising (we’re not supposed to talk about that 2001 Finding, you know). But I find it worth noting.

I’m most interested in that approach because one route we could have gone, after OBL’s death, was to commit to use JSOC raids rather than drones (which we have a history of doing without AUMF), as well as surveillance that works. We could have done most of what we’re doing–save the drones and the foreever detention–without an AUMF. (That’s not saying I endorse using JSOC w/o a declared war, but it’s what we do.) The way we think of OBL’s death obviously doesn’t institutionalize that choice, but it does prevent us from using this moment to rethink our approach to terrorism

Altering the Nature of our Nation by Refusing to Think

All of which, IMO, makes this a pretty remarkable moment. In several ways, we’re about to endorse (either by apathy or aggressive choice) making our forever war permanent, not to mention the President’s ability to just bomb wherever his OLC can invent a retroactive excuse for. Sure, we’ve been headed in this direction for a while. But at a moment we might have made another choice, we’re doubling down.

Of course, it’s not going to end up being a forever war.

The way we approach terrorism, generally, will in the medium term bump up against the reality that domestic right wing terrorists now may be more dangerous than Islamic terrorists, particularly the informant-induced “homegrown” terrorist we seem to be focusing on (plus, the warlovers want to make drug cartels terrorists as well). Eventually, everyone will become a terrorist, at which point Americans might finally get tired of sacrificing their liberty and privacy for a myth that some terrorists are worse than other organized criminals.

More importantly, we’re going to go broke. Maybe not before Republicans strip our entire safety net to pay for the forever wars we’ll be fighting. If that happens, we’ll lose the forever wars because no one will be educated enough to fight the forever wards, to make and operate our fancy war toys. But ultimately we can’t continue to add multi-billion dollar wars with no discussion, because we simply can’t afford it.

In the meantime, though, our utterly failed political system is just going to creep further and further away from our constitutional roots and towards a vastly different national security state.

I’m not surprised that Karl Rove has weighed in on the foreclosure fraud scandal with an erroneous op-ed in the WSJ. I’m just a bit baffled why he did so now.

The overall gist of the op-ed is that a $20 billion settlement of the robosigning scandal would represent “a money grab in search of a crime.”

It is fundamentally unfair, even devious, to fleece banks out of billions, ignore victims of “robo-signing” who were wrongly evicted, and then hand out cash to cronies. The $20 billion bank stick-up is a transparent attempt to pay some voters a thinly disguised election year bribe, while pretending the money didn’t come from millions of middle-class families with a checking account, loan or credit card at an affected bank.

Of course the entire argument ignores the meaning of the word “settlement,” which suggests an agreement between multiple parties, including the banks who presumably would reject such a settlement if they didn’t believe it would provide them some kind of benefit (such as preventing them from going bankrupt due to all the shitty loans they securitized).

And while I can see why Rove wants to pitch this story as a contest between deadbeat homeowners (most of whom, of course, are middle class) versus the middle class, I’m not sure how families doing consumer business with banks would pick up the tab here. Is Rove suggesting banks would rewrite existing loan terms to make up for the settlement costs? Violate the consumer card bill of rights to screw card holders to make up the costs? Steal checking account funds to pay what is a paltry fine?

And what about all the investors, for whom principle modifications would be better than the foreclosures they’re getting on shitty loans right now? Doesn’t Karl Rove care about the helpless investors?

This seems to be a favor Rove is doing for the Office of Currency Control and the big banks to try to push back at CFPB and some attorneys general. Indeed, there’s this bizarre claim which I suspect lays groundwork for a future CFPB attack.

The federal government could spend its share of the loot on a long list of programs, including, as one government official familiar with the proposed settlement said, a “borrower’s transitional and educational fund.” Just what does paying someone’s junior college tuition or funding a sabbatical from work—simply because his mortgage is underwater—have to do with repairing the damage of “robo-signing?” Nothing.

How better to discredit teaching consumers how the banks are screwing them than to suggest the consumers would be getting a vacation from work?

But again, why now? Shouldn’t Rove and the banks be a lot more worried about AG Eric Schneiderman’s investigation of securitization? Shouldn’t they be more worried about individual register of deeds demonstrating that most titles in this country are now corrupted? Shouldn’t they worry about suits around the country that may reveal what we all know–that the banks would be lucky to get off with a $20 billion settlement?

So I’m not surprised that Karl Rove is weighing in with one of his patented false screeds. But he seems to have missed the larger picture on this one.

I’m in the process of reading all the Siobhan Gorman stories for which Thomas Drake might have served as an anonymous source. And one of the ten or so articles for which he’s a possible source exposes the NSA’s failure on an issue at the heart of Bradley Manning’s ability to allegedly leak three major databases to WikiLeaks: adequate user authentication on the network.

The Drake indictment claims that Thomas Drake served as a source for “many” of the Siobhan Gorman articles she wrote about NSA between February 27, 2006 and November 28, 2007.

Thereafter, between on or about February 27, 2006 and on or about November 28, 2007, Reporter A published a series of newspaper articles about NSA, including articles that contained SIGINT information. Defendant DRAKE served as a source for many of these newspaper articles, including articles that contained SIGINT information.

One of her articles from that period, published July 2, 2006, describes how the delay in implementing a new encryption management system for NSA and DOD computers exposed those networks to hackers.

A National Security Agency program to protect secrets at the Defense Department and intelligence and other agencies is seven years behind schedule, triggering concerns that the data will be increasingly vulnerable to theft, according to intelligence officials and unclassified internal NSA documents obtained by The Sun.

[snip]

Encryption, which is an electronic lock, is among the most important of security tools, scrambling sensitive information so that it can ride securely in communications over the Internet or phone lines, and requiring a key to decipher.

Powerful encryption is necessary for protecting information that is beamed from soldiers on the battlefield or that guards data in computers at the NSA’s Fort Meade headquarters.

One of the three big things DOD claims it is doing to respond to WikiLeaks is to introduce smart cards for user credentials on SIPRNet.

DoD has begun to issue a Public Key Infrastructure (PKI)-based identity credential on a hardened smart card. This is very similar to the Common Access Card (CAC) we use on our unclassified network. We will complete issuing 500,000 cards to our SIPRNet users, along with card readers and software, by the end of 2012. This will provide very strong identification of the person accessing the network and requesting data. It will both deter bad behavior and require absolute identification of who is accessing data and managing that access.

In conjunction with this, all DoD organizations will configure their SIPRNet-based systems to use the PKI credentials to strongly authenticate end-users who are accessing information in the system. This provides the link between end users and the specific data they can access – not just network access. This should, based on our experience on the unclassified networks, be straightforward.

Which is precisely the kind of challenge one of Gorman’s named sources in the article addresses.

And as the demand grows for “smart” identification cards with computer chips that verify the card holder’s identity, so does the need for sophisticated ways to manage who is being assigned cards, so that the cards do not end up in the wrong hands, said Stephen Kent, a chief scientist at BBN Technologies who has chaired government panels on information security.

Now, we have no way of knowing whether Drake was one of the 18 sources Gorman used for the article. But a number of her sources seem to compare this clusterfuck with that of Trailblazer–the program Drake and others submitted an Inspector General’s complaint on.

Like other major NSA efforts – such as the failed Trailblazer program to rapidly sift out threat information, and the troubled Groundbreaker program aimed at upgrading the agency’s computer networks – an ever-changing game plan has caused many of the project’s problems, current and former senior intelligence officials said.

Following that passage, Gorman cites a “former senior intelligence official”–the description (the indictment alleges) Drake asked Gorman to use when she cited him.

One former senior intelligence official said that the NSA had unrealistic expectations from the start and repeatedly opted for delays to try to perfect the program. That left the government with aging security protections in the quest for security nirvana, the official said.

“NSA often will say, `Well, this is not totally secure, so you can’t use it,’ when the only alternative is nothing,” the former official said. “My worry is this push for perfect security is the enemy of good security.

And managing the implementation of a new key system sure sounds like something that the “Senior Change Leader” of NSA might be involved with.

Interestingly, the initial deadlines predicted in Gorman’s article–2012–seem to roughly match the deadlines DOD now gives for its smart cards (as well as the insider threat detection, the deadline for which Obama is trying to push back further, though that may be a different issue).

Again, all that’s not proof that Thomas Drake was warning in 2006 that if NSA didn’t fix its management problems, something like CableGate would happen (as well as the widespread hacking we know to be happening).

But 18 people were warning of it back in 2006.

Which is, I guess, DOJ feels the need to prosecute whistleblowers, to cover up embarrassing lapses like this.

This is the disrespect in which our Congress holds our Constitution: they will continue to chip away at the Fourth Amendment, by passing yet another extension of the PATRIOT Act without addressing the clear abuses identified since the last extension.

US Congress leaders have agreed to extend for four years an array of counter-terrorism surveillance and search powers adopted after the September 11, 2001 attacks, sources said Thursday.Under the arrangement, the Senate and House of Representatives will hold a vote on extending the controversial powers at the core of the Patriot Act before they lapse on May 27, according to several congressional aides.

The officials said the vote would be “a clean extension” to June 1, 2015, meaning it would not include new civil liberties safeguards sought by some senior lawmakers of both major parties.

Apparently, it’s just too much work to do their fucking jobs and deal with the sound reform proposals on the table.

The ACLU is trying to get a barrage of contacts to legislators.

But if your legislator is either a real liberal or a TeaPartier, please contact them one way or another.