Drug War

El Chapo

Screen Shot 2014-02-22 at 5.21.44 PMToday, they announced the capture of Chapo Guzmán.

According to Mexico’s el Universal, Sinaloa Cartel boss Chapo Guzmán was captured by authorities at 6:40 AM (it’s unclear whether this is Mexico City or Mazatlán time, which are an hour and two behind ET, respectively; and the local Sinaloa press says the operation started at 3:30 AM).

The AP broke the story at 10:52 AM, sourcing to a US official. At around 11:00 (presumably, Mexico City time), Mexico’s Attorney General Jesús Murillo Karam announced the capture — he attributed the delay to taking time to confirm Guzmán’s identity.

And around that same time, President Enrique Peña Nieto tweeted out congratulations to Mexico’s security services for the capture.

As of right now, I’ve seen no comment from the White House on the capture, even though the DEA were said to be heavily involved.

There have been two pictures circulating relating to the arrest: a KSM-style picture of Guzmán at least partially undressed, and pictures taken in full daylight of him being transferred, fully dressed, to a helicopter by masked men wearing Mexican Navy uniforms.

I lay out these details because I have been wondering for some time why, alone among the world leaders spied on by the NSA, Peña Nieto never complained all that loudly. When Speigel first reported the spying, it suggested the US was trying to determine how seriously Peña Nieto — then still a candidate — meant his campaign promises to change the war on drugs. But according to Dana Priest, subsequent to the start of that spying, upon being presented with the range of our spying in Mexico, the President ended much of that “cooperation.”

The new administration has shifted priorities away from the U.S.-backed strategy of arresting kingpins, which sparked an unprecedented level of violence among the cartels, and toward an emphasis on prevention and keeping Mexico’s streets safe and calm, Mexican authorities said.

Some U.S. officials fear the coming of an unofficial truce with cartel leaders. The Mexicans see it otherwise. “The objective of fighting organized crime is not in conflict with achieving peace,” said Eduardo Medina Mora, Mexico’s ambassador to the United States.

[snip]

U.S. officials got their first inkling that the relationship might change just two weeks after Peña Nieto assumed office Dec. 1. At the U.S. ambassador’s request, the new president sent his top five security officials to an unusual meeting at the U.S. Embassy here. In a crowded conference room, the new attorney general and interior minister sat in silence, not knowing what to expect, next to the new leaders of the army, navy and Mexican intelligence agency.

In front of them at the Dec. 15 meeting were representatives from the U.S. Drug Enforcement Administration (DEA), the CIA, the FBI, the Office of the Director of National Intelligence and other U.S. agencies tasked with helping Mexico destroy the drug cartels that had besieged the country for the past decade.

The Mexicans remained stone-faced as they learned for the first time just how entwined the two countries had become during the battle against narco-traffickers, and how, in the process, the United States had been given near-complete entree to Mexico’s territory and the secrets of its citizens, according to several U.S. officials familiar with the meeting

Four months after that meeting, Peña Nieto involved his government in the information sharing process between the US and Mexico, and he reportedly kicked out Americans working in Mexican fusion centers.

Medina Mora, the Mexican ambassador, said in an interview that his nation considers U.S. help in the drug war “a centerpiece” of Mexico’s counternarcotics strategy. But the Mexican delegation in Washington also informed U.S. authorities that Americans will no longer be allowed to work inside any fusion center, including the one in Monterrey. The DEA agents and retired military contractors there will have to go.

Mind you, it’s clear that this change in strategy didn’t really come about — or if it has, the US has accelerated its own work without the Mexicans — as can be seen by the string of Guzmán associates who’ve been rolled up in recent weeks.

There were further hints of Mexico’s close cooperation when James Clapper, at a recent hearing, refused to elaborate in public session on an answer suggesting that Mexico was cooperating as closely as ever. And this response — in a background briefing in advance of President Obama’s trip to Toluca last week — makes it clear the Americans believe cooperation is still ongoing.

Q I was wondering, since we’re on the topic of messages, and you’ve already outlined the main topics of the summit, what sort of message is the President going to give the Mexican President Peña Nieto with the ongoing violence in Michoacán and whether or not they’re going to talk about new initiatives or somehow renewing the — or expanding the Merida initiative to combat drug traffickers down there. So in other words, what sort of deliverables can we expect from this summit? Thank you.

SENIOR ADMINISTRATION OFFICIAL: Thanks for that question. First of all, we have a very good and effective security relationship with Mexico and we have a for a number of years now, including with this administration. Certainly our shared security interests are going to be a part of the conversation. As President Obama made very clear in his initial meeting with President Peña Nieto, we stand by to help in any way we can and to cooperate as determined by the government of Mexico as it develops its security posture and deals with security concerns and judicial reform in Mexico.

You mentioned the Merida programs; those are continuing. And there’s a process in place between our two governments to develop priorities for cooperation. There’s a greater emphasis on the judicial cooperation now and finding ways to work together in that field. With respect to Michoacán, certainly we’re following closely what is happening there and stand by the government of Mexico as it confronts challenges there and elsewhere. [my emphasis]

And now Chapo is in custody, reportedly as a result of several weeks of cooperation between the DEA and Mexico’s Navy.

We shall see whether this time he stays in custody, and if so, in which country.

Keith Alexander Refutes Claims NSA Doesn’t Get Cell Data

Eight days ago, the country’s four major newspapers reported a claim that the NSA collected 33% or less of US phone records (under the Section 215 program, they should have specified, but did not) because it couldn’t collect most cell phone metadata:

  • “[I]t doesn’t cover records for most cellphones,” (WSJ)
  • “[T]he agency has struggled to prepare its database to handle vast amounts of cellphone data,” (WaPo)
  • “[I]t has struggled to take in cellphone data,” (NYT)
  • “[T]he NSA is gathering toll records from most domestic land line calls, but is incapable of collecting those from most cellphone or Internet calls.” (LAT)

Since that time, I have pointed to a number of pieces of evidence that suggest these claims are only narrowly true:

  • A WSJ article from June made it clear the cell gap, such as it existed, existed primarily for Verizon and T-Mobile, but their calls were collected via other means (the WaPo and NYT both noted this in their stories without considering how WSJ’s earlier claim it was still near-comprehensive contradicted the 33% claim)
  • The NSA’s claimed Section 215 dragnet successes — Basaaly Moalin, Najibullah Zazi, Tsarnaev brothers — all involved cell users
  • Identifying Moalin via the dragnet likely would have been impossible if NSA didn’t have access to T-Mobile cell data
  • The phone dragnet orders specifically included cell phone identifiers starting in 2008
  • Also since 2008, phone dragnet orders seem to explicitly allow contact-chaining on cell identifiers, and several of the tools they use with phone dragnet data specifically pertain to cell phones

Now you don’t have to take my word for it. Here’s what Keith Alexander had to say about the claim Friday:

Responding to a question about recent reports that the NSA collects data on only 20% to 30% of calls involving U.S. numbers, Alexander acknowledged that the agency doesn’t have full coverage of those calls. He wouldn’t say what fraction of the calls NSA gets information on, but specifically denied that the agency is completely missing data on calls made with cell phones.

“That part is not true,” he said. “We don’t get it all. We don’t get 100% of the data. It’s not where we want it to be, but it has been sufficient to go after the key targets that we’re going after.” [my emphasis]

Admittedly, Alexander is not always entirely honest, so it’s possible he’s just trying to dissuade terrorists from using cellphones while the NSA isn’t tracking them. But he points to the same evidence I did — that NSA has gotten key targets who use cell phones.

There’s something else Alexander said that might better explain the slew of claims that it can’t collect cell phone data.

The NSA director, who is expected to retire within weeks, indicated that some of the gaps in coverage are due to the fact that the NSA “paused any changes to the program” during the recent controversy and discussions about restructuring the effort.

The NSA has paused changes to the program.

This echoes WaPo and WSJ reports that crises (they cited both the 2009 and current crisis) delayed some work on integrating cell data, but suggests that NSA was already making changes when the Snowden leaks started.

There is evidence the pause — or at least part of it — extends back to before the Snowden leak. As I reported last week, even though the NSA has had authority to conduct a new auto-alert on the phone dragnet since November 2012, they’ve never been able to use it because of technical reasons.

The Court understands that to date NSA has not implemented, and for the duration of this authorization will not as a technical matter be in a position to implement, the automated query process authorized by prior orders of this Court for analytical purposes.

This description actually came from DOJ, not the FISC, and I suspect the issue is rather that NSA has not solved some technical issues that would allow it to perform the auto-alert within the legal limits laid out by the FISC (we don’t know what those limits are because the Administration is withholding the Primary Order Supplement that would describe it, and redacting the description of the search itself in all subsequent orders).

That said, there are plenty of reasons to believe there are new reasons why NSA is having problems collecting cell phone data because it includes cell location, which is far different than claiming (abundant evidence to the contrary) they haven’t been collecting cell data all this time. In addition to whatever reason NSA decided to stop its cell location pilot in 2011 and the evolving understanding of how the US v. Jones decision might affect NSA’s phone dragnet program, 3 more things have happened since the beginning of the Snowden leaks:

  • On July 19, Claire Eagan specifically excluded the collection of cell site location information under the Section 215 authority
  • On September 1, NYT exposed AT&T’s Hemisphere program; not only might this give AT&T reason to stop collating such data, but if Hemisphere is the underlying source for AT&T’s Section 215 response, then it includes cell location data that is now prohibited
  • On September 2, Verizon announced plans to split from Vodaphone, which might affect how much of its data, including phone metadata, is available to NSA via GCHQ under the Tempora program; that change legally takes effect February 21

Remember, too, there’s a February 2013 FISC Section 215 opinion the Administration is also still withholding, which also might explain some of the “technical-meaning-legal” problems they’re having.

Underlying this all (and assuredly underlying the problems with collecting VOIP calls, which are far easier to understand and has been mentioned in some of this reporting, including the LAT story) is a restriction arising from using an ill-suited law like Section 215 to collect a phone dragnet: telecoms can only be obligated to turn over records they actually “already generate,” as described by NSA’s SID Director Theresa Shea.

[P]ursuant to the FISC’s orders, telecommunications service providers turn over to the NSA business records that the companies already generate and maintain for their own pre-existing business purposes (such as billing and fraud prevention).

To the extent telecoms use SS7 data, which includes cell location, to fulfill their Section 215 obligation (after all, what telecoms need billing records on a daily basis?), it probably does introduce problems.

Which, I suspect, will mean that Alexander and the rest of the dragnet defenders will recommend that a third party collate and store all this data, the worst of all solutions. They need to have a comprehensive source (like Hemisphere apparently plays for the DEA), one that will shield the government from necessarily having collected cell location data that is increasingly legally suspect to obtain. And they’ll celebrate it as a great sop to the civil libertarians, too, when in fact, they’ve probably reached the point where it is clear Section 215 can’t legally authorize what it is they want it to do.

The issue, more and more evidence suggests, is that they can’t collect the dragnet data without a law designed to construct the dragnet. Which is another way of saying the dragnet, as intended to function, is illegal.

Is Hemisphere Creating Problems for the Phone Dragnet?

Screen Shot 2014-02-12 at 4.39.40 PMYou are all probably bored with my repeated posts about why the claim that NSA only collects 30% of US data is probably only narrowly true.

So I won’t discuss how absurd it would be to argue that the terrorist dragnet drawing on the records of at least 3 phone companies was less comprehensive than Hemisphere, the similar AT&T-specific database it makes available to hunt drug crime.

I just want to raise a methodological issue.

In her declaration submitted in support of the suits challenging the Section 215 dragnet, Theresa Shea emphasized something implicit in the Business Records order: the telecoms are only turning over records they already have.

[P]ursuant to the FISC’s orders, telecommunications service providers turn over to the NSA business records that the companies already generate and maintain for their own pre-existing business purposes (such as billing and fraud prevention).

Presumably, AT&T provides precisely this same data to the NSA for its master phone dragnet. That is, to the extent that AT&T compiles this data in particular form, that may well be the form it hands onto NSA.

And that’s interesting for several reasons.

Hemisphere includes not just AT&T call records. It includes records from “CDRs for any telephone carrier that uses an AT&T switch to process a telephone call.” It gets 4 billion call records a day, including international ones and cell ones. As Scott Shane explained,

AT&T operates what are called switches, through which telephone calls travel all around the country. And what AT&T does in this program is it collects all the—what are called the CDRs, the call data records, the so-called metadata from the calls that we’ve heard about in the NSA context. This is the phone number—phone numbers involved in a call, its time, its duration, and in this case it’s also the location. Some are cellphone calls; some are land line calls. Anything that travels through an AT&T switch, even if it’s not made by an AT&T customer—for example, if you’re using your T-Mobile cellphone but your call travels through an AT&T switch somewhere in the country, it will be picked up by this project and dumped into this database.

Which supports the report from last summer that the government can get T-Mobile calls off AT&T’s records. These are the pre-existing records that NSA can come get and they include T-Mobile calls.

There’s another interesting part of that. As I noted the first two phone dragnet orders provided for compensation to the providers, even though the statute doesn’t envision that. That would bring you to November 2006; Hemisphere started in 2007, with funding from ONCDP, the White House Drug Czar. Remember, too, that FBI had the equivalent of Hemisphere onsite until late 2007-2008. That is, one thing Hemisphere does is pay for one provider to store what serves as a good baseline dragnet that can then be handed over to the NSA. That’s significant especially given Geoffrey Stone’s claims that the dragnet is not comprehensive because the cost involved: there should be no cost, but somehow it’s driving decisions.

In any case, as luck would have it, Hemisphere got exposed at the same time as the dragnet.

Hemisphere operates with different legal problems than the NSA phone dragnet. At least with the phone dragnet, after all, AT&T has been compelled to turn over records; with Hemisphere they’re effectively retaining them voluntarily to turn surveillance into a profit center (though they do get compelled on an order-by-order basis). Moreover, AT&T’s far more exposed by the publication on Hemisphere than it is on the NSA dragnet (or perhaps, than even Verizon is under the phone dragnet). The exposure of Hemisphere might make AT&T more hesitant to “voluntarily” retain this data.

Finally, there’as the amicus challenge EFF and ACLU submitted in a criminal case in Northern California notes, Hemisphere includes precisely the data the NSA is struggling with: cell location data.

Hemisphere goes even further than the NSA’s mass call-tracking program, as the CDRs stored in the Hemisphere database contain location information about callers (see Hemisphere Slide Deck at 3, 13), thus implicating the specific concerns raised by five Justices in Jones. See 132 S. Ct. at 955 (Sotomayor, J., concurring) (“wealth of detail about [a person’s] familial, political, professional, religious, and sexual associations” revealed through “trips to the psychiatrist, the plastic surgeon, the abortion clinic,” etc.) (internal quotation marks, citation omitted); id. at 964 (Alito, J., concurring).

The FISC has created all sorts of problems for NSA to store cell location data, most explicitly with Claire Eagan’s order in July specifically prohibiting it.

But here AT&T is, creating the opportunity for the perfect challenge to use Jones to challenge location in a dragnet specifically.

Which is all a way of saying that the tensions with the phone dragnet may not be entirely unrelated from the fact that Hemisphere also got challenged.

Is There a 702 Certificate for Transnational Crime Organizations?

I joked yesterday that James Clapper did no more than cut and paste to accomplish President Obama’s order of providing a list of acceptable bulk collection. But I’d like to note something about the list of permissible uses of bulk collection.

  1. Espionage and other threats and activities directed by foreign powers or their intelligence services against the United States and its interests;
  2. Threats to the United States and its interests from terrorism;
  3. Threats to the United States and its interests from the development, possession, proliferation, or use of weapons of mass destruction;
  4. Cybersecurity threats;
  5. Threats to U.S. or allied Armed Forces or other U.S. or allied personnel; and
  6. Transnational criminal threats, including illicit finance and sanctions evasion related to the other purposes named above.

For months, I have been noting hints that the use of Section 702 — which is one of several kinds of domestic bulk collection — is limited by the number of certifications approved by FISC, which might be limited by FISC’s assessment of whether such certifications establish a certain level of “special need.”

In 2011, it seems clear from John Bates’ opinion on the government’s Section 702 applications, there were 3 certifications.

Screen shot 2013-12-19 at 7.10.00 AM

If there are just 3 certifications, then it seems clear they cover counterterrorism, counterproliferation, and cybersecurity (which is consistent with both ODNI’s public descriptions of Section 702 and the Presidential Review Group’s limits on it), 3 of 6 of the permitted uses of bulk collection.

Furthermore, there’s some history (you’ll have to take my word for this for now, but the evidence derives in part from reports on the use of National Security Letters) of lumping in Counterintelligence and Cybersecurity, because the most useful CI application of bulk collection would target technical exploits used for spying. So if that happens with 702 collection, then 4 of the 6 permissible applications would be covered by existing known certifications.

Threats against Armed Forces would, for the most part, be overseas, suggesting the bulk collection on it would be too. (Though it appears Bush’s illegal program used the excuse of force protection to spy on Iraqi-related targets, potentially even in the US, until the hospital confrontation stopped it.)

Which leaves just transnational crime threats — against which President Obama rolled out a parallel sanctions regime to terrorism in 2011 (though there had long been a regime against drug traffickers) — as the sole bulk collection that might apply in the US that doesn’t have certifications we know about.

Given that at least drug cartels have a far more viable — and deathly — operation in the United States than al Qaeda, I can’t think of any reason why the Administration wouldn’t have applied for a certification targeting TCOs, too (one of Treasury’s designated TCO targets — Russian and East European mobs — would have some overlap with the cyber function, and one — Yakuza — just doesn’t seem like a big threat to the US at all).

And last year’s Semiannual Compliance Assessment may support the argument that there are more than 3 certificates. In its description of the review process for 702 compliance, the report lays out review dates by certifications. Here’s the NSA review schedule:

Screen Shot 2014-02-11 at 9.49.59 AM

This seems to show 4 lines of certifications, one each in August and December, but two in October. Perhaps they re-review one of the certifications (counterterrorism, most likely). But if not, it would seem to suggest there’s now a 4th certification.

Here’s the FBI review schedule (which apparently requires a lot more manual review).

Screen Shot 2014-02-11 at 12.30.28 PM

Given that this requires manual review, I wouldn’t be surprised if they repeated the counterterrorism certifications review (and we don’t know whether all the NSA certifications would be used by FBI). But the redactions would at least allow for the possibility that there is a 4th certification, in addition to the 3 we know about.

Perhaps Obama rolled out TCOs as a 4th certification as he rolled out his new Treasury initiative on it (which would be after the applications laid out by Bates).

Of course, we don’t know. But I think two things are safe to say. First, the use of 702 is tied to certifications by topic. And the public statement about permissible use of bulk collection, it would seem to envision the possibility of a 4th certification covering TCOs, and with it, drug cartels.

In Cut and Paste Tumblr Post, James Clapper Describes Who We Can Spy on without Discriminants

As part of his Presidential Policy Directive on Signals Intelligence, Obama said this about bulk collection:

In particular, when the United States collects nonpublicly available signals intelligence in bulk, it shall use that data only for the purposes of detecting and countering: (1) espionage and other threats and activities directed by foreign powers or their intelligence services against the United States and its interests; (2) threats to the United States and its interests from terrorism; (3) threats to the United States and its interests from the development, possession, proliferation, or use of weapons of mass destruction; (4) cybersecurity threats; (5) threats to U.S. or allied Armed Forces or other U.S or allied personnel; and (6) transnational criminal threats, including illicit finance and sanctions evasion related to the other purposes named in this section. In no event may signals intelligence collected in bulk be used for the purpose of suppressing or burdening criticism or dissent; disadvantaging persons based on their ethnicity, race, gender, sexual orientation, or religion; affording a competitive advantage to U.S. companies and U.S . business sectors commercially; or achieving any purpose other than those identified in this section.

The Assistant to the President and National Security Advisor (APNSA), in consultation with the Director of National Intelligence (DNI), shall coordinate, on at least an annual basis, a review of the permissible uses of signals intelligence collected in bulk through the National Security Council Principals and Deputies Committee system identified in PPD-1 or any successor document. At the end of this review, I will be presented with recommended additions to or removals from the list of the permissible uses of signals intelligence collected in bulk.

The DNI shall maintain a list of the permissible uses of signals intelligence collected in bulk. This list shall be updated as necessary and made publicly available to the maximum extent feasible, consistent with the national security.

To fulfill that bolded “shall” language, James Clapper just released this on his IContheRecord Tumblr page:

Presidential Policy Directive/PPD-28 – Signals Intelligence Activities establishes a process for determining the permissible uses of nonpublicly available signals intelligence that the United States collects in bulk. It also directs the Director of National Intelligence to “maintain a list of permissible uses of signals intelligence collected in bulk” and make the list “publicly available to the maximum extent feasible, consistent with the national security.”

Consistent with that directive, I am hereby releasing the current list of permissible uses of nonpublicly available signals intelligence that the United States collects in bulk.

Signals intelligence collected in “bulk” is defined as “the authorized collection of large quantities of signals intelligence data which, due to technical or operational considerations, is acquired without the use of discriminants (e.g., specific identifiers, selection terms, etc.).” As of Jan. 17, 2014, nonpublicly available signals intelligence collected by the United States in bulk may be used by the United States “only for the purposes of detecting and countering:

  1. Espionage and other threats and activities directed by foreign powers or their intelligence services against the United States and its interests;
  2. Threats to the United States and its interests from terrorism;
  3. Threats to the United States and its interests from the development, possession, proliferation, or use of weapons of mass destruction;
  4. Cybersecurity threats;
  5. Threats to U.S. or allied Armed Forces or other U.S. or allied personnel; and
  6. Transnational criminal threats, including illicit finance and sanctions evasion related to the other purposes named above.”

Further, as prescribed in PPD-28, “in no event may signals intelligence collected in bulk be used for the purpose of suppressing or burdening criticism or dissent; disadvantaging persons based on their ethnicity, race, gender, sexual orientation, or religion; affording a competitive advantage to U.S. companies and U.S. business sectors commercially;” or achieving any purpose other than those identified above.

Effectively, Clapper fulfilled an obligation mandated by the PPD by simply cutting and pasting the list of 6 permissible uses of bulk collection in the PPD.

Given that this list is expected to be assessed annually, does that mean the PPD itself should be considered valid for no more than a year?

Faster and Furiouser Domestic Spying: Why Would the NSA Review Group Talk to the ATF?

Because I’m working on a post on John Bates’ response to the NSA Review Group recommendations, I happened to re-review the list of people the Review Group spoke with today (see page 277; Bates was the only one from the FISA Court they spoke with),

See if you find anything odd with this list of entities the Review Group spoke with from the Executive Branch (here’s a handy list of intelligence agencies to compare it to):

Assistant to the President for Homeland Security & Counterterrorism

Bureau of Alcohol, Tobacco, Firearms and Explosives

Central Intelligence Agency

Defense Intelligence Agency

Department of Commerce

Department of Defense

Department of Homeland Security

Department of Justice

Department of State

Drug Enforcement Agency

Federal Bureau of Investigations

National Archives and Records Administration

National Counterterrorism Center

National Institute for Standards and Technology

National Reconnaissance Office

National Security Advisor

National Security Agency

Office of the Director of National Intelligence

President’s Intelligence Advisory Board

Privacy and Civil Liberties Oversight Board

Program Manager for the Information Sharing Environment (PM-ISE)

Special Assistant to the President for Cyber Security

Treasury Department

Much of the list makes sense. You’ve got the people largely in charge of terrorism (NCTC, Lisa Monaco, FBI, Treasury), you’ve got some of the people in charge of cyber and/or corrupting encryption standards (DHS, Michael Daniel, NIST), you’ve got the people who have to deal with angry foreign leaders (State), you’ve got people in charge of data sharing and storage (PM-ISE and NARA), and you’ve got Commerce (which serves to boost, but also coerce, the tech companies on these issues).

There are some absences. I’m surprised Department of Energy, which plays a key role in counterproliferation, isn’t on here. It’s light on counterintelligence functions, both at DNI and things like AFOSI (which I believe has some nifty cybertools). I’m also a little surprised DOD was represented as a whole, but not some of the branch intelligence organizations. Similarly, DHS was represented as a whole, but not some of its relevant branches (TSA, CBP, and Secret Service).

And then there’s the Drug Enforcement Agency, which is on the list.

And even more alarmingly, the Bureau of Alcohol, Tobacco, Firearms and Explosives.

Don’t get me wrong, neither is all that surprising. We know some of the tools covered by the Review Group — notably National Security Letters — have actually been (mis)used in drug investigations as well as in terrorism ones. Given the logic of the certifications we know exist — not to mention the Administration’s fear-mongering and increasing focus on Transnational Crime Organizations not run by Jamie Dimon — I wouldn’t be surprised if Section 702 were used to fight the war on drugs, if it hasn’t already been. And the drug war certainly is a foreign intelligence priority for EO 12333 collection. Given NSA’s increasing inclusion of drug cartels in the boilerplate comments it releases about Snowden stories, I expect we’ll hear some nifty things about the war on drugs before this is out.

Similarly, one of the first things we learned the government was using Section 215 and/or NSLs to collect was purchase records for beauty supplies, otherwise known as explosives precursors. Since then, Members of Congress have talked about tracking fertilizer purchases. And I’d be shocked if there weren’t at least a half-hearted attempt to track pressure cooker purchases. I guess, from ATF’s inclusion among the Review Group’s interlocutors, we know a little bit about where this data resides: in probably the most fucked up law enforcement agency in government (though maybe that’s Immigration and Customs Enforcement, which thankfully was not considered central enough to talk to the Review Group).

Still, given the increasing number of signals that these authorities have been used to track gun purchases, and ATF’s notorious failures at tracking gun purchases in the past, I wonder whether they’re involved not just to talk about explosives purchases, but also gun records?

The Review Group warned that,

Like other agencies, there are situations in which NSA does and should provide support to the Department of Justice, the Department of Homeland Security, and other law enforcement entities. But it should not assume the lead for programs that are primarily domestic in nature.

For a variety of reasons (both reasonable and unreasonable), it is much harder to claim that tracking gun purchases pertains to counterterrorism or another foreign intelligence purpose than tracking acetone purchases.

Is this one of the domestic security functions the Review Group worried about?

DishFire and the Drug War

I imagine that NSA’s success at spying on Felipe Calderón’s inner circle made it a lot easier for the US to convince him to allow “near-complete entree to Mexico’s territory and the secrets of its citizens” in the name of the war on drugs.

A report classified as “top secret” said: “TAO successfully exploited a key mail server in the Mexican Presidencia domain within the Mexican Presidential network to gain first-ever access to President Felipe Calderon’s public email account.”

I presume continued spying on Enrique Peña Nieto has convinced him to permit that access to largely remain in place, in spite of his campaign promises.

But one of the most interesting aspects of the Spiegel story outlining such spying is the description of how metadata relates to content. In 2012, the NSA conducted analysis of Peña Nieto’s metadata, along with that of 8 of his associates, to figure out who to wiretap.

For two weeks in the early summer of 2012, the NSA unit responsible for monitoring the Mexican government analyzed data that included the cell phone communications of Peña Nieto and “nine of his close associates,” as an internal presentation from June 2012 shows. Analysts used software to connect this data into a network, shown in a graphic that resembles a swarm of bees. The software then filtered out Peña Nieto’s most relevant contacts and entered them into a databank called “DishFire.” From then on, these individuals’ cell phones were singled out for surveillance.

According to the internal documents, this led to the agency intercepting 85,489 text messages, some sent by Peña Nieto himself and some by his associates. This technology “might find a needle in a haystack,” the analysts noted, adding that it could do so “in a repeatable and efficient way.”

That is, at least in this case, NSA used metadata analysis to find the content that might be most interesting. It’s not entirely sure what “needles” the NSA imagined Peña Nieto had in his haystack (always this metaphor!), but Spiegel describes that US prioritizes collection on the drug war over issues — like human rights and economic development — that might combat the underlying conditions that allow drug trafficking to flourish.

In the case of Mexico, the US is interested primarily in the drug trade (priority level 1) and the country’s leadership (level 3). Other areas flagged for surveillance include Mexico’s economic stability, military capabilities, human rights and international trade relations (all ranked at level 3), as well as counterespionage (level 4).

This metadata to content relationship is not surprising in the least. But it implies a faith — and I do mean “faith” — in data analysis that might not be sound.

Not to mention, when transplanted into the United States, a suspect basis for probable cause.

Why Did NSA Raise Traffickers for a Story about Drone Killing Terrorists?

Screen shot 2013-10-17 at 10.53.24 AM

There was an odd statement from NSA in the middle of yesterday’s WaPo story describing how NSA facilitates CIA’s drone mission (click to embiggen).

The NSA is “focused on discovering and developing intelligence about valid foreign intelligence targets, such as terrorists, human traffickers and drug smugglers,” the agency said Wednesday in a statement. “Our activities are directed against valid foreign intelligence targets in response to requirements from U.S. leaders in order to protect the nation and its interests from threats such as terrorism and the proliferation of weapons of mass destruction.” [my emphasis]

While the NSA is finally admitting again their central cybersecurity focus, I believe this is the first time since the Snowden leak that NSA has suggested its “valid foreign intelligence targets” include “human traffickers and drug smugglers.”

It’s not surprising they are, mind you, especially given the Obama Administration’s focus on Transnational Criminal Organizations.

It’s just that the admission comes in a story about NSA’s contributions to drones for which the WaPo explained,

[T]he documents provide the most detailed account of the intricate collaboration between the CIA and the NSA in the drone campaign.

The Post is withholding many details about those missions, at the request of U.S. intelligence officials who cited potential damage to ongoing operations and national security.

It seems the only reason to raise the issue is if some of the materials on drones make it clear they’re being used — if not lethally — against entirely new kinds of targets: human traffickers and drug smugglers (though there have been a slew of stories that they were even used to hunt Chapo Guzman).

Ah well. It’s all moot now. OneKade alerts me that the reference has now been removed from the story.

Poof! All record the NSA and CIA used drones against drug traffickers gone!

Badly Broken: We Are Walter White

BreakingBad_logophotoI’ll bet tonight’s blog traffic will drop sharply, and explode on Twitter — and at 9:00 p.m. EDT exactly. That’s when the last episode of AMC’s Breaking Bad will air, following a 61-hour marathon of all preceding episodes from the last five years.

A friend expressed concern and astonishment at the public’s investment in this cable TV program, versus the Intergovernmental Panel on Climate Change’s Fifth Assessment Report published Friday, expressing heightened confidence in anthropogenic climate change:

“The report increases the degree of certainty that human activities are driving the warming the world has experienced, from “very likely” or 90% confidence in 2007, to “extremely likely” or 95% confidence now.” [source]

He’s right; we’ll be utterly absorbed by the conclusion of former high school chemistry teacher and cancer patient Walter White’s tale. We’ll have spent a fraction of intellectual energy on our own existential threat, in comparison to the mental wattage we’ll expend on a fictional character’s programming mortality.

But perhaps Breaking Bad’s very nature offers clues to our state of mind. Viewers are addicted to a program that upends perspectives and forces greater examination.

— The entire story of Walter White, a middle class white guy with a good education whose cancer threatens his life and his family’s long-term financial well-being, would not be viable were it not for the dismal state of health care in America. There are no Walter Whites in Canada, for example; the U.S. has become little better than a third world narco-state, our health and shelter dependent on ugly choices like crime because our system of governance cannot respond appropriately under pressure for corporate profitability.

We cling to White, though he has become the very thing we pay our law enforcement to battle, because he is us — morally conflicted, trying to safeguard our lives and our families in a deeply corrupt system. At the end of each Breaking Bad episode the distortion of our values is evident in viewers’ failure to reject a criminal character depicting a drug lord manufacturing and selling a controlled substance, while guilty of conspiracy, murder, and racketeering in the process.

In the background as we watch this program, we permit corporate-owned congresspersons to shut down our government in a fit of pique over the illusion of better health care for all. Continue reading

US Justice: A Rotting Tree of Poisonous Fruit?

Saturday, the NYT reported that other agencies within government struggle to get NSA to share its intelligence with them.

Agencies working to curb drug trafficking, cyberattacks, money laundering, counterfeiting and even copyright infringement complain that their attempts to exploit the security agency’s vast resources have often been turned down because their own investigations are not considered a high enough priority, current and former government officials say.

Of the 1,410 words in the article, 313 words are explicitly attributed to Tim Edgar, who used to work for ACLU but starting in 2006 worked first in the Office of Director of National Intelligence and then in the White House. Another 27 are attributed to “a former senior White House intelligence official,” the same description used to introduce Edgar in the article.

The article ends with Edgar expressing relief that NSA succeeded in withholding material (earlier he made a distinction between sharing raw data and intelligence reports) from agencies executing key foreign policy initiatives in the age of cyberwar and Transnational Criminal Organizations, and in so doing avoid a “nightmare scenario.”

As furious as the public criticism of the security agency’s programs has been in the two months since Mr. Snowden’s disclosures, “it could have been much, much worse, if we had let these other agencies loose and we had real abuses,” Mr. Edgar said. “That was the nightmare scenario we were worried about, and that hasn’t happened.”

Today, San Francisco Chronicle reminds that NSA does hand over evidence of serious criminal activities if it finds it while conducting foreign intelligence surveillance, and prosecutors often hide the source of that original intelligence.

Current and former federal officials say the NSA limits non-terrorism referrals to serious criminal activity inadvertently detected during domestic and foreign surveillance. The NSA referrals apparently have included cases of suspected human trafficking, sexual abuse and overseas bribery by U.S.-based corporations or foreign corporate rivals that violate the Foreign Corrupt Practices Act.

[snip]

“If the intelligence agency uncovers evidence of any crime ranging from sexual abuse to FCPA, they tend to turn that information over to the Department of Justice,” Litt told an audience at the Brookings Institution recently. “But the Department of Justice cannot task the intelligence community to do that.”

[snip]

“The problem you have is that in many, if not most cases, the NSA doesn’t tell DOJ prosecutors where or how they got the information, and won’t respond to any discovery requests,” said Haddon, the defense attorney. “It’s a rare day when you get to find out what the genesis of the ultimate investigation is.”

The former Justice Department official agreed: “A defense lawyer can try to follow the bouncing ball to see where the tip came from — but a prosecutor is not going to acknowledge that it came from intelligence.”

And (as bmaz already noted) Reuters reminds that the DEA has long had its own electronic surveillance capability, and it often hides the source of intelligence as well.

Although these cases rarely involve national security issues, documents reviewed by Reuters show that law enforcement agents have been directed to conceal how such investigations truly begin – not only from defense lawyers but also sometimes from prosecutors and judges.

The undated documents show that federal agents are trained to “recreate” the investigative trail to effectively cover up where the information originated, a practice that some experts say violates a defendant’s Constitutional right to a fair trial. If defendants don’t know how an investigation began, they cannot know to ask to review potential sources of exculpatory evidence – information that could reveal entrapment, mistakes or biased witnesses.

As bmaz also noted, none of this was very secret or new. The FISA sharing is clearly permitted by the minimization procedures. Litigation on it 11 years ago suggested it may be even more abusive than laid out under the law. And bmaz has personally been bitching about the DEA stuff as long as I’ve known him.

These articles suggesting there may be more sharing than the NYT made out on Saturday, then, are primarily reminders that when the fruits of this intelligence get shared, the source of the intelligence often remains hidden from those it is used against.

Which brings me to this WSJ op-ed Edgar published last week. Continue reading

Emptywheel Twitterverse
bmaz RT @phoenixnewtimes: Hopi Medicine Man Ivan Jackson Sentenced to One Year in Prison for Oral Sex with Patient http://t.co/944yyA5qup
5mreplyretweetfavorite
bmaz @banditelli @PhilPerspective Surfer Banditelli
6mreplyretweetfavorite
bmaz @MonaHol @ggreenwald @davebabler @bobcesca_go Wait, no links to this brilliance?
10mreplyretweetfavorite
bmaz @walterwkatz @Pac12Networks @Lakers @DIRECTV @SportsNetLA I came close to switching from Cox to Direct recently, but need Pac-12 Net for ASU
28mreplyretweetfavorite
bmaz @walterwkatz @Publici Impressively done.
29mreplyretweetfavorite
bmaz @ddayen @tnr Cops on wall Street?? What, are the hippies tagging that damn bull with spray cans again?
39mreplyretweetfavorite
JimWhiteGNV @greenfield64 They had 102 years to get it right, yet still said "Sunk" instead of "Sank".
43mreplyretweetfavorite
JimWhiteGNV @Atrios The fountain of excrement from DC will always outstrip the supply of kitty litter. @bmaz
45mreplyretweetfavorite
bmaz @walterwkatz @DIRECTV @SportsNetLA @Dodgers Is this also the same reason Direct does not have Pac-12 Network?
46mreplyretweetfavorite
bmaz RT @JimWhiteGNV: Brian Ross should get a retroactive Pulitzer Prize. For his FICTION story in 2001 about Iraqi bentonite in the anthrax att…
48mreplyretweetfavorite
bmaz @emptywheel @trevortimm @SCOTUSblog That's a lawsuit that would appear headed straight for the "political question" junk heap @mlcalderone
58mreplyretweetfavorite
JimWhiteGNV Brian Ross should get a retroactive Pulitzer Prize. For his FICTION story in 2001 about Iraqi bentonite in the anthrax attacks.
1hreplyretweetfavorite
April 2014
S M T W T F S
« Mar    
 12345
6789101112
13141516171819
20212223242526
27282930