Financial Fraud

Keith Alexander Declares Failure in War on Terror, as He Earlier Declared Failure in Cyberdefense

The New Yorker has a weird interview with Keith Alexander. The weirdness stems from Alexander’s wandering answers, which may, in turn, stem from the fact that the interview was not done by an NSA beat reporter. Such interviews seem to flummox NSA insiders.

But beyond all the rambling about Jeopardy and “free vowels” and disingenuous claims (and silences) about past terrorist events, ultimately Keith Alexander wants us to know that we are at greater risk as he steps down after more than 8 years of protecting us.

His logic for that is not that terrorists struck the Boston Marathon last year, in spite of NSA apparently collecting on them but not reviewing the collection — he doesn’t even mention that.

Rather, it’s that the number of terrorist attacks are going up globally. The US has thus far avoided such attacks (ignoring hate crimes and the Marathon attack), which he points to as proof our spying is working. But he also points to it as proof that we’re due.

There are people on one side saying that these N.S.A. programs could have stopped these plots. And then there are people who dispute that.

We know we didn’t stop 9/11. People were trying, but they didn’t have the tools. This tool, we believed, would help them. Let’s look at what’s happening right now. You ought to get this from the START Program at the University of Maryland. They have the statistics on terrorist attacks. 2012 and 2013. The number of terrorist attacks in 2012—do you know how many there were globally?

How many?

Six thousand seven hundred and seventy-one. Over ten thousand people killed. In 2013, it would grow to over ten thousand terrorist attacks and over twenty thousand people killed. Now, how did we do in the United States and Europe? How do you feel here? Safe, right? I feel pretty safe.


So think about how secure our nation has been since 9/11. We take great pride in it. It’s not because of me. It’s because of those people who are working, not just at N.S.A. but in the rest of the intelligence community, the military, and law enforcement, all to keep this country safe. But they have to have tools. With the number of attacks that are coming, the probability, it’s growing—

I’m sorry, could you say that once more?

The probability of an attack getting through to the United States, just based on the sheer numbers, from 2012 to 2013, that I gave you—look at the statistics. If you go from just eleven thousand to twenty thousand, what does that tell you? That’s more. That’s fair, right?

I don’t know. I think it depends what the twenty thousand—

—deaths. People killed. From terrorist attacks. These aren’t my stats. The University of Maryland does it for the State Department.

I’ll look at them. I will. So you’re saying that the probability of an attack is growing.

The probability is growing. What I saw at N.S.A. is that there is a lot more coming our way. Just as someone is revealing all the tools and the capabilities we have. What that tells me is we’re at greater risk. I can’t measure it. You can’t say, Well, is that enough to get through? I don’t know. It means that the intel community, the military community, and law enforcement are going to work harder.

Since Alexander invited us, let’s see what the START data say, shall we? Here’s what they tell us:

According to the annex, the 10 countries that experienced the most terrorist attacks in 2013 are the same as those that experience the most terrorist attacks in 2012.

Although terrorist attacks occurred in 93 different countries, they were heavily concentrated geographically. More than half of all attacks (57%), fatalities (66%), and injuries (73%) occurred in Iraq, Pakistan and Afghanistan. By wide margin, the highest number of fatalities (6,378), attacks (2,495) and injuries (14,956) took place in Iraq. The average lethality of attacks in Iraq was 40 percent higher than the global average and 33 percent higher than the 2012 average in Iraq.

The US hasn’t been attacked. But attacks are mushrooming in Iraq, Pakistan, and Afghanistan. These not only happen to be places where we’ve been fighting the war on terror the longest and most directly, places where Alexander has been at the forefront of the fight, even before he took over at NSA. But they also happen to be those places overseas that the NSA uses to legitimize their global reach.

Yet 13 or 11 years of concentrated spying — of collect it all — in those places has not eliminated terrorism. On the contrary, terrorism is now getting worse.

And now they serve as both the proof that spying is working and that spying is more necessary than ever.

Rather than evidence that the War on Terror is failing.

We shouldn’t be surprised that we’re losing a war fighting which Alexander was one of the longest tenured generals (though I don’t think he bears primary responsibility for the policy decisions that have led to this state). After all, last year, Alexander said that also under his watch, we had been plundered like a colony via cyberattacks. He seems to think he lost both the war on terror and on cyberattacks.

Which, if you’re invested in Wall Street, ought to alarm you. Because that’s where Keith Alexander is headed to wage war next.

Unread Reports as the Big Data Dump? Not Really.

The very same week the President released his breathless report on Big! Data!, the Washington Post has a story criticizing the sheer number and types of reports Congress requires from the Federal bureaucracy.

It started out with a good idea. Legislators wanted to know more about the bureaucracy working beneath them. So they turned to a tool as old as bureaucracy itself — the interoffice memo. They asked agencies to send in written reports about specific things they were doing.

Then, as happens in government, that good idea was overused until it became a bad one.


But as the numbers got bigger, Congress started to lose track. It overwhelmed itself. Today, Congress is not even sure how many of those 4,291 reports are actually turned in. And it does not try to save copies of all the ones that are.

So some agencies cheat and send in nothing. And others waste time and money sending in reports — such as the one on dog and cat fur — that simply disappear into the void.

To support its case, WaPo focuses on one report requiring Customs and Border Patrol to report on how much dog and cat fur products are being shipped into the US, which is probably a needless report (which is also probably why WaPo picked it out of the 4,291 it identified).

And WaPo — a member of the Fourth Estate that purportedly serves as a check on power — comes to this very dangerous conclusion.

The problem is that there is no system to sort the good ones from the useless ones. They all flow in together, which makes it hard for congressional staffers to spot any valuable information hidden in the flood.

First, the press is part of that system! Rather than throwing cat and dog fur, perhaps WaPo could have tried to distinguish those that were critical from those that are questionable and those that are clearly frivolous.

Moreover, it is the height of irresponsibility to absolve Congressional staffers — whose bosses are the only ones that can eliminate useless reports — of responsibility for reading the reports they get. Either the staffers must be held accountable for reading the reports, or for eliminating them. That’s how you fix the system. That’s why we’re paying them.

Ultimately, too, I’m not sure I buy the WaPo’s argument that these are useless reports. 4,291 seems like a not unreasonable amount of data for legislators to receive and read about the world’s biggest (perhaps now second biggest) economy, about DOD’s $526 billion budget, about the many federal benefit programs, about the expanding police state.

And if you look at the actual list (rather than WaPo’s admittedly snazzy but not very informative infographic on them), many — perhaps even most — of the reports make a lot of sense.

Consider the reports listed for General Services Administration, an entity with an annual budget of $26 billion, which has the ability to effect great change as the source of enormous spending, and one that has routinely experienced significant spending scandals.

  1. Activities and status of advisory committees in existence during the previous calendar year
  2. A report on the status of the high-performance green building initiatives under this subtitle
  3. Administration’s alternative fueled vehicle program
  4. A description of lost opportunities for waste-heat recovery from the project described in paragraph (A)
  5. A report on the use of photovoltaic energy in public buildings
  6. Violations by Federal agencies of Federal Records Act of 1950, as codified 1950
  7. Reports by Inspector General of particularly serious or flagrant problems, abuses, or deficiencies in the administration of programs and operations of the agency
  8. Activities of the Inspector General
  9. Accessibility to public buildings by the physically handicapped
  10. Prospectus proposing a building project or lease
  11. Location, space, cost, and status of each public building, the construction, alteration, or acquisition of which is to be under authority of the Act, and which was uncompleted as of the date requested
  12. Building project surveys as requested by either the Senate or House
  13. Use of underutilized public buildings and property for facilities to assist the homeless
  14. Summary of excess property disposal reports
  15. Evaluation of the operation of programs for donation of Federal surplus personal property; excess personal property transferred
  16. Excessive stocking of property, above reasonable inventory levels, by executive agencies
  17. Administration of the Federal Property and Administrative Services Act of 1949
  18. Contracts to facilitate the national defense entered into, amended, or modified
  19. Acquisition cost of surplus real or related personal property conveyed for care or rehabilitation of criminal offenders during previous fiscal year
  20. Results of investigations of the cost of travel and the operation of privately owned vehicles to Federal employees while engaged in official business
  21. Annual determination of the average actual cost per mile for the use of a privately owned motorcycle, automobile, and airplane
  22. A plan to comply with Section 432 relating to energy and water conservation at General Services Administration facilities

Reports 1, 6, 7, 8, 10, 11, 12, 17, and 18 are simply reports Congress needs to ask for to ensure there’s some visibility into the Agency, to ensure they’ll be informed if GSA finds something wrong itself. Reports 2, 3, 4, 5, 9, 13, 14, 19, and 22 measure the efficacy of efforts to use GSA’s buying power to do some social good  (and report 9, on ADA accessibility, involves significant legal compliance).  Reports 15 and 16 address an area susceptible to graft.  Reports 20 and 21 are not only key to cost-benefit analysis of how Federal employees travel, but they apparently are tied to one of GSA’s most requested links. Some of these are also reports tied to an action, like buying a building. And all that amounts to less than 1 report for every $ billion American taxpayers give to GSA. If anything, there are a few more reports — that might identify obviously politicized or excessive spending, which is a persistent problem with GSA — that are missing.

Admittedly, that’s just one random agency. But aside from some entities the Federal government runs itself (like American Samoa and DC) as well as some Commissions over which there have been political fights in the past I’m not seeing a whole lot of waste here — though there may be some inefficiency in how the information is requested. I might grant that in the era of big data we need to automate this — in effect, give Congress a better way to Big! Data! the bureaucracies it oversees (though that would be awfully susceptible to abuse), but I don’t see a lot of information that shouldn’t be required from the bureaucracy.

I’m reminded how, 2 years ago, James Clapper claimed ODNI had to produce too many reports and should be permitted to eliminate 30 of them. He tried to get rid of the annual report on how many people have security clearance (one of the few ways we can measure the ballooning secret government). He tried to get rid of reports on Department of Homeland Security’s notoriously useless intelligence agency. He tried to eliminate reports on Chinese spying on the US and nuclear lab security, both persistent security issues. He tried to eliminate a report informing Congress what the privacy staffs of intelligence agencies are doing. In short, in the guise of onerous reporting, he tried to eliminate crucial oversight  (as well as a paper trail that could be FOIAed) on several areas of great public concern.

Or consider this: DOD cannot pass an audit. The biggest military in the world still is not required to account for the money it spends, both to itself and Congress.

And yet a newspaper is saying we require too much reporting from the great big bureaucracy?

I don’t buy it.

US Moves to Catch Horses Just After They Escape the Barn

After Zine El Abidine Ben Ali was overthrown, Tunisians started looking for the money he looted from Tunisia and discovered much of it was in our allies’ pockets. 

After Hosni Mubarak was overthrown, the US started looking around for the money he looted from Egypt and discovered some of it was probably in our — or our allies’ — pockets.

After Moammar Qaddafi was overthrown, Libyans started looking around for the money he looted from Libya and discovered some of it was probably in our allies’ pockets.

With Bashar al-Assad, the search has already begun and … unsurprisingly a western bank is known to have hidden some of his associates’ money, yet we’re doing little about that.

In all of these cases, it has proven difficult, after the fact, to reclaim the looted money and often placed in Western banks’ safe-keeping.

With Viktor Yanukovych, the US has rolled a new approach: to try to find the money he looted just as he is overthrown, rather than weeks and months later after he has secured it from reach.

The Federal Bureau of Investigation is creating a “financial SWAT team” to rush to troubled countries in the aftermath of a revolution and track suspected stolen assets as part of a new White House push to help fledgling democracies.

The effort, described by U.S. officials and to be formally announced Tuesday by Attorney General Eric Holder, is part of a new strategy designed to speed up the investigation and prosecution of deposed foreign leaders who are suspected of looting their nation’s finances and abscond with the money, often billions of dollars.

“In situations like this, you’re really in a race against time before the evidence is destroyed, before assets disappear, and there’s no substitute for getting people on the ground as quickly as possible,” said David O’Neil, head of the Justice Department’s criminal division.

About a dozen U.S. agents and analysts will be assigned to the initiative, which involves chasing bank accounts, homes and luxury cars bought by foreign leaders and helping local authorities piece together criminal prosecutions of former officials.

I’m actually all in favor of FBI developing these teams. But I wonder whether it might be still easier for them to do their job if they tried to capture the horse while it was still standing in the barn stall? And why limit it to dictators we didn’t like who have been recently overthrown? If looting is wrong, then why not crack down on it generally?

Meanwhile, consider the dance that happens where, as with Putin, you’re trying to use that looting to exert control, to disrupt relations of power. In advance of yesterday’s new Russia sanctions, Peter Baker did a big profile of both how certain Treasury is it has found Putin’s wealth, but how uncertain they are that they’ve got the proof (though see Sibel Edmonds on that). There is a subtle difference between the money and the power, and following the money in this case may stop just short of hurting Putin badly enough to convince him to act. Not to mention, many powerful people in Europe are not yet ready to crack down as seriously as they’d need to. Their power relies on Russian power.

As more and more people focus on the rise of inequality — globally, but finally we care about that because it is accelerating here at home — we still seem to struggle with the calculations of power that would require upending that system, even as it continues to destabilize country after country.

Is This the Missing WikiLeaks PayPal Order?

As I noted in this post, the declaration submitted in EFF’s FOIA for Section 215 by ODNI’s Jennifer Hudson is remarkably revealing. I’m particularly intrigued by these comments about the financial dragnet order released on March 28.

A FISC Supplemental Order in BR 10-82, dated November 23, 2010 and consisting of two pages, has been withheld in part to protect certain classified and law enforcement sensitive information. The case underlying BR 10-82 is an FBI counterterrorism investigation of a specific target. That investigation is still pending. Here, in the course of a pending counterterrorism investigation, the FBI sought authorization under the FISA to obtain financial records, under the FISA’s business records provision, pertaining to the target of the investigation and in fact obtained such authorization.


Here, in the course of a pending counterterrorism investigation, the FBI sought authorization under the FISA to obtain certain financial records. The FISC Supplemental Order, which was issued in relation to its authorization for such collection, was thus compiled for law enforcement purposes, in furtherance of a national security investigation within the FBI’s authorized law enforcement duties.


Here, the FBI has determined that the release of the final paragraph of the order, which describes certain requirements reflecting the FBI’s particular implementation of the authority granted by the FISC, could reasonably be expected to adversely impact the pending investigation and any resulting prosecutions. Release of this paragraph would reveal the specific and unique implementation requirements imposed on the FBI under this FISA-authorized collection during a particular time period. It is unclear what and how much the target might already know about the FBI’s investigation. However, as more fully explained in my classified ex parte, in camera declaration, there is reason to believe that the target or others knowledgeable about the nature and timing of the investigation could piece together this information, the docket number, the dates of the collection, and other information which has already been released or deduced to assemble a picture that would reveal to the target that the target was the subject of a particular type of intelligence collection during a specific time period, and by extension, that the target’s associates during that period may have been subject to similar intelligence collections. This could lead the target to deduce the scope, focus, and direction of the FBI’s investigative efforts, and potentially any gaps in the collections, from which the target could deduce times when the target’s activities were “safe.” [my emphasis]

The bolded section says that certain people — the target, but also “others knowledgeable about the nature and timing of the investigation” — could put the financial dragnet request together with other information released or deduced to figure out that the target and his associates had had their financial data collected.

Gosh, that’s like waving a flag at anyone who might be “knowledgeable about the nature of the investigation.”

What counterterrorism investigation has generated sufficient attention such that not only the target, but outsiders, would recognize this order pertains the investigation in question? The investigation would be:

  • A counterterrorism investigation
  • In relatively early stages on November 23, 2010
  • Used financial records in a potentially novel way, perhaps to identify affiliates of the target
  • Still going on

The CIA & etc. Money Order Orders

One obvious possibility is the generalized CIA investigation into Western Union and international money transfers reported by WSJ and NYT last year. While both stories said the CIA got these orders, I suggested it likely that FBI submitted the orders and disseminated the information as broadly as FBI’s information sharing rules allowed, not least because CIA has no analytical advantage on such orders, as NSA would have for the phone dragnet.

There are two reasons this is unlikely. First, there’s the timing. The WSJ version of the story, at least, suggested this had been going on some time, before 2010. If that’s the case, then there’s no reason to believe a new order in 2010 reviewed this issue. And while I don’t think the 2010 order necessarily indicates the first financial 215 order (after all, it took 2.5 years before FISC weighed the equivalent question in the phone dragnet), it is unlikely that this order comes from an existing program.

That’s true, too, because this seems to be tied to a specific investigation, rather than the enterprise counterterrorism investigation that underlies the phone dragnet (and presumably the CIA program). So while this practice generated enough attention to be the investigation, I doubt it is.

The Scary Car Broker Plot

Then there’s what I call the Scary Car Broker Plot, which I wrote about here. Basically, it’s a giant investigation into drug trafficking from Colombia through Western Africa that contributes some money to Hezbollah and therefore has been treated as a terror terror terror investigation when in reality it is a drug investigation. Treasury named Ayman Joumaa, the ultimate target of that investigation, a Specially Designated Trafficker in February 2011, so presumably the investigation was very active in November 2010, when FISC issued the order. The case’s domestic component involves the car broker businesses of a slew of (probably completely innocent) Lebanese-Americans, who did business with the larger network via wire transfers.

The Car Buyers also received wire transfers for the purpose of buying and shipping used cars from other account holders at the Lebanese Banks (“Additional Transferors”), including the OFAC-designated Phenicia Shipping (Offshore); Ali Salhab and Yasmin Shipping & Trading; Fadi Star and its owners, Mohammad Hammoud and Fadi Hammoudi Fakih for General Trade, Khodor Fakih, and Ali Fakih; and Youssef Nehme.

Perhaps most interesting, the government got at these businessmen by suing them, rather than charging them, which raised significant Fifth Amendment Issues. So between that tactic and Joumaa’s rather celebrated status, I believe this is a possible case. And the timing — from 2007 until 2011, when Joumaa got listed — would certainly make sense.

All that said, this aspect of the investigation was made public in the suit naming the car brokers, so FBI would be hard-pressed to claim that providing more details would compromise the investigation.

HSBC’s Material Support for Terrorism

Then there’s a very enticing possibility: that this is an investigation into HSBC for its material support for terrorism, in the form of providing cash dollars to the al Rajhi bank which went on to support terrorist attacks (including 9/11).

HSBC’s wrist slap for money laundering is one of the most noted legal atrocities in recent memory, but most people focus on the bank’s role laundering money for drug cartels. Yet as I’ve always emphasized, HSBC also played a key role in providing money to al Qaeda-related terrorists.

As the Permanent Subcommittee on Investigations’ report made clear, HSBC’s material support for terror continued until 2010.

After the 9-11 terrorist attack in 2001, evidence began to emerge that Al Rajhi Bank and some of its owners had links to financing organizations associated with terrorism, including evidence that the bank’s key founder was an early financial benefactor of al Qaeda. In 2005, HSBC announced internally that its affiliates should sever ties with Al Rajhi Bank, but then reversed itself four months later, leaving the decision up to each affiliate. HSBC Middle East, among other HSBC affiliates, continued to do business with the bank.

Due to terrorist financing concerns, HBUS closed the correspondent banking and banknotes accounts it had provided to Al Rajhi Bank. For nearly two years, HBUS Compliance personnel resisted pressure from HSBC personnel in the Middle East and United States to resume business ties with Al Rajhi Bank. In December 2006, however, after Al Rajhi Bank threatened to pull all of its business from HSBC unless it regained access to HBUS’ U.S. banknotes program, HBUS agreed to resume supplying Al Rajhi Bank with shipments of U.S. dollars. Despite ongoing troubling information, HBUS provided nearly $1 billion in U.S. dollars to Al Rajhi Bank until 2010, when HSBC decided, on a global basis, to exit the U.S. banknotes business. HBUS also supplied U.S. dollars to two other banks, Islami Bank Bangladesh Ltd. and Social Islami Bank, despite evidence of links to terrorist financing. Each of these specific cases shows how a global bank can pressure its U.S. affiliate to provide banks in countries at high risk of terrorist financing with access to U.S. dollars and the U.S. financial system. [my emphasis]

Now, the timing may match up here, and I’d really love for a bankster to be busted for supporting terrorism. Plus, an ongoing investigation into this part of HSBC’s crimes might explain why Lanny Breuer said nothing about it when he announced the settlement with HSBC. But I doubt this is the investigation. That’s because former Treasury Undersecretary for Terrorism and Financial Intelligence Stuart Levey moved to HSBC after this point in time, in large part in a thus-far futile attempt to try to clean up the bank. And I can’t imagine a lawyer could ethically take on this role while (presumably) knowing about such seizures. Moreover, as the PSI report made clear, there are abundant other ways to get at the kind of data at issue in the HSBC investigation without Section 215 orders.

Who am I kidding? This DOJ won’t ever really investigate a bank!

WikiLeaks the Aider of Al Qaeda 

I realize these three possibilities do not exhaust the list of sufficiently significant and sufficiently old terrorism investigations that might be the target named in the order. So I’m happy to hear other possibilities.

But there is one other investigation that is a near perfect fit for almost all the description provided by Hudson: WikiLeaks.

As I’ve reported, EPIC sued to enforce a FOIA for records the FBI has on investigations into WikiLeaks supporters. The FOIA asked for and FBI did not deny having, among other things, financial records.

All records of any agency communications with financial services companies including, but not limited to Visa, MasterCard, and PayPal, regarding lists of individuals who have demonstrated, through monetary donations or other means, support or interest in WikiLeaks.

In addition to withholding information that they apparently have because of an ongoing investigation (though the Judge has required the government to confirm it is still ongoing by April 25), the government also claimed exemption under a statute that they bizarrely refused to name. I speculated four months before Edward Snowden’s leaks that that statute was Section 215.

And the timing on this investigation is a perfect fit. On November 3, 2010, Joint Terrorism Task Force Officer Darin Louck seized David House’s computer as he came across the border from Mexico. While House refused to give the government his encryption passwords, the seizure makes it clear FBI was targeting WikiLeaks supporters. Then, according Alexa O’Brien, on November 21, 2010, a report on the upcoming Cablegate release was included in President Obama’s Daily Brief. The government spent the weeks leading up to the first releases in Cablegate on November 28, 2010 scrambling to understand what might be in them. On December 4, PayPal started refusing donations to WikiLeaks. And on December 6, Eric Holder stated publicly he had authorized extraordinary investigative measures “just last week.”

Nor would he say whether the actions involved search warrants, requests under the Foreign Intelligence Surveillance Act, which authorizes wiretaps or other means, describing them only as “significant.”

“I authorized just last week a number of things to be done so that we can, hopefully, get to the bottom of this and hold people accountable as they should be,” he said.

December 6 was a Monday and technically Tuesday, November 23 would have been 2 weeks earlier, just 2 days before Thanksgiving. But a Section 215 order doesn’t require AG approval, and indeed, dragnet orders often generate leads for more intrusive kinds of surveillance.

Moreover, according to Hudson’s declaration, this order did precisely what EPIC’s FOIA seems to confirm FBI did, investigate not just Julian Assange, but also his associates (also known as supporters), including WikiLeaks donors.

The only thing — and it is a significant thing — that would suggest this guess is wrong is Hudson’s description of this as a “counterterrorism” investigation and not a “counterespionage” investigation (which is how Holder was discussing it in December 2010).

But that doesn’t necessarily rule WikiLeaks out. As noted above, already by early November 2010, the FBI had JTTF agents involved in the investigation. And central to the government’s failed claim that Chelsea Manning had aided the enemy was that she had made the Afghan war logs available knowing (from the DIA report she accessed) that the government worried about al Qaeda accessing such things, and that some Afghan war logs were found at Osama bin Laden’s compound. So the government clearly has treated its WikiLeaks investigation as a counterterrorism investigation.

Moreover, all Hudson’s declaration claims is that the government currently considers this a counterterrorism investigation. Section 215 can be used for counterintelligence investigations (as I’ve noted over and over). Since the Osama bin Laden raid revealed al Qaeda had accessed cables, the government has maintained that it does involve al Qaeda. So it may be that Hudson’s reference to the investigation as a counterterrorism investigation only refers to its current status, and not the status used to obtain the order in 2010.

That said, Hudson also provided a classified version of her statement to Judge Yvonne Gonzales Rogers, and I can’t imagine she’d try to pitch the WikiLeaks case as a counterterrorism one if a judge actually got to check her work. But you never know!

It’s likely that I’m forgetting a very obviously publicly known counterterrorism investigation.

But I think it possible that either the Scary Car Broker plot or WikiLeaks is the target named in the order.

Maybe Jim Comey Killed Off the Nation’s Premier Law Enforcement Agency?

Update: The change went into effect on July 1, 2013, so before Comey’s coronation.

I’ve been tracking the FBI’s embrace of its national security/intelligence role (with a consequent inattention to bank crimes, in particular) for years – notably with this post on its self-congratulation a decade after 9/11. (See also this post, this post, and this one.)

So regular readers will be unsurprised by Foreign Policy’s report that the FBI’s boilerplate fact sheet now hails its primary function to be national security.

But quietly and without notice, the agency has finally decided to make it official in one of its organizational fact sheets. Instead of declaring “law enforcement” as its “primary function,” as it has for years, the FBI fact sheet now lists “national security” as its chief mission. The changes largely reflect the FBI reforms put in place after September 11, 2001, which some have criticized for de-prioritizing law enforcement activities. Regardless, with the 9/11 attacks more than a decade in the past, the timing of the edits is baffling some FBI-watchers.

But I am a bit interested in the question FP goes onto ask: when did this happen. It appears to have happened during the summer.

“What happened in the last year that changed?” asked Kel McClanahan, a Washington-based national security lawyer.

McClanahan noticed the change last month while reviewing a Freedom of Information Act (FOIA) request from the agency. The FBI fact sheet accompanies every FOIA response and highlights a variety of facts about the agency. After noticing the change, McClanahan reviewed his records and saw that the revised fact sheets began going out this summer. “I think they’re trying to rebrand,” he said. “So many good things happen to your agency when you tie it to national security.”

What FP doesn’t answer is why this happened.

But one possibility is the arrival of Jim Comey.

Comey didn’t take over as FBI DIrector until September 4, 2013. But his confirmation hearing (more of a coronation, really) was on July 9; his confirmation vote was on July 29. So he had plenty of time to complete the FBI’s rebranding as a domestic spy agency rather than its premier domestic law enforcement agency before he officially took over.

I checked his confirmation hearing coronation, to see if he announced this rebranding. I’ve been unable to find a formal statement (!!). And while later in the hearing he talked about balancing the intelligence side with the law enforcement side (the FBI itself emphasized this part of the hearing), what apparently extemporaneous statement he did give focused on the FBI’s transition under Robert Mueller to an intelligence agency. (This is my transcription of the non-family part, which took up half of the statement; it starts around 42:30.)

If I’m confirmed for this position I will follow a great American, one who has been clear-eyed about the threat facing our country, especially the metastasizing terrorist threat, the cyber-threat, that poses a risk to our secrets, to our commerce, to our people, and most ominously, to the networks we depend upon as our lifeblood. I know he has changed the FBI, as the Chairman and the Ranking Member described, in fundamental and crucial ways. I know that this will be a hard job. I’m sure that things will go wrong and I will make mistakes. What I pledge to you though is to follow Bob Mueller’s example of staring hard at those mistakes, learning from those mistakes, and getting better as a result of those mistakes. His legacy of candor and straight-forwardness and integrity is one that I pledge to continue. I also know that the FBI is and must be an independent entity in the life of America. It cannot be associated with any party or any interest or any group. It has to be seen as the good guys and good gals in this country. The FBI is and must be about finding the facts and only the facts in a fair, thorough, and objective way, and to do that with a rock-solid commitment to our Constitution and to our laws. That culture of commitment to law and resistance to any jeopardy of independence is at the core of the FBI. I know it is deep inside FBI Agents. Those values are the things that I love about the FBI.

It wouldn’t be surprising that a guy with roots in NY who was prosecuting terrorism even before 9/11 would adopt this focus. Nor do I, thus far, have reason to believe he won’t be better at going after banksters than Mueller was (and Obama has finally shifted some focus to it).

But I do hope — given his appeal to independence — he realizes that making the FBI a domestic intelligence agency does make the FBI a partisan institution, because it de-emphasizes a threat every bit as serious as terrorists and cybercriminals: the banksters.

US Government Slaps HSBC’s Wrist for Facilitating Terrorism, Again

As I noted last year, when DOJ trumpeted their settlement with HSBC for a slew of money laundering violations, they didn’t mention that HSBC had provided almost a billion dollars to a Saudi bank that funded terrorists. Effectively, HSBC’s material support for terrorism for 5 years after it first realized it was doing so got completely ignored.

It turns out, between the time in 2010 when HSBC stopped providing cash dollars to a terror-supporting bank and the time of the DOJ settlement, HSBC was still violating counterterrorism sanctions. Treasury’s Office of Foreign Assets Controls just issued another settlement with HSBC’s US branch, detailing how HSBC processed 3 transfers totaling over $40,164 involving Husayn Tajideen after the bank learned he had gotten listed a designated terrorist. Not a huge amount of money, but over 4 times what Basaaly Moalin is going to jail for.

It’s OFAC’s rationale it uses to rationalize giving a recidivist just a $32,400 penalty that I find particularly egregious.

The settlement amount reflects OFAC’s consideration of the following facts and circumstances, pursuant to the General Factors under OFAC’s Economic Sanctions Enforcement Guidelines, 31 C.F.R. part 501, app. A. OFAC considered the following to be mitigating factors: HBUS voluntarily self-disclosed the apparent violations to OFAC; HBUS took appropriate remedial action in response to these apparent violations and now has a more robust compliance program in place; and HBUS has not received a penalty notice or Finding of Violation from OFAC for substantially similar apparent violations in the five years preceding the earliest date of the transactions giving rise to the apparent violations. The settlement amount reflects the following aggravating factors: HBUS managers and employees whose primary responsibility includes OFAC compliance were aware of the first apparent violation and had reason to be aware of the second and third apparent violations; the apparent violations resulted in actual economic benefit to an SDGT; HBUS is a large and commercially sophisticated financial institution; HBUS initially provided an incomplete response to an administrative subpoena; and, at the time of the first apparent violation, HBUS’ compliance program did not screen all MT 199 messages for potential OFAC matches. OFAC further reduced the proposed penalty in light of HBUS’ agreement to settle its potential liability for the apparent violations. [my emphasis]

Some of this is typical mumbo jumbo (though in this case, should be read with the awareness that Stuart Levey, who used to be Under Secretary of Terrorism Finance and Intelligence, got named HSBC’s General Counsel in 2012, so the subsequent actions likely represent his involvement).

But the claim that HBUS hadn’t had any substantially similar violations in the five years previous is just ridiculous. They had been busted for all sorts of very similar money laundering problems involving known drug kingpins and were uniquely important in providing cash that terrorists likely used for significant attacks. It’s only not substantially similar because it is orders of magnitude worse, so much so DOJ got involved and the settlement was with a different agency!

And in response to a recidivist being caught again, OFAC fines a bank with $14 billion in profits $32,400.

Update: In a statement to WSJ, Treasury said this settlement with a recidivist is unrelated to the past settlement with the recidivist.

But a Treasury spokesman said in an email that Tuesday’s settlement is unrelated to the December 2012 agreement with OFAC and other federal and state agencies.

“This action is similar to other settlements OFAC has reached with regard to apparent violations committed by U.S. financial institutions,” he said.

How FISA Dockets (Appear To) Work and Why Snowden Likely Got Few or No PayPal Documents

Because Bill Binney made an observation about the high docket number of the phone dragnet order released this year, Sibel Edmonds has decided that Glenn Greenwald is hiding a bunch of Edward Snowden documents to protect Pierre Omidyar showing PayPal cooperated with NSA.

Here’s what Binney said, according to him.

Unfortunately, Sibel attributes some of her words to me. I do not know that PAYPAL is involved – only that financial data is being used by NSA. And, based on the “BR” number 13/80 on the Verizon court order to give records to NSA, I estimated that this program involved 78 companies. These would include: telecom’s, internet service providers, banks/finance/credit cards, travel, plus others. So, there’s a lot of business data being collected by NSA and the FBI. In the future, if I am to be quoted, I will have to I will have to insist on a pre-publication review. [my emphasis]

Now, like Peter Kofod, I don’t doubt that PayPal gives a ton of data to the national security state (more on what probably happens below).

But Binney’s comment appears to be based on a misunderstanding of how the FISA docket numbering works (though not one that changes his observation that “there’s a lot of business data being collected by NSA and the FBI”): that each docket pertains to a different company.

Given the filings we’ve seen from voluminous years — particularly 2009 — it is clear that DOJ uses one docket for all providers on a particular order. For example, 3 of the 4 docket numbers used for the phone dragnet in 2009 were 08-13, 09-06, and 09-13. For the entire 3 month period the primary order covers, all the orders and correspondence related to that primary order bears the original docket number. Even in the case where Judge Walton cut off and then resumed production (see 09-13 above) from just one provider got handled in that docketing system. The now public FISC docket appears to continue this practice, with BR 13-109 and BR 13-158 including all the correspondence on a particular order (in addition, there are the Misc dockets for lawsuits, and the 2007 docket tied to Protect America Act for the Yahoo challenge).

And over the years, the list of providers included on the dockets appears to have gotten much longer. Here’s the redacted list of providers from the original 2006 order:

Screen shot 2013-12-13 at 7.51.09 PM

Here’s the redacted list of providers from the most recent order:

Screen shot 2013-12-13 at 7.54.25 PM


The additional providers are probably smaller providers, as well as VOIP providers.

So just 4 and on rare occasions 5 of the Section 215 (“BR”) docket numbers in any given year (and, for the life of the program, just 4 of the PR/TT docket numbers) covered all the providers.

But that may, in fact, mean far more companies are getting Section 215 orders, even bulk orders. As I laid out in this post, the numbers of Section 215 orders have gone up in the last several years (Julian Sanchez has speculated that previously some of this collection was done via National Security Letter, which is a pretty good bet).

Section 215 orders

And as they’ve gone up, the FISA Court has been modifying far more orders — it modified 86% of the orders in 2011. It has been modifying orders to add minimization procedures (it modified 176 orders in 2011 to add minimization requirements). Given that you only need to have significant minimization procedures if you’re getting a lot of innocent people’s data, and given that these orders would also be on a 90-day cycle, that may mean there were 44 bulk collection programs in 2011.

But, as Binney said, that’s going to include a lot of different kinds of companies. We know they’ve used Section 215 to collect precursor chemical purchase records. They likely cover credit cards records, other financial records, gun purchases, health and medical records, and other computer records. There have even been questions about using Section 215 to collect URL search terms.

PayPal is one possible or even likely recipient of these, but only one out of a bunch. Continue reading

The Cayman Islands Agrees to Share Tax Data with the Five Eyes Countries

Screen shot 2013-11-29 at 5.18.17 PMApparently, the people at Treasury don’t need to take advantage of the Black Friday sales. Instead, they’re at work and announcing that the Cayman Islands (and Costa Rica) will share information on US taxpayers with the IRS. The move comes after the Brits rolled out a similar agreement earlier this month.

I assume we’ll see other advanced countries demand similar agreements. But for the moment, just the NSA and GCHQ’s home countries will be able to learn which of their citizens are stashing money in one of the world’s most important tax havens (and one that has been important to Anglo-American financial dominance).

There are two submarine cables serving the Cayman Islands. One — Maya 1 — carries telecom traffic to Hollywood, FL. It is owned, in part, by NSA spy partners AT&T and Verizon. The other carries traffic to Jamaica. Another of the cables that serves Jamaica lands in Boca Raton. A third carries traffic to British Virgin Islands. From BVI, cables carry traffic directly to several other landing spots in the US, as well as — by way of Bermuda — Canada.

Earlier this year, someone leaked massive amounts of data on BVI’s tax shelter clients and habits (though curiously, no US persons were identified among the most prominent culprits). As far as I know, no one has ever discovered how that data got leaked, and there seems little concern from the powers that be about this leaker who, after all, was as audacious as Chelsea Manning or Edward Snowden.

Now, I’m not saying that the US and UK were already stealing Cayman Islands’ data. I’m only saying that doing so would be perfectly within the known practices of America and Britain’s spy agencies.

The CIA (&etc) Money Orders

NSL v 215Both the NYT (Charlie Savage and Mark Mazzetti) and WSJ (Siobhan Gorman, Devlin Barrett, and Jennifer Valentine-Devries) tell the same story today: the CIA is collecting bulk data on international money transfers. Given that someone has decided to deal this story to two papers at the same time, and given the number of times the Administration has pre-leaked stories to Gorman of late to increasingly spectacular effect (even making most national security journalists forget the very existence of GCHQ’s notoriously voracious taps at cable landings just off Europe) I assume this may be some kind of limited hangout.

It’s not that I doubt in the least that CIA gets and uses financial data. I don’t even doubt the government uses PATRIOT authorities to do so (as both stories assert).

But it would be unlikely that this data comes in through an FBI order and does not also get shared with Treasury and National Counterterrorism Center (if not NSA), both of which would have better infrastructure for analyzing it, and both of which we know to use such data for their known intelligence products. Indeed, in response to a question from both papers about this practice Western Union points to Treasury programs.

 A spokeswoman for one large company that handles money transfers abroad, Western Union, did not directly address a question about whether it had been ordered to turn over records in bulk, but said that the company complies with legal requirements to provide information.

“We collect consumer information to comply with the Bank Secrecy Act and other laws,” said the spokeswoman, Luella Chavez D’Angelo. “In doing so, we also protect our consumers’ privacy.”

And at WSJ a consultant to the industry points even more firmly towards Treasury.

Money-transfer companies are “highly, highly aware of their obligations under the Patriot Act,” said Robert Pargac, a director in global investigations and compliance at Navigant Consulting Inc. who has worked at several such companies. Western Union said last month it would be spending about 4% of its revenue in 2014 on compliance with rules under the Patriot Act, the Treasury Department’s Office of Foreign Assets Control and other anti-money-laundering and terrorist-financing requirements.

We know that, at least until 2008, the FBI maintained that it could share materials that came in through Section 215 with any agency so long as that agency asserted it had a need for the information, and there’s little reason to believe the FBI has changed that policy. So I would assume at least Treasury and NCTC gets this data as well. It may be all this story indicates is that — as they do with much Section 702 data — CIA gets its own access to the data. That’s a minimization story, not a collection story, because we’ve known this data was collected (as WSJ points out).

Then there’s the evidence both papers point to to show that this is a Section 215 program. Continue reading

What Are NSA’s Standards for Surveilling Transnational Crime Organizations?

Yesterday, the Italian magazine Panorama claimed that the NSA had wiretapped the Vatican.

I have some questions about the veracity of the report. NSA has denied it more vigorously than other allegations of tapping world leaders. Panorama is not known to have access to the Edward Snowden documents. One key claim — that the current Pope, Jorge Mario Bergoglio, has been surveilled since 2005 — was actually sourced to WikiLeaks in the story (In addition to cables on Argentine politics, Bergoglio shows up in a 2003 cable speculating on the possibility of a Latin American Pope).

All that said, I am intrigued by this claim.

Panorama said the recorded Vatican phone calls were catalogued by the NSA in four categories – leadership intentions, threats to the financial system, foreign policy objectives and human rights.

I did a quick review of WikiLeaks cables on the Vatican (remember, these are classified at no more than the Secret level, and therefore are not going to have any intercept information in them, and they of course stop at 2010). The human rights issues pertain to interfaith dialogue and the rights of Catholics in repressive countries, the Church’s role in anti-gay laws, and allegations of anti-Semitism (this cable, on the Church prioritizing unity and thereby endorsing Holocaust denial, is one of the few Secret ones). There are fewer that relate directly to the Church’s role in the financial system; though a good many cables with “financial” content relate to Syria or, especially, Lebanon, and include the Vatican because of its influence with Christian power brokers in the region (this cable, on Syrian money laundering, was forwarded to the Vatican mission for some reason).

But there two other reasons why the Vatican might be an NSA target based on those topics: its multi-decade cover-up of pedophilia (and the impact legal investigations and settlements might have around the world), and the Vatican’s role in money laundering. The recent disclosures of Vatican money laundering suggest Iraq, Iran, and Indonesia have used the bank, as well as the Italian mafia, but given its ties to Lebanon, I wouldn’t be surprised if it were also laundering money from that country, which is another close focus of the US’ own money laundering attention.

In other words, in addition to wiretapping the Vatican because it wields special influence in countries around the world (the leadership intentions and foreign policy objectives category), the US would have reason to surveil it because of what amount to Vatican actions that make it a Transnational Criminal Organization, completely apart from matters of faith.

That is, if NSA applied its apparent mandate to track TCOs indiscriminately.

But I bet you they don’t. While I am sure they track Latin American, African, and South Asian drug networks, I’m certain they track Russian mobsters who have ties to online crime, and I’m sure they are tracking and probably have an active role in the investigation of Yakuza’s ties to big Japanese banks (most of these are either named Treasury drug kingpin or TCO targets), I also believe if the NSA tracked transnational crime organizations generally, its efforts would be shut down tomorrow.

Imagine, for example, if in addition to using Title III wiretaps (though barely) and self-disclosure and evidence generated by other financial institutions in put-back suits, the NSA used its bulk collection to track JPMC’s international transfers to see whether any of it constituted “foreign intelligence,” and from that referred any evidence of a crime to the FBI? Imagine if the NSA were stealing all of JPMC’s transfer information, even outside its access to SWIFT, to see how JPMC laundered its world-destabilizing actions through multiple jurisdictions? And both JPMC and HSBC have a known history of material support for terrorism, which certainly ought to justify such spying (noting, of course, that I think JPMC did get spied on in conjunction with the Scary Iran Plot, which may have forced FinCEN to settle with it on other outstanding sanction violation issues).

They wouldn’t even need to track JPMC and other multinational banks in the name of transnational crime and terrorism; the Sovereign Wealth Funds of the world – both of volatile Middle Eastern countries, Asian targets, but even in Europe — have effectively become foreign policy entities. Do they track what Qatar and the Emirates do with their SWFs?

As I said, I doubt it. While I suspect as this scandal develops we’ll find more and more evidence that the NSA has spied on targets selected for their financial competition with the US and UK (we’ve already seen hints they collected intelligence on the Euro versus the dollar, Brazil’s competitive position vis as vis the US, for example), I also suspect if there were ever a hint that the NSA treated JPMC or HSBC like it did other TCO targets, it would get shut down in a matter of weeks.

Emptywheel Twitterverse
emptywheel RT @mollycrabapple: all charges dropped against Moazzam Begg, former Guantanamo detainee and human rights activist, after 8months in jail h…
JimWhiteGNV U.S. troops in Afghanistan - The Washington Post
emptywheel @DavidCUnger And one of most basic principles of legislative democracy is to avoid voting at all cost what will be unsuccessful war.
emptywheel Prolly bigger part of it RT @patitoduke: PLUS Black Budget expenditures it does not want to disclose publicly @MarcusReports
emptywheel I thought the Saudis were going to pay for The New War™. Why are we spending almost $60B?
emptywheel @DavidCUnger I guess his way of avoiding a supplemental, so he's not doing the same thing Bush did, even tho it's same thing Bush did?
emptywheel Apparently Obama is going to pay for his new war via slush fund.
JimWhiteGNV Nigeria’s Actions Seem to Contain Ebola Outbreak
bmaz RT @billmon1: CNN: America's Most Trusted Name in Hysterical Fear Mongering -->
bmaz @seattletimes @nigelduara 30 hours overtime in a day?? "Lax" seems a wee bit 'o and understatement.
bmaz @ArizonaLuke @brahmresnik @noprezzie2012 @cocoasaurus That's pathetic. Grow up little punk.
October 2014
« Sep