Financial Fraud

US Moves to Catch Horses Just After They Escape the Barn

After Zine El Abidine Ben Ali was overthrown, Tunisians started looking for the money he looted from Tunisia and discovered much of it was in our allies’ pockets. 

After Hosni Mubarak was overthrown, the US started looking around for the money he looted from Egypt and discovered some of it was probably in our — or our allies’ — pockets.

After Moammar Qaddafi was overthrown, Libyans started looking around for the money he looted from Libya and discovered some of it was probably in our allies’ pockets.

With Bashar al-Assad, the search has already begun and … unsurprisingly a western bank is known to have hidden some of his associates’ money, yet we’re doing little about that.

In all of these cases, it has proven difficult, after the fact, to reclaim the looted money and often placed in Western banks’ safe-keeping.

With Viktor Yanukovych, the US has rolled a new approach: to try to find the money he looted just as he is overthrown, rather than weeks and months later after he has secured it from reach.

The Federal Bureau of Investigation is creating a “financial SWAT team” to rush to troubled countries in the aftermath of a revolution and track suspected stolen assets as part of a new White House push to help fledgling democracies.

The effort, described by U.S. officials and to be formally announced Tuesday by Attorney General Eric Holder, is part of a new strategy designed to speed up the investigation and prosecution of deposed foreign leaders who are suspected of looting their nation’s finances and abscond with the money, often billions of dollars.

“In situations like this, you’re really in a race against time before the evidence is destroyed, before assets disappear, and there’s no substitute for getting people on the ground as quickly as possible,” said David O’Neil, head of the Justice Department’s criminal division.

About a dozen U.S. agents and analysts will be assigned to the initiative, which involves chasing bank accounts, homes and luxury cars bought by foreign leaders and helping local authorities piece together criminal prosecutions of former officials.

I’m actually all in favor of FBI developing these teams. But I wonder whether it might be still easier for them to do their job if they tried to capture the horse while it was still standing in the barn stall? And why limit it to dictators we didn’t like who have been recently overthrown? If looting is wrong, then why not crack down on it generally?

Meanwhile, consider the dance that happens where, as with Putin, you’re trying to use that looting to exert control, to disrupt relations of power. In advance of yesterday’s new Russia sanctions, Peter Baker did a big profile of both how certain Treasury is it has found Putin’s wealth, but how uncertain they are that they’ve got the proof (though see Sibel Edmonds on that). There is a subtle difference between the money and the power, and following the money in this case may stop just short of hurting Putin badly enough to convince him to act. Not to mention, many powerful people in Europe are not yet ready to crack down as seriously as they’d need to. Their power relies on Russian power.

As more and more people focus on the rise of inequality — globally, but finally we care about that because it is accelerating here at home — we still seem to struggle with the calculations of power that would require upending that system, even as it continues to destabilize country after country.

Is This the Missing WikiLeaks PayPal Order?

As I noted in this post, the declaration submitted in EFF’s FOIA for Section 215 by ODNI’s Jennifer Hudson is remarkably revealing. I’m particularly intrigued by these comments about the financial dragnet order released on March 28.

A FISC Supplemental Order in BR 10-82, dated November 23, 2010 and consisting of two pages, has been withheld in part to protect certain classified and law enforcement sensitive information. The case underlying BR 10-82 is an FBI counterterrorism investigation of a specific target. That investigation is still pending. Here, in the course of a pending counterterrorism investigation, the FBI sought authorization under the FISA to obtain financial records, under the FISA’s business records provision, pertaining to the target of the investigation and in fact obtained such authorization.

[snip]

Here, in the course of a pending counterterrorism investigation, the FBI sought authorization under the FISA to obtain certain financial records. The FISC Supplemental Order, which was issued in relation to its authorization for such collection, was thus compiled for law enforcement purposes, in furtherance of a national security investigation within the FBI’s authorized law enforcement duties.

[snip]

Here, the FBI has determined that the release of the final paragraph of the order, which describes certain requirements reflecting the FBI’s particular implementation of the authority granted by the FISC, could reasonably be expected to adversely impact the pending investigation and any resulting prosecutions. Release of this paragraph would reveal the specific and unique implementation requirements imposed on the FBI under this FISA-authorized collection during a particular time period. It is unclear what and how much the target might already know about the FBI’s investigation. However, as more fully explained in my classified ex parte, in camera declaration, there is reason to believe that the target or others knowledgeable about the nature and timing of the investigation could piece together this information, the docket number, the dates of the collection, and other information which has already been released or deduced to assemble a picture that would reveal to the target that the target was the subject of a particular type of intelligence collection during a specific time period, and by extension, that the target’s associates during that period may have been subject to similar intelligence collections. This could lead the target to deduce the scope, focus, and direction of the FBI’s investigative efforts, and potentially any gaps in the collections, from which the target could deduce times when the target’s activities were “safe.” [my emphasis]

The bolded section says that certain people — the target, but also “others knowledgeable about the nature and timing of the investigation” — could put the financial dragnet request together with other information released or deduced to figure out that the target and his associates had had their financial data collected.

Gosh, that’s like waving a flag at anyone who might be “knowledgeable about the nature of the investigation.”

What counterterrorism investigation has generated sufficient attention such that not only the target, but outsiders, would recognize this order pertains the investigation in question? The investigation would be:

  • A counterterrorism investigation
  • In relatively early stages on November 23, 2010
  • Used financial records in a potentially novel way, perhaps to identify affiliates of the target
  • Still going on

The CIA & etc. Money Order Orders

One obvious possibility is the generalized CIA investigation into Western Union and international money transfers reported by WSJ and NYT last year. While both stories said the CIA got these orders, I suggested it likely that FBI submitted the orders and disseminated the information as broadly as FBI’s information sharing rules allowed, not least because CIA has no analytical advantage on such orders, as NSA would have for the phone dragnet.

There are two reasons this is unlikely. First, there’s the timing. The WSJ version of the story, at least, suggested this had been going on some time, before 2010. If that’s the case, then there’s no reason to believe a new order in 2010 reviewed this issue. And while I don’t think the 2010 order necessarily indicates the first financial 215 order (after all, it took 2.5 years before FISC weighed the equivalent question in the phone dragnet), it is unlikely that this order comes from an existing program.

That’s true, too, because this seems to be tied to a specific investigation, rather than the enterprise counterterrorism investigation that underlies the phone dragnet (and presumably the CIA program). So while this practice generated enough attention to be the investigation, I doubt it is.

The Scary Car Broker Plot

Then there’s what I call the Scary Car Broker Plot, which I wrote about here. Basically, it’s a giant investigation into drug trafficking from Colombia through Western Africa that contributes some money to Hezbollah and therefore has been treated as a terror terror terror investigation when in reality it is a drug investigation. Treasury named Ayman Joumaa, the ultimate target of that investigation, a Specially Designated Trafficker in February 2011, so presumably the investigation was very active in November 2010, when FISC issued the order. The case’s domestic component involves the car broker businesses of a slew of (probably completely innocent) Lebanese-Americans, who did business with the larger network via wire transfers.

The Car Buyers also received wire transfers for the purpose of buying and shipping used cars from other account holders at the Lebanese Banks (“Additional Transferors”), including the OFAC-designated Phenicia Shipping (Offshore); Ali Salhab and Yasmin Shipping & Trading; Fadi Star and its owners, Mohammad Hammoud and Fadi Hammoudi Fakih for General Trade, Khodor Fakih, and Ali Fakih; and Youssef Nehme.

Perhaps most interesting, the government got at these businessmen by suing them, rather than charging them, which raised significant Fifth Amendment Issues. So between that tactic and Joumaa’s rather celebrated status, I believe this is a possible case. And the timing — from 2007 until 2011, when Joumaa got listed — would certainly make sense.

All that said, this aspect of the investigation was made public in the suit naming the car brokers, so FBI would be hard-pressed to claim that providing more details would compromise the investigation.

HSBC’s Material Support for Terrorism

Then there’s a very enticing possibility: that this is an investigation into HSBC for its material support for terrorism, in the form of providing cash dollars to the al Rajhi bank which went on to support terrorist attacks (including 9/11).

HSBC’s wrist slap for money laundering is one of the most noted legal atrocities in recent memory, but most people focus on the bank’s role laundering money for drug cartels. Yet as I’ve always emphasized, HSBC also played a key role in providing money to al Qaeda-related terrorists.

As the Permanent Subcommittee on Investigations’ report made clear, HSBC’s material support for terror continued until 2010.

After the 9-11 terrorist attack in 2001, evidence began to emerge that Al Rajhi Bank and some of its owners had links to financing organizations associated with terrorism, including evidence that the bank’s key founder was an early financial benefactor of al Qaeda. In 2005, HSBC announced internally that its affiliates should sever ties with Al Rajhi Bank, but then reversed itself four months later, leaving the decision up to each affiliate. HSBC Middle East, among other HSBC affiliates, continued to do business with the bank.

Due to terrorist financing concerns, HBUS closed the correspondent banking and banknotes accounts it had provided to Al Rajhi Bank. For nearly two years, HBUS Compliance personnel resisted pressure from HSBC personnel in the Middle East and United States to resume business ties with Al Rajhi Bank. In December 2006, however, after Al Rajhi Bank threatened to pull all of its business from HSBC unless it regained access to HBUS’ U.S. banknotes program, HBUS agreed to resume supplying Al Rajhi Bank with shipments of U.S. dollars. Despite ongoing troubling information, HBUS provided nearly $1 billion in U.S. dollars to Al Rajhi Bank until 2010, when HSBC decided, on a global basis, to exit the U.S. banknotes business. HBUS also supplied U.S. dollars to two other banks, Islami Bank Bangladesh Ltd. and Social Islami Bank, despite evidence of links to terrorist financing. Each of these specific cases shows how a global bank can pressure its U.S. affiliate to provide banks in countries at high risk of terrorist financing with access to U.S. dollars and the U.S. financial system. [my emphasis]

Now, the timing may match up here, and I’d really love for a bankster to be busted for supporting terrorism. Plus, an ongoing investigation into this part of HSBC’s crimes might explain why Lanny Breuer said nothing about it when he announced the settlement with HSBC. But I doubt this is the investigation. That’s because former Treasury Undersecretary for Terrorism and Financial Intelligence Stuart Levey moved to HSBC after this point in time, in large part in a thus-far futile attempt to try to clean up the bank. And I can’t imagine a lawyer could ethically take on this role while (presumably) knowing about such seizures. Moreover, as the PSI report made clear, there are abundant other ways to get at the kind of data at issue in the HSBC investigation without Section 215 orders.

Who am I kidding? This DOJ won’t ever really investigate a bank!

WikiLeaks the Aider of Al Qaeda 

I realize these three possibilities do not exhaust the list of sufficiently significant and sufficiently old terrorism investigations that might be the target named in the order. So I’m happy to hear other possibilities.

But there is one other investigation that is a near perfect fit for almost all the description provided by Hudson: WikiLeaks.

As I’ve reported, EPIC sued to enforce a FOIA for records the FBI has on investigations into WikiLeaks supporters. The FOIA asked for and FBI did not deny having, among other things, financial records.

All records of any agency communications with financial services companies including, but not limited to Visa, MasterCard, and PayPal, regarding lists of individuals who have demonstrated, through monetary donations or other means, support or interest in WikiLeaks.

In addition to withholding information that they apparently have because of an ongoing investigation (though the Judge has required the government to confirm it is still ongoing by April 25), the government also claimed exemption under a statute that they bizarrely refused to name. I speculated four months before Edward Snowden’s leaks that that statute was Section 215.

And the timing on this investigation is a perfect fit. On November 3, 2010, Joint Terrorism Task Force Officer Darin Louck seized David House’s computer as he came across the border from Mexico. While House refused to give the government his encryption passwords, the seizure makes it clear FBI was targeting WikiLeaks supporters. Then, according Alexa O’Brien, on November 21, 2010, a report on the upcoming Cablegate release was included in President Obama’s Daily Brief. The government spent the weeks leading up to the first releases in Cablegate on November 28, 2010 scrambling to understand what might be in them. On December 4, PayPal started refusing donations to WikiLeaks. And on December 6, Eric Holder stated publicly he had authorized extraordinary investigative measures “just last week.”

Nor would he say whether the actions involved search warrants, requests under the Foreign Intelligence Surveillance Act, which authorizes wiretaps or other means, describing them only as “significant.”

“I authorized just last week a number of things to be done so that we can, hopefully, get to the bottom of this and hold people accountable as they should be,” he said.

December 6 was a Monday and technically Tuesday, November 23 would have been 2 weeks earlier, just 2 days before Thanksgiving. But a Section 215 order doesn’t require AG approval, and indeed, dragnet orders often generate leads for more intrusive kinds of surveillance.

Moreover, according to Hudson’s declaration, this order did precisely what EPIC’s FOIA seems to confirm FBI did, investigate not just Julian Assange, but also his associates (also known as supporters), including WikiLeaks donors.

The only thing — and it is a significant thing — that would suggest this guess is wrong is Hudson’s description of this as a “counterterrorism” investigation and not a “counterespionage” investigation (which is how Holder was discussing it in December 2010).

But that doesn’t necessarily rule WikiLeaks out. As noted above, already by early November 2010, the FBI had JTTF agents involved in the investigation. And central to the government’s failed claim that Chelsea Manning had aided the enemy was that she had made the Afghan war logs available knowing (from the DIA report she accessed) that the government worried about al Qaeda accessing such things, and that some Afghan war logs were found at Osama bin Laden’s compound. So the government clearly has treated its WikiLeaks investigation as a counterterrorism investigation.

Moreover, all Hudson’s declaration claims is that the government currently considers this a counterterrorism investigation. Section 215 can be used for counterintelligence investigations (as I’ve noted over and over). Since the Osama bin Laden raid revealed al Qaeda had accessed cables, the government has maintained that it does involve al Qaeda. So it may be that Hudson’s reference to the investigation as a counterterrorism investigation only refers to its current status, and not the status used to obtain the order in 2010.

That said, Hudson also provided a classified version of her statement to Judge Yvonne Gonzales Rogers, and I can’t imagine she’d try to pitch the WikiLeaks case as a counterterrorism one if a judge actually got to check her work. But you never know!

It’s likely that I’m forgetting a very obviously publicly known counterterrorism investigation.

But I think it possible that either the Scary Car Broker plot or WikiLeaks is the target named in the order.

Maybe Jim Comey Killed Off the Nation’s Premier Law Enforcement Agency?

Update: The change went into effect on July 1, 2013, so before Comey’s coronation.

I’ve been tracking the FBI’s embrace of its national security/intelligence role (with a consequent inattention to bank crimes, in particular) for years – notably with this post on its self-congratulation a decade after 9/11. (See also this post, this post, and this one.)

So regular readers will be unsurprised by Foreign Policy’s report that the FBI’s boilerplate fact sheet now hails its primary function to be national security.

But quietly and without notice, the agency has finally decided to make it official in one of its organizational fact sheets. Instead of declaring “law enforcement” as its “primary function,” as it has for years, the FBI fact sheet now lists “national security” as its chief mission. The changes largely reflect the FBI reforms put in place after September 11, 2001, which some have criticized for de-prioritizing law enforcement activities. Regardless, with the 9/11 attacks more than a decade in the past, the timing of the edits is baffling some FBI-watchers.

But I am a bit interested in the question FP goes onto ask: when did this happen. It appears to have happened during the summer.

“What happened in the last year that changed?” asked Kel McClanahan, a Washington-based national security lawyer.

McClanahan noticed the change last month while reviewing a Freedom of Information Act (FOIA) request from the agency. The FBI fact sheet accompanies every FOIA response and highlights a variety of facts about the agency. After noticing the change, McClanahan reviewed his records and saw that the revised fact sheets began going out this summer. “I think they’re trying to rebrand,” he said. “So many good things happen to your agency when you tie it to national security.”

What FP doesn’t answer is why this happened.

But one possibility is the arrival of Jim Comey.

Comey didn’t take over as FBI DIrector until September 4, 2013. But his confirmation hearing (more of a coronation, really) was on July 9; his confirmation vote was on July 29. So he had plenty of time to complete the FBI’s rebranding as a domestic spy agency rather than its premier domestic law enforcement agency before he officially took over.

I checked his confirmation hearing coronation, to see if he announced this rebranding. I’ve been unable to find a formal statement (!!). And while later in the hearing he talked about balancing the intelligence side with the law enforcement side (the FBI itself emphasized this part of the hearing), what apparently extemporaneous statement he did give focused on the FBI’s transition under Robert Mueller to an intelligence agency. (This is my transcription of the non-family part, which took up half of the statement; it starts around 42:30.)

If I’m confirmed for this position I will follow a great American, one who has been clear-eyed about the threat facing our country, especially the metastasizing terrorist threat, the cyber-threat, that poses a risk to our secrets, to our commerce, to our people, and most ominously, to the networks we depend upon as our lifeblood. I know he has changed the FBI, as the Chairman and the Ranking Member described, in fundamental and crucial ways. I know that this will be a hard job. I’m sure that things will go wrong and I will make mistakes. What I pledge to you though is to follow Bob Mueller’s example of staring hard at those mistakes, learning from those mistakes, and getting better as a result of those mistakes. His legacy of candor and straight-forwardness and integrity is one that I pledge to continue. I also know that the FBI is and must be an independent entity in the life of America. It cannot be associated with any party or any interest or any group. It has to be seen as the good guys and good gals in this country. The FBI is and must be about finding the facts and only the facts in a fair, thorough, and objective way, and to do that with a rock-solid commitment to our Constitution and to our laws. That culture of commitment to law and resistance to any jeopardy of independence is at the core of the FBI. I know it is deep inside FBI Agents. Those values are the things that I love about the FBI.

It wouldn’t be surprising that a guy with roots in NY who was prosecuting terrorism even before 9/11 would adopt this focus. Nor do I, thus far, have reason to believe he won’t be better at going after banksters than Mueller was (and Obama has finally shifted some focus to it).

But I do hope — given his appeal to independence — he realizes that making the FBI a domestic intelligence agency does make the FBI a partisan institution, because it de-emphasizes a threat every bit as serious as terrorists and cybercriminals: the banksters.

US Government Slaps HSBC’s Wrist for Facilitating Terrorism, Again

As I noted last year, when DOJ trumpeted their settlement with HSBC for a slew of money laundering violations, they didn’t mention that HSBC had provided almost a billion dollars to a Saudi bank that funded terrorists. Effectively, HSBC’s material support for terrorism for 5 years after it first realized it was doing so got completely ignored.

It turns out, between the time in 2010 when HSBC stopped providing cash dollars to a terror-supporting bank and the time of the DOJ settlement, HSBC was still violating counterterrorism sanctions. Treasury’s Office of Foreign Assets Controls just issued another settlement with HSBC’s US branch, detailing how HSBC processed 3 transfers totaling over $40,164 involving Husayn Tajideen after the bank learned he had gotten listed a designated terrorist. Not a huge amount of money, but over 4 times what Basaaly Moalin is going to jail for.

It’s OFAC’s rationale it uses to rationalize giving a recidivist just a $32,400 penalty that I find particularly egregious.

The settlement amount reflects OFAC’s consideration of the following facts and circumstances, pursuant to the General Factors under OFAC’s Economic Sanctions Enforcement Guidelines, 31 C.F.R. part 501, app. A. OFAC considered the following to be mitigating factors: HBUS voluntarily self-disclosed the apparent violations to OFAC; HBUS took appropriate remedial action in response to these apparent violations and now has a more robust compliance program in place; and HBUS has not received a penalty notice or Finding of Violation from OFAC for substantially similar apparent violations in the five years preceding the earliest date of the transactions giving rise to the apparent violations. The settlement amount reflects the following aggravating factors: HBUS managers and employees whose primary responsibility includes OFAC compliance were aware of the first apparent violation and had reason to be aware of the second and third apparent violations; the apparent violations resulted in actual economic benefit to an SDGT; HBUS is a large and commercially sophisticated financial institution; HBUS initially provided an incomplete response to an administrative subpoena; and, at the time of the first apparent violation, HBUS’ compliance program did not screen all MT 199 messages for potential OFAC matches. OFAC further reduced the proposed penalty in light of HBUS’ agreement to settle its potential liability for the apparent violations. [my emphasis]

Some of this is typical mumbo jumbo (though in this case, should be read with the awareness that Stuart Levey, who used to be Under Secretary of Terrorism Finance and Intelligence, got named HSBC’s General Counsel in 2012, so the subsequent actions likely represent his involvement).

But the claim that HBUS hadn’t had any substantially similar violations in the five years previous is just ridiculous. They had been busted for all sorts of very similar money laundering problems involving known drug kingpins and were uniquely important in providing cash that terrorists likely used for significant attacks. It’s only not substantially similar because it is orders of magnitude worse, so much so DOJ got involved and the settlement was with a different agency!

And in response to a recidivist being caught again, OFAC fines a bank with $14 billion in profits $32,400.

Update: In a statement to WSJ, Treasury said this settlement with a recidivist is unrelated to the past settlement with the recidivist.

But a Treasury spokesman said in an email that Tuesday’s settlement is unrelated to the December 2012 agreement with OFAC and other federal and state agencies.

“This action is similar to other settlements OFAC has reached with regard to apparent violations committed by U.S. financial institutions,” he said.

How FISA Dockets (Appear To) Work and Why Snowden Likely Got Few or No PayPal Documents

Because Bill Binney made an observation about the high docket number of the phone dragnet order released this year, Sibel Edmonds has decided that Glenn Greenwald is hiding a bunch of Edward Snowden documents to protect Pierre Omidyar showing PayPal cooperated with NSA.

Here’s what Binney said, according to him.

Unfortunately, Sibel attributes some of her words to me. I do not know that PAYPAL is involved – only that financial data is being used by NSA. And, based on the “BR” number 13/80 on the Verizon court order to give records to NSA, I estimated that this program involved 78 companies. These would include: telecom’s, internet service providers, banks/finance/credit cards, travel, plus others. So, there’s a lot of business data being collected by NSA and the FBI. In the future, if I am to be quoted, I will have to I will have to insist on a pre-publication review. [my emphasis]

Now, like Peter Kofod, I don’t doubt that PayPal gives a ton of data to the national security state (more on what probably happens below).

But Binney’s comment appears to be based on a misunderstanding of how the FISA docket numbering works (though not one that changes his observation that “there’s a lot of business data being collected by NSA and the FBI”): that each docket pertains to a different company.

Given the filings we’ve seen from voluminous years — particularly 2009 — it is clear that DOJ uses one docket for all providers on a particular order. For example, 3 of the 4 docket numbers used for the phone dragnet in 2009 were 08-13, 09-06, and 09-13. For the entire 3 month period the primary order covers, all the orders and correspondence related to that primary order bears the original docket number. Even in the case where Judge Walton cut off and then resumed production (see 09-13 above) from just one provider got handled in that docketing system. The now public FISC docket appears to continue this practice, with BR 13-109 and BR 13-158 including all the correspondence on a particular order (in addition, there are the Misc dockets for lawsuits, and the 2007 docket tied to Protect America Act for the Yahoo challenge).

And over the years, the list of providers included on the dockets appears to have gotten much longer. Here’s the redacted list of providers from the original 2006 order:

Screen shot 2013-12-13 at 7.51.09 PM

Here’s the redacted list of providers from the most recent order:

Screen shot 2013-12-13 at 7.54.25 PM

 

The additional providers are probably smaller providers, as well as VOIP providers.

So just 4 and on rare occasions 5 of the Section 215 (“BR”) docket numbers in any given year (and, for the life of the program, just 4 of the PR/TT docket numbers) covered all the providers.

But that may, in fact, mean far more companies are getting Section 215 orders, even bulk orders. As I laid out in this post, the numbers of Section 215 orders have gone up in the last several years (Julian Sanchez has speculated that previously some of this collection was done via National Security Letter, which is a pretty good bet).

Section 215 orders

And as they’ve gone up, the FISA Court has been modifying far more orders — it modified 86% of the orders in 2011. It has been modifying orders to add minimization procedures (it modified 176 orders in 2011 to add minimization requirements). Given that you only need to have significant minimization procedures if you’re getting a lot of innocent people’s data, and given that these orders would also be on a 90-day cycle, that may mean there were 44 bulk collection programs in 2011.

But, as Binney said, that’s going to include a lot of different kinds of companies. We know they’ve used Section 215 to collect precursor chemical purchase records. They likely cover credit cards records, other financial records, gun purchases, health and medical records, and other computer records. There have even been questions about using Section 215 to collect URL search terms.

PayPal is one possible or even likely recipient of these, but only one out of a bunch. Continue reading

The Cayman Islands Agrees to Share Tax Data with the Five Eyes Countries

Screen shot 2013-11-29 at 5.18.17 PMApparently, the people at Treasury don’t need to take advantage of the Black Friday sales. Instead, they’re at work and announcing that the Cayman Islands (and Costa Rica) will share information on US taxpayers with the IRS. The move comes after the Brits rolled out a similar agreement earlier this month.

I assume we’ll see other advanced countries demand similar agreements. But for the moment, just the NSA and GCHQ’s home countries will be able to learn which of their citizens are stashing money in one of the world’s most important tax havens (and one that has been important to Anglo-American financial dominance).

There are two submarine cables serving the Cayman Islands. One — Maya 1 — carries telecom traffic to Hollywood, FL. It is owned, in part, by NSA spy partners AT&T and Verizon. The other carries traffic to Jamaica. Another of the cables that serves Jamaica lands in Boca Raton. A third carries traffic to British Virgin Islands. From BVI, cables carry traffic directly to several other landing spots in the US, as well as — by way of Bermuda — Canada.

Earlier this year, someone leaked massive amounts of data on BVI’s tax shelter clients and habits (though curiously, no US persons were identified among the most prominent culprits). As far as I know, no one has ever discovered how that data got leaked, and there seems little concern from the powers that be about this leaker who, after all, was as audacious as Chelsea Manning or Edward Snowden.

Now, I’m not saying that the US and UK were already stealing Cayman Islands’ data. I’m only saying that doing so would be perfectly within the known practices of America and Britain’s spy agencies.

The CIA (&etc) Money Orders

NSL v 215Both the NYT (Charlie Savage and Mark Mazzetti) and WSJ (Siobhan Gorman, Devlin Barrett, and Jennifer Valentine-Devries) tell the same story today: the CIA is collecting bulk data on international money transfers. Given that someone has decided to deal this story to two papers at the same time, and given the number of times the Administration has pre-leaked stories to Gorman of late to increasingly spectacular effect (even making most national security journalists forget the very existence of GCHQ’s notoriously voracious taps at cable landings just off Europe) I assume this may be some kind of limited hangout.

It’s not that I doubt in the least that CIA gets and uses financial data. I don’t even doubt the government uses PATRIOT authorities to do so (as both stories assert).

But it would be unlikely that this data comes in through an FBI order and does not also get shared with Treasury and National Counterterrorism Center (if not NSA), both of which would have better infrastructure for analyzing it, and both of which we know to use such data for their known intelligence products. Indeed, in response to a question from both papers about this practice Western Union points to Treasury programs.

 A spokeswoman for one large company that handles money transfers abroad, Western Union, did not directly address a question about whether it had been ordered to turn over records in bulk, but said that the company complies with legal requirements to provide information.

“We collect consumer information to comply with the Bank Secrecy Act and other laws,” said the spokeswoman, Luella Chavez D’Angelo. “In doing so, we also protect our consumers’ privacy.”

And at WSJ a consultant to the industry points even more firmly towards Treasury.

Money-transfer companies are “highly, highly aware of their obligations under the Patriot Act,” said Robert Pargac, a director in global investigations and compliance at Navigant Consulting Inc. who has worked at several such companies. Western Union said last month it would be spending about 4% of its revenue in 2014 on compliance with rules under the Patriot Act, the Treasury Department’s Office of Foreign Assets Control and other anti-money-laundering and terrorist-financing requirements.

We know that, at least until 2008, the FBI maintained that it could share materials that came in through Section 215 with any agency so long as that agency asserted it had a need for the information, and there’s little reason to believe the FBI has changed that policy. So I would assume at least Treasury and NCTC gets this data as well. It may be all this story indicates is that — as they do with much Section 702 data — CIA gets its own access to the data. That’s a minimization story, not a collection story, because we’ve known this data was collected (as WSJ points out).

Then there’s the evidence both papers point to to show that this is a Section 215 program. Continue reading

What Are NSA’s Standards for Surveilling Transnational Crime Organizations?

Yesterday, the Italian magazine Panorama claimed that the NSA had wiretapped the Vatican.

I have some questions about the veracity of the report. NSA has denied it more vigorously than other allegations of tapping world leaders. Panorama is not known to have access to the Edward Snowden documents. One key claim — that the current Pope, Jorge Mario Bergoglio, has been surveilled since 2005 — was actually sourced to WikiLeaks in the story (In addition to cables on Argentine politics, Bergoglio shows up in a 2003 cable speculating on the possibility of a Latin American Pope).

All that said, I am intrigued by this claim.

Panorama said the recorded Vatican phone calls were catalogued by the NSA in four categories – leadership intentions, threats to the financial system, foreign policy objectives and human rights.

I did a quick review of WikiLeaks cables on the Vatican (remember, these are classified at no more than the Secret level, and therefore are not going to have any intercept information in them, and they of course stop at 2010). The human rights issues pertain to interfaith dialogue and the rights of Catholics in repressive countries, the Church’s role in anti-gay laws, and allegations of anti-Semitism (this cable, on the Church prioritizing unity and thereby endorsing Holocaust denial, is one of the few Secret ones). There are fewer that relate directly to the Church’s role in the financial system; though a good many cables with “financial” content relate to Syria or, especially, Lebanon, and include the Vatican because of its influence with Christian power brokers in the region (this cable, on Syrian money laundering, was forwarded to the Vatican mission for some reason).

But there two other reasons why the Vatican might be an NSA target based on those topics: its multi-decade cover-up of pedophilia (and the impact legal investigations and settlements might have around the world), and the Vatican’s role in money laundering. The recent disclosures of Vatican money laundering suggest Iraq, Iran, and Indonesia have used the bank, as well as the Italian mafia, but given its ties to Lebanon, I wouldn’t be surprised if it were also laundering money from that country, which is another close focus of the US’ own money laundering attention.

In other words, in addition to wiretapping the Vatican because it wields special influence in countries around the world (the leadership intentions and foreign policy objectives category), the US would have reason to surveil it because of what amount to Vatican actions that make it a Transnational Criminal Organization, completely apart from matters of faith.

That is, if NSA applied its apparent mandate to track TCOs indiscriminately.

But I bet you they don’t. While I am sure they track Latin American, African, and South Asian drug networks, I’m certain they track Russian mobsters who have ties to online crime, and I’m sure they are tracking and probably have an active role in the investigation of Yakuza’s ties to big Japanese banks (most of these are either named Treasury drug kingpin or TCO targets), I also believe if the NSA tracked transnational crime organizations generally, its efforts would be shut down tomorrow.

Imagine, for example, if in addition to using Title III wiretaps (though barely) and self-disclosure and evidence generated by other financial institutions in put-back suits, the NSA used its bulk collection to track JPMC’s international transfers to see whether any of it constituted “foreign intelligence,” and from that referred any evidence of a crime to the FBI? Imagine if the NSA were stealing all of JPMC’s transfer information, even outside its access to SWIFT, to see how JPMC laundered its world-destabilizing actions through multiple jurisdictions? And both JPMC and HSBC have a known history of material support for terrorism, which certainly ought to justify such spying (noting, of course, that I think JPMC did get spied on in conjunction with the Scary Iran Plot, which may have forced FinCEN to settle with it on other outstanding sanction violation issues).

They wouldn’t even need to track JPMC and other multinational banks in the name of transnational crime and terrorism; the Sovereign Wealth Funds of the world – both of volatile Middle Eastern countries, Asian targets, but even in Europe — have effectively become foreign policy entities. Do they track what Qatar and the Emirates do with their SWFs?

As I said, I doubt it. While I suspect as this scandal develops we’ll find more and more evidence that the NSA has spied on targets selected for their financial competition with the US and UK (we’ve already seen hints they collected intelligence on the Euro versus the dollar, Brazil’s competitive position vis as vis the US, for example), I also suspect if there were ever a hint that the NSA treated JPMC or HSBC like it did other TCO targets, it would get shut down in a matter of weeks.

Why Did NSA Raise Traffickers for a Story about Drone Killing Terrorists?

Screen shot 2013-10-17 at 10.53.24 AM

There was an odd statement from NSA in the middle of yesterday’s WaPo story describing how NSA facilitates CIA’s drone mission (click to embiggen).

The NSA is “focused on discovering and developing intelligence about valid foreign intelligence targets, such as terrorists, human traffickers and drug smugglers,” the agency said Wednesday in a statement. “Our activities are directed against valid foreign intelligence targets in response to requirements from U.S. leaders in order to protect the nation and its interests from threats such as terrorism and the proliferation of weapons of mass destruction.” [my emphasis]

While the NSA is finally admitting again their central cybersecurity focus, I believe this is the first time since the Snowden leak that NSA has suggested its “valid foreign intelligence targets” include “human traffickers and drug smugglers.”

It’s not surprising they are, mind you, especially given the Obama Administration’s focus on Transnational Criminal Organizations.

It’s just that the admission comes in a story about NSA’s contributions to drones for which the WaPo explained,

[T]he documents provide the most detailed account of the intricate collaboration between the CIA and the NSA in the drone campaign.

The Post is withholding many details about those missions, at the request of U.S. intelligence officials who cited potential damage to ongoing operations and national security.

It seems the only reason to raise the issue is if some of the materials on drones make it clear they’re being used — if not lethally — against entirely new kinds of targets: human traffickers and drug smugglers (though there have been a slew of stories that they were even used to hunt Chapo Guzman).

Ah well. It’s all moot now. OneKade alerts me that the reference has now been removed from the story.

Poof! All record the NSA and CIA used drones against drug traffickers gone!

In Wake of Revelations about Corruption and Coercion, OCC Wails about Bank Cybersecurity

Over 3 months ago, the Guardian revealed that the President reserved the right to declare “inherent right of self defense” to access private networks deemed part of our critical infrastructure in the name of cybersecurity.

2 weeks ago, the Guardian, ProPublica, and NYT reported that, to make it easier to spy on others, the NSA had “deliberately weakened the international encryption standards adopted by developers.”

Also 2 weeks ago, FP reported that “many corporate participants” in an NSA initiative to protect US critical infrastructure “say Alexander’s primary motive” in that initiative “has not been to share what the NSA knows about hackers. It’s to get intelligence from the companies.”

And just this week, Spiegel provided details of how NSA conducts Man-in-the-Middle attacks — hacks — on financial giants like VISA and SWIFT.

Yet none of those revelations prevented Comptroller of the Currency Thomas Curry to give a fairly breathtaking speech yesterday about financial cybersecurity.

In it, a member of the Executive Branch that has made everyone less security by corrupting encryption said,

The growing sophistication and frequency of cyberattacks is a cause for concern, not only because of the potential for disruption, but also because of the potential for destruction of the systems and information that support our banks. These risks, if unchecked, could threaten the reputation of our financial institutions as well as public confidence in the system.

A member of a regime that is routinely hacking financial entities said,

The global nature of the Internet means they can conduct their activity from almost anywhere, including in countries with regimes that, at worst, sponsor attacks and, at a minimum, act as criminal havens by turning a blind eye toward criminal behavior.

And a member of the government that has hacked key third party providers like SWIFT and cooperated with third party telecoms to just steal data said,

Banks not only operate their own networks, they also rely on third parties to support their systems and business activities. Some of these third parties have connections to other institutions and servicers. Each new relationship and connection provides potential access points to all of the connected networks and introduces different weaknesses into the system.

I recognize the cybersecurity threat to banks is real. I’d like to be protected against criminals trying to steal my money online and I endorse OCC including IT security among things bank inspectors review. I grant that Curry may well be operating in good faith when he says all these things. But when he talks about partnerships like this, he simply loses credibility.

Clearly, much of the responsibility for assessing cyber threats is housed in other agencies, from the Department of Homeland Security to the FBI to the National Security Agency. They are on the front lines, and they are the ones that are doing the most within government to identify, evaluate, and respond to threats in this area. However, we – the OCC, the FFIEC, and the other regulatory agencies individually – are working closely with them to strengthen the coordination and overall effectiveness of government’s approach to cybersecurity of critical infrastructure.

[snip]

But this is not a problem that can be addressed by one agency alone or by any one institution acting on its own. It is a threat that we can deal with only if we work together in a collegial and collaborative way for the good of our country.

The banks’ regulators may believe he is in a position to lecture about collegiality in the face of threats. But since the government is one of the biggest of those threats, it doesn’t strike me as all that convincing.

Emptywheel Twitterverse
bmaz @yvonnewingett Nope. As loathsome as Perry is, that indictment is legal rubbish.
18mreplyretweetfavorite
bmaz RT @Popehat: Man dies of gunshot wound to chest with his hands cuffed behind his back in police car. Coroner: that's a suicide. http://t.c…
48mreplyretweetfavorite
bmaz @ryanjreilly @mgsledge @WesleyLowery "Eyewitness testimony is unreliable" you know; this probably never really happened!
1hreplyretweetfavorite
bmaz @jayrosen_nyu Exactly.
1hreplyretweetfavorite
bmaz RT @jayrosen_nyu: @bmaz If you are going to introduce a new confusion you better be right, be clear about why you are doing it, and have im…
1hreplyretweetfavorite
bmaz @jayrosen_nyu Yes. Also, it is clearly coming straight out of the PD, whether direct or laundered. Just say so and explain clearly.
1hreplyretweetfavorite
bmaz @jayrosen_nyu Yep. And I have great respect for @Sulliview for laying that out. She is a treasure.
2hreplyretweetfavorite
bmaz @pmocek @PogoWasRight I don't think it will be a universal panacea, but, overall, think it would be a good thing.
2hreplyretweetfavorite
JimWhiteGNV My sister sent me pecans from her yard a few months ago. Finally putting my grandfather's cracker to use. http://t.co/lv6xibYVJx
2hreplyretweetfavorite
bmaz @pmocek Exactly. Or anytime cops report things.
2hreplyretweetfavorite
bmaz @mike_stark ...story, as they seem to here, it is pretty credible evidence. At least in my book anyway.
2hreplyretweetfavorite
bmaz @mike_stark Well, it is what it is, people see things differently. But when several independent eyewitnesses report pretty much the same...
2hreplyretweetfavorite
August 2014
S M T W T F S
« Jul    
 12
3456789
10111213141516
17181920212223
24252627282930
31