PATRIOT

The October 30, 2009 Statement of Authorities: The EFF Document Fight Could Get Very Interesting

If the Chief FISC Judge accuses the government of material misrepresentations but no one but a dirty fucking hippie blogger reports it, did it happen?

On Friday, I reported on Judge Reggie Walton’s cranky opinion asking for an explanation about why the government didn’t tell him EFF believed they had a protection order in cases relevant to the dragnets. And while it overstates the resounding silence to say that only your esteemed DFH host reported it — TechDirt had a good reportsome of the other reporting on it thus far seems to have missed the whole material misrepresentation judgement in Walton’s order.

But I think it’s not yet clear — to anyone — how interesting this document fight could get.

Just as one example of why (I’ll develop some of the others over the next couple of days, I hope), consider the October 30, 2009 statement of authorities.

Earlier this month, I noted that EFF had submitted a list of filings that the government had not released in spite of what they believed to be Judge Jeffrey White’s order to declassify everything.

  • April 9, 2007 notices indicating FISC Judge rejected early bulk orders
  • October 25, 2007 government challenge to motion to protect evidence, with ex parte NSA official declaration submitted in Shubert
  • April 3, 2009 supplemental memorandum in Jewel
  • October 30, 2009 supplemental memorandum on points of authority in Shubert
  • November 2012

In last Wednesday’s hearing, the government claimed they didn’t have to release these because they engaged in a colloquy limiting White’s orders to the state secrets declarations. And for the moment, I’ll take that as accurate.

But since then, the government has released one of these — the October 25, 2007 challenge to the protection motion — as part of their filing on Monday fighting a protection order in EFF’s phone dragnet suit. And that document was pretty stunning. Not only did it show the government had redefined the Multidistrict Litigation suits so as to exclude any of the FISA-authorized metadata dragnets that EFF of course had no way of knowing about yet. But in the filing, the government revealed that because of this filing and in defiance of Vaughn Walker’s November 2007 protection order, it has been destroying the metadata dragnet data in the interim.

In other words, the government is withholding these filings because they’re fairly damning.

Which got me thinking about the timing and significance of the October 30, 2009 supplemental memorandum on points of authority supporting a motion to dismiss the Shubert suit based on sovereign immunity and state secrets.

At one level, the memorandum is not all that suspicious. As you can see above, the government filed what is presumably roughly the same filing at the analogous time in Jewel, just as it was making its state secrets bid.

But I find the timing of the October 30 filings in Shubert to be of particular interest. That’s because a 2011 NSA training program seems to indicate that the Internet dragnet shut down at almost precisely that time, as it indicates that Internet dragnet data collected prior to November 2009 requires some sort of special treatment.

In addition, in the source information at the end of the line, the SIGAD [redacted] BR data can be recognized by SIGADs beginning with [redacted] For PR/TT, data collected after October 2010 is found [redacted] For a comprehensive listing of all the BR and PR/TT SIGADs as well as information on PR/TT data collected prior to November of 2009, contact your organization’s management or subject matter expert.

Remember, Shubert was suing for illegal wiretapping. And while Judge John Bates did not fully assess what NSA was doing — which appears to be collecting data that counts as content in the guise of collecting metadata — until the following year (some time between July and October 2010), when he did so, he implied the government had to comply with the laws in which they were claiming, in 2009, they had sovereign immunity. And the government had to know by that point they had serious legal problems with the Internet dragnet.

Indeed, the government kept asking for extensions leading up to this filing — at the time they claimed it was because of DOJ’s whats-old-is-new state secrets policy. Altogether they got an extra 22 days to file this filing (which should have been substantially similar to the ones they filed in April). They were almost certainly having still-undisclosed problems with the phone dragnet (probably relating to dissemination of data), as the October 30, 2009 phone dragnet orders is one of the ones the government has withheld even though it is obviously responsive to ACLU and EFF’s FOIA. But the discussions on the Internet dragnet must have been even more contentious, given that the FISC (probably either Reggie Walton or John Bates) refused to reauthorize it. (Note, October 30, 2009 was a Friday, so if FISC formally didn’t approve the Internet dragnet in October 2009, it would have been that day).

And the thing is, from Keith Alexander’s state secrets declaration, submitted perhaps hours and almost certainly no more than a month before the Internet dragnet got shut down because it was illegally collecting metadata that was legally content, it’s not at all clear that the government fully disclosed details they knew about those legal problems with the dragnet. Look closely at ¶¶ 27 and 28, ¶¶48-56, ¶¶58-62 with footnotes.

The phone dragnet description hides the problems with ongoing dissemination problems (which the Administration hid from Congress, as well). It also makes no mention that the phone dragnet had US persons on an alert list without reviewing those selectors for First Amendment review, something that should be central to the suits against NSA (see in particular ¶60). And while there are redacted sentences and footnotes — 13 and 24 — which could include notice that the government was (and had been, since the inception of the FISC-authorized Internet dragnet) collecting metadata that counted as content, those are all very brief descriptions. Moreover, the unredacted descriptions clearly claim that the Internet dragnet program collects no content, which legally it almost certainly did. Moreover, note that the references to the Internet dragnet speak of it in the present tense: “Pursuant to the FISA Pen Register, …. NSA is authorized to collect in bulk.”But there doesn’t seem to be the parallel structure in ¶28 where you’d expect the government to confess that the program was imminently shutting down because it was illegally collecting Internet content.

Note, too, how the declaration refers to the reauthorizations. ¶59 describes the phone dragnet authority “continuing until October 30, 2009″ and ¶58 describes the Internet dragnet “requires continued assistance by the providers through [redacted] 2009. They appear not to have known for sure whether the programs would be reauthorized that night! But they appear not to have explained why not.

Perhaps the most pregnant paragraph is ¶62, which in context appears to relate only to the phone dragnet, though I suspect the government would point to to claim their description of violations was not comprehensive:

NSA is committed to working with the FISC on this and other compliance issues to ensure that this vital intelligence tool works appropriately and effectively. For purposes of this litigation, and the privilege assertions now made by the DNI and by the NSA, the intelligence sources and methods described herein remain highly classified and the disclosure that [redacted] would compromise vital NSA sources and methods and result in exceptionally grave harm to national security.

By any measure, Alexander’s declaration falls short of what the government already knew at that time, demonstrably so in the case of the phone dragnet. He hid details — significantly, the watchlist of Americans that violated statute, and almost certainly that the NSA was collecting content in the name of metadata — that were material to the suits at hand.

Which brings me to the memo on authorities. Even as the government was hiding material violations of the statutes they were disclosing to Judge Walker, was it also making expansive Executive Authority claims it couldn’t (and still can’t) share with plaintiffs? Did the government, for example, make an Executive Authority claim that we have every reason to believe John Bates (especially) and Reggie Walton would rebut if they knew about it?

In any case, in addition to the watchlist data from those 3,000 US persons (which would have aged off last month otherwise), the last of the illegal Internet content-as-metadata data might be aged off as soon as April absent these stays.That data might well provide plaintiffs proof they were illegally wiretapped (note, the Internet dragnet was limited to certain switches, but Jewel was built around the Folsom Street switch which was almost certainly included in that). And that the government provided highly misleading descriptions to Vaughn Walker when bidding for a state secrets exemption.

And add in one more legal fight here: as I noted, DOJ is withholding the October 30, 2009 (as well as one later one from 2009) from both the ACLU and EFF (the EFF suit is before a different San Francisco judge). In addition, DOJ is refusing all push for expedited processing on FOIAs for the Internet dragnet filings.

Seeing how clearly manipulative their data release in these lawsuits is, it seems safe to suggest the government is also making FOIA decisions to prevent plaintiffs from obtaining information to really contest these suits. That shouldn’t surprise anyone. But I would hope it would piss off the judges.

Former NSA General Counsel Robert Deitz, Who Rubber-Stamped Illegal Wiretap Program, Says All Felonies Should Be Prosecuted

I’m watching a CUNY conference on sources and secrets, which currently has a panel including Bob Woodward, Jane Mayer, and former NSA General Counsel Robert Deitz.

When asked whether he could think of a leak that had been damaging, Deitz said the exposure of the illegal (he called it “special”) wiretap program had been damaging.

Then, in the context of prosecuting leaks, Deitz argued that all leaks should be prosecuted, because they involve a felony violation of an oath (that’s not always true, but I’ll just accept that Deitz believes all felonies should be prosecuted). He went on to say, “How is it you put a line around this felony and not prosecute it?”

According to the 2009 Draft NSA IG Report, Deitz, on September 20, 2001, suggested to Alberto Gonzales they should consider modifying FISA (which was then being modified as part of the PATRIOT Act); he appears to have gotten no answer. On October 5, 2001 — having asked but not been permitted to read the underlying OLC authorization for it (Addington read him a few lines over the phone), having not participated in the drafting of the Presidential Authorization for it, and having given it just one day of legal review — Deitz said a program violating the exclusivity provision of FISA was legal. On October 8, Deitz briefed the analysts who would carry out this illegal program.

Deitz’ subordinates provided the only oversight of the program at first. (Later in today’s program he claimed the line between domestic and foreign intelligence was rigorously maintained.) To his credit, Deitz ultimately fought to have the Inspector General read into the program after it had operated for some months.

This is a man who provided the legal fig leaf for a patently illegal program (though the IG Report provides no details of Deitz’ actions for the March to May 2004 timeframe, when the program was even more illegal). This is a man who showed awareness of the legally correct way to do this — include this expanded program in PATRIOT — but nevertheless accepted and participated in not doing so.

And he advocates prosecuting every felony.

Perhaps before he talks about prosecuting journalists and their sources, he should consider his own role in encouraging felonies?

The Government Has a Festering EO 12333 Problem In Jewel/First Unitarian

The government claims it does not have a protection order pertaining to the phone dragnet lawsuits because the suits with a protection order pertain only to presidentially-authorized programs.

The declaration made clear, in a number of places, that the plaintiffs challenged activities that occurred under presidential authorization, not under orders of the Foreign Intelligence Surveillance Court (FISC), and that the declaration was therefore limited to describing information collected pursuant to presidential authorization and the retention thereof.

Therefore, the government is challenging the EFF’s effort to get Judge Jeffrey White to reaffirm that the preservation orders in the Multidistrict Litigation and Jewel apply to the phone dragnet.

Fine. I think EFF can and should challenge that claim.

But let’s take the government at its word. Let’s consider what it would obliged to retain under the terms laid out.

The government agrees it was obliged, starting in 2007, to keep the content and metadata dragnets that were carried out exclusively on presidential authorization. Indeed, the declaration from 2007 they submitted describing the material they’ve preserved includes telephone metadata (on tapes) and the queries of metadata, including the identifiers used (see PDF 53). It also claimed it would keep the reports of metadata analysis.

That information is fundamentally at issue in First Unitarian Church, the EFF-litigated challenge to the phone dragnet. That’s true for three reasons.

First, the government makes a big deal of their claim, made in 2007, that the metadata dragnet databases were segregated from other programs. Whether or not that was a credible claim in 2007, we know it was false starting in early 2008, when “for the purposes of analytical efficiency,” a copy of that metadata was moved into the same database with the metadata from all the other programs, including both the Stellar Wind phone dragnet data, and the ongiong phone dragnet information collected under EO 12333.

And given the government’s promise to keep reports of metadata analysis, from that point until sometime several years later, it would be obliged to keep all phone dragnet analysis reports involving Americans. That’s because — as is made clear from this Memorandum of Understanding issued sometime after March 2, 2009 — the analysts had no way of identifying the source of the data they were analyzing. The MOU makes clear that analysts were performing queries on data including “SIGINT” (EO 12333 collected data), [redacted] — which is almost certainly Stellar Wind, BRFISA, and PR/TT. So to the extent that any metadata report didn’t have a clear time delimited way of identifying where the data came from, the NSA could not know whether a query report came from data collected solely pursuant to presidential authorization or FISC order. (The NSA changed this sometime during or before 2011, and now metadata all includes XML tags showing its source; though much of it is redundant and so may have been collected in more than one program, and analysts are coached to re-run queries to produce them under EO 12333 authority, if possible.)

Finally, the real problem for the NSA is that the data “alerted” illegally up until 2009 — including the 3,000 US persons watchlisted without undergoing the legally required First Amendment review — was done so precisely because when NSA merged its the phone dragnet data with the data collected under Presidential authorization — either under Stellar Wind or EO 12333 — it applied the rules applying to the presidentially-authorized data, not the FISC-authorized data. We know that the NSA broke the law up until about 5 years ago. We know the data from that period — the data that is under consideration for being aged off now — broke the law precisely because of the way the NSA mixed EO 12333 and FISC regulations and data.

The NSA’s declarations on document preservation — not to mention the declarations about the dragnets more generally — don’t talk about how the EO 12333 data gets dumped in with and mixed up with the FISC-authorized data. That’s NSA’s own fault (and if I were Judge White it would raise real questions for me about the candor of the declarants).

But since the government agreed to preserve the data collected pursuant to presidential authorization without modification (without, say, limiting it to the Stellar Wind data), that means they agreed to preserve the EO 12333 collected data and its poisonous fruit which would just be aging off now.

I will show in a follow-up post why that data should be utterly critical, specifically as it pertains to the First Unitarian Church suit.

But suffice it to say, for now, that the government’s claim that it is only obliged to retain the US person data collected pursuant to Presidential authorization doesn’t help it much, because it means it has promised to retain all the data on Americans collected under EO 12333 and queries derived from it.

The Clear Precedent for Carrie Cordero’s “Uncharted Territory” of Destruction of Evidence

Shane Harris has a report on the government’s odd behavior in regards to preserving the phone dragnet data in light of the suits challenging its legality.

It’s surprising on three counts. First, because he claims the legal back and forth has not previously been reported.

Now, that database will include phone records that are older than five years — not exactly the outcome that critics of the NSA program were hoping for. A dramatic series of legal maneuvers, which have not been previously reported, led the outcome.

It’s surprising not just because the “legal maneuvers” have in fact been reported before (though not the detail that James Cole got involved, though it’s not yet clear how his involvement affected the actual legal maneuvers rather than the internal DOJ communication issues). But also because Harris neglects to mention key details of those legal maneuvers — notably that EFF reminded DOJ, starting on February 26, that it had preservation orders that should affect the dragnet data, reminders which DOJ stalled and then ignored.

Harris’ piece is also surprising because of the implicit suggestion that NSA hasn’t been aging off data regularly, as it is supposed to be.

A U.S. official familiar with the legal process said the question about what to do with the phone records needn’t have been handled at practically the last minute. “The government was coming up on a five-year deadline to delete the data. Lawsuits were pending. The Justice Department could have approached the FISC months ago to resolve this,” the official said, referring to the Foreign Intelligence Surveillance Court.

There should be no “deadline” here — aside from the daily “deadline” that should automatically age off the five year old data. Now, the WSJ had previously reported that that’s not actually how age-off works.

As the NSA program currently works, the database holds about five years of data, according to officials and some declassified court opinions. About twice a year, any call record more than five years old is purged from the system, officials said.

But even assuming NSA only ages off data twice a year (in which case they should stop claiming they only “keep” data for 5 years because they already keep some of it for 5 1/2 years), most of these suits are well older than 6 months old, predating what might have been an August age-off, which means unless NSA already deviated from its normal pattern, it deleted data relevant to the suits.

By far the most surprising detail in Harris’ story, however, is this response from former DOJ National Security Division Counsel Carrie Cordero to the news that Deputy Attorney General James Cole has gotten involved. This is, Cordero claims, “uncharted territory.”

“This is all uncharted territory,” said Carrie Cordero, a former senior Justice Department official who recently served as the counsel to the head of the National Security Division. “Given the complexity and the novelty of this chain of events, it’s a good thing that the deputy attorney general is personally engaged, and it demonstrates the significant attention that they’re giving to it.”

To be more specific about Cordero’s work history, from 2007 to 2011, she was deeply involved in FISA-related issues, first at ODNI and then at DOJ’s NSD.

In 2009, I served as Counsel to the Assistant Attorney General for National Security at the Unit ed States Department of Justice, where I co – chaired an interagency group created by the Director of National Intelligence (DNI) to improve FISA processes. From 2007 – 2009, I served in a joint duty capacity as a Senior Associate General Counsel at the Office of the Director of National Intelligence, where I worked behind the scenes on matters relating to the legislative efforts that resulted in the FISA Amendments Act of 2008.

Given her position in the thick of FISA-related issues, one would think she was at least aware of the protection order Vaughn Walker issued on November 6, 2007 ordering the preservation of evidence, up to and including “tangible things,” in the multidistrict litigation issues pertaining to the dragnet.

[T]he court reminds all parties of their duty to preserve evidence that may be relevant to this action. The duty extends to documents, data and tangible things in the possession, custody and control of the parties to this action,

And Cordero presumably should be aware that Walker renewed the same order on November 13, 2009, extending it to cover the Jewel suit, which had an ongoing focus.

Cordero is presumably aware of two other details. First, there should be absolutely no dispute that the phone dragnet was covered by these suits. That’s because at least as early as May 25, 2007 (and again in a declaration submitted October 2009), Keith Alexander included the phone dragnet among the things he considered related to the EFF and other suits over which he claimed state secrets.

In particular, disclosure of the NSA’s ability to utilize the TSP (or, therefore, the current FISA Court-authorized content collection) in conjunction with contact chaining [redacted--probably relating to data mining] would severely undermine efforts to detect terrorist activities.

[snip]

To the extent that the NSA’s bulk collection and targeted analysis of communication meta data may be at issue in this case, those activities–as described in paragraphs 27 and 28 above–must also be protected from disclosure.

In paragraphs 27 and 28 and the following paragraphs, Alexander named the FISC Pen Register and Telephone Records Orders by name.

Thus, as far back as 2007, the NSA acknowledged that it used its content collection in conjunction with its metadata dragnets, including data obtained pursuant to the FISA dragnet orders.

Continue reading

In Nomination Hearing, DIRNSA Nominee Mike Rogers Continues James Clapper and Keith Alexander’s Obfuscation about Back Door Searches

Yesterday, the Senate Armed Services Committee held a hearing for Vice Admiral Mike Rogers to serve as head of Cyber Command (see this story from Spencer about how Rogers’ confirmation as Cyber Command chief serves as proxy for his role as Director of National Security Agency because the latter does not require Senate approval).

Many of the questions were about Cyber Command (which was, after all, the topic of the hearing), but a few Senators asked questions about the dragnet that affects us all.

In one of those exchanges — with Mark Udall — Rogers made it clear that he intends to continue to hide the answers to very basic questions about how NSA conducts warrantless surveillance of Americans, such as whether the NSA conducts back door searches on American people.

Udall: If I might, in looking ahead, I want to turn to the 702 program and ask a policy question about the authorities under Section 702 that’s written into the FISA Amendments Act. The Committee asked your understanding of the legal rationale for NASA [sic] to search through data acquired under Section 702 using US person identifiers without probable cause. You replied the NASA–the NSA’s court approved procedures only permit searches of this lawfully acquired data using US person identifiers for valid foreign intelligence purposes and under the oversight of the Justice Department and the DNI. The statute’s written to anticipate the incidental collection of Americans’ communications in the course of collecting the communications of foreigners reasonably believed to be located overseas. But the focus of that collection is clearly intended to be foreigners’ communications, not Americans. But declassified court documents show that in 2011 the NSA sought and obtained the authority to go through communications collected under Section 702 and conduct warrantless searches for the communications of specific Americans. Now, my question is simple. Have any of those searches been conducted?

Rogers: I apologize Sir, I’m not in a position to answer that as the nominee.

Udall: You–yes.

Rogers: But if you would like me to come back to you in the future if confirmed to be able to specifically address that question I will be glad to do so, Sir.

Udall: Let me follow up on that. You may recall that Director Clapper was asked this question in a hearing earlier this year and he didn’t believe that an open forum was the appropriate setting in which to discuss these issues. The problem that I have, Senator Wyden’s had, and others is that we’ve tried in various ways to get an unclassified answer — simple answer, yes or no — to the question. We want to have an answer because it relates — the answer does — to Americans’ privacy. Can you commit to answering the question before the Committee votes on your nomination?

Rogers: Sir, I believe that one of my challenges as the Director, if confirmed, is how do we engage the American people — and by extension their representatives — in a dialogue in which they have a level of comfort as to what we are doing and why. That is no insignificant challenge for those of us with an intelligence background, to be honest. But I believe that one of the takeaways from the situation over the last few months has been as an intelligence professional, as a senior intelligence leader, I have to be capable of communicating in a way that we are doing and why to the greatest extent possible. That perhaps the compromise is, if it comes to the how we do things, and the specifics, those are perhaps best addressed in classified sessions, but that one of my challenges is I have to be able to speak in broad terms in a way that most people can understand. And I look forward to that challenge.

Udall: I’m going to continue asking that question and I look forward to working with you to rebuild the confidence. [my emphasis]

The answer to the question Rogers refused to answer is clearly yes. We know that’s true because the answer is always yes when Wyden, and now Udall, ask such questions.

But we also know the answer is yes because declassified parts of last August’s Semiannual Section 702 Compliance Report state clearly that oversight teams have reviewed the use of this provision, which means there’s something to review.

As reported in the last semiannual assessment, NSA minimization procedures now permit NSA to query its databases containing telephony and non-upstream electronic communications using United States person identifiers in a manner designed to find foreign intelligence information. Similarly, CIA’s minimization procedures have been modified to make explicit that CIA may also query its databases using United States person identifiers to yield foreign intelligence information. As discussed above in the descriptions of the joint oversight team’s efforts at each agency, the joint oversight team conducts reviews of each agency’s use of its ability to query using United States person identifiers. To date, this review has not identified any incidents of noncompliance with respect to the use of United States person identifiers; as discussed in Section 4, the agencies’ internal oversight programs have, however, identified isolated instances in which Section 702 queries were inadvertently conducted using United States person identifiers. [my emphasis]

It even obliquely suggests there have been “inadvertent” violations, though this seems to entail back door searches on US person identifiers without realizing they were US person identifiers, not violations of the procedures for using back door searches on identifiers known to be US person identifiers.

Still, it is an unclassified fact that NSA uses these back door searches.

Yet the nominee to head the NSA refuses to answer a question on whether or not NSA uses these back door searches.

And it’s not just in response to this very basic question that Rogers channeled the dishonest approach of James Clapper and Keith Alexander.

As Udall alluded, at the end of a long series of questions about Cyber Command, the committee asked a series of questions about back door searches and other dragnet issues. They asked (see pages 42-43):

  • Whether NSA can conduct back door searches on data acquired under EO 12333 and if so under what legal rationale
  • Whether NSA can conduct back door searches on data acquired pursuant to traditional FISA and if so under what legal rationale
  • What the legal rationale is for back door searches on data acquired under FISA Amendments Act
  • What the legal rationale is for searches on the Section 215 query results in the “corporate store”

I believe every single one of Rogers’ answers — save perhaps the question on traditional FISA — involves some level of obfuscation. (See this post for further background on what NSA’s Raj De and ODNI’s Robert Litt have admitted about back door searches.)

Consider his answer on searches of the “corporate store” as one example.

What is your understanding of the legal rationale for searching through the “Corporate Store” of metadata acquired under section 215 using U.S. Persons identifiers for foreign intelligence purposes?

The section 215 program is specifically authorized by orders issued by the Foreign Intelligence Surveillance Court pursuant to relevant statutory requirements. (Note: the legality of the program has been reviewed and approved by more than a dozen FISC judges on over 35 occasions since 2006.) As further required by statute, the program is also governed by minimization procedures adopted by the Attorney General an d approved by the FISC. Those orders, and the accompanying minimization procedures, require that searches of data under the program may only be performed when there is a Reasonable Articulable Suspicion that the identifier to be queried is associated with a terrorist organization specified in the Court’s order.

Remember, not only do declassified Primary Orders make it clear NSA doesn’t need Reasonable Articulable Suspicion to search the corporate store, but PCLOB has explained the possible breadth of “corporate store” searches plainly.

According to the FISA court’s orders, records that have been moved into the corporate store may be searched by authorized personnel “for valid foreign intelligence purposes, without the requirement that those searches use only RAS-approved selection terms.”71 Analysts therefore can query the records in the corporate store with terms that are not reasonably suspected of association with terrorism. They also are permitted to analyze records in the corporate store through means other than individual contact-chaining queries that begin with a single selection term: because the records in the corporate store all stem from RAS-approved queries, the agency is allowed to apply other analytic methods and techniques to the query results.72 For instance, such calling records may be integrated with data acquired under other authorities for further analysis. The FISA court’s orders expressly state that the NSA may apply “the full range” of signals intelligence analytic tradecraft to the calling records that are responsive to a query, which includes every record in the corporate store.73

There is no debate over whether NSA can conduct back door searches in the “corporate store” because both FISC and PCLOB say they can.

Which is probably why SASC did not ask whether this was possible — it is an unclassified fact that it is — but rather what the legal rationale for doing so is.

And Rogers chose to answer this way:

  1. By asserting that the phone dragnet must comply with statutory requirements
  2. By repeating tired boilerplate about how many judges have approved this program (ignoring that almost all of these approvals came before FISC wrote its first legal opinion on the program)
  3. By pointing to AG-approved minimization procedures (note–it’s not actually clear that NSA’s — as distinct from FBI’s — dragnet specific procedures are AG-approved, though the more general USSID 18 ones are)
  4. By claiming FISA orders and minimization procedures “require that searches of data under the program may only be performed when there is a Reasonable Articulable Suspicion that the identifier to be queried is associated with a terrorist organization”

The last part of this answer is either downright ignorant (though I find that unlikely given how closely nominee responses get vetted) or plainly non-responsive. The question was not about queries of the dragnet itself — the “collection store” of all the data. The question was about the “corporate store” — the database of query results based off those RAS approved identifiers. And, as I said, there is no dispute that searches of the corporate store do not require RAS approval. In fact, the FISC orders Rogers points to say as much explicitly.

And yet the man Obama has picked to replace Keith Alexander, who has so badly discredited the Agency with his parade of lies, refused to answer that question directly. Much less explain the legal rationale used to conduct RAS-free searches on phone query results showing 3rd degree connections to someone who might have ties to terrorist groups, which is what the question was.

Which, I suppose, tells us all we need to know about whether anyone plans to improve the credibility or transparency of the NSA.

Keith Alexander’s One Step Solution

Keith Alexander is testifying before the Senate Armed Services Committee, ostensibly about CyberCommand.

He has gotten a number of questions about the solutions they’ve offered the President to resolve the phone dragnet issue. He responded it would be possible to keep the data with the telecoms.

Then, in response to a Cyber question, Alexander said the problem is that the NSA can’t share classified information about malicious code with industry, because if it does so in a non-classified setting, attackers will learn how NSA obtained the information. (There’s a lot that’s problematic with that claim, but just ignore all that for now.)

So we need legislation that allows NSA to share classified information back and forth with industry.

He then returned to the phone dragnet. He suggested that the industry retention solution would require legislation allowing NSA to share terrorist identifiers with industry. (Note, this premise is absolutely absurd, as DEA apparently has no problem with sharing drug target identifiers with AT&T in the Hemisphere program in an explicitly unclassified program.)

Finally, he said this legislation — allowing the NSA to share classified identifiers with industry — would serve as the precedent for the Cyber legislation he has long sought but not obtained legislatively.

In other words, on his way out the door, Keith Alexander is now sacrificing his beloved phone dragnet to get cyber legislation in the guise of something else.

NSA’s Newfound Concern about Defendants’ Rights under FISA

As WSJ reported it was going to do, NSA has requested that the FISA Court permit it to retain call data beyond the 5 year age-off date because of all the lawsuits it faces.

[T]he Government requests that Section (3)E of the Court’s Primary Order be amended to authorize the preservation and/or storage of certain call detail records or “telephony metadata” (hereinafter “BR metadata”) beyond five years (60 months) after its initial collection under strict conditions and for the limited purpose of allowing the Government to comply with its preservation obligations, described below, arising as a result of the filing of several civil lawsuits challenging the legality of the National Security Agency (NSA) Section 215 bulk telephony metadata collection program.

It provides this introduction to a list of the suits in question.

The following matters, currently pending either before a United States District Court, or United States Court of Appeals, are among those in which a challenge to the lawfulness of the Section 215 program have been raised:

And lists:

  • ACLU v. Clapper
  • Klayman v. Obama
  • Smith v. Obama, an Idaho case
  • First Unitarian Church of LA, the EFF related case
  • Paul v. Obama
  • Perez v. Clapper, a Bivens suit out of West Texas I hadn’t known about before

It goes on to say,

The duty to preserve typically arises from the common-law duty to avoid spoilation of relevant evidence for use at trial;

[snip]

A party may be exposed to a range of sanctions not only for violating a preservation order,3 but also for failing to produce relevant evidence when ordered to do so because it destroyed information that it had a duty to preserve.

3 To date, no District Court or Court of Appeals has entered a specific preservation order in any of the civil lawsuits referenced in paragraph 4 but a party’s duty to preserve arises apart from any specific court order.

[snip]

When preservation of information is required, the duty to preserve supersedes statutory or regulatory requirements or records-management policies that would otherwise result in the destruction of the information.

[snip]

Based upon the claims raised and the relief sought, a more limited retention of the BR metadata is not possible as there is no way for the Government to know in advance and then segregate and retain only that BR metadata specifically relevant to the identified lawsuits.

[snip]

Congress did not intend FISA or the minimization procedures adopted pursuant to section 1801(h) to abrogate the rights afforded to defendants in criminal proceedings.4 For example, in discussing section 1806, Congress stated,

[a]t the outset, the committee recognizes that nothing in these subsections abrogates the rights afforded a criminal defendant under Brady v. Maryland, and the Jencks Act. These legal principles inhere in any such proceeding and are wholly consistent with the procedures detailed here.

[snip]

Although the legislative history discussed above focuses on the use of evidence against a person in criminal proceedings, the Government respectfully submits that the preservation of evidence in civil proceedings is likewise consistent with FISA.

4 By extension, this should also apply to section 1861(g) which, with respect to retention is entirely consistent with section 1801(h).

Now, if you’re not already peeing your pants in laughter, consider the following.

First, as EFF’s Cindy Cohn pointed out to the WSJ, Judge Vaughn Walker issued a retention order in EFF’s 2008 suit against the dragnet.

Ms. Cohn also questioned why the government was only now considering this move, even though the EFF filed a lawsuit over NSA data collection in 2008.

In that case, a judge ordered evidence preserved related to claims brought by AT&T customers. What the government is considering now is far broader.

So, at least in her interpretation, it should already be retaining it.

Then, consider DOJ’s very serious citation of Congress’ intention that FISA not impair any defendant’s criminal rights. It basically says that that principle, laid out during debates about traditional FISA in 1978, should apply to other parts of FISA like the phone dragnet.

Of course, it was only 24 hours ago when DOJ was last caught violating that principle in Section 702, abrogating a defendant’s right to know where the evidence against him came from. And there are a whole slew of criminal defendants — most now imprisoned — whose 702 notice DOJ is still sitting on, whose rights DOJ felt perfectly entitled to similarly abrogate (we know this because back in June FBI was bragging about how many of them there were). So I am … surprised to hear DOJ suggest it gives a goddamn about criminal defendants’ rights, because for at least the last 7 years it has been shirking precisely that duty as it pertains to FISA.

Also, did you notice what pending case pertaining to the legality of the phone dragnet DOJ didn’t mention? Basaaly Moalin’s appeal of his conviction based off evidence collected pursuant to Section 215. What do you want to bet that NSA hasn’t retained the original phone records that busted him, which would have aged off NSA’s servers back in October 2012, well before DOJ told Moalin it had used Section 215 to nab him. That’s relevant because, according to recent reporting, NSA should not have been able to find Moalin’s call records given claims about limits on collection; if they did, they probably only did because AT&T was turning over other providers phone records. Moreover, we know that NSA was in violation of the dragnet minimization requirements in a slew of different ways at the time. Notably, that includes queries using selectors that had not been RAS-approved, as required, and dissemination using EO 12333′s weaker dissemination rules. Now that we know of these problems, a court might need that original data to determine whether the search that netted Moalin was proper (I presume NSA has the original query results and finished intelligence reports on it, but it’s not clear that would explain precisely how NSA obtained that data). Significantly, it was not until after 2009 that NSA even marked incoming data to show where it had been obtained.

So show us (or rather, Moalin’s lawyers) the data, NSA.

Ah well. If nothing else, this laughable motion should prove useful for defendants challenging their conviction because DOJ abrogated their rights!

In Sworn Declaration about Dragnet, NSA Changes Its Tune about Scope of “This Program”

I’ve been tracking the sudden effort on the part of NSA to minimize how much of the call data in the US it collects (under “this program,” Section 215).

That effort has, unsurprisingly, carried over to its sworn declarations in lawsuits.

Along with the response in the First Unitarian Church of Los Angeles v. NSA suit the government filed last Friday (this is the EFF-backed suit that challenges the phone dragnet on Freedom of Association as well as other grounds), NSA’s Signals Intelligence Director Theresa Shea submitted a new declaration about the scope of the program.

Ostensibly, Shea’s declaration serves to explain the “new” “changes” Obama announced last month, which the FISA Court approved on February 4. As I have noted, in one case the “change” simply formalized NSA”s existing practice and in the other it’s probably not a big change either.

In addition to her explanation of those “changes,” Shea included this language about the scope of the dragnet.

Although there has been speculation that the NSA, under this program, acquires metadata relating to all telephone calls to, from, or within the United States, that is not the case. The Government has acknowledged that the program is broad in scope and involves the collection and aggregation of a large volume of data from multiple telecommunications service providers, but as the FISC observed in a decision last year, it has never captured information on all (or virtually all) calls made and/or received in the U.S. See In re Application of the FBI for an Order Requiring the Production of Tangible Things from [Redacted], Dkt. No. BR13-109 Amended Mem. Op. at 4 n.5 (F.I.S.C. Aug. 29, 2013) (publicly released, unclassified version) (“The production of all call detail records of all persons in the States has never occurred under under this program.“) And while the Government has also acknowledged that one provider was the recipient of a now-expired April 23, 2013, Secondary Order from the FISC (Exhibit B to my earlier declaration), the identities of the carriers participating in the program (either now, or at any time in the past) otherwise remain classified. [my emphasis]

Shea appears to be presenting as partial a picture of the dragnet as she did in her prior declaration, where she used expansive language that — if you looked closely — actually referred to the entire dragnet, not just the Section 215 part of it.

Here, she’s selectively citing the declassified August 29, 2013 version of Claire Eagan’s July 19, 2013 opinion. The latter date is significant, given that the day the government submitted the application tied to that order, NSA General Counsel Raj De made it clear there were 3 providers in the program (see after 18:00 in the third video). These are understood to be AT&T, Sprint, and Verizon.

Shea selectively focuses on language that describes some limits on the dragnet. She could also note that Eagan’s opinion quoted language suggesting the dragnet (at least in 2011) collected “substantially all” of the phone records from the providers in question, but she doesn’t, perhaps because it would present problems for her “virtually all” claim.

Moreover, Shea’s reference to “production of all call detail records” appears to have a different meaning than she suggests it has when read in context. Here’s what the actual language of the opinion says.

Specifically, the government requested Orders from this Court to obtain certain business records of specified telephone service providers. Those telephone company business records consist of a very large volume of each company’s call detail records or telephony metadata, but expressly exclude the contents of any communication; the name, address, or financial information of any subscriber or customer; or any cell site location information (CSLI). Primary Ord. at 3 n.l.5

5 In the event that the government seeks the production of CSLI as part of the bulk production of call detail records in the future, the government would be required to provide notice and briefing to this Court pursuant to FISC Rule 11. The production of all call detail records of all persons in the United States has never occurred under this program. For example, the government [redacted][my emphasis]

In context, the reference discusses not just whether the records of all the calls from all US telecom providers (AT&T, Sprint, and Verizon, which participated in this program on the date Eagan wrote the opinion, but also T-Mobile and Cricket, plus VOIP providers like Microsoft, owner of Skype, which did not) are turned over, but also whether each provider that does participate (AT&T, Sprint, and Verizon) turns over all the records on each call. The passage makes clear they don’t do the latter; AT&T, Sprint, and Verizon don’t turn over financial data, name, or cell location, for example! And since we know that at the time Eagan wrote this opinion, there were just those 3 providers participating, clearly the records of providers that didn’t use the backbone of those 3 providers or, in the case of Skype, would be inaccessible, would be missed. So not all call detail records from the providers that do provide records, nor records covering all the people in the US. But still a “very large volume” from AT&T, Sprint, and Verizon, the providers that happen to be covered by the suit.

And in this declaration, instead of using the number De used last July, Shea instead refers to “multiple telecommunications service providers,” which could be 50, 4, 3, or 2, or anywhere in between. Particularly given her “either now, or at any time in the past” language, this suggests the number of providers participating may have changed since July.

Which brings me to the two other implicit caveats in her statement.

First, she suggests (ignoring the time ODNI revealed Verizon’s name a second time) that the only thing we can be sure of is that Verizon provided all its domestic data for the 3 months following April 23, 2013.

Actually, we can be fairly sure that at least until January 3, Verizon still participated. That’s because the Primary Order approved on that date still includes a paragraph that — thanks to ODNI’s earlier redaction fail — we know was written to ensure that Verizon didn’t start handing over its foreign call records along with its domestic ones.

Screen Shot 2014-02-25 at 9.33.00 AM

Though curiously, the way in which DOJ implemented the Obama-directed changes — the ones that Shea’s declaration supposedly serves to explain — involved providing substitute language affecting a huge section of the Primary Order, without providing a new Primary Order itself. So we don’t know whether ¶1(B) — what I think of as the Verizon paragraph — still exists, or even whether it still existed on February 4, when Reggie Walton approved the change.

Which is particularly interesting given that Shea’s declaration just happened to be submitted on the date, February 21, when a significant change in Verizon’s structure may have affected how NSA gets its data. (That date was set in December by a joint scheduling change.)

One way or another, Shea’s claim that the dragnet doesn’t collect all or even virtually all phone records is very time delimited, certainly allowing the possibility that the scope of the dragnet has changed since the plaintiffs filed this suit on July 16, 3 days before Eagan explicitly excluded cell location data from the dragnet collection, which is the reason NSA’s leak recipients now give for limits on the scope of the program.

The claim is also — as claims about the Section 215 always are — very program delimited. In her statement claiming limits on how much data the NSA collects, Shea makes 2 references to “this program” and quotes Eagan making a third. She’s not saying the NSA doesn’t collect all the phone data in the US (I don’t think they quite do that either, but I think they collect more US phone data than they collect under this program). She’s saying only that it doesn’t collect “virtually all” the phone data in the US “under this program.”

Given her previously expansive declaration (which implicitly included all the other dragnet collection methods), I take this declaration as a rather interesting indicator of the limits to the claims about limits to the dragnet.

Obviously Bogus Clapper Exoneration Attempt 5.0 Doesn’t Exactly Line Up with OBCEA 4.0

Office of Director of National Intelligence General Counsel Robert Litt, 45 days ago:

Senator Ron Wyden asked about collection of information on Americans during a lengthy and wide-ranging hearing on an entirely different subject. While his staff provided the question the day before, Mr. Clapper had not seen it. As a result, as Mr. Clapper has explained, he was surprised by the question and focused his mind on the collection of the content of Americans’ communications. In that context, his answer was and is accurate.

When we pointed out Mr. Clapper’s mistake to him, he was surprised and distressed. I spoke with a staffer for Senator Wyden several days later and told him that although Mr. Clapper recognized that his testimony was inaccurate, it could not be corrected publicly because the program involved was classified.

This incident shows the difficulty of discussing classified information in an unclassified setting and the danger of inferring a person’s state of mind from extemporaneous answers given under pressure.

Director of National Intelligence James Clapper, today:

But Clapper told The Daily Beast that he simply misunderstood Wyden’s question. At the time of the hearing last March, Congress had just finished consideration of a bill to renew the Foreign Intelligence Surveillance Act (FISA). Section 702 of that legislation gives the National Security Agency the authority to collect the electronic communications of non-U.S. persons. In his question, Wyden asked initially if the United States had collected “dossiers” on American citizens and referred to an answer to this question by then NSA director, Keith Alexander.

“I was not even thinking of what he was asking about, which is of course we now all know as section 215 of the Patriot Act governing the acquisition and storage of telephony business records metadata,” Clapper said. “Wasn’t even thinking of that.” The director of national intelligence said he thought Wyden’s question was actually about section 702 of FISA.

“The allegation about my lying and committing perjury I think are disproven by my labored amplification when I said, ‘if there is, it’s inadvertent collection,’ meaning when we’re collecting overseas under section 702, and if we inadvertently collect which we may not know at the time, U.S. persons data, that’s what I meant by inadvertent. That comment would make absolutely no sense whatsoever in the context of section 215.”

At the time of the Mitchell interview, the U.S. government was still in the process of declassifying elements of the FISA 702 program. “There is only one person on the planet who actually knows what I was thinking,” Clapper said of his testimony from last March. “Not the media, and not certain members of Congress, only I know what I was thinking.”

If only one person knows what he was thinking, then how was Robert Litt in any position to tell us Clapper was “surprised”?

And has Clapper decided he wasn’t “surprised” (perhaps because he had been briefed, not to mention had received months and months of letters, about the question), but instead simply “misunderstood” the intent of a question he had received months of letters about?

Emptywheel Twitterverse
bmaz Hateful Eight looked killer; great writeup from Kim RT @SunsetGunShot Thoughts on The Hateful Eight live read http://t.co/JnaJqVs559
19mreplyretweetfavorite
bmaz @laRosalind The red is the best color on the Tesla. Would look even better on the Jaguar Musk STOLE his body design from.
32mreplyretweetfavorite
bmaz @BradMossEsq @SpyTalker At any rate, this is minuscule in relative scope, but helpful in showing there can be a deal cut.
36mreplyretweetfavorite
bmaz @BradMossEsq @SpyTalker Whether it is successful, or to what extent, who knows. But it is usable infer and precedent for fashioning the arg.
46mreplyretweetfavorite
bmaz @BradMossEsq @SpyTalker Irrespective, you get there by making arguments; I could sure fashion this and other cases into one.
47mreplyretweetfavorite
bmaz @SpyTalker That is a completely different criminal jurisdiction. Also, a defense atty has to try everything he can. I'd find this useful.
48mreplyretweetfavorite
bmaz @SpyTalker Is it a "winning" argument, no of course not; is it useful for mitigation, absolutely.
54mreplyretweetfavorite
bmaz @SpyTalker What displays is govt can move downward on such charges, there IS precedent; and there are many other instances too.
55mreplyretweetfavorite
bmaz @SpyTalker They are not in scope. But if you look at general overview, both involve removal of class info, both charge espionage etc.
57mreplyretweetfavorite
bmaz @SpyTalker also, stop calling me Shirley!
1hreplyretweetfavorite
bmaz @SpyTalker Mostly, yes. But it fits into an overall defense theme I've had in mind for a while as far as plea and sentencing.
1hreplyretweetfavorite
bmaz RT @MikeScarcella: Then: Six felony counts (three under Espionage Act). Now: One misdemeanor http://t.co/G2oKpbHl2h New charging doc: http:…
1hreplyretweetfavorite
April 2014
S M T W T F S
« Mar    
 12345
6789101112
13141516171819
20212223242526
27282930