1 2 3 90

We Were Calling Out the Pakistanis on a Lot of Secrets in Early 2011

One of my favorite ironies from the Greg Miller story on the Mullah Omar death — which doesn’t really try to explain why we’re just learning about a death that all sides likely knew about years ago — is that Mullah Omar, not Osama bin Laden, got hospitalized with kidney problems.

Omar was said to be afflicted with illnesses ranging from kidney failure to meningitis.

But I’m most interested in the timing of our confrontation of Pakistan that they were harboring in the kidney ward: early 2011, or around the same time we were planning our raid on Osama bin Laden (according to some accounts, with the involvement of top Pakistani officials).

In early 2011, then-CIA Director Leon Panetta confronted the president of Pakistan with a disturbing piece of intelligence. The spy agency had learned that Mohammad Omar, the Taliban leader who had become one of the world’s most wanted fugitives after the Sept. 11, 2001, attacks, was being treated at a hospital in southern Pakistan.

The American spy chief even identified the facility — the Aga Khan University Hospital in Karachi — and said the CIA had “some raw intelligence on this” that would soon be shared with its Pakistani counterpart, according to diplomatic files that summarize the exchange.

I just find it odd that, given the Raymond Davis confrontation and our plans — covert or not — to take out Osama bin Laden, we also had this confrontation.

My guess is one day we’ll learn that all these confrontations were of a piece, and that we’ve long known who was and wasn’t alive (including Ayman al-Zawahiri), but that the powers that be had reason to pretend these people weren’t corpses yet.

Until such time as the next terrorist narrative starts and you have to end the previous one.

Heck. This story might even be coming out as the counter-Osama bin Laden narratives did: to pressure the US about the corrupt deals they’ve long been living under.

Our Definitions of National Security Crimes Are Fucked

I realized something the other day.

For the purposes of hacking, a theater (or at least any mall it was attached to) might count as critical infrastructure that would deem it a National Security target, just as Sony Pictures was deemed critical infrastructure for sanction and retaliation purposes after it got hacked.

But if a mentally ill misogynist with a public track record of supporting right wing hate shoots up a movie showing, it would not be considered a national security target. Given his death, DOJ won’t be faced with the challenge of naming John Russell Houser’s crime, but they would have even less ability to punish Houser for his motivation and ties to other haters than they had with Dylann Roof.

DOJ had no such problem with Joseph Buddenberg and Nicole Kissane, who got charged with terrorism (under the Animal Enterprise Terrorism Act) yesterday because they freed some minks. And a bobcat.

So shooting African Americans worshipping in church is not terrorism, but freeing a bobcat is.

Meanwhile, most of the 204 mass shootings — averaging one a day — that happened this year have passed unremarked.

I laid out some of the problems with the disparity between Muslim terrorism and white supremacist terrorism (to say nothing of bobcat-freeing “terrorism”) the other day.

“This should in no way signify that this particular murder or any federal crime is of any lesser significance.” [than terrorism, Loretta Lynch claimed while announcing the Hate Crime charges against Roof

Except it is, by all appearances.

When asked, Lynch refused to comment on how DOJ is allocating resources, but reporting on the increase in terrorism analysts since 9/11 suggests the FBI has dedicated large amounts of new resources to fighting Islamic terrorism, domestically and abroad. In addition, there are a number of spying tools that are tied solely to international terrorism — but DOJ has managed to define, in secret, domestic terrorism espoused by Muslims in the U.S. as international terrorism. That means FBI has far more tools to dedicate to finding tweets posted by Muslims, and fewer to find the manifesto Roof wrote speaking of having ”the bravery to take it to the real world” against blacks and even Jews.

Perhaps most importantly, because of vastly expanded post-9/11 information sharing, local law enforcement offices have been deputized in the hunt for Muslim terrorists, receiving intelligence obtained through those additional spying tools and sharing tips back up with the FBI. By contrast, as one after another confrontation makes clear — most recently the video of a white Texas trooper escalating a traffic stop with African American woman Sandra Bland that ultimately ended in her death, purportedly by suicide — too many white local cops tend to prey on African Americans themselves rather than  the police who target African Americans for their race.


Finally, the FBI has an incentive to call Roof’s attack something different, as it makes a big deal of its success in preventing “terrorist” attacks. If the Charleston attack was terrorism, it means FBI missed a terrorist plotting while tracking a bunch of Muslims who might not have acted without FBI incitement. That would be all the worse as the FBI might have stopped Roof during the background check conducted before he bought the murder weapon, if not for some confusion on a prior charge.


I’m certainly not saying we should expand the already over-broad domestic dragnet to include white supremacists espousing ugly speech (but neither should hateful speech from Muslims be sufficient for a material support for terrorism charge, as it currently is). Yet as one after another white cop kills or leads to the death of unarmed African Americans, we have to ensure that we call like crimes by like names to emphasize the importance of protecting all Americans. DOJ under Eric Holder was superb at policing civil rights violations, and there’s no reason to believe that will change under DOJ’s second African American Attorney General, Loretta Lynch.

But hate crimes brought with the assistance of DOJ’s Civil Rights division (as these were) are not the same as terrorist crimes brought by national security prosecutors, nor are they as easy to prosecute. If our nation can’t keep African Americans worshipping in church safe, than we’re not delivering national security.

But I’d add to that. If we’re discussing mass killings with guns (remember, earlier this year Richard Burr tried to include commission of a violent crime while in possession of a gun among the definitions of terrorism) then it suggests far different solutions than just calling terrorism terrorism.

What if we focused all our energy on interceding before crazy men — of all sorts — shoot up public spaces rather than just one select group?

What if our definitions of national security started with a measure of impact rather than a picture of global threat?

John Carlin Complains that ISIL Is Targeting Same Youth FBI Long Has Been

I’m reviewing some of the videos from the Aspen Security Forum. This one features DOJ Assistant Attorney General for National Security John Carlin and CIA General Counsel Caroline Krass.

I’m including it here so you can review Carlin’s complaints in the first part of the video. He explains to Ken Dilanian that ISIL’s recruiting strategy is different from Al Qaeda’s in that they recruit the young and mentally ill. He calls them children, repeatedly, but points to just one that involved a minor. 80% are 40 and under, 40% are 21 and under. In other words, he’s mostly complaining that ISIL is targeting young men who are in their early 20s. He even uses the stereotype of a guy in his parents’ basement, interacting on social media without them knowing.

Carlin, of course, has just described FBI’s targeting strategy for terrorist stings, where they reach out to young men — many with mental disabilities — over social media, only then to throw an informant or undercover officer at the target, to convince him to press the button that (the target believes) will detonate a bomb — though of course the bomb is an FBI-supplied inert bomb. He should know this, because before the end of the panel, he invokes Mohamed Osman Mohamud, the Portland youth convicted for pressing a button who was first targeted by FBI’s informant when he was 16 or so (and whose father asked FBI for help, only to have them target his son).

I’m not contesting the truth of Carlin’s claims. But if this is a new strategy — essentially adopting the strategy the FBI has used since 9/11 (and especially since 2009) — one that Carlin deems especially outrageous, then it ought to reflect back on FBI’s practice. If it is outrageous for ISIL to target young and in some cases mentally unstable men because they are so vulnerable because they’re not yet old enough to resist, then it should also be considered outrageous for FBI to do the same to fluff their terrorism conviction rates. Plus, Carlin’s depiction of this as a new strategy suggests all those earlier targeted young men may not have been recruited by core al Qaeda.

Not to mention, the vulnerability of this population ought to point to a different way of combatting terrorism (and domestic terrorism, which has been a bigger problem in recent weeks): to make this community less vulnerable.


The Bipartisan Push for Internment Camps

On Friday, Franklin Graham posted this on his Facebook page:

Four innocent Marines (United States Marine Corps) killed and three others wounded in ‪#‎Chattanooga‬ yesterday including a policeman and another Marine–all by a radical Muslim whose family was allowed to immigrate to this country from Kuwait. We are under attack by Muslims at home and abroad. We should stop all immigration of Muslims to the U.S. until this threat with Islam has been settled. Every Muslim that comes into this country has the potential to be radicalized–and they do their killing to honor their religion and Muhammad. During World War 2, we didn’t allow Japanese to immigrate to America, nor did we allow Germans. Why are we allowing Muslims now? Do you agree? Let your Congressman know that we’ve got to put a stop to this and close the flood gates. Pray for the men and women who serve this nation in uniform, that God would protect them.

Also on Friday, former Democratic Presidential candidate Wes Clark said this in an interview:

We have got to identify the people who are most likely to be radicalized. We’ve got to cut this off at the beginning.  There are always a certain number of young people who are alienated.  They don’t get a job, they lost a girlfriend, their family doesn’t feel happy here and we can watch the signs of that. And there are members of the community who can reach out to those people and bring them back in and encourage them to look at their blessings here.

But I do think on a national policy level we need to look at what self-radicalization means because we are at war with this group of terrorists.  They do have an ideology. In World War II if someone supported Nazi Germany at the expense of the United States, we didn’t say that was freedom of speech, we put him in a camp, they were prisoners of war.

So, if these people are radicalized and they don’t support the United States and they are disloyal to the United States, as a matter of principle fine. It’s their right and it’s our right and obligation to segregate them from the normal community for the duration of the conflict.  And I think we’re going to have to increasingly get tough on this, not only in the United States but our allied nations like Britain, Germany and France are going to have to look at their domestic law procedures.

Interestingly, both comments were made in the wake of an attack that defies easy labeling, both according to the law and the absence of evidence of anything but depression. But nevertheless, the Chattanooga attack seemingly made it okay to talk about doing something we claim to have forsworn after our World War II experience. This, at a time when the number of people killed in Islamic terrorist attacks in the US since 9/11 still numbers in the tens.

A Tale of Two Gun Possessions: Dylann Roof and Alexander Ciccolo

Ciccolos GunsI have been wondering whether the FBI has been coy about the ISIS-related arrests they’ve leaked to the press, in part, because those “terrorist plots” look minor compared to the murder, allegedly by Dylann Roof, of nine people at a black church in Charleston. As of four days ago, after all, Jim Comey was still weighing whether the attack on the historic black church by a right wing extremist who had written a manifesto explaining his views is terrorism. Did FBI miss the Charleston terrorism attack because it was focusing so much more closely on potential ISIS attacks? Does it want to avoid calling it terrorism because it would mean they failed to prevent a terrorist attack?

I grew all the more curious when FBI announced that Roof only managed to purchase the gun for the attack because his March admission to possession of drugs in conjunction with a felony [local officials have since corrected the record to reflect a misdemeanor arrest] arrest did not get processed before the 3-day window during which dealers have to wait on background checks.

On April 11, Roof attempted to purchase a handgun from a store in West Columbia, South Carolina, a near suburb of Columbia. That day was a Saturday. On the next business day, April 13, an examiner in our West Virginia facility was assigned the case and began to process it.

Her initial check of Roof’s criminal history showed that he had been arrested in South Carolina March 1 on a felony drug charge. This charge alone is not enough to deny proceeding with the transaction. As a result, this charge required further inquiry of two potential reasons to deny the transaction. First, the person could have been convicted of a felony since the arrest. Second, the underlying facts of the arrest could show the person to be an unlawful drug user or addict.


So the court records showed no conviction yet and what she thought were the relevant agencies had no information or hadn’t responded. While she processed the many, many other firearms purchases in her queue, the case remained in “delayed/pending.”

By Thursday, April 16, the case was still listed as “status pending,” so the gun dealer exercised its lawful discretion and transferred the gun to Dylann Roof.

Had the FBI tracked down Roof’s admission to doing drugs before that 3-day window expired, he might not have gotten the gun he used to kill 9 people, and maybe their lives would have been saved. (See this story from today on inaccuracies in the local records on Roof’s arrest.)

The release today of information on Alexander Ciccolo, the estranged son of a Boston cop who is charged with illegal gun purchases but allegedly was planning to conduct an ISIS-inspired attack on a university outside of Massachusetts, makes the comparison of these two alleged aspiring terrorists all the more poignant.

According to the detention memo and reporting from ABC, Ciccolo has had long difficulties with mental illness, and embraced Islam in roughly March 2013. On September 11, 2014, a “close acquaintance” (who may have been his father) reported him to the FBI, when they started monitoring his Facebook. On June 24 (just incidentally, a week after the Charleston attack, but also several weeks after Boston cops shot Usaama Rahim on June 2, and the month after Dzhokhar Tsarnaev (Ciccolo’s father took part in the manhunt for Tsarnaev) got sentenced to death in Massachusetts), an undercover informant (described as a “cooperating witness”) met with Ciccolo face-to-face; it’s unclear how long they had corresponded online first and how discussions of an attack first came up.

The detention memo makes it clear that Ciccolo was discussing attacks designed to inflict maximal casualties and he was modeling them at least partly on the Boston Marathon attack. Ciccolo — a cop’s son — said he had grown up around guns, so on that level, at least, he was probably far more competent than most plotters caught in stings. And while, as with most transcriptions of FBI recordings, this has lapses, the many changes in Ciccolo’s plans, as reported to the informant, makes it sounds like he was driving this plan (but also make him sound mentally ill). So Ciccolo looks like more of a threat than some of the people the FBI has caught in an FBI-planned plot.

That’s why the arrest and timing is interesting. On February 17, 2015, this guy — who was supposedly obsessed with Islam — was convicted of drunken driving, but given probation. That made it illegal for him to possess a gun that had been involved in interstate transit. An affidavit accompanying the detention memo describes that on July 2, after prompting from the informant, Ciccolo responded, “You get the rifles, I’ll get the powder” — though it also said Ciccolo had earlier “planned to rob a gun store to obtain firearms” — which for a number of reasons make the guns one of the dodgy aspects of his sting. On July 3, Ciccolo bought a pressure cooker from WalMart.

But you can’t arrest someone for buying a pressure cooker (at least not yet), especially given that he appears not to have obtained any powder to use in a pressure cooker bomb, given what they found in a search of his place. But you can arrest a felon for possessing guns.

On July 4, the informant gave Ciccolo (the memo says he “took possession of” and there is no mention of money exchanged) four guns, after which the FBI immediately arrested him.

And then the FBI sealed everything up. The docket still appears to be sealed, but he was apparently arraigned on July 6 (after two days), and the detention memo notes that he waived Miranda rights. “After the defendant was arrested, he waived his Miranda rights and spoke to FBI Special Agents Paul Ambrogio and Julia Cowley. The defendant refused to talk about the guns with which he was arrested but he reaffirmed his support for ISIL.”

The local press did report on the FBI’s search, but was denied information until today.

And thus far, at least, they haven’t charged Ciccolo with anything more — material support or a plan to engage in terrorism.

Now, as I have said, given the evidence in the documents released so far, it appears that Ciccolo may present more of a threat than most FBI sting targets (though he also seems like a guy who should have gotten mental health care years ago). As such, getting guns into his hands was a way for the FBI to get him in custody. We shall see how good the evidence is that Ciccolo, and not the informant, was driving the attack.

But ultimately, what we have here are two examples of alleged aspiring terrorists with prior arrest records tied to intoxicating substances that could be used to arrest them if they got a gun. In Ciccolo’s case, that was used as a way to get him in custody and — the FBI suggests — to prevent a planned attack on a college in another state. In Roof’s case, the FBI did the requisite background check but didn’t track down the actual records in timely fashion. Had the FBI tracked Roof — whose online activities the FBI continues to investigate, but appears to have been active on at least one Neo-Nazi site — as closely as it had been tracking Ciccolo, it might have caught him in a sting too.

But there’s no evidence the FBI tracks white supremacist threats of violence as closely as it tracks ISIS or Al Qaeda related threats of violence.

I’m not saying the FBI should have prevented the Charleston attack; I don’t think it’s possible for FBI to stop everything, nor do I support the kind of dragnets that might try.

But the comparison of what happened to these two alleged aspiring terrorists when they tried to obtain guns is notable.

Have Comey’s Double Secret Independence Day Arrestees Been Denied Presentment?

Jim Comey has used what has thus far been an infallible PR tactic since he started as FBI Director. He invites a bunch of handpicked journalists to lunch and eats them alive with his charisma, after which they dutifully report stuff that makes no sense.

In the latest incarnation, on the day after he made two unconvincing pleas for back-doors-called-front-doors to two Senate committees, hinting all the time of big threats over the Fourth, a bunch of journalists then reported that FBI had arrested some people.

Mr. Comey would not say what the plots entailed or how many people had been arrested, but he said the plotters were among more than 10 people with ties to the Islamic State — also known as ISIS or ISIL — who had been arrested across the country in the past month.

Meanwhile, more skeptical types like Dan Froomkin and Adam Johnson started reviewing FBI public announcements and even asking questions, only to have FBI respond, trust us. Froomkin found only one — yet another guy entrapped by the FBI — that looked like Comey’s claimed arrest.

I will have more to say about Comey’s discussion of terrorist arrestees who remain secret. I think they may in fact exist — indeed, I think it quite likely that FBI has already started using the enhanced material support sentences from the ironically named “USA Freedom Act” as leverage to get dopes on Twitter to turn informants into ISIS.

But the FBI has what should be a serious problem. It has been more than 3 days since July 4, since these purported arrests, well over 72 hours, the time period under which federal defendants should be presented and charged. And we’ve seen virtually no arrestees.

Where is the body? Or rather, the multiple bodies Comey insists exist?

Is the FBI subjecting these 10 guys to extended interrogations without telling the press or (potentially) even the local public defenders office so as to be able to extend the already extended “public safety” gutting of Miranda the FBI has been enacting of late? Have these defendants been denied presentment?

Where are the bodies, Comey?

Feinstein Wants to Introduce Reporting Mandate Jim Comey Says We Don’t Need

I’ll have a piece in Salon shortly about the two hearings on whether FBI should be able to mandate back doors (they call them front doors because that fools some Senators about the security problems with that) in software.

One thing not in there, however, has to do with a bill the Senate Intelligence Committee is considering that would require Facebook and Twitter and other social media to report terrorist content to authorities. ABC News, quoting Richard Clarke (who hasn’t had an official role in government for some years but is on ABC’s payroll) reported that the social media companies were not now reporting terrorist content.

In the middle of the SSCI hearing on this topic, Dianne Feinstein asked Jim Comey whether social media companies were reporting such content. Comey said they are (he did say they’ve gotten far better of late). Feinstein asked whether there ought to be a law anyway, to mandate behavior the companies are already doing. Comey suggested it wasn’t necessary. Feinstein said maybe they should mandate it anyway, like they do for child porn.

All of which made it clear that such a law is unnecessary, even before you get into the severe problems with the law (such as defining who is a terrorist and what counts as terrorist content).

SSCI will probably pass it anyway, because that’s how they respond to threats of late: by passing legislation that won’t address it.

Note, Feinstein also got visibly and audibly and persistently pissed at Ron Wyden for accurately describing what Deputy Attorney General Sally Yates had said she wanted in an earlier hearing: for providers to have keys that the FBI could use. Feinstein seems to believe good PR will eliminate all the technical problems with a back door plan, perhaps because then she won’t be held responsible for making us less secure as a result.

Update: The measures is here, in the Intelligence Authorization.

Update: Title changed for accuracy.

The Dangers of Crying Wolf

In the wake of yet another in a string of 40 terrorist panics that came to naught, two terrorism experts have posts commenting on crying wolf. Ali Soufan’s consultant firm treats the over-response to the Fourth of July warnings as justifiable, though notes the general sense of unease serves ISIL’s purpose.

While calls for the public to remain vigilant are common sense, they need not become an incessant drumbeat, as fears of lone wolf and known wolf attackers can too easily give way to cries of wolf that are taxing and counterproductive.


That neither false alarm was terrorism related did little to blunt the worry that both could have been; indeed both were assumed to have been terrorism by a public told to expect the worst but not told why. The spectacle of massive law enforcement responses, which make sense given the history of ill-advised moderation and hesitation during active shooter situations, plays into the propaganda playbook of the Islamic State. Unspecific warnings to be on the lookout for an attack further add to the false but easily repeated sense that the national security situation is out of control. The nation is actually relatively safe, thanks to a decade of intense efforts by law enforcement and intelligence agencies. No one feels safe, however, given the attacks, tweets, and taunts of a terrorist group long active in Iraq and now in Syria.

This unease stems in part from the way the Islamic State has changed the landscape of terrorism, moving away from spectacular attacks that topple a society’s skyscrapers to banal but brutal attacks that destroy a society’s sense of security. A sound misheard as a gunshot at the premier military hospital in the United States can be assumed to be the start of a Tunisia-style terror attack precisely because such an attack is so easy to pull off. Shooting tourists on a beach in Tunisia or in an office in Paris means no one feels safe, even if no one is actually threatened beforehand.


The group will gladly accept people crying wolf in its name as much as it accepts lone wolves acting in its name. A persistent level of perceived threat allows this approach to succeed where it should fail.

Peter Bergen weighs the costs of repeated panics more critically.

Since there was virtually no downside for U.S. national security officials to issue terrorism alerts, the American public has been regularly warned that some kind of serious terrorist attack is in the offing.

Crying wolf, however, does have repercussions. There are significant costs to these terror alerts, both economic and social.

This weekend, local governments and businesses spent significant sums putting temporary security upgrades in place. Some Americans made alternative vacation plans. In the past, many flights have been canceled and commerce impeded.

More fundamentally, the issuing of alerts undermines the essential purpose of counterterrorism — to prevent terrorist attacks, yes, but also to guarantee American citizens’ right to live outside the realm of fear that terrorists want to impose on us. Inflated, ineffectual warnings do not serve the purpose of effective counterterrorism; they contradict it.

We seem to have inverted President Franklin D. Roosevelt’s famous admonition “The only thing we have to fear is fear itself” so that our motto today is closer to “We will continually live in a state of self-imposed fear.”

When this happens, we are doing the job of terrorists for them.

I’d add two things.

First, don’t forget that sustained panics has helped the security state demand new authorities in the past, as when in 2004 an election year threat the CIA early discounted nevertheless served as the excuse to restart torture and the dragnet. Jim Comey was a part of that (though Comey seems to have served more as a willful dupe to the CIA and Cheney types than the instigator). So it should stand as a warning, especially when Comey is using the ISIL threat to demand encryption back doors.

But this discussion also needs some perspective. After all, as the national security state was panicking over loud noises, there was a slew of gun violence in Chicago.

After a relatively quiet start to the Fourth of July weekend in Chicago, a burst of gun violence overnight left three dead and 27 people wounded in just eight hours, including a 7-year-old boy killed after returning from a celebration.

“It’s crazy,” said Vedia Hailey, the grandmother of the boy, Amari Brown. “Who would shoot a 7-year-old in the chest? Who would do that to a baby? When is it going to stop?”

From 9:20 p.m Saturday until 4:45 a.m. Sunday, 30 people were shot across Chicago, three of them fatally, including Amari.

Even when casualties from senseless gun violence rival that of any terror attack in the US since 9/11, CNN doesn’t run it 24/7, nor do people seem all that concerned about the destruction of Chicago’s South Side’s sense of security.

Moreover, the costs go far beyond those Bergen lays out.

After all, if national security remains defined as counterterrorism (or maybe gets expanded to include hackers), we will ignore two bigger threats to our country and the globe: climate change and bankster havoc.

Every time we spend a holiday weekend hiding from manufactured fears, we will lose focus on bigger threats.

Over the weekend we celebrated the brave audacity of a bunch of men who dared to take risks to demand their autonomy (while denying it to their non-white and female chattel). Our country has since allowed itself to be dominated by fears.

Jim Comey May Not Be a Maniac, But He Has a Poor Understanding of Evidence

Apparently, Jim Comey wasn’t happy with his stenographer, Ben Wittes. After having Ben write up Comey’s concerns on encryption last week, Comey has written his own explanation of his concerns about encryption at Ben’s blog.

Here are the 3 key paragraphs.

2. There are many benefits to this. Universal strong encryption will protect all of us—our innovation, our private thoughts, and so many other things of value—from thieves of all kinds. We will all have lock-boxes in our lives that only we can open and in which we can store all that is valuable to us. There are lots of good things about this.

3. There are many costs to this. Public safety in the United States has relied for a couple centuries on the ability of the government, with predication, to obtain permission from a court to access the “papers and effects” and communications of Americans. The Fourth Amendment reflects a trade-off inherent in ordered liberty: To protect the public, the government sometimes needs to be able to see an individual’s stuff, but only under appropriate circumstances and with appropriate oversight.

4. These two things are in tension in many contexts. When the government’s ability—with appropriate predication and court oversight—to see an individual’s stuff goes away, it will affect public safety. That tension is vividly illustrated by the current ISIL threat, which involves ISIL operators in Syria recruiting and tasking dozens of troubled Americans to kill people, a process that increasingly takes part through mobile messaging apps that are end-to-end encrypted, communications that may not be intercepted, despite judicial orders under the Fourth Amendment. But the tension could as well be illustrated in criminal investigations all over the country. There is simply no doubt that bad people can communicate with impunity in a world of universal strong encryption.

Comey admits encryption lets people lock stuff away from criminals (and supports innovation), and admits “there are lots of good things about this.” He then introduces “costs,” without enumerating them. In a paragraph purportedly explaining how the “good things” and “costs” are in tension, he raises the ISIL threat as well as — as an afterthought — “criminal investigations all over the country.”

Without providing any evidence about that tension.

As I have noted, the recent wiretap report raises real questions, at least about the “criminal investigations all over the country,” which in fact are not being thwarted. On that ledger, at least, there is no question: the “good things” (AKA, benefits) are huge, especially with the million or so iPhones that get stolen every year, and the “costs” are negligible, just a few wiretaps law enforcement can’t break.

I conceded we can’t make the same conclusions about FISA orders — or the FBI generally — because Comey’s agency’s record keeping is so bad (which is consistent with all the rest of its record-keeping). It may well be that we’re not able to access ISIL communications with US recruits because of encryption, but simply invoking the existence of ISIL using end-to-end encrypted mobile messaging apps is not evidence (especially because so much evidence indicates that sloppy end-user behavior makes it possible for FBI to crack this).

Especially after the FBI’s 0-for-40 record about making claims about terrorists since 9/11.

It may be that the FBI is facing increasing problems tracking ISIL. It may even be — though I’m skeptical — that those problems would outweigh the value of making stealing iPhones less useful.

But even as he calls for a real debate, Comey offers not one bit of real evidence to counter the crappy FBI reporting in the official reports to suggest this is not more FBI fearmongering.

CryptoWars, the Obfuscation

The US Courts released its semiannual Wiretap Report the other day, which reported that very few of the attempted wiretaps last year were encrypted, with even fewer thwarting law enforcement.

The number of state wiretaps in which encryption was encountered decreased from 41 in 2013 to 22 in 2014. In two of these wiretaps, officials were unable to decipher the plain text of the messages. Three federal wiretaps were reported as being encrypted in 2014, of which two could not be decrypted. Encryption was also reported for five federal wiretaps that were conducted during previous years, but reported to the AO for the first time in 2014. Officials were able to decipher the plain text of the communications in four of the five intercepts.

Motherboard has taken this data and concluded it means the Feds have been overstating their claim they’re “going dark.”

[N]ew numbers released by the US government seem to contradict this doomsday scenario.


“They’re blowing it out of proportion,” Hanni Fahkoury, an attorney at the digital rights group Electronic Frontier Foundation (EFF), told Motherboard. “[Encryption] was only a problem in five cases of the more than 3,500 wiretaps they had up. Second, the presence of encryption was down by almost 50 percent from the previous year.

“So this is on a downward trend, not upward,” he wrote in an email.

Much as I’d like to, I’m not sure I agree with Motherboard’s (or Hanni Fahkoury’s) conclusion.

Here’s what the data show since 2012, which was the first year jurisdictions reported being unable to break encryption (2012; 2013):

Screen Shot 2015-07-02 at 11.07.09 AM

You’ll see lots of parenthetical entries and NRs. That’s because this data is not being reported systematically. Parenthetical references are to encrypted feeds not reported until years after they get set, and usually those have been decrypted by the time they’re reported. NRs show that we have not getting these numbers, if they exist, from federal law enforcement (and the numbers can’t be zero, as reported here, because FBI has been taking down targets like Silk Road). The reporting on this ought to raise real questions about the quality of the data being reported and perhaps might spark some interest in mandating better reporting of this data so it can be tracked. But it also suggests that — at a time when law enforcement are just beginning to find encryption they can’t break (immediately) — there’s a lot of noise in the data. Does 2013’s 2% of encrypted targets and half-percent that couldn’t be broken represent a big problem? It depends on who the target is — a point I’ll come back to.

Congress will soon have that opportunity (but won’t avail themselves of it).

Even as US Courts were reporting still very low levels of encryption challenges faced by law enforcement, both the Senate Judiciary Committee and the Senate Intelligence Committee announced hearings next Wednesday where Jim Comey will have yet another opportunity to try to present a compelling argument that he should have back doors into our communication. SJC even saw fit to invite witnesses with opposing viewpoints, which the “intelligence” committee saw no need to do.

In an apparent attempt to regain some credibility before these hearings (Jim Comey is nothing if not superb at working the media), Comey went to Ben Wittes to suggest his claimed concern with increasing use of encryption has to do with ISIS’ increasing use of encryption. Ben quotes from Comey’s earlier comments to CNN then riffs on that in light of what Comey just told him in a conversation.

“Our job is to find needles in a nationwide haystack, needles that are increasingly invisible to us because of end-to-end encryption,” Comey said. “This is the ‘going dark’ problem in high definition.”

Comey said ISIS is increasingly communicating with Americans via mobile apps that are difficult for the FBI to decrypt. He also explained that he had to balance the desire to intercept the communication with broader privacy concerns.

“It is a really, really hard problem, but the collision that’s going on between important privacy concerns and public safety is significant enough that we have to figure out a way to solve it,” Comey said.

Let’s unpack this.

As has been widely reported, the FBI has been busy recently dealing with ISIS threats. There have been a bunch of arrests, both because ISIS has gotten extremely good at the inducing self-radicalization in disaffected souls worldwide using Twitter and because of the convergence of Ramadan and the run-up to the July 4 holiday.

As has also been widely reported, the FBI is concerned about the effect of end-to-end encryption on its ability to conduct counterterrorism operations and other law enforcement functions. The concern is two-fold: It’s about data at rest on devices, data that is now being encrypted in a fashion that can’t easily be cracked when those devices are lawfully seized. And it’s also about data in transit between devices, data encrypted such that when captured with a lawful court-ordered wiretap, the signal intercepted is undecipherable.


What was not clear to me until today, however, was the extent to which the ISIS concerns and the “going dark” concerns have converged. In his Brookings speech, Comey did not focus on counterterrorism in the examples he gave of the going dark problem. In the remarks quoted by CNN, and in his conversation with me today, however, he made clear that the landscape is changing fast. Initial recruitment may take place on Twitter, but the promising ISIS candidate quickly gets moved onto messaging platforms that are encrypted end to end. As a practical matter, that means there are people in the United States whom authorities reasonably believe to be in contact with ISIS for whom surveillance is lawful and appropriate but for whom useful signals interception is not technically feasible.

Now, Ben incorrectly blurs the several roles of FBI here. FBI’s interception of ISIS communiques may be both intelligence and law enforcement. To the extent they’re the former — to the extent they’re conducted under FISA — they won’t show up in US Courts’ annual report.

But they probably should, if Comey is to have any credibility on this front.

Moreover, Ben simply states that “there are people in the United States whom authorities reasonably believe to be in contact with ISIS for whom surveillance is lawful and appropriate.” But there’s no evidence presented to support this. Indeed, most of the so-called ISIS prosecutions have shown 1) where probable cause existed, it largely existed in the clear, in Twitter conversations and other online postings and 2) there may not have been probable cause before FBI ginned it up.

It ought to raise real questions about whether Comey’s going dark problem is a law enforcement one — with FBI being unable to to access evidence on real criminals — or is an intelligence one — with FBI being unable to access First Amendment protected speech that nevertheless may be important for an understanding of the threat ISIS poses domestically. Again, the data is not there, one way or another, but given the law enforcement data, we ought to demand real numbers for intelligence intercepts. Another pertinent question is whether this encrypted data is easily accessible to NSA (ISIS recruiters are almost entirely going to be legitimate NSA targets located overseas), but not to FBI?

And all this presumes that Comey is telling the truth about ISIS and not — as he and just about every member of the Intelligence Community has done routinely — used terror threats to be able to get authorities to wield against other kinds of threats, especially hackers (which is not to say hackers aren’t a target, just that the IC likes to pretend its authorities serve an exclusively CT purpose when they clearly do not). The law enforcement data, at least, show that even members of very sophisticated drug distribution networks are using encryption at a really low level. Is ISIS’ ability to coach potential recruits into using encrypted products on Twitter really that much better, or is Comey really talking about hackers who more obviously have the technical skills to encrypt their communications?

Thus far, Comey would have you believe that intelligence — counterterrorism — targets encrypt at a much higher rate than even drug targets. But the data also suggest even federal law enforcement (that is, Comey’s agency, among others) aren’t tracking this very effectively, and so can’t present reliable numbers.

Before we go any further in this cryptowar debate, we ought to be able to get real numbers on how serious the problem is.

1 2 3 90
Emptywheel Twitterverse
bmaz @BernardKingIII @DavidSug Which is why I am all WTF?
bmaz @BernardKingIII @DavidSug Assumption of risk etc all seem precluded by prior AZ precedent. Though all involve bites/attacks, etc.
bmaz @Reillax @foolintheforest @djsziff I am hoping, but.....
bmaz @foolintheforest @djsziff Dude, already had that quote in mind if an insurance carrier atty doesn't take over!
bmaz @Reillax @foolintheforest @djsziff Yes, it is. But this is not under the "dog bite statute", but under ARS §11-1020 http://t.co/syYDOzwvZR
bmaz @foolintheforest @djsziff ...a bite or an "attack" by the animal, not just presence and being tripped over.
bmaz @foolintheforest @djsziff but where the fuck does that fit in with "strict animal liability" law, which almost universally contemplates...
bmaz @djsziff @foolintheforest at least this is what I believe *so far*. But I trust this client pretty far.
bmaz @djsziff @foolintheforest Yes, as to both of you. Was in very enclosed school playground under teacher supervision. Kid admits was klutz.
August 2015
« Jul