Two pieces of news on the government’s investigation of WikIleaks came out yesterday.
At the Intercept, Glenn Greenwald reported:
Also yesterday, Alexa O’Brien reported (and contextualized with links back to her earlier extensive reporting):
Now, as O’Brien lays out in her post, at various times during the investigation of WikiLeaks, it has been called a Computer Fraud and Abuse investigation, an Espionage investigation, and a terrorism investigation.
Which raises the question why, long after DOJ had deemed the WikiLeaks case a national security case that under either the terrorism or Espionage designation would grant them authority to use tools like National Security Letters, they were still using subpoenas that were getting challenged and noticed to Appelbaum? Why, if they were conducting an investigation that afforded them all the gagged orders they might want, were they issuing subpoenas that ultimately got challenged and exposed?
Before you answer “parallel construction,” lets reconsider something I’ve been mulling since the very first Edward Snowden disclosure: the secret authority DOJ and FBI (and potentially other agencies) used to investigate not just WikiLeaks, but also WikiLeaks’ supporters.
Back in June 2011, EPIC FOIAed DOJ and FBI (but not NSA) for records relating to the government’s investigation of WikiLeaks supporters.
EPIC’s FOIA asked for information designed to expose whether innocent readers and supporters of WikiLeaks had been swept up in the investigation. It asked for:
- All records regarding any individuals targeted for surveillance for support for or interest in WikiLeaks;
- All records regarding lists of names of individuals who have demonstrated support for or interest in WikiLeaks;
- All records of any agency communications with Internet and social media companies including, but not limited to Facebook and Google, regarding lists of individuals who have demonstrated, through advocacy or other means, support for or interest in WikiLeaks; and
- All records of any agency communications with financial services companies including, but not limited to Visa, MasterCard, and PayPal, regarding lists of individuals who have demonstrated, through monetary donations or other means, support or interest in WikiLeaks. [my emphasis]
In their motion for summary judgment last February, DOJ said a lot of interesting things about the records-but-not-lists they might or might not have and generally subsumed the entire request under an ongoing investigation FOIA exemption.
Most interesting, however, is in also claiming that some statute prevented them from turning these records over to EPIC, they refused to identify the statute they might have been using to investigate WikiLeaks’ supporters.
All three units at DOJ — as reflected in declarations from FBI’s David Hardy, National Security Division’s Mark Bradley, and Criminal Division’s John Cunningham – claimed the files at issue were protected by statute.
None named the statute in question. All three included some version of this statement, explaining they could only name the statute in their classified declarations.
The FBI has determined that an Exemption 3 statute applies and protects responsive information from the pending investigative files from disclosure. However, to disclose which statute or further discuss its application publicly would undermine interests protected by Exemption 7(A), as well as by the withholding statute. I have further discussed this exemption in my in camera, ex parte declaration, which is being submitted to the Court simultaneously with this declaration
In fact, it appears the only reason that Cunningham submitted a sealed declaration was to explain his Exemption 3 invocation.
And then, as if DOJ didn’t trust the Court to keep sealed declarations secret, it added this plaintive request in the motion itself.
Defendants respectfully request that the Court not identify the Exemption 3 statute(s) at issue, or reveal any of the other information provided in Defendants’ ex parte and in camera submissions.
DOJ refuses to reveal precisely what EPIC seems to be seeking: what kind of secret laws it is using to investigate innocent supporters of WikiLeaks.
Invoking a statutory exemption but refusing to identify the statute was, as far as I’ve been able to learn, unprecedented in FOIA litigation.
The case is still languishing at the DC District.
I suggested at the time that the statute in question was likely Section 215; I suspected at the time they refused to identify Section 215 because they didn’t want to reveal what Edward Snowden revealed for them four months later: that the government uses Section 215 for bulk collection.
While they may well have used Section 215 (particularly to collect records, if they did collect them, from Visa, MasterCard, and PayPal — but note FBI, not NSA, would have wielded the Section 215 orders in that case), they couldn’t have used the NSA phone dragnet to identify supporters unless they got the FISC to approve WikiLeaks as an associate of al Qaeda (update: Or got someone at NSA’s OGC to claim there were reasons to believe WikiLeaks was associated with al Qaeda). They could, however, have used Section 215 to create their own little mini WikiLeaks dragnet.
There’s a subtle point that deserves more attention: GCHQ presented the underlying Powerpoint to NSA’s SIGDEV conference.
The documents, from a PowerPoint presentation prepared for a 2012 NSA conference called SIGDEV, show that the unit known as the Joint Threat Research Intelligence Group, or JTRIG, boasted of using the DDOS attack – which it dubbed Rolling Thunder — and other techniques to scare away 80 percent of the users of Anonymous internet chat rooms.
In the presentation on hacktivism that was prepared for the 2012 SIGDEV conference, one official working for JTRIG described the techniques the unit used to disrupt the communications of Anonymous and identify individual hacktivists, including some involved in Operation Payback. Called “Pushing the Boundaries and Action Against Hacktivism,” the presentation lists Anonymous, Lulzsec and the Syrian Cyber Army among “Hacktivist Groups,” says the hacktivists’ targets include corporations and governments, and says their techniques include DDOS and data theft.
SIGDEV is NSA’s term for the agency’s efforts to develop new signals intelligence techniques and sources. Thus, GCHQ presented the attack as the cutting edge of what NSA does.
But remember: NSA’s SIGDEV analysts have access to raw data outside of normal channels. This shows up repeatedly in the primary orders for the dragnet. And, as Bart Gellman noted (and I elaborated on here), Obama specifically exempted these folks from his Presidential Policy Directive limiting our spying (though his PPD did say foreigners could be spied on for cybersecurity reasons).
In other words, the people GCHQ boasted of their attack on Anonymous to are the people who have some of the least oversight within NSA.
One reason I harped on the way Ken Dilanian referred to the “official position” that hacking other governments was acceptable was because I suspected the government does what NBC just reported they do: engage in hacking against other targets, in this case, hackers like Anonymous.
[A] division of Government Communications Headquarters Communications (GCHQ), the British counterpart of the NSA, shut down communications among Anonymous hacktivists by launching a “denial of service” (DDOS) attack – the same technique hackers use to take down bank, retail and government websites – making the British government the first Western government known to have conducted such an attack.
As I noted on Twitter, the report that GCHQ targeted Anonymous should raise questions (that have already been raised) whether either GCHQ or NSA was behind the DDoS attack on noted publishing site WikiLeaks in 2010.
So the NSA (and GCHQ) believe some hacks are legitimate and some are not. But in addition, both are effectively asserting that the state should have a monopoly on hacking, just as it asserts a monopoly on violence. As some of the people involved have been commenting on Twitter, they got charged for DDoSing, even as the Brits were engaging in precisely the same behavior. Particularly troubling, there’s no indication NSA or GCHQ believe they need warrants to exercise their monopoly on hacks against their own citizens (FBI has in the past gotten a warrant to bring down a botnet, so there is precedent).
Of course, therein lies part of the problem: that intelligence is bleeding into law enforcement, and the tools of inter-state spying are being wielded against criminals (and dissidents).
None of this is surprising. It arises directly out of the way the government has gone after terrorists, and this treatment of an IRC channel is directly parallel to the same kind of guilt by association used against terrorists.
In a really worthy read, Bill Keller and Glenn Greenwald debate the future of journalism.
Sadly, however, in his first response to Keller’s self-delusion of belonging to the journalistic tradition of “newspapers that put a premium on aggressive but impartial reporting that expect reporters and editors to keep their opinions to themselves,” Greenwald seemed to cede that such journalism constitutes, “concealing one’s subjective perspectives.” That permitted Keller to continue his self-delusion that his journalism — at both the level of reporter and that reporter’s larger institution — achieved that silence about opinions until they started fighting about the role of national allegiance and national security.
That argument developed this way.
Greenwald: Former Bush D.O.J. lawyer Jack Goldsmith in 2011 praised what he called “the patriotism of the American press,” meaning their allegiance to protecting the interests and policies of the U.S. government. That may (or may not) be a noble thing to do, but it most definitely is not objective: it is quite subjective and classically “activist.”
Keller: If Jack Goldsmith, the former Bush administration lawyer, had praised the American press for, in your words, “their allegiance to protecting the interests and policies of the U.S. government” then I would strongly disagree with him. We have published many stories that challenged the policies and professed interests of the government. But that’s not quite what Goldsmith says. He says that The Times and other major news outlets give serious consideration to arguments that publishing something will endanger national security — that is, might get someone killed.
For what it’s worth, I think Keller is clinging to the first thing Goldsmith said,
Glenn Greenwald complained that “the NYT knew about Davis’ work for the CIA (and Blackwater) but concealed it because the U.S. Government told it to” (my emphasis). That is inaccurate. The government asked the Times not to publish, as it often does, and the Times agreed to the request, which it sometimes does. The final decision rested with the Times, which listens to the government’s claims about national security harm and risk to individual lives, and then makes its own decision. The Timesdoes not, in my opinion, always exercise this discretion wisely.
And ignoring what Goldsmith went on to say,
I interviewed a dozen or so senior American national security journalists to get a sense of when and why they do or don’t publish national security secrets. They gave me different answers, but they all agreed that they tried to avoid publishing information that harms U.S. national security with no corresponding public benefit. Some of them expressly ascribed this attitude to “patriotism” or “jingoism” or to being American citizens or working for American publications. This sense of attachment to country is what leads the American press to worry about the implications for U.S. national security of publication, to seek the government’s input, to weigh these implications in the balance, and sometimes to self-censor. (This is a natural and prudent attitude in a nation with the fewest legal restrictions in the world on the publication of national security secrets, but one abhorred by critics like Greewald.) The Guardian, al Jazeera, and Wikileaks, by contrast, worry much less, if at all, about U.S. national security interests.
That is, Goldsmith noted both that at an institutional level US news outlets entertained the requests of the government, and that at a reportorial level, individuals prioritized US “national security.”
And from there, Keller repeatedly ignored or dismissed the efforts Greenwald, in his Edward Snowden reporting, or WikiLeaks, in its Cablegate publications, made to protect lives of individuals.
It’s not until Greenwald’s response where he gets to the crux of the issue.
As for taking into account dangers posed to innocent life before publishing: nobody disputes that journalists should do this. But I don’t give added weight to the lives of innocent Americans as compared to the lives of innocent non-Americans, nor would I feel any special fealty to the U.S. government as opposed to other governments when deciding what to publish. Continue reading
On Twitter yesterday, various Occupy Wall Street participants started buzzing as Wojciech Braszczok appeared in court for his role in assaulting Alexian Lien. They realized Braszczok had infiltrated Occupy Wall Street over the course of several years.
Gothamist has all the details of Braszczok’s undercover presence at Occupy, including the possibility that he worked events outside of NYC, which would be sure to piss of those other jurisdictions.
But I’m particularly appalled that he continued to track the group during Occupy Sandy.
Braszczok’s surveillance apparently extended beyond political demonstrations to the hurricane recovery work of Occupy Sandy. In November, the detective tweeted about an Occupy Sandy meeting in the Financial District. Participants remember him as a regular presence at Occupy Sandy’s operations as well.
“He was at 520 Clinton and Sunset Park,” an occupier named Casper recalls, referring to Occupy Sandy’s two main distribution hubs. “I saw him there a lot.”
Rather than helping Sandy victims, the NYPD was surveilling those who were.
But don’t worry. NYPD hasn’t gone overboard or anything.
As per usual, Clapper complains that the stories don’t paint the Intelligence Community in the light they’d like to be described.
In particular, he complains that — notwithstanding the Guardian’s publication of NSA’s graphic suggesting every Tor communication hides a bearded terrorist — the stories haven’t emphasized the “very naughty” targets of this spying.
However, the articles fail to make clear that the Intelligence Community’s interest in online anonymity services and other online communication and networking tools is based on the undeniable fact that these are the tools our adversaries use to communicate and coordinate attacks against the United States and our allies.
But that complaint comes with a new admission, one that has been all but unmentioned since when, on June 10, Clapper’s most impressive PRISM success story pertained to cybersecurity. For the first time in quite a while, Clapper today acknowledged NSA uses this not only for counterterrorism and other foreign targets, but also counterintelligence.
The articles fail to mention that the Intelligence Community is only interested in communication related to valid foreign intelligence and counterintelligence purposes and that we operate within a strict legal framework that prohibits accessing information related to the innocent online activities of US citizens.
Within our lawful mission to collect foreign intelligence to protect the United States, we use every intelligence tool available to understand the intent of our foreign adversaries so that we can disrupt their plans and prevent them from bringing harm to innocent Americans. [my emphasis]
The admission is important not just because Clapper and Keith Alexander have consistently been trying to hide the cybersecurity application of this. But because it makes clear that NSA requires no foreign nexus to target Tor communications.
Which they couldn’t well require in any case, since the design of Tor ensures the government can’t know whether an encrypted message is a domestic or foreign communication.
Of course, once you include counterintelligence (and threats to property) as a valid excuse to keep encrypted communications indefinitely and even to compromise people’s computers (see slide 16), particularly in an environment where leaks of even unclassified information are treated as spying, then the distinction between “citizens” and “targets” crumbles.
MSNBC has an update to the continuing saga of “Omigod the NSA has inadequate security.” It explains why the “thin client” system the NSA had (one source calls it 2003 technology) made it so easy for Edward Snowden to take what he wanted.
In a “thin client” system, each remote computer is essentially a glorified monitor, with most of the computing power in the central server. The individual computers tend to be assigned to specific individuals, and access for most users can be limited to specific types of files based on a user profile.
But Snowden was not most users.
As a system administrator, Snowden was allowed to look at any file he wanted, and his actions were largely unaudited. “At certain levels, you are the audit,” said an intelligence official.
He was also able to access NSAnet, the agency’s intranet, without leaving any signature, said a person briefed on the postmortem of Snowden’s theft. He was essentially a “ghost user,” said the source, making it difficult to trace when he signed on or what files he accessed.
If he wanted, he would even have been able to pose as any other user with access to NSAnet, said the source.
The story goes on to note that being in Hawaii would have allowed Snowden to access Fort Meade’s computers well after most users were gone.
I’m particularly interested in the assertion that Snowden could pose as any other user with access to NSAnet.
Any other user. Presumably, that includes at least Cybercommander Keith Alexander’s aides.
In a world in which the NSA is increasingly an offensive organization, certain figures within NSA would be engaged in some very interesting communications and compartments, I’d imagine.
Ah well. The US won’t learn. They’ll continue to neglect these holes until someone publicly demonstrates their negligence, all the while leaving them open for whatever paid agents of foreign governments choose to exploit them.
Q Why was the United States given a heads-up by the British government on this detention?
MR. EARNEST: Again, that heads-up was provided by the British government, so you can direct that question to them.
Q Right. But was this heads-up given before he was detained or before it went public that he was detained?
MR. EARNEST: Probably wouldn’t be a heads-up if they would have told us about it after they detained him.
Q So it’s fair to say they told you they were going to do this when they saw that he was on a manifest?
MR. EARNEST: I think that is an accurate interpretation of what a heads-up is.
Q Is this gentleman on some sort of watch list for the United States? Can you look that up?
MR. EARNEST: You’d have to check with the TSA because they maintain the watch list. And I don’t know if they’d tell you or not, but you can ask them.
Q If he’s on a watch list for the U.K., would it be safe to assume then that he’s been put on a watch list in the United States?
MR. EARNEST: The level of coordination between counterterrorism and law enforcement officials in the U.K. and counterterrorism and law enforcement officials in the United States is very good. But in terms of who is on different watch lists and how our actions and their actions are coordinated is not something I’m in a position to talk about from here.
Q Did the United States government — when given the heads-up, did the United States government express any hesitancy about the U.K. doing it — about the U.K. government doing this?
MR. EARNEST: Well, again, this is the British government making a decision based on British law, on British soil, about a British law enforcement action.
Q Did the United States, when given the heads-up, just said okay?
MR. EARNEST: They gave us a heads-up, and this is something that they did not do at our direction and it’s not something that we were involved with. This is a decision that they made on their own.
Q Did the United States discourage the action?
White House Deputy Spokesperson Josh Earnest wants you to know that the decision to detain Glenn Greenwald’s partner David Miranda was done by the British on their own.
Q Josh, you’ve talked about the Mubarak detention as being a Egyptian legal matter. You’ve talked about Morsi’s politically motivated detention. And then with regard to Mr. Greenwald’s partner, you called it a “mere law enforcement action.” Given that the White House has never been shy about criticizing detention policies overseas, do you have any concerns at all about the U.K.’s law enforcement actions in this case?
MR. EARNEST: Well, what I can say is I don’t have a specific reaction other than to observe to you that this is a decision that was made by the British government and not one that was made at the request or with the involvement of the United States government.
But he’s not going to tell you anything about the secret conversations the US have with the British.
MR. EARNEST: To be honest with you, Steve, I don’t have a way to characterize for you any of the conversations between the British government and the U.S. government on this matter other than to say that this is a decision that they made on their own and not at the request of the United States. But in terms of the kinds of classified, confidential conversations that are ongoing between the U.S. and our allies in Britain, I’m not able to characterize that for you.
Q But there are consultations on this matter taking place?
MR. EARNEST: I’m telling you I’m not able to provide any insight into those conversations at all.
Ah well, perhaps this “US security official,” rather bizarrely given anonymity to pass on this British thuggish comment, offers better insight into those conversations.
One U.S. security official told Reuters that one of the main purposes of the British government’s detention and questioning of Miranda was to send a message to recipients of Snowden’s materials, including the Guardian, that the British government was serious about trying to shut down the leaks.
Josh Earnest may not want to admit to the close collaboration here, but American security officials sure seem privy to the message being sent.
U.S. Army Private First Class Bradley Manning stands convicted of crimes under the Uniform Code of Military Justice (UCMJ). The convictions result from two events. The first was a voluntary plea of guilty by Pvt. Manning to ten lesser included charges in February, and the remainder from a verdict of guilty after trial entered by Judge Denise Lind on July 30.
The maximum possible combined sentence originally stood at 136 years for the guilty counts, but that was reduced to a maximum possible sentence of 90 years after the court entered findings of merger for several of the offenses on August 6. The “merger” resulted from the partial granting of a motion by Mr. Manning’s attorney arguing some of the offenses were effectively the same conduct and were therefore multiplicitous. The original verdict status, as well as the revised verdict status after the partial merger of offenses by the court, is contained in a very useful spreadsheet created by Alexa O’Brien (whose tireless coverage of the Manning trial has been nothing short of incredible).
Since the verdict and merger ruling, there have been two weeks of sentencing witnesses, testimony and evidence presented by both the government and defense to the court. It is not the purpose of this post to detail the testimony and evidence per se, but rather the mechanics of the sentencing process and how it will likely be carried out. For detailed coverage of the testimony and evidence, in addition to Alexa O’Brien, the reportage of Kevin Gosztola at FDL Dissenter, Julie Tate at Washington Post, Charlie Savage at New York Times and Nathan Fuller at the Bradley Manning Support Network has been outstanding.
All that is left are closing arguments and deliberation by Judge Lind on the final sentence she will hand down. So, what exactly does that portend for Bradley Manning, and how will it play out? Only Judge Lind can say what the actual sentence will be, but there is much guidance and procedural framework that is known and codified in rules, practice and procedure under the UCMJ.
Glenn Greenwald’s partner, David Miranda, got detained at Heathrow for 9 hours and had his electronic devices confiscated.
David Miranda, who lives with Glenn Greenwald, was returning from a trip to Berlin when he was stopped by officers at 8.30am and informed that he was to be questioned under schedule 7 of the Terrorism Act 2000. The controversial law, which applies only at airports, ports and border areas, allows officers to stop, search, question and detain individuals.
The 28-year-old was held for nine hours, the maximum the law allows before officers must release or formally arrest the individual. According to official figures, most examinations under schedule 7 – over 97% – last under an hour, and only one in 2,000 people detained are kept for more than six hours.
Miranda was then released without charge, but officials confiscated electronics equipment including his mobile phone, laptop, camera, memory sticks, DVDs and games consoles.
Aside from the outrage over the treatment of a partner of a British newspaper’s employee, consider what it means that the UK used their terrorism law to detain Miranda (had he been transiting the US, they wouldn’t have needed to use the transparently false claim of terrorism — they can and do subject people to this treatment for no reason all the time).
Does this mean the US and UK are both treating the investigation into the leak of classified information as terrorism now? If so, does that mean the US is using its counterterrorism authorities to investigate Greenwald and Snowden? Have they used the dragnet database to find their contacts?
That might explain why they apparently used the FISA Court — not an Title III warrant — to go after Lavabit.
But it significantly discredits both their effort to counter Greenwald and their counterterrorism efforts. If they’ll use terrorism to prevent further embarrassment, it’s really just a tool to go after dissidents.
Two more thoughts. First, remember that someone already stole a laptop from Greenwald’s home in Rio. I thought it unlikely then that the US or an ally did so. I think the chances are slightly higher now.
Also, I wonder how Dilma Rousseff will respond to this, especially with growing actions in Brazil against US spying. She had been moving away from the sphere of the Bolivarists in Latin America (and has a US state visit planned for this fall). But the British just treated a Brazilian citizen with the same kind of egregious treatment Europe gave to Evo Morales. Will she respond?
Update: In Glenn’s piece on this, he makes it clear that fairly high level Brazilian officials were involved in this, and none too happy about it.
I immediately contacted the Guardian, which sent lawyers to the airport, as well various Brazilian officials I know. Within the hour, several senior Brazilian officials were engaged and expressing indignation over what was being done. The Guardian has the full story here.
Despite all that, five more hours went by and neither the Guardian’s lawyers nor Brazilian officials, including the Ambassador to the UK in London, were able to obtain any information about David.
Update: Here’s the statement the Brazilian government has released.
The Brazilian government expresses grave concern about the episode that happened today in London, where a Brazilian citizen was held without communication at Heathrow airport for 9 hours, in an action based in the British anti-terrorism legislation. This measure is without justification since it involves an individual against whom there are no charges that can legitimate the use of that legislation. The Brazilian Government expects that incidents such as the one that happened to the Brazilian citizen today do not repeat.