Former FBI Assistant Director Makes a Compelling Case to Eliminate the Corporation

Former FBI Assistant Director apparently isn’t afraid to embarrass himself to fear monger for law enforcement.

That’s the only conclusion I can reach by his penning this op-ed, which still bears its original title in the URL.

http://www.washingtonpost.com/posteverything/wp/2014/09/23/i-helped-save-a-kidnapped-man-from-murder-with-apples-new-encryption-rules-we-never-wouldve-found-him/

In it, Ronald T. Hosko claimed shamelessly that if Apple had been employing its new encryption plans earlier this year, a kidnap victim the FBI rescued would be dead. The two nut paragraphs originally read,

Hosko Fearmongering

It made no sense! As Hosko correctly explained, they solved this case with lawful intercepts of phone content.

Once we identified potential conspirators, we quickly requested and secured the legal authority to intercept phone calls and text messages on multiple devices.

Even if the kidnappers had a new iPhone, FBI would still go to precisely the same source they did go to — the telecom providers — to get the intercepts. The FBI never even had the actual phones of kidnappers in hand — except for the phone the gang leader used to direct the plot from prison, which he crushed before it could be investigated, a technology that has been available to thugs far longer than encryption has.

So it is quite clear that, had this technology been used by the conspirators in this case, the FBI would still have caught them, using precisely the same process they did use to catch them..

After Hosko got called on his false claims on Twitter, he made two corrections — first to this interim fallback. (h/t @empirical error for catching this)

Hosko

That didn’t make any more sense, as they were tracing calls made from the kidnappers. Once they got close enough to examine their actual devices, they had the kidnappers. Now he has changed it to read:

Last week, Apple and Google announced that their new operating systemswill be encrypted by default. Encrypting a phone doesn’t make it any harder to tap, or “lawfully intercept” calls. But it does limit law enforcement’s access to a data, contacts, photos and email stored on the phone itself.

That kind information can help law enforcement officials solve big cases quickly. For example, criminals sometimes avoid phone interception by communicating plans via Snapchat or video. Their phones contain contacts, texts, and geo-tagged data that can help police track down accomplices. These new rules will make it impossible for us to access that information. They will create needless delays that could cost victims their lives.*

[snip]

Editors note: This story incorrectly stated that Apple and Google’s new encryption rules would have hindered law enforcement’s ability to rescue the kidnap victim in Wake Forest, N.C. This is not the case. The piece has been corrected.

Phew. Apparently all this surveillance technology is hard to keep straight, even for an experienced FBI guy. But the truly funny part of Hosko’s piece — now that he at least has some semblance of factual accuracy (though I think he’s still exaggerating about video and Snapchat) — is where he suggests that we should not avail ourselves of any technologies that make it easier on criminals.

If our cutting edge technologies are designed to keep important dots out of the hands of our government, we all might start thinking about how safe and secure we will be when the most tech-savvy, dedicated criminals exponentially increase their own success rates​.

This would lead you to believe Hosko is unaware of the “cutting edge technology” that has probably kept more crime-solving information out of the hands of the government than any measly encryption: incorporation. Drug cartels, human traffickers, even dreaded banksters all use shell corporations as a favored technology to not only hide the evidence of their crime, but to dodge accountability if it ever is discovered. That snazzy technology, the corporation, has empowered criminals far more than cell phone encryption — with all the possible workarounds — will ever do.

Yet if you called for eliminating a beneficial technology like the corporation just because criminals also happen to find it useful, people would consider you batshit insane. It would be a totally disproportionate measure, trading away real benefits in the name of relative but not absolute safety.

But hey! Hosko has already embarrassed himself. So if he feels like doing so again, by all means, I implore him to call for the elimination of the corporation — or even just a few of the exotic financial tools that the most dangerous financial criminals use.

After all, it will make us safer!

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Noted Torture Apologist, Branded a Terrorist

For months, I’ve been pointing out that the fear-mongering estimates about the number of Americans who have joined ISIS are inflated due to faulty Terror Watchlist procedures.

That’s in large part because the government considers any unexplained travel to a place known for its terrorist training enough to treat you as a Suspected Terrorist.

[T]he government considers traveling to an area of terrorist activity to be reasonable suspicion that someone is a known or suspected terrorist. The watchlist guidelines list just that as one behavioral indicator for being watchlisted as a known or suspected terrorist (see page 35).

3.9.4 Travel for no known lawful or legitimate purpose to a locus of TERRORIST ACTIVITY.

This means that any Americans who have traveled to Syria or Iraq are likely classified, by default, as terrorists. And many of those may have traveled for entirely different reasons (like freelance journalism).

Given the realities of travel to Syria, this must (and has, among people indicted for attempted material support) extend to people who make one-way travel plans to Turkey, from whence recruits often walk across the border.

Yesterday, Spencer Ackerman got a Senior Official to make the same point I’ve been making — the 100 alleged fighters include a lot of people who are not fighters but instead got swept up because the terror watchlisting process is way too dysfunctional.

The US government believes there are 20 to 30 Americans currently fighting in Syria for the panoply of jihadist groups there, according to a senior official.

The estimate is less than an earlier and much-quoted assessment of approximately 100 Americans taking part in Syria’s civil war and the spillover violence in neighboring Iraq, where the Islamic State militant group (Isis) has launched a war of conquest.

A senior administration official, speaking to the Guardian on condition of anonymity, said that the estimate of roughly 100 represented all Americans who have travelled to Syria or attempted to travel to Syria over the past 18 months, a qualification that US government spokespeople have typically not provided.

Not all of the 20 to 30 Americans went to Syria to join Isis. Some fight with rebel groups resisting the regime of dictator Bashar al-Assad or rival jihadist groups.

[snip]

Nor have all the 100-odd Americans who have travelled or attempted to travel to Syria in the past year and a half gone to fight. The estimate also includes humanitarian aid workers and others attempting to alleviate the Middle East’s most brutal conflict, the official said.

Told ya.

If you want to see how ridiculous this is in practice (or, perhaps, how ironically appropriate) consider the plight of Stephen Hayes, Dick Cheney’s mouthpiece and all-around torture apologist. He recently got put on the Selectee list because — he believes — he made a one way trip to Istanbul for what was actually a cruise but if you do lots of mindless dragnettery might appear like a trip to join Jabhat al-Nusra. (I wouldn’t be surprised if he’s two degrees from some suspect, given how broadly those things get defined and how many international acquaintances he has.)

Hayes, who spoke to POLITICO by phone on Tuesday, suspects that the decision stems from U.S. concerns over Syria. Hayes and his wife recently booked a one-way trip to Istanbul for a cruise, and returned to the States, a few weeks later, via Athens.

It turns out Hayes is finding out the same thing I learned when my white northern European over-educated spouse went through the immigration process. Even for people who have resources and perfect English, making the bureaucracy work the way it is supposed to can be daunting.

At the time of our conversation, Hayes was on the DHS website trying to fill out forms to get his name cleared. It wasn’t going well.

“Not surprisingly, it’s confusing,” Hayes said. “The first time I did it, the whole site froze. Now it’s asking me for my passport number and a bunch of other information. Then I think I’m supposed to submit an actual copy of my passport, which I obviously can’t do electronically.”

Yes, I admit some glee that some like Hayes got swept up in the mindless dragnettery his boss championed. But even Hayes — whose life will soon be back to normal, I imagine — does not deserve this pointless harassment.

Consider how much worse this accidental terror-tourism is for Muslims who can’t run to the press which will mock their plight?

Stephen Hayes may be, by many measures, a horrible human being, arguably even a material supporter of war crimes. But his cruise out of Turkey does not make him a terrorist, no matter what the National Counterterrorism Center claims.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Law Enforcement’s Apple Security Hysteria: About Border Searches?

Border Zone MapAs I noted the other day, Apple just rolled out – and Google plans to match with its next Android release — passcode protected encryption for its cell phone handsets.

Last night WSJ had a story quoting some fairly hysterical law enforcement types complaining mightily not just that Apple is offering its customers security, but that it is a marketing feature.

Last week’s announcements surprised senior federal law-enforcement officials, some of whom described it as the most alarming consequence to date of the frayed relationship between the federal government and the tech industry since the Snowden revelations prompted companies to address customers’ concerns that the firms were letting—or helping—the government snoop on their private information.

Senior U.S. law-enforcement officials are still weighing how forcefully to respond, according to several people involved in the discussions, and debating how directly they want to challenge Apple and Google.

One Justice Department official said that if the new systems work as advertised, they will make it harder, if not impossible, to solve some cases. Another said the companies have promised customers “the equivalent of a house that can’t be searched, or a car trunk that could never be opened.”

Andrew Weissmann, a former Federal Bureau of Investigation general counsel, called Apple’s announcement outrageous, because even a judge’s decision that there is probable cause to suspect a crime has been committed won’t get Apple to help retrieve potential evidence. Apple is “announcing to criminals, ‘use this,’ ” he said. “You could have people who are defrauded, threatened, or even at the extreme, terrorists using it.”

I think the outrage about the stated case — that law enforcement will not longer be able to have Apple unlock a phone with a warrant — is overblown. As Micah Lee points out, the same data will likely be available on Apple’s Cloud.

But despite these nods to privacy-conscious consumers, Apple still strongly encourages all its users to sign up for and use iCloud, the internet syncing and storage service where Apple has the capability to unlock key data like backups, documents, contacts, and calendar information in response to a government demand. iCloud is also used to sync photos, as a slew of celebrities learned in recent weeks when hackers reaped nude photos from the Apple service. (Celebrity iCloud accounts were compromised when hackers answered security questions correctly or tricked victims into giving up their credentials via “phishing” links, Cook has said.)

And the stuff that won’t be on Apple’s Cloud will largely be available from a user’s phone provider — AT&T and Verizon will have call records and texts, for example. So one effect of this will be to put warrant decisions into a review process more likely to be scrutinized (though not in the case of AT&T, which has consistently proven all to happy to share data with the Feds).

Which is why I think the hysteria is either overblown or is about something else.

It may be that this prevents NSA from getting into handsets via some means we don’t understand. Matthew Green lays out how this change will bring real security improvement to your phone from all matter of hackers.

But the most immediate impact of this, I suspect, will be seen at borders — or rather, the government’s expansive 100 mile “border zone,” which incorporates roughly two-thirds of the country’s population. At “borders” law enforcement works under a warrant exception that permits them to search devices — including cell phones — without a warrant, or even any articulable suspicion.

And while it is the case that really aggressive security wonks can and do encrypt their phones now, it is not the default. Which means most people who cross an international border — or get stopped by some authority in that border zone — have their phone contents readily available to those authorities to search. Authorities routinely use their expanded border authority to obtain precisely the kinds of things at issue here, without any suspicion. The terrorist watchlist guidelines (see page 68), for example, note that border encounters may provide evidence from “electronic media/devices observed or copied,” including cell phones.

In 2011, DHS whipped out similarly hysterical language about what horribles actually requiring suspicion before searching a device might bring about.

[A]dding a heightened [suspicion-based] threshold requirement could be operationally harmful without concomitant civil rights/civil liberties benefit. First, commonplace decisions to search electronic devices might be opened to litigation challenging the reasons for the search. In addition to interfering with a carefully constructed border security system, the litigation could directly undermine national security by requiring the government to produce sensitive investigative and national security information to justify some of the most critical searches. Even a policy change entirely unenforceable by courts might be problematic; we have been presented with some noteworthy CBP and ICE success stories based on hard-to-articulate intuitions or hunches based on officer experience and judgment. Under a reasonable suspicion requirement, officers might hesitate to search an individual’s device without the presence of articulable factors capable of being formally defended, despite having an intuition or hunch based on experience that justified a search.

That is, DHS thinks it should be able to continue to search your phone at the border, because if it had to provide a rationale — say, to get a warrant — it might have to disclose the dodgy watchlisting policies that it uses to pick whose devices to search without any cause.

In other words, I’m arguing that the most immediate impact of this will be to lessen the availability of data increasingly obtained without a warrant, and given that the alternate means — administrative orders and warrants — require actual legal process, may mean these things will not be available at all.

If I’m right, though, that’s not a technical impediment. It’s a legal one, one which probably should be in place.

Update: Argh! This is even worse fear-mongering. A former FBI guy says he used intercepted communications to find kidnappers.

Once we identified potential conspirators, we quickly requested and secured the legal authority to intercept phone calls and text messages on multiple devices.

Then claims losing an entirely unrelated ability to search — for data stored on, and only on, handsets — would have prevented them from finding that kidnap victim.

Last week, Apple and Android announced that their new operating systemswill be encrypted by default. That means the companies won’t be able to unlock phones and iPads to reveal the photos, e-mails and recordings stored within.

It also means law enforcement officials won’t be able to look at the range of data stored on the device, even with a court-approved warrant. Had this technology been used by the conspirators in our case, our victim would be dead.

Instead of proving this guy would be dead, the story instead proves that this is not the most pressing information.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Obama Starts Syrian Bombing using Cover of Khorasan Claims

Last night, President Obama said the word “imminent” and started bombing Syria.

It appears the legal logic behind the attack (besides the fact that Congress hurriedly approved funding for war through December so it could get back to the campaign trail) is that in addition to striking ISIS in Syria (an attack we don’t have any reasonable  legal justification for) we are also attacking a group that James “Too Cute by Half” Clapper just rolled out, “Khorasan,” which unlike ISIS has not been kicked out of Al Qaeda and therefore might be targetable under the 2001 AUMF.

In spite of the fact that DOD allegedly had these Khorasan plans already in place, sources apparently felt like it’d be a good idea to alert them by telling Ken Dilanian they were the hot new thing just 10 days ago.

While the Islamic State group is getting the most attention now, another band of extremists in Syria — a mix of hardened jihadis from Afghanistan, Yemen, Syria and Europe — poses a more direct and imminent threat to the United States, working with Yemeni bomb-makers to target U.S. aviation, American officials say.

At the center is a cell known as the Khorasan group, a cadre of veteran al-Qaida fighters from Afghanistan and Pakistan who traveled to Syria to link up with the al-Qaida affiliate there, the Nusra Front.

Today’s continuation of that narrative appears in CNN (and ABC, which I won’t link to because of their infernal auto-play ads), which doesn’t ask how the US hoped to surprise Khorasan if they had just rolled them out as the big new boogeymen.

Among the targets of U.S. strikes across Syria early Tuesday was a collection of buildings to the west of Aleppo, some distance from ISIS strongholds.

While the United States worked with Arab partners to attack ISIS targets, the U.S. military alone took aim at the Khorasan Group, an organization formed by senior al Qaeda members based in Pakistan who traveled to Syria, CNN national security analyst Peter Bergenhas reported.

“Khorasan” is an ancient term for an Islamic empire.

The sites the United States struck overnight included “training camps, an explosives and munitions production facility, a communication building and command and control facilities,” the military said in a statement.

The group was actively plotting against a U.S. homeland target and Western targets, a senior U.S. official told CNN on Tuesday. The United States hoped to surprise the group by mixing strikes against it with strikes against ISIS targets.

The official said the group posed an “imminent” threat. But another U.S. official later said the threat was not imminent in the sense that there were no known targets or attacks expected in the next few weeks.

The plots were believed to be in an advanced stage, the second U.S. official said. There were indications that the militants had obtained materials and were working on new improvised explosive devices that would be hard to detect, including common hand-held electronic devices and airplane carry-on items such as toiletries.

The threat of Ibrahim al-Asiri –who with one bomb that could not have worked and several more claimed attacks identified by double agents in Saudi employ not only created the excuse for millions of dollars in TSA scanner profits, but also the ability to label Yemen an “imminent” threat and therefore bomb it — has moved to Syria.

Label the country an “imminent” threat. Then bomb.

In Obama’s statement, he emphasized the Khorasan tie.

Some questions smart people have been asking:

Micah Zenko: If Khorasan group was truly an imminent threat, why would the US delay bombing them just so they could bomb ISIS simultaneously?

Gregory Johnsen: Are people asking why a group calling itself “khurasan” is basing itself in Syria? Or is this just a USG name for a cell?

Spencer Ackerman: Why did a senior official say, just yesterday, that Khorasan was not an imminent threat.

Also:  Why was Asiri claimed to be helping ISIS back in July?

The sources on which this latest justification relies seem to be people — James Clapper and Mike Rogers are two — who have a somewhat strained relationship with the truth and a very cozy relationship with disinformation. Moreover, Congress still hasn’t been briefed on the covert ops (which both Clapper and Rogers do know about) that the CIA has been working, with their Saudi partner, in Syria.

But we’ve got some claim to “imminent” now, so it’s all good.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

The Covert Operation Undermining US Credibility against ISIS

Over the weekend, the NYT had a story reporting the “conspiracy theory” popular among Iraqis that the US is behind ISIS.

The United States has conducted an escalating campaign of deadly airstrikes against the extremists of the Islamic State for more than a month. But that appears to have done little to tamp down the conspiracy theories still circulating from the streets of Baghdad to the highest levels of Iraqi government that the C.I.A. is secretly behind the same extremists that it is now attacking.

“We know about who made Daesh,” said Bahaa al-Araji, a deputy prime minister, using an Arabic shorthand for the Islamic State on Saturday at a demonstration called by the Shiite cleric Moktada al-Sadr to warn against the possible deployment of American ground troops. Mr. Sadr publicly blamed the C.I.A. for creating the Islamic State in a speech last week, and interviews suggested that most of the few thousand people at the demonstration, including dozens of members of Parliament, subscribed to the same theory.

[snip]

The prevalence of the theory in the streets underscored the deep suspicions of the American military’s return to Iraq more than a decade after its invasion, in 2003. The casual endorsement by a senior official, though, was also a pointed reminder that the new Iraqi government may be an awkward partner for the American-led campaign to drive out the extremists.

It suggests the theory arises from lingering suspicions tied to our occupation of Iraq.

But, given the publicly available facts, is the theory so crazy?

Let me clear: I am not saying the US currently backs ISIS, as the NYT’s headline but not story suggests is the conspiracy theory. Nor am I saying the US willingly built a terrorist state that would go on to found a caliphate in Iraq.

But it is a fact that the US has had a covert op since at least June 2013 funding Syrian opposition groups, many of them foreign fighters, in an effort to overthrow Bashar al-Assad. Chuck Hagel confirmed as much in Senate testimony on September 3, 2013 (the NYT subsequently reported that President Obama signed the finding authorizing the op in April 2013, but did not implement it right away). We relied on our Saudi and Qatari partners as go-betweens in that op and therefore relied on them to vet the recipient groups.

At least as Steve Clemons tells it, in addition to the more “moderate” liver-eaters in the Free Syrian Army, the Qataris were (are?) funding Jabhat al-Nusra, whereas Saudi prince Bandar bin Sultan gets credit for empowering ISIS — which is one of the reasons King Abdullah took the Syria portfolio away from him.

McCain was praising Prince Bandar bin Sultan, then the head of Saudi Arabia’s intelligence services and a former ambassador to the United States, for supporting forces fighting Bashar al-Assad’s regime in Syria. McCain and Senator Lindsey Graham had previously met with Bandar to encourage the Saudis to arm Syrian rebel forces.

But shortly after McCain’s Munich comments, Saudi Arabia’s King Abdullah relieved Bandar of his Syrian covert-action portfolio, which was then transferred to Saudi Interior Minister Prince Mohammed bin Nayef. By mid-April, just two weeks after President Obama met with King Abdullah on March 28, Bandar had also been removed from his position as head of Saudi intelligence—according to official government statements, at “his own request.” Sources close to the royal court told me that, in fact, the king fired Bandar over his handling of the kingdom’s Syria policy and other simmering tensions, after initially refusing to accept Bandar’s offers to resign.

[snip]

ISIS, in fact, may have been a major part of Bandar’s covert-ops strategy in Syria. The Saudi government, for its part, has denied allegations, including claims made by Iraqi Prime Minister Nouri al-Maliki, that it has directly supported ISIS. But there are also signs that the kingdom recently shifted its assistance—whether direct or indirect—away from extremist factions in Syria and toward more moderate opposition groups.

[snip]

The worry at the time, punctuated by a February meeting between U.S. National Security Adviser Susan Rice and the intelligence chiefs of Turkey, Qatar, Jordan, and others in the region, was that ISIS and al-Qaeda-affiliated Jabhat al-Nusra had emerged as the preeminent rebel forces in Syria. The governments who took part reportedly committed to cut off ISIS and Jabhat al-Nusra, and support the FSA instead. But while official support from Qatar and Saudi Arabia appears to have dried up, non-governmental military and financial support may still be flowing from these countries to Islamist groups.

Thus, to the extent that we worked with Bandar on a covert op to create an opposition force to overthrow Assad, we may well have had an indirect hand in its creation. That doesn’t mean we wanted to create ISIS. It means we are led by the nose by the Saudis generally and were by Bandar specifically, in part because we are so reliant on them for our HUMINT in such matters. Particularly given Saudi support for Sunnis during our Iraq occupation, can you fault Iraqis for finding our tendency to get snookered by the Saudis suspect?

Moreover, our ongoing actions feed such suspicions. Consider the way the Administration is asking for Congressional sanction (at least in the form of funding) for an escalated engagement in the region, without first briefing Congress on the stupid things it has been doing covertly for the last 18 months?

Continue reading

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

On Day Senate Approved $500 Million for War in Syria, UN Announced $352 Million Funding Shortfall for Feeding Syrian Refugees

A recent theme of mine has been that most of the time, the only response the US can come up with for a crisis anywhere in the world is to ask “Which group should we arm?” Despite ample evidence that this inane desire to train and equip various groups around the world always comes back to bite us in the ass, the US is intent, once again, on training and arming “moderate” rebels in Syria. Never mind that it has been shown, repeatedly, that the so-called “moderates” in Syria are anything but, as they have demonstrated by eating an opponent’s heart and carrying out multiple beheadings.

The one time the US avoided this approach and instead relied on diplomacy was a huge success. Syria’s declared chemical weapons have been removed from the country and destroyed despite the difficulty of this process taking place while the civil war raged. Choosing to ignore that clear success, the US is determined to make the situation in Syria infinitely worse by pouring this renewed effort into training and arming rebels. It is very easy to predict that this effort will result in radicalizing a whole new generation of fighters determined to attack the US precisely because of how it is getting involved in the Syrian civil war.

The flip side to the question of “Which group should we arm?” should be “What can we do to make the lives of the citizens of this region better?” In Syria and the surrounding countries affected by the masses of citizens who have fled the war, that answer is very clear. These refugees need food. They need shelter. They need basic medical care. Their students need schools, as estimates now say close to three million Syrian children are not in school.

Sadly, last Thursday, on the very day that the US Senate went along with the vote the previous day in the House to make $500 million available for this doomed effort to train and arm rebels, the United Nations’ World Food Programme announced that due to funding shortfalls, food allocations for Syrian refugees will be cut drastically in October and November and may not be available at all in December:

“We have reached a critical point in our humanitarian response in Syria and in neighbouring countries and unless we manage to secure significant funding in the next few days, I am afraid we will have no choice but to scale back our operation,” said Muhannad Hadi, WFP’s Regional Emergency Coordinator for the Syrian crisis.

/snip/

In Syria from October, WFP will continue to provide food to more than 4 million people, but the food parcel will be smaller, providing less than 60 percent of the nutritional value recommended in emergencies in October and cutting even more in November. For December, WFP has no funding available for programmes in Syria.

The group faces similarly catastrophic shortfalls in the countries surrounding Syria where citizens have fled the violence.

The total funding shortfall is staggering:

WFP requires US$352 million for its operations as a whole until the end of the year, including US$95 million for its work inside Syria and US$257 million to support refugees in neighbouring countries.

So the US is throwing away more money than is needed to feed Syrian refugees through the end of the year on a plan that will increase violence and likely lead to the deaths of many of these same refugees from starvation, exposure to harsh winter conditions and “collateral damage” from poorly targeted missiles.

Consider the current plight of Syrian families. Their country is ripped apart by fighting that has raged for years. The bulk of the citizens have merely tried to avoid the violence, but it has rained down on them from all sides of a war that has countless groups taking part. Now, on the very day that the largest relief agency in the world announces that it will have to cut back on its already inadequate assistance, the US moves forward with a plan to waste more money than the World Food Programme needs in a way that will make their lives measurably worse.

The question is not whether starving Syrian refugees will be radicalized when poorly targeted US missiles kill innocent family members, as that is guaranteed. The only question is just how many of these newly radicalized enemies this latest clusterfuck of a plan will generate.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Raez Qadir Khan: Hoisting the FBI on Its Own Metadata Problems

Surveillance

As I said earlier, the lawyers defending Pakistani-American Raez Qadir Khan — who is accused of material support of terrorist training leading up to an associate’s May 2009 attack on the ISI in Pakistan — are doing some very interesting things with the discovery they’ve gotten.

Request for Surveillance Authorities

The first thing they did, in a July 14, 2014 filing, was to list all the kinds of surveillance they’ve been shown in discovery with a list of possible authorities that might be used to conduct that surveillance. The motion is an effort to require the government to describe what it got how.

The table above is my summary of what the motion reveals and shows only if a particular kind of surveillance happened during a given year; it only gives more specific dates for one-time events.

The brown (orange going dark!) reflects that emails were turned over in discovery from this period, but that the 2013 search warrant apparently says “authorization to collect emails existed from August 2009 to May 2012.” That’s not necessarily damning; they could get those earlier emails legitimately via a number of avenues that don’t involve “collecting” them. But it is worth noting for reasons I explain below.

The filing itself includes tables with more specific dates, Bates numbers, possible authorities, and — where relevant — search warrant items reliant on the items in question. It also describes surveillance they know to have occurred — further Internet and email surveillance, for example, a 2009 search of Khan’s apartment, as well as surveillance in later 2012 — that was not turned over in discovery.

Effectively, the motion lays out all the possible authorities that might be used to collect this data and then makes very visible that the criminal search warrant was derivative of it (there’s a bit of a problem, because the warranted March 2013 search actually took place after the indictment, and so Khan’s indictment can’t be entirely derivative of this stuff; that relies largely on emails).

I also think some of the authorities may not be comprehensive; for example, the pre-2009 emails may have been a physical FISA search. We also know FISC has permitted the government to collect URL searches under Section 215.

But it’s a damn good summary of the multiple authorities the government might use to obtain such information, by itself a superb demonstration of the many ways the government can obtain and parallel construct evidence.

The filing seems to suggest that the investigation started in fall 2009, some months after Khan’s alleged co-conspirator, Ali Jalil, carried out a May 2009 suicide attack in Pakistan. If that’s right, then the government obtained miscellaneous records (which is not at all surprising; these are things like immigration and PayPal records), email content, and call detail records retroactively. Alternately (Jalil was arrested in the Maldives in April 2006 and interrogated by people presenting themselves as FBI), the government conducted all the other surveillance back to 2005 in real time, but doesn’t want to show Khan’s team it has. In a response to this motion, the government claims that when the surveillance of Khan began is classified.

The motion for a description of which authorities the government used to obtain particular information is still pending.

Motion to Throw Out the Emails

Here’s where things get interesting.

On September 15, Khan’s lawyers submitted a filing moving to throw out all the email evidence (which is the bulk of what has been shown so far and — as I said — most of what the indictment relies on). It argues the 504 emails provided in discovery — spanning from February 2005 to February 2012–lack much of the metadata detail necessary to be submitted as authenticated evidence. Some of the problems, but by no means all, stem from FBI having printed out the emails, hand-redacted them, then scanned them and sent them as “electronic production” to Khan’s lawyers.

That argument is highly unlikely to get anywhere on its own, though a declaration from a forensics expert does raise real questions about the inconsistency of the metadata provided in discovery.

But the filing does pose interesting questions that — in conjunction with questions about the authorities used to investigate Khan — may be more fruitful.

Continue reading

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Oregon Prosecutors Wiretapped Defense Investigators on Mohamed Osman Mohamud Case

I’m working on a post on some interesting FISA moves the defense attorney for Reaz Qadir Khan, a Pakistani American indicted for material support for terrorism back in 2012, recently made. But before that, I wanted to note something revealed by documents in his prosecution that I wasn’t aware of before.

The FBI wiretapped 2 conversations and one voicemail defense investigators for Mohamed Osman Mohamud had with Khan in June 2011 and then handed those recordings over to the prosecutor who prosecuted Mohamud and is prosecuting Khan.

In a filing in April, Khan’s lawyers moved to obtain information about the government’s minimization procedures. They pointed to 4 different privileged conversations that had been included in discovery:

  • January 21, 2010 conversation between Khan and his immigration attorney seeking help because the FBI had told him he would be unable to fly overseas to visit his family
  • June 9, 2011 phone interview of Khan by Public Defenders conducting an investigation on behalf of Mohamed Osman Mohamud
  • June 14, 2011 phone interview between Khan and Mohamud’s investigators
  • June 14, 2011 voice mail in which a Mohamud investigator asked Khan to look for something needed by the defense

While the filing doesn’t identify Mohamud as the client in this case, the judge’s subsequent order to unseal the exhibits pertaining to those calls so as to be handed over to the defendant in that case references Mohamud’s docket.

Share with Mohamud

This also likely explains why, at the beginning of this case, the government submitted notice of a possible conflict involving Khan’s lawyer Amy Baggio[Update, that may refer to Lawrence Matasar, who then represented Khan.] She used to work at the Public Defenders office (for all we know, she could have been recorded on those calls). Also, it may begin to explain why the government indicted Khan on December 27, 2012, just weeks before Mohamud’s trial began, but waited to arrest him until March 5, 2013, after Mohamud’s trial had concluded.

Mohamud was right in the middle of his fight to throw out his conviction because he was not noticed about the government’s use of FAA at the time the judge issued this order on May 14, but I don’t see any sign of it in his docket.

While all this doesn’t explain what the tie between Khan and Mohamud is — in its response, the government actually claims it is “unrelated” and that it was not handed over to prosecutors until after the conclusion of Mohamud’s case (which would mean it wasn’t provided to the prosecutor before he indicted Khan) — it does make it clear that the government would share the privileged conversations of one defendant with that defendant’s prosecutor via the prosecution of another defendant under FISA.

In related news, the minimization procedures tied to FBI electronic surveillance released as part of the Yahoo dump have been on the fritz since the release. Here is a copy, but the section on privileged communication is entirely redacted.

Update: In a follow-up, Khan’s lawyer noted 3 more privileged conversations, all January 28, 2012 contacts between Khan and a T Nelson, who is probably Thomas Nelson, who was involved in — among other things — the al-Haramain case.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Criminal Docket Talk

Another week, another series of missteps and embarrassment for the National Felon League. More facts surface showing Adrian Peterson to be a backwards horrible human, the Cardinals’ Jonathan Dwyer is charged with felony assault for head butting his wife and breaking her nose and Roger Goodell held a news conference yesterday where he came off as even a bigger dissembling jackass than he seemed before.

Lost, at least somewhat, in the relentless shuffle of negativity surrounding the NFL were significant developments in the Ray Rice case that set everything off to start with. As an excellent report by ESPN’s Outside The Lines lays out, both the Baltimore Ravens and the NFL knew everything about the Rice incident immediately and colluded to minimize the impact on Rice. From the New York Daily News:

According to the ESPN report, the Ravens’ director of security, Darren Sanders, was made aware of the inside-the-elevator video just hours after Rice clocked his then-fiancée, Janay Palmer, at the now-closed Revel Hotel and Casino in Atlantic City in mid-February. Sanders, according to the report, had reached out to an Atlantic City police officer, who described in detail what transpires in the elevator video. Sanders then conveyed the information to Ravens executives, according to ESPN, although the report does not name which individuals Sanders contacted.

The report describes how Ravens owner Steve Bisciotti, team president Dick Cass and GM Ozzie Newsome worked behind the scenes to try to have their star running back get off with a lenient punishment. According to ESPN, the three men campaigned with prosecutors in Atlantic City — where Rice was charged with assault — as well as with Goodell, since he would mete out punishment for Rice, and with organizational personnel.

The full NYDN article linked above is worth a read, and the long form detailed ESPN OTL article is chock full of further details and a tick tock from the night of the incident through the present day. Literally the only person who seems to have consistently been honest in this mess is Ray Rice. As I said in last week’s Trash Talk, I think he has a pretty good chance in his appeal with the league and the Ravens over his suspension in light of the Article 46 §4 single penalty clause. The Players’ Union formally noticed that appeal last Tuesday, and it is supposed to be heard within ten days.

Hey, it is not just the NFL that is chock full of criminals, the NBA has them too! Rex Chapman, former sharp shooting guard for the Bullets and Suns, and former NBA team executive, just got arrested for shoplifting $14,000 (yes, $14,000!!) of Apple products in Scottsdale. Oh, and career criminal Jameis Winston is in trouble again.

Welp, in addition to all the criminal docket activity, there is purportedly actual football to be played. It seems kind of secondary any more.

The Florida Gators are in Tuscaloosa and look ripe to get rolled by the Tide. I actually think the BYU and Virginia game may be decent. Don’t sleep on the Cougars, they have a good team and a favorable schedule this year. They are capable of going undefeated, but the Cavaliers will be a test. FSU may not have Career Criminal Winton at QB, but they should have enough at home to get past Clemson. Mississippi State could be a tough matchup for LSU.

The big game in the National Felon League is, of course, the rematch of the Super Bowl when Peyton and the Broncs meet the Seasquawks in Seattle. This game will be a lot closer that the SB was; I rate it a toss up, but would not be surprised if Peyton pulls off the win. The surprising Bills host the Chargers in an early game that should be pretty interesting. The Packers are in Detroit. Both teams are 1-1 and need the win. As much as I hate to say it, I think Detroit is the better team right now, and it will show. But Aaron Rodgers is starting to heat up again, so it could go either way. While the rest of the country is watching Peyton versus the Squawks, I will be stuck with Niners at the Cards. Carson Palmer is out again it appears for the Cards, and Drew Stanton will start for a second week in a row. With Palmer, I would like the Cards, but not sure there will be enough offense without him, so I will take the Niners there.

Well, that is enough. Talk some trash amongst yourselves.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Unit 8200 Refuseniks Make Visible for Israel What Remains Invisible in the US

Last week, 43 reserve members of Israel’s equivalent to the NSA, Unit 8200, released a letter announcing they would refuse to take actions against Palestinians because the spying done on them amounts to persecution of innocent people. The IDF has responded the same way government agencies here would — scolding the whistleblowers for not raising concerns in official channels. But the letter has elicited rare public discussion about the ethics and morality of spying.

One of the allegations made by the refuseniks highlighted in the English press is that Israel used SIGINT to recruit collaborators, which in turn divides the Palestinian community.

The Palestinian population under military rule is completely exposed to espionage and surveillance by Israeli intelligence. While there are severe limitations on the surveillance of Israeli citizens, the Palestinians are not afforded this protection. There’s no distinction between Palestinians who are, and are not, involved in violence. Information that is collected and stored harms innocent people. It is used for political persecution and to create divisions within Palestinian society by recruiting collaborators and driving parts of Palestinian society against itself. In many cases, intelligence prevents defendants from receiving a fair trial in military courts, as the evidence against them is not revealed. Intelligence allows for the continued control over millions of people through thorough and intrusive supervision and invasion of most areas of life. This does not allow for people to lead normal lives, and fuels more violence further distancing us from the end of the conflict. [my emphasis]

These refuseniks, apparently, have access both to the intelligence they collect and how it is used. That means they’re in a position to talk about the effects of Unit 8200′s spying. And press coverage has made it sound like something that would uniquely happen to occupied Palestinians.

It’s not.

We know of one way that the NSA’s dragnet is definitely being used to recruit informants (aka collaborators), and another whether it it permissible to use.

The first way is via the phone dragnet. As I have noted, the government has twice told the FISA Court — once in 2006 and once in 2009 — that FBI uses dragnet derived information to identify people who might cooperate (aka inform or collaborate) in investigations. Once people come up on a 2-degree search, they are dumped into the corporate store indefinitely, data mined with sufficient information to find embarrassing and illegal things. Apparently, FBI uses such data to coerce cooperation, though we have no details on the process.

All the revealing things metadata shows? The government uses that information to obtain informants.

One way the government probably does this is by using the connections identified by metadata analysis (remember, this is not just phone and Internet data, but also includes financial and travel data, at a minimum) to put people on the No Fly list, regardless of whether they are a real threat to this country. Then, No Fly listees have alleged, FBI promises help getting them off that life-altering status if they inform on their community.

More troubling still is FBI’s uncounted use of warrantless back door searches of US person content when conducting assessments. As I noted, in addition to doing assessments in response to “tips,” the FBI will use them to profile communities or identify potential informants.

As the FBI’s Domestic Investigations and Operations Guide describes, assessments are used for “prompt and extremely limited checking out of initial leads.” No factual predicate (that is, no real evidence of wrong-doing) is required before the FBI starts an assessment. While FBI cannot use First Amendment activities as the sole reason for assessments, they can be considered. In addition to looking into leads about individual people, FBI uses assessments as part of the process for Domain Assessments (what FBI calls their profiling of Muslim communities) and the selection of informants to try to recruit. In some cases, an Agent doesn’t need prior approval to open an assessment; in others, they may get oral approval (though for several kinds, an Agent must get a formal memo approved before opening an assessment). And while Agents are supposed to record all assessments, for some assessments, they’re very cursory reports — basically complaint forms. That is, for certain types of assessments, FBI is not generating its most formal paperwork to track the process.

So while I can’t point to a DOJ claim to FISC that these back door searches are useful because they help find informants, it appears to be possible. Plus, as early as 2002, Ted Olson said they would use evidence of rape collected using traditional FISA to talk someone into cooperating (aka inform or collaborate); that was the reason he gave for blowing the wall between intelligence and criminal investigations to smithereens.

Indeed, knowing the way the government uses phone dragnet information as an index to collected content, the government may well use phone dragnet metadata to pick which Americans to subject to warrantless back door searches.

It sounds really awful when we hear about Israel using SIGINT — including information we provide without minimizing it — to spy on Palestinians.

But we have a good deal of reason to believe the US intelligence community — in collaboration — does similar things, spying on Muslim communities and using SIGINT to recruit collaborators that end up sowing paranoia and distrust in the communities.

Not only don’t we have a group of refuseniks who, among themselves, can explain how all of this works. But how the FBI uses all this data is precisely what the government intends to keep secret under the so-called “transparency” provisions of USA Freedom Act. While I will provide more detail in a follow-up post, remember that the FBI refuses to count its back door searches, which means it would be almost impossible for anyone to get a real sense of how these warrantless back door searches on US persons are used. It also has asserted it does not need to disclose evidence derived from Section 215 to criminal defendants, which is another way the evidence against defendants gets hidden.

It’s awful that Israel is doing it. But it’s even worse that we’re almost certainly doing the same, but that we can only find hints of how it is being done.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Emptywheel Twitterverse

bmaz RT @billmon1: CNN: America's Most Trusted Name in Hysterical Fear Mongering --> https://t.co/xhiv2ZXv1G
1hreplyretweetfavorite
bmaz @seattletimes @nigelduara 30 hours overtime in a day?? "Lax" seems a wee bit 'o and understatement.
3hreplyretweetfavorite
bmaz @ArizonaLuke @brahmresnik @noprezzie2012 @cocoasaurus That's pathetic. Grow up little punk.
3hreplyretweetfavorite
bmaz @ArizonaLuke @brahmresnik @noprezzie2012 @cocoasaurus Right back at ya, Mr. Mindless "Producer of Events"
3hreplyretweetfavorite
bmaz @JulieATate @attackerman Isn't it like 4 am or something there on the other side of the country? What you doing up girl?
3hreplyretweetfavorite
bmaz @ArizonaLuke @brahmresnik @noprezzie2012 @cocoasaurus Do you get paid to troll people with that bogus Alinsky shit, or just have no life?
3hreplyretweetfavorite
bmaz @fordm Lorde knows
3hreplyretweetfavorite
bmaz @fordm Matt.....
3hreplyretweetfavorite
JimWhiteGNV @biasedreporter Somehow they wound up in spam. Don't know why. I freed one copy.
5hreplyretweetfavorite
JimWhiteGNV @biasedreporter Hmm. Not sure what went wrong. I don't see it in moderation, either.
5hreplyretweetfavorite
October 2014
S M T W T F S
« Sep    
 1234
567891011
12131415161718
19202122232425
262728293031