ACLU

1 2 3 13

Did They Call Wiley Gill “Mohammed Raghead” Before Claiming Videogame Was a Flight Simulator?

The ACLU is suing the Federal Government for the standards it uses in Suspicious Activity Reports, which can record completely innocent actions. A lot of people are citing James Prigoff — an 86-year old photographer and retired business executive, who got tracked to his Sacramento, CA home for taking a picture of a well-known Boston landmark.

But given the denials about the tracking of Muslims in response to the Intercept story on NSA’s surveillance of 5 Muslim leaders, the SAR complaint of of Wiley Gill, a convert to Islam, deserves as much attention.

Gill describes how the cops in Chico, CA, had been tracking him both online and at the local mosque, when they invented the pretense of a domestic violence complaint to search his home without a warrant. They found something on video games loaded on his computer and deemed it a flight simulator.

The SAR was created on or about May 23, 2012, and purports to document an encounter between Mr. Gill and the Chico Police Department (“CPD”) on or about May 20, 2012. The SAR states that a CPD officer was investigating a domestic violence incident and believed the suspect may have fled into Mr. Gill’s residence. The SAR states that this was later discovered to be unfounded. It acknowledges that the CPD officer searched Mr. Gill’s home. The SAR asserts that Mr. Gill’s computer displayed a screen titled something to the effect of “Games that fly under the radar,” which appeared to be a “flight simulator type of game.” The SAR concludes by describing Mr. Gill’s “full conversion to Islam as a young WMA [white, male adult],” “pious demeanor,” and “potential access to flight simulators via the internet” as “worthy of note.”

Admittedly, the bias inherent to Gill’s SAR came from local cops, not the FBI or NSA. But I’d be willing to bet it responded to alerts (FBI and DHS both release them) about white converts to Islam.

The Intercept story, remember, described an internal document referring to targets as “Mohammed Raghead.” NSA has disclaimed any tie to that — even more aggressively than FBI did its own totally racist documents.

And while I presume whatever alerts to local cops led them to track Gill’s non-suspicious behavior said nothing explicitly racist, at some point the system reinforces a system under which Muslims get tracked, and others do not.

Center for Democracy and Technology’s James Dempsey on “the Wall,” Then and Now

Remember “the wall” that used to separate intelligence from criminal investigations and was used as an excuse for intelligence agencies not sharing intelligence they were permitted to share before 9/11?

It was demolished in 2001 — when the PATRIOT Act explicitly permitted what had been permitted before, sharing of intelligence information with the FBI – and 2002 — when the FISA Court of Review overruled presiding FISA Judge Royce Lamberth’s efforts to sustain some Fourth Amendment protections in criminal investigations using minimization procedures.

Nevertheless, the specter of a wall that didn’t prevent the Intelligence Committee from discovering 9/11 rising again is one of the things lying behind PCLOB’s weak recommendations on back door searches in its report on Section 702.

Of particular note, that’s what the Center for Democracy and Technology’s James Dempsey cites in his squishy middle ground recommendation on back door searches.

It is imperative not to re-erect the wall limiting discovery and use of information vital to the national security, and nothing in the Board’s recommendations would do so. The constitutionality of the Section 702 program is based on the premise that there are limits on the retention, use and dissemination of the communications of U.S. persons collected under the program. The proper mix of limitations that would keep the program within constitutional bounds and acceptable to the American public may vary from agency to agency and under different circumstances. The discussion of queries and uses at the FBI in this Report is based on our understanding of current practices associated with the FBI’s receipt and use of Section 702 data. The evolution of those practices may merit a different balancing. For now, the use or dissemination of Section 702 data by the FBI for non-national security matters is apparently largely, if not entirely, hypothetical. The possibility, however, should be addressed before the question arises in a moment of perceived urgency. Any number of possible structures would provide heightened protection of U.S. persons consistent with the imperative to discover and use critical national security information already in the hands of the government.546 

546 See Presidential Policy Directive — Signals Intelligence Activities, Policy Directive 28, 2014 WL 187435, § 2, (Jan. 17, 2014) (limiting the use of signals intelligence collected in bulk to certain enumerated purposes), available at http://www.whitehouse.gov/the-press-office/2014/01/17/presidential-policy-directive-signals-intelligence-activities.  [my emphasis]

Dempsey situates his comments in the context of the “wall.” He then suggests there are two possible uses of back door searches: “national security matters,” and non-national security matters, with the latter being entirely hypothetical, according to what the FBI self-reported to PCLOB.

Thus, he’s mostly thinking in terms of “possible structures [that] would provide heightened protection of US. persons,” to stave off future problems. He points to President Obama’s PPD-28 as one possibility as a model.

But PPD-28 is laughably inapt! Not only does the passage in question address “bulk collection,” which according to the definition Obama uses and PCLOB has adopted has nothing to do with Section 702. “[T]he Board does not regard Section 702 as a ‘bulk’ collection program,” PCLOB wrote at multiple points in its report.

More troubling, the passage in PPD-28 Dempsey cites permits bulk collection for the following uses:

(1) espionage and other threats and activities directed by foreign powers or their intelligence services against the United States and its interests;

(2) threats to the United States and its interests from terrorism;

(3) threats to the United States and its interests from the development, possession, proliferation, or use of weapons of mass destruction;

(4) cybersecurity threats;

(5) threats to U.S. or allied Armed Forces or other U.S or allied personnel;

(6) transnational criminal threats, including illicit finance and sanctions evasion related to the other purposes named in this section;

Ultimately, this represents — or should — an expansion of permissible use of Section 702 data, because its discussion of  terrorism and cybersecurity do not distinguish between those with an international nexus and those without. And the discussion of transnational crime might subject any petty drug dealer selling dope from Mexico to foreign intelligence treatment.

That this is what passes for the mushy middle on PCLOB is especially curious given that Dempsey was one of the first PCLOB member to express concern about back door searches. He did so in November’s Section 215 hearing, and even suggested limiting back door searches to foreign intelligence purposes (which is not the standard for FBI, in any case) was inadequate. Nevertheless, in last week’s report, he backed only very weak protections for back door searches, and did so within the context of national security versus non-national security, and not intelligence versus crime.

Now, I don’t mean to pick on Dempsey exclusively — I’ll have a few more posts on this issue. And to be clear, Dempsey does not represent CDT at PCLOB; he’s there in his private capacity.

But I raised his affiliation with CDT because in that capacity, Dempsey was part of an amicus brief, along with representatives from ACLU, Center for National Security Studies, EPIC, and EFF, submitted in the In Re Sealed Case in 2002, in which the FISA Court of Review reversed Lamberth and permitted prosecutor involvement in FISA warrants. That brief strongly rebuts the kind of argument he adopted in last week’s PCLOB report.

Continue reading

The Delayed “Imminence” of Anwar al-Awlaki’s Killing

As a number of people have noted (Jen Daskal is one), the OLC memo released yesterday doesn’t describe what the government considers an imminent threat.

Meanwhile, Ben Wittes is unexpectedly spending his time writing interesting posts about why imminence is in there in the first place, and not mocking the NYT editorial calling for a drone and/or targeted killing court.

Wittes writes.

I think the source of law for imminence in Holder’s speech, in the white paper, and in this memo is a presidential covert action finding. That is, I think the president, in issuing whatever finding gave rise to the killing of Al-Aulaqi, limited the authorization to situations involving imminent threats. This invocation was prudential, not legally required by any other source of law, but it operates as law for the executive branch.

There are a few pieces of evidence—not conclusive, but suggestive—supporting this view:

The most important is that memo—by omission—excludes the other major possibilities. If the imminence requirement is not there because of constitutional separation of powers, international law, or the constitutional rights of the targets, it’s got to be coming from somewhere. Internal executive branch law is one of the few remaining possibilities.

Moreover, it’s the only obvious possibility I can think of that would leave so little footprint in the memo. Indeed, if the imminence discussion is present but redacted, that suggests that the very source of law is classified. That is consistent with its appearance in a finding. Alternatively, if the reason the discussion seems to be missing is that it isn’t there at all, that is also consistent with its originating in a finding. After all, if we assume that imminence is only a requirement because the president said it’s a requirement, it follows that the concept means—at least in this context—whatever the president wants it to mean.

I’m not sure I buy that there is no legal reason for imminence, but I do agree it is relatively absent in what we have of the July 16, 2010 memo.

As it happens, in my thinking about the absence of a discussion of imminence in this memo, I have started comparing what’s in the white paper but not the OLC memo (I have already noted that the desultory treatment of why Courts couldn’t review the assassination is not in the OLC memo).

Remember, there are two possible explanations for why something would be in the White Paper (dated November 8, 2011, over a month after Awlaki was killed) but not in the July 16, 2010 OLC memo we got yesterday. First, those missing elements could be in the first OLC memo, from February 2010. Section VI of yesterday’s memo cites from and appears to repeat the analysis from that other memo. And that’s precisely where the reference to “imminent” is.

The task before OLC in February 2010 was likely somewhat different than the task in July 2010, because not only did OLC have to come up with an argument for killing an American going forward, but it likely felt some urgency to justify the attack on Awlaki attempted on Christmas Eve 2009, which was by all reports conducted under Article II justification. Dana Priest’s report that Awlaki was on the JSOC kill list probably created real urgency in January and February to provide this justification. Both the fact that that strike was attempted under solely Presidential authority, and that it was done without prior OLC review would raise the importance of arguing that Awlaki, in the wake of early December 2009 revelations that he had been in contact with Nidal Hasan, was an imminent threat.

The other possibility is that the emphasis on imminence came after the OLC memo, and DOJ added it into the white paper either for what was intended to be public (or at least Congressional) consumption, or to deal with developments that occurred between the time David Barron finished the memo in July 2010 and the time the government killed Awlaki 14 months later.

Meanwhile, I’ve been puzzling over something that appears in the white paper that we know can’t appear in either OLC memo: the citation to John Brennan’s September 16, 2011 speech on “Strengthening our Security by Adhering to our Values and Laws.” This sentence of that speech was cited: “The United States does not view our authority to use military force against al-Qa’ida as being restricted solely to ‘hot’ battlefields like Afghanistan.” That is, unless I’m mistaken, the only reference to a source that post-dates the OLC memo that authorized Awlaki’s killing.

As it turns out, that sentence introduces a discussion that leads to a treatment of the government’s definition of “imminence.”

The United States does not view our authority to use military force against al-Qa’ida as being restricted solely to “hot” battlefields like Afghanistan.  Because we are engaged in an armed conflict with al-Qa’ida, the United States takes the legal position that —in accordance with international law—we have the authority to take action against al-Qa’ida and its associated forces without doing a separate self-defense analysis each time.  And as President Obama has stated on numerous occasions, we reserve the right to take unilateral action if or when other governments are unwilling or unable to take the necessary actions themselves.

That does not mean we can use military force whenever we want, wherever we want. International legal principles, including respect for a state’s sovereignty and the laws of war, impose important constraints on our ability to act unilaterally—and on the way in which we can use force—in foreign territories.

Others in the international community—including some of our closest allies and partners—take a different view of the geographic scope of the conflict, limiting it only to the “hot” battlefields.  As such, they argue that, outside of these two active theatres, the United States can only act in self-defense against al-Qa’ida when they are planning, engaging in, or threatening an armed attack against U.S. interests if it amounts to an “imminent” threat.

In practice, the U.S. approach to targeting in the conflict with al-Qa’ida is far more aligned with our allies’ approach than many assume.  This Administration’s counterterrorism efforts outside of Afghanistan and Iraq are focused on those individuals who are a threat to the United States, whose removal would cause a significant – even if only temporary – disruption of the plans and capabilities of al-Qa’ida and its associated forces.  Practically speaking, then, the question turns principally on how you define “imminence.”

We are finding increasing recognition in the international community that a more flexible understanding of “imminence” may be appropriate when dealing with terrorist groups, in part because threats posed by non-state actors do not present themselves in the ways that evidenced imminence in more traditional conflicts.  After all, al-Qa’ida does not follow a traditional command structure, wear uniforms, carry its arms openly, or mass its troops at the borders of the nations it attacks.  Nonetheless, it possesses the demonstrated capability to strike with little notice and cause significant civilian or military casualties.  Over time, an increasing number of our international counterterrorism partners have begun to recognize that the traditional conception of what constitutes an “imminent” attack should be broadened in light of the modern-day capabilities, techniques, and technological innovations of terrorist organizations.

At a minimum, Brennan’s speech might suggest the imminence analysis is in the OLC memos, to the extent it is, because our allies would insist on it. But even while he does that — and purportedly cedes to the international view on the battlefield that would 2 weeks later take Awlaki’s life — he suggests the definition is changing.

Remember, too, that Assassination Drone Czar Brennan would have been the one to conduct the final review of the standards laid out before okaying the killing of Awlaki, the one to decide he was still an imminent threat 21 months after he was first targeted. So Brennan’s depiction of a changing standard of imminence is quite interesting, given that either by this time, or 2 weeks later, he would have signed off on the imminence of the threat Awlaki posed.

I raise Brennan not just because I find it significant that the white paper relied on this as a “source” of authority to kill Awlaki over a year after OLC had judged it. But the reliance on the speech also suggests that the white paper emphasis on imminence might post-date both OLC’s memos on Awlaki.

And there is one obvious thing that emphasized imminence — and the potential role of judges — that post-dated the OLC memo, though not by much. Around July 1, Nasir al-Awlaki’s father retained ACLU and Center for Constitutional Rights to represent him in a challenge to Awlaki’s targeting. The very same day OLC issued its memo, Treasury named Awlaki a Special Designated Terrorist, which required the ACLU and CCR to request permission to represent Awlaki’s father to avoid being charged with material support for terrorism.

In their suit — filed August 30 — they asked for,

a declaration from this Court that the Constitution and international law prohibit the government from carrying out targeted killings outside of armed conflict except as a last resort to protect against concrete, specific, and imminent threats of death or serious physical injury; and an injunction prohibiting the targeted killing of U.S. citizen Anwar Al-Aulaqi outside this narrow context.

That is, the ACLU/CCR suit emphasizing imminence almost certainly would have raised the stakes for it, if it wasn’t already a government standard.

In September, the government moved to dismiss the suit, arguing (as they did in the white paper but not the July 2010 OLC memo) that the courts had no role in reviewing this issue…

The Judiciary is simply not equipped to manage the President and his national security advisors in their discharge of these most critical and sensitive executive functions and prescribe ex ante whether, where, or in what circumstances such decisions would be lawful. Whatever the limits of the political question doctrine, this case is at its core.

… And arguing that the courts couldn’t determine whether someone was an imminent threat.

For example, even assuming for the sake of argument that plaintiff has appropriately described the legal contours of the President’s authority to use force in a context of the sort described in the Complaint, the questions he would have the court evaluate—such as whether a threat to life or physical safety may be “concrete,” “imminent,” or “specific,” or whether there are “reasonable alternatives” to force—can only be assessed based upon military and foreign policy considerations, intelligence and other sources of sensitive information, and real-time judgments that the Judiciary is not well-suited to evaluate.

See also this post for the choose your own adventure novel the government laid out to cover Awlaki’s killing.

Whatever the government argued in February 2010, its arguments to combat this suit in September 2010 required the government to deal with imminence directly, whether or not they did extensively in February or July 2010. And then, just weeks before they killed Awlaki (it having been a year since the most recent publicly claimed attack the government claimed Awlaki had a role in), the Administration publicly advocated a very flexible notion of imminence.

Clearly, the government nodded to imminence before the Nasir al-Awlaki suit, at least by a few weeks. But certainly, the government’s successful attempt at avoiding court review relied on certain arguments that show up in more prominent form in November 2011 then it does in July 2010.

Again, I’m agnostic whether the government emphasized imminence to explain the (under the standard as written, because the government did not believe Awlaki to be operational on that day) illegal strike against Awlaki from December 24, 2009, or whether they increased their focus on imminence in response to CCR and ACLU. But I think either might be a likely explanation.

“Trap and Trace Confidentiality” and National Dragnets

As a number of outlets are reporting, ACLU liberated some emails catching Florida cops agreeing to lie about the Stingray devices used to capture suspects.

As you are aware for some time now, the US Marshalls and I believe FDLE have had equipment which enables law enforcement to ping a suspects cell phone and pin point his/her exact location in an effort to apprehend suspects involved in serious crimes. In the past, and at the request of the U.S. Marshalls, the investigative means utilized to locate the suspect have not been revealed so that we may continue to utilize this technology without the knowledge of the criminal element. In reports or depositions we simply refer to the assistance as “received information from a confidential source regarding the location of the suspect.” To date this has not been challenged, since it is not an integral part of the actual crime that occurred.

The email goes on to instruct that “it is unnecessary to provide investigative means to anyone outside of law enforcement.”

But i’m most interested in the subject line for this email: “Trap and Trace Confidentiality.”

That seems to confirm what ACLU and WSJ have reported earlier this month. Law enforcement are obtaining location data under Pen Register or Trap and Trace orders, meaning they’re claiming that location data are simply metadata.

That (and the arrogant parallel construction) is problematic for a lot of reasons, but given two developments on the national dragnet, I think we should be newly concerned there, too.

As I have noted, several months after NSA’s Pen Register/Trap and Trace authority was shut down, FBI still had an active PRTT program from which NSA was obtaining data.

PRTT2

 

And not only does it seem that the government plans to resume some kind of PRTT dragnet, but there’s reason to believe they’re still hiding one.

The thing is, I have perhaps mistakenly always assumed these PRTT programs involved the collection of Internet metadata off telecom backbones. While I’m sure they collect large amounts of Internet metadata somehow, I realize now that they might also be operating (or planning to operate) large scale PRTT location programs. Remember, too, that Ron Wyden was asking provocative questions about the intelligence community’s use of cell location data just days before this classification guide.

Mind you, the Quartavious decision might make that impossible now.

But given the USM apparently concerted effort to hide the fact that PRTT equates to cell location orders, we should at least consider whether the government operates more systematic location programs.

Richard Posner Prepares to Overrule the Intent of Congress, and Other FISA in Court Stories

While the focus on NSA related issues will be on Washington DC today, with activist events, a debate at Brookings, and a Senate Intelligence Committee hearing, yesterday it was in several courtrooms.

In Chicago DC, Richard Posner reportedly seemed intent on finding a way to overturn Sharon Johnson Coleman’s order that Adel Daoud’s lawyers should be able to review the FISA materials leading to the investigation into him. It seems Posner is not all that interested in Congress’ intent that, in some cases, defendants would be able to review FISA warrants.

While she also reportedly seemed inclined to overturn Coleman’s decision, Ilana Diamond Rovner at least recognized the clear intend of Congress to permit reviews in some circumstances.

Another of the appeals court panelists, Judge Ilana Diamond Rovner, added that Coleman appeared to have “discarded” applicable FISA law and come up with her own justification for opening the records.

Rovner noted in a question for Ridgway that when Congress enacted the FISA law in the 1970s, it could have clearly indicated defense attorneys should never get access to the records. But it didn’t do that, she said.

“Can you give me any scenario where disclosure (to the defense) would be necessary?” Rovner asked.

“It would be a rare circumstance,” Ridgway, the assistant U.S. attorney, responded.

As I noted, the Defense made a very good argument that Congress intended review in such cases as this one.

Perhaps most stunning, however, is the way everyone but a big team of government prosecutors got booted from the court room.

As the arguments concluded, Judge Richard Posner announced the public portion of the proceedings had concluded and ordered the stately courtroom cleared so the three-judge panel could hold a “secret hearing.” Daoud’s attorney, Thomas Anthony Durkin, rose to object, but Posner did not acknowledge him. Deputy U.S. marshals then ordered everyone out – including Durkin, his co-counsel and reporters.

Only those with the proper security clearance — including U.S. Attorney Zachary Fardon, his first assistant, Gary Shapiro, and about a dozen FBI and U.S. Department of Justice officials – were allowed back in the courtroom before it was locked for the secret session.

Durkin, a veteran Chicago lawyer, said outside the courtroom he was not notified in advance that there would be a secret hearing and called the move unprecedented.

“Not only do I not get to be there, but I didn’t even get to object,” Durkin said. “I had to object over the fact that I couldn’t even make an objection.”

I suspect Posner used the period to conduct his own review of the FISA materials, substituting his judgment for Coleman’s, so as to uphold DOJ’s flawless record of never having their FISA worked checked.

But don’t worry: NSA  defenders will point to this and claim has been thoroughly vetted.

Meanwhile, in Oregon, where Mohamed Osman Mohamud is challenging what increasingly looks like his discovery off a back door search, the government appears to have argued that there is a foreign intelligence exception to the Fourth Amendment.

Assistant U.S. Attorney Ethan Knight countered that the government has court-approved procedures in place that were followed with respect to Mohamud’s case. Warrants are not required under an exception for foreign intelligence, he argued.

“The reality is when you peel back the layers of hyperbole, what would be unprecedented is if this court were to grant the defendant’s motion,” Knight said.

He also pushed back against a wider examination of the program, saying that it was “not the time or place or even arguably the branch of government” for the broader debate.

Granted, this is not much more extreme than the argument the government made in its filings (as summarized by ACLU’s Jameel Jaffer), that Americans may have no privacy interest in international communications.

In  support of the law, the government contends that Americans who make phone calls or sends emails to people abroad have a diminished expectation of privacy because the people with whom they are communicating – non-Americans abroad, that is – are not protected by the Constitution.

The government also argues that Americans’ privacy rights are further diminished in this context because the NSA has a “paramount” interest in examining information that crosses international borders.

And, apparently contemplating a kind of race to the bottom in global privacy rights, the government even argues that Americans can’t reasonably expect that their international communications will be private from the NSA when the intelligence services of so many other countries – the government doesn’t name them – might be monitoring those communications, too.

The government’s argument is not simply that the NSA has broad authority to monitor Americans’ international communications. The US government is arguing that the NSA’s authority is unlimited in this respect. If the government is right, nothing in the Constitution bars the NSA from monitoring a phone call between a journalist in New York City and his source in London. For that matter, nothing bars the NSA from monitoring every call and email between Americans in the United States and their non-American friends, relatives, and colleagues overseas.

The legal record on this is specific. While FISC found there was a warrant exception for “foreign” communications in Yahoo’s challenge of the Protect America Act, the FISA Court of Review’s decision was more narrow, finding only that there was a special need for the information before it, and also finding there were adequate protections for Americans (protections the government has been abrogating since the start of these warrantless programs). So while I will have to check the record, it appears that the line attorneys are going beyond what the appellate record (such as the FISCR decision can be called an appellate record) holds.

Why Are the US Marshals at the Center of All These Pen Registers?

The US Marshal Service shows up prominently in two Pen Register stories from yesterday.

First, as part of a great story from WSJ’s Jen Valentino-Devries mapping out how many federal criminal electronic records requests never get unsealed…

In eight years as a federal magistrate judge in Texas, Brian Owsley approved scores of government requests for electronic surveillance in connection with criminal investigations—then sealed them at the government’s request. The secrecy nagged at him.

So before he left the bench last year, the judge decided to unseal more than 100 of his own orders, along with the government’s legal justification for the surveillance. The investigations, he says, involved ordinary crimes such as bank robbery and drug trafficking, not “state secrets.” Most had long since ended.

A senior judge halted the effort with a one-paragraph order that offered no explanation for the decision and that itself was sealed.

She released this summary of all the Federal Pen Register/Trap and Trace requests in 2012. As she pointed out on Twitter, the greatest number of requests don’t come from FBI. They come from the USMS, which submitted almost half of all requests that year, with 9,132.

Then, the ACLU revealed that, just before an appointment to view Sarasota, Florida’s requests under the Pen Register authority to use Stingray IMSI catchers to identify cell locations, the US Marshals declared control over the records, claiming they had deputized the local cop who had made the requests.

Over the past several months, the ACLU has filed dozens of public records requests with Florida law enforcement agencies seeking information about their use of controversial cell phone tracking devices known as “stingrays.” (The devices are also known as “cell site simulators” or “IMSI catchers.”) Stingrays track phones by mimicking service providers’ cell towers and sending out powerful signals that trick nearby phones — including phones of countless bystanders — into sending their locations and identifying information.

The Florida agencies’ responses to our requests have varied widely, with somestonewalling and others releasing records. The most recent request went to the Sarasota Police Department, and the fallout from that request has raised red flag after red flag.

RED FLAG #1: The Sarasota Police initially told us that they had responsive records, including applications filed by and orders issued to a local detective under the state“trap and trace” statute that he had relied on for authorization to conduct stingray surveillance. That raised the first red flag, since trap and trace orders are typically used to gather limited information about the phone numbers of incoming calls, not to track cell phones inside private spaces or conduct dragnet surveillance. And, such orders require a very low legal standard. As one federal magistrate judge has held, police should be permitted to use stingrays only after obtaining a probable cause warrant, if at all.

RED FLAG #2: The Sarasota Police set up an appointment for us to inspect the applications and orders, as required by Florida law. But a few hours before that appointment, an assistant city attorney sent an email cancelling the meeting on the basis that the U.S. Marshals Service was claiming the records as their own and instructing the local cops not to release them. Their explanation: the Marshals Service had deputized the local officer, and therefore the records were actually the property of the federal government.

[snip]

RED FLAG #3: Realizing we weren’t going to get hold of the Sarasota Police Department’s copies of the applications and orders anytime soon, we asked the county court if we could obtain copies from its files. Incredibly, the court said it had no copies. The court doesn’t even have docket entries indicating that applications were filed or orders issued. Apparently, the local detective came to court with a single paper copy of the application and proposed order, and then walked out with the same papers once signed by a judge.

Court rules — and the First Amendment — require judges to retain copies of judicial records and to make them available to the public, but the court (and the detective) completely flouted those requirements here.

Valentino-Devries notes that a lot of the records being kept secret also involve cell location.

In 2011, magistrate judges in California complained that investigators were applying for pen registers without explicitly saying they wanted to use sophisticated cellphone-location trackers, called “stingrays,” which can be used to locate suspects. Stingrays gather phone-number information, along with other data transmitted by cellphones, by acting as fake cellphone towers. The 1986 surveillance law doesn’t contemplate such technology.

Mr. Owsley, the former Texas magistrate judge, says he had similar concerns about applications for “cell-tower dumps,” in which agents can obtain records of all phones within range of specified cell towers over time—including people who aren’t suspected of a crime.

While we don’t yet know how many of the 9,000 requests the Marshals made in 2012 were for location data, the coincidence is mighty interesting.

The Marshals do have cause to search for suspects’ location. They claim they arrest over 300 wanted fugitives a day. That’s where stingrays would be particularly useful, as they would help to identify the location of a known suspect.

So how often are the Marshals using stingrays to do their work? And to what degree do they do so hiding behind even more obscure local pen register laws to do so?

Why Is DOJ Hiding Three Phone Dragnet Orders in Plain Sight?

The ACLU and EFF FOIAs for Section 215 documents are drawing to a head. Later this week, EFF will have a court hearing in their suit. And last Friday, the government renewed its bid for summary judgment in the ACLU case.

Both suits pivot on whether the government’s past withholdings on Section 215 were in good faith. Both NGOs are arguing they weren’t, and therefore the government’s current claims — that none of the remaining information may be released — cannot be treated in good faith. (Indeed, the government likely released the previously sealed NSA declaration to substantiate its claim that it had to treat all documents tying NSA to the phone dragnet with a Glomar because of the way NSA and DOJ respectively redact classification mark … or something like that.)

But the government insists it is operating in good faith.

Instead, the ACLU speculates, despite the government’s declarations to the contrary, that there must be some non-exempt information contained in these documents that could be segregated and released. In an attempt to avoid well-established law requiring courts to defer to the government’s declarations, especially in the area of national security, the ACLU accuses the government of bad faith and baldly asserts that the government’s past assertions regarding segregability—made before the government’s discretionary declassification of substantial amounts of information regarding its activities pursuant to Section 215— “strip the government’s present justifications of the deference due to them in ordinary FOIA cases.” ACLU Br. at 25. The ACLU’s allegations are utterly unfounded. For the reasons set forth below, the government’s justifications for withholding the remaining documents are “logical and plausible,”

EFF and ACLU have focused closely on a August 20, 2008 FISC order describing a method to conduct queries; I have argued it probably describes how NSA makes correlations to track correlations.

The government is refusing to identify 3 orders it has already identified

But — unless I am badly mistaken, or unless the government mistakenly believes it has turned over some of these orders, which is possible! — I think there are three other documents being withheld (ones the government hasn’t even formally disclosed to EFF, even while pretending they’ve disclosed everything to EFF) that raise questions about the government’s good faith even more readily: the three remaining phone dragnet Primary Orders from 2009. All three have been publicly identified, yet the government is pretending they haven’t been. They are:

BR 09-09, issued on July 8, 2009. Not only was this Primary Order identified in paragraph 3 of the next Primary Order, but it was discussed extensively in the government’s filing accompanying the end-to-end report. In addition, the non-approval of one providers’ metadata  (I increasingly suspect Sprint is the provider) for that period is reflected in paragraph 1(a) of that next Primary Order.

BR 09-15, issued on October 30, 2009. The docket number and date are both identified on the first page of this supplemental order.

BR 09-19, issued on December 16, 2009. It is mentioned in paragraph 3 of the next Primary Order. The docket number and the date are also referred to in the documents pertaining to Sprint’s challenge recently released. (See paragraph 1 and paragraph 5 for the date.)

Thus, the existence of all three Primary Orders has been declassified, even while the government maintains it can’t identify them in the context of the FOIAs where they’ve already been declassified.

The government has segregated a great deal of the content of BR 09-09

The government’s withholding of BR 09-09 is particularly ridiculous, given how extensively the end-to-end motion details it. From that document, we learn:

  • Pages 5-7 approve a new group for querying. (see footnote 2)
  • Pages 9-10 require those accessing the dragnet be briefed on minimization procedures tied to the dragnet (see PDF 22); this is likely the language that appears in paragraph G of the subsequent order. This specifically includes technical personnel. (see PDF 49)
  • Pages 10-11 require weekly reporting on disseminations. (see PDF 23) This is likely the information that appears in paragraph H in the subsequent order.
  • Page 12 affirmatively authorizes the data integrity search to find “certain non user specific numbers and [redacted] identifiers for purposes of metadata reduction and management” (see footnote 19 and PDF 55)
  • Page 8 and 13-14 lay out new oversight roles, especially for DOJ’s National Security Division (see PDF 22); these are likely the requirements laid out in paragraphs M through R in subsequent orders. Those same pages also require DOJ to share the details of NSD’s meeting with NSA in new FISC applications. (see PDF 23)
  • BR 09-09 included the same reporting requirements as laid out in BR 09-01 and BR 09-06 (see PDF 5)
  • Pages 16 -17 also included these new reporting requirements: (see PDFs 6 and 29 – 30)
    • a full explanation of why the government has permitted dissemination outside NSA of U.S. person information in violation of the Court’s Orders in this matter;
    • a full explanation of the extent to which NSA has acquired call detail records of foreign-to-foreign communications from [redacted] pursuant to orders of the FISC, and whether the NSA’s storage, handling, and dissemination of information in those records, or derived therefrom, complied with the Court’s orders; and
    • either (i) a certification that any overproduced information, as described in footnote 11 of the government’s application [i.e. credit card information), has been destroyed, and that any such information acquired pursuant to this Order is being destroyed upon recognition; or (ii) a full explanation as to why it is not possible or otherwise feasible to destroy such information.
  • BR 09-09 specifically mentioned that NSA had generally been disseminating BR FISA data according to USSID 18 and not the more restrictive dissemination provisions of the Court’s Orders. (see footnote 12)
  • BF 09-09 approved Chief, Information Sharing Services, the Senior Operations Officer, the Signals Intelligence
    Directorate (So) Director, the Deputy Director of NSA, and the Director of NSA to authorize US person disseminations. (see footnote 22 and PDF 28)

Significant parts of at least 13 pages of the Primary Order (the next Primary Order is 19 pages long) have already been deemed segregable and released. Yet the government now appears to be arguing, while claiming it is operating in good faith, that none of these items would be segregable if released with the order itself!

Wildarse speculation about why the government is withholding these orders

Which raises the question of why. Why did the government withhold these 3 orders, alone among all the known regular Primary Orders from the period of EFF and ACLU’s FOIAs? (See this page for a summary of the known orders and the changes implemented in each.)

The reason may not be the same for all three orders. BR 09-09 deals with two sensitive issues — the purging of credit card information and tech personnel access — that seem to have been resolved with that order (at least until the credit card problems returned in March 2011).

But there are two things that all three orders might have in common.

First, BR 09-09 deals closely with dissemination problems — the ability of CIA and FBI to access NSA results directly, and the unfettered sharing of information within NSA. BR 09-15 lays out new dissemination rules, with the supplement in November showing NSA to still be in violation. So it’s likely all 3 orders deal with dissemination violations (and therefore with poison fruit of inappropriate dissemination that may still be in the legal system), and that the government is hiding one of the more significant aspects of the dragnet violations by withholding those orders.

I also think it’s possible the later two (potentially all three, but more likely the later two) orders combine the phone and Internet dragnets. That’s largely because of timing: A June 22, 2009 order — the first one to deal with the dissemination problems formally addressed in BR 09-09 — dealt with both dragnets. There is evidence the Internet dragnet data got shut down (or severely restricted) on October 30, 2009, the date of BR 09-15. And according to the 2010 John Bates Internet dragnet opinion, NSA applied to restart the dragnet in late 2009 (so around the time of BR 09-19). So I think it possible the later orders, especially, deal with both programs,  thereby revealing details about the legal problems with PRTT the government would like to keep suppressed. (Note, if BR 09-15 and BR 09-19 are being withheld because they shut down Internet production, it would mean all three orders shut down some production, as BR 09-09 shut down one provider’s telephone production.)

Another possibility has to do with the co-mingling of EO 12333 and Section 215 data. These three orders all deal with the fact that providers (at least Verizon, but potentially the other two as well) had included foreign-to-foreign phone records along with the production of their domestic ones.That’s the reason production from one provider got shut down in BR 09-09. And immediately after the other withheld records, the Primary Orders always included a footnote on what to do with EO 12333 data turned over pursuant to BR FISA orders (see footnote 7 and footnote 10 for examples). Also, starting in March 2009, the Orders all contain language specifically addressing Verizon. So we know the FISC was struggling to come up with a solution for the fact that NSA had co-mingled data obtainable under EO 12333 and data the telecoms received PATRIOT Act orders from. (I suspect this is why Sprint insisted on legal cover, ultimately demanding the legal authorization of the program with the December order.) So it may be that all these orders reveal too much about the EO 12333 dragnet — and potential additional violations — to be released.

Whatever the reason, there is already so much data in the public domain, especially on BR 09-09, it’s hard to believe withholding it is entirely good faith.

USA Freedumber Will Not Get Better in the “Prosecutors” Committee

Having been badly outmaneuvered on USA Freedumber — what was sold as reform but is in my opinion an expansion of spying in several ways — in the House, civil liberties groups are promising a real fight in the Senate.

“This is going to be the fight of the summer,” vowed Gabe Rottman, legislative counsel with the American Civil Liberties Union.

If advocates are able to change the House bill’s language to prohibit NSA agents from collecting large quantities of data, “then that’s a win,” he added.

“The bill still is not ideal even with those changes, but that would be an improvement,” Rottman said.

[snip]

“We were of course very disappointed at the weakening of the bill,” said Robyn Greene, policy counsel at the New America Foundation’s Open Technology Institute. “Right now we really are turning our attention to the Senate to make sure that doesn’t happen again.”

[snip]

One factor working in the reformers’ favor is the strong support of Senate Judiciary Chairman Patrick Leahy (D-Vt.).

Unlike House Judiciary Chairman Bob Goodlatte (R-Va.), who only came to support the bill after negotiations to produce a manager’s amendment, Leahy was the lead Senate sponsor of the USA Freedom Act.

The fact that Leahy controls the committee gavel means he should be able to guide the bill through when it comes up for discussion next month, advocates said.

“The fact that he is the chairman and it’s his bill and this is an issue that he has been passionate about for many years” is comforting, Greene said.

I hope they prove me wrong. But claims this will get better in the Senate seem to ignore the recent history of the Senate Judiciary Committee’s involvement in surveillance bills, not to mention the likely vote counts.

It is true Pat Leahy wants real reform. And he has a few allies on SJC. But in recent years, every surveillance-related bill that came through SJC has been watered down when Dianne Feinstein offered an alternative (which Leahy sometimes adopted as a manager’s amendment, perhaps realizing he didn’t have the votes). After DiFi offered reform, Sheldon Whitehouse (who a number of less sophisticated SJC members look to as a guide on these issues) enthusiastically embraced it, and everyone fell into line. Often, a Republican comes in and offers a “bipartisan reform” (meaning conservative Republicans joining with the Deep State) that further guts the bill.

This is how the Administration (shacking up with Jeff Sessions) defeated an effort to rein in Section 215 and Pen Registers in 2009.

This is how DiFi defeated an effort to close the backdoor loophole in 2012.

As this was happening in 2009, Russ Feingold called out SJC for acting as if it were the “Prosecutors Committee,” rather than the Judiciary Committee.

(Note, in both of those cases as well as on the original passage of Section 702, I understood fairly clearly what the efforts to stymie reform would do, up to 4 years before those programs were publicly revealed; I’ve got a pretty good record on this front!)

And if you don’t believe this is going to happen again, tell me why this whip count is wrong:

Screen shot 2014-05-26 at 5.18.49 PM

If my read here is right, the best case scenario — short of convincing Sheldon Whitehouse some of what the government wants to do is unconstitutional, which John Bates has already ruled that it is – is relying on people like Ted Cruz (whose posturing on civil liberties is often no more than that) and Jeff Flake (who was great on these issues in the House but has been silent and absent throughout this entire debate). And that’s all to reach a 9-9 tie in SJC.

Which shouldn’t be surprising. Had Leahy had the votes to move USA Freedom Act through SJC, he would have done so in October.

That was the entire point of starting in the House: because there was such a large number of people (albeit, for the  most part without gavels) supporting real reform in the House. But because reformers (starting with John Conyers and Jerry Nadler) uncritically accepted a bad compromise and then let it be gutted, that leverage was squandered.

Right now, we’re looking at a bill that outsources an expanded phone dragnet to the telecoms (with some advantages and some drawbacks), but along the way resets other programs to what they were before the FISC reined them in from 2009 to 2011. That’s the starting point. With a vote count that leaves us susceptible to further corruption of the bill along the way.

Edward Snowden risked his freedom to try to rein in the dragnet, and instead, as of right now it looks like Congress will expand it.

Update: I’ve moved Richard Blumenthal into the “pro reform” category based on this statement after the passage of USA Freedumber. Thanks to Katherine Hawkins for alerting me to the statement.

No Protection for International Communications: Russ Feingold Told Us So

Both the ACLU’s Jameel Jaffer and EFF have reviews of the government’s latest claims about Section 702. In response to challenges by two defendants, Mohamed Osman Mohamud and Jamshid Muhtorov, to the use of 702-collected information, the government claims our international communications have no Fourth Amendment protection.

Here’s how Jaffer summarizes it:

It’s hardly surprising that the government believes the 2008 law is constitutional – government officials advocated for its passage six years ago, and they have been vigorously defending the law ever since. Documents made public over the last eleven-and-a-half months by the Guardian and others show that the NSA has been using the law aggressively.

What’s surprising – even remarkable – is what the government says on the way to its conclusion. It says, in essence, that the Constitution is utterly indifferent to the NSA’s large-scale surveillance of Americans’ international telephone calls and emails:

The privacy rights of US persons in international communications are significantly diminished, if not completely eliminated, when those communications have been transmitted to or obtained from non-US persons located outside the United States.

That phrase – “if not completely eliminated” – is unusually revealing. Think of it as the Justice Department’s twin to the NSA’s “collect it all”.

[snip]

In support of the law, the government contends that Americans who make phone calls or sends emails to people abroad have a diminished expectation of privacy because the people with whom they are communicating – non-Americans abroad, that is – are not protected by the Constitution.

The government also argues that Americans’ privacy rights are further diminished in this context because the NSA has a “paramount” interest in examining information that crosses international borders.

And, apparently contemplating a kind of race to the bottom in global privacy rights, the government even argues that Americans can’t reasonably expect that their international communications will be private from the NSA when the intelligence services of so many other countries – the government doesn’t name them – might be monitoring those communications, too.

The government’s argument is not simply that the NSA has broad authority to monitor Americans’ international communications. The US government is arguing that the NSA’s authority is unlimited in this respect. If the government is right, nothing in the Constitution bars the NSA from monitoring a phone call between a journalist in New York City and his source in London. For that matter, nothing bars the NSA from monitoring every call and email between Americans in the United States and their non-American friends, relatives, and colleagues overseas.

I tracked Feingold’s warnings about Section 702 closely in 2008. That’s where I first figured out the risk of what we now call back door searches, for example. But I thought his comment here was a bit alarmist.

As I’ve learned to never doubt Ron Wyden’s claims about surveillance, I long ago learned never to doubt Feingold’s.

 

The Verizon Publicity Stunt, Mosaic Theory, and Collective Fourth Amendment Rights

On Friday, I Con the Record revealed that a telecom — Ellen Nakashima confirms it was Verizon — asked the FISA Court to make sure its January 3 order authorizing the phone dragnet had considered Judge Richard Leon’s December 16 decision that it was unconstitutional. On March 20, Judge Rosemary Collyer issued an opinion upholding the program.

Rosemary Collyer’s plea for help

Ultimately, in an opinion that is less shitty than FISC’s previous attempts to make this argument, Collyer examines the US v. Jones decision at length and holds that Smith v. Maryland remains controlling, mostly because no majority has overturned it and SCOTUS has provided no real guidance as to how one might do so. (Her analysis raises some of the nuances I laid out here.)

The section of her opinion rejecting the “mosaic theory” that argues the cumulative effect of otherwise legal surveillance may constitute a search almost reads like a cry for help, for guidance in the face of the obvious fact that the dragnet is excessive and the precedent that says it remains legal.

A threshold question is which standard should govern; as discussed above, the court of appeals’ decision in Maynard and two concurrences in Jones suggest three different standards. See Kerr, “The Mosaic Theory of the Fourth Amendment,” 111 Mich. L. Rev. at 329. Another question is how to group Government actions in assessing whether the aggregate conduct constitutes a search.See id. For example, “[w]hich surveillance methods prompt a mosaic approach? Should courts group across surveillance methods? If so, how? Id. Still another question is how to analyze the reasonableness of mosaic searches, which “do not fit an obvious doctrinal box for determining reasonableness.” Id. Courts adopting a mosaic theory would also have to determine whether, and to what extent, the exclusionary rule applies: Does it “extend over all the mosaic or only the surveillance that crossed the line to trigger a search?”

[snip]

Any such overhaul of Fourth Amendment law is for the Supreme Court, rather than this Court, to initiate. While the concurring opinions in Jones may signal that some or even most of the Justices are ready to revisit certain settled Fourth Amendment principles, the decision in Jones itself breaks no new ground concerning the third-party disclosure doctrine generally or Smith specifically. The concurring opinions notwithstanding, Jones simply cannot be read as inviting the lower courts to rewrite Fourth Amendment law in this area.

As I read these passages, I imagined that Collyer was trying to do more than 1) point to how many problems overruling the dragnet would cause and 2) uphold the dignity of the rubber stamp FISC and its 36+ previous decisions the phone dragnet is legal.

There is reason to believe she knows what we don’t, at least not officially: that even within the scope of the phone dragnet, the dragnet is part of more comprehensive mosaic surveillance, because it correlates across platforms and identities. And all that’s before you consider how, once dumped into the corporate store and exposed to NSA’s “full range of analytic tradecraft,” innocent Americans might be fingerprinted to include our lifestyles.

That is, not only doesn’t Collyer see a way (because of legal boundary concerns about the dragnet generally, and possibly because of institutional concerns about FISC) to rule the dragnet illegal, but I suspect she sees the reverberations that such a ruling would have on the NSA’s larger project, which very much is about building mosaics of intelligence.

No wonder the government is keeping that August 20, 2008 opinion secret, if it indeed discusses the correlations function in the dragnet, because it may well affect whether the dragnet gets assessed as part of the mosaic NSA uses it as.

Verizon’s flaccid but public legal complaint

Now, you might think such language in Collyer’s opinion would invite Verizon to appeal this decision. But given this lukewarm effort, it seems unlikely to do so. Consider the following details:

Leon issued his decision December 16. Verizon did not ask the FISC for guidance (which makes sense because they are only permitted to challenge orders).

Verizon got a new Secondary Order after the January 3 reauthorization. It did not immediately challenge the order.

It only got around to doing so on January 22 (interestingly, a few days after ODNI exposed Verizon’s role in the phone dragnet a second time), and didn’t do several things — like asking for a hearing or challenging the legality of the dragnet under 50 USC 1861 as applied — that might reflect real concern about anything but the public appearance of legality. (Note, that timing is of particular interest, given that the very next day, on January 23, PCLOB would issue its report finding the dragnet did not adhere to Section 215 generally.)

Indeed, this challenge might not have generated a separate opinion if the government weren’t so boneheaded about secrecy.

Verizon’s petition is less a challenge of the program than an inquiry whether the FISC has considered Leon’s opinion.

It may well be the case that this Court, in issuing the January 3,2014 production order, has already considered and rejected the analysis contained in the Memorandum Order. [redacted] has not been provided with the Court’s underlying legal analysis, however, nor [redacted] been allowed access to such analysis previously, and the order [redacted] does not refer to any consideration given to Judge Leon’s Memorandum Opinion. In light of Judge Leon’s Opinion, it is appropriate [redacted] inquire directly of the Court into the legal basis for the January 3, 2014 production order,

As it turns out, Judge Thomas Hogan (who will take over the thankless presiding judge position from Reggie Walton next month) did consider Leon’s opinion in his January 3 order, as he noted in a footnote.

Screen Shot 2014-04-28 at 10.49.42 AM

And that’s about all the government said in its response to the petition (see paragraph 3): that Hogan considered it so the FISC should just affirm it.

Verizon didn’t know that Hogan had considered the opinion, of course, because it never gets Primary Orders (as it makes clear in its petition) and so is not permitted to know the legal logic behind the dragnet unless it asks nicely, which is all this amounted to at first.

Note that the government issued its response (as set by Collyer’s scheduling order) on February 12, the same day it released Hogan’s order and its own successful motion to amend it. So ultimately this headache arose, in part, because of the secrecy with which it treats even its most important corporate spying partners, which only learn about these legal arguments on the same schedule as the rest of us peons.

Yet in spite of the government’s effort to dismiss the issue by referencing Hogan’s footnote, Collyer said because Verizon submitted a petition, “the undersigned Judge must consider the issue anew.” Whether or not she was really required to or could have just pointed to the footnote that had been made public, I don’t know. But that is how we got this new opinion.

Finally, note that Collyer made the decision to unseal this opinion on her own. Just as interesting, while neither side objected to doing so, Verizon specifically suggested the opinion could be released with no redactions, meaning its name would appear unredacted.

The government contends that certain information in these Court records (most notably, Petitioner’s identity as the recipient of the challenged production order) is classified and should remain redacted in versions of the documents that are released to the public. See Gov’t Mem. at 1. Petitioner, on the other hand, “request[s] no redactions should the Court decide to unseal and publish the specified documents.” Pet. Mem. at 5. Petitioner states that its petition “is based entirely on an assessment of [its] own equities” and not on “the potential national security effects of publication,” which it “is in no position to evaluate.” Id.

I’ll return to this. But understand that Verizon wanted this opinion — as well as its own request for it — public.

Continue reading

1 2 3 13

Emptywheel Twitterverse
bmaz Whatever happened to @JasonLeopold is he still a thing? http://t.co/eoMQ6BY6VK
1hreplyretweetfavorite
bmaz @trog69 @JimWhiteGNV ...But I will rehab and restore them some day.
2hreplyretweetfavorite
bmaz @trog69 @JimWhiteGNV I currently listen to B&W wall monitors with Polk Audio Towers and a Klipsch Subwoofer. I miss my horn loaded bins.
2hreplyretweetfavorite
bmaz @walterwkatz Even though it was probably Hendrix, an Yank, that really made Marshall (along with Jimmy Page+Ritchie Blackmore) popular.
2hreplyretweetfavorite
bmaz @walterwkatz Maybe! The first real hard power and stacked amps that went popular were Marshalls, and Jim Marshall was a Brit.
2hreplyretweetfavorite
bmaz @trog69 @JimWhiteGNV I play lot of actual albums I have. But am sadly constrained by that which is really easy to find without looking hard.
2hreplyretweetfavorite
JimWhiteGNV @robertcaruso Imagine getting only about five info-filled tweets a day. Only upside is that they were read to you by Dan Rather.
3hreplyretweetfavorite
bmaz @trog69 @JimWhiteGNV Hey, that ain't bad blues.
3hreplyretweetfavorite
bmaz I miss Cathedral Canyon and Bridge Canyon (Rainbow Bridge) at Lake Powell on houseboat this time of year http://t.co/hfnSQfeHhN
3hreplyretweetfavorite
bmaz Damn, I love big tube amps and horn loaded concert monitor speakers. This shit is what makes America grand.
3hreplyretweetfavorite
bmaz .@JimWhiteGNV For the neighbors (cause i love them so) now spinning on the 'ole 33---> Santana Abraxas and Black Magic Woman
4hreplyretweetfavorite
August 2014
S M T W T F S
« Jul    
 12
3456789
10111213141516
17181920212223
24252627282930
31