EFF

1 2 3 5

The Last Time NSA Submitted Secret Authorities, It Was Actively Hiding Illegal Wiretapping

Via Mike Masnick, I see that in addition to submitting a new state secrets declaration and a filing claiming EFF’s clients in Jewel v. NSA don’t have standing, the government also submitted a secret supplemental brief on its statement of authorities, which EFF has challenged.

The secret supplemental brief is interesting given the government’s outrageous state secrets claim in the lawsuit against United Against a Nuclear Iran, in which it refuses to explain why it must protect the intelligence sources and methods of an allegedly independent NGO. It seems the government’s state secrets claims are getting even more outrageous than they already were.

That’s particularly interesting given what appears to be the outlines of a claim that if the court recognizes Jewel’s standing, then all hell will break loose.

Due to the failings of Plaintiffs’ evidence described above, the Court need not consider the impact of the state secrets privilege on the standing issue. However, if the Court were to find Plaintiffs’ declarations admissible and sufficiently probative of Plaintiffs’ standing to raise a genuine issue meriting further inquiry (which it should not), adjudication f the standing issue could not proceed without risking exceptionally grave damage to national security (a threshold issue on which the Court requested briefing). That is so because operational details of Upstream collection that are subject to the DNI’s assertion of the state secrets privilege in this case are necessary to address Plaintiffs’ theory of standing. The Government presented this evidence to the Court in the DNI’s and NSA’s classified declarations of December 20, 2013, and supplements it with the Classified Declaration of Miriam P., NSA, submitted in camera, ex parte, herewith. Disclosure of this evidence would risk informing our Nation’s adversaries of the operational details of the NSA’s Upstream collection, including the identities of electronic-communications-service providers assisting with Upstream collection.

Behind these claims of grave harm are the reality that if US persons started to get standing under the dragnet, then under John Bates’ rules (in which illegal wiretapping is only illegal if the government knows US persons are targeted), the entire program would become illegal. So I suspect the government is ultimately arguing that Jewel can’t have standing because it would make the entire program illegal (which is sort of the point!).

But the biggest reason I’m intrigued by the government’s sneaky filing is because of what happened the last time it submitted such a sneaky filing.

I laid out in this post how a state secrets filing submitted in EFF’s related Shubert lawsuit by Keith Alexander on October 30, 2009 demonstrably lied. Go back and read it–it’s a good one. A lot of what I show involves Alexander downplaying the extent of the phone dragnet problems.

But we now know more about how much more Alexander was downplaying in that declaration.

As I show in this working thread, it is virtually certain that on September 30, 2009, Reggie Walton signed this order, effectively shutting down the Internet dragnet (I’m just now noticing that ODNI did not — as it has with the other FISC dragnet orders — release a copy with the timestamp that goes on all of these orders, which means we can’t determine what time of the day this was signed). Some time in the weeks before October 30, DOJ had submitted this notice, admitting that NSA had been violating the limits on “metadata” collection from the very start, effectively meaning it had been collecting content in the US for 5 years.

Precisely the kind of illegal dragnet Virginia Shubert was suing the government to prevent.

Mind you, there are hints of NSA’s Internet dragnet violations in Alexander’s declaration. In ¶59, Alexander says of the dragnet, “The FISC Telephone Business Records Order was most recently reauthorized on September 3, 2009, with authority continuing until October 30, 2009″ (Walton signed the October 30, 2009 phone dragnet order around 2:30 ET, which would be 11:30 in NDCA where this declaration was filed). In ¶58, he says, “The FISC Pen Register Order was most recently reauthorized on [redacted], 2009, and requires continued assistance by the providers through [redacted] 2009″ (this is a longer redaction than October 30 would take up, so it may reflect the 5PM shutdown Walton had imposed). So it may be that one of the redacted passages in Alexander’s declaration admitted that FISC had ordered the Internet dragnet shut down.

In addition, footnote 24 is quite long (note it carries onto a second page); particularly given that the tense used to describe the dragnets in the referenced paragraph differ (the Internet dragnet is in the past tense, the phone dragnet is in the present tense), it is possible Alexander admitted to both the compliance violation and that NSA had “voluntarily” stopped querying the dragnet data.

Further, in his later discussions, he refers to this data as “non-content metadata” and “records about communication transactions,” which may reflect a tacit (or prior) acknowledgment that the NSA had been collecting more than what, to the telecoms who were providing it, was legally metadata, or, if you will, was in fact “content as metadata.”

To the extent that the plaintiffs “dragnet” allegations also implicate other NSA activities, such as the bulk collection of non-content communications meta data or the collection of communications records, see, e.g., Amended Compl ¶58, addressing their assertions would require disclosure of NSA sources and methods that would cause exceptionally grave harm to national security.

[snip]

Accordingly, adjudication of plaintiffs’ allegations concerning the collection of non-content meta data and records about communication transactions would risk or require disclosure of critical NSA sources and methods for [redacted] contacts of terrorist communications as well as the existence of current NSA activities under FISC Orders. Despite media speculation about those activities, official confirmation and disclosure of the NSA’s bulk collection and targeted analysis of telephony meta data would confirm to all of our foreign adversaries [redacted] the existence of these critical intelligence capabilities and thereby severely undermine NSA’s ability to gather information concerning terrorist connections and cause exceptionally grave harm to national security.

So it seems that Alexander provided some glimpse to Vaughn Walker of the troubles with the Internet dragnet program. So when after several long paragraphs describing the phone dragnet problems (making no mention even of the related Internet dragnet ones), Alexander promised to work with the FISC on the phone dragnet “and other compliance issues,” he likely invoked an earlier reference to the far more egregious Internet dragnet ones.

NSA is committed to working with the FISC on this and other compliance issues to ensure that this vital intelligence tool works appropriately and effectively. For purposes of this litigation, and the privilege assertions now made by the DNI and by the NSA, the intelligence sources and methods described herein remain highly classified and the disclosure that [redacted] would compromise vital NSA sources and methods and result in exceptionally grave harm to national security.

I find it tremendously telling how closely Alexander ties the violations themselves to the state secrets invocation.

The thing is, at this point in the litigation, the only honest thing to submit would have been a declaration stating, “Judge Walker? It turns out we’ve just alerted the FISC that we’ve been doing precisely what the plaintiffs in this case have accused of us — we’ve been doing it, in fact, for 5 years.” An honest declaration would have amounted to concession of the suit.

But it didn’t.

And that state secrets declaration, like the one the government submitted at the end of September, was accompanied by a secret statement of authorities, a document that (unless I’m mistaken) is among the very few that the government hasn’t released to EFF.

Which is why I find it so interesting that the government is now, specifically with reference to upstream collection, following the same approach.

Do these secret statements of authority basically say, “We admit it, judge, we’ve been violating the law in precisely the way the plaintiffs claim we have. But you have to bury that fact behind state secrets privilege, because our dragnets are more important than the Fourth Amendment”? Or do they claim they’re doing this illegal dragnettery under EO 12333 so the court can’t stop them?

If so, I can see why the government would want to keep them secret.

Update: I originally got the name of Shubert wrong. Virginia Shubert is the plaintiff.

USA Gag Freedom Act

As you likely know, there have been two developments with NSLs in the last few days. First, Twitter sued DOJ, on First Amendment grounds, to be able to publish how many NSLs and FISA orders it has received. And EFF argued before the 9th Circuit that the entire NSL statute should be declared unconstitutional.

These developments intersect with the USA Freedom Act in an interesting way. In the 9th Circuit, the Court (I believe this is Mary Murguia based on tweets from lawyers who were there, but am not certain) asked why Congress hasn’t just fixed the Constitutional problems identified in Doe v. Mukasey with NSL gag orders.

That set off DOJ Appellate lawyer Douglas Letter hemming and hawing in rather unspecific language (my transcription).

Mary Murguia: Have any measures been taken to Congress to try to change that reciprocal notice procedure, to make it legal as the 2nd Circuit suggested?

Douglas Letter: Your honor, my understanding is, and I’m a little hesitant to talk about this in this sense, as we know proposals can be made to Congress and who knows what will happen? The government is working on some, a, is working with Congressional staffers etcetera, we would hope that at some point we would have legislation. We do not as this point. I’m not, I’m not going to here make any predictions whether anything passes.

What Letter was talking about — bizarrely without mentioning it — was a provision addressing the unconstitutional NSL gags in USA Freedom Act.

The provision fixes one part of the NSLs by putting the onus on FBI to review every year whether gags must remain in place.

(3) TERMINATION.—

(A) IN GENERAL.—In the case of any request under subsection (b) for which a recipient has submitted a notification to the Government under section 3511(b)(1)(A) or filed a petition for judicial review under subsection (d)—

(i) an appropriate official of the Federal Bureau of Investigation shall, until termination of the nondisclosure requirement, review the facts supporting a nondisclosure requirement annually and upon closure of the investigation; and

(ii) if, upon a review under clause (i), the facts no longer support the nondisclosure requirement, an appropriate official of the Federal Bureau of Investigation shall promptly notify the wire or electronic service provider, or officer, employee, or agent thereof, subject to the nondisclosure requirement, and the court as appropriate, that the nondisclosure requirement is no longer in effect.

This would fix the problem identified by the 2nd Circuit.

Except that, bizarrely, it would require FBI to do what Letter represented to the Court FBI could not do — review the gags every year. Presumably, they assume so few providers will challenge the gag that they’ll be able to manage those few yearly reviews that would be required.

Which might be what this language is about.

(B) CLOSURE OF INVESTIGATION.—Upon closure of the investigation—

(i) the Federal Bureau of Investigation may petition the court before which a notification or petition for judicial review under subsection (d) has been filed for a determination that disclosure may result in the harm described in clause (i), (ii), (iii), or (iv) of paragraph (1)(B), if it notifies the recipient of such petition;

(ii) the court shall review such a petition pursuant to the procedures under section 3511; and

(iii) if the court determines that there is reason to believe that disclosure may result in the harm described in clause (i), (ii), (iii), or (iv) of paragraph (1)(B), the Federal Bureau of Investigation shall no longer be required to conduct the annual review of the facts supporting the nondisclosure requirement under subparagraph (A).

That is, in addition to fixing the constitutional problem with NSLs, USAF provides FBI way out of the supposedly onerous problem that fix requires, by establishing a way to get a permanent gag.

The NSL provisions in USAF have not gone totally unnoticed. Perhaps appropriately, one of the few public comments on it came from the EFF. It lumps it in with FBI’s exemption from reporting back door searches.

The FBI is exempt from Section 702 reporting, and the bill appears to provide a path for the FBI to get permanent gag orders in connection with national security letters.

And bill champion Kevin Bankston is acutely aware of the dynamic as well; after Twitter announced his suit he suggested this was a good reason to pass USAF.

Bankston NSL

 

Me, I’d rather let the courts work and get the leverage we might get that way.

Especially since it seems like FBI is more able to review yearly gag renewals that Letter told the court.

 

Did Anthony Coppolino Fib about NSA’s New Architecture?

On Tuesday, EFF told the tale of yet another government freak-out over purportedly classified information. The DOJ lawyer litigating their multiple dragnet challenges, Anthony Coppolino, accidentally uttered classified information in a hearing in June. So the government tried to take the classified information out of the transcript without admitting they did so. After Judge Jeffrey White let EFF have a say about all this, the government ultimately decided the information wasn’t classified after all. So the Court finally released the transcript.

My wildarseguess is that this is the passage in question:

Judge Bates never ultimately held that the acquisition violated the Constitution. The problem in that case was the minimization procedures were not sufficient to protect the Fourth Amendment interests of the people of the United States.

And so he ordered that they be changed, and they were changed. And he approved them. And in addition, in the process of not only approving the minimization procedures, NSA implemented new system architecture that did a better job at assuring that those communications were minimized and ultimately destroyed, which is the goal here. It’s part of the statutory framework not to collect on U.S. citizens and when you’ve incidentally done it, destroy it. [my emphasis]

According to the John Bates opinions relating to this incident, the NSA implemented a new system of ingesting this data, marking it, checking it before it gets moved into the general repository of data, and purging it if it includes entirely domestic commuincations. But does that count as new architecture? I’m not sure.

Meanwhile, the NSA has been upgrading their architecture. We learned that (among other places) in the most recent Theresa Shea declaration on NSA systems in EFF’s Jewel case. It doesn’t mention new architecture pertaining to  upstream  702, though she does discuss a more general architecture upgrade and how it affects Section 215 specifically.

Then there’s this language, addressing the NSA’s inability to filter US person data reliably, from PCLOB.

The NSA’s acquisition of MCTs is a function of the collection devices it has designed. Based on government representations, the FISC has stated that the “NSA’s upstream Internet collection devices are generally incapable of distinguishing between transactions containing only a single discrete communication to, from, or about a tasked selector and transactions containing multiple discrete communications, not all of which are to, from, or about a tasked selector.”155 While some distinction between SCTs and MCTs can be made with respect to some communications in conducting acquisition, the government has not been able to design a filter that would acquire only the single discrete communications within transactions that contain a Section 702 selector. This is due to the constant changes in the protocols used by Internet service providers and the services provided.156 If time were frozen and the NSA built the perfect filter to acquire only single, discrete communications, that filter would be out-of-date as soon as time was restarted and a protocol changed, a new service or function was offered, or a user changed his or her settings to interact with the Internet in a different way. Conducting upstream Internet acquisition will therefore continue to result in the acquisition of some communications that are unrelated to the intended targets.

The fact that the NSA acquires Internet communications through the acquisition of Internet transactions, be they SCTs or MCTs, has implications for the technical measures, such as IP filters, that the NSA employs to prevent the intentional acquisition of wholly domestic communications. With respect to SCTs, wholly domestic communications that are routed via a foreign server for any reason are susceptible to Section 702 acquisition if the SCT contains a Section 702 tasked selector.157 With respect to MCTs, wholly domestic communications also may be embedded within Internet transactions that also contain foreign communications with a Section 702 target. The NSA’s technical means for filtering domestic communications cannot currently discover and prevent the acquisition of such MCTs.158 

The footnotes in this section all cite to John Bates’ 2011 opinion (including, probably, some language that remains redacted in the public copy, such as on page 47). So we might presume it is out of date.  Except that PCLOB has done independent work on these issues and the end of the first paragraph includes language not sourced at all.

That is, PCLOB seems to think there remain technical problems with sorting out US person data, the filtering problem cannot be solved. (Which makes the ridiculous John Bates more skeptical on this point than PCLOB.)

So do the data segregation techniques implemented in 2011 amount to new architecture? Does the larger architecture upgrade going on going to affect upstream collection in some more meaningful fashion?

I don’t know. One other reason I think this might be the language is because Coppolino was — as he frequently does — running his mouth. Bates did rule the US person data collected before 2011 violated the Fourth Amendment, even if the task before him was solely to judge whether the minimization procedures before him did. More importantly, Bates was quite clear that this US person collection was intentional, not incidental.

So Coppolino was making claims about one of the practices (the PRTT collection is another) that is most likely to help EFF win their suit, upstream collection, which actually does entail domestic wiretapping of US person content. He made a claim that suggested — with the fancy word “architecture” — that NSA had made technical fixes. But PCLOB, at least, doesn’t believe they’ve gotten to the real issue.

Who knows? It’s just a guess. What’s not a guess is that Coppolino seems to recognize upstream 702 presents a real problem in this suit.

Did ACLU and EFF Just Help the NSA Get Inside Your Smart Phone?

EFF ACLUThe ACLU and EFF normally do great work defending the Fourth Amendment. Both have fought the government’s expansive spying for years. Both have fought hard to require the government obtain a warrant before accessing your computer, cell phone, and location data.

But earlier this week, they may have taken action that directly undermines that good work.

On Wednesday, both civil liberties organizations joined in a letter supporting Patrick Leahy’s version of USA Freedom Act, calling it a necessary first step.

We support S. 2685 as an important first step toward necessary comprehensive surveillance reform. We urge the Senate and the House to pass it quickly, and without
making any amendments that would weaken the important changes described above.

ACLU’s Laura Murphy explained why ACLU signed onto the bill in a column at Politico, analogizing it to when, in 2010, ACLU signed onto a bill that lowered, but did not eliminate,  disparities in crack sentencing.

Reform advocates were at a crossroads. Maximalists urged opposition despite the fact the bill would, in a very real way, make life better for thousands of people and begin to reduce the severe racial and ethnic inequality in our prison system. Pragmatists, fearing that opposition to the bill would preclude any reform at all, urged support.

It was a painful compromise, but the ACLU ultimately supported the bill. It passed, astoundingly, with overwhelming support in both chambers.

And then something amazing happened. Conservative lawmakers, concerned about government waste, increasingly came to the table to support criminal justice reform. Liberals realized they could vote their conscience on criminal justice without accusations of being “soft on crime.” It has not been easy and there have been many steps backward, but in recent years, we’ve seen greater public opposition to mandatory minimum sentences and real movement on things like reducing penalties for low-level drug offenses.

The analogy is inapt. You don’t end crack disparities by increasing the number of coke dealers in jail. But Leahy’s USA Freedom Act almost certainly will increase the number of totally innocent Americans who will be subjected to the full brunt of NSA’s analytical authorities indefinitely.

That’s because by outsourcing to telecoms, NSA will actually increase the total percentage of Americans’ telephone records that get chained on; sources say it will be more “comprehensive” than the current dragnet and Deputy NSA Director Richard Ledgett agrees the “the actual universe of potential calls that could be queried against is [potentially] dramatically larger.” In addition, the telecoms are unlikely to be able to remove all the noisy numbers like pizza joints — as NSA currently claims to – meaning more people with completely accidental phone ties to suspects will get sucked in. And USA Freedom adopts a standard for data retention — foreign intelligence purpose — that has proven meaningless in the past, so once a person’s phone number gets turned over to the NSA, they’ll be fair game for further NSA spying, the really invasive stuff, indefinitely.

But that’s not the reason I find ACLU and EFF’s early support for USA Freedom so astounding.

I’m shocked ACLU and EFF are supporting this bill because they don’t know what the NSA will be permitted to do at the immunized telecoms. They have blindly signed onto a bill permitting “connection chaining” without first understanding what connection chaining entails.

As I have reported extensively, while every witness who has talked about the phone dragnet has talked about chaining on phone calls made — all the calls Anwar al-Awlaki made, all the calls those people made — the language describing this chaining process has actually been evolving. Dianne Feinstein’s Fake FISA Fix last fall allowed the NSA to chain on actual calls — as witnesses had described — but also on communications (not just calls) “to or from any selector reasonably linked to the selector.” A February modification and the last two dragnet orders permitted NSA to chain on identifiers “with a contact and/or connection” with the seed, making it clear that a “connection” is something different than a “contact.” The House bill USA Freedumber adopted the same language in a legislative report. Leahy’s bill adopts largely the same language for chaining.

(iii) provide that the Government may require the prompt production of call detail records—

(I) using the specific selection term that satisfies the standard required under subsection (b)(2)(C)(ii) as the basis for production; and

(II) using call detail records with a direct connection to such specific selection term as the basis for production of a second set of call detail records;

Now, it’s possible that this language does nothing more than what NSA illegally did until 2009: chain on both the identifier itself, but also on identifiers it has determined to be the same person. Back in 2009, NSA referred to a separate database to determine these other identifiers. Though that’s unlikely, because the bill language suggests the telecoms will be identifying these direct connections.

It’s possible, too, that this language only permits the telecoms to find “burner” phones — a new phone someone adopts after having disposed of an earlier one — and chain on that too.

But it’s also possible that this language would permit precisely what AT&T does for DEA in its directly analogous Hemisphere program: conduct analysis using cell site data. The bill does not permit NSA to receive cell site data, but it does nothing to prohibit NSA from receiving phone numbers identified using cell site data. When Mark Warner asked about this, Ledgett did not answer, and James Cole admitted they could use these orders (with FISC approval) to get access to cell location.

It’s possible, too, that the telecoms will identify direct connections using other data we know NSA uses to identify connections in EO 12333 data, including phone book and calendar data.

The point is, nobody in the public knows what “connections” NSA will be asking its immunized telecom partners to make. And nothing in the bill or even the public record prohibits NSA from asking telecoms to use a range of smart phone information to conduct their analysis, so long as they only give NSA phone identifiers as a result.

In response to questions from Senators about what this means, Leahy’s office promised a letter from James Clapper’s office clarifying what “connections” means (No, I don’t remember the part of Schoolhouse Rock where those regulated by laws get to provide “clarifications” that don’t make it into the laws themselves). That letter was reported to be due on Tuesday, by close of business — several days ago. It hasn’t appeared yet.

I asked people at both EFF and ACLU about this problem. EFF admitted they don’t know what this language means. ACLU calls the language “ambiguous,” but based on nothing they were able to convey to me, insists getting smart phone data under the guise of connection chaining would be an abuse. ACLU also pointed to transparency provisions in the bill, claiming that would alert us if the NSA starting doing something funky with its connection language; that of course ignores that “connection chaining” is an already-approved process, meaning that existing processes won’t ever be need to be released. It also ignores that the Administration has withheld what is probably a directly relevant phone dragnet opinion from both ACLU and EFF in their dragnet FOIA.

I get Laura Murphy’s point about using USA Freedom to start the process of reform. But what I don’t understand is why you’d do that having absolutely no idea whether that “reform” codifies the kind of warrantless probable cause-free access to device data that ACLU and EFF have fought so hard to prevent elsewhere.

ACLU and EFF are supposed to be leaders in protecting the privacy of our devices, including smart phones. I worry with their embrace of this bill, they’re leading NSA right into our smart phones.

All These Muslim Organizations Have Probably Been Associationally Mapped

The Intercept has published their long-awaited story profiling a number of Muslim-American leaders who have been targeted by the FBI and NSA. It shows that:

  • American Muslim Council consultant Faisal Gill was surveilled from April 17, 2006 to February 8, 2008
  • al-Haramain lawyer Asim Ghafoor was surveilled under FISA (after having been surveilled illegally) starting March 9, 2005; that surveillance was sustained past March 27, 2008
  • American Muslim Alliance founder Agha Saeed was surveilled starting June 27, 2007; that surveillance was sustained past May 23, 2008
  • CAIR founder Nihad Awad was surveilled from July 17, 2006 to February 1, 2008
  • American Iranian Council founder Hooshang Amirahmadi was surveilled from August 17, 2006 to May 16, 2008

In other words, the leaders of a number of different Muslim civil society organizations were wiretapped for years under a program that should require a judge agreeing they represent agents of a foreign power.

But they probably weren’t just wiretapped. They probably were also used as seeds for the phone and Internet dragnets, resulting in the associational mapping of their organizations’ entire structure.

On August 18, 2006, the phone dragnet primary order added language deeming “telephone numbers that are currently the subject of FISA authorized electronic surveillance … approved for meta data querying without approval of an NSA official due to the FISA authorization.”

Given the way the phone and Internet dragnet programs parallel each other (and indeed, intersect in federated queries starting at least by 2008), a similar authorization was almost certainly included in the Internet dragnet at least by 2006.

That means as soon as these men were approved for surveillance by FISA, the NSA also had the authority to run 3-degree contact chaining on their email and phone numbers. All their contacts, all their contacts’ contacts, and all their contacts’ contacts’ contacts would have been collected and dumped into the corporate store for further NSA analysis.

Not only that, but all these men were surveilled during the period (which continued until 2009) when the NSA was running automated queries on people and their contacts, to track day-to-day communications of RAS-approved identifiers.

So it is probably reasonable to assume that, at least for the period during which these men were under FISA-authorized surveillance, the NSA has an associational map of their organizations and their affiliates.

Which is why I find it interesting that DOJ refused to comment on this story, but told other reporters that FBI had never had a FISA warrant for CAIR founder Nihad Awad specifically.

The Justice Department did not respond to repeated requests for comment on this story, or for clarification about why the five men’s email addresses appear on the list. But in the weeks before the story was published, The Intercept learned that officials from the department were reaching out to Muslim-American leaders across the country to warn them that the piece would contain errors and misrepresentations, even though it had not yet been written.

Prior to publication, current and former government officials who knew about the story in advance also told another news outlet that no FISA warrant had been obtained against Awad during the period cited. When The Intercept delayed publication to investigate further, the NSA and the Office of the Director of National Intelligence refused to confirm or deny the claim, or to address why any of the men’s names appear on the FISA spreadsheet.

Awad’s organization, CAIR, is a named plaintiff in the EFF’s suit challenging the phone dragnet. They are suing about the constitutionality of a program that — the EFF suit also happens to allege — illegally mapped out associational relations that should be protected by the Constitution.

CAIR now has very good reason to believe their allegations in the suit — that all their relationships have been mapped — are absolutely correct.

Update: EFF released this statement on the Intercept story, reading, in part,

Surveillance based on First Amendment-protected activity was a stain on our nation then and continues to be today. These disclosures yet again demonstrate the need for ongoing public attention to the government’s activities to ensure that its surveillance stays within the bounds of law and the Constitution. And they once again demonstrate the need for immediate and comprehensive surveillance law reform.

We look forward to continuing to represent CAIR in fighting for its rights, as well as the rights of all citizens, to be free from unconstitutional government surveillance.

EFF represents CAIR Foundation and two of its regional affiliates, CAIR-California and CAIR-Ohio, in a case challenging the NSA’s mass collection of Americans’ call records. More information about that case is available at: First Unitarian Church of Los Angeles v. NSA.

Center for Democracy and Technology’s James Dempsey on “the Wall,” Then and Now

Remember “the wall” that used to separate intelligence from criminal investigations and was used as an excuse for intelligence agencies not sharing intelligence they were permitted to share before 9/11?

It was demolished in 2001 — when the PATRIOT Act explicitly permitted what had been permitted before, sharing of intelligence information with the FBI – and 2002 — when the FISA Court of Review overruled presiding FISA Judge Royce Lamberth’s efforts to sustain some Fourth Amendment protections in criminal investigations using minimization procedures.

Nevertheless, the specter of a wall that didn’t prevent the Intelligence Committee from discovering 9/11 rising again is one of the things lying behind PCLOB’s weak recommendations on back door searches in its report on Section 702.

Of particular note, that’s what the Center for Democracy and Technology’s James Dempsey cites in his squishy middle ground recommendation on back door searches.

It is imperative not to re-erect the wall limiting discovery and use of information vital to the national security, and nothing in the Board’s recommendations would do so. The constitutionality of the Section 702 program is based on the premise that there are limits on the retention, use and dissemination of the communications of U.S. persons collected under the program. The proper mix of limitations that would keep the program within constitutional bounds and acceptable to the American public may vary from agency to agency and under different circumstances. The discussion of queries and uses at the FBI in this Report is based on our understanding of current practices associated with the FBI’s receipt and use of Section 702 data. The evolution of those practices may merit a different balancing. For now, the use or dissemination of Section 702 data by the FBI for non-national security matters is apparently largely, if not entirely, hypothetical. The possibility, however, should be addressed before the question arises in a moment of perceived urgency. Any number of possible structures would provide heightened protection of U.S. persons consistent with the imperative to discover and use critical national security information already in the hands of the government.546 

546 See Presidential Policy Directive — Signals Intelligence Activities, Policy Directive 28, 2014 WL 187435, § 2, (Jan. 17, 2014) (limiting the use of signals intelligence collected in bulk to certain enumerated purposes), available at http://www.whitehouse.gov/the-press-office/2014/01/17/presidential-policy-directive-signals-intelligence-activities.  [my emphasis]

Dempsey situates his comments in the context of the “wall.” He then suggests there are two possible uses of back door searches: “national security matters,” and non-national security matters, with the latter being entirely hypothetical, according to what the FBI self-reported to PCLOB.

Thus, he’s mostly thinking in terms of “possible structures [that] would provide heightened protection of US. persons,” to stave off future problems. He points to President Obama’s PPD-28 as one possibility as a model.

But PPD-28 is laughably inapt! Not only does the passage in question address “bulk collection,” which according to the definition Obama uses and PCLOB has adopted has nothing to do with Section 702. “[T]he Board does not regard Section 702 as a ‘bulk’ collection program,” PCLOB wrote at multiple points in its report.

More troubling, the passage in PPD-28 Dempsey cites permits bulk collection for the following uses:

(1) espionage and other threats and activities directed by foreign powers or their intelligence services against the United States and its interests;

(2) threats to the United States and its interests from terrorism;

(3) threats to the United States and its interests from the development, possession, proliferation, or use of weapons of mass destruction;

(4) cybersecurity threats;

(5) threats to U.S. or allied Armed Forces or other U.S or allied personnel;

(6) transnational criminal threats, including illicit finance and sanctions evasion related to the other purposes named in this section;

Ultimately, this represents — or should — an expansion of permissible use of Section 702 data, because its discussion of  terrorism and cybersecurity do not distinguish between those with an international nexus and those without. And the discussion of transnational crime might subject any petty drug dealer selling dope from Mexico to foreign intelligence treatment.

That this is what passes for the mushy middle on PCLOB is especially curious given that Dempsey was one of the first PCLOB member to express concern about back door searches. He did so in November’s Section 215 hearing, and even suggested limiting back door searches to foreign intelligence purposes (which is not the standard for FBI, in any case) was inadequate. Nevertheless, in last week’s report, he backed only very weak protections for back door searches, and did so within the context of national security versus non-national security, and not intelligence versus crime.

Now, I don’t mean to pick on Dempsey exclusively — I’ll have a few more posts on this issue. And to be clear, Dempsey does not represent CDT at PCLOB; he’s there in his private capacity.

But I raised his affiliation with CDT because in that capacity, Dempsey was part of an amicus brief, along with representatives from ACLU, Center for National Security Studies, EPIC, and EFF, submitted in the In Re Sealed Case in 2002, in which the FISA Court of Review reversed Lamberth and permitted prosecutor involvement in FISA warrants. That brief strongly rebuts the kind of argument he adopted in last week’s PCLOB report.

Continue reading

Judge Will Review DOJ’s Withholding of More Section 215 Orders

Citing the significant public interest and past overclassification, the judge in EFF’s side of the Section 215 FOIA has ordered DOJ to cough up 5 (actually, I believe it is 6) orders, so she can review them in camera to see whether the government should release them.

The orders — with my speculation about what they are — are:

FISC opinion dated 8/20/2008 (6 pages)

I wrote about this opinion here. Two days before the order, the government submitted information on how it correlates different phone selectors for further chaining, which leads me to believe that’s the topic of the opinion. The government doesn’t want to release it because it is still using this “method,” which leads me to believe it would offer some insight on what it means that the automatic queries approved in 2012 and the connection-based chaining envisioned under the reformed program.

(2) FISC order dated 10/31/2006 (19 pages);

I believe this is actually two orders, one of 15 and one of 4 pages. If these pertain to the phone dragnet, one might pertain to compensation, another might either deal with violations the program was already experiencing (the next primary order imposed new regular reviews).

But it’s just as likely that these orders approve bulk collection for something else — perhaps financial records, for example.

(5) FISC orders dated 12/16/2005 (16 pages)
(3) FISC orders dated 2/17/2006 (17 pages)
(4) FISC orders dated 2/24/2006 (8 pages)

Given the timing (I’ve retained Judge Yvonne Gonzales Rogers’ numbering but adjusted order to match timing), I suspect these deal with the illegal wiretapping program. After all the first of these three orders was approved the day after the program was disclosed, during the period when PATRIOT Authority was extended after an true extension was filibustered.

Mind you, these are not supposed to deal with bulk collection. It may be they dealt with extending existing programs, providing feedback about what would not be acceptable bulk collection, or simply smaller orders affecting the most important part of the production.

As a reminder, there are 3 other known dragnet orders — from during the period when FISC was working through the violations in 2009 — the government didn’t even disclose to EFF. I wrote about those here.

DOJ’s Idea of an Appropriate Passive-Aggressive Response to Accusations They Destroyed Evidence: Destroy More Evidence

On Friday May 30, as I reported, EFF filed a motion accusing the government of destroying evidence it was obligated to keep in EFF’s NSA lawsuits.

Later that day, EFF Legal Director Cindy Cohn emailed her contact at DOJ, Marcia (Marcy) Berman, saying,

Jewel plaintiffs are okay with [a deadline extension] if the government can assure us that no additional information will be destroyed in the meantime.

As you can see, we went ahead and filed [the motion on spoliation].

The following Monday, after Cohn asked Berman, “Does that mean no additional information will be destroyed in the meantime?” Berman answered,

What it means is that we have already explained in our opening brief that we are in compliance with our preservation obligations and do not feel that we should have to make any further assurances or undertakings to accommodate plaintiffs’ need for additional time.

Later that day, Cohn reminded Berman that the Temporary Restraining Order covering destruction of information “including but not limited to … telephone metadata” remained in place. Cohn continued,

You appear to be saying that routine destruction of post-FISC material is continuing to occur regardless of the TRO; please confirm whether this is correct.

Berman responded, obliquely, yes.

The Court is presently considering whether the Government must preserve material obtained under Section 702 of FISA in the context of the Jewel/Shubert litigation. In the meantime, pending resolution of the preservation issues in this case, we have been examining with our clients how to address the preservation of data acquired under the Section 702 program in light of FISC imposed data retention limits (even though we disagree that the program is at issue in Jewel and Shubert).

Hoffman wrote a bunch more about “technical” “classified” blah blah blah, which I’ll return to, because I think it’s probably significant.

But for now, EFF filed for an emergency order to enforce the TRO issued back in March. Judge Jeffrey White has demanded a response from the government by noon tomorrow (they had wanted a week).

I can’t think of a more relevant NSA practice to a suit that relies significantly on Mark Klein’s whistle-blowing about the room where AT&T diverted and copied large amounts of telecom traffic than upstream 702 collection, in which AT&T and other telecom providers divert and copy large amounts of telecom traffic. While I’m not certain this evidence pertains to upstream — and not PRISM — EFF suggests that is included.

In communications with the government this week, plaintiffs learned to their surprise that the government is continuing to destroy evidence relating to the mass interception of Internet communications it is conducting under section 702 of the Foreign Intelligence Surveillance Act. This would include evidence relating to its use of “splitters” to conduct bulk interceptions of the content of Internet communications from the Internet “backbone” network of AT&T, as described in multiple FISC opinions and in the evidence of Mark Klein and J. Scott Marcus, ECF Nos. 84, 85, 89, 174 at Ex. 1

If it is, then it seems all the more damning, given that upstream collection is the practice that most obviously violates the ban on wiretapping Americans in the US.

EFF filed a motion accusing the government of illegally destroying evidence. And the government’s response was to destroy more evidence.

Update: The government has asked for an emergency stay of the Court’s June 5 order (which is actually a March 10 order, but the government doesn’t admit that) because NSA says so.

Undersigned counsel have been advised by the National Security Agency that compliance with the June 5, 2014 Order would cause severe operational consequences for the National Security Agency (NSA’s) national security mission, including the possible suspension of the Section 702 program and potential loss of access to lawfully collected signals intelligence information on foreign intelligence targets that is vital to NSA’s foreign intelligence mission

There’s something funky here — perhaps that some of this actually belongs to GCHQ? I dunno — which is leading the government to be so obstinate. Let’s hope we learn what it is.

Update: And EFF objected to DOJ’s request for a stay, pointing out what I did: that what they’re really asking for is blessing for ignoring the March 10 order.

Why Is DOJ Hiding Three Phone Dragnet Orders in Plain Sight?

The ACLU and EFF FOIAs for Section 215 documents are drawing to a head. Later this week, EFF will have a court hearing in their suit. And last Friday, the government renewed its bid for summary judgment in the ACLU case.

Both suits pivot on whether the government’s past withholdings on Section 215 were in good faith. Both NGOs are arguing they weren’t, and therefore the government’s current claims — that none of the remaining information may be released — cannot be treated in good faith. (Indeed, the government likely released the previously sealed NSA declaration to substantiate its claim that it had to treat all documents tying NSA to the phone dragnet with a Glomar because of the way NSA and DOJ respectively redact classification mark … or something like that.)

But the government insists it is operating in good faith.

Instead, the ACLU speculates, despite the government’s declarations to the contrary, that there must be some non-exempt information contained in these documents that could be segregated and released. In an attempt to avoid well-established law requiring courts to defer to the government’s declarations, especially in the area of national security, the ACLU accuses the government of bad faith and baldly asserts that the government’s past assertions regarding segregability—made before the government’s discretionary declassification of substantial amounts of information regarding its activities pursuant to Section 215— “strip the government’s present justifications of the deference due to them in ordinary FOIA cases.” ACLU Br. at 25. The ACLU’s allegations are utterly unfounded. For the reasons set forth below, the government’s justifications for withholding the remaining documents are “logical and plausible,”

EFF and ACLU have focused closely on a August 20, 2008 FISC order describing a method to conduct queries; I have argued it probably describes how NSA makes correlations to track correlations.

The government is refusing to identify 3 orders it has already identified

But — unless I am badly mistaken, or unless the government mistakenly believes it has turned over some of these orders, which is possible! — I think there are three other documents being withheld (ones the government hasn’t even formally disclosed to EFF, even while pretending they’ve disclosed everything to EFF) that raise questions about the government’s good faith even more readily: the three remaining phone dragnet Primary Orders from 2009. All three have been publicly identified, yet the government is pretending they haven’t been. They are:

BR 09-09, issued on July 8, 2009. Not only was this Primary Order identified in paragraph 3 of the next Primary Order, but it was discussed extensively in the government’s filing accompanying the end-to-end report. In addition, the non-approval of one providers’ metadata  (I increasingly suspect Sprint is the provider) for that period is reflected in paragraph 1(a) of that next Primary Order.

BR 09-15, issued on October 30, 2009. The docket number and date are both identified on the first page of this supplemental order.

BR 09-19, issued on December 16, 2009. It is mentioned in paragraph 3 of the next Primary Order. The docket number and the date are also referred to in the documents pertaining to Sprint’s challenge recently released. (See paragraph 1 and paragraph 5 for the date.)

Thus, the existence of all three Primary Orders has been declassified, even while the government maintains it can’t identify them in the context of the FOIAs where they’ve already been declassified.

The government has segregated a great deal of the content of BR 09-09

The government’s withholding of BR 09-09 is particularly ridiculous, given how extensively the end-to-end motion details it. From that document, we learn:

  • Pages 5-7 approve a new group for querying. (see footnote 2)
  • Pages 9-10 require those accessing the dragnet be briefed on minimization procedures tied to the dragnet (see PDF 22); this is likely the language that appears in paragraph G of the subsequent order. This specifically includes technical personnel. (see PDF 49)
  • Pages 10-11 require weekly reporting on disseminations. (see PDF 23) This is likely the information that appears in paragraph H in the subsequent order.
  • Page 12 affirmatively authorizes the data integrity search to find “certain non user specific numbers and [redacted] identifiers for purposes of metadata reduction and management” (see footnote 19 and PDF 55)
  • Page 8 and 13-14 lay out new oversight roles, especially for DOJ’s National Security Division (see PDF 22); these are likely the requirements laid out in paragraphs M through R in subsequent orders. Those same pages also require DOJ to share the details of NSD’s meeting with NSA in new FISC applications. (see PDF 23)
  • BR 09-09 included the same reporting requirements as laid out in BR 09-01 and BR 09-06 (see PDF 5)
  • Pages 16 -17 also included these new reporting requirements: (see PDFs 6 and 29 – 30)
    • a full explanation of why the government has permitted dissemination outside NSA of U.S. person information in violation of the Court’s Orders in this matter;
    • a full explanation of the extent to which NSA has acquired call detail records of foreign-to-foreign communications from [redacted] pursuant to orders of the FISC, and whether the NSA’s storage, handling, and dissemination of information in those records, or derived therefrom, complied with the Court’s orders; and
    • either (i) a certification that any overproduced information, as described in footnote 11 of the government’s application [i.e. credit card information), has been destroyed, and that any such information acquired pursuant to this Order is being destroyed upon recognition; or (ii) a full explanation as to why it is not possible or otherwise feasible to destroy such information.
  • BR 09-09 specifically mentioned that NSA had generally been disseminating BR FISA data according to USSID 18 and not the more restrictive dissemination provisions of the Court’s Orders. (see footnote 12)
  • BF 09-09 approved Chief, Information Sharing Services, the Senior Operations Officer, the Signals Intelligence
    Directorate (So) Director, the Deputy Director of NSA, and the Director of NSA to authorize US person disseminations. (see footnote 22 and PDF 28)

Significant parts of at least 13 pages of the Primary Order (the next Primary Order is 19 pages long) have already been deemed segregable and released. Yet the government now appears to be arguing, while claiming it is operating in good faith, that none of these items would be segregable if released with the order itself!

Wildarse speculation about why the government is withholding these orders

Which raises the question of why. Why did the government withhold these 3 orders, alone among all the known regular Primary Orders from the period of EFF and ACLU’s FOIAs? (See this page for a summary of the known orders and the changes implemented in each.)

The reason may not be the same for all three orders. BR 09-09 deals with two sensitive issues — the purging of credit card information and tech personnel access — that seem to have been resolved with that order (at least until the credit card problems returned in March 2011).

But there are two things that all three orders might have in common.

First, BR 09-09 deals closely with dissemination problems — the ability of CIA and FBI to access NSA results directly, and the unfettered sharing of information within NSA. BR 09-15 lays out new dissemination rules, with the supplement in November showing NSA to still be in violation. So it’s likely all 3 orders deal with dissemination violations (and therefore with poison fruit of inappropriate dissemination that may still be in the legal system), and that the government is hiding one of the more significant aspects of the dragnet violations by withholding those orders.

I also think it’s possible the later two (potentially all three, but more likely the later two) orders combine the phone and Internet dragnets. That’s largely because of timing: A June 22, 2009 order — the first one to deal with the dissemination problems formally addressed in BR 09-09 — dealt with both dragnets. There is evidence the Internet dragnet data got shut down (or severely restricted) on October 30, 2009, the date of BR 09-15. And according to the 2010 John Bates Internet dragnet opinion, NSA applied to restart the dragnet in late 2009 (so around the time of BR 09-19). So I think it possible the later orders, especially, deal with both programs,  thereby revealing details about the legal problems with PRTT the government would like to keep suppressed. (Note, if BR 09-15 and BR 09-19 are being withheld because they shut down Internet production, it would mean all three orders shut down some production, as BR 09-09 shut down one provider’s telephone production.)

Another possibility has to do with the co-mingling of EO 12333 and Section 215 data. These three orders all deal with the fact that providers (at least Verizon, but potentially the other two as well) had included foreign-to-foreign phone records along with the production of their domestic ones.That’s the reason production from one provider got shut down in BR 09-09. And immediately after the other withheld records, the Primary Orders always included a footnote on what to do with EO 12333 data turned over pursuant to BR FISA orders (see footnote 7 and footnote 10 for examples). Also, starting in March 2009, the Orders all contain language specifically addressing Verizon. So we know the FISC was struggling to come up with a solution for the fact that NSA had co-mingled data obtainable under EO 12333 and data the telecoms received PATRIOT Act orders from. (I suspect this is why Sprint insisted on legal cover, ultimately demanding the legal authorization of the program with the December order.) So it may be that all these orders reveal too much about the EO 12333 dragnet — and potential additional violations — to be released.

Whatever the reason, there is already so much data in the public domain, especially on BR 09-09, it’s hard to believe withholding it is entirely good faith.

EFF Accuses the Government of Spoliation of Evidence

I’ve written about these accusations in the past. EFF got a preservation order in its NSA lawsuits back in 2008. Only after the government asked for permission to destroy phone dragnet data earlier this year did they learn the government has been destroying data relevant to their various suits for years.

But now they’ve written an aggressive motion asking for sanctions.

There is now no doubt that the government defendants have destroyed evidence relevant to plaintiffs’ claims. This case concerns the government’s mass seizure of three kinds of information: Internet and telephone content, telephone records and Internet records. The government’s own declarations make clear that the government has destroyed three years of the telephone records it seized between 2006 and 2009; five years of the content it seized between 2007 and 2012; and seven years of the Internet records it seized between 2004 and 2011, when it claims to have ended those seizures.
By destroying this evidence, the government has hindered plaintiffs’ ability to prove with governmental evidence that their individual communications and records were collected as part of the mass surveillance, something the government has vigorously insisted that they must do, even as a threshold matter. Although plaintiffs dispute that the showing the government seeks is required, the government’s destruction of the best evidence that plaintiffs could use to make such a showing is particularly outrageous.

[snip]

This is spoliation of evidence. A litigant has a clear legal duty to preserve evidence relevant to the facts of a case pending consideration by the court, and that duty requires preservation of all relevant evidence, defined as anything that is likely to lead to the discovery of admissible evidence. This duty is subject only to practical considerations, none of which the government has ever raised. Any private litigant who engaged in this behavior would be rightly sanctioned by the court; indeed many have been severely sanctioned for failure to preserve evidence in far less egregious circumstances.
This court has the power to order a broad range of remedies for spoliation, up to and including terminating sanctions. Plaintiffs here seek more modest relief: that the government be subject to an adverse inference that the destroyed evidence would have shown that the government has collected plaintiffs’ communications and communications records. Plaintiffs also request that the Court set a prompt hearing date on this matter in order to halt any ongoing destruction.

My favorite part — being  a bit of a timeline wonk — is the timeline showing all the broad claims the government made to ensure state secrets would cover even activities authorized by FISA, interspersed with what data the NSA was destroying when.

Then there’s this lesson in warrantless wiretapping.

The government overreaches in trying to limit plaintiffs’ complaint. For example, the government tries to use the fact that plaintiffs often characterize the surveillance as “warrantless” as indicating that the complaint doesn’t reach surveillance conducted under the FISC. But this characterization is absolutely true even as to the FISC-authorized surveillance. Whatever the legal import of the FISC orders, they are unequivocally not full Fourth Amendment warrants, and the surveillance conducted under them is “warrantless.” Thus, this court was exactly correct in July 2013 when it stated that Plaintiffs’ claim is “that the federal government . . . conducted widespread warrantless dragnet communications surveillance of United States citizens following the attacks of September 11, 2001.”

Given all the things the government destroyed here — such as the US person phone data collected without requisite First Amendment review, the Internet metadata that included content, and the US person communications collected under upstream collection, the EO 12333 collected metadata mingled with the PATRIOT authorized data  – they might well rather give EFF standing without all that data.

We shall see. But it does make some nice Friday afternoon reading.

 

1 2 3 5
Emptywheel Twitterverse
bmaz @ScottGreenfield @gideonstrumpet @LilianaSegura @roomfordebate Would be important to have a female voice on this.
14mreplyretweetfavorite
bmaz @ScottGreenfield @gideonstrumpet @roomfordebate And I REALLY hope @LilianaSegura weighs in, even in just a comment if doesn't want to post.
15mreplyretweetfavorite
bmaz @JoshuaADouglas @rickhasen @chrislhayes Heh, sure, but have to notice, so won't be 1st thing in am+ then well less than 24hrs before polls
34mreplyretweetfavorite
bmaz More Catcalling Debate Room Needed at New York Times https://t.co/Caw8SuM3MH Whereas @ScottGreenfield @gideonstrumpet and I fill the void
37mreplyretweetfavorite
emptywheel @Dymaxion Will they at least permit enough filmmakers to survive to film the dystopia as documentary? @matthew_d_green
45mreplyretweetfavorite
emptywheel @Dymaxion True. Though the feudal lords didn't have robots. @matthew_d_green
46mreplyretweetfavorite
emptywheel @matthew_d_green Feudalism worked fine for centuries. Biggest inconvenience is finding places to ski @Dymaxion
51mreplyretweetfavorite
bmaz @KagroX Yer gonna need the guns when Kaci Hickox comes for you on her bicycle.
2hreplyretweetfavorite
bmaz RT @mtaibbi: Reporting on a misuse of an off-the-record conversation is the same mistake, just magnified. And by the NYT? http://t.co/dYKOq
2hreplyretweetfavorite
bmaz RT @EliGP: Formula 1's big teams react to smaller teams' concerns: http://t.co/otoopgYHdK
2hreplyretweetfavorite
bmaz @JustinRaimondo @towards_freedom But they won't if a wing nut Republican wins?
2hreplyretweetfavorite
bmaz @ScottGreenfield @lawfareblog @OrinKerr @granick You saw my opening salvo I presume.
3hreplyretweetfavorite
November 2014
S M T W T F S
« Oct    
 1
2345678
9101112131415
16171819202122
23242526272829
30