As I noted in January, comments Mark Udall made in the course of confirming Stephen Preston to be DOD General Counsel make it clear that CIA’s lies about a detainee generally believed to be Hassan Ghul are one of the new revelations in the Torture Report. For a number of reasons, I believe one thing CIA lied to DOJ about is when they tortured Ghul.
As I’ll show in a follow-up post, the question of when they tortured Hassan Ghul may reflect not just on the torture program, but also on the dragnet.
The public record claiming Ghul was tortured in July and August, 2004
We can lay out a rough timeline of the torture of the detainee believed to be Ghul based on several data points. First, Jay Bybee’s response to the Office of Professional Responsibility report (see page 22) makes it clear a July 2, 2004 Principals Committee meeting pertained to detainee “Janat Gul,” custody of whom CIA had reportedly (see PDF 59) just obtained (Bybee would not have been at the meeting — he had become a Circuit Court Judge over a year earlier — so he must be relying on what the OPR report says).
In addition, we can trace back the documents leading up to a reference to “Gul” in the May 30, 2005 CAT memo (see page 7). That reference describes an August 25, 2004 letter that asked for permission to use — among other things — water dousing and abdominal slaps. The approval to that request, dated August 26, 2004, cites the August 25 letter, an August 2, 2004 letter from John Rizzo, and a July 30, 2004 letter. An August 6, 2004 letter approving waterboarding also cites the August 2 Rizzo letter.
In the August 10, 2005 Techniques memo, some of these same documents are cited; the memo also reveals its subject was obese and had heart problems. Although the Techniques memo approved waterbaording, it said it was not used with the subject of the memo because of a medical contraindication.
All of this would seem to give the following chronology for Hassan Ghul’s torture (assuming he is the detainee referred to as Gul):
July 2, 2004: CIA obtains custody and in a Principals Committee meeting discusses his torture
July 7, 2004: Goldsmith provides guidance on acceptable techniques
July 22, 2004 (5 days after Goldsmith’s departure): John Ashcroft approves the use of all Bybee Memo techniques, except for waterboarding
July 30, 2004: Letter to Daniel Levin including description of torture techniques
August 1, 2004: Government raises threat level in advance of election year threats, announces surveillance of financial institutions, though reports are years old
August 2, 2004: Letter from John Rizzo to Levin, including details on when the CIA would use waterboarding and a medical and psychological assessment of Ghul
August 6, 2004: Daniel Levin advises that subject to reservations, CIA’s use of waterboarding not illegal
August 19, 2004: Letter to Daniel Levin detailing new limits on waterboarding
August 25, 2004: In letter to Daniel Levin asking to water douse Ghul, CIA claims the CIA believed (when it got custody) Ghul had actionable intelligence on “pre-election” threat to United States, had extensive connections to various al Qaeda leaders, members of the Taliban, and Zarqawi, and had tried to set up a meeting “at which elements of the pre-election threat were discussed”
August 26, 2004: Levin approves four new techniques with Ghul, including water dousing
This chronology suggests DOJ repeatedly told CIA waterboarding was not permissible in the weeks after Jack Goldsmith withdrew the Bybee Memo, but after the National Security establishment raised the threat level on August 1 because of years-old surveillance in the US, DOJ relented and approved waterboarding with Ghul. Subsequently, it appears, CIA decided Ghul was not healthy enough — either because of his heart condition or his obesity — to undergo waterboarding, so they instead water doused him in near-freezing temperatures.
The problem with this chronology
There is just one problem with that chronology: the CAT memo discusses two detainees (see page 6). The description of the first detainee — someone involved in the alleged 2004 pre-election threat — mentions the August 25 letter which elsewhere in the memo ties to Gul by name.
I’ve been meaning to go back to an exchange that occurred during Caroline Krass’ confirmation hearing to be CIA’s General Counsel back on December 17. In it, Ron Wyden raised a problematic OLC opinion he has mentioned in unclassified settings at least twice in the last year (he also wrote a letter to Eric Holder about it in summer 2012): once in a letter to John Brennan, where he described it as “an opinion that interprets common commercial service agreements [that] has direct relevance to ongoing congressional debates regarding cybersecurity legislation.” And then again in Questions for the Record in September.
Having been ignored by Eric Holder for at least a year and a half (probably closer to 3 years) on this front and apparently concerned about the memo as we continue to discuss legislation that pertains to cybersecurity, he used Krass’ confirmation hearing to get more details on why DOJ won’t withdraw the memo and what it would take to be withdrawn.
Wyden: The other matter I want to ask you about dealt with this matter of the OLC opinion, and we talked about this in the office as well. This is a particularly opinion in the Office of Legal Counsel I’ve been concerned about — I think the reasoning is inconsistent with the public’s understanding of the law and as I indicated I believe it needs to be withdrawn. As we talked about, you were familiar with it. And my first question — as I indicated I would ask — as a senior government attorney, would you rely on the legal reasoning contained in this opinion?
Krass: Senator, at your request I did review that opinion from 2003, and based on the age of the opinion and the fact that it addressed at the time what it described as an issue of first impression, as well as the evolving technology that that opinion was discussing, as well as the evolution of case law, I would not rely on that opinion if I were–
Wyden: I appreciate that, and again your candor is helpful, because we talked about this. So that’s encouraging. But I want to make sure nobody else ever relies on that particular opinion and I’m concerned that a different attorney could take a different view and argue that the opinion is still legally valid because it’s not been withdrawn. Now, we have tried to get Attorney General Holder to withdraw it, and I’m trying to figure out — he has not answered our letters — who at the Justice Department has the authority to withdraw the opinion. Do you currently have the authority to withdraw the opinion?
Krass: No I do not currently have that authority.
Wyden: Okay. Who does, at the Justice Department?
Krass: Well, for an OLC opinion to be withdrawn, on OLC’s own initiative or on the initiative of the Attorney General would be extremely unusual. That happens only in extraordinary circumstances. Normally what happens is if there is an opinion which has been given to a particular agency for example, if that agency would like OLC to reconsider the opinion or if another component of the executive branch who has been affected by the advice would like OLC to reconsider the opinion they will come to OLC and say, look, this is why we think you were wrong and why we believe the opinion should be corrected. And they will be doing that when they have a practical need for the opinion because of particular operational activities that they would like to conduct. I have been thinking about your question because I understand your serious concerns about this opinion, and one approach that seems possible to me is that you could ask for an assurance from the relevant elements of the Intelligence Community that they would not rely on the opinion. I can give you my assurance that if I were confirmed I would not rely on the opinion at the CIA.
Wyden: I appreciate that and you were very straightforward in saying that. What concerns me is unless the opinion is withdrawn, at some point somebody else might be tempted to reach the opposite conclusion. So, again, I appreciate the way you’ve handled a sensitive matter and I’m going to continue to prosecute the case for getting this opinion withdrawn.
The big piece of news here — from Krass, not Wyden — is that the opinion dates to 2003, which dates it to the transition period bridging Jay Bybee/John Yoo and Jack Goldsmith’s tenure at OLC, and also the period when the Bush Administration was running its illegal wiretap program under a series of dodgy OLC opinions. She also notes that it was a memo on first impression — something there was purportedly no law or prior opinion on — on new technology.
Yet for some reason, it was not among the opinions Goldsmith chose to withdraw in 2004 (assuming he didn’t write it), nor will Eric Holder even respond to questions about why he won’t withdraw it now.
I wonder if Wyden has asked whether some opinion written since that time relies back on that 2003 opinion, just as the illegal wiretap programs relied back on Yoo’s Fourth Amendment stripping one?
In my last post, I noted that in his report that Hassan Ghul served as a double agent before we offed him with a drone, Aram Roston stated, without confirming via sources, that Ghul is the person whose name was not entirely redacted on the bottom of page 7 in the May 2005 Convention Against Torture (CAT) torture memo. I noted that if Ghul is the detainee (and I do think he is, contrary to what sources told AP when the CIA was hunting Ghul down with drones in 2011), then we’re going to be hearing about him — and arguing about his treatment — quite a bit more in the coming weeks.
That’s because, according to information released by Mark Udall, the detainee named in the CAT memo is one of the detainees about whose treatment the CIA lied most egregiously to DOJ. This is apparently one of the key findings from the Senate Intelligence Committee Torture Report that CIA is fighting so hard to suppress.
Mark Udall’s list of torture lies
Back in August, Mark Udall posed a set of follow-up questions to then CIA and now DOD General Counsel Stephen Preston. Udall was trying to get Preston to endorse findings that appeared in the Torture Report that hadn’t appeared elsewhere (in his first set of responses about CIA’s lies to DOJ, Preston had focused on CIA’s lies about the number of waterboardings, which the CIA IG Report had first revealed). Udall noted that that lie (“discrepancy”) was known prior to the Torture Report, and asked Preston to review the “Representations” section of the Torture Report again to see whether he thought the lies (“discrepancies”) described there — and not described elsewhere — would have been material to OLC’s judgements on torture.
Udall gave Preston this list of OLC judgements that might have been different had CIA not lied to DOJ. (links added)
The 2002 memo is the original Abu Zubaydah memo, the lies in which (pertaining to who AZ was, what the torture consisted of, what had already been done to him, and whether it worked) I’ve explicated in depth elsewhere. The 2006 memo authorizes torture in the name of keeping order in confinement and the 2007 memo authorizes torture (especially sleep deprivation); both of these later memos not only rely on the 2005 memos, but on the false claims about efficacy CIA made in 2005 in their support. The lies in them pertain largely to the purpose CIA wanted to use the techniques for.
Which leaves the claims behind the 2004 letters and the 2005 memos as the key lies CIA told DOJ that remain unexplored.
The 2004 and 2005 lies to reauthorize and expand torture
I’m going to save some of these details for a post on what I think the lies told to DOJ might be, but there are two pieces of evidence showing that the 2005 memos were written to retrospectively codify authorizations given in 2004, many of them in the 2004 letters cited by Udall.
We know the 2005 memos served to retroactively authorize the treatment given to what are described as two detainees in 2004, purportedly in the months after July 2004 (though this may be part of the lie, in Ghul’s case) when DOJ and CIA were trying to draw new lines on torture in the wake of the completion of the CIA IG Report and Jack Goldsmith’s withdrawal of the Bybee Memo.
We know the May 10 Combined Memo was retroactive because Jim Comey made that clear in emails raising alarm about it.
I just finished a long call from Ted Ullyot. He said he was calling to tell me that “circumstances” were likely to require that the second opinion “be sent over tomorrow.” He said Pat had shared my concerns, which he understood to be concerns about the prospective nature of the opinion and its focus on “prototypical” interrogation.
He mentioned at one point that OLC didn’t feel like it could accede to my request to make the opinion focused on one person because they don’t give retrospective advice. I said I understood that, but that the treatment of that person had been the subject of oral advice, which OLC would simply be confirming in writing, something they do quite often.
This memo probably, though not definitely, refers to a detainee captured in August 2004 in anticipation of what the Administration claimed (almost certainly falsely) were election-related plots in the US.
And we know the May 10 Techniques and May 30 CAT memos are retroactive because we can trace back the citations about the treatment of one detainee, the detainee who appears to be Ghul, to the earlier letters from 2004.
Just as an example, the August 26 letter cited in Udall’s list relies on the August 25 CIA letter that is also cited in the CAT Memo using the name Gul (the July 22 and August 6 letters are also references, at least in part, to the same detainee).
So we know the 2005 memos served to codify the authorizations for torture that had happened in 2004, during a volatile time for the torture program.
The description of Hassan Ghul in the lying memo
There are still some very funky things about these memos’ tie to Hassan Ghul (again, that’s going to be in a later post), notably that Bush figures referred to the Ghul of the August letters as Janat Gul, including in a Principals meeting discussing his torture on July 2, 2004; sources told the AP after OBL’s killing that this Janat was different than Hassan and different than the very skinny Janat Gul who had been a Gitmo detainee.
But this description — the timing of the initial references and the description of his mission to reestablish contact with Abu Musab al-Zarqawi — should allay any doubts that Ghul is one of two detainees referenced in the CAT memo.
Intelligence indicated that prior to his capture, [redacted] “perform[ed] critical facilitation and finance activities for al-Qa’ida,” including “transporting people, funds, and documents.” Fax for Jack Goldsmith, III, Assistant Attorney General, Office of Legal Counsel, from [redacted] Assistant General Counsel, Central Intelligence Agency (March 12, 2004). The CIA also suspected [redacted] played an active part in planning attacks against United States forces [redacted] had extensive contacts with key members of al Qaeda, including, prior to their captures, Khalid Sheikh Mohammed (“KSM”) and Abu Zubaydah. See id. [redacted] was captured while on a mission from [redacted] to reestablish contact with al-Zarqawi. See CIA Directorate of Intelligence, US Efforts Grinding Down al-Qa’ida 2 (Feb 21, 2004).
Ghul was captured by Kurds around January 23, 2004, carrying a letter from Zarqawi to Osama bin Laden.
So while there are a lot of details that the Senate Torture Report presumably sorts out in detail, it seems fairly clear that Ghul is the subject of some of the documents in question, and that, therefore, there are aspects of the treatment he endured at CIA’s hands that CIA felt the need to lie to DOJ about.
We’ve known for years that CIA lied to DOJ about what they had done and planned to do with Abu Zubaydah. But a great deal of evidence suggests that CIA lied to DOJ about what they did to Hassan Ghul, a detainee (the Senate Report also shows) who provided the key clue to finding Osama bin Laden before he was tortured.
If that’s the case, then I find the release of a story that, after that treatment, he turned double agent either directly or indirectly in our service to be awfully curious timing given the increasing chance we’re about to learn more about these lies and this treatment with any release of the Torture Report.
Several days ago I wrote,
Both Goldsmith’s memo (see PDF 14) and the Draft NSA IG Report (PDF 10) make it clear that, in addition to temporarily shutting down the Internet dragnet, the March 19, 2004 modifications to the program narrowed the program’s focus to exclude the Iraqi Intelligence figures who had previously been included, suggesting that Goldsmith only felt he could approve the program for terrorists.
I’ve known — and written — about this detail in the past. But I hadn’t really put together what it means.
Post-hospital confrontation changes include the exclusion of Iraqi-related targets
Here’s what the two passages say. Goldsmith’s (still heavily redacted) memo reveals that, along with other modifications George Bush made on March 19, 2004 in response to the DOJ resignation threats (notably, temporarily shutting down the Internet dragnet) he also “clarified” the scope of the program.
In the March 19, 2004 Modification, the President also clarified the scope of the authorization [redacted]. He made clear that the Authorization applied where there were reasonable grounds to believe that a communicant was an agent of an international terrorist group [redacted]
The NSA IG Report explains that “clarification” halted using the Presidential Surveillance Program authority against the Iraqi Intelligence Service.
(TS//SI//NF) Iraqi Intelligence Service. For a limited period of time surrounding the 2003 invasion of lraq, the President authorized the use of PSP authority against the Iraqi Intelligence Service. On 28 March 2003, the DCI determined that, based on then current intelligence, the Iraqi Intelligence service was engaged in terrorist activities and presented a threat to U.S. interests in the United States and abroad. Through the Deputy DCI, Mr. Tenet received the President’s concurrence that PSP authorities could be used against the Iraqi Intelligence Service. NSA ceased using the Authority for this purpose in March 2004. [my emphasis]
There may be a perfectly innocent explanation for this.
At precisely that time, Goldsmith was trying to rein in the government’s rendition program to prevent the rendition of Iraqis protected under international law governing occupation. And, at what appears to have been the same time, DOD was for the first time making a distinction between between Iraqis detained and interrogated as former regime officials and Iraqis detained and interrogated as leaders of the insurgency. Clearly, up until that point, Bush had been using the rules invented to hunt terrorists in his Iraq War, creating all sorts of legal problems. So it would be unsurprising if Goldsmith used the resignation threats to force Bush to stop targeting Iraqi officials as terrorists when they were really legal opponents in a war.
The Iraqi-related illegal wiretapping targets must include US-based collection
Except that doesn’t make sense.
That’s because, whatever violations of international law Bush was committing in Iraq, illegal spying on Iraqis was almost certainly not one of them. Nothing prevented the government from spying on Iraqis, and very little spying on Iraqis in Iraq would involve the kind of US collection that implicated his illegal wiretap program.
Which is why the IG Report’s description of an Iraqi intelligence “threat to U.S. interests in the United States” gives me pause.
The illegal program, after all, was focused on US metadata and content collection to find threats (what it called “terrorists”) in the United States. Both the method and location of collection only make sense if you’re hunting communications with at least one, if not both, sides in the US.
There was no real known threat posed by Iraqi governmental interests in the US, in part because the US military chased the Iraqi government underground so quickly. And yet, for it to be something tied into the resignation threats, some significant spying must have been going on.
The obvious guess — and at this point it is just a guess — would be they used the illegal wiretap program to hunt down people Cheney’s minions claimed helped Iraq’s cause here in the US.
You know? Iraqi intelligence assets? Like anti-war activists?
Some data points that might support Bush’s use of his illegal program against anti-war activists
Again, at this point, this is just a guess, one that would be thoroughly unsurprising but is not supported by hard facts.
But it’s worth remembering that Bush did roll out a domestic spying program to track anti-war activities, CIFA, the database for which was destroyed just weeks before NYT initially exposed Bush’s illegal program. We know there were ties between that program and heavy FBI investigations in the US. Then there’s the Antiwar investigation, started just weeks after the hospital confrontation, that used a counterterrorism purpose (a watchlist Antiwar posted) as the predicate to call for further investigation of Antiwar’s online publications, conducted in multiple cities. The Bush Administration was clearly conducting aggressive spying on anti-war activists, so it would be unsurprising to learn it used the threat of Iraqi involvement in the US to conduct illegal electronic surveillance.
Then there’s the suggestion in this NSA training program (from which the two slides above come — see this post for background) that NSA had a “present example” (in 2009) of an abuse akin to Project Minaret, in which a watchlist of citizens –largely critics of the Vietnam War — were surveilled in the name of tracking any foreign influence on them. Here’s Matthew Aid’s description of recent disclosures about that program.
As the Vietnam War escalated during Lyndon B. Johnson’s presidency, domestic criticism and protest movements abounded. Protesters surrounded the Pentagon in the fall of 1967 and two years later organized demonstrations and the Moratorium to End the War in Vietnam. The scale of the dissent angered Johnson as well as his successor, Richard Nixon. As fervent anti-communists, they wondered whether domestic protests were linked to hostile foreign powers, and they wanted answers from the intelligence community. The CIA responded with Operation Chaos, while the NSA worked with other intelligence agencies to compile watch lists of prominent anti-war critics in order to monitor their overseas communications. By 1969, this program became formally known as “Minaret.”
While the NSA slide describes the present example as “unauthorized targeting of suspected terrorists in the U.S.,” not targeting of anti-war activists, we know the collection shut down in March 2004 must have involved the targeting of people in the US based on a claim that some tie to Iraqi interests made them terrorists. Moreover, such targeting would be an exact parallel with Minaret (and while I haven’t discussed it yet, I am cognizant of Bernie Sanders’ recent questions about the targeting of members of Congress, as happened under Minaret and, for reasons explained in my earlier post, as the training program may allude to).
Again, I want to emphasize: this is just a wildarsed guess. though one consistent with what we know about Bush’s illegal program and his surveillance of anti-war activists generally.
Whatever it was, it was part of the package that almost led a bunch of DOJ officials to quit.
Way back in 2013, in Marty Lederman’s review of the NSA Review Group’s Report, he pointed to the Report’s suggestion that Section 702 collection was limited to use with counterterrorism, counterproliferation, and cybersecurity.
The Report contains an interesting clue about how the government is presently using Section 702 that I do not recall being previously disclosed—and raises a related question about legal authorities under that provision of the FAA:
The Report explains (page 136) that in implementing Section 702, “NSA identifies specific ‘identifiers’ (for example, e-mail addresses or telephone numbers) that it reasonably believes are being used by non-United States persons located outside of the United States to communicate foreign intelligence information within the scope of the approved categories (e.g., international terrorism, nuclear proliferation, and hostile cyber activities).
Later, on pages 152-53, the authors “emphasiz[e] that, contrary to some representations,section 702 does not authorize NSA to acquire the content of the communications of masses of ordinary people. To the contrary, section 702 authorizes NSA to intercept communications of non-United States persons who are outside the United States only if it reasonably believes that a particular ‘identifier’ (for example, an e-mail address or a telephone number) is being used to communicate foreign intelligence information related to such matters as international terrorism, nuclear proliferation, or hostile cyber activities.” (Italics in original.)
I may be mistaken, but I don’t believe that there’s anything in the statute itself that imposes the limitations in bold–neither that the NSA must use such “identifiers,” nor that international terrorism, nuclear proliferation, and hostile cyber activities are the only topics of acceptable foreign intelligence information that can be sought. Perhaps the FISC Court has insisted upon such limits; but, as far as I know, the Section 702 authority as currently codified is not so circumscribed.
Of course, if you’re a regular emptywheel reader, you likely know where this has been suggested in the past, since I’ve been pointing out this apparent limitation to Section 702 since June 10 and discussed some implications of it here, here, and here.
In a response to Lederman, Julian Sanchez provided some specific cautions about treating these category limits as true “limitations.” He suggests it is unlikely that the Intelligence Community or the FISA Court would impose such limitations.
The 702 language, codified at 50 U.S.C. §1881a, permits the NSA to acquire any type of “foreign intelligence information,” which is defined extraordinarily broadly to encompass, inter alia, anything that relates to the “conduct of the foreign affairs of the United States.” But here we have the Review Group suggesting repeatedly that 702 surveillance is only for acquiring certain specific types of foreign intelligence information, related to nuclear proliferation, international terrorism, or cybersecurity. Have the intelligence agencies or the FISC imposed a more restricted reading of “foreign intelligence information” than the FISA statute does? I doubt it.
While I agree with most of Sanchez’ other cautions, I actually do think it likely that the FISC conducts a review that ends up in such limited certifications. They did it for application of Section 215 to the phone dragnet (which legally could have been used for counterintelligence purposes) and I think they may well have done so with Section 702.
FISCR only ruled bulk content collection legal for “national security” foreign intelligence purposes
We’ll learn whether I’m right or not when the FISC releases more of the 2008 Yahoo challenge to Protect America Act directives. But there is enough detail in the unclassified August 22, 2008 FISA Court of Review opinion released in early 2009 to suggest where that limitation may have come from.
The FISCR opinion, written by Bruce Selya, describes the certifications before the Court as limited to “foreign intelligence for national security purposes,” a limitation that already circumscribes PAA (and the FISA Amendments Act, as Sanchez has laid out), which allow their use for foreign intelligence generally.
In essence, as implemented, the certifications permit surveillances conducted to obtain foreign intelligence for national security purposes when those surveillances are directed against foreign powers or agents of foreign powers reasonably believed to be located outside the United States. [my emphasis]
This limitation is important because of the way Selya deals with the affirmation, in the FISC ruling before the FISCR, that there is a foreign intelligence exception to the Fourth Amendment: by instead finding a special needs exception to the Fourth tied to national security. →']);" class="more-link">Continue reading
But to give those two background, I want to look at a passage in the Internet dragnet opinion, in which Colleen Kollar-Kotelly describes a fascinating briefing that she received in advance of authoring what Orin Kerr describes as a “quite strange” opinion.
After describing some declarations she received (including one from a person whose title remains redacted) and some questions she posed, she describes this briefing.
The Court also relies on information and arguments presented in a briefing to the Court on [redacted] which addressed the current and near-term threats posed by [redacted reference to Al Qaeda and others], investigations conducted by the Federal Bureau of investigation (FBI) to counter those threats, the proposed collection activities of the NSA (now described in the instant application), the expected analytical value of information so collected in efforts to identify and track operatives [redacted] and the legal bases for conducting these collection activities under FISA’s pen register/trap and trace provisions. 4
4 This briefing was attended by (among others) the Attorney General; [redacted] the DIRNSA; the Director of the FBI; the Counsel to the President; the Assistant Attorney General for the Office of Legal Counsel; the Director of the Terrorist Threat Integration Center (TTIC); and Counsel for Intelligence Policy.
That is, right at the beginning of her opinion, Kollar-Kotelly tells us that she had a briefing with:
On page 30, Kollar-Kotelly seems to refer to the same redacted person again, which in the context of the reference to CIA v. Sims in that footnote, seems to suggest this is a reference to CIA Director George Tenet, which suggests the redacted author of the brief she relied on was authored by Tenet. (I leave open the more tantalizing possibility that it’s someone like Dick Cheney, but highly doubt it.)
So before she approved the use of FISA’s Pen Register to collect much of the Internet metadata in the US, she had a meeting with at least one of the villains — Alberto Gonzales — of the hospital confrontation at which DOJ refused to reauthorize the Internet metadata program that was part of the President’s illegal wiretap program, and at least three of its “heroes:” Ashcroft, Mueller, and Goldsmith.
Interestingly, this meeting does not appear — at least not described as such — in the Draft NSA IG Report description of the transition to a FISC order.
After extensive coordination, DoJ and NSA devised the PRITT theory to which the Chief Judge of the FISC seemed amenable. DoJ and NSA worked closely over the following months, exchanging drafts of the application, preparing declarations, and responding to questions from court advisers. NSA representatives explained the capabilities that were needed to recreate the Authority, and DoJ personnel devised a workable legal basis to meet those needs. In April 2004, NSA briefed Judge Kollar-Kotelly and a law clerk because Judge Kollar-Kotelly was researching the impact of using PSP-derived information in FISA applications. In May 2004, NSA personnel provided a technical briefmg on NSA collection of bulk Internet metadata to Judge Kollar-Kotelly. In addition, General Hayden said he met with Judge Kollar-Kotelly on two successive Saturdays during the summer of 2004 to discuss the on-going efforts.
Was this “briefing” one of the Saturday meetings Hayden had with FISC’s Presiding Judge?
More broadly, it is important to consider the context in which the FISA Court initially approved the bulk collection. Unverified media reports (discussed above) state that bulk telephony metadata collection was occurring before May 2006; even if that is not the case, perhaps such collection could have occurred at that time based on voluntary cooperation from the telecommunications providers. If so, the practical question before the FISC in 2006 was not whether the collection should occur, but whether it should occur under judicial standards and supervision, or unilaterally under the authority of the Executive Branch.
The briefings and other historical evidence raise the question whether Congress’s repeated reauthorization of the tangible things provision effectively incorporates the FISC’s interpretation of the law, at least as to the authorized scope of collection, such that even if it had been erroneous when first issued, it is now—by definition—correct. [my emphasis]
The Internet dragnet was illegal. At least 3 of the people who conveyed the importance of authorizing this program had said so — in very dramatic fashion — less than four months before she would do so.
And yet she wrote a memo saying it was legal.
Update, 8/12/14: This application confirms that George Tenet was the redacted declaration submitter.
I’m going to have a few posts on the Leahy-Sensenbrenner bill, which is the most likely way we’ll be able to rein in NSA spying. In addition to several sections stopping bulk collection, it has a section on collection of US person data under FISA Amendments Act (I’ll return to the back-door loophole later).
But I’m particularly interested in what it does with upstream collection. It basically adds a paragraph to section d of Section 702 that limits upstream collection to two uses: international terrorism or WMD proliferation.
(C) limit the acquisition of the contents of any communication to those communications—
(i) to which any party is a target of the acquisition; or
(ii) that contain an account identifier of a target of an acquisition, only if such communications are acquired to protect against international terrorism or the international proliferation of weapons of mass destruction.;
And adds a definition for “account identifier” limiting it to identifiers of people.
(1) ACCOUNT IDENTIFIER.—The term ‘account identifier’ means a telephone or instrument number, other subscriber number, email address, or username used to uniquely identify an account.
I believe the effect of this is to prevent NSA from using Section 702 to conduct cyberdefense in the US.
As I have noted, there are reasons to believe that NSA uses Section 702 for just 3 kinds of targets:
There are many reasons to believe one primary use of Section 702 for cybersecurity involves upstream collection targeted on actual pieces of code (that is, the identifier for a cyberattack, rather than the identifier of a user). As an example, the slide above, which I discuss in more detail here, explains that one of the biggest Section 702 successes involves preventing an attacker from exfiltrating 150 Gigs of data from a defense contractor. The success involved both PRISM and STORMBREW, the latter of which is upstream collection in the US.
In other words, the government has been conducting upstream collection within the US to search for malicious code (I’m not sure how they determine whether the code originated in a foreign country though given that they refuse to count domestic communications collected via upstream collection, I doubt they care).
So what these two sections of Leahy-Sensenbrenner would do is 1) limit the use of upstream collection to terrorists and proliferators, thereby prohibiting its use for cybersecurity, and 2) define “account identifier” to exclude something like malicious code.
There’s one more interesting aspect of this fix. Unlike many other sections of the bill, it doesn’t go into effect right away.
EFFECTIVE DATE.—The amendments made by subsections (a) and (b) shall take effect on the date that is 180 days after the date of the enactment of this Act.
The bill gives the Executive 6 months to find an alternative to this use of Section 702 — presumably, to pass a cybersecurity bill explicitly labeled as such.
Keith Alexander and others have long talked about the need to scan domestic traffic to protect against cyberattacks. But it appears — especially given the 6 month effective date on these changes — they’re already doing that, all in the name of foreign intelligence.
On May 6, 2004, Jack Goldsmith signed an OLC memo that read, in part,
We conclude that in the circumstances of the current armed conflict with al Qaeda, the restrictions set out in FISA, as applied to targeted efforts to intercept the communications of the enemy in order to prevent further armed attacks on the United States, would be an unconstitutional infringement on the constitutionally assigned powers of the President. The President has inherent constitutional authority as Commander in Chief and sole organ for the nation in foreign affairs to conduct warrantless surveillance of enemy forces for intelligence purposes to detect and disrupt armed attacks on the United States. Congress does not have the power to restrict the President’s exercise of that authority.
Finally, as part of the balancing of interests to evaluate the Fourth Amendment reasonableness, we think it is significant that [redacted] is limited solely to those international communications for which “there are reasonable grounds to believe … [that] a party to such communication is a group engaged in international terrorism, or activities in preparation therefor, or any agent of such a group.” March 11, 2004 Authorization [redacted] The interception is thus targeted precisely at communications for which there is already a reasonable basis to think there is a terrorism connection. This is relevant because the Supreme Court has indicated that in evaluating reasonableness, one should consider the “efficacy of [the] means for addressing the problem.”
Thus, a program of surveillance that operated by listening to the content of every telephone call in the United States in order to find those calls that might relate to terrorism would require us to consider a rather difference [sic] balance here. [redacted] however, is precisely targeted to intercept solely those international communications for which there are reasonable grounds already to believe there is a terrorism connection, a limitation which further strongly supports the reasonableness of the searches.
We now know that opinion not only authorized the wiretapping of calls involving US persons, but also at least assumed the collection and contact chaining of the call records of all Americans (there’s an almost entirely redacted section of the memo that describes the March 19 halt to the collection of Internet metadata and the April 2 modification we don’t yet know about).
It’s worth keeping in mind that Goldsmith laid out the case that such a program was “reasonable” under the Fourth Amendment as you read his current writing on the NSA. For example, when — several weeks ago — he scolded the White House for not more aggressively defending the program that has actually expanded since he authorized it 9 years ago…
The government cannot rely on outsiders to explain these documents. It must do so itself, aggressively and comprehensively, even at the expense of revealing more classified information or having to acknowledge embarrassing information. If it doesn’t do so, the information already leaked, and the information that will be leaked in the weeks and months ahead, will continue to be portrayed in a very unfavorable light.
He was in part calling for the White House to protect programs he — back in 2004 — deemed critical to protect against terrorism.
Even more interesting is Goldsmith’s prediction (funded by Northrop Grumman, which is a significant NSA contractor) that we’ll all learn to welcome NSA scanning all the metadata and content of US communications — searches far more intrusive, and not committed under the guise of war — in search of hackers in the future.
“I can’t defend the country until I’m into all the networks,” General Alexander reportedly told senior government officials a few months ago.
For Alexander, being in the network means having government computers scan the content and metadata of Internet communications in the United States and store some of these communications for extended periods. →']);" class="more-link">Continue reading
There’s a fundamental dishonesty in the debate about Syria derived from treating the authorization to punish Bashar al-Assad for chemical weapons use in isolation from the Administration’s acknowledged covert operations to support the rebels. It results in non-discussions like this one, in which Markos Moulitsas refutes Nicholas Kristof’s call for bombing Bashar al-Assad based on the latter’s claim we are currently pursuing “peaceful acquiescence.”
And war opponents don’t have to deal with arguments like this one, from the New York Times’Nicholas Kristof:
So far, we’ve tried peaceful acquiescence, and it hasn’t worked very well. The longer the war drags on in Syria, the more Al Qaeda elements gain strength, the more Lebanon and Jordan are destabilized, and the more people die.
The administration has gone to great lengths to stress just how limited air strikes will be, and to great pain to reiterate that regime destabilization is not the goal. So I’m not sure where Kristoff gets the idea that such attacks will have any effect on the growing influence of Islamists in the region. But let’s say that by some miracle, the air strikes do weaken the Assad government, it is the “Al Qaeda elements” that stand most to gain, as they are be best placed to pick up the pieces.
Markos is right: the Administration has gone to great lengths to claim this authorization to use force is only about limited bomb strikes, will involve no boots on the ground, and isn’t about regime change. Here’s how the President described it:
I have decided that the United States should take military action against Syrian regime targets. This would not be an open-ended intervention. We would not put boots on the ground. Instead, our action would be designed to be limited in duration and scope.
But both are ignoring that at the same time, the Administration is pursuing publicly acknowledged (!) covert operations with the intent of either overthrowing Assad and replacing him with moderate, secular Syrians (based on assurances from the “Custodian of the Two Mosques” about who is and who is not secular), or at least weakening Assad sufficiently to force concessions in a negotiated deal that includes the Russians.
Yet here’s how the President’s National Security team discussed the other strand of this — lethal support for vetted rebels — from the very beginning of Tuesday’s hearing before the Senate Foreign Relations Committee.
SEN. CORKER: What I’m unaware of is why it is so slow in actually helping them with lethal support — why has that been so slow?
SEC. KERRY: I think — I think, Senator, we need to have that discussion tomorrow in classified session. We can talk about some components of that. Suffice it to say, I want to General Dempsey to speak to this, maybe Secretary Hagel. That is increasing significantly. It has increased in its competency. I think it’s made leaps and bounds over the course of the last few months.
Secretary Hagel, do you — or General, do you want to –
SEN. HAGEL: I would only add that it was June of this year that the president made a decision to support lethal assistance to the opposition, as you all know. We have been very supportive with hundreds of millions of dollars of nonlethal assistance. The vetting process, as Secretary Kerry noted, has been significant. But — I’ll ask General Dempsey if he wants to add anything — but we, Department of Defense, have not been directly involved in this. This is, as you know, a covert action, and as Secretary Kerry noted, probably to go into much more detail would require a closed or classified hearing.
SEN. CORKER: As he’s answering that, and if you could be fairly brief, is there anything about the authorization that you’re asking that in any way takes away from our stated strategy of empowering the vetted opposition to have the capacity over time to join in with a transition government, as we have stated from the beginning?
Is there anything about this authorization that in any way supplements that?
GEN. DEMPSEY: To your question about the opposition, moderate opposition, the path to the resolution of the Syrian conflict is through a developed, capable, moderate opposition. And we know how to do that.
Secondly, there’s nothing in this resolution that would limit what we’re doing now, but we’re very focused on the response to the chemical weapons. I think that subsequent to that, we would probably return to have a discussion about what we might do with the moderate opposition in a — in a more overt way. [my emphasis]
The President, as part of covert action (that is, authorized under Article II authority), decided to lethally arm vetted rebels in June. Those efforts were already increasing significantly, independent of the spanking we’re discussing for Assad. Nothing related to the spanking will limit those efforts to arm the rebels (no one comments on it here, but elsewhere they do admit that spanking Assad will degrade his defenses, so the opposite will occur). And General Dempsey, at least, is forthright that the Administration plans to return to Congress after the spanking to talk about increased, overt support for the rebels.
So there’s the spanking.
And then there’s the lethal arming of rebels which is not a part of the spanking, but will coincidentally benefit from it and has been accelerating of late.
Spanking without regime change. And regime change (or at least a negotiated solution).
Which returns us to the content of the AUMF. →']);" class="more-link">Continue reading
Former NSA Counsel Stewart Baker has been in an increasingly urgent froth since Edward Snowden’s leaks first became public trying to prove that the NSA should have more, not less, unchecked authority.
How is the NSA Director Alexander’s claim that “we can audit the actions of our people 100%” (thus providing an important check against abuse) consistent with (a) stories long after Snowden’s initial revelations that the White House does not “know with certainty” what information Snowden pilfered, (b) reported NSA uncertainty weeks after the initial disclosure about what Snowden stole, (c) Alexander’s own assertion (in June) that NSA was “now putting in place actions that would give us the ability to track our system administrators”?
Baker’s totally inadequate response consists of pointing to certain features of XKeyscore revealed by the Guardian.
Take a close look at slide 7 of the latest leaked powerpoints.
It shows a sample search for a particular email address, including a box for “justification.” The sample justification (“ct target in n africa”) provides both the foreign intelligence reason for surveillance and the location of the target. What’s more, the system routinely calls for “additional justification.” All this tends to confirm NSA’s testimony that database searches must be justified and are subject to audits to prevent privacy abuses.
Now, I don’t know about Baker, but even without a drop-down menu, the average American high schooler is thoroughly adept at substituting a valid justification (“grandmother’s funeral,” “one day flu”) for an invalid one (“surfs up!” “first day of fishing season”). I assume the analysts employed by NSA are at least as adept at feeding those in authority the answers they expect. XKeyscore just makes that easier by providing the acceptable justifications in a drop-down menu.
More problematic for Baker, he commits the same error the Guardian’s critics accuse it of committing: confusing a User Interface like XKeyscore or PRISM with the underlying collections they access. (The Guardian has repeated Snowden and Bill Binney’s claims the NSA collects everything, without yet presenting proof that that includes US person content aside from incidental content collected on legitimate targets.)
That error, for Baker, makes his response to Goldsmith totally inapt to his task at hand, answering Goldsmith’s questions about what systems administrators could do, because he responds by looking at what analysts could do. Goldsmith’s entire point is that the NSA had insufficient visibility into what people with Snowden’s access could do, access which goes far beyond what an analyst can do with her drop-down menu.
And one of the few documents the government has released actually shows why that is so important.
The Primary Order for the Section 215 metadata dragnet, released last week, reveals that technical personnel have access to the data before it gets to the analyst stage.
Appropriately trained and authorized technical personnel may access the BR metadata to perform those processes needed to make it usable for intelligence analysis. Technical personnel may query the BR metadata using selection terms4 that have not been RAS-approved (described below) for those purposes described above, and may share the results of those queries with other authorized personnel responsible for these purposes, but the results of any such queries will not be used for intelligence analysis purposes. An authorized technician may access the BR metadata to ascertain those identifers that may be high volume identifiers. The technician may share the results of any such access, i.e., the identifers and the fact that they are high volume identifers, with authorized personnel (including those responsible for the indentification and defeat of high volume and other unwanted BR metadata from any of NSA’s various metadata respositories), but may not share any other information from the results of that access for intelligence analysis purposes. In addition, authorized technical personnel may access the BR metadata for purposes of obtaining foreign intelligence information pursuant to the requirements of subparagraph (3)(C) below.
Whenever the BR metadata is accessed for foreign intelligence analysis purposes or using foreign intelligence analysis query tools, an auditable record of the activity shall be generated.
Note, footnote 4 describing these selection terms is redacted and the section in (3)(C) pertaining to these technical personnel appears to be too.
Now, I suspect the technical personnel who access the metadata dragnet are different technical personnel than the Snowdens of the world. They’re data crunchers, not network administrators. Which only shows there’s probably a second category of person that may escape the checks in this system.
That’s because with their front-end manipulation of the dataset (though not the activities described under (3)(C)), these personnel are not conducting what are considered foreign intelligence searches of the database. The data they extract from the database is specifically prohibited (though, with weak language) from circulation as foreign intelligence information. That appears to mean their actions are not auditable. When Keith Alexander says the data is 100% auditable? You shouldn’t believe him, because his own document appears to say only the analytical side of this is audited. (The document also makes it clear that once the data has been queried, the results are openly accessible without any audit function; the ACLU had a good post on this troubling revelation.)
I suspect a lot of what these technical personnel are doing is stripping numbers — probably things like telemarketer numbers — that would otherwise distort the contact chaining. Unless terrorists’ American friends put themselves on the Do Not Call List, then telemarketers might connect them to every other American not on the list, thereby suggesting a bunch of harassed grannies in Dubuque are 2 degrees from Osama bin Laden.
But there’s also the reference to “other unwanted BR metadata.” As I’ll explain in a future post, I suspect that may be some of the most sensitive call records in the dataset.
Whatever call records get purged on the front end, though, it appears to all happen outside the audit chain that Keith Alexander likes to boast about. Which would put it well outside the world of drop-down menus that force analysts actions to conform with something that looks like foreign intelligence analysis.
In other words, even the document the government provided (with heavy redactions) to make us more comfortable about this program shows places where it probably has insufficient visibility on what happens to the data. And that’s well before you get into the ability of people who can override other technical checks on NSA behavior as system administrators.
Update: More froth from Stewart Baker. This response to my post seems to be an utter capitulation to Goldsmith’s point.
Wheeler thinks this is important because it means that the “justification” menus don’t guarantee auditability of every use of intercept data by every employee at NSA. Again, that may be true, but the important point about the “justification” menu isn’t that it offers universal protection against abuse; nothing does. [my emphasis]