Posts

NSA’s Lawyers Missed “Virtually Every Record” over 25 Reviews

/5 Comments/in /by

As I’ve written before, the Internet dragnet did not get through the its first 90 day Primary Order before it violated the rules laid out by the FISA Court. In an effort to convince Judge Kollar-Kotelly they could conduct the dragnet according to her orders, NSA’s Office of General Counsel agreed to do spot checks of the data twice every 90-day authorization. That requirement stayed in place for the rest of the dragnet.

Which means between 2004 and 2009, OGC should have conducted over 25 spot checks of the data NSA obtained under the program.

And yet, in that entire time, OGC somehow never noticed that “virtually every record” NSA was taking in included data that it was not authorized to collect.

That’s one of the two crazy things about the Internet dragnet that this month’s document dump made clear. I explain them in this piece at The Week. The other is that, in an end-to-end report conducted from roughly March through September of 2009, NSA also didn’t find that virtually every record they had collected had broken the law.

Exhibit A is a comprehensive end-to-end report that the NSA conducted in late summer or early fall of 2009, which focused on the work the agency did in metadata collection and analysis to try and identify people emailing terrorist suspects.

The report described a number of violations that the NSA had cleaned up since the beginning of that year — including using automatic alerts that had not been authorized and giving the FBI and CIA direct access to a database of query results. It concluded the internet dragnet was in pretty good shape. “NSA has taken significant steps designed to eliminate the possibility of any future compliance issues,” the last line of the report read, “and to ensure that mechanisms are in place to detect and respond quickly if any were to occur.”

But just weeks later, the Department of Justice informed the FISA Court, which oversees the NSA program, that the NSA had been collecting impermissible categories of data — potentially including content — for all five years of the program’s existence.

[snip]

Judge John Bates, then head of FISC, emphasized that the NSA had missed the unauthorized data in its comprehensive report. He noted “the extraordinary fact that NSA’s end-to-end review overlooked unauthorized acquisitions that were documented in virtually every record of what was acquired.” Bates went on, “[I]t must be added that those responsible for conducting oversight at NSA failed to do so effectively.”

Nevertheless, Bates went on to vastly expand the program.

No wonder James Clapper’s office made those documents so hard to read. There is no way to read them and believe the NSA can be trusted to stay within the law.

Working Thread, Internet Dragnet 5: The Audacious 2010 Reapplication

/2 Comments/in /by

At some point (perhaps at the end of 2009, but sometime before this application), the government tried to reapply, but withdrew their application. The three letters below were sent in response to that. But they were submitted with the reapplication.

See also Working Thread 1Working Thread 2Working Thread 3, Working Thread 4, and Internet Dragnet Timeline. No one else is doing this tedious work; if you find it useful, please support it.

U. First Letter in Response to FISC Questions Concerning NSA bulk Metadata Collection Using Pen Register/Trap and Trace Devices,

(15/27) In addition to tagging data itself, the source now gets noted in reports.

(16/27) NSA wanted all analysts to be able to query.

(16/27) COntrary to what redaction seemed to indicate elsewhere, only contact chaining will be permitted.

(17/27) This implies that even technical access creates a record, though not about what they access, just when and who did it.

(17/27) NSA asked for the same RAS timelines as in BRFISA — I think this ends up keeping RAS longer than an initial PRTT order.

(18/27) “Virtually every PR/TT record contains some metadata that was authorized for collection, and some metadata that was not authorized for collection … virtually every PR/TT record contains some data that was not authorized by prior orders and some that was not.”

(21/27) No additional training for internal sharing of emails.

(21/27) Proof they argue everything that comes out of a query is relevant to terrorism:

Results of queries of PR/TT-sourced metadata are inherently germane to the analysis of counterterrorism-related foreign intelligence targets. This is because of NSA’s adherence to the RAS standard as a standard prerequisite for querying PR/TT metadata.

(22/27) Note “relevance” creep used to justify sharing everywhere. I really suspect this was built to authorize the SPCMA dragnet as well.

(23/27) Curious language about the 2nd stage marking: I think it’s meant to suggest that there will be no additional protection once it circulates within the NSA.

(24/27) NSA has claimed they changed to the 5 year age-off in December 2009. Given the question about it I wonder if that’s when these letters were sent?

(24/27) Their logic for switching to USSID-18:

these procedures form the very backbone for virtually all of NSA’s dissemination practices. For this reason, NSA believes a weekly dissemination report is no longer necessary.

(24-5/27) The explanation for getting rid of compliance meetings is not really compelling. Also note that they don’t mention ODNI’s involvement here.

(25/27) “effective compliance and oversight are not performed simply through meetings or spot checks.”

(27/27) “See the attached word and pdf documents provided by OIG on an intended audit of PR/TT prior to the last Order expiring as an example.” Guess this means the audit documents are from that shutdown period.

V. Second Letter in Response to FISC Questions concerning NSA bulk Metadata Collection Using Pen Register/Trap and Trace Devices,

W. Third Letter in Response to FISC Questions Concerning NSA Bulk Metadata Collection Using Pen Register/Trap and Trace Devices.

(2) DNI adopted new serial numbers for reports, so as to be able to recall requests.

(3) THey’re tracking the query reports to see if they can withdraw everything.

(3) THis is another of the places they make it clear they can disseminate law enforcement information without the USSID requirements.

(4) It appears the initial application was longer than the July 2010, given the reference to pages 78-79.

Q: Government’s Application for Use of Pen Register/Trap and Trace Devices for Foreign Intelligence Purposes. (around July 2010)

There are some very interesting comparisons with the early 2009 application, document AA.

(1)  Holder applied directly this time rather than a designee (Holder may not have been confirmed yet for the early 2009 one).

(2) The redacted definition of foreign power in AA was longer.

(3) “collect” w/footnote 3 was redacted in AA.

(3) Takes out reference to “email” metadata.

(3) FN 4 both focuses on “Internet communication” rather than “email [redacted]” as AA did, but it also scopes out content in a nifty way.

Read more

WSJ Falsely Paints John “Bates Stamp” as Aggressive

/2 Comments/in /by

WSJ wrote a badly flawed article yesterday describing John Bates’ 2010 opinion reauthorizing the Internet dragnet, claiming the memo — which was released last November — was just declassified.

Newly declassified court documents show one of the National Security Agency’s key surveillance programs was plagued by years of “systemic overcollection” of private Internet communications.

[snip]

Some of the problems with Internet metadata previously were reported and have been part of a broad critique of the NSA’s surveillance activities since the Sept. 11, 2001, terror attacks. The new document from Judge Bates offers the most detailed accounting—even with more than a dozen pages blacked out—of what those problems were.

Sure, ODNI didn’t explain that the opinion — and three other documents released — had been released before, one on multiple occasions. But those of us who read the opinion with the first release, rather than offering up unrepresentative quotes, recognized Bates’ memo as one of the seminal releases from last year. And contrary to WSJ’s claim, the public record (including Claire Eagan’s opinion, which cites from it) shows the opinion to date to 2010.

Even in this supposed actual reading of the document, however, WSJ gets it wrong.

The judge’s order ultimately reauthorized the program, with more stringent conditions than the government had sought.

Sure, Bates didn’t permit NSA unrestricted access to illegally collected records. But Bates also approved what was described as an 11- to 24-fold increase in collection.

The current application, in comparison with prior dockets, seeks authority to acquire a much larger volume of metadata at a greatly expanded range of facilities, while also modifying — and in some ways relaxing — the rules governing the handling of metadata.

Best as we can tell given the redactions, Bates approved that part of the request. Aside from imposing a few more training requirements, his biggest denial pertained to some — but not all — of the Internet dragnet data the government collected since the beginning of the program.

So while it is true that Bates wrote a lot of scathing things about the conduct of the program, he also turned around and vastly expanded it.

I raise all this not to be an asshole (though it would be nice if the WSJ had issued a correction, as its author retweeted my tweeted correction). I raise it for two reasons.

First, the WSJ pitches this as “the Judge who doesn’t like FISA reform was very critical of the Administration’s performance.”

Judge Bates has been the designated spokesman for the judiciary opposing several proposed changes to the structure of the Foreign Intelligence Surveillance Court, particularly the addition of a special advocate to represent privacy interests.

By not reporting that Bates vastly expanded this program in spite of its persistent violations, WSJ wrongly pitches him as a credible judge of what makes the FISC effective, rather than as Exhibit One for why it should be abolished.

Moreover, the documents that actually were newly released the other day suggest a very different narrative for what happened between 2009 and 2010, for how Bates came to summarize the many failings of the program but expand the program.

They show, first of all, that Reggie Walton was dealing with the phone and Internet dragnets in tandem throughout; Bates had no discernible role — aside from his intervention on August 4, 2009, after Reggie Walton had already shut down part of the phone dragnet program. The documents released this week make it clear Walton, not Bates, was the fact-finder who discovered the Internet dragnet had never complied with FISC guidelines. Bates had to repeat that scathing language in his opinion, because Walton had already laid it out.

And then, after Walton shut down the Internet dragnet, at a time when NSA continued to ignore his orders, when orders were terse, things began to change.

That’s when we begin to see solicitous letters — “Let me once again thank both you and your staff for  your consideration” —  to Bates, now the decision-maker on whether or not the government could resume a program that had illegally wiretapped Americans for 5 years.

It’s that guy who capitulated to pretty talk, expanding both the Internet dragnet and the upstream 702 collection, even as he laid out how both had been illegally wiretapping Americans, who says an advocate actually speaking for privacy would ruin the FISC. That’s the narrative we should get from this recent document dump, not that Bates was in any way anything but a Bates stamp.

Walton was by no means a perfect steward of the secret court. But Bates demonstrates why it cannot and does not fulfill its function.

Internet Dragnet Timeline

/5 Comments/in /by

This timeline provides known dates for the PRTT Internet dragnet, important related dates in the phone dragnet, upstream 702 collection, and SPCMA (overseas Internet dragnet). In addition, it provides links to the documents in this release; see this post for the listing of documents.

May 6, 2004: Jack Goldsmith opinion authorizes phone dragnet but not Internet dragnet.

Before July 14, 2004: Government applies for Internet dragnet. X. Application for Pen Register/Trap and Trace Devices for Foreign Intelligence Purposes, Y. Memorandum of Law and Fact in Support of Application for Pen Registers and Trap and Trace Devices for Foreign Intelligence Purposes, Z. Declaration of General Michael V. Hayden, U.S Air Force, Director, NSA, in Support of Pen Register/Trap and Trace Application

July 14, 2004: Colleen Kollar-Kotelly approves Internet dragnet, specifies categories of metadata (Document A in 8/12 dump).

Before October 12, 2004: the government provides notice it exceeded scope included in first order, in follow-up declarations attributes overcollection to poor management (response probably includes Paul Wolfowitz, Michael Hayden, and Joel Brenner)

Around October 12, 2004: Government reapplies without some collection, promises monthly spot checks.

April 27, 2005: In briefing leading up to PATRIOT reauthorization, Alberto Gonzales makes no mention of PRTT Internet dragnet.

November 17, 2007: Executive begins (internal) approval process for contact chaining on already-collected data which will become SPCMA.

Read more

Internet Dragnet Materials, Working Thread 1

/3 Comments/in , , /by

I Con the Record just released some ridiculously overclassified Internet dragnet documents it claims shows oversight but which actually shows how they evaded oversight. I’ve added letters to ID each document (I’ll do a post rearranging them into a timeline tomorrow or soon thereafter).

For a timeline I did earlier of the Internet dragnet program see this post.

This will be the first of several working threads, starting with descriptions of what we’ve got.

8/12: Note I will be updating this as I can clarify dates and content.

So-called Judicial oversight

A. FISC Opinion and Order: This is the Kollar-Kotelly order that initially approved the dragnet on July 14, 2004. A searchable version is here.

B. FISC Primary Order: This is an Internet dragnet order signed by Reggie Walton, probably in 2008 or very early 2009. It shows that the Internet dragnet program, which was almost certainly illegal in any case, had less oversight than the phone dragnet program (though at this point also collected fewer records). It was turned over pursuant to FAA requirements on March 13, 2009.

C. FISC Primary Order: This is an Internet dragnet order probably from May 29, 2009 (as identified in document D), signed by Reggie Walton. It shows the beginning of his efforts to work through the Internet violations. It appears to have been provided to Congress on August 31, 2009.

D. FISC Order and Supplemental Order: This is a version of the joint June 22, 2009 order released on several occasions before. It shows Reggie Walton’s efforts to work through the Internet dragnet violations. Here’s one version.

E. FISC Supplemental Order: This appears to be the dragnet order shutting down dragnet production. It would date to fall 2009 (production was likely shut down in October 2009, though this might reflect the initial shut-down).

F. FISC Primary Order: I’m fairly sure this is an order from after Bates turned the Internet dragnet back on in 2010 (and is signed by him), though I will need to verify that. It does require reports on how the NSA will segregate previously violative records, which is consistent with it dating to 2011 sometime (as is the requirement that the data be XML tagged).

G. FISC Memorandum Opinion Granting in Part and Denying in Part Application to Reinitiate, in Expanded Form, Pen Register/Trap and Trace Authorization: This is the order, from sometime between July and October 2010, where John Bates turned back on and expanded the Internet dragnet. Here’s the earlier released version (though I think it is identical).

H. Declaration of NSA Chief, Special FISA Oversight and Processing, Oversight and Compliance, Signals Intelligence Directorate, the National Security Agency: This was a report Walton required in document C, above, and so would be in the May-June 2009 timeframe. Update: Likely date June 18, 2009.

I. Government’s Response to the FISC’s Supplemental Order: This is the government’s response to an order from Walton, probably in his May 29, 2009 opinion (see this order for background), or even earlier in May.Update: This response dates to June 18, 2009 or slightly before.

J. Declaration of NSA Chief, Special FISA Oversight and Processing, Oversight and Compliance, Signals Intelligence Directorate, the National Security Agency: This appears to be the declaration submitted in support of Response I and cited in several places. Update: likely date June 18, 2009.

K. Supplemental Declaration of Chief, Special FISA Oversight and Processing, Oversight and Compliance, Signals Intelligence Directorate, the National Security Agency: This appears to be the declaration that led to document C above.

L. Government’s Response to the FISC’s Supplemental Order Requesting a Corrective Declaration: This is a declaration admitting dissemination outside the rules responding to 5/29 order.

M. Government’s Response to a FISC Order: This is the government’s notice that it was using automatic queries on Internet metadata, just as it also was with the phone dragnet. This notice was provided to Congress in March 2009.

N. Declaration of Lieutenant General Keith B. Alexander, U.S. Army, Director, NSA, Concerning NSA’s Compliance with a FISC Order: After Walton demanded declarations in response to the initial phone dragnet violation, he ordered NSA to tell him whether the Internet dragnet also had the same problems. This is Keith Alexander’s declaration describing the auto scan for that program too. It was provided to Congress in March 2009.

O. Preliminary Notice of Potential Compliance Incident: This is the first notice of the categorical violations that ultimately led to the temporary shutdown of the dragnet, in advance of order E.

P. Notice of Filing: This is notice of a filing in response to inquiry from Judge Walton. It could be from any time during David Kris’ 2009 to early 2011 tenure.

Q: Government’s Application for Use of Pen Register/Trap and Trace Devices for Foreign Intelligence Purposes: This appears to be the application following Order E, above. I don’t think it’s the 2010 application that led to the reauthorization of the dragnet, because it refers to facilities whereas the 2010 order authorized even broader collection. (Remember Bates’ 2010 order said the government applied, but then withdrew, an application.) Update and correction: this application must post-date December 2009, because that’s when NSA changed retention dates from 4.5 years to 5. Also note reference to change in program and request to access illegally collected data from before 10/09.

R. Memorandum of Law and Fact in Support of Application for Pen Registers and Trap and Trace Devices for Foreign Intelligence Purposes: This appears to be the memorandum of law accompanying application Q.

S. Declaration of General Keith B. Alexander, U.S. Army, Director, NSA, in Support of Pen Register/Trap and Trace Application: This is Alexander’s declaration accompanying Q.

T. Exhibit D in Support of Pen Register/Trap and Trace Application: This is a cover letter. I’m not sure whether it references prior communications or new ones.

U. First Letter in Response to FISC Questions Concerning NSA bulk Metadata Collection Using Pen Register/Trap and Trace Devices: This is the first of several letters in support of reinitiation of the program. The tone has changed dramatically here. For that reason, and because so much of it is redacted, I think this was part of the lead-up to the 2010 reauthorization.

V. Second Letter in Response to FISC Questions concerning NSA bulk Metadata Collection Using Pen Register/Trap and Trace Devices: This second letter is entirely redacted except for the sucking up to Bates stuff.

W. Third Letter in Response to FISC Questions Concerning NSA Bulk Metadata Collection Using Pen Register/Trap and Trace Devices: More sucking up. Some language about trying to keep access to the existing illegally collected data. 

X. Application for Pen Register/Trap and Trace Devices for Foreign Intelligence Purposes: This is the first application for the Internet dragnet, from 2004. Very interesting. Note it wasn’t turned over until July 2009, after Congress was already learning of the new problems with it.

Y. Memorandum of Law and Fact in Support of Application for Pen Registers and Trap and Trace Devices for Foreign Intelligence Purposes: The memorandum of law accompanying X. Also turned over to Congress in 2009.

Z. Declaration of General Michael V. Hayden, U.S Air Force, Director, NSA, in Support of Pen Register/Trap and Trace Application: This goes with the initial application. NSA has left stuff unredacted that suggests they were access less bandwith than they, in the end, were. Also remember NSA violated this from the very beginning.

AA. Application for Use of Pen Register/Trap and Trace Devices for Foreign Intelligence PurposesThis appears to be the application for the second PRTT order. I’ll return to this tomorrow, but I don’t think it reflects the violation notice it should.

BB. Declaration of NSA Chief, Special FISA Oversight and Processing, Oversight and Compliance, Signals Intelligence Directorate: This is NSA’s declaration in conjunction with the first reapplication for the dragnet. This should have declared violations. It was turned over to Congress in March 2009. [update: these appear to be early 2009 application]

CC. Declaration Lieutenant General Keith B. Alexander, U.S. Army, Director, NSA, Concerning NSA’s Implementation of Authority to Collect Certain Metadata: This is Alexander’s declaration accompanying the End-to-End report, from sometime in fall 2009.

DD: NSA’s Pen Register Trap and Trace FISA Review Report: The end-to-end report itself. it was provided to Congress in January 2010.

EE: DOJ Report to the FISC NSA’s Program to Collect Metadata: DOJ’s accompaniment to the end-to-end report.

FF: Government’s First Letter to Judge Bates to Confirm Understanding of Issues Relating to the FISC’s Authorization to Collect Metadata: After Bates raauthorized the Internet dragnet, DOJ realized they might not be on the same page as him. Not sure if this was in the 2009 attempt or the 2010 reauthorization.

GG: Government’s Second Letter to Judge Bates to Confirm Understanding of Issues Relating to the FISC’s Authorization to Collect Metadata: A follow-up to FF.

HH: Tab 1 Declaration of NSA Chief, Special Oversight and Processing, Oversight and Compliance, Signals Intelligence: This appears to be the 90-day report referenced in document C. Update: Actually it is referenced in Document A: note the paragraphs describing the chaining that were discontinued before the dragnet approval.

II: Verified Memorandum of Law in Response to FISC Supplemental Order: This is one of the most fascinating documents of all. It’s a 2009-2011 (I think August 17, 2009, though the date stamp is unclear) document pertaining to 3 PRTT targets, relying on criminal PRTT law and a 2006 memo that might be NSA’s RAS memo (though the order itself is FBI, which makes me wonder whether it seeds the FBI program). It may have been what they used to claim that Internet content counted as metadata.

JJ: Memorandum of Law in Response to FISC Order: A September 25, 2006 response to questions from the FISC, apparently regarding whether rules from criminal pen registers apply to PATRIOT PRTT. While I think this addresses the application to Internet, I also think this language may be being used for location.

So-called Congressional oversight

KK: Government’s Motion to Unseal FISC Documents in Order to Brief Congressional Intelligence and Judiciary Committees: This is a request to unseal an order — I suspect document E — so it could be briefed to Congress.

LL:  Order Granting the Government’s Motion to Unseal FISC Documents in Order to Brief Congressional Intelligence and Judiciary Committees: Walton’s order to unseal KK for briefing purposes. 

MM: April 27, 2005 Testimony of the Attorney General and Director, FBI Before the Senate Select Committee on Intelligence: This is the 2005 testimony in which — I pointed out before — Alberto Gonzales did not brief Congress about the Internet dragnet.

So-called Internal oversight

NN: NSA IG Memo Announcing its Audit of NSA’s Controls to Comply with the FISA Court’s Order Regarding Pen Register/Trap and Trace Devices: This lays out an audit with PRTT compliance, noting that the audit also pertains to BR FISA (phone dragnet). It admits the audit was shut down when the order was not renewed. It’s unclear whether this was the 2009 or the 2011 shutdown, but the implication is it got shut down because it would not pass audit. 

OO: NSA IG Memo Suspending its Audit of NSA after the NSA’s PRTT Metadata Program Expired: the formal announcement they were shutting down the IG report. Again, it’s not clear whether this was the 2009 or the 2011 shutdown.

If you find this work valuable, please consider donating to support the work.  

Did Anthony Coppolino Fib about NSA’s New Architecture?

/17 Comments/in /by

On Tuesday, EFF told the tale of yet another government freak-out over purportedly classified information. The DOJ lawyer litigating their multiple dragnet challenges, Anthony Coppolino, accidentally uttered classified information in a hearing in June. So the government tried to take the classified information out of the transcript without admitting they did so. After Judge Jeffrey White let EFF have a say about all this, the government ultimately decided the information wasn’t classified after all. So the Court finally released the transcript.

My wildarseguess is that this is the passage in question:

Judge Bates never ultimately held that the acquisition violated the Constitution. The problem in that case was the minimization procedures were not sufficient to protect the Fourth Amendment interests of the people of the United States.

And so he ordered that they be changed, and they were changed. And he approved them. And in addition, in the process of not only approving the minimization procedures, NSA implemented new system architecture that did a better job at assuring that those communications were minimized and ultimately destroyed, which is the goal here. It’s part of the statutory framework not to collect on U.S. citizens and when you’ve incidentally done it, destroy it. [my emphasis]

According to the John Bates opinions relating to this incident, the NSA implemented a new system of ingesting this data, marking it, checking it before it gets moved into the general repository of data, and purging it if it includes entirely domestic commuincations. But does that count as new architecture? I’m not sure.

Meanwhile, the NSA has been upgrading their architecture. We learned that (among other places) in the most recent Theresa Shea declaration on NSA systems in EFF’s Jewel case. It doesn’t mention new architecture pertaining to  upstream  702, though she does discuss a more general architecture upgrade and how it affects Section 215 specifically.

Then there’s this language, addressing the NSA’s inability to filter US person data reliably, from PCLOB.

The NSA’s acquisition of MCTs is a function of the collection devices it has designed. Based on government representations, the FISC has stated that the “NSA’s upstream Internet collection devices are generally incapable of distinguishing between transactions containing only a single discrete communication to, from, or about a tasked selector and transactions containing multiple discrete communications, not all of which are to, from, or about a tasked selector.”155 While some distinction between SCTs and MCTs can be made with respect to some communications in conducting acquisition, the government has not been able to design a filter that would acquire only the single discrete communications within transactions that contain a Section 702 selector. This is due to the constant changes in the protocols used by Internet service providers and the services provided.156 If time were frozen and the NSA built the perfect filter to acquire only single, discrete communications, that filter would be out-of-date as soon as time was restarted and a protocol changed, a new service or function was offered, or a user changed his or her settings to interact with the Internet in a different way. Conducting upstream Internet acquisition will therefore continue to result in the acquisition of some communications that are unrelated to the intended targets.

The fact that the NSA acquires Internet communications through the acquisition of Internet transactions, be they SCTs or MCTs, has implications for the technical measures, such as IP filters, that the NSA employs to prevent the intentional acquisition of wholly domestic communications. With respect to SCTs, wholly domestic communications that are routed via a foreign server for any reason are susceptible to Section 702 acquisition if the SCT contains a Section 702 tasked selector.157 With respect to MCTs, wholly domestic communications also may be embedded within Internet transactions that also contain foreign communications with a Section 702 target. The NSA’s technical means for filtering domestic communications cannot currently discover and prevent the acquisition of such MCTs.158 

The footnotes in this section all cite to John Bates’ 2011 opinion (including, probably, some language that remains redacted in the public copy, such as on page 47). So we might presume it is out of date.  Except that PCLOB has done independent work on these issues and the end of the first paragraph includes language not sourced at all.

That is, PCLOB seems to think there remain technical problems with sorting out US person data, the filtering problem cannot be solved. (Which makes the ridiculous John Bates more skeptical on this point than PCLOB.)

So do the data segregation techniques implemented in 2011 amount to new architecture? Does the larger architecture upgrade going on going to affect upstream collection in some more meaningful fashion?

I don’t know. One other reason I think this might be the language is because Coppolino was — as he frequently does — running his mouth. Bates did rule the US person data collected before 2011 violated the Fourth Amendment, even if the task before him was solely to judge whether the minimization procedures before him did. More importantly, Bates was quite clear that this US person collection was intentional, not incidental.

So Coppolino was making claims about one of the practices (the PRTT collection is another) that is most likely to help EFF win their suit, upstream collection, which actually does entail domestic wiretapping of US person content. He made a claim that suggested — with the fancy word “architecture” — that NSA had made technical fixes. But PCLOB, at least, doesn’t believe they’ve gotten to the real issue.

Who knows? It’s just a guess. What’s not a guess is that Coppolino seems to recognize upstream 702 presents a real problem in this suit.

A Better Reform than USA Freedom: Get Rid of the FISA Court

/6 Comments/in /by

As he did once before, John Bates has written a letter in the guise of raising concerns about the resources of the FISA Court (though in this case, not actually raising any such concerns) to provide his — or someone else’s — policy views on Patrick Leahy’s version of USA Freedom (see Steve Vladeck’s great post arguing that this letter presents solely Bates defending the executive; though I think Vladeck misreads claimed cooperation with the Administration on Leahy’s bill for assent to it). But also as his earlier letter did, this does nothing so much as make a compelling case to eliminate the FISC.

While Bates raises legitimate concerns about whether summaries of court opinions are better than redacted versions (he would prefer the most sensitive ones remain secret) and the constitutionality of the appeals process, his chief gripe arises from the increased independence Leahy’s bill gives a special advocate.

Bates maintains that by requiring the FISC special advocate to advocate for privacy or civil liberties would not further the interests of privacy or civil liberties.

That’s because actually requiring the advocate to advocate for something would put her in an adversarial position vis-a-vis the government. And that, Bates is sure, would lead the government to withhold information from the Court.

Introducing an adversarial special advocate in FISA proceedings creates the risk that representatives of the Executive Branch — who, as noted, have a heightened duty of candor in ex parte FISA court procedings — would be reluctant to disclose to the courts particularly sensitive factual information, or information detrimental to a case, because doing so would also disclose the information to an independent adversary.

Mind you, the public record shows the government already withholds crucial information, such as how many Americans get collected under upstream collection, as well as how the government is actually using back door searches and how prevalent they are, as well as the torture from which some of their evidence introduced at FISC derives, as well as that EFF had a protection order for data that might incorporate the Section 215 program. So the notion that ex parte proceedings currently give the FISC all the information it needs is farcical.

But Bates worries that requiring the government to expose all the information about its plans to an adversary might lead the government to forgo “potentially valuable intelligence-gathering activities under FISA.” That’s an admission that some of the government’s current programs could not have withstood even the classified scrutiny of someone not positioned as a partner in implementing all the possible intelligence gather activities. The FISC has become, Bates makes clear, the government’s partner in approving every possible collection program that might be valuable.

And all of this complaint is an admission from Bates that it never intended to provide the advocate, as described under USA Freedumber, all the information she needed to do her job.

Bates had already made that complaint in his last letter. In this one, he adds a new one: that because Leahy’s USA Freedom requires the special advocate to be involved in novel cases — and actually defines what novel means — she would be involved in too many.

Section 401 would seem to apply to a potentially large number of cases. The requirement to designate a special advocate would be triggered in the first instance in any matter involving a “novel or significant interpretation of the law.” That term is defined expansively to include, among other things, matters involving the “application … of settled law to novel … circumstances.” Because nearly every application involves distinct (i.e., “novel”) facts and circumstances, Section 401 could be read as applying in a broad swath of cases.

Bates’ former colleagues disagree on this point. James Robertson and James Carr have said the vast majority of what FISC judges approve are fairly simple warrants.

Both and his colleagues, however, may be right: that is, it may well be the FISC has now gotten to the point where each application represents an expansion or a new tweak of previous approvals. I would actually be shocked if the expanding number of Section 215 orders — accompanied as they have been by FISC-imposed minimization procedures — don’t represent such an expansion.

Given Deputy Attorney General James Coles’ confirmation of Zoe Lofgren and Mark Warner’s questions about what Section 215 may be used for — including credit card data, URL searches, and location data — this morphing use of 215 now likely provides the government access programmatically to things they previously needed individualized warrants for.

Even with the opinions and applications we’ve seen — most of which pre-date the significant 2010 expansion of 215-based programs — it becomes clear the FISC judges (or at least those in DC who review the more novel applications) have become a rubber stamp for programs that far surpass the language of the law and likely conflict with other laws. With the vast expansion of dragnets starting in 2004, the FISC has become a court of reasonableness generally, not reasonableness within the letter of the law as written by Congress. The series of plaintive and laughably weak FISC opinions since the exposure of the Section 215 program underscores this: exposed as having far exceeded the law and intent of the Section 215 program, the FISC was left trying to invent the law post hoc.

Bates has, even more than his earlier letter, made it clear that he, at least, believes the FISC is and should be a partner with the Executive, providing legal cover for novel new surveillance that may not fit the intent of Congress. I’d say, too, that even in the area of individualized warrants, it has presided over the redefinition of things like “agent of foreign power,” such that confused Muslim young men become legitimate targets for invasive surveillance that can never be checked in the context of criminal proceedings.

So let’s get rid of it!

It may be the case that in 1978 traditional Title III courts couldn’t handle the secrecy required by FISC proceedings. But they can and do now, routinely. There’s no reason judges throughout the country couldn’t be asked to weigh FISC probable cause as they currently weigh criminal probable cause; and having more judges do so might stay closer to the definition of foreign power as intended by Congress, and if it doesn’t (which given the rubber stamp of magistrates, might well happen), it would be more likely to be reviewed at the appellate level.

Similarly, the courts have and are proving able to deal with new applications, as their treatment of FBI’s request for nationwide warrants to hack makes clear. But they do so in deliberative fashion, actual weighing the language of the law, rather than just secretly approving an application that pretty clearly violates Congress’ intent.

Eliminating the FISC wouldn’t fix all the problems of out-of-control surveillance. Requiring notice for EO 12333 collection is another necessary step, as is actual prosecution for violations of surveillance law. But it seems that just eliminating the FISC would be a far better fix for the problems exposed by Snowden’s leaking than USA Freedom would be.

Working Thread, PCLOB Report

/7 Comments/in /by

The pre-release PCLOB report on Section 702 is here. This will be a working thread.

PDF 16: First recommendation is to include more enunciation of foreign intel purpose. This was actually a Snowden revelation the govt poo pooed.

PDF 17: Recommends new limits on non-FI criminal use of FBI back door searches, and some better tracking of it (surprised that’s not stronger!). Also recommends new documentation for NSA, CIA back door queries.  Must mean CIA is a problem.

PDF 17: Recommends FISC get the “rules” NSA uses. That suggests there may be some differences between what the govt does and what it tells FISC it does.

PDF 17: Recommends better assessment of filtering for upstream to leave out USP data. John Bates was skeptical there wasn’t better tech too.

PDF 18: Suggestion there are more types of upstream collection than there needs to be.

PDF 27 fn 56: Notes some room in the definition of Foreign Intelligence.

PDF 30: Note how PCLOB deals with issues of scope.

PDF 34: Note the discussion of due diligence. Due diligence problems amount for about 9% of NSA violations.

PDF 34-35: This must be a response to violations reported by Risen and Lichtblau, and is probably one of the things referred to in NSA’s review of its own COINTELPRO like problems.

In a still-classified 2009 opinion, the FISC held that the judicial review requirements regarding the targeting and minimization procedures required that the FISC be fully informed of every incident of noncompliance with those procedures. In the 2009 opinion, the court analyzed whether several errors in applying the targeting and minimization procedures that had been reported to the court undermined either the court’s statutory or constitutional analysis. (The court concluded that they did not.)

PDF 39: NSA gets all PRISM collection, and it goes from there to CIA and FBI. CIA and FBI get only PRISM data.

PDF 42: Another FISC opinion to be released.

In a still-classified September 2008 opinion, the FISC agreed with the government’s conclusion that the government’s target when it acquires an “about” communication is not the sender or recipients of the communication, regarding whom the government may know nothing, but instead the targeted user of the Section 702–tasked selector.

PDF 43: This sounds like a lot of about collection is of forwarded emails.

There are technical reasons why “about” collection is necessary to acquire even some communications that are “to” and “from” a tasked selector. In addition, some types of “about” communications actually involve Internet activity of the targeted person.138 The NSA cannot, however, distinguish in an automated fashion between “about” communications that involve the activity of the target from communications that, for instance, merely contain an email address in the body of an email between two non-targets.139 

PDF 45: I’ll have to check but some of these cites to Bates may be to still redacted sections.

[Headed to bed–will finish my read in the AM]

PDF 47: One thing PCLOB doesn’t explain is if the FBI and CIA targeting takes place at NSA or at those agencies. In the past, it had been the former.

PDF 49: .4% o f targeting ends up getting an American.

PDF 55: NSA shares technical data for collection avoidance purposes. This sounds like the defeat list in the phone dragnet, and like that, seems tailored not just for protecting USPs generally, but sensitive communications (like those of MoCs) more specifically.

PDF 57: This was implicit in some of the docs released by Snowden, but the govt now tags Section 702 data, as they do Section 215, so as to ensure it gets the heightened treatment provided by the law.

Read more

In Advance of PCLOB, WaPo Busts ODNI’s Limited Hang Out on Certifications

/3 Comments/in , , /by

Earlier today, I got to tell the journalists who have long ignored that the FBI does back door searches — or even suggested I was guessing that they do, when it appeared in multiple public documents — that I had been telling them so for a long time.

But today I also have to admit I got suckered by a year-long Director of National Intelligence effort at a limited hangout. That effort was, I’m convinced, designed to hide that the Section 702 program is far broader than government witnesses wanted to publicly admit it was. Nevertheless, I was wrong about a supposition I had believed until about 2 months ago.

Since the first days after the Snowden leaks, the government has suggested it had 3 certificates under Section 702, covering counterterrorism, counterproliferation, and cybersecurity.  But — as the WaPo reports (as with the ODNI back door search numbers, in convenient timing that conveniently preempts the PCLOB report) — that’ s not the case. The NSA has a certificate that covers every foreign government except the other 4 members of the 5 Eyes (UK, Canada, New Zealand, and Australia), as well as various foreign organizations like OPEC, the European Central Bank, and various Bolivarist groups.

For an entire year, the government has been suggesting that is not the case. I even believed them, the one thing I know of where I got utterly suckered. I was wrong.

Frankly, this certification should not be a surprise. It is solidly within the letter of the law, which permits collection on any agent of a foreign power. From the very first PRISM revelations, which showed collection on Venezuela, it was clear NSA collected broadly, including on Bolivarist governments and energy organizations.

But consistently over the last year, the NSA has suggested it only had certifications for CT, CP, and cyber.

On June 8 of last year, for example, ODNI listed 3 Section 702 successes.

  • Communications collected under Section 702 have provided the Intelligence Community insight into terrorist networks and plans. For example, the Intelligence Community acquired information on a terrorist organization’s strategic planning efforts.
  • Communications collected under Section 702 have yielded intelligence regarding proliferation networks and have directly and significantly contributed to successful operations to impede the proliferation of weapons of mass destruction and related technologies.
  • Communications collected under Section 702 have provided significant and unique intelligence regarding potential cyber threats to the United States including specific potential computer network attacks. This insight has led to successful efforts to mitigate these threats

The October 3, 2011 John Bates opinion, released in October, made it clear there were just 3 certificates at that point.

3 certificates

 

 

(Though note the Semiannual Compliance Review released last year looked to be consistent with at least one more certificate.)

The President’s Review Group emphasized the categorical nature of certificates, and in its second discussion thereof named those same three categories.

[S]ection 702 authorized the FISC to approve annual certifications submitted by the Attorney General and the Director of National Intelligence (DNI) that identify certain categories of foreign intelligence targets whose communications may be collected, subject to FISC-approved targeting and minimization procedures. The categories of targets specified by these certifications typically consist of, for example, international terrorists and individuals involved in the proliferation of weapons of mass destruction.

[snip]

Section 702 requires that NSA’s certifications attest that a “significant purpose” of any acquisition is to obtain foreign intelligence information (i.e. directed at international terrorism, nuclear proliferation, or hostile cyber activities), that it does not intentionally target a United States person, that it does not intentionally target any person known at the time of acquisition to be in the United States, that it does not target any person outside the United States for the purpose of targeting a person inside the United States, and that it meets the requirements of the Fourth Amendment.

And in March testimony before PCLOB, NSA General Counsel Raj De suggested those same three topics.

But beyond that there has to be a valid foreign intelligence reason within the ambit of one of those certifications that the FISC approves annually. Those are certifications on things like counterterrorism, encountering WMDs, for example, weapons of mass destruction.

Most recently, former DOJ official Carrie Cordero — who has been involved in this whole certification process — claimed in the CATO debate we’ve been engaged in “they are not so broad that they cover any and everything that might be foreign intelligence information.”

And yet, there’s a foreign intelligence certificate that covers any and everything that might be foreign intelligence information, a certificate that destroys the whole point of having certificates (though if there’s a cyber one, I suspect it has its own problems, in that it permits domestic collection).

Lots of people are claiming WaPo’s latest is no big deal, because of course the NSA spies on foreign government’s. They’re right, to a point. Except that the government has been strongly implying, since day one, that Section 702 was narrowly deployed, not available to use against all but our 4 closest spying allies.

PCLOB is surely about to make it clear that’s not the case. And voila! All of a sudden it becomes clear the government has been misleading when it claimed this was narrowly deployed.

Riley Meets the Dragnet: Does “Inspection” amount to “Rummaging”?

/1 Comment/in , /by

It’s clear today’s decision in Riley v. California will be important in the criminal justice context. What’s less clear is its impact for national security dragnets.

To answer the question, though, we should remember that question really amounts to several. Does it affect the existing phone dragnet, which aspires to collect the phone records of every person in the US? Does it affect the government’s process of collecting massive amounts of data from which to cull an individual’s data to make up a “fingerprint” that can be used for targeting and other purposes? Will it affect the program the government plans to implement under USA Freedumber, in which the telecoms perform connection-based chaining for the NSA, and then return Call Detail Records as results? Does it affect Section 702? I think the answer may be different for each of these, though I think John Roberts’ language is dangerous for all of this.

In any case, Roberts wants it to be unclear. This footnote, especially, claims this opinion does not implicate cases — governed by the Third Party doctrine — where the collection of data is not considered a search.

1Because the United States and California agree that these cases involve searches incident to arrest, these cases do not implicate the question whether the collection or inspection of aggregated digital information amounts to a search under other circumstances.

Orin Kerr reads this as addressing the mosaic theory directly — which holds that a Fourth Amendment review must consider the entirety of the government collection — (and he is the expert, after all). Though I’m not impressed with his claim that the analogue language Roberts uses directly addresses the mosaic theory; Kerr seems to be arguing that because Roberts finds another argument unwieldy, he must be addressing the theory that Kerr himself finds unwieldy. Moreover, in addition to  this section, which Kerr says supports the Mosaic theory,

An Internet search and browsing history, for example, can be found on an Internet-enabled phone and could reveal an individual’s private interests or concerns—perhaps a search for certain symptoms of disease, coupled with frequent visits to WebMD. Data on a cell phone can also reveal where a person has been. Historic location information is a stand-ard feature on many smart phones and can reconstruct someone’s specific movements down to the minute, not only around town but also within a particular building. See United States v. Jones, 565 U. S. ___, ___ (2012) (SOTOMAYOR, J., concurring) (slip op., at 3) (“GPS monitoring generates a precise, comprehensive record of a person’s public movements that reflects a wealth of detail about her familial, political, professional, religious, and sexual associations.”).

I think the paragraph below it also supports the Mosaic theory — particularly its reference to a “revealing montage of the user’s life.”

Mobile application software on a cell phone, or “apps,” offer a range of tools for managing detailed information about all aspects of a person’s life. There are apps for Democratic Party news and Republican Party news; apps for alcohol, drug, and gambling addictions; apps for sharing prayer requests; apps for tracking pregnancy symptoms; apps for planning your budget; apps for every conceivable hobby or pastime; apps for improving your romantic life. There are popular apps for buying or selling just about anything, and the records of such transactions may be accessible on the phone indefinitely. There are over a million apps available in each of the two major app stores; the phrase “there’s an app for that” is now part of the popular lexicon. The average smart phone user has installed 33 apps, which together can form a revealing montage of the user’s life.

I’d argue that the opinion as a whole endorses the notion that you need to assess the totality of the surveillance in question. But then the footnote adopts the awkward phrase, “collection or inspection of aggregated digital information,” to suggest there may be some arrangement under which the conduct of such analysis might not constitute a search requiring a higher standard. (And all that still leaves the likely possibility that the government would scream “special need” and get an exception to get the data anyway; as they surely will do to justify ongoing border searches of computers.)

Of crucial importance, then, Roberts seems to be saying that it might be okay to conduct mosaic analysis, depending on where you get the data and/or whether you actually obtain or instead simply inspect the data.

That’s crucial, of course, because the government is, as we speak, replacing a phone dragnet in which it collects all the data from everyone and analyzes it (or rather, claims to only access only a minuscule portion of it, claiming to do so only through phone-based contacts) with one where it will go to “inspect” the data at telecoms.

So Roberts seems to have left himself an out (or included language designed to placate even Democrats like Stephen Breyer, to say nothing of Clarence Thomas, to achieve unanimity) that happens to line up nicely with where the phone dragnet, at least, is heading.

All that said, Robert’s caveat may not be broad enough to cover the new-and-improved phone dragnet as the government plans to implement it. After all, the “connection” based analysis the government intends to do may only survive via some kind of argument that letting telecoms serve as surrogate spooks makes this kosher under the Fourth Amendment. Because we have every reason to expect that the NSA intends to — at least — tie multiple online and telecom identities together to chain on all of them, and use cell location to track who you meet. And they may well (likely, if not now, then eventually) intend to use things like calendars and address books that Roberts argues makes cell phones not cell phones, but minicomputers that serve as “cameras,video players, rolodexes, calendars, tape recorders, libraries, diaries, albums, televisions, maps, or newspapers.” Every single one of those minicomputer functions is a potential “connection” based chain.

So while the new-and-improved phone dragnet may fall under Roberts’ “inspect” language, it involves far more yoking of the many functions of cell phones that Roberts finds to be problematic.

Then there’s this passage, that Roberts used to deny the government the ability to “just” get call logs.

We also reject the United States’ final suggestion that officers should always be able to search a phone’s call log,as they did in Wurie’s case. The Government relies on Smith v. Maryland, 442 U. S. 735 (1979), which held that no warrant was required to use a pen register at telephone company premises to identify numbers dialed by a particular caller. The Court in that case, however, concluded that the use of a pen register was not a “search” at all under the Fourth Amendment. See id., at 745–746. There is no dispute here that the officers engaged in a search of Wurie’s cell phone. Moreover, call logs typically contain more than just phone numbers; they include any identifying information that an individual might add, such as the label “my house” in Wurie’s case. [my emphasis]

The first part of this passage makes a similar kind of distinction as you see in that footnote (and may support my suspicion that Roberts is trying to carve out space for the new-and-improved phone dragnet). Using a pen register at a telecom is not a search, because it doesn’t involve seizing the phone itself.

But the second part of this passage — which distinguishes between pen registers and call logs — seems to be the most direct assault on the Third Party doctrine in this opinion, because it suggests that data that has been enhanced by a user — phone numbers that are not just phone numbers — may not fall squarely under Smith v. Maryland.

And that’s important because the government intends to get far more data than phone numbers while at the telecoms under the new-and-improved phone dragnet. It surely at least aspires to get logs just like the one Roberts says the cops couldn’t get from Wurie.

Think, too, of how this should limit all the US person data the government collects overseas that the government then aggregates to make fingerprints, claiming incidentally collected data does not require any legal process. That data is seized not from telecoms but rather stolen off cables — does that count as public collection or seizure?

Perhaps the language that presents the most sweeping danger to the dragnet, however, is the line that both Kerr and I like best from the opinion.

Alternatively, the Government proposes that law enforcement agencies “develop protocols to address” concerns raised by cloud computing. Reply Brief in No. 13–212, pp. 14–15. Probably a good idea, but the Founders did not fight a revolution to gain the right to government agency protocols.

Admittedly, Roberts is addressing a specific issue, the government’s proposal of how to protect personal data stored on a cloud that might be accessed from a phone (as if the government gives a shit about such things!).

But the underlying principle is critical. For every single dragnet program the government conducts at NSA, it dismisses obvious Fourth Amendment concerns by pointing to minimization procedures.

The FISC allowed the government to conduct the phone dragnet because it had purportedly strict minimization procedures (which the government ignored); it allowed the government to conduct an Internet dragnet for the same reason; John Bates permitted the government to address domestic content collection he deemed a violation of the Fourth Amendment with new minimization procedures; and the 2008 FISCR opinion approving the Protect America Act (which FISCR and the government say covers FAA as well) relied on targeting and minimization procedures to judge it compliant with the Fourth Amendment. FISC is also increasingly using minimization procedures to deem other Section 215 collections compliant with the law, though we know almost nothing about what they’re collecting (though it’s almost certain they involve Mosaic collection).

Everything, everything, ev-er-y-thing the NSA does these days complies with the Fourth Amendment only under the theory that minimization procedures — “government agency protocols” — provide adequate protection under the Fourth Amendment.

It will take a lot of work, in cases in which the government will likely deny anyone has standing, with SCOTUS’ help, to make this argument. But John Roberts said today that the government agency protocols that have become the sole guardians of the Fourth Amendment are not actually what our Founders were thinking of.

Ultimately, though, this passage may be Roberts’ strongest condemnation — whether he means it or not — of the current dragnet.

Our cases have recognized that the Fourth Amendment was the founding generation’s response to the reviled “general warrants” and “writs of assistance” of the colonial era, which allowed British officers to rummage through homes in an unrestrained search for evidence of criminal activity. Opposition to such searches was in fact one of the driving forces behind the Revolution itself.

Roberts elsewhere says that cell searches are more intrusive than home searches. And by stealing and aggregating that data that originates on our cell phones, the government is indeed rummaging in unrestrained searches for evidence of criminal activity or dissidence. Roberts likely doesn’t imagine this language applies to the NSA (in part because NSA has downplayed what it is doing). But if anyone ever gets an opportunity to demonstrate all that NSA does to the Court, it will have to invent some hoops to deem it anything but digital rummaging.

I strongly suspect Roberts believes the government “inspects” rather than “rummages,” and so believes his opinion won’t affect the government’s ability to rummage, at least at the telecoms.  But a great deal of the language in this opinion raises big problems with the dragnets.