Michael Hayden

1 2 3 8

Missing from the EO 12333 Discussion: Its Classified Annex Michael Hayden Revised on March 11, 2004

NSA Authorities TimelineI recommend this ArsTechnica background piece on EO 12333. It describes how Ronnie Reagan issued EO 12333 to loosen the intelligence rules imposed by Jimmy Carter (with links to key historical documents). It includes interviews with the NSA whistleblowers describing how George Bush authorized the collection of telecom data from circuits focused on the US under the guise of EO 12333, calling the bulk of the US person data collected “incidental.” And it describes how Bush and Obama have continued using EO 12333 as a loophole to obtain US person data.

But there’s a key part of the story Ars misses, which I started to lay out here. As this graphic notes, the NSA is governed by a set of interlocking authorities and laws. The precedence of those authorities and laws is not terribly clear — and NSA’s own training programs don’t make them any more clear. Bush’s revision to EO 12333 played on that interlocking confusion.

Perhaps most alarming, however, the NSA continued to use a classified annex to EO 123333 written by Michael Hayden the day he reauthorized the illegal wiretap program at least until recent years — and possibly still. And that classified annex asserts an authority to wiretap Americans on the Attorney General’s authorization for periods of up to 90 days, and wiretap “about” collection based solely on NSA Director authority.

Among the documents released to ACLU and EFF via FOIA was an undated “Core Intelligence Oversight Training” program that consists of nothing more than printouts of the authorities governing NSA activities (as I noted in this post, with one exception, the NSA training programs we’ve seen are unbelievably horrible from a training efficacy standpoint). It includes, in part, EO 12333, DOD 5240.1-R, and NSA/CSS Policy 1-23 (that is, several of the authorities NSA considers among its signature authorities). As part of a 2009 issuance of the latter document (starting on page 110), the training documents also include the classified annex to EO 12333 (starting on page 118). And although both documents are part of that 2009 issuance (which incorporated language reflecting the FISA Amendments Act), they are dated March 11, 2004 — the day after the hospital confrontation, when the Bush Administration continued its illegal wiretap program without DOJ sanction — and signed by then DIRNSA Michael Hayden.

That is, as part of the FOIA response to ACLU and EFF, DOJ revealed how it was secretly applying EO 12333 at least as recently as 2009.

And that secret application of EO 12333 includes two provisions that illustrate how the government was abusing EO 12333, even in the face of revisions to FISA. They include provisions permitting the wiretapping of Americans for 90-day periods based on AG certification, and the wiretapping of “about” communications for apparently unlimited periods based on DIRNSA certification. (see page 123)

Continue reading

Working Thread, Internet Dragnet 4: Later 2009 Documents

The early focus on the dragnet violations was on the phone dragnet. At the end of March, however, DOJ started preparing to look more closely at the PRTT program in late April 2009, which may be why some of the following violations got disclosed to Reggie Walton in conjunction with a May reauthorization application. The CIA, FBI, and NCTC access to the PRTT seems to have been a bigger issue than the BR  FISA data.

All that said, when the NSA completed its End-to-End report sometime in fall 2009, they didn’t report all that much beyond the violations noted in May (though they did note the NSA did not shut down some automatic process when it said it did), mostly by claiming they didn’t realize the original dragnet order meant what it said (in spite of the violation in the first dragnet order).

It was only after that that they noticed FISC NSA had been collecting content from the start of the program (see document O). Once they admitted that, NSA decided not to reapply for a Primary Order, and Reggie Walton issued a supplemental order (document E) ordering them not to collect any more, but also not to access the data they did have. Only after that did DOJ submit the End-to-End report, accompanied by DOJ and Keith Alexander reports that admitted the content violation.

See also Working Thread 1, Working Thread 2, Working Thread 3, and Internet Dragnet Timeline. No one else is doing this tedious work; if you find it useful, please support it.

Continue reading

Internet Dragnet Materials, Working Thread 1

I Con the Record just released some ridiculously overclassified Internet dragnet documents it claims shows oversight but which actually shows how they evaded oversight. I’ve added letters to ID each document (I’ll do a post rearranging them into a timeline tomorrow or soon thereafter).

For a timeline I did earlier of the Internet dragnet program see this post.

This will be the first of several working threads, starting with descriptions of what we’ve got.

8/12: Note I will be updating this as I can clarify dates and content.

So-called Judicial oversight

A. FISC Opinion and Order: This is the Kollar-Kotelly order that initially approved the dragnet on July 14, 2004. A searchable version is here.

B. FISC Primary Order: This is an Internet dragnet order signed by Reggie Walton, probably in 2008 or very early 2009. It shows that the Internet dragnet program, which was almost certainly illegal in any case, had less oversight than the phone dragnet program (though at this point also collected fewer records). It was turned over pursuant to FAA requirements on March 13, 2009.

C. FISC Primary Order: This is an Internet dragnet order probably from May 29, 2009 (as identified in document D), signed by Reggie Walton. It shows the beginning of his efforts to work through the Internet violations. It appears to have been provided to Congress on August 31, 2009.

D. FISC Order and Supplemental Order: This is a version of the joint June 22, 2009 order released on several occasions before. It shows Reggie Walton’s efforts to work through the Internet dragnet violations. Here’s one version.

E. FISC Supplemental Order: This appears to be the dragnet order shutting down dragnet production. It would date to fall 2009 (production was likely shut down in October 2009, though this might reflect the initial shut-down).

F. FISC Primary Order: I’m fairly sure this is an order from after Bates turned the Internet dragnet back on in 2010 (and is signed by him), though I will need to verify that. It does require reports on how the NSA will segregate previously violative records, which is consistent with it dating to 2011 sometime (as is the requirement that the data be XML tagged).

G. FISC Memorandum Opinion Granting in Part and Denying in Part Application to Reinitiate, in Expanded Form, Pen Register/Trap and Trace Authorization: This is the order, from sometime between July and October 2010, where John Bates turned back on and expanded the Internet dragnet. Here’s the earlier released version (though I think it is identical).

H. Declaration of NSA Chief, Special FISA Oversight and Processing, Oversight and Compliance, Signals Intelligence Directorate, the National Security Agency: This was a report Walton required in document C, above, and so would be in the May-June 2009 timeframe. Update: Likely date June 18, 2009.

I. Government’s Response to the FISC’s Supplemental Order: This is the government’s response to an order from Walton, probably in his May 29, 2009 opinion (see this order for background), or even earlier in May.Update: This response dates to June 18, 2009 or slightly before.

J. Declaration of NSA Chief, Special FISA Oversight and Processing, Oversight and Compliance, Signals Intelligence Directorate, the National Security Agency: This appears to be the declaration submitted in support of Response I and cited in several places. Update: likely date June 18, 2009.

K. Supplemental Declaration of Chief, Special FISA Oversight and Processing, Oversight and Compliance, Signals Intelligence Directorate, the National Security Agency: This appears to be the declaration that led to document C above.

L. Government’s Response to the FISC’s Supplemental Order Requesting a Corrective Declaration: This is a declaration admitting dissemination outside the rules responding to 5/29 order.

M. Government’s Response to a FISC Order: This is the government’s notice that it was using automatic queries on Internet metadata, just as it also was with the phone dragnet. This notice was provided to Congress in March 2009.

N. Declaration of Lieutenant General Keith B. Alexander, U.S. Army, Director, NSA, Concerning NSA’s Compliance with a FISC Order: After Walton demanded declarations in response to the initial phone dragnet violation, he ordered NSA to tell him whether the Internet dragnet also had the same problems. This is Keith Alexander’s declaration describing the auto scan for that program too. It was provided to Congress in March 2009.

O. Preliminary Notice of Potential Compliance Incident: This is the first notice of the categorical violations that ultimately led to the temporary shutdown of the dragnet, in advance of order E.

P. Notice of Filing: This is notice of a filing in response to inquiry from Judge Walton. It could be from any time during David Kris’ 2009 to early 2011 tenure.

Q: Government’s Application for Use of Pen Register/Trap and Trace Devices for Foreign Intelligence Purposes: This appears to be the application following Order E, above. I don’t think it’s the 2010 application that led to the reauthorization of the dragnet, because it refers to facilities whereas the 2010 order authorized even broader collection. (Remember Bates’ 2010 order said the government applied, but then withdrew, an application.) Update and correction: this application must post-date December 2009, because that’s when NSA changed retention dates from 4.5 years to 5. Also note reference to change in program and request to access illegally collected data from before 10/09.

R. Memorandum of Law and Fact in Support of Application for Pen Registers and Trap and Trace Devices for Foreign Intelligence Purposes: This appears to be the memorandum of law accompanying application Q.

S. Declaration of General Keith B. Alexander, U.S. Army, Director, NSA, in Support of Pen Register/Trap and Trace Application: This is Alexander’s declaration accompanying Q.

T. Exhibit D in Support of Pen Register/Trap and Trace Application: This is a cover letter. I’m not sure whether it references prior communications or new ones.

U. First Letter in Response to FISC Questions Concerning NSA bulk Metadata Collection Using Pen Register/Trap and Trace Devices: This is the first of several letters in support of reinitiation of the program. The tone has changed dramatically here. For that reason, and because so much of it is redacted, I think this was part of the lead-up to the 2010 reauthorization.

V. Second Letter in Response to FISC Questions concerning NSA bulk Metadata Collection Using Pen Register/Trap and Trace Devices: This second letter is entirely redacted except for the sucking up to Bates stuff.

W. Third Letter in Response to FISC Questions Concerning NSA Bulk Metadata Collection Using Pen Register/Trap and Trace Devices: More sucking up. Some language about trying to keep access to the existing illegally collected data. 

X. Application for Pen Register/Trap and Trace Devices for Foreign Intelligence Purposes: This is the first application for the Internet dragnet, from 2004. Very interesting. Note it wasn’t turned over until July 2009, after Congress was already learning of the new problems with it.

Y. Memorandum of Law and Fact in Support of Application for Pen Registers and Trap and Trace Devices for Foreign Intelligence Purposes: The memorandum of law accompanying X. Also turned over to Congress in 2009.

Z. Declaration of General Michael V. Hayden, U.S Air Force, Director, NSA, in Support of Pen Register/Trap and Trace Application: This goes with the initial application. NSA has left stuff unredacted that suggests they were access less bandwith than they, in the end, were. Also remember NSA violated this from the very beginning.

AA. Application for Use of Pen Register/Trap and Trace Devices for Foreign Intelligence PurposesThis appears to be the application for the second PRTT order. I’ll return to this tomorrow, but I don’t think it reflects the violation notice it should.

BB. Declaration of NSA Chief, Special FISA Oversight and Processing, Oversight and Compliance, Signals Intelligence Directorate: This is NSA’s declaration in conjunction with the first reapplication for the dragnet. This should have declared violations. It was turned over to Congress in March 2009. [update: these appear to be early 2009 application]

CC. Declaration Lieutenant General Keith B. Alexander, U.S. Army, Director, NSA, Concerning NSA’s Implementation of Authority to Collect Certain Metadata: This is Alexander’s declaration accompanying the End-to-End report, from sometime in fall 2009.

DD: NSA’s Pen Register Trap and Trace FISA Review Report: The end-to-end report itself. it was provided to Congress in January 2010.

EE: DOJ Report to the FISC NSA’s Program to Collect Metadata: DOJ’s accompaniment to the end-to-end report.

FF: Government’s First Letter to Judge Bates to Confirm Understanding of Issues Relating to the FISC’s Authorization to Collect Metadata: After Bates raauthorized the Internet dragnet, DOJ realized they might not be on the same page as him. Not sure if this was in the 2009 attempt or the 2010 reauthorization.

GG: Government’s Second Letter to Judge Bates to Confirm Understanding of Issues Relating to the FISC’s Authorization to Collect Metadata: A follow-up to FF.

HH: Tab 1 Declaration of NSA Chief, Special Oversight and Processing, Oversight and Compliance, Signals Intelligence: This appears to be the 90-day report referenced in document C. Update: Actually it is referenced in Document A: note the paragraphs describing the chaining that were discontinued before the dragnet approval.

II: Verified Memorandum of Law in Response to FISC Supplemental Order: This is one of the most fascinating documents of all. It’s a 2009-2011 (I think August 17, 2009, though the date stamp is unclear) document pertaining to 3 PRTT targets, relying on criminal PRTT law and a 2006 memo that might be NSA’s RAS memo (though the order itself is FBI, which makes me wonder whether it seeds the FBI program). It may have been what they used to claim that Internet content counted as metadata.

JJ: Memorandum of Law in Response to FISC Order: A September 25, 2006 response to questions from the FISC, apparently regarding whether rules from criminal pen registers apply to PATRIOT PRTT. While I think this addresses the application to Internet, I also think this language may be being used for location.

So-called Congressional oversight

KK: Government’s Motion to Unseal FISC Documents in Order to Brief Congressional Intelligence and Judiciary Committees: This is a request to unseal an order — I suspect document E — so it could be briefed to Congress.

LL:  Order Granting the Government’s Motion to Unseal FISC Documents in Order to Brief Congressional Intelligence and Judiciary Committees: Walton’s order to unseal KK for briefing purposes. 

MM: April 27, 2005 Testimony of the Attorney General and Director, FBI Before the Senate Select Committee on Intelligence: This is the 2005 testimony in which – I pointed out before — Alberto Gonzales did not brief Congress about the Internet dragnet.

So-called Internal oversight

NN: NSA IG Memo Announcing its Audit of NSA’s Controls to Comply with the FISA Court’s Order Regarding Pen Register/Trap and Trace Devices: This lays out an audit with PRTT compliance, noting that the audit also pertains to BR FISA (phone dragnet). It admits the audit was shut down when the order was not renewed. It’s unclear whether this was the 2009 or the 2011 shutdown, but the implication is it got shut down because it would not pass audit. 

OO: NSA IG Memo Suspending its Audit of NSA after the NSA’s PRTT Metadata Program Expired: the formal announcement they were shutting down the IG report. Again, it’s not clear whether this was the 2009 or the 2011 shutdown.

If you find this work valuable, please consider donating to support the work.  

Say, Why Should Mikey Hayden Get a Say on Torture that Purportedly Preceded Him?

My favorite call for John Brennan’s head thus far comes from Fred Fleitz, who helped John Bolton sex up WMD claims leading into the Iraq War.  He says John Brennan has to resign not just to shore up CIA’s relations with Congress, but also NSA’s.

I believe CIA director John Brennan and agency officials involved in the monitoring of computers used by the SSCI staff must resign to help mend the CIA’s relationship with Congress. Such resignations would go a long way toward restoring the confidence of the SSCI in the CIA and, it is to be hoped, would win the agency and the National Security Agency some crucial allies in both houses of Congress to fend off several ill-advised intelligence-reform proposals currently under discussion there.

But that’s not my favorite part. Nor is where this “intelligence” professional says a report voted out with support from John McCain (in the first vote) and Susan Collins (in the second) is a Democratic vote. Nor is the bit where Fleitz claims the program was properly briefed, which it wasn’t.

My favorite part is Fleitz’ conflicting claims about Michael Hayden.

The main focus of the SSCI probe reportedly is to prove Democratic claims that the effectiveness of the enhanced-interrogation program has been exaggerated. Former CIA director Michael Hayden and other former senior CIA officials involved in the enhanced-interrogation program dispute this. According to Hayden, as late as 2006 fully half of the government’s knowledge about the structure and activities of al-Qaeda came from harsh interrogations.

Despite their firsthand knowledge of the enhanced-interrogation program, there is no input in the SSCI report from Hayden, former CIA general counsel John Rizzo, or other CIA officials, since the report is based solely on an examination of documents.

Assertion 1) Michael Hayden claims half of the government’s knowledge about al Qaeda came from torture, meaning no more than half came from the illegal torture he was conducting at the time over at NSA (and also meaning that relatively more intelligence has come in from SIGINT since Hayden left).

Assertion 2) Michael Hayden, whose entire CIA tenure post-dated the Detainee Treatment Act that made the torture program illegal, should have some say in a torture report.

Maybe Hayden was spying on the CIA while he was in charge of NSA. Or maybe (ok, in fact) Hayden continued torture after such time as Congress made it doubly illegal.

But in the same way that Cofer Black should not need to have a say in torture if the CIA’s false narrative were not false, Michael Hayden shouldn’t either.

Man, as much as this report is demonstrating how much CIA lies and how useless their torture program was, it also demonstrates the misnomer of the whole “intelligence” label.

Snowden: “A Classified Executive Order”

NSA Authorities TimelineYesterday, I noted that the subject of Edward Snowden’s emailed question to NSA’s Office of General Counsel pertained to one of the under-reported themes of his leaks, the way NSA uses EO 12333 to collect data on Americans that either clearly was or might have been covered by stricter laws passed by Congress. I also noted how unbelievably shitty the NSA training programs released to ACLU and EFF are, particularly the way seemingly outdated documents that remain in effect appear to allow spying on Americans prohibited by statute.

I’d like to return to the precise language Snowden used to refer to this email exchange (and a thus-far unreleased exchange he claims to have had with NSA’s Compliance folks).

Today’s release is incomplete, and does not include my correspondence with the Signals Intelligence Directorate’s Office of Compliance, which believed that a classified executive order could take precedence over an act of Congress, contradicting what was just published. 

I suggested yesterday that this was likely a conflict over whether EO 12333 superseded laws passed by Congress, including but not limited to FISA.

But note: Snowden says he asked about a “classified” EO.

EO 12333 is unclassified.

So there are two possibilities. First, that there’s a classified EO — one that remains classified  – that we don’t know about, one Congress may not even be fully cognizant of (on the premise that this EO supersedes the law).

That’s possible. But EO 12333 is the only EO referenced in USSID 18′s list of references.

USSID 18 References

The other possibility is far more interesting.

As I noted, the documents laying out the core regulations governing NSA conflict badly, largely because many of the documents are very dated, and have been (or should have been) superseded by recent laws (like the FISA Amendments Act) and court decisions (like John Bates’ 2011 ruling on upstream collection).

Of particular interest is NSA/CSS Policy 1-23 (starting at PDF 110). That policy is interesting, first of all, because it was first issued on March 11, 2004 by Michael Hayden. That is, this policy dates to the very day when Michael Hayden agreed to continue the illegal wiretap program even as half of DOJ threatened to quit.

The policy was updated twice, once to make what were considered minor adjustments in policy in 2007, and once in 2009 to incorporate FISA Amendments Act changes. Thus, the policy at least purports to fully incorporate FAA. The 2009 reissue — and its classified annex — is considered among the signature authorizing milestones according to a timeline leaked by Snowden, above, and the only one that mentions a classified annex.

But — as I noted yesterday — the policy still relies on (and incorporates) a classified annex to EO 12333 that was written in 1988 (though the document itself bears the March 11, 2004 date). Continue reading

NSA Collection: Show Me the $$

As part of its superb piece on NSA spying on Tuesday, Frontline included interviews with key sources. In my opinion, the most enlightening was that with former HPSCI staffer Diane Roark, so you should read that entire interview (especially her comments on NSA at 9/11).

Both she and Tom Drake mention a part of the illegal NSA program that has been largely forgotten: the financial records. Here’s Roark’s non-denial.

And from what you knew at that point, what type of information was taken, and how pervasive was the collection?

It is now quite obvious, since the Snowden revelations, that the program grew progressively over time. Initially, I knew that it involved a lot of broad domestic surveillance, bulk collection, domestically. And I knew that it involved emails, landlines, regular house phones, cell phones. I also knew that they had branched out into non-communications data.

Which is what, bank records? 

I’m not really — they have not acknowledged that. All I can tell you is that when I met the second time with Gen. Hayden in July, I said to him that it appeared the program was expanding, not only in number of servers, but also that two new data categories had recently been added, and he nodded to confirm that. I knew that one of those data programs was not communications data. …

And other commentators have made allusions to other personal data that may be collected. Of course, we all know that transportation data, airline data is connected. We know that international banking data is collected; that has been acknowledged. But there have been allusions to other items, too, by people hypothetically, such as credit, medical, banking and so on.

And here’s Drake’s more explicit mention of it.

You watched the president [George W. Bush] come out and say this is a valuable program; one side of the communications has to be outside; we’re following terrorists; this has prevented attacks on our country. The vice president [Dick Cheney] attacks the Times for publishing. You’re watching this, and you know what’s going on inside. What are you thinking?

This actually was part of the triggering event for me in which increasingly I knew I was going to have to touch the third rail, back to your earlier question. I realized that they were lying, that they were desperate to protect the domestic surveillance program. And so they could use the excuse, although it was still in violation of FISA, that as long as one link somehow was tied to a suspected terrorist, that justified collecting or targeting the link that was in the United States proper.

That was just the tip of the iceberg. The far larger program was the dragnet surveillance, the vast bulk copy of millions and millions of phone records, email records, Internet usage and financial transactional and credit card information.

Since the Snowden leaks started we’ve heard almost nothing about this. There have been the two stories about the CIA collecting Western Union records with at least one end foreign. There is the 2010 Section 215 order tied to an allegedly specific investigation, which must long post-date the CIA-related orders.

What happened to this collection? Is it the April 2, 2004 modification we have never learned about? Is it the second secret Section 215 appendix included in Glenn Fine’s 2008 report? Have they been accomplishing this via NSLs, or perhaps only recently moved it to Section 215? I have suggested in the past that for domestic records, FBI would be the likely lead … is that right?

The financial records collection has, outside of Shane Harris’ book (on TIA), completely disappeared.

But it must be under a new shell somewhere.

“Facts Matter” Said NSA Yay-Man Michael Hayden Who Told Serial Lies about the Phone Dragnet

I’m not sure if you saw last night’s Munk Debate pitting Glenn Greenwald and Alexis Ohanian against Michael Hayden and Alan Dershowitz. I did a whole slew of fact checking and mockery on twitter last night.

But I wanted to pay particular attention to a string of false claims Hayden made about the phone dragnet program.

First, my hobbyhorse, he claimed the database can only be used for terror. (After 1:08)

If this program — and here we’re talking about the metadata program — which is about terrorism, because the only reason you can use the metadata is to stop terrorism. No other purpose.

Actually, terrorism and … Iranian “terrorism.” It’s unclear when or why or how Iran got included in database access (though it is considered a state sponsor of terror). But according to Dianne Feinstein and Keith Alexander, analysts can also access the database for Iran-related information. Now, maybe they can only access the Iran data if they claim terror. But that’s a very different thing than claiming a tie to al Qaeda.

The real doozies come later (my transcription; after 1:20:40; I’ve numbered the false claims and provided the “facts matter” below).

I started out with facts matter. So I assume on the metadata issue we’re talking about the 215 program. About the phone records, alright? Because frankly, that’s the only bulk metadata NSA has on American citizens. (1)

[cross talk]

Accusations fit on a bumper sticker. The truth takes longer. NSA gets from American telephone providers the billing records of American citizens. (2) What happens to the billing records is actually really important. I didn’t make this phrase up but I’m gonna use it. They put it in a lock box, alright? They put it in a lock box at NSA. (3) 22 people at NSA are allowed to access that lockbox. (4) The only thing NSA is allowed to do with that truly gajillion record field sitting there is that when they have what’s called a seed number, a seed number about which they have reasonable articulable suspicion that that seed number is affiliated with al Qaeda — you roll up a safe house in Yay-Man, he’s got pocket litter, that says here’s his al Qaeda membership card, he’s got a phone you’ve never seen before. Gee, I wonder how this phone might be associated with any threats in the United States. (5) So, I’ll be a little cartoonish about this, NSA gets to walk up to the transom and yell through the transom and say hey, anybody talk to this number I just found in Yay-Man? And then, this number, say in Buffalo, says well, yeah, I call him about every Thursday. NSA then gets to say okay Buffalo number — by the way, number, not name — Buffalo number, who did you call. At which point, by description the 215 metadata program is over. That’s all NSA is allowed to do with the data. There is no data mining, there’s no powerful algorithms chugging through it, trying to imagine relationships. (6)   It’s did that dirty number call someone in the United States. The last year for which NSA had full records is 2012 — I’ll get the 13 numbers shortly (7) — but in 2012, NSA walked up to that transom and yelled “hey! anybody talk to this number?” 288 times. (8)

(1) Under the SPCMA authority, NSA can include US persons in contact-chaining of both phone and Internet metadata collected overseas. SPCMA has far fewer of the dissemination and subject matter limitations that the Section 215 dragnet has.

(2) NSA doesn’t get the “billing records.” It gets routing information, which includes a great deal of data (such as the cell phone and SIM card ID and telecom routing information) that wouldn’t be included on a phone bill, even assuming a bill was itemized at all (most local landline calls are not). It also gets the data every day, not every month, like a billing record.

(3) Starting in early January 2008, NSA made a copy of the dragnet data and “for the purposes of analytical efficiency” dumped it in with all their other metadata. That allows them to conduct “federated queries,” which is contact chaining across authorities (so chains including both foreign collected EO12333 data and domestic Section 215 data). The NSA coaches its analysts to rerun queries that are replicable in EO12333 alone because of the greater dissemination that permits.

(4) The 22 number refers to the people who can approve an identifier for Reasonable Articulable Suspicion, not the people who can conduct queries. Those 22 are:

the Chief or Deputy Chief, Homeland Security Analysis Center; or one of the twenty specially-authorized Homeland Mission Coordinators in the Analysis and Production Directorate of the Signals Intelligence Directorate.

While we don’t know how many analysts are trained on Section 215 dragnet right now, the number was 125 in August 2010.

But even those analysts are not the only people who can access the database. “Technicians” may do so too.

Appropriately trained and authorized technical personnel may access the BR metadata to perform those processes needed to make it usable for intelligence analysis. Technical personnel may query the BR metadata using selection terms that have not been RAS-approved (described below) for those purposes described above, and may share the results of those queries with other authorized personnel responsible for these purposes, but the results of any such queries ill not be used for intelligence analysis purposes. An authorized technician may access the BR metadata to ascertain those identifiers that may be high volume identifiers. The technician may share the results of any such access, i.e., the identifiers and the fact that they are high volume identifiers, with authorized personnel (including those responsible for the identification and defeat of high volume and other unwanted BR metadata from any of NSA’s various metadata repositories), but may not share any other information from the results of that access for intelligence analysis purposes.

And this access — which requires access to the raw metadata — is not audited.

(5) Note, in the past, the government has also accessed the database with “correlated” identifiers — phone numbers and SIM cards associated with the same person. It’s unclear what the current status of querying on correlated identifiers is, but that is likely the topic of one of the FISC opinions the government is withholding, and the government is withholding the opinion in question in the name of protecting an ongoing functionality.

(6) Hayden pretends there’s a clear boundary to this program, but even the FISC minimization procedures for it approve the corporate store, where these query results — people 2 degrees from someone subjected to a digital stop-and-frisk — may be subjected to “the full range of [NSA's] analytic tradecraft.” So when Hayden says there’s no data mining and no powerful algorithms, he’s lying about the data mining and powerful algorithms (and content access) that are permitted for identifiers in the corporate store.

(7) Given that DOJ has already released their numbers for FISA use in 2013, I presume it also has the number of identifiers that have been queried.

(8) The 288 number refers to the number of identifiers queried, not the number of queries run. Given that the dragnet serves as a kind of alert system — to see who has had contracts with a certain number over time — the number of actual queries is likely significantly higher, as most of the identifiers were likely run multiple times.

Shorter DiFi: The Torture Report Started in Response to Michael Hayden’s Lie

I gotta hand it to Dianne Feinstein: the closest she comes to calling Michael Hayden a shriveled impotent old man in response to his suggestions she’s a hysterical female is when (at 6 minutes) she says calling women emotional is “an old male fallback position.”

Far more interesting, though, is the description she offers for the genesis of the report. It arose in response to Hayden’s damage control after CIA’s destruction of the torture tapes became public.

In December [2007]–the 11th–Director Hayden appeared before our committee and said he would allow members and/or staff to review operational cables which he said were just as good.


The genesis of the report was back with the videotape and back under then Chairman Rockefeller, who assigned staff, staff studied the operational cables, came back, reported to us, we took a look at that and said — both sides — we should move ahead and do a full study.

And while she doesn’t say it, she makes clear that Hayden lied in this damage control, when he said the “operational cables were just as good” as the torture tapes.

He can’t know that.

The backup to the CIA IG Report, after all, is that the even by the time CIA’s Office of General Counsel decided to destroy the tapes, they had been damaged.

[Redacted] for many of the tapes one 1/2 or 3/4 of the tape “there was nothing.” [Redacted] on some tapes it was apparent that the VCR had been turned off and then turned back on right away. [Redacted] on other tapes the video quality was poor and on others the tape had been reused (taped over) or not recorded at all. [Redacted] The label on some tapes read “interrogation session,” but when viewed there was just snow. [Redaction] did not make note of this in [redaction] report. [Redaction] estimated that “half a dozen” videotapes had been taped over or were “snowy.”

And at least one torture session, including waterboarding, was not captured on the tapes at all.

OIG compared the videotapes to logs and cables and identified a 21-hour period of time” which included two waterboard sessions” that was not captured on the videotapes.

That’s important because the IG also found that the waterboarding depicted in the videos that remained undamaged didn’t comply with the guidelines laid out by DOJ. In other words, there’s very good reason to believe that the tapes got destroyed, in part, because they showed CIA exceeding the legal limits laid out by DOJ.

To make things worse, Rockefeller had requested the torture tapes in the weeks before they got destroyed.

So I can imagine how Hayden’s bullshit line about the cables being just as good as the torture tapes withheld from Rockefeller might launch an investigation.

Michael Hayden has only himself to blame for this report.

In Defending Dianne Feinstein, Ron Wyden Reminds that Michael Hayden Lied to Congress

Like Harry Reid and Mark Udall, Ron Wyden has defended Dianne Feinstein against Michael Hayden’s suggestion that she’s too “emotional” to investigate torture.

But unlike Reid and Udall — who attack Hayden for being a sexist pig (though not in that language) — Wyden attacks Hayden for being a liar.

General Hayden’s suggestion that Chairman Feinstein was motivated by ‘emotion’ rather than a focus on the facts is simply outrageous. Over the past five years I watched Chairman Feinstein manage this investigation in an extremely thorough and professional manner, and the result is an extraordinarily detailed report based on millions of pages of internal CIA records, including operational cables, internal memos, and interview transcripts.

General Hayden unfortunately has a long history of misleading the American public – he did it on domestic surveillance when he was the head of the NSA, and he did it on torture when he was the CIA Director. The best way to correct this culture of misinformation is to give the American people a chance to review the facts for themselves, and I’ll be working with my colleagues and the administration to ensure that happens quickly.

Mind you, Wyden focuses on Hayden’s lies to the American people.

But it’s as good a time as any to recall the lies Hayden told the Senate Intelligence Committee on April 12, 2007, when he said the following:

While FBI and CIA continued unsuccessfully to try to glean information from Abu Zubaydah using established US Government interrogation techniques, all of those involved were mindful that the perpetrators of the 11 September attacks were still at large and, according to available intelligence reportedly, were actively working to attack the US Homeland again. CIA also knew from its intelligence holdings that Abu Zubaydah was withholding information that could help us track down al-Qa’ida leaders and prevent attacks. As a result, CIA began to develop its own interrogation program, keeping in mind at all times that any new interrogation techniques must comply with US law and US international obligations under the 1984 UN Convention Against Torture and Other Cruel, Inhuman and Degrading Treatment or Punishment.

A handful of techniques were developed for potential use; these techniques are effective, safe, and do not violate applicable US laws or treaty obligations. In August 2002, CIA began using these few and lawful interrogation techniques in the interrogation of Abu Zubaydah. As stated by the President in his speech on 6 September 2006, “It became clear that he (Abu Zubaydah) had received training on how to resist interrogation. And so the CIA used an alternative set of procedures … the procedures were tough, and thy were safe, and lawful, and necessary.”

Prior to using any new technique on Abu Zubaydah, CIA sought and obtained from the Department of Justice an opinion confirming that none of these new techniques violated US statutes prohibiting torture or US obligations under the UN Convention Against Torture.

As CIA’s efforts to implement these authorities got underway in 2002, the majority and minority leaders of the Senate, the Speaker and the minority leader of the House, and the chairs and ranking members of the intelligence committees were fully briefed on the interrogation procedures.

After the use of these techniques, Abu Zubaydah became one of our most important sources of intelligence on al-Qa’ida. [my emphasis]

The lies here include:

  • FBI was successful at getting intelligence from Abu Zubaydah
  • CIA never considered the Convention against Torture until after the CIA IG Report in 2004
  • CIA knew Abu Zubaydah had lied under torture in the past
  • CIA did not receive DOJ authorization before starting the torture, which started before August 1
  • CIA used techniques outside those approved by DOJ
  • Only the Gang of Four got briefed on Abu Zubaydah’s torture, and even then they were not fully briefed until February 2003

It is highly likely that Hayden knew that most of these were lies, but for most I can’t prove that. I also doubt Zubaydah had information on the whereabouts of al Qaeda’s leadership.

But as I showed in this post, I can prove that he did know only the Gang of Four got briefed on torture.

That’s because the day before Hayden testified at the SSCI hearing, in a memo addressed to him entitled “Information for 12 April SSCI Hearing,” CIA laid out all the briefings they had done on torture and rendition. And CIA’s own records–records Hayden received the day before he made these statements in preparation for the hearing–show that:

  • Tom Daschle, Senate Majority Leader from the time the torture began until the end of 2002, and Minority Leader until the end of 2004, was never briefed on the torture program.
  • Trent Lott, Senate Minority Leader until the end of 2003, was never briefed on the torture program while in leadership (though as a member of SSCI, he was briefed on the torture program on March 15, 2006).
  • Denny Hastert, Speaker of the House through the end of 2006, was not briefed on any aspect of the program until July 1, 2005.
  • Dick Gephardt, House Minority Leader through the end of 2003 (and therefore, through the worst torture) was never briefed on the program.
  • Harry Reid, Senate Minority Leader from 2005 until 2007 and Senate Majority Leader thereafter, was not briefed until September 6, 2006, when Bush made the program public.
  • Though Nancy Pelosi had an (incomplete) briefing as House Intelligence Ranking Member in 2002, she did not have a briefing as House Minority Leader.
  • Just Bill Frist, who was first briefed in July 2004, seven months after he took over as Senate Majority Leader, was briefed in timely fashion at all.

The Intelligence Committee heads were briefed, however inadequately. But with the exception of Bill Frist, the CIA barely briefed Congressional Leadership at all.

I had forgotten how blatantly Hayden lied, in what would have been one of the earliest briefings for the full Committee after they first got read into the program.

But it’s clear he did lie. And he lied about information he had just been informed was a lie.

No wonder Hayden seems so desperate to defend his own manhood at this time.

He’s about to be exposed.

Update: While we’re talking about Michael Hayden lies, here’s my new favorite NSA lie, when he had Paul Wolfowitz tell Colleen Kollar-Kotelly that NSA wasn’t collecting content-as-metadata in the Internet dragnet program when they actually were.

The Court had specifically directed the government to explain whether this unauthorized collection involved the acquisition of information other than the approved Categories [redacted] Order at 7. In response, the Deputy Secretary of Defense [Paul Wolfowitz] stated that the “Director of NSA [Michael Hayden] has informed me that at no time did NSA collect any category of information … other than the [redacted] categories of meta data” approved in the [redacted] Opinion, but also note that NSA’s Inspector General [Joel Brenner] had not completed his assessment of this issue. [redacted] Decl. at 21.13 As discussed below, this assurance turned out to be untrue.

13 At a hearing on [redacted] Judge Kollar-Kotelly referred to this portion of the Deputy Secretary’s declaration and asked: “Can we conclude that there wasn’t content here?” [redacted] of NSA, replied, “There is not the physical possibility of our having [redacted] [my emphasis]

Would We Have Accepted the Dragnet if NSA Had to Admit It Could Have Prevented 9/11?

Screen shot 2014-02-18 at 10.16.30 AMI’m going to return to Glenn Greenwald’s latest showing details of how the NSA treated WikiLeaks and, to a lesser degree, Anonymous (as well as Alexa O’Brien’s update on the investigation into WikiLeaks) later.

If GCHQ does this kind of tracking, how did Five Eyes miss the Tsarnaev brothers?

But for now I want to look at one slide covering GCHQ’s AntiCrisis monitoring approach (see slide 34), which in this case is focused on WikiLeaks. It shows how GCHQ has the ability — and had it in 2012 — to monitor particular websites. It shows GCHQ can monitor the visitors of a particular website, where they’re coming from, what kind of browsers they use. None of that is, in the least surprising. But given those capabilities, it would be shocking if GCHQ weren’t doing similar monitoring of AQAP’s online magazine Inspire, with the added benefit that certain text strings in each Inspire magazine would make it very easy to track copies of it as it was downloaded, even domestically via upstream collection. And for the UK, this isn’t even controversial; even possessing Inspire in the UK can get you imprisoned.

Given that that’s the case, why didn’t GCHQ and NSA find the Tsarnaev brothers who — the FBI has claimed but provided no proof — learned to make a bomb from the Inspire release that GCHQ or NSA hacked? Why isn’t NSA reviewing why it didn’t find the brothers based on cross-referencing likely NSA tracking of Inspire with its FBI reporting on Tamerlan Tsarnaev?

I used to not believe NSA should have found the Tsarneavs. But now that I’ve seen all the nifty tools we’ve learned NSA and, especially, GCHQ have, they really do owe us an explanation for why they didn’t find the Tsarnaev brothers, one of whom was already in an FBI database, and who was allegedly learning to make a pressure cooker bomb from a document that surely gets tracked by the NSA and its partners.

Speaking of NSA failures…

Which brings me back to James Clapper’s interview with Eli Lake.

Clapper said the problems facing the U.S. intelligence community over its collection of phone records could have been avoided. “I probably shouldn’t say this, but I will. Had we been transparent about this from the outset right after 9/11—which is the genesis of the 215 program—and said both to the American people and to their elected representatives, we need to cover this gap, we need to make sure this never happens to us again, so here is what we are going to set up, here is how it’s going to work, and why we have to do it, and here are the safeguards… We wouldn’t have had the problem we had,” Clapper said.

“What did us in here, what worked against us was this shocking revelation,” he said, referring to the first disclosures from Snowden. If the program had been publicly introduced in the wake of the 9/11 attacks, most Americans would probably have supported it. “I don’t think it would be of any greater concern to most Americans than fingerprints

Now, I’ll have to review the latest declarations in Jewel, but I think Clapper’s statement — that the genesis of today’s phone dragnet dates to 9/11 –  goes slightly beyond what has been admitted, because it ties today’s phone dragnet program back to the PSP phone dragnet program. Ron Wyden has tried to make the tie between the illegal program and the current one clear for months. Clapper has now inched closer to doing so.

But I also want to take issue with Clapper’s claim that if NSA had presented a “gap” to Members of Congress and the public after 9/11 we would have loved the dragnet.

Had we known of the errors and territorialism that permitted 9/11, would we have agreed to any of this?

I do so, in part, because the claim there was a “gap” is erroneous and has been proven to be erroneous over and over. Moreover, that myth dates not to the days after 9/11, but to misrepresentations about the content of the 9/11 Commission report 3 years later. Note, too, that (as has happened with Inspector Generals reviews of the Boston Marathon attack) the Commission got almost no visibility into what NSA had against al Qaeda.

More importantly, had NSA gone to the public with claims about gaps it did and didn’t have before 9/11, we would likely have talked not about providing NSA more authority to collect dragnets, but instead, about the responsibility of those who sat on intelligence that might have prevented 9/11.

As Thomas Drake and the other NSA whistleblowers have made clear, the NSA had not shared intelligence reports that might have helped prevent 9/11.

I found the pre- and post-9/11 intelligence from NSA monitoring of some of the hijackers as they planned the attacks of 9/11 had not been shared outside NSA. Continue reading

1 2 3 8

Emptywheel Twitterverse
JimWhiteGNV RT @mikelasusa: Following on resounding success of the "Bomb Them" strategy in Iraq, the US has started fucking up Syria too http://t.co/st
JimWhiteGNV RT @abumuqawama: You know we've learned little since 9/11 when we're about to institute draconian security measures because of 1 dude. http…
JimWhiteGNV RT @zerohedge: As a reminder, from 2013: Mystery Sponsor Of Weapons And Money To Syrian Mercenary "Rebels" Revealed http://t.co/qVGkg8cWqZ
emptywheel @gregorydjohnsen Oh I'm sure we can trust the Saudis to have our best interests in mind.
JimWhiteGNV RT @Disarm: Where's the #nuclear-free world candidate Obama promised? We're now building a new generation of nuclear weapons? http://t.co/W
JimWhiteGNV RT @onekade: Just read a @nytimes piece saying the Secret Service has been widely criticized for not shooting dead the guy at the WH. What …
JimWhiteGNV @gregorydjohnsen And civilians already starving. Perfect recipe for radicalization when innocent family members killed by bombs.
JimWhiteGNV RT @gregorydjohnsen: What sort of intel is the US using for all its strikes in Syria - we can't have great on the ground sources.
JimWhiteGNV RT @FearDept: We had zero international legal justification for hitting #Syria, but we did it anyway. http://t.co/C6EAzidczM #fuckyeah
JimWhiteGNV RT @allthingsct: @azelin @intelwire @DaveedGR easy. Hard to go saying AQ EO if you've claimed you've strategically defeated them....
JimWhiteGNV RT @davidcnswanson: ISIS, Weapons Makers, Thugs Benefit from This Crime | War Is A Crime .org http://t.co/CHhsnbPm6E
JimWhiteGNV RT @gregorydjohnsen: Is this imminent as in "about to happen" or imminent as in "they were thinking about plots and were generally up to no…
September 2014
« Aug