Nidal Hasan

NSA Conducts So Many Back Door Searches on US Persons It Would Be Impracticable to Approve Those Queries

Update, 8/3/14: Given what we’ve subsequently learned about FBI’s substantial number of uncounted back door searches, Litt’s description of further controls as not practicable probably most directly relates to FBI, not NSA.

While there wasn’t as much as I’d like, the Privacy and Civil Liberties Oversight Board hearing today focused somewhat on the issue of back door searches: which are when NSA searches on US person data on “incidentally” collected data under Section 702 of FISA.

DOJ National Security Director Deputy AAG Brad Wiegmann even suggested we should call them queries, perhaps to obscure all the obvious problems with them as searches under the Fourth Amendment.

The most telling exchange, however, came when PCLOB Board Member Patricia Wald suggested that the FISA Court conduct the same kind of oversight over these backdoor searches that it is now doing pursuant to the changes in Section 215 President Obama made in January. (CSPAN won’t let me embed this yet but here’s a link.) ODNI General Counsel Robert Litt shot that idea down aggressively, stating that is is not practicable.

Patricia Wald: The President required, or, I think he required in his January directive that went to 215 that at least temporarily, the selectors in 215 for questioning the databank of US telephone calls–metadata–had to be approved by the FISA Court. Why wouldn’t a similar requirement for 702 be appropriate in the case where US person indicators are used to search the PRISM database? What big difference do you see there?

Robert Litt: Well, I think from a theoretical perspective it’s the difference between a bulk collection and a targeted collection which is that–

Wald: But I would think that, sorry for interrupting, [cross-chatter]  I would think that message since 702 has actually got the content.

Litt: Well, and the second point that I was going to make is that I think the operational burden in the context of 702 would far greater than in the context of 215.

Wald: But that would–

Litt: If you recall, the number of actual telephone numbers as to which a  RAS–reasonable articulaable suspcion determination was made under Section 215 was very small. The number of times that we query the 702 database for information is considerably larger. I suspect that the Foreign Intelligence Surveillance Court would be extremely unhappy if they were required to approve every such query.

Wald: I suppose the ultimate question for us is whether or not the inconvenience to the agencies or even the unhappiness of the FISA Court would be the ultimate criteria.

Litt: Well I think it’s more than a question of convenience, I think it’s also a question of practicability.

NSA General Counsel Raj De, who has spent the better part of the last 9 months saying “it’s only metadata” went on to argue that somehow this “targeted” content program (which of course requires no advance review of selectors) is less intrusive than the metadata collection under Section 215.

Make up your damn mind!

To be fair, I suspect one of the issues is that after the Nidal Hasan attack (and this is just a very well educated guess), NSA rolled out a system whereby new communications between a targeted foreigner and an American automatically pulls up all previous communications involving that US person. That would count as a search, even though it would effectively feel like an automatic cross-referencing of all prior communications involving someone talking to a target, even if that is a US person.

Nevertheless, this means that NSA is conducting so many back door searches on US person data that it would be “impracticable” to actually give those searches some kind of review.

No wonder NSA refuses to give numbers on this practice to Ron Wyden.

2 Agents 3 Hours a Day Weren’t REALLY Reading Anwar al-Awlaki’s Email

Former CIA Deputy Director John McLaughlin wants you to believe the NSA wasn’t really reading Anwar al-Awlaki’s communications content, on whose emails (including the web-based ones) the NSA had a full-time tap at least as early as March 16, 2008.

In my experience, NSA analysts err on the side of caution before touching any data having to do with U.S. citizens. In 2010, at the request of then-Director of National Intelligence Dennis Blair, I chaired a panel investigating the intelligence community’s failure to be aware of Umar Farouk Abdulmutallab, the “underwear bomber” who tried to blow up a commercial plane over Detroit on Dec. 25, 2009.

The overall report remains classified, but I can say that the government lost vital time because of the extraordinary care the NSA and others took in handling any data involving a “U.S. person.” (Abdulmutallab, a Ni­ger­ian, was recruited and trained by the late Anwar al-Awlaki, a U.S. citizen based in Yemen.)

And maybe that’s the case.

Except it doesn’t seem to square with the report that two FBI Agents were spending 3 hours a day each reading Awlaki’s mail. It doesn’t seem to accord with the efforts those Agents made to chase down the Nidal Hasan lead — which, after all, infringed on the privacy of two American citizens, against one of whom probable cause had not been established. You’d think it would be far easier to chase down the Abdulmutallab messages, particularly given what has been portrayed as more clearly operational content, given that Abdulmutallab would have gotten no protection as a US person.

Sure, those Agents complained about the “crushing” volume of the communications content they had to review every day, but that was a factor of volume, not any restrictions on reading FISA target Anwar al-Awlaki’s email.

Don’t get me wrong. I’m thrilled someone has raised Abdulmutallab in the context of assessing NSA’s dragnet, which I’ve been calling for since October.

UndieBomb 1.0 was the guy who was allegedly plotting out Jihad with Anwar al-Awlaki — whose communications the FBI had two guys reading – over things like chats and calls. That is, Umar Farouk Abdulmutallab was a guy whose plot the NSA and FBI should have thwarted before he got on a plane. (To say nothing of the CIA and NCTC’s fuck-ups.)

And yet, he got on that plane. His own incompetence and the quick work of passengers prevented that explosion, while a number of needles went unnoticed in the NSA’s most closely watched haystacks.

Nevertheless, the lesson DiFi takes is that we need more haystacks.

Shouldn’t the lessons of UndieBomb 1.0 be just as important to this debate as the partial, distorted, lessons of 9/11?

(I’ve also been wondering why Faisal Shahzad, who was getting instructions, including hawala notice, from known targets of drone strikes in Pakistan, before his attack, wasn’t identified by phone and Internet dragnet analysis as a person of interest through those contacts, though that may legitimately be because of turmoil in both dragnet programs.)

But for McLaughlin’s claims to be true then the description of the treatment of the Awlaki wiretaps in the Webster report on the Nidal Hasan investigation wouldn’t seem to make sense.

By all means, let’s hear what really happened back between 2008 and 2010, when the NSA missed multiple contacts with top AQAP targets and TTP targets and as a result missed two of the three main international terrorist attacks on this country since 9/11. That should be part of the debate.

But let’s be very clear whether it was really limits on US person data, when we see FBI reading content of two US persons directly, or rather the sheer volume we’re collecting (as well as the crappy computer systems FBI had in place in 2009) that caused the dragnet to fail.

NSA Failures and Terror Successes Drive the Dragnet

Ryan Lizza has a long review of the dragnet programs. As far as the phone dragnet, it’s a great overview. It’s weaker on NSA’s content collection (in a piece focusing on Ron Wyden, it doesn’t mention back door searches) and far weaker on the Internet dragnet, the technical and legal issues surrounding which he seems to misunderstand on several levels. It probably oversells Wyden’s role in bringing pressure on the programs and treats Matt Olsen’s claims about his own role uncritically (that may arise out of Lizza’s incomplete understanding of where the dragnet has gone). Nevertheless, it is well worth a read.

I think it most valuable for the depiction of Obama’s role in the dragnet and its description of the ties between the war on terror and perceptions about the dragnet. Take this account of Obama’s decision not to embrace transparency during the PATRIOT Act Reauthorization in 2009-10. Lizza describes Wyden pressuring Obama to make information on the dragnets available to Congress and the public (we know HJC members Jerry Nadler, John Conyers, and Bobby Scott were lobbying as well, and I’ve heard that Silvestre Reyes favored disclosure far more than anyone else in a Ranking Intelligence Committee position).

But then the UndieBomb attack happened.

The debate ended on Christmas Day, 2009, when Umar Farouk Abdulmutallab, a twenty-three-year-old Nigerian man, on a flight from Amsterdam to Detroit, tried to detonate a bomb hidden in his underwear as the plane landed. Although he burned the wall of the airplane’s cabin—and his genitals—he failed to set off the device, a nonmetallic bomb made by Yemeni terrorists. Many intelligence officials said that the underwear bomber was a turning point for Obama.

“The White House people felt it in their gut with a visceralness that they did not before,” Michael Leiter, who was then the director of the National Counterterrorism Center, said. The center was sharply criticized for not detecting the attack. “It’s not that they thought terrorism was over and it was done with,” Leiter said, “but until you experience your first concrete attack on the homeland, not to mention one that becomes a huge political firestorm—that changes your outlook really quickly.” He added, “It encouraged them to be more aggressive with strikes”—drone attacks in Yemen and Pakistan—“and even stronger supporters of maintaining things like the Patriot Act.”

Obama also became more determined to keep the programs secret. On January 5, 2010, Holder informed Wyden that the Administration wouldn’t reveal to the public details about the N.S.A.’s programs. He wrote, “The Intelligence Community has determined that information that would confirm or suggest that the United States engages in bulk records collection under Section 215, including that the Foreign Intelligence Surveillance Court (fisc) permits the collection of ‘large amounts of information’ that includes ‘significant amounts of information about U.S. Persons,’ must remain classified.” Wyden, in his reply to Holder a few weeks later, expressed his disappointment with the letter: “It did not mention the need to weigh national security interests against the public’s right to know, or acknowledge the privacy impact of relying on legal authorities that are being interpreted much more broadly than most Americans realize.” He said that “senior policymakers are generally deferring to intelligence officials on the handling of this issue.”

Curiously, Lizza makes no mention of Nidal Hasan who, unlike Umar Farouk Abdulmutallab, actually succeeded in his attack, and like Abdulmutallab, had had communications with Anwar al-Awlaki intercepted by the NSA (and FBI) leading up to the attack. Weeks before the UndieBomb attack, Pete Hoekstra had already started criticizing the Obama Administration for not responding to Hasan’s emails to Awlaki, and Hasan’s attack led to more tracking of Awlaki (and, I suspect, Samir Khan’s) online interlocutors. I also suspect that, because of certain technical issues, the Hasan experience led to increased support for suspicionless back door searches.

But whether or not the UndieBomber alone or in conjunction with the Hasan attack was the catalyst, I absolutely agree Obama got spooked.

The question is whether Obama took the correct lesson from the UndieBomb, in particular. While the Hasan attack definitely led to real lessons about how to better use content collection (FISA and PRISM), the UndieBomb case should have elicited conclusions about having too much data to find the important messages, such as Abdulmutallab’s text to Awlaki proposing Jihad. (Note that Hoekstra’s blabbing about the Awlaki taps may have led AQAP to encrypt more of their data — as Awlaki was alleged to have done with Rajib Karim — which would have led to legitimate concerns about publicizing NSA techniques.) With the UndieBomb, NSA purportedly had advance warning of the attack that didn’t get read until after the attempt. Why not? And why wasn’t that Obama’s main takeaway?

And the National Security people still seem to be taking the wrong lessons. Here’s Matt Olsen and DiFi’s version of the National Security crowd’s latest fearmongering, that we need dragnets even more so now because the terrorist group has dispersed.

As core members of Al Qaeda were killed, the danger shifted to terrorists who were less organized and more difficult to detect, making the use of the N.S.A.’s powerful surveillance tools even more seductive. “That’s why the N.S.A. tools remain crucial,” Olsen told me. “Because the threat is evolving and becoming more diverse.”

Feinstein said, “It is very difficult to permeate the vast number of terrorist groups that now loosely associate themselves with Al Qaeda or Al Nusra or any other group. It is very difficult, because of language and culture and dialect, to really use human intelligence. This really leaves us with electronic intelligence.”

Olsen says the problem is, in part, that Al Qaeda is “less organized.” DiFi says one problem we have “permeating” terrorist groups is language and culture and dialect and her solution to that is to use “electronic intelligence.” While electronic intelligence — and specifically metadata — provides a way to compensate for linguistic failures (the NSA uses structure to identify which are the important conversations), in terrorist attack after terrorist attack (as well as CW attack) we turn out not to have been watching the right content feeds. And if we don’t have the linguistic skills, we’re likely not going to understand the messages correctly in any case.

And these are less organized groups! Are they really any more effective than crime gangs at this point, and crime gangs in countries far away with little means to access the US?

But rather than saving money on the dragnet and working instead on shoring up our cultural and linguistic failures, this failure is instead seen as another excuse to sustain the dragnet.

It’s clear that terror — whether NSA has failed or not — serves as a evergreen excuse for the dragnet. The real question is whether it should.

Was Adel Daoud Targeted Off of a Back Door Search of Traditional FISA Collection?

Daoud Adel is a 20-year old US citizen from suburban Chicago who was charged last year in an FBI sting in which he allegedly tried to set off a car bomb outside a night club. Last year, during the debate on FISA Amendments Act reauthorization, Dianne Feinstein named his case directly, suggesting he had been busted using the legislation before the Senate. His legal team first demanded the FAA material she suggested existed back in May. And in September, they requested discovery for materials relating to FAA.

The government, however, strongly suggests none of the communications used to charge him were collected under FAA. It even suggests he misunderstands the meaning of DiFi’s comment.

Any discovery based on the FAA is unwarranted here because the FAA is simply not at issue in this case. As the Government explained in a previous filing, it “does not intend to use any such evidence obtained or derived from FAA-authorized surveillance in the course of this prosecution.” (DE 49, at 2).


The defendant’s claim that the Government should disclose “the nature of the FAA surveillance in this case even, for instance[,] Defendant’s communications themselves were not intercepted” is perplexing. (DE 52, at 15 n.11). If Daoud’s communications were not intercepted, or his facilities not targeted, he would not be aggrieved and have no basis to challenge the collection. The Government sees no legal relevance to his broad discovery request.

Moreover, the defendant has also made multiple claims, in this motion and others, based on his interpretation of a single public remark. While the Government appreciates the defendant’s position in litigating FISA-related matters, it offers that the defendant may misunderstand this public remark, which is not a revelation that has any legal implication.


As the Government has explained, this case singularly involves “traditional” FISA surveillance. [my emphasis]

Soapbox Orator’s comments in response to one of my posts on back door searches led me to examine the government’s response closely and I now suspect Daoud may have been identified using a back door search on traditional FISA collection.

Much of this debate centers on comments DiFi made on December 27, 2012, which seemed to suggest the 8 cases she named involved FAA.  But those comments were in response to comments Ron Wyden had just made. In that speech Wyden described (among other problems with FAA) back door searches.

The fact is, once the government has this pile of communications, which contains an unknown but potentially very large number of Americans’ phone calls and e-mails, there are surprisingly few rules about what can be done with it.

For example, there is nothing in the law that prevents government officials from going to that pile of communications and deliberately searching for the phone calls or e-mails of a specific American, even if they do not have any actual evidence that the American is involved in some kind of wrongdoing, some kind of nefarious activity.

Continue reading

William Webster Meets Edward Snowden, IRTPA, Roving Wiretaps, and the Phone Dragnet

For a post on back-door searches, I’m re-reading the William Webster report on whether the FBI could have anticipated Nidal Hasan’s attack. In the light of the Edward Snowden disclosure, I’m finding there are a number of passages that read very differently (so expect this to be a series of posts).

As you read this, remember two things about Webster’s report. First, FBI and NSA’s failure to find Umar Farouk Abdulmutallab in spite of texts he sent to Anwar al-Awlaki was probably prominent on the Webster team’s mind as they completed this (and surely factors significantly in the classified version of the SSCI report on the UndieBomb). So some of the comments in the Webster report probably don’t apply directly to the circumstances of Nidal Hasan, but to that (and Webster notes that some of the topics he addresses he does because they’re central to counterterrorism approaches). And the Webster report is perhaps the most masterful example of an unclassified document that hides highly classified background.

All that said, in a section immediately following Webster’s description of Section 215, Webster discusses how Roving Wiretaps, Section 6001 of IRTPA, and Section 215 were all reauthorized in 2011.

When FISA was passed in 1978, the likely targets of counterterrorism surveillance were agents of an organized terrorist group like the Red Brigades, the Irish Republican Army, or the Palestinian terrorist organizations of that era. Given the increasing fluidity in the membership and organization of international terrorists, the FBI may not be able to ascertain a foreign terrorist’s affiliation with an international organization. Section 6001 of the Intelligence Reform and Terrorist Prevention Act of 2004 (IRTPA) allows the government to conduct surveillance on a non-U.S. person who “engages in international terrorism or activities in preparation therefor” without demonstrating an affiliation to a particular international terrorist organization. Pub. L. 108-458, § 6001, 118 Stat. 3638, 3742 (2004).

Sections 206 and 215 of the PATRIOT Act and Section 6001 of IRTPA were scheduled to “sunset” on December 31, 2009. In May 2011, after an interim extension, Congress extended the provisions until June 1, 2015, without amendment. [my emphasis]

I find this interesting, first of all, because it doesn’t mention the Pen Register and Lone Wolf language that also got reauthorized in 2011 (suggesting he lumped these three together for a specific reason). And because it puts the language, “engages in international terrorism or activities in preparation therefor” together with roving wiretaps (“continuous electronic surveillance as a target moves from one device to another”), and Section 215, which we now know includes the phone dragnet.

As we’ve seen, DiFi’s Fake FISA Fix includes the language from IRTPA, on “preparation therefor,” which I thought was an expansion of potential targets but which I presume now is what they’ve been using all along. While I don’t recall either the White Paper nor Claire Eagan’s language using that language, I’m wondering whether some underlying opinion does.

Now consider how the roving wiretap goes with this. One reason — probably the biggest reason — they need all phone records in the US is so they can use it to find targets as they move from one burner cell phone to another. Indeed, one passage from DiFi’s Fake FISA Fix seems specifically designed to authorize this kind of search.

(C) to or from any selector reasonably linked to the selector used to perform the query, in accordance with the court approved minimization procedures required under subsection (g).

That language “reasonably linked” surely invokes the process of using algorithms to match calling patterns to calling patterns to find a target’s new phone. And note this is the only query that mentions minimization procedures, so the Court must have imposed certain rules about how you treat a new “burner” phone ID until such time as you’ve proven it actually is linked to the first one.

What’s interesting, though, is that the Webster report also lumps roving wiretaps in with this. What’s at issue in Nidal Hasan’s case was effectively roving electronic communication; he emailed Awlaki from several different email addresses and one of the problems FBI had was in pulling up Hasan’s communications under both identities (you can see how this relates to the back door loophole). But the inclusion of roving wiretaps here seems to suggest the possibility that a court has used the existing of roving wiretap approval for the use of the phone dragnet to find burner phones (which shouldn’t have been an issue in the Nidal Hasan case but probably was for Abdulmutallab).

One more comment? The notion that identifying an Al Qaeda target is any harder than identifying an IRA-affiliate is utter nonsense. If anything, US-based IRA affiliates were harder to identify because they were completely and utterly socially acceptable. But I guess such myths are important for people advocating more dragnet.

Any Bets FBI Was Already Searching US Person Data?

If you want to support our work reporting news the WaPo will report as news in two months, please donate!

In the department of news that got reported here two months ago, the WaPo is reporting on FISC’s approval to let the government search through incidentally collected information. Its news hook is that the 2011 move reversed an earlier 2008 ban that the government had asked for.

The court in 2008 imposed a wholesale ban on such searches at the government’s request, said Alex Joel, civil liberties protection officer at the Office of the Director of National Intelligence (ODNI). The government included this restriction “to remain consistent with NSA policies and procedures that NSA applied to other authorized collection activities,” he said.

But in 2011, to more rapidly and effectively identify relevant foreign intelligence communications, “we did ask the court” to lift the ban, ODNI general counsel Robert S. Litt said in an interview. “We wanted to be able to do it,” he said, referring to the searching of Americans’ communications without a warrant.

It may well be that the NSA was prohibited from searching on incidentally collected information, but not all parts of the government were. In his October 3, 2011 FISC opinion, John Bates pointed to some other minimization procedures allowing such searches to justify his approval for NSA to do so.

This relaxation of the querying rules does not alter the Court’s prior conclusion that NSA minimization procedures meet the statutory definition of minimization procedures. [2 lines redacted] contain an analogous provision allowing queries of unminimized FISA-acquired information using identifiers — including United States-person identifiers — when such queries are designed to yield foreign intelligence information. See [redacted] In granting [redacted] applications for electronic surveillance or physical search since 2008, including applications targeting United States persons and persons in the United States, the Court has found that the [redacted] meet the definition of minimization procedures at 50 U.S.C. §§ 1801 (h) and 1821(4). It follows that the substantially similar querying provision found at Section 3(b)(5) of the amended NSA minimization procedures should not be problematic in a collection that is focused on non-United States persons located outside the United States and that, in the aggregate, is less likely to result in the acquisition of nonpublic information regarding non-consenting United States persons.

We already had reason to believe other agencies do this, because when the Senate Intelligence Committee discussed it, they described the intelligence community generally wanting such searches.

Finally, on a related matter, the Committee considered whether querying information collected under Section 702 to find communications of a particular United States person should be prohibited or more robustly constrained. As already noted, the Intelligence Community is strictly prohibited from using Section 702 to target a U.S. person, which must at all times be carried out pursuant to an individualized court order based upon probable cause. With respect to analyzing the information lawfully collected under Section 702, however, the Intelligence Community provided several examples in which it might have a legitimate foreign intelligence need to conduct queries in order to analyze data already in its possession. [my emphasis]

Bates’ mention of targeting US persons strongly suggests FBI was the agency in question (though the CIA may as well). (If this practice weren’t already permitted, I would bet it got approved in the aftermath of the Nidal Hasan attack, which might explain why so many more Americans who had communicated with Anwar al-Awlaki or Samir Khan were caught in stings after that point.)

So did Ronald Litt and Alex Joel tell Ellen Nakashima this to hide a much more intrusive practice at FBI (which they also oversee)?

Spying on Americans: A “Team Sport” Since 2004

Screen shot 2013-07-11 at 6.25.06 PMOne of the more colorful revelations in today’s Guardian scoop is the newsletter piece that describes increased sharing of PRISM (Section 702) data with FBI and CIA.

The information the NSA collects from Prism is routinely shared with both the FBI and CIA. A 3 August 2012 newsletter describes how the NSA has recently expanded sharing with the other two agencies.

The NSA, the entry reveals, has even automated the sharing of aspects of Prism, using software that “enables our partners to see which selectors

the National Security Agency has tasked to Prism”.

The document continues: “The FBI and CIA then can request a copy ofPrism collection of any selector…” As a result, the author notes: “these two activities underscore the point that Prism is a team sport!”

But that’s something that has actually been built into the program for years. While the Joint IG Report on the illegal wiretap program claimed,

NSA also was responsible for conducting the actual collection of information under the PSP and disseminating intelligence reports to other agencies such as the Federal Bureau of Investigation (FBI), the Central Intelligence Agency (CIA), and the Office of the Director of National Intelligence (ODNI) National Counterterrorism Center (NCTC) for analysis and possible investigation.

The Draft NSA IG Report explained,

Coordination with FBI and CIA. By 2004, four FBI integrees and two CIA integrees, operating under SIGINT authorities in accordance with written agreements, were co-located with NSA PSP-cleared analysts. The purpose of co-locating these individuals was to improve collaborative analytic efforts.

And the minimization procedures released by the Guardian (which date to 2009), make it clear NSA can provided unminimized content to CIA and FBI on whatever selectors they request.


(1) NSA may provide to the Central Intelligence Agency (CIA) unminimized communications acquired pursuant to section 702 of the Act. CIA will identify to NSA targets for which NSA may provide unminimized communications to CIA. CIA will process any such unminimized communications received from NSA in accordance with CIA minimization procedures adopted by the Attorney General, in consultation with the Director of National Intelligence, pursuant to subsection 702(e) of the Act.

(2) NSA may provide to the FBI unminimized communications acquired pursuant to section 702 of the Act. FBI will identify to NSA targets for which NSA may provide unminimized communications to the FBI. FBI will process any such unminimized communications received from NSA in accordance with FBI minimization procedures  adopted by the Attorney General, in consultation with the Director of National Intelligence, pursuant to subsection 702(e) of the Act.

And none of that should be surprising, given the tasking slide — above — that was first published by the WaPo. FBI, at least, is solidly in the midst of this collection, for a program deemed to be foreign intelligence collection.

There have been a variety of claims about all this team sport participation. But I’m not convinced any of them explain how all this works.

And in perhaps related news, the Fifth Circuit today said that Nidal Hasan could not have access to the FISA material on him, in spite of the fact that William Webster published a 150 page report on it last year. Legally, that material should be utterly distinct from PRISM, since a wiretap on Anwar al-Awlaki would require a specific FISA warrant (and the latest Guardian scoop refers to expanded cooperation since 2012). But I suspect the reason Hasan, the FISA evidence against whom has already been extensively discussed, can’t see it is because we would see what this actually looks like from the FBI side.

DOJ has to protect its team, you know.

The FBI and CIA Unminimized Collections and the Holes in Article III Review of FISA Amendments Act

In my piece confirming that the NSA can search on US person data collected incidentally in Section 702 collection, I pointed to these two paragraphs from the minimization procedures.


(1) NSA may provide to the Central Intelligence Agency (CIA) unminimized communications acquired pursuant to section 702 of the Act. CIA will identify to NSA targets for which NSA may provide unminimized communications to CIA. CIA will process any such unminimized communications received from NSA in accordance with CIA minimization procedures adopted by the Attorney General, in consultation with the Director of National Intelligence, pursuant to subsection 702(e) of the Act.

(2) NSA may provide to the FBI unminimized communications acquired pursuant to section 702 of the Act. FBI will identify to NSA targets for which NSA may provide unminimized communications to the FBI. FBI will process any such unminimized communications received from NSA in accordance with FBI minimization procedures  adopted by the Attorney General, in consultation with the Director of National Intelligence, pursuant to subsection 702(e) of the Act.

It’s not clear what this entails.

But Dianne Feinstein once defended the FISA Amendments Act authorization to search on US person information by pointing to Nidal Hasan. Remember, his emails were picked up on a generalized collection of Anwar al-Awlaki’s communications, which should have been a traditional FISA warrant, but may have been conducted via the same software tools as FAA collection. In which case, the kind of access described in the Webster report would provide one idea of what this looks like from the FBI side. That process has almost certainly been streamlined, given that the god-awlful software the FBI used prevented it from pulling the entire stream of Hasan’s emails to Awlaki.

First, the FBI’s database of intercepts sucked. When the first Hasan intercepts came in, it allowed only keyword searches; tests the Webster team ran showed it would have taken some finesse even to return all the contacts between Hasan and Awlaki consistently. More importantly, it was not until February 2009 that the database provided some way to link related emails, so the Awlaki team in San Diego relied on spreadsheets, notes, or just their memory to link intercepts. (91) But even then, the database only linked formal emails; a number of Hasan’s “emails” to Awlaki were actually web contacts, (100) which would not trigger the database’s automatic linking function. In any case, it appears the Awlaki team never pulled all the emails between Hasan and Awlaki and read them together, which would have made Hasan seem much more worrisome (though when the San Diego agent set the alert for the second email, he searched and found the first one).

Even before this was streamlined, the collection seemed to lack real minimization. Though to be fair, the Agents spending a third of their days reading Awlaki’s emails were drowning and really had an incentive to get reports out as quickly as possible. But they seemed to be in the business of sending out reports with IDs, not the reverse.

In addition, we know that subsequent to that time, the FBI started using this collection (and, I’m quite certain, Samir Khan’s), as a tripwire — what they call “Strategic Collections.”

The Hasan attack (and presumably subsequent investigations, as well as the Umar Farouk Abdulmutallab attack) appears to have brought about a change in the way wiretaps like Awlaki’s are treated. Now, such wiretaps–deemed Strategic Collections–will have additional follow-up and management oversight.

The Hasan matter shows that certain [redacted] [intelligence collections] [redacted] serve a dual role, providing intelligence on the target while also serving as a means of identifying otherwise unknown persons with potentially radical or violent intent or susceptibilities. The identification and designation of Strategic Collections [redacted] will allow the FBI to focus additional resources–and, when appropriate, those of [redacted] [other government agencies]–on collections most likely to serve as “trip wires.” This will, in turn, increase the scrutiny of information that is most likely to implicate persons in the process of violent radicalization–or, indeed, who have radicalized with violent intent. This will also provide Strategic Collections [redacted] with a significant element of program management, managed review, and quality control that was lacking in the pre-Fort Hood [review of information acquired in the Aulaqi investigation] [redacted].

If implemented prior to November 5, 2009, this process would have [redacted] [enhanced] the FBI’s ability to [redacted] identify potential subjects for “trip wire” and other “standalone” counterterrorism assessments or investigations. (99)

Many many many of the aspirational terrorists the FBI rolled up in 2010 and afterwards were people who had communicated or followed Awlaki or Khan. And to the extent we’ve prosecuted a bunch of wayward youth who can’t pull together a plot without the FBI’s assistance, that ought to be a concern on many levels.

Because it would mean this unminimized production is part of the Terror Manufacturing Industry. (Mind you, the FBI was doing this with their own surveillance based off Hal Turner in the 00s, so it’s not an approach limited to Muslim radicals.)

To the extent that FAA collection might be sent to FBI as a way to identify non-criminal leads to criminalize, it’s a problem, particularly if the FISA Court doesn’t see what minimization the FBI uses.

Continue reading

The Find Every Terrorist at Any Cost Industry

As a thought experiment, replace the word “terrorist” in this paragraph with “soldier” or “military.”

All terrorists fundamentally see themselves as altruists: incontestably believing that they are serving a “good” cause designed to achieve a greater good for a wider constituency—whether real or imagined—which the terrorist and his organization or cell purport to represent. Indeed, it is precisely this sense of self-righteous commitment and self-sacrifice that that draws people into terrorist groups. It all helps them justify the violence they commit. It gives them collective meaning. It gives them cumulative power. The terrorist virtually always sees himself as a reluctant warrior: cast perpetually on the defensive and forced to take up arms to protect himself and his community. They see themselves as driven by desperation——and lacking any viable alternative—to violence against a repressive state, a predatory rival ethnic or nationalist group, or an unresponsive international order.

The paragraph comes from Bruce Hoffman, a Georgetown Professor/ThinkTanker whose studies of terrorism predate 9/11 by decades. It forms part of his explanation, post Boston, for why people become terrorists: because they, like our own country increasingly, see violence as a solution to their grievance.

That’s not all of Hoffman’s description of what makes people terrorists, mind you. He goes onto discuss religion and the human relations that might convince someone to engage in violence. But the paragraph has haunted me since I read it over a week ago for how clearly it should suggest that one of the few things that separates terrorism from our country’s own organized violence is official sanction (and at least lip service about who makes an appropriate and legal target).

Which is one reason why Jack Levin, in a piece debunking four myths about terrorism, offers this as one solution.

Somehow, we must reinstate the credibility of our public officials — our president, our Congress, and our Supreme Court Justices — so that alienated Americans do not feel they must go outside of the mainstream and radicalize in order to satisfy their goals.

Blaming terrorism on our dysfunctional political system feels far too easy, but it’s worth remembering that in Afghanistan, Somalia, and parts of Yemen, Al Qaeda has at times won support from locals because it offered “justice” where the official government did not or could not.

In any case, the common sense descriptions Hoffman and Levin offer haven’t prevented a slew of people responding to Boston — some experts, some not — from demanding that we redouble our efforts to defeat any possible hint of Islamic terrorism, no matter the cost.

Batshit crazy Texas Congressman Louie Gohmert claims the Boston attack is all Spencer’s fault: because FBI purged some its training materials of some of the inaccurate slurs about Muslims (but did not even correct the training of Agents who had been taught that claptrap in the first place), it can no longer speak a language appropriate to pursuing terrorists. “They can’t talk about the enemy. They can’t talk about jihad. They can’t talk about Muslim. They can’t talk about Islam.” Which elicited the equally batshit crazy response from Glenn Kessler of taking Gohmert’s premise as a valid one that should be disproven by weighing how much offensive language remains in FBI materials, rather than debunking the very premise that only people who engage in cultural slurs would be able to identify terrorists. I award Kessler four wooden heads.

Somewhat more interesting is this piece from Amy Zegart, another Professor/ThinkTanker. She admits we may not know whether Boston involved some kind of intelligence failure for some time.

Finding out what happened will be trickier than it sounds. Crowdsourcing with iPhones, Twitter, and Lord & Taylor surveillance video worked wonders to nail the two suspects with lightning speed. But assessing whether the bombing constituted an intelligence failure will require more time, patience, and something most people don’t think about much: understanding U.S. counter-terrorism organizations and their incentives and cultures, which lead officials to prioritize some things and forget, or neglect, others.

But that doesn’t stop her from insisting FBI’s culture remains inappropriate to hunting terrorists “pre-boom.”

But it is high time we asked some hard, public questions about whether the new FBI is really new enough. Transformation — moving the bureau from a crime-fighting organization to a domestic intelligence agency — has been the FBI’s watchword since 9/11. Continue reading

Anwar al-Awlaki Is the New Aluminum Tube

Mark Mazzetti, Charlie Savage, and Scott Shane team up to provide the government’s best case — and at times, an irresponsibly credulous one — for the killing of Anwar al-Awlaki and the collateral deaths of Samir Khan and Abdulrahman al-Awlaki.

Yet even in a 3,600 word story, they don’t present any evidence against the senior Awlaki that was fresher than a year old — the October 2010 toner cartridge plot — at the time the Yemeni-American was killed. (I’m not saying the government didn’t have more recent intelligence; it just doesn’t appear in this very Administration-friendly case.) Not surprisingly, then, the story completely ignores questions about the definition of “imminent threat” used in the OLC memo and whether Awlaki was an “imminent” threat when he was killed.

The “linked in various ways” standard for killing Americans

Moreover, the case they do present has various weaknesses.

The story provides a fair amount of space to Awlaki’s celebration of the Nidal Hasan attack (though it does make it clear Awlaki did not respond enthusiastically to Hasan’s queries before the attack).

Investigators quickly discovered that the major had exchanged e-mails with Mr. Awlaki, though the cleric’s replies had been cautious and noncommittal. But four days after the shootings, the cleric removed any doubt about where he stood.

“Nidal Hassan is a hero,” he wrote on his widely read blog. “He is a man of conscience who could not bear living the contradiction of being a Muslim and serving in an army that is fighting against his own people.”

It uses far vaguer language to describe Awlaki’s role in the Faisal Shahzad and toner cartridge plots.

Meanwhile, attacks linked in various ways to Mr. Awlaki continued to mount, including the attempted car bombing of Times Square in May 2010 by Faisal Shahzad, a naturalized American citizen who had reached out to the preacher on the Internet, and the attempted bombing by Al Qaeda in the Arabian Peninsula of cargo planes bound for the United States that October.

“Linked in various ways” seems to be the new standard for killing an American. That, in spite of the fact that Shahzad’s tie to Awlaki seems to be the same Hasan had: an inspiration, but not any involvement in the plot. And while Awlaki is reported to have had some role in the toner cartridge plot, reports from Saudi infiltrator Jabir al-Fayfi apparently fingered others in AQAP as the chief plotters.

I guess that would be too much nuance to include in a 3,600 word article.

NYT doesn’t care about problems with the Abu Tarak explanation

Which leaves the UndieBomb attack as the sole attack in which the NYT presents evidence about Awlaki’s direct role. But there’s a problem with their claims there, too.

The would-be underwear bomber told F.B.I. agents that after he went to Yemen and tracked down Mr. Awlaki, his online hero, the cleric had discussed “martyrdom and jihad” with him, approved him for a suicide mission, helped him prepare a martyrdom video and directed him to detonate his bomb over United States territory, according to court documents.

In his initial 50-minute interrogation on Dec. 25, 2009, before he stopped speaking for a month, Mr. Abdulmutallab said he had been sent by a terrorist named Abu Tarek, although intelligence agencies quickly found indications that Mr. Awlaki was probably involved. When Mr. Abdulmutallab resumed cooperating with interrogators in late January, an official said, he admitted that “Abu Tarek” was Mr. Awlaki. With the Nigerian’s statements, American officials had witness confirmation that Mr. Awlaki was clearly a direct plotter, no longer just a dangerous propagandist.

I don’t doubt that Awlaki was directly involved in this attack in some way. And I got the same explanation about Abu Tarak from “an official” back when I first noted the discrepancy between DOJ’s public claims (thanks for not crediting me on that one, NYT boys). But either Abdulmutallab said something beyond “Abu Tarak was Awlaki,” or the entire explanation is not credible.

That’s because Abdulmutallab’s initial interrogation — according to the version presented by Jonathan Tukel in the opening arguments of Abdulmutallab’s trial — said Abu Tarak did the following:

  1. Spoke daily with Abdulmutallab about jihad and martyrdom
  2. Suggested to Abdulmutallab that he become involved in a plane attack against the United States aircraft
  3. Gave him training in detonating the bomb
  4. Told him to make sure he attacked a U.S. aircraft and make sure the attack takes place over the United States

Yet according to the version of Abdulmutallab’s interrogation presented in his sentencing memo, here’s who did those things:

  1. Awlaki and Abdulmutallab discussed martyrdom and jihad
  2. Defendant and Ibrahim Al Asiri discussed defendant’s desire to commit an act of jihad; Asiri discussed a plan for a martyrdom mission with Awlaki, who gave it final approval
  3. Asiri trained defendant in the use of the bomb
  4. Awlaki instructed defendant that the only requirements were that the attack be on a U.S. airliner, and that the attack take place over U.S. soil

Continue reading

Emptywheel Twitterverse
JimWhiteGNV RT @seanpaulkelley: #blackopencarry is when we see whether or not Libertarians are truly color-blind. Libertarians: …
emptywheel @adambonin But yeah, tomorrow will be fun,
emptywheel @adambonin No no. Whichever gets a second chance at LV.
emptywheel @adambonin Well, I think either team will do better with a second shot.
JimWhiteGNV RT @elonjames: Listening to residents "In the 60's they sent the National Guard to protect US. Now they send them to protect the cops." #Fe
emptywheel @adambonin They played them closer than Chicago did, didn't they?
JimWhiteGNV RT @DSweetWCW: Brother @Carl_Dix surrounded by armed gang which has no regard for the lives of Black people. @cornelwest #Ferguson http://t…
JimWhiteGNV RT @KagroX: Hands up, get shot. Hands down, get shot.
JimWhiteGNV Aw, crap.
JimWhiteGNV God is mooning #Ferguson! #ButtCheekCloud RT @aterkel: OMG LOOK AT THIS CLOUD #Ferguson with @ryanjreilly
August 2014
« Jul