As I pointed out the other day, the CIA IG Report on spying on the Senate Intelligence Committee appears to say the egregious spying happened after John Brennan told Dianne Feinstein and Saxby Chambliss on January 15 CIA had been spying on SSCI.
Agency Access to Files on the SSCI RDINet:
Five Agency employees, two attorneys and three information technology (IT) staff members, improperly accessed or caused access to the SSCI Majority staff shared drives on the RDINet.
Agency Crimes Report on Alleged Misconduct by SSCI Staff:
The Agency filed a crimes report with the DOJ, as required by Executive Order 12333 and the 1995 Crimes Reporting Memorandum between the DOJ and the Intelligence Community, reporting that SSCI staff members may have improperly accessed Agency information on the RDINet. However, the factual basis for the referral was not supported, as the author of the referral had been provided inaccurate information on which the letter was based. After review, the DOJ declined to open a criminal investigation of the matter alleged in the crimes report.
Office of Security Review of SSCI Staff Activity:
Subsequent to directive by the D/CIA to halt the Agency review of SSCI staff access to the RDINet, and unaware of the D/CIA’s direction, the Office of Security conducted a limited investigation of SSCI activities on the RDINet. That effort included a keyword search of all and a review of some of the emails of SSCI Majority staff members on the RDINet system.
With respect to your second question about monitoring of Members of Congress and Legislative Branch employees, in general those individuals will not be subject to [User Activity Monitoring] because their classified networks are not included in the definition of national security systems (NSS) for which monitoring is required.
Because no internally owned or operated Legislative branch network qualifies as a national security system, UAM by the Executive Branch is accordingly neither required nor conducted. To be clear, however, when Legislative Branch personnel access a national security system used or operated by the Executive Branch, they are of course subject to UAM on that particular system.
CIA’s spying on SSCI took place on CIA’s RDI network, not on the SSCI one. SSCI had originally demanded they be given the documents pertaining to the torture program, but ultimately Leon Panetta required them to work on a CIA network, as Dianne Feinstein explained earlier this year.
The committee’s preference was for the CIA to turn over all responsive documents to the committee’s office, as had been done in previous committee investigations.
Director Panetta proposed an alternative arrangement: to provide literally millions of pages of operational cables, internal emails, memos, and other documents pursuant to the committee’s document requests at a secure location in Northern Virginia. We agreed, but insisted on several conditions and protections to ensure the integrity of this congressional investigation.
Per an exchange of letters in 2009, then-Vice Chairman Bond, then-Director Panetta, and I agreed in an exchange of letters that the CIA was to provide a “stand-alone computer system” with a “network drive” “segregated from CIA networks” for the committee that would only be accessed by information technology personnel at the CIA—who would “not be permitted to” “share information from the system with other [CIA] personnel, except as otherwise authorized by the committee.”
It was this computer network that, notwithstanding our agreement with Director Panetta, was searched by the CIA this past January,
Presumably, those limits on access should have prevented CIA’s IT guys from sharing information about what SSCI was doing on the network. But it’s not clear they would override Clapper’s UAM.
Remember, too, when Brennan first explained how this spying didn’t qualify as a violation of the Computer Fraud and Abuse Act, he said CIA could conduct “lawfully authorized … protective … activity” in the US. Presumably like UAM.
I have no idea whether this explains why CIA’s IG retracted what Feinstein said had been his own criminal referral or not. But I do wonder whether the CIA has self-excused some of its spying on SSCI in the interest of continuous user monitoring?
If so, it would be the height of irony, as UAM did not discover either Chelsea Manning’s or Edward Snowden’s leaks. Imagine if the only leakers the Intelligence Community ever found were their own overseers?
When Ron Wyden first asked John Brennan whether CIA had to comply with the Computer Fraud and Abuse Act, Brennan suggested they didn’t have to if they were conducting investigations.
The statute does apply. The Act, however, expressly “does not prohibit any lawfully authorized investigative, protective, or intelligence activity … of an intelligence agency of the United States.” 18 U.S.C. § 1030(f).
Then in March, after Senator Feinstein accused the CIA of improperly spying on her committee, Brennan claimed it was outside the realm of possibility.
As far as the allegations of, you know, CIA hacking into, you know, Senate computers, nothing could be further from the truth. I mean, we wouldn’t do that. I mean, that’s — that’s just beyond the — you know, the scope of reason in terms of what we would do.
Now that DOJ has decided not to investigate CIA’s illegal domestic spying, we learn it was well within the realm of possibility.
CIA employees improperly accessed computers used by the Senate Intelligence Committee to compile a report on the agency’s now defunct detention and interrogation program, an internal CIA investigation has determined.
Findings of the investigation by the CIA Inspector General’s Office “include a judgment that some CIA employees acted in a manner inconsistent with the common understanding reached between SSCI (Senate Select Committee on Intelligence) and the CIA in 2009,” CIA spokesman Dean Boyd said in a statement.
Brennan’s solution is to have corrupt hack Evan Bayh conduct an accountability review of the spying.
And yet again, the CIA proves it refuses to subsist within democratic structures.
As I said in my post last night, Pat Leahy’s version of USA Freedom Act is a significant improvement over USA Freedumber, the watered down House version. But it includes language that no one I’ve met has been able to explain. I believe it may permit the NSA to have its immunized telecom providers contact chain on (at least) location, and possibly worse. Thus, it may well be everyone applauding the bill — including privacy NGOs — are applauding increased use of techniques like location spying even as judges around the country are deeming such spying unconstitutional. I strongly believe this bill may expand the universe of US persons who will be thrown into the corporate store indefinitely, to be subjected to the full brunt of NSA’s analytical might.
But that’s not the part of the bill that disturbs me the most. It’s this language:
‘(3) FEDERAL BUREAU OF INVESTIGATION.—
Subparagraphs (B)(iv), (B)(v), (D)(iii), (E)(iii), and (E)(iv) of paragraph (1) of subsection (b) shall not apply to information or records held by, or queries conducted by, the Federal Bureau of Investigation.
The language refers, in part, to requirements that the government report to Congress:
(B) the total number of orders issued pursuant to section 702 and a good faith estimate of—
(iv) the number of search terms that included information concerning a United States person that were used to query any database of the contents of electronic communications or wire communications obtained through the use of an order issued pursuant to section 702; and
(v) the number of search queries initiated by an officer, employee, or agent of the United States whose search terms included information concerning a United States person in any database of noncontents information relating to electronic communications or wire communications that were obtained through the use of an order issued pursuant to section 702;
These are back door searches on US person identifiers of Section 702 collected data — both content (iv) and metadata (v).
In other words, after having required the government to report how many back door searches of US person data it conducts, the bill then exempts the FBI.
The FBI — the one agency whose use of such data can actually result in a prosecution of the US person in question.
We already know the government has not provided all defendants caught using 702 data notice. And yet, having recognized the need to start counting how many Americans get caught in back door searches, Patrick Leahy has decided to exempt the agency that uses back door searches the most.
And if they’re not giving defendants notice (and they’re not), then this is an illegal use of Section 702.
There is no reason to exempt the FBI for this. On the contrary, if we’re going to count back door searches on US persons, the first place we should start counting is at FBI, where it likely matters most. But the Chair of the Senate Judiciary Committee has decided it’s a good idea to exempt precisely those back door searches from reporting requirements.
Yesterday, we learned:
Back in November, when Dianne Feinstein was trying to codify these unwarranted back door searches explicitly into law, here’s what anonymous sources described as Senate Intelligence Committee aides told the WaPo:
They say that there have been only a “small number” of such queries each year. Such searches are useful, for instance, if a tip arises that a terrorist group is plotting to kill or kidnap an American, officials have said.
“Only a small number.”
Over 2,000 counted searches between the CIA and NSA. Uncounted, but substantial, number of searches by FBI. “Only a small number.”
Were these anonymous sources ignorant — relying on false information from the Agencies? The actual number of unwarranted back door searches doesn’t appear in the unredacted portions of the one Semiannual Section 702 Compliance report we’ve seen (see page 13); there doesn’t appear to be a redacted section where they would end up.
So have the Agencies (CIA and NSA in this case; FBI’s back door searches get audited in a different way) simply hidden from their Congressional overseers how frequently they were doing these searches?
Or were these aides trying, once again, to pass legislation permitting the nation’s spy agencies to conduct intrusive searches on Americans by lying?
One way or another, it’s a damn good thing Ron Wyden asked for and insisted on getting an answer to his question of how common these back door searches are (even if the FBI still refuses to count them). Because the key people who are supposed to oversee them are either ignorant or lying about them.
For a long time, I’ve been noting that the October 3, 2011 John Bates Opinion and last August’s Semiannual Report on FISA make it clear that the FBI, like the CIA and NSA, conducts back door searches off Section 702 collected data.
ODNI’s response to Ron Wyden’s request for actual numbers of how many back door searches the government conducts makes it clear that I was correct.
The report is even worse than I imagined. It shows the following:
FBI does back door searches for both foreign intelligence and criminal purposes. This means NSA’s language about keeping data for evidence of a crime is fairly meaningless, because they’re handing chunks of data off to FBI that it can troll for evidence of crime.
And the FBI doesn’t count these queries. In fact, FBI doesn’t even distinguish between when it is searching foreign and US person identifiers.They say only that “the number of queries is substantial.”
I expected all that from the FBI. What amazes me is that the CIA — an Agency that is not supposed to conduct domestic intelligence collection — does not count how many metadata-only queries of US person data it does. So all those fears of NSA identifying whether you’re visiting an AIDS clinic or a pregnancy counseling center? The NSA may not do that kind of analysis, but the CIA might be checking what foreigners you’re talking to.
The CIA also conducts a bunch of content queries — “fewer than 1900″ — of which 40% are counterterrorism-related queries for other agencies. (Which leads me to wonder why neither NSA nor FBI are doing these queries, which would make more sense.) But that leaves 60% of 1900 — or around 1,100 queries a year of US person content that are for CIA’s own purposes and may not even be terrorism related.
The NSA conducts the fewest. It conducts 198 US person content queries (that is, not all that much fewer than the 248 US persons queried in the phone dragnet or collected on using another Section 215 order). It conducts 9,500 queries of metadata only queries, of which some are duplicative.
Compared to CIA’s uncountable number, that may not sound like a lot. But compare that to the phone dragnet, which also queried on fewer than 248 US person identifiers last year. That is, it is doing an order of magnitude more Internet metadata queries than it is phone queries.
One more thing: Last year’s FAA report revealed that CIA and NSA also sometimes accidentally query US person data. So the numbers of Americans sucked in via FAA may be significantly larger.
One more note about this report. PCLOB is due to release their Section 702 report on Wednesday. That is sure to have recommendations about how to protect US person privacy; Patricia Wald was quite clear in the most recent PCLOB hearing she believes the government should use a warrant to access this data. So Ron Wyden finally got a response, but it almost certain is only because PCLOB was about to make much of this public on their own.
(KS linked to this version of the Doors, thanks!)
As I noted on Friday, the Administration got a new phone dragnet order on the same day that Senators Wyden, Udall, and Heinrich pointed out that — so long as the Administration only wants to do what it claims to want to do — it could stop holding phone records right away, just as it implemented Obama’s 2-hop mandate and court review in February right away.
From ODNI’s announcement they got a new dragnet order Friday (which they congratulate themselves as a great show of transparency), it’s clear they have no intention of doing so. On the contrary, they’re going to hold out HR 3361 — and their unconvincing claim it ends bulk collection as normal people understand the term — with each new dragnet order.
After carefully considering the available options, the President announced in March that the best path forward is that the government should not collect or hold this data in bulk, and that it remain at the telephone companies with a legal mechanism in place which would allow the government to obtain data pursuant to individual orders from the FISC approving the use of specific numbers for such queries. The President also noted that legislation would be required to implement this option and called on Congress to enact this important change to the Foreign Intelligence Surveillance Act (FISA).
Consistent with the President’s March proposal, in May, the House of Representatives passed H.R. 3361, the USA FREEDOM Act, which would, if enacted, create a new mechanism for the government to obtain this telephony metadata pursuant to individual orders from the FISC, rather than in bulk. The bill also prohibits bulk collection through the use of Section 215, FISA pen registers and trap and trace devices, and National Security Letters.
Overall, the bill’s significant reforms would provide the public greater confidence in our programs and the checks and balances in the system, while ensuring our intelligence and law enforcement professionals have the authorities they need to protect the Nation. The Administration strongly supports the USA FREEDOM Act. We urge the Senate to swiftly consider it, and remain ready to work with Congress to clarify that the bill prohibits bulk collection as noted above, as necessary.
Given that legislation has not yet been enacted, and given the importance of maintaining the capabilities of the Section 215 telephony metadata program, the government has sought a 90-day reauthorization of the existing program, as modified by the changes the President announced earlier this year.
But here’s the bit I’m most struck by, particularly given that the government has not yet released the March 28, 2014 dragnet order which should be a slam dunk declassification process, given that its content has presumably all been released in the past.
In addition to a new primary order last Friday, FISC also wrote a memorandum opinion.
The Administration is undertaking a declassification review of this most recent court order and an accompanying memorandum opinion for publication.
I can think of two things that would explain a memorandum opinion: the program has changed in some way (perhaps they’ve changed how they interpret “selection term” or implement the automated process which they had previously never gotten running?), or the FISC considered some new legal issue before approving the dragnet.
As I noted last week, both US v. Quartavious Davis, in which the 11th Circuit ruled stored cell location data required a warrant), and US v Stavros Ganias, in which the 2nd Circuit ruled the government can’t use data it seized under an old warrant years later, might affect both the current and future dragnets, as well as other programs the NSA engages in.
Thing is, whatever the subject of the opinion, then it’d sure be nice to know what it says before we pass this legislation, as the legislation may have to correct the wacky secret decisions of the FISC (most members of Congress are still not getting unredacted dragnet orders). But if the last order is any indication, we won’t get this new order until months from now, long after the bill is expected to be rushed through the Senate.
Which is probably all by design.
The three surveillance critics from the Senate Intelligence Committee — Ron Wyden, Mark Udall, and Martin Heinrich — wrote a letter to Obama on the developments in the NSA reform. Generally, they repeat exhortations that Wyden and Udall have already made in hearings to end the dragnet right now, as Obama has already claimed he wants to do.
I’m not entirely sure what to make of it, but I find some of the details in it to be of particular interest.
The Senators point out, for example, that several bills accomplish the goals Obama has publicly stated he’d support. Those bills include the original USA Freedom Act, and separate proposals advanced by both Udall and Wyden.
But they also include the original PATRIOT Reauthorization from 2005, which Dianne Feinstein once supported, as did a young Senator named Barack Obama (though the Senators don’t mention either of those details). Wyden has long pointed obliquely to when the Executive first started using PATRIOT to conduct dragnets, and the record shows the Executive withheld information about how it was using the PRTT authority from even the Intelligence Committees during the 2005 reauthorization. So the Senators may be nodding towards Executive refusal to respect the will of Congress with this mention.
The Senators then both question claims from Administration officials that “in the absence of new legislation, there is no plan to suspend the bulk collection of Americans’ phone records,” and express their doubts “that the version of the USA Freedom Act that recently passed the House of Representatives would actually ban the bulk collection of Americans’ records.”
While they repeatedly reiterate their support for legislative reform, they also lay out a plan by which the President can immediately end the dragnet. Here’s the part I find particularly interesting.
First, they say it is “highly likely” FISC would let them get 2-degrees of phone records, unless FISC has already prohibited that.
Unless the FISC has already rejected such a request from the government, it does not seem necessary for the executive branch to wait for Congress before taking action.
Isn’t this already included in current orders? Shouldn’t the Senators know if FISC has rejected such a request (especially Wyden, who has been on the committee through all this period)? Is Wyden saying it’s possible there’s something else limiting the dragnet? Is he pointing to a ruling he knows about?
Just as interesting, the Senators argue the Pen Register Authority — not Section 215 — could serve to carry out the prospective collection the bill claims to want to do.
FISC would likely approve the defined and limited prospective searches for records envisioned under your proposal pursuant to current USA PATRIOT Act Section 214 pen register authorities, given how broadly it has previous interpreted these authorities.
Finally, although we have seen no evidence that the government has needed the bulk phone records collection program to attain any time-sensitive objectives, we agree that new legislation should provide clear emergency authorities to allow the government to obtain court approval of individual queries after the fact under specific circumstances. The law currently allows prospective emergency acquisitions of call records under Section 403 of the Foreign Intelligence Surveillance Act (FISA), and the acquisition of past records without judicial review under national security letter authorities.
Of course, the PRTT authority (cited twice here) should always have been the appropriate authority for this collection; we’ve just never learned why the government didn’t use that.
Basically, the Senators are laying out how the Executive could do precisely what it says it wants to do with existing authorities (indeed, with the PRTT authority that are actually targeted to the kind of record in question).
The Executive has all the authorities it needs, the Senators lay out, so why doesn’t it end the dragnet — achieve the reform it claims it wants — immediately?
We believe the way to restore Americans’ constitutional rights and their trust in our intelligence community is to immediately end the practice of vacuuming up the phone records of huge numbers of innocent Americans every day and permit the government to obtain only the phone records of people actually connected to terrorism or other nefarious activity. We support your March 27, 2014, proposal to achieve these goals, but we also view ending bulk collection as an imperative that cannot wait.
Damn! That’s a very good question! Obama moved immediately to implement his first reform proposal — advance FISC approval and limits to two hops — back in February. So why isn’t he moving immediately to implement the plan he says he wants now, as the Senators lay out he could well do under existing authorities?
It may be the Senators are just pressuring Obama to implement changes now, and nothing here is meant to point to some underlying issue.
But I wildarseguess that they’re trying to point out the differences between what they could do — under the PRTT orders they should have been using from the start — and what they want to do.
There’s one difference we can point to right away, after all: immunity. If all the government wanted to do was to obtain call detail records, then they wouldn’t need to give the telecoms immunity. That’s something they do every day. But there’s something they will do that has led the telecoms to demand immunity. That’s the stuff that goes beyond traditional PRTT activity.
Then there’s the stuff we don’t know about: the “connections” based chaining. As I’ve said, I don’t know what that entails. But it is an obvious explanation for why the telecoms need immunity — and for why a simple PRTT order won’t suffice.
One way or another, the Senators are calling Obama’s bluff. Obama says he wants nothing more than to obtain specific phone records going forward. If that’s true, he could make the change today. Yet the Executive is clear they can’t do that.
Update: One more detail. As Wyden’s release on this makes clear, today’s the day the March 28, 2014 phone dragnet order expires, so presumably the government got another one today. We’ve never seen that March 28 order, by the way.
As a number of outlets are reporting, ACLU liberated some emails catching Florida cops agreeing to lie about the Stingray devices used to capture suspects.
As you are aware for some time now, the US Marshalls and I believe FDLE have had equipment which enables law enforcement to ping a suspects cell phone and pin point his/her exact location in an effort to apprehend suspects involved in serious crimes. In the past, and at the request of the U.S. Marshalls, the investigative means utilized to locate the suspect have not been revealed so that we may continue to utilize this technology without the knowledge of the criminal element. In reports or depositions we simply refer to the assistance as “received information from a confidential source regarding the location of the suspect.” To date this has not been challenged, since it is not an integral part of the actual crime that occurred.
The email goes on to instruct that “it is unnecessary to provide investigative means to anyone outside of law enforcement.”
But i’m most interested in the subject line for this email: “Trap and Trace Confidentiality.”
That seems to confirm what ACLU and WSJ have reported earlier this month. Law enforcement are obtaining location data under Pen Register or Trap and Trace orders, meaning they’re claiming that location data are simply metadata.
That (and the arrogant parallel construction) is problematic for a lot of reasons, but given two developments on the national dragnet, I think we should be newly concerned there, too.
The thing is, I have perhaps mistakenly always assumed these PRTT programs involved the collection of Internet metadata off telecom backbones. While I’m sure they collect large amounts of Internet metadata somehow, I realize now that they might also be operating (or planning to operate) large scale PRTT location programs. Remember, too, that Ron Wyden was asking provocative questions about the intelligence community’s use of cell location data just days before this classification guide.
Mind you, the Quartavious decision might make that impossible now.
But given the USM apparently concerted effort to hide the fact that PRTT equates to cell location orders, we should at least consider whether the government operates more systematic location programs.
As per usual, there was a tidbit of news in Ron Wyden’s questions at yesterday’s hearing on the USA Freedumber.
He revealed that the back door loophole was closed during the Bush Administration.
Let me start by talking about the fact that the House bill does not ban warrantless searches for Americans’ emails. And here, particularly, I want to get into this with you, Mr. Ledgett if I might. We’re talking of course about the backdoor search loophole, section 702 of the FISA statute. This allows NSA in effect to look through this giant pile of communications that are collected under 702 and deliberately conduct warrantless searches for the communications of individual Americans. This loophole was closed during the Bush Administration, but it was reopened in 2011, and a few months ago the Director of National Intelligence acknowledged in a letter to me that the searches are ongoing today. [my emphasis]
I’m not sure precisely what he’s talking about, though I assume either the transition from the illegal program to Protect America Act, or the transition from PAA to FISA Amendments Act, removed NSA’s ability to conduct back door searches. Reading between the redactions in John Bates’ October 3, 2011 opinion, FBI apparently has had the authority to do back door searches on both traditional FISA and warrantless collection from 2008, so from the beginning of FAA.
But from what Wyden said, the NSA had the ability to do back door searches, lost it, and now has it again.
I’d sure like to know more about what happened to lead people to believe NSA should have that authority taken away from it.
Jason Leopold has a new article at the Guardian based off a FOIA of NSA’s FOIA process. Perhaps the funniest part of the documents he received, however, is the number of times the NSA claimed its own discussion of FOIA process — including praise for the FOIA responders! — was Top Secret, suggesting revealing details would cause exceptionally grave harm to national security.
That said, I think there’s a missing piece to this puzzle (and hope Leopold pursues it when he makes his inevitable appeal of some of these redaction decisions).
On June 11, NSA’s Chief of FOIA Office Pamela Phillips raised the possibility of having “a paper or sheet of unclassified facts that could be provided to the public.” (See PDF 1) She repeated that request on June 17. (See PDF 3) I believe that is separate from the efforts to come up with a standard Glomar letter (that discussion, incidentally, is redacted in some enormously interesting ways).
But I’m particularly interested in a redaction in an email from Deputy Chief of Staff Trumbull Soule to Associate Director for Policy and Records David Sherman and then Media Leaks Task Force head and now Deputy Director of NSA Richard Ledgett, and cc’ed to Phillips and (among at least 12 others) NSA General Counsel Raj De on June 26.
That’s because that email got sent on the day after the NSA had to pull what I believe was that unclassified fact sheet, which NSA first posted on June 18, after Ron Wyden and Mark Udall wrote a letter, on June 24, to Keith Alexander noting two problems with the letter, in that it misleadingly suggested,
In addition, the letter had a classified attachment that, I suspect, noted that John Bates’ response to the upstream problems did not require the destruction of entirely domestic communications.
NSA withdrew the fact sheet from its website sometime before 1 PM on June 25.
Now, it may just be a coinkydink that the highest level of discussion among these emails come on that particular day (though I assume NSA withheld a bunch of emails). But I do find the timing rather interesting.