The Government’s Unclear Demands for Emails
Ryan Singel and Mary have pointed to to Ken Wainstein’s confirmation of something we’ve been discussing for some time: the problem with FISA’s restrictions on foreign communication has to do with email.
But in response to a question at the meeting by David Kris, a former federal prosecutor and a FISA expert, Wainstein said FISA’s current strictures did not cover strictly foreign wire and radio communications, even if acquired in the United States. The real concern, he said, is primarily e-mail, because "essentially you don’t know where the recipient is going to be" and so you would not know in advance whether the communication is entirely outside the United States. [my emphasis]
Now that the Administration is finally telling us some truths about their program, I think it worthwhile to repeat and expand on an observation I made here about CCIA’s letter opposing telecom immunity. CCIA, after all, represents three big email companies: Microsoft (Hotmail), Google (Gmail), and Yahoo. And in their letter, these email companies directly tie immunity with confusing requests from the government.
To the Members of the U.S. House of Representatives:
The Computer & Communications Industry Association (CCIA) strongly opposes S. 2248, the “FISA Amendments Act of 2007,” as passed by the Senate on February 12, 2008. CCIA believes that this bill should not provide retroactive immunity to corporations that may have participated in violations of federal law. CCIA represents an industry that is called upon for cooperation and assistance in law enforcement. To act with speed in times of crisis, our industry needs clear rules, not vague promises that the U.S. Government can be relied upon to paper over Constitutional transgressions after the fact. !!
CCIA dismisses with contempt the manufactured hysteria that industry will not aid the United States Government when the law is clear. As a representative of industry, I find that suggestion insulting. To imply that our industry would refuse assistance under established law is an affront to the civic integrity of businesses that have consistently cooperated unquestioningly with legal requests for information. This also conflates the separate questions of blanket retroactive immunity for violations of law, and prospective immunity, the latter of which we strongly support.
Therefore, CCIA urges you to reject S. 2248. America will be safer if the lines are bright. The perpetual promise of bestowing amnesty for any and all misdeeds committed in the name of security will condemn us to the uncertainty and dubious legalities of the past. Let that not be our future as well. [my emphasis]
Email providers argue that immunity will contribute to uncertainty. They speak of receiving "vague promises," they demand "clear rules" and "bright lines."
Given that complaints about uncertainty and unclear demands have led these email providers to strongly oppose retroactive immunity, it suggests the requests the email providers got were really murky–murky enough that the requests caused the email providers a good deal of trouble.
If the government was making such murky requests, don’t you think Congress ought to know what those requests were in more detail?
Personally, I trust the government; its not like they would knowingly and improperly use their awesome power to illegally spy on Americans. Oh, wait, that may not be correct. From the AP and Lara Jakes Jordan:
Really, who could have imagined they would do something like this…
Yes, you would think that the congress would want to know more detail. I do not understand what is going on with the Democrats. Does the Bush neo cons have that much on them or have their lives been threatened? Something is going on that we do not know!!!
Not just the requests, but how the collection would be stored, processed, and deleted. Of course the problem with that is, how well equipped do you think our revered legislators would be at understanding and evaluating the resulting information?
I still think it’s a good bet that, down at the bottom of this situation, lies the dirty secret that our SIGINT and ELINT collection is basically worthless — the TLAs have been sold a bill of goods by the providers of their filtering and selection systems. Therefore there’s no alternative to asking for everything, and going on a scavenger hunt armed with a blank list of items.
As far as the TLAs are concerned, it’s not about finding gold, it’s about covering your ass when there is no gold.
it’s not about finding gold, it’s about covering your ass when there is no gold. Bullseye!
It does seem there’s a lot of CYA in all this mess by people who want to fight terrorism. Then, there’s the other CYA group that wants immunity to cover their illegal conduct.
That second CYA group seems to consist of Bu$hCheney acolytes who ‘can’t find’ 5,000,000 emails on WH servers and GOP servers, and yet insist that the telecoms need ‘retroactive immunity’.
Shorter: We won’t give you our emails, but we want to (hide behind the War on Terra to) spy on all of yours.
What’s so eery about all this is that Bu$hCo has repeatedly spoken of being ‘Inside THE Information”. What IS that about?! Where is that ‘information space’ he speaks of? It’s as if they’re manic to invent some walled-off psychic space that can keep them ’safe’; some strange misuse of ‘information’ that is going to be unmanageable, confusing, and likely to create more problems than it solves.
From the GWBush Sept 30, 2003 presser:
THE PRESIDENT: …There are too many leaks of classified information in Washington… There’s just too many leaks. Washington is a town where there’s all kinds of allegations… people inside the information who are the so-called anonymous sources, or people outside the information — outside the administration.
It’s now quite clear that most of us were, and remain OUTSIDE ‘the information’, which they were evidently ‘creating’ prior to Sept 30, 2003. It just seems as if they’re creating that ‘OUTSIDE information space’ as an ever larger, increasingly unmanageable behemoth.
Bizarre.
The whole immunity/NSA scheme is such a crock. Somehow I doubt any self respecting terrorist group would hold a planning session over the phone or internet. To give the go ahead to execute their plots, I think they’d use ordinary words and phrases. How could any program, no matter how well staffed, and using the most advanced artificial intelligence, track normal words from the phone, email, or web pages? NSA is at least keeping the economy going by employing thousands of techies and buying more and more supercomputers.
EW – if you send me an email, I asked c-span for a transcript or download info on the program and they sent me a link to where they have it saved in their archives – you might want to put that up in a post for anyone who wants to listen. It wasn’t a super long meeting- I’d say maybe its an hour or so. Since I was listening part in the car as I was running errands and part at work while I was also (ahem) working I want to listen again.
I didn’t know that was Kris who asked the question, and I may be misremembering the sequence, but IIRC, the reason for the Waintein “revelation” was that Baker forced his hand by pretty much saying it’s a lie that any part of FISA prevents interception of foreign to foreign calls, technology advances and FISC rulings notwithstanding.
Other big gives imo were that where a US citizen on US soil was involved, they did not want to have to go the huge “burden” of showing that the other end of the call (or the US person) was someone that there was “probable cause” to believe was an agent of a foreign power. So they want and expect that any foreign element opens up a freeforall of surveillance. Because otherwise, Wainsteins “reasoning” was that we gave terrorists more rights than we gave Americans who can be stopped and frisked for no reason.
Uh, right.
Now, keep in mind that this surveillance requires no “wrongdoing” element at all – that is the distinction of FISA and “intelligence” surveillance – that the ONLY probable cause you had to show was that someone was in contact in some way with an agent of a foreign power. Not that they were doing anything more than discussing drapes for the French embassy.
NOW, though, with the Patriot Act changes, you seize and search American communications solely on the basis that they were in contact with an agent of a foreign power and use any stray info you pick up to pursue criminal charges against the American (who you never could have tapped bc you had no grounds for a criminal warrant). They’ve gone so far beyond what the dicta in the Keith case and others ever contemplated that it is mind boggling. Also mind boggling was the fact that Kate Martin is the ONLY one who even mentioned the fourth amendment.
Keep in mind, btw, that Wainstein – who is feeding the info through – is the same guy who was counsel for FBI or Mueller’s COS through the illegal misuses and abuses of NSLs.
http://news.yahoo.com/s/ap/200…..senate_fbi
Isn’t it interesting that Mueller’s more recent revelations – all during the FISA “nondebate” got almost no press and no “outrage” from the Senators, unlike the last time he showed up?
Anyway – Wainstein who was near the top of the FBI chain while all the NSL abuse was covered up and swept under the rug – and while no FBI agent has been charged for the criminal abuses – is the guy feeding information on how “good faithy” everyone has been with the illegal, unconstitutional and flat out unAmerican TSP.
It’s also pretty clear from the discussions that they are dragnetting information and that Hayden was a liar when he said anything to the contrary and that they anticipate raking up all kinds of US citizen info under the PAA (which Baker pointed out is BROADER in its authorizations than the [illegal unconstitutional unAmerican] TSP was, and they just LURVE the “immunity” with no supervisory teeth.
God, I feel like just giving up on it and backing Hillary Clinton after all and letting her finish off the country with the able assists of the groundwork laid by the creepy, slimey aftermaths of decayed ivy that call themselves DOJ lawyers.
The gov’t wants to run a version of Carnivore through everybody’s emails. The want ot be able to run search terms through them and change those search terms at will.
And if it actually was a truly carnivourus program and no human eyes would ever see the emails, AND if the FISA court had oversight and had to pre-approve the search terms, Congress will cave.
Thing is, the Wh won’t commit to a truly carnivorous program (so they want to store those emails for how long?) and they won’t agree to FISA pre-approving (or even reviewing w/in a couple days) the search terms.
At least that is the rumor du jour
So what Congress is willing to do is not so different from the status quo ante, where the keyword list had to be vetted for USSID-18 compliance. That in itself is not so bad.
Thing is, if you’ve ever done this kind of work, you know very well that the project is chimerical. It’s motivated by the “must be a pony” theory: gotta be in there somewhere, and if I don’t find the pony, I just have to dig more.
A more realistic approach will suggest that every time you sample the data and don’t find the pony, the likelihood that there’s a pony in there drops.
Hence the CYA properties.
yup.
I was about to leave what I have below at the previous EW post, but I believe it will fit in here.
bewert posted All About NSA’s and AT&T’s Big Brother Machine, the Narus 6400 at ePluribusMedia.org. He concludes:
bewert’s post is nearly two years old. There’s been time for customization and upgrades of the Narus-LINCOLN setups and whatever else may be in use.
A DefenseTech.org post quotes and links to Declan McCullagh’s News.com article about FBI surveillance and analysis capabilities, in which he states:
Being inside the Internet providers’ networks, and being inside all telecom services, and having unrestricted access to web search companies’ logs, would simplify things for surveillance and law enforcement agencies. What’s the current extent of surveillance at and access to those places? I won’t pretend to know.
daivd kris expalined this during a dinner speech in January (srry no transcript or links, but I was there myself)
The “terrorist” We’ll call him Boris send an email to giving her instructions to carry out Natasha about a plot to blow up Moose and Squirrel. WE )the gov’t) know that Boris is usually in Tansylvania and Natasha is usually in the Czech republic.
Should be easy, this is foreign to foreign, right? Wrong. Boris and Ntasha use googlemail. Yhe best and easiest place to pick up that email is from a central Google server.
Let’s say, best case scenario, we KNOW that Boris was in Finalnd, cause we have surveillanc e reports of him being there March 2nd, 3rd, and 4th. The email we are interested in was sent on the 3rd. natasha was in HongKong on the 3rd.
on the 5th, the gov’t scoops the “freign to foreign” email off the ggole server. Only natasha doesn’t pick up her email until March 8th when she arrives in Ny to actaull blow up Moose and Squirrel.
Less good scenario. We (the gov’t) thinks Borris isn in Finland b/c there was a surveillince report of him on March 3rd. te email goes out onthe 4th. natasha retireves email in NY on 8th.
Where was Boris on the 4th? Can the gov’t prove it was foreign to foreiegn?
And what about poor Moose and Sqirrel? do we let them get blown up while we try to figure out where Boris was?
6 – that rumor sounds about right to fit with the Wainstein responses and the worried and defeated sounding tones of the House and Senate staffers at the meeting.
I also think that it is pretty clear that they are using the telecoms for more than tap access and that’s why they are so whiney over “well, yes we can ‘compel’ their assistance, but we need partners and partners who aren’t worried about old lawsuits”
So they are either using telecom software, algorithms, proprietary information, storage, etc. or some combo of all, and they don’t want to say just what exactly, so the ability to compel compliance with granting access for taps isn’t really what they want – what they want is the ability to go to them as consultants and say, this is what we are trying to accomplish and we don’t know how – can you do a little magic with your programs and proprietary info and catch us some fishies?
And so it probably isn’t even just gov access to all the emails, its direct telecom access to them bc they probably have to be participatory in the program. At least, that’s my guess.
And again – keep in mind – the ONLY judge to have looked at the program in a case seggin on the merits says if violates the Constitution; BOTH FISC chief judges who were briefed in on the program on its merits told DOJ that they thought it was unconstitutional and they refused to have it in their courts – and now Congress and DOJ are getting around the Courts’ objections to the Constitutionality by creating, in esssence, basket administrative warrants issued by the AG and his crew only, bypassing the Courts who might find the requests unConstitutiona, with no real review or punishment for any abuse of any kind – no matter what.
One of the very real purposes isn’t to revise the FISA statute to address flexibility and technology – its to give a statutory mechanism for Congress and the Executive Branch to collude and quite simply cut the third branch of government out and prevent it from ruling on the clearly unconstitutional program and aspects.
So along with immunity for the past – we are setting up a perpetual immunity for ongoing and unchecked violations of the Fourth Amendment, forever to be insulated from any judicial review.
Milk with those cookies?
mary, they have ALWAYS used the telcom proprietary info AND teh telcom personanel. Everybody does.
When I would serve a wiretap warrant on a telco, I didn’t send FBI agents with alligator clips and a taperecorder to go do the tap themselves.
The telephone company does it all for you. The gove’t doesn’t even bother to hire/train people who know how to do it. The telcos have their own personnel trained and specifically assigned to this task
But there is of course a qualitative difference between actions prescribed and authorized in a warrant as a precondition to telcom cooperation, and law enforcement and a (supposedly) publicly-regulated utility sitting around and brainstorming about ways to analyze the information sitting on the telco servers and flowing through its fiber-optic cables?
Not really. Often when I was trying to get at a particular piece of info, I would make an appointemnt with someone from the secuirty division at the phone comapnay and lay out for them what I had, what i was trying to confirm or rebut (like a scientific experiment, alot of crimainl investigation is testing of theories) and ask them about how the best way to go about finding the right info would be.
then I would know what to ask for in my warrant request. SOmetimes, they would steer me into ways to get the info I needed in a less intrucive way, such as a simple subpeona for Muds and Luds. less work for me, less intrusion on the subject and some threshhold confirmation or rebuttal of the theory which helps to deterimene whather even asking for the wairetap warrant is appropriate.
I ahd some agents who were very gung ho at one point and would have had a doazen wires up at once, had not more moderate heads at the phone company gently suggested easier ways to make threshold determinations.
Nope, brainstoming with the telco should always be the first step. Waratn or no warrant
I have problems with a publicly-regulated utility that has independent obligations to protect privacy cooperating with law-enforcement in the way you suggest. Is this not the job of the police and the FBI to determine what type of information is available from electronic sources? What in some cases could be seen as cooperation with law-enforcement can easily become deputizing the telcos as law-enforcement agents. Which is what I think Mary and I have a problem with.
In my experience, it worked to minimize intrusion into their customer’s privacy, but then I worked for the gov’t during a period where you were expected to conduct yourself in good faith and with respct for the privacy of others and I lso repsected the opinions of the telco professionals.
My point is, don’t waste oxygen worrying about whether or not they might sit around brianstorming, they do and have been ever since the invention of the phone. So, if you understand the starting point you analysis will be more accurate. And I will learn more by reading it.
I’m not sure you addressed my point about the propriety or legality of “brainstorming” between law enforcement and the telcos potentially crossing the line – the telcos are only supposed to be the transmitters of information, and are obliged by statute to take affirmative steps to protect privacy, and your argument seems to echo the “good faith” assurances that have been put forth to justify amnesty/immunity. I don’t consider drawing these lines to be a waste of oxygen – whether it has been going on since Alexander Graham Bell or the Russians or some other guy who didn’t get to the patent office in time shouldn’t matter, and the fact that it did (eg the ITT case) is often the source of mischief and the reason that the current statutory regime was put in place, in a much-less wired age. If it is a question of resources that requires the cooperation of the telcos, instead of law enforcement deciding to invest in these areas, well, that is no different than the FBI or the CIA not having enough translators.
I am NOT making the good faith argument for telco immunity. So, I must not be communicating well today. What I am trying to say, badly I guess, is that in my experience the government lawyer(when acting in good faith and contemplating whether it needs a warrant, a asubpeona or a letter request)can go to the telcom and say “this is what info I have, this is the info I am trying to confirm or rebut, what ways are avaibale to me to answer my question?”
And they may suggest that you simply request, with a letter, info about line routing through (if in NYC) Empoire City Subway (the manhole company), or that you subpoena Muds and Luds, or you get a less intrusive Penn Register warrant, or that you need a full fledge title 3 ‘listen to the content of the calls” warrant.
They will also help you with the specifics of the language for your letter, subpoena, warrant so if challenged later it will have asked for precisley the right thing and only the thing supported by the method you are using, cause overbroad requests/waratns used to pose a big problem at trial.
that’s the thing, these little chats were to minimize intrusion into their customer’s privacy while still getting law enforcement the info it needed AND making sure the paperwork was as close to perfect as possible and not subject to successfull attack in an appeal.
So, in my –admittedly ancient–experience, these chats were consistent with their obligations to protect their cusotmer’s privacy rights and was part of a joint effort to “get it right.”
The DOj I knew, we sat around talking about whether we had the right to invade someone’s privacy even though we might have proabable cause or whether there was another, less intrusive means to get the info we needed.
Merely having sufficient probable cause was never a guarantee that you boss would OK your request to make a warraant application. you alsways had to have an answer about what other less intrusive means you had already exhausted or why they would be impossible.
OK, I give up now that it’s appeared twice. What are “Muds and Luds?” Serious urban linguistic deficit here.
I’m so sorry, it’s cop speak. MUDS= Messae unit details
LUDS=long distance details.
Pretty much the kind of info you normally see on your cellphone bill but not your regular phone bill.
Time call began, time call ended, numebr called from, number called to.
So, if I want to try to establish that Boris knows and is in contact with Natasha, I really don’t need ot tap his phone right off the bat. I can less intrusively (and easier for me) subpoena his MUDS and LUDS and see if calls are being amde between Boris’s phone and Natash’s phone.
I can also use info like that (particularly with land lien phones) to screen for an alibi. Boris might not have been in NYC on March 3rd b/c someone made a call from his house ALaska that day, and he lives alone. Hmmm?
Thanks!
Google is wonderful Muds & Luds
Heh heh. And I successfully argued just that in several state level wiretap cases where the governmental entity was the state DPS and the county sheriff’s office. Once such a targeted cooperation is formed, the telco becomes an implied agent in fact for purposes of the 4th Amendment, color of law and statutory construction purposes. In fact, it was out of one of those situations that I learned of telco use of indemnity agreements and provisions. LHP might be loathe to hear this, but it turns out those tech happy guys will talk to the other side too if you chat them up right; they just like to show their knowledge, doesn’t matter who to.
Or power companies providing information for suspected grow-ops. I had a case where a client of mine was nabbed by drug sniffing dogs on a train, carrying drugs and a gun, and the propriety of the train company providing this information to law-enforcement in the first place and the agency of the Train company was a vital search and seizure issue. I appreciate that you and I are looking at this from a different perspective from a principled former prosecutor like LHP, but this is the kind of thing that happens when large corporations are “cooperating” with the police.
Did the drug sniffing dog belong to the train companY?
or are yousaying that by allowing law enforcement to have the dog sniff on the train, the train company becomes an agent of law enforcement? you lost me there a bit
Now I’m the one who is not communicating well!! No, the dogs were K-9 Corps, the issue was that the train company had a practice of informing the police of its passengers when they bought tickets on the train with credit cards because they were “persons of interest” to the police who were running drugs and guns and teenage prostitutes/strippers between cities. But no warrant for arrest or any process had been issued, and it amounted to a warrantless search of the train (and, by extension, my client and anyone else on the train) with the K-9 dogs.
We are getting outside my area, but what expectation of privacy attaches to someone on a common carrier? also, I thought (and this is really not my area) that random drug sniffing by dogs was OK?
Or are you saying b/c it was targeted only at the people on this list?
The targeting was a big factor, combined with the broad nature of the dogs involvement in this particular case – courts in Canada have determined that infrared observations of excessive heat emanating from homes from low flying planes to serve as evidence of grow-ops are a search, and I analogized that to the drug dogs where there was a target and no independent evidence of drugs or other criminal activity. We never got the point litigated, I was really concerned about the gun charge, that would have been a mandatory minimum sentence and the Crown didn’t want the train company dragged into it, so a plea bargain was quickly made.
Not loathe at all. I agree with your argument.
It’s seems they’re getting even more fascist, have either of you heard of Infragard?
I think the better analogy is the Stasi, not the Gestapo, but to each their own police state. !!
Yeah, I got invited to a marketing breakfast that an investgations firm had and some guy from Infraguard did his dog and pony.
It sounded seriously silly to me.
There is always that element that like to think they are all plugged in and Hush-hsh (like that character who pretended to be a spy to get girls in htat moview with Arnold S. And Jamie Lee Curtiss–True Lies?)
It would appeal to that mentality.
There’s a little bit of Elvis in everyone; InfrGard just wants to harness it and put it to work! To paraphrase the brilliant mind of Condi Rice, “what could go wrong with that?”
6 – it sounded very much like Congress was caving without those protections from the tenor of both that meeting and the articles that have been coming out.
Wow, these email companies had better get prepared for the retaliation from Bushco. How can anyone think giving these people immumity is a good idea. Bmaz your theory is the only thing that makes sense, and if true I still want and deserve to know what our government did to supposedly protect America.
I just flat don’t buy that Congress can give immunity – on a past, present and future basis – for violations of the Fourth Amendment. That pretty much just avoids amendment of the Constitution by saying – yes, we kept the fourth, we just also gave the Executive Branch and its “partners” the right to violate it at will.
Congress is making these immunity calls in the face of an ON THE RECORD FEDERAL COURT RULING THAT THE PROGRAM VIOLATES THE CONSTITUTION.
That ruling hasn’t been overturned – on the standing issue failed.
But, therein lies the rub. If it all goes away on standing, states secrets or immunity, the merits of your 4th Amendment argument are never rip and are never litigated to a determination that is appealable. But then you knew that, because that is exactly what you already alluded to at the end of milk and cookies @8 above. And with Scalia and Roberts running the show at SCOTUS, there is not a chance in hell they would accept such an argument without it being fully litigated to a final appealable order.
Bmaz and Mary are right – the basket warrants and data mining are at best an end-run, and at worst an unconstitutional dissolution of the judicial branch review that has been uncontroversial since Marbury v. Madison. Without a disinterested (in the true sense of the word) judiciary reviewing executive action, it wont be long before TIA morphs into a high-tech Stasi.
I wonder if some of this topic was part of the SJC hearing with Mueller today.
I dunno, but that quote I posted @1 above was from Mueller’s testimony this morning. It probably looked like old stuff, but, no, it is new misconduct that occurred after they, the FBI, said they had that all cleaned up.
I don’t think so. I didn’t see Leahy’s questions; came in during Hatch, so presumably during the second person of questions. And no one mentioned this.
Though Whitehouse had a typically good question on immunity. “Can you cite another example in our history when Congress intervened in an active case to determine whether or not a party in a case acted in good faith.”
Stumped Mueller, it did.
Untested off the cuff reaction to why the email guys are so testy –
All the “partnering, not compelling” language seems to me to be a situation where GOV is putting on pressure for access to proprietary software/operating/search capability info and to work “with” the providers to get what gov wants, which may well mean pressure, not to simply respond to a warrant or admin warrant request, but to share lots of info with GOV that they don’t want to share about systems, operations, capablities, function etc. – knowing that they are sharing with, in essence, their competitors bc GOV personnel will be working with them too. So the confidentiality door gets kicked wide in a way that leaves them with little or no recourse for misuse of their info.
Or maybe the fact that, just as they got in trouble here in the States for what they did in China and for the Chinese gov – they may well be looking at getting in trouble in foreign countries for giving the kind of broad access to everything that Wainstein, as Sorcerer’s Apprentice, is requiring from the bucket carrying brooms in Congress when they draft.
We already know that the banking consortium that complied with the SWIFT “adminsitrative warrant” requests got spanked and that is now precedent in the European privacy court.
13 – I’m with you on Roberts (and Alito and Thomas) but I’m not so sure about Scalia.
Standing is the rub for a lot of things and for the FISA issue in particular, but once you hand out immunity with no ability to ever have court review for violations of the Fourth, I’m thinking you might get Scalia to buy into a taxpayer standing suit to enjoin or void on the new legislation vis a vis the Fourth (not the FISA statutory grounds)
I do know that the concept that you get rid of lawsuits right away is nonsense, but the concept that you get rid of the FISA statutory damages and the FISA criminal punishments for both the Exec crew and telecoms isn’t – everything that is purely statutory can be taken away. But the Constitutional grounds I think cannot. And I think with the broad legislation they are looking at, even the first amendment standing argument changes. But that’s all a fwiw – doesn’t really do anything for here and now.
18 – but that’s not what I mean. It’s different to have someone come to the telecoms and say I want you to tap this number – which is what a warrant would get at too. What I am getting at is that they are going to them and saying, “let’s discuss what you can and can’t do for data mining for us – if we want to search all of xyz, how can you do it, what kind of sorts can you make, what kind of recognition programs do you have, etc. etc.
I’m not sure if I’m being unclear or if I don’t understand how broad the access to proprietary info is in general. But it seems to me to be a vastly different thing to tell the telecom to go trace this line or give info on the calls to and from this phone, etc. than to tell it to compose and compile a search program/protocol to come up with info you want or need. Does that clarify?
They already do that. HAve been for years, with proper warratns. that’s not new. TOTAL FUCKING LACK OF OVERSIGHT, REVIEW OR ACCOUNTABILTY to ensure it’s not being abused, THAT’S what’s new.
Oh, and to make this even more absurd. There are comapnies in Japan that now offer double blind “mail drop” email accounts (you must be a fan of John le carre to appreciate) and their marketing hook is that they will never honor a subpeona, warratnt or request from ay other counrty for their data and that they have somehow been exempted by the Japanese gov’t from having their data searched.
So, any self respecting terrorist has an easy, and surprisigly inexpensive (I think the most expensive pacjkage I saw was about $600 a month) way to completely thwart all US email traffic surveillance.
Kris was asked about this and all he could say was “Ironic, huh?”
So, Bushco is shredding the Consitution and ONCE AGAIN to fucking incompetent to even get a scintilla a benefit out of it for the saftey of the American people.
Yep folks, our privacy gets invaded, but Osama not at all.
Exactly – how does any of this ability to look into emails stop any half-sentient terrorist from using coded emails to send information? Or cutouts? The Mafia and drug-dealers have been doing this forever. And law-enforcement has found ways to cope that didn’t require wholesale surveillance of every electronic communication.
Not only that, but if we cannot stop/interdict the flow on cash through the Halawal (sp?) networks, how do we fool ourselves that we can stop the flow of messages through that same network?
Sheez!
Hmmm, don’t know what that means but there’s also another way around foreign to foreign emails that used (past tense?) to be used; what they would/could do is have an email account where several people know the account address and password and what they would/could do is write something in the draft folder and save it in the draft folder and never even have to mail it to anyone else because your intended recipient could just go into the account and read the message.
But of course they (The USG) could eliminate the need for all their paranoia by getting out of other countries business and stop supporting dictators and thugs and support real democracy and humanitarian movements
i saw one japanises website that suggested that you send your email to a one time only use email addy.
By some other means, you notify the intended recipent “you have mail” the recipent then retrieves the email.
This is similar to the technique that johnLe carre described in his books. The spies would have several locations that were called “dead letter drops”
One might involve Soy A checking the drop spot (which might be a loose brick in a wall or a hollow in atree, or whatever) every X days. or Spy B might put an advertisemtn in the newspaer with a code phrase that alerted Spy A that “you have mail” and spy A would go retireve the letter or spycamera film, or what have you.
The Japanese have an email equivlent availbel for just anybody to use, for a fee.
There is also another one where you send an email from a secure encrypted account, It gets forwared blind as to sender theorugh several differnt aemail addy’s essentially alundering it and eventually gets delivered wher it suppused to go with several layers of false email addy senders behind it.
It’s like money laundering, only for email messages
The reason they want this is so that they can continue spying on Democrats so that the DOJ can continue to bring false prosecutions against them in the weeks leading up to the elections. The irony is that the Democrats are allowing them to do it.
The Bush Administration has given daily examples for the last 7 years that it can’t organize a two car parade without creating some kind of catastrophe. It has become axiomatic that the greater their incompetence the more power and intrusive searches they demand. Essentially they need total power and the ability to search all of our information and communication because they are absolutely incompetent. The simple fact of the matter is that we are safer with the terrorists than we are with them.
From a Bruce Schneier essay:
Schneier is an expert, but so are lots of folks at the NSA and FBI. It makes one wonder what they are really spying on. Political enemies?
Maybe that’s why the Republicans fall in line like so many dominos. or Democratic Senators like DIFI behave in a peculiar fashion.
I don’t know about NSA, but I have heard a fair amount of griping by FBI agents about how much time is wasted chasing down crappy leads and false alarms.
So, basically we are simply diverting them from focused investigations–of teh kind that stopped the Millenium Bomb plot and the Blind Sheik’s attempt to blow up the Holland tennel–that might make us safer.
It’s the usual madnacious incompetence we have come to expect.
That is what they get for trying to know what they can’t know… won’t
stop them trying though, just poor tradecraft.
I think it is an amoral form of job security they are going for. They know it doesn’t work but they can sell their bosses on meaningless gee whiz applications. The bosses sell it to their bosses who know even less and they sell it to the politicians who know nothing at all. When it doesn’t work they either request more money or when that no longer works they come up with their next “bright” idea and the cycle repeats.
Trailblazer. Hayden.
and who MADE those promises!
21 – and there has been some relatively recent (I’m thinking post 2005) email litigation for that matter. But that is what I always thought was at issue with respect to the FISC “ruling” vis a vis a US based server that caused the tizzy. There was just no way I could see a FISC ruling that the location transmission or reception equipement for foreign to foriegn voice communications would be blocked by the FISC under the pretty clear language of FISA. I thought that was a bunch of BS to pretend that they couldn’t get foreign to foreign calls “now” bc of a FISC ruling.
Also, if you recall, they tried to tie that FISC ruling to the situation with the kidnaps, to try to make it seem as if no one could get the terrorists/insurgents calls. There, I think, they had a different problem than just the email problem, although that might have been at issue too. There I think they ran into wanting to datamine everything going on in the whole area and they knew that would involve US persons calls that did not have any probable cause to believe there was an agent of a foreign power as a part of the call. IMO, (all this is just idle spec) they’d been told already they couldn’t do that, and that is why there was the “delay” in initiating the 3 day freebie surveillance. Bc what they were going to “freebie” was something that the court had already specifically told them they could NOT do – pick up calls involving US persons where there was NO probable cause to believe that one part of the call involved an agent of a foreign power.
That’s why McNulty and Clement disappeared – they wouldn’t authorize the freebie bc they knew that it was not in good faith and it was being done to start a surveillance that the court had specifically told them they couldn’t do. So when Gonzales signed off on it, I have to wonder what happened when that sign off went before a FISC judge at the end of the time period? And why no one ever asked what the FISC ruling on the emergency surveillance ended up being.
There is also an issue with respect to VoIP calls, but I don’t understand the techie aspects well enough to explain how it will effect the rescue of Moose and Squirrel.
Not to worry about Moose and Squirrel, they always get away. It is the rest of us who don’t from Big Brother.
29 – So you are telling me it isn’t new for DOJ to be able to go to the telecoms with an AG request or warrant that tells them to go datamine through all kinds of different people’s calls and search out info?
I’m confused as to how that could legally have been done before? They could get A warrant and use it to authorize a telecom datamining-type search through calls from many different people using recognition and similar info to cull out what they wanted?
I’m out the door for now and that sounds wrong to me, but I defer to your knowledge. Where was the statutory authorization hit many persons under a single warrant and how was probable cause shown for the whole basket?
Even with that, I guess I still see a qualitative difference between sitting down with the telecoms on how to cull through calls where you have probable cause and getting with them on capacity to sort through everything to help find the needle in the haystack – I have to think your analysts and access to their proprietary info would be much much more open ended if you were getting with them to figure out – if we had no constraints on whose info we pull up, what can your search engines, recognition programs etc. do if we were to utilize them to their max to sniff out — vs here is a discreet group of persons and I want to try to get info on this or that with respect to them.
Still seems to me that you would have a big quantitative and qualitative difference in the kinds of access you give to proprietary info (and I mean access to software analysts and programmers and people who can get into their systems to work on tweaking too — not access in the sense of a lawyer asking them what they can do and crafting that into a warrant) but I haven’t done it, haven’t been involved in it, so I defer on that point, even though I’m still scratching my head over it.
The ABA panel is worth the listen though.
No, I’m not being clear. when you talk about access to proprietary info, and software, the telcos don’t give some FBI techie a backstage tour through their software. Nope.
When a court issues the warrant, the Telco techies do whatever it is they do and they set you up to get a delivery of the information.
So, if it is a conventional wiretap, a telco techie runs whatever connections they need to have that tapped phone also connected with the equipment at the US Attorny’s office (or FBI Office, or wherever) to make that wiretap happen. Sometimes they even supply some of the equipment that will sit in the room in the gov’t building. The Gov’t usually supplies it’s own tape recorders and headphones, biut sometimes the reciever the gov’t has is not compatable, so the telco loans you one, or rents it to you (I have no clue about those details it gets done through purchasng people,not lawyers)
So, if they are going to a telco, looking for you on the phone, the telco figures out how to deliver your phone calls to the reciever in the gov’t building. Other than being told some technical specifications about the equipement the gov’t is providing (so it will be compatable) or unless someone just has a conversation out of idle curiosity, the gov’t doesn’t really concern itself with HOW that call gets put through to them, merely that it does and that the sound quality is good.
Even with that, I guess I still see a qualitative difference between sitting down with the telecoms on how to cull through calls where you have probable cause and getting with them on capacity to sort through everything to help find the needle in the haystack – I have to think your analysts and access to their proprietary info would be much much more open ended if you were getting with them to figure out – if we had no constraints on whose info we pull up, what can your search engines, recognition programs etc. do if we were to utilize them to their max to sniff out — vs here is a discreet group of persons and I want to try to get info on this or that with respect to them.
Again, I don’t see telcoms giving up their proprietary info (in terms of software code and systems managemetn). If you sat with them and said what can you do to find this kind of hypothetical needle in the haystack? they would describe what product they could deliver to you, not how they would achive that product–you wouldn’t really care that much and very likely wouldn’t really understand what they were telling you.
And,, yes, there is a world of difference between a conversation you are having relating to gettign a proper warrant of how to craft the terms in a proper subpeona, and warratnless invasion of privacy.
What authorization to hit may people under one warrant? I am So NOT an advoacte ofr basket warrants. There would be a tendancy in the application for PC that applies to suspects a,b,and c to bleed over in the judges mind to d.
Nope, each target should require a seprate warrant. I DO susbscribe to teh multiple and changing phone number for a single target idea though.
If I get a warrant with full proable cause for Marcy Wheeler, is should be able to add new phone lines associated with her to the warratn upon an expideted application. B/C she can go buy pre-paid cellphones at 7-11 and change her number every day. The probale Cause is for Marcy, not her phone. the device does nto have a privacy right.
Poor Marcy. Shouldn’t we use a convicted felon as an example instead? How about Libby?
In the context of 2003-05, especially after their success in November ‘04, Team Bush pretty much thought it could get away with anything. See, US Attorney dismissals, Don Siegelman prosecution. That lasted until Fitzgerald and the Plame investigation got a head of steam, then the Democratic “victory” in ‘06, and the Libby trial allowed reality to seep back into their expectations. Which increases the odds that “requests” to ISP’s, telecoms, et al., became grander and support for them weaker. That could well be a criminal hot spot for prosecutors to focus on.
So where are the server farms holding those copied mega-tera-bytes of data? Here or Offshore. In-house or Out-house. On whose budget? We’ll never know. But congress in secret session ought to know and conclude that it’s good value for those billions of taxpayer dollars. This Congress doesn’t want to touch ANY of those questions with a ten lobbyist-pole.
Congress doesn’t want to do anything related to true oversight. These hearings and faux outrage expressed by Leahy et al. are nothing more than circus shows. If the Democrats were so committed to Constitution, then why haven’t they updated the NSL law? Bills were introduced in both the House and the Senate back in September, yet nothing has been done. For more info, see my diary at Daily Kos:
LHP – very quick, maybe this clarifies or maybe it doesn’t, but what I was trying to get at was actual access to proprietary info. Not so much the brainstorming, as letting an FBI programer or analyst have access to the programs and codes.
I do agree with you that, from our standpoint as citizens, the huge issue is oversight and limitations. But imo all the smoke and mirrors on the need for “cooperatation” from the telecoms – cooperation of a kind that they can’t easily compel by warrant – and the email providers resistance as well, points to something which isnt easy to compel by statute or warrant and which they are threatening to withhold. ANd it seems to me that a broad based, multitelecom, multiprovider program is going to need/require real access (as in – by programmers, consultants, etc. the people who can read the code, analyze it, tweak it, and make it work in ways it may not have been originally intended to work) to the truly proprietary (software codes for example, not input on how to get you what you want from a person) info of the telecoms and I don’t see where PAA even tries to do that.
All fwiw – truly am out the door now that horses are put up.
I might faint, truly, if it turns out that phone companies let the gov’t have access to their programs and codes. they guard that info like the formula for Coca Cola.
Don’t forget, once an FBI agent turns 50, his pension is vested. he goes tothe private sector looking ot cash in on whatever hot skill he has developed.
believe you me, if Verizon let an FBI techie know their code, the minute he vested, he would sell himself to Sprint or whomever.
Nah. I just don’t see it. Further, the FBI is famous for sucking at tech. Really, they can barely email.
ALmost every FBI guy I know with tech skills greater than mine (so you know just how low I am setting the bar) is either self taught, or took a course at the public library.
There is one exception, that is the internet virus squads, but that’s really all they do (and they get taught bey outside contractors ike the SANS Insittute, they don’t have in-house expertise) and anyway, the virus squad stuff is quite different than telephony.
Jeepers LHP, those days have done been gone and over for quite some time now….
I feel very old when you say that.
Yeah, well, welcome to the club on that. I don’t venture into criminal trial courts any more than I have to anymore; but when I do, all i run into is young line level prosecutors that have never had evidence tossed on something as quaint as an overbroad argument and probably have never even had to fend off such an attempt as the equally young PDs never raise such a thing. Even the tough, old school, codger judges that would actually punt evidence or a case if it was technically bad are disappearing to retirement and being replaced with automatons to which “law enforcement good faith” cures all. Have no sense of humor when “law enforcement good faith” is compared to “jumbo shrimp” as far as nexus to reality either…..
FISA and the missing emails from the WH could be, I believe, very connected. If, as we all suppose, the harvesting of all emails, telephone and wireless communications have been in effect since the onset of the bushco dictatorship surely the emails from the WH will have been sucked up in the process.
Have all the communications, illegally collected, been stored awaiting immunity before destruction in case they are required in a court case? If so would the WH emails be sitting there as well? Wouldn’t that be ironic.
I don’t really beleive they have collected EVRYTHNG, also emails they get off the host server. if your email accounted is hosted by an RNC server, I doubt Buscho would want to harvest those
Look beyong the collection and analysis for the most troubling problem with this program…
Not if, but when cyberpunks break into this system and gain access to the bestest blackmailing gold-mine ever created, how do we stop them?
It’s not as if our government has shown that they are good stewards of private/personal information lately, right?
Something tells me Karl’s already been there. The Bush Libwrary will undoubtedly house all sorts of interesting, Karl’s Eyes Only Archives. He may have special rooms for those with the most files, like Jello Jay and DiFi. And I hear there’ll have a Night Deposit Box, so that contributions from those parties can be made 24/7.
Thank you; the best laugh I’ve had today!
Will anyone be allowed in?
Just tossing this out there – Cheney wants retroacitve immunity for illegally surveilling domestic email, but he does not want to reveal anything at all about the methodology for email collection. Could it be that once the methodology is known people (Conyers, Leahy, Fitzgerald) will demand to see HIS “missing” emails? How can his email be missing while ours is collected by telecoms?
“if your email accounted is hosted by an RNC server” implies that the telecoms can exclude domains as desired. The list of excluded domains should interest Congress. Who did Cheney specifically let out of the his net? If he did, then it shows that the lost emails were lost by pre-meditated design.
My dear, that is why telco immunity is such a bad thing. If telco immunity happens no one will ever see that list.
The CCIA letter says “The perpetual promise of bestowing amnesty” which implies that the Office of Legal Council (and possibly someone at DOJ) told the telecoms that they would get “amnesty” (not “indemnity” or “substitution”). Or is the CCIA playing loose with legal terminology and there is nothing being implied?
Some half assed promise of “future amnesty” would not cut it for the telco lawyers I have run into; they would laugh you out of the room with that.
Ishmael @82 – Good work. I like it.
Thank you, he was a satisfied customer.
NO. It’s not “amnesty”, it’s “immune-eye-tee”. Words are important; let’s not suggest there was any prior illegal activity here until all the facts are in.
– Former Attorney General Buck Turgedson
Whatever you do, don’t drink the water Buck; it will sap your precious bodily fluids….
I totally agree that indemnity was contracted. There is paperwork somewhere that the House and Senate should examine before proceeding with FISA discussions. Thank you bmaz for bringing this to attention.
If indemnity, then what did the House and Senate Armed Services Committees say? (this idea is from thread below)
If ranking members and Leaders of House and Senate Intelligence Committees determined that the value of indemnity is less than $25 million so that Armed Services Committees do not have to be notified, then where are documents about their discussions?
What is the date(s) on the contract(s) with the telecoms? The reason I want to know is – what is the date on Cheney’s “exempt these domains” list? The reason that is relevant goes to the missing emails in the Plame investigation timeline and the OVP is exempt from archiving laws phenomena timeline.
No clue; but I did add some feedback late in that thread about how Bush/Cheney could likely have sidestepped the reporting requirement and $25 million threshold.
Could it be that since the bushies want the US to dominate the world, they have been spying on the whole world? Remember how angry those UN member states got who we spied on during the effort to pass the resolution to use force against Iraq. They all voted against US.
I might be dense but I don’t understand his problem: if they are on foreign soil they are covered by EO 12333 §2.5; if they are in the US they are covered by FISA
So, what’s the impediment to them getting a warrant from FISC when they’re in the US?
If it is about email, what’s the impediment for them to get a warrant from FISC to monitor the email account? And to monitor the email account in a foreign country they would need a sign off from Mukasey per EO 12333, right?
So, in other words is he saying they’re lazy?
No, it about splitting a fine legal hair and saying “if it’s not required, it’s not required, so we’re not going to volunteer to do it to allay your fears”
58 -we are now on the same page though on the real confidetial/proprietary aspects as to what I am talking about.
That was my point. I’m not thinking that they did let the FBI have access – but I am wondering whether there might have been NSA access/involvement on a pretty tight level to establish parameters of capabilities and also for overlays of what they are getting/could get from different telecoms and what they could do for them.
This is what I am getting at, although not from an FBI standpoint bc I don’t think they were too involved in the TSP. I think that it is possible that, to really squeeze the most juice out of the broad access to pretty damn near everyone’s communications with programmed searches and protocals, there has to be exposure to or at least understanding of the real nuts and bolts of the proprietary info and that the telecoms have said they would do some of what needed to be done, but only with their people/limitations. So to make the TSP “work” there is no real way for the AG or a warrant to go through what they really want and need done – a lot of “real time” decision making on sorts and culling may be a part of what is going on, hence the need for the telecoms to be more on board and more “cooperative” (especially their people who may work the frontlines and be very worried about what might happen to them for their decisionmaking/hands on aspects as they make real time decisions on whose information to access or not).
That’s just one way of trying to explain the dwelling on the cooperate v. compel moaning – I think there has to be SOMETHING that the intel and judiciary committees for the House and Senate were told on that front about not being able to really make the “program” work properly if gov had to pre-think specifics on what they wanted in a warrant or AG request even. fwiw.
BINGO
But law enforcement/the government always says stuff like that; they are lazy (as someone above intimated). They have been trying to undercut and eviscerate the warrant requirement forever. Why do the Congressional pukes suddenly bite off on it? I am an average citizen, and I am just not that afraid of terrorism. A tremendous number of Americans have fought and died over the history of this country to preserve such due process rights; why does Congress need to shit in their pants and give them up to maybe, possibly, save a few?
Congress, the media, most of the judges are now owned by the holders of the TSP/TIA programs keys.
The way the Dems cave is always with the tell-tale GWB rub their noses in it.
81 – I think the word choices on amnesty and immunity are very deliberate. Amnesty pretty much indicates that the law has been broken – and that seems to be what CCIA wants to convey. Immunity is more touchy feely – IF someone did do SOMETHING wrong, then it really wasn’t all that wrong as long as they did it within these xyz guidelines, so without ever determining whether or not they did break the law, we are going to say it is moot bc they are immune from any prosecution to determine the answer to whether the law was broken.
89/92 Well, the example that they wanted to use for the panel involved finding a terrorists lap top and wanting to go through everything and also (not specified, but implied, start collecting emails to and from anything on that list)
So here’s what I would say on behalf of their argument, based on my minimal non-tech knowledge.
If they wanted to start pulling up info immediately for emails – part of the argument he made was that they “intercept” before the recipient receives, so you don’t know where the recipient is. If you get information on a “hot” terrorist email addy, you might want to start picking up everything you can, right away. But if some of the recipients are going to be in the US (or if the ruling says that pulling the info from a US server is the same in some ways as all the info being accessed in the US) the warrant is going to need to spell out minimization procedures if nothing else, to deal with all the emails to Victoria’s Secret or whatever.
More importantly, if they decide they want to start ponging out further – taking the email addys that their target sent to and now making those “targets” to widen out the circle, and do it quickly, you know have the email of someone (First Outcrop) who has been in contact with the agent of a foreign power, but about whom there may be no evidence that THEY are the agent of a foreign power or that they were in contact for any improper purpose or are a US person, but they may feel that exigencies are such you have to follow ripples out as far as possible, as fast as possible.
So now, as you are “hot on the trail” of plots and persons from the laptop emails, you have First Outcrop who may be in the US (so we need a warrant and minimizations) or may not (Candyland!) and all the emails to and from First Outcrop that you want to start intercepting right away (Second Outcrop) again, you now are dealing with contacts to someone (First Outcrop) about whom you may not yet have any probable cause to believe is an agent of a foreign power themselves and no probable cause to believe those sending and receiving emails from them are agents of a foreign power, plus they may be US persons to.
So how do you address the exigency (Bin Laden just got chased out of the cave, we have his laptop, we think an attack may be imminent and we want to track down every email we can and cast the net as far as possible) with the fact that you just don’t know, quickly, who any of these people are, where they are, etc. and if they are US persons, you need probable cause that one party to the communication is an agent of a foreign power at each outcrop level, and you also would need warrant requests for each outcrop level that specifies minimization and the outcrops would be going in lots of different directions.
I may have the tech or procedures wrong and I am definitely giving more benefit of the doubt than should be given based on the broad violations of the Fourth Amendment they are asking for and receiving, but trying to be a bit of devil’s advocate I’d say maybe that’s the problem.
Not knowing whether someone picking up an email (and who may be the email addy you pong off of for the next outcrop) in the US (so you would need warrants and minimizations spelled out) and not really having any probable cause to think that, just bc they are one of many email addys in the laptop they are an agent of a foreign power (and definitely losing any claim for such probable cause as the net spreads out to other outcrops) could definitely make it slower than if you just said – go search all the emails to and from OBL on that laptop and also to and from anyone who has been in touch with him and do it now.
I don’t buy that this is what is happening though (I think they go with something a LOT LESS than a terrorist’s laptop as their start point and I don’t buy that they couldn’t have a lot of pre-approved minimization procedures by this far into things that could be cookie cutter put on the warrant and cookie-cutter followed by the interception teams) But I’m trying to make the argument fwiw.