Bush’s Illegal Domestic Surveillance Program and Section 215
I wanted to turn to the two IG Reports Glenn Fine did on the PATRIOT Act’s Section 215, the section that allows investigators to get business records and other tangible items. (2007 report covering 2002 to 2005; 2008 report covering 2006) The reports show an expansion of the way DOJ used the authority that parallels the known history of Bush’s illegal domestic surveillance program.
For the first two years after passage of the PATRIOT Act, not one 215 order was issued. Some were applied for, but all either were withdrawn because of legal ambiguities (could they be used to get school records?), legal reviews, and/or inattention. Then in October 2003, someone in DOJ focused effort on pushing some through, and one of the orders submitted in that month was approved in May 2004–though we’re not allowed to know the date (see page 17 of the 2007 report). Now, it appears the May timing may be coincidental; the order came out of efforts in October 2003 to start using this authority, not as a response to the hospital confrontation concerning Bush’s illegal domestic surveillance program in March 2004. But nevertheless, the first 215 order was authorized just as DOJ issued a new opinion authorizing parts of Bush’s domestic surveillance program on May 6, 2004, at a time when the data mining aspect of the illegal program had (reportedly) been halted by Jim Comey and Jack Goldsmith.
Later, for a year and a half, 215 orders started to serve a function with pen register/trap and trace orders. This was necessary for a period until the PATRIOT revision in 2006 because FISA pen registers didn’t give investigators all the information they wanted.
A "combo" application is a term used by OIPR to refer to a Section 215 request that was added to or combined with a FISA application for pen register/trap and trace orders. The use of the combination request evolved from OIPR’s determination that FISA pen register/trap and trace orders did not require providers to turn over subscriber information associated with telephone numbers obtained through the orders. Unlike criminal investigation pen register/trap and trace orders, which routinely included a clause requiring the provision of subscriber information, FISA pen register/trap and trace orders did not contain such provisions. Thus, while the FBI could obtain the numbers dialed to and from the target number through FISA orders, FBIA agents had to employ other investigative tools, such as national security letters, to obtain the subscriber information. (2007 report, 16)
Here’s what I understand this to mean (the lawyers in the crowd should feel free to correct this). The report explains there was a difference between trap and trace orders on phone numbers (and email accounts, presumably) in the criminal and FISA setting. In the criminal setting, you automatically got the names, as well as the numbers, that the target had contacted. You got to know right away that Rudy the street dealer had contact with Carlos the big time dealer. But with FISA, you just got numbers. You might learn that Mohammed the suspected terrorist had called 555-1362, but you didn’t automatically know whose number that was. Of course, there’s a reason for this–FISA is supposed to protect the identity of other US persons. But as time went on (and as you’ll see, the timing of this is mighty interesting), they incorporated getting the name of the guy at 555-1362, at least if the number was from the same carrier, routinely.
If I understand the report correctly, this first happened in 2004 (though they won’t tell us what month) in what was called a "pure" 215 order.
One of the 18 unique requests was for telephone subscriber information. With respect to this request, the field office had prepared an application for a FISA pen register/trap and trace order and wanted to obtain the subscriber information without using national security letters. The field office supervisor dealt directly with OIPR’s Counsel for Intelligence Policy, and they discussed the case with a FISA Court judge in person. As a result of these discussions, OIPR submitted an application for a Section 215 order for the subscriber information. The FISA Court approved two orders–one for the pen register and trap and trace devices and a Section 215 order for the related subscriber information. This order was signed on [date redacted], 2004. Thereafter, OIPR began sending requests for Section 215 orders for subscriber information to FISA pen register/trap and trace applications. (2007 report, 18)
Now, this might actually have been a response to a decision on NSLs in Doe v. Ashcroft on September 28, 2004, which struck down NSLs partly on separation of powers grounds. DOJ had been using (and continued to use for some time) NSLs to get this subscriber information. By using Section 215 orders instead, DOJ would be submitting to the court review that NSLs lacked (and also would be able to get this information more directly by going to just one provider).
In 2005, this process became automatic and the "combo" 215 order was born.
In order to streamline the process for obtaining subscriber information, beginning in early 2005 OIPR began to append a request for Section 215 orders to applications for FISA pen register/trap and trace authority. The result was that information obtained in a FISA pen register/trap and trace order was equivalent to the information obtained in a criminal pen register/trap and trace order. (2007 report, 16-17)
And, as both IG Reports explain several times, in the 2006 reauthorization (not the 2005 one), Congress added language to the statute including subscriber information for pen register/trap and trace orders.
Section 128 of the Reauthorization Act amended the FISA statute to authorize subscriber informatoin to be provided in response to a pen register/trap and trace order. Therefore, combination orders for subscriber information were no longer necessary.
But something else funky seems to have happened with combo orders in the first few months of 2006. First, as the 2008 IG Report reveals, DOJ started using combo 215s for some other purpose. After explaining how they were used to get subscriber information, the report explains,
The use of the combination request evolved from OIPR’s determination that FISA pen register/trap and trace orders did not require providers to turn over subscriber information associated with telephone numbers obtained through those orders. As a result, Section 215 requests were added to pen register/trap and trace orders to seek subscriber information. OIPR also used combination orders in 2005 and 2006 to obtain [two lines and footnote redacted]. (20)
There’s another line redacted to explain that this use was no longer necessary after the 2006 reauthorization. And then to explain why it became unnecessary, the report explained,
In addition, OIPR determined that substantive amendments to the statute undermined the legal basis for which OIPR had received authorization [redacted] from the FISA Court. Therefore, OIPR decided not to request [redacted] pursuant to Section 215 until it re-briefed the issue for the FISA Court. (21)
It goes on in a footnote,
OIPR first briefed the issue to the FISA Court in February 2006, prior to the Reauthorization Act. [two lines redacted]
Now, it’s not entirely clear that all of this is related, though it appears to adhere to a parallel structure in which all the discussions of this additional authority appear in the same place vis a vis the discussion of the trap and trace connection (that is, that they refer to the same authority). If so, it appears they started using 215s for this authority in 2005–not 2006. Yet they didn’t brief it to the FISA Court until February 2006–a month and change after Bush’s illegal domestic program was exposed. And then, they were reluctant to continue to do so after the March 2006 PATRIOT reauthorization.
In other words, it appears they may have started using Section 215s for something they had been using the illegal program for. And it appears that the March 2006 PATRIOT reauthorization, which was partly an add-on to the 2005 reauthorization in 2005 designed to overcome the filibuster that had started in response to the revelation of the program in December 2005, found ways to put some of the things they were doing into other parts of PATRIOT. Combo orders, for example, became regular parts of trap and trace devices.
All of which is a very vague way to say we probably ought to be thinking of four programs–Bush’s illegal domestic surveillance program and the PAA/FAA program that replaced it, NSLs, Section 215 orders, and trap and trace devices–as one whole. As the authorities of one program got shut down by exposure or court rulings or internal dissent, it would migrate to another program. That might explain, for example, why Senators who opposed fishing expeditions in 2005 would come to embrace broadened use of Section 215 orders in 2009.
Now, all of this is just preliminary background discussion to talk about the expansion of 215 authorities to cover one or two programs together, something that happened in 2006 (and therefore, potentially in response to the exposure of Bush’s illegal program). I’ll treat that in a later thread.
This is something that I thought was obvious (based on the underlying technology), but I’ve never been able explain clearly. FISA originally defined content to include the name of the sender and receiver of the message, hence the difference between criminal pen register/trap and trace and the FISA ones.
This is almost certainly email subject lines and perhaps even email messages for people who were only remotely connected to terrorist suspects.
Yeah, I’ve been thinking a lot about subject lines and headers as well–I think that might be what the redacted content is (that is, they got subscriber info on calls, but they got subject lines and headers on emails). People in and out of the Admin have claimed there is ambiguity on this issue (you see it in filings in the warrantless wiretapping cases before Walker, especially). But if they moved that under Section 215 in 2005-2006 and then under trap and trace in 2006, then it might explain the claimed ambiguity.
One of the things that gets overlooked in the email discussion is that email is generally traceable to the location from which it was sent and, depending on where you’re doing the collection, where it was received. If you extend pen registers to include all the headers, IP info, etc., you get much more from an email pen register than from a phone pen register. This also was what allowed them to launder the illegal stuff through FISA.
If you have the bandwidth, you might want to crosscheck this with the Tamm timeline (I’ve got to go do my day job…). I suspect there is some connection.
If you haven’t seen it, this CNET article on a February 2006 opinion by Thomas Hogan seems relevant.
It is about non-FISA pen register and trap and trace, and allowing extraction of email contacts without evidence of criminal wrongdoing.
They went to Hogan when another judge balked at their request.
Are you sure that’s non-FISA? They cite PATRIOT and appear to have relied on reauthorization discussions on it.
Instead, it seems like they were complaining about the use of this pen register for a GJ investigation.
OK, I back completely off the non-FISA part.
@1 & 2 – and imagine if someone had “zuchini” or “wedding” in the re: lines. I’d guess that would set off a whole nuther string of intercepts.
EW, I haven’t read the reports and may be off base on this, but from what you have excerpted I have a different read on this:
I’m thinking an alternative explanation would be that yes, they were using the authority in 2005 (and 2004 with the “pure” 215 orders) but during the negotiations and language changes in the run-up to the reauthorizations in March, 2006, they realized that if certain language were going to go through, their legal basis they had given to the FISA court originally for using the “pure” and “combo” 215 orders to get subscriber info would be compromised. So instead of waiting for it all to fall apart and the court to start revoking and yanking existing orders when the legislation passed, they attempted to act like half-competents (which apparently combines with full on torture advocates pretty well). So they took what they saw as the issue, tried to come up with arguments to work around it, then briefed it to the court before the legislation hit, so that if the court bought what they had briefed they could go on, but if it didn’t, they at least wouldn’t be getting back a raft of rejected applications once the legislation went into effect. IOW, I think they may have done what the Sup Ct never lets anyone get by with doing, taking an issue that isn’t “ripe” and getting a ruling on it anyway. fwiw
Might be–I’ll keep that argument in mind.
Thanks for connecting the dots for us, tying these loose threads together. These are important insights.
Bob in AZ
If the article is correct, it is about non-FISA orders. The link they give for the relevant section of law that the judge was ruling under is this:
– a Title 18 application.
What it looks like Hogan did was to say that Patriot act (sold as national security) revisions and the Senate history for them supported the redefinition, under Title 18 (criminal) of surveillance.
BTW – you do realize that in addition to Lamberth, we no longer have Kollar-Kotelly on the FISA court and that starting this spring, Justice Roberts “gave” us Hogan for the FISA court.
This is kind of interesting background – some of the pre-911 testimony on then-existing efforts to change trap and trace, with CALEA and EPCA overlays
Interesting thumbnail of what was going on, back in olden times. In any event, the article Garret linked, IF it is correct, says that first the magistrate, then Judge Hogan (not then a FISA judge) were being asked to rule on an application under 3122. It’s just that Hogan used Patsy Act provisions and history to support an new and improved content approach. And if he’s ok with that under 3122, it’s fun to think how far he’s willing to go in a secret court with no review ever, and which Congress is now saying isn’t JUST a secret court for national security suveillance, but also a court whose orders give belts and suspenders to using that “no probable cause, no valid 4th amendment warrant” information collected in criminal proceedings, even where criminal proceedings were the primary and overriding justification for the surveillance, there was just no probable cause to get a 4th amendment warrant.
If the Dems were smart, the least they would do is say, hmmmm – let’s change how judges are put on the FISA court and let’s bump up the existing number now (since they have such a workload) and do some advice and consent in getting the new crew on that court, and maybe restructure some to boot.
Quite. No need to trouble dinky leetle ISPs when you’ve already got the frickin’ backbone tapped (cf. San Francisco AT&T optical tap, et al.).
Also interesting to note this is couched in LE terms, not NS terms.
First, EW: Typo alert?
You have a quote paragraph opening with this:
“The use of the combination request evolved form OIPR’s determination…”
I think you mean “from”?
youwe really need you to turn your comments like yours @ 10 and @ 12 into a full-fledged diary on The Seminal.
Bob in AZ
Btw, here’s what Gonzales said about Section 215 in his appearance before SJC in 2005.
Yeah – that was 2005, then in 2006, Hogan gives them the option of getting at least some of that info in a Title 18/3122 PRTT setting, under that “relevant and material to an ongoing investigation” standard.
BTW – and not to belabor the point, but where the hell did Gonzales get “As we all know, probable cause is a standard that law enforcement must meet to justify an arrest.” Um, no, it’s a standard that law enforcement also must meet, and COUPLE WITH a independent magistrate’s review and issuance of an order, to search and seize information.
If you are seizing and searching information with a 215 order, or with a 3122 PRTT, or with a FISA warrant targetting a US person for criminal activity but without probable cause, then you are violating the constitution.
Oh well – in any event, there’s been so much bootstrapping, and so much of it Democratic supported and now with the Dems in charge, it’s going to be Democratic SOLICITED as well as supported, that it gets hard to untangle the mess of which bootstrap is coming into play and where, but I do think the article was talking about (correctly or not) a 3122 order that was using pat act discussions and definitions etc. on what is content to expand 3122 coverage, and 3122 is already something that isn’t subject to a probable cause standard, just a “relevant to” an investigation (that may not even have a crime at its base) standard – so by expanding the scope of what they can take under 3122 to go way beyond what was originally approved by the Sup Ct, they do something similar to what the other pat act changes, allowing for suspicions (or political hopes to find) a crime, all without probable cause, to form the basis of invoking all the FISA powers and provisions, as long as someone in DOJ (who has creatively made up and creatively forgotten all kinds of stuff in court filings – so their credibility is soooo nifty) also can mention a way to claim that there might have been “some contact” somewhere with an [now hugely and broadly defined – basically you could fit getting a PETA solicitation mailed to you IMO] “agent of a foreign power.”
I guess once you start claiming repulsive ideology is a “foreign power” just like a nation state, if you get emails from John Kyl (like I do for some reason) you are in contact with an “agent of a foreign power.” Oh sure, they then try to use some caveats (other than a US person) but they then do away with them on things like the 215 and we don’t even get to keep those protections in “real” court, with things like Hogan’s pre-appointment (to FISC) gift to Roberts/Bushco.
Jeebus. Here’s an interesting exchange, starting around 2:28, about whether URLs count as content or not for pen registers.
Watch as AGAG talks about his ignorance of such things.
I really do think I’m as lo tech as you can get and still be functional and the sad part is I don’t really even try – I rely on our IT guy, or WO and EW and Mad Dog and many others here for the tech slogs, but AGAG is worse than I am – that’s almost scarey. It’s like thinking of Stevens in charge of internet regulation.
This website does a good job with trying to unravel legal messes in a way that makes sense. This is why I’m here each day but there are other reasons too. Many situations are coming together surfacing larger concerns that are part of my life’s experience with dealing with what I call a huge networked criminal system that focuses on a White House Coup. It’s understandable that many don’t want to believe this is true, at least at this point yet. But later as more surfaces, it’s expected to become more outspoken.
Some of my skills are in Computer technology and engineering. The divorce I went throught tossed me into a situation where my life was micro-snooped upon 24/7 by a mixed bag of mostly Government people. This group is linked to the family as protectors. My personal experience with email and internet snooping goes all the back to the mid 90’s and I have records of IP adresses starting sometime around early 2000. I’m not entirely sure of the timing but it’s around these times. Upon learning who was coming into my systems grabbing data, I tried looking them up. Where it led me was to a collaction of huge corporations in a server on the West Coast. The collected email and who I sent it to was going to different places than any documents I generated. It looked to me that there was a large operation of scanning characters automatically which is very simple to do.
Having this information and because I was working with law enforcement, namely the Cook County Sheriff, I gathered as much data, wrote a cover latter and tried giving it to them. They did everything they could to run away and not accept it. It’s important to note that the Chicago area law enforcement was that that time (it’s being cleaned up now) corrupted by an incoming $100 million dollar per week Cocaine shipment, my ex-wife’s family laundering the proceeds for those involved.
However the larger problem was the collection of all of my electronic data being sent to a large operation somewhere in California and for what purpose? The purpose was to provide detailed information on my behavior for purposes of setting me up for situations to harm me. At that time there have been ongoing attempts at setup car accidents and many other harmful attempts. Who was involved were Government people and at this time I’m not able to explain how I came to know this. Soon though I’m considering talking more about my connections during that time.
The top level of the DOJ has been directly involved in supporting another White House Coup directlty linked with a huge collection of corproations and big banks. Sibel Edmonds blew the whistle on who she feels is involved and up to now, no one has been able to stop her. Right now as I understand the DOJ is scambling around trying to keep lids on everything butit isn’t working anymore. There are other situations such as mine that when surfaced will support exposing a lot more of what this it. Stay Tuned
One extra l in Illegal
Go to Huffington Post and vote for Jane as Ultimate Game Changer.