There are several small, but significant, discrepancies between what Dianne Feinstein and Keith Alexander said in yesterday’s Senate Appropriation Committee hearing on cyber and what others have said. As one example, last week James Clapper said this was the standard for accessing the dragnet of Americans’ call data:
The court only allows the data to be queried when there is a reasonable suspicion, based on specific facts, that the particular basis for the query is associated with a foreign terrorist organization. [my emphasis]
DiFi yesterday said this was the standard:
It can only look at that data after a showing that there is a reasonable, articulable suspicion that a specific individual is involved in terrorism, actually related to al Qaeda or Iran. [my emphasis]
These are slightly different things (and Congress has fought hard over the word “articulable” in very similar contexts to this in the past — plus, whichever word is used may trace back to Jack Goldsmith’s 2004 OLC opinion on the illegal wiretap program). It’s possible — likely even — that Clapper was just dumbing down his statement the other day. But it is a difference.
I’m particularly interested in the point I raised yesterday. DiFi, in discussing the NSA’s use of the Section 215 data, says it can only be used to find people in the US with ties to terrorists or Iran.
But when Clapper discussed all the potential targets the Intelligence Community might want to trace using Section 215 data, he mentioned a broader group.
There are no limitations on the customers who can use this library. Many and millions of innocent people doing min– millions of innocent things use this library, but there are also nefarious people who use it. Terrorists, drug cartels, human traffickers, criminals also take advantage of the same technology. So the task for us in the interest of preserving security and preserving civil liberties and privacy is to be as precise as we possibly can be when we go in that library and look for the books that we need to open up and actually read. [my emphasis]
But remember. Clapper oversees all 16 members of the intelligence community, including FBI and the National Counterterrorism Center. DiFi’s statement (and Alexander’s confirmation) applied only to NSA. Elsewhere in the hearing, Alexander said NSA only used what he called “BR” (for business records) to collect phone records. And we know that — at least as recently as 2011 — there was at least one other secret collection program using Section 215. So one of those other entities — almost certainly FBI — must run that program.
Moreover, there’s no reason to believe that Edward Snowden, who had unbelievable access to NSA’s networks and, some time ago, CIA’s records, would have access to programs that didn’t involve those agencies.
And Keith Alexander probably knows that.
Also, terrorists, certainly, and Iran, sort of, are legitimate targets for DOD (I’m actually wondering if the government has acrobatically justified going after Iranian contacts by relying on the still extant Iraq AUMF). For NSA to pursue drug cartels and criminals might present a posse comitatus problem (one that I believe was part of the problem behind the 2004 hospital confrontation).
So I’m wondering how many of the answers we’re getting are designed to minimize the scope of what we know by referring only to the NSA programs?