If By “Plots on the Homeland” You Mean “Defense against US-Backed Invaders”

Yesterday’s declassified documents on the Section 215 (and Internet Trap and Trace) dragnets repeat something I observed about a James Clapper declaration submitted in several FOIA cases related to the program: they all redact parts of the description of what allows the government to search on an identifier. While the government is happy to tell us searches are limited to counterterrorism (and Iran), they’re still hiding some aspect of what constitutes an appropriate search.

Which is just one of the reasons I’m interested in something NSA Deputy Director John Inglis said in yesterday’s Senate Judiciary Committee hearing on the NSA’s programs. At about 1:22, he described the selector they used to find Basaaly Moalin this way:

We knew a number that we had reasonable suspicion was affiliated with a terrorist group plotting against the homeland.

This claim — that the number was not just connected to a terrorist group, but a group “plotting against the homeland” — is new, as far as I’m aware.

Remember, the terrorist group in question is al-Shabaab. Other officials have said they got this number in October 2007 and court documents show the wiretap of Moalin began in December 2007. Yet al-Shabaab wasn’t listed as a Foreign Terrorist Organization until February 2008. If they were plotting against the US in October 2007, why weren’t they listed at that point?

I’ve long assumed (though it is just an assumption) that the number in question was that of Aden Hashi Ayro, a Somali warlord whose calls with Moalin were submitted as evidence in his case. Ayro was killed by a US missile on May 1, 2008. And it’s possible the claim that the pre-FTO al-Shabaab was plotting against our “homeland” pertains to him and his alleged ties to al Qaeda.

Here’s how a June 2008 WikiLeaks cable celebrating Ayro’s death described him.

(S/NF) Senior Al-Shabaab leader and al-Qaida associate Aden Hashi Ayrow was killed May 1 during a U.S. strike. In the early 1990s, Ayrow joined the military wing of Al-Ittihad Al-Islamiya (AIAI) and traveled to Afghanistan in 1997 for unspecified training. Ayrow remained in Afghanistan for a year before returning to Somalia to participate in Jihadist activities, and returned to Afghanistan in 2001, reportedly meeting with Osama bin Laden. Ayrow emerged in the 2002/2003 timeframe as a firebrand extremist and he quickly became a rising figure in what eventually became the Shabaab. Mercurial and largely uncontrollable, he was feared for his ruthlessness and unpredictability.

(S/NF) Ayrow has been violently opposed to U.S. and western interests in East Africa. The Shabaab’s emergence as a terrorist threat in Somalia is closely linked to Ayrow’s rise to power. During the course of 2005, Ayrow’s jihadist group emerged in Mogadishu as a violent destabilizing force. He has been linked to the killing of foreign aid workers, dozens of Somalis, and BBC journalist Kate Peyton. He also was the figure largely responsible for the desecration of the Italian cemetery in Mogadishu. Ayrow’s al-Shabaab faction has also conducted suicide bombings and anti-aircraft attacks targeting Ethiopian and Somali forces in Somalia. Ayrow was closely associated with East Africa Al-Qaida (EAAQ) operatives Harun Fazul and Saleh Nabhan, and now-deceased EAAQ cell leader Abu Talha Al-Sudani. [my emphasis]

The label “al Qaeda associate” and the visit to Osama bin Laden may have qualified Ayro (as ties to Al Qaeda in the Arabian Peninsula did Ahmed Warsame) as something beyond al-Shabaab warlord in the US book. And Toronto Star’s Michele Shephard told me on Twitter that Ayro had global ambitions. Certainly, some of Ayro’s associates had ties to al Qaeda’s past and planned attacks on US embassies in Africa.

But Shephard and the WikiLeaks cable also both say that the immediate focus in 2007 was on Ethiopian troops who had invaded Somalia in 2006 with US backing.

Indeed, the 2010 affidavit supporting a search warrant application for Moalin’s home also emphasized al-Shabaab — and Ayro’s — focus on Ethiopia (though made no mention of US backing).

In late 2006, Ethiopian forces intervened on the [Somali Transitional Federal Government, which the ICU had ousted]’s behalf, routed the ICU and recaptured Mogadishu. With Ethiopian and African Union support, the TFG was reinstalled into power. Although it initially dispersed in the face of the Ethiopian invasion, al-Shabaab eventually regrouped and initiated a war in Somalia targeting all aspects of the TFG, including police stations, border posts, government facilities and civilian targets, as well as the TFG’s Ethiopian and African Union supporters.


Al-Shabaab’s former leader, Aden Hashi Ayrow, called for foreign fighters to join al-Shabaab in a “holy war” against the Ethiopian and other African forces in Somalia. Ayrow’s call was echoed by al-Qaeda leadership, including Usama bin Laden and Ayman al-Zawahiri, and fighters from other countries — including the United States — have traveled to Somalia to engage in violent jihad.

Abbreviated versions of these claims were made in the indictments against Moalin. The intercepted discussions quoted in the affidavit also make it clear Ayro was soliciting Moalin’s support to fight Ethiopian troops.

On April 12, 2008, after MOALIN learned that Al-Shabaab had been designated as a FTO, Ayrow told MOALIN that “it is time to finance the jihad.” He stated that “I am now in Dhusa Mareb” and “the Ethiopians are in Adaado.”  MOALIN replied, “I was told that they are only a few men so why do you not prepare to finish them off?”


Farah Yare [Moalin’s contact after Ayro’s death] reported to MOALIN on the fighting in the Mataban region. He stated that 18 men had been martyred, but that the enemy was destroyed. He stated, “We were fighting from morning til 2:00 p.m. So we were doing burials, to regroup our army.” As a follow up to the conversation the day before, on July 2, 2008, MOALIN, Khader and Isse Doreh had a conference call with Farah Yare. During the call, Yare described in detail the recent fighting against the Ethiopians, stating, “We caught up with them and we truly destroyed them.”

All of which is to say that, while the government took every opportunity to invoke the names Osama bin Laden and Ayman Zawahiri, the government’s public case and even the classified WikiLeaks cable suggests they were focused on Ayro because of his attacks on US interests in and around Somalia, especially the US-backed invasion of Somalia. I’m aware of no place in the Moalin public filings (remember, the chief government filing on FISA intercepts is heavily redacted) where the government claims Ayro was plotting against “the homeland” when phone calls to him got Moalin targeted.

But yesterday, NSA’s second-in-command suggested that that was the basis for the use of the Section 215 dragnet database that ultimately led to Moalin’s less than $10,000 support to al-Shabaab’s fight against Ethiopia.

I don’t know whether the modifier “planning to attack the US” is part of the description of authorized identifiers that remains redacted in all these filings. But if it is, I’m really curious how Ayro and Moalin’s efforts to defeat a US-backed invasion of Somalia — efforts first identified four months before al-Shabaab got listed as an FTO — qualifies as a plot to attack the “homeland.”

17 replies
  1. Frank33 says:

    plotting against the homeland

    I guess the Spymasters have switched allegiance from the United States of America to the “Homeland”. In the Homeland, no peace, no justice, no freedom, no truth, there is only lies. In the Homeland, the wars are secret, and the enemies are secret. But the enemies are the people. I have finally discovered that there is a war between the Homeland and the citizens of the United States of America.

    And OT, but Benghazi is never OT. CNN claims there were 35 or so CIA agents protecting the Homeland in Benghazi. That was not enough spies to protect an Ambassador, or protect secret documents or protect a weapons cache. But the Homeland is keeping their real mission secret. The 35 lucky agents get free polygraph exams every month to protect the Homeland.

    It is being described as pure intimidation, with the threat that any unauthorized CIA employee who leaks information could face the end of his or her career.

    In exclusive communications obtained by CNN, one insider writes, “You don’t jeopardize yourself, you jeopardize your family as well.”

    Another says, “You have no idea the amount of pressure being brought to bear on anyone with knowledge of this operation.”

    “Agency employees typically are polygraphed every three to four years. Never more than that,” said former CIA operative and CNN analyst Robert Baer.

  2. What Constitution? says:

    There seems to be some confusion here. Easily enough dispelled: we are an Empire, and when you’re an Empire, it’s all “homeland” for “security” purposes.

  3. Snoopdido says:

    In reading through the now declassified “Order for Business Records Collection under the USA Patriot Act” (http://www.dni.gov/files/documents/PrimaryOrder_Collection_215.pdf), I found the following paragraphs to be interesting to say the least:

    From pages 5-6 of the Order for Business Records Collection under the USA Patriot Act:

    “Appropriately trained and authorized technical personnel may access the BR metadata to perform those processes needed to make it usable for intelligence analysis. Technical personnel may query the BR metadata using selection terms4 that have not been RAS-approved (described below) for those purposes described above, and may share the results of those queries with other authorized personnel responsible for these purposes, but the results of any such queries will not be used for intelligence analysis purposes.”

    Note: Footnote 4 is completely redacted.

    And later on page 7:

    “Whenever the BR metadata is accessed for foreign intelligence analysys purposes or using foreign intelligence analysis query tools, an auditable record of the activity shall be generated.6”

    Note: Footnote 6 reads as follow: “6 This auditable record requirement shall not apply to accesses of the results of RAS-approved queries.”

    First, it seems to me that the above quoted sentences from pages 5-6 seem to confirm exactly what Edward Snowden had stated; that he would be able to run a query (in his words, wiretap) on anyone in the world without any oversight or authorization.

    Second, footnote 6 is stunning! The results of RAS-approved queries may be accessed by anyone without an audit trail being created. In fact, footnote 6 makes it abundantly clear that an audit trail shall be expressly prohibited from being created for any access to the results of a RAS-approved query.

    Stunning, just stunning!

  4. What Constitution? says:

    @Snoopdido: The people operating within this framework believe the Fourth Amendment is irrelevant to their lives and, with equal fervor, that denial is only a river in Egypt.

  5. JThomason says:

    @Snoopdido: This must be that dreaded “backdoor” you hear system programmers and anti-virus programmers so frequently talking about.

  6. Snoopdido says:

    @Snoopdido: In further reading of the Order for Business Records Collection under the USA Patriot Act” (http://www.dni.gov/files/documents/PrimaryOrder_Collection_215.pdf), there is a limited description beginning on page 11 of a new (to me) “automated query process”:

    “(iv) Queries of BR metadata using RAS-approved selection terms may occur either by manual analyst query or through the automated query process described below.11 This automated query process queries the collected BR metadata (in a “collection store”) with RAS-approved selection terms and returns hop-limited results from those queries to a “corporate store.” The corporate store may them be searched by appropriately and adequately trained personnel for valid foreign intelligence purposes, without the requirement that those searches use only RAS-approved selection terms.”

    So it seems that the corporate store is an anything goes database where searches can be conducted without “RAS – reasonable articulable suspicion”, where there is no mention of any requirement for an audit trail of any corporate store searches, and when coupled with selection terms that need not be RAS-approved (your or my phone number for example), then how can the US government’s claims about obeying the law, respecting the Constitution, and protecting our privacy has even a scintilla of credibility?

    They cannot!

  7. orionATL says:


    what’s also unsurprising, and not stunning, is that any RAS search has no audit trail.

    this could be taken to mean, and i do so take it, that the nsa hides ALL of its 3-hops-from-a-suspect searches by refusing to provide an audit trail.

    this makes it easier for nsa to hide their spying on, say, aaron swartz or bradley manning, or the anti-war group camped outside bush’s country home, or “occupy” organizers,

    or the child prostitution gang just rounded up in california.

    always be on the lookout for instances where the fbi intersects with sex crimes. sex crime law is their proving ground for intrusive spying and prosecutorial overreach – who could possibly object?

    more to the current point, it will prove to be the fbi lawyers’ specious defense of fbi spying – “we only do this for the little ones”.

  8. orionATL says:


    i was also puzzled by this acronym.

    “… it seems that the corporate store is an anything goes database where searches can be conducted without “RAS – reasonable articulable suspicion”, where there is no mention of any requirement for an audit trail of any corporate store searches…”

  9. TomVet says:

    @quake: Reasonable, articulable suspicion. You’re welcome.

    @orionATL, You were quicker on the draw. I must have been typing when you hit Post.

  10. emptywheel says:

    @quake: Reasonable articulable suspicion.

    It means they have to write down why they think the number has a tie to terrorism.

Comments are closed.