November 2, 2013 / by emptywheel


Anonymous Aide Pushback Strengthens Case that DiFi Bill Supports Backdoor Searches

Ellen Nakashima wrote a truly remarkable article on the DiFi Fake FISA Fix, in which she quotes the following critics of the bill:

Sen. Ron Wyden (D-Ore.)

Elizabeth Goitein, co-director of the Brennan Center for Justice’s Liberty and National Security Program

Julian Sanchez, a research fellow at the CATO Institute

And quotes the following defenders of the bill and/or surveillance:

Committee Chairman Dianne Feinstein (D-Calif.)

Committee staff, including a committee aide, who was not permitted to speak on the record

Several former senior Justice Department officials, who were not permitted by their current employers to speak on the record

DiFi’s sole on the record comment, by the way, was stating that she would do “everything I can” to preserve the phone dragnet.

And in this article in which surveillance defenders hide behind anonymity, SSCI aides make the following case about the backdoor search “protections” in DiFi’s Fake FISA Fix (concerns about which I raised here).

Wyden and privacy advocates are also concerned that the bill would place in statute authority for NSA to search without a warrant for Americans’ e-mail and phone call content collected under a separate FISA surveillance program intended to target foreigners overseas. That is what Wyden has called a “back-door search loophole.”

Aides note the bill restricts the queries to those meant to obtain foreign intelligence information. They say that there have been only a “small number” of queries each year. Such searches are useful, for instance, if a tip arises that a terrorist group is plotting to kill or kidnap an American, officials have said. [my emphasis]

Take a look at the language pertaining to this issue in the past. Last year’s FAA conference report from the very same Committee described the issue as, “querying information collected under Section 702 to find communications of a particular United States person.” And when Ron Wyden and Mark Udall busted Keith Alexander for making false claims, they suggested the issue was about “allow[ing] the NSA to deliberately search for the records of particular Americans.” And when John Bates approved the NSA and CIA’s use of the practice in 2011, he described it as “query[ing] the vast majority of its Section 702 collection using United States-Person identifiers.” That’s almost precisely the way the Administration referred to it in its Compliance Report this year: “querying of unminimized Section 702-acquired communications using United States person identifiers” (see page 7).

That is, in every reference to this practice I can think of, nothing suggests the practice is limited to searching for US person identifiers in the content of communications. Indeed, the report from this very same committee last year made it clear the practice pertained to searching for the communications written by Americans, not those written about them. And the easiest way to find communications written by Americans is to search on US person identifiers in the metadata of communications.

But the bill specifically excludes searching for US person identifiers in the metadata of communications from its protections. That is, in addition to not prohibiting the searching of US person identifiers to protect life, body, and probably property, and for law enforcement purposes, the bill specifically leaves unrestricted looking up someone’s email or phone number to pull up all their communications from the collection of Section 702-acquired data.

And in their discussion of what the bill protects, these anonymous aide bill defenders describe its use to find people talking about Americans — the kidnapped American whose abductors refer to him by his IP address or phone number in their email. They appear to refer to searching for US person identifiers in the content of communications (which is all the bill protects anyway), not in its metadata. Communications about Americans, not by them. Which is not how all the previous descriptions of this practice describe it.

But the dead giveaway, the tell that this is a big scam to provide the appearance of limits while at the same time enshrining and possibly expanding the warrantless searching of “incidentally” collected US person content, is where the aides say this:

“There have only been a ‘small number’ of queries each year.”

Hahahaha! Have you missed the number of times NSA has said it would be impossible for them to count the number of Americans whose data has been searched in such a way?! NSA has spent well over a year making that claim, and DiFi has shielded that claim every step of the way.

So when DiFi’s anonymous aides make the claim that the queries protected by the law have only been used a few times a year — indeed, when they make the claim they can be and have been counted at all — they make it crystal clear the protections in the law do not pertain to the vast majority of the searches on US person data that has been collected “incidentally” under Section 702 which — the NSA assures us — cannot be counted.

What DiFi and her aides — by their own anonymous and perhaps inadvertent admission — plan to protect is a tiny fraction of the searches on US person data collected under Section 702, the countable fraction of the practice that NSA can’t or won’t count without incurring resource problems.

OK. Thanks anonymous DiFi aides. I wasn’t sure we had cause to worry. But now you’ve made it crystal clear what is going on.

Copyright © 2013 emptywheel. All rights reserved.
Originally Posted @