The CIA (&etc) Money Orders

NSL v 215Both the NYT (Charlie Savage and Mark Mazzetti) and WSJ (Siobhan Gorman, Devlin Barrett, and Jennifer Valentine-Devries) tell the same story today: the CIA is collecting bulk data on international money transfers. Given that someone has decided to deal this story to two papers at the same time, and given the number of times the Administration has pre-leaked stories to Gorman of late to increasingly spectacular effect (even making most national security journalists forget the very existence of GCHQ’s notoriously voracious taps at cable landings just off Europe) I assume this may be some kind of limited hangout.

It’s not that I doubt in the least that CIA gets and uses financial data. I don’t even doubt the government uses PATRIOT authorities to do so (as both stories assert).

But it would be unlikely that this data comes in through an FBI order and does not also get shared with Treasury and National Counterterrorism Center (if not NSA), both of which would have better infrastructure for analyzing it, and both of which we know to use such data for their known intelligence products. Indeed, in response to a question from both papers about this practice Western Union points to Treasury programs.

 A spokeswoman for one large company that handles money transfers abroad, Western Union, did not directly address a question about whether it had been ordered to turn over records in bulk, but said that the company complies with legal requirements to provide information.

“We collect consumer information to comply with the Bank Secrecy Act and other laws,” said the spokeswoman, Luella Chavez D’Angelo. “In doing so, we also protect our consumers’ privacy.”

And at WSJ a consultant to the industry points even more firmly towards Treasury.

Money-transfer companies are “highly, highly aware of their obligations under the Patriot Act,” said Robert Pargac, a director in global investigations and compliance at Navigant Consulting Inc. who has worked at several such companies. Western Union said last month it would be spending about 4% of its revenue in 2014 on compliance with rules under the Patriot Act, the Treasury Department’s Office of Foreign Assets Control and other anti-money-laundering and terrorist-financing requirements.

We know that, at least until 2008, the FBI maintained that it could share materials that came in through Section 215 with any agency so long as that agency asserted it had a need for the information, and there’s little reason to believe the FBI has changed that policy. So I would assume at least Treasury and NCTC gets this data as well. It may be all this story indicates is that — as they do with much Section 702 data — CIA gets its own access to the data. That’s a minimization story, not a collection story, because we’ve known this data was collected (as WSJ points out).

Then there’s the evidence both papers point to to show that this is a Section 215 program. WSJ nods towards Claire Eagan’s reference to earlier bulk opinions.

The likely existence of bulk collection programs other than phone-records data has been mentioned in a recently declassified opinion from a judge on the Foreign Intelligence Surveillance Court, which approves such programs.

And NYT discusses it in more depth.

In September, the Obama administration declassified and released a lengthy opinion by Judge Claire Eagan of the surveillance court, written a month earlier and explaining why the panel had given legal blessing to the call log program. A largely overlooked passage of her ruling suggested that the court has also issued orders for at least two other types of bulk data collection.

Specifically, Judge Eagan noted that the court had previously examined the issue of what records are relevant to an investigation for the purpose of “bulk collections,” plural. There followed more than six lines that were censored in the publicly released version of her opinion.

Yet even in spite of NYT’s reference to the “largely overlooked” (but reported on by me, Julian Sanchez, and Marty Lederman) passage (actually there are two), it misses part of what Eagan wrote.

This Court has previously examined the issue of relevance for bulk collections. See [6 lines redacted]

While those involved different collections from the one at issue here, the relevance standard was similar. See 50 U.S.C. § 1842(c)(2) (“[R]elevant to an ongoing investigation to protect against international terrorism …. “). In both cases, there were facts demonstrating that information concerning known and unknown affiliates of international terrorist organizations was contained within the non-content metadata the government sought to obtain. As this Court noted in 2010, the “finding of relevance most crucially depended on the conclusion that bulk collection is necessary for NSA to employ tools that are likely to generate useful investigative leads to help identify and track terrorist operatives.”

That is, after the redaction, Eagan continues to discuss “those” opinions and invokes 50 USC 1842 — the Pen Register provision, not Section 215. Which would seem to suggest these earlier bulk collection opinions refer to Pen Register collection (one of these may well be the 2004 Colleen Kollar-Kotelly opinion).

So if the NYT’s and WSJ’s sources are pointing to that passage to describe what authorized this collection, they’re suggesting a law clearly designed for communications authorized the collection of money order data. Which is possible, but if so, it might point to a third party — the telecoms — providing the data rather than the money order companies. But then, that’s how the Internet metadata program always operated, with the telecoms providing the Internet companies’ data.

NYT also references the opinions the government has identified but will withhold from ACLU (I mentioned one here). Those explicitly relate to Section 215 (this may indicate there was both a significant Pen Register opinion and a significant 215 opinion in 2010). But note, those opinions come from an entry in the government’s Vaughn that effectively issues a “No Number No List” for the remainder of opinions, which may suggest there are even more.

Still, there’s one other reason I wonder whether the government is only or has only conducted this under Section 215 (NYT says the collection occurs under “provisions in the Patriot Act”, while WSJ says that explicitly). Indeed, I suspect the government may have collected such information using a National Security Letter, which would not involve review by the FISC, though may not be doing so anymore.

Both Ron Wyden’s bill and the Leahy-Sensenbrenner bill include language limiting what the government can get via a financial NSL (the Leahy-Sensenbrenner bill actually includes more restrictions) and explicitly state, “A request issued under this subsection may not require the production of records or information not listed in” the bill. The language would seem to exclude collection date of birth (which the WSJ mentions) and social security number (which the NYT mentions), both of which would permit systemic tracking. In addition, the Leahy-Sensenbrenner bill includes the same language prohibiting bulk collection as it uses in sections on Section 215 and Pen Registers.

In other words, the critics of the dragnet sure seem to think the government has used NSLs to get financial information far beyond what the letter of the law would seem to permit. Leahy, in particular, has shown acute interest in how the government gets financial records. And his bill prohibits the use of NSLs to collect bulk financial data.

As I have noted (and Sanchez noted before I did), after a drop in 2006 associated with the ability to get subscriber information with Pen Registers, 215 orders have risen to new highs in recent years, which comes at the same time as a dramatic drop in the number of NSLs. It seems highly likely that collection that used to occur via NSL (perhaps via numerous NSLs) now occurs via 215 order. And that switch happened in 2010, the year of one of the remaining 215 orders.

None of which is to say that anything in either story is not absolutely correct. Just that it seems that this story — as with the European collection story — may be just one part of the program.

 

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

4 replies
  1. joanneleon says:

    Interesting if this came from an authorized leak. Why leak to two newspapers? If you want to demonstrate how you’re being more transparent, why not allow the DNI office or the I Con the Record site break the news? For the record, I’m not doubting you. I trust your hunches. I’m just curious about what their strategy is. I’m also not completely clear on how limited hangouts work (or why they have that odd name!) I think limited hangouts are basically where you tell part of the story with your own spin on it to prevent or distract from a much larger, more damaging story from coming out, hoping that people will be satisfied with what they’ve learned and won’t look further. So by my understanding, if it is a limited hangout, it means there’s a lot more to it.

    I did read that the IC was going through their classified info and trying to decide which things could safely be revealed, basically to preempt a Snowden file story on the same topic. But I was thinking that the Office of the DNI planned to do that openly.

    Anyway, bulk collection of international money transfers doesn’t surprise me that much, so if this is a limited hangout, my guess would be that, like other bulk collections, they’re collecting a hell of a lot more than international wire transfers. Are you suggesting that maybe, like the telephony metadata, they are collecting all financial transaction data on all Americans and minimizing it and calling it metadata using a regular, renewable FISA court order for the banks (or maybe just wire transfers) like the orders that the telecoms receive? I’m not familiar with the banking laws but I think they already do report transactions over $5K or thereabouts to the government.

  2. tom says:

    The term was introduced on 23 Mar 1973 by Haldeman: http://en.wikipedia.org/wiki/Limited_hangout

    “A limited hangout, or partial hangout, is a public relations or propaganda technique that involves the release of previously hidden information in order to prevent a greater exposure of more important details.

    It takes the form of deception, misdirection, or coverup often associated with intelligence agencies involving a release or “mea culpa” type of confession of only part of a set of previously hidden sensitive information, that establishes credibility for the one releasing the information who by the very act of confession appears to be “coming clean” and acting with integrity; but in actuality, by withholding key facts, is protecting a deeper operation and those who could be exposed if the whole truth came out. In effect, if an array of offenses or misdeeds is suspected, this confession admits to a lesser offense while covering up the greater ones.

    A limited hangout typically is a response to lower the pressure felt from inquisitive investigators pursuing clues that threaten to expose everything, and the disclosure is often combined with red herrings or propaganda elements that lead to false trails, distractions, or ideological disinformation; thus allowing covert or criminal elements to continue in their improper activities.”

    This was differentiated by Ehrlichmann from a “modified limited hangout” which is a “strategy of mixing partial admissions with misinformation and resistance to further investigation.”

    General Alexander has been urged — in view of the drip, drip, drip of Snowden documents — to do a limited hangout of NSA documents (redacted of course). That would make sense since the Canadian SigInt analyst, Sub-Lieutenant Jeffery Delisle, already copied over all of STONEGHOST — the shared data repository of the Five Eyes — to the GRU through January 2012. For $3k a month.

    While the Russians have not publicly released these files, if STONEGHOST was all that Snowden had access to, there is no significance to it whatsoever — FVEY is already out in the wild.

Comments are closed.