Shane Harris has a report on the government’s odd behavior in regards to preserving the phone dragnet data in light of the suits challenging its legality.
It’s surprising on three counts. First, because he claims the legal back and forth has not previously been reported.
Now, that database will include phone records that are older than five years — not exactly the outcome that critics of the NSA program were hoping for. A dramatic series of legal maneuvers, which have not been previously reported, led the outcome.
It’s surprising not just because the “legal maneuvers” have in fact been reported before (though not the detail that James Cole got involved, though it’s not yet clear how his involvement affected the actual legal maneuvers rather than the internal DOJ communication issues). But also because Harris neglects to mention key details of those legal maneuvers — notably that EFF reminded DOJ, starting on February 26, that it had preservation orders that should affect the dragnet data, reminders which DOJ stalled and then ignored.
Harris’ piece is also surprising because of the implicit suggestion that NSA hasn’t been aging off data regularly, as it is supposed to be.
A U.S. official familiar with the legal process said the question about what to do with the phone records needn’t have been handled at practically the last minute. “The government was coming up on a five-year deadline to delete the data. Lawsuits were pending. The Justice Department could have approached the FISC months ago to resolve this,” the official said, referring to the Foreign Intelligence Surveillance Court.
There should be no “deadline” here — aside from the daily “deadline” that should automatically age off the five year old data. Now, the WSJ had previously reported that that’s not actually how age-off works.
As the NSA program currently works, the database holds about five years of data, according to officials and some declassified court opinions. About twice a year, any call record more than five years old is purged from the system, officials said.
But even assuming NSA only ages off data twice a year (in which case they should stop claiming they only “keep” data for 5 years because they already keep some of it for 5 1/2 years), most of these suits are well older than 6 months old, predating what might have been an August age-off, which means unless NSA already deviated from its normal pattern, it deleted data relevant to the suits.
By far the most surprising detail in Harris’ story, however, is this response from former DOJ National Security Division Counsel Carrie Cordero to the news that Deputy Attorney General James Cole has gotten involved. This is, Cordero claims, “uncharted territory.”
“This is all uncharted territory,” said Carrie Cordero, a former senior Justice Department official who recently served as the counsel to the head of the National Security Division. “Given the complexity and the novelty of this chain of events, it’s a good thing that the deputy attorney general is personally engaged, and it demonstrates the significant attention that they’re giving to it.”
To be more specific about Cordero’s work history, from 2007 to 2011, she was deeply involved in FISA-related issues, first at ODNI and then at DOJ’s NSD.
In 2009, I served as Counsel to the Assistant Attorney General for National Security at the Unit ed States Department of Justice, where I co – chaired an interagency group created by the Director of National Intelligence (DNI) to improve FISA processes. From 2007 – 2009, I served in a joint duty capacity as a Senior Associate General Counsel at the Office of the Director of National Intelligence, where I worked behind the scenes on matters relating to the legislative efforts that resulted in the FISA Amendments Act of 2008.
Given her position in the thick of FISA-related issues, one would think she was at least aware of the protection order Vaughn Walker issued on November 6, 2007 ordering the preservation of evidence, up to and including “tangible things,” in the multidistrict litigation issues pertaining to the dragnet.
[T]he court reminds all parties of their duty to preserve evidence that may be relevant to this action. The duty extends to documents, data and tangible things in the possession, custody and control of the parties to this action,
And Cordero presumably should be aware that Walker renewed the same order on November 13, 2009, extending it to cover the Jewel suit, which had an ongoing focus.
Cordero is presumably aware of two other details. First, there should be absolutely no dispute that the phone dragnet was covered by these suits. That’s because at least as early as May 25, 2007 (and again in a declaration submitted October 2009), Keith Alexander included the phone dragnet among the things he considered related to the EFF and other suits over which he claimed state secrets.
In particular, disclosure of the NSA’s ability to utilize the TSP (or, therefore, the current FISA Court-authorized content collection) in conjunction with contact chaining [redacted–probably relating to data mining] would severely undermine efforts to detect terrorist activities.
To the extent that the NSA’s bulk collection and targeted analysis of communication meta data may be at issue in this case, those activities–as described in paragraphs 27 and 28 above–must also be protected from disclosure.
In paragraphs 27 and 28 and the following paragraphs, Alexander named the FISC Pen Register and Telephone Records Orders by name.
Thus, as far back as 2007, the NSA acknowledged that it used its content collection in conjunction with its metadata dragnets, including data obtained pursuant to the FISA dragnet orders.
Furthermore, there should be no dispute that the actual phone records were covered under Walker’s order, because the PATRIOT Act Reauthorization of 2005 added the phrase “tangible things” — the very phrase Walker used in his orders — to Section 215.
Finally, there’s one more thing Cordero should be aware of, which is why I’m so troubled she calls this “uncharted territory” (and frankly, why Reggie Walton maybe shouldn’t have been so quick to assume that there were no preservation orders on file). On February 12, 2009, DOJ’s National Security Division told Reggie Walton there was a preservation order that might affect the destruction of the evidence that NSA had been contact chaining in violation of the FISC’s orders, including watchlisting 3,000 US persons with no First Amendment Review.
With respect to the alert process, after this compliance matter surfaced, NSA identified and eliminated analyst access to all alerts that were generated from the comparison of non-RAS approved identifiers against the incoming BR FISA material. The only individuals who retain continued access to this class of alerts are the Technical Director for NSA’s Homeland Security Analysis Center (“HSAC”) and two system developers assigned to HSAC. From a technical standpoint, NSA believes it could purge copies of any alerts that were generated from comparisons of the incoming BR FISA information against non-RAS approved identifiers on the alert list. However, the Agency, in consultation with DoJ, would need to determine whether such action would conflict with a data preservation Order the Agency has received in an ongoing litigation matter. [my emphasis]
While it appears Cordero had not yet returned to NSD, and therefore there’s no reason to believe she was involved in what increasingly appears to have been a decision to destroy the evidence that NSA violated the clear limits of Section 215 even while people were suing over programs that according to Keith Alexander included Section 215, it is rather surprising that she was unaware of this issue.
And consider the importance of this issue right now.
The NSA and DOJ had a discussion about whether to destroy this evidence that it was violating Section 215 back in February 2009. That data — evidence the NSA broke the law, effectively — would have been aging off just as DOJ decided to claim, again, that these preservation orders dating to 2007 and renewed in 2009 don’t protect that evidence that NSA broke the law.
While we can’t be certain, by all appearances DOJ decided back in 2009 that those protection orders didn’t cover this data. It appears they did destroy the evidence of NSA’s law-breaking in 2009. And now we’re having a dispute about it again, with central players like Cordero claiming it has never been raised in the past.
Harris’ piece describes the need to get James Cole involved as arising from the cumbersome nature of coordinating between the Civil Division (which is managing the lawsuits in which the preservation orders got filed) and the National Security Division (which made the bid with FISC to destroy this data).
The official noted that the department’s National Security Division, which represents the government before the surveillance court, and the Civil Division, which is handling the lawsuits, had to coordinate with each other, and that the back-and-forth has at times been a cumbersome process.
Cole has been acting as a referee between the two sides, and he has made the final decisions on how to proceed with regards to the legal issues presented by the phone records program, the Justice Department official said. The involvement of such a senior official in managing the program underscores the degree to which it has become a particularly nettlesome challenge for the Obama administration to resolve.
But I can’t help wondering whether it’s not just a cumbersome coordination problem, but incompatible decisions made back in 2007 and 2009. Back in 2007 and 2009, the Civil Division submitted declarations that readily admitted the role of the metadata dragnet in challenged programs (and DOJ lawyer Tony Coppolino has remained intimately involved throughout). Yet between the time when the Civil Division was submitting such declarations in one court (and the court was issuing protection orders), NSD appears to have come to a completely contradictory decision in 2009 to destroy the evidence in question, which presumably should have been covered by the protection order.
Here’s the thing: either NSD made what appears to be the clearly correct legal decision in 2009 to retain the evidence NSA violated Section 215, illegally surveilling 3,000 US persons in the 2 1/2 years leading up to 2009, and that data should be noticed to the judge presiding over the EFF suits, Jeffrey White. Or, that evidence of legal wrong-doing got destroyed improperly 5 years ago, and that should be noticed to White. But it sure seems that evidence of illegal watchlisting of 3,000 US persons ought to be relevant to these suits.