Protect America Act Was Designed to Collect on Americans, But DOJ Hid that from the FISC

The government released a document in the Yahoo dump that makes it clear it intended to reverse target Americans under Protect America Act (and by extension, FISA Amendments Act). That’s the Department of Defense Supplemental Procedures Governing Communications Metadata Analysis.

The document — as released earlier this month and (far more importantly) as submitted belatedly to the FISC in March 2008 — is fairly nondescript. It describes what DOD can do once it has collected metadata (irrespective of where it gets it) and how it defines metadata. It also clarifies that, “contact chaining and other metadata analysis do not qualify as the ‘interception’ or ‘selection’ of communcations, nor to they qualify as ‘us[ing] a selection term’.”

The procedures do not once mention US persons.

There are two things that should have raised suspicions at FISC about this document. First, DOJ did not submit the procedures to FISC in a February 20, 2008 collection of documents they submitted after being ordered to by Judge Walton after he caught them hiding other materials; they did not submit them until March 14, 2008.

The signature lines should have raised even bigger suspicions.

Gates Mukasey

First, there’s the delay between the two dates. Robert Gates, signing as Secretary of Defense, signed the document on October 17, 2007. That’s after at least one of the PAA Certifications underlying the Directives submitted to Yahoo (the government is hiding the date of the second Certification for what I suspect are very interesting reasons), but 6 days after Judge Colleen Kollar-Kotelly submitted questions as part of her assessment of whether the Certifications were adequate. Michael Mukasey, signing as Attorney General, didn’t sign the procedures until January 3, 2008, two weeks before Kollar-Kotelly issued her ruling on the certifications, but long after it started trying to force Yahoo to comply and even after the government submitted its first ex parte submission to Walton. That was also just weeks before the government redid the Certifications (newly involving FBI in the process) underlying PAA on January 29. I’ll come back to the dates, but the important issue is they didn’t even finalize these procedures until they were deep into two legal reviews of PAA and in the process of re-doing their Certifications.

Moreover, Mukasey dawdled two months before he signed them; he started at AG on November 9, 2007.

Then there’s the fact that the title for his signature line was clearly altered, after the fact.

Someone else was supposed to sign these procedures. (Peter Keisler was Acting Attorney General before Mukasey was confirmed, including on October 17, when Gates signed these procedures.) These procedures were supposed to be approved back in October 2007 (still two months after the first PAA Certifications) but they weren’t, for some reason.

The backup to those procedures — which Edward Snowden leaked in full — may explain the delay.

Those procedures were changed in 2008 to reverse earlier decisions prohibiting contact chaining on US person metadata. 

NSA had tried to get DOJ to approve that change in 2006. But James Baker (who was one of the people who almost quit over the hospital confrontation in 2004 and who is now FBI General Counsel) refused to let them.

After Baker (and Alberto Gonzales) departed DOJ, and after Congress passed the Protect America Act, the spooks tried again. On November 20, 2007, Ken Wainstein and Steven Bradbury tried to get the Acting Deputy Attorney General Craig Morford (not Mukasey, who was already AG!) to approve the procedures. The entire point of the change, Wainstein’s memo makes clear, was to permit the contact chaining of US persons.

The Supplemental Procedures, attached at Tab A, would clarify that the National Security Agency (NSA) may analyze communications metadata associated with United States persons and persons believed to be in the United States.

What the government did, after passage of the PAA, was make it permissible for NSA to figure out whom Americans were emailing.

And this metadata was — we now know — central to FISCR’s understanding of the program (though perhaps not FISC’s; in an interview today I asked Reggie Walton about this document and he simply didn’t remember it).

The new declassification of the FISCR opinion makes clear, the linking procedures (that is, contact chaining) NSA did were central to FISCR’s finding that Protect America Act, as implemented in directives to Yahoo, had sufficient particularity to be reasonable.

The linking procedures — procedures that show that the [redacted] designated for surveillance are linked to persons reasonably believed to be overseas and otherwise appropriate targets — involve the application of “foreign intelligence factors” These factors are delineated in an ex parte appendix filed by the government. They also are described, albeit with greater generality, in the government’s brief. As attested by affidavits  of the Director of the National Security Agency (NSA), the government identifies [redacted] surveillance for national security purposes on information indicating that, for instance, [big redaction] Although the FAA itself does not mandate a showing of particularity, see 50 U.S.C. § 1805(b). This pre-surveillance procedure strikes us as analogous to and in conformity with the particularly showing contemplated by Sealed Case.

In fact, these procedures were submitted to FISC and FISCR precisely to support their discussion of particularity! We know they were using these precise procedures with PAA because they were submitted to FISC and FISCR in defense of a claim that they weren’t targeting US persons.

Except, by all appearances, the government neglected to tell FISC and FISCR that the entire reason these procedures were changed, subsequent to the passage of the PAA, was so NSA could go identify the communications involving Americans.

And this program, and the legal authorization for it? It’s all built into the FISA Amendments Act.

7 replies
  1. P J Evans says:

    Mukasey’s title line was the first thing that caught my eye, it’s so obvious. I wonder what it said before they ‘fixed’ it, and who was supposed to have signed there.

  2. Rayne says:

    All this unfolded against a background of notable events:

    09-OCT-2007 All “major” Republican candidates are on GOP primary ballot

    19-OCT-2007 Gates signs doc, DoD Supplemental Procedures Governing Communications Metadata Analysis

    09-NOV-2007 Mukasey starts as AG

    20-NOV-2007 Wainstein & Bradbury tried to get the Acting Deputy Attorney General Morford to approve procedures

    03-JAN-2008 Dyarbakir, Turkey car bombing, attributed to PKK by Turkish authorities

    03-JAN-2008 Obama wins Iowa caucus, Biden & Dodd drop out; Huckabee wins GOP Iowa caucus.

    03-JAN-2008 Mukasey signs doc (note title change on doc)

    29-JAN-2008 Redone certs underlying PAA

    05-FEB-2008 Super Tuesday
    07-FEB-2008 Mitt Romney suspends his campaign
    14-FEB-2008 Mitt Romney endorses John McCain

    20-FEB-2008 DOJ Collection of documents submitted to FISC

    03-MAR-2008 Street of Dreams bombing in Washington state, attributed to ELF

    06-MAR-2008 Times Square bombing

    14-MAR-2008 Jeremiah Wright controversy breaks open

    14-MAR-2008 DOJ doesn’t submit other hidden materials until this date

    There were other terrorist events in 2008 not cited here, as well as general election items; I’ve noted either the U.S. events that happened on/between key dates, and the one overseas event which happened concurrent with an event on this timeline.

    What I’d like to know: how many “oops” collections happened in 2007-2008 of phones in 202 area code, like the collections revealed in the audit of 2012. How many “oops” collections in 202 area code overlapped with Yahoo collections?

    (I guess I’m still skeptical after the terror alerts of the 2004 election season…)

  3. bloopie2 says:

    Off topic, but … can someone tell me why the US should not win on appeal in the Ninth Circuit ‘Smith’ case, since the plaintiff is, admittedly, not a Verizon Business customer (the ‘standing’ argument)? I have been wondering about this from day one.

  4. bloopie2 says:

    Also off topic, but on the release of the Guantanamo videos, can the government stop that from happening by agreeing to his requested injunction and thus mooting the case? Semms like something they would do.

  5. wallace says:

    quote”Then there’s the fact that the title for his signature line was clearly altered, after the fact.” unquote

    Shades of halfwit new hires at the Office of Obfusication, Doublespeak and Gimmicks. Rumor has it they’ve tripled their staff in their Document laundering department, and downgraded the qualification to Moron.

Comments are closed.