Section 702 Used for Cybersecurity: You Read It Here First
I have been reporting for years that the government uses Section 702 for cybersecurity purposes, including its upstream application.
- June 10, 2013: Hacking was the biggest success story for 702
- August 7, 2013: Me, saying I told you so
- October 21, 2013: An upstream application of 702 to cyber was NSA’s big 702 success story
- November 7, 2013: The original (good) version of USA Freedom Act would have given NSA 6 months to shut down upstream 702 targeting for cyber
- November 23, 2013: NSA denies their admitted use of 702 for cyber targets
- July 3, 2014: PCLOB hides the use of 702 for cyber targets
- February 4, 2015: Cyberattacks are one of the crimes FBI can use 702 data to prosecute
- February 10, 2015: How Jeffrey White misused PCLOB to dismiss the possibility of domestic wiretapping under upstream in EFF-related suits
ProPublica and NYT have now confirmed and finally liberated related Snowden documents on the practice. They show that DOJ tried to formalize the process in 2012 (though I have reasons to doubt that the NSA documents released tell all of the story, as I hope to show in upcoming posts).
Without public notice or debate, the Obama administration has expanded the National Security Agency’s warrantless surveillance of Americans’ international Internet traffic to search for evidence of malicious computer hacking, according to classified NSA documents.
In mid-2012, Justice Department lawyers wrote two secret memos permitting the spy agency to begin hunting on Internet cables, without a warrant and on American soil, for data linked to computer intrusions originating abroad — including traffic that flows to suspicious Internet addresses or contains malware, the documents show.
The Justice Department allowed the agency to monitor only addresses and “cybersignatures” — patterns associated with computer intrusions — that it could tie to foreign governments. But the documents also note that the NSA sought to target hackers even when it could not establish any links to foreign powers.
The disclosures, based on documents provided by Edward J. Snowden, the former NSA contractor, and shared with the New York Times and ProPublica, come at a time of unprecedented cyberattacks on American financial institutions, businesses and government agencies, but also of greater scrutiny of secret legal justifications for broader government surveillance.
Jonathan Mayer, whom ProPublica and NYT cite in the article, has his own worthwhile take on what the documents say.
mayer’s article is interesting, but joins many others in acknowledging nsa takes what it wants when it wants with help from government lawyers. it has taken what it wanted in the field of cybersecurity, so what else is new?
mayer’s footnote 2 with its “one foot firmly in each camp” message does not enhance his credibility with me.
so long as the nsa/fbi are allowed to act on the false belief, become their mantra, that “the fate of the nation is in our hands”, just so long will the fbi/nsa behave with whatever degree of illegality is “necessary” to save the nation.
the heart of the our american over-surveillance problem is institutional self-righteousness and hubris uncorrected by stern oversight.
as an aside, just what have been the really serious consequences of cyberpunks pulling cyberattacks ? that’s as important a question for the developing field of cyberattacks as it is for that of terrorist attacks which have proven to be high-visibility, low-impact events.
Mayer has as much credibility on this as anyone. The fact that he’ll analyze something anew, rather than default to security, is a pretty good reason for his credibility.
and he gets credit with me for looking at things anew.
but that trembly, pleading footnote #2 – “please don’t stop loving me” ? why was that necessary ?