If We Have to Have FISA, Can We at Least Not Give It to Contractors?

In very close succession today, the Intercept published a story on Russia’s efforts to hack election-related officials and the government arrested the apparent source for that story, a woman named Reality Winner.

The story — which reports GRU attempted to phish some officials — is most interesting for the dates included in the leaked document accompanying the story. The document — dated May 5 but covering events from last fall — describes phishing attempts starting as early as a month before the election up to October 31 or November 1.

That latest date (on a report published six months later) is interesting because we know President Obama used the cyber “red phone” to contact Vladimir Putin on October 31, for the first time in his presidency, to complain about election-related hacking. The dates here at least suggest that there were no more phishing attempts initiated after that call.

Of course, now Russia knows more details about how granularly, and on what schedule, NSA might learn such details.

The other big part of this incident, however, is the revelation that contractors well outside the known entities (like Booz Allen Hamilton) have access to FISA information — as indicated by the classification stamp — and that even people without a need to know that information can access it.

This leak was discovered because another of Intercept’s sources alerted the NSA. But had that not happened (or had the Intercept not showed the NSA a folded document), then it’s not clear this would have been discovered.

I get why we need to disseminate such information widely. But even if this information merely reports on stuff that had already been reported (to the WaPo, long ago), it nevertheless is testament to the degree to which adding contractors adds the likelihood of leaks.

Or let’s put it this way: we’re sharing FISA information with contractors who don’t have a need to know. But we’re not sharing it with defendants whose freedom depends on contesting it. Maybe those priorities are screwy?

 

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

22 replies
  1. Lester says:

    It’s impossible to see how anyone can argue the point being made here. It’s still sort of hard to take the whole thing seriously – reality winner. Wtf.

  2. Rapier says:

    She is toast. I feel bad for her. A life almost certainly ruined, for a day of headlines. I will assume there was no hacking of voting systems that altered the election.

    The larger point is well taken and gets to my pet peeve. That is the contractor system is a counter espionage black hole. For every amateur like Winner or Snowden we should assume there are dozens of real operatives working directly for foreign powers or eager to sell info for profit. Of course ultimately the purpose of the spiraling ‘intelligence’ industry isn’t intelligence, it’s profit. Profit for the .1%.

  3. SpaceLifeForm says:

    Interesting timing of events. This is a very strategic leak.

    2017-05-05 NSA report comes into existence
    2017-05-09 Comey is fired

    2017-06-04 report comes out that Comey will not provide answers to Senate Judiciary Committee
    2017-06-05 The now month old NSA report is leaked
    2017-06-08 Comey scheduled to testify to Senate Intelligence Committee

    What if Trump was never briefed on the NSA report in those days before he fired Comey?
    Given that Trump believed he could pressure Comey into having FBI drop stuff, maybe he just did not see the big IC picture. By NOT briefing the president on certain things, he may have been made to believe that he did see the big IC picture.

    Been lots of noise recently that Trump will NOT prevent Comey from testifying in two days. That may have been fake news, and maybe the plan was to prevent Comey testimony at the last moment.

    Now, with this leak, that possible option is essentially torpedoed.

    It would be politically catastrophic to claim executive privilege at this time and stop the Comey testimony.

    Esecially now knowing for certain that it was not just the FBI that was being a thorn in his side.

    • SpaceLifeForm says:

      Apparently, the report was printed the day Comey was fired, mailed a few days later to The Intercept. The Intercept then did some due diligence, including contacting NSA and providing a copy, many days before publishing with redactions that NSA asked for.

      Winner certainly could have been IDed days before publication. Yet, no charges until publish date. Hmmm.

      • lefty665 says:

        You’re right, the arrest is peculiar.

        “Reality Winner” Sounds more like a project name than a person. Need evidence to back up the RUSSIA DID IT hysteria as Comey is about to testify? Great, we’ve got it right here with operation Reality Winner, conveniently timed for max effect. It burns only one document, one 25  year old translator (maybe), and discloses no sources, so no messy loose ends.

        Seems like surprisingly broad distribution for a report on TS compartmentalized information. Why would a translator have access to that?

        Marcy is right on pulling back from contractors. But, how do you un-build the contractor city that has grown  up outside Ft. Meade and the revolving door? Hayden and Alexander screwed us big time. Contractors are firmly entrenched and Trump is keeping the money spigot wide open.

         

        • SpaceLifeForm says:

          “Seems like surprisingly broad distribution for a report on TS compartmentalized information. Why would a translator have access to that?”

          This likely goes back to the fact that the spycorp in this case has a TSFC.

          Winner served in Air Force where she got her TS clearance but until now, was working for Pluribus International Corp. which is a spycorp that has a TSFC (Top Secret Facility Clearance) that, in this case, was fulfilling a subcontractor role for Fort Gordon (which is technically Army but mostly NSA).

          Roles to fill with security clearance requirements, spycorps provide bodies with correct clearance, profit!

          Internal systems software, not so smart.

  4. SpaceLifeForm says:

    Watermarking. If you are going to leak, do not print. And do not use work email. Based on her knowledge I have a hard time believing she was that careless. It’s almost like she knew she would be caught. As if that was the intent. And maybe we will find out later that was the case.

    It also appears that if May 9 was not pure coincidence (printing, comey firing), then maybe she had a reason to print early that morning (before Comey was fired later that day). This assumes the clock and timezone on the Xerox Docucolor printer were correct.
    Timezone would be EST as Fort Gordon is in Georgia.

    https://arstechnica.com/security/2017/06/how-a-few-yellow-dots-burned-the-intercepts-nsa-leaker/

    printed on May 9, 2017 at 6:20am from a printer with the serial number 535218 or 29535218.

  5. earlofhuntingdon says:

    Printing has been a no-no since the Media, Pa, break-in. It’s unwise to use a work e-mail for personal communications or an e-commerce purchases. Who in the business would use their work e-mail to violate employment and national security rules? After Snowden, does that scan?

    • SpaceLifeForm says:

      Note that The Intercept screwed up their opsec too. If the copy they provided to NSA was also watermarked, then NSA now has some info on the printer/copIer/scanner that The Intercept used, Of course, they could have made the copy anywhere.

      • lefty665 says:

        Looks like The Intercept scanned the report and sent PDFs to NSA.  What do they have in the way of meta data or a digital watermark?  Bet ‘ya NSA learned something about The Intercept from them in addition to the watermark in the original. Were there any Spy vs Klutz episodes?

        • SpaceLifeForm says:

          I have to believe (no time to research) that a printer/scanner/copier (MFP) that is networked and has a scan to pc function (usually ends up as a pdf), almost certainly watermarks the pdf internally with printer id and timestamp and ip addresses.

    • earlofhuntingdon says:

      I should have said “photocopying” has been a no-no since the Media, Pa, break-in.  Printing, however, is even more individually identifiable than older copiers.

      One would think it is the text the Intercept would have wanted verified, not the formatting and visual clues from the paper itself, let alone the original printing.  It does suggest a lapse in security by the Intercept.  I hope they comment on this shortly.

  6. SpaceLifeForm says:

    Well, it’s official now /s

    And if Spicer says so, I guess they will be valid evidence in court.

    https://www.washingtonpost.com/news/the-fix/wp/2017/06/06/sean-spicer-just-settled-it-we-should-all-pay-attention-to-trumps-tweets/

    In one sentence Tuesday, White House press secretary Sean Spicer just eliminated any doubt you may have about whether the media should pay attention to President Trump’s tweets.

    “The president is the president of the United States, so they are considered official statements by the president of the United States,” he said in response to a reporter’s question.

    • P J Evans says:

      I hope that they realize that declaring Himself’s tweets to be official statements means they have to be preserved for the official archives, and that they can and will be used as evidence of his intentions, every time he’s taken to court..

    • earlofhuntingdon says:

      Sean Spicer, Dr. of the Obvious.  Since Mr. Trump claims to be the author of his tweets, his tweets are the published comments of the president of the United States.

      Mr. Spicer and his colleagues, however, have spent days and no small amount of public resources attempting to confuse the public by confusing Trump’s choice of medium with the content of his messages.  I gather that didn’t pan out well.

      Donald Trump, careening from one point of chaos to another.  Imagine all the governance he avoids dealing with by taking that route.  The opportunity costs would gobsmack even auditors at the GAO.

  7. lefty665 says:

    Assange is apparently offering a $10k reward for the identification and firing of the genius at The Intercept who scanned and sent the copy of the report to NSA that let them read the watermarking. What the hell were they thinking? The Intercept has been a bizarre organization, but this is astonishingly goofball.

    OTOH, this likely does real damage to our actual national security. With this disclosure of our ability to read Russian military comm and the recent disclosure of Russian diplomatic traffic it may have gotten pretty dark over at NSA. That has happened at least once before, in the early 50’s and it was a very long time before we got back into Soviet systems. Kim Philby was the rat then. He at least was a paid spy. These cases are domestic anti Trump/pro Hillary people. The outcome is the same. How much damage are they willing to do before they get over their tantrums? How much are we as a country prepared to passively accept?

  8. DannyD says:

    Perhaps Reality should Trump’s statements about ‘Fake News’ as her defense. Never happened…the POTUS has confirmed it too, and who would know better?

  9. Mitchell says:

    The enrichment of special interests is more important for our elected officials than national security. Of course, Reality Winner didn’t get the memo that principle among the leadership class is dead.

Comments are closed.