The [Publicly] Unanswered John Bates Question about How You Define an Active User of a Targeted Facility

In this post, I showed how sometime in fall 2010, the government tried to get the FISA Court to let it use Section 702 to spy on Americans. Specifically, it defined one of the terms used in its application (presumably its targeting certification) “to include US persons,” which Bates took to understand as a request to undertake the “intentional acquisition of communications of US persons reasonably believed to be located outside the United States.”

In addition to the big dump of 702 related documents released last week, Charlie Savage liberated some of the documents pertaining to upstream surveillance from 2011. One of the documents included a set of questions John Bates asked on November 7, in advance of approving the new minimization procedures. And one of the questions is one I asked — and for the same reason — in my post on Rosemary Collyer’s recent upstream opinion: how you define an “active user.”

The Court’s Memorandum defined “active user” to be “the individual using the electronic communications account/address/identifier to interact with his/her Internet service provider.” See Oct. 3, 2011 Memorandum Opinion at 35 n. 34 (emphasis added). However, the amended minimization procedures state that NSA will identify and segregate through technical means MCTs where “the active user of the transaction (i.e., the electronic communications account/address/identifier used to send or receive the Internet transaction to or from a service provider) is reasonably believed to be located in the United States; or the location of the active user is unknown.” See Section 3(b)(5)(a). Please confirm that NSA’s “technical means” for identification and segregation will focus on the location of the individual using the account.

Taken in the wake of the government’s 2010 effort to target a group that includes Americans, the importance of the answer is obvious. If, for example, the active user of a selector is the targeted group rather than a specific individual, then the Americans that are part of that targeted group would also have their communications collected and those communications wouldn’t get segregated as a result. For example, if the NSA were targeting the encryption keys that ISIS uses, and an American were also using that key to talk to other Americans, that communication would be collected but not segregated. So Bates, a year after backing the government down off its effort to use 702 to spy on Americans only to find that the government had been collecting on Americans for 4 years, seemed to be trying to make sure that the government didn’t achieve the same goal via different means.

Except, nowhere in the public record, did he explicitly force the government to integrate this focus on individual users into the minimization procedures. In his November 30, 2011 opinion approving the new MCT scheme, he cited of the requirement that MCTs including the communications of possible US persons get segregated, he added “the [user of]” to the language he cited from the minimization procedures.

Under the amended NSA minimization procedures, NSA must segregate and restrict access to certain portions of its upstream collection following acquisition.3 Section 3(b)(5)(a) requires NSA to

take reasonable steps post-acquisition to identify and segregate through technical means Internet transactions that cannot be reasonably identified as containing single, discrete communications where: the active user of the transaction (i.e., the [user of] the electronic communications account/address/identifier used to send or receive the Internet transaction to or from a service provider) is reasonably believed to be located in the United States; or the location of the active user is unknown.

But he didn’t specify that that user had to be an individual. In the same passage, he cited what are probably the responses to his November 7 questions, without citing the language used to respond to him.

Then, in restating the requirement to segregate such communications, Bates cited to his earlier opinion, but not the page he cited in his question invoking “individual” users.

Unlike the measures previously proposed by the government for MCTs, the new procedures require NSA, following acquisition, to identify and segregate the two categories of Internet transactions that are most likely to contain discrete wholly domestic communications and non-target communications to or from United States persons or persons located in the United States: (1) those as to which the “active user” is located inside the United States; and (2) those as to which the location of the active user is unknown. See Amended NSA Minimization Procedures at 4 (§ 3(b)(5)(a)); see also Oct. 3 Opinion at 37-41.

And neither the September 2012 opinion authorizing the next year’s certificates and clearing the government of ongoing violation of 1809(a)(2) doesn’t appear to mention active users.

I raised this issue with respect to Collyer’s opinion because, if the government can treat a group as a target and the group’s communication methods as a facility, then upstream surveillance will still collect entirely domestic communications that will newly be available via back door search (though in reality, NSA never fully implemented the scheme laid out in the 2011 opinion). Yet nowhere is this made clear.

11 replies
  1. bmaz says:

    Am also reminded of Bates’ involvement as Deputy Independent Counsel for the Whitewater “independent counsel” effort under Ken Starr.

  2. SpaceLifeForm says:

    My Humpy Dumpty Cliff’s Notes:

    Active User == a communications device at a Facility. There may be no human around.

    Facility == POP. May be a TV/Radio station or satellite. Could be an ISP, a MIL/IC base, telco. Could be a foreign embassy building.

    Group == A set of ‘facilities’.

    Doing the combos, a group could be a set of radio retransmitters with no humans involved as an example.

    • SpaceLifeForm says:

      Note that a ‘facility’ could be in multiple ‘groups’, and therefore an ‘active user’ could be in multiple ‘groups’. If I was looking for something, I would apply my ‘selector’ at the ‘group’ level first, then drill down as needed, possibly defining new ‘groups’, maybe dropping some ‘facilities’ from the original ‘group’. Maybe, maybe not.

      Subsetting the original group can lead to missed intel. Not going to describe why.

      • SpaceLifeForm says:

        Conversely, failing to superset ‘groups’ can lead to missed intel also. Creating too many haystacks can make one miss the forest due to the trees (haystacks).

  3. SpaceLifeForm says:

    OT: Crystal vs Fitzgerald

    No, it is not a case before SCOTUS.

    This is about OPSEC, intel, and safety.

    It appears at this point, that the USS Fitzgerald had right-of-way, as the MV ACX Crystal was overtaking.on the starboard side of Fitzgerald, and the overtaking vessel (Crystal), should have yielded, if noticing on collision course.

    But, how did this accident really occur?

    Fiztgerald was not broadcasting presence. AIS was turned off. Fitzgerald may have been in ‘dark mode’, no radar turned on, maybe no navigational lights on. Totally dark.

    It was pitch black out, moon not visible yet.
    Moon still waning, so not much moonlight available even if it was an hour or so later.

    Operating in a busy shipping channel.

    Close enough to North Korea for intel purposes.

    Guessing, the Crystal was in auto-pilot mode, and either had no radar on, helmsmen asleep, or both.

    So Crystal did not know Fitzgerald was there.

    Fitzgerald, probably operating stealth (no AIS, no radar), and possibly dark mode, had no idea Crystal was overtaking and had made a course adjustment, likely due to autopilot.

    If Fitzterald was not just stealth, but totally dark (nav lights off), then there should been sailors stationed to watch.

    Nav lights, AIS, and radar are ‘intel’.

    The big question is, who was really paying attention? Were the proper people on either ship paying the proper attention?

    Seems that Crystal should have had radar on, and could have avoided the collision (if helmsmen awake).

    Maybe Crystal helmsmen trusted AIS too much (intel).

    Collecting intel and trusting intel can lead to safety problems.

    (Aside. Another ‘facility’ – A ship)

  4. SpaceLifeForm says:

    OT: OpenVPN can possibly be MITM-ed with effort. It currently now has known issues. This is about bugs that have been found thru fuzzing after *TWO* code audits. I.E., fuzzing can find bugs better and faster then the ‘many eyeballs’ method.

    So doing a code audit to find memory vulnerabilities in a C program is a little like asking car wash employees to clean your car with a makeup brush. A very noble pursuit indeed, and if you manage to complete it, the overall results may be even better than automated water blasting, but unless you have infinite funds and time, resources are better spent on cleaning the exterior with a machine, vacuuming the interior followed by an evaluation of the overall cleanliness, and acting where necessary.

    [But some basically do have near infinite funds and time. See nation-state actors]

Comments are closed.