September 18, 2017 / by emptywheel


USA Freedom Act Scofflaw Rosemary Collyer Claims She Can’t Find a Tech Expert

I say this a lot: for a privacy person, I’m actually pretty willing to defend the work of the so-called rubber stamp FISA Court. I’ve reported on some areas — such as location data — where FISC does or at least use to — require a higher standard of legal process than criminal courts. And I’ve described the diligent efforts various judges — Reggie Walton, especially, but also Colleen Kollar-Kotelly, Thomas Hogan and John Bates — have made to get NSA to follow the law. That doesn’t mean the court is the way the US should oversee programmatic spying, but it does a better job than usually given credit for.

Not so Rosemary Collyer, whom I predicted would be an awful presiding judge before she got the position. That prediction was proven right in this year’s shitty 702 reauthorization. I laid out at more length here how in that opinion, Collyer failed to use the levers Bates had created for the court to ensure the NSA follows the law.

But on top of failing to use the tools her predecessors put in place to ensure that FISA (and her court) remains the exclusive means to conduct domestic foreign intelligence surveillance, Collyer did something even more trouble. She failed to consult an amicus — or explain why she didn’t need to — in the process of approving back door searches to be used with collection she knew to include domestic communications. By failing to do that, I have argued, she broke the law, failing to fulfill the requirements of amicus review or explanation mandated by the USA Freedom Act.

I laid all that out here, too, in a post reporting on the request from a bunch of Senators that FISC appoint a technical amicus. As I noted, if Collyer isn’t going to consult amici, then having a tech amicus available isn’t going to help (and had she consulted the most obvious amicus earlier this year, Marc Zwillinger, he likely would have raised the import of the technical questions she seemed not to understand).

I didn’t realize it but Collyer responded late last month. (h/t Cryptome) She made a remarkably lame excuse for not appointing any tech amici.

We are now actively seeking technical experts who can also act as amici curiae. However, it has not proved to be a simple matter to find appropriate technical expertise. In considering technical advisors we must assess their abilities and qualifications, including their eligibility for security clearances and willingness to abide by attendant obligations regarding reporting of foreign contacts and pre-publication review (which is concerning to some potential candidates). As a result, we expect the process of finding a pool of appropriate technical amici to take some time to complete. Nonetheless, please be assured that this matter is very much on our minds and the court is engaged in continuing outreach.

As I pointed out in my first post on this, Steve Bellovin — who had been selected (and I believe cleared) to serve as technical advisor to PCLOB would be available given the effective demise of that body. Bellovin co-authored an important paper on precisely the issue Collyer dodged in her upstream opinion: where metadata ends and content begins in a packet.

So I’m pretty unsympathetic with Collyer’s claims the FISC simply can’t find appropriate technical experts, or couldn’t here.

Of course, had she not broken the law — had she at least appointed an amicus for April’s opinion — one of them might have offered up Bellovin’s name or a number of other cleared experts.

So it’s nice she’s paying lip service to the kind of technical expertise that might have helped her avoid the problems in this year’s 702 reauthorization.

But given her other actions, it’s hard to believe it is anything but lip service.

Copyright © 2017 emptywheel. All rights reserved.
Originally Posted @