The Senate Intelligence Committee 702 Bill Is a Domestic Spying Bill

Richard Burr has released his draft Section 702 bill.

Contrary to what you’re reading about it not “reforming” 702, the SSCI bill makes dramatic changes to 702. Effectively, it makes 702 a domestic spying program.

The SSCI expands the kinds of criminal prosecutions with which it can use Section 702 data

It does so in Section 5, in what is cynically called “End Use Restriction,” but which is in reality a vast expansion of the uses to which Section 702 data may be used (affirmatively codifying, effectively, a move the IC made in 2015). It permits the use of 702 data in any criminal proceeding that “Affects, involves, or is related to” the national security of the United States (which will include proceedings used to flip informants on top of whatever terrorism, proliferation, or espionage and hacking crimes that would more directly fall under national security) or involves,

  • Death
  • Kidnapping
  • Serious bodily injury
  • Specified offense against a minor
  • Incapacitation or destruction of critical infrastructure (critical infrastructure can include even campgrounds!)
  • Cybersecurity, including violations of CFAA
  • Transnational crime, including transnational narcotics trafficking
  • Human trafficking (which, especially dissociated from transnational crime, is often used as a ploy to prosecute prostitution; the government also includes assisting undocumented migration to be human trafficking)

This effectively gives affirmative approval to the list of crimes for which the IC can use 702 information laid out by Bob Litt in 2015 (in the wake of the 2014 approval).

Importantly, the bill does not permit judicial review on whether the determination that something “affects, involves, or is related to” national security. Meaning Attorney General Jeff Sessions could decide tomorrow that it can collect the Tor traffic of BLM or BDS activists, and no judge can rule that’s an inappropriate use of a foreign intelligence program.

“So what?” you might ask, this is a foreign surveillance program. So what if they find evidence of child porn in the course of spying on designated foreign targets, and in the process turn it over to the FBI?

The reason this is a domestic spying program is because of two obscure parts of 702 precedent.

The 2014 exception permits NSA to collect Tor traffic — including the traffic of 430,000 Americans

First, there’s the 2014 exception.

In 2014, the FISC approved an exception to the rule that the NSA must detask from a facility when it discovers that a US person was using it. I laid out the case that the facilities in question were VPNs (collected in the same way PRISM would be) and Tor (probably collected via upstream collection). I suggested then that it was informed speculation, but it was more than that: the 2014 exception is about Tor (though I haven’t been able to confirm the technical details of it).

NSA is collecting Tor traffic, including the traffic of the 430,000 Americans each day who use Tor.

One way to understand how NSA gets away with this is to consider how the use of upstream surveillance with cybersecurity works. As was reported in 2015, NSA can use upstream for cybersecurity purposes, but only if that use is tied to known indicators of compromise of a foreign government hacking group.

On December 29 of last year, the Intelligence Community released a Joint Analysis Report on the hack of the DNC that was considered — for cybersecurity purposes — an utter shitshow. Most confusing at the time was why the IC labeled 367 Tor exit nodes as Russian state hacker indicators of compromise.

But once you realize the NSA can collect on indicators of compromise that it has associated with a nation-state hacking group, and once you realize NSA can collect on Tor traffic under that 2014 exception, then it all begins to make sense. By declaring those nodes indicators of compromise of Russian state hackers, NSA got the ability to collect off of them.

NSA’s minimization procedures permit it to retain domestic communications that are evidence of a crime

The FISC approved the 2014 exception based on the understanding that NSA would purge any domestic communications collected via the exception in post-tasking process. But NSA’s minimization procedures permit the retention of domestic communications if the communication was properly targeted (under targeting procedures that include the 2014 exception) and the communication 1) includes significant foreign intelligence information, 2) the communication includes technical database information (which includes the use of encryption), 3) contains information pertaining to an imminent threat of serious harm to life or property OR,

Such domestic communication does not contain foreign intelligence information but is reasonably believed to contain evidence of a crime that has been, is being, or is about to be committed. Such domestic communication may be disseminated  (including United States person identities) to appropriate law enforcement authorities, in accordance with 50 U.S.C. § 1806(b) and 1825(c), Executive Order No 12333, and, where applicable, the crimes reporting procedures set out in the August 1995 “Memorandum of Understanding: Reporting of Information Concerning Federal Crimes,” or any successor document.

So they get the data via the 2014 exception permitting NSA to collect from Tor (and VPNs). And they keep it and hand it off to FBI via the exception on NSA’s destruction requirements.

In other words, what Richard Burr’s bill does is affirmatively approve the use of Section 702 to collect Tor traffic and use it to prosecute a range of crimes, some of them potentially quite minor.

 

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

16 replies
  1. Peterr says:

    Imagine, for the moment, that this gets through and is signed. Comes now before the court the Prosecution, bringing with it a particularly juicy email obtained via 702.

    Prosecutor: We present the attached email from the defendant, which contains an admission by the defendant that he committed the crime before the court.

    Defense: Objection!

    Judge: I’m listening.

    Defense: That’s not my client’s email. He didn’t send it.

    Judge: Prosecution?

    Prosecution: It *is* the defendant’s email.

    Judge: Do you have the computer or phone from which he sent it? The computer or phone of someone who received it?

    Prosecution: No. We obtained in while it was in transit to its recipient.

    Defense: Prove it.

    Prosecution: Excuse me?

    Defense: When someone is stabbed and you find a knife in the suspect’s home with blood on it, you take the knife and run forensic tests. There’s a whole chain of custody that starts from the moment the officer picks up that knife that has to be documented and made available to the defense so that everything about the knife and blood can be tracked and tested. Show me the chain of custody on this email you allege came from my client. Prove that this email came from my client, and isn’t just the product of a fevered dream of a prosecutor’s office desperate to get a conviction.

    Prosecution: We can show it to the judge, in camera and under seal, but we can’t show it to you.

    Defense: I move that the charges be dismissed . . .

    How many non-executive branch eyes does the NSA want to have looking at its pretty 702 toys?

  2. Rugger9 says:

    Interesting point, but as I recall there was a case in OR during Shrub’s administration where the AUSA faxed the surveillance details to the defense lawyers inadvertently (it gave the defense proof of standing to ask about illegal wiretapping) but government lawyers were able to get the door slammed shut on further discovery.  After all, it was some Muslim aid group, not real Americans like the Bundy clan.

  3. earlofhuntingdon says:

    The list of crimes cited makes up a good part of what’s criminal under federal law. As you say, that would amount to a substantial expansion of the use of this information, or the legalization of that use.  It’s like giving small town local law enforcement bombers, tanks and howitzers: you never know when they might need one and it generates a lot of revenue for our suppliers.

    Next thing you know, they’ll label as criminal women and minorities by calling them “identity extremists”.  After all, banning together to promote common interests is almost unAmerican.  That must be why we have bankers’ societies and Ivy League secret societies, white immigrant bunds and culture clubs, and the identity driven societies that once thrived in Rabbit Angstrom’s middle America: Lions, Moose, Elks, Jaycees, Kiwanis, Rotary, Exchange, Odd Fellows, Knights of Columbus and Masons.

    But if one were really looking for extremists determined to upset everyone’s apple cart, who cared nothing for how they work or who they hurt in promoting their own interests, two names top the list: Steve Bannon and Donal Trump.

    • Peterr says:

      A few more names for that list of extremists determined to upset everyone’s apple cart, who cared nothing for how they work or who they hurt in promoting their own interests:

      Lloyd Blankfein
      Jamie Dimon
      Steve Mnuchin
      members of the boards of their banks and investment houses

      Unlike the Fed, the OTC, and the OCC, the FDIC actually knows how to go after bankers, at least a little bit, as they proved just last August:

      Federal banking regulators have issued a $125,000 penalty and barred a former chairman and CEO of Tulsa-based SpiritBank from future banking activities.

      Albert C. “Kell” Kelly signed the consent agreement with the Federal Deposit Insurance Corp. in May to pay the civil penalty. He did not admit or deny the agency’s allegations. The FDIC also issued an order of prohibition, a lifetime ban barring any future banking-related activities. . . .

      Kelly was president and CEO of SpiritBank from 1990 to 2014 and chairman from 2012 until earlier this summer. He is a past chairman of the American Bankers Association.

      Lifetime bans are a good thing for folks who screw with the financial system. But (sniff sniff) what will become of poor ol’ Kell? Fear not:

      Kelly is now a senior adviser to EPA Administrator Scott Pruitt. In May, Pruitt selected Kelly to chair a task force on Superfund sites.

      Head, meet desk.

      Where’s my scotch?

        • earlofhfuntingdon says:

          The Macallan 18, aged in sherry casks, would make a nice stocking stuffer then?

          I was remiss in not including Mnuchin.  Many acts recommend him: his taxpayer financed honeymoon travel; his taxpayer financed tour of of Goldfinger’s Ft. Knox, coincidentally timed to view the eclipse; his claim that it’s hard to make “across the board” tax cuts without giving gains to the wealthy commensurate with their wealth.

          Ignoring Mnuchin’s obtuse, down-the-rabbit-hole reasoning (ironically, Lewis Carroll was an Oxford don in mathematics), fixing the last item is easy: increase taxes on the wealthy while lowering them for the bottom 95%, keep or raise the estate and gift taxes, and the AMT. QED.

          Even a Bonesman could figure that out, were it not that Mnuchin, like Trump, wants all the “tax reform” benefits to go to the ultra-wealthy.  He must labor under the misapprehension, common to George Bush and other Bonesmen, that being born to wealth is the same as having earned it.

  4. Steven Presser says:

    It’s possible I’ve missed something, but how do you think the NSA is able to use Tor traffic as any kind of evidence? Unless the NSA controls a significant portion of the Tor nodes, the traffic coming out of the exit cannot be associated with the inputs – it’s the entire reason DARPA funded Tor in the first place. I suppose someone could send unencrypted traffic through Tor with identifying information embedded, but I’d categorize that as stupidity, rather than anything truly facilitated by the new powers.

    I think you’re right to be concerned about this, but I’d be more concerned about the mundane traffic that for whatever reason is subject to 702 collection.

  5. Thomas Paine Revisited says:

    Put in the context of 1.4 million new cases of apparently non-prosecuted fraud (totaling 3.5 if memory serves), that is where just considering not seating board members of Wells Fargo is being discussed, or trillions upon trillions of previous Wall Street fraud, which involved selling horrible stocks, betting against them, and thus totally violates fiduciary duty to clients, the race to capture everyone’s Internet traffic seems to be telling.  And what is said is, “What are you to us.”

    Apparently— Not much.  Certainly, it would seem, not worthy of constitutional protections.

  6. SpaceLifeForm says:

    Well, this is interesting timing wise.

    Microsoft Corp said it will drop a lawsuit against the U.S. government after the Department of Justice (DOJ) changed data request rules on alerting internet users about agencies accessing their information.

    http://www.reuters.com/article/us-microsoft-usa/microsoft-to-drop-lawsuit-after-u-s-government-revises-data-request-rules-idUSKBN1CT0I4

    The company expects the changes to end the practice of indefinite secrecy orders.

    [ “Expects”? Seriously? WTF is going on? You dont just drop the lawsuit because DOJ “SAYS” they US Government will do something. There must be something else going on.]

  7. TomA says:

    Marcy, it may be hopeless to push back against the tide of perpetual state-sponsored surveillance. At some point, it may make more sense to educate the public about the de facto loss of privacy and encourage private industry to develop and market countervailing tools. Rather than try to reign in Big Brother, wouldn’t it make more sense to flood their bandwidth with contrived nonsense. A bot AI army spewing disinformation is more likely to confound the State’s appetite for citizen spying than any legalism you might get placed in new legislation.

    • SpaceLifeForm says:

      Will not work. Most of public does not care about privacy. They are clueless. As to bot misinfo angle, that takes bandwidth which means money. TPTB have more bandwidth (and money) than you can imagine. A bot army will be squeezed out due to cost.

      The best approach is education, as in educating the public to elect smart people that get the tech (Wyden, Lieu), and that want to uphold the U.S. Constitution.

      Do not elect people beholden to money. (see Trump)

      • TomA says:

        It works in the military where jamming the enemy signal can mean the difference between life and death. A bot app running on every millennial’s iPhone would be both cheap and overwhelming to government eavesdropping. Drowned them in useless false signal.

Comments are closed.