The Revelations about FISA Bureaucracy in FBI’s FISA Fix Filing

The government submitted the filing ordered by now (thankfully) former FISA presiding Judge Rosemary Collyer on Friday, explaining how it’ll avoid the problems identified in the DOJ IG Report on Carter Page. As I’ll show in a follow-up, I believe the changes — with one possible exception — are worthwhile, if inadequate to the task.

In this post, however, I’d like to lay out what the filing reveals about two aspects of the FISA process that I did not know before.

Other agencies and state and local law enforcement can use FISA: While minimization procedures have revealed that FBI can share FISA information with other agencies, including state and local authorities, this filing reveals those other agencies can serve as the affiant for FISA applications.

Agents from other federal law enforcement agencies or state or local law enforcement officers serving on a Joint Terrorism Task Force with the FBI may, in some cases, act as the declarants for applications submitted by the FBI after reviewing receiving the necessary training. In the case of state or local law enforcement officers, such officers are deputized as Special Deputy United States Marshals for this purpose. (4)

I’ve never heard of this before and there are a whole lot of questions this raises, both about whether non-DOJ agencies are submitting FISA applications (CIA would be unsurprising, but ICE would be alarming and under this administration, not at all crazy), but also about the accountability for people who aren’t Federal employees. How many “Special Deputy United States Marshals” does SDNY have, for example, and was FISA used during the worst excesses of its intelligence program?

The timeline of updates to the Woods Procedures: The filing explains (I’m sure some of this is public, but it’s laid out here as well) that the Woods Procedures have been updated:

  • On February 2, 2006, FBI reminded its agents they need to,”create, maintain, and update a sub-file that contains all materials that document the support for each factual assertion contained in FISA applications.” Given the timing, this change may have been part of the effort to clean up Stellar Wind, which had been used to substantiate FISA applications without notice for the previous five years.
  • On March 24, 2006, DOJ’s OIPR advised the court about the sub-file requirement, though focused especially on ensuring that, “the federal official currently handling the source (or the federal official who is responsible for liaison to another entity who is handling the source) [confirms] that the source remains reliable, and that all material information regarding the reliability of the source is reported accurately in the FISA application.” This would have been the period when the FBI was cleaning up after Katrina Leung, one of the worst double agents in recent history, so may have pertained to her reporting.
  • In February 2009, NSD and FBI together required the FBI to remove any asserted fact for which there is no documentation, and do so retroactively. It also implemented quarterly accuracy reviews that have since been made semi-annual. The Section 215 disclosures in this same time period suggest Bush got sloppy in its last years, so this may have reflected a need to clean that up, too.
  • August 2016. There was an update to the Woods Procedure and 2009 Memorandum in 2016, but the filing doesn’t describe it (or why).

How OI’s accuracy reviews work:

As DOJ has revealed in the past, OI’s Oversight Section does FISA oversight reviews at 25-30  (of the 56) Field offices a year. They review the compliance with minimization and querying procedures, the latter of which only recently got imposed.

In addition, they do an accuracy review of a subset of FISA applications that reviews:

  • The facts establishing probable cause to believe that the target is a foreign power or agent thereof
  • The verification process that the targeted facilities are used by, owned by, possessed by, or in transit to or from the target
  • The basis for the US person status of the target
  • The factual accuracy of the related criminal matters section, such as types of criminal investigative techniques used (e.g., subpoenas) and dates of pertinent actions in the criminal case

As the filing makes clear, “these accuracy reviews do not check for the completeness of the facts included in the application,” which is the real source of the problems identified in the Page application. Right now, OI is “considering” expanding a subset of reviews to check for completeness, but is not committing to doing so.

Two things are of interest here. The definition of FISA “facilities,” has long been of interest, not least because the government likes to pretend it consists mostly of phone numbers and email addresses. Indeed, 2007, FISC approved a broad definition of “facility” that can be used to target suspects of a terrorist group (and, presumably now, other clandestine networks), in large numbers. The language in this bullet all comes from statute, but the use of “about to be used,” would support the kind of monitoring of a new computer or phone we’ve heard of. This language also might support the monitoring of Amazon and bank accounts. The validation of facilities (both to be sure Page was still using them and to sustain FISA coverage to be able to get to new ones) was something important to the renewal process of Page’s FISAs.

The language on criminal matters reveals how the FBI deals with parallel investigations, such as the one that happened with Keith Gartenlaub (where they government used both criminal subpoenas and FISA searches, which ultimately led to a child porn prosecution unrelated to any FISA suspicion). I knew this section existed, but thought it did so just to comply with a statutory requirement, when targeting US persons, that their clandestine activities may involve violating criminal statute. But this language makes it clear that this part of the FISA application also serves to provide notice of such parallel proceedings. Given that the FBI has to declare that they can’t obtain information under FISA via other means, this raises more questions about the degree to which FISA can serve as an additive authority for certain kinds of investigations that will let the FBI use techniques they wouldn’t use otherwise.

The section on OI reviews also reveals that they review FISA applications before information from an application is used in a proceeding against someone picked up in it.

OI has also, as a matter of general practice, conducted accuracy reviews ofFISA applications for which the FBI has requested affirmative use ofFISA-obtained or -derived information in a proceeding against an aggrieved person.

It’s hard to tell whether this is a good thing or a bad thing. That’s because it doesn’t necessarily help the defendant. After all, if the OI review discovers problems with FISA applications, then DOJ would be more likely to parallel construct the prosecution, thereby burying a problematic part of the investigation. And a review at the period when FBI is already considering using it in a proceeding is too late in the process to protect the civil liberties of the person who is aggrieved if there was a problem with the application.

The section describing these reviews also reveals that, “in enumerated exceptions,” the FBI doesn’t have to rely on “the most authoritative document that exists” in the Woods Procedure. A footnote makes clear that one of the areas where the application itself may not include everything in the underlying documentation is human sources, which permits the lawyer submitting the application to ask a human source coordinator to verify the application matches the underlying documentation. Remember that the language about Christopher Steele used in the Carter Page application didn’t come from his handling agent’s assessment, but it came from a serialized intelligence report based off his reporting. That’s not what this describes, but may be one of the reasons the FBI took that shortcut.

22 replies
  1. Peterr says:

    I’ve never heard of this before and there are a whole lot of questions this raises, both about whether non-DOJ agencies are submitting FISA applications (CIA would be unsurprising, but ICE would be alarming and under this administration, not at all crazy), but also about the accountability for people who aren’t Federal employees. How many “Special Deputy United States Marshals” does SDNY have, for example, and was FISA used during the worst excesses of its intelligence program?

    You mention ICE, but my mind went to such non-Federal LE folks as Sheriff Joe in Arizona and Sheriff Clarke in Wisconsin. *shudder*

    But I think there is a mechanism for accountability for non-federal employees – it seems to be primarily the responsibility of the FBI. Per the filing, these non-Feds don’t file FISA applications themselves, but “act as the declarants for applications submitted by the FBI“. Sounds to me that whoever these folks are, they must work through the FBI and not on their own.

    Whether these FBI folks would act as a brake on out-of-control non-Feds or would happily let them run amok in ways the FBI would like to but couldn’t is a separate question.

  2. sproggit says:

    Marcy mentions that she would not be surprised to learn that the CIA could submit a FISA application.

    But Edward Snowden was a CIA contractor working for Booze Allen Hamilton at the time he leaked. Could this in theory mean FISA applications could be submitted by contractors in the course of their analysis?

    • pdaly says:

      I also wondered about deputized MIT campus police officers with the right to police the streets of the City of Cambridge (with the Secret Service in tow) in order to track down a Harvard grad student on a bike?

      Massachusetts’ Cambridge Police Department has a crime unit using predictive analysis. I wonder if data that they feed the computers comes merely from reported crimes or whether other databases, such as information FISA applications might unlock, is fair game?

      This Wired article is from 2013.

      • bmaz says:

        Lol, no. That is, at best, a joint thing that might manifest itself in a Title III application.

        And, no to Sproggit’s question as to “contractors”. Snowden was never an affiant, and neither are any other “contractors”. So, “FISA applications could be submitted by contractors in the course of their analysis?” No. Hell no. Could their “analysis” be considered and included by a proper affiant? Yes, of course. That is obvious. And it is obvious if, from nothing else, the discussion as to how Steele was used in the Page warrants.

        Did anybody actually read the law review I cited previously? As acknowledged, it was not the most detailed legal argument in the world, but it was easily consumable by bright lay people and touches on how informants and sources are used, and sometimes misused, by law enforcement.

        • pdaly says:

          Thanks, bmaz.

          The hinky story of how the off-duty MIT campus officer just happened to be, on Jan 6, 2011, in an unmarked police car roughly 1 mile away from MIT’s campus when he just happened to spot Aaron Swartz on a bike (and I think it was during a snow storm or after a recent snowfall) and thought Aaron looked like the person caught on the MIT IP closet camera and then chased him to Aaron’s house nearby apartment building had me jumping to unnecessary conclusions. Still a hinky story.

          • bmaz says:

            Oh, don’t get me wrong, there are tons of questions about all that. But not germane to the FISA discussion. This is exactly why I keep emphasizing that people who only talk about “fixing FISA” are nuts. Federal warrant application should be fixed for all, not just FISA.

            • pdaly says:

              I was thinking about the claim by the government or MIT that they thought at one point (maybe retroactively?) that [Swartz’s] ghost computer in the IT closet was maybe part of a spying effort by China via students/researchers. Wondered if FISA was somehow in play at the time.

  3. Savage Librarian says:

    ew says:
    “Two things are of interest here. The definition of FISA “facilities,” has long been of interest, not least because the government likes to pretend it consists mostly of phone numbers and email addresses……This language also might support the monitoring of Amazon and bank accounts.”

    The reference to Amazon is interesting to me for it’s obvious use by buyers and sellers of services and products. But data storage and management may be, perhaps, its greatest avenue of profitability. So I wonder about the dangers of that being exploited. And I wonder how much of that might play into current cyber vulnerabilities, nefarious political enterprises, and the exploits of bad actors.

    Culturally, we have naively plunged headfirst into the digital world (with full-on support of trusted resources and institutions like schools and libraries.) Somehow, we need to find a way of educating ourselves and ensuring that we make safer and wiser decisions about how we communicate and how we keep informed. To me, a big part of this has to do with holding the data producers and the government more accountable. That seems to be another one of the existential conundrums that currently plague us.

    • drouse says:

      It seems that hardly a week goes by where I don’t hear some story about data breaches that expose millions of records. And a great many of those seem to involve improperly secured containers on AWS. Amazon would just rent the things out and left the configuration and security up to the customer. I understand that they will help out somewhat nowadays but only after taking heat over some of the most publicized incidents.

      As a matter of personal pique, software as a service and moving everything to the cloud has to be the world’s worst idea from the standpoint of keeping your stuff private. Three words, third party doctrine.

    • earlofhuntingdon says:

      Plunged or pushed? The industry and its proponents have spent billions persuading users that price and convenience are all that matter. Personal data? There ain’t no such thing, so don’t worry your pretty lil’ head about it.

      The accurate observation that, “If it’s free, you’re the product,” has been buried underneath the hundreds of billions that the likes of Zuckerberg and Google have made from all of us.

  4. earlofhuntingdon says:

    Moscow Mitch seems to think that his job is not to hold a fair and balanced Senate trial. Nor is it to defend Donald Trump. It is to convict the system that would hold both of them to account.

    That might be the greatest harm that Donald Trump and his neoliberal patrons inflict on America. If they are successful, it would institutionalize their one dollar-one vote replacement for democracy. A republic for the Business Roundtable.

  5. Savage Librarian says:

    Turtles & Toads & Swamps, Oh My

    Donald loves to wallow in swamp
    where he delights in an illicit romp
    with gator buddies who drool & chomp,
    punching down, whomp, whomp…

    He chose to become a Floridian
    where he puts the fib in amphibian,
    driving democracy to oblivion,
    while pretending to love his Gideon.

    And while we wait for his tax files
    he gathers his favorite reptiles,
    who support the murkiest exiles,
    while gaging assorted percentiles.

    The thing that he really most hates
    is the evolution of smart primates,
    populating now even in red states,
    and, of course, we thank Rick Gates.

    All those who are willfully upright,
    taking a stand to walk into the light,
    aiming facts to fight the good fight,
    can provide us with a second sight.

    Will we ever come to bear witness
    to all DT maybe thrust on a hit list
    and if he can pass a fair litmus
    testing unitary executive fitness?

  6. Eureka says:

    I stood straight up and paid attention when you — of all people — said this:

    […] two aspects of the FISA process that I did not know before.

    Powerful opener; scary for the implications of what we citizens don’t know about our gov’s operations.

  7. orionATL says:

    i intended to stick this comment on the severe damage that president trump’s all-out attack on the fbi has done to american national security at the end of ew’s jan. 6 “mega summary” post, but missed my window of opportunity. this spot will have to serve.

    beginning with his tacit threatening and then the firing of fbi director comey, trump and his congressional allies conducted an all-out propaganda and intimidation war on the fbi and major fbi-doj leaders in 2017-19. doj inspector general horowitz became one of the weapons used in this war.

    that he began an extensive, persistent war on the fbi immediately on taking office is solid evidence that our president understood very well that he had colluded with the russian government and putin to defeat his democratic opponent and was at eminent risk of having this collusion exposed.

    the risk to national security this attack represented is quite serious and consists of the fbi, the only federal-level investigative agency with the authority and collaborative reach (nsa, etc.) to be able to investigate collusion between a presidential candidate and either a foreign government or an economic entity, becoming reluctant to ever again undertake such an investigation for fear on similar exposure and “punishment”. one could of course hope that fbi leadership would never be so intimidated, but the behavior of bureaucracies suggests that that is a weak hope. even given the evident justifications involving a trump investigation, voices within the fbi were expressing hesitation and timidity at the undertaking. with the history of the trump mauling staring them in the face, i doubt future fbi leaders will be willing to undertake another investigation of a national political campaign.

    this argument is based on my assumption that a republican candidate successfully colluded with foreign leaders three times in the last 50 years – each time gaining the presidency as a consequence. those are nixon’s collusion with the vietnamese, reagan’s collusion with the iranians, and trump’s collusion with the russians.

    the danger i see is that any entity who wants to assert some control over the american government and american economic or military policy/power has as its easiest route influencing the choice of who serves as president. it seems reasonable to expect others in the future to follow the very successful history of the russian leadership’s siding with candidate trump. this approach works equally well for those american domestic political operators who wish to forward hide their real agenda.

    • bmaz says:

      Pretty amazing all in all. Only a malefactor like Trump could make Comey and the FBI sympathetic.

      The only other thing I would add (and intend to keep adding) to what Marcy said is that the focus only on FISA/FISC and the overly glorified “Woods protocols” is so short sighted.

      Every criminal target is entitled to such protections, not just goofballs in funny hats like Carter Page. People want to make things better? Stop focusing on Page and FISA. That is an abdication of justice for all.

      • orionATL says:

        one can never feel sorry for the FBI and specifically the way they have handled interrogations for decades. even after they instituted a policy of video and audio taping of their interviews they routinely cheat on the policy, viz their interview with the young british computer whiz they kidnapped on a stairwell in the l.a. airport.

        i feel very strongly about covert information being used against defendants. trump is engaging in special pleading; he doesn’t give a rat’s ass about justice. one can only hope that what trump has forced to be revealed in order to forward his propaganda and attack on the fbi for the purpose of protecting his “reputation” will in time benefit the larger, unprivileged, society.

Comments are closed.