Yesterday, a bunch of civil liberties groups issued a letter calling for FISA 702 reform as part of the Section 215 reauthorization this year. I agree that the reauthorization this year should address the problems with 702 that weren’t addressed last year, though even on FISA, the letter doesn’t go far enough. DOJ IG will soon issue a report partly addressing the Carter Page FISA application, and that will provide an opportunity to push to make reforms to traditional (individual) FISA, such as making it clear that some defendants must get to review the underlying affidavit. Similarly, it doesn’t make sense reforming Section 215’s subpoena function without, at the same time, reforming the subpoena authority that DEA uses for a similar dragnet that undergoes far less oversight, particularly given that Bill Barr is the guy who first authorized that DEA dragnet in his first go-around as authoritarian Attorney General.

But it’s also the case that the surveillance community could — and arguably has an opportunity to — address EO 12333 as well.

The Executive branch has been exploiting the tension between EO 12333 (foreign surveillance that, because it is “foreign,” is conducted under the exclusive authority of Article II) and FISA (“domestic” surveillance overseen by the FISA court) since Dick Cheney launched Stellar Wind on bogus claims the collection on foreign targets in the US amounted to “foreign” surveillance. From 2004 to 2008, Congress moved parts of that under FISA. But at several points since, the government has reacted to FISA restrictions by moving their surveillance under EO 12333, most notably when it moved much of its collection of Internet metadata under EO 12333 in 2012.

Unfortunately, most of the surveillance community and reporters covering such issues have been woefully unaware of even the limited public disclosures on EO 12333 surveillance (which for a time was branded as SPCMA). That made activism around Section 215 far less effective, as few people understood that Section 215 data was and remains just a small part of a larger, duplicative dragnet, and a lot of the claims made about the need for USA Freedom Act didn’t account for precisely what role the Section 215 dragnet played in the larger whole.

As one of its last acts, the Obama Administration institutionalized EO 12333 sharing across intelligence agencies, formalizing what Dick Cheney had been aiming for all along, just before Donald Trump took over.  At least as soon as that happened, the FBI (and other agencies, including but not limited to CIA) obtained a source of content that paralleled (and like the metadata dragnet, surely is significantly duplicative with) Section 702 collection.

That means the Section 702 opinion released last week discusses querying methods that may also be applied, in the same systems, to EO 12333 data. Indeed, one aspect of the querying procedures FBI finally adopted — that queries limited “such that it cannot retrieve unminimized section 702-acquired information” — is the kind of setting that NSA used to re-run queries that returned FISA information so as to return, instead, only EO 12333 data that could be shared under different rules with less oversight. Furthermore, the regime set up under EO 12333, which already includes squishy language about queries “for the purpose of targeting” a US person (suggesting other purposes are permissible), has the same kind of internal approval process that the government wanted to adopt with 702.

If FBI is querying both 702 and EO 12333 raw content in the same queries, it means the standards laid out by James Boasberg in his opinion should apply. Notably, Boasberg wrote at some length about what constituted “reasonable” procedures to govern querying, and under a balancing analysis, found that the procedures in place did not comply with the Fourth Amendment.

Whether the balance of interests ultimately tips in favor of finding the procedures to be inconsistent with the Fourth Amendment is a close question. Reasonableness under the Fourth Amendment does not require perfection. See In Re Directives, 551 F.3d at J 015 (“the fact that there is some potential for error is not a sufficient reason to invalidate” surveillances as unreasonable under the Fourth Amendment). Nonetheless, if “the protections that are in place for individual privacy interests are … insufficient to alleviate the risks of government error and abuse, the scales will tip toward a finding of unconstitutionality.” kl at 1012. Here, there are demonstrated risks of serious error and abuse, and the Court has found the government’s procedures do not sufficiently guard against that risk, for reasons explained above in the discussion of statutory minimization requirements.

By contrast, under the EO 12333 procedures, the only reasonableness review takes place when NSA decides whether to share its SIGINT, which doesn’t include risk of error and abuse.

Reasonableness. Whether approving the request is reasonable in light of all the circumstances known at the time of the evaluation of the request, including but not limited to:

[snip]

e. (U) The likelihood that sensitive U.S. person information (USPI) will be found in the information and, if known, the amount of such information;

f. (U) The potential for substantial harm, embarrassment, inconvenience, or unfairness to U.S. persons if the USPI is improperly used or disclosed;

And that’s with the additional minimization procedures under 702 that are stronger than the dissemination rules under the EO 12333 rules.

There are limits to this. Boasberg based his Fourth Amendment review in statutory considerations, statute that doesn’t yet exist with 12333. He did not determine that the act of querying, by itself, warranted Fourth Amendment protection (though the amici pushed him to do so).

But that shouldn’t stop Congress from requiring that FBI adhere to the same practices of querying with EO 12333 collected data as it does with Section 702 collected data, which would in turn limit the value, to FBI, of engaging in surveillance arbitrage by doing things under EO 12333 that it couldn’t do under 702.

At Motherboard, I have piece arguing that the best way to try to understand the Marcus Hutchins (MalwareTech) case is not from what we see in his indictment for authoring code that appears in a piece of Kronos malware sold in 2015. Instead, we should consider why Hutchins would look different to the FBI in 2016 (when the government didn’t arrest him while he was in Las Vegas) and 2017 (when they did). In 2016, he’d look like a bit player in a minor dark market purchase made in 2015. In 2017, he might look like a guy who had his finger on the WannaCry malware, but also whose purported product, Kronos, had been incorporated into a really powerful bot he had long closely tracked, Kelihos.

Hutchins’ name shows up in chats obtained in an investigation in some other district. Just one alias for Hutchins—his widely known “MalwareTech”—is mentioned in the indictment. None of the four or more aliases Hutchins may have used, mostly while still a minor, was included in the indictment, as those aliases likely would have been if the case in chief relied upon evidence under that alias.

Presuming the government’s collection of both sets of chat logs predates the WannaCry outbreak, if the FBI searched on Hutchins after he sinkholed the ransomware, both sets of chat logs would come up. Indeed, so would any other chat logs or—for example—email communications collected under Section 702 from providers like Yahoo, Google, and Apple, business records from which are included in the discovery to be provided in Hutchins’ case in FBI’s possession at that time. Indeed, such data would come up even if they showed no evidence of guilt on the part of Hutchins, but which might interest or alarm FBI investigators.

There is another known investigation that might elicit real concern (or interest) at the FBI if Hutchins’s name showed up in its internal Google search: the investigation into the Kelihos botnet, for which the government obtained a Rule 41 hacking warrant in Alaska on April 10 and announced the indictment of Russian Pyotr Levashov in Connecticut on April 21. Eleven lines describing the investigation in the affidavit for the hacking warrant remain redacted. In both its announcement of his arrest and in the complaint against Levashov for operating the Kelihos botnet, the government describes the Kelihos botnet loading “a malicious Word document designed to infect the computer with the Kronos banking Trojan.”

Hutchins has tracked the Kelihos botnet for years—he even attributes his job to that effort. Before his arrest and for a period that extended after Levashov’s arrest, Hutchins ran a Kelihos tracker, though it has gone dead since his arrest. In other words, the government believes a later version of the malware it accuses Hutchins of having a hand in writing was, up until the months before the WannaCry outbreak—being deployed by a botnet he closely tracked.

There are a number of other online discussions Hutchins might have participated in that would come up in an FBI search (again, even putting aside more dated activity from when he was a teenager). Notably, the attack on two separate fundraisers for his legal defense by credit card fraudsters suggests that corner of the criminal world doesn’t want Hutchins to mount an aggressive defense.

All of which is to say that the FBI is seeing a picture of Hutchins that is vastly different than the public is seeing from either just the indictment and known facts about Kronos, or even open source investigations into Hutchins’ past activity online.

To understand why Hutchins was arrested in 2017 but not in 2016, I argue, you need to understand what a back door search conducted on him in May would look like in connection with the WannaCry malware, not what the Kronos malware looks like as a risk to the US (it’s not a big one).

I also note, however, that in addition to the things FBI admitted they searched on during their FBI Google searches — Customs and Border Protection data, foreign intelligence reports, FBI’s own case files, and FISA data (both traditional and 702) — there’s something new in that pot: data collected under EO 12333 shared under January’s new sharing procedures.

That data is likely to expose a lot more security researchers for behavior that looks incriminating. That’s because FBI is almost certainly prioritizing asking NSA to share criminal hacker forums — where security researchers may interact with people they’re trying to defend against in ways that can look suspicious if reviewed out of context. That’s true, first of all, because many of those forums (and other dark web sites) are overseas, and so are more accessible to NSA collection. The crimes those forums facilitate definitely impact US victims. But criminal hacking data — as distinct from hacking data tied to a group that the government has argued is sponsored by a nation-state — is also less available via Section 702 collection, which as far as we know still limits cybersecurity collection to the Foreign Government certificate.

If I were the FBI I would have used the new rules to obtain vast swaths of data sitting in NSA’s coffers to facilitate cybersecurity investigations.

So among the NSA-collected data we should expect FBI newly obtained in raw form in January is that from criminal hacking forums. Indeed, new dark web collection may have facilitated FBI’s rather impressive global bust of several dark web marketing sites this year. (The sharing also means FBI will no longer have to go the same lengths to launder such data it obtains targeting kiddie porn, which it appears to have done in the PlayPen case.)

As I think is clear, such data will be invaluable for FBI as it continues to fight online crime that operates internationally. But because back door searches happen out of context, at a time when the FBI may not really understand what it is looking at, it also risks exposing security researchers in new ways to FBI’s scrutiny.

In one of his first acts as leader of the Democratic party in 2008, Barack Obama flipped his position on telecom immunity under FISA Amendments Act, which cleared the way for its passage. That was a key step in the legalization of the Stellar Wind dragnet illegally launched by George Bush in 2001, the normalization of turnkey surveillance of the rest of the world, surveillance that has also exposed countless Americans to warrantless surveillance.

Bookends of the Constitutional law president’s tenure: codifying and expanding Stellar Wind

So it is ironic that, with one of his final acts as President, Obama completed the process of normalizing and expanding Stellar Wind with the expansion of EO 12333 information sharing.

As I laid out some weeks ago, on January 3, Loretta Lynch signed procedures that permit the NSA to share its data with any of America’s other 16 intelligence agencies. This gives CIA direct access to NSA data, including on Americans. It gives all agencies who jump through some hoops that ability to access US person metadata available overseas for the kind of analysis allegedly shut down under USA Freedom Act, with far fewer limits in place than existed under the old Section 215 dragnet exposed by Edward Snowden.

And it did so just as an obvious authoritarian took over the White House.

I’ve was at a privacy conference in Europe this week (which is my partial explanation for being AWOL all week), and no one there, American or European, could understand why the Obama Administration would give Trump such powerful tools.

About the only one who has tried to explain it is former NSA lawyer Susan Hennessey in this Atlantic interview.

12333 is not constrained by statute; it’s constrained by executive order. In theory, a president could change an executive order—that’s within his constitutional power. It’s not as easy as just a pen stroke, but it’s theoretically possible.

[snip]

When they were in rewrites, they were sort of vulnerable. There was the possibility that an incoming administration would say, “Hey! While you’re in the process of rewriting, let’s go ahead and adjust some of the domestic protections.” And I think a reasonable observer might assume that while the protections the Obama administration was interested in putting into place increased privacy protections—or at the very least did not reduce them—that the incoming administration has indicated that they are less inclined to be less protective of privacy and civil liberties. So I think it is a good sign that these procedures have been finalized, in part because it’s so hard to change procedures once they’re finalized.

[snip]

I think the bottom line is that it’s comforting to a large national-security community that these are procedures that are signed off by Director of National Intelligence James Clapper and Attorney General Loretta Lynch, and not by the DNI and attorney general that will ultimately be confirmed under the Trump Administration.

Hennessey’s assurances ring hollow. That’s true, first of all, because it is actually easier to change an EO — and EO 12333 specifically — than “a pen stroke.” We know that because John Yoo did just that, in authorizing Stellar Wind, when he eliminated restrictions on SIGINT sharing without amending EO 12333 at all. “An executive order cannot limit a President,” Yoo wrote in the 2001 memo authorizing Stellar Wind. “There is no constitutional requirement for a President to issue a new executive order whenever he wishes to depart from the terms of a previous executive order. Rather than violate an executive order, the President has instead modified or waived it.” And so it was that the NSA shared Stellar Wind data with CIA, in violation of the plain language of EO 12333 Section 2.3, until that sharing was constrained in 2004.

Yes, in 2008, the Bush Administration finally changed the language of 2.3 to reflect the SIGINT sharing it had started to resume in 2007-2008. Yes, this year the Obama Administration finally made public these guidelines that govern that sharing. But recent history shows that no one should take comfort that EOs can bind a president. They cannot. The Executive has never formally retracted that part of the 2001 opinion, which in any case relies on a 1986 OLC opinion on Iran-Contra arguing largely the same thing.

No statutorily independent oversight over vastly expanded information sharing

Which brings us to whether the EO sharing procedures, as released, might bind Trump anymore than EO 12333 bound Bush in 2001.

In general, the sharing procedures are not even as stringent as other surveillance documents from the Obama Administration. The utter lack of any reasonable oversight is best embodied, in my opinion, by the oversight built into the procedures. A key cog in that oversight is the Department of National Intelligence’s Privacy and Civil Liberties Officer — long inhabited by a guy, Alex Joel, who had no problem with Stellar Wind. That role will lead reviews of the implementation of this data sharing. In addition to DNI’s PCLO, NSA’s PCLO will have a review role, along with the General Counsels of the agencies in question, and in some limited areas (such as Attorney Client communications), so will DOJ’s National Security Division head.

What the oversight of these new sharing procedures does not include is any statutorily independent position, someone independently confirmed by the Senate who can decide what to investigate on her own. Notably, there is not a single reference to Inspectors General in these procedures, even where other surveillance programs rely heavily on IGs for oversight.

There is abundant reason to believe that the PATRIOT Act phone and Internet dragnets violated the restrictions imposed by the FISA Court for years in part because NSA’s IG’s suggestions were ignored, and it wasn’t until, in 2009, the FISC mandated NSA’s IG review the Internet dragnet that NSA’s GC “discovered” that every single record ingested under the program violated FISC’s rules after having not discovered that fact in 25 previous spot checks. In the past, then, internal oversight of surveillance has primarily come when IGs had the independence to actually review the programs.

Of course, there won’t be any FISC review here, so it’s not even clear whether explicit IG oversight of the sharing would be enough, but it would be far more than what the procedures require.

I’d add that the Privacy and Civil Liberties Oversight Board, which provided key insight into the Section 215 and 702 programs, also has no role — except that PCLOB is for all intents and purposes defunct at this point, and there’s no reason to believe it’ll become operational under Trump.

Obama vastly expanded information sharing with these procedures without implementing the most obvious and necessary oversight over that sharing, statutorily independent oversight.

Limits on using the dragnet to affect political processes

There is just one limit in the new procedures that I think will have any effect whatsoever — but I think Trump may have already moved to undercut it.

The procedures explicitly prohibit what everyone should be terrified about under Trump — that he’ll use this dragnet to persecute his political enemies. Here’s that that prohibition looks like.

Any IC element that obtains access to raw SIGINT under these Procedures will:

[snip]

Political process in the United States. Not engage in any intelligence activity authorized by these Procedures, including disseminations to the White House, for the purpose of affecting the political process in the United States. The IC element will comply with the guidance applicable to NSA regarding the application of this prohibition. Questions about whether a particular activity falls within this prohibition will be resolved in consultation with the element’s legal counsel and the General Counsel of the Office of the Director of National Intelligence (ODNI) (and the DoD’s Office of the General Counsel in the case of a DoD IC element).

If you need to say the IC should not share data with the White House for purposes of affecting the political process, maybe your info sharing procedures are too dangerous?

Anyway, among the long list of things the IC is not supposed to do, this is the only one that I think is so clear that it would likely elicit leaks if it were violated (though obviously that sharing would have to be discovered by someone inclined to leak).

All that said, note who is in charge of determining whether something constitutes affecting political processes? The IC agency’s and ODNI’s General Counsel (the latter position is vacant right now). Given that the Director of National Intelligence is one of the positions that just got excluded from de facto participation in Trump’s National Security Council (in any case, Republican Senator Dan Coats has been picked for that position, which isn’t exactly someone you can trust to protect Democratic or even democratic interests), it would be fairly easy to hide even more significant persecution of political opponents.

FBI and CIA’s expanded access to Russian counterintelligence information

There is, however, one aspect of these sharing guidelines that may have work to limit Trump’s power.

In the procedures, the conditions on page 7 and 8 under which an American can be spied on under EO 12333 are partially redacted. But the language on page 11 (and in some other parallel regulations) make it clear one purpose under which such surveillance would be acceptable, as in this passage.

Communications solely between U.S. persons inadvertently retrieved during the selection of foreign communications will be destroyed upon recognition, except:

When the communication contains significant foreign intelligence or counterintelligence, the head of the recipient IC element may waive the destruction requirement and subsequently notify the DIRNSA and NSA’s OGC;

Under these procedures generally, communications between an American and a foreigner can be read. But communications between Americans must be destroyed except if there is significant foreign intelligence or counterintelligence focus. This EO 12333 sharing will be used not just to spy on foreigners, but also to identify counterintelligence threats (which would presumably include leaks but especially would focus on Americans serving as spies for foreign governments) within the US.

Understand: On January 3, 2017, amid heated discussions of the Russian hack of the DNC and public reporting that at least four of Trump’s close associates may have had inappropriate conversations with Russia, conversations that may be inaccessible under FISA’s probable cause standard, Loretta Lynch signed an order permitting the bulk sharing of data to (in part) find counterintelligence threats in the US.

This makes at least five years of information collected on Russian targets available, with few limits, to both the CIA and FBI. So long as the CIA or FBI were to tell DIRNSA or NSA’s OGC they were doing so, they could even keep conversations between Americans identified “incidentally” in this data.

I still don’t think giving the CIA and FBI (and 14 other agencies) access to NSA’s bulk SIGINT data with so little oversight is prudent.

But one of the only beneficial aspects of such sharing might be if, before Trump inevitably uses bulk SIGINT data to persecute his political enemies, CIA and FBI use such bulk data to chase down any Russian spies that may have had a role in defeating Hillary Clinton.

Last week, the government released the long-awaited procedures permitting the intelligence community to share raw 12333 collected information more widely. This will be a working thread on those procedures.

(1) The procedures bill themselves as procedures to govern the sharing of information under 2.3 of EO 12333, which basically permits the IC to share info so IC elements can see if they need the info.

(1) The procedures exclude NSA SIGINT activities, which I think has the effect of making sure those don’t operate with these limits.

(2) The procedures also exclude activities undertaken under NSCID-5 and NSCID-6, which I think has the effect of excluding joint NSA-CIA activities that already take place.

(2) Note the reference to PPD-28 (which reappears) refers to PPD-28 “and implementing procedures and any successor documents.” That suggests there may be a lot more about PPD-28 we’re not seeing, and that this Administration anticipates it will be changed.

(2-3) This section lays out what it claims to be limits on any info sharing agreements, which is basically a requirement that any entity getting NSA data must adopt procedures akin to those NSA adopts.

(3) Even if NSA tells another element of intelligence that would interest them, the element must make a formal request to get it. I suspect this is done so NSA can pretend it is not affirmatively giving away entire swaths of data.

(4) There’s an odd definition of “reasonableness,” which is the standard NSA always says it uses to comply with the Fourth Amendment. It includes these measures of impact on US persons:

e. (U) The likelihood that sensitive U.S. person information (USPI) will be found in the information and, if known, the amount of such information;

f. (U) The potential for substantial harm, embarrassment, inconvenience, or unfairness to U.S. persons if the USPI is improperly used or disclosed;

That is, the measure is not if information is improperly access, but if accessing it might cause the US person substantial embarrassment of inconvenience.

(4) After the long section on reasonableness, the procedures then say NSA doesn’t actually have to check the data set to make sure its measures of impact are valid.

(5) Those receiving NSA data are prohibited from tampering in politics.

Not engage in any intelligence activity authorized by these Procedures, including disseminations to the White House, for the purpose of affecting the political process in the United States.

(5) Sharing agreements are covered by memoranda of agreement that last 3 years. Given the discussion of whether or not this enables Trump, I think it worth noting that any data sharing can be expanded before Trump’s first term ends. Conversely, that implies that any president can impose new restrictions during a term.

(5) There’s a squabble resolution process that goes to Secretary of Defense, then DNI for military units, and DNI for non-military.

(5) The procedures provide 3 different options for data possession that can count as sharing (one that was laid out in the 5240.01 revision released last year): the data remains in NSA’s systems, it goes to the IC cloud, it goes to the receiving entity’s systems. The roll-out of the IC cloud in recent years was a technical precondition for this expanded sharing.

(6) Before the procedures talk about what the entities have to do with audits (that does come later), it has this to say about protecting audit records.

Auditing records. Protect auditing records against unauthorized access, modification, or deletion, and retain these records for a sufficient period of time to verify compliance with the requirements of these Procedures.

Did they need to include this because audit records have been altered in the past?

(6) I’ve written a lot about the times (especially at FBI) where elements choose not to mark the source for their data, which allows for a lot of negative outcomes (such as hiding evidence source from defendants). So this passage makes me really furious.

Marking o(files. Use reasonable measures to identify and mark or tag raw SIGINT files reasonably believed or known to contain USPI. Marking and tagging will occur regardless of the format or location of the information, or the method of storing it. When appropriate and reasonably possible, files and documents containing USPI will also be marked individually. In the case of certain electronic databases, if it is not reasonably possible to mark individual files containing USPI, a banner may be used before access informing users that they may encounter USPI.

There should be an initial requirement that all shared data retains its NSA SIGAD information, marking it both as NSA data and tracking how it was collected. But this only asks that recipients mark data if it includes USPI, and even there allows the requirement to slide.

(7) The section prohibiting the selection of domestic (that is, between entirely US persons) is worthwhile. Except they don’t tell you until later that metadata analysis (which for the purposes of this document is limited to contact chaining) is exempt from this. So this means law enforcement can use entirely NSA-collected raw data to do network analysis of entirely American communications.

(7) There are actually 3 different kinds of searches included in these procedures, which should get people to reconsider how they refer to “upstream” searches: searches on the identity of a communicant, searches mentioning a communicant, and searches on content (which comes a few pages later).  Also note, it all relies on a new definition of “foreign” communications to mean what “international” used to, meaning they can access communications of a US person via that US person identifier if it happens internationally.

(7) The procedures let IC elements use US person identifiers for “selection” (a term designed to avoid “search”) if that person is already approved for content spying with a FISA order, but not for metadata spying. Note they list 703 among the authorities in question, though at least until recently, they never used 703.

(7) One of the key prongs (of three) under which an element can spy on an American w/AG approval is redacted. I’ll come back to this.

(8) Some of the reasons why the IC can spy on Americans are redacted. Given the items that appear on page 12, at least one of these is almost certainly a counterintelligence focus. The other may be counternarcotics or transnational crime.

(9) After having laid out how you can spy on Americans via their identifiers, the procedures now lay out how they might be swept up via their content. Remember that this may mean “content of headers,” and likely includes selectors for things like encryption keys. The selection term based collection permits the selection of US person communications (possibly, given the redaction, even between two US based US persons) if there will be significant FI or CI value.

(9) Minor point but the procedures explicitly use the phrase “defeat,” which is a concept often redacted.

(9) There are no explicit protections for Attorney Client communications here, just a “call NSD for guidelines” rule, which is alarming.

(9) I’ll come back to F, which is basically SPCMA on steroids, and probably a significant part of these sharing goals anyway. Effectively, this institutes SPCMA analysis, across IC elements, without some of the protections that have long been in place.

(10) Note, there seems to be flux in what metadata can be included as metadata (though there are reasonable definitions for metadata later). Also, ZERO of the oversight involves DOD.

(10) Retention is 5 years, so consistent with Section 309, which it cites.

(10) Note the reference to “data related to” communications to, from, or about US persons.

(10) The IC can only keep domestic communications in case of threat of death or bodily harm (but remember they include bodily harm to corporate persons in that).

(11) This is confusing. Right after saying it has to destroy domestic comms, it says that it can keep them if there is significant CI or FI value, and or anomalies showing a vulnerability to US comm service. This is sort of consistent with upstream 702, but not quite.

(11) The procedures treat government employee comes differently based on who they’re talking to, which is a tribute to how much this is about counterintelligence.

(11) The immediate notice of destruction incorporates a lesson they learned during 702, when such notices took time and US person stuff remained in the system in NSA even if destroyed at FBI.

(12) Note US person info can be disseminated for a non-exclusive list, though the list is quite extensive in any case.

(12) Info can be disseminated if someone is the target of hostile intelligence activities of a foreign power. This might make it easier for DHS to disseminate warnings.

(13) The auditing function described does not include an explicit exception for techs, whereas it would at NSA.

(14) Note the distinction between queries and retrievals. Added to selection, and we’ve got another set of not entirely sensical terms that are new.

(14) Note that throughout, the oversight mechanisms avoid any body that is statutorily independent, including both PCLOB and the IGs. So it should not be taken as credible.

(15) The first paragraph of VIII makes it clear they’re parallel constructing this. No notice to defendants basically makes this unconstitutional, but the ID doesn’t care.

(16) Throughout, there are designees allowed that will make it a cinch to put some of these sharing relationships in a box where no one will find them.

(16) The departures from procedures section doesn’t include any deadlines for how long until notifications have to go out. Again, another easily exploited loophole.

(17) They added language to Obama’s standard “does not create any rights” language to include “nor do they place any limitation on otherwise lawful investigative and litigative prerogatives of the United States.” Which sounds like even more parallel construction.

(17) As we’ll see, “contact chaining” is defined to mean two hops. But because it isn’t tied to anything, and because the definition of foreign power includes 3 degrees of separate for most things (engages in, aids or abets, or conspires), it really amounts to about 5 degrees of separation from any baddie.

(18) The definitions of metadata here are interesting (and different from the SPCMA one). First, on telephony metadata, they don’t comment about location. The Internet metadata description is more descriptive than any I’ve seen, including routers passed during delivery. But there’s so much that’s not addressed in the definition, because it pretends to be exclusively about email.

(19) The definition of contact chaining does not include, as USAF chaining does, connection chaining. This reinforces my belief that the latter primarily serves a complimentary function, that of IDing all associated identities known by a provider. The contact chaining definition only permits two hops, but there’s no limitation on target, which permits at least 5 and really an infinite number of hops.

(19) If just one recipient in a threat is not a USP, it does not count as domestic. Also, circumstances where someone doesn’t have a REOP, like Twitter, does not count as domestic either.

(19) There used to be two distinct definitions: International, which was one end US, and foreign, which is both-ends foreign. I’m not sure why they’ve changed it such that any end foreign counts as foreign, but that seems problematic.

(20) Public info includes that which is available on request, or by purchase, meaning this may includes a lot of brokered lists and the like (including advertising information).

(20) Definition of “selection” includes “cable address,” which seems like it could be very broadly interpreted.

(21) The definition of “selection term” is very useful (basically a boolean selection term), and should have been made public before.

(22) The USPI definition is notable both for its inclusions and exclusions. “Unique biometric records” is included, which seems like could be very broadly interpreted (and makes clear they’re throwing all the biometrics they have into this pot of analysis. There’s no specific mention of online identities (“names” and “unique titles” may incorporate that, but should be stated publicly). There’s also no mention of cookies or other session identifiers (which is especially notable given the silence about location data).

(22) The overhead reconnaissance language means they can use drone footage against us, so long as they don’t target it at us. Though some DirtBox uses would be problematic.

A number of outlets are reporting that Ted Lieu and Blake Farenthold have written a letter to NSA Director Mike Rogers urging him not to implement the new data sharing effort reported by Charlie Savage back in February. While I’m happy they wrote the letter, they use a dubious strategy in it: they suggest their authority to intervene comes from Congress having “granted” NSA authority to conduct warrantless collection of data.

Congress granted the NSA extraordinary authority to conduct warrantless collection of communications and other data.2

2 See Foreign Intelligence Surveillance Act and the Patriot Act.

As an initial matter, they’ve sent this letter to a guy who’s not in the chain of approval for the change. Defense Secretary Ash Carter and Attorney General Loretta Lynch will have to sign off on the procedures developed by Director of National Intelligence James Clapper; they might consult with Rogers (if he isn’t the one driving the change), but he’s out of the loop in terms of implementing the decision.

Furthermore, the Congressionally granted authority to conduct warrantless surveillance under FISA has nothing to do with the authority under which NSA collects this data, EO 12333. In his story, Savage makes clear that the change relies on the [what he called “little-noticed,” which is how he often describes stuff reported here years earlier] changes Bush implemented in the wake of passage of FISA Amendments Act. As I noted in 2014,

Perhaps the most striking of those is that, even while the White House claimed “there were very, very few changes to Part 2 of the order” — the part that provides protections for US persons and imposes prohibitions on activities like assassinations — the EO actually replaced what had been a prohibition on the dissemination of SIGINT pertaining to US persons with permission to disseminate it with Attorney General approval.

The last paragraph of 2.3 — which describes what data on US persons may be collected — reads in the original,

In addition, agencies within the Intelligence Community may disseminate information, other than information derived from signals intelligence, to each appropriate agency within the Intelligence Community for purposes of allowing the recipient agency to determine whether the information is relevant to its responsibilities and can be retained by it.

The 2008 version requires AG and DNI approval for such dissemination, but it affirmatively permits it.

In addition, elements of the Intelligence Community may disseminate information to each appropriate element within the Intelligence Community for purposes of allowing the recipient element to determine whether the information is relevant to its responsibilities and can be retained by it, except that information derived from signals intelligence may only be disseminated or made available to Intelligence Community elements in accordance with procedures established by the Director in coordination with the Secretary of Defense and approved by the Attorney General.

Given that the DNI and AG certified the minimization procedures used with FAA, their approval for any dissemination under that program would be built in here; they have already approved it! The same is true of the SPCMA — the EO 12333 US person metadata analysis that had been approved by both Attorney General Mukasey and Defense Secretary Robert Gates earlier that year. Also included in FISA-specific dissemination, the FBI had either just been granted, or would be in the following months, permission — in minimization procedures approved by both the DNI and AG — to conduct back door searches on incidentally collected US person data.

In other words, at precisely the time when at least 3 different programs expanded the DNI and AG approved SIGINT collection and analysis of US person data, EO 12333 newly permitted the dissemination of that information.

What Bush did just as he finished moving most of Stellar Wind over to FISA authorities, was to make it permissible to share EO 12333 data with other intelligence agencies under the same kind of DNI/AG/DOD approval process already in place for surveillance. They’ve already been using this change (though as I note, in some ways the new version of EO 12333 made FAA sharing even more permissive than EO 12333 sharing). And Savage’s article describes that they’ve intended to roll out this further expansion since Obama’s first term.

Obama administration has been quietly developing a framework for how to carry it out since taking office in 2009.

[snip]

Intelligence officials began working in 2009 on how the technical system and rules would work, Mr. Litt said, eventually consulting the Defense and Justice Departments. This month, the administration briefed the Privacy and Civil Liberties Oversight Board, an independent five-member watchdog panel, seeking input. Before they go into effect, they must be approved by James R. Clapper, the intelligence director; Loretta E. Lynch, the attorney general; and Ashton B. Carter, the defense secretary.

“We would like it to be completed sooner rather than later,” Mr. Litt said. “Our expectation is months rather than weeks or years.”

All of which is to say that if Lieu and Farenthold want to stop this, they’re going to have to buckle down and prepare for a fight over separation of powers, because Congress has had limited success (the most notable successes being imposition of FAA 703-705 and Section 309 of last year’s intelligence authorization) in imposing limits on EO 12333 collection. Indeed, Section 309 is the weak protection Dianne Feinstein and Mark Udall were able to get for activities they thought should be covered under FAA.

Two more points. First, I suspect such expanded sharing is already going on between NSA and DEA. I’ve heard RUMINT that DEA has actually been getting far more data since shutting down their own dragnets in 2013. The sharing of “international” narcotics trade data has been baked into EO 12333 from the very start. So it would be unsurprising to have DEA replicate its dragnet using SPCMA. There’s no sign, yet, that DEA has been included under FAA certifications (and there’s not, as far as we know, an FAA narcotics certificate). But EO 12333 sharing with DEA would be easier to implement on the sly than FAA sharing. And once you’ve shared with DEA, you might as well share with everyone else.

Finally, this imminent change is why I was so insistent that SPCMA should have been in the Brennan Center’s report on privacy implications of EO 12333 collection. What the government was doing, explicitly, in 2007 when they rolled that out was making the US person participants in internationally collected data visible. We’ve seen inklings of how NSA coaches analysts to target foreigners to get at that US person content. The implications of basing targeting off of SPCMA enabled analysis under PRISM (which we know they do because DOJ turned over the SPCMA document, but not the backup, to FISC during the Yahoo challenge), currently, are that US person data can get selected because US persons are involved and then handed over to FBI with no limits on its access. Doing so under EO 12333 will only expand the amount of data available — and because of the structure of the Internet, a great deal of it is available.

Probably, the best way to combat this change is to vastly expand the language of FAA 703-705 to over US person data collected incidentally overseas during next year’s FAA reauthorization. But it will take language like that, because simply pointing to FISA will not change the Executive’s ability to change EO 12333 — even secretly! — at will.

The Brennan Center released a report on EO 12333 Thursday that aims to spark a debate about the privacy impacts of (just) NSA’s surveillance overseas, in part by describing the privacy impacts of EO 12333.

In contrast, there has been relatively little public or congressional debate within the United States about the NSA’s overseas surveillance operations, which are governed primarily by Executive Order (EO) 12333—a presidential directive issued by Ronald Reagan in 1981 and revised by subsequent administrations. These activities, which involve the collection of communications content and metadata alike, constitute the majority of the NSA’s surveillance operations, yet they have largely escaped public scrutiny.

There are several reasons why EO 12333 and the programs that operate under its aegis have gone largely unnoticed. One is the misconception that overseas surveillance presents little privacy risk to Americans. Another is the scant information in the public domain about how EO 12333 actually operates. Finally, the few regulations that are public create a confusing and sometimes internally inconsistent thicket of guidelines.

Unfortunately the report misses some of the biggest threats EO 12333 surveillance poses to Americans’ privacy. Indeed, the report reads more like a hodgepodge of some risks, rather than a report on the ways in which the NSA and other agencies can spy on Americans overseas. When attempting to define the political battlefield in which future fights for reform will happen, we can’t afford to miss any ground.

Historical and technical discussion

Brennan’s excellent report on the FISA Court (like this report, written by Liza Goitein and Faiza Patel, though Amos Toh also worked on this recent report) started with a history of how we got to where we are now, with the FISA Court approving entire surveillance programs in secret. This report would have profited from doing the same. It would have contextualized EO 12333, as the third of a series of EOs issued in the wake of the Keith decision and the Church Committee, which arose out of a separation of powers debate between the Executive and Congress. It could have described the few details we know of the largely unknown process by which EO 12333’s protections for Americans started breaking down. It would have described how, with Stellar Wind, the Executive blew off FISA and secretly rewrote EO 12333 without notice to spy on Americans (in part by turning an existing DEA dragnet, which was at least partly authorized by domestic statute, inward). It would have described how, in the wake of the hospital confrontation, the Executive moved most of those activities under FISA, only to start moving them back (most notably with Internet metadata) as FISA again proved too restrictive, even as technology made bypassing FISA easier.

The discussion also would benefit from more discussion of the telecommunications infrastructure of the world, how packets get routed across it, and how tech companies (and the NSA!) operate servers in multiple places around the globe. As an example, the report discusses XKeyscore as a “database” even while linking to an article that describes it as a “a fully distributed processing and query system that runs on machines around the world.” I get using “database” as shorthand for repositories — I’ve done it myself, particularly for the federated queries that chained metadata from both Section 215, PRTT, and 12333 collection in unified queries (and in so doing alerted analysts when the same queries could be run entirely under EO 12333 and so be covered by more flexible rules). But understanding how that collect-and-query process exploits the flows of data across the Internet is key to understanding how even Americans talking to Americans can be exposed — but also to giving the NSA’s protections for US persons a fair shake (one of NSA’s most common Intelligence Oversight Board violations, from what we can see of the often redacted reports, seem to be about query construction, which shows NSA polices that part of the process closely). The privacy threat to Americans from EO 12333 authorized SIGINT stems from a “Collect it all” mentality and the structure of the Internet–  not from any discreet programs that employ a different approach for one particular country or unencrypted data source.

Treatment of SPCMA

I’m most baffled by the report’s silence on Special Procedures for Communications Metadata Analysis, SPCMA, especially given the report’s extended (and worthwhile) discussion of the word games DOD plays with “collection” and other terms, as in this passage based on language in place up until the moment DOJ started implementing SPCMA in 2007.

The Intelligence Law Handbook indicates that for intelligence agencies housed under the DoD, the act of “collection” is “more than ‘gathering’ — it could be described as ‘gathering, plus…’”91 But what additional action is required to complete “collection” depends on which agency you ask and which document you rely on. This makes it difficult to determine which rules, if any, apply when an intelligence agency gathers information. Our analysis shows that there are at least three definitions of “collection”:

1) the process by which information obtained is rendered “intelligible” to human understanding;

2) the process by which analysts filter out information they want from the information obtained; and

3) the gathering or obtaining of information (i.e., the ordinary meaning of the word “collection”).

Since EO 12333 procedures are triggered only upon “collection,” this ambiguity potentially allows the NSA to avoid restrictions simply by categorizing certain information as not having been “collected.”

After all, SPCMA involved precisely those same kinds of word games, creating a virgin birth for data collected overseas.

For purposes of Procedure 5 of DoD Regulation 5240.1-R and the Classified Annex thereto, contact chaining and other metadata analysis don’t qualify as the “interception” or “selection” of communications, nor do they qualify as “us[ing] a selection term,” including using a selection term “intended to intercept a communication on the basis of … [some] aspect of the content of the communication.”

And those procedures were adopted explicitly in the service of being able to include US person data in EO 12333 analysis.

The Supplemental Procedures, attached at Tab A, would clarify that the National Security Agency (NSA) may analyze communications metadata associated with United States persons and persons believed to be in the United States.

In 2007, the government made an affirmative effort to be able to integrate foreign collected US person metadata into NSA’s analysis. It did so at a time when it was also working toward greater information-sharing between agencies (under ICREACH) and at a time when first getting the FISA Court to sanction the use of contact chaining — integrating SPCMA, though without revealing the rationale behind SPCMA!!! — as a basis for conducting domestic collection under Protect America Act. Starting in 2009 and significantly by 2011, the NSA replaced a huge domestic dragnet (one limited to counterterrorism purposes and with strict sharing rules), in part, with SPCMA (which has neither the counterterrorism limit nor the strict dissemination rules).

In other words, amid all the examples the Brennan Report gives for how Americans might be surveilled by NSA under EO 12333 (which underplay the exposure both for international calls placed from the US and entirely domestic Internet communication), it doesn’t mention the one that had analysis including US person metadata as the explicit purpose.

Or to put it more simply, in 2007, at a time when the structure of international communication was such that it was possible to spy on entirely domestic communications overseas, the government either adopted or (my suspicion) resumed analyzing US person metadata collected overseas. That seems worth mentioning in a report on how Americans can be exposed under EO 12333. (I asked Patel why SPCMA was not included in the report but have gotten no response.) In terms of the political fight, that’s the difference between a politician trying to fight for more US person protections being called “speculative” and that same politician being able to point to actual evidence EO 12333 collection has implicated Americans’ privacy.

Other agencies

Finally, any discussion of the surveillance exposure of Americans under EO 12333 should, in my opinion, scope more broadly to include other agencies. I would include CIA (not least because PCLOB identified two CIA programs that appear to affect US persons) and Treasury (which tracks a great deal of international financial flows, even of Americans with ties to sanctioned countries; the report as a whole is unduly focused just on communications data).

But I would start with a discussion of (or at least questions we need answered about) DEA. After all, international drug investigations have always been included in EO 12333’s US person collection permissions.

Elements of the Intelligence Community are authorized to collect, retain, or disseminate information concerning United States persons only in accordance with procedures established by the head of the Intelligence Community element concerned or by the head of a department containing such element and approved by the Attorney General, consistent with the authorities provided by Part 1 of this Order, after consultation with the Director. Those procedures shall permit collection, retention, and dissemination of the following types of information:

(c) Information obtained in the course of a lawful foreign intelligence, counterintelligence, international drug or international terrorism investigation;

DEA engages in a great deal of information collection on its own right (and shares with with FBI, though the FBI went to some length to hide details of such sharing from DOJ’s Inspector General). We know many of the technologies first used on our foreign adversaries sometimes get introduced for use with Americans via DEA, most notably with that massive metadata dragnet. And DEA doesn’t have the same strict definition as a foreign intelligence organization as NSA, making the potential impact of overseas collection more direct for Americans. Plus, as the Brennan Report notes, DEA (along with Treasury) has never been in compliance with EO 12333’s requirement for enacting procedures.

I get that when non-experts think of surveillance they think of NSA. But that’s a problem, not just because NSA currently more closely hews to the rules such as they are given than DEA, CIA, and FBI are believed to do, but also because NSA has never posed the biggest threat to Americans as agencies that have the ability to prosecute Americans like FBI and DEA. If you’re going to write a report framing the debate, shouldn’t it frame it in a way that ties directly to the impact of it, even if we know far less about those areas that may have more direct impact?

This report feels like one written in the belief that you best understand surveillance by talking about law largely in isolation from technology and bureaucracy. That’s always problematic — indeed, the report suffers from some of the same blind spots that the debate about USA Freedom Act did, based as it was in knowledge about the Section 215 statute but little knowledge of its statutorily mandated minimization procedures. It’s especially problematic when writing about programs that operate in the space not limited by any law, where executive power is at its zenith.

Absent further successful effort to expand Congress’ authority over surveillance (the report describes Section 309 of last year’s Intelligence Authorization but doesn’t focus on Sections 703 through 705 of FISA Amendments Act, an earlier attempt to carve out protections for Americans under EO 12333), technology, not the law, sets the biggest limits on what the Executive can do under EO 12333.

It is time to focus more attention on EO 12333 and I’m grateful the Brennan Report has focused attention on EO 12333. But that focus should include all the ways, including the most central ones, it affects Americans.

I’m lost down a rabbit hole of declarations relating to ACLU’s FOIA on EO 12333 documents (through which John Yoo’s Stellar Wind justification for Colleen Kollar-Kotelly was released). Arthur Sepeta, DHS’ declarant, had to explain the withholding of just one document, something that shows up on DOJ National Security Division’s Vaughn Index.

Sepeta’s explanation reveals that in 2006, DHS Secretary Michael Chertoff submitted some guidelines on the collection, retention, and dissemination of US person person information to comply with EO 12333. But Attorney General Alberto Gonzales rejected those guidelines. And, as Sepeta makes clear, DHS still doesn’t have any guidelines.

In this case, NSD 2 is a draft of the DHS Procedures Governing Activities of the Office oflntelligence and Analysis that Affect United States Persons. Section 2.3 of Executive Order No. 12,333 requires the head of an Intelligence Community element or the head of a Department containing an Intelligence Community element to issue “procedures” concerning the collection, retention, and dissemination of information concerning United States persons, after the Attorney General approves the procedures. On April 3, 2006, as required by section 2.3 of Executive Order No. 12,333, the Secretary of Homeland Security, as the head of a Department containing an Intelligence Community element, submitted draft Procedures Governing Activities of the Office of Intelligence and Analysis that Affect United States Persons for approval by the Attorney General. The Attorney General subsequently declined to approve the draft procedures submitted by the Secretary of Homeland Security and inter-agency negotiations over the content of these procedures remain ongoing to this day.

As I noted a year ago, in 2008, DHS adopted interim procedures, but they still haven’t finalized any.

Mind you, given the people involved, it’s unclear whether Gonzales’ rejection of DHS’ initial attempt is a good sign or bad sign.

Still, you’d think after 10 years, they would have adopted something?

I Con the Record has just released the May 17, 2002 letter John Yoo wrote to Colleen Kollar-Kotelly justifying Stellar Wind. This either lays out for the first time or repeats Yoo’s claim — which I first reported in 2007, based on a Sheldon Whitehouse Senate address, here — that the President doesn’t have to follow EO 12333.

This will be a working thread.

(2) Note Yoo says the attacks caused 5,000 deaths, well beyond the time when authorities knew it to be closer to 3,000.

(2) Yoo mentioned the anthrax attack. Did NSA use Stellar Wind to investigate it?

(2) Yoo uses a more moderate justification here — military being deployed to protect buildings — than Goldsmith did in his 2004 memo, where he talked about specific military flights.

(2) Check EO on creating Homeland Security office on domestic program.

(2) As soon as Yoo starts talking about Stellar Wind, he adopts the conditional tense: “Electronic surveillance techniques would be part of this effort.” This of course follows on Yoo admitting Congress modified FISA (though he doesn’t name the statute).

(2) Note in this really squirrelly hypothetical section, Yoo says the surveillance could include email “within” the US, which would be entirely domestic.

(2-3) Note throughout Yoo describes Bush as “Chief Executive.”

(3) Yoo points to absence of a charter as basis for doing whatever NSA wants.

(3) “Congress, however, has not imposed any express statutory restrictions on the NSA’s ability to intercept communications that involve United States citizens or that occur domestically.” (based on the absence of such language in NSA)

(4) I believe the second redaction is designed to enable the wiretapping of people claimed to be tied to the anthrax attack.

(5) Here’s the passage that said EO 12333 is optional.

(4-5) I find Yoo’s language the more troubling given what precedes it — the rationale.

I’ll come back to this, but note how “domestic” gets defined here. Much of this is still on the books and explains why Muslims get treated differently.

(5, 6) Note Yoo’s explanation for doing this off the books.

1. Need for secrecy
2. Inability to get FISC to approve bulk content collection or domestic metadata collection
3. No knowledge of identity of target

That’s not speed, which later became the excuse

(5) “FISA only provides a safe harbor for electronic surveillance, and cannot restrict the President’s ability to engage in warrantless searches that protect the national security.”

(5) Note Yoo refers to the metadata dragnet as “general collection,” which sounds an awful lot like a general warrant.

(7) The redactions on 7 are especially interesting given likelihood they conflict with either what K-K, Bates, or Howard subsequently approved.

(8) The timing of this is remarkable. This letter was written on the same date that Ashcroft changed the rules on the wall, which Lamberth unsuccessfully tried to impose some limits on. Then, on July 22, OLC further expanded the GJ sharing address in FN 8.

(8) Note, again, how Yoo is rewriting Keith and Katz.

(10) again, Yoo seems to be laying the groundwork for back door searches, which makes me wonder whether that’s why this got released?

(12) I don’t believe this border exception appears in Goldsmith. Which suggests there’s something with the way this was applied that is particularly problematic.

(13) This must be the language in question. Goldsmith used another means to justify cross-border collection, while admitting it outright.

(14) This language also disappears from later justifications, suggesting it is part of the problem.

The discussion continues onto the next page. It is of particular interest that K-K got this letter, given that her category distinctions probably addressed these distinctions.

(15) Bingo. This might be a very simple explanation for why they had to go to FISC.

(17) This passage about picking the Defense Secretary rather than AG is pretty much what I noted in my post on the underyling 4A argument, but it has ramifications for the post-2004 program. Also note how closely it piggybacks with the changes to AG guidelines and the

This language explains why they weren’t looking in Stellar Wind for Brady material, and also explains how they do parallel construction (which plays out in the IG Report).

(19) This section lays out the need for the scary memos, without revealing to K-K they exist.

(21) The big redacted section–the biggest redaction in the letter–suggests they’re still hiding the capture and pull up method of this, and therefore the sheer bulk of all this. That’s all the more interesting given that the wall was coming down at that moment. The other redactions in this section, too, seem to track the indexing function. Again, it’s interesting K-K had read (or reviewed) this before the PRTT discussion.

On Wednesday, the Privacy and Civil Liberties Oversight Board met to approve its next project. They are just about completing a general overview of the Intelligence Community’s use of EO 12333 (as part of which they’ve been nagging agencies, notably DEA and Treasury, to comply with requirements imposed by Ronald Reagan). Next, they will move onto a deep dive of two programs conducted under EO 12333, one each for NSA and CIA. PCLOB has now posted materials from Wednesday’s meeting, though this overview is also useful.

Keeping in mind that PCLOB already has a pretty good sense of what the agencies are doing, consider this description of its deep dive into activities of NSA and CIA.

During the next stage of its inquiry, the Board will select two counterterrorism-related activities governed by E.O. 12333, and will then conduct focused, in-depth examinations of those activities. The Board plans to concentrate on activities of the CIA and NSA, and to select activities that involve one or more of the following: (1) bulk collection involving a significant chance of acquiring U.S. person information; (2) use of incidentally collected U.S. person information; (3) targeting of U.S. persons; and (4) collection that occurs within the United States or from U.S. companies. Both reviews will involve assessing how the need for the activity in question is balanced with the need to protect privacy and civil liberties. The reviews will result in written reports and, if appropriate, recommendations for the enhancement of civil liberties and privacy.

Some of this is unsurprising. If PCLOB were to conduct a review of SPCMA, it would be assessing NSA’s analysis of incidentally collected US person data collected in great volume as a result of collecting in bulk. Indeed, conducting such a review would get to a lot of the issues raised by John Napier Tye in PCLOB testimony.

But I’m more interested in bullets 3 and 4.

Bullet 3 suggests that CIA and/or NSA are targeting US persons under EO 12333.

There are certainly ways that’s permissible. For example, EO 12333 permits agencies to conduct physical surveillance of their employees.

(1) Physical surveillance of present or former employees, present or former intelligence element contractors or their present or former employees, or applicants for any such employment or contracting; and

(2) Physical surveillance of a military person employed by a non-intelligence element of a military service;

And it permits physical surveillance overseas if significant information can’t reasonably acquired by other means.

Physical surveillance of a United States person abroad to collect foreign intelligence, except to obtain significant information that cannot reasonably be acquired by other means.

You’d think this would bump up against the FISA Amendments Act very quickly, but remember that this EO was updated in the days after FAA was completed, so everything in it likely accounts for FAA.

On that note, this useful post from Jonathan Mayer (click through for the handy graphic) describes how NSA’s classified EO 12333 permits the Attorney General to authorize the surveillance of US persons or entities for limited periods of time.

A third area of Executive Order 12333, on American soil, is the “Classified Annex Authority” or “CAA.” Its source is a classified addition to Executive Order 12333, set out in an NSA policy document.¹³ The most recent revision, from 2009, reads:

Communications of or concerning a United States person¹⁴ may be intercepted intentionally or selected deliberately . . .

with specific prior approval by the Attorney General based on a finding by the Attorney General that there is probable cause to believe the United States person is an agent of a foreign power and that the purpose of the interception or selection is to collect significant foreign intelligence. Such approvals shall be limited to a period of time not to exceed ninety days for individuals and one year for entities.

That provision appears to allow the Attorney General to unilaterally trump FISA. I’m notentirely confident that’s what it means, but it sure looks like it.¹⁵

I’m skeptical that the executive branch can just brush aside FISA, especially on American soil. In Justice Jackson’s famous phrasing, when the executive branch acts in clear violation of a legislative enactment, its “power is at its lowest ebb.” Nevertheless, the executive branch does appear to claim that Article II can override FISA, and it does appear to have invoked this Classified Annex Authority on occasion.¹⁶

Finally, remember that CIA has conducted investigations targeting Senate Intelligence Committee staffers, which suggests it interprets its ability to conduct counterintelligence investigations unbelievably broadly.

Then there’s bullet 4, which suggests CIA and/or NSA are collecting “within the United States or from U.S. companies.”

With regards collection “within the US,” Mayer’s post is helpful here too, pointing to loopholes for wireless and satellite communication.

The law that results is quite counterintuitive. If a communication is carried by radio waves, and it’s one-end foreign, it falls under Executive Order 12333. If that same communication were carried by a wire, though, it would fall under FISA. (Specifically, the Section 702 upstream program.)

As for how this Executive Order 12333 authority might be used beyond satellite surveillance, I could only speculate. Perhaps intercepting cellphone calls to or from foreign embassies?¹² Or along the national borders? At any rate, the FISA-free domestic wireless authority appears to be even broader than the Transit Authority.

As far as collection outside the US, this may simply be a reference to providers voluntarily providing data under 18 U.S.C. § 2511(2)(f), as we know at least some of the telecoms do.

But we also know NSA and its partner GCHQ have stolen unencrypted US company data overseas. And while the theft off Google’s fiber has, hopefully, been stopped, there’s still quite a lot of ways NSA can steal this data.

In any case, the terms of PCLOB’s investigation sure seem to suggest that CIA and/or NSA are exploiting the holes in EO 12333 in significant enough ways to raise concerns for PCLOB.

Jameel Jaffer has a post on the government’s latest crazy-talk in the ongoing ACLU and NYT effort to liberate more drone memos. He describes how — in the government’s response to their appeal of the latest decisions on the Anwar al-Awlaki FOIA — the government claims the Court’s release of an OLC memo does not constitute official release of that memo. (Note, I wouldn’t be surprised if the government is making this claim in anticipation of orders to release torture pictures in ACLU’s torture FOIA suit that’s about to head to the 2nd Circuit.)

But there’s another interesting aspect of that brief. It provides heavily redacted discussion of the things Judge Colleen McMahon permitted the government to withhold. But it makes it clear that one of those things is a March 2002 OLC memo that offers different analysis about the assassination ban than the analysis used to kill Anwar al-Awlaki.

The district court also upheld the withholding of a March 2002 OLC Memorandum analyzing the assassination ban in Executive Order 12,333 (the “March 2002 Memorandum”). (CA 468-70; see CA 315-29). Although the district court noted that the OLC-DOD Memorandum released by this Court contained a “brief mention” of Executive Order 12,333, the district court concluded that the analysis in the March 2002 Memorandum is significantly different from any legal analysis that this Court held has been officially disclosed and for which privilege has been waived.

The statement here is carefully worded, probably for good reason. That’s because the February 19, 2010 memo McMahon permitted the government to almost entirely redact clearly explains EO 123333 and its purported ban on assassinations in more depth than the July 16, 2010 one; the first paragraph ends,

Under the conditions and factual predicates as represented by the CIA and in the materials provided to us from the Intelligence Community, we believed that a decisionmaker, on the basis of such information, could reasonably conclude that the use of lethal force against Aulaqi would not violate the assassination ban in Executive Order 12333 or any application constitutional limitations due to Aulaqi’s United States citizenship.

I pointed out that there must be more assassination analysis here. It almost certainly resembles what Harold Koh said about a month later, for which activists at NYU are now calling into question his suitability as an international law professor.

Fourth and finally, some have argued that our targeting practices violate domestic law, in particular, the long-standing domestic ban on assassinations. But under domestic law, the use of lawful weapons systems—consistent with the applicable laws of war—for precision targeting of specific high-level belligerent leaders when acting in self-defense or during an armed conflict is not unlawful, and hence does not constitute “assassination.”

But the government is claiming that because that didn’t get disclosed in the July 2010 memo, it doesn’t have to be disclosed in the February 2010 memo, and the earlier “significantly different” analysis from OLC doesn’t have to be disclosed either.

At a minimum, ACLU and NYT ought to be able to point to the language in the white paper that addresses assassinations that doesn’t appear in the later memo to show that the government has already disclosed it.

But I’m just as interested that OLC had to change its previous stance on assassinations to be able to kill Awlaki.

Of course, the earlier memo was written during a period when John Yoo and others were pixie dusting EO 12333, basically saying the President didn’t have to abide by EO 12333, but could instead violate it and call that modifying it. Perhaps that’s the difference — that David Barron invented a way to say that killing a high ranking leader (whether or not he’s a citizen) didn’t constitute assassination because of the weapons systems involved, as distinct from saying the President could blow off his own EOs in secret and not tell anyone.

I suggested Dick Cheney had likely pixie dusted EO 12333’s ban on assassinations back in 2009.

But there’s also the possibility the government had to reverse the earlier decision in some other fashion. After all, when Kamal Derwish was killed in a drone strike in Yemen on November 9, 2002, the government claimed Abu Ali al-Harithi was the target, a claim the government made about its December 24, 2009 attempt to kill Anwar al-Awlaki, but one they dropped in all subsequent attempts, coincident with the February 2010 memo. That is, while I think it less likely than the alternative, it is possible that the 2010 analysis is “significantly different” because they had to interpret the assassination ban even more permissively. While I do think it less likely, it might explain why Senators Wyden, Udall, and Heinrich keep pushing for more disclosure on this issue.

One thing is clear, however. The fact that the government can conduct “significantly different” analysis of what EO 12333 means, in secret, anytime it wants to wiretap or kill a US citizen makes clear that it is not a meaningful limit on Executive power.